OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "platform/feature_policy/FeaturePolicy.h" | 5 #include "platform/feature_policy/FeaturePolicy.h" |
6 | 6 |
7 #include "platform/RuntimeEnabledFeatures.h" | 7 #include "platform/RuntimeEnabledFeatures.h" |
8 #include "testing/gtest/include/gtest/gtest.h" | 8 #include "testing/gtest/include/gtest/gtest.h" |
9 | 9 |
10 // Origin strings used for tests | 10 // Origin strings used for tests |
(...skipping 16 matching lines...) Expand all Loading... |
27 "{\"feature1\": [\"" ORIGIN_A "\"]}, {\"feature2\": [\"self\"]}"}; | 27 "{\"feature1\": [\"" ORIGIN_A "\"]}, {\"feature2\": [\"self\"]}"}; |
28 | 28 |
29 const char* kInvalidPolicies[] = { | 29 const char* kInvalidPolicies[] = { |
30 "Not A JSON literal", | 30 "Not A JSON literal", |
31 "\"Not a JSON object\"", | 31 "\"Not a JSON object\"", |
32 "[\"Also\", \"Not a JSON object\"]", | 32 "[\"Also\", \"Not a JSON object\"]", |
33 "1.0", | 33 "1.0", |
34 "{\"Whitelist\": \"Not a JSON array\"}", | 34 "{\"Whitelist\": \"Not a JSON array\"}", |
35 "{\"feature1\": [\"*\"], \"feature2\": \"Not an array\"}"}; | 35 "{\"feature1\": [\"*\"], \"feature2\": \"Not an array\"}"}; |
36 | 36 |
37 // This is an example of a feature which should be enabled by default in all | |
38 // frames. | |
39 const FeaturePolicy::Feature kDefaultOnFeature{ | |
40 "default-on", FeaturePolicy::FeatureDefault::EnableForAll}; | |
41 | |
42 // This is an example of a feature which should be enabled in top-level frames, | |
43 // and same-origin child-frames, but must be delegated to all cross-origin | |
44 // frames explicitly. | |
45 const FeaturePolicy::Feature kDefaultSelfFeature{ | |
46 "default-self", FeaturePolicy::FeatureDefault::EnableForSelf}; | |
47 | |
48 // This is an example of a feature which should be disabled by default, both in | |
49 // top-level and nested frames. | |
50 const FeaturePolicy::Feature kDefaultOffFeature{ | |
51 "default-off", FeaturePolicy::FeatureDefault::DisableForAll}; | |
52 | |
53 } // namespace | 37 } // namespace |
54 | 38 |
55 class FeaturePolicyTest : public ::testing::Test { | 39 class FeaturePolicyTest : public ::testing::Test { |
56 protected: | 40 protected: |
57 FeaturePolicyTest() | 41 FeaturePolicyTest() {} |
58 : m_frameworkWasEnabled(RuntimeEnabledFeatures::featurePolicyEnabled()), | |
59 m_featureList( | |
60 {&kDefaultOnFeature, &kDefaultSelfFeature, &kDefaultOffFeature}) { | |
61 RuntimeEnabledFeatures::setFeaturePolicyEnabled(true); | |
62 } | |
63 | 42 |
64 ~FeaturePolicyTest() { | 43 ~FeaturePolicyTest() { |
65 RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled); | |
66 } | |
67 | |
68 std::unique_ptr<FeaturePolicy> createFromParentPolicy( | |
69 const FeaturePolicy* parent, | |
70 RefPtr<SecurityOrigin> origin) { | |
71 return FeaturePolicy::createFromParentPolicy(parent, nullptr, origin, | |
72 m_featureList); | |
73 } | |
74 | |
75 std::unique_ptr<FeaturePolicy> createFromParentWithFramePolicy( | |
76 const FeaturePolicy* parent, | |
77 const WebParsedFeaturePolicyHeader* framePolicy, | |
78 RefPtr<SecurityOrigin> origin) { | |
79 return FeaturePolicy::createFromParentPolicy(parent, framePolicy, origin, | |
80 m_featureList); | |
81 } | 44 } |
82 | 45 |
83 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A); | 46 RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A); |
84 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B); | 47 RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B); |
85 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C); | 48 RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C); |
86 | |
87 private: | |
88 const bool m_frameworkWasEnabled; | |
89 | |
90 // Contains the list of controlled features, so that we are guaranteed to | |
91 // have at least one of each kind of default behaviour represented. | |
92 FeaturePolicy::FeatureList m_featureList; | |
93 }; | 49 }; |
94 | 50 |
95 TEST_F(FeaturePolicyTest, ParseValidPolicy) { | 51 TEST_F(FeaturePolicyTest, ParseValidPolicy) { |
96 Vector<String> messages; | 52 Vector<String> messages; |
97 for (const char* policyString : kValidPolicies) { | 53 for (const char* policyString : kValidPolicies) { |
98 messages.clear(); | 54 messages.clear(); |
99 FeaturePolicy::parseFeaturePolicy(policyString, m_originA.get(), &messages); | 55 parseFeaturePolicy(policyString, m_originA.get(), &messages); |
100 EXPECT_EQ(0UL, messages.size()); | 56 EXPECT_EQ(0UL, messages.size()); |
101 } | 57 } |
102 } | 58 } |
103 | 59 |
104 TEST_F(FeaturePolicyTest, ParseInvalidPolicy) { | 60 TEST_F(FeaturePolicyTest, ParseInvalidPolicy) { |
105 Vector<String> messages; | 61 Vector<String> messages; |
106 for (const char* policyString : kInvalidPolicies) { | 62 for (const char* policyString : kInvalidPolicies) { |
107 messages.clear(); | 63 messages.clear(); |
108 FeaturePolicy::parseFeaturePolicy(policyString, m_originA.get(), &messages); | 64 parseFeaturePolicy(policyString, m_originA.get(), &messages); |
109 EXPECT_NE(0UL, messages.size()); | 65 EXPECT_NE(0UL, messages.size()); |
110 } | 66 } |
111 } | 67 } |
112 | 68 |
113 TEST_F(FeaturePolicyTest, PolicyParsedCorrectly) { | 69 TEST_F(FeaturePolicyTest, PolicyParsedCorrectly) { |
114 Vector<String> messages; | 70 Vector<String> messages; |
115 | 71 |
116 // Empty policy. | 72 // Empty policy. |
117 WebParsedFeaturePolicyHeader parsedHeader = | 73 WebParsedFeaturePolicyHeader parsedPolicy = |
118 FeaturePolicy::parseFeaturePolicy("{}", m_originA.get(), &messages); | 74 parseFeaturePolicy("{}", m_originA.get(), &messages); |
119 EXPECT_EQ(0UL, parsedHeader.size()); | 75 EXPECT_EQ(0UL, parsedPolicy.size()); |
120 | 76 |
121 // Simple policy with "self". | 77 // Simple policy with "self". |
122 parsedHeader = FeaturePolicy::parseFeaturePolicy( | 78 parsedPolicy = parseFeaturePolicy("{\"default-self\": [\"self\"]}", |
123 "{\"default-self\": [\"self\"]}", m_originA.get(), &messages); | 79 m_originA.get(), &messages); |
124 EXPECT_EQ(1UL, parsedHeader.size()); | 80 EXPECT_EQ(1UL, parsedPolicy.size()); |
125 EXPECT_EQ("default-self", parsedHeader[0].featureName); | 81 EXPECT_EQ("default-self", parsedPolicy[0].featureName); |
126 EXPECT_FALSE(parsedHeader[0].matchesAllOrigins); | 82 EXPECT_FALSE(parsedPolicy[0].matchesAllOrigins); |
127 EXPECT_EQ(1UL, parsedHeader[0].origins.size()); | 83 EXPECT_EQ(1UL, parsedPolicy[0].origins.size()); |
128 EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin( | 84 EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin( |
129 parsedHeader[0].origins[0].get())); | 85 parsedPolicy[0].origins[0].get())); |
130 | 86 |
131 // Simple policy with *. | 87 // Simple policy with *. |
132 parsedHeader = FeaturePolicy::parseFeaturePolicy( | 88 parsedPolicy = parseFeaturePolicy("{\"default-self\": [\"*\"]}", |
133 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages); | 89 m_originA.get(), &messages); |
134 EXPECT_EQ(1UL, parsedHeader.size()); | 90 EXPECT_EQ(1UL, parsedPolicy.size()); |
135 EXPECT_EQ("default-self", parsedHeader[0].featureName); | 91 EXPECT_EQ("default-self", parsedPolicy[0].featureName); |
136 EXPECT_TRUE(parsedHeader[0].matchesAllOrigins); | 92 EXPECT_TRUE(parsedPolicy[0].matchesAllOrigins); |
137 EXPECT_EQ(0UL, parsedHeader[0].origins.size()); | 93 EXPECT_EQ(0UL, parsedPolicy[0].origins.size()); |
138 | 94 |
139 // Complicated policy. | 95 // Complicated policy. |
140 parsedHeader = FeaturePolicy::parseFeaturePolicy( | 96 parsedPolicy = parseFeaturePolicy( |
141 "{\"default-self\": [\"*\"], " | 97 "{\"default-self\": [\"*\"], " |
142 "\"default-on\": [\"https://example.net\", \"https://example.org\"], " | 98 "\"default-on\": [\"https://example.net\", \"https://example.org\"], " |
143 "\"default-off\": [\"self\"]}", | 99 "\"default-off\": [\"self\"]}", |
144 m_originA.get(), &messages); | 100 m_originA.get(), &messages); |
145 EXPECT_EQ(3UL, parsedHeader.size()); | 101 EXPECT_EQ(3UL, parsedPolicy.size()); |
146 EXPECT_EQ("default-self", parsedHeader[0].featureName); | 102 EXPECT_EQ("default-self", parsedPolicy[0].featureName); |
147 EXPECT_TRUE(parsedHeader[0].matchesAllOrigins); | 103 EXPECT_TRUE(parsedPolicy[0].matchesAllOrigins); |
148 EXPECT_EQ(0UL, parsedHeader[0].origins.size()); | 104 EXPECT_EQ(0UL, parsedPolicy[0].origins.size()); |
149 EXPECT_EQ("default-on", parsedHeader[1].featureName); | 105 EXPECT_EQ("default-on", parsedPolicy[1].featureName); |
150 EXPECT_FALSE(parsedHeader[1].matchesAllOrigins); | 106 EXPECT_FALSE(parsedPolicy[1].matchesAllOrigins); |
151 EXPECT_EQ(2UL, parsedHeader[1].origins.size()); | 107 EXPECT_EQ(2UL, parsedPolicy[1].origins.size()); |
152 EXPECT_TRUE(m_originB->isSameSchemeHostPortAndSuborigin( | 108 EXPECT_TRUE(m_originB->isSameSchemeHostPortAndSuborigin( |
153 parsedHeader[1].origins[0].get())); | 109 parsedPolicy[1].origins[0].get())); |
154 EXPECT_TRUE(m_originC->isSameSchemeHostPortAndSuborigin( | 110 EXPECT_TRUE(m_originC->isSameSchemeHostPortAndSuborigin( |
155 parsedHeader[1].origins[1].get())); | 111 parsedPolicy[1].origins[1].get())); |
156 EXPECT_EQ("default-off", parsedHeader[2].featureName); | 112 EXPECT_EQ("default-off", parsedPolicy[2].featureName); |
157 EXPECT_FALSE(parsedHeader[2].matchesAllOrigins); | 113 EXPECT_FALSE(parsedPolicy[2].matchesAllOrigins); |
158 EXPECT_EQ(1UL, parsedHeader[2].origins.size()); | 114 EXPECT_EQ(1UL, parsedPolicy[2].origins.size()); |
159 EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin( | 115 EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin( |
160 parsedHeader[2].origins[0].get())); | 116 parsedPolicy[2].origins[0].get())); |
161 } | |
162 | |
163 TEST_F(FeaturePolicyTest, TestInitialPolicy) { | |
164 // +-------------+ | |
165 // |(1)Origin A | | |
166 // |No Policy | | |
167 // +-------------+ | |
168 // Default-on and top-level-only features should be enabled in top-level | |
169 // frame. Default-off features should be disabled. | |
170 std::unique_ptr<FeaturePolicy> policy1 = | |
171 createFromParentPolicy(nullptr, m_originA); | |
172 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature)); | |
173 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); | |
174 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature)); | |
175 } | |
176 | |
177 TEST_F(FeaturePolicyTest, TestInitialSameOriginChildPolicy) { | |
178 // +-----------------+ | |
179 // |(1)Origin A | | |
180 // |No Policy | | |
181 // | +-------------+ | | |
182 // | |(2)Origin A | | | |
183 // | |No Policy | | | |
184 // | +-------------+ | | |
185 // +-----------------+ | |
186 // Default-on and Default-self features should be enabled in a same-origin | |
187 // child frame. Default-off features should be disabled. | |
188 std::unique_ptr<FeaturePolicy> policy1 = | |
189 createFromParentPolicy(nullptr, m_originA); | |
190 std::unique_ptr<FeaturePolicy> policy2 = | |
191 createFromParentPolicy(policy1.get(), m_originA); | |
192 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
193 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
194 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature)); | |
195 } | |
196 | |
197 TEST_F(FeaturePolicyTest, TestInitialCrossOriginChildPolicy) { | |
198 // +-----------------+ | |
199 // |(1)Origin A | | |
200 // |No Policy | | |
201 // | +-------------+ | | |
202 // | |(2)Origin B | | | |
203 // | |No Policy | | | |
204 // | +-------------+ | | |
205 // +-----------------+ | |
206 // Default-on features should be enabled in child frame. Default-self and | |
207 // Default-off features should be disabled. | |
208 std::unique_ptr<FeaturePolicy> policy1 = | |
209 createFromParentPolicy(nullptr, m_originA); | |
210 std::unique_ptr<FeaturePolicy> policy2 = | |
211 createFromParentPolicy(policy1.get(), m_originB); | |
212 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
213 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
214 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature)); | |
215 } | |
216 | |
217 TEST_F(FeaturePolicyTest, TestCrossOriginChildCannotEnableFeature) { | |
218 // +---------------------------------------+ | |
219 // |(1) Origin A | | |
220 // |No Policy | | |
221 // | +-----------------------------------+ | | |
222 // | |(2) Origin B | | | |
223 // | |Policy: {"default-self": ["self"]} | | | |
224 // | +-----------------------------------+ | | |
225 // +---------------------------------------+ | |
226 // Default-self feature should be disabled in cross origin frame, even if no | |
227 // policy was specified in the parent frame. | |
228 Vector<String> messages; | |
229 std::unique_ptr<FeaturePolicy> policy1 = | |
230 createFromParentPolicy(nullptr, m_originA); | |
231 std::unique_ptr<FeaturePolicy> policy2 = | |
232 createFromParentPolicy(policy1.get(), m_originB); | |
233 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
234 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages)); | |
235 EXPECT_EQ(0UL, messages.size()); | |
236 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
237 } | |
238 | |
239 TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) { | |
240 // +------------------------------------------+ | |
241 // |(1) Origin A | | |
242 // |Policy: {"default-self": ["self"]} | | |
243 // | +-----------------+ +-----------------+ | | |
244 // | |(2) Origin A | |(4) Origin B | | | |
245 // | |No Policy | |No Policy | | | |
246 // | | +-------------+ | | +-------------+ | | | |
247 // | | |(3)Origin A | | | |(5)Origin B | | | | |
248 // | | |No Policy | | | |No Policy | | | | |
249 // | | +-------------+ | | +-------------+ | | | |
250 // | +-----------------+ +-----------------+ | | |
251 // +------------------------------------------+ | |
252 // Feature should be enabled at the top-level, and through the chain of | |
253 // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as | |
254 // they are at a different origin. | |
255 Vector<String> messages; | |
256 std::unique_ptr<FeaturePolicy> policy1 = | |
257 createFromParentPolicy(nullptr, m_originA); | |
258 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
259 "{\"default-self\": [\"self\"]}", m_originA.get(), &messages)); | |
260 EXPECT_EQ(0UL, messages.size()); | |
261 std::unique_ptr<FeaturePolicy> policy2 = | |
262 createFromParentPolicy(policy1.get(), m_originA); | |
263 std::unique_ptr<FeaturePolicy> policy3 = | |
264 createFromParentPolicy(policy2.get(), m_originA); | |
265 std::unique_ptr<FeaturePolicy> policy4 = | |
266 createFromParentPolicy(policy1.get(), m_originB); | |
267 std::unique_ptr<FeaturePolicy> policy5 = | |
268 createFromParentPolicy(policy4.get(), m_originB); | |
269 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
270 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
271 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); | |
272 EXPECT_FALSE(policy5->isFeatureEnabled(kDefaultSelfFeature)); | |
273 } | |
274 | |
275 TEST_F(FeaturePolicyTest, TestReflexiveFrameSelfInheritance) { | |
276 // +-----------------------------------+ | |
277 // |(1) Origin A | | |
278 // |Policy: {"default-self": ["self"]} | | |
279 // | +-----------------+ | | |
280 // | |(2) Origin B | | | |
281 // | |No Policy | | | |
282 // | | +-------------+ | | | |
283 // | | |(3)Origin A | | | | |
284 // | | |No Policy | | | | |
285 // | | +-------------+ | | | |
286 // | +-----------------+ | | |
287 // +-----------------------------------+ | |
288 // Feature which is enabled at top-level should be disabled in frame 3, as | |
289 // it is embedded by frame 2, for which the feature is not enabled. | |
290 Vector<String> messages; | |
291 std::unique_ptr<FeaturePolicy> policy1 = | |
292 createFromParentPolicy(nullptr, m_originA); | |
293 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
294 "{\"default-self\": [\"self\"]}", m_originA.get(), &messages)); | |
295 EXPECT_EQ(0UL, messages.size()); | |
296 std::unique_ptr<FeaturePolicy> policy2 = | |
297 createFromParentPolicy(policy1.get(), m_originB); | |
298 std::unique_ptr<FeaturePolicy> policy3 = | |
299 createFromParentPolicy(policy2.get(), m_originA); | |
300 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
301 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
302 } | |
303 | |
304 TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) { | |
305 // +------------------------------------------+ | |
306 // |(1) Origin A | | |
307 // |Policy: {"default-self": ["Origin B"]} | | |
308 // | +-----------------+ +-----------------+ | | |
309 // | |(2) Origin B | |(3) Origin C | | | |
310 // | |No Policy | |No Policy | | | |
311 // | | | | +-------------+ | | | |
312 // | | | | |(4)Origin B | | | | |
313 // | | | | |No Policy | | | | |
314 // | | | | +-------------+ | | | |
315 // | +-----------------+ +-----------------+ | | |
316 // +------------------------------------------+ | |
317 // Feature should be enabled in second level Origin B frame, but disabled in | |
318 // Frame 4, because it is embedded by frame 3, where the feature is not | |
319 // enabled. | |
320 Vector<String> messages; | |
321 std::unique_ptr<FeaturePolicy> policy1 = | |
322 createFromParentPolicy(nullptr, m_originA); | |
323 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
324 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages)); | |
325 EXPECT_EQ(0UL, messages.size()); | |
326 std::unique_ptr<FeaturePolicy> policy2 = | |
327 createFromParentPolicy(policy1.get(), m_originB); | |
328 std::unique_ptr<FeaturePolicy> policy3 = | |
329 createFromParentPolicy(policy1.get(), m_originC); | |
330 std::unique_ptr<FeaturePolicy> policy4 = | |
331 createFromParentPolicy(policy3.get(), m_originB); | |
332 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
333 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
334 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); | |
335 } | |
336 | |
337 TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) { | |
338 // +----------------------------+ | |
339 // |(1)Origin A | | |
340 // |Policy: {"default-on": []} | | |
341 // +----------------------------+ | |
342 // Default-on feature should be disabled in top-level frame. | |
343 Vector<String> messages; | |
344 std::unique_ptr<FeaturePolicy> policy1 = | |
345 createFromParentPolicy(nullptr, m_originA); | |
346 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
347 "{\"default-on\": []}", m_originA.get(), &messages)); | |
348 EXPECT_EQ(0UL, messages.size()); | |
349 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature)); | |
350 } | |
351 | |
352 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) { | |
353 // +----------------------------+ | |
354 // |(1)Origin A | | |
355 // |Policy: {"default-on": []} | | |
356 // | +-------------+ | | |
357 // | |(2)Origin A | | | |
358 // | |No Policy | | | |
359 // | +-------------+ | | |
360 // +----------------------------+ | |
361 // Feature should be disabled in child frame. | |
362 Vector<String> messages; | |
363 std::unique_ptr<FeaturePolicy> policy1 = | |
364 createFromParentPolicy(nullptr, m_originA); | |
365 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
366 "{\"default-on\": []}", m_originA.get(), &messages)); | |
367 EXPECT_EQ(0UL, messages.size()); | |
368 std::unique_ptr<FeaturePolicy> policy2 = | |
369 createFromParentPolicy(policy1.get(), m_originA); | |
370 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
371 } | |
372 | |
373 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) { | |
374 // +--------------------------------+ | |
375 // |(1)Origin A | | |
376 // |No Policy | | |
377 // | +----------------------------+ | | |
378 // | |(2)Origin B | | | |
379 // | |Policy: {"default-on": []} | | | |
380 // | +----------------------------+ | | |
381 // +--------------------------------+ | |
382 // Default-on feature should be disabled by cross-origin child frame. | |
383 Vector<String> messages; | |
384 std::unique_ptr<FeaturePolicy> policy1 = | |
385 createFromParentPolicy(nullptr, m_originA); | |
386 std::unique_ptr<FeaturePolicy> policy2 = | |
387 createFromParentPolicy(policy1.get(), m_originB); | |
388 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
389 "{\"default-on\": []}", m_originB.get(), &messages)); | |
390 EXPECT_EQ(0UL, messages.size()); | |
391 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
392 } | |
393 | |
394 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) { | |
395 // +--------------------------------------+ | |
396 // |(1)Origin A | | |
397 // |No Policy | | |
398 // | +----------------------------------+ | | |
399 // | |(2)Origin B | | | |
400 // | |Policy: {"default-on": ["self"]} | | | |
401 // | | +-------------+ | | | |
402 // | | |(3)Origin C | | | | |
403 // | | |No Policy | | | | |
404 // | | +-------------+ | | | |
405 // | +----------------------------------+ | | |
406 // +--------------------------------------+ | |
407 // Default-on feature should be enabled in frames 1 and 2; disabled in frame | |
408 // 3 by child frame policy. | |
409 Vector<String> messages; | |
410 std::unique_ptr<FeaturePolicy> policy1 = | |
411 createFromParentPolicy(nullptr, m_originA); | |
412 std::unique_ptr<FeaturePolicy> policy2 = | |
413 createFromParentPolicy(policy1.get(), m_originB); | |
414 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
415 "{\"default-on\": [\"self\"]}", m_originB.get(), &messages)); | |
416 EXPECT_EQ(0UL, messages.size()); | |
417 std::unique_ptr<FeaturePolicy> policy3 = | |
418 createFromParentPolicy(policy2.get(), m_originC); | |
419 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
420 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature)); | |
421 } | |
422 | |
423 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) { | |
424 // +----------------------------+ | |
425 // |(1)Origin A | | |
426 // |Policy: {"default-on": []} | | |
427 // | +-------------+ | | |
428 // | |(2)Origin B | | | |
429 // | |No Policy | | | |
430 // | +-------------+ | | |
431 // +----------------------------+ | |
432 // Default-on feature should be disabled in cross-origin child frame. | |
433 Vector<String> messages; | |
434 std::unique_ptr<FeaturePolicy> policy1 = | |
435 createFromParentPolicy(nullptr, m_originA); | |
436 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
437 "{\"default-on\": []}", m_originA.get(), &messages)); | |
438 EXPECT_EQ(0UL, messages.size()); | |
439 std::unique_ptr<FeaturePolicy> policy2 = | |
440 createFromParentPolicy(policy1.get(), m_originB); | |
441 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
442 } | |
443 | |
444 TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) { | |
445 // +--------------------------------+ | |
446 // |(1) Origin A | | |
447 // |Policy: {"default-self": ["*"]} | | |
448 // | +-----------------+ | | |
449 // | |(2) Origin B | | | |
450 // | |No Policy | | | |
451 // | | +-------------+ | | | |
452 // | | |(3)Origin A | | | | |
453 // | | |No Policy | | | | |
454 // | | +-------------+ | | | |
455 // | +-----------------+ | | |
456 // +--------------------------------+ | |
457 // Feature should be enabled in top and second level; disabled in frame 3. | |
458 Vector<String> messages; | |
459 std::unique_ptr<FeaturePolicy> policy1 = | |
460 createFromParentPolicy(nullptr, m_originA); | |
461 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
462 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages)); | |
463 EXPECT_EQ(0UL, messages.size()); | |
464 std::unique_ptr<FeaturePolicy> policy2 = | |
465 createFromParentPolicy(policy1.get(), m_originB); | |
466 std::unique_ptr<FeaturePolicy> policy3 = | |
467 createFromParentPolicy(policy2.get(), m_originA); | |
468 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); | |
469 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
470 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
471 } | |
472 | |
473 TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) { | |
474 // +---------------------------------------+ | |
475 // |(1) Origin A | | |
476 // |Policy: {"default-on": ["Origin B"]} | | |
477 // | +-----------------------------------+ | | |
478 // | |(2) Origin B | | | |
479 // | |No Policy | | | |
480 // | | +-------------+ +-------------+ | | | |
481 // | | |(3)Origin B | |(4)Origin C | | | | |
482 // | | |No Policy | |No Policy | | | | |
483 // | | +-------------+ +-------------+ | | | |
484 // | +-----------------------------------+ | | |
485 // +---------------------------------------+ | |
486 // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4. | |
487 Vector<String> messages; | |
488 std::unique_ptr<FeaturePolicy> policy1 = | |
489 createFromParentPolicy(nullptr, m_originA); | |
490 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
491 "{\"default-on\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages)); | |
492 EXPECT_EQ(0UL, messages.size()); | |
493 std::unique_ptr<FeaturePolicy> policy2 = | |
494 createFromParentPolicy(policy1.get(), m_originB); | |
495 std::unique_ptr<FeaturePolicy> policy3 = | |
496 createFromParentPolicy(policy2.get(), m_originB); | |
497 std::unique_ptr<FeaturePolicy> policy4 = | |
498 createFromParentPolicy(policy2.get(), m_originC); | |
499 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature)); | |
500 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
501 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature)); | |
502 EXPECT_TRUE(policy4->isFeatureEnabled(kDefaultOnFeature)); | |
503 } | |
504 | |
505 TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) { | |
506 // +---------------------------------------+ | |
507 // |(1) Origin A | | |
508 // |Policy: {"default-self": ["Origin B"]} | | |
509 // | +-----------------------------------+ | | |
510 // | |(2) Origin B | | | |
511 // | |No Policy | | | |
512 // | | +-------------+ +-------------+ | | | |
513 // | | |(3)Origin B | |(4)Origin C | | | | |
514 // | | |No Policy | |No Policy | | | | |
515 // | | +-------------+ +-------------+ | | | |
516 // | +-----------------------------------+ | | |
517 // +---------------------------------------+ | |
518 // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3. | |
519 Vector<String> messages; | |
520 std::unique_ptr<FeaturePolicy> policy1 = | |
521 createFromParentPolicy(nullptr, m_originA); | |
522 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
523 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages)); | |
524 EXPECT_EQ(0UL, messages.size()); | |
525 std::unique_ptr<FeaturePolicy> policy2 = | |
526 createFromParentPolicy(policy1.get(), m_originB); | |
527 std::unique_ptr<FeaturePolicy> policy3 = | |
528 createFromParentPolicy(policy2.get(), m_originB); | |
529 std::unique_ptr<FeaturePolicy> policy4 = | |
530 createFromParentPolicy(policy2.get(), m_originC); | |
531 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultSelfFeature)); | |
532 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
533 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
534 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); | |
535 } | |
536 | |
537 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) { | |
538 // +------------------------------------------------------------+ | |
539 // |(1) Origin A | | |
540 // |Policy: {"default-off": ["Origin B"]} | | |
541 // | +--------------------------------------------------------+ | | |
542 // | |(2) Origin B | | | |
543 // | |Policy: {"default-off": ["self"]} | | | |
544 // | | +-------------+ +----------------------------------+ | | | |
545 // | | |(3)Origin B | |(4)Origin C | | | | |
546 // | | |No Policy | |Policy: {"default-off": ["self"]} | | | | |
547 // | | +-------------+ +----------------------------------+ | | | |
548 // | +--------------------------------------------------------+ | | |
549 // +------------------------------------------------------------+ | |
550 // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only. | |
551 Vector<String> messages; | |
552 std::unique_ptr<FeaturePolicy> policy1 = | |
553 createFromParentPolicy(nullptr, m_originA); | |
554 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
555 "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages)); | |
556 EXPECT_EQ(0UL, messages.size()); | |
557 std::unique_ptr<FeaturePolicy> policy2 = | |
558 createFromParentPolicy(policy1.get(), m_originB); | |
559 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
560 "{\"default-off\": [\"self\"]}", m_originB.get(), &messages)); | |
561 std::unique_ptr<FeaturePolicy> policy3 = | |
562 createFromParentPolicy(policy2.get(), m_originB); | |
563 std::unique_ptr<FeaturePolicy> policy4 = | |
564 createFromParentPolicy(policy2.get(), m_originC); | |
565 policy4->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
566 "{\"default-off\": [\"self\"]}", m_originC.get(), &messages)); | |
567 EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature)); | |
568 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOffFeature)); | |
569 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOffFeature)); | |
570 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOffFeature)); | |
571 } | |
572 | |
573 TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) { | |
574 // +------------------------------------+ | |
575 // |(1) Origin A | | |
576 // |Policy: {"default-self": ["*"]} | | |
577 // | +--------------------------------+ | | |
578 // | |(2) Origin B | | | |
579 // | |Policy: {"default-self": ["*"]} | | | |
580 // | | +-------------+ | | | |
581 // | | |(3)Origin A | | | | |
582 // | | |No Policy | | | | |
583 // | | +-------------+ | | | |
584 // | +--------------------------------+ | | |
585 // +------------------------------------+ | |
586 // Feature should be enabled in all frames. | |
587 Vector<String> messages; | |
588 std::unique_ptr<FeaturePolicy> policy1 = | |
589 createFromParentPolicy(nullptr, m_originA); | |
590 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
591 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages)); | |
592 EXPECT_EQ(0UL, messages.size()); | |
593 std::unique_ptr<FeaturePolicy> policy2 = | |
594 createFromParentPolicy(policy1.get(), m_originB); | |
595 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
596 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages)); | |
597 EXPECT_EQ(0UL, messages.size()); | |
598 std::unique_ptr<FeaturePolicy> policy3 = | |
599 createFromParentPolicy(policy2.get(), m_originA); | |
600 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); | |
601 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
602 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
603 } | |
604 | |
605 TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) { | |
606 // +--------------------------------------+ | |
607 // |(1)Origin A | | |
608 // |Policy: {"default-self": ["self"]} | | |
609 // | +----------------------------------+ | | |
610 // | |(2)Origin B | | | |
611 // | |Policy: {"default-self": ["*"]} | | | |
612 // | | +-------------+ +-------------+ | | | |
613 // | | |(3)Origin A | |(4)Origin C | | | | |
614 // | | |No Policy | |No Policy | | | | |
615 // | | +-------------+ +-------------+ | | | |
616 // | +----------------------------------+ | | |
617 // +--------------------------------------+ | |
618 // Feature should be enabled at the top level; disabled in all other frames. | |
619 Vector<String> messages; | |
620 std::unique_ptr<FeaturePolicy> policy1 = | |
621 createFromParentPolicy(nullptr, m_originA); | |
622 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
623 "{\"default-self\": [\"self\"]}", m_originA.get(), &messages)); | |
624 EXPECT_EQ(0UL, messages.size()); | |
625 std::unique_ptr<FeaturePolicy> policy2 = | |
626 createFromParentPolicy(policy1.get(), m_originB); | |
627 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
628 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages)); | |
629 EXPECT_EQ(0UL, messages.size()); | |
630 std::unique_ptr<FeaturePolicy> policy3 = | |
631 createFromParentPolicy(policy2.get(), m_originA); | |
632 std::unique_ptr<FeaturePolicy> policy4 = | |
633 createFromParentPolicy(policy2.get(), m_originC); | |
634 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); | |
635 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
636 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
637 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); | |
638 } | |
639 | |
640 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) { | |
641 // +---------------------------------------------------+ | |
642 // |(1) Origin A | | |
643 // |Policy: {"default-self": ["self", "Origin B"]} | | |
644 // | +-----------------------------------------------+ | | |
645 // | |(2) Origin B | | | |
646 // | |Policy: {"default-self": ["self", "Origin C"]} | | | |
647 // | | +-------------+ | | | |
648 // | | |(3)Origin C | | | | |
649 // | | |No Policy | | | | |
650 // | | +-------------+ | | | |
651 // | +-----------------------------------------------+ | | |
652 // +---------------------------------------------------+ | |
653 // Feature should be enabled in all frames. | |
654 Vector<String> messages; | |
655 std::unique_ptr<FeaturePolicy> policy1 = | |
656 createFromParentPolicy(nullptr, m_originA); | |
657 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
658 "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), | |
659 &messages)); | |
660 EXPECT_EQ(0UL, messages.size()); | |
661 std::unique_ptr<FeaturePolicy> policy2 = | |
662 createFromParentPolicy(policy1.get(), m_originB); | |
663 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
664 "{\"default-self\": [\"self\", \"" ORIGIN_C "\"]}", m_originB.get(), | |
665 &messages)); | |
666 EXPECT_EQ(0UL, messages.size()); | |
667 std::unique_ptr<FeaturePolicy> policy3 = | |
668 createFromParentPolicy(policy2.get(), m_originC); | |
669 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); | |
670 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
671 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
672 } | |
673 | |
674 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) { | |
675 // +-----------------------------------------------+ | |
676 // |(1) Origin A | | |
677 // |Policy: {"default-on": ["self", "Origin B"]} | | |
678 // | +--------------------+ +--------------------+ | | |
679 // | |(2) Origin B | | (4) Origin C | | | |
680 // | |No Policy | | No Policy | | | |
681 // | | +-------------+ | | | | | |
682 // | | |(3)Origin C | | | | | | |
683 // | | |No Policy | | | | | | |
684 // | | +-------------+ | | | | | |
685 // | +--------------------+ +--------------------+ | | |
686 // +-----------------------------------------------+ | |
687 // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4. | |
688 Vector<String> messages; | |
689 std::unique_ptr<FeaturePolicy> policy1 = | |
690 createFromParentPolicy(nullptr, m_originA); | |
691 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
692 "{\"default-on\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), | |
693 &messages)); | |
694 EXPECT_EQ(0UL, messages.size()); | |
695 std::unique_ptr<FeaturePolicy> policy2 = | |
696 createFromParentPolicy(policy1.get(), m_originB); | |
697 std::unique_ptr<FeaturePolicy> policy3 = | |
698 createFromParentPolicy(policy2.get(), m_originC); | |
699 std::unique_ptr<FeaturePolicy> policy4 = | |
700 createFromParentPolicy(policy1.get(), m_originC); | |
701 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature)); | |
702 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
703 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature)); | |
704 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOnFeature)); | |
705 } | |
706 | |
707 TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) { | |
708 // +-----------------------------------------------+ | |
709 // |(1) Origin A | | |
710 // |Policy: {"default-self": ["self", "Origin B"]} | | |
711 // | +--------------------+ +--------------------+ | | |
712 // | |(2) Origin B | | (4) Origin C | | | |
713 // | |No Policy | | No Policy | | | |
714 // | | +-------------+ | | | | | |
715 // | | |(3)Origin C | | | | | | |
716 // | | |No Policy | | | | | | |
717 // | | +-------------+ | | | | | |
718 // | +--------------------+ +--------------------+ | | |
719 // +-----------------------------------------------+ | |
720 // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and | |
721 // 4. | |
722 Vector<String> messages; | |
723 std::unique_ptr<FeaturePolicy> policy1 = | |
724 createFromParentPolicy(nullptr, m_originA); | |
725 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
726 "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), | |
727 &messages)); | |
728 EXPECT_EQ(0UL, messages.size()); | |
729 std::unique_ptr<FeaturePolicy> policy2 = | |
730 createFromParentPolicy(policy1.get(), m_originB); | |
731 std::unique_ptr<FeaturePolicy> policy3 = | |
732 createFromParentPolicy(policy2.get(), m_originC); | |
733 std::unique_ptr<FeaturePolicy> policy4 = | |
734 createFromParentPolicy(policy1.get(), m_originC); | |
735 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); | |
736 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
737 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
738 EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature)); | |
739 } | |
740 | |
741 TEST_F(FeaturePolicyTest, TestFeaturesAreIndependent) { | |
742 // +-----------------------------------------------+ | |
743 // |(1) Origin A | | |
744 // |Policy: {"default-self": ["self", "Origin B"], | | |
745 // | "default-on": ["self"]} | | |
746 // | +-------------------------------------------+ | | |
747 // | |(2) Origin B | | | |
748 // | |Policy: {"default-self": ["*"], | | | |
749 // | | "default-on": ["*"]} | | | |
750 // | | +-------------+ | | | |
751 // | | |(3)Origin C | | | | |
752 // | | |No Policy | | | | |
753 // | | +-------------+ | | | |
754 // | +-------------------------------------------+ | | |
755 // +-----------------------------------------------+ | |
756 // Default-self feature should be enabled in all frames; Default-on feature | |
757 // should be enabled in frame 1, and disabled in frames 2 and 3. | |
758 Vector<String> messages; | |
759 std::unique_ptr<FeaturePolicy> policy1 = | |
760 createFromParentPolicy(nullptr, m_originA); | |
761 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
762 "{\"default-self\": [\"self\", \"" ORIGIN_B | |
763 "\"], \"default-on\": [\"self\"]}", | |
764 m_originA.get(), &messages)); | |
765 EXPECT_EQ(0UL, messages.size()); | |
766 std::unique_ptr<FeaturePolicy> policy2 = | |
767 createFromParentPolicy(policy1.get(), m_originB); | |
768 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
769 "{\"default-self\": [\"*\"], \"default-on\": [\"*\"]}", m_originB.get(), | |
770 &messages)); | |
771 EXPECT_EQ(0UL, messages.size()); | |
772 std::unique_ptr<FeaturePolicy> policy3 = | |
773 createFromParentPolicy(policy2.get(), m_originC); | |
774 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature)); | |
775 EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature)); | |
776 EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature)); | |
777 EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature)); | |
778 EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature)); | |
779 EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature)); | |
780 } | |
781 | |
782 TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) { | |
783 // +-----------------------------------------------+ | |
784 // |(1) Origin A | | |
785 // |Policy: {"default-off": ["self", "Origin B"]} | | |
786 // +-----------------------------------------------+ | |
787 // Features should be enabled by the policy in frame 1 for origins A and B, | |
788 // and disabled for origin C. | |
789 Vector<String> messages; | |
790 std::unique_ptr<FeaturePolicy> policy1 = | |
791 createFromParentPolicy(nullptr, m_originA); | |
792 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
793 "{\"default-off\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), | |
794 &messages)); | |
795 EXPECT_EQ(0UL, messages.size()); | |
796 EXPECT_TRUE( | |
797 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); | |
798 EXPECT_TRUE( | |
799 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); | |
800 EXPECT_FALSE( | |
801 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); | |
802 } | |
803 | |
804 // Test frame policies | |
805 | |
806 TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) { | |
807 // +-------------------------------------------------+ | |
808 // |(1)Origin A | | |
809 // |No Policy | | |
810 // | | | |
811 // |<iframe policy='{"default-self": ["Origin B"]}'> | | |
812 // | +-------------+ | | |
813 // | |(2)Origin B | | | |
814 // | |No Policy | | | |
815 // | +-------------+ | | |
816 // +-------------------------------------------------+ | |
817 // Default-self feature should be enabled in cross-origin child frame because | |
818 // permission was delegated through frame policy. | |
819 // This is the same scenario as when the iframe is declared as | |
820 // <iframe allow="default-self"> | |
821 Vector<String> messages; | |
822 std::unique_ptr<FeaturePolicy> policy1 = | |
823 createFromParentPolicy(nullptr, m_originA); | |
824 WebParsedFeaturePolicyHeader framePolicy = FeaturePolicy::parseFeaturePolicy( | |
825 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages); | |
826 EXPECT_EQ(0UL, messages.size()); | |
827 std::unique_ptr<FeaturePolicy> policy2 = | |
828 createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB); | |
829 EXPECT_TRUE( | |
830 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA)); | |
831 EXPECT_FALSE( | |
832 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
833 EXPECT_FALSE( | |
834 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC)); | |
835 EXPECT_FALSE( | |
836 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA)); | |
837 EXPECT_TRUE( | |
838 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
839 EXPECT_FALSE( | |
840 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC)); | |
841 } | |
842 | |
843 TEST_F(FeaturePolicyTest, TestAllOriginFramePolicy) { | |
844 // +------------------------------------------+ | |
845 // |(1)Origin A | | |
846 // |No Policy | | |
847 // | | | |
848 // |<iframe policy='{"default-self": ["*"]}'> | | |
849 // | +-------------+ | | |
850 // | |(2)Origin B | | | |
851 // | |No Policy | | | |
852 // | +-------------+ | | |
853 // +------------------------------------------+ | |
854 // Default-self feature should be enabled in cross-origin child frame because | |
855 // permission was delegated through frame policy. | |
856 // This is the same scenario that arises when the iframe is declared as | |
857 // <iframe allowfullscreen> | |
858 Vector<String> messages; | |
859 std::unique_ptr<FeaturePolicy> policy1 = | |
860 createFromParentPolicy(nullptr, m_originA); | |
861 WebParsedFeaturePolicyHeader framePolicy = FeaturePolicy::parseFeaturePolicy( | |
862 "{\"default-self\": [\"*\"]}", m_originA.get(), &messages); | |
863 EXPECT_EQ(0UL, messages.size()); | |
864 std::unique_ptr<FeaturePolicy> policy2 = | |
865 createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB); | |
866 EXPECT_TRUE( | |
867 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA)); | |
868 EXPECT_FALSE( | |
869 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
870 EXPECT_FALSE( | |
871 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC)); | |
872 EXPECT_FALSE( | |
873 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA)); | |
874 EXPECT_TRUE( | |
875 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
876 EXPECT_FALSE( | |
877 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC)); | |
878 } | |
879 | |
880 TEST_F(FeaturePolicyTest, TestFramePolicyCanBeFurtherDelegated) { | |
881 // +-----------------------------------------------------+ | |
882 // |(1)Origin A | | |
883 // |No Policy | | |
884 // | | | |
885 // |<iframe policy='{"default-self": ["Origin B"]}'> | | |
886 // | +-------------------------------------------------+ | | |
887 // | |(2)Origin B | | | |
888 // | |No Policy | | | |
889 // | | | | | |
890 // | |<iframe policy='{"default-self": ["Origin C"]}'> | | | |
891 // | | +-------------+ | | | |
892 // | | |(3)Origin C | | | | |
893 // | | |No Policy | | | | |
894 // | | +-------------+ | | | |
895 // | | | | | |
896 // | |<iframe> (No frame policy) | | | |
897 // | | +-------------+ | | | |
898 // | | |(4)Origin C | | | | |
899 // | | |No Policy | | | | |
900 // | | +-------------+ | | | |
901 // | +-------------------------------------------------+ | | |
902 // +-----------------------------------------------------+ | |
903 // Default-self feature should be enabled in cross-origin child frames 2 and | |
904 // 3. Feature should be disabled in frame 4 because it was not further | |
905 // delegated through frame policy. | |
906 Vector<String> messages; | |
907 std::unique_ptr<FeaturePolicy> policy1 = | |
908 createFromParentPolicy(nullptr, m_originA); | |
909 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy( | |
910 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages); | |
911 EXPECT_EQ(0UL, messages.size()); | |
912 std::unique_ptr<FeaturePolicy> policy2 = | |
913 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB); | |
914 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy( | |
915 "{\"default-self\": [\"" ORIGIN_C "\"]}", m_originB.get(), &messages); | |
916 EXPECT_EQ(0UL, messages.size()); | |
917 std::unique_ptr<FeaturePolicy> policy3 = | |
918 createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC); | |
919 std::unique_ptr<FeaturePolicy> policy4 = | |
920 createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC); | |
921 EXPECT_FALSE( | |
922 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA)); | |
923 EXPECT_FALSE( | |
924 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
925 EXPECT_TRUE( | |
926 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC)); | |
927 EXPECT_FALSE( | |
928 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA)); | |
929 EXPECT_FALSE( | |
930 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
931 EXPECT_FALSE( | |
932 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC)); | |
933 } | |
934 | |
935 TEST_F(FeaturePolicyTest, TestDefaultOnCanBeDisabledByFramePolicy) { | |
936 // +-------------------------------------+ | |
937 // |(1)Origin A | | |
938 // |No Policy | | |
939 // | | | |
940 // |<iframe policy='{"default-on": []}'> | | |
941 // | +-------------+ | | |
942 // | |(2)Origin A | | | |
943 // | |No Policy | | | |
944 // | +-------------+ | | |
945 // | | | |
946 // |<iframe policy='{"default-on": []}'> | | |
947 // | +-------------+ | | |
948 // | |(3)Origin B | | | |
949 // | |No Policy | | | |
950 // | +-------------+ | | |
951 // +-------------------------------------+ | |
952 // Default-on feature should be disabled in both same-origin and cross-origin | |
953 // child frames because permission was removed through frame policy. | |
954 Vector<String> messages; | |
955 std::unique_ptr<FeaturePolicy> policy1 = | |
956 createFromParentPolicy(nullptr, m_originA); | |
957 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy( | |
958 "{\"default-on\": []}", m_originA.get(), &messages); | |
959 EXPECT_EQ(0UL, messages.size()); | |
960 std::unique_ptr<FeaturePolicy> policy2 = | |
961 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA); | |
962 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy( | |
963 "{\"default-on\": []}", m_originA.get(), &messages); | |
964 EXPECT_EQ(0UL, messages.size()); | |
965 std::unique_ptr<FeaturePolicy> policy3 = | |
966 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB); | |
967 EXPECT_TRUE( | |
968 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA)); | |
969 EXPECT_TRUE( | |
970 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB)); | |
971 EXPECT_TRUE( | |
972 policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC)); | |
973 EXPECT_FALSE( | |
974 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA)); | |
975 EXPECT_FALSE( | |
976 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB)); | |
977 EXPECT_FALSE( | |
978 policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC)); | |
979 EXPECT_FALSE( | |
980 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA)); | |
981 EXPECT_FALSE( | |
982 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB)); | |
983 EXPECT_FALSE( | |
984 policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC)); | |
985 } | |
986 | |
987 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeEnabledByChildFrame) { | |
988 // +------------------------------------------------+ | |
989 // |(1)Origin A | | |
990 // |Policy: {"default-off": ["self"]} | | |
991 // | | | |
992 // |<iframe policy='{"default-off": ["Origin A"]}'> | | |
993 // | +-------------+ | | |
994 // | |(2)Origin A | | | |
995 // | |No Policy | | | |
996 // | +-------------+ | | |
997 // | | | |
998 // |<iframe policy='{"default-off": ["Origin B"]}'> | | |
999 // | +-------------+ | | |
1000 // | |(3)Origin B | | | |
1001 // | |No Policy | | | |
1002 // | +-------------+ | | |
1003 // +------------------------------------------------+ | |
1004 // Default-off feature should be disabled in both same-origin and cross-origin | |
1005 // child frames because they did not declare their own policy to enable it. | |
1006 Vector<String> messages; | |
1007 std::unique_ptr<FeaturePolicy> policy1 = | |
1008 createFromParentPolicy(nullptr, m_originA); | |
1009 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
1010 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages)); | |
1011 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy( | |
1012 "{\"default-off\": [\"" ORIGIN_A "\"]}", m_originA.get(), &messages); | |
1013 EXPECT_EQ(0UL, messages.size()); | |
1014 std::unique_ptr<FeaturePolicy> policy2 = | |
1015 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA); | |
1016 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy( | |
1017 "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages); | |
1018 EXPECT_EQ(0UL, messages.size()); | |
1019 std::unique_ptr<FeaturePolicy> policy3 = | |
1020 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB); | |
1021 EXPECT_TRUE( | |
1022 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); | |
1023 EXPECT_FALSE( | |
1024 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); | |
1025 EXPECT_FALSE( | |
1026 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); | |
1027 EXPECT_FALSE( | |
1028 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); | |
1029 EXPECT_FALSE( | |
1030 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); | |
1031 EXPECT_FALSE( | |
1032 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); | |
1033 EXPECT_FALSE( | |
1034 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); | |
1035 EXPECT_FALSE( | |
1036 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); | |
1037 EXPECT_FALSE( | |
1038 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); | |
1039 } | |
1040 | |
1041 TEST_F(FeaturePolicyTest, TestDefaultOffCanBeEnabledByChildFrame) { | |
1042 // +------------------------------------------------+ | |
1043 // |(1)Origin A | | |
1044 // |Policy: {"default-off": ["self"]} | | |
1045 // | | | |
1046 // |<iframe policy='{"default-off": ["Origin A"]}'> | | |
1047 // | +--------------------------------------------+ | | |
1048 // | |(2)Origin A | | | |
1049 // | |Policy: {"default-off": ["self"]} | | | |
1050 // | +--------------------------------------------+ | | |
1051 // | | | |
1052 // |<iframe policy='{"default-off": ["Origin B"]}'> | | |
1053 // | +--------------------------------------------+ | | |
1054 // | |(3)Origin B | | | |
1055 // | |Policy: {"default-off": ["self"]} | | | |
1056 // | +--------------------------------------------+ | | |
1057 // +------------------------------------------------+ | |
1058 // Default-off feature should be enabled in both same-origin and cross-origin | |
1059 // child frames because it is delegated through the parent's frame policy, and | |
1060 // they declare their own policy to enable it. | |
1061 Vector<String> messages; | |
1062 std::unique_ptr<FeaturePolicy> policy1 = | |
1063 createFromParentPolicy(nullptr, m_originA); | |
1064 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
1065 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages)); | |
1066 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy( | |
1067 "{\"default-off\": [\"" ORIGIN_A "\"]}", m_originA.get(), &messages); | |
1068 EXPECT_EQ(0UL, messages.size()); | |
1069 std::unique_ptr<FeaturePolicy> policy2 = | |
1070 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA); | |
1071 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
1072 "{\"default-off\": [\"self\"]}", m_originA.get(), &messages)); | |
1073 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy( | |
1074 "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages); | |
1075 EXPECT_EQ(0UL, messages.size()); | |
1076 std::unique_ptr<FeaturePolicy> policy3 = | |
1077 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB); | |
1078 policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
1079 "{\"default-off\": [\"self\"]}", m_originB.get(), &messages)); | |
1080 EXPECT_TRUE( | |
1081 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); | |
1082 EXPECT_FALSE( | |
1083 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); | |
1084 EXPECT_FALSE( | |
1085 policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); | |
1086 EXPECT_TRUE( | |
1087 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); | |
1088 EXPECT_FALSE( | |
1089 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); | |
1090 EXPECT_FALSE( | |
1091 policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); | |
1092 EXPECT_FALSE( | |
1093 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA)); | |
1094 EXPECT_TRUE( | |
1095 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB)); | |
1096 EXPECT_FALSE( | |
1097 policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC)); | |
1098 } | |
1099 | |
1100 TEST_F(FeaturePolicyTest, TestFramePolicyModifiesHeaderPolicy) { | |
1101 // +-----------------------------------------------+ | |
1102 // |(1)Origin A | | |
1103 // |Policy: {"default-self": ["self", "Origin B"]} | | |
1104 // | | | |
1105 // |<iframe policy='{"default-self": []}'> | | |
1106 // | +-------------------------------------------+ | | |
1107 // | |(2)Origin B | | | |
1108 // | |No Policy | | | |
1109 // | +-------------------------------------------+ | | |
1110 // | | | |
1111 // |<iframe policy='{"default-self": []}'> | | |
1112 // | +-------------------------------------------+ | | |
1113 // | |(3)Origin B | | | |
1114 // | |Policy: {"default-self": ["self"]} | | | |
1115 // | +-------------------------------------------+ | | |
1116 // +-----------------------------------------------+ | |
1117 // Default-self feature should be disabled in both cross-origin child frames | |
1118 // by frame policy, even though the parent frame's header policy would | |
1119 // otherwise enable it. This is true regardless of the child frame's header | |
1120 // policy. | |
1121 Vector<String> messages; | |
1122 std::unique_ptr<FeaturePolicy> policy1 = | |
1123 createFromParentPolicy(nullptr, m_originA); | |
1124 policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
1125 "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(), | |
1126 &messages)); | |
1127 EXPECT_EQ(0UL, messages.size()); | |
1128 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy( | |
1129 "{\"default-self\": []}", m_originA.get(), &messages); | |
1130 EXPECT_EQ(0UL, messages.size()); | |
1131 std::unique_ptr<FeaturePolicy> policy2 = | |
1132 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB); | |
1133 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy( | |
1134 "{\"default-self\": []}", m_originA.get(), &messages); | |
1135 EXPECT_EQ(0UL, messages.size()); | |
1136 std::unique_ptr<FeaturePolicy> policy3 = | |
1137 createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB); | |
1138 policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
1139 "{\"default-self\": [\"self\"]}", m_originB.get(), &messages)); | |
1140 EXPECT_FALSE( | |
1141 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
1142 EXPECT_FALSE( | |
1143 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
1144 } | |
1145 | |
1146 TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) { | |
1147 // +-------------------------------------------------+ | |
1148 // |(1)Origin A | | |
1149 // |No Policy | | |
1150 // | | | |
1151 // |<iframe policy='{"default-self": ["Origin B"]}'> | | |
1152 // | +---------------------------------------------+ | | |
1153 // | |(2)Origin B | | | |
1154 // | |Policy: {"default-self": ["*"]} | | | |
1155 // | | | | | |
1156 // | |<iframe policy='{"default-self": []}'> | | | |
1157 // | | +-------------+ | | | |
1158 // | | |(3)Origin C | | | | |
1159 // | | |No Policy | | | | |
1160 // | | +-------------+ | | | |
1161 // | | | | | |
1162 // | |<iframe> (No frame policy) | | | |
1163 // | | +-------------+ | | | |
1164 // | | |(4)Origin C | | | | |
1165 // | | |No Policy | | | | |
1166 // | | +-------------+ | | | |
1167 // | +---------------------------------------------+ | | |
1168 // +-------------------------------------------------+ | |
1169 // Default-self feature should be enabled in cross-origin child frames 2 and | |
1170 // 4. Feature should be disabled in frame 2 by frame policy. | |
1171 Vector<String> messages; | |
1172 std::unique_ptr<FeaturePolicy> policy1 = | |
1173 createFromParentPolicy(nullptr, m_originA); | |
1174 WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy( | |
1175 "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages); | |
1176 EXPECT_EQ(0UL, messages.size()); | |
1177 std::unique_ptr<FeaturePolicy> policy2 = | |
1178 createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB); | |
1179 policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy( | |
1180 "{\"default-self\": [\"*\"]}", m_originB.get(), &messages)); | |
1181 WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy( | |
1182 "{\"default-self\": [\"\"]}", m_originC.get(), &messages); | |
1183 EXPECT_EQ(0UL, messages.size()); | |
1184 std::unique_ptr<FeaturePolicy> policy3 = | |
1185 createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC); | |
1186 std::unique_ptr<FeaturePolicy> policy4 = | |
1187 createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC); | |
1188 EXPECT_TRUE( | |
1189 policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA)); | |
1190 EXPECT_TRUE( | |
1191 policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB)); | |
1192 EXPECT_FALSE( | |
1193 policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC)); | |
1194 EXPECT_TRUE( | |
1195 policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC)); | |
1196 } | 117 } |
1197 | 118 |
1198 } // namespace blink | 119 } // namespace blink |
OLD | NEW |