OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/macros.h" | 5 #include "base/macros.h" |
6 #include "build/build_config.h" | 6 #include "build/build_config.h" |
7 #include "content/browser/frame_host/frame_tree.h" | 7 #include "content/browser/frame_host/frame_tree.h" |
8 #include "content/browser/frame_host/frame_tree_node.h" | 8 #include "content/browser/frame_host/frame_tree_node.h" |
9 #include "content/browser/renderer_host/render_view_host_impl.h" | 9 #include "content/browser/renderer_host/render_view_host_impl.h" |
10 #include "content/browser/web_contents/web_contents_impl.h" | 10 #include "content/browser/web_contents/web_contents_impl.h" |
11 #include "content/public/browser/notification_service.h" | 11 #include "content/public/browser/notification_service.h" |
12 #include "content/public/browser/notification_types.h" | 12 #include "content/public/browser/notification_types.h" |
| 13 #include "content/public/common/content_switches.h" |
13 #include "content/public/common/url_constants.h" | 14 #include "content/public/common/url_constants.h" |
14 #include "content/public/test/browser_test_utils.h" | 15 #include "content/public/test/browser_test_utils.h" |
15 #include "content/public/test/content_browser_test.h" | 16 #include "content/public/test/content_browser_test.h" |
16 #include "content/public/test/content_browser_test_utils.h" | 17 #include "content/public/test/content_browser_test_utils.h" |
17 #include "content/public/test/test_navigation_observer.h" | 18 #include "content/public/test/test_navigation_observer.h" |
18 #include "content/public/test/test_utils.h" | 19 #include "content/public/test/test_utils.h" |
19 #include "content/shell/browser/shell.h" | 20 #include "content/shell/browser/shell.h" |
| 21 #include "content/shell/common/shell_switches.h" |
20 #include "content/test/content_browser_test_utils_internal.h" | 22 #include "content/test/content_browser_test_utils_internal.h" |
21 #include "content/test/test_frame_navigation_observer.h" | 23 #include "content/test/test_frame_navigation_observer.h" |
22 #include "net/dns/mock_host_resolver.h" | 24 #include "net/dns/mock_host_resolver.h" |
23 #include "net/test/embedded_test_server/embedded_test_server.h" | 25 #include "net/test/embedded_test_server/embedded_test_server.h" |
24 #include "third_party/WebKit/public/web/WebSandboxFlags.h" | 26 #include "third_party/WebKit/public/web/WebSandboxFlags.h" |
25 #include "url/url_constants.h" | 27 #include "url/url_constants.h" |
26 | 28 |
27 // For fine-grained suppression on flaky tests. | 29 // For fine-grained suppression on flaky tests. |
28 #if defined(OS_WIN) | 30 #if defined(OS_WIN) |
29 #include "base/win/windows_version.h" | 31 #include "base/win/windows_version.h" |
30 #endif | 32 #endif |
31 | 33 |
32 namespace content { | 34 namespace content { |
33 | 35 |
| 36 namespace { |
| 37 |
| 38 std::string GetOriginFromRenderer(FrameTreeNode* node) { |
| 39 std::string origin; |
| 40 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 41 node, "window.domAutomationController.send(document.origin);", &origin)); |
| 42 return origin; |
| 43 } |
| 44 |
| 45 } // namespace |
| 46 |
34 class FrameTreeBrowserTest : public ContentBrowserTest { | 47 class FrameTreeBrowserTest : public ContentBrowserTest { |
35 public: | 48 public: |
36 FrameTreeBrowserTest() {} | 49 FrameTreeBrowserTest() {} |
37 | 50 |
38 void SetUpOnMainThread() override { | 51 void SetUpOnMainThread() override { |
39 host_resolver()->AddRule("*", "127.0.0.1"); | 52 host_resolver()->AddRule("*", "127.0.0.1"); |
40 ASSERT_TRUE(embedded_test_server()->Start()); | 53 ASSERT_TRUE(embedded_test_server()->Start()); |
41 SetupCrossSiteRedirector(embedded_test_server()); | 54 SetupCrossSiteRedirector(embedded_test_server()); |
42 } | 55 } |
43 | 56 |
44 protected: | |
45 std::string GetOriginFromRenderer(FrameTreeNode* node) { | |
46 std::string origin; | |
47 EXPECT_TRUE(ExecuteScriptAndExtractString( | |
48 node, "window.domAutomationController.send(document.origin);", | |
49 &origin)); | |
50 return origin; | |
51 } | |
52 | |
53 private: | 57 private: |
54 DISALLOW_COPY_AND_ASSIGN(FrameTreeBrowserTest); | 58 DISALLOW_COPY_AND_ASSIGN(FrameTreeBrowserTest); |
55 }; | 59 }; |
56 | 60 |
57 // Ensures FrameTree correctly reflects page structure during navigations. | 61 // Ensures FrameTree correctly reflects page structure during navigations. |
58 IN_PROC_BROWSER_TEST_F(FrameTreeBrowserTest, FrameTreeShape) { | 62 IN_PROC_BROWSER_TEST_F(FrameTreeBrowserTest, FrameTreeShape) { |
59 GURL base_url = embedded_test_server()->GetURL("A.com", "/site_isolation/"); | 63 GURL base_url = embedded_test_server()->GetURL("A.com", "/site_isolation/"); |
60 | 64 |
61 // Load doc without iframes. Verify FrameTree just has root. | 65 // Load doc without iframes. Verify FrameTree just has root. |
62 // Frame tree: | 66 // Frame tree: |
(...skipping 621 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
684 main_url.GetOrigin().spec()); | 688 main_url.GetOrigin().spec()); |
685 | 689 |
686 GURL data_url("data:text/html,foo"); | 690 GURL data_url("data:text/html,foo"); |
687 NavigateFrameToURL(root->child_at(1), data_url); | 691 NavigateFrameToURL(root->child_at(1), data_url); |
688 | 692 |
689 // Navigating to a data URL should set a unique origin. This is represented | 693 // Navigating to a data URL should set a unique origin. This is represented |
690 // as "null" per RFC 6454. | 694 // as "null" per RFC 6454. |
691 EXPECT_EQ(root->child_at(1)->current_origin().Serialize(), "null"); | 695 EXPECT_EQ(root->child_at(1)->current_origin().Serialize(), "null"); |
692 } | 696 } |
693 | 697 |
| 698 // FrameTreeBrowserTest variant where we isolate http://*.is, Iceland's top |
| 699 // level domain. This is an analogue to --isolate-extensions that we use inside |
| 700 // of content_browsertests, where extensions don't exist. Iceland, like an |
| 701 // extension process, is a special place with magical powers; we want to protect |
| 702 // it from outsiders. |
| 703 class IsolateIcelandFrameTreeBrowserTest : public ContentBrowserTest { |
| 704 public: |
| 705 IsolateIcelandFrameTreeBrowserTest() {} |
| 706 |
| 707 void SetUpCommandLine(base::CommandLine* command_line) override { |
| 708 command_line->AppendSwitchASCII(switches::kIsolateSitesForTesting, "*.is"); |
| 709 } |
| 710 |
| 711 void SetUpOnMainThread() override { |
| 712 host_resolver()->AddRule("*", "127.0.0.1"); |
| 713 ASSERT_TRUE(embedded_test_server()->Start()); |
| 714 SetupCrossSiteRedirector(embedded_test_server()); |
| 715 } |
| 716 |
| 717 private: |
| 718 DISALLOW_COPY_AND_ASSIGN(IsolateIcelandFrameTreeBrowserTest); |
| 719 }; |
| 720 |
| 721 // Regression test for https://crbug.com/644966 |
| 722 IN_PROC_BROWSER_TEST_F(IsolateIcelandFrameTreeBrowserTest, |
| 723 ProcessSwitchForIsolatedBlob) { |
| 724 // blink suppresses navigations to blob URLs of origins different from the |
| 725 // frame initiating the navigation. We disable those checks for this test, to |
| 726 // test what happens in a compromise scenario. |
| 727 base::CommandLine::ForCurrentProcess()->AppendSwitch( |
| 728 switches::kDisableWebSecurity); |
| 729 |
| 730 // Set up an iframe. |
| 731 WebContents* contents = shell()->web_contents(); |
| 732 FrameTreeNode* root = |
| 733 static_cast<WebContentsImpl*>(contents)->GetFrameTree()->root(); |
| 734 GURL main_url(embedded_test_server()->GetURL( |
| 735 "a.com", "/cross_site_iframe_factory.html?a(b)")); |
| 736 EXPECT_TRUE(NavigateToURL(shell(), main_url)); |
| 737 |
| 738 // The navigation targets an invalid blob url; that's intentional to trigger |
| 739 // an error response. The response should commit in a process dedicated to |
| 740 // http://b.is. |
| 741 std::string result; |
| 742 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 743 root, |
| 744 "var iframe_element = document.getElementsByTagName('iframe')[0];" |
| 745 "iframe_element.onload = () => {" |
| 746 " domAutomationController.send('done');" |
| 747 "};" |
| 748 "iframe_element.src = 'blob:http://b.is:2932/';", |
| 749 &result)); |
| 750 WaitForLoadStop(contents); |
| 751 |
| 752 // Make sure we did a process transfer back to "b.is". |
| 753 EXPECT_EQ( |
| 754 " Site A ------------ proxies for B\n" |
| 755 " +--Site B ------- proxies for A\n" |
| 756 "Where A = http://a.com/\n" |
| 757 " B = http://b.is/", |
| 758 FrameTreeVisualizer().DepictFrameTree(root)); |
| 759 } |
| 760 |
694 } // namespace content | 761 } // namespace content |
OLD | NEW |