OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "content/common/feature_policy/feature_policy.h" | |
6 | |
7 #include "testing/gtest/include/gtest/gtest.h" | |
8 #include "url/gurl.h" | |
9 | |
10 namespace content { | |
11 | |
12 namespace { | |
13 | |
14 // This is an example of a feature which should be enabled by default in all | |
15 // frames. | |
16 const FeaturePolicy::Feature kDefaultOnFeatureDfn{ | |
17 "default-on", FeaturePolicy::FeatureDefault::EnableForAll}; | |
18 | |
19 // This is an example of a feature which should be enabled in top-level frames, | |
20 // and same-origin child-frames, but must be delegated to all cross-origin | |
21 // frames explicitly. | |
22 const FeaturePolicy::Feature kDefaultSelfFeatureDfn{ | |
23 "default-self", FeaturePolicy::FeatureDefault::EnableForSelf}; | |
24 | |
25 // This is an example of a feature which should be disabled by default, both in | |
26 // top-level and nested frames. | |
27 const FeaturePolicy::Feature kDefaultOffFeatureDfn{ | |
28 "default-off", FeaturePolicy::FeatureDefault::DisableForAll}; | |
29 | |
30 // Define the three new features for testing | |
31 blink::WebFeaturePolicyFeature kDefaultOnFeature = | |
32 static_cast<blink::WebFeaturePolicyFeature>( | |
33 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 1); | |
34 | |
35 blink::WebFeaturePolicyFeature kDefaultSelfFeature = | |
36 static_cast<blink::WebFeaturePolicyFeature>( | |
37 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 2); | |
38 | |
39 blink::WebFeaturePolicyFeature kDefaultOffFeature = | |
40 static_cast<blink::WebFeaturePolicyFeature>( | |
41 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 3); | |
42 | |
43 } // namespace | |
44 | |
45 class FeaturePolicyTest : public ::testing::Test { | |
46 protected: | |
47 FeaturePolicyTest() | |
48 : featureList_({{kDefaultOnFeature, &kDefaultOnFeatureDfn}, | |
49 {kDefaultSelfFeature, &kDefaultSelfFeatureDfn}, | |
50 {kDefaultOffFeature, &kDefaultOffFeatureDfn}}) {} | |
51 | |
52 ~FeaturePolicyTest() override {} | |
53 | |
54 std::unique_ptr<FeaturePolicy> CreateFromParentPolicy( | |
55 const FeaturePolicy* parent, | |
56 const url::Origin& origin) { | |
57 return FeaturePolicy::CreateFromParentPolicy(parent, origin, featureList_); | |
58 } | |
59 | |
60 url::Origin originA_ = url::Origin(GURL("https://example.com/")); | |
alexmos
2017/02/09 19:11:18
nit: origin_a_, etc.
iclelland
2017/02/09 20:12:01
Done.
| |
61 url::Origin originB_ = url::Origin(GURL("https://example.net/")); | |
62 url::Origin originC_ = url::Origin(GURL("https://example.org/")); | |
63 | |
64 private: | |
65 // Contains the list of controlled features, so that we are guaranteed to | |
66 // have at least one of each kind of default behaviour represented. | |
67 FeaturePolicy::FeatureList featureList_; | |
alexmos
2017/02/09 19:11:18
nit: feature_list_
iclelland
2017/02/09 20:12:01
Done.
| |
68 }; | |
69 | |
70 TEST_F(FeaturePolicyTest, TestInitialPolicy) { | |
71 // +-------------+ | |
72 // |(1)Origin A | | |
73 // |No Policy | | |
74 // +-------------+ | |
75 // Default-on and top-level-only features should be enabled in top-level | |
76 // frame. Default-off features should be disabled. | |
77 std::unique_ptr<FeaturePolicy> policy1 = | |
78 CreateFromParentPolicy(nullptr, originA_); | |
79 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | |
80 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | |
81 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOffFeature)); | |
82 } | |
83 | |
84 TEST_F(FeaturePolicyTest, TestInitialSameOriginChildPolicy) { | |
85 // +-----------------+ | |
86 // |(1)Origin A | | |
87 // |No Policy | | |
88 // | +-------------+ | | |
89 // | |(2)Origin A | | | |
90 // | |No Policy | | | |
91 // | +-------------+ | | |
92 // +-----------------+ | |
93 // Default-on and Default-self features should be enabled in a same-origin | |
94 // child frame. Default-off features should be disabled. | |
95 std::unique_ptr<FeaturePolicy> policy1 = | |
96 CreateFromParentPolicy(nullptr, originA_); | |
97 std::unique_ptr<FeaturePolicy> policy2 = | |
98 CreateFromParentPolicy(policy1.get(), originA_); | |
99 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
100 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
101 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOffFeature)); | |
102 } | |
103 | |
104 TEST_F(FeaturePolicyTest, TestInitialCrossOriginChildPolicy) { | |
105 // +-----------------+ | |
106 // |(1)Origin A | | |
107 // |No Policy | | |
108 // | +-------------+ | | |
109 // | |(2)Origin B | | | |
110 // | |No Policy | | | |
111 // | +-------------+ | | |
112 // +-----------------+ | |
113 // Default-on features should be enabled in child frame. Default-self and | |
114 // Default-off features should be disabled. | |
115 std::unique_ptr<FeaturePolicy> policy1 = | |
116 CreateFromParentPolicy(nullptr, originA_); | |
117 std::unique_ptr<FeaturePolicy> policy2 = | |
118 CreateFromParentPolicy(policy1.get(), originB_); | |
119 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
120 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
121 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOffFeature)); | |
122 } | |
123 | |
124 TEST_F(FeaturePolicyTest, TestCrossOriginChildCannotEnableFeature) { | |
125 // +---------------------------------------+ | |
126 // |(1) Origin A | | |
127 // |No Policy | | |
128 // | +-----------------------------------+ | | |
129 // | |(2) Origin B | | | |
130 // | |Policy: {"default-self": ["self"]} | | | |
131 // | +-----------------------------------+ | | |
132 // +---------------------------------------+ | |
133 // Default-self feature should be disabled in cross origin frame, even if no | |
134 // policy was specified in the parent frame. | |
135 std::unique_ptr<FeaturePolicy> policy1 = | |
136 CreateFromParentPolicy(nullptr, originA_); | |
137 std::unique_ptr<FeaturePolicy> policy2 = | |
138 CreateFromParentPolicy(policy1.get(), originB_); | |
139 policy2->SetHeaderPolicy({{{"default-self", false, {originB_}}}}); | |
140 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
141 } | |
142 | |
143 TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) { | |
144 // +------------------------------------------+ | |
145 // |(1) Origin A | | |
146 // |Policy: {"default-self": ["self"]} | | |
147 // | +-----------------+ +-----------------+ | | |
148 // | |(2) Origin A | |(4) Origin B | | | |
149 // | |No Policy | |No Policy | | | |
150 // | | +-------------+ | | +-------------+ | | | |
151 // | | |(3)Origin A | | | |(5)Origin B | | | | |
152 // | | |No Policy | | | |No Policy | | | | |
153 // | | +-------------+ | | +-------------+ | | | |
154 // | +-----------------+ +-----------------+ | | |
155 // +------------------------------------------+ | |
156 // Feature should be enabled at the top-level, and through the chain of | |
157 // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as | |
158 // they are at a different origin. | |
159 std::unique_ptr<FeaturePolicy> policy1 = | |
160 CreateFromParentPolicy(nullptr, originA_); | |
161 policy1->SetHeaderPolicy({{{"default-self", false, {originA_}}}}); | |
162 std::unique_ptr<FeaturePolicy> policy2 = | |
163 CreateFromParentPolicy(policy1.get(), originA_); | |
164 std::unique_ptr<FeaturePolicy> policy3 = | |
165 CreateFromParentPolicy(policy2.get(), originA_); | |
166 std::unique_ptr<FeaturePolicy> policy4 = | |
167 CreateFromParentPolicy(policy1.get(), originB_); | |
168 std::unique_ptr<FeaturePolicy> policy5 = | |
169 CreateFromParentPolicy(policy4.get(), originB_); | |
170 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
171 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
172 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | |
173 EXPECT_FALSE(policy5->IsFeatureEnabled(kDefaultSelfFeature)); | |
174 } | |
175 | |
176 TEST_F(FeaturePolicyTest, TestReflexiveFrameSelfInheritance) { | |
177 // +-----------------------------------+ | |
178 // |(1) Origin A | | |
179 // |Policy: {"default-self": ["self"]} | | |
180 // | +-----------------+ | | |
181 // | |(2) Origin B | | | |
182 // | |No Policy | | | |
183 // | | +-------------+ | | | |
184 // | | |(3)Origin A | | | | |
185 // | | |No Policy | | | | |
186 // | | +-------------+ | | | |
187 // | +-----------------+ | | |
188 // +-----------------------------------+ | |
189 // Feature which is enabled at top-level should be disabled in frame 3, as | |
190 // it is embedded by frame 2, for which the feature is not enabled. | |
191 std::unique_ptr<FeaturePolicy> policy1 = | |
192 CreateFromParentPolicy(nullptr, originA_); | |
193 policy1->SetHeaderPolicy({{{"default-self", false, {originA_}}}}); | |
194 std::unique_ptr<FeaturePolicy> policy2 = | |
195 CreateFromParentPolicy(policy1.get(), originB_); | |
196 std::unique_ptr<FeaturePolicy> policy3 = | |
197 CreateFromParentPolicy(policy2.get(), originA_); | |
198 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
199 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
200 } | |
201 | |
202 TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) { | |
203 // +------------------------------------------+ | |
204 // |(1) Origin A | | |
205 // |Policy: {"default-self": ["Origin B"]} | | |
206 // | +-----------------+ +-----------------+ | | |
207 // | |(2) Origin B | |(3) Origin C | | | |
208 // | |No Policy | |No Policy | | | |
209 // | | | | +-------------+ | | | |
210 // | | | | |(4)Origin B | | | | |
211 // | | | | |No Policy | | | | |
212 // | | | | +-------------+ | | | |
213 // | +-----------------+ +-----------------+ | | |
214 // +------------------------------------------+ | |
215 // Feature should be enabled in second level Origin B frame, but disabled in | |
216 // Frame 4, because it is embedded by frame 3, where the feature is not | |
217 // enabled. | |
218 std::unique_ptr<FeaturePolicy> policy1 = | |
219 CreateFromParentPolicy(nullptr, originA_); | |
220 policy1->SetHeaderPolicy({{{"default-self", false, {originB_}}}}); | |
221 std::unique_ptr<FeaturePolicy> policy2 = | |
222 CreateFromParentPolicy(policy1.get(), originB_); | |
223 std::unique_ptr<FeaturePolicy> policy3 = | |
224 CreateFromParentPolicy(policy1.get(), originC_); | |
225 std::unique_ptr<FeaturePolicy> policy4 = | |
226 CreateFromParentPolicy(policy3.get(), originB_); | |
227 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
228 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
229 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | |
230 } | |
231 | |
232 TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) { | |
233 // +----------------------------+ | |
234 // |(1)Origin A | | |
235 // |Policy: {"default-on": []} | | |
236 // +----------------------------+ | |
237 // Default-on feature should be disabled in top-level frame. | |
238 std::unique_ptr<FeaturePolicy> policy1 = | |
239 CreateFromParentPolicy(nullptr, originA_); | |
240 policy1->SetHeaderPolicy( | |
241 {{{"default-on", false, std::vector<url::Origin>()}}}); | |
242 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | |
243 } | |
244 | |
245 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) { | |
246 // +----------------------------+ | |
247 // |(1)Origin A | | |
248 // |Policy: {"default-on": []} | | |
249 // | +-------------+ | | |
250 // | |(2)Origin A | | | |
251 // | |No Policy | | | |
252 // | +-------------+ | | |
253 // +----------------------------+ | |
254 // Feature should be disabled in child frame. | |
255 std::unique_ptr<FeaturePolicy> policy1 = | |
256 CreateFromParentPolicy(nullptr, originA_); | |
257 policy1->SetHeaderPolicy( | |
258 {{{"default-on", false, std::vector<url::Origin>()}}}); | |
259 std::unique_ptr<FeaturePolicy> policy2 = | |
260 CreateFromParentPolicy(policy1.get(), originA_); | |
261 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
262 } | |
263 | |
264 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) { | |
265 // +--------------------------------+ | |
266 // |(1)Origin A | | |
267 // |No Policy | | |
268 // | +----------------------------+ | | |
269 // | |(2)Origin B | | | |
270 // | |Policy: {"default-on": []} | | | |
271 // | +----------------------------+ | | |
272 // +--------------------------------+ | |
273 // Default-on feature should be disabled by cross-origin child frame. | |
274 std::unique_ptr<FeaturePolicy> policy1 = | |
275 CreateFromParentPolicy(nullptr, originA_); | |
276 std::unique_ptr<FeaturePolicy> policy2 = | |
277 CreateFromParentPolicy(policy1.get(), originB_); | |
278 policy2->SetHeaderPolicy( | |
279 {{{"default-on", false, std::vector<url::Origin>()}}}); | |
280 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
281 } | |
282 | |
283 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) { | |
284 // +--------------------------------------+ | |
285 // |(1)Origin A | | |
286 // |No Policy | | |
287 // | +----------------------------------+ | | |
288 // | |(2)Origin B | | | |
289 // | |Policy: {"default-on": ["self"]} | | | |
290 // | | +-------------+ | | | |
291 // | | |(3)Origin C | | | | |
292 // | | |No Policy | | | | |
293 // | | +-------------+ | | | |
294 // | +----------------------------------+ | | |
295 // +--------------------------------------+ | |
296 // Default-on feature should be enabled in frames 1 and 2; disabled in frame | |
297 // 3 by child frame policy. | |
298 std::unique_ptr<FeaturePolicy> policy1 = | |
299 CreateFromParentPolicy(nullptr, originA_); | |
300 std::unique_ptr<FeaturePolicy> policy2 = | |
301 CreateFromParentPolicy(policy1.get(), originB_); | |
302 policy2->SetHeaderPolicy({{{"default-on", false, {originB_}}}}); | |
303 std::unique_ptr<FeaturePolicy> policy3 = | |
304 CreateFromParentPolicy(policy2.get(), originC_); | |
305 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
306 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | |
307 } | |
308 | |
309 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) { | |
310 // +----------------------------+ | |
311 // |(1)Origin A | | |
312 // |Policy: {"default-on": []} | | |
313 // | +-------------+ | | |
314 // | |(2)Origin B | | | |
315 // | |No Policy | | | |
316 // | +-------------+ | | |
317 // +----------------------------+ | |
318 // Default-on feature should be disabled in cross-origin child frame. | |
319 std::unique_ptr<FeaturePolicy> policy1 = | |
320 CreateFromParentPolicy(nullptr, originA_); | |
321 policy1->SetHeaderPolicy( | |
322 {{{"default-on", false, std::vector<url::Origin>()}}}); | |
323 std::unique_ptr<FeaturePolicy> policy2 = | |
324 CreateFromParentPolicy(policy1.get(), originB_); | |
325 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
326 } | |
327 | |
328 TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) { | |
329 // +--------------------------------+ | |
330 // |(1) Origin A | | |
331 // |Policy: {"default-self": ["*"]} | | |
332 // | +-----------------+ | | |
333 // | |(2) Origin B | | | |
334 // | |No Policy | | | |
335 // | | +-------------+ | | | |
336 // | | |(3)Origin A | | | | |
337 // | | |No Policy | | | | |
338 // | | +-------------+ | | | |
339 // | +-----------------+ | | |
340 // +--------------------------------+ | |
341 // Feature should be enabled in top and second level; disabled in frame 3. | |
342 std::unique_ptr<FeaturePolicy> policy1 = | |
343 CreateFromParentPolicy(nullptr, originA_); | |
344 policy1->SetHeaderPolicy( | |
345 {{{"default-self", true, std::vector<url::Origin>()}}}); | |
346 std::unique_ptr<FeaturePolicy> policy2 = | |
347 CreateFromParentPolicy(policy1.get(), originB_); | |
348 std::unique_ptr<FeaturePolicy> policy3 = | |
349 CreateFromParentPolicy(policy2.get(), originA_); | |
350 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | |
351 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
352 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
353 } | |
354 | |
355 TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) { | |
356 // +---------------------------------------+ | |
357 // |(1) Origin A | | |
358 // |Policy: {"default-on": ["Origin B"]} | | |
359 // | +-----------------------------------+ | | |
360 // | |(2) Origin B | | | |
361 // | |No Policy | | | |
362 // | | +-------------+ +-------------+ | | | |
363 // | | |(3)Origin B | |(4)Origin C | | | | |
364 // | | |No Policy | |No Policy | | | | |
365 // | | +-------------+ +-------------+ | | | |
366 // | +-----------------------------------+ | | |
367 // +---------------------------------------+ | |
368 // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4. | |
369 std::unique_ptr<FeaturePolicy> policy1 = | |
370 CreateFromParentPolicy(nullptr, originA_); | |
371 policy1->SetHeaderPolicy({{{"default-on", false, {originB_}}}}); | |
372 std::unique_ptr<FeaturePolicy> policy2 = | |
373 CreateFromParentPolicy(policy1.get(), originB_); | |
374 std::unique_ptr<FeaturePolicy> policy3 = | |
375 CreateFromParentPolicy(policy2.get(), originB_); | |
376 std::unique_ptr<FeaturePolicy> policy4 = | |
377 CreateFromParentPolicy(policy2.get(), originC_); | |
378 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | |
379 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
380 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | |
381 EXPECT_TRUE(policy4->IsFeatureEnabled(kDefaultOnFeature)); | |
382 } | |
383 | |
384 TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) { | |
385 // +---------------------------------------+ | |
386 // |(1) Origin A | | |
387 // |Policy: {"default-self": ["Origin B"]} | | |
388 // | +-----------------------------------+ | | |
389 // | |(2) Origin B | | | |
390 // | |No Policy | | | |
391 // | | +-------------+ +-------------+ | | | |
392 // | | |(3)Origin B | |(4)Origin C | | | | |
393 // | | |No Policy | |No Policy | | | | |
394 // | | +-------------+ +-------------+ | | | |
395 // | +-----------------------------------+ | | |
396 // +---------------------------------------+ | |
397 // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3. | |
398 std::unique_ptr<FeaturePolicy> policy1 = | |
399 CreateFromParentPolicy(nullptr, originA_); | |
400 policy1->SetHeaderPolicy({{{"default-self", false, {originB_}}}}); | |
401 std::unique_ptr<FeaturePolicy> policy2 = | |
402 CreateFromParentPolicy(policy1.get(), originB_); | |
403 std::unique_ptr<FeaturePolicy> policy3 = | |
404 CreateFromParentPolicy(policy2.get(), originB_); | |
405 std::unique_ptr<FeaturePolicy> policy4 = | |
406 CreateFromParentPolicy(policy2.get(), originC_); | |
407 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | |
408 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
409 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
410 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | |
411 } | |
412 | |
413 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) { | |
414 // +------------------------------------------------------------+ | |
415 // |(1) Origin A | | |
416 // |Policy: {"default-off": ["Origin B"]} | | |
417 // | +--------------------------------------------------------+ | | |
418 // | |(2) Origin B | | | |
419 // | |Policy: {"default-off": ["self"]} | | | |
420 // | | +-------------+ +----------------------------------+ | | | |
421 // | | |(3)Origin B | |(4)Origin C | | | | |
422 // | | |No Policy | |Policy: {"default-off": ["self"]} | | | | |
423 // | | +-------------+ +----------------------------------+ | | | |
424 // | +--------------------------------------------------------+ | | |
425 // +------------------------------------------------------------+ | |
426 // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only. | |
427 std::unique_ptr<FeaturePolicy> policy1 = | |
428 CreateFromParentPolicy(nullptr, originA_); | |
429 policy1->SetHeaderPolicy({{{"default-off", false, {originB_}}}}); | |
430 std::unique_ptr<FeaturePolicy> policy2 = | |
431 CreateFromParentPolicy(policy1.get(), originB_); | |
432 policy2->SetHeaderPolicy({{{"default-off", false, {originB_}}}}); | |
433 std::unique_ptr<FeaturePolicy> policy3 = | |
434 CreateFromParentPolicy(policy2.get(), originB_); | |
435 std::unique_ptr<FeaturePolicy> policy4 = | |
436 CreateFromParentPolicy(policy2.get(), originC_); | |
437 policy4->SetHeaderPolicy({{{"default-off", false, {originC_}}}}); | |
438 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOffFeature)); | |
439 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOffFeature)); | |
440 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOffFeature)); | |
441 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOffFeature)); | |
442 } | |
443 | |
444 TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) { | |
445 // +------------------------------------+ | |
446 // |(1) Origin A | | |
447 // |Policy: {"default-self": ["*"]} | | |
448 // | +--------------------------------+ | | |
449 // | |(2) Origin B | | | |
450 // | |Policy: {"default-self": ["*"]} | | | |
451 // | | +-------------+ | | | |
452 // | | |(3)Origin A | | | | |
453 // | | |No Policy | | | | |
454 // | | +-------------+ | | | |
455 // | +--------------------------------+ | | |
456 // +------------------------------------+ | |
457 // Feature should be enabled in all frames. | |
458 std::unique_ptr<FeaturePolicy> policy1 = | |
459 CreateFromParentPolicy(nullptr, originA_); | |
460 policy1->SetHeaderPolicy( | |
461 {{{"default-self", true, std::vector<url::Origin>()}}}); | |
462 std::unique_ptr<FeaturePolicy> policy2 = | |
463 CreateFromParentPolicy(policy1.get(), originB_); | |
464 policy2->SetHeaderPolicy( | |
465 {{{"default-self", true, std::vector<url::Origin>()}}}); | |
466 std::unique_ptr<FeaturePolicy> policy3 = | |
467 CreateFromParentPolicy(policy2.get(), originA_); | |
468 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | |
469 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
470 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
471 } | |
472 | |
473 TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) { | |
474 // +--------------------------------------+ | |
475 // |(1)Origin A | | |
476 // |Policy: {"default-self": ["self"]} | | |
477 // | +----------------------------------+ | | |
478 // | |(2)Origin B | | | |
479 // | |Policy: {"default-self": ["*"]} | | | |
480 // | | +-------------+ +-------------+ | | | |
481 // | | |(3)Origin A | |(4)Origin C | | | | |
482 // | | |No Policy | |No Policy | | | | |
483 // | | +-------------+ +-------------+ | | | |
484 // | +----------------------------------+ | | |
485 // +--------------------------------------+ | |
486 // Feature should be enabled at the top level; disabled in all other frames. | |
487 std::unique_ptr<FeaturePolicy> policy1 = | |
488 CreateFromParentPolicy(nullptr, originA_); | |
489 policy1->SetHeaderPolicy({{{"default-self", false, {originA_}}}}); | |
490 std::unique_ptr<FeaturePolicy> policy2 = | |
491 CreateFromParentPolicy(policy1.get(), originB_); | |
492 policy2->SetHeaderPolicy( | |
493 {{{"default-self", true, std::vector<url::Origin>()}}}); | |
494 std::unique_ptr<FeaturePolicy> policy3 = | |
495 CreateFromParentPolicy(policy2.get(), originA_); | |
496 std::unique_ptr<FeaturePolicy> policy4 = | |
497 CreateFromParentPolicy(policy2.get(), originC_); | |
498 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | |
499 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
500 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
501 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | |
502 } | |
503 | |
504 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) { | |
505 // +---------------------------------------------------+ | |
506 // |(1) Origin A | | |
507 // |Policy: {"default-self": ["self", "Origin B"]} | | |
508 // | +-----------------------------------------------+ | | |
509 // | |(2) Origin B | | | |
510 // | |Policy: {"default-self": ["self", "Origin C"]} | | | |
511 // | | +-------------+ | | | |
512 // | | |(3)Origin C | | | | |
513 // | | |No Policy | | | | |
514 // | | +-------------+ | | | |
515 // | +-----------------------------------------------+ | | |
516 // +---------------------------------------------------+ | |
517 // Feature should be enabled in all frames. | |
518 std::unique_ptr<FeaturePolicy> policy1 = | |
519 CreateFromParentPolicy(nullptr, originA_); | |
520 policy1->SetHeaderPolicy({{{"default-self", false, {originA_, originB_}}}}); | |
521 std::unique_ptr<FeaturePolicy> policy2 = | |
522 CreateFromParentPolicy(policy1.get(), originB_); | |
523 policy2->SetHeaderPolicy({{{"default-self", false, {originB_, originC_}}}}); | |
524 std::unique_ptr<FeaturePolicy> policy3 = | |
525 CreateFromParentPolicy(policy2.get(), originC_); | |
526 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | |
527 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
528 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
529 } | |
530 | |
531 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) { | |
532 // +-----------------------------------------------+ | |
533 // |(1) Origin A | | |
534 // |Policy: {"default-on": ["self", "Origin B"]} | | |
535 // | +--------------------+ +--------------------+ | | |
536 // | |(2) Origin B | | (4) Origin C | | | |
537 // | |No Policy | | No Policy | | | |
538 // | | +-------------+ | | | | | |
539 // | | |(3)Origin C | | | | | | |
540 // | | |No Policy | | | | | | |
541 // | | +-------------+ | | | | | |
542 // | +--------------------+ +--------------------+ | | |
543 // +-----------------------------------------------+ | |
544 // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4. | |
545 std::unique_ptr<FeaturePolicy> policy1 = | |
546 CreateFromParentPolicy(nullptr, originA_); | |
547 policy1->SetHeaderPolicy({{{"default-on", false, {originA_, originB_}}}}); | |
548 std::unique_ptr<FeaturePolicy> policy2 = | |
549 CreateFromParentPolicy(policy1.get(), originB_); | |
550 std::unique_ptr<FeaturePolicy> policy3 = | |
551 CreateFromParentPolicy(policy2.get(), originC_); | |
552 std::unique_ptr<FeaturePolicy> policy4 = | |
553 CreateFromParentPolicy(policy1.get(), originC_); | |
554 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | |
555 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
556 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | |
557 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOnFeature)); | |
558 } | |
559 | |
560 TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) { | |
561 // +-----------------------------------------------+ | |
562 // |(1) Origin A | | |
563 // |Policy: {"default-self": ["self", "Origin B"]} | | |
564 // | +--------------------+ +--------------------+ | | |
565 // | |(2) Origin B | | (4) Origin C | | | |
566 // | |No Policy | | No Policy | | | |
567 // | | +-------------+ | | | | | |
568 // | | |(3)Origin C | | | | | | |
569 // | | |No Policy | | | | | | |
570 // | | +-------------+ | | | | | |
571 // | +--------------------+ +--------------------+ | | |
572 // +-----------------------------------------------+ | |
573 // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and | |
574 // 4. | |
575 std::unique_ptr<FeaturePolicy> policy1 = | |
576 CreateFromParentPolicy(nullptr, originA_); | |
577 policy1->SetHeaderPolicy({{{"default-self", false, {originA_, originB_}}}}); | |
578 std::unique_ptr<FeaturePolicy> policy2 = | |
579 CreateFromParentPolicy(policy1.get(), originB_); | |
580 std::unique_ptr<FeaturePolicy> policy3 = | |
581 CreateFromParentPolicy(policy2.get(), originC_); | |
582 std::unique_ptr<FeaturePolicy> policy4 = | |
583 CreateFromParentPolicy(policy1.get(), originC_); | |
584 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | |
585 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
586 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
587 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | |
588 } | |
589 | |
590 TEST_F(FeaturePolicyTest, TestFeaturesAreIndependent) { | |
591 // +-----------------------------------------------+ | |
592 // |(1) Origin A | | |
593 // |Policy: {"default-self": ["self", "Origin B"], | | |
594 // | "default-on": ["self"]} | | |
595 // | +-------------------------------------------+ | | |
596 // | |(2) Origin B | | | |
597 // | |Policy: {"default-self": ["*"], | | | |
598 // | | "default-on": ["*"]} | | | |
599 // | | +-------------+ | | | |
600 // | | |(3)Origin C | | | | |
601 // | | |No Policy | | | | |
602 // | | +-------------+ | | | |
603 // | +-------------------------------------------+ | | |
604 // +-----------------------------------------------+ | |
605 // Default-self feature should be enabled in all frames; Default-on feature | |
606 // should be enabled in frame 1, and disabled in frames 2 and 3. | |
607 std::unique_ptr<FeaturePolicy> policy1 = | |
608 CreateFromParentPolicy(nullptr, originA_); | |
609 policy1->SetHeaderPolicy({{{"default-self", false, {originA_, originB_}}, | |
610 {"default-on", false, {originA_}}}}); | |
611 std::unique_ptr<FeaturePolicy> policy2 = | |
612 CreateFromParentPolicy(policy1.get(), originB_); | |
613 policy2->SetHeaderPolicy( | |
614 {{{"default-self", true, std::vector<url::Origin>()}, | |
615 {"default-on", true, std::vector<url::Origin>()}}}); | |
616 std::unique_ptr<FeaturePolicy> policy3 = | |
617 CreateFromParentPolicy(policy2.get(), originC_); | |
618 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | |
619 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | |
620 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | |
621 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | |
622 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | |
623 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | |
624 } | |
625 | |
626 TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) { | |
627 // +-----------------------------------------------+ | |
628 // |(1) Origin A | | |
629 // |Policy: {"default-off": ["self", "Origin B"]} | | |
630 // +-----------------------------------------------+ | |
631 // Features should be enabled by the policy in frame 1 for origins A and B, | |
632 // and disabled for origin C. | |
633 std::unique_ptr<FeaturePolicy> policy1 = | |
634 CreateFromParentPolicy(nullptr, originA_); | |
635 policy1->SetHeaderPolicy({{{"default-off", false, {originA_, originB_}}}}); | |
636 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, originA_)); | |
637 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, originB_)); | |
638 EXPECT_FALSE( | |
639 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, originC_)); | |
640 } | |
641 | |
642 } // namespace content | |
OLD | NEW |