Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1047)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/site_per_process_browsertest.cc

Issue 1957783002: Replicate Content-Security-Policy into remote frame proxies. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed second round of CR feedback from alexmos@. Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/render_frame_host_manager.cc ('k') | content/common/content_param_traits_macros.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/site_per_process_browsertest.cc
diff --git a/content/browser/site_per_process_browsertest.cc b/content/browser/site_per_process_browsertest.cc
index e0700c5d218d6ba7f6746f007a1deb249502d169..85595c858b8c3482f72ab8b645fddb72916fbcab 100644
--- a/content/browser/site_per_process_browsertest.cc
+++ b/content/browser/site_per_process_browsertest.cc
@@ -55,6 +55,8 @@
#include "ipc/ipc_security_test_util.h"
#include "net/dns/mock_host_resolver.h"
#include "net/test/embedded_test_server/embedded_test_server.h"
+#include "testing/gmock/include/gmock/gmock.h"
+#include "testing/gtest/include/gtest/gtest.h"
#include "third_party/WebKit/public/web/WebInputEvent.h"
#include "third_party/WebKit/public/web/WebSandboxFlags.h"
#include "ui/display/display_switches.h"
@@ -72,6 +74,8 @@
namespace content {
+using testing::MatchesRegex;
+
namespace {
// Helper function to send a postMessage and wait for a reply message. The
@@ -6179,6 +6183,129 @@ IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest,
}
}
+// Test that a cross-origin frame's navigation can be blocked by CSP frame-src.
+// In this version of a test, CSP comes from HTTP headers.
+IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest,
+ CrossSiteIframeBlockedByParentCSPFromHeaders) {
+ GURL main_url(
+ embedded_test_server()->GetURL("a.com", "/frame-src-self-and-b.html"));
+ NavigateToURL(shell(), main_url);
+
+ FrameTreeNode* root = web_contents()->GetFrameTree()->root();
+
+ // Sanity-check that the test page has the expected shape for testing.
+ EXPECT_FALSE(root->child_at(0)->HasSameOrigin(*root));
+ EXPECT_THAT(root->child_at(0)->current_url().spec(),
+ MatchesRegex("http://b.com.*/title2.html"));
+
+ // Monitor subframe's load events via main frame's title.
+ EXPECT_TRUE(ExecuteScript(shell()->web_contents(),
+ "document.querySelector('iframe').onload = "
+ " function() { document.title = 'loaded'; };"));
+ EXPECT_TRUE(
+ ExecuteScript(shell()->web_contents(), "document.title = 'not loaded';"));
+ base::string16 expected_title(base::UTF8ToUTF16("loaded"));
+ TitleWatcher title_watcher(shell()->web_contents(), expected_title);
+
+ // Try to navigate the subframe to a blocked URL.
+ TestNavigationObserver load_observer(shell()->web_contents());
+ GURL blocked_url = embedded_test_server()->GetURL("c.com", "/title3.html");
+ EXPECT_TRUE(
+ ExecuteScript(root->child_at(0)->current_frame_host(),
+ "window.location.href = '" + blocked_url.spec() + "';"));
+
+ // The blocked frame should still fire a load event in its parent's process.
+ EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle());
+
+ // Check that the current RenderFrameHost has stopped loading.
+ if (root->child_at(0)->current_frame_host()->is_loading()) {
+ ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything";
+ load_observer.Wait();
+ }
+
+ // The blocked frame should stay at the old location.
+ EXPECT_THAT(root->child_at(0)->current_url().spec(),
+ MatchesRegex("http://b.com.*/title2.html"));
+
+ // The blocked frame should keep the old title.
+ std::string frame_title;
+ EXPECT_TRUE(ExecuteScriptAndExtractString(
+ root->child_at(0)->current_frame_host(),
+ "domAutomationController.send(document.title)", &frame_title));
+ EXPECT_EQ("Title Of Awesomeness", frame_title);
+}
+
+// Test that a cross-origin frame's navigation can be blocked by CSP frame-src.
+// In this version of a test, CSP comes from a <meta> element added after the
+// page has already loaded.
+IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest,
+ CrossSiteIframeBlockedByParentCSPFromMeta) {
+ GURL main_url(embedded_test_server()->GetURL(
+ "a.com", "/cross_site_iframe_factory.html?a(a)"));
+ NavigateToURL(shell(), main_url);
+
+ FrameTreeNode* root = web_contents()->GetFrameTree()->root();
+
+ // Navigate the subframe to a location we will disallow in the future.
+ TestNavigationObserver load_observer(shell()->web_contents());
+ GURL still_allowed_url =
+ embedded_test_server()->GetURL("b.com", "/title2.html");
+ EXPECT_TRUE(ExecuteScript(
+ root->child_at(0)->current_frame_host(),
+ "window.location.href = '" + still_allowed_url.spec() + "';"));
+ load_observer.Wait();
+
+ // Add frame-src CSP via a new <meta> element.
+ EXPECT_TRUE(ExecuteScript(
+ shell()->web_contents(),
+ "var meta = document.createElement('meta');"
+ "meta.httpEquiv = 'Content-Security-Policy';"
+ "meta.content = 'frame-src https://a.com:*';"
+ "document.getElementsByTagName('head')[0].appendChild(meta);"));
+
+ // Sanity-check that the test page has the expected shape for testing.
+ // (the CSP should not have an effect on the already loaded frames).
+ EXPECT_FALSE(root->child_at(0)->HasSameOrigin(*root));
+ EXPECT_THAT(root->child_at(0)->current_url().spec(),
+ MatchesRegex("http://b.com.*/title2.html"));
+
+ // Monitor subframe's load events via main frame's title.
+ EXPECT_TRUE(ExecuteScript(shell()->web_contents(),
+ "document.querySelector('iframe').onload = "
+ " function() { document.title = 'loaded'; };"));
+ EXPECT_TRUE(
+ ExecuteScript(shell()->web_contents(), "document.title = 'not loaded';"));
+ base::string16 expected_title(base::UTF8ToUTF16("loaded"));
+ TitleWatcher title_watcher(shell()->web_contents(), expected_title);
+
+ // Try to navigate the subframe to a blocked URL.
+ TestNavigationObserver load_observer2(shell()->web_contents());
+ GURL blocked_url = embedded_test_server()->GetURL("c.com", "/title3.html");
+ EXPECT_TRUE(
+ ExecuteScript(root->child_at(0)->current_frame_host(),
+ "window.location.href = '" + blocked_url.spec() + "';"));
+
+ // The blocked frame should still fire a load event in its parent's process.
+ EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle());
+
+ // Check that the current RenderFrameHost has stopped loading.
+ if (root->child_at(0)->current_frame_host()->is_loading()) {
+ ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything";
+ load_observer2.Wait();
+ }
+
+ // The blocked frame should stay at the old location.
+ EXPECT_THAT(root->child_at(0)->current_url().spec(),
+ MatchesRegex("http://b.com.*/title2.html"));
+
+ // The blocked frame should keep the old title.
+ std::string frame_title;
+ EXPECT_TRUE(ExecuteScriptAndExtractString(
+ root->child_at(0)->current_frame_host(),
+ "domAutomationController.send(document.title)", &frame_title));
+ EXPECT_EQ("Title Of Awesomeness", frame_title);
+}
+
IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, ScreenCoordinates) {
GURL main_url(embedded_test_server()->GetURL(
"a.com", "/cross_site_iframe_factory.html?a(b)"));
« no previous file with comments | « content/browser/frame_host/render_frame_host_manager.cc ('k') | content/common/content_param_traits_macros.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698