Index: third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp |
diff --git a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp |
index b5ec7f27f8ddf8509d098935c6270b73e3e66e49..832997bef2d8d8b1d2a7bbf26e93fe3ef867e53e 100644 |
--- a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp |
+++ b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp |
@@ -34,60 +34,25 @@ const char* kInvalidPolicies[] = { |
"{\"Whitelist\": \"Not a JSON array\"}", |
"{\"feature1\": [\"*\"], \"feature2\": \"Not an array\"}"}; |
-// This is an example of a feature which should be enabled by default in all |
-// frames. |
-const FeaturePolicy::Feature kDefaultOnFeature{ |
- "default-on", FeaturePolicy::FeatureDefault::EnableForAll}; |
- |
-// This is an example of a feature which should be enabled in top-level frames, |
-// and same-origin child-frames, but must be delegated to all cross-origin |
-// frames explicitly. |
-const FeaturePolicy::Feature kDefaultSelfFeature{ |
- "default-self", FeaturePolicy::FeatureDefault::EnableForSelf}; |
- |
-// This is an example of a feature which should be disabled by default, both in |
-// top-level and nested frames. |
-const FeaturePolicy::Feature kDefaultOffFeature{ |
- "default-off", FeaturePolicy::FeatureDefault::DisableForAll}; |
- |
} // namespace |
class FeaturePolicyTest : public ::testing::Test { |
protected: |
- FeaturePolicyTest() |
- : m_frameworkWasEnabled(RuntimeEnabledFeatures::featurePolicyEnabled()), |
- m_featureList( |
- {&kDefaultOnFeature, &kDefaultSelfFeature, &kDefaultOffFeature}) { |
- RuntimeEnabledFeatures::setFeaturePolicyEnabled(true); |
- } |
+ FeaturePolicyTest() {} |
~FeaturePolicyTest() { |
- RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled); |
- } |
- |
- std::unique_ptr<FeaturePolicy> createFromParentPolicy( |
- const FeaturePolicy* parent, |
- RefPtr<SecurityOrigin> origin) { |
- return FeaturePolicy::createFromParentPolicy(parent, origin, m_featureList); |
} |
RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A); |
RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B); |
RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C); |
- |
- private: |
- const bool m_frameworkWasEnabled; |
- |
- // Contains the list of controlled features, so that we are guaranteed to |
- // have at least one of each kind of default behaviour represented. |
- FeaturePolicy::FeatureList m_featureList; |
}; |
TEST_F(FeaturePolicyTest, ParseValidPolicy) { |
Vector<String> messages; |
for (const char* policyString : kValidPolicies) { |
messages.clear(); |
- FeaturePolicy::parseFeaturePolicy(policyString, m_originA.get(), &messages); |
+ parseFeaturePolicy(policyString, m_originA.get(), &messages); |
EXPECT_EQ(0UL, messages.size()); |
} |
} |
@@ -96,7 +61,7 @@ TEST_F(FeaturePolicyTest, ParseInvalidPolicy) { |
Vector<String> messages; |
for (const char* policyString : kInvalidPolicies) { |
messages.clear(); |
- FeaturePolicy::parseFeaturePolicy(policyString, m_originA.get(), &messages); |
+ parseFeaturePolicy(policyString, m_originA.get(), &messages); |
EXPECT_NE(0UL, messages.size()); |
} |
} |
@@ -105,691 +70,50 @@ TEST_F(FeaturePolicyTest, PolicyParsedCorrectly) { |
Vector<String> messages; |
// Empty policy. |
- WebParsedFeaturePolicy parsedPolicy = |
- FeaturePolicy::parseFeaturePolicy("{}", m_originA.get(), &messages); |
+ WebParsedFeaturePolicyHeader parsedPolicy = |
+ parseFeaturePolicy("{}", m_originA.get(), &messages); |
EXPECT_EQ(0UL, parsedPolicy.size()); |
// Simple policy with "self". |
- parsedPolicy = FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\"]}", m_originA.get(), &messages); |
+ parsedPolicy = parseFeaturePolicy("{\"default-self\": [\"self\"]}", |
+ m_originA.get(), &messages); |
EXPECT_EQ(1UL, parsedPolicy.size()); |
EXPECT_EQ("default-self", parsedPolicy[0].featureName); |
- EXPECT_FALSE(parsedPolicy[0].matchesAllOrigins); |
- EXPECT_EQ(1UL, parsedPolicy[0].origins.size()); |
+ EXPECT_FALSE(parsedPolicy[0].whitelist.matchesAllOrigins); |
+ EXPECT_EQ(1UL, parsedPolicy[0].whitelist.origins.size()); |
EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin( |
- parsedPolicy[0].origins[0].get())); |
+ parsedPolicy[0].whitelist.origins[0].get())); |
// Simple policy with *. |
- parsedPolicy = FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"*\"]}", m_originA.get(), &messages); |
+ parsedPolicy = parseFeaturePolicy("{\"default-self\": [\"*\"]}", |
+ m_originA.get(), &messages); |
EXPECT_EQ(1UL, parsedPolicy.size()); |
EXPECT_EQ("default-self", parsedPolicy[0].featureName); |
- EXPECT_TRUE(parsedPolicy[0].matchesAllOrigins); |
- EXPECT_EQ(0UL, parsedPolicy[0].origins.size()); |
+ EXPECT_TRUE(parsedPolicy[0].whitelist.matchesAllOrigins); |
+ EXPECT_EQ(0UL, parsedPolicy[0].whitelist.origins.size()); |
// Complicated policy. |
- parsedPolicy = FeaturePolicy::parseFeaturePolicy( |
+ parsedPolicy = parseFeaturePolicy( |
"{\"default-self\": [\"*\"], " |
"\"default-on\": [\"https://example.net\", \"https://example.org\"], " |
"\"default-off\": [\"self\"]}", |
m_originA.get(), &messages); |
EXPECT_EQ(3UL, parsedPolicy.size()); |
EXPECT_EQ("default-self", parsedPolicy[0].featureName); |
- EXPECT_TRUE(parsedPolicy[0].matchesAllOrigins); |
- EXPECT_EQ(0UL, parsedPolicy[0].origins.size()); |
+ EXPECT_TRUE(parsedPolicy[0].whitelist.matchesAllOrigins); |
+ EXPECT_EQ(0UL, parsedPolicy[0].whitelist.origins.size()); |
EXPECT_EQ("default-on", parsedPolicy[1].featureName); |
- EXPECT_FALSE(parsedPolicy[1].matchesAllOrigins); |
- EXPECT_EQ(2UL, parsedPolicy[1].origins.size()); |
+ EXPECT_FALSE(parsedPolicy[1].whitelist.matchesAllOrigins); |
+ EXPECT_EQ(2UL, parsedPolicy[1].whitelist.origins.size()); |
EXPECT_TRUE(m_originB->isSameSchemeHostPortAndSuborigin( |
- parsedPolicy[1].origins[0].get())); |
+ parsedPolicy[1].whitelist.origins[0].get())); |
EXPECT_TRUE(m_originC->isSameSchemeHostPortAndSuborigin( |
- parsedPolicy[1].origins[1].get())); |
+ parsedPolicy[1].whitelist.origins[1].get())); |
EXPECT_EQ("default-off", parsedPolicy[2].featureName); |
- EXPECT_FALSE(parsedPolicy[2].matchesAllOrigins); |
- EXPECT_EQ(1UL, parsedPolicy[2].origins.size()); |
+ EXPECT_FALSE(parsedPolicy[2].whitelist.matchesAllOrigins); |
+ EXPECT_EQ(1UL, parsedPolicy[2].whitelist.origins.size()); |
EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin( |
- parsedPolicy[2].origins[0].get())); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestInitialPolicy) { |
- // +-------------+ |
- // |(1)Origin A | |
- // |No Policy | |
- // +-------------+ |
- // Default-on and top-level-only features should be enabled in top-level |
- // frame. Default-off features should be disabled. |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestInitialSameOriginChildPolicy) { |
- // +-----------------+ |
- // |(1)Origin A | |
- // |No Policy | |
- // | +-------------+ | |
- // | |(2)Origin A | | |
- // | |No Policy | | |
- // | +-------------+ | |
- // +-----------------+ |
- // Default-on and Default-self features should be enabled in a same-origin |
- // child frame. Default-off features should be disabled. |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originA); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestInitialCrossOriginChildPolicy) { |
- // +-----------------+ |
- // |(1)Origin A | |
- // |No Policy | |
- // | +-------------+ | |
- // | |(2)Origin B | | |
- // | |No Policy | | |
- // | +-------------+ | |
- // +-----------------+ |
- // Default-on features should be enabled in child frame. Default-self and |
- // Default-off features should be disabled. |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestCrossOriginChildCannotEnableFeature) { |
- // +---------------------------------------+ |
- // |(1) Origin A | |
- // |No Policy | |
- // | +-----------------------------------+ | |
- // | |(2) Origin B | | |
- // | |Policy: {"default-self": ["self"]} | | |
- // | +-----------------------------------+ | |
- // +---------------------------------------+ |
- // Default-self feature should be disabled in cross origin frame, even if no |
- // policy was specified in the parent frame. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\"]}", m_originB.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) { |
- // +------------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["self"]} | |
- // | +-----------------+ +-----------------+ | |
- // | |(2) Origin A | |(4) Origin B | | |
- // | |No Policy | |No Policy | | |
- // | | +-------------+ | | +-------------+ | | |
- // | | |(3)Origin A | | | |(5)Origin B | | | |
- // | | |No Policy | | | |No Policy | | | |
- // | | +-------------+ | | +-------------+ | | |
- // | +-----------------+ +-----------------+ | |
- // +------------------------------------------+ |
- // Feature should be enabled at the top-level, and through the chain of |
- // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as |
- // they are at a different origin. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originA); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originA); |
- std::unique_ptr<FeaturePolicy> policy4 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy5 = |
- createFromParentPolicy(policy4.get(), m_originB); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy5->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestReflexiveFrameSelfInheritance) { |
- // +-----------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["self"]} | |
- // | +-----------------+ | |
- // | |(2) Origin B | | |
- // | |No Policy | | |
- // | | +-------------+ | | |
- // | | |(3)Origin A | | | |
- // | | |No Policy | | | |
- // | | +-------------+ | | |
- // | +-----------------+ | |
- // +-----------------------------------+ |
- // Feature which is enabled at top-level should be disabled in frame 3, as |
- // it is embedded by frame 2, for which the feature is not enabled. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originA); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) { |
- // +------------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["Origin B"]} | |
- // | +-----------------+ +-----------------+ | |
- // | |(2) Origin B | |(3) Origin C | | |
- // | |No Policy | |No Policy | | |
- // | | | | +-------------+ | | |
- // | | | | |(4)Origin B | | | |
- // | | | | |No Policy | | | |
- // | | | | +-------------+ | | |
- // | +-----------------+ +-----------------+ | |
- // +------------------------------------------+ |
- // Feature should be enabled in second level Origin B frame, but disabled in |
- // Frame 4, because it is embedded by frame 3, where the feature is not |
- // enabled. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy1.get(), m_originC); |
- std::unique_ptr<FeaturePolicy> policy4 = |
- createFromParentPolicy(policy3.get(), m_originB); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) { |
- // +----------------------------+ |
- // |(1)Origin A | |
- // |Policy: {"default-on": []} | |
- // +----------------------------+ |
- // Default-on feature should be disabled in top-level frame. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-on\": []}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) { |
- // +----------------------------+ |
- // |(1)Origin A | |
- // |Policy: {"default-on": []} | |
- // | +-------------+ | |
- // | |(2)Origin A | | |
- // | |No Policy | | |
- // | +-------------+ | |
- // +----------------------------+ |
- // Feature should be disabled in child frame. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-on\": []}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originA); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) { |
- // +--------------------------------+ |
- // |(1)Origin A | |
- // |No Policy | |
- // | +----------------------------+ | |
- // | |(2)Origin B | | |
- // | |Policy: {"default-on": []} | | |
- // | +----------------------------+ | |
- // +--------------------------------+ |
- // Default-on feature should be disabled by cross-origin child frame. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-on\": []}", m_originB.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) { |
- // +--------------------------------------+ |
- // |(1)Origin A | |
- // |No Policy | |
- // | +----------------------------------+ | |
- // | |(2)Origin B | | |
- // | |Policy: {"default-on": ["self"]} | | |
- // | | +-------------+ | | |
- // | | |(3)Origin C | | | |
- // | | |No Policy | | | |
- // | | +-------------+ | | |
- // | +----------------------------------+ | |
- // +--------------------------------------+ |
- // Default-on feature should be enabled in frames 1 and 2; disabled in frame |
- // 3 by child frame policy. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-on\": [\"self\"]}", m_originB.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) { |
- // +----------------------------+ |
- // |(1)Origin A | |
- // |Policy: {"default-on": []} | |
- // | +-------------+ | |
- // | |(2)Origin B | | |
- // | |No Policy | | |
- // | +-------------+ | |
- // +----------------------------+ |
- // Default-on feature should be disabled in cross-origin child frame. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-on\": []}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) { |
- // +--------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["*"]} | |
- // | +-----------------+ | |
- // | |(2) Origin B | | |
- // | |No Policy | | |
- // | | +-------------+ | | |
- // | | |(3)Origin A | | | |
- // | | |No Policy | | | |
- // | | +-------------+ | | |
- // | +-----------------+ | |
- // +--------------------------------+ |
- // Feature should be enabled in top and second level; disabled in frame 3. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"*\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originA); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) { |
- // +---------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-on": ["Origin B"]} | |
- // | +-----------------------------------+ | |
- // | |(2) Origin B | | |
- // | |No Policy | | |
- // | | +-------------+ +-------------+ | | |
- // | | |(3)Origin B | |(4)Origin C | | | |
- // | | |No Policy | |No Policy | | | |
- // | | +-------------+ +-------------+ | | |
- // | +-----------------------------------+ | |
- // +---------------------------------------+ |
- // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-on\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy4 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy4->isFeatureEnabled(kDefaultOnFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) { |
- // +---------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["Origin B"]} | |
- // | +-----------------------------------+ | |
- // | |(2) Origin B | | |
- // | |No Policy | | |
- // | | +-------------+ +-------------+ | | |
- // | | |(3)Origin B | |(4)Origin C | | | |
- // | | |No Policy | |No Policy | | | |
- // | | +-------------+ +-------------+ | | |
- // | +-----------------------------------+ | |
- // +---------------------------------------+ |
- // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy4 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) { |
- // +------------------------------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-off": ["Origin B"]} | |
- // | +--------------------------------------------------------+ | |
- // | |(2) Origin B | | |
- // | |Policy: {"default-off": ["self"]} | | |
- // | | +-------------+ +----------------------------------+ | | |
- // | | |(3)Origin B | |(4)Origin C | | | |
- // | | |No Policy | |Policy: {"default-off": ["self"]} | | | |
- // | | +-------------+ +----------------------------------+ | | |
- // | +--------------------------------------------------------+ | |
- // +------------------------------------------------------------+ |
- // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-off\": [\"self\"]}", m_originB.get(), &messages)); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy4 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- policy4->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-off\": [\"self\"]}", m_originC.get(), &messages)); |
- EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOffFeature)); |
- EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOffFeature)); |
- EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOffFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) { |
- // +------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["*"]} | |
- // | +--------------------------------+ | |
- // | |(2) Origin B | | |
- // | |Policy: {"default-self": ["*"]} | | |
- // | | +-------------+ | | |
- // | | |(3)Origin A | | | |
- // | | |No Policy | | | |
- // | | +-------------+ | | |
- // | +--------------------------------+ | |
- // +------------------------------------+ |
- // Feature should be enabled in all frames. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"*\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"*\"]}", m_originB.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originA); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) { |
- // +--------------------------------------+ |
- // |(1)Origin A | |
- // |Policy: {"default-self": ["self"]} | |
- // | +----------------------------------+ | |
- // | |(2)Origin B | | |
- // | |Policy: {"default-self": ["*"]} | | |
- // | | +-------------+ +-------------+ | | |
- // | | |(3)Origin A | |(4)Origin C | | | |
- // | | |No Policy | |No Policy | | | |
- // | | +-------------+ +-------------+ | | |
- // | +----------------------------------+ | |
- // +--------------------------------------+ |
- // Feature should be enabled at the top level; disabled in all other frames. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\"]}", m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"*\"]}", m_originB.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originA); |
- std::unique_ptr<FeaturePolicy> policy4 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) { |
- // +---------------------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["self", "Origin B"]} | |
- // | +-----------------------------------------------+ | |
- // | |(2) Origin B | | |
- // | |Policy: {"default-self": ["self", "Origin C"]} | | |
- // | | +-------------+ | | |
- // | | |(3)Origin C | | | |
- // | | |No Policy | | | |
- // | | +-------------+ | | |
- // | +-----------------------------------------------+ | |
- // +---------------------------------------------------+ |
- // Feature should be enabled in all frames. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), |
- &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\", \"" ORIGIN_C "\"]}", m_originB.get(), |
- &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) { |
- // +-----------------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-on": ["self", "Origin B"]} | |
- // | +--------------------+ +--------------------+ | |
- // | |(2) Origin B | | (4) Origin C | | |
- // | |No Policy | | No Policy | | |
- // | | +-------------+ | | | | |
- // | | |(3)Origin C | | | | | |
- // | | |No Policy | | | | | |
- // | | +-------------+ | | | | |
- // | +--------------------+ +--------------------+ | |
- // +-----------------------------------------------+ |
- // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-on\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), |
- &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- std::unique_ptr<FeaturePolicy> policy4 = |
- createFromParentPolicy(policy1.get(), m_originC); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOnFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) { |
- // +-----------------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["self", "Origin B"]} | |
- // | +--------------------+ +--------------------+ | |
- // | |(2) Origin B | | (4) Origin C | | |
- // | |No Policy | | No Policy | | |
- // | | +-------------+ | | | | |
- // | | |(3)Origin C | | | | | |
- // | | |No Policy | | | | | |
- // | | +-------------+ | | | | |
- // | +--------------------+ +--------------------+ | |
- // +-----------------------------------------------+ |
- // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and |
- // 4. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), |
- &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- std::unique_ptr<FeaturePolicy> policy4 = |
- createFromParentPolicy(policy1.get(), m_originC); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestFeaturesAreIndependent) { |
- // +-----------------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-self": ["self", "Origin B"], | |
- // | "default-on": ["self"]} | |
- // | +-------------------------------------------+ | |
- // | |(2) Origin B | | |
- // | |Policy: {"default-self": ["*"], | | |
- // | | "default-on": ["*"]} | | |
- // | | +-------------+ | | |
- // | | |(3)Origin C | | | |
- // | | |No Policy | | | |
- // | | +-------------+ | | |
- // | +-------------------------------------------+ | |
- // +-----------------------------------------------+ |
- // Default-self feature should be enabled in all frames; Default-on feature |
- // should be enabled in frame 1, and disabled in frames 2 and 3. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"self\", \"" ORIGIN_B |
- "\"], \"default-on\": [\"self\"]}", |
- m_originA.get(), &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy2 = |
- createFromParentPolicy(policy1.get(), m_originB); |
- policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-self\": [\"*\"], \"default-on\": [\"*\"]}", m_originB.get(), |
- &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- std::unique_ptr<FeaturePolicy> policy3 = |
- createFromParentPolicy(policy2.get(), m_originC); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature)); |
- EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); |
- EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature)); |
-} |
- |
-TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) { |
- // +-----------------------------------------------+ |
- // |(1) Origin A | |
- // |Policy: {"default-off": ["self", "Origin B"]} | |
- // +-----------------------------------------------+ |
- // Features should be enabled by the policy in frame 1 for origins A and B, |
- // and disabled for origin C. |
- Vector<String> messages; |
- std::unique_ptr<FeaturePolicy> policy1 = |
- createFromParentPolicy(nullptr, m_originA); |
- policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( |
- "{\"default-off\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), |
- &messages)); |
- EXPECT_EQ(0UL, messages.size()); |
- EXPECT_TRUE( |
- policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); |
- EXPECT_TRUE( |
- policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); |
- EXPECT_FALSE( |
- policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); |
+ parsedPolicy[2].whitelist.origins[0].get())); |
} |
} // namespace blink |