XFO: Bypass ancestor checks for 'Content-Disposition: attachment; ...'

content/browser/frame_host/ancestor_throttle_unittest.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/memory/ref_counted.h"
 #include "content/browser/frame_host/ancestor_throttle.h"
 #include "content/public/browser/navigation_handle.h"
 #include "content/public/browser/navigation_throttle.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/test/test_renderer_host.h"
 #include "net/http/http_response_headers.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 namespace content {
 
 namespace {
 
 using HeaderDisposition = AncestorThrottle::HeaderDisposition;
 
-net::HttpResponseHeaders* GetAncestorHeaders(const char* xfo, const char* csp) {
+net::HttpResponseHeaders* GetAncestorHeaders(const char* xfo,
+                                             const char* csp,
+                                             const char* disposition) {
   std::string header_string("HTTP/1.1 200 OK\nX-Frame-Options: ");
   header_string += xfo;
   if (csp != nullptr) {
     header_string += "\nContent-Security-Policy: ";
     header_string += csp;
   }
+  if (disposition != nullptr) {
+    header_string += "\nContent-Disposition: ";
+    header_string += disposition;
+  }
   header_string += "\n\n";
   std::replace(header_string.begin(), header_string.end(), '\n', '\0');
   net::HttpResponseHeaders* headers =
       new net::HttpResponseHeaders(header_string);
   EXPECT_TRUE(headers->HasHeader("X-Frame-Options"));
   if (csp != nullptr)
     EXPECT_TRUE(headers->HasHeader("Content-Security-Policy"));
   return headers;
 }
 
@@ skipping 37 matching lines @@
       {"SAMEORIGIN,  SAMEORIGIN", HeaderDisposition::SAMEORIGIN,
        "SAMEORIGIN, SAMEORIGIN"},
       {"ALLOWALL  ,ALLOWALL", HeaderDisposition::ALLOWALL,
        "ALLOWALL, ALLOWALL"},
   };
 
   AncestorThrottle throttle(nullptr);
   for (const auto& test : cases) {
     SCOPED_TRACE(test.header);
     scoped_refptr<net::HttpResponseHeaders> headers =
-        GetAncestorHeaders(test.header, nullptr);
+        GetAncestorHeaders(test.header, nullptr, nullptr);
     std::string header_value;
     EXPECT_EQ(test.expected,
               throttle.ParseHeader(headers.get(), &header_value));
     EXPECT_EQ(test.value, header_value);
   }
 }
 
 TEST_F(AncestorThrottleTest, ErrorsParsingXFrameOptions) {
   struct TestCase {
     const char* header;
@@ skipping 14 matching lines @@
       {"DENY,ALLOWALL", HeaderDisposition::CONFLICT, "DENY, ALLOWALL"},
       {"SAMEORIGIN,DENY", HeaderDisposition::CONFLICT, "SAMEORIGIN, DENY"},
       {"ALLOWALL,SAMEORIGIN", HeaderDisposition::CONFLICT,
        "ALLOWALL, SAMEORIGIN"},
       {"DENY,  SAMEORIGIN", HeaderDisposition::CONFLICT, "DENY, SAMEORIGIN"}};
 
   AncestorThrottle throttle(nullptr);
   for (const auto& test : cases) {
     SCOPED_TRACE(test.header);
     scoped_refptr<net::HttpResponseHeaders> headers =
-        GetAncestorHeaders(test.header, nullptr);
+        GetAncestorHeaders(test.header, nullptr, nullptr);
     std::string header_value;
     EXPECT_EQ(test.expected,
               throttle.ParseHeader(headers.get(), &header_value));
     EXPECT_EQ(test.failure, header_value);
   }
 }
 
 TEST_F(AncestorThrottleTest, IgnoreWhenFrameAncestorsPresent) {
   struct TestCase {
     const char* csp;
@@ skipping 32 matching lines @@
       {"policy, frame-ancestors-are-lovely", HeaderDisposition::DENY},
       {"policy, directive1; not-frame-ancestors *", HeaderDisposition::DENY},
       {"policy, directive1; frame-ancestors-are-lovely",
        HeaderDisposition::DENY},
   };
 
   AncestorThrottle throttle(nullptr);
   for (const auto& test : cases) {
     SCOPED_TRACE(test.csp);
     scoped_refptr<net::HttpResponseHeaders> headers =
-        GetAncestorHeaders("DENY", test.csp);
+        GetAncestorHeaders("DENY", test.csp, nullptr);
     std::string header_value;
     EXPECT_EQ(test.expected,
               throttle.ParseHeader(headers.get(), &header_value));
+    EXPECT_EQ("DENY", header_value);
+  }
+}
+
+TEST_F(AncestorThrottleTest, IgnoreWhenAttachment) {
+  struct TestCase {
+    const char* disposition;
+    AncestorThrottle::HeaderDisposition expected;
+  } cases[] = {{"", HeaderDisposition::DENY},
+               {"attachment", HeaderDisposition::BYPASS},
+               {"inline", HeaderDisposition::DENY},
+               {"invalid", HeaderDisposition::BYPASS}};
+
+  AncestorThrottle throttle(nullptr);
+  for (const auto& test : cases) {
+    SCOPED_TRACE(test.disposition);
+    scoped_refptr<net::HttpResponseHeaders> headers =
+        GetAncestorHeaders("DENY", nullptr, test.disposition);
+    std::string header_value;
+    EXPECT_EQ(test.expected,
+              throttle.ParseHeader(headers.get(), &header_value));
     EXPECT_EQ("DENY", header_value);
   }
 }
 
 }  // namespace content