| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/navigation_controller_impl.h" | 5 #include "content/browser/frame_host/navigation_controller_impl.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 #include "content/public/test/content_browser_test_utils.h" | 36 #include "content/public/test/content_browser_test_utils.h" |
| 37 #include "content/public/test/test_navigation_observer.h" | 37 #include "content/public/test/test_navigation_observer.h" |
| 38 #include "content/public/test/test_utils.h" | 38 #include "content/public/test/test_utils.h" |
| 39 #include "content/shell/browser/shell.h" | 39 #include "content/shell/browser/shell.h" |
| 40 #include "content/shell/common/shell_switches.h" | 40 #include "content/shell/common/shell_switches.h" |
| 41 #include "content/test/content_browser_test_utils_internal.h" | 41 #include "content/test/content_browser_test_utils_internal.h" |
| 42 #include "content/test/test_frame_navigation_observer.h" | 42 #include "content/test/test_frame_navigation_observer.h" |
| 43 #include "net/dns/mock_host_resolver.h" | 43 #include "net/dns/mock_host_resolver.h" |
| 44 #include "net/test/embedded_test_server/embedded_test_server.h" | 44 #include "net/test/embedded_test_server/embedded_test_server.h" |
| 45 #include "net/test/url_request/url_request_failed_job.h" | 45 #include "net/test/url_request/url_request_failed_job.h" |
| 46 #include "testing/gmock/include/gmock/gmock-matchers.h" |
| 46 | 47 |
| 47 namespace { | 48 namespace { |
| 48 | 49 |
| 49 static std::string kAddNamedFrameScript = | 50 static std::string kAddNamedFrameScript = |
| 50 "var f = document.createElement('iframe');" | 51 "var f = document.createElement('iframe');" |
| 51 "f.name = 'foo-frame-name';" | 52 "f.name = 'foo-frame-name';" |
| 52 "document.body.appendChild(f);"; | 53 "document.body.appendChild(f);"; |
| 53 static std::string kAddFrameScript = | 54 static std::string kAddFrameScript = |
| 54 "var f = document.createElement('iframe');" | 55 "var f = document.createElement('iframe');" |
| 55 "document.body.appendChild(f);"; | 56 "document.body.appendChild(f);"; |
| 56 static std::string kRemoveFrameScript = | 57 static std::string kRemoveFrameScript = |
| 57 "var f = document.querySelector('iframe');" | 58 "var f = document.querySelector('iframe');" |
| 58 "f.parentNode.removeChild(f);"; | 59 "f.parentNode.removeChild(f);"; |
| 59 | 60 |
| 60 } // namespace | 61 } // namespace |
| 61 | 62 |
| 62 namespace content { | 63 namespace content { |
| 63 | 64 |
| 64 class NavigationControllerBrowserTest : public ContentBrowserTest { | 65 class NavigationControllerBrowserTest : public ContentBrowserTest { |
| 65 protected: | 66 protected: |
| 66 void SetUpOnMainThread() override { | 67 void SetUpOnMainThread() override { |
| 67 host_resolver()->AddRule("*", "127.0.0.1"); | 68 host_resolver()->AddRule("*", "127.0.0.1"); |
| 68 ASSERT_TRUE(embedded_test_server()->Start()); | 69 ASSERT_TRUE(embedded_test_server()->Start()); |
| 70 content::SetupCrossSiteRedirector(embedded_test_server()); |
| 69 } | 71 } |
| 70 }; | 72 }; |
| 71 | 73 |
| 72 // Ensure that tests can navigate subframes cross-site in both default mode and | 74 // Ensure that tests can navigate subframes cross-site in both default mode and |
| 73 // --site-per-process, but that they only go cross-process in the latter. | 75 // --site-per-process, but that they only go cross-process in the latter. |
| 74 IN_PROC_BROWSER_TEST_F(NavigationControllerBrowserTest, LoadCrossSiteSubframe) { | 76 IN_PROC_BROWSER_TEST_F(NavigationControllerBrowserTest, LoadCrossSiteSubframe) { |
| 75 // Load a main frame with a subframe. | 77 // Load a main frame with a subframe. |
| 76 GURL main_url(embedded_test_server()->GetURL( | 78 GURL main_url(embedded_test_server()->GetURL( |
| 77 "/navigation_controller/page_with_iframe.html")); | 79 "/navigation_controller/page_with_iframe.html")); |
| 78 NavigateToURL(shell(), main_url); | 80 NavigateToURL(shell(), main_url); |
| (...skipping 5682 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5761 } | 5763 } |
| 5762 | 5764 |
| 5763 // Verify the expected origin through JavaScript. It also has the additional | 5765 // Verify the expected origin through JavaScript. It also has the additional |
| 5764 // verification of the process also being still alive. | 5766 // verification of the process also being still alive. |
| 5765 std::string origin; | 5767 std::string origin; |
| 5766 EXPECT_TRUE(ExecuteScriptAndExtractString( | 5768 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 5767 web_contents, "domAutomationController.send(document.origin)", &origin)); | 5769 web_contents, "domAutomationController.send(document.origin)", &origin)); |
| 5768 EXPECT_EQ(start_url.GetOrigin().spec(), origin + "/"); | 5770 EXPECT_EQ(start_url.GetOrigin().spec(), origin + "/"); |
| 5769 } | 5771 } |
| 5770 | 5772 |
| 5773 // Test that verifies that Referer and Origin http headers are correctly sent |
| 5774 // to the final destination of a cross-site POST with a few redirects thrown in. |
| 5775 // This test is somewhat related to https://crbug.com/635400. |
| 5776 IN_PROC_BROWSER_TEST_F(NavigationControllerBrowserTest, |
| 5777 RefererAndOriginHeadersAfterRedirects) { |
| 5778 // Navigate to the page with form that posts via 307 redirection to |
| 5779 // |redirect_target_url| (cross-site from |form_url|). Using 307 (rather than |
| 5780 // 302) redirection is important to preserve the HTTP method and POST body. |
| 5781 GURL form_url(embedded_test_server()->GetURL( |
| 5782 "a.com", "/form_that_posts_cross_site.html")); |
| 5783 GURL redirect_target_url(embedded_test_server()->GetURL("x.com", "/echoall")); |
| 5784 EXPECT_TRUE(NavigateToURL(shell(), form_url)); |
| 5785 |
| 5786 // Submit the form. The page submitting the form is at 0, and will |
| 5787 // go through 307 redirects from 1 -> 2 and 2 -> 3: |
| 5788 // 0. http://a.com:.../form_that_posts_cross_site.html |
| 5789 // 1. http://a.com:.../cross-site-307/i.com/cross-site-307/x.com/echoall |
| 5790 // 2. http://i.com:.../cross-site-307/x.com/echoall |
| 5791 // 3. http://x.com:.../echoall/ |
| 5792 TestNavigationObserver form_post_observer(shell()->web_contents(), 1); |
| 5793 EXPECT_TRUE( |
| 5794 ExecuteScript(shell(), "document.getElementById('text-form').submit();")); |
| 5795 form_post_observer.Wait(); |
| 5796 |
| 5797 // Verify that we arrived at the expected, redirected location. |
| 5798 EXPECT_EQ(redirect_target_url, |
| 5799 shell()->web_contents()->GetLastCommittedURL()); |
| 5800 |
| 5801 // Get the http request headers. |
| 5802 std::string headers; |
| 5803 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 5804 shell(), |
| 5805 "window.domAutomationController.send(" |
| 5806 "document.getElementsByTagName('pre')[1].innerText);", |
| 5807 &headers)); |
| 5808 |
| 5809 // Verify the Origin and Referer headers. |
| 5810 EXPECT_THAT(headers, ::testing::HasSubstr("Origin: null")); |
| 5811 EXPECT_THAT(headers, |
| 5812 ::testing::ContainsRegex( |
| 5813 "Referer: http://a.com:.*/form_that_posts_cross_site.html")); |
| 5814 } |
| 5815 |
| 5771 } // namespace content | 5816 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2230103003:
Propagate Origin header via CreateURLRequestForNavigation. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master