| Index: content/common/feature_policy/feature_policy_unittest.cc
|
| diff --git a/content/common/feature_policy/feature_policy_unittest.cc b/content/common/feature_policy/feature_policy_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..7eac5fc7019cf3e127a6c177d5539348f73c094e
|
| --- /dev/null
|
| +++ b/content/common/feature_policy/feature_policy_unittest.cc
|
| @@ -0,0 +1,642 @@
|
| +// Copyright 2016 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "content/common/feature_policy/feature_policy.h"
|
| +
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +#include "url/gurl.h"
|
| +
|
| +namespace content {
|
| +
|
| +namespace {
|
| +
|
| +// This is an example of a feature which should be enabled by default in all
|
| +// frames.
|
| +const FeaturePolicy::Feature kDefaultOnFeatureDfn{
|
| + "default-on", FeaturePolicy::FeatureDefault::EnableForAll};
|
| +
|
| +// This is an example of a feature which should be enabled in top-level frames,
|
| +// and same-origin child-frames, but must be delegated to all cross-origin
|
| +// frames explicitly.
|
| +const FeaturePolicy::Feature kDefaultSelfFeatureDfn{
|
| + "default-self", FeaturePolicy::FeatureDefault::EnableForSelf};
|
| +
|
| +// This is an example of a feature which should be disabled by default, both in
|
| +// top-level and nested frames.
|
| +const FeaturePolicy::Feature kDefaultOffFeatureDfn{
|
| + "default-off", FeaturePolicy::FeatureDefault::DisableForAll};
|
| +
|
| +// Define the three new features for testing
|
| +blink::WebFeaturePolicyFeature kDefaultOnFeature =
|
| + static_cast<blink::WebFeaturePolicyFeature>(
|
| + static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 1);
|
| +
|
| +blink::WebFeaturePolicyFeature kDefaultSelfFeature =
|
| + static_cast<blink::WebFeaturePolicyFeature>(
|
| + static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 2);
|
| +
|
| +blink::WebFeaturePolicyFeature kDefaultOffFeature =
|
| + static_cast<blink::WebFeaturePolicyFeature>(
|
| + static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 3);
|
| +
|
| +} // namespace
|
| +
|
| +class FeaturePolicyTest : public ::testing::Test {
|
| + protected:
|
| + FeaturePolicyTest()
|
| + : featureList_({{kDefaultOnFeature, &kDefaultOnFeatureDfn},
|
| + {kDefaultSelfFeature, &kDefaultSelfFeatureDfn},
|
| + {kDefaultOffFeature, &kDefaultOffFeatureDfn}}) {}
|
| +
|
| + ~FeaturePolicyTest() override {}
|
| +
|
| + std::unique_ptr<FeaturePolicy> CreateFromParentPolicy(
|
| + const FeaturePolicy* parent,
|
| + const url::Origin& origin) {
|
| + return FeaturePolicy::CreateFromParentPolicy(parent, origin, featureList_);
|
| + }
|
| +
|
| + url::Origin originA_ = url::Origin(GURL("https://example.com/"));
|
| + url::Origin originB_ = url::Origin(GURL("https://example.net/"));
|
| + url::Origin originC_ = url::Origin(GURL("https://example.org/"));
|
| +
|
| + private:
|
| + // Contains the list of controlled features, so that we are guaranteed to
|
| + // have at least one of each kind of default behaviour represented.
|
| + FeaturePolicy::FeatureList featureList_;
|
| +};
|
| +
|
| +TEST_F(FeaturePolicyTest, TestInitialPolicy) {
|
| + // +-------------+
|
| + // |(1)Origin A |
|
| + // |No Policy |
|
| + // +-------------+
|
| + // Default-on and top-level-only features should be enabled in top-level
|
| + // frame. Default-off features should be disabled.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOffFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestInitialSameOriginChildPolicy) {
|
| + // +-----------------+
|
| + // |(1)Origin A |
|
| + // |No Policy |
|
| + // | +-------------+ |
|
| + // | |(2)Origin A | |
|
| + // | |No Policy | |
|
| + // | +-------------+ |
|
| + // +-----------------+
|
| + // Default-on and Default-self features should be enabled in a same-origin
|
| + // child frame. Default-off features should be disabled.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originA_);
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOffFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestInitialCrossOriginChildPolicy) {
|
| + // +-----------------+
|
| + // |(1)Origin A |
|
| + // |No Policy |
|
| + // | +-------------+ |
|
| + // | |(2)Origin B | |
|
| + // | |No Policy | |
|
| + // | +-------------+ |
|
| + // +-----------------+
|
| + // Default-on features should be enabled in child frame. Default-self and
|
| + // Default-off features should be disabled.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOffFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestCrossOriginChildCannotEnableFeature) {
|
| + // +---------------------------------------+
|
| + // |(1) Origin A |
|
| + // |No Policy |
|
| + // | +-----------------------------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |Policy: {"default-self": ["self"]} | |
|
| + // | +-----------------------------------+ |
|
| + // +---------------------------------------+
|
| + // Default-self feature should be disabled in cross origin frame, even if no
|
| + // policy was specified in the parent frame.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + policy2->SetHeaderPolicy({{{"default-self", false, {originB_}}}});
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) {
|
| + // +------------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["self"]} |
|
| + // | +-----------------+ +-----------------+ |
|
| + // | |(2) Origin A | |(4) Origin B | |
|
| + // | |No Policy | |No Policy | |
|
| + // | | +-------------+ | | +-------------+ | |
|
| + // | | |(3)Origin A | | | |(5)Origin B | | |
|
| + // | | |No Policy | | | |No Policy | | |
|
| + // | | +-------------+ | | +-------------+ | |
|
| + // | +-----------------+ +-----------------+ |
|
| + // +------------------------------------------+
|
| + // Feature should be enabled at the top-level, and through the chain of
|
| + // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as
|
| + // they are at a different origin.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-self", false, {originA_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originA_);
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originA_);
|
| + std::unique_ptr<FeaturePolicy> policy4 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy5 =
|
| + CreateFromParentPolicy(policy4.get(), originB_);
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy5->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestReflexiveFrameSelfInheritance) {
|
| + // +-----------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["self"]} |
|
| + // | +-----------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |No Policy | |
|
| + // | | +-------------+ | |
|
| + // | | |(3)Origin A | | |
|
| + // | | |No Policy | | |
|
| + // | | +-------------+ | |
|
| + // | +-----------------+ |
|
| + // +-----------------------------------+
|
| + // Feature which is enabled at top-level should be disabled in frame 3, as
|
| + // it is embedded by frame 2, for which the feature is not enabled.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-self", false, {originA_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originA_);
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) {
|
| + // +------------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["Origin B"]} |
|
| + // | +-----------------+ +-----------------+ |
|
| + // | |(2) Origin B | |(3) Origin C | |
|
| + // | |No Policy | |No Policy | |
|
| + // | | | | +-------------+ | |
|
| + // | | | | |(4)Origin B | | |
|
| + // | | | | |No Policy | | |
|
| + // | | | | +-------------+ | |
|
| + // | +-----------------+ +-----------------+ |
|
| + // +------------------------------------------+
|
| + // Feature should be enabled in second level Origin B frame, but disabled in
|
| + // Frame 4, because it is embedded by frame 3, where the feature is not
|
| + // enabled.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-self", false, {originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy1.get(), originC_);
|
| + std::unique_ptr<FeaturePolicy> policy4 =
|
| + CreateFromParentPolicy(policy3.get(), originB_);
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) {
|
| + // +----------------------------+
|
| + // |(1)Origin A |
|
| + // |Policy: {"default-on": []} |
|
| + // +----------------------------+
|
| + // Default-on feature should be disabled in top-level frame.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy(
|
| + {{{"default-on", false, std::vector<url::Origin>()}}});
|
| + EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) {
|
| + // +----------------------------+
|
| + // |(1)Origin A |
|
| + // |Policy: {"default-on": []} |
|
| + // | +-------------+ |
|
| + // | |(2)Origin A | |
|
| + // | |No Policy | |
|
| + // | +-------------+ |
|
| + // +----------------------------+
|
| + // Feature should be disabled in child frame.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy(
|
| + {{{"default-on", false, std::vector<url::Origin>()}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originA_);
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) {
|
| + // +--------------------------------+
|
| + // |(1)Origin A |
|
| + // |No Policy |
|
| + // | +----------------------------+ |
|
| + // | |(2)Origin B | |
|
| + // | |Policy: {"default-on": []} | |
|
| + // | +----------------------------+ |
|
| + // +--------------------------------+
|
| + // Default-on feature should be disabled by cross-origin child frame.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + policy2->SetHeaderPolicy(
|
| + {{{"default-on", false, std::vector<url::Origin>()}}});
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) {
|
| + // +--------------------------------------+
|
| + // |(1)Origin A |
|
| + // |No Policy |
|
| + // | +----------------------------------+ |
|
| + // | |(2)Origin B | |
|
| + // | |Policy: {"default-on": ["self"]} | |
|
| + // | | +-------------+ | |
|
| + // | | |(3)Origin C | | |
|
| + // | | |No Policy | | |
|
| + // | | +-------------+ | |
|
| + // | +----------------------------------+ |
|
| + // +--------------------------------------+
|
| + // Default-on feature should be enabled in frames 1 and 2; disabled in frame
|
| + // 3 by child frame policy.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + policy2->SetHeaderPolicy({{{"default-on", false, {originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) {
|
| + // +----------------------------+
|
| + // |(1)Origin A |
|
| + // |Policy: {"default-on": []} |
|
| + // | +-------------+ |
|
| + // | |(2)Origin B | |
|
| + // | |No Policy | |
|
| + // | +-------------+ |
|
| + // +----------------------------+
|
| + // Default-on feature should be disabled in cross-origin child frame.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy(
|
| + {{{"default-on", false, std::vector<url::Origin>()}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) {
|
| + // +--------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["*"]} |
|
| + // | +-----------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |No Policy | |
|
| + // | | +-------------+ | |
|
| + // | | |(3)Origin A | | |
|
| + // | | |No Policy | | |
|
| + // | | +-------------+ | |
|
| + // | +-----------------+ |
|
| + // +--------------------------------+
|
| + // Feature should be enabled in top and second level; disabled in frame 3.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy(
|
| + {{{"default-self", true, std::vector<url::Origin>()}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originA_);
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) {
|
| + // +---------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-on": ["Origin B"]} |
|
| + // | +-----------------------------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |No Policy | |
|
| + // | | +-------------+ +-------------+ | |
|
| + // | | |(3)Origin B | |(4)Origin C | | |
|
| + // | | |No Policy | |No Policy | | |
|
| + // | | +-------------+ +-------------+ | |
|
| + // | +-----------------------------------+ |
|
| + // +---------------------------------------+
|
| + // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-on", false, {originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy4 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy4->IsFeatureEnabled(kDefaultOnFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) {
|
| + // +---------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["Origin B"]} |
|
| + // | +-----------------------------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |No Policy | |
|
| + // | | +-------------+ +-------------+ | |
|
| + // | | |(3)Origin B | |(4)Origin C | | |
|
| + // | | |No Policy | |No Policy | | |
|
| + // | | +-------------+ +-------------+ | |
|
| + // | +-----------------------------------+ |
|
| + // +---------------------------------------+
|
| + // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-self", false, {originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy4 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) {
|
| + // +------------------------------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-off": ["Origin B"]} |
|
| + // | +--------------------------------------------------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |Policy: {"default-off": ["self"]} | |
|
| + // | | +-------------+ +----------------------------------+ | |
|
| + // | | |(3)Origin B | |(4)Origin C | | |
|
| + // | | |No Policy | |Policy: {"default-off": ["self"]} | | |
|
| + // | | +-------------+ +----------------------------------+ | |
|
| + // | +--------------------------------------------------------+ |
|
| + // +------------------------------------------------------------+
|
| + // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-off", false, {originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + policy2->SetHeaderPolicy({{{"default-off", false, {originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy4 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + policy4->SetHeaderPolicy({{{"default-off", false, {originC_}}}});
|
| + EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOffFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOffFeature));
|
| + EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOffFeature));
|
| + EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOffFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) {
|
| + // +------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["*"]} |
|
| + // | +--------------------------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |Policy: {"default-self": ["*"]} | |
|
| + // | | +-------------+ | |
|
| + // | | |(3)Origin A | | |
|
| + // | | |No Policy | | |
|
| + // | | +-------------+ | |
|
| + // | +--------------------------------+ |
|
| + // +------------------------------------+
|
| + // Feature should be enabled in all frames.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy(
|
| + {{{"default-self", true, std::vector<url::Origin>()}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + policy2->SetHeaderPolicy(
|
| + {{{"default-self", true, std::vector<url::Origin>()}}});
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originA_);
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) {
|
| + // +--------------------------------------+
|
| + // |(1)Origin A |
|
| + // |Policy: {"default-self": ["self"]} |
|
| + // | +----------------------------------+ |
|
| + // | |(2)Origin B | |
|
| + // | |Policy: {"default-self": ["*"]} | |
|
| + // | | +-------------+ +-------------+ | |
|
| + // | | |(3)Origin A | |(4)Origin C | | |
|
| + // | | |No Policy | |No Policy | | |
|
| + // | | +-------------+ +-------------+ | |
|
| + // | +----------------------------------+ |
|
| + // +--------------------------------------+
|
| + // Feature should be enabled at the top level; disabled in all other frames.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-self", false, {originA_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + policy2->SetHeaderPolicy(
|
| + {{{"default-self", true, std::vector<url::Origin>()}}});
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originA_);
|
| + std::unique_ptr<FeaturePolicy> policy4 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) {
|
| + // +---------------------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["self", "Origin B"]} |
|
| + // | +-----------------------------------------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |Policy: {"default-self": ["self", "Origin C"]} | |
|
| + // | | +-------------+ | |
|
| + // | | |(3)Origin C | | |
|
| + // | | |No Policy | | |
|
| + // | | +-------------+ | |
|
| + // | +-----------------------------------------------+ |
|
| + // +---------------------------------------------------+
|
| + // Feature should be enabled in all frames.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-self", false, {originA_, originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + policy2->SetHeaderPolicy({{{"default-self", false, {originB_, originC_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) {
|
| + // +-----------------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-on": ["self", "Origin B"]} |
|
| + // | +--------------------+ +--------------------+ |
|
| + // | |(2) Origin B | | (4) Origin C | |
|
| + // | |No Policy | | No Policy | |
|
| + // | | +-------------+ | | | |
|
| + // | | |(3)Origin C | | | | |
|
| + // | | |No Policy | | | | |
|
| + // | | +-------------+ | | | |
|
| + // | +--------------------+ +--------------------+ |
|
| + // +-----------------------------------------------+
|
| + // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-on", false, {originA_, originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + std::unique_ptr<FeaturePolicy> policy4 =
|
| + CreateFromParentPolicy(policy1.get(), originC_);
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOnFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) {
|
| + // +-----------------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["self", "Origin B"]} |
|
| + // | +--------------------+ +--------------------+ |
|
| + // | |(2) Origin B | | (4) Origin C | |
|
| + // | |No Policy | | No Policy | |
|
| + // | | +-------------+ | | | |
|
| + // | | |(3)Origin C | | | | |
|
| + // | | |No Policy | | | | |
|
| + // | | +-------------+ | | | |
|
| + // | +--------------------+ +--------------------+ |
|
| + // +-----------------------------------------------+
|
| + // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and
|
| + // 4.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-self", false, {originA_, originB_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + std::unique_ptr<FeaturePolicy> policy4 =
|
| + CreateFromParentPolicy(policy1.get(), originC_);
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestFeaturesAreIndependent) {
|
| + // +-----------------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-self": ["self", "Origin B"], |
|
| + // | "default-on": ["self"]} |
|
| + // | +-------------------------------------------+ |
|
| + // | |(2) Origin B | |
|
| + // | |Policy: {"default-self": ["*"], | |
|
| + // | | "default-on": ["*"]} | |
|
| + // | | +-------------+ | |
|
| + // | | |(3)Origin C | | |
|
| + // | | |No Policy | | |
|
| + // | | +-------------+ | |
|
| + // | +-------------------------------------------+ |
|
| + // +-----------------------------------------------+
|
| + // Default-self feature should be enabled in all frames; Default-on feature
|
| + // should be enabled in frame 1, and disabled in frames 2 and 3.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-self", false, {originA_, originB_}},
|
| + {"default-on", false, {originA_}}}});
|
| + std::unique_ptr<FeaturePolicy> policy2 =
|
| + CreateFromParentPolicy(policy1.get(), originB_);
|
| + policy2->SetHeaderPolicy(
|
| + {{{"default-self", true, std::vector<url::Origin>()},
|
| + {"default-on", true, std::vector<url::Origin>()}}});
|
| + std::unique_ptr<FeaturePolicy> policy3 =
|
| + CreateFromParentPolicy(policy2.get(), originC_);
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature));
|
| + EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature));
|
| + EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature));
|
| +}
|
| +
|
| +TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) {
|
| + // +-----------------------------------------------+
|
| + // |(1) Origin A |
|
| + // |Policy: {"default-off": ["self", "Origin B"]} |
|
| + // +-----------------------------------------------+
|
| + // Features should be enabled by the policy in frame 1 for origins A and B,
|
| + // and disabled for origin C.
|
| + std::unique_ptr<FeaturePolicy> policy1 =
|
| + CreateFromParentPolicy(nullptr, originA_);
|
| + policy1->SetHeaderPolicy({{{"default-off", false, {originA_, originB_}}}});
|
| + EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, originA_));
|
| + EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, originB_));
|
| + EXPECT_FALSE(
|
| + policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, originC_));
|
| +}
|
| +
|
| +} // namespace content
|
|
|
Chromium Code Reviews
Issue 2655663004:
Introduce content-side Feature Policy object and maintain in parallel with renderer policy. (Closed)
