Chromium Code Reviews Chromium Code Reviews
Issue 2022783002:
Skeleton of the Safe Browsing Subresource Filter. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: third_party/WebKit/Source/web/tests/WebFrameTest.cpp |
| diff --git a/third_party/WebKit/Source/web/tests/WebFrameTest.cpp b/third_party/WebKit/Source/web/tests/WebFrameTest.cpp |
| index 4399af7596acba4aa2a75b17d6a4e19202f39a70..d5ab1477d769d751a12413635a30d8e9b6eddfd7 100644 |
| --- a/third_party/WebKit/Source/web/tests/WebFrameTest.cpp |
| +++ b/third_party/WebKit/Source/web/tests/WebFrameTest.cpp |
| @@ -90,6 +90,7 @@ |
| #include "platform/weborigin/SecurityOrigin.h" |
| #include "public/platform/Platform.h" |
| #include "public/platform/WebCachePolicy.h" |
| +#include "public/platform/WebDocumentSubresourceFilter.h" |
| #include "public/platform/WebFloatRect.h" |
| #include "public/platform/WebSecurityOrigin.h" |
| #include "public/platform/WebThread.h" |
| @@ -132,6 +133,7 @@ |
| #include <map> |
| #include <stdarg.h> |
| #include <v8.h> |
| +#include <vector> |
| using blink::URLTestHelpers::toKURL; |
| using blink::testing::runPendingTasks; |
| @@ -8688,4 +8690,91 @@ TEST(WebFrameGlobalReuseTest, ReuseForMainFrameIfEnabled) |
| EXPECT_EQ("world", toCoreString(result->ToString(mainFrame->mainWorldScriptContext()).ToLocalChecked())); |
| } |
| +class TestDocumentSubresourceFilter : public WebDocumentSubresourceFilter { |
|
battre
2016/05/30 15:29:26
Should this be called BlockEverysthingSubresourceF
engedy
2016/05/30 20:54:01
Yes, I was considering that too, but naming classe
|
| +public: |
| + TestDocumentSubresourceFilter() {} |
| + ~TestDocumentSubresourceFilter() override {} |
| + |
| + bool allowLoad(const WebURL& resourceUrl, WebURLRequest::RequestContext) override |
| + { |
| + std::string resourcePath = WebString(KURL(resourceUrl).path()).utf8(); |
| + if (std::find(m_requestedSubresourcePaths.begin(), m_requestedSubresourcePaths.end(), resourcePath) == m_requestedSubresourcePaths.end()) |
| + m_requestedSubresourcePaths.push_back(resourcePath); |
| + return false; |
| + } |
| + |
| + const std::vector<std::string>& requestedSubresourcePaths() const { return m_requestedSubresourcePaths; } |
| + |
| +private: |
| + std::vector<std::string> m_requestedSubresourcePaths; |
| +}; |
| + |
| +class SubresourceFilteringWebFrameClient : public FrameTestHelpers::TestWebFrameClient { |
| +public: |
| + void didStartProvisionalLoad(WebLocalFrame* localFrame, double) override |
| + { |
| + // Normally, the filter should be set when the load is committed. For |
| + // the sake of this test, however, inject it earlier to verify that it |
| + // is not consulted for the main/imported resource load. |
| + m_subresourceFilter = new TestDocumentSubresourceFilter(); |
| + localFrame->provisionalDataSource()->setSubresourceFilter(m_subresourceFilter); |
| + } |
| + |
| + const TestDocumentSubresourceFilter* subresourceFilter() const |
| + { |
| + return m_subresourceFilter; |
| + } |
| + |
| +private: |
| + // Weak, owned by WebDataSource. |
| + TestDocumentSubresourceFilter* m_subresourceFilter = nullptr; |
| +}; |
| + |
| +class WebFrameSubresourceFilterTest : public WebFrameTest { |
| +public: |
| + WebFrameSubresourceFilterTest() |
| + { |
| + registerMockedHttpURLLoad("include-script.html"); |
| + registerMockedHttpURLLoad("included-script.js"); |
| + m_webViewhelper.initialize(true /* enableJavascript */, &m_client); |
| + } |
| + |
| +protected: |
| + void expectScriptDisallowed() |
| + { |
| + EXPECT_FALSE(evaluateBoolean("document.scriptExecuted")); |
| + EXPECT_FALSE(evaluateBoolean("document.scriptLoaded")); |
| + EXPECT_TRUE(evaluateBoolean("document.scriptFailed")); |
| + } |
| + |
| + WebFrame* mainFrame() { return m_webViewhelper.webViewImpl()->mainFrame(); } |
| + const std::vector<std::string>& requestedSubresourcePaths() const { return m_client.subresourceFilter()->requestedSubresourcePaths(); } |
| + |
| +private: |
| + bool evaluateBoolean(const std::string& expression) |
| + { |
| + v8::HandleScope scope(v8::Isolate::GetCurrent()); |
| + v8::Local<v8::Value> result = mainFrame()->executeScriptAndReturnValue(WebScriptSource(WebString::fromUTF8(expression))); |
| + return result.As<v8::Boolean>()->Value(); |
| + } |
| + |
| + SubresourceFilteringWebFrameClient m_client; |
| + FrameTestHelpers::WebViewHelper m_webViewhelper; |
| +}; |
| + |
| +TEST_F(WebFrameSubresourceFilterTest, MainDocument) |
| +{ |
| + FrameTestHelpers::loadFrame(mainFrame(), m_baseURL + "include-script.html"); |
| + EXPECT_THAT(requestedSubresourcePaths(), ElementsAre("/included-script.js")); |
| + expectScriptDisallowed(); |
| +} |
| + |
| +TEST_F(WebFrameSubresourceFilterTest, ImportDocument) |
| +{ |
| + const char kHostDocument[] = "<html><head><link id=\"importLink\" rel=\"import\" href=\"include-script.html\"></head></html>"; |
| + FrameTestHelpers::loadHTMLString(mainFrame(), kHostDocument, toKURL("http://internal.test/host-include-script.html")); |
| + EXPECT_THAT(requestedSubresourcePaths(), ElementsAre("/included-script.js")); |
| + expectScriptDisallowed(); |
| +} |
| + |
| } // namespace blink |
