chrome.webRequest support for ExtensionSettings

chrome/browser/extensions/api/web_request/web_request_apitest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/command_line.h"
 #include "base/macros.h"
 #include "base/memory/ptr_util.h"
 #include "base/optional.h"
 #include "base/run_loop.h"
 #include "base/strings/stringprintf.h"
 #include "build/build_config.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/extensions/active_tab_permission_granter.h"
 #include "chrome/browser/extensions/extension_action_runner.h"
 #include "chrome/browser/extensions/extension_apitest.h"
 #include "chrome/browser/extensions/extension_service.h"
+#include "chrome/browser/extensions/extension_with_management_policy_apitest.h"
 #include "chrome/browser/extensions/tab_helper.h"
 #include "chrome/browser/extensions/test_extension_dir.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/search_engines/template_url_service_factory.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/browser/ui/browser_navigator_params.h"
 #include "chrome/browser/ui/login/login_handler.h"
 #include "chrome/browser/ui/tabs/tab_strip_model.h"
 #include "chrome/common/extensions/extension_process_policy.h"
 #include "chrome/test/base/search_test_utils.h"
@@ skipping 11 matching lines @@
 #include "content/public/test/browser_test_utils.h"
 #include "extensions/browser/api/web_request/web_request_api.h"
 #include "extensions/browser/blocked_action_type.h"
 #include "extensions/browser/extension_system.h"
 #include "extensions/common/extension_builder.h"
 #include "extensions/common/features/feature.h"
 #include "extensions/test/extension_test_message_listener.h"
 #include "extensions/test/result_catcher.h"
 #include "net/dns/mock_host_resolver.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
+#include "net/test/embedded_test_server/http_request.h"
 #include "net/test/test_data_directory.h"
 #include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
 #include "net/url_request/test_url_fetcher_factory.h"
 #include "net/url_request/url_fetcher.h"
 #include "net/url_request/url_fetcher_delegate.h"
 #include "net/url_request/url_request_context_getter.h"
 #include "third_party/WebKit/public/platform/WebInputEvent.h"
 
 #if defined(OS_CHROMEOS)
 #include "chromeos/login/login_state.h"
@@ skipping 19 matching lines @@
                const content::NotificationSource& source,
                const content::NotificationDetails& details) override {
     LoginHandler* handler =
         content::Details<LoginNotificationDetails>(details).ptr()->handler();
     handler->CancelAuth();
   }
 
  private:
   content::NotificationRegistrar registrar_;
 
- DISALLOW_COPY_AND_ASSIGN(CancelLoginDialog);
+  DISALLOW_COPY_AND_ASSIGN(CancelLoginDialog);
 };
 
 // Sends an XHR request to the provided host, port, and path, and responds when
 // the request was sent.
 const char kPerformXhrJs[] =
     "var url = 'http://%s:%d/%s';\n"
     "var xhr = new XMLHttpRequest();\n"
     "xhr.open('GET', url);\n"
     "xhr.onload = function() {\n"
     "  window.domAutomationController.send(true);\n"
@@ skipping 848 matching lines @@
     // example.com should also succeed, since it's not through the profile's
     // request context.
     SCOPED_TRACE("example.com with System's request context");
     TestURLFetcherDelegate url_fetcher(system_context, example_url,
                                        net::URLRequestStatus());
     url_fetcher.SetExpectedResponse(kExampleFullContent);
     url_fetcher.WaitForCompletion();
   }
 }
 
+// Tests that the webRequest events aren't dispatched when the request initiator
+// is protected by policy.
+IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy,
+                       InitiatorProtectedByPolicy) {
+  // We expect that no request will be hidden or modification blocked. This
+  // means that the request to example.com will be seen by the extension.
+  {
+    ExtensionManagementPolicyUpdater pref(&policy_provider_);
+    pref.AddRuntimeBlockedHost("*", "*://notexample.com");
+  }
+
+  ASSERT_TRUE(StartEmbeddedTestServer());
+
+  // Host navigated to.
+  const std::string example_com = "example.com";
+
+  // URL of a page that initiates a cross domain requests when navigated to.
+  const GURL extension_test_url = embedded_test_server()->GetURL(
+      example_com,
+      "/extensions/api_test/webrequest/policy_blocked/ref_remote_js.html");
+
+  LoadExtension(test_data_dir_.AppendASCII("webrequest/policy_blocked"));
+
+  // Extension communicates back using this listener name.
+  const std::string listener_message = "protected_origin";
+
+  // Listen to verify extension sees the web request.
+  ExtensionTestMessageListener before_request_listener(listener_message, false);
+
+  // Wait until all remote Javascript files have been blocked / pulled down.
+  ui_test_utils::NavigateToURLWithDisposition(
+      browser(), extension_test_url, WindowOpenDisposition::CURRENT_TAB,
+      ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
+
+  // Domain that hosts javascript file referenced by example_com.
+  const std::string example2_com = "example2.com";
+
+  // The server saw a request for the remote Javascript file.
+  EXPECT_TRUE(BrowsedTo(example2_com));
+
+  // The request was seen by the extension.
+  EXPECT_TRUE(before_request_listener.was_satisfied());
+
+  // Clear the list of domains the server has seen.
+  ClearRequestLog();
+
+  // Make sure we've cleared the embedded server history.
+  EXPECT_FALSE(BrowsedTo(example2_com));
+
+  // Set the policy to hide requests to example.com or any resource
+  // it includes. We expect that in this test, the request to example2.com
+  // will not be seen by the extension.
+  {
+    ExtensionManagementPolicyUpdater pref(&policy_provider_);
+    pref.AddRuntimeBlockedHost("*", "*://" + example_com);
+  }
+
+  // Listen in case extension sees the requst.
+  ExtensionTestMessageListener before_request_listener2(listener_message,
+                                                        false);
+
+  // Wait until all remote Javascript files have been pulled down.
+  ui_test_utils::NavigateToURLWithDisposition(
+      browser(), extension_test_url, WindowOpenDisposition::CURRENT_TAB,
+      ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
+
+  // The server saw a request for the remote Javascript file.
+  EXPECT_TRUE(BrowsedTo(example2_com));
+
+  // The request was hidden from the extension.
+  EXPECT_FALSE(before_request_listener2.was_satisfied());
+}
+
+// Tests that the webRequest events aren't dispatched when the URL of the
+// request is protected by policy.
+IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy,
+                       UrlProtectedByPolicy) {
+  // Host protected by policy.
+  const std::string protected_domain = "example.com";
+
+  {
+    ExtensionManagementPolicyUpdater pref(&policy_provider_);
+    pref.AddRuntimeBlockedHost("*", "*://" + protected_domain);
+  }
+
+  ASSERT_TRUE(StartEmbeddedTestServer());
+
+  LoadExtension(test_data_dir_.AppendASCII("webrequest/policy_blocked"));
+
+  // Listen in case extension sees the requst.
+  ExtensionTestMessageListener before_request_listener("protected_url", false);
+
+  // Path to resolve during test navigations.
+  const std::string test_path = "/defaultresponse?protected_url";
+
+  // Navigate to the protected domain and wait until page fully loads.
+  ui_test_utils::NavigateToURLWithDisposition(
+      browser(), embedded_test_server()->GetURL(protected_domain, test_path),
+      WindowOpenDisposition::CURRENT_TAB,
+      ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
+
+  // The server saw a request for the protected site.
+  EXPECT_TRUE(BrowsedTo(protected_domain));
+
+  // The request was hidden from the extension.
+  EXPECT_FALSE(before_request_listener.was_satisfied());
+
+  // Host not protected by policy.
+  const std::string unprotected_domain = "notblockedexample.com";
+
+  // Now we'll test browsing to a non-protected website where we expect the
+  // extension to see the request.
+  ui_test_utils::NavigateToURLWithDisposition(
+      browser(), embedded_test_server()->GetURL(unprotected_domain, test_path),
+      WindowOpenDisposition::CURRENT_TAB,
+      ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
+
+  // The server saw a request for the non-protected site.
+  EXPECT_TRUE(BrowsedTo(unprotected_domain));
+
+  // The request was visible from the extension.
+  EXPECT_TRUE(before_request_listener.was_satisfied());
+}
+
+// Test that no webRequest events are seen for a protected host during normal
+// navigation. This replicates most of the tests from
+// WebRequestWithWithheldPermissions with a protected host. Granting a tab
+// specific permission shouldn't bypass our policy.
+IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy,
+                       WebRequestProtectedByPolicy) {
+  FeatureSwitch::ScopedOverride enable_scripts_require_action(
+      FeatureSwitch::scripts_require_action(), true);
+
+  // Host protected by policy.
+  const std::string protected_domain = "example.com";
+
+  {
+    ExtensionManagementPolicyUpdater pref(&policy_provider_);
+    pref.AddRuntimeBlockedHost("*", "*://" + protected_domain);
+  }
+
+  ASSERT_TRUE(StartEmbeddedTestServer());
+
+  ExtensionTestMessageListener listener("ready", false);
+  const Extension* extension =
+      LoadExtension(test_data_dir_.AppendASCII("webrequest_activetab"));
+  ASSERT_TRUE(extension) << message_;
+  EXPECT_TRUE(listener.WaitUntilSatisfied());
+
+  // Navigate the browser to a page in a new tab.
+  GURL url = embedded_test_server()->GetURL(protected_domain, "/empty.html");
+  chrome::NavigateParams params(browser(), url, ui::PAGE_TRANSITION_LINK);
+  params.disposition = WindowOpenDisposition::NEW_FOREGROUND_TAB;
+  ui_test_utils::NavigateToURL(&params);
+
+  content::WebContents* web_contents =
+      browser()->tab_strip_model()->GetActiveWebContents();
+  ASSERT_TRUE(web_contents);
+  ExtensionActionRunner* runner =
+      ExtensionActionRunner::GetForWebContents(web_contents);
+  ASSERT_TRUE(runner);
+
+  int port = embedded_test_server()->port();
+  const std::string kXhrPath = "simple.html";
+
+  // The extension shouldn't have currently received any webRequest events,
+  // since it doesn't have permission (and shouldn't receive any from an XHR).
+  EXPECT_EQ(0, GetWebRequestCountFromBackgroundPage(extension, profile()));
+  PerformXhrInFrame(web_contents->GetMainFrame(), protected_domain, port,
+                    kXhrPath);
+  EXPECT_EQ(0, GetWebRequestCountFromBackgroundPage(extension, profile()));
+
+  // Grant activeTab permission, and perform another XHR. The extension should
+  // still be blocked due to ExtensionSettings policy on example.com.
+  // Only records ACCESS_WITHHELD, not ACCESS_DENIED, this is why it matches
+  // BLOCKED_ACTION_NONE.
+  EXPECT_EQ(BLOCKED_ACTION_NONE, runner->GetBlockedActions(extension));
+  runner->set_default_bubble_close_action_for_testing(
+      base::WrapUnique(new ToolbarActionsBarBubbleDelegate::CloseAction(
+          ToolbarActionsBarBubbleDelegate::CLOSE_EXECUTE)));
+  runner->RunAction(extension, true);
+  base::RunLoop().RunUntilIdle();
+  EXPECT_TRUE(content::WaitForLoadStop(web_contents));
+  EXPECT_EQ(BLOCKED_ACTION_NONE, runner->GetBlockedActions(extension));
+  int xhr_count = GetWebRequestCountFromBackgroundPage(extension, profile());
+  // ... which means that we should have a non-zero xhr count if the policy
+  // didn't block the events.
+  EXPECT_EQ(0, xhr_count);
+  // And the extension should also block future events.
+  PerformXhrInFrame(web_contents->GetMainFrame(), protected_domain, port,
+                    kXhrPath);
+  EXPECT_EQ(0, GetWebRequestCountFromBackgroundPage(extension, profile()));
+}
+
 }  // namespace extensions