Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(157)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp

Issue 2656533004: Remove unused blink::FeaturePolicy class. (Closed)
Patch Set: Rebase before commit Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/platform/feature_policy/FeaturePolicyFuzzer.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "platform/feature_policy/FeaturePolicy.h" 5 #include "platform/feature_policy/FeaturePolicy.h"
6 6
7 #include "platform/RuntimeEnabledFeatures.h" 7 #include "platform/RuntimeEnabledFeatures.h"
8 #include "testing/gtest/include/gtest/gtest.h" 8 #include "testing/gtest/include/gtest/gtest.h"
9 9
10 // Origin strings used for tests 10 // Origin strings used for tests
(...skipping 16 matching lines...) Expand all
27 "{\"feature1\": [\"" ORIGIN_A "\"]}, {\"feature2\": [\"self\"]}"}; 27 "{\"feature1\": [\"" ORIGIN_A "\"]}, {\"feature2\": [\"self\"]}"};
28 28
29 const char* kInvalidPolicies[] = { 29 const char* kInvalidPolicies[] = {
30 "Not A JSON literal", 30 "Not A JSON literal",
31 "\"Not a JSON object\"", 31 "\"Not a JSON object\"",
32 "[\"Also\", \"Not a JSON object\"]", 32 "[\"Also\", \"Not a JSON object\"]",
33 "1.0", 33 "1.0",
34 "{\"Whitelist\": \"Not a JSON array\"}", 34 "{\"Whitelist\": \"Not a JSON array\"}",
35 "{\"feature1\": [\"*\"], \"feature2\": \"Not an array\"}"}; 35 "{\"feature1\": [\"*\"], \"feature2\": \"Not an array\"}"};
36 36
37 // This is an example of a feature which should be enabled by default in all
38 // frames.
39 const FeaturePolicy::Feature kDefaultOnFeature{
40 "default-on", FeaturePolicy::FeatureDefault::EnableForAll};
41
42 // This is an example of a feature which should be enabled in top-level frames,
43 // and same-origin child-frames, but must be delegated to all cross-origin
44 // frames explicitly.
45 const FeaturePolicy::Feature kDefaultSelfFeature{
46 "default-self", FeaturePolicy::FeatureDefault::EnableForSelf};
47
48 // This is an example of a feature which should be disabled by default, both in
49 // top-level and nested frames.
50 const FeaturePolicy::Feature kDefaultOffFeature{
51 "default-off", FeaturePolicy::FeatureDefault::DisableForAll};
52
53 } // namespace 37 } // namespace
54 38
55 class FeaturePolicyTest : public ::testing::Test { 39 class FeaturePolicyTest : public ::testing::Test {
56 protected: 40 protected:
57 FeaturePolicyTest() 41 FeaturePolicyTest() {}
58 : m_frameworkWasEnabled(RuntimeEnabledFeatures::featurePolicyEnabled()),
59 m_featureList(
60 {&kDefaultOnFeature, &kDefaultSelfFeature, &kDefaultOffFeature}) {
61 RuntimeEnabledFeatures::setFeaturePolicyEnabled(true);
62 }
63 42
64 ~FeaturePolicyTest() { 43 ~FeaturePolicyTest() {
65 RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled);
66 }
67
68 std::unique_ptr<FeaturePolicy> createFromParentPolicy(
69 const FeaturePolicy* parent,
70 RefPtr<SecurityOrigin> origin) {
71 return FeaturePolicy::createFromParentPolicy(parent, nullptr, origin,
72 m_featureList);
73 }
74
75 std::unique_ptr<FeaturePolicy> createFromParentWithFramePolicy(
76 const FeaturePolicy* parent,
77 const WebParsedFeaturePolicyHeader* framePolicy,
78 RefPtr<SecurityOrigin> origin) {
79 return FeaturePolicy::createFromParentPolicy(parent, framePolicy, origin,
80 m_featureList);
81 } 44 }
82 45
83 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A); 46 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A);
84 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B); 47 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B);
85 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C); 48 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C);
86
87 private:
88 const bool m_frameworkWasEnabled;
89
90 // Contains the list of controlled features, so that we are guaranteed to
91 // have at least one of each kind of default behaviour represented.
92 FeaturePolicy::FeatureList m_featureList;
93 }; 49 };
94 50
95 TEST_F(FeaturePolicyTest, ParseValidPolicy) { 51 TEST_F(FeaturePolicyTest, ParseValidPolicy) {
96 Vector<String> messages; 52 Vector<String> messages;
97 for (const char* policyString : kValidPolicies) { 53 for (const char* policyString : kValidPolicies) {
98 messages.clear(); 54 messages.clear();
99 FeaturePolicy::parseFeaturePolicy(policyString, m_originA.get(), &messages); 55 parseFeaturePolicy(policyString, m_originA.get(), &messages);
100 EXPECT_EQ(0UL, messages.size()); 56 EXPECT_EQ(0UL, messages.size());
101 } 57 }
102 } 58 }
103 59
104 TEST_F(FeaturePolicyTest, ParseInvalidPolicy) { 60 TEST_F(FeaturePolicyTest, ParseInvalidPolicy) {
105 Vector<String> messages; 61 Vector<String> messages;
106 for (const char* policyString : kInvalidPolicies) { 62 for (const char* policyString : kInvalidPolicies) {
107 messages.clear(); 63 messages.clear();
108 FeaturePolicy::parseFeaturePolicy(policyString, m_originA.get(), &messages); 64 parseFeaturePolicy(policyString, m_originA.get(), &messages);
109 EXPECT_NE(0UL, messages.size()); 65 EXPECT_NE(0UL, messages.size());
110 } 66 }
111 } 67 }
112 68
113 TEST_F(FeaturePolicyTest, PolicyParsedCorrectly) { 69 TEST_F(FeaturePolicyTest, PolicyParsedCorrectly) {
114 Vector<String> messages; 70 Vector<String> messages;
115 71
116 // Empty policy. 72 // Empty policy.
117 WebParsedFeaturePolicyHeader parsedHeader = 73 WebParsedFeaturePolicyHeader parsedPolicy =
118 FeaturePolicy::parseFeaturePolicy("{}", m_originA.get(), &messages); 74 parseFeaturePolicy("{}", m_originA.get(), &messages);
119 EXPECT_EQ(0UL, parsedHeader.size()); 75 EXPECT_EQ(0UL, parsedPolicy.size());
120 76
121 // Simple policy with "self". 77 // Simple policy with "self".
122 parsedHeader = FeaturePolicy::parseFeaturePolicy( 78 parsedPolicy = parseFeaturePolicy("{\"default-self\": [\"self\"]}",
123 "{\"default-self\": [\"self\"]}", m_originA.get(), &messages); 79 m_originA.get(), &messages);
124 EXPECT_EQ(1UL, parsedHeader.size()); 80 EXPECT_EQ(1UL, parsedPolicy.size());
125 EXPECT_EQ("default-self", parsedHeader[0].featureName); 81 EXPECT_EQ("default-self", parsedPolicy[0].featureName);
126 EXPECT_FALSE(parsedHeader[0].matchesAllOrigins); 82 EXPECT_FALSE(parsedPolicy[0].matchesAllOrigins);
127 EXPECT_EQ(1UL, parsedHeader[0].origins.size()); 83 EXPECT_EQ(1UL, parsedPolicy[0].origins.size());
128 EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin( 84 EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin(
129 parsedHeader[0].origins[0].get())); 85 parsedPolicy[0].origins[0].get()));
130 86
131 // Simple policy with *. 87 // Simple policy with *.
132 parsedHeader = FeaturePolicy::parseFeaturePolicy( 88 parsedPolicy = parseFeaturePolicy("{\"default-self\": [\"*\"]}",
133 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages); 89 m_originA.get(), &messages);
134 EXPECT_EQ(1UL, parsedHeader.size()); 90 EXPECT_EQ(1UL, parsedPolicy.size());
135 EXPECT_EQ("default-self", parsedHeader[0].featureName); 91 EXPECT_EQ("default-self", parsedPolicy[0].featureName);
136 EXPECT_TRUE(parsedHeader[0].matchesAllOrigins); 92 EXPECT_TRUE(parsedPolicy[0].matchesAllOrigins);
137 EXPECT_EQ(0UL, parsedHeader[0].origins.size()); 93 EXPECT_EQ(0UL, parsedPolicy[0].origins.size());
138 94
139 // Complicated policy. 95 // Complicated policy.
140 parsedHeader = FeaturePolicy::parseFeaturePolicy( 96 parsedPolicy = parseFeaturePolicy(
141 "{\"default-self\": [\"*\"], " 97 "{\"default-self\": [\"*\"], "
142 "\"default-on\": [\"https://example.net\", \"https://example.org\"], " 98 "\"default-on\": [\"https://example.net\", \"https://example.org\"], "
143 "\"default-off\": [\"self\"]}", 99 "\"default-off\": [\"self\"]}",
144 m_originA.get(), &messages); 100 m_originA.get(), &messages);
145 EXPECT_EQ(3UL, parsedHeader.size()); 101 EXPECT_EQ(3UL, parsedPolicy.size());
146 EXPECT_EQ("default-self", parsedHeader[0].featureName); 102 EXPECT_EQ("default-self", parsedPolicy[0].featureName);
147 EXPECT_TRUE(parsedHeader[0].matchesAllOrigins); 103 EXPECT_TRUE(parsedPolicy[0].matchesAllOrigins);
148 EXPECT_EQ(0UL, parsedHeader[0].origins.size()); 104 EXPECT_EQ(0UL, parsedPolicy[0].origins.size());
149 EXPECT_EQ("default-on", parsedHeader[1].featureName); 105 EXPECT_EQ("default-on", parsedPolicy[1].featureName);
150 EXPECT_FALSE(parsedHeader[1].matchesAllOrigins); 106 EXPECT_FALSE(parsedPolicy[1].matchesAllOrigins);
151 EXPECT_EQ(2UL, parsedHeader[1].origins.size()); 107 EXPECT_EQ(2UL, parsedPolicy[1].origins.size());
152 EXPECT_TRUE(m_originB->isSameSchemeHostPortAndSuborigin( 108 EXPECT_TRUE(m_originB->isSameSchemeHostPortAndSuborigin(
153 parsedHeader[1].origins[0].get())); 109 parsedPolicy[1].origins[0].get()));
154 EXPECT_TRUE(m_originC->isSameSchemeHostPortAndSuborigin( 110 EXPECT_TRUE(m_originC->isSameSchemeHostPortAndSuborigin(
155 parsedHeader[1].origins[1].get())); 111 parsedPolicy[1].origins[1].get()));
156 EXPECT_EQ("default-off", parsedHeader[2].featureName); 112 EXPECT_EQ("default-off", parsedPolicy[2].featureName);
157 EXPECT_FALSE(parsedHeader[2].matchesAllOrigins); 113 EXPECT_FALSE(parsedPolicy[2].matchesAllOrigins);
158 EXPECT_EQ(1UL, parsedHeader[2].origins.size()); 114 EXPECT_EQ(1UL, parsedPolicy[2].origins.size());
159 EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin( 115 EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin(
160 parsedHeader[2].origins[0].get())); 116 parsedPolicy[2].origins[0].get()));
161 }
162
163 TEST_F(FeaturePolicyTest, TestInitialPolicy) {
164 // +-------------+
165 // |(1)Origin A |
166 // |No Policy |
167 // +-------------+
168 // Default-on and top-level-only features should be enabled in top-level
169 // frame. Default-off features should be disabled.
170 std::unique_ptr<FeaturePolicy> policy1 =
171 createFromParentPolicy(nullptr, m_originA);
172 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
173 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
174 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature));
175 }
176
177 TEST_F(FeaturePolicyTest, TestInitialSameOriginChildPolicy) {
178 // +-----------------+
179 // |(1)Origin A |
180 // |No Policy |
181 // | +-------------+ |
182 // | |(2)Origin A | |
183 // | |No Policy | |
184 // | +-------------+ |
185 // +-----------------+
186 // Default-on and Default-self features should be enabled in a same-origin
187 // child frame. Default-off features should be disabled.
188 std::unique_ptr<FeaturePolicy> policy1 =
189 createFromParentPolicy(nullptr, m_originA);
190 std::unique_ptr<FeaturePolicy> policy2 =
191 createFromParentPolicy(policy1.get(), m_originA);
192 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
193 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
194 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature));
195 }
196
197 TEST_F(FeaturePolicyTest, TestInitialCrossOriginChildPolicy) {
198 // +-----------------+
199 // |(1)Origin A |
200 // |No Policy |
201 // | +-------------+ |
202 // | |(2)Origin B | |
203 // | |No Policy | |
204 // | +-------------+ |
205 // +-----------------+
206 // Default-on features should be enabled in child frame. Default-self and
207 // Default-off features should be disabled.
208 std::unique_ptr<FeaturePolicy> policy1 =
209 createFromParentPolicy(nullptr, m_originA);
210 std::unique_ptr<FeaturePolicy> policy2 =
211 createFromParentPolicy(policy1.get(), m_originB);
212 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
213 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
214 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature));
215 }
216
217 TEST_F(FeaturePolicyTest, TestCrossOriginChildCannotEnableFeature) {
218 // +---------------------------------------+
219 // |(1) Origin A |
220 // |No Policy |
221 // | +-----------------------------------+ |
222 // | |(2) Origin B | |
223 // | |Policy: {"default-self": ["self"]} | |
224 // | +-----------------------------------+ |
225 // +---------------------------------------+
226 // Default-self feature should be disabled in cross origin frame, even if no
227 // policy was specified in the parent frame.
228 Vector<String> messages;
229 std::unique_ptr<FeaturePolicy> policy1 =
230 createFromParentPolicy(nullptr, m_originA);
231 std::unique_ptr<FeaturePolicy> policy2 =
232 createFromParentPolicy(policy1.get(), m_originB);
233 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
234 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages));
235 EXPECT_EQ(0UL, messages.size());
236 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
237 }
238
239 TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) {
240 // +------------------------------------------+
241 // |(1) Origin A |
242 // |Policy: {"default-self": ["self"]} |
243 // | +-----------------+ +-----------------+ |
244 // | |(2) Origin A | |(4) Origin B | |
245 // | |No Policy | |No Policy | |
246 // | | +-------------+ | | +-------------+ | |
247 // | | |(3)Origin A | | | |(5)Origin B | | |
248 // | | |No Policy | | | |No Policy | | |
249 // | | +-------------+ | | +-------------+ | |
250 // | +-----------------+ +-----------------+ |
251 // +------------------------------------------+
252 // Feature should be enabled at the top-level, and through the chain of
253 // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as
254 // they are at a different origin.
255 Vector<String> messages;
256 std::unique_ptr<FeaturePolicy> policy1 =
257 createFromParentPolicy(nullptr, m_originA);
258 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
259 "{\"default-self\": [\"self\"]}", m_originA.get(), &messages));
260 EXPECT_EQ(0UL, messages.size());
261 std::unique_ptr<FeaturePolicy> policy2 =
262 createFromParentPolicy(policy1.get(), m_originA);
263 std::unique_ptr<FeaturePolicy> policy3 =
264 createFromParentPolicy(policy2.get(), m_originA);
265 std::unique_ptr<FeaturePolicy> policy4 =
266 createFromParentPolicy(policy1.get(), m_originB);
267 std::unique_ptr<FeaturePolicy> policy5 =
268 createFromParentPolicy(policy4.get(), m_originB);
269 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
270 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
271 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
272 EXPECT_FALSE(policy5->isFeatureEnabled(kDefaultSelfFeature));
273 }
274
275 TEST_F(FeaturePolicyTest, TestReflexiveFrameSelfInheritance) {
276 // +-----------------------------------+
277 // |(1) Origin A |
278 // |Policy: {"default-self": ["self"]} |
279 // | +-----------------+ |
280 // | |(2) Origin B | |
281 // | |No Policy | |
282 // | | +-------------+ | |
283 // | | |(3)Origin A | | |
284 // | | |No Policy | | |
285 // | | +-------------+ | |
286 // | +-----------------+ |
287 // +-----------------------------------+
288 // Feature which is enabled at top-level should be disabled in frame 3, as
289 // it is embedded by frame 2, for which the feature is not enabled.
290 Vector<String> messages;
291 std::unique_ptr<FeaturePolicy> policy1 =
292 createFromParentPolicy(nullptr, m_originA);
293 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
294 "{\"default-self\": [\"self\"]}", m_originA.get(), &messages));
295 EXPECT_EQ(0UL, messages.size());
296 std::unique_ptr<FeaturePolicy> policy2 =
297 createFromParentPolicy(policy1.get(), m_originB);
298 std::unique_ptr<FeaturePolicy> policy3 =
299 createFromParentPolicy(policy2.get(), m_originA);
300 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
301 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
302 }
303
304 TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) {
305 // +------------------------------------------+
306 // |(1) Origin A |
307 // |Policy: {"default-self": ["Origin B"]} |
308 // | +-----------------+ +-----------------+ |
309 // | |(2) Origin B | |(3) Origin C | |
310 // | |No Policy | |No Policy | |
311 // | | | | +-------------+ | |
312 // | | | | |(4)Origin B | | |
313 // | | | | |No Policy | | |
314 // | | | | +-------------+ | |
315 // | +-----------------+ +-----------------+ |
316 // +------------------------------------------+
317 // Feature should be enabled in second level Origin B frame, but disabled in
318 // Frame 4, because it is embedded by frame 3, where the feature is not
319 // enabled.
320 Vector<String> messages;
321 std::unique_ptr<FeaturePolicy> policy1 =
322 createFromParentPolicy(nullptr, m_originA);
323 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
324 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages));
325 EXPECT_EQ(0UL, messages.size());
326 std::unique_ptr<FeaturePolicy> policy2 =
327 createFromParentPolicy(policy1.get(), m_originB);
328 std::unique_ptr<FeaturePolicy> policy3 =
329 createFromParentPolicy(policy1.get(), m_originC);
330 std::unique_ptr<FeaturePolicy> policy4 =
331 createFromParentPolicy(policy3.get(), m_originB);
332 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
333 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
334 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
335 }
336
337 TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) {
338 // +----------------------------+
339 // |(1)Origin A |
340 // |Policy: {"default-on": []} |
341 // +----------------------------+
342 // Default-on feature should be disabled in top-level frame.
343 Vector<String> messages;
344 std::unique_ptr<FeaturePolicy> policy1 =
345 createFromParentPolicy(nullptr, m_originA);
346 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
347 "{\"default-on\": []}", m_originA.get(), &messages));
348 EXPECT_EQ(0UL, messages.size());
349 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature));
350 }
351
352 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) {
353 // +----------------------------+
354 // |(1)Origin A |
355 // |Policy: {"default-on": []} |
356 // | +-------------+ |
357 // | |(2)Origin A | |
358 // | |No Policy | |
359 // | +-------------+ |
360 // +----------------------------+
361 // Feature should be disabled in child frame.
362 Vector<String> messages;
363 std::unique_ptr<FeaturePolicy> policy1 =
364 createFromParentPolicy(nullptr, m_originA);
365 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
366 "{\"default-on\": []}", m_originA.get(), &messages));
367 EXPECT_EQ(0UL, messages.size());
368 std::unique_ptr<FeaturePolicy> policy2 =
369 createFromParentPolicy(policy1.get(), m_originA);
370 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
371 }
372
373 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) {
374 // +--------------------------------+
375 // |(1)Origin A |
376 // |No Policy |
377 // | +----------------------------+ |
378 // | |(2)Origin B | |
379 // | |Policy: {"default-on": []} | |
380 // | +----------------------------+ |
381 // +--------------------------------+
382 // Default-on feature should be disabled by cross-origin child frame.
383 Vector<String> messages;
384 std::unique_ptr<FeaturePolicy> policy1 =
385 createFromParentPolicy(nullptr, m_originA);
386 std::unique_ptr<FeaturePolicy> policy2 =
387 createFromParentPolicy(policy1.get(), m_originB);
388 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
389 "{\"default-on\": []}", m_originB.get(), &messages));
390 EXPECT_EQ(0UL, messages.size());
391 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
392 }
393
394 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) {
395 // +--------------------------------------+
396 // |(1)Origin A |
397 // |No Policy |
398 // | +----------------------------------+ |
399 // | |(2)Origin B | |
400 // | |Policy: {"default-on": ["self"]} | |
401 // | | +-------------+ | |
402 // | | |(3)Origin C | | |
403 // | | |No Policy | | |
404 // | | +-------------+ | |
405 // | +----------------------------------+ |
406 // +--------------------------------------+
407 // Default-on feature should be enabled in frames 1 and 2; disabled in frame
408 // 3 by child frame policy.
409 Vector<String> messages;
410 std::unique_ptr<FeaturePolicy> policy1 =
411 createFromParentPolicy(nullptr, m_originA);
412 std::unique_ptr<FeaturePolicy> policy2 =
413 createFromParentPolicy(policy1.get(), m_originB);
414 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
415 "{\"default-on\": [\"self\"]}", m_originB.get(), &messages));
416 EXPECT_EQ(0UL, messages.size());
417 std::unique_ptr<FeaturePolicy> policy3 =
418 createFromParentPolicy(policy2.get(), m_originC);
419 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
420 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature));
421 }
422
423 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) {
424 // +----------------------------+
425 // |(1)Origin A |
426 // |Policy: {"default-on": []} |
427 // | +-------------+ |
428 // | |(2)Origin B | |
429 // | |No Policy | |
430 // | +-------------+ |
431 // +----------------------------+
432 // Default-on feature should be disabled in cross-origin child frame.
433 Vector<String> messages;
434 std::unique_ptr<FeaturePolicy> policy1 =
435 createFromParentPolicy(nullptr, m_originA);
436 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
437 "{\"default-on\": []}", m_originA.get(), &messages));
438 EXPECT_EQ(0UL, messages.size());
439 std::unique_ptr<FeaturePolicy> policy2 =
440 createFromParentPolicy(policy1.get(), m_originB);
441 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
442 }
443
444 TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) {
445 // +--------------------------------+
446 // |(1) Origin A |
447 // |Policy: {"default-self": ["*"]} |
448 // | +-----------------+ |
449 // | |(2) Origin B | |
450 // | |No Policy | |
451 // | | +-------------+ | |
452 // | | |(3)Origin A | | |
453 // | | |No Policy | | |
454 // | | +-------------+ | |
455 // | +-----------------+ |
456 // +--------------------------------+
457 // Feature should be enabled in top and second level; disabled in frame 3.
458 Vector<String> messages;
459 std::unique_ptr<FeaturePolicy> policy1 =
460 createFromParentPolicy(nullptr, m_originA);
461 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
462 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages));
463 EXPECT_EQ(0UL, messages.size());
464 std::unique_ptr<FeaturePolicy> policy2 =
465 createFromParentPolicy(policy1.get(), m_originB);
466 std::unique_ptr<FeaturePolicy> policy3 =
467 createFromParentPolicy(policy2.get(), m_originA);
468 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
469 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
470 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
471 }
472
473 TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) {
474 // +---------------------------------------+
475 // |(1) Origin A |
476 // |Policy: {"default-on": ["Origin B"]} |
477 // | +-----------------------------------+ |
478 // | |(2) Origin B | |
479 // | |No Policy | |
480 // | | +-------------+ +-------------+ | |
481 // | | |(3)Origin B | |(4)Origin C | | |
482 // | | |No Policy | |No Policy | | |
483 // | | +-------------+ +-------------+ | |
484 // | +-----------------------------------+ |
485 // +---------------------------------------+
486 // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4.
487 Vector<String> messages;
488 std::unique_ptr<FeaturePolicy> policy1 =
489 createFromParentPolicy(nullptr, m_originA);
490 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
491 "{\"default-on\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages));
492 EXPECT_EQ(0UL, messages.size());
493 std::unique_ptr<FeaturePolicy> policy2 =
494 createFromParentPolicy(policy1.get(), m_originB);
495 std::unique_ptr<FeaturePolicy> policy3 =
496 createFromParentPolicy(policy2.get(), m_originB);
497 std::unique_ptr<FeaturePolicy> policy4 =
498 createFromParentPolicy(policy2.get(), m_originC);
499 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature));
500 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
501 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature));
502 EXPECT_TRUE(policy4->isFeatureEnabled(kDefaultOnFeature));
503 }
504
505 TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) {
506 // +---------------------------------------+
507 // |(1) Origin A |
508 // |Policy: {"default-self": ["Origin B"]} |
509 // | +-----------------------------------+ |
510 // | |(2) Origin B | |
511 // | |No Policy | |
512 // | | +-------------+ +-------------+ | |
513 // | | |(3)Origin B | |(4)Origin C | | |
514 // | | |No Policy | |No Policy | | |
515 // | | +-------------+ +-------------+ | |
516 // | +-----------------------------------+ |
517 // +---------------------------------------+
518 // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3.
519 Vector<String> messages;
520 std::unique_ptr<FeaturePolicy> policy1 =
521 createFromParentPolicy(nullptr, m_originA);
522 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
523 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages));
524 EXPECT_EQ(0UL, messages.size());
525 std::unique_ptr<FeaturePolicy> policy2 =
526 createFromParentPolicy(policy1.get(), m_originB);
527 std::unique_ptr<FeaturePolicy> policy3 =
528 createFromParentPolicy(policy2.get(), m_originB);
529 std::unique_ptr<FeaturePolicy> policy4 =
530 createFromParentPolicy(policy2.get(), m_originC);
531 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultSelfFeature));
532 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
533 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
534 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
535 }
536
537 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) {
538 // +------------------------------------------------------------+
539 // |(1) Origin A |
540 // |Policy: {"default-off": ["Origin B"]} |
541 // | +--------------------------------------------------------+ |
542 // | |(2) Origin B | |
543 // | |Policy: {"default-off": ["self"]} | |
544 // | | +-------------+ +----------------------------------+ | |
545 // | | |(3)Origin B | |(4)Origin C | | |
546 // | | |No Policy | |Policy: {"default-off": ["self"]} | | |
547 // | | +-------------+ +----------------------------------+ | |
548 // | +--------------------------------------------------------+ |
549 // +------------------------------------------------------------+
550 // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only.
551 Vector<String> messages;
552 std::unique_ptr<FeaturePolicy> policy1 =
553 createFromParentPolicy(nullptr, m_originA);
554 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
555 "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages));
556 EXPECT_EQ(0UL, messages.size());
557 std::unique_ptr<FeaturePolicy> policy2 =
558 createFromParentPolicy(policy1.get(), m_originB);
559 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
560 "{\"default-off\": [\"self\"]}", m_originB.get(), &messages));
561 std::unique_ptr<FeaturePolicy> policy3 =
562 createFromParentPolicy(policy2.get(), m_originB);
563 std::unique_ptr<FeaturePolicy> policy4 =
564 createFromParentPolicy(policy2.get(), m_originC);
565 policy4->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
566 "{\"default-off\": [\"self\"]}", m_originC.get(), &messages));
567 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature));
568 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOffFeature));
569 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOffFeature));
570 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOffFeature));
571 }
572
573 TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) {
574 // +------------------------------------+
575 // |(1) Origin A |
576 // |Policy: {"default-self": ["*"]} |
577 // | +--------------------------------+ |
578 // | |(2) Origin B | |
579 // | |Policy: {"default-self": ["*"]} | |
580 // | | +-------------+ | |
581 // | | |(3)Origin A | | |
582 // | | |No Policy | | |
583 // | | +-------------+ | |
584 // | +--------------------------------+ |
585 // +------------------------------------+
586 // Feature should be enabled in all frames.
587 Vector<String> messages;
588 std::unique_ptr<FeaturePolicy> policy1 =
589 createFromParentPolicy(nullptr, m_originA);
590 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
591 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages));
592 EXPECT_EQ(0UL, messages.size());
593 std::unique_ptr<FeaturePolicy> policy2 =
594 createFromParentPolicy(policy1.get(), m_originB);
595 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
596 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages));
597 EXPECT_EQ(0UL, messages.size());
598 std::unique_ptr<FeaturePolicy> policy3 =
599 createFromParentPolicy(policy2.get(), m_originA);
600 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
601 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
602 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
603 }
604
605 TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) {
606 // +--------------------------------------+
607 // |(1)Origin A |
608 // |Policy: {"default-self": ["self"]} |
609 // | +----------------------------------+ |
610 // | |(2)Origin B | |
611 // | |Policy: {"default-self": ["*"]} | |
612 // | | +-------------+ +-------------+ | |
613 // | | |(3)Origin A | |(4)Origin C | | |
614 // | | |No Policy | |No Policy | | |
615 // | | +-------------+ +-------------+ | |
616 // | +----------------------------------+ |
617 // +--------------------------------------+
618 // Feature should be enabled at the top level; disabled in all other frames.
619 Vector<String> messages;
620 std::unique_ptr<FeaturePolicy> policy1 =
621 createFromParentPolicy(nullptr, m_originA);
622 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
623 "{\"default-self\": [\"self\"]}", m_originA.get(), &messages));
624 EXPECT_EQ(0UL, messages.size());
625 std::unique_ptr<FeaturePolicy> policy2 =
626 createFromParentPolicy(policy1.get(), m_originB);
627 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
628 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages));
629 EXPECT_EQ(0UL, messages.size());
630 std::unique_ptr<FeaturePolicy> policy3 =
631 createFromParentPolicy(policy2.get(), m_originA);
632 std::unique_ptr<FeaturePolicy> policy4 =
633 createFromParentPolicy(policy2.get(), m_originC);
634 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
635 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
636 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
637 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
638 }
639
640 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) {
641 // +---------------------------------------------------+
642 // |(1) Origin A |
643 // |Policy: {"default-self": ["self", "Origin B"]} |
644 // | +-----------------------------------------------+ |
645 // | |(2) Origin B | |
646 // | |Policy: {"default-self": ["self", "Origin C"]} | |
647 // | | +-------------+ | |
648 // | | |(3)Origin C | | |
649 // | | |No Policy | | |
650 // | | +-------------+ | |
651 // | +-----------------------------------------------+ |
652 // +---------------------------------------------------+
653 // Feature should be enabled in all frames.
654 Vector<String> messages;
655 std::unique_ptr<FeaturePolicy> policy1 =
656 createFromParentPolicy(nullptr, m_originA);
657 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
658 "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
659 &messages));
660 EXPECT_EQ(0UL, messages.size());
661 std::unique_ptr<FeaturePolicy> policy2 =
662 createFromParentPolicy(policy1.get(), m_originB);
663 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
664 "{\"default-self\": [\"self\", \"" ORIGIN_C "\"]}", m_originB.get(),
665 &messages));
666 EXPECT_EQ(0UL, messages.size());
667 std::unique_ptr<FeaturePolicy> policy3 =
668 createFromParentPolicy(policy2.get(), m_originC);
669 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
670 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
671 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
672 }
673
674 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) {
675 // +-----------------------------------------------+
676 // |(1) Origin A |
677 // |Policy: {"default-on": ["self", "Origin B"]} |
678 // | +--------------------+ +--------------------+ |
679 // | |(2) Origin B | | (4) Origin C | |
680 // | |No Policy | | No Policy | |
681 // | | +-------------+ | | | |
682 // | | |(3)Origin C | | | | |
683 // | | |No Policy | | | | |
684 // | | +-------------+ | | | |
685 // | +--------------------+ +--------------------+ |
686 // +-----------------------------------------------+
687 // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4.
688 Vector<String> messages;
689 std::unique_ptr<FeaturePolicy> policy1 =
690 createFromParentPolicy(nullptr, m_originA);
691 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
692 "{\"default-on\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
693 &messages));
694 EXPECT_EQ(0UL, messages.size());
695 std::unique_ptr<FeaturePolicy> policy2 =
696 createFromParentPolicy(policy1.get(), m_originB);
697 std::unique_ptr<FeaturePolicy> policy3 =
698 createFromParentPolicy(policy2.get(), m_originC);
699 std::unique_ptr<FeaturePolicy> policy4 =
700 createFromParentPolicy(policy1.get(), m_originC);
701 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
702 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
703 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature));
704 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOnFeature));
705 }
706
707 TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) {
708 // +-----------------------------------------------+
709 // |(1) Origin A |
710 // |Policy: {"default-self": ["self", "Origin B"]} |
711 // | +--------------------+ +--------------------+ |
712 // | |(2) Origin B | | (4) Origin C | |
713 // | |No Policy | | No Policy | |
714 // | | +-------------+ | | | |
715 // | | |(3)Origin C | | | | |
716 // | | |No Policy | | | | |
717 // | | +-------------+ | | | |
718 // | +--------------------+ +--------------------+ |
719 // +-----------------------------------------------+
720 // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and
721 // 4.
722 Vector<String> messages;
723 std::unique_ptr<FeaturePolicy> policy1 =
724 createFromParentPolicy(nullptr, m_originA);
725 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
726 "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
727 &messages));
728 EXPECT_EQ(0UL, messages.size());
729 std::unique_ptr<FeaturePolicy> policy2 =
730 createFromParentPolicy(policy1.get(), m_originB);
731 std::unique_ptr<FeaturePolicy> policy3 =
732 createFromParentPolicy(policy2.get(), m_originC);
733 std::unique_ptr<FeaturePolicy> policy4 =
734 createFromParentPolicy(policy1.get(), m_originC);
735 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
736 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
737 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
738 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
739 }
740
741 TEST_F(FeaturePolicyTest, TestFeaturesAreIndependent) {
742 // +-----------------------------------------------+
743 // |(1) Origin A |
744 // |Policy: {"default-self": ["self", "Origin B"], |
745 // | "default-on": ["self"]} |
746 // | +-------------------------------------------+ |
747 // | |(2) Origin B | |
748 // | |Policy: {"default-self": ["*"], | |
749 // | | "default-on": ["*"]} | |
750 // | | +-------------+ | |
751 // | | |(3)Origin C | | |
752 // | | |No Policy | | |
753 // | | +-------------+ | |
754 // | +-------------------------------------------+ |
755 // +-----------------------------------------------+
756 // Default-self feature should be enabled in all frames; Default-on feature
757 // should be enabled in frame 1, and disabled in frames 2 and 3.
758 Vector<String> messages;
759 std::unique_ptr<FeaturePolicy> policy1 =
760 createFromParentPolicy(nullptr, m_originA);
761 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
762 "{\"default-self\": [\"self\", \"" ORIGIN_B
763 "\"], \"default-on\": [\"self\"]}",
764 m_originA.get(), &messages));
765 EXPECT_EQ(0UL, messages.size());
766 std::unique_ptr<FeaturePolicy> policy2 =
767 createFromParentPolicy(policy1.get(), m_originB);
768 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
769 "{\"default-self\": [\"*\"], \"default-on\": [\"*\"]}", m_originB.get(),
770 &messages));
771 EXPECT_EQ(0UL, messages.size());
772 std::unique_ptr<FeaturePolicy> policy3 =
773 createFromParentPolicy(policy2.get(), m_originC);
774 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
775 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
776 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
777 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
778 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
779 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature));
780 }
781
782 TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) {
783 // +-----------------------------------------------+
784 // |(1) Origin A |
785 // |Policy: {"default-off": ["self", "Origin B"]} |
786 // +-----------------------------------------------+
787 // Features should be enabled by the policy in frame 1 for origins A and B,
788 // and disabled for origin C.
789 Vector<String> messages;
790 std::unique_ptr<FeaturePolicy> policy1 =
791 createFromParentPolicy(nullptr, m_originA);
792 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
793 "{\"default-off\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
794 &messages));
795 EXPECT_EQ(0UL, messages.size());
796 EXPECT_TRUE(
797 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
798 EXPECT_TRUE(
799 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
800 EXPECT_FALSE(
801 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
802 }
803
804 // Test frame policies
805
806 TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) {
807 // +-------------------------------------------------+
808 // |(1)Origin A |
809 // |No Policy |
810 // | |
811 // |<iframe policy='{"default-self": ["Origin B"]}'> |
812 // | +-------------+ |
813 // | |(2)Origin B | |
814 // | |No Policy | |
815 // | +-------------+ |
816 // +-------------------------------------------------+
817 // Default-self feature should be enabled in cross-origin child frame because
818 // permission was delegated through frame policy.
819 // This is the same scenario as when the iframe is declared as
820 // <iframe allow="default-self">
821 Vector<String> messages;
822 std::unique_ptr<FeaturePolicy> policy1 =
823 createFromParentPolicy(nullptr, m_originA);
824 WebParsedFeaturePolicyHeader framePolicy = FeaturePolicy::parseFeaturePolicy(
825 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
826 EXPECT_EQ(0UL, messages.size());
827 std::unique_ptr<FeaturePolicy> policy2 =
828 createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB);
829 EXPECT_TRUE(
830 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
831 EXPECT_FALSE(
832 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
833 EXPECT_FALSE(
834 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
835 EXPECT_FALSE(
836 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
837 EXPECT_TRUE(
838 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
839 EXPECT_FALSE(
840 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
841 }
842
843 TEST_F(FeaturePolicyTest, TestAllOriginFramePolicy) {
844 // +------------------------------------------+
845 // |(1)Origin A |
846 // |No Policy |
847 // | |
848 // |<iframe policy='{"default-self": ["*"]}'> |
849 // | +-------------+ |
850 // | |(2)Origin B | |
851 // | |No Policy | |
852 // | +-------------+ |
853 // +------------------------------------------+
854 // Default-self feature should be enabled in cross-origin child frame because
855 // permission was delegated through frame policy.
856 // This is the same scenario that arises when the iframe is declared as
857 // <iframe allowfullscreen>
858 Vector<String> messages;
859 std::unique_ptr<FeaturePolicy> policy1 =
860 createFromParentPolicy(nullptr, m_originA);
861 WebParsedFeaturePolicyHeader framePolicy = FeaturePolicy::parseFeaturePolicy(
862 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages);
863 EXPECT_EQ(0UL, messages.size());
864 std::unique_ptr<FeaturePolicy> policy2 =
865 createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB);
866 EXPECT_TRUE(
867 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
868 EXPECT_FALSE(
869 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
870 EXPECT_FALSE(
871 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
872 EXPECT_FALSE(
873 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
874 EXPECT_TRUE(
875 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
876 EXPECT_FALSE(
877 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
878 }
879
880 TEST_F(FeaturePolicyTest, TestFramePolicyCanBeFurtherDelegated) {
881 // +-----------------------------------------------------+
882 // |(1)Origin A |
883 // |No Policy |
884 // | |
885 // |<iframe policy='{"default-self": ["Origin B"]}'> |
886 // | +-------------------------------------------------+ |
887 // | |(2)Origin B | |
888 // | |No Policy | |
889 // | | | |
890 // | |<iframe policy='{"default-self": ["Origin C"]}'> | |
891 // | | +-------------+ | |
892 // | | |(3)Origin C | | |
893 // | | |No Policy | | |
894 // | | +-------------+ | |
895 // | | | |
896 // | |<iframe> (No frame policy) | |
897 // | | +-------------+ | |
898 // | | |(4)Origin C | | |
899 // | | |No Policy | | |
900 // | | +-------------+ | |
901 // | +-------------------------------------------------+ |
902 // +-----------------------------------------------------+
903 // Default-self feature should be enabled in cross-origin child frames 2 and
904 // 3. Feature should be disabled in frame 4 because it was not further
905 // delegated through frame policy.
906 Vector<String> messages;
907 std::unique_ptr<FeaturePolicy> policy1 =
908 createFromParentPolicy(nullptr, m_originA);
909 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
910 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
911 EXPECT_EQ(0UL, messages.size());
912 std::unique_ptr<FeaturePolicy> policy2 =
913 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
914 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
915 "{\"default-self\": [\"" ORIGIN_C "\"]}", m_originB.get(), &messages);
916 EXPECT_EQ(0UL, messages.size());
917 std::unique_ptr<FeaturePolicy> policy3 =
918 createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC);
919 std::unique_ptr<FeaturePolicy> policy4 =
920 createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC);
921 EXPECT_FALSE(
922 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
923 EXPECT_FALSE(
924 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
925 EXPECT_TRUE(
926 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
927 EXPECT_FALSE(
928 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
929 EXPECT_FALSE(
930 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
931 EXPECT_FALSE(
932 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
933 }
934
935 TEST_F(FeaturePolicyTest, TestDefaultOnCanBeDisabledByFramePolicy) {
936 // +-------------------------------------+
937 // |(1)Origin A |
938 // |No Policy |
939 // | |
940 // |<iframe policy='{"default-on": []}'> |
941 // | +-------------+ |
942 // | |(2)Origin A | |
943 // | |No Policy | |
944 // | +-------------+ |
945 // | |
946 // |<iframe policy='{"default-on": []}'> |
947 // | +-------------+ |
948 // | |(3)Origin B | |
949 // | |No Policy | |
950 // | +-------------+ |
951 // +-------------------------------------+
952 // Default-on feature should be disabled in both same-origin and cross-origin
953 // child frames because permission was removed through frame policy.
954 Vector<String> messages;
955 std::unique_ptr<FeaturePolicy> policy1 =
956 createFromParentPolicy(nullptr, m_originA);
957 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
958 "{\"default-on\": []}", m_originA.get(), &messages);
959 EXPECT_EQ(0UL, messages.size());
960 std::unique_ptr<FeaturePolicy> policy2 =
961 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
962 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
963 "{\"default-on\": []}", m_originA.get(), &messages);
964 EXPECT_EQ(0UL, messages.size());
965 std::unique_ptr<FeaturePolicy> policy3 =
966 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
967 EXPECT_TRUE(
968 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
969 EXPECT_TRUE(
970 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
971 EXPECT_TRUE(
972 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
973 EXPECT_FALSE(
974 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
975 EXPECT_FALSE(
976 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
977 EXPECT_FALSE(
978 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
979 EXPECT_FALSE(
980 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
981 EXPECT_FALSE(
982 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
983 EXPECT_FALSE(
984 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
985 }
986
987 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeEnabledByChildFrame) {
988 // +------------------------------------------------+
989 // |(1)Origin A |
990 // |Policy: {"default-off": ["self"]} |
991 // | |
992 // |<iframe policy='{"default-off": ["Origin A"]}'> |
993 // | +-------------+ |
994 // | |(2)Origin A | |
995 // | |No Policy | |
996 // | +-------------+ |
997 // | |
998 // |<iframe policy='{"default-off": ["Origin B"]}'> |
999 // | +-------------+ |
1000 // | |(3)Origin B | |
1001 // | |No Policy | |
1002 // | +-------------+ |
1003 // +------------------------------------------------+
1004 // Default-off feature should be disabled in both same-origin and cross-origin
1005 // child frames because they did not declare their own policy to enable it.
1006 Vector<String> messages;
1007 std::unique_ptr<FeaturePolicy> policy1 =
1008 createFromParentPolicy(nullptr, m_originA);
1009 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1010 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
1011 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1012 "{\"default-off\": [\"" ORIGIN_A "\"]}", m_originA.get(), &messages);
1013 EXPECT_EQ(0UL, messages.size());
1014 std::unique_ptr<FeaturePolicy> policy2 =
1015 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
1016 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1017 "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
1018 EXPECT_EQ(0UL, messages.size());
1019 std::unique_ptr<FeaturePolicy> policy3 =
1020 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1021 EXPECT_TRUE(
1022 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1023 EXPECT_FALSE(
1024 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1025 EXPECT_FALSE(
1026 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1027 EXPECT_FALSE(
1028 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1029 EXPECT_FALSE(
1030 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1031 EXPECT_FALSE(
1032 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1033 EXPECT_FALSE(
1034 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1035 EXPECT_FALSE(
1036 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1037 EXPECT_FALSE(
1038 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1039 }
1040
1041 TEST_F(FeaturePolicyTest, TestDefaultOffCanBeEnabledByChildFrame) {
1042 // +------------------------------------------------+
1043 // |(1)Origin A |
1044 // |Policy: {"default-off": ["self"]} |
1045 // | |
1046 // |<iframe policy='{"default-off": ["Origin A"]}'> |
1047 // | +--------------------------------------------+ |
1048 // | |(2)Origin A | |
1049 // | |Policy: {"default-off": ["self"]} | |
1050 // | +--------------------------------------------+ |
1051 // | |
1052 // |<iframe policy='{"default-off": ["Origin B"]}'> |
1053 // | +--------------------------------------------+ |
1054 // | |(3)Origin B | |
1055 // | |Policy: {"default-off": ["self"]} | |
1056 // | +--------------------------------------------+ |
1057 // +------------------------------------------------+
1058 // Default-off feature should be enabled in both same-origin and cross-origin
1059 // child frames because it is delegated through the parent's frame policy, and
1060 // they declare their own policy to enable it.
1061 Vector<String> messages;
1062 std::unique_ptr<FeaturePolicy> policy1 =
1063 createFromParentPolicy(nullptr, m_originA);
1064 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1065 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
1066 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1067 "{\"default-off\": [\"" ORIGIN_A "\"]}", m_originA.get(), &messages);
1068 EXPECT_EQ(0UL, messages.size());
1069 std::unique_ptr<FeaturePolicy> policy2 =
1070 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
1071 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1072 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
1073 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1074 "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
1075 EXPECT_EQ(0UL, messages.size());
1076 std::unique_ptr<FeaturePolicy> policy3 =
1077 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1078 policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1079 "{\"default-off\": [\"self\"]}", m_originB.get(), &messages));
1080 EXPECT_TRUE(
1081 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1082 EXPECT_FALSE(
1083 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1084 EXPECT_FALSE(
1085 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1086 EXPECT_TRUE(
1087 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1088 EXPECT_FALSE(
1089 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1090 EXPECT_FALSE(
1091 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1092 EXPECT_FALSE(
1093 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
1094 EXPECT_TRUE(
1095 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
1096 EXPECT_FALSE(
1097 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
1098 }
1099
1100 TEST_F(FeaturePolicyTest, TestFramePolicyModifiesHeaderPolicy) {
1101 // +-----------------------------------------------+
1102 // |(1)Origin A |
1103 // |Policy: {"default-self": ["self", "Origin B"]} |
1104 // | |
1105 // |<iframe policy='{"default-self": []}'> |
1106 // | +-------------------------------------------+ |
1107 // | |(2)Origin B | |
1108 // | |No Policy | |
1109 // | +-------------------------------------------+ |
1110 // | |
1111 // |<iframe policy='{"default-self": []}'> |
1112 // | +-------------------------------------------+ |
1113 // | |(3)Origin B | |
1114 // | |Policy: {"default-self": ["self"]} | |
1115 // | +-------------------------------------------+ |
1116 // +-----------------------------------------------+
1117 // Default-self feature should be disabled in both cross-origin child frames
1118 // by frame policy, even though the parent frame's header policy would
1119 // otherwise enable it. This is true regardless of the child frame's header
1120 // policy.
1121 Vector<String> messages;
1122 std::unique_ptr<FeaturePolicy> policy1 =
1123 createFromParentPolicy(nullptr, m_originA);
1124 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1125 "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
1126 &messages));
1127 EXPECT_EQ(0UL, messages.size());
1128 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1129 "{\"default-self\": []}", m_originA.get(), &messages);
1130 EXPECT_EQ(0UL, messages.size());
1131 std::unique_ptr<FeaturePolicy> policy2 =
1132 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
1133 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1134 "{\"default-self\": []}", m_originA.get(), &messages);
1135 EXPECT_EQ(0UL, messages.size());
1136 std::unique_ptr<FeaturePolicy> policy3 =
1137 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
1138 policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1139 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages));
1140 EXPECT_FALSE(
1141 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1142 EXPECT_FALSE(
1143 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1144 }
1145
1146 TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) {
1147 // +-------------------------------------------------+
1148 // |(1)Origin A |
1149 // |No Policy |
1150 // | |
1151 // |<iframe policy='{"default-self": ["Origin B"]}'> |
1152 // | +---------------------------------------------+ |
1153 // | |(2)Origin B | |
1154 // | |Policy: {"default-self": ["*"]} | |
1155 // | | | |
1156 // | |<iframe policy='{"default-self": []}'> | |
1157 // | | +-------------+ | |
1158 // | | |(3)Origin C | | |
1159 // | | |No Policy | | |
1160 // | | +-------------+ | |
1161 // | | | |
1162 // | |<iframe> (No frame policy) | |
1163 // | | +-------------+ | |
1164 // | | |(4)Origin C | | |
1165 // | | |No Policy | | |
1166 // | | +-------------+ | |
1167 // | +---------------------------------------------+ |
1168 // +-------------------------------------------------+
1169 // Default-self feature should be enabled in cross-origin child frames 2 and
1170 // 4. Feature should be disabled in frame 2 by frame policy.
1171 Vector<String> messages;
1172 std::unique_ptr<FeaturePolicy> policy1 =
1173 createFromParentPolicy(nullptr, m_originA);
1174 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
1175 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
1176 EXPECT_EQ(0UL, messages.size());
1177 std::unique_ptr<FeaturePolicy> policy2 =
1178 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
1179 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
1180 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages));
1181 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
1182 "{\"default-self\": [\"\"]}", m_originC.get(), &messages);
1183 EXPECT_EQ(0UL, messages.size());
1184 std::unique_ptr<FeaturePolicy> policy3 =
1185 createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC);
1186 std::unique_ptr<FeaturePolicy> policy4 =
1187 createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC);
1188 EXPECT_TRUE(
1189 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
1190 EXPECT_TRUE(
1191 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
1192 EXPECT_FALSE(
1193 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
1194 EXPECT_TRUE(
1195 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
1196 } 117 }
1197 118
1198 } // namespace blink 119 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/platform/feature_policy/FeaturePolicyFuzzer.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698