[Mojo-Loading] Implement "Site Isolation Stats Gathering" feature

content/child/site_isolation_stats_gatherer_browsertest.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/command_line.h"
 #include "base/macros.h"
 #include "base/strings/pattern.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/test/histogram_tester.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/resource_type.h"
 #include "content/public/test/browser_test_utils.h"
 #include "content/public/test/content_browser_test.h"
 #include "content/public/test/content_browser_test_utils.h"
 #include "content/shell/browser/shell.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
 #include "testing/gmock/include/gmock/gmock.h"
 
 namespace content {
 
 // These tests simulate exploited renderer processes, which can fetch arbitrary
 // resources from other websites, not constrained by the Same Origin Policy.  We
 // are trying to verify that the renderer cannot fetch any cross-site document
 // responses even when the Same Origin Policy is turned off inside the renderer.
-class SiteIsolationStatsGathererBrowserTest : public ContentBrowserTest {
+class SiteIsolationStatsGathererBrowserTest
+    : public ContentBrowserTest,
+      public testing::WithParamInterface<bool> {
  public:
   SiteIsolationStatsGathererBrowserTest() {}
   ~SiteIsolationStatsGathererBrowserTest() override {}
 
   void SetUpCommandLine(base::CommandLine* command_line) override {
     // EmbeddedTestServer::InitializeAndListen() initializes its |base_url_|
     // which is required below. This cannot invoke Start() however as that kicks
     // off the "EmbeddedTestServer IO Thread" which then races with
     // initialization in ContentBrowserTest::SetUp(), http://crbug.com/674545.
     ASSERT_TRUE(embedded_test_server()->InitializeAndListen());
 
     // Add a host resolver rule to map all outgoing requests to the test server.
     // This allows us to use "real" hostnames in URLs, which we can use to
     // create arbitrary SiteInstances.
     command_line->AppendSwitchASCII(
         switches::kHostResolverRules,
         "MAP * " + embedded_test_server()->host_port_pair().ToString() +
             ",EXCLUDE localhost");
 
     // Since we assume exploited renderer process, it can bypass the same origin
     // policy at will. Simulate that by passing the disable-web-security flag.
     command_line->AppendSwitch(switches::kDisableWebSecurity);
+
+    if (GetParam()) {
+      command_line->AppendSwitchASCII("--enable-blink-features",
+                                      "LoadingWithMojo");
+    }
   }
 
   void SetUpOnMainThread() override {
     // Complete the manual Start() after ContentBrowserTest's own
     // initialization, ref. comment on InitializeAndListen() above.
     embedded_test_server()->StartAcceptingConnections();
   }
 
   void InspectHistograms(const base::HistogramTester& histograms,
                          bool should_be_blocked,
@@ skipping 58 matching lines @@
           histograms.GetAllSamples(base + ".Blocked.RenderableStatusCode2"),
           testing::ElementsAre(base::Bucket(RESOURCE_TYPE_XHR, 1)))
           << "The wrong RenderableStatusCode2 bucket was incremented.";
     }
   }
 
  private:
   DISALLOW_COPY_AND_ASSIGN(SiteIsolationStatsGathererBrowserTest);
 };
 
-IN_PROC_BROWSER_TEST_F(SiteIsolationStatsGathererBrowserTest,
+IN_PROC_BROWSER_TEST_P(SiteIsolationStatsGathererBrowserTest,
                        CrossSiteDocumentBlockingForMimeType) {
   // Load a page that issues illegal cross-site document requests to bar.com.
   // The page uses XHR to request HTML/XML/JSON documents from bar.com, and
   // inspects if any of them were successfully received. Currently, on illegal
   // access, the XHR requests should succeed, but the UMA histograms should
   // record that they would have been blocked. This test is only possible since
   // we run the browser without the same origin policy.
   GURL foo("http://foo.com/cross_site_document_request.html");
 
   NavigateToURL(shell(), foo);
@@ skipping 48 matching lines @@
     bool was_blocked;
     ASSERT_TRUE(ExecuteScriptAndExtractBool(
         shell(), base::StringPrintf("sendRequest(\"%s\");", resource),
         &was_blocked));
     ASSERT_FALSE(was_blocked);
 
     InspectHistograms(histograms, false, resource);
   }
 }
 
-IN_PROC_BROWSER_TEST_F(SiteIsolationStatsGathererBrowserTest,
+IN_PROC_BROWSER_TEST_P(SiteIsolationStatsGathererBrowserTest,
                        CrossSiteDocumentBlockingForDifferentTargets) {
   // This webpage loads a cross-site HTML page in different targets such as
   // <img>,<link>,<embed>, etc. Since the requested document is blocked, and one
   // character string (' ') is returned instead, this tests that the renderer
   // does not crash even when it receives a response body which is " ", whose
   // length is different from what's described in "content-length" for such
   // different targets.
 
   // TODO(nick): Split up these cases, and add positive assertions here about
   // what actually happens in these various resource-block cases.
   GURL foo("http://foo.com/cross_site_document_request_target.html");
   NavigateToURL(shell(), foo);
 }
 
+INSTANTIATE_TEST_CASE_P(SiteIsolationStatsGathererBrowserTest,
+                        SiteIsolationStatsGathererBrowserTest,
+                        ::testing::Values(false, true));
+
 }  // namespace content