Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(830)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/service_worker/service_worker_browsertest.cc

Issue 2196633002: [ServiceWorker] Don't check the origin equality when disable-web-security flag is set. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: incorporated nhiroki's comment Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | content/browser/service_worker/service_worker_dispatcher_host.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/service_worker/service_worker_browsertest.cc
diff --git a/content/browser/service_worker/service_worker_browsertest.cc b/content/browser/service_worker/service_worker_browsertest.cc
index 122d610109639f22f8fa5f0153760ef118b0009a..4d73b52bba36bcc6c5170679cf6898a6c2cf6e56 100644
--- a/content/browser/service_worker/service_worker_browsertest.cc
+++ b/content/browser/service_worker/service_worker_browsertest.cc
@@ -1917,4 +1917,81 @@ IN_PROC_BROWSER_TEST_F(ServiceWorkerV8CacheStrategiesAggressiveTest,
CheckStrategyIsAggressive();
}
+// ServiceWorkerDisableWebSecurityTests check the behavior when the web security
+// is disabled. If '--disable-web-security' flag is set, we don't check the
+// origin equality in Blink. So the Service Worker related APIs should succeed
+// even if it is thouching other origin Service Workers.
+class ServiceWorkerDisableWebSecurityTest : public ServiceWorkerBrowserTest {
+ public:
+ ServiceWorkerDisableWebSecurityTest() {}
+ ~ServiceWorkerDisableWebSecurityTest() override {}
+
+ void SetUpCommandLine(base::CommandLine* command_line) override {
+ command_line->AppendSwitch(switches::kDisableWebSecurity);
+ }
+
+ void SetUpOnMainThread() override {
+ cross_origin_server_.ServeFilesFromSourceDirectory("content/test/data");
+ ASSERT_TRUE(cross_origin_server_.Start());
+ ServiceWorkerBrowserTest::SetUpOnMainThread();
+ }
+
+ void RegisterServiceWorkerOnCrossOriginServer(const std::string& scope,
+ const std::string& script) {
+ scoped_refptr<WorkerActivatedObserver> observer =
+ new WorkerActivatedObserver(wrapper());
+ observer->Init();
+ public_context()->RegisterServiceWorker(
+ cross_origin_server_.GetURL(scope), cross_origin_server_.GetURL(script),
+ base::Bind(&ExpectResultAndRun, true, base::Bind(&base::DoNothing)));
+ observer->Wait();
+ }
+
+ void RunTestWithCrossOriginURL(const std::string& test_page,
+ const std::string& cross_origin_url) {
+ const base::string16 title = base::ASCIIToUTF16("PASS");
+ TitleWatcher title_watcher(shell()->web_contents(), title);
+ NavigateToURL(shell(),
+ embedded_test_server()->GetURL(
+ test_page + "?" +
+ cross_origin_server_.GetURL(cross_origin_url).spec()));
+ EXPECT_EQ(title, title_watcher.WaitAndGetTitle());
+ }
+
+ private:
+ net::EmbeddedTestServer cross_origin_server_;
+ DISALLOW_COPY_AND_ASSIGN(ServiceWorkerDisableWebSecurityTest);
+};
+
+IN_PROC_BROWSER_TEST_F(ServiceWorkerDisableWebSecurityTest,
+ GetRegistrationNoCrash) {
+ const char kPageUrl[] =
+ "/service_worker/disable_web_security_get_registration.html";
+ const char kScopeUrl[] = "/service_worker/";
+ RunTestWithCrossOriginURL(kPageUrl, kScopeUrl);
+}
+
+IN_PROC_BROWSER_TEST_F(ServiceWorkerDisableWebSecurityTest, RegisterNoCrash) {
+ const char kPageUrl[] = "/service_worker/disable_web_security_register.html";
+ const char kScopeUrl[] = "/service_worker/";
+ RunTestWithCrossOriginURL(kPageUrl, kScopeUrl);
+}
+
+IN_PROC_BROWSER_TEST_F(ServiceWorkerDisableWebSecurityTest, UnregisterNoCrash) {
+ const char kPageUrl[] =
+ "/service_worker/disable_web_security_unregister.html";
+ const char kScopeUrl[] = "/service_worker/scope/";
+ const char kWorkerUrl[] = "/service_worker/fetch_event_blob.js";
+ RegisterServiceWorkerOnCrossOriginServer(kScopeUrl, kWorkerUrl);
+ RunTestWithCrossOriginURL(kPageUrl, kScopeUrl);
+}
+
+IN_PROC_BROWSER_TEST_F(ServiceWorkerDisableWebSecurityTest, UpdateNoCrash) {
+ const char kPageUrl[] = "/service_worker/disable_web_security_update.html";
+ const char kScopeUrl[] = "/service_worker/scope/";
+ const char kWorkerUrl[] = "/service_worker/fetch_event_blob.js";
+ RegisterServiceWorkerOnCrossOriginServer(kScopeUrl, kWorkerUrl);
+ RunTestWithCrossOriginURL(kPageUrl, kScopeUrl);
+}
+
} // namespace content
« no previous file with comments | « no previous file | content/browser/service_worker/service_worker_dispatcher_host.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698