OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stddef.h> | 5 #include <stddef.h> |
6 | 6 |
7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
8 #include "base/strings/stringprintf.h" | 8 #include "base/strings/stringprintf.h" |
9 #include "build/build_config.h" | 9 #include "build/build_config.h" |
10 #include "chrome/browser/extensions/extension_apitest.h" | 10 #include "chrome/browser/extensions/extension_apitest.h" |
11 #include "chrome/browser/profiles/profile.h" | 11 #include "chrome/browser/profiles/profile.h" |
12 #include "chrome/browser/ui/browser.h" | 12 #include "chrome/browser/ui/browser.h" |
13 #include "chrome/browser/ui/browser_finder.h" | 13 #include "chrome/browser/ui/browser_finder.h" |
14 #include "chrome/browser/ui/browser_list.h" | 14 #include "chrome/browser/ui/browser_list.h" |
15 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 15 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
16 #include "chrome/common/chrome_paths.h" | 16 #include "chrome/common/chrome_paths.h" |
17 #include "chrome/test/base/ui_test_utils.h" | 17 #include "chrome/test/base/ui_test_utils.h" |
18 #include "content/public/browser/notification_service.h" | |
19 #include "content/public/browser/notification_types.h" | |
20 #include "content/public/browser/render_frame_host.h" | |
18 #include "content/public/browser/render_process_host.h" | 21 #include "content/public/browser/render_process_host.h" |
19 #include "content/public/browser/web_contents.h" | 22 #include "content/public/browser/web_contents.h" |
20 #include "content/public/common/result_codes.h" | 23 #include "content/public/common/result_codes.h" |
21 #include "content/public/common/url_constants.h" | 24 #include "content/public/common/url_constants.h" |
22 #include "content/public/test/browser_test_utils.h" | 25 #include "content/public/test/browser_test_utils.h" |
23 #include "extensions/browser/extension_host.h" | 26 #include "extensions/browser/extension_host.h" |
24 #include "extensions/browser/process_manager.h" | 27 #include "extensions/browser/process_manager.h" |
25 #include "extensions/common/constants.h" | 28 #include "extensions/common/constants.h" |
26 #include "extensions/common/extension.h" | 29 #include "extensions/common/extension.h" |
27 #include "extensions/test/extension_test_message_listener.h" | 30 #include "extensions/test/extension_test_message_listener.h" |
(...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
277 last_loaded_extension_id() + "/newtab.html"), | 280 last_loaded_extension_id() + "/newtab.html"), |
278 false, | 281 false, |
279 &newtab)); | 282 &newtab)); |
280 | 283 |
281 // Extension API should succeed. | 284 // Extension API should succeed. |
282 bool result = false; | 285 bool result = false; |
283 ASSERT_TRUE(content::ExecuteScriptAndExtractBool(newtab, "testExtensionApi()", | 286 ASSERT_TRUE(content::ExecuteScriptAndExtractBool(newtab, "testExtensionApi()", |
284 &result)); | 287 &result)); |
285 EXPECT_TRUE(result); | 288 EXPECT_TRUE(result); |
286 } | 289 } |
290 | |
291 // Tests that calling window.open for an extension URL from a non-HTTP or HTTPS | |
292 // URL on a new tab cannot access non-web-accessible resources. | |
293 IN_PROC_BROWSER_TEST_F(ExtensionBrowserTest, | |
294 WindowOpenInaccessibleResourceFromDataURL) { | |
alexmos
2016/10/28 00:29:41
This is checking the case that would've previously
| |
295 ASSERT_TRUE(LoadExtension( | |
296 test_data_dir_.AppendASCII("uitest").AppendASCII("window_open"))); | |
297 | |
298 ui_test_utils::NavigateToURL(browser(), GURL("data:text/html,foo")); | |
299 | |
300 // test.html is not web-accessible and should not be loaded. | |
301 GURL extension_url(std::string(extensions::kExtensionScheme) + | |
302 url::kStandardSchemeSeparator + | |
303 last_loaded_extension_id() + "/test.html"); | |
304 content::WindowedNotificationObserver windowed_observer( | |
305 content::NOTIFICATION_LOAD_STOP, | |
306 content::NotificationService::AllSources()); | |
307 ASSERT_TRUE(content::ExecuteScript( | |
308 browser()->tab_strip_model()->GetActiveWebContents(), | |
309 "window.open('" + extension_url.spec() + "');")); | |
310 windowed_observer.Wait(); | |
311 content::NavigationController* controller = | |
312 content::Source<content::NavigationController>(windowed_observer.source()) | |
313 .ptr(); | |
314 content::WebContents* newtab = controller->GetWebContents(); | |
315 ASSERT_TRUE(newtab); | |
316 | |
317 EXPECT_NE(extension_url, newtab->GetMainFrame()->GetLastCommittedURL()); | |
318 EXPECT_NE(std::string(extensions::kExtensionScheme), | |
319 newtab->GetMainFrame()->GetSiteInstance()->GetSiteURL().scheme()); | |
ncarter (slow)
2016/10/28 21:45:03
If you add UMA stats, you could use a histogram_te
alexmos
2016/10/31 23:34:48
Done. Never used histogram_tester before, so wasn
ncarter (slow)
2016/10/31 23:42:09
Hardcoded values are the way to go. It's arguably
| |
320 } | |
OLD | NEW |