OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <set> | 5 #include <set> |
6 #include <string> | 6 #include <string> |
7 | 7 |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "content/browser/child_process_security_policy_impl.h" | 9 #include "content/browser/child_process_security_policy_impl.h" |
10 #include "content/public/common/url_constants.h" | 10 #include "content/public/common/url_constants.h" |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
163 EXPECT_TRUE(p->CanRequestURL( | 163 EXPECT_TRUE(p->CanRequestURL( |
164 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 164 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
165 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); | 165 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); |
166 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); | 166 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); |
167 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 167 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
168 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 168 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
169 EXPECT_TRUE(p->CanCommitURL( | 169 EXPECT_TRUE(p->CanCommitURL( |
170 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 170 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
| 171 EXPECT_TRUE( |
| 172 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); |
| 173 EXPECT_TRUE( |
| 174 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); |
| 175 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
| 176 EXPECT_TRUE( |
| 177 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
| 178 EXPECT_TRUE(p->CanSetAsOriginHeader( |
| 179 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
171 | 180 |
172 // Dangerous to request or commit. | 181 // Dangerous to request, commit, or set as origin header. |
173 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 182 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
174 GURL("file:///etc/passwd"))); | 183 GURL("file:///etc/passwd"))); |
175 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 184 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
176 GURL("chrome://foo/bar"))); | 185 GURL("chrome://foo/bar"))); |
177 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 186 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
178 GURL("view-source:http://www.google.com/"))); | 187 GURL("view-source:http://www.google.com/"))); |
179 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 188 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
180 GURL("file:///etc/passwd"))); | 189 GURL("file:///etc/passwd"))); |
181 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 190 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
182 GURL("chrome://foo/bar"))); | 191 GURL("chrome://foo/bar"))); |
183 EXPECT_FALSE( | 192 EXPECT_FALSE( |
184 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); | 193 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); |
| 194 EXPECT_FALSE( |
| 195 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 196 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); |
| 197 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| 198 kRendererID, GURL("view-source:http://www.google.com/"))); |
185 | 199 |
186 p->Remove(kRendererID); | 200 p->Remove(kRendererID); |
187 } | 201 } |
| 202 |
| 203 TEST_F(ChildProcessSecurityPolicyTest, BlobSchemeTest) { |
| 204 ChildProcessSecurityPolicyImpl* p = |
| 205 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 206 |
| 207 p->Add(kRendererID); |
| 208 |
| 209 EXPECT_TRUE( |
| 210 p->CanRequestURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
| 211 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("blob:null/some-guid"))); |
| 212 EXPECT_TRUE( |
| 213 p->CanRequestURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
| 214 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("blob:NulL/some-guid"))); |
| 215 EXPECT_TRUE( |
| 216 p->CanRequestURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); |
| 217 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("blob:NulL/some-guid?query"))); |
| 218 EXPECT_TRUE( |
| 219 p->CanRequestURL(kRendererID, GURL("blob:blobinternal://some-guid"))); |
| 220 EXPECT_FALSE(p->CanRequestURL( |
| 221 kRendererID, GURL("blob:http://username@localhost/some-guid"))); |
| 222 EXPECT_FALSE(p->CanRequestURL( |
| 223 kRendererID, GURL("blob:http://username @localhost/some-guid"))); |
| 224 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); |
| 225 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); |
| 226 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 227 GURL("blob:filesystem:http://localhost/path"))); |
| 228 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 229 GURL("filesystem:blob:http://localhost/guid"))); |
| 230 |
| 231 EXPECT_TRUE( |
| 232 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
| 233 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); |
| 234 EXPECT_TRUE( |
| 235 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
| 236 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); |
| 237 EXPECT_TRUE( |
| 238 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); |
| 239 EXPECT_TRUE( |
| 240 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid"))); |
| 241 EXPECT_FALSE(p->CanCommitURL( |
| 242 kRendererID, GURL("blob:http://username@localhost/some-guid"))); |
| 243 EXPECT_FALSE(p->CanCommitURL( |
| 244 kRendererID, GURL("blob:http://username @localhost/some-guid"))); |
| 245 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("blob:blob:some-guid"))); |
| 246 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("blob:some-guid"))); |
| 247 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 248 GURL("blob:filesystem:http://localhost/path"))); |
| 249 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 250 GURL("filesystem:blob:http://localhost/guid"))); |
| 251 |
| 252 p->Remove(kRendererID); |
| 253 } |
188 | 254 |
189 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { | 255 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
190 ChildProcessSecurityPolicyImpl* p = | 256 ChildProcessSecurityPolicyImpl* p = |
191 ChildProcessSecurityPolicyImpl::GetInstance(); | 257 ChildProcessSecurityPolicyImpl::GetInstance(); |
192 | 258 |
193 p->Add(kRendererID); | 259 p->Add(kRendererID); |
194 | 260 |
195 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); | 261 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); |
196 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); | 262 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); |
197 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); | 263 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); |
198 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); | 264 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); |
199 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); | 265 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); |
200 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); | 266 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); |
201 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); | 267 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); |
202 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); | 268 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); |
| 269 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); |
| 270 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); |
| 271 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); |
| 272 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); |
203 | 273 |
204 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 274 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
205 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); | 275 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); |
206 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); | 276 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); |
207 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); | 277 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); |
208 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 278 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
209 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); | 279 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); |
210 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); | 280 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); |
211 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); | 281 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); |
| 282 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
| 283 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); |
| 284 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); |
| 285 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); |
212 | 286 |
213 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); | 287 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); |
214 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); | 288 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); |
215 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); | 289 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); |
216 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 290 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
217 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); | 291 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); |
218 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); | 292 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); |
219 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 293 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
| 294 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
| 295 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); |
| 296 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); |
| 297 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
220 | 298 |
221 // Requests for about: pages should be denied. | 299 // Requests for about: pages should be denied. |
222 p->GrantRequestURL(kRendererID, GURL("about:crash")); | 300 p->GrantRequestURL(kRendererID, GURL("about:crash")); |
223 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 301 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
224 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 302 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
| 303 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
225 | 304 |
226 // These requests for chrome:// pages should be granted. | 305 // These requests for chrome:// pages should be granted. |
227 GURL chrome_url("chrome://foo"); | 306 GURL chrome_url("chrome://foo"); |
228 p->GrantRequestURL(kRendererID, chrome_url); | 307 p->GrantRequestURL(kRendererID, chrome_url); |
229 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); | 308 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); |
230 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); | 309 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); |
| 310 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); |
231 | 311 |
232 p->Remove(kRendererID); | 312 p->Remove(kRendererID); |
233 } | 313 } |
234 | 314 |
235 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { | 315 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { |
236 ChildProcessSecurityPolicyImpl* p = | 316 ChildProcessSecurityPolicyImpl* p = |
237 ChildProcessSecurityPolicyImpl::GetInstance(); | 317 ChildProcessSecurityPolicyImpl::GetInstance(); |
238 | 318 |
239 p->Add(kRendererID); | 319 p->Add(kRendererID); |
240 | 320 |
241 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 321 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
242 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 322 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
| 323 EXPECT_FALSE( |
| 324 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
243 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); | 325 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); |
244 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 326 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
245 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 327 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
| 328 EXPECT_FALSE( |
| 329 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
246 | 330 |
247 p->Remove(kRendererID); | 331 p->Remove(kRendererID); |
248 } | 332 } |
249 | 333 |
250 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { | 334 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { |
251 ChildProcessSecurityPolicyImpl* p = | 335 ChildProcessSecurityPolicyImpl* p = |
252 ChildProcessSecurityPolicyImpl::GetInstance(); | 336 ChildProcessSecurityPolicyImpl::GetInstance(); |
253 | 337 |
254 p->Add(kRendererID); | 338 p->Add(kRendererID); |
255 | 339 |
256 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be | 340 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be |
257 // requested but not committed. | 341 // requested but not committed. |
258 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 342 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
259 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 343 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 344 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
260 | 345 |
261 // Once we register "asdf", we default to deny. | 346 // Once we register "asdf", we default to deny. |
262 RegisterTestScheme("asdf"); | 347 RegisterTestScheme("asdf"); |
263 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 348 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
264 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 349 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 350 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
265 | 351 |
266 // We can allow new schemes by adding them to the whitelist. | 352 // We can allow new schemes by adding them to the whitelist. |
267 p->RegisterWebSafeScheme("asdf"); | 353 p->RegisterWebSafeScheme("asdf"); |
268 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 354 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
269 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 355 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 356 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
270 | 357 |
271 // Cleanup. | 358 // Cleanup. |
272 p->Remove(kRendererID); | 359 p->Remove(kRendererID); |
273 } | 360 } |
274 | 361 |
275 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { | 362 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { |
276 ChildProcessSecurityPolicyImpl* p = | 363 ChildProcessSecurityPolicyImpl* p = |
277 ChildProcessSecurityPolicyImpl::GetInstance(); | 364 ChildProcessSecurityPolicyImpl::GetInstance(); |
278 | 365 |
279 p->Add(kRendererID); | 366 p->Add(kRendererID); |
280 | 367 |
281 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 368 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
282 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 369 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 370 EXPECT_FALSE( |
| 371 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
283 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); | 372 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); |
284 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 373 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
285 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 374 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 375 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
286 | 376 |
287 // We should forget our state if we repeat a renderer id. | 377 // We should forget our state if we repeat a renderer id. |
288 p->Remove(kRendererID); | 378 p->Remove(kRendererID); |
289 p->Add(kRendererID); | 379 p->Add(kRendererID); |
290 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 380 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
291 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 381 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 382 EXPECT_FALSE( |
| 383 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
292 p->Remove(kRendererID); | 384 p->Remove(kRendererID); |
293 } | 385 } |
294 | 386 |
295 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { | 387 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { |
296 ChildProcessSecurityPolicyImpl* p = | 388 ChildProcessSecurityPolicyImpl* p = |
297 ChildProcessSecurityPolicyImpl::GetInstance(); | 389 ChildProcessSecurityPolicyImpl::GetInstance(); |
298 | 390 |
299 p->Add(kRendererID); | 391 p->Add(kRendererID); |
300 | 392 |
301 // Child processes cannot request view source URLs. | 393 // Child processes cannot request view source URLs. |
302 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 394 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
303 GURL("view-source:http://www.google.com/"))); | 395 GURL("view-source:http://www.google.com/"))); |
304 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 396 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
305 GURL("view-source:file:///etc/passwd"))); | 397 GURL("view-source:file:///etc/passwd"))); |
306 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 398 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
307 EXPECT_FALSE(p->CanRequestURL( | 399 EXPECT_FALSE(p->CanRequestURL( |
308 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 400 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
309 | 401 |
310 // View source URLs don't actually commit; the renderer is put into view | 402 // View source URLs don't actually commit; the renderer is put into view |
311 // source mode, and the inner URL commits. | 403 // source mode, and the inner URL commits. |
312 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 404 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
313 GURL("view-source:http://www.google.com/"))); | 405 GURL("view-source:http://www.google.com/"))); |
314 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 406 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
315 GURL("view-source:file:///etc/passwd"))); | 407 GURL("view-source:file:///etc/passwd"))); |
316 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 408 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
317 EXPECT_FALSE(p->CanCommitURL( | 409 EXPECT_FALSE(p->CanCommitURL( |
318 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 410 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
319 | 411 |
| 412 // View source URLs should not be setable as origin headers |
| 413 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| 414 kRendererID, GURL("view-source:http://www.google.com/"))); |
| 415 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
| 416 GURL("view-source:file:///etc/passwd"))); |
| 417 EXPECT_FALSE( |
| 418 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 419 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| 420 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
| 421 |
320 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); | 422 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); |
321 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 423 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
322 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 424 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
323 EXPECT_FALSE( | 425 EXPECT_FALSE( |
| 426 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 427 EXPECT_FALSE( |
324 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); | 428 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); |
325 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 429 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
326 GURL("view-source:file:///etc/passwd"))); | 430 GURL("view-source:file:///etc/passwd"))); |
| 431 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
| 432 GURL("view-source:file:///etc/passwd"))); |
327 p->Remove(kRendererID); | 433 p->Remove(kRendererID); |
328 } | 434 } |
329 | 435 |
330 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { | 436 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { |
331 ChildProcessSecurityPolicyImpl* p = | 437 ChildProcessSecurityPolicyImpl* p = |
332 ChildProcessSecurityPolicyImpl::GetInstance(); | 438 ChildProcessSecurityPolicyImpl::GetInstance(); |
333 | 439 |
334 p->Add(kRendererID); | 440 p->Add(kRendererID); |
335 | 441 |
336 GURL icon_url("file:///tmp/foo.png"); | 442 GURL icon_url("file:///tmp/foo.png"); |
337 GURL sensitive_url("file:///etc/passwd"); | 443 GURL sensitive_url("file:///etc/passwd"); |
338 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); | 444 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); |
339 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 445 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
340 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); | 446 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); |
341 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 447 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 448 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 449 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
342 | 450 |
343 p->GrantRequestSpecificFileURL(kRendererID, icon_url); | 451 p->GrantRequestSpecificFileURL(kRendererID, icon_url); |
344 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 452 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
345 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 453 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
346 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 454 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
347 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 455 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 456 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 457 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
348 | 458 |
349 p->GrantRequestURL(kRendererID, icon_url); | 459 p->GrantRequestURL(kRendererID, icon_url); |
350 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 460 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
351 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); | 461 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); |
352 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 462 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
353 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); | 463 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 464 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 465 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
354 | 466 |
355 p->Remove(kRendererID); | 467 p->Remove(kRendererID); |
356 } | 468 } |
357 | 469 |
358 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { | 470 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { |
359 ChildProcessSecurityPolicyImpl* p = | 471 ChildProcessSecurityPolicyImpl* p = |
360 ChildProcessSecurityPolicyImpl::GetInstance(); | 472 ChildProcessSecurityPolicyImpl::GetInstance(); |
361 | 473 |
362 p->Add(kRendererID); | 474 p->Add(kRendererID); |
363 std::string read_id = | 475 std::string read_id = |
(...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
704 GURL url_foo1("chrome://foo/resource1"); | 816 GURL url_foo1("chrome://foo/resource1"); |
705 GURL url_foo2("chrome://foo/resource2"); | 817 GURL url_foo2("chrome://foo/resource2"); |
706 GURL url_bar("chrome://bar/resource3"); | 818 GURL url_bar("chrome://bar/resource3"); |
707 | 819 |
708 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); | 820 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); |
709 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); | 821 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); |
710 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 822 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
711 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); | 823 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); |
712 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); | 824 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); |
713 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 825 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
| 826 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 827 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 828 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
714 | 829 |
715 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); | 830 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); |
716 | 831 |
717 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 832 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
718 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 833 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
719 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 834 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
720 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 835 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
721 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 836 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
722 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 837 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
| 838 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 839 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 840 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
723 | 841 |
724 p->GrantScheme(kRendererID, kChromeUIScheme); | 842 p->GrantScheme(kRendererID, kChromeUIScheme); |
725 | 843 |
726 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 844 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
727 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 845 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
728 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); | 846 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); |
729 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 847 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
730 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 848 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
731 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); | 849 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); |
| 850 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 851 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 852 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
732 | 853 |
733 p->Remove(kRendererID); | 854 p->Remove(kRendererID); |
734 } | 855 } |
735 | 856 |
736 } // namespace content | 857 } // namespace content |
OLD | NEW |