OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <set> | 5 #include <set> |
6 #include <string> | 6 #include <string> |
7 | 7 |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "content/browser/child_process_security_policy_impl.h" | 9 #include "content/browser/child_process_security_policy_impl.h" |
10 #include "content/public/common/url_constants.h" | 10 #include "content/public/common/url_constants.h" |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
134 EXPECT_FALSE(p->IsWebSafeScheme(kChromeUIScheme)); | 134 EXPECT_FALSE(p->IsWebSafeScheme(kChromeUIScheme)); |
135 } | 135 } |
136 | 136 |
137 TEST_F(ChildProcessSecurityPolicyTest, IsPseudoSchemeTest) { | 137 TEST_F(ChildProcessSecurityPolicyTest, IsPseudoSchemeTest) { |
138 ChildProcessSecurityPolicyImpl* p = | 138 ChildProcessSecurityPolicyImpl* p = |
139 ChildProcessSecurityPolicyImpl::GetInstance(); | 139 ChildProcessSecurityPolicyImpl::GetInstance(); |
140 | 140 |
141 EXPECT_TRUE(p->IsPseudoScheme(url::kAboutScheme)); | 141 EXPECT_TRUE(p->IsPseudoScheme(url::kAboutScheme)); |
142 EXPECT_TRUE(p->IsPseudoScheme(url::kJavaScriptScheme)); | 142 EXPECT_TRUE(p->IsPseudoScheme(url::kJavaScriptScheme)); |
143 EXPECT_TRUE(p->IsPseudoScheme(kViewSourceScheme)); | 143 EXPECT_TRUE(p->IsPseudoScheme(kViewSourceScheme)); |
| 144 EXPECT_TRUE(p->IsPseudoScheme(kHttpSuboriginScheme)); |
| 145 EXPECT_TRUE(p->IsPseudoScheme(kHttpsSuboriginScheme)); |
144 | 146 |
145 EXPECT_FALSE(p->IsPseudoScheme("registered-pseudo-scheme")); | 147 EXPECT_FALSE(p->IsPseudoScheme("registered-pseudo-scheme")); |
146 p->RegisterPseudoScheme("registered-pseudo-scheme"); | 148 p->RegisterPseudoScheme("registered-pseudo-scheme"); |
147 EXPECT_TRUE(p->IsPseudoScheme("registered-pseudo-scheme")); | 149 EXPECT_TRUE(p->IsPseudoScheme("registered-pseudo-scheme")); |
148 | 150 |
149 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); | 151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); |
150 } | 152 } |
151 | 153 |
152 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { | 154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { |
153 ChildProcessSecurityPolicyImpl* p = | 155 ChildProcessSecurityPolicyImpl* p = |
154 ChildProcessSecurityPolicyImpl::GetInstance(); | 156 ChildProcessSecurityPolicyImpl::GetInstance(); |
155 | 157 |
156 p->Add(kRendererID); | 158 p->Add(kRendererID); |
157 | 159 |
158 // Safe to request or commit. | 160 // Safe to request or commit. |
159 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); | 161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); |
160 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); | 162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); |
161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
163 EXPECT_TRUE(p->CanRequestURL( | 165 EXPECT_TRUE(p->CanRequestURL( |
164 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
165 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); | 167 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); |
166 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); | 168 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); |
167 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 169 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
168 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 170 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
169 EXPECT_TRUE(p->CanCommitURL( | 171 EXPECT_TRUE(p->CanCommitURL( |
170 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 172 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
| 173 EXPECT_TRUE( |
| 174 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); |
| 175 EXPECT_TRUE( |
| 176 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); |
| 177 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
| 178 EXPECT_TRUE( |
| 179 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
| 180 EXPECT_TRUE(p->CanSetAsOriginHeader( |
| 181 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
171 | 182 |
172 // Dangerous to request or commit. | 183 // Dangerous to request, commit, or set as origin header. |
173 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 184 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
174 GURL("file:///etc/passwd"))); | 185 GURL("file:///etc/passwd"))); |
175 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 186 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
176 GURL("chrome://foo/bar"))); | 187 GURL("chrome://foo/bar"))); |
177 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 188 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
178 GURL("view-source:http://www.google.com/"))); | 189 GURL("view-source:http://www.google.com/"))); |
179 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 190 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
180 GURL("file:///etc/passwd"))); | 191 GURL("file:///etc/passwd"))); |
181 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 192 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
182 GURL("chrome://foo/bar"))); | 193 GURL("chrome://foo/bar"))); |
183 EXPECT_FALSE( | 194 EXPECT_FALSE( |
184 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); | 195 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); |
| 196 EXPECT_FALSE( |
| 197 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 198 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); |
| 199 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| 200 kRendererID, GURL("view-source:http://www.google.com/"))); |
185 | 201 |
186 p->Remove(kRendererID); | 202 p->Remove(kRendererID); |
187 } | 203 } |
188 | 204 |
189 TEST_F(ChildProcessSecurityPolicyTest, BlobSchemeTest) { | 205 TEST_F(ChildProcessSecurityPolicyTest, BlobSchemeTest) { |
190 ChildProcessSecurityPolicyImpl* p = | 206 ChildProcessSecurityPolicyImpl* p = |
191 ChildProcessSecurityPolicyImpl::GetInstance(); | 207 ChildProcessSecurityPolicyImpl::GetInstance(); |
192 | 208 |
193 p->Add(kRendererID); | 209 p->Add(kRendererID); |
194 | 210 |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
245 p->Add(kRendererID); | 261 p->Add(kRendererID); |
246 | 262 |
247 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); | 263 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); |
248 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); | 264 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); |
249 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); | 265 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); |
250 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); | 266 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); |
251 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); | 267 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); |
252 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); | 268 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); |
253 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); | 269 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); |
254 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); | 270 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); |
| 271 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); |
| 272 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); |
| 273 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); |
| 274 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); |
255 | 275 |
256 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 276 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
257 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); | 277 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); |
258 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); | 278 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); |
259 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); | 279 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); |
260 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 280 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
261 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); | 281 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); |
262 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); | 282 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); |
263 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); | 283 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); |
| 284 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
| 285 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); |
| 286 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); |
| 287 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); |
264 | 288 |
265 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); | 289 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); |
266 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); | 290 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); |
267 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); | 291 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); |
268 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 292 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
269 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); | 293 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); |
270 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); | 294 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); |
271 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 295 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
| 296 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
| 297 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); |
| 298 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); |
| 299 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
272 | 300 |
273 // Requests for about: pages should be denied. | 301 // Requests for about: pages should be denied. |
274 p->GrantRequestURL(kRendererID, GURL("about:crash")); | 302 p->GrantRequestURL(kRendererID, GURL("about:crash")); |
275 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 303 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
276 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 304 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
| 305 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
277 | 306 |
278 // These requests for chrome:// pages should be granted. | 307 // These requests for chrome:// pages should be granted. |
279 GURL chrome_url("chrome://foo"); | 308 GURL chrome_url("chrome://foo"); |
280 p->GrantRequestURL(kRendererID, chrome_url); | 309 p->GrantRequestURL(kRendererID, chrome_url); |
281 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); | 310 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); |
282 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); | 311 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); |
| 312 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); |
283 | 313 |
284 p->Remove(kRendererID); | 314 p->Remove(kRendererID); |
285 } | 315 } |
286 | 316 |
287 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { | 317 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { |
288 ChildProcessSecurityPolicyImpl* p = | 318 ChildProcessSecurityPolicyImpl* p = |
289 ChildProcessSecurityPolicyImpl::GetInstance(); | 319 ChildProcessSecurityPolicyImpl::GetInstance(); |
290 | 320 |
291 p->Add(kRendererID); | 321 p->Add(kRendererID); |
292 | 322 |
293 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 323 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
294 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 324 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
| 325 EXPECT_FALSE( |
| 326 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
295 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); | 327 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); |
296 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 328 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
297 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 329 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
| 330 EXPECT_FALSE( |
| 331 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
298 | 332 |
299 p->Remove(kRendererID); | 333 p->Remove(kRendererID); |
300 } | 334 } |
| 335 |
| 336 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { |
| 337 ChildProcessSecurityPolicyImpl* p = |
| 338 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 339 |
| 340 p->Add(kRendererID); |
| 341 |
| 342 // Suborigin URLs are not requestable or committable. |
| 343 EXPECT_FALSE( |
| 344 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); |
| 345 EXPECT_FALSE( |
| 346 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); |
| 347 EXPECT_FALSE( |
| 348 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); |
| 349 EXPECT_FALSE( |
| 350 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); |
| 351 |
| 352 // It's not possible to grant suborigins requestable status. |
| 353 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com")); |
| 354 EXPECT_FALSE( |
| 355 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); |
| 356 |
| 357 // Suborigin URLs are valid origin headers. |
| 358 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, |
| 359 GURL("http-so://foobar.example.com"))); |
| 360 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, |
| 361 GURL("https-so://foobar.example.com"))); |
| 362 |
| 363 p->Remove(kRendererID); |
| 364 } |
301 | 365 |
302 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { | 366 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { |
303 ChildProcessSecurityPolicyImpl* p = | 367 ChildProcessSecurityPolicyImpl* p = |
304 ChildProcessSecurityPolicyImpl::GetInstance(); | 368 ChildProcessSecurityPolicyImpl::GetInstance(); |
305 | 369 |
306 p->Add(kRendererID); | 370 p->Add(kRendererID); |
307 | 371 |
308 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be | 372 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be |
309 // requested but not committed. | 373 // requested but not committed. |
310 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 374 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
311 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 375 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 376 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
312 | 377 |
313 // Once we register "asdf", we default to deny. | 378 // Once we register "asdf", we default to deny. |
314 RegisterTestScheme("asdf"); | 379 RegisterTestScheme("asdf"); |
315 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 380 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
316 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 381 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 382 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
317 | 383 |
318 // We can allow new schemes by adding them to the whitelist. | 384 // We can allow new schemes by adding them to the whitelist. |
319 p->RegisterWebSafeScheme("asdf"); | 385 p->RegisterWebSafeScheme("asdf"); |
320 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 386 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
321 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 387 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 388 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
322 | 389 |
323 // Cleanup. | 390 // Cleanup. |
324 p->Remove(kRendererID); | 391 p->Remove(kRendererID); |
325 } | 392 } |
326 | 393 |
327 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { | 394 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { |
328 ChildProcessSecurityPolicyImpl* p = | 395 ChildProcessSecurityPolicyImpl* p = |
329 ChildProcessSecurityPolicyImpl::GetInstance(); | 396 ChildProcessSecurityPolicyImpl::GetInstance(); |
330 | 397 |
331 p->Add(kRendererID); | 398 p->Add(kRendererID); |
332 | 399 |
333 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 400 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
334 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 401 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 402 EXPECT_FALSE( |
| 403 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
335 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); | 404 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); |
336 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 405 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
337 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 406 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 407 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
338 | 408 |
339 // We should forget our state if we repeat a renderer id. | 409 // We should forget our state if we repeat a renderer id. |
340 p->Remove(kRendererID); | 410 p->Remove(kRendererID); |
341 p->Add(kRendererID); | 411 p->Add(kRendererID); |
342 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 412 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
343 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 413 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 414 EXPECT_FALSE( |
| 415 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
344 p->Remove(kRendererID); | 416 p->Remove(kRendererID); |
345 } | 417 } |
346 | 418 |
347 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { | 419 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { |
348 ChildProcessSecurityPolicyImpl* p = | 420 ChildProcessSecurityPolicyImpl* p = |
349 ChildProcessSecurityPolicyImpl::GetInstance(); | 421 ChildProcessSecurityPolicyImpl::GetInstance(); |
350 | 422 |
351 p->Add(kRendererID); | 423 p->Add(kRendererID); |
352 | 424 |
353 // Child processes cannot request view source URLs. | 425 // Child processes cannot request view source URLs. |
354 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 426 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
355 GURL("view-source:http://www.google.com/"))); | 427 GURL("view-source:http://www.google.com/"))); |
356 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 428 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
357 GURL("view-source:file:///etc/passwd"))); | 429 GURL("view-source:file:///etc/passwd"))); |
358 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 430 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
359 EXPECT_FALSE(p->CanRequestURL( | 431 EXPECT_FALSE(p->CanRequestURL( |
360 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 432 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
361 | 433 |
362 // View source URLs don't actually commit; the renderer is put into view | 434 // View source URLs don't actually commit; the renderer is put into view |
363 // source mode, and the inner URL commits. | 435 // source mode, and the inner URL commits. |
364 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 436 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
365 GURL("view-source:http://www.google.com/"))); | 437 GURL("view-source:http://www.google.com/"))); |
366 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 438 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
367 GURL("view-source:file:///etc/passwd"))); | 439 GURL("view-source:file:///etc/passwd"))); |
368 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 440 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
369 EXPECT_FALSE(p->CanCommitURL( | 441 EXPECT_FALSE(p->CanCommitURL( |
370 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 442 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
371 | 443 |
| 444 // View source URLs should not be setable as origin headers |
| 445 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| 446 kRendererID, GURL("view-source:http://www.google.com/"))); |
| 447 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
| 448 GURL("view-source:file:///etc/passwd"))); |
| 449 EXPECT_FALSE( |
| 450 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 451 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| 452 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
| 453 |
372 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); | 454 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); |
373 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 455 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
374 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 456 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
375 EXPECT_FALSE( | 457 EXPECT_FALSE( |
| 458 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 459 EXPECT_FALSE( |
376 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); | 460 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); |
377 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 461 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
378 GURL("view-source:file:///etc/passwd"))); | 462 GURL("view-source:file:///etc/passwd"))); |
| 463 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
| 464 GURL("view-source:file:///etc/passwd"))); |
379 p->Remove(kRendererID); | 465 p->Remove(kRendererID); |
380 } | 466 } |
381 | 467 |
382 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { | 468 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { |
383 ChildProcessSecurityPolicyImpl* p = | 469 ChildProcessSecurityPolicyImpl* p = |
384 ChildProcessSecurityPolicyImpl::GetInstance(); | 470 ChildProcessSecurityPolicyImpl::GetInstance(); |
385 | 471 |
386 p->Add(kRendererID); | 472 p->Add(kRendererID); |
387 | 473 |
388 GURL icon_url("file:///tmp/foo.png"); | 474 GURL icon_url("file:///tmp/foo.png"); |
389 GURL sensitive_url("file:///etc/passwd"); | 475 GURL sensitive_url("file:///etc/passwd"); |
390 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); | 476 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); |
391 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 477 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
392 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); | 478 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); |
393 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 479 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 480 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 481 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
394 | 482 |
395 p->GrantRequestSpecificFileURL(kRendererID, icon_url); | 483 p->GrantRequestSpecificFileURL(kRendererID, icon_url); |
396 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 484 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
397 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 485 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
398 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 486 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
399 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 487 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 488 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 489 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
400 | 490 |
401 p->GrantRequestURL(kRendererID, icon_url); | 491 p->GrantRequestURL(kRendererID, icon_url); |
402 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 492 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
403 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); | 493 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); |
404 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 494 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
405 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); | 495 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 496 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 497 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
406 | 498 |
407 p->Remove(kRendererID); | 499 p->Remove(kRendererID); |
408 } | 500 } |
409 | 501 |
410 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { | 502 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { |
411 ChildProcessSecurityPolicyImpl* p = | 503 ChildProcessSecurityPolicyImpl* p = |
412 ChildProcessSecurityPolicyImpl::GetInstance(); | 504 ChildProcessSecurityPolicyImpl::GetInstance(); |
413 | 505 |
414 p->Add(kRendererID); | 506 p->Add(kRendererID); |
415 std::string read_id = | 507 std::string read_id = |
(...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
756 GURL url_foo1("chrome://foo/resource1"); | 848 GURL url_foo1("chrome://foo/resource1"); |
757 GURL url_foo2("chrome://foo/resource2"); | 849 GURL url_foo2("chrome://foo/resource2"); |
758 GURL url_bar("chrome://bar/resource3"); | 850 GURL url_bar("chrome://bar/resource3"); |
759 | 851 |
760 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); | 852 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); |
761 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); | 853 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); |
762 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 854 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
763 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); | 855 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); |
764 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); | 856 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); |
765 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 857 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
| 858 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 859 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 860 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
766 | 861 |
767 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); | 862 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); |
768 | 863 |
769 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 864 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
770 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 865 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
771 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 866 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
772 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 867 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
773 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 868 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
774 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 869 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
| 870 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 871 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 872 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
775 | 873 |
776 p->GrantScheme(kRendererID, kChromeUIScheme); | 874 p->GrantScheme(kRendererID, kChromeUIScheme); |
777 | 875 |
778 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 876 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
779 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 877 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
780 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); | 878 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); |
781 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 879 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
782 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 880 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
783 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); | 881 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); |
| 882 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 883 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 884 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
784 | 885 |
785 p->Remove(kRendererID); | 886 p->Remove(kRendererID); |
786 } | 887 } |
787 | 888 |
788 } // namespace content | 889 } // namespace content |
OLD | NEW |