Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(218)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/loader/resource_dispatcher_host_browsertest.cc

Issue 2080653002: SameSite: Correctly set requests' initiator for new tabs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Minimal. Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | content/renderer/render_frame_impl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/public/browser/resource_dispatcher_host.h" 5 #include "content/public/browser/resource_dispatcher_host.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/bind_helpers.h" 10 #include "base/bind_helpers.h"
(...skipping 737 matching lines...) Expand 10 before | Expand all | Expand 10 after
748 shell()->web_contents()->GetController().ReloadDisableLoFi(true); 748 shell()->web_contents()->GetController().ReloadDisableLoFi(true);
749 tab_observer.Wait(); 749 tab_observer.Wait();
750 CheckResourcesRequested(false); 750 CheckResourcesRequested(false);
751 } 751 }
752 752
753 namespace { 753 namespace {
754 754
755 struct RequestDataForDelegate { 755 struct RequestDataForDelegate {
756 const GURL url; 756 const GURL url;
757 const GURL first_party; 757 const GURL first_party;
758 const url::Origin initiator;
758 759
759 RequestDataForDelegate(const GURL& url, 760 RequestDataForDelegate(const GURL& url,
760 const GURL& first_party) 761 const GURL& first_party,
761 : url(url), first_party(first_party) {} 762 const url::Origin initiator)
763 : url(url), first_party(first_party), initiator(initiator) {}
762 }; 764 };
763 765
764 // Captures calls to 'RequestBeginning' and records the URL, first-party for 766 // Captures calls to 'RequestBeginning' and records the URL, first-party for
765 // cookies, and initiator. 767 // cookies, and initiator.
766 class RequestDataResourceDispatcherHostDelegate 768 class RequestDataResourceDispatcherHostDelegate
767 : public ResourceDispatcherHostDelegate { 769 : public ResourceDispatcherHostDelegate {
768 public: 770 public:
769 RequestDataResourceDispatcherHostDelegate() {} 771 RequestDataResourceDispatcherHostDelegate() {}
770 772
771 const ScopedVector<RequestDataForDelegate>& data() { return requests_; } 773 const ScopedVector<RequestDataForDelegate>& data() { return requests_; }
772 774
773 // ResourceDispatcherHostDelegate implementation: 775 // ResourceDispatcherHostDelegate implementation:
774 void RequestBeginning(net::URLRequest* request, 776 void RequestBeginning(net::URLRequest* request,
775 ResourceContext* resource_context, 777 ResourceContext* resource_context,
776 AppCacheService* appcache_service, 778 AppCacheService* appcache_service,
777 ResourceType resource_type, 779 ResourceType resource_type,
778 ScopedVector<ResourceThrottle>* throttles) override { 780 ScopedVector<ResourceThrottle>* throttles) override {
779 requests_.push_back(new RequestDataForDelegate( 781 requests_.push_back(new RequestDataForDelegate(
780 request->url(), request->first_party_for_cookies())); 782 request->url(), request->first_party_for_cookies(),
783 request->initiator()));
781 } 784 }
782 785
783 void SetDelegate() { ResourceDispatcherHost::Get()->SetDelegate(this); } 786 void SetDelegate() { ResourceDispatcherHost::Get()->SetDelegate(this); }
784 787
785 private: 788 private:
786 ScopedVector<RequestDataForDelegate> requests_; 789 ScopedVector<RequestDataForDelegate> requests_;
787 790
788 DISALLOW_COPY_AND_ASSIGN(RequestDataResourceDispatcherHostDelegate); 791 DISALLOW_COPY_AND_ASSIGN(RequestDataResourceDispatcherHostDelegate);
789 }; 792 };
790 793
(...skipping 18 matching lines...) Expand all
809 base::Bind(&RequestDataResourceDispatcherHostDelegate::SetDelegate, 812 base::Bind(&RequestDataResourceDispatcherHostDelegate::SetDelegate,
810 base::Unretained(delegate_.get()))); 813 base::Unretained(delegate_.get())));
811 } 814 }
812 815
813 protected: 816 protected:
814 std::unique_ptr<RequestDataResourceDispatcherHostDelegate> delegate_; 817 std::unique_ptr<RequestDataResourceDispatcherHostDelegate> delegate_;
815 }; 818 };
816 819
817 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest, Basic) { 820 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest, Basic) {
818 GURL top_url(embedded_test_server()->GetURL("/simple_page.html")); 821 GURL top_url(embedded_test_server()->GetURL("/simple_page.html"));
822 url::Origin top_origin(top_url);
819 823
820 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1); 824 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1);
821 825
822 EXPECT_EQ(1u, delegate_->data().size()); 826 EXPECT_EQ(1u, delegate_->data().size());
823 827
824 // User-initiated top-level navigations have a first-party and initiator that 828 // User-initiated top-level navigations have a first-party and initiator that
825 // matches the URL to which they navigate. 829 // matches the URL to which they navigate.
826 EXPECT_EQ(top_url, delegate_->data()[0]->url); 830 EXPECT_EQ(top_url, delegate_->data()[0]->url);
827 EXPECT_EQ(top_url, delegate_->data()[0]->first_party); 831 EXPECT_EQ(top_url, delegate_->data()[0]->first_party);
832 EXPECT_EQ(top_origin, delegate_->data()[0]->initiator);
828 } 833 }
829 834
830 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest, 835 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest,
831 SameOriginNested) { 836 SameOriginNested) {
832 GURL top_url(embedded_test_server()->GetURL("/page_with_iframe.html")); 837 GURL top_url(embedded_test_server()->GetURL("/page_with_iframe.html"));
833 GURL image_url(embedded_test_server()->GetURL("/image.jpg")); 838 GURL image_url(embedded_test_server()->GetURL("/image.jpg"));
834 GURL nested_url(embedded_test_server()->GetURL("/title1.html")); 839 GURL nested_url(embedded_test_server()->GetURL("/title1.html"));
840 url::Origin top_origin(top_url);
835 841
836 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1); 842 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1);
837 843
838 EXPECT_EQ(3u, delegate_->data().size()); 844 EXPECT_EQ(3u, delegate_->data().size());
839 845
840 // User-initiated top-level navigations have a first-party and initiator that 846 // User-initiated top-level navigations have a first-party and initiator that
841 // matches the URL to which they navigate. 847 // matches the URL to which they navigate.
842 EXPECT_EQ(top_url, delegate_->data()[0]->url); 848 EXPECT_EQ(top_url, delegate_->data()[0]->url);
843 EXPECT_EQ(top_url, delegate_->data()[0]->first_party); 849 EXPECT_EQ(top_url, delegate_->data()[0]->first_party);
850 EXPECT_EQ(top_origin, delegate_->data()[0]->initiator);
844 851
845 // Subresource requests have a first-party and initiator that matches the 852 // Subresource requests have a first-party and initiator that matches the
846 // document in which they're embedded. 853 // document in which they're embedded.
847 EXPECT_EQ(image_url, delegate_->data()[1]->url); 854 EXPECT_EQ(image_url, delegate_->data()[1]->url);
848 EXPECT_EQ(top_url, delegate_->data()[1]->first_party); 855 EXPECT_EQ(top_url, delegate_->data()[1]->first_party);
856 EXPECT_EQ(top_origin, delegate_->data()[1]->initiator);
849 857
850 // Same-origin nested frames have a first-party and initiator that matches 858 // Same-origin nested frames have a first-party and initiator that matches
851 // the document in which they're embedded. 859 // the document in which they're embedded.
852 EXPECT_EQ(nested_url, delegate_->data()[2]->url); 860 EXPECT_EQ(nested_url, delegate_->data()[2]->url);
853 EXPECT_EQ(top_url, delegate_->data()[2]->first_party); 861 EXPECT_EQ(top_url, delegate_->data()[2]->first_party);
862 EXPECT_EQ(top_origin, delegate_->data()[2]->initiator);
854 } 863 }
855 864
856 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest, 865 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest,
857 SameOriginAuxiliary) { 866 SameOriginAuxiliary) {
858 GURL top_url(embedded_test_server()->GetURL("/simple_links.html")); 867 GURL top_url(embedded_test_server()->GetURL("/simple_links.html"));
859 GURL auxiliary_url(embedded_test_server()->GetURL("/title2.html")); 868 GURL auxiliary_url(embedded_test_server()->GetURL("/title2.html"));
869 url::Origin top_origin(top_url);
860 870
861 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1); 871 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1);
862 872
863 ShellAddedObserver new_shell_observer; 873 ShellAddedObserver new_shell_observer;
864 bool success = false; 874 bool success = false;
865 EXPECT_TRUE(ExecuteScriptAndExtractBool( 875 EXPECT_TRUE(ExecuteScriptAndExtractBool(
866 shell(), 876 shell(),
867 "window.domAutomationController.send(clickSameSiteNewWindowLink());", 877 "window.domAutomationController.send(clickSameSiteNewWindowLink());",
868 &success)); 878 &success));
869 EXPECT_TRUE(success); 879 EXPECT_TRUE(success);
870 Shell* new_shell = new_shell_observer.GetShell(); 880 Shell* new_shell = new_shell_observer.GetShell();
871 WaitForLoadStop(new_shell->web_contents()); 881 WaitForLoadStop(new_shell->web_contents());
872 882
873 EXPECT_EQ(2u, delegate_->data().size()); 883 EXPECT_EQ(2u, delegate_->data().size());
874 884
875 // User-initiated top-level navigations have a first-party and initiator that 885 // User-initiated top-level navigations have a first-party and initiator that
876 // matches the URL to which they navigate, even if they fail to load. 886 // matches the URL to which they navigate, even if they fail to load.
877 EXPECT_EQ(top_url, delegate_->data()[0]->url); 887 EXPECT_EQ(top_url, delegate_->data()[0]->url);
878 EXPECT_EQ(top_url, delegate_->data()[0]->first_party); 888 EXPECT_EQ(top_url, delegate_->data()[0]->first_party);
889 EXPECT_EQ(top_origin, delegate_->data()[0]->initiator);
879 890
880 // Auxiliary navigations have a first-party that matches the URL to which they 891 // Auxiliary navigations have a first-party that matches the URL to which they
881 // navigate, and an initiator that matches the document that triggered them. 892 // navigate, and an initiator that matches the document that triggered them.
882 EXPECT_EQ(auxiliary_url, delegate_->data()[1]->url); 893 EXPECT_EQ(auxiliary_url, delegate_->data()[1]->url);
883 EXPECT_EQ(auxiliary_url, delegate_->data()[1]->first_party); 894 EXPECT_EQ(auxiliary_url, delegate_->data()[1]->first_party);
895 EXPECT_EQ(top_origin, delegate_->data()[1]->initiator);
884 } 896 }
885 897
886 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest, 898 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest,
887 CrossOriginAuxiliary) { 899 CrossOriginAuxiliary) {
888 GURL top_url(embedded_test_server()->GetURL("/simple_links.html")); 900 GURL top_url(embedded_test_server()->GetURL("/simple_links.html"));
889 GURL auxiliary_url(embedded_test_server()->GetURL("foo.com", "/title2.html")); 901 GURL auxiliary_url(embedded_test_server()->GetURL("foo.com", "/title2.html"));
902 url::Origin top_origin(top_url);
890 903
891 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1); 904 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1);
892 905
893 const char kReplacePortNumber[] = 906 const char kReplacePortNumber[] =
894 "window.domAutomationController.send(setPortNumber(%d));"; 907 "window.domAutomationController.send(setPortNumber(%d));";
895 uint16_t port_number = embedded_test_server()->port(); 908 uint16_t port_number = embedded_test_server()->port();
896 bool success = false; 909 bool success = false;
897 EXPECT_TRUE(ExecuteScriptAndExtractBool( 910 EXPECT_TRUE(ExecuteScriptAndExtractBool(
898 shell(), base::StringPrintf(kReplacePortNumber, port_number), &success)); 911 shell(), base::StringPrintf(kReplacePortNumber, port_number), &success));
899 success = false; 912 success = false;
900 913
901 ShellAddedObserver new_shell_observer; 914 ShellAddedObserver new_shell_observer;
902 success = false; 915 success = false;
903 EXPECT_TRUE(ExecuteScriptAndExtractBool( 916 EXPECT_TRUE(ExecuteScriptAndExtractBool(
904 shell(), 917 shell(),
905 "window.domAutomationController.send(clickCrossSiteNewWindowLink());", 918 "window.domAutomationController.send(clickCrossSiteNewWindowLink());",
906 &success)); 919 &success));
907 EXPECT_TRUE(success); 920 EXPECT_TRUE(success);
908 Shell* new_shell = new_shell_observer.GetShell(); 921 Shell* new_shell = new_shell_observer.GetShell();
909 WaitForLoadStop(new_shell->web_contents()); 922 WaitForLoadStop(new_shell->web_contents());
910 923
911 EXPECT_EQ(2u, delegate_->data().size()); 924 EXPECT_EQ(2u, delegate_->data().size());
912 925
913 // User-initiated top-level navigations have a first-party and initiator that 926 // User-initiated top-level navigations have a first-party and initiator that
914 // matches the URL to which they navigate, even if they fail to load. 927 // matches the URL to which they navigate, even if they fail to load.
915 EXPECT_EQ(top_url, delegate_->data()[0]->url); 928 EXPECT_EQ(top_url, delegate_->data()[0]->url);
916 EXPECT_EQ(top_url, delegate_->data()[0]->first_party); 929 EXPECT_EQ(top_url, delegate_->data()[0]->first_party);
930 EXPECT_EQ(top_origin, delegate_->data()[0]->initiator);
917 931
918 // Auxiliary navigations have a first-party that matches the URL to which they 932 // Auxiliary navigations have a first-party that matches the URL to which they
919 // navigate, and an initiator that matches the document that triggered them. 933 // navigate, and an initiator that matches the document that triggered them.
920 EXPECT_EQ(auxiliary_url, delegate_->data()[1]->url); 934 EXPECT_EQ(auxiliary_url, delegate_->data()[1]->url);
921 EXPECT_EQ(auxiliary_url, delegate_->data()[1]->first_party); 935 EXPECT_EQ(auxiliary_url, delegate_->data()[1]->first_party);
936 EXPECT_EQ(top_origin, delegate_->data()[1]->initiator);
922 } 937 }
923 938
924 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest, 939 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest,
925 FailedNavigation) { 940 FailedNavigation) {
926 // Navigating to this URL will fail, as we haven't taught the host resolver 941 // Navigating to this URL will fail, as we haven't taught the host resolver
927 // about 'a.com'. 942 // about 'a.com'.
928 GURL top_url(embedded_test_server()->GetURL("a.com", "/simple_page.html")); 943 GURL top_url(embedded_test_server()->GetURL("a.com", "/simple_page.html"));
944 url::Origin top_origin(top_url);
929 945
930 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1); 946 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1);
931 947
932 EXPECT_EQ(1u, delegate_->data().size()); 948 EXPECT_EQ(1u, delegate_->data().size());
933 949
934 // User-initiated top-level navigations have a first-party and initiator that 950 // User-initiated top-level navigations have a first-party and initiator that
935 // matches the URL to which they navigate, even if they fail to load. 951 // matches the URL to which they navigate, even if they fail to load.
936 EXPECT_EQ(top_url, delegate_->data()[0]->url); 952 EXPECT_EQ(top_url, delegate_->data()[0]->url);
937 EXPECT_EQ(top_url, delegate_->data()[0]->first_party); 953 EXPECT_EQ(top_url, delegate_->data()[0]->first_party);
954 EXPECT_EQ(top_origin, delegate_->data()[0]->initiator);
938 } 955 }
939 956
940 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest, 957 IN_PROC_BROWSER_TEST_F(RequestDataResourceDispatcherHostBrowserTest,
941 CrossOriginNested) { 958 CrossOriginNested) {
942 host_resolver()->AddRule("*", "127.0.0.1"); 959 host_resolver()->AddRule("*", "127.0.0.1");
943 GURL top_url(embedded_test_server()->GetURL( 960 GURL top_url(embedded_test_server()->GetURL(
944 "a.com", "/cross_site_iframe_factory.html?a(b)")); 961 "a.com", "/cross_site_iframe_factory.html?a(b)"));
945 GURL top_js_url( 962 GURL top_js_url(
946 embedded_test_server()->GetURL("a.com", "/tree_parser_util.js")); 963 embedded_test_server()->GetURL("a.com", "/tree_parser_util.js"));
947 GURL nested_url(embedded_test_server()->GetURL( 964 GURL nested_url(embedded_test_server()->GetURL(
948 "b.com", "/cross_site_iframe_factory.html?b()")); 965 "b.com", "/cross_site_iframe_factory.html?b()"));
949 GURL nested_js_url( 966 GURL nested_js_url(
950 embedded_test_server()->GetURL("b.com", "/tree_parser_util.js")); 967 embedded_test_server()->GetURL("b.com", "/tree_parser_util.js"));
968 url::Origin top_origin(top_url);
969 url::Origin nested_origin(nested_url);
951 970
952 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1); 971 NavigateToURLBlockUntilNavigationsComplete(shell(), top_url, 1);
953 972
954 EXPECT_EQ(4u, delegate_->data().size()); 973 EXPECT_EQ(4u, delegate_->data().size());
955 974
956 // User-initiated top-level navigations have a first-party and initiator that 975 // User-initiated top-level navigations have a first-party and initiator that
957 // matches the URL to which they navigate. 976 // matches the URL to which they navigate.
958 EXPECT_EQ(top_url, delegate_->data()[0]->url); 977 EXPECT_EQ(top_url, delegate_->data()[0]->url);
959 EXPECT_EQ(top_url, delegate_->data()[0]->first_party); 978 EXPECT_EQ(top_url, delegate_->data()[0]->first_party);
979 EXPECT_EQ(top_origin, delegate_->data()[0]->initiator);
960 980
961 EXPECT_EQ(top_js_url, delegate_->data()[1]->url); 981 EXPECT_EQ(top_js_url, delegate_->data()[1]->url);
962 EXPECT_EQ(top_url, delegate_->data()[1]->first_party); 982 EXPECT_EQ(top_url, delegate_->data()[1]->first_party);
983 EXPECT_EQ(top_origin, delegate_->data()[1]->initiator);
963 984
964 // Cross-origin frame requests have a first-party and initiator that matches 985 // Cross-origin frames have a first-party and initiator that matches the URL
965 // the URL in which they're embedded. 986 // in which they're embedded.
966 EXPECT_EQ(nested_url, delegate_->data()[2]->url); 987 EXPECT_EQ(nested_url, delegate_->data()[2]->url);
967 EXPECT_EQ(top_url, delegate_->data()[2]->first_party); 988 EXPECT_EQ(top_url, delegate_->data()[2]->first_party);
989 EXPECT_EQ(top_origin, delegate_->data()[2]->initiator);
968 990
969 // Cross-origin subresource requests have a unique first-party, and an 991 // Cross-origin subresource requests have a unique first-party, and an
970 // initiator that matches the document in which they're embedded. 992 // initiator that matches the document in which they're embedded.
971 EXPECT_EQ(nested_js_url, delegate_->data()[3]->url); 993 EXPECT_EQ(nested_js_url, delegate_->data()[3]->url);
972 EXPECT_EQ(kURLWithUniqueOrigin, delegate_->data()[3]->first_party); 994 EXPECT_EQ(kURLWithUniqueOrigin, delegate_->data()[3]->first_party);
995 EXPECT_EQ(nested_origin, delegate_->data()[3]->initiator);
973 } 996 }
974 997
975 } // namespace content 998 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | content/renderer/render_frame_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698