Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(248)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp

Issue 2254533002: [FeaturePolicy] Initial implementation of Feature Policy (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@fp-flag
Patch Set: Addressing nits Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp ('k') | third_party/WebKit/Source/platform/network/HTTPNames.in » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "platform/feature_policy/FeaturePolicy.h"
6
7 #include "platform/RuntimeEnabledFeatures.h"
8 #include "testing/gtest/include/gtest/gtest.h"
9
10 // Origin strings used for tests
11 #define ORIGIN_A "https://example.com/"
12 #define ORIGIN_B "https://example.net/"
13 #define ORIGIN_C "https://example.org/"
14
15 namespace blink {
16
17 namespace {
18
19 const char* kValidPolicies[] = {
20 "{\"feature\": []}",
21 "{\"feature\": [\"self\"]}",
22 "{\"feature\": [\"*\"]}",
23 "{\"feature\": [\"" ORIGIN_A "\"]}",
24 "{\"feature\": [\"" ORIGIN_B "\"]}",
25 "{\"feature\": [\"" ORIGIN_A "\", \"" ORIGIN_B "\"]}",
26 "{\"feature1\": [\"" ORIGIN_A "\"], \"feature2\": [\"self\"]}",
27 "{\"feature1\": [\"" ORIGIN_A "\"]}, {\"feature2\": [\"self\"]}"};
28
29 const char* kInvalidPolicies[] = {
30 "Not A JSON literal",
31 "\"Not a JSON object\"",
32 "[\"Also\", \"Not a JSON object\"]",
33 "1.0",
34 "{\"Whitelist\": \"Not a JSON array\"}",
35 "{\"feature1\": [\"*\"], \"feature2\": \"Not an array\"}"};
36
37 // This is an example of a feature which should be enabled by default in all
38 // frames.
39 const FeaturePolicy::Feature kDefaultOnFeature{
40 "default-on", FeaturePolicy::FeatureDefault::EnableForAll};
41
42 // This is an example of a feature which should be enabled in top-level frames,
43 // and same-origin child-frames, but must be delegated to all cross-origin
44 // frames explicitly.
45 const FeaturePolicy::Feature kDefaultSelfFeature{
46 "default-self", FeaturePolicy::FeatureDefault::EnableForSelf};
47
48 // This is an example of a feature which should be disabled by default, both in
49 // top-level and nested frames.
50 const FeaturePolicy::Feature kDefaultOffFeature{
51 "default-off", FeaturePolicy::FeatureDefault::DisableForAll};
52
53 } // namespace
54
55 class FeaturePolicyTest : public ::testing::Test {
56 protected:
57 FeaturePolicyTest()
58 : m_frameworkWasEnabled(RuntimeEnabledFeatures::featurePolicyEnabled()),
59 m_featureList(
60 {&kDefaultOnFeature, &kDefaultSelfFeature, &kDefaultOffFeature}) {
61 RuntimeEnabledFeatures::setFeaturePolicyEnabled(true);
62 }
63
64 ~FeaturePolicyTest() {
65 RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled);
66 }
67
68 std::unique_ptr<FeaturePolicy> createFromParentPolicy(
69 const FeaturePolicy* parent,
70 RefPtr<SecurityOrigin> origin) {
71 return FeaturePolicy::createFromParentPolicy(parent, origin, m_featureList);
72 }
73
74 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A);
75 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B);
76 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C);
77
78 private:
79 const bool m_frameworkWasEnabled;
80
81 // Contains the list of controlled features, so that we are guaranteed to
82 // have at least one of each kind of default behaviour represented.
83 FeaturePolicy::FeatureList m_featureList;
84 };
85
86 TEST_F(FeaturePolicyTest, ParseValidPolicy) {
87 Vector<String> messages;
88 for (const char* policyString : kValidPolicies) {
89 messages.clear();
90 std::unique_ptr<FeaturePolicy> policy =
91 createFromParentPolicy(nullptr, m_originA);
92 policy->setHeaderPolicy(policyString, messages);
93 EXPECT_EQ(0UL, messages.size());
94 }
95 }
96
97 TEST_F(FeaturePolicyTest, ParseInvalidPolicy) {
98 Vector<String> messages;
99 for (const char* policyString : kInvalidPolicies) {
100 messages.clear();
101 std::unique_ptr<FeaturePolicy> policy =
102 createFromParentPolicy(nullptr, m_originA);
103 policy->setHeaderPolicy(policyString, messages);
104 EXPECT_NE(0UL, messages.size());
105 }
106 }
107
108 TEST_F(FeaturePolicyTest, TestInitialPolicy) {
109 // +-------------+
110 // |(1)Origin A |
111 // |No Policy |
112 // +-------------+
113 // Default-on and top-level-only features should be enabled in top-level
114 // frame. Default-off features should be disabled.
115 std::unique_ptr<FeaturePolicy> policy1 =
116 createFromParentPolicy(nullptr, m_originA);
117 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
118 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
119 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature));
120 }
121
122 TEST_F(FeaturePolicyTest, TestInitialSameOriginChildPolicy) {
123 // +-----------------+
124 // |(1)Origin A |
125 // |No Policy |
126 // | +-------------+ |
127 // | |(2)Origin A | |
128 // | |No Policy | |
129 // | +-------------+ |
130 // +-----------------+
131 // Default-on and Default-self features should be enabled in a same-origin
132 // child frame. Default-off features should be disabled.
133 std::unique_ptr<FeaturePolicy> policy1 =
134 createFromParentPolicy(nullptr, m_originA);
135 std::unique_ptr<FeaturePolicy> policy2 =
136 createFromParentPolicy(policy1.get(), m_originA);
137 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
138 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
139 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature));
140 }
141
142 TEST_F(FeaturePolicyTest, TestInitialCrossOriginChildPolicy) {
143 // +-----------------+
144 // |(1)Origin A |
145 // |No Policy |
146 // | +-------------+ |
147 // | |(2)Origin B | |
148 // | |No Policy | |
149 // | +-------------+ |
150 // +-----------------+
151 // Default-on features should be enabled in child frame. Default-self and
152 // Default-off features should be disabled.
153 std::unique_ptr<FeaturePolicy> policy1 =
154 createFromParentPolicy(nullptr, m_originA);
155 std::unique_ptr<FeaturePolicy> policy2 =
156 createFromParentPolicy(policy1.get(), m_originB);
157 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
158 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
159 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature));
160 }
161
162 TEST_F(FeaturePolicyTest, TestCrossOriginChildCannotEnableFeature) {
163 // +---------------------------------------+
164 // |(1) Origin A |
165 // |No Policy |
166 // | +-----------------------------------+ |
167 // | |(2) Origin B | |
168 // | |Policy: {"default-self": ["self"]} | |
169 // | +-----------------------------------+ |
170 // +---------------------------------------+
171 // Default-self feature should be disabled in cross origin frame, even if no
172 // policy was specified in the parent frame.
173 Vector<String> messages;
174 std::unique_ptr<FeaturePolicy> policy1 =
175 createFromParentPolicy(nullptr, m_originA);
176 std::unique_ptr<FeaturePolicy> policy2 =
177 createFromParentPolicy(policy1.get(), m_originB);
178 policy2->setHeaderPolicy("{\"default-self\": [\"self\"]}", messages);
179 EXPECT_EQ(0UL, messages.size());
180 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
181 }
182
183 TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) {
184 // +------------------------------------------+
185 // |(1) Origin A |
186 // |Policy: {"default-self": ["self"]} |
187 // | +-----------------+ +-----------------+ |
188 // | |(2) Origin A | |(4) Origin B | |
189 // | |No Policy | |No Policy | |
190 // | | +-------------+ | | +-------------+ | |
191 // | | |(3)Origin A | | | |(5)Origin B | | |
192 // | | |No Policy | | | |No Policy | | |
193 // | | +-------------+ | | +-------------+ | |
194 // | +-----------------+ +-----------------+ |
195 // +------------------------------------------+
196 // Feature should be enabled at the top-level, and through the chain of
197 // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as
198 // they are at a different origin.
199 Vector<String> messages;
200 std::unique_ptr<FeaturePolicy> policy1 =
201 createFromParentPolicy(nullptr, m_originA);
202 policy1->setHeaderPolicy("{\"default-self\": [\"self\"]}", messages);
203 EXPECT_EQ(0UL, messages.size());
204 std::unique_ptr<FeaturePolicy> policy2 =
205 createFromParentPolicy(policy1.get(), m_originA);
206 std::unique_ptr<FeaturePolicy> policy3 =
207 createFromParentPolicy(policy2.get(), m_originA);
208 std::unique_ptr<FeaturePolicy> policy4 =
209 createFromParentPolicy(policy1.get(), m_originB);
210 std::unique_ptr<FeaturePolicy> policy5 =
211 createFromParentPolicy(policy4.get(), m_originB);
212 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
213 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
214 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
215 EXPECT_FALSE(policy5->isFeatureEnabled(kDefaultSelfFeature));
216 }
217
218 TEST_F(FeaturePolicyTest, TestReflexiveFrameSelfInheritance) {
219 // +-----------------------------------+
220 // |(1) Origin A |
221 // |Policy: {"default-self": ["self"]} |
222 // | +-----------------+ |
223 // | |(2) Origin B | |
224 // | |No Policy | |
225 // | | +-------------+ | |
226 // | | |(3)Origin A | | |
227 // | | |No Policy | | |
228 // | | +-------------+ | |
229 // | +-----------------+ |
230 // +-----------------------------------+
231 // Feature which is enabled at top-level should be disabled in frame 3, as
232 // it is embedded by frame 2, for which the feature is not enabled.
233 Vector<String> messages;
234 std::unique_ptr<FeaturePolicy> policy1 =
235 createFromParentPolicy(nullptr, m_originA);
236 policy1->setHeaderPolicy("{\"default-self\": [\"self\"]}", messages);
237 EXPECT_EQ(0UL, messages.size());
238 std::unique_ptr<FeaturePolicy> policy2 =
239 createFromParentPolicy(policy1.get(), m_originB);
240 std::unique_ptr<FeaturePolicy> policy3 =
241 createFromParentPolicy(policy2.get(), m_originA);
242 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
243 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
244 }
245
246 TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) {
247 // +------------------------------------------+
248 // |(1) Origin A |
249 // |Policy: {"default-self": ["Origin B"]} |
250 // | +-----------------+ +-----------------+ |
251 // | |(2) Origin B | |(3) Origin C | |
252 // | |No Policy | |No Policy | |
253 // | | | | +-------------+ | |
254 // | | | | |(4)Origin B | | |
255 // | | | | |No Policy | | |
256 // | | | | +-------------+ | |
257 // | +-----------------+ +-----------------+ |
258 // +------------------------------------------+
259 // Feature should be enabled in second level Origin B frame, but disabled in
260 // Frame 4, because it is embedded by frame 3, where the feature is not
261 // enabled.
262 Vector<String> messages;
263 std::unique_ptr<FeaturePolicy> policy1 =
264 createFromParentPolicy(nullptr, m_originA);
265 policy1->setHeaderPolicy("{\"default-self\": [\"" ORIGIN_B "\"]}", messages);
266 EXPECT_EQ(0UL, messages.size());
267 std::unique_ptr<FeaturePolicy> policy2 =
268 createFromParentPolicy(policy1.get(), m_originB);
269 std::unique_ptr<FeaturePolicy> policy3 =
270 createFromParentPolicy(policy1.get(), m_originC);
271 std::unique_ptr<FeaturePolicy> policy4 =
272 createFromParentPolicy(policy3.get(), m_originB);
273 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
274 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
275 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
276 }
277
278 TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) {
279 // +----------------------------+
280 // |(1)Origin A |
281 // |Policy: {"default-on": []} |
282 // +----------------------------+
283 // Default-on feature should be disabled in top-level frame.
284 Vector<String> messages;
285 std::unique_ptr<FeaturePolicy> policy1 =
286 createFromParentPolicy(nullptr, m_originA);
287 policy1->setHeaderPolicy("{\"default-on\": []}", messages);
288 EXPECT_EQ(0UL, messages.size());
289 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature));
290 }
291
292 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) {
293 // +----------------------------+
294 // |(1)Origin A |
295 // |Policy: {"default-on": []} |
296 // | +-------------+ |
297 // | |(2)Origin A | |
298 // | |No Policy | |
299 // | +-------------+ |
300 // +----------------------------+
301 // Feature should be disabled in child frame.
302 Vector<String> messages;
303 std::unique_ptr<FeaturePolicy> policy1 =
304 createFromParentPolicy(nullptr, m_originA);
305 policy1->setHeaderPolicy("{\"default-on\": []}", messages);
306 EXPECT_EQ(0UL, messages.size());
307 std::unique_ptr<FeaturePolicy> policy2 =
308 createFromParentPolicy(policy1.get(), m_originA);
309 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
310 }
311
312 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) {
313 // +--------------------------------+
314 // |(1)Origin A |
315 // |No Policy |
316 // | +----------------------------+ |
317 // | |(2)Origin B | |
318 // | |Policy: {"default-on": []} | |
319 // | +----------------------------+ |
320 // +--------------------------------+
321 // Default-on feature should be disabled by cross-origin child frame.
322 Vector<String> messages;
323 std::unique_ptr<FeaturePolicy> policy1 =
324 createFromParentPolicy(nullptr, m_originA);
325 std::unique_ptr<FeaturePolicy> policy2 =
326 createFromParentPolicy(policy1.get(), m_originB);
327 policy2->setHeaderPolicy("{\"default-on\": []}", messages);
328 EXPECT_EQ(0UL, messages.size());
329 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
330 }
331
332 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) {
333 // +--------------------------------------+
334 // |(1)Origin A |
335 // |No Policy |
336 // | +----------------------------------+ |
337 // | |(2)Origin B | |
338 // | |Policy: {"default-on": ["self"]} | |
339 // | | +-------------+ | |
340 // | | |(3)Origin C | | |
341 // | | |No Policy | | |
342 // | | +-------------+ | |
343 // | +----------------------------------+ |
344 // +--------------------------------------+
345 // Default-on feature should be enabled in frames 1 and 2; disabled in frame
346 // 3 by child frame policy.
347 Vector<String> messages;
348 std::unique_ptr<FeaturePolicy> policy1 =
349 createFromParentPolicy(nullptr, m_originA);
350 std::unique_ptr<FeaturePolicy> policy2 =
351 createFromParentPolicy(policy1.get(), m_originB);
352 policy2->setHeaderPolicy("{\"default-on\": [\"self\"]}", messages);
353 EXPECT_EQ(0UL, messages.size());
354 std::unique_ptr<FeaturePolicy> policy3 =
355 createFromParentPolicy(policy2.get(), m_originC);
356 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
357 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature));
358 }
359
360 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) {
361 // +----------------------------+
362 // |(1)Origin A |
363 // |Policy: {"default-on": []} |
364 // | +-------------+ |
365 // | |(2)Origin B | |
366 // | |No Policy | |
367 // | +-------------+ |
368 // +----------------------------+
369 // Default-on feature should be disabled in cross-origin child frame.
370 Vector<String> messages;
371 std::unique_ptr<FeaturePolicy> policy1 =
372 createFromParentPolicy(nullptr, m_originA);
373 policy1->setHeaderPolicy("{\"default-on\": []}", messages);
374 EXPECT_EQ(0UL, messages.size());
375 std::unique_ptr<FeaturePolicy> policy2 =
376 createFromParentPolicy(policy1.get(), m_originB);
377 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
378 }
379
380 TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) {
381 // +--------------------------------+
382 // |(1) Origin A |
383 // |Policy: {"default-self": ["*"]} |
384 // | +-----------------+ |
385 // | |(2) Origin B | |
386 // | |No Policy | |
387 // | | +-------------+ | |
388 // | | |(3)Origin A | | |
389 // | | |No Policy | | |
390 // | | +-------------+ | |
391 // | +-----------------+ |
392 // +--------------------------------+
393 // Feature should be enabled in top and second level; disabled in frame 3.
394 Vector<String> messages;
395 std::unique_ptr<FeaturePolicy> policy1 =
396 createFromParentPolicy(nullptr, m_originA);
397 policy1->setHeaderPolicy("{\"default-self\": [\"*\"]}", messages);
398 EXPECT_EQ(0UL, messages.size());
399 std::unique_ptr<FeaturePolicy> policy2 =
400 createFromParentPolicy(policy1.get(), m_originB);
401 std::unique_ptr<FeaturePolicy> policy3 =
402 createFromParentPolicy(policy2.get(), m_originA);
403 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
404 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
405 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
406 }
407
408 TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) {
409 // +---------------------------------------+
410 // |(1) Origin A |
411 // |Policy: {"default-on": ["Origin B"]} |
412 // | +-----------------------------------+ |
413 // | |(2) Origin B | |
414 // | |No Policy | |
415 // | | +-------------+ +-------------+ | |
416 // | | |(3)Origin B | |(4)Origin C | | |
417 // | | |No Policy | |No Policy | | |
418 // | | +-------------+ +-------------+ | |
419 // | +-----------------------------------+ |
420 // +---------------------------------------+
421 // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4.
422 Vector<String> messages;
423 std::unique_ptr<FeaturePolicy> policy1 =
424 createFromParentPolicy(nullptr, m_originA);
425 policy1->setHeaderPolicy("{\"default-on\": [\"" ORIGIN_B "\"]}", messages);
426 EXPECT_EQ(0UL, messages.size());
427 std::unique_ptr<FeaturePolicy> policy2 =
428 createFromParentPolicy(policy1.get(), m_originB);
429 std::unique_ptr<FeaturePolicy> policy3 =
430 createFromParentPolicy(policy2.get(), m_originB);
431 std::unique_ptr<FeaturePolicy> policy4 =
432 createFromParentPolicy(policy2.get(), m_originC);
433 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature));
434 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
435 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature));
436 EXPECT_TRUE(policy4->isFeatureEnabled(kDefaultOnFeature));
437 }
438
439 TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) {
440 // +---------------------------------------+
441 // |(1) Origin A |
442 // |Policy: {"default-self": ["Origin B"]} |
443 // | +-----------------------------------+ |
444 // | |(2) Origin B | |
445 // | |No Policy | |
446 // | | +-------------+ +-------------+ | |
447 // | | |(3)Origin B | |(4)Origin C | | |
448 // | | |No Policy | |No Policy | | |
449 // | | +-------------+ +-------------+ | |
450 // | +-----------------------------------+ |
451 // +---------------------------------------+
452 // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3.
453 Vector<String> messages;
454 std::unique_ptr<FeaturePolicy> policy1 =
455 createFromParentPolicy(nullptr, m_originA);
456 policy1->setHeaderPolicy("{\"default-self\": [\"" ORIGIN_B "\"]}", messages);
457 EXPECT_EQ(0UL, messages.size());
458 std::unique_ptr<FeaturePolicy> policy2 =
459 createFromParentPolicy(policy1.get(), m_originB);
460 std::unique_ptr<FeaturePolicy> policy3 =
461 createFromParentPolicy(policy2.get(), m_originB);
462 std::unique_ptr<FeaturePolicy> policy4 =
463 createFromParentPolicy(policy2.get(), m_originC);
464 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultSelfFeature));
465 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
466 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
467 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
468 }
469
470 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) {
471 // +------------------------------------------------------------+
472 // |(1) Origin A |
473 // |Policy: {"default-off": ["Origin B"]} |
474 // | +--------------------------------------------------------+ |
475 // | |(2) Origin B | |
476 // | |Policy: {"default-off": ["self"]} | |
477 // | | +-------------+ +----------------------------------+ | |
478 // | | |(3)Origin B | |(4)Origin C | | |
479 // | | |No Policy | |Policy: {"default-off": ["self"]} | | |
480 // | | +-------------+ +----------------------------------+ | |
481 // | +--------------------------------------------------------+ |
482 // +------------------------------------------------------------+
483 // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only.
484 Vector<String> messages;
485 std::unique_ptr<FeaturePolicy> policy1 =
486 createFromParentPolicy(nullptr, m_originA);
487 policy1->setHeaderPolicy("{\"default-off\": [\"" ORIGIN_B "\"]}", messages);
488 EXPECT_EQ(0UL, messages.size());
489 std::unique_ptr<FeaturePolicy> policy2 =
490 createFromParentPolicy(policy1.get(), m_originB);
491 policy2->setHeaderPolicy("{\"default-off\": [\"self\"]}", messages);
492 std::unique_ptr<FeaturePolicy> policy3 =
493 createFromParentPolicy(policy2.get(), m_originB);
494 std::unique_ptr<FeaturePolicy> policy4 =
495 createFromParentPolicy(policy2.get(), m_originC);
496 policy4->setHeaderPolicy("{\"default-off\": [\"self\"]}", messages);
497 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature));
498 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOffFeature));
499 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOffFeature));
500 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOffFeature));
501 }
502
503 TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) {
504 // +------------------------------------+
505 // |(1) Origin A |
506 // |Policy: {"default-self": ["*"]} |
507 // | +--------------------------------+ |
508 // | |(2) Origin B | |
509 // | |Policy: {"default-self": ["*"]} | |
510 // | | +-------------+ | |
511 // | | |(3)Origin A | | |
512 // | | |No Policy | | |
513 // | | +-------------+ | |
514 // | +--------------------------------+ |
515 // +------------------------------------+
516 // Feature should be enabled in all frames.
517 Vector<String> messages;
518 std::unique_ptr<FeaturePolicy> policy1 =
519 createFromParentPolicy(nullptr, m_originA);
520 policy1->setHeaderPolicy("{\"default-self\": [\"*\"]}", messages);
521 EXPECT_EQ(0UL, messages.size());
522 std::unique_ptr<FeaturePolicy> policy2 =
523 createFromParentPolicy(policy1.get(), m_originB);
524 policy2->setHeaderPolicy("{\"default-self\": [\"*\"]}", messages);
525 EXPECT_EQ(0UL, messages.size());
526 std::unique_ptr<FeaturePolicy> policy3 =
527 createFromParentPolicy(policy2.get(), m_originA);
528 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
529 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
530 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
531 }
532
533 TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) {
534 // +--------------------------------------+
535 // |(1)Origin A |
536 // |Policy: {"default-self": ["self"]} |
537 // | +----------------------------------+ |
538 // | |(2)Origin B | |
539 // | |Policy: {"default-self": ["*"]} | |
540 // | | +-------------+ +-------------+ | |
541 // | | |(3)Origin A | |(4)Origin C | | |
542 // | | |No Policy | |No Policy | | |
543 // | | +-------------+ +-------------+ | |
544 // | +----------------------------------+ |
545 // +--------------------------------------+
546 // Feature should be enabled at the top level; disabled in all other frames.
547 Vector<String> messages;
548 std::unique_ptr<FeaturePolicy> policy1 =
549 createFromParentPolicy(nullptr, m_originA);
550 policy1->setHeaderPolicy("{\"default-self\": [\"self\"]}", messages);
551 EXPECT_EQ(0UL, messages.size());
552 std::unique_ptr<FeaturePolicy> policy2 =
553 createFromParentPolicy(policy1.get(), m_originB);
554 policy2->setHeaderPolicy("{\"default-self\": [\"*\"]}", messages);
555 EXPECT_EQ(0UL, messages.size());
556 std::unique_ptr<FeaturePolicy> policy3 =
557 createFromParentPolicy(policy2.get(), m_originA);
558 std::unique_ptr<FeaturePolicy> policy4 =
559 createFromParentPolicy(policy2.get(), m_originC);
560 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
561 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
562 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
563 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
564 }
565
566 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) {
567 // +---------------------------------------------------+
568 // |(1) Origin A |
569 // |Policy: {"default-self": ["self", "Origin B"]} |
570 // | +-----------------------------------------------+ |
571 // | |(2) Origin B | |
572 // | |Policy: {"default-self": ["self", "Origin C"]} | |
573 // | | +-------------+ | |
574 // | | |(3)Origin C | | |
575 // | | |No Policy | | |
576 // | | +-------------+ | |
577 // | +-----------------------------------------------+ |
578 // +---------------------------------------------------+
579 // Feature should be enabled in all frames.
580 Vector<String> messages;
581 std::unique_ptr<FeaturePolicy> policy1 =
582 createFromParentPolicy(nullptr, m_originA);
583 policy1->setHeaderPolicy("{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}",
584 messages);
585 EXPECT_EQ(0UL, messages.size());
586 std::unique_ptr<FeaturePolicy> policy2 =
587 createFromParentPolicy(policy1.get(), m_originB);
588 policy2->setHeaderPolicy("{\"default-self\": [\"self\", \"" ORIGIN_C "\"]}",
589 messages);
590 EXPECT_EQ(0UL, messages.size());
591 std::unique_ptr<FeaturePolicy> policy3 =
592 createFromParentPolicy(policy2.get(), m_originC);
593 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
594 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
595 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
596 }
597
598 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) {
599 // +-----------------------------------------------+
600 // |(1) Origin A |
601 // |Policy: {"default-on": ["self", "Origin B"]} |
602 // | +--------------------+ +--------------------+ |
603 // | |(2) Origin B | | (4) Origin C | |
604 // | |No Policy | | No Policy | |
605 // | | +-------------+ | | | |
606 // | | |(3)Origin C | | | | |
607 // | | |No Policy | | | | |
608 // | | +-------------+ | | | |
609 // | +--------------------+ +--------------------+ |
610 // +-----------------------------------------------+
611 // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4.
612 Vector<String> messages;
613 std::unique_ptr<FeaturePolicy> policy1 =
614 createFromParentPolicy(nullptr, m_originA);
615 policy1->setHeaderPolicy("{\"default-on\": [\"self\", \"" ORIGIN_B "\"]}",
616 messages);
617 EXPECT_EQ(0UL, messages.size());
618 std::unique_ptr<FeaturePolicy> policy2 =
619 createFromParentPolicy(policy1.get(), m_originB);
620 std::unique_ptr<FeaturePolicy> policy3 =
621 createFromParentPolicy(policy2.get(), m_originC);
622 std::unique_ptr<FeaturePolicy> policy4 =
623 createFromParentPolicy(policy1.get(), m_originC);
624 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
625 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
626 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature));
627 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOnFeature));
628 }
629
630 TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) {
631 // +-----------------------------------------------+
632 // |(1) Origin A |
633 // |Policy: {"default-self": ["self", "Origin B"]} |
634 // | +--------------------+ +--------------------+ |
635 // | |(2) Origin B | | (4) Origin C | |
636 // | |No Policy | | No Policy | |
637 // | | +-------------+ | | | |
638 // | | |(3)Origin C | | | | |
639 // | | |No Policy | | | | |
640 // | | +-------------+ | | | |
641 // | +--------------------+ +--------------------+ |
642 // +-----------------------------------------------+
643 // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and
644 // 4.
645 Vector<String> messages;
646 std::unique_ptr<FeaturePolicy> policy1 =
647 createFromParentPolicy(nullptr, m_originA);
648 policy1->setHeaderPolicy("{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}",
649 messages);
650 EXPECT_EQ(0UL, messages.size());
651 std::unique_ptr<FeaturePolicy> policy2 =
652 createFromParentPolicy(policy1.get(), m_originB);
653 std::unique_ptr<FeaturePolicy> policy3 =
654 createFromParentPolicy(policy2.get(), m_originC);
655 std::unique_ptr<FeaturePolicy> policy4 =
656 createFromParentPolicy(policy1.get(), m_originC);
657 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
658 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
659 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
660 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
661 }
662
663 TEST_F(FeaturePolicyTest, TestFeaturesAreIndependent) {
664 // +-----------------------------------------------+
665 // |(1) Origin A |
666 // |Policy: {"default-self": ["self", "Origin B"], |
667 // | "default-on": ["self"]} |
668 // | +-------------------------------------------+ |
669 // | |(2) Origin B | |
670 // | |Policy: {"default-self": ["*"], | |
671 // | | "default-on": ["*"]} | |
672 // | | +-------------+ | |
673 // | | |(3)Origin C | | |
674 // | | |No Policy | | |
675 // | | +-------------+ | |
676 // | +-------------------------------------------+ |
677 // +-----------------------------------------------+
678 // Vibrate feature should be enabled in all frames; Docwrite feature
679 // should be enabled in frame 1, and disabled in frames 2 and 3.
680 Vector<String> messages;
681 std::unique_ptr<FeaturePolicy> policy1 =
682 createFromParentPolicy(nullptr, m_originA);
683 policy1->setHeaderPolicy("{\"default-self\": [\"self\", \"" ORIGIN_B
684 "\"], \"default-on\": [\"self\"]}",
685 messages);
686 EXPECT_EQ(0UL, messages.size());
687 std::unique_ptr<FeaturePolicy> policy2 =
688 createFromParentPolicy(policy1.get(), m_originB);
689 policy2->setHeaderPolicy(
690 "{\"default-self\": [\"*\"], \"default-on\": [\"*\"]}", messages);
691 EXPECT_EQ(0UL, messages.size());
692 std::unique_ptr<FeaturePolicy> policy3 =
693 createFromParentPolicy(policy2.get(), m_originC);
694 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
695 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
696 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
697 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
698 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
699 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature));
700 }
701
702 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp ('k') | third_party/WebKit/Source/platform/network/HTTPNames.in » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698