| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/site_per_process_browsertest.h" | 5 #include "content/browser/site_per_process_browsertest.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <algorithm> | 10 #include <algorithm> |
| (...skipping 6413 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6424 | 6424 |
| 6425 // The blocked frame should still fire a load event in its parent's process. | 6425 // The blocked frame should still fire a load event in its parent's process. |
| 6426 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 6426 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
| 6427 | 6427 |
| 6428 // Check that the current RenderFrameHost has stopped loading. | 6428 // Check that the current RenderFrameHost has stopped loading. |
| 6429 if (root->child_at(0)->current_frame_host()->is_loading()) { | 6429 if (root->child_at(0)->current_frame_host()->is_loading()) { |
| 6430 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 6430 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
| 6431 load_observer.Wait(); | 6431 load_observer.Wait(); |
| 6432 } | 6432 } |
| 6433 | 6433 |
| 6434 // The blocked frame should stay at the old location. | 6434 // The blocked frame should commit 'about:blank' |
| 6435 EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url()); | 6435 EXPECT_EQ(GURL("about:blank"), root->child_at(0)->current_url()); |
| 6436 | 6436 |
| 6437 // The blocked frame should keep the old title. | |
| 6438 std::string frame_title; | 6437 std::string frame_title; |
| 6439 EXPECT_TRUE(ExecuteScriptAndExtractString( | 6438 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 6440 root->child_at(0)->current_frame_host(), | 6439 root->child_at(0)->current_frame_host(), |
| 6441 "domAutomationController.send(document.title)", &frame_title)); | 6440 "domAutomationController.send(document.title)", &frame_title)); |
| 6442 EXPECT_EQ("Title Of Awesomeness", frame_title); | 6441 EXPECT_EQ("", frame_title); |
| 6443 | 6442 |
| 6444 // Navigate to a URL without CSP. | 6443 // Navigate to a URL without CSP. |
| 6445 EXPECT_TRUE(NavigateToURL( | 6444 EXPECT_TRUE(NavigateToURL( |
| 6446 shell(), embedded_test_server()->GetURL("a.com", "/title1.html"))); | 6445 shell(), embedded_test_server()->GetURL("a.com", "/title1.html"))); |
| 6447 | 6446 |
| 6448 // Verify that the frame's CSP got correctly reset to an empty set. | 6447 // Verify that the frame's CSP got correctly reset to an empty set. |
| 6449 EXPECT_EQ(0u, | 6448 EXPECT_EQ(0u, |
| 6450 root->current_replication_state().accumulated_csp_headers.size()); | 6449 root->current_replication_state().accumulated_csp_headers.size()); |
| 6451 } | 6450 } |
| 6452 | 6451 |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6501 | 6500 |
| 6502 // The blocked frame should still fire a load event in its parent's process. | 6501 // The blocked frame should still fire a load event in its parent's process. |
| 6503 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 6502 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
| 6504 | 6503 |
| 6505 // Check that the current RenderFrameHost has stopped loading. | 6504 // Check that the current RenderFrameHost has stopped loading. |
| 6506 if (root->child_at(0)->current_frame_host()->is_loading()) { | 6505 if (root->child_at(0)->current_frame_host()->is_loading()) { |
| 6507 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 6506 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
| 6508 load_observer2.Wait(); | 6507 load_observer2.Wait(); |
| 6509 } | 6508 } |
| 6510 | 6509 |
| 6511 // The blocked frame should stay at the old location. | 6510 // The blocked frame should commit 'about:blank' |
| 6512 EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url()); | 6511 EXPECT_EQ(GURL("about:blank"), root->child_at(0)->current_url()); |
| 6513 | 6512 |
| 6514 // The blocked frame should keep the old title. | |
| 6515 std::string frame_title; | 6513 std::string frame_title; |
| 6516 EXPECT_TRUE(ExecuteScriptAndExtractString( | 6514 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 6517 root->child_at(0)->current_frame_host(), | 6515 root->child_at(0)->current_frame_host(), |
| 6518 "domAutomationController.send(document.title)", &frame_title)); | 6516 "domAutomationController.send(document.title)", &frame_title)); |
| 6519 EXPECT_EQ("Title Of Awesomeness", frame_title); | 6517 EXPECT_EQ("", frame_title); |
| 6520 } | 6518 } |
| 6521 | 6519 |
| 6522 // Test that a cross-origin frame's navigation can be blocked by CSP frame-src. | 6520 // Test that a cross-origin frame's navigation can be blocked by CSP frame-src. |
| 6523 // In this version of a test, CSP is inherited by srcdoc iframe from a parent | 6521 // In this version of a test, CSP is inherited by srcdoc iframe from a parent |
| 6524 // that declared CSP via HTTP headers. Cross-origin frame navigating to a | 6522 // that declared CSP via HTTP headers. Cross-origin frame navigating to a |
| 6525 // blocked location is a child of the srcdoc iframe. | 6523 // blocked location is a child of the srcdoc iframe. |
| 6526 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, | 6524 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, |
| 6527 CrossSiteIframeBlockedByCSPInheritedBySrcDocParent) { | 6525 CrossSiteIframeBlockedByCSPInheritedBySrcDocParent) { |
| 6528 GURL main_url( | 6526 GURL main_url( |
| 6529 embedded_test_server()->GetURL("a.com", "/frame-src-self-and-b.html")); | 6527 embedded_test_server()->GetURL("a.com", "/frame-src-self-and-b.html")); |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6572 | 6570 |
| 6573 // The blocked frame should still fire a load event in its parent's process. | 6571 // The blocked frame should still fire a load event in its parent's process. |
| 6574 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 6572 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
| 6575 | 6573 |
| 6576 // Check that the current RenderFrameHost has stopped loading. | 6574 // Check that the current RenderFrameHost has stopped loading. |
| 6577 if (navigating_frame->current_frame_host()->is_loading()) { | 6575 if (navigating_frame->current_frame_host()->is_loading()) { |
| 6578 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 6576 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
| 6579 load_observer2.Wait(); | 6577 load_observer2.Wait(); |
| 6580 } | 6578 } |
| 6581 | 6579 |
| 6582 // The blocked frame should stay at the old location. | 6580 // The blocked frame should commit 'about:blank'. |
| 6583 EXPECT_EQ(old_subframe_url, navigating_frame->current_url()); | 6581 EXPECT_EQ(GURL("about:blank"), navigating_frame->current_url()); |
| 6584 | 6582 |
| 6585 // The blocked frame should keep the old title. | |
| 6586 std::string frame_title; | 6583 std::string frame_title; |
| 6587 EXPECT_TRUE(ExecuteScriptAndExtractString( | 6584 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 6588 navigating_frame->current_frame_host(), | 6585 navigating_frame->current_frame_host(), |
| 6589 "domAutomationController.send(document.title)", &frame_title)); | 6586 "domAutomationController.send(document.title)", &frame_title)); |
| 6590 EXPECT_EQ("Title Of Awesomeness", frame_title); | 6587 EXPECT_EQ("", frame_title); |
| 6591 | 6588 |
| 6592 // Navigate the subframe to a URL without CSP. | 6589 // Navigate the subframe to a URL without CSP. |
| 6593 NavigateFrameToURL(srcdoc_frame, | 6590 NavigateFrameToURL(srcdoc_frame, |
| 6594 embedded_test_server()->GetURL("a.com", "/title1.html")); | 6591 embedded_test_server()->GetURL("a.com", "/title1.html")); |
| 6595 | 6592 |
| 6596 // Verify that the frame's CSP got correctly reset to an empty set. | 6593 // Verify that the frame's CSP got correctly reset to an empty set. |
| 6597 EXPECT_EQ( | 6594 EXPECT_EQ( |
| 6598 0u, | 6595 0u, |
| 6599 srcdoc_frame->current_replication_state().accumulated_csp_headers.size()); | 6596 srcdoc_frame->current_replication_state().accumulated_csp_headers.size()); |
| 6600 } | 6597 } |
| (...skipping 660 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 7261 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0))); | 7258 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0))); |
| 7262 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0)->child_at(0))); | 7259 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0)->child_at(0))); |
| 7263 | 7260 |
| 7264 // Cross-site navigation should preserve the fullscreen flags. | 7261 // Cross-site navigation should preserve the fullscreen flags. |
| 7265 NavigateFrameToURL(root->child_at(0)->child_at(0), | 7262 NavigateFrameToURL(root->child_at(0)->child_at(0), |
| 7266 embedded_test_server()->GetURL("d.com", "/title1.html")); | 7263 embedded_test_server()->GetURL("d.com", "/title1.html")); |
| 7267 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0)->child_at(0))); | 7264 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0)->child_at(0))); |
| 7268 } | 7265 } |
| 7269 | 7266 |
| 7270 } // namespace content | 7267 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2022083002:
Move 'frame-src' CSP checks into FrameFetchContext. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master