| Index: content/test/data/cross_site_document_request.html
|
| diff --git a/content/test/data/cross_site_document_request.html b/content/test/data/cross_site_document_request.html
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..7bd949f9e5b63ea8d1595799ad9c031e76e601d5
|
| --- /dev/null
|
| +++ b/content/test/data/cross_site_document_request.html
|
| @@ -0,0 +1,81 @@
|
| +<html>
|
| +<head>
|
| +</head>
|
| +<body>
|
| +This test shows that cross-site documents are blocked by SiteIsolationPolicy
|
| +even if the Same Origin Policy is turned off in the renderer. The Same Origin
|
| +Policy can be circumvented when the renderer is compromised, but we have
|
| +SiteIsolationPolicy that blocks cross-site documents at the IPC layer. For now
|
| +cross-site document blocking by SiteIsolationPolicy is done in the renderer, but
|
| +our ultimate plan is to do that in the browser process.
|
| +
|
| +<script>
|
| +var xhrStatus = -1;
|
| +var pathPrefix = "http://bar.com/files/site_isolation/";
|
| +
|
| +// We only block cross-site documents with a blacklisted mime type(text/html,
|
| +// text/xml, application/json), that are correctly sniffed as the content type
|
| +// that they claim to be. We also block text/plain documents when their body
|
| +// looks like one of the blacklisted content types.
|
| +
|
| +var blockedResourceUrls = ['valid.html', 'comment_valid.html', 'valid.xml',
|
| +'valid.json', 'html.txt', 'xml.txt', 'json.txt'];
|
| +
|
| +var nonBlockedResourceUrls = ['js.html', 'comment_js.html', 'js.xml', 'js.json',
|
| +'js.txt', 'img.html', 'img.xml', 'img.json', 'img.txt', 'comment_js.html'];
|
| +
|
| +var resourceUrls = blockedResourceUrls.concat(nonBlockedResourceUrls);
|
| +
|
| +var failed = false;
|
| +function sendRequest(resourceUrl) {
|
| + var xhr = new XMLHttpRequest();
|
| + xhr.onreadystatechange = function() {
|
| + if (xhr.readyState == 4) {
|
| + var prefix = "";
|
| + if ((blockedResourceUrls.indexOf(resourceUrl) != -1 &&
|
| + xhr.responseText != " ") ||
|
| + (nonBlockedResourceUrls.indexOf(resourceUrl) != -1 &&
|
| + xhr.responseText == " ")) {
|
| + // Test failed. Either a resource that should have been blocked is not
|
| + // blocked, or a resource that should have not been blocked is blocked.
|
| + domAutomationController.setAutomationId(0);
|
| + domAutomationController.send(0);
|
| + if (blockedResourceUrls.indexOf(resourceUrl) != -1) {
|
| + prefix = "[ERROR:resource to be blocked wasn't blocked]";
|
| + } else {
|
| + prefix = "[ERROR:resource to be unblocked was blocked]";
|
| + }
|
| + }
|
| + document.getElementById("response_body").value +=
|
| + ("\n" + prefix + "response to " + resourceUrl + "(" +
|
| + xhr.getResponseHeader("content-type") + ") " +
|
| + (xhr.responseText == " " ? "blocked" : "not-blocked"));
|
| + drive();
|
| + }
|
| + }
|
| + xhr.open('GET', pathPrefix + resourceUrl);
|
| + xhr.send();
|
| +}
|
| +
|
| +var cnt = 0;
|
| +function drive() {
|
| + if (cnt < resourceUrls.length) {
|
| + sendRequest(resourceUrls[cnt]);
|
| + ++cnt;
|
| + } else {
|
| + // All the test cases are successfully passed.
|
| + domAutomationController.setAutomationId(0);
|
| + domAutomationController.send(1);
|
| + }
|
| +}
|
| +
|
| +window.onload = function() {
|
| + // The call to pushState with another domain will succeed, since the
|
| + // test uses --disable-web-security.
|
| + history.pushState('', '', 'http://bar.com/files/main.html');
|
| + drive();
|
| +}
|
| +</script>
|
| +<textarea rows=20 cols=50 id='response_body'></textarea>
|
| +</body>
|
| +</html>
|
|
|
Chromium Code Reviews
Issue 22254005:
UMA data collector for cross-site documents(XSD) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@lkgr