| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <set> | 5 #include <set> |
| 6 #include <string> | 6 #include <string> |
| 7 | 7 |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "content/browser/child_process_security_policy_impl.h" | 9 #include "content/browser/child_process_security_policy_impl.h" |
| 10 #include "content/public/common/url_constants.h" | 10 #include "content/public/common/url_constants.h" |
| (...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 178 GURL("view-source:http://www.google.com/"))); | 178 GURL("view-source:http://www.google.com/"))); |
| 179 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 179 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 180 GURL("file:///etc/passwd"))); | 180 GURL("file:///etc/passwd"))); |
| 181 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 181 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 182 GURL("chrome://foo/bar"))); | 182 GURL("chrome://foo/bar"))); |
| 183 EXPECT_FALSE( | 183 EXPECT_FALSE( |
| 184 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); | 184 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); |
| 185 | 185 |
| 186 p->Remove(kRendererID); | 186 p->Remove(kRendererID); |
| 187 } | 187 } |
| 188 | |
| 189 TEST_F(ChildProcessSecurityPolicyTest, BlobSchemeTest) { | |
| 190 ChildProcessSecurityPolicyImpl* p = | |
| 191 ChildProcessSecurityPolicyImpl::GetInstance(); | |
| 192 | |
| 193 p->Add(kRendererID); | |
| 194 | |
| 195 EXPECT_TRUE( | |
| 196 p->CanRequestURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | |
| 197 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("blob:null/some-guid"))); | |
| 198 EXPECT_TRUE( | |
| 199 p->CanRequestURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | |
| 200 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("blob:NulL/some-guid"))); | |
| 201 EXPECT_FALSE(p->CanRequestURL( | |
| 202 kRendererID, GURL("blob:http://username@localhost/some-guid"))); | |
| 203 EXPECT_FALSE(p->CanRequestURL( | |
| 204 kRendererID, GURL("blob:http://username @localhost/some-guid"))); | |
| 205 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); | |
| 206 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); | |
| 207 EXPECT_FALSE(p->CanRequestURL(kRendererID, | |
| 208 GURL("blob:filesystem:http://localhost/path"))); | |
| 209 EXPECT_FALSE(p->CanRequestURL(kRendererID, | |
| 210 GURL("filesystem:blob:http://localhost/guid"))); | |
| 211 | |
| 212 EXPECT_TRUE( | |
| 213 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | |
| 214 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); | |
| 215 EXPECT_TRUE( | |
| 216 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | |
| 217 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); | |
| 218 EXPECT_FALSE(p->CanCommitURL( | |
| 219 kRendererID, GURL("blob:http://username@localhost/some-guid"))); | |
| 220 EXPECT_FALSE(p->CanCommitURL( | |
| 221 kRendererID, GURL("blob:http://username @localhost/some-guid"))); | |
| 222 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("blob:blob:some-guid"))); | |
| 223 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("blob:some-guid"))); | |
| 224 EXPECT_FALSE(p->CanCommitURL(kRendererID, | |
| 225 GURL("blob:filesystem:http://localhost/path"))); | |
| 226 EXPECT_FALSE(p->CanCommitURL(kRendererID, | |
| 227 GURL("filesystem:blob:http://localhost/guid"))); | |
| 228 | |
| 229 p->Remove(kRendererID); | |
| 230 } | |
| 231 | 188 |
| 232 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { | 189 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
| 233 ChildProcessSecurityPolicyImpl* p = | 190 ChildProcessSecurityPolicyImpl* p = |
| 234 ChildProcessSecurityPolicyImpl::GetInstance(); | 191 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 235 | 192 |
| 236 p->Add(kRendererID); | 193 p->Add(kRendererID); |
| 237 | 194 |
| 238 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); | 195 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); |
| 239 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); | 196 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); |
| 240 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); | 197 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); |
| (...skipping 529 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 770 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 727 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
| 771 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); | 728 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); |
| 772 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 729 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
| 773 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 730 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
| 774 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); | 731 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); |
| 775 | 732 |
| 776 p->Remove(kRendererID); | 733 p->Remove(kRendererID); |
| 777 } | 734 } |
| 778 | 735 |
| 779 } // namespace content | 736 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2358193002:
Revert of Disallow navigations to blob URLs with non-canonical origins. (Closed)
