content/browser/child_process_security_policy_unittest.cc - Issue 2365433002: (re-land) Disallow navigations to blob URLs with non-canonical origins.

Side by Side Diff: content/browser/child_process_security_policy_unittest.cc

Issue 2365433002: (re-land) Disallow navigations to blob URLs with non-canonical origins. (Closed)

Patch Set: Remove newline Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <set>	5 #include <set>

6 #include <string>	6 #include <string>

7	7

8 #include "base/files/file_path.h"	8 #include "base/files/file_path.h"

9 #include "content/browser/child_process_security_policy_impl.h"	9 #include "content/browser/child_process_security_policy_impl.h"

10 #include "content/public/common/url_constants.h"	10 #include "content/public/common/url_constants.h"

(...skipping 168 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
179 EXPECT_FALSE(p->CanCommitURL(kRendererID,	179 EXPECT_FALSE(p->CanCommitURL(kRendererID,

180 GURL("file:///etc/passwd")));	180 GURL("file:///etc/passwd")));

181 EXPECT_FALSE(p->CanCommitURL(kRendererID,	181 EXPECT_FALSE(p->CanCommitURL(kRendererID,

182 GURL("chrome://foo/bar")));	182 GURL("chrome://foo/bar")));

183 EXPECT_FALSE(	183 EXPECT_FALSE(

184 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/")));	184 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/")));

185	185

186 p->Remove(kRendererID);	186 p->Remove(kRendererID);

187 }	187 }

188	188

	189 TEST_F(ChildProcessSecurityPolicyTest, BlobSchemeTest) {

	190 ChildProcessSecurityPolicyImpl* p =

	191 ChildProcessSecurityPolicyImpl::GetInstance();

	192

	193 p->Add(kRendererID);

	194

	195 EXPECT_TRUE(

	196 p->CanRequestURL(kRendererID, GURL("blob:http://localhost/some-guid")));

	197 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("blob:null/some-guid")));

	198 EXPECT_TRUE(

	199 p->CanRequestURL(kRendererID, GURL("blob:http://localhost/some-guid")));

	200 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("blob:NulL/some-guid")));

	201 EXPECT_TRUE(

	202 p->CanRequestURL(kRendererID, GURL("blob:NulL/some-guid#fragment")));

	203 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("blob:NulL/some-guid?query")));

	204 EXPECT_TRUE(

	205 p->CanRequestURL(kRendererID, GURL("blob:blobinternal://some-guid")));

	206 EXPECT_FALSE(p->CanRequestURL(

	207 kRendererID, GURL("blob:http://username@localhost/some-guid")));

	208 EXPECT_FALSE(p->CanRequestURL(

	209 kRendererID, GURL("blob:http://username @localhost/some-guid")));

	210 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid")));

	211 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid")));

	212 EXPECT_FALSE(p->CanRequestURL(kRendererID,

	213 GURL("blob:filesystem:http://localhost/path")));

	214 EXPECT_FALSE(p->CanRequestURL(kRendererID,

	215 GURL("filesystem:blob:http://localhost/guid")));

	216

	217 EXPECT_TRUE(

	218 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid")));

	219 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid")));

	220 EXPECT_TRUE(

	221 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid")));

	222 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid")));

	223 EXPECT_TRUE(

	224 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment")));

	225 EXPECT_TRUE(

	226 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid")));

	227 EXPECT_FALSE(p->CanCommitURL(

	228 kRendererID, GURL("blob:http://username@localhost/some-guid")));

	229 EXPECT_FALSE(p->CanCommitURL(

	230 kRendererID, GURL("blob:http://username @localhost/some-guid")));

	231 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("blob:blob:some-guid")));

	232 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("blob:some-guid")));

	233 EXPECT_FALSE(p->CanCommitURL(kRendererID,

	234 GURL("blob:filesystem:http://localhost/path")));

	235 EXPECT_FALSE(p->CanCommitURL(kRendererID,

	236 GURL("filesystem:blob:http://localhost/guid")));

	237

	238 p->Remove(kRendererID);

	239 }

	240

189 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) {	241 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) {

190 ChildProcessSecurityPolicyImpl* p =	242 ChildProcessSecurityPolicyImpl* p =

191 ChildProcessSecurityPolicyImpl::GetInstance();	243 ChildProcessSecurityPolicyImpl::GetInstance();

192	244

193 p->Add(kRendererID);	245 p->Add(kRendererID);

194	246

195 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank")));	247 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank")));

196 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK")));	248 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK")));

197 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK")));	249 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK")));

198 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank")));	250 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank")));

(...skipping 528 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
727 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2));	779 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2));

728 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar));	780 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar));

729 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1));	781 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1));

730 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2));	782 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2));

731 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar));	783 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar));

732	784

733 p->Remove(kRendererID);	785 p->Remove(kRendererID);

734 }	786 }

735	787

736 } // namespace content	788 } // namespace content

OLD	NEW

« no previous file with comments | « content/browser/child_process_security_policy_impl.cc ('k') | content/test/BUILD.gn » ('j') | no next file with comments »