OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Contains holistic tests of the bindings infrastructure | 5 // Contains holistic tests of the bindings infrastructure |
6 | 6 |
7 #include "chrome/browser/extensions/api/permissions/permissions_api.h" | 7 #include "chrome/browser/extensions/api/permissions/permissions_api.h" |
8 #include "chrome/browser/extensions/extension_apitest.h" | 8 #include "chrome/browser/extensions/extension_apitest.h" |
9 #include "chrome/browser/net/url_request_mock_util.h" | 9 #include "chrome/browser/net/url_request_mock_util.h" |
10 #include "chrome/browser/ui/browser.h" | 10 #include "chrome/browser/ui/browser.h" |
(...skipping 190 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
201 browser()->tab_strip_model()->GetActiveWebContents(); | 201 browser()->tab_strip_model()->GetActiveWebContents(); |
202 EXPECT_FALSE(web_contents->IsCrashed()); | 202 EXPECT_FALSE(web_contents->IsCrashed()); |
203 // See function_interceptions.html. | 203 // See function_interceptions.html. |
204 std::string result; | 204 std::string result; |
205 EXPECT_TRUE(content::ExecuteScriptAndExtractString( | 205 EXPECT_TRUE(content::ExecuteScriptAndExtractString( |
206 web_contents, "window.domAutomationController.send(window.testStatus);", | 206 web_contents, "window.domAutomationController.send(window.testStatus);", |
207 &result)); | 207 &result)); |
208 EXPECT_EQ("success", result); | 208 EXPECT_EQ("success", result); |
209 } | 209 } |
210 | 210 |
| 211 // This tests that web pages with iframes pointing at chrome-extenison:// urls |
| 212 // don't get improper extensions bindings injected while they briefly still |
| 213 // point at about:blank and are still scriptable by their parent. |
| 214 // |
| 215 // The general idea is to load up 2 extensions, one which listens for external |
| 216 // messages ("receiver") and one which we'll try first faking a message from in |
| 217 // the web page's iframe, as well as actually send a message from later |
| 218 // ("sender"). |
| 219 IN_PROC_BROWSER_TEST_F(ExtensionBindingsApiTest, IframeBeforeNavigate) { |
| 220 // Load the sender and receiver extensions, and make sure they are ready. |
| 221 ExtensionTestMessageListener sender_ready("sender_ready", true); |
| 222 const Extension* sender = LoadExtension( |
| 223 test_data_dir_.AppendASCII("bindings").AppendASCII("message_sender")); |
| 224 ASSERT_NE(nullptr, sender); |
| 225 sender_ready.set_extension_id(sender->id()); |
| 226 ASSERT_TRUE(sender_ready.WaitUntilSatisfied()); |
| 227 |
| 228 ExtensionTestMessageListener receiver_ready("receiver_ready", false); |
| 229 const Extension* receiver = |
| 230 LoadExtension(test_data_dir_.AppendASCII("bindings") |
| 231 .AppendASCII("external_message_listener")); |
| 232 ASSERT_NE(nullptr, receiver); |
| 233 receiver_ready.set_extension_id(receiver->id()); |
| 234 ASSERT_TRUE(receiver_ready.WaitUntilSatisfied()); |
| 235 |
| 236 // Load the web page which tries to impersonate the sender extension via |
| 237 // scripting it's iframe before it finishes navigating to a web_accessible |
| 238 // page in the sender. |
| 239 ASSERT_TRUE(embedded_test_server()->Start()); |
| 240 ui_test_utils::NavigateToURL( |
| 241 browser(), |
| 242 embedded_test_server()->GetURL( |
| 243 "/extensions/api_test/bindings/iframe_before_navigate.html")); |
| 244 |
| 245 bool page_success = false; |
| 246 ASSERT_TRUE(content::ExecuteScriptAndExtractBool( |
| 247 browser()->tab_strip_model()->GetActiveWebContents(), "getResult()", |
| 248 &page_success)); |
| 249 ASSERT_TRUE(page_success); |
| 250 |
| 251 ExtensionTestMessageListener receiver_count(false); |
| 252 receiver_count.set_extension_id(receiver->id()); |
| 253 |
| 254 // This should cause |sender| to send a real message over to |receiver|, at |
| 255 // which point |receiver| will call test.sendMessage to send over the total |
| 256 // count of messages it got. |
| 257 sender_ready.Reply(receiver->id()); |
| 258 ASSERT_TRUE(receiver_count.WaitUntilSatisfied()); |
| 259 |
| 260 // If the code is correct, |receiver| will not have received an impersonated |
| 261 // messages sent by iframe_before_navigate.html, so the result should be 1. |
| 262 EXPECT_EQ("1", receiver_count.message()); |
| 263 } |
| 264 |
211 } // namespace | 265 } // namespace |
212 } // namespace extensions | 266 } // namespace extensions |
OLD | NEW |