OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/ContentSecurityPolicy.h" | 5 #include "core/frame/csp/ContentSecurityPolicy.h" |
6 | 6 |
7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
8 #include "core/fetch/IntegrityMetadata.h" | |
8 #include "core/frame/csp/CSPDirectiveList.h" | 9 #include "core/frame/csp/CSPDirectiveList.h" |
9 #include "core/loader/DocumentLoader.h" | 10 #include "core/loader/DocumentLoader.h" |
10 #include "core/testing/DummyPageHolder.h" | 11 #include "core/testing/DummyPageHolder.h" |
12 #include "platform/Crypto.h" | |
11 #include "platform/RuntimeEnabledFeatures.h" | 13 #include "platform/RuntimeEnabledFeatures.h" |
12 #include "platform/network/ContentSecurityPolicyParsers.h" | 14 #include "platform/network/ContentSecurityPolicyParsers.h" |
13 #include "platform/network/ResourceRequest.h" | 15 #include "platform/network/ResourceRequest.h" |
14 #include "platform/weborigin/KURL.h" | 16 #include "platform/weborigin/KURL.h" |
15 #include "platform/weborigin/SecurityOrigin.h" | 17 #include "platform/weborigin/SecurityOrigin.h" |
16 #include "public/platform/WebAddressSpace.h" | 18 #include "public/platform/WebAddressSpace.h" |
17 #include "testing/gtest/include/gtest/gtest.h" | 19 #include "testing/gtest/include/gtest/gtest.h" |
18 | 20 |
19 namespace blink { | 21 namespace blink { |
20 | 22 |
(...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
199 } | 201 } |
200 | 202 |
201 // Tests that object-src directives are applied to a request to load a | 203 // Tests that object-src directives are applied to a request to load a |
202 // plugin, but not to subresource requests that the plugin itself | 204 // plugin, but not to subresource requests that the plugin itself |
203 // makes. https://crbug.com/603952 | 205 // makes. https://crbug.com/603952 |
204 TEST_F(ContentSecurityPolicyTest, ObjectSrc) | 206 TEST_F(ContentSecurityPolicyTest, ObjectSrc) |
205 { | 207 { |
206 KURL url(KURL(), "https://example.test"); | 208 KURL url(KURL(), "https://example.test"); |
207 csp->bindToExecutionContext(document.get()); | 209 csp->bindToExecutionContext(document.get()); |
208 csp->didReceiveHeader("object-src 'none';", ContentSecurityPolicyHeaderTypeE nforce, ContentSecurityPolicyHeaderSourceMeta); | 210 csp->didReceiveHeader("object-src 'none';", ContentSecurityPolicyHeaderTypeE nforce, ContentSecurityPolicyHeaderSourceMeta); |
209 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextObject, url, Str ing(), ResourceRequest::RedirectStatus::NoRedirect, ContentSecurityPolicy::Suppr essReport)); | 211 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextObject, url, Str ing(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); |
210 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextEmbed, url, Stri ng(), ResourceRequest::RedirectStatus::NoRedirect, ContentSecurityPolicy::Suppre ssReport)); | 212 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextEmbed, url, Stri ng(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Conte ntSecurityPolicy::SuppressReport)); |
211 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextPlugin, url, Stri ng(), ResourceRequest::RedirectStatus::NoRedirect, ContentSecurityPolicy::Suppre ssReport)); | 213 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextPlugin, url, Stri ng(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Conte ntSecurityPolicy::SuppressReport)); |
214 } | |
215 | |
216 | |
217 // Tests that require-sri-for that is set for scripts and styles blocks | |
218 // requests without integrity metadata | |
219 TEST_F(ContentSecurityPolicyTest, RequireSRIForMissingIntegrity) | |
220 { | |
221 KURL url(KURL(), "https://example.test"); | |
222 csp->bindToExecutionContext(document.get()); | |
223 // Enforce | |
224 csp->didReceiveHeader("require-sri-for script style;", ContentSecurityPolicy HeaderTypeEnforce, ContentSecurityPolicyHeaderSourceMeta); | |
225 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextScript, url, Str ing(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); | |
226 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextImport, url, Str ing(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); | |
227 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextStyle, url, Stri ng(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Conte ntSecurityPolicy::SuppressReport)); | |
228 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextServiceWorker, u rl, String(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirec t, ContentSecurityPolicy::SuppressReport)); | |
229 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextSharedWorker, ur l, String(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect , ContentSecurityPolicy::SuppressReport)); | |
230 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextWorker, url, Str ing(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); | |
231 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextImage, url, Strin g(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Conten tSecurityPolicy::SuppressReport)); | |
232 // Report | |
233 csp->didReceiveHeader("require-sri-for script style;", ContentSecurityPolicy HeaderTypeReport, ContentSecurityPolicyHeaderSourceMeta); | |
234 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextScript, url, Str ing(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); | |
Mike West
2016/06/21 07:29:36
Right now, you're applying both report-only and en
Sergey Shekyan
2016/06/22 06:25:14
I split them and added another set of tests for po
Mike West
2016/06/24 09:25:06
That shouldn't be the case. That is, `script-src '
| |
235 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextImport, url, Str ing(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); | |
236 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextStyle, url, Stri ng(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Conte ntSecurityPolicy::SuppressReport)); | |
237 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextServiceWorker, u rl, String(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirec t, ContentSecurityPolicy::SuppressReport)); | |
238 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextSharedWorker, ur l, String(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect , ContentSecurityPolicy::SuppressReport)); | |
239 EXPECT_FALSE(csp->allowRequest(WebURLRequest::RequestContextWorker, url, Str ing(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); | |
240 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextImage, url, Strin g(), IntegrityMetadataSet(), ResourceRequest::RedirectStatus::NoRedirect, Conten tSecurityPolicy::SuppressReport)); | |
241 } | |
242 | |
243 // Tests that require-sri-for that is set for scripts and styles allows | |
244 // requests with integrity metadata | |
245 TEST_F(ContentSecurityPolicyTest, RequireSRIForPresentIntegrity) | |
246 { | |
247 KURL url(KURL(), "https://example.test"); | |
248 IntegrityMetadataSet integrityMetadata; | |
249 integrityMetadata.add(IntegrityMetadata("1234", HashAlgorithmSha384).toPair( )); | |
250 csp->bindToExecutionContext(document.get()); | |
251 // Enforce | |
252 csp->didReceiveHeader("require-sri-for script style;", ContentSecurityPolicy HeaderTypeEnforce, ContentSecurityPolicyHeaderSourceMeta); | |
253 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextScript, url, Stri ng(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSec urityPolicy::SuppressReport)); | |
254 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextImport, url, Stri ng(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSec urityPolicy::SuppressReport)); | |
255 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextStyle, url, Strin g(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSecu rityPolicy::SuppressReport)); | |
256 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextServiceWorker, ur l, String(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, Con tentSecurityPolicy::SuppressReport)); | |
257 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextSharedWorker, url , String(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); | |
258 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextWorker, url, Stri ng(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSec urityPolicy::SuppressReport)); | |
259 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextImage, url, Strin g(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSecu rityPolicy::SuppressReport)); | |
260 // Report | |
261 csp->didReceiveHeader("require-sri-for script style;", ContentSecurityPolicy HeaderTypeReport, ContentSecurityPolicyHeaderSourceMeta); | |
Mike West
2016/06/21 07:29:36
Ditto.
Sergey Shekyan
2016/06/22 06:25:14
Acknowledged.
| |
262 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextScript, url, Stri ng(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSec urityPolicy::SuppressReport)); | |
263 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextImport, url, Stri ng(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSec urityPolicy::SuppressReport)); | |
264 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextStyle, url, Strin g(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSecu rityPolicy::SuppressReport)); | |
265 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextServiceWorker, ur l, String(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, Con tentSecurityPolicy::SuppressReport)); | |
266 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextSharedWorker, url , String(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, Cont entSecurityPolicy::SuppressReport)); | |
267 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextWorker, url, Stri ng(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSec urityPolicy::SuppressReport)); | |
268 EXPECT_TRUE(csp->allowRequest(WebURLRequest::RequestContextImage, url, Strin g(), integrityMetadata, ResourceRequest::RedirectStatus::NoRedirect, ContentSecu rityPolicy::SuppressReport)); | |
212 } | 269 } |
213 | 270 |
214 TEST_F(ContentSecurityPolicyTest, NonceSinglePolicy) | 271 TEST_F(ContentSecurityPolicyTest, NonceSinglePolicy) |
215 { | 272 { |
216 struct TestCase { | 273 struct TestCase { |
217 const char* policy; | 274 const char* policy; |
218 const char* url; | 275 const char* url; |
219 const char* nonce; | 276 const char* nonce; |
220 bool allowed; | 277 bool allowed; |
221 } cases[] = { | 278 } cases[] = { |
(...skipping 148 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
370 policy = ContentSecurityPolicy::create(); | 427 policy = ContentSecurityPolicy::create(); |
371 policy->bindToExecutionContext(document.get()); | 428 policy->bindToExecutionContext(document.get()); |
372 policy->didReceiveHeader(test.policy1, ContentSecurityPolicyHeaderTypeRe port, ContentSecurityPolicyHeaderSourceHTTP); | 429 policy->didReceiveHeader(test.policy1, ContentSecurityPolicyHeaderTypeRe port, ContentSecurityPolicyHeaderSourceHTTP); |
373 policy->didReceiveHeader(test.policy2, ContentSecurityPolicyHeaderTypeRe port, ContentSecurityPolicyHeaderSourceHTTP); | 430 policy->didReceiveHeader(test.policy2, ContentSecurityPolicyHeaderTypeRe port, ContentSecurityPolicyHeaderSourceHTTP); |
374 EXPECT_TRUE(policy->allowScriptFromSource(resource, String(test.nonce))) ; | 431 EXPECT_TRUE(policy->allowScriptFromSource(resource, String(test.nonce))) ; |
375 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 432 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
376 } | 433 } |
377 } | 434 } |
378 | 435 |
379 } // namespace blink | 436 } // namespace blink |
OLD | NEW |