OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "base/test/histogram_tester.h" | 9 #include "base/test/histogram_tester.h" |
10 #include "content/browser/bad_message.h" | 10 #include "content/browser/bad_message.h" |
(...skipping 21 matching lines...) Expand all Loading... |
32 | 32 |
33 namespace { | 33 namespace { |
34 | 34 |
35 std::string GetCookieFromJS(RenderFrameHost* frame) { | 35 std::string GetCookieFromJS(RenderFrameHost* frame) { |
36 std::string cookie; | 36 std::string cookie; |
37 EXPECT_TRUE(ExecuteScriptAndExtractString( | 37 EXPECT_TRUE(ExecuteScriptAndExtractString( |
38 frame, "window.domAutomationController.send(document.cookie);", &cookie)); | 38 frame, "window.domAutomationController.send(document.cookie);", &cookie)); |
39 return cookie; | 39 return cookie; |
40 } | 40 } |
41 | 41 |
| 42 mojom::RenderFrameMessageFilter* GetFilterForProcess( |
| 43 RenderProcessHost* process) { |
| 44 return static_cast<RenderProcessHostImpl*>(process) |
| 45 ->render_frame_message_filter_for_testing(); |
| 46 } |
| 47 |
42 } // namespace | 48 } // namespace |
43 | 49 |
44 class RenderFrameMessageFilterBrowserTest : public ContentBrowserTest { | 50 class RenderFrameMessageFilterBrowserTest : public ContentBrowserTest { |
45 protected: | 51 protected: |
46 void SetUp() override { | 52 void SetUp() override { |
47 base::CommandLine::ForCurrentProcess()->AppendSwitch( | 53 base::CommandLine::ForCurrentProcess()->AppendSwitch( |
48 switches::kEnableExperimentalWebPlatformFeatures); | 54 switches::kEnableExperimentalWebPlatformFeatures); |
49 ContentBrowserTest::SetUp(); | 55 ContentBrowserTest::SetUp(); |
50 } | 56 } |
51 }; | 57 }; |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
183 "Where A = http://127.0.0.1/\n" | 189 "Where A = http://127.0.0.1/\n" |
184 " B = http://baz.com/", | 190 " B = http://baz.com/", |
185 v.DepictFrameTree(tab->GetFrameTree()->root())); | 191 v.DepictFrameTree(tab->GetFrameTree()->root())); |
186 | 192 |
187 RenderFrameHost* main_frame = tab->GetMainFrame(); | 193 RenderFrameHost* main_frame = tab->GetMainFrame(); |
188 RenderFrameHost* iframe = | 194 RenderFrameHost* iframe = |
189 tab->GetFrameTree()->root()->child_at(0)->current_frame_host(); | 195 tab->GetFrameTree()->root()->child_at(0)->current_frame_host(); |
190 | 196 |
191 EXPECT_NE(iframe->GetProcess(), main_frame->GetProcess()); | 197 EXPECT_NE(iframe->GetProcess(), main_frame->GetProcess()); |
192 | 198 |
193 // Try to get cross-site cookies from the subframe's process and wait for it | |
194 // to be killed. | |
195 std::string response; | |
196 FrameHostMsg_GetCookies illegal_get_cookies( | |
197 iframe->GetRoutingID(), GURL("http://127.0.0.1/"), | |
198 GURL("http://127.0.0.1/"), &response); | |
199 | |
200 RenderProcessHostWatcher iframe_killed( | 199 RenderProcessHostWatcher iframe_killed( |
201 iframe->GetProcess(), RenderProcessHostWatcher::WATCH_FOR_PROCESS_EXIT); | 200 iframe->GetProcess(), RenderProcessHostWatcher::WATCH_FOR_PROCESS_EXIT); |
202 | 201 |
203 IPC::IpcSecurityTestUtil::PwnMessageReceived( | 202 // Try to get cross-site cookies from the subframe's process and wait for it |
204 iframe->GetProcess()->GetChannel(), illegal_get_cookies); | 203 // to be killed. |
| 204 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO)->PostTask( |
| 205 FROM_HERE, |
| 206 base::Bind([] (RenderFrameHost* frame) { |
| 207 GetFilterForProcess(frame->GetProcess())->GetCookies( |
| 208 frame->GetRoutingID(), GURL("http://127.0.0.1/"), |
| 209 GURL("http://127.0.0.1/"), base::Bind([] (mojo::String) {})); |
| 210 }, iframe)); |
205 | 211 |
206 iframe_killed.Wait(); | 212 iframe_killed.Wait(); |
207 | 213 |
208 EXPECT_EQ( | 214 EXPECT_EQ( |
209 " Site A ------------ proxies for B\n" | 215 " Site A ------------ proxies for B\n" |
210 " +--Site B ------- proxies for A\n" | 216 " +--Site B ------- proxies for A\n" |
211 "Where A = http://127.0.0.1/\n" | 217 "Where A = http://127.0.0.1/\n" |
212 " B = http://baz.com/ (no process)", | 218 " B = http://baz.com/ (no process)", |
213 v.DepictFrameTree(tab->GetFrameTree()->root())); | 219 v.DepictFrameTree(tab->GetFrameTree()->root())); |
214 | 220 |
215 // Now set a cross-site cookie from the main frame's process and wait for it | 221 // Now set a cross-site cookie from the main frame's process and wait for it |
216 // to be killed. | 222 // to be killed. |
217 RenderProcessHostWatcher main_frame_killed( | 223 RenderProcessHostWatcher main_frame_killed( |
218 tab->GetMainFrame()->GetProcess(), | 224 tab->GetMainFrame()->GetProcess(), |
219 RenderProcessHostWatcher::WATCH_FOR_PROCESS_EXIT); | 225 RenderProcessHostWatcher::WATCH_FOR_PROCESS_EXIT); |
220 | 226 |
221 RenderProcessHostImpl* process = | |
222 static_cast<RenderProcessHostImpl*>(tab->GetMainFrame()->GetProcess()); | |
223 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO)->PostTask( | 227 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO)->PostTask( |
224 FROM_HERE, | 228 FROM_HERE, |
225 base::Bind( | 229 base::Bind([] (RenderFrameHost* frame) { |
226 &mojom::RenderFrameMessageFilter::SetCookie, | 230 GetFilterForProcess(frame->GetProcess())->SetCookie( |
227 base::Unretained(process->render_frame_message_filter_for_testing()), | 231 frame->GetRoutingID(), GURL("https://baz.com/"), |
228 tab->GetMainFrame()->GetRoutingID(), GURL("https://baz.com/"), | 232 GURL("https://baz.com/"), "pwn=ed"); |
229 GURL("https://baz.com/"), "pwn=ed")); | 233 }, main_frame)); |
230 | 234 |
231 main_frame_killed.Wait(); | 235 main_frame_killed.Wait(); |
232 | 236 |
233 EXPECT_EQ( | 237 EXPECT_EQ( |
234 " Site A\n" | 238 " Site A\n" |
235 "Where A = http://127.0.0.1/ (no process)", | 239 "Where A = http://127.0.0.1/ (no process)", |
236 v.DepictFrameTree(tab->GetFrameTree()->root())); | 240 v.DepictFrameTree(tab->GetFrameTree()->root())); |
237 } | 241 } |
238 | 242 |
239 // FrameHostMsg_RenderProcessGone is a synthetic message that's really an | 243 // FrameHostMsg_RenderProcessGone is a synthetic message that's really an |
(...skipping 22 matching lines...) Expand all Loading... |
262 // If the message had gone through, we'd have marked the RFH as dead but | 266 // If the message had gone through, we'd have marked the RFH as dead but |
263 // left the RPH and its connection alive, and the Wait below would hang. | 267 // left the RPH and its connection alive, and the Wait below would hang. |
264 web_process_killed.Wait(); | 268 web_process_killed.Wait(); |
265 | 269 |
266 ASSERT_FALSE(web_rfh->GetProcess()->HasConnection()); | 270 ASSERT_FALSE(web_rfh->GetProcess()->HasConnection()); |
267 ASSERT_FALSE(web_rfh->IsRenderFrameLive()); | 271 ASSERT_FALSE(web_rfh->IsRenderFrameLive()); |
268 ASSERT_FALSE(web_process_killed.did_exit_normally()); | 272 ASSERT_FALSE(web_process_killed.did_exit_normally()); |
269 } | 273 } |
270 | 274 |
271 } // namespace content | 275 } // namespace content |
OLD | NEW |