OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stddef.h> | 5 #include <stddef.h> |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/callback.h" | 10 #include "base/callback.h" |
(...skipping 232 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
243 IsIsolateExtensionsEnabled() | 243 IsIsolateExtensionsEnabled() |
244 ? if_enabled | 244 ? if_enabled |
245 : if_disabled; | 245 : if_disabled; |
246 } | 246 } |
247 | 247 |
248 content::WebContents* OpenPopup(content::RenderFrameHost* opener, | 248 content::WebContents* OpenPopup(content::RenderFrameHost* opener, |
249 const GURL& url) { | 249 const GURL& url) { |
250 content::WindowedNotificationObserver popup_observer( | 250 content::WindowedNotificationObserver popup_observer( |
251 chrome::NOTIFICATION_TAB_ADDED, | 251 chrome::NOTIFICATION_TAB_ADDED, |
252 content::NotificationService::AllSources()); | 252 content::NotificationService::AllSources()); |
253 EXPECT_TRUE(ExecuteScript(opener, "window.open('" + url.spec() + "')")); | 253 EXPECT_TRUE(ExecuteScript( |
254 opener, "window.popup = window.open('" + url.spec() + "')")); | |
254 popup_observer.Wait(); | 255 popup_observer.Wait(); |
255 content::WebContents* popup = | 256 content::WebContents* popup = |
256 browser()->tab_strip_model()->GetActiveWebContents(); | 257 browser()->tab_strip_model()->GetActiveWebContents(); |
257 WaitForLoadStop(popup); | 258 WaitForLoadStop(popup); |
258 EXPECT_EQ(url, popup->GetMainFrame()->GetLastCommittedURL()); | 259 EXPECT_EQ(url, popup->GetMainFrame()->GetLastCommittedURL()); |
259 return popup; | 260 return popup; |
260 } | 261 } |
261 | 262 |
262 private: | 263 private: |
263 std::vector<std::unique_ptr<TestExtensionDir>> temp_dirs_; | 264 std::vector<std::unique_ptr<TestExtensionDir>> temp_dirs_; |
(...skipping 459 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
723 EXPECT_TRUE(policy->CanRequestURL( | 724 EXPECT_TRUE(policy->CanRequestURL( |
724 main_frame->GetProcess()->GetID(), | 725 main_frame->GetProcess()->GetID(), |
725 GURL("filesystem:chrome-extension://some-extension-id/some-path"))); | 726 GURL("filesystem:chrome-extension://some-extension-id/some-path"))); |
726 EXPECT_TRUE(policy->CanRequestURL( | 727 EXPECT_TRUE(policy->CanRequestURL( |
727 extension_frame->GetProcess()->GetID(), | 728 extension_frame->GetProcess()->GetID(), |
728 GURL("chrome-extension://some-extension-id/resource.html"))); | 729 GURL("chrome-extension://some-extension-id/resource.html"))); |
729 EXPECT_TRUE(policy->CanRequestURL( | 730 EXPECT_TRUE(policy->CanRequestURL( |
730 main_frame->GetProcess()->GetID(), | 731 main_frame->GetProcess()->GetID(), |
731 GURL("chrome-extension://some-extension-id/resource.html"))); | 732 GURL("chrome-extension://some-extension-id/resource.html"))); |
732 | 733 |
733 EXPECT_TRUE(policy->CanCommitURL( | 734 if (IsIsolateExtensionsEnabled() || |
734 extension_frame->GetProcess()->GetID(), | 735 content::AreAllSitesIsolatedForTesting()) { |
735 GURL("blob:chrome-extension://some-extension-id/some-guid"))); | 736 EXPECT_TRUE(policy->CanCommitURL( |
736 EXPECT_FALSE(policy->CanCommitURL( | 737 extension_frame->GetProcess()->GetID(), |
737 main_frame->GetProcess()->GetID(), | 738 GURL("blob:chrome-extension://some-extension-id/some-guid"))); |
738 GURL("blob:chrome-extension://some-extension-id/some-guid"))); | 739 EXPECT_FALSE(policy->CanCommitURL( |
739 EXPECT_TRUE(policy->CanCommitURL( | 740 main_frame->GetProcess()->GetID(), |
740 extension_frame->GetProcess()->GetID(), | 741 GURL("blob:chrome-extension://some-extension-id/some-guid"))); |
741 GURL("chrome-extension://some-extension-id/resource.html"))); | 742 EXPECT_TRUE(policy->CanCommitURL( |
742 EXPECT_FALSE(policy->CanCommitURL( | 743 extension_frame->GetProcess()->GetID(), |
743 main_frame->GetProcess()->GetID(), | 744 GURL("chrome-extension://some-extension-id/resource.html"))); |
744 GURL("chrome-extension://some-extension-id/resource.html"))); | 745 EXPECT_FALSE(policy->CanCommitURL( |
745 EXPECT_TRUE(policy->CanCommitURL( | 746 main_frame->GetProcess()->GetID(), |
746 extension_frame->GetProcess()->GetID(), | 747 GURL("chrome-extension://some-extension-id/resource.html"))); |
747 GURL("filesystem:chrome-extension://some-extension-id/some-path"))); | 748 EXPECT_TRUE(policy->CanCommitURL( |
748 EXPECT_FALSE(policy->CanCommitURL( | 749 extension_frame->GetProcess()->GetID(), |
749 main_frame->GetProcess()->GetID(), | 750 GURL("filesystem:chrome-extension://some-extension-id/some-path"))); |
750 GURL("filesystem:chrome-extension://some-extension-id/some-path"))); | 751 EXPECT_FALSE(policy->CanCommitURL( |
752 main_frame->GetProcess()->GetID(), | |
753 GURL("filesystem:chrome-extension://some-extension-id/some-path"))); | |
754 } | |
751 | 755 |
752 // Open a new about:blank popup from main frame. This should stay in the web | 756 // Open a new about:blank popup from main frame. This should stay in the web |
753 // process. | 757 // process. |
754 content::WebContents* popup = | 758 content::WebContents* popup = |
755 OpenPopup(main_frame, GURL(url::kAboutBlankURL)); | 759 OpenPopup(main_frame, GURL(url::kAboutBlankURL)); |
756 EXPECT_NE(popup, tab); | 760 EXPECT_NE(popup, tab); |
757 ASSERT_EQ(2, browser()->tab_strip_model()->count()); | 761 ASSERT_EQ(2, browser()->tab_strip_model()->count()); |
758 EXPECT_EQ(IfExtensionsIsolated(1, 0), | 762 EXPECT_EQ(IfExtensionsIsolated(1, 0), |
759 pm->GetRenderFrameHostsForExtension(extension->id()).size()); | 763 pm->GetRenderFrameHostsForExtension(extension->id()).size()); |
760 EXPECT_EQ(IfExtensionsIsolated(1, 0), pm->GetAllFrames().size()); | 764 EXPECT_EQ(IfExtensionsIsolated(1, 0), pm->GetAllFrames().size()); |
(...skipping 20 matching lines...) Expand all Loading... | |
781 EXPECT_FALSE(extension_origin.IsSameOriginWith( | 785 EXPECT_FALSE(extension_origin.IsSameOriginWith( |
782 popup->GetMainFrame()->GetLastCommittedOrigin())); | 786 popup->GetMainFrame()->GetLastCommittedOrigin())); |
783 EXPECT_NE("foo", GetTextContent(popup->GetMainFrame())); | 787 EXPECT_NE("foo", GetTextContent(popup->GetMainFrame())); |
784 | 788 |
785 EXPECT_EQ(IfExtensionsIsolated(1, 0), | 789 EXPECT_EQ(IfExtensionsIsolated(1, 0), |
786 pm->GetRenderFrameHostsForExtension(extension->id()).size()); | 790 pm->GetRenderFrameHostsForExtension(extension->id()).size()); |
787 EXPECT_EQ(IfExtensionsIsolated(1, 0), pm->GetAllFrames().size()); | 791 EXPECT_EQ(IfExtensionsIsolated(1, 0), pm->GetAllFrames().size()); |
788 } | 792 } |
789 | 793 |
790 // Navigate second subframe to each nested URL from the main frame (i.e., | 794 // Navigate second subframe to each nested URL from the main frame (i.e., |
791 // from non-extension process). | 795 // from non-extension process). This should be blocked in |
796 // --isolate-extensions, but allowed without --isolate-extensions due to | |
797 // unblessed extension frames. | |
792 // | 798 // |
793 // TODO(alexmos): Currently, this is still allowed due to unblessed extension | 799 // TODO(alexmos): This is also temporarily allowed under PlzNavigate, because |
794 // contexts, but in the future such subframe navigations from non-extension | 800 // currently this particular blocking happens in |
795 // processes should be blocked when unblessed contexts go away with | 801 // ChromeContentBrowserClientExtensionsPart::ShouldAllowOpenURL, which isn't |
796 // --isolate-extensions. | 802 // triggered below under PlzNavigate (since there'll be no transfer). Once |
803 // the blob/filesystem URL checks in ExtensionNavigationThrottle are updated | |
804 // to apply to all frames and not just main frames, the PlzNavigate exception | |
805 // below can be removed. | |
alexmos
2016/10/28 00:29:41
Alternatively, to avoid the confusion with PlzNavi
| |
797 for (size_t i = 0; i < arraysize(nested_urls); i++) { | 806 for (size_t i = 0; i < arraysize(nested_urls); i++) { |
798 EXPECT_TRUE(content::NavigateIframeToURL(tab, "frame2", nested_urls[i])); | 807 EXPECT_TRUE(content::NavigateIframeToURL(tab, "frame2", nested_urls[i])); |
799 content::RenderFrameHost* second_frame = ChildFrameAt(main_frame, 1); | 808 content::RenderFrameHost* second_frame = ChildFrameAt(main_frame, 1); |
800 EXPECT_EQ(nested_urls[i], second_frame->GetLastCommittedURL()); | 809 if (IsIsolateExtensionsEnabled() && |
alexmos
2016/10/28 00:29:41
The reason this starts working (with --isolate-ext
| |
801 EXPECT_EQ(extension_origin, second_frame->GetLastCommittedOrigin()); | 810 !content::IsBrowserSideNavigationEnabled()) { |
802 EXPECT_EQ("foo", GetTextContent(second_frame)); | 811 EXPECT_NE(nested_urls[i], second_frame->GetLastCommittedURL()); |
803 EXPECT_EQ(IfExtensionsIsolated(2, 0), | 812 EXPECT_FALSE(extension_origin.IsSameOriginWith( |
804 pm->GetRenderFrameHostsForExtension(extension->id()).size()); | 813 second_frame->GetLastCommittedOrigin())); |
805 EXPECT_EQ(IfExtensionsIsolated(2, 0), pm->GetAllFrames().size()); | 814 EXPECT_NE("foo", GetTextContent(second_frame)); |
815 EXPECT_EQ(IfExtensionsIsolated(1, 0), | |
816 pm->GetRenderFrameHostsForExtension(extension->id()).size()); | |
817 EXPECT_EQ(IfExtensionsIsolated(1, 0), pm->GetAllFrames().size()); | |
818 } else { | |
819 EXPECT_EQ(nested_urls[i], second_frame->GetLastCommittedURL()); | |
820 EXPECT_EQ(extension_origin, second_frame->GetLastCommittedOrigin()); | |
821 EXPECT_EQ("foo", GetTextContent(second_frame)); | |
822 EXPECT_EQ(IfExtensionsIsolated(2, 0), | |
823 pm->GetRenderFrameHostsForExtension(extension->id()).size()); | |
824 EXPECT_EQ(IfExtensionsIsolated(2, 0), pm->GetAllFrames().size()); | |
825 } | |
826 EXPECT_TRUE( | |
827 content::NavigateIframeToURL(tab, "frame2", GURL(url::kAboutBlankURL))); | |
806 } | 828 } |
807 } | 829 } |
808 | 830 |
809 // Test that navigations to blob: and filesystem: URLs with extension origins | 831 // Test that navigations to blob: and filesystem: URLs with extension origins |
810 // are allowed when initiated from extension processes. See | 832 // are allowed when initiated from extension processes. See |
811 // https://crbug.com/645028 and https://crbug.com/644426. | 833 // https://crbug.com/645028 and https://crbug.com/644426. |
812 IN_PROC_BROWSER_TEST_F(ProcessManagerBrowserTest, | 834 IN_PROC_BROWSER_TEST_F(ProcessManagerBrowserTest, |
813 NestedURLNavigationsToExtensionAllowed) { | 835 NestedURLNavigationsToExtensionAllowed) { |
814 // Create a simple extension without a background page. | 836 // Create a simple extension without a background page. |
815 const Extension* extension = CreateExtension("Extension", false); | 837 const Extension* extension = CreateExtension("Extension", false); |
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
963 EXPECT_FALSE(app_origin.IsSameOriginWith( | 985 EXPECT_FALSE(app_origin.IsSameOriginWith( |
964 web_tab->GetMainFrame()->GetLastCommittedOrigin())); | 986 web_tab->GetMainFrame()->GetLastCommittedOrigin())); |
965 EXPECT_NE("foo", GetTextContent(web_tab->GetMainFrame())); | 987 EXPECT_NE("foo", GetTextContent(web_tab->GetMainFrame())); |
966 EXPECT_NE(web_tab->GetMainFrame()->GetProcess(), app_rfh->GetProcess()); | 988 EXPECT_NE(web_tab->GetMainFrame()->GetProcess(), app_rfh->GetProcess()); |
967 | 989 |
968 EXPECT_EQ(2u, pm->GetAllFrames().size()); | 990 EXPECT_EQ(2u, pm->GetAllFrames().size()); |
969 EXPECT_EQ(2u, pm->GetRenderFrameHostsForExtension(app->id()).size()); | 991 EXPECT_EQ(2u, pm->GetRenderFrameHostsForExtension(app->id()).size()); |
970 } | 992 } |
971 } | 993 } |
972 | 994 |
995 // Test that a web frame can't navigate a proxy for an extension frame to a | |
996 // blob/filesystem extension URL. See https://crbug.com/656752. | |
997 IN_PROC_BROWSER_TEST_F(ProcessManagerBrowserTest, | |
998 NestedURLNavigationsViaProxyBlocked) { | |
999 // Create a simple extension without a background page. | |
1000 const Extension* extension = CreateExtension("Extension", false); | |
1001 embedded_test_server()->ServeFilesFromDirectory(extension->path()); | |
1002 ASSERT_TRUE(embedded_test_server()->Start()); | |
1003 | |
1004 // Navigate main tab to an empty web page. There should be no extension | |
1005 // frames yet. | |
1006 NavigateToURL(embedded_test_server()->GetURL("/empty.html")); | |
1007 ProcessManager* pm = ProcessManager::Get(profile()); | |
1008 EXPECT_EQ(0u, pm->GetAllFrames().size()); | |
1009 EXPECT_EQ(0u, pm->GetRenderFrameHostsForExtension(extension->id()).size()); | |
1010 | |
1011 content::WebContents* tab = | |
1012 browser()->tab_strip_model()->GetActiveWebContents(); | |
1013 content::RenderFrameHost* main_frame = tab->GetMainFrame(); | |
1014 | |
1015 // Open a new about:blank popup from main frame. This should stay in the web | |
1016 // process. | |
1017 content::WebContents* popup = | |
1018 OpenPopup(main_frame, GURL(url::kAboutBlankURL)); | |
1019 EXPECT_NE(popup, tab); | |
1020 ASSERT_EQ(2, browser()->tab_strip_model()->count()); | |
1021 EXPECT_EQ(0u, pm->GetRenderFrameHostsForExtension(extension->id()).size()); | |
1022 EXPECT_EQ(0u, pm->GetAllFrames().size()); | |
1023 | |
1024 // Navigate popup to an extension page. | |
1025 const GURL extension_url(extension->url().Resolve("empty.html")); | |
1026 content::TestNavigationObserver observer(popup); | |
1027 EXPECT_TRUE( | |
1028 ExecuteScript(popup, "location.href = '" + extension_url.spec() + "';")); | |
1029 observer.Wait(); | |
1030 EXPECT_EQ(1u, pm->GetAllFrames().size()); | |
1031 EXPECT_EQ(1u, pm->GetRenderFrameHostsForExtension(extension->id()).size()); | |
1032 content::RenderFrameHost* extension_frame = popup->GetMainFrame(); | |
1033 | |
1034 // Create valid blob and filesystem URLs in the extension's origin. | |
1035 url::Origin extension_origin(extension_frame->GetLastCommittedOrigin()); | |
1036 GURL blob_url(CreateBlobURL(extension_frame, "foo")); | |
1037 EXPECT_EQ(extension_origin, url::Origin(blob_url)); | |
1038 GURL filesystem_url(CreateFileSystemURL(extension_frame, "foo")); | |
1039 EXPECT_EQ(extension_origin, url::Origin(filesystem_url)); | |
1040 | |
1041 // Have the web page navigate the popup to each nested URL with extension | |
1042 // origin via the window reference it obtained earlier from window.open. | |
1043 GURL nested_urls[] = {blob_url, filesystem_url}; | |
1044 for (size_t i = 0; i < arraysize(nested_urls); i++) { | |
1045 EXPECT_TRUE(ExecuteScript( | |
1046 tab, "window.popup.location.href = '" + nested_urls[i].spec() + "';")); | |
1047 WaitForLoadStop(popup); | |
1048 | |
1049 // This is a top-level navigation that should be blocked since it | |
1050 // originates from a non-extension process. Ensure that the popup stays at | |
1051 // the original page and doesn't navigate to the nested URL. | |
1052 EXPECT_NE(nested_urls[i], popup->GetLastCommittedURL()); | |
1053 EXPECT_NE("foo", GetTextContent(popup->GetMainFrame())); | |
1054 | |
1055 EXPECT_EQ(1u, pm->GetRenderFrameHostsForExtension(extension->id()).size()); | |
1056 EXPECT_EQ(1u, pm->GetAllFrames().size()); | |
1057 } | |
1058 } | |
1059 | |
973 // Verify that a web popup created via window.open from an extension page can | 1060 // Verify that a web popup created via window.open from an extension page can |
974 // communicate with the extension page via window.opener. See | 1061 // communicate with the extension page via window.opener. See |
975 // https://crbug.com/590068. | 1062 // https://crbug.com/590068. |
976 IN_PROC_BROWSER_TEST_F(ProcessManagerBrowserTest, | 1063 IN_PROC_BROWSER_TEST_F(ProcessManagerBrowserTest, |
977 WebPopupFromExtensionMainFrameHasValidOpener) { | 1064 WebPopupFromExtensionMainFrameHasValidOpener) { |
978 // Create a simple extension without a background page. | 1065 // Create a simple extension without a background page. |
979 const Extension* extension = CreateExtension("Extension", false); | 1066 const Extension* extension = CreateExtension("Extension", false); |
980 embedded_test_server()->ServeFilesFromDirectory(extension->path()); | 1067 embedded_test_server()->ServeFilesFromDirectory(extension->path()); |
981 ASSERT_TRUE(embedded_test_server()->Start()); | 1068 ASSERT_TRUE(embedded_test_server()->Start()); |
982 | 1069 |
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1057 EXPECT_TRUE(ExecuteScriptAndExtractBool( | 1144 EXPECT_TRUE(ExecuteScriptAndExtractBool( |
1058 popup, "window.domAutomationController.send(!!window.opener)", | 1145 popup, "window.domAutomationController.send(!!window.opener)", |
1059 &is_opener_defined)); | 1146 &is_opener_defined)); |
1060 EXPECT_TRUE(is_opener_defined); | 1147 EXPECT_TRUE(is_opener_defined); |
1061 | 1148 |
1062 // Verify that postMessage to window.opener works. | 1149 // Verify that postMessage to window.opener works. |
1063 VerifyPostMessageToOpener(popup->GetMainFrame(), extension_frame); | 1150 VerifyPostMessageToOpener(popup->GetMainFrame(), extension_frame); |
1064 } | 1151 } |
1065 | 1152 |
1066 } // namespace extensions | 1153 } // namespace extensions |
OLD | NEW |