| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/command_line.h" | 5 #include "base/command_line.h" |
| 6 #include "base/macros.h" | 6 #include "base/macros.h" |
| 7 #include "base/strings/pattern.h" | 7 #include "base/strings/pattern.h" |
| 8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
| 9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
| 10 #include "base/test/histogram_tester.h" | 10 #include "base/test/histogram_tester.h" |
| (...skipping 11 matching lines...) Expand all Loading... |
| 22 // These tests simulate exploited renderer processes, which can fetch arbitrary | 22 // These tests simulate exploited renderer processes, which can fetch arbitrary |
| 23 // resources from other websites, not constrained by the Same Origin Policy. We | 23 // resources from other websites, not constrained by the Same Origin Policy. We |
| 24 // are trying to verify that the renderer cannot fetch any cross-site document | 24 // are trying to verify that the renderer cannot fetch any cross-site document |
| 25 // responses even when the Same Origin Policy is turned off inside the renderer. | 25 // responses even when the Same Origin Policy is turned off inside the renderer. |
| 26 class SiteIsolationStatsGathererBrowserTest : public ContentBrowserTest { | 26 class SiteIsolationStatsGathererBrowserTest : public ContentBrowserTest { |
| 27 public: | 27 public: |
| 28 SiteIsolationStatsGathererBrowserTest() {} | 28 SiteIsolationStatsGathererBrowserTest() {} |
| 29 ~SiteIsolationStatsGathererBrowserTest() override {} | 29 ~SiteIsolationStatsGathererBrowserTest() override {} |
| 30 | 30 |
| 31 void SetUpCommandLine(base::CommandLine* command_line) override { | 31 void SetUpCommandLine(base::CommandLine* command_line) override { |
| 32 ASSERT_TRUE(embedded_test_server()->Start()); | 32 // EmbeddedTestServer::InitializeAndListen() initializes its |base_url_| |
| 33 // which is required below. This cannot invoke Start() however as that kicks |
| 34 // off the "EmbeddedTestServer IO Thread" which then races with |
| 35 // initialization in ContentBrowserTest::SetUp(), http://crbug.com/674545. |
| 36 ASSERT_TRUE(embedded_test_server()->InitializeAndListen()); |
| 37 |
| 33 // Add a host resolver rule to map all outgoing requests to the test server. | 38 // Add a host resolver rule to map all outgoing requests to the test server. |
| 34 // This allows us to use "real" hostnames in URLs, which we can use to | 39 // This allows us to use "real" hostnames in URLs, which we can use to |
| 35 // create arbitrary SiteInstances. | 40 // create arbitrary SiteInstances. |
| 36 command_line->AppendSwitchASCII( | 41 command_line->AppendSwitchASCII( |
| 37 switches::kHostResolverRules, | 42 switches::kHostResolverRules, |
| 38 "MAP * " + embedded_test_server()->host_port_pair().ToString() + | 43 "MAP * " + embedded_test_server()->host_port_pair().ToString() + |
| 39 ",EXCLUDE localhost"); | 44 ",EXCLUDE localhost"); |
| 40 | 45 |
| 41 // Since we assume exploited renderer process, it can bypass the same origin | 46 // Since we assume exploited renderer process, it can bypass the same origin |
| 42 // policy at will. Simulate that by passing the disable-web-security flag. | 47 // policy at will. Simulate that by passing the disable-web-security flag. |
| 43 command_line->AppendSwitch(switches::kDisableWebSecurity); | 48 command_line->AppendSwitch(switches::kDisableWebSecurity); |
| 44 } | 49 } |
| 45 | 50 |
| 51 void SetUpOnMainThread() override { |
| 52 // Complete the manual Start() after ContentBrowserTest's own |
| 53 // initialization, ref. comment on InitializeAndListen() above. |
| 54 embedded_test_server()->StartAcceptingConnections(); |
| 55 } |
| 56 |
| 46 void InspectHistograms(const base::HistogramTester& histograms, | 57 void InspectHistograms(const base::HistogramTester& histograms, |
| 47 bool should_be_blocked, | 58 bool should_be_blocked, |
| 48 const std::string& resource_name) { | 59 const std::string& resource_name) { |
| 49 std::string bucket; | 60 std::string bucket; |
| 50 int mime_type = 0; // Hardcoded because histogram enums mustn't change. | 61 int mime_type = 0; // Hardcoded because histogram enums mustn't change. |
| 51 if (base::MatchPattern(resource_name, "*.html")) { | 62 if (base::MatchPattern(resource_name, "*.html")) { |
| 52 bucket = "HTML"; | 63 bucket = "HTML"; |
| 53 mime_type = 0; | 64 mime_type = 0; |
| 54 } else if (base::MatchPattern(resource_name, "*.xml")) { | 65 } else if (base::MatchPattern(resource_name, "*.xml")) { |
| 55 bucket = "XML"; | 66 bucket = "XML"; |
| (...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 191 // length is different from what's described in "content-length" for such | 202 // length is different from what's described in "content-length" for such |
| 192 // different targets. | 203 // different targets. |
| 193 | 204 |
| 194 // TODO(nick): Split up these cases, and add positive assertions here about | 205 // TODO(nick): Split up these cases, and add positive assertions here about |
| 195 // what actually happens in these various resource-block cases. | 206 // what actually happens in these various resource-block cases. |
| 196 GURL foo("http://foo.com/cross_site_document_request_target.html"); | 207 GURL foo("http://foo.com/cross_site_document_request_target.html"); |
| 197 NavigateToURL(shell(), foo); | 208 NavigateToURL(shell(), foo); |
| 198 } | 209 } |
| 199 | 210 |
| 200 } // namespace content | 211 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2630843002:
Fix race in SecurityExploitBrowserTest and SiteIsolationStatsGathererBrowserTest (Closed)
