chrome/browser/extensions/extension_bindings_apitest.cc - Issue 2151693002: Fix extension bindings injection for iframes

Side by Side Diff: chrome/browser/extensions/extension_bindings_apitest.cc

Issue 2151693002: Fix extension bindings injection for iframes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: hacker_case -> camelCase Created 4 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « no previous file | chrome/test/data/extensions/api_test/bindings/external_message_listener/background.js » ('j') | chrome/test/data/extensions/api_test/bindings/frames_before_navigation.html » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // Contains holistic tests of the bindings infrastructure	5 // Contains holistic tests of the bindings infrastructure

6	6

7 #include "chrome/browser/extensions/api/permissions/permissions_api.h"	7 #include "chrome/browser/extensions/api/permissions/permissions_api.h"

8 #include "chrome/browser/extensions/extension_apitest.h"	8 #include "chrome/browser/extensions/extension_apitest.h"

9 #include "chrome/browser/net/url_request_mock_util.h"	9 #include "chrome/browser/net/url_request_mock_util.h"

10 #include "chrome/browser/ui/browser.h"	10 #include "chrome/browser/ui/browser.h"

11 #include "chrome/browser/ui/tabs/tab_strip_model.h"	11 #include "chrome/browser/ui/tabs/tab_strip_model.h"

	12 #include "chrome/common/chrome_switches.h"

12 #include "chrome/test/base/ui_test_utils.h"	13 #include "chrome/test/base/ui_test_utils.h"

13 #include "content/public/browser/browser_thread.h"	14 #include "content/public/browser/browser_thread.h"

14 #include "content/public/test/browser_test_utils.h"	15 #include "content/public/test/browser_test_utils.h"

15 #include "extensions/browser/extension_host.h"	16 #include "extensions/browser/extension_host.h"

16 #include "extensions/browser/process_manager.h"	17 #include "extensions/browser/process_manager.h"

17 #include "extensions/test/extension_test_message_listener.h"	18 #include "extensions/test/extension_test_message_listener.h"

18 #include "extensions/test/result_catcher.h"	19 #include "extensions/test/result_catcher.h"

19 #include "net/test/embedded_test_server/embedded_test_server.h"	20 #include "net/test/embedded_test_server/embedded_test_server.h"

20	21

21 namespace extensions {	22 namespace extensions {

(...skipping 179 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
201 browser()->tab_strip_model()->GetActiveWebContents();	202 browser()->tab_strip_model()->GetActiveWebContents();

202 EXPECT_FALSE(web_contents->IsCrashed());	203 EXPECT_FALSE(web_contents->IsCrashed());

203 // See function_interceptions.html.	204 // See function_interceptions.html.

204 std::string result;	205 std::string result;

205 EXPECT_TRUE(content::ExecuteScriptAndExtractString(	206 EXPECT_TRUE(content::ExecuteScriptAndExtractString(

206 web_contents, "window.domAutomationController.send(window.testStatus);",	207 web_contents, "window.domAutomationController.send(window.testStatus);",

207 &result));	208 &result));

208 EXPECT_EQ("success", result);	209 EXPECT_EQ("success", result);

209 }	210 }

210	211

	212 // This tests that web pages with iframes or child windows pointing at

	213 // chrome-extenison:// urls, both web_accessible and nonexistent pages, don't

	214 // get improper extensions bindings injected while they briefly still point at

	215 // about:blank and are still scriptable by their parent.

	216 //

	217 // The general idea is to load up 2 extensions, one which listens for external

	218 // messages ("receiver") and one which we'll try first faking messages from in

	219 // the web page's iframe, as well as actually send a message from later

	220 // ("sender").

	221 IN_PROC_BROWSER_TEST_F(ExtensionBindingsApiTest, FramesBeforeNavigation) {

	222 base::CommandLine::ForCurrentProcess()->AppendSwitch(

	223 switches::kDisablePopupBlocking);

	224

	225 // Load the sender and receiver extensions, and make sure they are ready.

	226 ExtensionTestMessageListener sender_ready("sender_ready", true);

	227 const Extension* sender = LoadExtension(

	228 test_data_dir_.AppendASCII("bindings").AppendASCII("message_sender"));

	229 ASSERT_NE(nullptr, sender);

	230 ASSERT_TRUE(sender_ready.WaitUntilSatisfied());

	231

	232 ExtensionTestMessageListener receiver_ready("receiver_ready", false);

	233 const Extension* receiver =

	234 LoadExtension(test_data_dir_.AppendASCII("bindings")

	235 .AppendASCII("external_message_listener"));

	236 ASSERT_NE(nullptr, receiver);

	237 ASSERT_TRUE(receiver_ready.WaitUntilSatisfied());

	238

	239 // Load the web page which tries to impersonate the sender extension via

	240 // scripting iframes/child windows before they finish navigating to pages

	241 // within the sender extension.

	242 ASSERT_TRUE(embedded_test_server()->Start());

	243 ui_test_utils::NavigateToURL(

	244 browser(),

	245 embedded_test_server()->GetURL(

	246 "/extensions/api_test/bindings/frames_before_navigation.html"));

	247

	248 bool page_success = false;

	249 ASSERT_TRUE(content::ExecuteScriptAndExtractBool(

	250 browser()->tab_strip_model()->GetWebContentsAt(0), "getResult()",

	251 &page_success));

	252 EXPECT_TRUE(page_success);

	253

	254 // Reply to \|sender\|, causing it to send a message over to \|receiver\|, and

	255 // then ask \|receiver\| for the total message count. It should be 1 since

	256 // \|receiver\| should not have received any impersonated messages.

	257 sender_ready.Reply(receiver->id());

	258 int message_count;
	Devlin 2016/07/21 22:20:34 nit: initialize this. nit: initialize this. asargent_no_longer_on_chrome 2016/07/22 17:36:51 Done. Show quoted text On 2016/07/21 22:20:34, Devlin wrote: > nit: initialize this. Done.
	259 ASSERT_TRUE(content::ExecuteScriptAndExtractInt(

	260 extensions::ProcessManager::Get(profile())
	Devlin 2016/07/21 22:20:34 nit: already in extensions::. nit: already in extensions::. asargent_no_longer_on_chrome 2016/07/22 17:36:51 Done. Show quoted text On 2016/07/21 22:20:34, Devlin wrote: > nit: already in extensions::. Done.
	261 ->GetBackgroundHostForExtension(receiver->id())

	262 ->host_contents(),

	263 "getMessageCountAfterReceivingRealSenderMessage()", &message_count));

	264 EXPECT_EQ(1, message_count);

	265 }

	266

211 } // namespace	267 } // namespace

212 } // namespace extensions	268 } // namespace extensions

OLD	NEW