Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1492)

Unified Diff: chrome/browser/extensions/extension_resource_request_policy_apitest.cc

Issue 2007133004: Disallow navigation to documents not explicitly listed as web accessible. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix up subframe cases. Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/extensions/extension_resource_request_policy_apitest.cc
diff --git a/chrome/browser/extensions/extension_resource_request_policy_apitest.cc b/chrome/browser/extensions/extension_resource_request_policy_apitest.cc
index cb7cef7564a3371ee3b3762dd384579fd3a5203a..db8a6065555358bd2dde5327d29a6f03180bf70c 100644
--- a/chrome/browser/extensions/extension_resource_request_policy_apitest.cc
+++ b/chrome/browser/extensions/extension_resource_request_policy_apitest.cc
@@ -8,8 +8,12 @@
#include "chrome/browser/extensions/extension_apitest.h"
#include "chrome/browser/ui/browser.h"
#include "chrome/browser/ui/tabs/tab_strip_model.h"
+#include "chrome/common/chrome_switches.h"
+#include "chrome/test/base/test_switches.h"
#include "chrome/test/base/ui_test_utils.h"
+#include "content/public/browser/navigation_handle.h"
#include "content/public/browser/web_contents.h"
+#include "content/public/browser/web_contents_observer.h"
#include "content/public/test/browser_test_utils.h"
#include "extensions/common/switches.h"
#include "net/dns/mock_host_resolver.h"
@@ -319,3 +323,59 @@ IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest,
MAYBE_ExtensionAccessibleResources) {
ASSERT_TRUE(RunExtensionSubtest("accessible_cer", "main.html")) << message_;
}
+
+class NavigationErrorObserver : public content::WebContentsObserver {
+ public:
+ NavigationErrorObserver(content::WebContents* web_contents, const GURL& url)
+ : content::WebContentsObserver(web_contents),
+ url_(url),
+ saw_navigation_(false) {}
+
+ void DidFinishNavigation(content::NavigationHandle* handle) override {
+ if (handle->GetURL() != url_)
+ return;
+ EXPECT_TRUE(handle->IsErrorPage());
+ saw_navigation_ = true;
+ if (run_loop_.running())
+ run_loop_.Quit();
+ }
+
+ void Wait() {
+ if (!saw_navigation_)
+ run_loop_.Run();
+ }
+
+ private:
+ // The url we want to see a navigation for.
+ GURL url_;
+
+ // Have we seen the navigation for |url_| yet?
+ bool saw_navigation_;
+
+ base::RunLoop run_loop_;
+
+ DISALLOW_COPY_AND_ASSIGN(NavigationErrorObserver);
+};
+
+IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest,
+ IframeNavigateToInaccessible) {
+ ASSERT_TRUE(embedded_test_server()->Start());
+ ASSERT_TRUE(LoadExtension(
+ test_data_dir_.AppendASCII("extension_resource_request_policy")
+ .AppendASCII("some_accessible")));
+
+ GURL iframe_navigate_url(embedded_test_server()->GetURL(
+ "/extensions/api_test/extension_resource_request_policy/"
+ "iframe_navigate.html"));
+
+ ui_test_utils::NavigateToURL(browser(), iframe_navigate_url);
+
+ content::WebContents* web_contents =
+ browser()->tab_strip_model()->GetActiveWebContents();
+
+ GURL private_page(
+ "chrome-extension://kegmjfcnjamahdnldjmlpachmpielcdk/private.html");
+ NavigationErrorObserver observer(web_contents, private_page);
+ ASSERT_TRUE(content::ExecuteScript(web_contents, "navigateFrameNow()"));
+ observer.Wait();
+}

Powered by Google App Engine
This is Rietveld 408576698