OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/macros.h" | 5 #include "base/macros.h" |
6 #include "chrome/common/extensions/manifest_tests/chrome_manifest_test.h" | 6 #include "chrome/common/extensions/manifest_tests/chrome_manifest_test.h" |
7 #include "extensions/common/manifest_constants.h" | 7 #include "extensions/common/manifest_constants.h" |
8 #include "extensions/common/manifest_handlers/csp_info.h" | 8 #include "extensions/common/manifest_handlers/csp_info.h" |
9 #include "testing/gtest/include/gtest/gtest.h" | 9 #include "testing/gtest/include/gtest/gtest.h" |
10 | 10 |
(...skipping 19 matching lines...) Expand all Loading... |
30 | 30 |
31 // Sandboxed pages specified with wildcard, no custom CSP value. | 31 // Sandboxed pages specified with wildcard, no custom CSP value. |
32 scoped_refptr<Extension> extension4( | 32 scoped_refptr<Extension> extension4( |
33 LoadAndExpectSuccess("sandboxed_pages_valid_4.json")); | 33 LoadAndExpectSuccess("sandboxed_pages_valid_4.json")); |
34 | 34 |
35 // Sandboxed pages specified with filename wildcard, no custom CSP value. | 35 // Sandboxed pages specified with filename wildcard, no custom CSP value. |
36 scoped_refptr<Extension> extension5( | 36 scoped_refptr<Extension> extension5( |
37 LoadAndExpectSuccess("sandboxed_pages_valid_5.json")); | 37 LoadAndExpectSuccess("sandboxed_pages_valid_5.json")); |
38 | 38 |
39 const char kSandboxedCSP[] = | 39 const char kSandboxedCSP[] = |
40 "sandbox allow-scripts allow-forms allow-popups allow-modals"; | 40 "sandbox allow-scripts allow-forms allow-popups allow-modals; " |
| 41 "script-src 'self' 'unsafe-inline' 'unsafe-eval'; child-src 'self';"; |
41 const char kDefaultCSP[] = | 42 const char kDefaultCSP[] = |
42 "script-src 'self' blob: filesystem: chrome-extension-resource:; " | 43 "script-src 'self' blob: filesystem: chrome-extension-resource:; " |
43 "object-src 'self' blob: filesystem:;"; | 44 "object-src 'self' blob: filesystem:;"; |
44 const char kCustomSandboxedCSP[] = | 45 const char kCustomSandboxedCSP[] = |
45 "sandbox; script-src: https://www.google.com"; | 46 "sandbox; script-src 'self'; child-src 'self';"; |
46 | 47 |
47 EXPECT_EQ( | 48 EXPECT_EQ( |
48 kSandboxedCSP, | 49 kSandboxedCSP, |
49 CSPInfo::GetResourceContentSecurityPolicy(extension1.get(), "/test")); | 50 CSPInfo::GetResourceContentSecurityPolicy(extension1.get(), "/test")); |
50 EXPECT_EQ( | 51 EXPECT_EQ( |
51 kDefaultCSP, | 52 kDefaultCSP, |
52 CSPInfo::GetResourceContentSecurityPolicy(extension1.get(), "/none")); | 53 CSPInfo::GetResourceContentSecurityPolicy(extension1.get(), "/none")); |
53 EXPECT_EQ( | 54 EXPECT_EQ( |
54 kDefaultCSP, | 55 kDefaultCSP, |
55 CSPInfo::GetResourceContentSecurityPolicy(extension2.get(), "/test")); | 56 CSPInfo::GetResourceContentSecurityPolicy(extension2.get(), "/test")); |
(...skipping 23 matching lines...) Expand all Loading... |
79 Testcase("sandboxed_pages_invalid_4.json", | 80 Testcase("sandboxed_pages_invalid_4.json", |
80 errors::kInvalidSandboxedPagesCSP), | 81 errors::kInvalidSandboxedPagesCSP), |
81 Testcase("sandboxed_pages_invalid_5.json", | 82 Testcase("sandboxed_pages_invalid_5.json", |
82 errors::kInvalidSandboxedPagesCSP) | 83 errors::kInvalidSandboxedPagesCSP) |
83 }; | 84 }; |
84 RunTestcases(testcases, arraysize(testcases), | 85 RunTestcases(testcases, arraysize(testcases), |
85 EXPECT_TYPE_ERROR); | 86 EXPECT_TYPE_ERROR); |
86 } | 87 } |
87 | 88 |
88 } // namespace extensions | 89 } // namespace extensions |
OLD | NEW |