Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(464)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp

Issue 2655023004: Feature policy: Add basic algorithm for supporting frame policies. (Closed)
Patch Set: Fix logic, add tests Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp ('K') | « third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "platform/feature_policy/FeaturePolicy.h" 5 #include "platform/feature_policy/FeaturePolicy.h"
6 6
7 #include "platform/RuntimeEnabledFeatures.h" 7 #include "platform/RuntimeEnabledFeatures.h"
8 #include "testing/gtest/include/gtest/gtest.h" 8 #include "testing/gtest/include/gtest/gtest.h"
9 9
10 // Origin strings used for tests 10 // Origin strings used for tests
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after
61 RuntimeEnabledFeatures::setFeaturePolicyEnabled(true); 61 RuntimeEnabledFeatures::setFeaturePolicyEnabled(true);
62 } 62 }
63 63
64 ~FeaturePolicyTest() { 64 ~FeaturePolicyTest() {
65 RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled); 65 RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled);
66 } 66 }
67 67
68 std::unique_ptr<FeaturePolicy> createFromParentPolicy( 68 std::unique_ptr<FeaturePolicy> createFromParentPolicy(
69 const FeaturePolicy* parent, 69 const FeaturePolicy* parent,
70 RefPtr<SecurityOrigin> origin) { 70 RefPtr<SecurityOrigin> origin) {
71 return FeaturePolicy::createFromParentPolicy(parent, origin, m_featureList); 71 return FeaturePolicy::createFromParentPolicy(parent, nullptr, origin,
72 m_featureList);
73 }
74
75 std::unique_ptr<FeaturePolicy> createFromParentWithFramePolicy(
76 const FeaturePolicy* parent,
77 const WebParsedFeaturePolicy* framePolicy,
78 RefPtr<SecurityOrigin> origin) {
79 return FeaturePolicy::createFromParentPolicy(parent, framePolicy, origin,
80 m_featureList);
72 } 81 }
73 82
74 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A); 83 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A);
75 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B); 84 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B);
76 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C); 85 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C);
77 86
78 private: 87 private:
79 const bool m_frameworkWasEnabled; 88 const bool m_frameworkWasEnabled;
80 89
81 // Contains the list of controlled features, so that we are guaranteed to 90 // Contains the list of controlled features, so that we are guaranteed to
(...skipping 703 matching lines...) Expand 10 before | Expand all | Expand 10 after
785 &messages)); 794 &messages));
786 EXPECT_EQ(0UL, messages.size()); 795 EXPECT_EQ(0UL, messages.size());
787 EXPECT_TRUE( 796 EXPECT_TRUE(
788 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); 797 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
789 EXPECT_TRUE( 798 EXPECT_TRUE(
790 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); 799 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
791 EXPECT_FALSE( 800 EXPECT_FALSE(
792 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); 801 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
793 } 802 }
794 803
804 // Test frame policies
805
806 TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) {
807 // +---------------------------------------------+
808 // |(1)Origin A |
809 // |No Policy |
810 // | |
811 // |<iframe policy='{"default-self": ["self"]}'> |
812 // | +-------------+ |
813 // | |(2)Origin B | |
814 // | |No Policy | |
815 // | +-------------+ |
816 // +---------------------------------------------+
817 // Default-self feature should be enabled in cross-origin child frame because
818 // permission was delegated through frame policy.
819 // This is the same scenario as when the iframe is declared as
820 // <iframe allow="default-self">
821 Vector<String> messages;
822 std::unique_ptr<FeaturePolicy> policy1 =
823 createFromParentPolicy(nullptr, m_originA);
824 WebParsedFeaturePolicy framePolicy = FeaturePolicy::parseFeaturePolicy(
825 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages);
raymes 2017/02/03 00:28:51 Hmm - does "self" in the attribute refer to the em
iclelland 2017/02/03 16:59:54 I recall that the way we had originally gone with
raymes 2017/02/03 18:11:28 I guess I had been thinking allow="fullscreen" wou
iclelland 2017/02/03 19:50:04 We're going to translate the allow and allow* attr
iclelland 2017/02/14 21:25:03 Tests updated to use explicit origins for frame po
826 EXPECT_EQ(0UL, messages.size());
827 std::unique_ptr<FeaturePolicy> policy2 =
828 createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB);
829 EXPECT_TRUE(
830 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
831 EXPECT_FALSE(
832 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
833 EXPECT_FALSE(
834 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
835 EXPECT_FALSE(
836 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
837 EXPECT_TRUE(
838 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
839 EXPECT_FALSE(
840 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
841 }
842
843 TEST_F(FeaturePolicyTest, TestAllOriginFramePolicy) {
844 // +------------------------------------------+
845 // |(1)Origin A |
846 // |No Policy |
847 // | |
848 // |<iframe policy='{"default-self": ["*"]}'> |
849 // | +-------------+ |
850 // | |(2)Origin B | |
851 // | |No Policy | |
852 // | +-------------+ |
853 // +------------------------------------------+
854 // Default-self feature should be enabled in cross-origin child frame because
855 // permission was delegated through frame policy.
856 // This is the same scenario that arises when the iframe is declared as
857 // <iframe allowfullscreen>
858 Vector<String> messages;
859 std::unique_ptr<FeaturePolicy> policy1 =
860 createFromParentPolicy(nullptr, m_originA);
861 WebParsedFeaturePolicy framePolicy = FeaturePolicy::parseFeaturePolicy(
862 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages);
863 EXPECT_EQ(0UL, messages.size());
864 std::unique_ptr<FeaturePolicy> policy2 =
865 createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB);
866 EXPECT_TRUE(
867 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
868 EXPECT_FALSE(
869 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
870 EXPECT_FALSE(
871 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
872 EXPECT_FALSE(
873 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
874 EXPECT_TRUE(
875 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
876 EXPECT_FALSE(
877 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
878 }
879
880 TEST_F(FeaturePolicyTest, TestFramePolicyCanBeFurtherDelegated) {
881 // +-------------------------------------------------+
882 // |(1)Origin A |
883 // |No Policy |
884 // | |
885 // |<iframe policy='{"default-self": ["self"]}'> |
886 // | +---------------------------------------------+ |
887 // | |(2)Origin B | |
888 // | |No Policy | |
889 // | | | |
890 // | |<iframe policy='{"default-self": ["self"]}'> | |
891 // | | +-------------+ | |
892 // | | |(3)Origin C | | |
893 // | | |No Policy | | |
894 // | | +-------------+ | |
895 // | | | |
896 // | |<iframe> (No frame policy) | |
897 // | | +-------------+ | |
898 // | | |(4)Origin C | | |
899 // | | |No Policy | | |
900 // | | +-------------+ | |
901 // | +---------------------------------------------+ |
902 // +-------------------------------------------------+
903 // Default-self feature should be enabled in cross-origin child frames 2 and
904 // 3. Feature should be disabled in frame 4 because it was not further
905 // delegated through frame policy.
906 Vector<String> messages;
907 std::unique_ptr<FeaturePolicy> policy1 =
908 createFromParentPolicy(nullptr, m_originA);
909 WebParsedFeaturePolicy framePolicy1 = FeaturePolicy::parseFeaturePolicy(
910 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages);
911 EXPECT_EQ(0UL, messages.size());
912 std::unique_ptr<FeaturePolicy> policy2 =
913 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
914 WebParsedFeaturePolicy framePolicy2 = FeaturePolicy::parseFeaturePolicy(
915 "{\"default-self\": [\"self\"]}", m_originC.get(), &messages);
916 EXPECT_EQ(0UL, messages.size());
917 std::unique_ptr<FeaturePolicy> policy3 =
918 createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC);
919 std::unique_ptr<FeaturePolicy> policy4 =
920 createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC);
921 EXPECT_FALSE(
922 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
923 EXPECT_FALSE(
924 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
925 EXPECT_TRUE(
926 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
927 EXPECT_FALSE(
928 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
929 EXPECT_FALSE(
930 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
931 EXPECT_FALSE(
932 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
933 }
934
935 TEST_F(FeaturePolicyTest, TestDefaultOnCanBeDisabledByFramePolicy) {
936 // +-------------------------------------+
937 // |(1)Origin A |
938 // |No Policy |
939 // | |
940 // |<iframe policy='{"default-on": []}'> |
941 // | +-------------+ |
942 // | |(2)Origin A | |
943 // | |No Policy | |
944 // | +-------------+ |
945 // | |
946 // |<iframe policy='{"default-on": []}'> |
947 // | +-------------+ |
948 // | |(3)Origin B | |
949 // | |No Policy | |
950 // | +-------------+ |
951 // +-------------------------------------+
952 // Default-on feature should be disabled in both same-origin and cross-origin
953 // child frames because permission was removed through frame policy.
954 Vector<String> messages;
955 std::unique_ptr<FeaturePolicy> policy1 =
956 createFromParentPolicy(nullptr, m_originA);
957 WebParsedFeaturePolicy framePolicy1 = FeaturePolicy::parseFeaturePolicy(
958 "{\"default-on\": []}", m_originA.get(), &messages);
959 EXPECT_EQ(0UL, messages.size());
960 std::unique_ptr<FeaturePolicy> policy2 =
961 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
962 WebParsedFeaturePolicy framePolicy2 = FeaturePolicy::parseFeaturePolicy(
963 "{\"default-on\": []}", m_originB.get(), &messages);
964 EXPECT_EQ(0UL, messages.size());
965 std::unique_ptr<FeaturePolicy> policy3 =
966 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
967 EXPECT_TRUE(
968 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
969 EXPECT_TRUE(
970 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
971 EXPECT_TRUE(
972 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
973 EXPECT_FALSE(
974 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
975 EXPECT_FALSE(
976 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
977 EXPECT_FALSE(
978 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
979 EXPECT_FALSE(
980 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
981 EXPECT_FALSE(
982 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
983 EXPECT_FALSE(
984 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
985 }
986
987 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeEnabledByChildFrame) {
988 // +--------------------------------------------+
989 // |(1)Origin A |
990 // |No Policy |
991 // | |
992 // |<iframe policy='{"default-off": ["self"]}'> |
993 // | +-------------+ |
994 // | |(2)Origin A | |
995 // | |No Policy | |
996 // | +-------------+ |
997 // | |
998 // |<iframe policy='{"default-off": ["self"]}'> |
999 // | +-------------+ |
1000 // | |(3)Origin B | |
1001 // | |No Policy | |
1002 // | +-------------+ |
1003 // +--------------------------------------------+
1004 // Default-off feature should be disabled in both same-origin and cross-origin
1005 // child frames because they did not declare their own policy to enable it.
1006 Vector<String> messages;
1007 std::unique_ptr<FeaturePolicy> policy1 =
1008 createFromParentPolicy(nullptr, m_originA);
raymes 2017/02/03 00:28:51 We might want to enable the feature in (1) by head
iclelland 2017/02/14 21:25:03 Done. Required by algorithm now.
1009 WebParsedFeaturePolicy framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1010 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages);
1011 EXPECT_EQ(0UL, messages.size());
1012 std::unique_ptr<FeaturePolicy> policy2 =
1013 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
1014 WebParsedFeaturePolicy framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1015 "{\"default-off\": [\"self\"]}", m_originB.get(), &messages);
1016 EXPECT_EQ(0UL, messages.size());
1017 std::unique_ptr<FeaturePolicy> policy3 =
1018 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1019 EXPECT_FALSE(
1020 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1021 EXPECT_FALSE(
1022 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1023 EXPECT_FALSE(
1024 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1025 EXPECT_FALSE(
1026 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1027 EXPECT_FALSE(
1028 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1029 EXPECT_FALSE(
1030 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1031 EXPECT_FALSE(
1032 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1033 EXPECT_FALSE(
1034 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1035 EXPECT_FALSE(
1036 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1037 }
1038
1039 TEST_F(FeaturePolicyTest, TestDefaultOffCanBeEnabledByChildFrame) {
1040 // +--------------------------------------------+
1041 // |(1)Origin A |
1042 // |No Policy |
1043 // | |
1044 // |<iframe policy='{"default-off": ["self"]}'> |
1045 // | +----------------------------------------+ |
1046 // | |(2)Origin A | |
1047 // | |Policy: {"default-off": ["self"]} | |
1048 // | +----------------------------------------+ |
1049 // | |
1050 // |<iframe policy='{"default-off": ["self"]}'> |
1051 // | +----------------------------------------+ |
1052 // | |(3)Origin B | |
1053 // | |Policy: {"default-off": ["self"]} | |
1054 // | +----------------------------------------+ |
1055 // +--------------------------------------------+
1056 // Default-off feature should be enabled in both same-origin and cross-origin
1057 // child frames because it is delegated through the parent's frame policy, and
1058 // they declare their own policy to enable it.
1059 Vector<String> messages;
1060 std::unique_ptr<FeaturePolicy> policy1 =
1061 createFromParentPolicy(nullptr, m_originA);
1062 WebParsedFeaturePolicy framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1063 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages);
1064 EXPECT_EQ(0UL, messages.size());
1065 std::unique_ptr<FeaturePolicy> policy2 =
1066 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
1067 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
raymes 2017/02/03 00:28:51 Shouldn't frame (1) have to do this in order to de
iclelland 2017/02/03 16:59:54 See the comment in the previous file -- Maybe we d
iclelland 2017/02/14 21:25:03 Changed now; header (or eventually meta) must be a
1068 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
1069 WebParsedFeaturePolicy framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1070 "{\"default-off\": [\"self\"]}", m_originB.get(), &messages);
1071 EXPECT_EQ(0UL, messages.size());
1072 std::unique_ptr<FeaturePolicy> policy3 =
1073 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1074 policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1075 "{\"default-off\": [\"self\"]}", m_originB.get(), &messages));
1076 EXPECT_FALSE(
1077 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1078 EXPECT_FALSE(
1079 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1080 EXPECT_FALSE(
1081 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1082 EXPECT_TRUE(
1083 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1084 EXPECT_FALSE(
1085 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1086 EXPECT_FALSE(
1087 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1088 EXPECT_FALSE(
1089 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1090 EXPECT_TRUE(
1091 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1092 EXPECT_FALSE(
1093 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1094 }
1095
1096 TEST_F(FeaturePolicyTest, TestFramePolicyModifiesHeaderPolicy) {
1097 // +-----------------------------------------------+
1098 // |(1)Origin A |
1099 // |Policy: {"default-self": ["self", "Origin B"]} |
1100 // | |
1101 // |<iframe policy='{"default-self": []}'> |
1102 // | +-------------------------------------------+ |
1103 // | |(2)Origin B | |
1104 // | |No Policy | |
1105 // | +-------------------------------------------+ |
1106 // | |
1107 // |<iframe policy='{"default-self": []}'> |
1108 // | +-------------------------------------------+ |
1109 // | |(3)Origin B | |
1110 // | |Policy: {"default-self": ["self"]} | |
1111 // | +-------------------------------------------+ |
1112 // +-----------------------------------------------+
1113 // Default-self feature should be disabled in both cross-origin child frames
1114 // by frame policy, even though the parent frame's header policy would
1115 // otherwise enable it. This is true regardless of the child frame's header
1116 // policy.
1117 Vector<String> messages;
1118 std::unique_ptr<FeaturePolicy> policy1 =
1119 createFromParentPolicy(nullptr, m_originA);
1120 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1121 "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
1122 &messages));
1123 EXPECT_EQ(0UL, messages.size());
1124 WebParsedFeaturePolicy framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1125 "{\"default-self\": []}", m_originB.get(), &messages);
1126 EXPECT_EQ(0UL, messages.size());
1127 std::unique_ptr<FeaturePolicy> policy2 =
1128 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
1129 WebParsedFeaturePolicy framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1130 "{\"default-self\": []}", m_originB.get(), &messages);
1131 EXPECT_EQ(0UL, messages.size());
1132 std::unique_ptr<FeaturePolicy> policy3 =
1133 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1134 policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1135 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages));
1136 EXPECT_FALSE(
1137 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1138 EXPECT_FALSE(
1139 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1140 }
1141
1142 TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) {
1143 // +---------------------------------------------+
1144 // |(1)Origin A |
1145 // |No Policy |
1146 // | |
1147 // |<iframe policy='{"default-self": ["self"]}'> |
1148 // | +-----------------------------------------+ |
1149 // | |(2)Origin B | |
1150 // | |Policy: {"default-self": ["*"]} | |
1151 // | | | |
1152 // | |<iframe policy='{"default-self": []}'> | |
1153 // | | +-------------+ | |
1154 // | | |(3)Origin C | | |
1155 // | | |No Policy | | |
1156 // | | +-------------+ | |
1157 // | | | |
1158 // | |<iframe> (No frame policy) | |
1159 // | | +-------------+ | |
1160 // | | |(4)Origin C | | |
1161 // | | |No Policy | | |
1162 // | | +-------------+ | |
1163 // | +-----------------------------------------+ |
1164 // +---------------------------------------------+
1165 // Default-self feature should be enabled in cross-origin child frames 2 and
1166 // 4. Feature should be disabled in frame 2 by frame policy.
1167 Vector<String> messages;
1168 std::unique_ptr<FeaturePolicy> policy1 =
1169 createFromParentPolicy(nullptr, m_originA);
1170 WebParsedFeaturePolicy framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1171 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages);
1172 EXPECT_EQ(0UL, messages.size());
1173 std::unique_ptr<FeaturePolicy> policy2 =
1174 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
1175 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1176 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages));
1177 WebParsedFeaturePolicy framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1178 "{\"default-self\": [\"\"]}", m_originC.get(), &messages);
1179 EXPECT_EQ(0UL, messages.size());
1180 std::unique_ptr<FeaturePolicy> policy3 =
1181 createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC);
1182 std::unique_ptr<FeaturePolicy> policy4 =
1183 createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC);
1184 EXPECT_TRUE(
1185 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
1186 EXPECT_TRUE(
1187 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1188 EXPECT_FALSE(
1189 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
1190 EXPECT_TRUE(
1191 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
1192 }
1193
795 } // namespace blink 1194 } // namespace blink
OLDNEW
« third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp ('K') | « third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698