OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/site_per_process_browsertest.h" | 5 #include "content/browser/site_per_process_browsertest.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <algorithm> | 10 #include <algorithm> |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
70 #endif | 70 #endif |
71 | 71 |
72 #if defined(OS_MACOSX) | 72 #if defined(OS_MACOSX) |
73 #include "ui/base/test/scoped_preferred_scroller_style_mac.h" | 73 #include "ui/base/test/scoped_preferred_scroller_style_mac.h" |
74 #endif | 74 #endif |
75 | 75 |
76 namespace content { | 76 namespace content { |
77 | 77 |
78 namespace { | 78 namespace { |
79 | 79 |
80 const GURL kBlockedURL("data:,"); | |
81 | |
82 // Helper function to send a postMessage and wait for a reply message. The | 80 // Helper function to send a postMessage and wait for a reply message. The |
83 // |post_message_script| is executed on the |sender_ftn| frame, and the sender | 81 // |post_message_script| is executed on the |sender_ftn| frame, and the sender |
84 // frame is expected to post |reply_status| from the DOMAutomationController | 82 // frame is expected to post |reply_status| from the DOMAutomationController |
85 // when it receives a reply. | 83 // when it receives a reply. |
86 void PostMessageAndWaitForReply(FrameTreeNode* sender_ftn, | 84 void PostMessageAndWaitForReply(FrameTreeNode* sender_ftn, |
87 const std::string& post_message_script, | 85 const std::string& post_message_script, |
88 const std::string& reply_status) { | 86 const std::string& reply_status) { |
89 // Subtle: msg_queue needs to be declared before the ExecuteScript below, or | 87 // Subtle: msg_queue needs to be declared before the ExecuteScript below, or |
90 // else it might miss the message of interest. See https://crbug.com/518729. | 88 // else it might miss the message of interest. See https://crbug.com/518729. |
91 DOMMessageQueue msg_queue; | 89 DOMMessageQueue msg_queue; |
(...skipping 6067 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6159 ASSERT_TRUE(https_server.Start()); | 6157 ASSERT_TRUE(https_server.Start()); |
6160 SetupCrossSiteRedirector(&https_server); | 6158 SetupCrossSiteRedirector(&https_server); |
6161 | 6159 |
6162 GURL iframe_url( | 6160 GURL iframe_url( |
6163 https_server.GetURL("/mixed-content/basic-active-in-iframe.html")); | 6161 https_server.GetURL("/mixed-content/basic-active-in-iframe.html")); |
6164 EXPECT_TRUE(NavigateToURL(shell(), iframe_url)); | 6162 EXPECT_TRUE(NavigateToURL(shell(), iframe_url)); |
6165 FrameTreeNode* root = web_contents()->GetFrameTree()->root(); | 6163 FrameTreeNode* root = web_contents()->GetFrameTree()->root(); |
6166 ASSERT_EQ(1U, root->child_count()); | 6164 ASSERT_EQ(1U, root->child_count()); |
6167 FrameTreeNode* mixed_child = root->child_at(0)->child_at(0); | 6165 FrameTreeNode* mixed_child = root->child_at(0)->child_at(0); |
6168 ASSERT_TRUE(mixed_child); | 6166 ASSERT_TRUE(mixed_child); |
6169 // The child iframe attempted to create a mixed iframe; this will commit | 6167 // The child iframe attempted to create a mixed iframe; this should |
6170 // a load to 'data:,' (so that it ends up in a unique origin). | 6168 // have been blocked, so the mixed iframe should not have committed a |
6171 EXPECT_TRUE(mixed_child->has_committed_real_load()); | 6169 // load. |
6172 EXPECT_EQ(kBlockedURL, mixed_child->current_url()); | 6170 EXPECT_FALSE(mixed_child->has_committed_real_load()); |
6173 } | 6171 } |
6174 | 6172 |
6175 // Test that subresources with certificate errors that are redundant | 6173 // Test that subresources with certificate errors that are redundant |
6176 // with the main page do not get reported to the browser. That is, if | 6174 // with the main page do not get reported to the browser. That is, if |
6177 // https://redundant.test frames https://a.com which frames | 6175 // https://redundant.test frames https://a.com which frames |
6178 // https://redundant.test which loads an image with certificate errors, | 6176 // https://redundant.test which loads an image with certificate errors, |
6179 // the browser doesn't care and doesn't need to know about the image's | 6177 // the browser doesn't care and doesn't need to know about the image's |
6180 // certificate errors because they are redundant with the main page | 6178 // certificate errors because they are redundant with the main page |
6181 // load. | 6179 // load. |
6182 IN_PROC_BROWSER_TEST_F(SitePerProcessIgnoreCertErrorsBrowserTest, | 6180 IN_PROC_BROWSER_TEST_F(SitePerProcessIgnoreCertErrorsBrowserTest, |
(...skipping 188 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6371 | 6369 |
6372 // The blocked frame should still fire a load event in its parent's process. | 6370 // The blocked frame should still fire a load event in its parent's process. |
6373 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 6371 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
6374 | 6372 |
6375 // Check that the current RenderFrameHost has stopped loading. | 6373 // Check that the current RenderFrameHost has stopped loading. |
6376 if (root->child_at(0)->current_frame_host()->is_loading()) { | 6374 if (root->child_at(0)->current_frame_host()->is_loading()) { |
6377 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 6375 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
6378 load_observer.Wait(); | 6376 load_observer.Wait(); |
6379 } | 6377 } |
6380 | 6378 |
6381 // The blocked frame should commit to |kBlockedURL| | 6379 // The blocked frame should stay at the old location. |
6382 EXPECT_EQ(kBlockedURL, root->child_at(0)->current_url()); | 6380 EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url()); |
6383 | 6381 |
| 6382 // The blocked frame should keep the old title. |
6384 std::string frame_title; | 6383 std::string frame_title; |
6385 EXPECT_TRUE(ExecuteScriptAndExtractString( | 6384 EXPECT_TRUE(ExecuteScriptAndExtractString( |
6386 root->child_at(0), "domAutomationController.send(document.title)", | 6385 root->child_at(0), "domAutomationController.send(document.title)", |
6387 &frame_title)); | 6386 &frame_title)); |
6388 EXPECT_EQ("", frame_title); | 6387 EXPECT_EQ("Title Of Awesomeness", frame_title); |
6389 | 6388 |
6390 // Navigate to a URL without CSP. | 6389 // Navigate to a URL without CSP. |
6391 EXPECT_TRUE(NavigateToURL( | 6390 EXPECT_TRUE(NavigateToURL( |
6392 shell(), embedded_test_server()->GetURL("a.com", "/title1.html"))); | 6391 shell(), embedded_test_server()->GetURL("a.com", "/title1.html"))); |
6393 | 6392 |
6394 // Verify that the frame's CSP got correctly reset to an empty set. | 6393 // Verify that the frame's CSP got correctly reset to an empty set. |
6395 EXPECT_EQ(0u, | 6394 EXPECT_EQ(0u, |
6396 root->current_replication_state().accumulated_csp_headers.size()); | 6395 root->current_replication_state().accumulated_csp_headers.size()); |
6397 } | 6396 } |
6398 | 6397 |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6445 | 6444 |
6446 // The blocked frame should still fire a load event in its parent's process. | 6445 // The blocked frame should still fire a load event in its parent's process. |
6447 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 6446 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
6448 | 6447 |
6449 // Check that the current RenderFrameHost has stopped loading. | 6448 // Check that the current RenderFrameHost has stopped loading. |
6450 if (root->child_at(0)->current_frame_host()->is_loading()) { | 6449 if (root->child_at(0)->current_frame_host()->is_loading()) { |
6451 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 6450 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
6452 load_observer2.Wait(); | 6451 load_observer2.Wait(); |
6453 } | 6452 } |
6454 | 6453 |
6455 // The blocked frame should commit to |kBlockedURL| | 6454 // The blocked frame should stay at the old location. |
6456 EXPECT_EQ(kBlockedURL, root->child_at(0)->current_url()); | 6455 EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url()); |
6457 | 6456 |
| 6457 // The blocked frame should keep the old title. |
6458 std::string frame_title; | 6458 std::string frame_title; |
6459 EXPECT_TRUE(ExecuteScriptAndExtractString( | 6459 EXPECT_TRUE(ExecuteScriptAndExtractString( |
6460 root->child_at(0), "domAutomationController.send(document.title)", | 6460 root->child_at(0), "domAutomationController.send(document.title)", |
6461 &frame_title)); | 6461 &frame_title)); |
6462 EXPECT_EQ("", frame_title); | 6462 EXPECT_EQ("Title Of Awesomeness", frame_title); |
6463 } | 6463 } |
6464 | 6464 |
6465 // Test that a cross-origin frame's navigation can be blocked by CSP frame-src. | 6465 // Test that a cross-origin frame's navigation can be blocked by CSP frame-src. |
6466 // In this version of a test, CSP is inherited by srcdoc iframe from a parent | 6466 // In this version of a test, CSP is inherited by srcdoc iframe from a parent |
6467 // that declared CSP via HTTP headers. Cross-origin frame navigating to a | 6467 // that declared CSP via HTTP headers. Cross-origin frame navigating to a |
6468 // blocked location is a child of the srcdoc iframe. | 6468 // blocked location is a child of the srcdoc iframe. |
6469 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, | 6469 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, |
6470 CrossSiteIframeBlockedByCSPInheritedBySrcDocParent) { | 6470 CrossSiteIframeBlockedByCSPInheritedBySrcDocParent) { |
6471 GURL main_url( | 6471 GURL main_url( |
6472 embedded_test_server()->GetURL("a.com", "/frame-src-self-and-b.html")); | 6472 embedded_test_server()->GetURL("a.com", "/frame-src-self-and-b.html")); |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6513 | 6513 |
6514 // The blocked frame should still fire a load event in its parent's process. | 6514 // The blocked frame should still fire a load event in its parent's process. |
6515 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 6515 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
6516 | 6516 |
6517 // Check that the current RenderFrameHost has stopped loading. | 6517 // Check that the current RenderFrameHost has stopped loading. |
6518 if (navigating_frame->current_frame_host()->is_loading()) { | 6518 if (navigating_frame->current_frame_host()->is_loading()) { |
6519 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 6519 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
6520 load_observer2.Wait(); | 6520 load_observer2.Wait(); |
6521 } | 6521 } |
6522 | 6522 |
6523 // The blocked frame should commit to |kBlockedURL| | 6523 // The blocked frame should stay at the old location. |
6524 EXPECT_EQ(kBlockedURL, navigating_frame->current_url()); | 6524 EXPECT_EQ(old_subframe_url, navigating_frame->current_url()); |
6525 | 6525 |
| 6526 // The blocked frame should keep the old title. |
6526 std::string frame_title; | 6527 std::string frame_title; |
6527 EXPECT_TRUE(ExecuteScriptAndExtractString( | 6528 EXPECT_TRUE(ExecuteScriptAndExtractString( |
6528 navigating_frame, "domAutomationController.send(document.title)", | 6529 navigating_frame, "domAutomationController.send(document.title)", |
6529 &frame_title)); | 6530 &frame_title)); |
6530 EXPECT_EQ("", frame_title); | 6531 EXPECT_EQ("Title Of Awesomeness", frame_title); |
6531 | 6532 |
6532 // Navigate the subframe to a URL without CSP. | 6533 // Navigate the subframe to a URL without CSP. |
6533 NavigateFrameToURL(srcdoc_frame, | 6534 NavigateFrameToURL(srcdoc_frame, |
6534 embedded_test_server()->GetURL("a.com", "/title1.html")); | 6535 embedded_test_server()->GetURL("a.com", "/title1.html")); |
6535 | 6536 |
6536 // Verify that the frame's CSP got correctly reset to an empty set. | 6537 // Verify that the frame's CSP got correctly reset to an empty set. |
6537 EXPECT_EQ( | 6538 EXPECT_EQ( |
6538 0u, | 6539 0u, |
6539 srcdoc_frame->current_replication_state().accumulated_csp_headers.size()); | 6540 srcdoc_frame->current_replication_state().accumulated_csp_headers.size()); |
6540 } | 6541 } |
(...skipping 656 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
7197 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0))); | 7198 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0))); |
7198 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0)->child_at(0))); | 7199 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0)->child_at(0))); |
7199 | 7200 |
7200 // Cross-site navigation should preserve the fullscreen flags. | 7201 // Cross-site navigation should preserve the fullscreen flags. |
7201 NavigateFrameToURL(root->child_at(0)->child_at(0), | 7202 NavigateFrameToURL(root->child_at(0)->child_at(0), |
7202 embedded_test_server()->GetURL("d.com", "/title1.html")); | 7203 embedded_test_server()->GetURL("d.com", "/title1.html")); |
7203 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0)->child_at(0))); | 7204 EXPECT_TRUE(is_fullscreen_allowed(root->child_at(0)->child_at(0))); |
7204 } | 7205 } |
7205 | 7206 |
7206 } // namespace content | 7207 } // namespace content |
OLD | NEW |