| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/feature_policy/feature_policy.h" | 5 #include "content/common/feature_policy/feature_policy.h" |
| 6 | 6 |
| 7 #include "testing/gtest/include/gtest/gtest.h" | 7 #include "testing/gtest/include/gtest/gtest.h" |
| 8 #include "url/gurl.h" | 8 #include "url/gurl.h" |
| 9 | 9 |
| 10 namespace content { | 10 namespace content { |
| 11 | 11 |
| 12 namespace { | 12 namespace { |
| 13 | 13 |
| 14 // This is an example of a feature which should be enabled by default in all | 14 // This is an example of a feature which should be enabled by default in all |
| 15 // frames. | 15 // frames. |
| 16 const FeaturePolicy::Feature kDefaultOnFeatureDfn{ | 16 const FeaturePolicy::Feature kDefaultOnFeatureDfn{ |
| 17 "default-on", FeaturePolicy::FeatureDefault::EnableForAll}; | 17 kDefaultOnFeature, FeaturePolicy::FeatureDefault::EnableForAll}; |
| 18 | 18 |
| 19 // This is an example of a feature which should be enabled in top-level frames, | 19 // This is an example of a feature which should be enabled in top-level frames, |
| 20 // and same-origin child-frames, but must be delegated to all cross-origin | 20 // and same-origin child-frames, but must be delegated to all cross-origin |
| 21 // frames explicitly. | 21 // frames explicitly. |
| 22 const FeaturePolicy::Feature kDefaultSelfFeatureDfn{ | 22 const FeaturePolicy::Feature kDefaultSelfFeatureDfn{ |
| 23 "default-self", FeaturePolicy::FeatureDefault::EnableForSelf}; | 23 kDefaultSelfFeature, FeaturePolicy::FeatureDefault::EnableForSelf}; |
| 24 | 24 |
| 25 // This is an example of a feature which should be disabled by default, both in | 25 // This is an example of a feature which should be disabled by default, both in |
| 26 // top-level and nested frames. | 26 // top-level and nested frames. |
| 27 const FeaturePolicy::Feature kDefaultOffFeatureDfn{ | 27 const FeaturePolicy::Feature kDefaultOffFeatureDfn{ |
| 28 "default-off", FeaturePolicy::FeatureDefault::DisableForAll}; | 28 kDefaultOffFeature, FeaturePolicy::FeatureDefault::DisableForAll}; |
| 29 | 29 |
| 30 // Define the three new features for testing | 30 // Define the three new features for testing |
| 31 blink::WebFeaturePolicyFeature kDefaultOnFeature = | 31 blink::WebFeaturePolicyFeature kDefaultOnFeature = |
| 32 static_cast<blink::WebFeaturePolicyFeature>( | 32 static_cast<blink::WebFeaturePolicyFeature>( |
| 33 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 1); | 33 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 1); |
| 34 | 34 |
| 35 blink::WebFeaturePolicyFeature kDefaultSelfFeature = | 35 blink::WebFeaturePolicyFeature kDefaultSelfFeature = |
| 36 static_cast<blink::WebFeaturePolicyFeature>( | 36 static_cast<blink::WebFeaturePolicyFeature>( |
| 37 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 2); | 37 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 2); |
| 38 | 38 |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 138 // | |(2) Origin B | | | 138 // | |(2) Origin B | | |
| 139 // | |Policy: {"default-self": ["self"]} | | | 139 // | |Policy: {"default-self": ["self"]} | | |
| 140 // | +-----------------------------------+ | | 140 // | +-----------------------------------+ | |
| 141 // +---------------------------------------+ | 141 // +---------------------------------------+ |
| 142 // Default-self feature should be disabled in cross origin frame, even if no | 142 // Default-self feature should be disabled in cross origin frame, even if no |
| 143 // policy was specified in the parent frame. | 143 // policy was specified in the parent frame. |
| 144 std::unique_ptr<FeaturePolicy> policy1 = | 144 std::unique_ptr<FeaturePolicy> policy1 = |
| 145 CreateFromParentPolicy(nullptr, origin_a_); | 145 CreateFromParentPolicy(nullptr, origin_a_); |
| 146 std::unique_ptr<FeaturePolicy> policy2 = | 146 std::unique_ptr<FeaturePolicy> policy2 = |
| 147 CreateFromParentPolicy(policy1.get(), origin_b_); | 147 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 148 policy2->SetHeaderPolicy({{{"default-self", false, {origin_b_}}}}); | 148 policy2->SetHeaderPolicy({{{kDefaultSelfFeature false, {origin_b_}}}}); |
| 149 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 149 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 150 } | 150 } |
| 151 | 151 |
| 152 TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) { | 152 TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) { |
| 153 // +------------------------------------------+ | 153 // +------------------------------------------+ |
| 154 // |(1) Origin A | | 154 // |(1) Origin A | |
| 155 // |Policy: {"default-self": ["self"]} | | 155 // |Policy: {"default-self": ["self"]} | |
| 156 // | +-----------------+ +-----------------+ | | 156 // | +-----------------+ +-----------------+ | |
| 157 // | |(2) Origin A | |(4) Origin B | | | 157 // | |(2) Origin A | |(4) Origin B | | |
| 158 // | |No Policy | |No Policy | | | 158 // | |No Policy | |No Policy | | |
| 159 // | | +-------------+ | | +-------------+ | | | 159 // | | +-------------+ | | +-------------+ | | |
| 160 // | | |(3)Origin A | | | |(5)Origin B | | | | 160 // | | |(3)Origin A | | | |(5)Origin B | | | |
| 161 // | | |No Policy | | | |No Policy | | | | 161 // | | |No Policy | | | |No Policy | | | |
| 162 // | | +-------------+ | | +-------------+ | | | 162 // | | +-------------+ | | +-------------+ | | |
| 163 // | +-----------------+ +-----------------+ | | 163 // | +-----------------+ +-----------------+ | |
| 164 // +------------------------------------------+ | 164 // +------------------------------------------+ |
| 165 // Feature should be enabled at the top-level, and through the chain of | 165 // Feature should be enabled at the top-level, and through the chain of |
| 166 // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as | 166 // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as |
| 167 // they are at a different origin. | 167 // they are at a different origin. |
| 168 std::unique_ptr<FeaturePolicy> policy1 = | 168 std::unique_ptr<FeaturePolicy> policy1 = |
| 169 CreateFromParentPolicy(nullptr, origin_a_); | 169 CreateFromParentPolicy(nullptr, origin_a_); |
| 170 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_}}}}); | 170 policy1->SetHeaderPolicy({{{kDefaultSelfFeature false, {origin_a_}}}}); |
| 171 std::unique_ptr<FeaturePolicy> policy2 = | 171 std::unique_ptr<FeaturePolicy> policy2 = |
| 172 CreateFromParentPolicy(policy1.get(), origin_a_); | 172 CreateFromParentPolicy(policy1.get(), origin_a_); |
| 173 std::unique_ptr<FeaturePolicy> policy3 = | 173 std::unique_ptr<FeaturePolicy> policy3 = |
| 174 CreateFromParentPolicy(policy2.get(), origin_a_); | 174 CreateFromParentPolicy(policy2.get(), origin_a_); |
| 175 std::unique_ptr<FeaturePolicy> policy4 = | 175 std::unique_ptr<FeaturePolicy> policy4 = |
| 176 CreateFromParentPolicy(policy1.get(), origin_b_); | 176 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 177 std::unique_ptr<FeaturePolicy> policy5 = | 177 std::unique_ptr<FeaturePolicy> policy5 = |
| 178 CreateFromParentPolicy(policy4.get(), origin_b_); | 178 CreateFromParentPolicy(policy4.get(), origin_b_); |
| 179 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 179 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 180 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 180 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| (...skipping 11 matching lines...) Expand all Loading... |
| 192 // | | +-------------+ | | | 192 // | | +-------------+ | | |
| 193 // | | |(3)Origin A | | | | 193 // | | |(3)Origin A | | | |
| 194 // | | |No Policy | | | | 194 // | | |No Policy | | | |
| 195 // | | +-------------+ | | | 195 // | | +-------------+ | | |
| 196 // | +-----------------+ | | 196 // | +-----------------+ | |
| 197 // +-----------------------------------+ | 197 // +-----------------------------------+ |
| 198 // Feature which is enabled at top-level should be disabled in frame 3, as | 198 // Feature which is enabled at top-level should be disabled in frame 3, as |
| 199 // it is embedded by frame 2, for which the feature is not enabled. | 199 // it is embedded by frame 2, for which the feature is not enabled. |
| 200 std::unique_ptr<FeaturePolicy> policy1 = | 200 std::unique_ptr<FeaturePolicy> policy1 = |
| 201 CreateFromParentPolicy(nullptr, origin_a_); | 201 CreateFromParentPolicy(nullptr, origin_a_); |
| 202 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_}}}}); | 202 policy1->SetHeaderPolicy({{{kDefaultSelfFeature false, {origin_a_}}}}); |
| 203 std::unique_ptr<FeaturePolicy> policy2 = | 203 std::unique_ptr<FeaturePolicy> policy2 = |
| 204 CreateFromParentPolicy(policy1.get(), origin_b_); | 204 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 205 std::unique_ptr<FeaturePolicy> policy3 = | 205 std::unique_ptr<FeaturePolicy> policy3 = |
| 206 CreateFromParentPolicy(policy2.get(), origin_a_); | 206 CreateFromParentPolicy(policy2.get(), origin_a_); |
| 207 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 207 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 208 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 208 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 209 } | 209 } |
| 210 | 210 |
| 211 TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) { | 211 TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) { |
| 212 // +------------------------------------------+ | 212 // +------------------------------------------+ |
| 213 // |(1) Origin A | | 213 // |(1) Origin A | |
| 214 // |Policy: {"default-self": ["Origin B"]} | | 214 // |Policy: {"default-self": ["Origin B"]} | |
| 215 // | +-----------------+ +-----------------+ | | 215 // | +-----------------+ +-----------------+ | |
| 216 // | |(2) Origin B | |(3) Origin C | | | 216 // | |(2) Origin B | |(3) Origin C | | |
| 217 // | |No Policy | |No Policy | | | 217 // | |No Policy | |No Policy | | |
| 218 // | | | | +-------------+ | | | 218 // | | | | +-------------+ | | |
| 219 // | | | | |(4)Origin B | | | | 219 // | | | | |(4)Origin B | | | |
| 220 // | | | | |No Policy | | | | 220 // | | | | |No Policy | | | |
| 221 // | | | | +-------------+ | | | 221 // | | | | +-------------+ | | |
| 222 // | +-----------------+ +-----------------+ | | 222 // | +-----------------+ +-----------------+ | |
| 223 // +------------------------------------------+ | 223 // +------------------------------------------+ |
| 224 // Feature should be enabled in second level Origin B frame, but disabled in | 224 // Feature should be enabled in second level Origin B frame, but disabled in |
| 225 // Frame 4, because it is embedded by frame 3, where the feature is not | 225 // Frame 4, because it is embedded by frame 3, where the feature is not |
| 226 // enabled. | 226 // enabled. |
| 227 std::unique_ptr<FeaturePolicy> policy1 = | 227 std::unique_ptr<FeaturePolicy> policy1 = |
| 228 CreateFromParentPolicy(nullptr, origin_a_); | 228 CreateFromParentPolicy(nullptr, origin_a_); |
| 229 policy1->SetHeaderPolicy({{{"default-self", false, {origin_b_}}}}); | 229 policy1->SetHeaderPolicy({{{kDefaultSelfFeature false, {origin_b_}}}}); |
| 230 std::unique_ptr<FeaturePolicy> policy2 = | 230 std::unique_ptr<FeaturePolicy> policy2 = |
| 231 CreateFromParentPolicy(policy1.get(), origin_b_); | 231 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 232 std::unique_ptr<FeaturePolicy> policy3 = | 232 std::unique_ptr<FeaturePolicy> policy3 = |
| 233 CreateFromParentPolicy(policy1.get(), origin_c_); | 233 CreateFromParentPolicy(policy1.get(), origin_c_); |
| 234 std::unique_ptr<FeaturePolicy> policy4 = | 234 std::unique_ptr<FeaturePolicy> policy4 = |
| 235 CreateFromParentPolicy(policy3.get(), origin_b_); | 235 CreateFromParentPolicy(policy3.get(), origin_b_); |
| 236 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 236 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 237 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 237 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 238 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | 238 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); |
| 239 } | 239 } |
| 240 | 240 |
| 241 TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) { | 241 TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) { |
| 242 // +----------------------------+ | 242 // +----------------------------+ |
| 243 // |(1)Origin A | | 243 // |(1)Origin A | |
| 244 // |Policy: {"default-on": []} | | 244 // |Policy: {"default-on": []} | |
| 245 // +----------------------------+ | 245 // +----------------------------+ |
| 246 // Default-on feature should be disabled in top-level frame. | 246 // Default-on feature should be disabled in top-level frame. |
| 247 std::unique_ptr<FeaturePolicy> policy1 = | 247 std::unique_ptr<FeaturePolicy> policy1 = |
| 248 CreateFromParentPolicy(nullptr, origin_a_); | 248 CreateFromParentPolicy(nullptr, origin_a_); |
| 249 policy1->SetHeaderPolicy( | 249 policy1->SetHeaderPolicy( |
| 250 {{{"default-on", false, std::vector<url::Origin>()}}}); | 250 {{{kDefaultOnFeature, false, std::vector<url::Origin>()}}}); |
| 251 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | 251 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); |
| 252 } | 252 } |
| 253 | 253 |
| 254 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) { | 254 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) { |
| 255 // +----------------------------+ | 255 // +----------------------------+ |
| 256 // |(1)Origin A | | 256 // |(1)Origin A | |
| 257 // |Policy: {"default-on": []} | | 257 // |Policy: {"default-on": []} | |
| 258 // | +-------------+ | | 258 // | +-------------+ | |
| 259 // | |(2)Origin A | | | 259 // | |(2)Origin A | | |
| 260 // | |No Policy | | | 260 // | |No Policy | | |
| 261 // | +-------------+ | | 261 // | +-------------+ | |
| 262 // +----------------------------+ | 262 // +----------------------------+ |
| 263 // Feature should be disabled in child frame. | 263 // Feature should be disabled in child frame. |
| 264 std::unique_ptr<FeaturePolicy> policy1 = | 264 std::unique_ptr<FeaturePolicy> policy1 = |
| 265 CreateFromParentPolicy(nullptr, origin_a_); | 265 CreateFromParentPolicy(nullptr, origin_a_); |
| 266 policy1->SetHeaderPolicy( | 266 policy1->SetHeaderPolicy( |
| 267 {{{"default-on", false, std::vector<url::Origin>()}}}); | 267 {{{kDefaultOnFeature, false, std::vector<url::Origin>()}}}); |
| 268 std::unique_ptr<FeaturePolicy> policy2 = | 268 std::unique_ptr<FeaturePolicy> policy2 = |
| 269 CreateFromParentPolicy(policy1.get(), origin_a_); | 269 CreateFromParentPolicy(policy1.get(), origin_a_); |
| 270 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 270 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
| 271 } | 271 } |
| 272 | 272 |
| 273 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) { | 273 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) { |
| 274 // +--------------------------------+ | 274 // +--------------------------------+ |
| 275 // |(1)Origin A | | 275 // |(1)Origin A | |
| 276 // |No Policy | | 276 // |No Policy | |
| 277 // | +----------------------------+ | | 277 // | +----------------------------+ | |
| 278 // | |(2)Origin B | | | 278 // | |(2)Origin B | | |
| 279 // | |Policy: {"default-on": []} | | | 279 // | |Policy: {"default-on": []} | | |
| 280 // | +----------------------------+ | | 280 // | +----------------------------+ | |
| 281 // +--------------------------------+ | 281 // +--------------------------------+ |
| 282 // Default-on feature should be disabled by cross-origin child frame. | 282 // Default-on feature should be disabled by cross-origin child frame. |
| 283 std::unique_ptr<FeaturePolicy> policy1 = | 283 std::unique_ptr<FeaturePolicy> policy1 = |
| 284 CreateFromParentPolicy(nullptr, origin_a_); | 284 CreateFromParentPolicy(nullptr, origin_a_); |
| 285 std::unique_ptr<FeaturePolicy> policy2 = | 285 std::unique_ptr<FeaturePolicy> policy2 = |
| 286 CreateFromParentPolicy(policy1.get(), origin_b_); | 286 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 287 policy2->SetHeaderPolicy( | 287 policy2->SetHeaderPolicy( |
| 288 {{{"default-on", false, std::vector<url::Origin>()}}}); | 288 {{{kDefaultOnFeature, false, std::vector<url::Origin>()}}}); |
| 289 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 289 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
| 290 } | 290 } |
| 291 | 291 |
| 292 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) { | 292 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) { |
| 293 // +--------------------------------------+ | 293 // +--------------------------------------+ |
| 294 // |(1)Origin A | | 294 // |(1)Origin A | |
| 295 // |No Policy | | 295 // |No Policy | |
| 296 // | +----------------------------------+ | | 296 // | +----------------------------------+ | |
| 297 // | |(2)Origin B | | | 297 // | |(2)Origin B | | |
| 298 // | |Policy: {"default-on": ["self"]} | | | 298 // | |Policy: {"default-on": ["self"]} | | |
| 299 // | | +-------------+ | | | 299 // | | +-------------+ | | |
| 300 // | | |(3)Origin C | | | | 300 // | | |(3)Origin C | | | |
| 301 // | | |No Policy | | | | 301 // | | |No Policy | | | |
| 302 // | | +-------------+ | | | 302 // | | +-------------+ | | |
| 303 // | +----------------------------------+ | | 303 // | +----------------------------------+ | |
| 304 // +--------------------------------------+ | 304 // +--------------------------------------+ |
| 305 // Default-on feature should be enabled in frames 1 and 2; disabled in frame | 305 // Default-on feature should be enabled in frames 1 and 2; disabled in frame |
| 306 // 3 by child frame policy. | 306 // 3 by child frame policy. |
| 307 std::unique_ptr<FeaturePolicy> policy1 = | 307 std::unique_ptr<FeaturePolicy> policy1 = |
| 308 CreateFromParentPolicy(nullptr, origin_a_); | 308 CreateFromParentPolicy(nullptr, origin_a_); |
| 309 std::unique_ptr<FeaturePolicy> policy2 = | 309 std::unique_ptr<FeaturePolicy> policy2 = |
| 310 CreateFromParentPolicy(policy1.get(), origin_b_); | 310 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 311 policy2->SetHeaderPolicy({{{"default-on", false, {origin_b_}}}}); | 311 policy2->SetHeaderPolicy({{{kDefaultOnFeature, false, {origin_b_}}}}); |
| 312 std::unique_ptr<FeaturePolicy> policy3 = | 312 std::unique_ptr<FeaturePolicy> policy3 = |
| 313 CreateFromParentPolicy(policy2.get(), origin_c_); | 313 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 314 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 314 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
| 315 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | 315 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); |
| 316 } | 316 } |
| 317 | 317 |
| 318 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) { | 318 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) { |
| 319 // +----------------------------+ | 319 // +----------------------------+ |
| 320 // |(1)Origin A | | 320 // |(1)Origin A | |
| 321 // |Policy: {"default-on": []} | | 321 // |Policy: {"default-on": []} | |
| 322 // | +-------------+ | | 322 // | +-------------+ | |
| 323 // | |(2)Origin B | | | 323 // | |(2)Origin B | | |
| 324 // | |No Policy | | | 324 // | |No Policy | | |
| 325 // | +-------------+ | | 325 // | +-------------+ | |
| 326 // +----------------------------+ | 326 // +----------------------------+ |
| 327 // Default-on feature should be disabled in cross-origin child frame. | 327 // Default-on feature should be disabled in cross-origin child frame. |
| 328 std::unique_ptr<FeaturePolicy> policy1 = | 328 std::unique_ptr<FeaturePolicy> policy1 = |
| 329 CreateFromParentPolicy(nullptr, origin_a_); | 329 CreateFromParentPolicy(nullptr, origin_a_); |
| 330 policy1->SetHeaderPolicy( | 330 policy1->SetHeaderPolicy( |
| 331 {{{"default-on", false, std::vector<url::Origin>()}}}); | 331 {{{kDefaultOnFeature, false, std::vector<url::Origin>()}}}); |
| 332 std::unique_ptr<FeaturePolicy> policy2 = | 332 std::unique_ptr<FeaturePolicy> policy2 = |
| 333 CreateFromParentPolicy(policy1.get(), origin_b_); | 333 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 334 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 334 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
| 335 } | 335 } |
| 336 | 336 |
| 337 TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) { | 337 TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) { |
| 338 // +--------------------------------+ | 338 // +--------------------------------+ |
| 339 // |(1) Origin A | | 339 // |(1) Origin A | |
| 340 // |Policy: {"default-self": ["*"]} | | 340 // |Policy: {"default-self": ["*"]} | |
| 341 // | +-----------------+ | | 341 // | +-----------------+ | |
| 342 // | |(2) Origin B | | | 342 // | |(2) Origin B | | |
| 343 // | |No Policy | | | 343 // | |No Policy | | |
| 344 // | | +-------------+ | | | 344 // | | +-------------+ | | |
| 345 // | | |(3)Origin A | | | | 345 // | | |(3)Origin A | | | |
| 346 // | | |No Policy | | | | 346 // | | |No Policy | | | |
| 347 // | | +-------------+ | | | 347 // | | +-------------+ | | |
| 348 // | +-----------------+ | | 348 // | +-----------------+ | |
| 349 // +--------------------------------+ | 349 // +--------------------------------+ |
| 350 // Feature should be enabled in top and second level; disabled in frame 3. | 350 // Feature should be enabled in top and second level; disabled in frame 3. |
| 351 std::unique_ptr<FeaturePolicy> policy1 = | 351 std::unique_ptr<FeaturePolicy> policy1 = |
| 352 CreateFromParentPolicy(nullptr, origin_a_); | 352 CreateFromParentPolicy(nullptr, origin_a_); |
| 353 policy1->SetHeaderPolicy( | 353 policy1->SetHeaderPolicy( |
| 354 {{{"default-self", true, std::vector<url::Origin>()}}}); | 354 {{{kDefaultSelfFeature true, std::vector<url::Origin>()}}}); |
| 355 std::unique_ptr<FeaturePolicy> policy2 = | 355 std::unique_ptr<FeaturePolicy> policy2 = |
| 356 CreateFromParentPolicy(policy1.get(), origin_b_); | 356 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 357 std::unique_ptr<FeaturePolicy> policy3 = | 357 std::unique_ptr<FeaturePolicy> policy3 = |
| 358 CreateFromParentPolicy(policy2.get(), origin_a_); | 358 CreateFromParentPolicy(policy2.get(), origin_a_); |
| 359 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 359 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
| 360 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 360 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 361 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 361 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 362 } | 362 } |
| 363 | 363 |
| 364 TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) { | 364 TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) { |
| 365 // +---------------------------------------+ | 365 // +---------------------------------------+ |
| 366 // |(1) Origin A | | 366 // |(1) Origin A | |
| 367 // |Policy: {"default-on": ["Origin B"]} | | 367 // |Policy: {"default-on": ["Origin B"]} | |
| 368 // | +-----------------------------------+ | | 368 // | +-----------------------------------+ | |
| 369 // | |(2) Origin B | | | 369 // | |(2) Origin B | | |
| 370 // | |No Policy | | | 370 // | |No Policy | | |
| 371 // | | +-------------+ +-------------+ | | | 371 // | | +-------------+ +-------------+ | | |
| 372 // | | |(3)Origin B | |(4)Origin C | | | | 372 // | | |(3)Origin B | |(4)Origin C | | | |
| 373 // | | |No Policy | |No Policy | | | | 373 // | | |No Policy | |No Policy | | | |
| 374 // | | +-------------+ +-------------+ | | | 374 // | | +-------------+ +-------------+ | | |
| 375 // | +-----------------------------------+ | | 375 // | +-----------------------------------+ | |
| 376 // +---------------------------------------+ | 376 // +---------------------------------------+ |
| 377 // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4. | 377 // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4. |
| 378 std::unique_ptr<FeaturePolicy> policy1 = | 378 std::unique_ptr<FeaturePolicy> policy1 = |
| 379 CreateFromParentPolicy(nullptr, origin_a_); | 379 CreateFromParentPolicy(nullptr, origin_a_); |
| 380 policy1->SetHeaderPolicy({{{"default-on", false, {origin_b_}}}}); | 380 policy1->SetHeaderPolicy({{{kDefaultOnFeature, false, {origin_b_}}}}); |
| 381 std::unique_ptr<FeaturePolicy> policy2 = | 381 std::unique_ptr<FeaturePolicy> policy2 = |
| 382 CreateFromParentPolicy(policy1.get(), origin_b_); | 382 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 383 std::unique_ptr<FeaturePolicy> policy3 = | 383 std::unique_ptr<FeaturePolicy> policy3 = |
| 384 CreateFromParentPolicy(policy2.get(), origin_b_); | 384 CreateFromParentPolicy(policy2.get(), origin_b_); |
| 385 std::unique_ptr<FeaturePolicy> policy4 = | 385 std::unique_ptr<FeaturePolicy> policy4 = |
| 386 CreateFromParentPolicy(policy2.get(), origin_c_); | 386 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 387 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | 387 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); |
| 388 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 388 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
| 389 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | 389 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); |
| 390 EXPECT_TRUE(policy4->IsFeatureEnabled(kDefaultOnFeature)); | 390 EXPECT_TRUE(policy4->IsFeatureEnabled(kDefaultOnFeature)); |
| 391 } | 391 } |
| 392 | 392 |
| 393 TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) { | 393 TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) { |
| 394 // +---------------------------------------+ | 394 // +---------------------------------------+ |
| 395 // |(1) Origin A | | 395 // |(1) Origin A | |
| 396 // |Policy: {"default-self": ["Origin B"]} | | 396 // |Policy: {"default-self": ["Origin B"]} | |
| 397 // | +-----------------------------------+ | | 397 // | +-----------------------------------+ | |
| 398 // | |(2) Origin B | | | 398 // | |(2) Origin B | | |
| 399 // | |No Policy | | | 399 // | |No Policy | | |
| 400 // | | +-------------+ +-------------+ | | | 400 // | | +-------------+ +-------------+ | | |
| 401 // | | |(3)Origin B | |(4)Origin C | | | | 401 // | | |(3)Origin B | |(4)Origin C | | | |
| 402 // | | |No Policy | |No Policy | | | | 402 // | | |No Policy | |No Policy | | | |
| 403 // | | +-------------+ +-------------+ | | | 403 // | | +-------------+ +-------------+ | | |
| 404 // | +-----------------------------------+ | | 404 // | +-----------------------------------+ | |
| 405 // +---------------------------------------+ | 405 // +---------------------------------------+ |
| 406 // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3. | 406 // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3. |
| 407 std::unique_ptr<FeaturePolicy> policy1 = | 407 std::unique_ptr<FeaturePolicy> policy1 = |
| 408 CreateFromParentPolicy(nullptr, origin_a_); | 408 CreateFromParentPolicy(nullptr, origin_a_); |
| 409 policy1->SetHeaderPolicy({{{"default-self", false, {origin_b_}}}}); | 409 policy1->SetHeaderPolicy({{{kDefaultSelfFeature false, {origin_b_}}}}); |
| 410 std::unique_ptr<FeaturePolicy> policy2 = | 410 std::unique_ptr<FeaturePolicy> policy2 = |
| 411 CreateFromParentPolicy(policy1.get(), origin_b_); | 411 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 412 std::unique_ptr<FeaturePolicy> policy3 = | 412 std::unique_ptr<FeaturePolicy> policy3 = |
| 413 CreateFromParentPolicy(policy2.get(), origin_b_); | 413 CreateFromParentPolicy(policy2.get(), origin_b_); |
| 414 std::unique_ptr<FeaturePolicy> policy4 = | 414 std::unique_ptr<FeaturePolicy> policy4 = |
| 415 CreateFromParentPolicy(policy2.get(), origin_c_); | 415 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 416 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 416 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
| 417 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 417 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 418 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 418 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 419 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | 419 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); |
| 420 } | 420 } |
| 421 | 421 |
| 422 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) { | 422 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) { |
| 423 // +------------------------------------------------------------+ | 423 // +------------------------------------------------------------+ |
| 424 // |(1) Origin A | | 424 // |(1) Origin A | |
| 425 // |Policy: {"default-off": ["Origin B"]} | | 425 // |Policy: {"default-off": ["Origin B"]} | |
| 426 // | +--------------------------------------------------------+ | | 426 // | +--------------------------------------------------------+ | |
| 427 // | |(2) Origin B | | | 427 // | |(2) Origin B | | |
| 428 // | |Policy: {"default-off": ["self"]} | | | 428 // | |Policy: {"default-off": ["self"]} | | |
| 429 // | | +-------------+ +----------------------------------+ | | | 429 // | | +-------------+ +----------------------------------+ | | |
| 430 // | | |(3)Origin B | |(4)Origin C | | | | 430 // | | |(3)Origin B | |(4)Origin C | | | |
| 431 // | | |No Policy | |Policy: {"default-off": ["self"]} | | | | 431 // | | |No Policy | |Policy: {"default-off": ["self"]} | | | |
| 432 // | | +-------------+ +----------------------------------+ | | | 432 // | | +-------------+ +----------------------------------+ | | |
| 433 // | +--------------------------------------------------------+ | | 433 // | +--------------------------------------------------------+ | |
| 434 // +------------------------------------------------------------+ | 434 // +------------------------------------------------------------+ |
| 435 // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only. | 435 // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only. |
| 436 std::unique_ptr<FeaturePolicy> policy1 = | 436 std::unique_ptr<FeaturePolicy> policy1 = |
| 437 CreateFromParentPolicy(nullptr, origin_a_); | 437 CreateFromParentPolicy(nullptr, origin_a_); |
| 438 policy1->SetHeaderPolicy({{{"default-off", false, {origin_b_}}}}); | 438 policy1->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_b_}}}}); |
| 439 std::unique_ptr<FeaturePolicy> policy2 = | 439 std::unique_ptr<FeaturePolicy> policy2 = |
| 440 CreateFromParentPolicy(policy1.get(), origin_b_); | 440 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 441 policy2->SetHeaderPolicy({{{"default-off", false, {origin_b_}}}}); | 441 policy2->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_b_}}}}); |
| 442 std::unique_ptr<FeaturePolicy> policy3 = | 442 std::unique_ptr<FeaturePolicy> policy3 = |
| 443 CreateFromParentPolicy(policy2.get(), origin_b_); | 443 CreateFromParentPolicy(policy2.get(), origin_b_); |
| 444 std::unique_ptr<FeaturePolicy> policy4 = | 444 std::unique_ptr<FeaturePolicy> policy4 = |
| 445 CreateFromParentPolicy(policy2.get(), origin_c_); | 445 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 446 policy4->SetHeaderPolicy({{{"default-off", false, {origin_c_}}}}); | 446 policy4->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_c_}}}}); |
| 447 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOffFeature)); | 447 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOffFeature)); |
| 448 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOffFeature)); | 448 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOffFeature)); |
| 449 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOffFeature)); | 449 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOffFeature)); |
| 450 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOffFeature)); | 450 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOffFeature)); |
| 451 } | 451 } |
| 452 | 452 |
| 453 TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) { | 453 TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) { |
| 454 // +------------------------------------+ | 454 // +------------------------------------+ |
| 455 // |(1) Origin A | | 455 // |(1) Origin A | |
| 456 // |Policy: {"default-self": ["*"]} | | 456 // |Policy: {"default-self": ["*"]} | |
| 457 // | +--------------------------------+ | | 457 // | +--------------------------------+ | |
| 458 // | |(2) Origin B | | | 458 // | |(2) Origin B | | |
| 459 // | |Policy: {"default-self": ["*"]} | | | 459 // | |Policy: {"default-self": ["*"]} | | |
| 460 // | | +-------------+ | | | 460 // | | +-------------+ | | |
| 461 // | | |(3)Origin A | | | | 461 // | | |(3)Origin A | | | |
| 462 // | | |No Policy | | | | 462 // | | |No Policy | | | |
| 463 // | | +-------------+ | | | 463 // | | +-------------+ | | |
| 464 // | +--------------------------------+ | | 464 // | +--------------------------------+ | |
| 465 // +------------------------------------+ | 465 // +------------------------------------+ |
| 466 // Feature should be enabled in all frames. | 466 // Feature should be enabled in all frames. |
| 467 std::unique_ptr<FeaturePolicy> policy1 = | 467 std::unique_ptr<FeaturePolicy> policy1 = |
| 468 CreateFromParentPolicy(nullptr, origin_a_); | 468 CreateFromParentPolicy(nullptr, origin_a_); |
| 469 policy1->SetHeaderPolicy( | 469 policy1->SetHeaderPolicy( |
| 470 {{{"default-self", true, std::vector<url::Origin>()}}}); | 470 {{{kDefaultSelfFeature true, std::vector<url::Origin>()}}}); |
| 471 std::unique_ptr<FeaturePolicy> policy2 = | 471 std::unique_ptr<FeaturePolicy> policy2 = |
| 472 CreateFromParentPolicy(policy1.get(), origin_b_); | 472 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 473 policy2->SetHeaderPolicy( | 473 policy2->SetHeaderPolicy( |
| 474 {{{"default-self", true, std::vector<url::Origin>()}}}); | 474 {{{kDefaultSelfFeature true, std::vector<url::Origin>()}}}); |
| 475 std::unique_ptr<FeaturePolicy> policy3 = | 475 std::unique_ptr<FeaturePolicy> policy3 = |
| 476 CreateFromParentPolicy(policy2.get(), origin_a_); | 476 CreateFromParentPolicy(policy2.get(), origin_a_); |
| 477 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 477 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
| 478 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 478 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 479 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 479 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 480 } | 480 } |
| 481 | 481 |
| 482 TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) { | 482 TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) { |
| 483 // +--------------------------------------+ | 483 // +--------------------------------------+ |
| 484 // |(1)Origin A | | 484 // |(1)Origin A | |
| 485 // |Policy: {"default-self": ["self"]} | | 485 // |Policy: {"default-self": ["self"]} | |
| 486 // | +----------------------------------+ | | 486 // | +----------------------------------+ | |
| 487 // | |(2)Origin B | | | 487 // | |(2)Origin B | | |
| 488 // | |Policy: {"default-self": ["*"]} | | | 488 // | |Policy: {"default-self": ["*"]} | | |
| 489 // | | +-------------+ +-------------+ | | | 489 // | | +-------------+ +-------------+ | | |
| 490 // | | |(3)Origin A | |(4)Origin C | | | | 490 // | | |(3)Origin A | |(4)Origin C | | | |
| 491 // | | |No Policy | |No Policy | | | | 491 // | | |No Policy | |No Policy | | | |
| 492 // | | +-------------+ +-------------+ | | | 492 // | | +-------------+ +-------------+ | | |
| 493 // | +----------------------------------+ | | 493 // | +----------------------------------+ | |
| 494 // +--------------------------------------+ | 494 // +--------------------------------------+ |
| 495 // Feature should be enabled at the top level; disabled in all other frames. | 495 // Feature should be enabled at the top level; disabled in all other frames. |
| 496 std::unique_ptr<FeaturePolicy> policy1 = | 496 std::unique_ptr<FeaturePolicy> policy1 = |
| 497 CreateFromParentPolicy(nullptr, origin_a_); | 497 CreateFromParentPolicy(nullptr, origin_a_); |
| 498 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_}}}}); | 498 policy1->SetHeaderPolicy({{{kDefaultSelfFeature false, {origin_a_}}}}); |
| 499 std::unique_ptr<FeaturePolicy> policy2 = | 499 std::unique_ptr<FeaturePolicy> policy2 = |
| 500 CreateFromParentPolicy(policy1.get(), origin_b_); | 500 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 501 policy2->SetHeaderPolicy( | 501 policy2->SetHeaderPolicy( |
| 502 {{{"default-self", true, std::vector<url::Origin>()}}}); | 502 {{{kDefaultSelfFeature true, std::vector<url::Origin>()}}}); |
| 503 std::unique_ptr<FeaturePolicy> policy3 = | 503 std::unique_ptr<FeaturePolicy> policy3 = |
| 504 CreateFromParentPolicy(policy2.get(), origin_a_); | 504 CreateFromParentPolicy(policy2.get(), origin_a_); |
| 505 std::unique_ptr<FeaturePolicy> policy4 = | 505 std::unique_ptr<FeaturePolicy> policy4 = |
| 506 CreateFromParentPolicy(policy2.get(), origin_c_); | 506 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 507 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 507 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
| 508 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 508 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 509 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 509 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 510 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | 510 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); |
| 511 } | 511 } |
| 512 | 512 |
| 513 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) { | 513 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) { |
| 514 // +---------------------------------------------------+ | 514 // +---------------------------------------------------+ |
| 515 // |(1) Origin A | | 515 // |(1) Origin A | |
| 516 // |Policy: {"default-self": ["self", "Origin B"]} | | 516 // |Policy: {"default-self": ["self", "Origin B"]} | |
| 517 // | +-----------------------------------------------+ | | 517 // | +-----------------------------------------------+ | |
| 518 // | |(2) Origin B | | | 518 // | |(2) Origin B | | |
| 519 // | |Policy: {"default-self": ["self", "Origin C"]} | | | 519 // | |Policy: {"default-self": ["self", "Origin C"]} | | |
| 520 // | | +-------------+ | | | 520 // | | +-------------+ | | |
| 521 // | | |(3)Origin C | | | | 521 // | | |(3)Origin C | | | |
| 522 // | | |No Policy | | | | 522 // | | |No Policy | | | |
| 523 // | | +-------------+ | | | 523 // | | +-------------+ | | |
| 524 // | +-----------------------------------------------+ | | 524 // | +-----------------------------------------------+ | |
| 525 // +---------------------------------------------------+ | 525 // +---------------------------------------------------+ |
| 526 // Feature should be enabled in all frames. | 526 // Feature should be enabled in all frames. |
| 527 std::unique_ptr<FeaturePolicy> policy1 = | 527 std::unique_ptr<FeaturePolicy> policy1 = |
| 528 CreateFromParentPolicy(nullptr, origin_a_); | 528 CreateFromParentPolicy(nullptr, origin_a_); |
| 529 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_, origin_b_}}}}); | 529 policy1->SetHeaderPolicy( |
| 530 {{{kDefaultSelfFeature false, {origin_a_, origin_b_}}}}); |
| 530 std::unique_ptr<FeaturePolicy> policy2 = | 531 std::unique_ptr<FeaturePolicy> policy2 = |
| 531 CreateFromParentPolicy(policy1.get(), origin_b_); | 532 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 532 policy2->SetHeaderPolicy({{{"default-self", false, {origin_b_, origin_c_}}}}); | 533 policy2->SetHeaderPolicy( |
| 534 {{{kDefaultSelfFeature false, {origin_b_, origin_c_}}}}); |
| 533 std::unique_ptr<FeaturePolicy> policy3 = | 535 std::unique_ptr<FeaturePolicy> policy3 = |
| 534 CreateFromParentPolicy(policy2.get(), origin_c_); | 536 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 535 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 537 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
| 536 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 538 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 537 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 539 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 538 } | 540 } |
| 539 | 541 |
| 540 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) { | 542 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) { |
| 541 // +-----------------------------------------------+ | 543 // +-----------------------------------------------+ |
| 542 // |(1) Origin A | | 544 // |(1) Origin A | |
| 543 // |Policy: {"default-on": ["self", "Origin B"]} | | 545 // |Policy: {"default-on": ["self", "Origin B"]} | |
| 544 // | +--------------------+ +--------------------+ | | 546 // | +--------------------+ +--------------------+ | |
| 545 // | |(2) Origin B | | (4) Origin C | | | 547 // | |(2) Origin B | | (4) Origin C | | |
| 546 // | |No Policy | | No Policy | | | 548 // | |No Policy | | No Policy | | |
| 547 // | | +-------------+ | | | | | 549 // | | +-------------+ | | | | |
| 548 // | | |(3)Origin C | | | | | | 550 // | | |(3)Origin C | | | | | |
| 549 // | | |No Policy | | | | | | 551 // | | |No Policy | | | | | |
| 550 // | | +-------------+ | | | | | 552 // | | +-------------+ | | | | |
| 551 // | +--------------------+ +--------------------+ | | 553 // | +--------------------+ +--------------------+ | |
| 552 // +-----------------------------------------------+ | 554 // +-----------------------------------------------+ |
| 553 // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4. | 555 // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4. |
| 554 std::unique_ptr<FeaturePolicy> policy1 = | 556 std::unique_ptr<FeaturePolicy> policy1 = |
| 555 CreateFromParentPolicy(nullptr, origin_a_); | 557 CreateFromParentPolicy(nullptr, origin_a_); |
| 556 policy1->SetHeaderPolicy({{{"default-on", false, {origin_a_, origin_b_}}}}); | 558 policy1->SetHeaderPolicy( |
| 559 {{{kDefaultOnFeature, false, {origin_a_, origin_b_}}}}); |
| 557 std::unique_ptr<FeaturePolicy> policy2 = | 560 std::unique_ptr<FeaturePolicy> policy2 = |
| 558 CreateFromParentPolicy(policy1.get(), origin_b_); | 561 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 559 std::unique_ptr<FeaturePolicy> policy3 = | 562 std::unique_ptr<FeaturePolicy> policy3 = |
| 560 CreateFromParentPolicy(policy2.get(), origin_c_); | 563 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 561 std::unique_ptr<FeaturePolicy> policy4 = | 564 std::unique_ptr<FeaturePolicy> policy4 = |
| 562 CreateFromParentPolicy(policy1.get(), origin_c_); | 565 CreateFromParentPolicy(policy1.get(), origin_c_); |
| 563 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | 566 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); |
| 564 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 567 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
| 565 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | 568 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); |
| 566 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOnFeature)); | 569 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOnFeature)); |
| 567 } | 570 } |
| 568 | 571 |
| 569 TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) { | 572 TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) { |
| 570 // +-----------------------------------------------+ | 573 // +-----------------------------------------------+ |
| 571 // |(1) Origin A | | 574 // |(1) Origin A | |
| 572 // |Policy: {"default-self": ["self", "Origin B"]} | | 575 // |Policy: {"default-self": ["self", "Origin B"]} | |
| 573 // | +--------------------+ +--------------------+ | | 576 // | +--------------------+ +--------------------+ | |
| 574 // | |(2) Origin B | | (4) Origin C | | | 577 // | |(2) Origin B | | (4) Origin C | | |
| 575 // | |No Policy | | No Policy | | | 578 // | |No Policy | | No Policy | | |
| 576 // | | +-------------+ | | | | | 579 // | | +-------------+ | | | | |
| 577 // | | |(3)Origin C | | | | | | 580 // | | |(3)Origin C | | | | | |
| 578 // | | |No Policy | | | | | | 581 // | | |No Policy | | | | | |
| 579 // | | +-------------+ | | | | | 582 // | | +-------------+ | | | | |
| 580 // | +--------------------+ +--------------------+ | | 583 // | +--------------------+ +--------------------+ | |
| 581 // +-----------------------------------------------+ | 584 // +-----------------------------------------------+ |
| 582 // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and | 585 // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and |
| 583 // 4. | 586 // 4. |
| 584 std::unique_ptr<FeaturePolicy> policy1 = | 587 std::unique_ptr<FeaturePolicy> policy1 = |
| 585 CreateFromParentPolicy(nullptr, origin_a_); | 588 CreateFromParentPolicy(nullptr, origin_a_); |
| 586 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_, origin_b_}}}}); | 589 policy1->SetHeaderPolicy( |
| 590 {{{kDefaultSelfFeature false, {origin_a_, origin_b_}}}}); |
| 587 std::unique_ptr<FeaturePolicy> policy2 = | 591 std::unique_ptr<FeaturePolicy> policy2 = |
| 588 CreateFromParentPolicy(policy1.get(), origin_b_); | 592 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 589 std::unique_ptr<FeaturePolicy> policy3 = | 593 std::unique_ptr<FeaturePolicy> policy3 = |
| 590 CreateFromParentPolicy(policy2.get(), origin_c_); | 594 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 591 std::unique_ptr<FeaturePolicy> policy4 = | 595 std::unique_ptr<FeaturePolicy> policy4 = |
| 592 CreateFromParentPolicy(policy1.get(), origin_c_); | 596 CreateFromParentPolicy(policy1.get(), origin_c_); |
| 593 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 597 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
| 594 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 598 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 595 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 599 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 596 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | 600 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); |
| (...skipping 11 matching lines...) Expand all Loading... |
| 608 // | | +-------------+ | | | 612 // | | +-------------+ | | |
| 609 // | | |(3)Origin C | | | | 613 // | | |(3)Origin C | | | |
| 610 // | | |No Policy | | | | 614 // | | |No Policy | | | |
| 611 // | | +-------------+ | | | 615 // | | +-------------+ | | |
| 612 // | +-------------------------------------------+ | | 616 // | +-------------------------------------------+ | |
| 613 // +-----------------------------------------------+ | 617 // +-----------------------------------------------+ |
| 614 // Default-self feature should be enabled in all frames; Default-on feature | 618 // Default-self feature should be enabled in all frames; Default-on feature |
| 615 // should be enabled in frame 1, and disabled in frames 2 and 3. | 619 // should be enabled in frame 1, and disabled in frames 2 and 3. |
| 616 std::unique_ptr<FeaturePolicy> policy1 = | 620 std::unique_ptr<FeaturePolicy> policy1 = |
| 617 CreateFromParentPolicy(nullptr, origin_a_); | 621 CreateFromParentPolicy(nullptr, origin_a_); |
| 618 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_, origin_b_}}, | 622 policy1->SetHeaderPolicy( |
| 619 {"default-on", false, {origin_a_}}}}); | 623 {{{kDefaultSelfFeature false, {origin_a_, origin_b_}}, |
| 624 {kDefaultOnFeature, false, {origin_a_}}}}); |
| 620 std::unique_ptr<FeaturePolicy> policy2 = | 625 std::unique_ptr<FeaturePolicy> policy2 = |
| 621 CreateFromParentPolicy(policy1.get(), origin_b_); | 626 CreateFromParentPolicy(policy1.get(), origin_b_); |
| 622 policy2->SetHeaderPolicy( | 627 policy2->SetHeaderPolicy( |
| 623 {{{"default-self", true, std::vector<url::Origin>()}, | 628 {{{kDefaultSelfFeature true, std::vector<url::Origin>()}, |
| 624 {"default-on", true, std::vector<url::Origin>()}}}); | 629 {kDefaultOnFeature, true, std::vector<url::Origin>()}}}); |
| 625 std::unique_ptr<FeaturePolicy> policy3 = | 630 std::unique_ptr<FeaturePolicy> policy3 = |
| 626 CreateFromParentPolicy(policy2.get(), origin_c_); | 631 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 627 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 632 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
| 628 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | 633 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); |
| 629 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 634 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
| 630 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 635 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
| 631 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 636 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
| 632 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | 637 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); |
| 633 } | 638 } |
| 634 | 639 |
| 635 TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) { | 640 TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) { |
| 636 // +-----------------------------------------------+ | 641 // +-----------------------------------------------+ |
| 637 // |(1) Origin A | | 642 // |(1) Origin A | |
| 638 // |Policy: {"default-off": ["self", "Origin B"]} | | 643 // |Policy: {"default-off": ["self", "Origin B"]} | |
| 639 // +-----------------------------------------------+ | 644 // +-----------------------------------------------+ |
| 640 // Features should be enabled by the policy in frame 1 for origins A and B, | 645 // Features should be enabled by the policy in frame 1 for origins A and B, |
| 641 // and disabled for origin C. | 646 // and disabled for origin C. |
| 642 std::unique_ptr<FeaturePolicy> policy1 = | 647 std::unique_ptr<FeaturePolicy> policy1 = |
| 643 CreateFromParentPolicy(nullptr, origin_a_); | 648 CreateFromParentPolicy(nullptr, origin_a_); |
| 644 policy1->SetHeaderPolicy({{{"default-off", false, {origin_a_, origin_b_}}}}); | 649 policy1->SetHeaderPolicy( |
| 650 {{{kDefaultOffFeature, false, {origin_a_, origin_b_}}}}); |
| 645 EXPECT_TRUE( | 651 EXPECT_TRUE( |
| 646 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 652 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
| 647 EXPECT_TRUE( | 653 EXPECT_TRUE( |
| 648 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); | 654 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); |
| 649 EXPECT_FALSE( | 655 EXPECT_FALSE( |
| 650 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); | 656 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); |
| 651 } | 657 } |
| 652 | 658 |
| 653 // Test frame policies | 659 // Test frame policies |
| 654 | 660 |
| 655 TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) { | 661 TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) { |
| 656 // +-------------------------------------------------+ | 662 // +-------------------------------------------------+ |
| 657 // |(1)Origin A | | 663 // |(1)Origin A | |
| 658 // |No Policy | | 664 // |No Policy | |
| 659 // | | | 665 // | | |
| 660 // |<iframe policy='{"default-self": ["Origin B"]}'> | | 666 // |<iframe policy='{"default-self": ["Origin B"]}'> | |
| 661 // | +-------------+ | | 667 // | +-------------+ | |
| 662 // | |(2)Origin B | | | 668 // | |(2)Origin B | | |
| 663 // | |No Policy | | | 669 // | |No Policy | | |
| 664 // | +-------------+ | | 670 // | +-------------+ | |
| 665 // +-------------------------------------------------+ | 671 // +-------------------------------------------------+ |
| 666 // Default-self feature should be enabled in cross-origin child frame because | 672 // Default-self feature should be enabled in cross-origin child frame because |
| 667 // permission was delegated through frame policy. | 673 // permission was delegated through frame policy. |
| 668 // This is the same scenario as when the iframe is declared as | 674 // This is the same scenario as when the iframe is declared as |
| 669 // <iframe allow="default-self"> | 675 // <iframe allow="default-self"> |
| 670 std::unique_ptr<FeaturePolicy> policy1 = | 676 std::unique_ptr<FeaturePolicy> policy1 = |
| 671 CreateFromParentPolicy(nullptr, origin_a_); | 677 CreateFromParentPolicy(nullptr, origin_a_); |
| 672 ParsedFeaturePolicyHeader frame_policy = { | 678 ParsedFeaturePolicyHeader frame_policy = { |
| 673 {{"default-self", false, {origin_b_}}}}; | 679 {{kDefaultSelfFeature false, {origin_b_}}}}; |
| 674 std::unique_ptr<FeaturePolicy> policy2 = | 680 std::unique_ptr<FeaturePolicy> policy2 = |
| 675 CreateFromParentWithFramePolicy(policy1.get(), frame_policy, origin_b_); | 681 CreateFromParentWithFramePolicy(policy1.get(), frame_policy, origin_b_); |
| 676 EXPECT_TRUE( | 682 EXPECT_TRUE( |
| 677 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 683 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
| 678 EXPECT_FALSE( | 684 EXPECT_FALSE( |
| 679 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 685 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
| 680 EXPECT_FALSE( | 686 EXPECT_FALSE( |
| 681 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 687 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
| 682 EXPECT_FALSE( | 688 EXPECT_FALSE( |
| 683 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 689 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
| (...skipping 14 matching lines...) Expand all Loading... |
| 698 // | |No Policy | | | 704 // | |No Policy | | |
| 699 // | +-------------+ | | 705 // | +-------------+ | |
| 700 // +------------------------------------------+ | 706 // +------------------------------------------+ |
| 701 // Default-self feature should be enabled in cross-origin child frame because | 707 // Default-self feature should be enabled in cross-origin child frame because |
| 702 // permission was delegated through frame policy. | 708 // permission was delegated through frame policy. |
| 703 // This is the same scenario that arises when the iframe is declared as | 709 // This is the same scenario that arises when the iframe is declared as |
| 704 // <iframe allowfullscreen> | 710 // <iframe allowfullscreen> |
| 705 std::unique_ptr<FeaturePolicy> policy1 = | 711 std::unique_ptr<FeaturePolicy> policy1 = |
| 706 CreateFromParentPolicy(nullptr, origin_a_); | 712 CreateFromParentPolicy(nullptr, origin_a_); |
| 707 ParsedFeaturePolicyHeader frame_policy = { | 713 ParsedFeaturePolicyHeader frame_policy = { |
| 708 {{"default-self", true, std::vector<url::Origin>()}}}; | 714 {{kDefaultSelfFeature true, std::vector<url::Origin>()}}}; |
| 709 std::unique_ptr<FeaturePolicy> policy2 = | 715 std::unique_ptr<FeaturePolicy> policy2 = |
| 710 CreateFromParentWithFramePolicy(policy1.get(), frame_policy, origin_b_); | 716 CreateFromParentWithFramePolicy(policy1.get(), frame_policy, origin_b_); |
| 711 EXPECT_TRUE( | 717 EXPECT_TRUE( |
| 712 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 718 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
| 713 EXPECT_FALSE( | 719 EXPECT_FALSE( |
| 714 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 720 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
| 715 EXPECT_FALSE( | 721 EXPECT_FALSE( |
| 716 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 722 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
| 717 EXPECT_FALSE( | 723 EXPECT_FALSE( |
| 718 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 724 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
| (...skipping 25 matching lines...) Expand all Loading... |
| 744 // | | |No Policy | | | | 750 // | | |No Policy | | | |
| 745 // | | +-------------+ | | | 751 // | | +-------------+ | | |
| 746 // | +-------------------------------------------------+ | | 752 // | +-------------------------------------------------+ | |
| 747 // +-----------------------------------------------------+ | 753 // +-----------------------------------------------------+ |
| 748 // Default-self feature should be enabled in cross-origin child frames 2 and | 754 // Default-self feature should be enabled in cross-origin child frames 2 and |
| 749 // 3. Feature should be disabled in frame 4 because it was not further | 755 // 3. Feature should be disabled in frame 4 because it was not further |
| 750 // delegated through frame policy. | 756 // delegated through frame policy. |
| 751 std::unique_ptr<FeaturePolicy> policy1 = | 757 std::unique_ptr<FeaturePolicy> policy1 = |
| 752 CreateFromParentPolicy(nullptr, origin_a_); | 758 CreateFromParentPolicy(nullptr, origin_a_); |
| 753 ParsedFeaturePolicyHeader frame_policy1 = { | 759 ParsedFeaturePolicyHeader frame_policy1 = { |
| 754 {{"default-self", false, {origin_b_}}}}; | 760 {{kDefaultSelfFeature false, {origin_b_}}}}; |
| 755 std::unique_ptr<FeaturePolicy> policy2 = | 761 std::unique_ptr<FeaturePolicy> policy2 = |
| 756 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); | 762 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); |
| 757 ParsedFeaturePolicyHeader frame_policy2 = { | 763 ParsedFeaturePolicyHeader frame_policy2 = { |
| 758 {{"default-self", false, {origin_c_}}}}; | 764 {{kDefaultSelfFeature false, {origin_c_}}}}; |
| 759 std::unique_ptr<FeaturePolicy> policy3 = | 765 std::unique_ptr<FeaturePolicy> policy3 = |
| 760 CreateFromParentWithFramePolicy(policy2.get(), frame_policy2, origin_c_); | 766 CreateFromParentWithFramePolicy(policy2.get(), frame_policy2, origin_c_); |
| 761 std::unique_ptr<FeaturePolicy> policy4 = | 767 std::unique_ptr<FeaturePolicy> policy4 = |
| 762 CreateFromParentPolicy(policy2.get(), origin_c_); | 768 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 763 EXPECT_FALSE( | 769 EXPECT_FALSE( |
| 764 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 770 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
| 765 EXPECT_FALSE( | 771 EXPECT_FALSE( |
| 766 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 772 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
| 767 EXPECT_TRUE( | 773 EXPECT_TRUE( |
| 768 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 774 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
| (...skipping 20 matching lines...) Expand all Loading... |
| 789 // | +-------------+ | | 795 // | +-------------+ | |
| 790 // | |(3)Origin B | | | 796 // | |(3)Origin B | | |
| 791 // | |No Policy | | | 797 // | |No Policy | | |
| 792 // | +-------------+ | | 798 // | +-------------+ | |
| 793 // +-------------------------------------+ | 799 // +-------------------------------------+ |
| 794 // Default-on feature should be disabled in both same-origin and cross-origin | 800 // Default-on feature should be disabled in both same-origin and cross-origin |
| 795 // child frames because permission was removed through frame policy. | 801 // child frames because permission was removed through frame policy. |
| 796 std::unique_ptr<FeaturePolicy> policy1 = | 802 std::unique_ptr<FeaturePolicy> policy1 = |
| 797 CreateFromParentPolicy(nullptr, origin_a_); | 803 CreateFromParentPolicy(nullptr, origin_a_); |
| 798 ParsedFeaturePolicyHeader frame_policy1 = { | 804 ParsedFeaturePolicyHeader frame_policy1 = { |
| 799 {{"default-on", false, std::vector<url::Origin>()}}}; | 805 {{kDefaultOnFeature, false, std::vector<url::Origin>()}}}; |
| 800 std::unique_ptr<FeaturePolicy> policy2 = | 806 std::unique_ptr<FeaturePolicy> policy2 = |
| 801 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); | 807 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); |
| 802 ParsedFeaturePolicyHeader frame_policy2 = { | 808 ParsedFeaturePolicyHeader frame_policy2 = { |
| 803 {{"default-on", false, std::vector<url::Origin>()}}}; | 809 {{kDefaultOnFeature, false, std::vector<url::Origin>()}}}; |
| 804 std::unique_ptr<FeaturePolicy> policy3 = | 810 std::unique_ptr<FeaturePolicy> policy3 = |
| 805 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); | 811 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); |
| 806 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_a_)); | 812 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_a_)); |
| 807 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_b_)); | 813 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_b_)); |
| 808 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_c_)); | 814 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_c_)); |
| 809 EXPECT_FALSE( | 815 EXPECT_FALSE( |
| 810 policy2->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_a_)); | 816 policy2->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_a_)); |
| 811 EXPECT_FALSE( | 817 EXPECT_FALSE( |
| 812 policy2->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_b_)); | 818 policy2->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_b_)); |
| 813 EXPECT_FALSE( | 819 EXPECT_FALSE( |
| (...skipping 20 matching lines...) Expand all Loading... |
| 834 // |<iframe policy='{"default-off": ["Origin B"]}'> | | 840 // |<iframe policy='{"default-off": ["Origin B"]}'> | |
| 835 // | +-------------+ | | 841 // | +-------------+ | |
| 836 // | |(3)Origin B | | | 842 // | |(3)Origin B | | |
| 837 // | |No Policy | | | 843 // | |No Policy | | |
| 838 // | +-------------+ | | 844 // | +-------------+ | |
| 839 // +------------------------------------------------+ | 845 // +------------------------------------------------+ |
| 840 // Default-off feature should be disabled in both same-origin and cross-origin | 846 // Default-off feature should be disabled in both same-origin and cross-origin |
| 841 // child frames because they did not declare their own policy to enable it. | 847 // child frames because they did not declare their own policy to enable it. |
| 842 std::unique_ptr<FeaturePolicy> policy1 = | 848 std::unique_ptr<FeaturePolicy> policy1 = |
| 843 CreateFromParentPolicy(nullptr, origin_a_); | 849 CreateFromParentPolicy(nullptr, origin_a_); |
| 844 policy1->SetHeaderPolicy({{{"default-off", false, {origin_a_}}}}); | 850 policy1->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_a_}}}}); |
| 845 ParsedFeaturePolicyHeader frame_policy1 = { | 851 ParsedFeaturePolicyHeader frame_policy1 = { |
| 846 {{"default-off", false, {origin_a_}}}}; | 852 {{kDefaultOffFeature, false, {origin_a_}}}}; |
| 847 std::unique_ptr<FeaturePolicy> policy2 = | 853 std::unique_ptr<FeaturePolicy> policy2 = |
| 848 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); | 854 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); |
| 849 ParsedFeaturePolicyHeader frame_policy2 = { | 855 ParsedFeaturePolicyHeader frame_policy2 = { |
| 850 {{"default-off", false, {origin_b_}}}}; | 856 {{kDefaultOffFeature, false, {origin_b_}}}}; |
| 851 std::unique_ptr<FeaturePolicy> policy3 = | 857 std::unique_ptr<FeaturePolicy> policy3 = |
| 852 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); | 858 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); |
| 853 EXPECT_TRUE( | 859 EXPECT_TRUE( |
| 854 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 860 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
| 855 EXPECT_FALSE( | 861 EXPECT_FALSE( |
| 856 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); | 862 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); |
| 857 EXPECT_FALSE( | 863 EXPECT_FALSE( |
| 858 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); | 864 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); |
| 859 EXPECT_FALSE( | 865 EXPECT_FALSE( |
| 860 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 866 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
| (...skipping 24 matching lines...) Expand all Loading... |
| 885 // | +--------------------------------------------+ | | 891 // | +--------------------------------------------+ | |
| 886 // | |(3)Origin B | | | 892 // | |(3)Origin B | | |
| 887 // | |Policy: {"default-off": ["self"]} | | | 893 // | |Policy: {"default-off": ["self"]} | | |
| 888 // | +--------------------------------------------+ | | 894 // | +--------------------------------------------+ | |
| 889 // +------------------------------------------------+ | 895 // +------------------------------------------------+ |
| 890 // Default-off feature should be enabled in both same-origin and cross-origin | 896 // Default-off feature should be enabled in both same-origin and cross-origin |
| 891 // child frames because it is delegated through the parent's frame policy, and | 897 // child frames because it is delegated through the parent's frame policy, and |
| 892 // they declare their own policy to enable it. | 898 // they declare their own policy to enable it. |
| 893 std::unique_ptr<FeaturePolicy> policy1 = | 899 std::unique_ptr<FeaturePolicy> policy1 = |
| 894 CreateFromParentPolicy(nullptr, origin_a_); | 900 CreateFromParentPolicy(nullptr, origin_a_); |
| 895 policy1->SetHeaderPolicy({{{"default-off", false, {origin_a_}}}}); | 901 policy1->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_a_}}}}); |
| 896 ParsedFeaturePolicyHeader frame_policy1 = { | 902 ParsedFeaturePolicyHeader frame_policy1 = { |
| 897 {{"default-off", false, {origin_a_}}}}; | 903 {{kDefaultOffFeature, false, {origin_a_}}}}; |
| 898 std::unique_ptr<FeaturePolicy> policy2 = | 904 std::unique_ptr<FeaturePolicy> policy2 = |
| 899 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); | 905 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); |
| 900 policy2->SetHeaderPolicy({{{"default-off", false, {origin_a_}}}}); | 906 policy2->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_a_}}}}); |
| 901 ParsedFeaturePolicyHeader frame_policy2 = { | 907 ParsedFeaturePolicyHeader frame_policy2 = { |
| 902 {{"default-off", false, {origin_b_}}}}; | 908 {{kDefaultOffFeature, false, {origin_b_}}}}; |
| 903 std::unique_ptr<FeaturePolicy> policy3 = | 909 std::unique_ptr<FeaturePolicy> policy3 = |
| 904 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); | 910 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); |
| 905 policy3->SetHeaderPolicy({{{"default-off", false, {origin_b_}}}}); | 911 policy3->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_b_}}}}); |
| 906 EXPECT_TRUE( | 912 EXPECT_TRUE( |
| 907 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 913 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
| 908 EXPECT_FALSE( | 914 EXPECT_FALSE( |
| 909 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); | 915 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); |
| 910 EXPECT_FALSE( | 916 EXPECT_FALSE( |
| 911 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); | 917 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); |
| 912 EXPECT_TRUE( | 918 EXPECT_TRUE( |
| 913 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 919 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
| 914 EXPECT_FALSE( | 920 EXPECT_FALSE( |
| 915 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); | 921 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); |
| (...skipping 23 matching lines...) Expand all Loading... |
| 939 // | |(3)Origin B | | | 945 // | |(3)Origin B | | |
| 940 // | |Policy: {"default-self": ["self"]} | | | 946 // | |Policy: {"default-self": ["self"]} | | |
| 941 // | +-------------------------------------------+ | | 947 // | +-------------------------------------------+ | |
| 942 // +-----------------------------------------------+ | 948 // +-----------------------------------------------+ |
| 943 // Default-self feature should be disabled in both cross-origin child frames | 949 // Default-self feature should be disabled in both cross-origin child frames |
| 944 // by frame policy, even though the parent frame's header policy would | 950 // by frame policy, even though the parent frame's header policy would |
| 945 // otherwise enable it. This is true regardless of the child frame's header | 951 // otherwise enable it. This is true regardless of the child frame's header |
| 946 // policy. | 952 // policy. |
| 947 std::unique_ptr<FeaturePolicy> policy1 = | 953 std::unique_ptr<FeaturePolicy> policy1 = |
| 948 CreateFromParentPolicy(nullptr, origin_a_); | 954 CreateFromParentPolicy(nullptr, origin_a_); |
| 949 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_, origin_b_}}}}); | 955 policy1->SetHeaderPolicy( |
| 956 {{{kDefaultSelfFeature false, {origin_a_, origin_b_}}}}); |
| 950 ParsedFeaturePolicyHeader frame_policy1 = { | 957 ParsedFeaturePolicyHeader frame_policy1 = { |
| 951 {{"default-self", false, std::vector<url::Origin>()}}}; | 958 {{kDefaultSelfFeature false, std::vector<url::Origin>()}}}; |
| 952 std::unique_ptr<FeaturePolicy> policy2 = | 959 std::unique_ptr<FeaturePolicy> policy2 = |
| 953 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); | 960 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); |
| 954 ParsedFeaturePolicyHeader frame_policy2 = { | 961 ParsedFeaturePolicyHeader frame_policy2 = { |
| 955 {{"default-self", false, std::vector<url::Origin>()}}}; | 962 {{kDefaultSelfFeature false, std::vector<url::Origin>()}}}; |
| 956 std::unique_ptr<FeaturePolicy> policy3 = | 963 std::unique_ptr<FeaturePolicy> policy3 = |
| 957 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); | 964 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); |
| 958 policy3->SetHeaderPolicy({{{"default-self", false, {origin_b_}}}}); | 965 policy3->SetHeaderPolicy({{{kDefaultSelfFeature false, {origin_b_}}}}); |
| 959 EXPECT_FALSE( | 966 EXPECT_FALSE( |
| 960 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 967 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
| 961 EXPECT_FALSE( | 968 EXPECT_FALSE( |
| 962 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 969 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
| 963 } | 970 } |
| 964 | 971 |
| 965 TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) { | 972 TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) { |
| 966 // +-------------------------------------------------+ | 973 // +-------------------------------------------------+ |
| 967 // |(1)Origin A | | 974 // |(1)Origin A | |
| 968 // |No Policy | | 975 // |No Policy | |
| (...skipping 14 matching lines...) Expand all Loading... |
| 983 // | | |(4)Origin C | | | | 990 // | | |(4)Origin C | | | |
| 984 // | | |No Policy | | | | 991 // | | |No Policy | | | |
| 985 // | | +-------------+ | | | 992 // | | +-------------+ | | |
| 986 // | +---------------------------------------------+ | | 993 // | +---------------------------------------------+ | |
| 987 // +-------------------------------------------------+ | 994 // +-------------------------------------------------+ |
| 988 // Default-self feature should be enabled in cross-origin child frames 2 and | 995 // Default-self feature should be enabled in cross-origin child frames 2 and |
| 989 // 4. Feature should be disabled in frame 3 by frame policy. | 996 // 4. Feature should be disabled in frame 3 by frame policy. |
| 990 std::unique_ptr<FeaturePolicy> policy1 = | 997 std::unique_ptr<FeaturePolicy> policy1 = |
| 991 CreateFromParentPolicy(nullptr, origin_a_); | 998 CreateFromParentPolicy(nullptr, origin_a_); |
| 992 ParsedFeaturePolicyHeader frame_policy1 = { | 999 ParsedFeaturePolicyHeader frame_policy1 = { |
| 993 {{"default-self", false, {origin_b_}}}}; | 1000 {{kDefaultSelfFeature false, {origin_b_}}}}; |
| 994 std::unique_ptr<FeaturePolicy> policy2 = | 1001 std::unique_ptr<FeaturePolicy> policy2 = |
| 995 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); | 1002 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); |
| 996 policy2->SetHeaderPolicy( | 1003 policy2->SetHeaderPolicy( |
| 997 {{{"default-self", true, std::vector<url::Origin>()}}}); | 1004 {{{kDefaultSelfFeature true, std::vector<url::Origin>()}}}); |
| 998 ParsedFeaturePolicyHeader frame_policy2 = { | 1005 ParsedFeaturePolicyHeader frame_policy2 = { |
| 999 {{"default-self", false, std::vector<url::Origin>()}}}; | 1006 {{kDefaultSelfFeature false, std::vector<url::Origin>()}}}; |
| 1000 std::unique_ptr<FeaturePolicy> policy3 = | 1007 std::unique_ptr<FeaturePolicy> policy3 = |
| 1001 CreateFromParentWithFramePolicy(policy2.get(), frame_policy2, origin_c_); | 1008 CreateFromParentWithFramePolicy(policy2.get(), frame_policy2, origin_c_); |
| 1002 std::unique_ptr<FeaturePolicy> policy4 = | 1009 std::unique_ptr<FeaturePolicy> policy4 = |
| 1003 CreateFromParentPolicy(policy2.get(), origin_c_); | 1010 CreateFromParentPolicy(policy2.get(), origin_c_); |
| 1004 EXPECT_TRUE( | 1011 EXPECT_TRUE( |
| 1005 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 1012 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
| 1006 EXPECT_TRUE( | 1013 EXPECT_TRUE( |
| 1007 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 1014 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
| 1008 EXPECT_FALSE( | 1015 EXPECT_FALSE( |
| 1009 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 1016 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
| 1010 EXPECT_TRUE( | 1017 EXPECT_TRUE( |
| 1011 policy4->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 1018 policy4->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
| 1012 } | 1019 } |
| 1013 } // namespace content | 1020 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2727803004:
Replace string by enum in WebParsedFeaturePolicyDeclaration#feature (Closed)
