| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/navigation_controller_impl.h" | 5 #include "content/browser/frame_host/navigation_controller_impl.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <memory> | 10 #include <memory> |
| (...skipping 3753 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3764 NavigationControllerImpl& controller = controller_impl(); | 3764 NavigationControllerImpl& controller = controller_impl(); |
| 3765 const GURL url("http://www.google.com/home.html"); | 3765 const GURL url("http://www.google.com/home.html"); |
| 3766 | 3766 |
| 3767 // If the renderer claims it performed an in-page navigation from | 3767 // If the renderer claims it performed an in-page navigation from |
| 3768 // about:blank, trust the renderer. | 3768 // about:blank, trust the renderer. |
| 3769 // This can happen when an iframe is created and populated via | 3769 // This can happen when an iframe is created and populated via |
| 3770 // document.write(), then tries to perform a fragment navigation. | 3770 // document.write(), then tries to perform a fragment navigation. |
| 3771 // TODO(japhet): We should only trust the renderer if the about:blank | 3771 // TODO(japhet): We should only trust the renderer if the about:blank |
| 3772 // was the first document in the given frame, but we don't have enough | 3772 // was the first document in the given frame, but we don't have enough |
| 3773 // information to identify that case currently. | 3773 // information to identify that case currently. |
| 3774 // TODO(creis): Update this to verify that the origin of the about:blank page |
| 3775 // matches if the URL doesn't look same-origin. |
| 3774 const GURL blank_url(url::kAboutBlankURL); | 3776 const GURL blank_url(url::kAboutBlankURL); |
| 3777 const url::Origin blank_origin; |
| 3775 main_test_rfh()->NavigateAndCommitRendererInitiated(0, true, blank_url); | 3778 main_test_rfh()->NavigateAndCommitRendererInitiated(0, true, blank_url); |
| 3776 EXPECT_TRUE(controller.IsURLInPageNavigation(url, true, | 3779 EXPECT_TRUE(controller.IsURLInPageNavigation(url, url::Origin(url), true, |
| 3777 main_test_rfh())); | 3780 main_test_rfh())); |
| 3778 | 3781 |
| 3779 // Navigate to URL with no refs. | 3782 // Navigate to URL with no refs. |
| 3780 main_test_rfh()->NavigateAndCommitRendererInitiated(0, false, url); | 3783 main_test_rfh()->NavigateAndCommitRendererInitiated(0, false, url); |
| 3781 | 3784 |
| 3782 // Reloading the page is not an in-page navigation. | 3785 // Reloading the page is not an in-page navigation. |
| 3783 EXPECT_FALSE(controller.IsURLInPageNavigation(url, false, main_test_rfh())); | 3786 EXPECT_FALSE(controller.IsURLInPageNavigation(url, url::Origin(url), false, |
| 3787 main_test_rfh())); |
| 3784 const GURL other_url("http://www.google.com/add.html"); | 3788 const GURL other_url("http://www.google.com/add.html"); |
| 3785 EXPECT_FALSE(controller.IsURLInPageNavigation(other_url, false, | 3789 EXPECT_FALSE(controller.IsURLInPageNavigation( |
| 3786 main_test_rfh())); | 3790 other_url, url::Origin(other_url), false, main_test_rfh())); |
| 3787 const GURL url_with_ref("http://www.google.com/home.html#my_ref"); | 3791 const GURL url_with_ref("http://www.google.com/home.html#my_ref"); |
| 3788 EXPECT_TRUE(controller.IsURLInPageNavigation(url_with_ref, true, | 3792 EXPECT_TRUE(controller.IsURLInPageNavigation( |
| 3789 main_test_rfh())); | 3793 url_with_ref, url::Origin(url_with_ref), true, main_test_rfh())); |
| 3790 | 3794 |
| 3791 // Navigate to URL with refs. | 3795 // Navigate to URL with refs. |
| 3792 main_test_rfh()->NavigateAndCommitRendererInitiated(1, true, url_with_ref); | 3796 main_test_rfh()->NavigateAndCommitRendererInitiated(1, true, url_with_ref); |
| 3793 | 3797 |
| 3794 // Reloading the page is not an in-page navigation. | 3798 // Reloading the page is not an in-page navigation. |
| 3795 EXPECT_FALSE(controller.IsURLInPageNavigation(url_with_ref, false, | 3799 EXPECT_FALSE(controller.IsURLInPageNavigation( |
| 3796 main_test_rfh())); | 3800 url_with_ref, url::Origin(url_with_ref), false, main_test_rfh())); |
| 3797 EXPECT_FALSE(controller.IsURLInPageNavigation(url, false, | 3801 EXPECT_FALSE(controller.IsURLInPageNavigation(url, url::Origin(url), false, |
| 3798 main_test_rfh())); | 3802 main_test_rfh())); |
| 3799 EXPECT_FALSE(controller.IsURLInPageNavigation(other_url, false, | 3803 EXPECT_FALSE(controller.IsURLInPageNavigation( |
| 3800 main_test_rfh())); | 3804 other_url, url::Origin(other_url), false, main_test_rfh())); |
| 3801 const GURL other_url_with_ref("http://www.google.com/home.html#my_other_ref"); | 3805 const GURL other_url_with_ref("http://www.google.com/home.html#my_other_ref"); |
| 3802 EXPECT_TRUE(controller.IsURLInPageNavigation(other_url_with_ref, true, | 3806 EXPECT_TRUE(controller.IsURLInPageNavigation(other_url_with_ref, |
| 3803 main_test_rfh())); | 3807 url::Origin(other_url_with_ref), |
| 3808 true, main_test_rfh())); |
| 3804 | 3809 |
| 3805 // Going to the same url again will be considered in-page | 3810 // Going to the same url again will be considered in-page |
| 3806 // if the renderer says it is even if the navigation type isn't IN_PAGE. | 3811 // if the renderer says it is even if the navigation type isn't IN_PAGE. |
| 3807 EXPECT_TRUE(controller.IsURLInPageNavigation(url_with_ref, true, | 3812 EXPECT_TRUE(controller.IsURLInPageNavigation( |
| 3808 main_test_rfh())); | 3813 url_with_ref, url::Origin(url_with_ref), true, main_test_rfh())); |
| 3809 | 3814 |
| 3810 // Going back to the non ref url will be considered in-page if the navigation | 3815 // Going back to the non ref url will be considered in-page if the navigation |
| 3811 // type is IN_PAGE. | 3816 // type is IN_PAGE. |
| 3812 EXPECT_TRUE(controller.IsURLInPageNavigation(url, true, | 3817 EXPECT_TRUE(controller.IsURLInPageNavigation(url, url::Origin(url), true, |
| 3813 main_test_rfh())); | 3818 main_test_rfh())); |
| 3814 | 3819 |
| 3815 // If the renderer says this is a same-origin in-page navigation, believe it. | 3820 // If the renderer says this is a same-origin in-page navigation, believe it. |
| 3816 // This is the pushState/replaceState case. | 3821 // This is the pushState/replaceState case. |
| 3817 EXPECT_TRUE(controller.IsURLInPageNavigation(other_url, true, | 3822 EXPECT_TRUE(controller.IsURLInPageNavigation( |
| 3818 main_test_rfh())); | 3823 other_url, url::Origin(other_url), true, main_test_rfh())); |
| 3819 | 3824 |
| 3820 // Don't believe the renderer if it claims a cross-origin navigation is | 3825 // Don't believe the renderer if it claims a cross-origin navigation is |
| 3821 // in-page. | 3826 // in-page. |
| 3822 const GURL different_origin_url("http://www.example.com"); | 3827 const GURL different_origin_url("http://www.example.com"); |
| 3823 MockRenderProcessHost* rph = main_test_rfh()->GetProcess(); | 3828 MockRenderProcessHost* rph = main_test_rfh()->GetProcess(); |
| 3824 EXPECT_EQ(0, rph->bad_msg_count()); | 3829 EXPECT_EQ(0, rph->bad_msg_count()); |
| 3825 EXPECT_FALSE(controller.IsURLInPageNavigation(different_origin_url, true, | 3830 EXPECT_FALSE(controller.IsURLInPageNavigation( |
| 3826 main_test_rfh())); | 3831 different_origin_url, url::Origin(different_origin_url), true, |
| 3832 main_test_rfh())); |
| 3827 EXPECT_EQ(1, rph->bad_msg_count()); | 3833 EXPECT_EQ(1, rph->bad_msg_count()); |
| 3828 } | 3834 } |
| 3829 | 3835 |
| 3830 // Tests that IsInPageNavigation behaves properly with the | 3836 // Tests that IsInPageNavigation behaves properly with the |
| 3831 // allow_universal_access_from_file_urls flag. | 3837 // allow_universal_access_from_file_urls flag. |
| 3832 TEST_F(NavigationControllerTest, IsInPageNavigationWithUniversalFileAccess) { | 3838 TEST_F(NavigationControllerTest, IsInPageNavigationWithUniversalFileAccess) { |
| 3833 NavigationControllerImpl& controller = controller_impl(); | 3839 NavigationControllerImpl& controller = controller_impl(); |
| 3834 | 3840 |
| 3835 // Test allow_universal_access_from_file_urls flag. | 3841 // Test allow_universal_access_from_file_urls flag. |
| 3836 const GURL different_origin_url("http://www.example.com"); | 3842 const GURL different_origin_url("http://www.example.com"); |
| 3837 MockRenderProcessHost* rph = main_test_rfh()->GetProcess(); | 3843 MockRenderProcessHost* rph = main_test_rfh()->GetProcess(); |
| 3838 WebPreferences prefs = test_rvh()->GetWebkitPreferences(); | 3844 WebPreferences prefs = test_rvh()->GetWebkitPreferences(); |
| 3839 prefs.allow_universal_access_from_file_urls = true; | 3845 prefs.allow_universal_access_from_file_urls = true; |
| 3840 test_rvh()->UpdateWebkitPreferences(prefs); | 3846 test_rvh()->UpdateWebkitPreferences(prefs); |
| 3841 prefs = test_rvh()->GetWebkitPreferences(); | 3847 prefs = test_rvh()->GetWebkitPreferences(); |
| 3842 EXPECT_TRUE(prefs.allow_universal_access_from_file_urls); | 3848 EXPECT_TRUE(prefs.allow_universal_access_from_file_urls); |
| 3843 | 3849 |
| 3844 // Allow in page navigation to be cross-origin if existing URL is file scheme. | 3850 // Allow in page navigation to be cross-origin if existing URL is file scheme. |
| 3845 const GURL file_url("file:///foo/index.html"); | 3851 const GURL file_url("file:///foo/index.html"); |
| 3846 const url::Origin file_origin(file_url); | 3852 const url::Origin file_origin(file_url); |
| 3847 main_test_rfh()->NavigateAndCommitRendererInitiated(0, true, file_url); | 3853 main_test_rfh()->NavigateAndCommitRendererInitiated(0, true, file_url); |
| 3848 EXPECT_TRUE(file_origin.IsSameOriginWith( | 3854 EXPECT_TRUE(file_origin.IsSameOriginWith( |
| 3849 main_test_rfh()->frame_tree_node()->current_origin())); | 3855 main_test_rfh()->frame_tree_node()->current_origin())); |
| 3850 EXPECT_EQ(0, rph->bad_msg_count()); | 3856 EXPECT_EQ(0, rph->bad_msg_count()); |
| 3851 EXPECT_TRUE(controller.IsURLInPageNavigation(different_origin_url, true, | 3857 EXPECT_TRUE(controller.IsURLInPageNavigation( |
| 3858 different_origin_url, url::Origin(different_origin_url), true, |
| 3852 main_test_rfh())); | 3859 main_test_rfh())); |
| 3853 EXPECT_EQ(0, rph->bad_msg_count()); | 3860 EXPECT_EQ(0, rph->bad_msg_count()); |
| 3854 | 3861 |
| 3855 // Doing a replaceState to a cross-origin URL is thus allowed. | 3862 // Doing a replaceState to a cross-origin URL is thus allowed. |
| 3856 FrameHostMsg_DidCommitProvisionalLoad_Params params; | 3863 FrameHostMsg_DidCommitProvisionalLoad_Params params; |
| 3857 params.page_id = 1; | 3864 params.page_id = 1; |
| 3858 params.nav_entry_id = 1; | 3865 params.nav_entry_id = 1; |
| 3859 params.did_create_new_entry = false; | 3866 params.did_create_new_entry = false; |
| 3860 params.url = different_origin_url; | 3867 params.url = different_origin_url; |
| 3861 params.origin = file_origin; | 3868 params.origin = file_origin; |
| 3862 params.transition = ui::PAGE_TRANSITION_LINK; | 3869 params.transition = ui::PAGE_TRANSITION_LINK; |
| 3863 params.gesture = NavigationGestureUser; | 3870 params.gesture = NavigationGestureUser; |
| 3864 params.page_state = PageState::CreateFromURL(different_origin_url); | 3871 params.page_state = PageState::CreateFromURL(different_origin_url); |
| 3865 params.was_within_same_page = true; | 3872 params.was_within_same_page = true; |
| 3866 params.method = "GET"; | 3873 params.method = "GET"; |
| 3867 params.post_id = -1; | 3874 params.post_id = -1; |
| 3868 main_test_rfh()->SendRendererInitiatedNavigationRequest(different_origin_url, | 3875 main_test_rfh()->SendRendererInitiatedNavigationRequest(different_origin_url, |
| 3869 false); | 3876 false); |
| 3870 main_test_rfh()->PrepareForCommit(); | 3877 main_test_rfh()->PrepareForCommit(); |
| 3871 contents()->GetMainFrame()->SendNavigateWithParams(¶ms); | 3878 contents()->GetMainFrame()->SendNavigateWithParams(¶ms); |
| 3872 | 3879 |
| 3873 // At this point, we should still consider the current origin to be file://, | 3880 // At this point, we should still consider the current origin to be file://, |
| 3874 // so that a file URL would still be in-page. See https://crbug.com/553418. | 3881 // so that a file URL would still be in-page. See https://crbug.com/553418. |
| 3875 EXPECT_TRUE(file_origin.IsSameOriginWith( | 3882 EXPECT_TRUE(file_origin.IsSameOriginWith( |
| 3876 main_test_rfh()->frame_tree_node()->current_origin())); | 3883 main_test_rfh()->frame_tree_node()->current_origin())); |
| 3877 EXPECT_TRUE( | 3884 EXPECT_TRUE(controller.IsURLInPageNavigation(file_url, url::Origin(file_url), |
| 3878 controller.IsURLInPageNavigation(file_url, true, main_test_rfh())); | 3885 true, main_test_rfh())); |
| 3879 EXPECT_EQ(0, rph->bad_msg_count()); | 3886 EXPECT_EQ(0, rph->bad_msg_count()); |
| 3880 | 3887 |
| 3881 // Don't honor allow_universal_access_from_file_urls if actual URL is | 3888 // Don't honor allow_universal_access_from_file_urls if actual URL is |
| 3882 // not file scheme. | 3889 // not file scheme. |
| 3883 const GURL url("http://www.google.com/home.html"); | 3890 const GURL url("http://www.google.com/home.html"); |
| 3884 main_test_rfh()->NavigateAndCommitRendererInitiated(2, true, url); | 3891 main_test_rfh()->NavigateAndCommitRendererInitiated(2, true, url); |
| 3885 EXPECT_FALSE(controller.IsURLInPageNavigation(different_origin_url, true, | 3892 EXPECT_FALSE(controller.IsURLInPageNavigation( |
| 3893 different_origin_url, url::Origin(different_origin_url), true, |
| 3886 main_test_rfh())); | 3894 main_test_rfh())); |
| 3887 EXPECT_EQ(1, rph->bad_msg_count()); | 3895 EXPECT_EQ(1, rph->bad_msg_count()); |
| 3888 } | 3896 } |
| 3889 | 3897 |
| 3890 // Some pages can have subframes with the same base URL (minus the reference) as | 3898 // Some pages can have subframes with the same base URL (minus the reference) as |
| 3891 // the main page. Even though this is hard, it can happen, and we don't want | 3899 // the main page. Even though this is hard, it can happen, and we don't want |
| 3892 // these subframe navigations to affect the toplevel document. They should | 3900 // these subframe navigations to affect the toplevel document. They should |
| 3893 // instead be ignored. http://crbug.com/5585 | 3901 // instead be ignored. http://crbug.com/5585 |
| 3894 TEST_F(NavigationControllerTest, SameSubframe) { | 3902 TEST_F(NavigationControllerTest, SameSubframe) { |
| 3895 NavigationControllerImpl& controller = controller_impl(); | 3903 NavigationControllerImpl& controller = controller_impl(); |
| (...skipping 1431 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5327 observer.details().ssl_status.num_unknown_scts); | 5335 observer.details().ssl_status.num_unknown_scts); |
| 5328 EXPECT_EQ(default_ssl_status.num_invalid_scts, | 5336 EXPECT_EQ(default_ssl_status.num_invalid_scts, |
| 5329 observer.details().ssl_status.num_invalid_scts); | 5337 observer.details().ssl_status.num_invalid_scts); |
| 5330 EXPECT_EQ(default_ssl_status.num_valid_scts, | 5338 EXPECT_EQ(default_ssl_status.num_valid_scts, |
| 5331 observer.details().ssl_status.num_valid_scts); | 5339 observer.details().ssl_status.num_valid_scts); |
| 5332 | 5340 |
| 5333 EXPECT_EQ(1, main_test_rfh()->GetProcess()->bad_msg_count()); | 5341 EXPECT_EQ(1, main_test_rfh()->GetProcess()->bad_msg_count()); |
| 5334 } | 5342 } |
| 5335 | 5343 |
| 5336 } // namespace content | 5344 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2032903007:
Allow about:blank to be considered in-page if origin matches. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master