Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(84)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp

Issue 2655023004: Feature policy: Add basic algorithm for supporting frame policies. (Closed)
Patch Set: Addressing review comments Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "platform/feature_policy/FeaturePolicy.h" 5 #include "platform/feature_policy/FeaturePolicy.h"
6 6
7 #include "platform/RuntimeEnabledFeatures.h" 7 #include "platform/RuntimeEnabledFeatures.h"
8 #include "testing/gtest/include/gtest/gtest.h" 8 #include "testing/gtest/include/gtest/gtest.h"
9 9
10 // Origin strings used for tests 10 // Origin strings used for tests
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after
61 RuntimeEnabledFeatures::setFeaturePolicyEnabled(true); 61 RuntimeEnabledFeatures::setFeaturePolicyEnabled(true);
62 } 62 }
63 63
64 ~FeaturePolicyTest() { 64 ~FeaturePolicyTest() {
65 RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled); 65 RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled);
66 } 66 }
67 67
68 std::unique_ptr<FeaturePolicy> createFromParentPolicy( 68 std::unique_ptr<FeaturePolicy> createFromParentPolicy(
69 const FeaturePolicy* parent, 69 const FeaturePolicy* parent,
70 RefPtr<SecurityOrigin> origin) { 70 RefPtr<SecurityOrigin> origin) {
71 return FeaturePolicy::createFromParentPolicy(parent, origin, m_featureList); 71 return FeaturePolicy::createFromParentPolicy(parent, nullptr, origin,
72 m_featureList);
73 }
74
75 std::unique_ptr<FeaturePolicy> createFromParentWithFramePolicy(
76 const FeaturePolicy* parent,
77 const WebParsedFeaturePolicyHeader* framePolicy,
78 RefPtr<SecurityOrigin> origin) {
79 return FeaturePolicy::createFromParentPolicy(parent, framePolicy, origin,
80 m_featureList);
72 } 81 }
73 82
74 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A); 83 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A);
75 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B); 84 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B);
76 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C); 85 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C);
77 86
78 private: 87 private:
79 const bool m_frameworkWasEnabled; 88 const bool m_frameworkWasEnabled;
80 89
81 // Contains the list of controlled features, so that we are guaranteed to 90 // Contains the list of controlled features, so that we are guaranteed to
(...skipping 703 matching lines...) Expand 10 before | Expand all | Expand 10 after
785 &messages)); 794 &messages));
786 EXPECT_EQ(0UL, messages.size()); 795 EXPECT_EQ(0UL, messages.size());
787 EXPECT_TRUE( 796 EXPECT_TRUE(
788 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); 797 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
789 EXPECT_TRUE( 798 EXPECT_TRUE(
790 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); 799 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
791 EXPECT_FALSE( 800 EXPECT_FALSE(
792 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); 801 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
793 } 802 }
794 803
804 // Test frame policies
805
806 TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) {
807 // +-------------------------------------------------+
808 // |(1)Origin A |
809 // |No Policy |
810 // | |
811 // |<iframe policy='{"default-self": ["Origin B"]}'> |
812 // | +-------------+ |
813 // | |(2)Origin B | |
814 // | |No Policy | |
815 // | +-------------+ |
816 // +-------------------------------------------------+
817 // Default-self feature should be enabled in cross-origin child frame because
818 // permission was delegated through frame policy.
819 // This is the same scenario as when the iframe is declared as
820 // <iframe allow="default-self">
821 Vector<String> messages;
822 std::unique_ptr<FeaturePolicy> policy1 =
823 createFromParentPolicy(nullptr, m_originA);
824 WebParsedFeaturePolicyHeader framePolicy = FeaturePolicy::parseFeaturePolicy(
825 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
826 EXPECT_EQ(0UL, messages.size());
827 std::unique_ptr<FeaturePolicy> policy2 =
828 createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB);
829 EXPECT_TRUE(
830 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
831 EXPECT_FALSE(
832 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
833 EXPECT_FALSE(
834 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
835 EXPECT_FALSE(
836 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
837 EXPECT_TRUE(
838 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
839 EXPECT_FALSE(
840 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
841 }
842
843 TEST_F(FeaturePolicyTest, TestAllOriginFramePolicy) {
844 // +------------------------------------------+
845 // |(1)Origin A |
846 // |No Policy |
847 // | |
848 // |<iframe policy='{"default-self": ["*"]}'> |
849 // | +-------------+ |
850 // | |(2)Origin B | |
851 // | |No Policy | |
852 // | +-------------+ |
853 // +------------------------------------------+
854 // Default-self feature should be enabled in cross-origin child frame because
855 // permission was delegated through frame policy.
856 // This is the same scenario that arises when the iframe is declared as
857 // <iframe allowfullscreen>
858 Vector<String> messages;
859 std::unique_ptr<FeaturePolicy> policy1 =
860 createFromParentPolicy(nullptr, m_originA);
861 WebParsedFeaturePolicyHeader framePolicy = FeaturePolicy::parseFeaturePolicy(
862 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages);
863 EXPECT_EQ(0UL, messages.size());
864 std::unique_ptr<FeaturePolicy> policy2 =
865 createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB);
866 EXPECT_TRUE(
867 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
868 EXPECT_FALSE(
869 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
870 EXPECT_FALSE(
871 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
872 EXPECT_FALSE(
873 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
874 EXPECT_TRUE(
875 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
876 EXPECT_FALSE(
877 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
878 }
879
880 TEST_F(FeaturePolicyTest, TestFramePolicyCanBeFurtherDelegated) {
881 // +-----------------------------------------------------+
882 // |(1)Origin A |
883 // |No Policy |
884 // | |
885 // |<iframe policy='{"default-self": ["Origin B"]}'> |
886 // | +-------------------------------------------------+ |
887 // | |(2)Origin B | |
888 // | |No Policy | |
889 // | | | |
890 // | |<iframe policy='{"default-self": ["Origin C"]}'> | |
891 // | | +-------------+ | |
892 // | | |(3)Origin C | | |
893 // | | |No Policy | | |
894 // | | +-------------+ | |
895 // | | | |
896 // | |<iframe> (No frame policy) | |
897 // | | +-------------+ | |
898 // | | |(4)Origin C | | |
899 // | | |No Policy | | |
900 // | | +-------------+ | |
901 // | +-------------------------------------------------+ |
902 // +-----------------------------------------------------+
903 // Default-self feature should be enabled in cross-origin child frames 2 and
904 // 3. Feature should be disabled in frame 4 because it was not further
905 // delegated through frame policy.
906 Vector<String> messages;
907 std::unique_ptr<FeaturePolicy> policy1 =
908 createFromParentPolicy(nullptr, m_originA);
909 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
910 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
911 EXPECT_EQ(0UL, messages.size());
912 std::unique_ptr<FeaturePolicy> policy2 =
913 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
914 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
915 "{\"default-self\": [\"" ORIGIN_C "\"]}", m_originB.get(), &messages);
916 EXPECT_EQ(0UL, messages.size());
917 std::unique_ptr<FeaturePolicy> policy3 =
918 createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC);
919 std::unique_ptr<FeaturePolicy> policy4 =
920 createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC);
921 EXPECT_FALSE(
922 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
923 EXPECT_FALSE(
924 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
925 EXPECT_TRUE(
926 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
927 EXPECT_FALSE(
928 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
929 EXPECT_FALSE(
930 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
931 EXPECT_FALSE(
932 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
933 }
934
935 TEST_F(FeaturePolicyTest, TestDefaultOnCanBeDisabledByFramePolicy) {
936 // +-------------------------------------+
937 // |(1)Origin A |
938 // |No Policy |
939 // | |
940 // |<iframe policy='{"default-on": []}'> |
941 // | +-------------+ |
942 // | |(2)Origin A | |
943 // | |No Policy | |
944 // | +-------------+ |
945 // | |
946 // |<iframe policy='{"default-on": []}'> |
947 // | +-------------+ |
948 // | |(3)Origin B | |
949 // | |No Policy | |
950 // | +-------------+ |
951 // +-------------------------------------+
952 // Default-on feature should be disabled in both same-origin and cross-origin
953 // child frames because permission was removed through frame policy.
954 Vector<String> messages;
955 std::unique_ptr<FeaturePolicy> policy1 =
956 createFromParentPolicy(nullptr, m_originA);
957 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
958 "{\"default-on\": []}", m_originA.get(), &messages);
959 EXPECT_EQ(0UL, messages.size());
960 std::unique_ptr<FeaturePolicy> policy2 =
961 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
962 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
963 "{\"default-on\": []}", m_originA.get(), &messages);
964 EXPECT_EQ(0UL, messages.size());
965 std::unique_ptr<FeaturePolicy> policy3 =
966 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
967 EXPECT_TRUE(
968 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
969 EXPECT_TRUE(
970 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
971 EXPECT_TRUE(
972 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
973 EXPECT_FALSE(
974 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
975 EXPECT_FALSE(
976 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
977 EXPECT_FALSE(
978 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
979 EXPECT_FALSE(
980 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
981 EXPECT_FALSE(
982 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
983 EXPECT_FALSE(
984 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
985 }
986
987 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeEnabledByChildFrame) {
988 // +------------------------------------------------+
989 // |(1)Origin A |
990 // |Policy: {"default-off": ["self"]} |
991 // | |
992 // |<iframe policy='{"default-off": ["Origin A"]}'> |
993 // | +-------------+ |
994 // | |(2)Origin A | |
995 // | |No Policy | |
996 // | +-------------+ |
997 // | |
998 // |<iframe policy='{"default-off": ["Origin B"]}'> |
999 // | +-------------+ |
1000 // | |(3)Origin B | |
1001 // | |No Policy | |
1002 // | +-------------+ |
1003 // +------------------------------------------------+
1004 // Default-off feature should be disabled in both same-origin and cross-origin
1005 // child frames because they did not declare their own policy to enable it.
1006 Vector<String> messages;
1007 std::unique_ptr<FeaturePolicy> policy1 =
1008 createFromParentPolicy(nullptr, m_originA);
1009 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1010 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
1011 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1012 "{\"default-off\": [\"" ORIGIN_A "\"]}", m_originA.get(), &messages);
1013 EXPECT_EQ(0UL, messages.size());
1014 std::unique_ptr<FeaturePolicy> policy2 =
1015 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
1016 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1017 "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
1018 EXPECT_EQ(0UL, messages.size());
1019 std::unique_ptr<FeaturePolicy> policy3 =
1020 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1021 EXPECT_TRUE(
1022 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1023 EXPECT_FALSE(
1024 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1025 EXPECT_FALSE(
1026 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1027 EXPECT_FALSE(
1028 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1029 EXPECT_FALSE(
1030 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1031 EXPECT_FALSE(
1032 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1033 EXPECT_FALSE(
1034 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1035 EXPECT_FALSE(
1036 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1037 EXPECT_FALSE(
1038 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1039 }
1040
1041 TEST_F(FeaturePolicyTest, TestDefaultOffCanBeEnabledByChildFrame) {
1042 // +------------------------------------------------+
1043 // |(1)Origin A |
1044 // |Policy: {"default-off": ["self"]} |
1045 // | |
1046 // |<iframe policy='{"default-off": ["Origin A"]}'> |
1047 // | +--------------------------------------------+ |
1048 // | |(2)Origin A | |
1049 // | |Policy: {"default-off": ["self"]} | |
1050 // | +--------------------------------------------+ |
1051 // | |
1052 // |<iframe policy='{"default-off": ["Origin B"]}'> |
1053 // | +--------------------------------------------+ |
1054 // | |(3)Origin B | |
1055 // | |Policy: {"default-off": ["self"]} | |
1056 // | +--------------------------------------------+ |
1057 // +------------------------------------------------+
1058 // Default-off feature should be enabled in both same-origin and cross-origin
1059 // child frames because it is delegated through the parent's frame policy, and
1060 // they declare their own policy to enable it.
1061 Vector<String> messages;
1062 std::unique_ptr<FeaturePolicy> policy1 =
1063 createFromParentPolicy(nullptr, m_originA);
1064 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1065 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
1066 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1067 "{\"default-off\": [\"" ORIGIN_A "\"]}", m_originA.get(), &messages);
1068 EXPECT_EQ(0UL, messages.size());
1069 std::unique_ptr<FeaturePolicy> policy2 =
1070 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
1071 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1072 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
1073 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1074 "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
1075 EXPECT_EQ(0UL, messages.size());
1076 std::unique_ptr<FeaturePolicy> policy3 =
1077 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1078 policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1079 "{\"default-off\": [\"self\"]}", m_originB.get(), &messages));
1080 EXPECT_TRUE(
1081 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1082 EXPECT_FALSE(
1083 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1084 EXPECT_FALSE(
1085 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1086 EXPECT_TRUE(
1087 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1088 EXPECT_FALSE(
1089 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1090 EXPECT_FALSE(
1091 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1092 EXPECT_FALSE(
1093 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1094 EXPECT_TRUE(
1095 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1096 EXPECT_FALSE(
1097 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1098 }
1099
1100 TEST_F(FeaturePolicyTest, TestFramePolicyModifiesHeaderPolicy) {
1101 // +-----------------------------------------------+
1102 // |(1)Origin A |
1103 // |Policy: {"default-self": ["self", "Origin B"]} |
1104 // | |
1105 // |<iframe policy='{"default-self": []}'> |
1106 // | +-------------------------------------------+ |
1107 // | |(2)Origin B | |
1108 // | |No Policy | |
1109 // | +-------------------------------------------+ |
1110 // | |
1111 // |<iframe policy='{"default-self": []}'> |
1112 // | +-------------------------------------------+ |
1113 // | |(3)Origin B | |
1114 // | |Policy: {"default-self": ["self"]} | |
1115 // | +-------------------------------------------+ |
1116 // +-----------------------------------------------+
1117 // Default-self feature should be disabled in both cross-origin child frames
1118 // by frame policy, even though the parent frame's header policy would
1119 // otherwise enable it. This is true regardless of the child frame's header
1120 // policy.
1121 Vector<String> messages;
1122 std::unique_ptr<FeaturePolicy> policy1 =
1123 createFromParentPolicy(nullptr, m_originA);
1124 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1125 "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
1126 &messages));
1127 EXPECT_EQ(0UL, messages.size());
1128 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1129 "{\"default-self\": []}", m_originA.get(), &messages);
1130 EXPECT_EQ(0UL, messages.size());
1131 std::unique_ptr<FeaturePolicy> policy2 =
1132 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
1133 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1134 "{\"default-self\": []}", m_originA.get(), &messages);
1135 EXPECT_EQ(0UL, messages.size());
1136 std::unique_ptr<FeaturePolicy> policy3 =
1137 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1138 policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1139 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages));
1140 EXPECT_FALSE(
1141 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1142 EXPECT_FALSE(
1143 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1144 }
1145
1146 TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) {
1147 // +-------------------------------------------------+
1148 // |(1)Origin A |
1149 // |No Policy |
1150 // | |
1151 // |<iframe policy='{"default-self": ["Origin B"]}'> |
1152 // | +---------------------------------------------+ |
1153 // | |(2)Origin B | |
1154 // | |Policy: {"default-self": ["*"]} | |
1155 // | | | |
1156 // | |<iframe policy='{"default-self": []}'> | |
1157 // | | +-------------+ | |
1158 // | | |(3)Origin C | | |
1159 // | | |No Policy | | |
1160 // | | +-------------+ | |
1161 // | | | |
1162 // | |<iframe> (No frame policy) | |
1163 // | | +-------------+ | |
1164 // | | |(4)Origin C | | |
1165 // | | |No Policy | | |
1166 // | | +-------------+ | |
1167 // | +---------------------------------------------+ |
1168 // +-------------------------------------------------+
1169 // Default-self feature should be enabled in cross-origin child frames 2 and
1170 // 4. Feature should be disabled in frame 2 by frame policy.
1171 Vector<String> messages;
1172 std::unique_ptr<FeaturePolicy> policy1 =
1173 createFromParentPolicy(nullptr, m_originA);
1174 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1175 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
1176 EXPECT_EQ(0UL, messages.size());
1177 std::unique_ptr<FeaturePolicy> policy2 =
1178 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
1179 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1180 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages));
1181 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1182 "{\"default-self\": [\"\"]}", m_originC.get(), &messages);
1183 EXPECT_EQ(0UL, messages.size());
1184 std::unique_ptr<FeaturePolicy> policy3 =
1185 createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC);
1186 std::unique_ptr<FeaturePolicy> policy4 =
1187 createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC);
1188 EXPECT_TRUE(
1189 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
1190 EXPECT_TRUE(
1191 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1192 EXPECT_FALSE(
1193 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
1194 EXPECT_TRUE(
1195 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
1196 }
1197
795 } // namespace blink 1198 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698