| Index: third_party/WebKit/Source/web/tests/WebFrameTest.cpp
|
| diff --git a/third_party/WebKit/Source/web/tests/WebFrameTest.cpp b/third_party/WebKit/Source/web/tests/WebFrameTest.cpp
|
| index 7975fbaa60c008e432aea8d0b6faa8d2d4650568..f0c1fdaf35c94756e80fd47753b6094af98b5cfb 100644
|
| --- a/third_party/WebKit/Source/web/tests/WebFrameTest.cpp
|
| +++ b/third_party/WebKit/Source/web/tests/WebFrameTest.cpp
|
| @@ -8800,62 +8800,4 @@ TEST_F(WebFrameTest, CopyImageWithImageMap)
|
| helper.reset(); // Explicitly reset to break dependency on locally scoped client.
|
| }
|
|
|
| -static void setSecurityOrigin(WebFrame* frame, PassRefPtr<SecurityOrigin> securityOrigin)
|
| -{
|
| - Document* document = frame->document();
|
| - document->setSecurityOrigin(securityOrigin);
|
| -}
|
| -
|
| -TEST_F(WebFrameTest, CanHaveSecureChild)
|
| -{
|
| - FrameTestHelpers::WebViewHelper helper;
|
| - FrameTestHelpers::TestWebFrameClient client;
|
| - helper.initialize(true, &client, nullptr, nullptr);
|
| - WebFrame* mainFrame = helper.webView()->mainFrame();
|
| - RefPtr<SecurityOrigin> secureOrigin = SecurityOrigin::createFromString("https://example.com");
|
| - RefPtr<SecurityOrigin> insecureOrigin = SecurityOrigin::createFromString("http://example.com");
|
| -
|
| - // Secure frame.
|
| - setSecurityOrigin(mainFrame, secureOrigin);
|
| - ASSERT_TRUE(mainFrame->canHaveSecureChild());
|
| -
|
| - // Insecure frame.
|
| - setSecurityOrigin(mainFrame, insecureOrigin);
|
| - ASSERT_FALSE(mainFrame->canHaveSecureChild());
|
| -
|
| - // Create a chain of frames.
|
| - FrameTestHelpers::loadFrame(mainFrame, "data:text/html,<iframe></iframe>");
|
| - WebFrame* childFrame = mainFrame->firstChild();
|
| - FrameTestHelpers::loadFrame(childFrame, "data:text/html,<iframe></iframe>");
|
| - WebFrame* grandchildFrame = childFrame->firstChild();
|
| -
|
| - // Secure -> insecure -> secure frame.
|
| - setSecurityOrigin(mainFrame, secureOrigin);
|
| - setSecurityOrigin(childFrame, insecureOrigin);
|
| - setSecurityOrigin(grandchildFrame, secureOrigin);
|
| - ASSERT_TRUE(mainFrame->canHaveSecureChild());
|
| - ASSERT_FALSE(childFrame->canHaveSecureChild());
|
| - ASSERT_FALSE(grandchildFrame->canHaveSecureChild());
|
| -
|
| - // A document in an insecure context can be considered secure if it has a
|
| - // scheme that bypasses the secure context check. But the exception doesn't
|
| - // apply to children of that document's frame.
|
| - SchemeRegistry::registerURLSchemeBypassingSecureContextCheck("very-special-scheme");
|
| - SchemeRegistry::registerURLSchemeAsSecure("very-special-scheme");
|
| - RefPtr<SecurityOrigin> specialOrigin = SecurityOrigin::createFromString("very-special-scheme://example.com");
|
| -
|
| - setSecurityOrigin(mainFrame, insecureOrigin);
|
| - setSecurityOrigin(childFrame, specialOrigin);
|
| - setSecurityOrigin(grandchildFrame, secureOrigin);
|
| - ASSERT_FALSE(mainFrame->canHaveSecureChild());
|
| - ASSERT_FALSE(childFrame->canHaveSecureChild());
|
| - ASSERT_FALSE(grandchildFrame->canHaveSecureChild());
|
| - Document* mainDocument = mainFrame->document();
|
| - Document* childDocument = childFrame->document();
|
| - Document* grandchildDocument = grandchildFrame->document();
|
| - ASSERT_FALSE(mainDocument->isSecureContext());
|
| - ASSERT_TRUE(childDocument->isSecureContext());
|
| - ASSERT_FALSE(grandchildDocument->isSecureContext());
|
| -}
|
| -
|
| } // namespace blink
|
|
|
Chromium Code Reviews
Issue 2082493002:
Remove WebFrame::canHaveSecureChild (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master