| Index: third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp
|
| diff --git a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp
|
| index 6b08be53f5e5469930a2dcae5ba1d033aa79f7e3..c62b7a8bcb4f531ba242a4242bea7af0f3bb2a9f 100644
|
| --- a/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp
|
| +++ b/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp
|
| @@ -34,69 +34,25 @@ const char* kInvalidPolicies[] = {
|
| "{\"Whitelist\": \"Not a JSON array\"}",
|
| "{\"feature1\": [\"*\"], \"feature2\": \"Not an array\"}"};
|
|
|
| -// This is an example of a feature which should be enabled by default in all
|
| -// frames.
|
| -const FeaturePolicy::Feature kDefaultOnFeature{
|
| - "default-on", FeaturePolicy::FeatureDefault::EnableForAll};
|
| -
|
| -// This is an example of a feature which should be enabled in top-level frames,
|
| -// and same-origin child-frames, but must be delegated to all cross-origin
|
| -// frames explicitly.
|
| -const FeaturePolicy::Feature kDefaultSelfFeature{
|
| - "default-self", FeaturePolicy::FeatureDefault::EnableForSelf};
|
| -
|
| -// This is an example of a feature which should be disabled by default, both in
|
| -// top-level and nested frames.
|
| -const FeaturePolicy::Feature kDefaultOffFeature{
|
| - "default-off", FeaturePolicy::FeatureDefault::DisableForAll};
|
| -
|
| } // namespace
|
|
|
| class FeaturePolicyTest : public ::testing::Test {
|
| protected:
|
| - FeaturePolicyTest()
|
| - : m_frameworkWasEnabled(RuntimeEnabledFeatures::featurePolicyEnabled()),
|
| - m_featureList(
|
| - {&kDefaultOnFeature, &kDefaultSelfFeature, &kDefaultOffFeature}) {
|
| - RuntimeEnabledFeatures::setFeaturePolicyEnabled(true);
|
| - }
|
| + FeaturePolicyTest() {}
|
|
|
| ~FeaturePolicyTest() {
|
| - RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled);
|
| - }
|
| -
|
| - std::unique_ptr<FeaturePolicy> createFromParentPolicy(
|
| - const FeaturePolicy* parent,
|
| - RefPtr<SecurityOrigin> origin) {
|
| - return FeaturePolicy::createFromParentPolicy(parent, nullptr, origin,
|
| - m_featureList);
|
| - }
|
| -
|
| - std::unique_ptr<FeaturePolicy> createFromParentWithFramePolicy(
|
| - const FeaturePolicy* parent,
|
| - const WebParsedFeaturePolicyHeader* framePolicy,
|
| - RefPtr<SecurityOrigin> origin) {
|
| - return FeaturePolicy::createFromParentPolicy(parent, framePolicy, origin,
|
| - m_featureList);
|
| }
|
|
|
| RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A);
|
| RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B);
|
| RefPtr<SecurityOrigin> m_originC = SecurityOrigin::createFromString(ORIGIN_C);
|
| -
|
| - private:
|
| - const bool m_frameworkWasEnabled;
|
| -
|
| - // Contains the list of controlled features, so that we are guaranteed to
|
| - // have at least one of each kind of default behaviour represented.
|
| - FeaturePolicy::FeatureList m_featureList;
|
| };
|
|
|
| TEST_F(FeaturePolicyTest, ParseValidPolicy) {
|
| Vector<String> messages;
|
| for (const char* policyString : kValidPolicies) {
|
| messages.clear();
|
| - FeaturePolicy::parseFeaturePolicy(policyString, m_originA.get(), &messages);
|
| + parseFeaturePolicy(policyString, m_originA.get(), &messages);
|
| EXPECT_EQ(0UL, messages.size());
|
| }
|
| }
|
| @@ -105,7 +61,7 @@ TEST_F(FeaturePolicyTest, ParseInvalidPolicy) {
|
| Vector<String> messages;
|
| for (const char* policyString : kInvalidPolicies) {
|
| messages.clear();
|
| - FeaturePolicy::parseFeaturePolicy(policyString, m_originA.get(), &messages);
|
| + parseFeaturePolicy(policyString, m_originA.get(), &messages);
|
| EXPECT_NE(0UL, messages.size());
|
| }
|
| }
|
| @@ -114,1085 +70,50 @@ TEST_F(FeaturePolicyTest, PolicyParsedCorrectly) {
|
| Vector<String> messages;
|
|
|
| // Empty policy.
|
| - WebParsedFeaturePolicyHeader parsedHeader =
|
| - FeaturePolicy::parseFeaturePolicy("{}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, parsedHeader.size());
|
| + WebParsedFeaturePolicyHeader parsedPolicy =
|
| + parseFeaturePolicy("{}", m_originA.get(), &messages);
|
| + EXPECT_EQ(0UL, parsedPolicy.size());
|
|
|
| // Simple policy with "self".
|
| - parsedHeader = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(1UL, parsedHeader.size());
|
| - EXPECT_EQ("default-self", parsedHeader[0].featureName);
|
| - EXPECT_FALSE(parsedHeader[0].matchesAllOrigins);
|
| - EXPECT_EQ(1UL, parsedHeader[0].origins.size());
|
| + parsedPolicy = parseFeaturePolicy("{\"default-self\": [\"self\"]}",
|
| + m_originA.get(), &messages);
|
| + EXPECT_EQ(1UL, parsedPolicy.size());
|
| + EXPECT_EQ("default-self", parsedPolicy[0].featureName);
|
| + EXPECT_FALSE(parsedPolicy[0].matchesAllOrigins);
|
| + EXPECT_EQ(1UL, parsedPolicy[0].origins.size());
|
| EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin(
|
| - parsedHeader[0].origins[0].get()));
|
| + parsedPolicy[0].origins[0].get()));
|
|
|
| // Simple policy with *.
|
| - parsedHeader = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"*\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(1UL, parsedHeader.size());
|
| - EXPECT_EQ("default-self", parsedHeader[0].featureName);
|
| - EXPECT_TRUE(parsedHeader[0].matchesAllOrigins);
|
| - EXPECT_EQ(0UL, parsedHeader[0].origins.size());
|
| + parsedPolicy = parseFeaturePolicy("{\"default-self\": [\"*\"]}",
|
| + m_originA.get(), &messages);
|
| + EXPECT_EQ(1UL, parsedPolicy.size());
|
| + EXPECT_EQ("default-self", parsedPolicy[0].featureName);
|
| + EXPECT_TRUE(parsedPolicy[0].matchesAllOrigins);
|
| + EXPECT_EQ(0UL, parsedPolicy[0].origins.size());
|
|
|
| // Complicated policy.
|
| - parsedHeader = FeaturePolicy::parseFeaturePolicy(
|
| + parsedPolicy = parseFeaturePolicy(
|
| "{\"default-self\": [\"*\"], "
|
| "\"default-on\": [\"https://example.net\", \"https://example.org\"], "
|
| "\"default-off\": [\"self\"]}",
|
| m_originA.get(), &messages);
|
| - EXPECT_EQ(3UL, parsedHeader.size());
|
| - EXPECT_EQ("default-self", parsedHeader[0].featureName);
|
| - EXPECT_TRUE(parsedHeader[0].matchesAllOrigins);
|
| - EXPECT_EQ(0UL, parsedHeader[0].origins.size());
|
| - EXPECT_EQ("default-on", parsedHeader[1].featureName);
|
| - EXPECT_FALSE(parsedHeader[1].matchesAllOrigins);
|
| - EXPECT_EQ(2UL, parsedHeader[1].origins.size());
|
| + EXPECT_EQ(3UL, parsedPolicy.size());
|
| + EXPECT_EQ("default-self", parsedPolicy[0].featureName);
|
| + EXPECT_TRUE(parsedPolicy[0].matchesAllOrigins);
|
| + EXPECT_EQ(0UL, parsedPolicy[0].origins.size());
|
| + EXPECT_EQ("default-on", parsedPolicy[1].featureName);
|
| + EXPECT_FALSE(parsedPolicy[1].matchesAllOrigins);
|
| + EXPECT_EQ(2UL, parsedPolicy[1].origins.size());
|
| EXPECT_TRUE(m_originB->isSameSchemeHostPortAndSuborigin(
|
| - parsedHeader[1].origins[0].get()));
|
| + parsedPolicy[1].origins[0].get()));
|
| EXPECT_TRUE(m_originC->isSameSchemeHostPortAndSuborigin(
|
| - parsedHeader[1].origins[1].get()));
|
| - EXPECT_EQ("default-off", parsedHeader[2].featureName);
|
| - EXPECT_FALSE(parsedHeader[2].matchesAllOrigins);
|
| - EXPECT_EQ(1UL, parsedHeader[2].origins.size());
|
| + parsedPolicy[1].origins[1].get()));
|
| + EXPECT_EQ("default-off", parsedPolicy[2].featureName);
|
| + EXPECT_FALSE(parsedPolicy[2].matchesAllOrigins);
|
| + EXPECT_EQ(1UL, parsedPolicy[2].origins.size());
|
| EXPECT_TRUE(m_originA->isSameSchemeHostPortAndSuborigin(
|
| - parsedHeader[2].origins[0].get()));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestInitialPolicy) {
|
| - // +-------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // +-------------+
|
| - // Default-on and top-level-only features should be enabled in top-level
|
| - // frame. Default-off features should be disabled.
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestInitialSameOriginChildPolicy) {
|
| - // +-----------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | +-------------+ |
|
| - // | |(2)Origin A | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // +-----------------+
|
| - // Default-on and Default-self features should be enabled in a same-origin
|
| - // child frame. Default-off features should be disabled.
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originA);
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestInitialCrossOriginChildPolicy) {
|
| - // +-----------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | +-------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // +-----------------+
|
| - // Default-on features should be enabled in child frame. Default-self and
|
| - // Default-off features should be disabled.
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOffFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestCrossOriginChildCannotEnableFeature) {
|
| - // +---------------------------------------+
|
| - // |(1) Origin A |
|
| - // |No Policy |
|
| - // | +-----------------------------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |Policy: {"default-self": ["self"]} | |
|
| - // | +-----------------------------------+ |
|
| - // +---------------------------------------+
|
| - // Default-self feature should be disabled in cross origin frame, even if no
|
| - // policy was specified in the parent frame.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\"]}", m_originB.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) {
|
| - // +------------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["self"]} |
|
| - // | +-----------------+ +-----------------+ |
|
| - // | |(2) Origin A | |(4) Origin B | |
|
| - // | |No Policy | |No Policy | |
|
| - // | | +-------------+ | | +-------------+ | |
|
| - // | | |(3)Origin A | | | |(5)Origin B | | |
|
| - // | | |No Policy | | | |No Policy | | |
|
| - // | | +-------------+ | | +-------------+ | |
|
| - // | +-----------------+ +-----------------+ |
|
| - // +------------------------------------------+
|
| - // Feature should be enabled at the top-level, and through the chain of
|
| - // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as
|
| - // they are at a different origin.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originA);
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originA);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy5 =
|
| - createFromParentPolicy(policy4.get(), m_originB);
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy5->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestReflexiveFrameSelfInheritance) {
|
| - // +-----------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["self"]} |
|
| - // | +-----------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |No Policy | |
|
| - // | | +-------------+ | |
|
| - // | | |(3)Origin A | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | +-----------------+ |
|
| - // +-----------------------------------+
|
| - // Feature which is enabled at top-level should be disabled in frame 3, as
|
| - // it is embedded by frame 2, for which the feature is not enabled.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originA);
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) {
|
| - // +------------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["Origin B"]} |
|
| - // | +-----------------+ +-----------------+ |
|
| - // | |(2) Origin B | |(3) Origin C | |
|
| - // | |No Policy | |No Policy | |
|
| - // | | | | +-------------+ | |
|
| - // | | | | |(4)Origin B | | |
|
| - // | | | | |No Policy | | |
|
| - // | | | | +-------------+ | |
|
| - // | +-----------------+ +-----------------+ |
|
| - // +------------------------------------------+
|
| - // Feature should be enabled in second level Origin B frame, but disabled in
|
| - // Frame 4, because it is embedded by frame 3, where the feature is not
|
| - // enabled.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy1.get(), m_originC);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentPolicy(policy3.get(), m_originB);
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) {
|
| - // +----------------------------+
|
| - // |(1)Origin A |
|
| - // |Policy: {"default-on": []} |
|
| - // +----------------------------+
|
| - // Default-on feature should be disabled in top-level frame.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": []}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) {
|
| - // +----------------------------+
|
| - // |(1)Origin A |
|
| - // |Policy: {"default-on": []} |
|
| - // | +-------------+ |
|
| - // | |(2)Origin A | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // +----------------------------+
|
| - // Feature should be disabled in child frame.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": []}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originA);
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) {
|
| - // +--------------------------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | +----------------------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |Policy: {"default-on": []} | |
|
| - // | +----------------------------+ |
|
| - // +--------------------------------+
|
| - // Default-on feature should be disabled by cross-origin child frame.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": []}", m_originB.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) {
|
| - // +--------------------------------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | +----------------------------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |Policy: {"default-on": ["self"]} | |
|
| - // | | +-------------+ | |
|
| - // | | |(3)Origin C | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | +----------------------------------+ |
|
| - // +--------------------------------------+
|
| - // Default-on feature should be enabled in frames 1 and 2; disabled in frame
|
| - // 3 by child frame policy.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": [\"self\"]}", m_originB.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) {
|
| - // +----------------------------+
|
| - // |(1)Origin A |
|
| - // |Policy: {"default-on": []} |
|
| - // | +-------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // +----------------------------+
|
| - // Default-on feature should be disabled in cross-origin child frame.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": []}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) {
|
| - // +--------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["*"]} |
|
| - // | +-----------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |No Policy | |
|
| - // | | +-------------+ | |
|
| - // | | |(3)Origin A | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | +-----------------+ |
|
| - // +--------------------------------+
|
| - // Feature should be enabled in top and second level; disabled in frame 3.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"*\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originA);
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) {
|
| - // +---------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-on": ["Origin B"]} |
|
| - // | +-----------------------------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |No Policy | |
|
| - // | | +-------------+ +-------------+ | |
|
| - // | | |(3)Origin B | |(4)Origin C | | |
|
| - // | | |No Policy | |No Policy | | |
|
| - // | | +-------------+ +-------------+ | |
|
| - // | +-----------------------------------+ |
|
| - // +---------------------------------------+
|
| - // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy4->isFeatureEnabled(kDefaultOnFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) {
|
| - // +---------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["Origin B"]} |
|
| - // | +-----------------------------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |No Policy | |
|
| - // | | +-------------+ +-------------+ | |
|
| - // | | |(3)Origin B | |(4)Origin C | | |
|
| - // | | |No Policy | |No Policy | | |
|
| - // | | +-------------+ +-------------+ | |
|
| - // | +-----------------------------------+ |
|
| - // +---------------------------------------+
|
| - // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) {
|
| - // +------------------------------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-off": ["Origin B"]} |
|
| - // | +--------------------------------------------------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |Policy: {"default-off": ["self"]} | |
|
| - // | | +-------------+ +----------------------------------+ | |
|
| - // | | |(3)Origin B | |(4)Origin C | | |
|
| - // | | |No Policy | |Policy: {"default-off": ["self"]} | | |
|
| - // | | +-------------+ +----------------------------------+ | |
|
| - // | +--------------------------------------------------------+ |
|
| - // +------------------------------------------------------------+
|
| - // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"self\"]}", m_originB.get(), &messages));
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - policy4->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"self\"]}", m_originC.get(), &messages));
|
| - EXPECT_FALSE(policy1->isFeatureEnabled(kDefaultOffFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOffFeature));
|
| - EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOffFeature));
|
| - EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOffFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) {
|
| - // +------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["*"]} |
|
| - // | +--------------------------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |Policy: {"default-self": ["*"]} | |
|
| - // | | +-------------+ | |
|
| - // | | |(3)Origin A | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | +--------------------------------+ |
|
| - // +------------------------------------+
|
| - // Feature should be enabled in all frames.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"*\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"*\"]}", m_originB.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originA);
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) {
|
| - // +--------------------------------------+
|
| - // |(1)Origin A |
|
| - // |Policy: {"default-self": ["self"]} |
|
| - // | +----------------------------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |Policy: {"default-self": ["*"]} | |
|
| - // | | +-------------+ +-------------+ | |
|
| - // | | |(3)Origin A | |(4)Origin C | | |
|
| - // | | |No Policy | |No Policy | | |
|
| - // | | +-------------+ +-------------+ | |
|
| - // | +----------------------------------+ |
|
| - // +--------------------------------------+
|
| - // Feature should be enabled at the top level; disabled in all other frames.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\"]}", m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"*\"]}", m_originB.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originA);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) {
|
| - // +---------------------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["self", "Origin B"]} |
|
| - // | +-----------------------------------------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |Policy: {"default-self": ["self", "Origin C"]} | |
|
| - // | | +-------------+ | |
|
| - // | | |(3)Origin C | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | +-----------------------------------------------+ |
|
| - // +---------------------------------------------------+
|
| - // Feature should be enabled in all frames.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
|
| - &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\", \"" ORIGIN_C "\"]}", m_originB.get(),
|
| - &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) {
|
| - // +-----------------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-on": ["self", "Origin B"]} |
|
| - // | +--------------------+ +--------------------+ |
|
| - // | |(2) Origin B | | (4) Origin C | |
|
| - // | |No Policy | | No Policy | |
|
| - // | | +-------------+ | | | |
|
| - // | | |(3)Origin C | | | | |
|
| - // | | |No Policy | | | | |
|
| - // | | +-------------+ | | | |
|
| - // | +--------------------+ +--------------------+ |
|
| - // +-----------------------------------------------+
|
| - // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
|
| - &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentPolicy(policy1.get(), m_originC);
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultOnFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) {
|
| - // +-----------------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["self", "Origin B"]} |
|
| - // | +--------------------+ +--------------------+ |
|
| - // | |(2) Origin B | | (4) Origin C | |
|
| - // | |No Policy | | No Policy | |
|
| - // | | +-------------+ | | | |
|
| - // | | |(3)Origin C | | | | |
|
| - // | | |No Policy | | | | |
|
| - // | | +-------------+ | | | |
|
| - // | +--------------------+ +--------------------+ |
|
| - // +-----------------------------------------------+
|
| - // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and
|
| - // 4.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
|
| - &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentPolicy(policy1.get(), m_originC);
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy4->isFeatureEnabled(kDefaultSelfFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestFeaturesAreIndependent) {
|
| - // +-----------------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-self": ["self", "Origin B"], |
|
| - // | "default-on": ["self"]} |
|
| - // | +-------------------------------------------+ |
|
| - // | |(2) Origin B | |
|
| - // | |Policy: {"default-self": ["*"], | |
|
| - // | | "default-on": ["*"]} | |
|
| - // | | +-------------+ | |
|
| - // | | |(3)Origin C | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | +-------------------------------------------+ |
|
| - // +-----------------------------------------------+
|
| - // Default-self feature should be enabled in all frames; Default-on feature
|
| - // should be enabled in frame 1, and disabled in frames 2 and 3.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\", \"" ORIGIN_B
|
| - "\"], \"default-on\": [\"self\"]}",
|
| - m_originA.get(), &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentPolicy(policy1.get(), m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"*\"], \"default-on\": [\"*\"]}", m_originB.get(),
|
| - &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentPolicy(policy2.get(), m_originC);
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_TRUE(policy1->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy2->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy2->isFeatureEnabled(kDefaultOnFeature));
|
| - EXPECT_TRUE(policy3->isFeatureEnabled(kDefaultSelfFeature));
|
| - EXPECT_FALSE(policy3->isFeatureEnabled(kDefaultOnFeature));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) {
|
| - // +-----------------------------------------------+
|
| - // |(1) Origin A |
|
| - // |Policy: {"default-off": ["self", "Origin B"]} |
|
| - // +-----------------------------------------------+
|
| - // Features should be enabled by the policy in frame 1 for origins A and B,
|
| - // and disabled for origin C.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
|
| - &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
|
| -}
|
| -
|
| -// Test frame policies
|
| -
|
| -TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) {
|
| - // +-------------------------------------------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | |
|
| - // |<iframe policy='{"default-self": ["Origin B"]}'> |
|
| - // | +-------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // +-------------------------------------------------+
|
| - // Default-self feature should be enabled in cross-origin child frame because
|
| - // permission was delegated through frame policy.
|
| - // This is the same scenario as when the iframe is declared as
|
| - // <iframe allow="default-self">
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - WebParsedFeaturePolicyHeader framePolicy = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB);
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
|
| - EXPECT_TRUE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestAllOriginFramePolicy) {
|
| - // +------------------------------------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | |
|
| - // |<iframe policy='{"default-self": ["*"]}'> |
|
| - // | +-------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // +------------------------------------------+
|
| - // Default-self feature should be enabled in cross-origin child frame because
|
| - // permission was delegated through frame policy.
|
| - // This is the same scenario that arises when the iframe is declared as
|
| - // <iframe allowfullscreen>
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - WebParsedFeaturePolicyHeader framePolicy = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"*\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy, m_originB);
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
|
| - EXPECT_TRUE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestFramePolicyCanBeFurtherDelegated) {
|
| - // +-----------------------------------------------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | |
|
| - // |<iframe policy='{"default-self": ["Origin B"]}'> |
|
| - // | +-------------------------------------------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |No Policy | |
|
| - // | | | |
|
| - // | |<iframe policy='{"default-self": ["Origin C"]}'> | |
|
| - // | | +-------------+ | |
|
| - // | | |(3)Origin C | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | | | |
|
| - // | |<iframe> (No frame policy) | |
|
| - // | | +-------------+ | |
|
| - // | | |(4)Origin C | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | +-------------------------------------------------+ |
|
| - // +-----------------------------------------------------+
|
| - // Default-self feature should be enabled in cross-origin child frames 2 and
|
| - // 3. Feature should be disabled in frame 4 because it was not further
|
| - // delegated through frame policy.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
|
| - WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"" ORIGIN_C "\"]}", m_originB.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC);
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| - EXPECT_TRUE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
|
| - EXPECT_FALSE(
|
| - policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestDefaultOnCanBeDisabledByFramePolicy) {
|
| - // +-------------------------------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | |
|
| - // |<iframe policy='{"default-on": []}'> |
|
| - // | +-------------+ |
|
| - // | |(2)Origin A | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // | |
|
| - // |<iframe policy='{"default-on": []}'> |
|
| - // | +-------------+ |
|
| - // | |(3)Origin B | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // +-------------------------------------+
|
| - // Default-on feature should be disabled in both same-origin and cross-origin
|
| - // child frames because permission was removed through frame policy.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": []}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
|
| - WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-on\": []}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOnFeature, *m_originC));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestDefaultOffMustBeEnabledByChildFrame) {
|
| - // +------------------------------------------------+
|
| - // |(1)Origin A |
|
| - // |Policy: {"default-off": ["self"]} |
|
| - // | |
|
| - // |<iframe policy='{"default-off": ["Origin A"]}'> |
|
| - // | +-------------+ |
|
| - // | |(2)Origin A | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // | |
|
| - // |<iframe policy='{"default-off": ["Origin B"]}'> |
|
| - // | +-------------+ |
|
| - // | |(3)Origin B | |
|
| - // | |No Policy | |
|
| - // | +-------------+ |
|
| - // +------------------------------------------------+
|
| - // Default-off feature should be disabled in both same-origin and cross-origin
|
| - // child frames because they did not declare their own policy to enable it.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
|
| - WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"" ORIGIN_A "\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
|
| - WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestDefaultOffCanBeEnabledByChildFrame) {
|
| - // +------------------------------------------------+
|
| - // |(1)Origin A |
|
| - // |Policy: {"default-off": ["self"]} |
|
| - // | |
|
| - // |<iframe policy='{"default-off": ["Origin A"]}'> |
|
| - // | +--------------------------------------------+ |
|
| - // | |(2)Origin A | |
|
| - // | |Policy: {"default-off": ["self"]} | |
|
| - // | +--------------------------------------------+ |
|
| - // | |
|
| - // |<iframe policy='{"default-off": ["Origin B"]}'> |
|
| - // | +--------------------------------------------+ |
|
| - // | |(3)Origin B | |
|
| - // | |Policy: {"default-off": ["self"]} | |
|
| - // | +--------------------------------------------+ |
|
| - // +------------------------------------------------+
|
| - // Default-off feature should be enabled in both same-origin and cross-origin
|
| - // child frames because it is delegated through the parent's frame policy, and
|
| - // they declare their own policy to enable it.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
|
| - WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"" ORIGIN_A "\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originA);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"self\"]}", m_originA.get(), &messages));
|
| - WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
|
| - policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-off\": [\"self\"]}", m_originB.get(), &messages));
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
|
| - EXPECT_TRUE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originA));
|
| - EXPECT_TRUE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultOffFeature, *m_originC));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestFramePolicyModifiesHeaderPolicy) {
|
| - // +-----------------------------------------------+
|
| - // |(1)Origin A |
|
| - // |Policy: {"default-self": ["self", "Origin B"]} |
|
| - // | |
|
| - // |<iframe policy='{"default-self": []}'> |
|
| - // | +-------------------------------------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |No Policy | |
|
| - // | +-------------------------------------------+ |
|
| - // | |
|
| - // |<iframe policy='{"default-self": []}'> |
|
| - // | +-------------------------------------------+ |
|
| - // | |(3)Origin B | |
|
| - // | |Policy: {"default-self": ["self"]} | |
|
| - // | +-------------------------------------------+ |
|
| - // +-----------------------------------------------+
|
| - // Default-self feature should be disabled in both cross-origin child frames
|
| - // by frame policy, even though the parent frame's header policy would
|
| - // otherwise enable it. This is true regardless of the child frame's header
|
| - // policy.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - policy1->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\", \"" ORIGIN_B "\"]}", m_originA.get(),
|
| - &messages));
|
| - EXPECT_EQ(0UL, messages.size());
|
| - WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": []}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
|
| - WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": []}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy2, m_originB);
|
| - policy3->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"self\"]}", m_originB.get(), &messages));
|
| - EXPECT_FALSE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| -}
|
| -
|
| -TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) {
|
| - // +-------------------------------------------------+
|
| - // |(1)Origin A |
|
| - // |No Policy |
|
| - // | |
|
| - // |<iframe policy='{"default-self": ["Origin B"]}'> |
|
| - // | +---------------------------------------------+ |
|
| - // | |(2)Origin B | |
|
| - // | |Policy: {"default-self": ["*"]} | |
|
| - // | | | |
|
| - // | |<iframe policy='{"default-self": []}'> | |
|
| - // | | +-------------+ | |
|
| - // | | |(3)Origin C | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | | | |
|
| - // | |<iframe> (No frame policy) | |
|
| - // | | +-------------+ | |
|
| - // | | |(4)Origin C | | |
|
| - // | | |No Policy | | |
|
| - // | | +-------------+ | |
|
| - // | +---------------------------------------------+ |
|
| - // +-------------------------------------------------+
|
| - // Default-self feature should be enabled in cross-origin child frames 2 and
|
| - // 4. Feature should be disabled in frame 2 by frame policy.
|
| - Vector<String> messages;
|
| - std::unique_ptr<FeaturePolicy> policy1 =
|
| - createFromParentPolicy(nullptr, m_originA);
|
| - WebParsedFeaturePolicyHeader framePolicy1 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"" ORIGIN_B "\"]}", m_originA.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy2 =
|
| - createFromParentWithFramePolicy(policy1.get(), &framePolicy1, m_originB);
|
| - policy2->setHeaderPolicy(FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"*\"]}", m_originB.get(), &messages));
|
| - WebParsedFeaturePolicyHeader framePolicy2 = FeaturePolicy::parseFeaturePolicy(
|
| - "{\"default-self\": [\"\"]}", m_originC.get(), &messages);
|
| - EXPECT_EQ(0UL, messages.size());
|
| - std::unique_ptr<FeaturePolicy> policy3 =
|
| - createFromParentWithFramePolicy(policy2.get(), &framePolicy2, m_originC);
|
| - std::unique_ptr<FeaturePolicy> policy4 =
|
| - createFromParentWithFramePolicy(policy2.get(), nullptr, m_originC);
|
| - EXPECT_TRUE(
|
| - policy1->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originA));
|
| - EXPECT_TRUE(
|
| - policy2->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originB));
|
| - EXPECT_FALSE(
|
| - policy3->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
|
| - EXPECT_TRUE(
|
| - policy4->isFeatureEnabledForOrigin(kDefaultSelfFeature, *m_originC));
|
| + parsedPolicy[2].origins[0].get()));
|
| }
|
|
|
| } // namespace blink
|
|
|
Chromium Code Reviews
Issue 2656533004:
Remove unused blink::FeaturePolicy class. (Closed)
