OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/feature_policy/feature_policy.h" | 5 #include "content/common/feature_policy/feature_policy.h" |
6 | 6 |
7 #include "testing/gtest/include/gtest/gtest.h" | 7 #include "testing/gtest/include/gtest/gtest.h" |
8 #include "url/gurl.h" | 8 #include "url/gurl.h" |
9 | 9 |
10 namespace content { | 10 namespace content { |
11 | 11 |
12 namespace { | 12 namespace { |
13 | 13 |
14 // This is an example of a feature which should be enabled by default in all | |
15 // frames. | |
16 const FeaturePolicy::Feature kDefaultOnFeatureDfn{ | |
17 "default-on", FeaturePolicy::FeatureDefault::EnableForAll}; | |
18 | |
19 // This is an example of a feature which should be enabled in top-level frames, | |
20 // and same-origin child-frames, but must be delegated to all cross-origin | |
21 // frames explicitly. | |
22 const FeaturePolicy::Feature kDefaultSelfFeatureDfn{ | |
23 "default-self", FeaturePolicy::FeatureDefault::EnableForSelf}; | |
24 | |
25 // This is an example of a feature which should be disabled by default, both in | |
26 // top-level and nested frames. | |
27 const FeaturePolicy::Feature kDefaultOffFeatureDfn{ | |
28 "default-off", FeaturePolicy::FeatureDefault::DisableForAll}; | |
29 | |
30 // Define the three new features for testing | |
31 blink::WebFeaturePolicyFeature kDefaultOnFeature = | 14 blink::WebFeaturePolicyFeature kDefaultOnFeature = |
32 static_cast<blink::WebFeaturePolicyFeature>( | 15 static_cast<blink::WebFeaturePolicyFeature>( |
33 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 1); | 16 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 1); |
34 | 17 |
35 blink::WebFeaturePolicyFeature kDefaultSelfFeature = | 18 blink::WebFeaturePolicyFeature kDefaultSelfFeature = |
36 static_cast<blink::WebFeaturePolicyFeature>( | 19 static_cast<blink::WebFeaturePolicyFeature>( |
37 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 2); | 20 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 2); |
38 | 21 |
39 blink::WebFeaturePolicyFeature kDefaultOffFeature = | 22 blink::WebFeaturePolicyFeature kDefaultOffFeature = |
40 static_cast<blink::WebFeaturePolicyFeature>( | 23 static_cast<blink::WebFeaturePolicyFeature>( |
41 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 3); | 24 static_cast<int>(blink::WebFeaturePolicyFeature::LAST_FEATURE) + 3); |
42 | 25 |
43 } // namespace | 26 } // namespace |
44 | 27 |
45 class FeaturePolicyTest : public ::testing::Test { | 28 class FeaturePolicyTest : public ::testing::Test { |
46 protected: | 29 protected: |
47 FeaturePolicyTest() | 30 FeaturePolicyTest() |
48 : feature_list_({{kDefaultOnFeature, &kDefaultOnFeatureDfn}, | 31 : feature_list_( |
49 {kDefaultSelfFeature, &kDefaultSelfFeatureDfn}, | 32 {{kDefaultOnFeature, FeaturePolicy::FeatureDefault::EnableForAll}, |
50 {kDefaultOffFeature, &kDefaultOffFeatureDfn}}) {} | 33 {kDefaultSelfFeature, |
| 34 FeaturePolicy::FeatureDefault::EnableForSelf}, |
| 35 {kDefaultOffFeature, |
| 36 FeaturePolicy::FeatureDefault::DisableForAll}}) {} |
51 | 37 |
52 ~FeaturePolicyTest() override {} | 38 ~FeaturePolicyTest() override {} |
53 | 39 |
54 std::unique_ptr<FeaturePolicy> CreateFromParentPolicy( | 40 std::unique_ptr<FeaturePolicy> CreateFromParentPolicy( |
55 const FeaturePolicy* parent, | 41 const FeaturePolicy* parent, |
56 const url::Origin& origin) { | 42 const url::Origin& origin) { |
57 ParsedFeaturePolicyHeader empty_container_policy; | 43 ParsedFeaturePolicyHeader empty_container_policy; |
58 return FeaturePolicy::CreateFromParentPolicy(parent, empty_container_policy, | 44 return FeaturePolicy::CreateFromParentPolicy(parent, empty_container_policy, |
59 origin, feature_list_); | 45 origin, feature_list_); |
60 } | 46 } |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
138 // | |(2) Origin B | | | 124 // | |(2) Origin B | | |
139 // | |Policy: {"default-self": ["self"]} | | | 125 // | |Policy: {"default-self": ["self"]} | | |
140 // | +-----------------------------------+ | | 126 // | +-----------------------------------+ | |
141 // +---------------------------------------+ | 127 // +---------------------------------------+ |
142 // Default-self feature should be disabled in cross origin frame, even if no | 128 // Default-self feature should be disabled in cross origin frame, even if no |
143 // policy was specified in the parent frame. | 129 // policy was specified in the parent frame. |
144 std::unique_ptr<FeaturePolicy> policy1 = | 130 std::unique_ptr<FeaturePolicy> policy1 = |
145 CreateFromParentPolicy(nullptr, origin_a_); | 131 CreateFromParentPolicy(nullptr, origin_a_); |
146 std::unique_ptr<FeaturePolicy> policy2 = | 132 std::unique_ptr<FeaturePolicy> policy2 = |
147 CreateFromParentPolicy(policy1.get(), origin_b_); | 133 CreateFromParentPolicy(policy1.get(), origin_b_); |
148 policy2->SetHeaderPolicy({{{"default-self", false, {origin_b_}}}}); | 134 policy2->SetHeaderPolicy({{{kDefaultSelfFeature, false, {origin_b_}}}}); |
149 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 135 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
150 } | 136 } |
151 | 137 |
152 TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) { | 138 TEST_F(FeaturePolicyTest, TestFrameSelfInheritance) { |
153 // +------------------------------------------+ | 139 // +------------------------------------------+ |
154 // |(1) Origin A | | 140 // |(1) Origin A | |
155 // |Policy: {"default-self": ["self"]} | | 141 // |Policy: {"default-self": ["self"]} | |
156 // | +-----------------+ +-----------------+ | | 142 // | +-----------------+ +-----------------+ | |
157 // | |(2) Origin A | |(4) Origin B | | | 143 // | |(2) Origin A | |(4) Origin B | | |
158 // | |No Policy | |No Policy | | | 144 // | |No Policy | |No Policy | | |
159 // | | +-------------+ | | +-------------+ | | | 145 // | | +-------------+ | | +-------------+ | | |
160 // | | |(3)Origin A | | | |(5)Origin B | | | | 146 // | | |(3)Origin A | | | |(5)Origin B | | | |
161 // | | |No Policy | | | |No Policy | | | | 147 // | | |No Policy | | | |No Policy | | | |
162 // | | +-------------+ | | +-------------+ | | | 148 // | | +-------------+ | | +-------------+ | | |
163 // | +-----------------+ +-----------------+ | | 149 // | +-----------------+ +-----------------+ | |
164 // +------------------------------------------+ | 150 // +------------------------------------------+ |
165 // Feature should be enabled at the top-level, and through the chain of | 151 // Feature should be enabled at the top-level, and through the chain of |
166 // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as | 152 // same-origin frames 2 and 3. It should be disabled in frames 4 and 5, as |
167 // they are at a different origin. | 153 // they are at a different origin. |
168 std::unique_ptr<FeaturePolicy> policy1 = | 154 std::unique_ptr<FeaturePolicy> policy1 = |
169 CreateFromParentPolicy(nullptr, origin_a_); | 155 CreateFromParentPolicy(nullptr, origin_a_); |
170 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_}}}}); | 156 policy1->SetHeaderPolicy({{{kDefaultSelfFeature, false, {origin_a_}}}}); |
171 std::unique_ptr<FeaturePolicy> policy2 = | 157 std::unique_ptr<FeaturePolicy> policy2 = |
172 CreateFromParentPolicy(policy1.get(), origin_a_); | 158 CreateFromParentPolicy(policy1.get(), origin_a_); |
173 std::unique_ptr<FeaturePolicy> policy3 = | 159 std::unique_ptr<FeaturePolicy> policy3 = |
174 CreateFromParentPolicy(policy2.get(), origin_a_); | 160 CreateFromParentPolicy(policy2.get(), origin_a_); |
175 std::unique_ptr<FeaturePolicy> policy4 = | 161 std::unique_ptr<FeaturePolicy> policy4 = |
176 CreateFromParentPolicy(policy1.get(), origin_b_); | 162 CreateFromParentPolicy(policy1.get(), origin_b_); |
177 std::unique_ptr<FeaturePolicy> policy5 = | 163 std::unique_ptr<FeaturePolicy> policy5 = |
178 CreateFromParentPolicy(policy4.get(), origin_b_); | 164 CreateFromParentPolicy(policy4.get(), origin_b_); |
179 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 165 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
180 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 166 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
(...skipping 11 matching lines...) Expand all Loading... |
192 // | | +-------------+ | | | 178 // | | +-------------+ | | |
193 // | | |(3)Origin A | | | | 179 // | | |(3)Origin A | | | |
194 // | | |No Policy | | | | 180 // | | |No Policy | | | |
195 // | | +-------------+ | | | 181 // | | +-------------+ | | |
196 // | +-----------------+ | | 182 // | +-----------------+ | |
197 // +-----------------------------------+ | 183 // +-----------------------------------+ |
198 // Feature which is enabled at top-level should be disabled in frame 3, as | 184 // Feature which is enabled at top-level should be disabled in frame 3, as |
199 // it is embedded by frame 2, for which the feature is not enabled. | 185 // it is embedded by frame 2, for which the feature is not enabled. |
200 std::unique_ptr<FeaturePolicy> policy1 = | 186 std::unique_ptr<FeaturePolicy> policy1 = |
201 CreateFromParentPolicy(nullptr, origin_a_); | 187 CreateFromParentPolicy(nullptr, origin_a_); |
202 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_}}}}); | 188 policy1->SetHeaderPolicy({{{kDefaultSelfFeature, false, {origin_a_}}}}); |
203 std::unique_ptr<FeaturePolicy> policy2 = | 189 std::unique_ptr<FeaturePolicy> policy2 = |
204 CreateFromParentPolicy(policy1.get(), origin_b_); | 190 CreateFromParentPolicy(policy1.get(), origin_b_); |
205 std::unique_ptr<FeaturePolicy> policy3 = | 191 std::unique_ptr<FeaturePolicy> policy3 = |
206 CreateFromParentPolicy(policy2.get(), origin_a_); | 192 CreateFromParentPolicy(policy2.get(), origin_a_); |
207 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 193 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
208 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 194 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
209 } | 195 } |
210 | 196 |
211 TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) { | 197 TEST_F(FeaturePolicyTest, TestSelectiveFrameInheritance) { |
212 // +------------------------------------------+ | 198 // +------------------------------------------+ |
213 // |(1) Origin A | | 199 // |(1) Origin A | |
214 // |Policy: {"default-self": ["Origin B"]} | | 200 // |Policy: {"default-self": ["Origin B"]} | |
215 // | +-----------------+ +-----------------+ | | 201 // | +-----------------+ +-----------------+ | |
216 // | |(2) Origin B | |(3) Origin C | | | 202 // | |(2) Origin B | |(3) Origin C | | |
217 // | |No Policy | |No Policy | | | 203 // | |No Policy | |No Policy | | |
218 // | | | | +-------------+ | | | 204 // | | | | +-------------+ | | |
219 // | | | | |(4)Origin B | | | | 205 // | | | | |(4)Origin B | | | |
220 // | | | | |No Policy | | | | 206 // | | | | |No Policy | | | |
221 // | | | | +-------------+ | | | 207 // | | | | +-------------+ | | |
222 // | +-----------------+ +-----------------+ | | 208 // | +-----------------+ +-----------------+ | |
223 // +------------------------------------------+ | 209 // +------------------------------------------+ |
224 // Feature should be enabled in second level Origin B frame, but disabled in | 210 // Feature should be enabled in second level Origin B frame, but disabled in |
225 // Frame 4, because it is embedded by frame 3, where the feature is not | 211 // Frame 4, because it is embedded by frame 3, where the feature is not |
226 // enabled. | 212 // enabled. |
227 std::unique_ptr<FeaturePolicy> policy1 = | 213 std::unique_ptr<FeaturePolicy> policy1 = |
228 CreateFromParentPolicy(nullptr, origin_a_); | 214 CreateFromParentPolicy(nullptr, origin_a_); |
229 policy1->SetHeaderPolicy({{{"default-self", false, {origin_b_}}}}); | 215 policy1->SetHeaderPolicy({{{kDefaultSelfFeature, false, {origin_b_}}}}); |
230 std::unique_ptr<FeaturePolicy> policy2 = | 216 std::unique_ptr<FeaturePolicy> policy2 = |
231 CreateFromParentPolicy(policy1.get(), origin_b_); | 217 CreateFromParentPolicy(policy1.get(), origin_b_); |
232 std::unique_ptr<FeaturePolicy> policy3 = | 218 std::unique_ptr<FeaturePolicy> policy3 = |
233 CreateFromParentPolicy(policy1.get(), origin_c_); | 219 CreateFromParentPolicy(policy1.get(), origin_c_); |
234 std::unique_ptr<FeaturePolicy> policy4 = | 220 std::unique_ptr<FeaturePolicy> policy4 = |
235 CreateFromParentPolicy(policy3.get(), origin_b_); | 221 CreateFromParentPolicy(policy3.get(), origin_b_); |
236 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 222 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
237 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 223 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
238 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | 224 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); |
239 } | 225 } |
240 | 226 |
241 TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) { | 227 TEST_F(FeaturePolicyTest, TestPolicyCanBlockSelf) { |
242 // +----------------------------+ | 228 // +----------------------------+ |
243 // |(1)Origin A | | 229 // |(1)Origin A | |
244 // |Policy: {"default-on": []} | | 230 // |Policy: {"default-on": []} | |
245 // +----------------------------+ | 231 // +----------------------------+ |
246 // Default-on feature should be disabled in top-level frame. | 232 // Default-on feature should be disabled in top-level frame. |
247 std::unique_ptr<FeaturePolicy> policy1 = | 233 std::unique_ptr<FeaturePolicy> policy1 = |
248 CreateFromParentPolicy(nullptr, origin_a_); | 234 CreateFromParentPolicy(nullptr, origin_a_); |
249 policy1->SetHeaderPolicy( | 235 policy1->SetHeaderPolicy( |
250 {{{"default-on", false, std::vector<url::Origin>()}}}); | 236 {{{kDefaultOnFeature, false, std::vector<url::Origin>()}}}); |
251 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | 237 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); |
252 } | 238 } |
253 | 239 |
254 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) { | 240 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) { |
255 // +----------------------------+ | 241 // +----------------------------+ |
256 // |(1)Origin A | | 242 // |(1)Origin A | |
257 // |Policy: {"default-on": []} | | 243 // |Policy: {"default-on": []} | |
258 // | +-------------+ | | 244 // | +-------------+ | |
259 // | |(2)Origin A | | | 245 // | |(2)Origin A | | |
260 // | |No Policy | | | 246 // | |No Policy | | |
261 // | +-------------+ | | 247 // | +-------------+ | |
262 // +----------------------------+ | 248 // +----------------------------+ |
263 // Feature should be disabled in child frame. | 249 // Feature should be disabled in child frame. |
264 std::unique_ptr<FeaturePolicy> policy1 = | 250 std::unique_ptr<FeaturePolicy> policy1 = |
265 CreateFromParentPolicy(nullptr, origin_a_); | 251 CreateFromParentPolicy(nullptr, origin_a_); |
266 policy1->SetHeaderPolicy( | 252 policy1->SetHeaderPolicy( |
267 {{{"default-on", false, std::vector<url::Origin>()}}}); | 253 {{{kDefaultOnFeature, false, std::vector<url::Origin>()}}}); |
268 std::unique_ptr<FeaturePolicy> policy2 = | 254 std::unique_ptr<FeaturePolicy> policy2 = |
269 CreateFromParentPolicy(policy1.get(), origin_a_); | 255 CreateFromParentPolicy(policy1.get(), origin_a_); |
270 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 256 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
271 } | 257 } |
272 | 258 |
273 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) { | 259 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockSelf) { |
274 // +--------------------------------+ | 260 // +--------------------------------+ |
275 // |(1)Origin A | | 261 // |(1)Origin A | |
276 // |No Policy | | 262 // |No Policy | |
277 // | +----------------------------+ | | 263 // | +----------------------------+ | |
278 // | |(2)Origin B | | | 264 // | |(2)Origin B | | |
279 // | |Policy: {"default-on": []} | | | 265 // | |Policy: {"default-on": []} | | |
280 // | +----------------------------+ | | 266 // | +----------------------------+ | |
281 // +--------------------------------+ | 267 // +--------------------------------+ |
282 // Default-on feature should be disabled by cross-origin child frame. | 268 // Default-on feature should be disabled by cross-origin child frame. |
283 std::unique_ptr<FeaturePolicy> policy1 = | 269 std::unique_ptr<FeaturePolicy> policy1 = |
284 CreateFromParentPolicy(nullptr, origin_a_); | 270 CreateFromParentPolicy(nullptr, origin_a_); |
285 std::unique_ptr<FeaturePolicy> policy2 = | 271 std::unique_ptr<FeaturePolicy> policy2 = |
286 CreateFromParentPolicy(policy1.get(), origin_b_); | 272 CreateFromParentPolicy(policy1.get(), origin_b_); |
287 policy2->SetHeaderPolicy( | 273 policy2->SetHeaderPolicy( |
288 {{{"default-on", false, std::vector<url::Origin>()}}}); | 274 {{{kDefaultOnFeature, false, std::vector<url::Origin>()}}}); |
289 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 275 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
290 } | 276 } |
291 | 277 |
292 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) { | 278 TEST_F(FeaturePolicyTest, TestChildPolicyCanBlockChildren) { |
293 // +--------------------------------------+ | 279 // +--------------------------------------+ |
294 // |(1)Origin A | | 280 // |(1)Origin A | |
295 // |No Policy | | 281 // |No Policy | |
296 // | +----------------------------------+ | | 282 // | +----------------------------------+ | |
297 // | |(2)Origin B | | | 283 // | |(2)Origin B | | |
298 // | |Policy: {"default-on": ["self"]} | | | 284 // | |Policy: {"default-on": ["self"]} | | |
299 // | | +-------------+ | | | 285 // | | +-------------+ | | |
300 // | | |(3)Origin C | | | | 286 // | | |(3)Origin C | | | |
301 // | | |No Policy | | | | 287 // | | |No Policy | | | |
302 // | | +-------------+ | | | 288 // | | +-------------+ | | |
303 // | +----------------------------------+ | | 289 // | +----------------------------------+ | |
304 // +--------------------------------------+ | 290 // +--------------------------------------+ |
305 // Default-on feature should be enabled in frames 1 and 2; disabled in frame | 291 // Default-on feature should be enabled in frames 1 and 2; disabled in frame |
306 // 3 by child frame policy. | 292 // 3 by child frame policy. |
307 std::unique_ptr<FeaturePolicy> policy1 = | 293 std::unique_ptr<FeaturePolicy> policy1 = |
308 CreateFromParentPolicy(nullptr, origin_a_); | 294 CreateFromParentPolicy(nullptr, origin_a_); |
309 std::unique_ptr<FeaturePolicy> policy2 = | 295 std::unique_ptr<FeaturePolicy> policy2 = |
310 CreateFromParentPolicy(policy1.get(), origin_b_); | 296 CreateFromParentPolicy(policy1.get(), origin_b_); |
311 policy2->SetHeaderPolicy({{{"default-on", false, {origin_b_}}}}); | 297 policy2->SetHeaderPolicy({{{kDefaultOnFeature, false, {origin_b_}}}}); |
312 std::unique_ptr<FeaturePolicy> policy3 = | 298 std::unique_ptr<FeaturePolicy> policy3 = |
313 CreateFromParentPolicy(policy2.get(), origin_c_); | 299 CreateFromParentPolicy(policy2.get(), origin_c_); |
314 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 300 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
315 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | 301 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); |
316 } | 302 } |
317 | 303 |
318 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) { | 304 TEST_F(FeaturePolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) { |
319 // +----------------------------+ | 305 // +----------------------------+ |
320 // |(1)Origin A | | 306 // |(1)Origin A | |
321 // |Policy: {"default-on": []} | | 307 // |Policy: {"default-on": []} | |
322 // | +-------------+ | | 308 // | +-------------+ | |
323 // | |(2)Origin B | | | 309 // | |(2)Origin B | | |
324 // | |No Policy | | | 310 // | |No Policy | | |
325 // | +-------------+ | | 311 // | +-------------+ | |
326 // +----------------------------+ | 312 // +----------------------------+ |
327 // Default-on feature should be disabled in cross-origin child frame. | 313 // Default-on feature should be disabled in cross-origin child frame. |
328 std::unique_ptr<FeaturePolicy> policy1 = | 314 std::unique_ptr<FeaturePolicy> policy1 = |
329 CreateFromParentPolicy(nullptr, origin_a_); | 315 CreateFromParentPolicy(nullptr, origin_a_); |
330 policy1->SetHeaderPolicy( | 316 policy1->SetHeaderPolicy( |
331 {{{"default-on", false, std::vector<url::Origin>()}}}); | 317 {{{kDefaultOnFeature, false, std::vector<url::Origin>()}}}); |
332 std::unique_ptr<FeaturePolicy> policy2 = | 318 std::unique_ptr<FeaturePolicy> policy2 = |
333 CreateFromParentPolicy(policy1.get(), origin_b_); | 319 CreateFromParentPolicy(policy1.get(), origin_b_); |
334 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 320 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
335 } | 321 } |
336 | 322 |
337 TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) { | 323 TEST_F(FeaturePolicyTest, TestEnableForAllOrigins) { |
338 // +--------------------------------+ | 324 // +--------------------------------+ |
339 // |(1) Origin A | | 325 // |(1) Origin A | |
340 // |Policy: {"default-self": ["*"]} | | 326 // |Policy: {"default-self": ["*"]} | |
341 // | +-----------------+ | | 327 // | +-----------------+ | |
342 // | |(2) Origin B | | | 328 // | |(2) Origin B | | |
343 // | |No Policy | | | 329 // | |No Policy | | |
344 // | | +-------------+ | | | 330 // | | +-------------+ | | |
345 // | | |(3)Origin A | | | | 331 // | | |(3)Origin A | | | |
346 // | | |No Policy | | | | 332 // | | |No Policy | | | |
347 // | | +-------------+ | | | 333 // | | +-------------+ | | |
348 // | +-----------------+ | | 334 // | +-----------------+ | |
349 // +--------------------------------+ | 335 // +--------------------------------+ |
350 // Feature should be enabled in top and second level; disabled in frame 3. | 336 // Feature should be enabled in top and second level; disabled in frame 3. |
351 std::unique_ptr<FeaturePolicy> policy1 = | 337 std::unique_ptr<FeaturePolicy> policy1 = |
352 CreateFromParentPolicy(nullptr, origin_a_); | 338 CreateFromParentPolicy(nullptr, origin_a_); |
353 policy1->SetHeaderPolicy( | 339 policy1->SetHeaderPolicy( |
354 {{{"default-self", true, std::vector<url::Origin>()}}}); | 340 {{{kDefaultSelfFeature, true, std::vector<url::Origin>()}}}); |
355 std::unique_ptr<FeaturePolicy> policy2 = | 341 std::unique_ptr<FeaturePolicy> policy2 = |
356 CreateFromParentPolicy(policy1.get(), origin_b_); | 342 CreateFromParentPolicy(policy1.get(), origin_b_); |
357 std::unique_ptr<FeaturePolicy> policy3 = | 343 std::unique_ptr<FeaturePolicy> policy3 = |
358 CreateFromParentPolicy(policy2.get(), origin_a_); | 344 CreateFromParentPolicy(policy2.get(), origin_a_); |
359 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 345 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
360 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 346 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
361 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 347 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
362 } | 348 } |
363 | 349 |
364 TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) { | 350 TEST_F(FeaturePolicyTest, TestDefaultOnEnablesForAllAncestors) { |
365 // +---------------------------------------+ | 351 // +---------------------------------------+ |
366 // |(1) Origin A | | 352 // |(1) Origin A | |
367 // |Policy: {"default-on": ["Origin B"]} | | 353 // |Policy: {"default-on": ["Origin B"]} | |
368 // | +-----------------------------------+ | | 354 // | +-----------------------------------+ | |
369 // | |(2) Origin B | | | 355 // | |(2) Origin B | | |
370 // | |No Policy | | | 356 // | |No Policy | | |
371 // | | +-------------+ +-------------+ | | | 357 // | | +-------------+ +-------------+ | | |
372 // | | |(3)Origin B | |(4)Origin C | | | | 358 // | | |(3)Origin B | |(4)Origin C | | | |
373 // | | |No Policy | |No Policy | | | | 359 // | | |No Policy | |No Policy | | | |
374 // | | +-------------+ +-------------+ | | | 360 // | | +-------------+ +-------------+ | | |
375 // | +-----------------------------------+ | | 361 // | +-----------------------------------+ | |
376 // +---------------------------------------+ | 362 // +---------------------------------------+ |
377 // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4. | 363 // Feature should be disabled in frame 1; enabled in frames 2, 3 and 4. |
378 std::unique_ptr<FeaturePolicy> policy1 = | 364 std::unique_ptr<FeaturePolicy> policy1 = |
379 CreateFromParentPolicy(nullptr, origin_a_); | 365 CreateFromParentPolicy(nullptr, origin_a_); |
380 policy1->SetHeaderPolicy({{{"default-on", false, {origin_b_}}}}); | 366 policy1->SetHeaderPolicy({{{kDefaultOnFeature, false, {origin_b_}}}}); |
381 std::unique_ptr<FeaturePolicy> policy2 = | 367 std::unique_ptr<FeaturePolicy> policy2 = |
382 CreateFromParentPolicy(policy1.get(), origin_b_); | 368 CreateFromParentPolicy(policy1.get(), origin_b_); |
383 std::unique_ptr<FeaturePolicy> policy3 = | 369 std::unique_ptr<FeaturePolicy> policy3 = |
384 CreateFromParentPolicy(policy2.get(), origin_b_); | 370 CreateFromParentPolicy(policy2.get(), origin_b_); |
385 std::unique_ptr<FeaturePolicy> policy4 = | 371 std::unique_ptr<FeaturePolicy> policy4 = |
386 CreateFromParentPolicy(policy2.get(), origin_c_); | 372 CreateFromParentPolicy(policy2.get(), origin_c_); |
387 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | 373 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOnFeature)); |
388 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 374 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
389 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | 375 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); |
390 EXPECT_TRUE(policy4->IsFeatureEnabled(kDefaultOnFeature)); | 376 EXPECT_TRUE(policy4->IsFeatureEnabled(kDefaultOnFeature)); |
391 } | 377 } |
392 | 378 |
393 TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) { | 379 TEST_F(FeaturePolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) { |
394 // +---------------------------------------+ | 380 // +---------------------------------------+ |
395 // |(1) Origin A | | 381 // |(1) Origin A | |
396 // |Policy: {"default-self": ["Origin B"]} | | 382 // |Policy: {"default-self": ["Origin B"]} | |
397 // | +-----------------------------------+ | | 383 // | +-----------------------------------+ | |
398 // | |(2) Origin B | | | 384 // | |(2) Origin B | | |
399 // | |No Policy | | | 385 // | |No Policy | | |
400 // | | +-------------+ +-------------+ | | | 386 // | | +-------------+ +-------------+ | | |
401 // | | |(3)Origin B | |(4)Origin C | | | | 387 // | | |(3)Origin B | |(4)Origin C | | | |
402 // | | |No Policy | |No Policy | | | | 388 // | | |No Policy | |No Policy | | | |
403 // | | +-------------+ +-------------+ | | | 389 // | | +-------------+ +-------------+ | | |
404 // | +-----------------------------------+ | | 390 // | +-----------------------------------+ | |
405 // +---------------------------------------+ | 391 // +---------------------------------------+ |
406 // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3. | 392 // Feature should be disabled in frames 1 and 4; enabled in frames 2 and 3. |
407 std::unique_ptr<FeaturePolicy> policy1 = | 393 std::unique_ptr<FeaturePolicy> policy1 = |
408 CreateFromParentPolicy(nullptr, origin_a_); | 394 CreateFromParentPolicy(nullptr, origin_a_); |
409 policy1->SetHeaderPolicy({{{"default-self", false, {origin_b_}}}}); | 395 policy1->SetHeaderPolicy({{{kDefaultSelfFeature, false, {origin_b_}}}}); |
410 std::unique_ptr<FeaturePolicy> policy2 = | 396 std::unique_ptr<FeaturePolicy> policy2 = |
411 CreateFromParentPolicy(policy1.get(), origin_b_); | 397 CreateFromParentPolicy(policy1.get(), origin_b_); |
412 std::unique_ptr<FeaturePolicy> policy3 = | 398 std::unique_ptr<FeaturePolicy> policy3 = |
413 CreateFromParentPolicy(policy2.get(), origin_b_); | 399 CreateFromParentPolicy(policy2.get(), origin_b_); |
414 std::unique_ptr<FeaturePolicy> policy4 = | 400 std::unique_ptr<FeaturePolicy> policy4 = |
415 CreateFromParentPolicy(policy2.get(), origin_c_); | 401 CreateFromParentPolicy(policy2.get(), origin_c_); |
416 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 402 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
417 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 403 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
418 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 404 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
419 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | 405 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); |
420 } | 406 } |
421 | 407 |
422 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) { | 408 TEST_F(FeaturePolicyTest, TestDefaultOffMustBeDelegatedToAllCrossOriginFrames) { |
423 // +------------------------------------------------------------+ | 409 // +------------------------------------------------------------+ |
424 // |(1) Origin A | | 410 // |(1) Origin A | |
425 // |Policy: {"default-off": ["Origin B"]} | | 411 // |Policy: {"default-off": ["Origin B"]} | |
426 // | +--------------------------------------------------------+ | | 412 // | +--------------------------------------------------------+ | |
427 // | |(2) Origin B | | | 413 // | |(2) Origin B | | |
428 // | |Policy: {"default-off": ["self"]} | | | 414 // | |Policy: {"default-off": ["self"]} | | |
429 // | | +-------------+ +----------------------------------+ | | | 415 // | | +-------------+ +----------------------------------+ | | |
430 // | | |(3)Origin B | |(4)Origin C | | | | 416 // | | |(3)Origin B | |(4)Origin C | | | |
431 // | | |No Policy | |Policy: {"default-off": ["self"]} | | | | 417 // | | |No Policy | |Policy: {"default-off": ["self"]} | | | |
432 // | | +-------------+ +----------------------------------+ | | | 418 // | | +-------------+ +----------------------------------+ | | |
433 // | +--------------------------------------------------------+ | | 419 // | +--------------------------------------------------------+ | |
434 // +------------------------------------------------------------+ | 420 // +------------------------------------------------------------+ |
435 // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only. | 421 // Feature should be disabled in frames 1, 3 and 4; enabled in frame 2 only. |
436 std::unique_ptr<FeaturePolicy> policy1 = | 422 std::unique_ptr<FeaturePolicy> policy1 = |
437 CreateFromParentPolicy(nullptr, origin_a_); | 423 CreateFromParentPolicy(nullptr, origin_a_); |
438 policy1->SetHeaderPolicy({{{"default-off", false, {origin_b_}}}}); | 424 policy1->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_b_}}}}); |
439 std::unique_ptr<FeaturePolicy> policy2 = | 425 std::unique_ptr<FeaturePolicy> policy2 = |
440 CreateFromParentPolicy(policy1.get(), origin_b_); | 426 CreateFromParentPolicy(policy1.get(), origin_b_); |
441 policy2->SetHeaderPolicy({{{"default-off", false, {origin_b_}}}}); | 427 policy2->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_b_}}}}); |
442 std::unique_ptr<FeaturePolicy> policy3 = | 428 std::unique_ptr<FeaturePolicy> policy3 = |
443 CreateFromParentPolicy(policy2.get(), origin_b_); | 429 CreateFromParentPolicy(policy2.get(), origin_b_); |
444 std::unique_ptr<FeaturePolicy> policy4 = | 430 std::unique_ptr<FeaturePolicy> policy4 = |
445 CreateFromParentPolicy(policy2.get(), origin_c_); | 431 CreateFromParentPolicy(policy2.get(), origin_c_); |
446 policy4->SetHeaderPolicy({{{"default-off", false, {origin_c_}}}}); | 432 policy4->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_c_}}}}); |
447 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOffFeature)); | 433 EXPECT_FALSE(policy1->IsFeatureEnabled(kDefaultOffFeature)); |
448 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOffFeature)); | 434 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOffFeature)); |
449 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOffFeature)); | 435 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOffFeature)); |
450 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOffFeature)); | 436 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOffFeature)); |
451 } | 437 } |
452 | 438 |
453 TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) { | 439 TEST_F(FeaturePolicyTest, TestReenableForAllOrigins) { |
454 // +------------------------------------+ | 440 // +------------------------------------+ |
455 // |(1) Origin A | | 441 // |(1) Origin A | |
456 // |Policy: {"default-self": ["*"]} | | 442 // |Policy: {"default-self": ["*"]} | |
457 // | +--------------------------------+ | | 443 // | +--------------------------------+ | |
458 // | |(2) Origin B | | | 444 // | |(2) Origin B | | |
459 // | |Policy: {"default-self": ["*"]} | | | 445 // | |Policy: {"default-self": ["*"]} | | |
460 // | | +-------------+ | | | 446 // | | +-------------+ | | |
461 // | | |(3)Origin A | | | | 447 // | | |(3)Origin A | | | |
462 // | | |No Policy | | | | 448 // | | |No Policy | | | |
463 // | | +-------------+ | | | 449 // | | +-------------+ | | |
464 // | +--------------------------------+ | | 450 // | +--------------------------------+ | |
465 // +------------------------------------+ | 451 // +------------------------------------+ |
466 // Feature should be enabled in all frames. | 452 // Feature should be enabled in all frames. |
467 std::unique_ptr<FeaturePolicy> policy1 = | 453 std::unique_ptr<FeaturePolicy> policy1 = |
468 CreateFromParentPolicy(nullptr, origin_a_); | 454 CreateFromParentPolicy(nullptr, origin_a_); |
469 policy1->SetHeaderPolicy( | 455 policy1->SetHeaderPolicy( |
470 {{{"default-self", true, std::vector<url::Origin>()}}}); | 456 {{{kDefaultSelfFeature, true, std::vector<url::Origin>()}}}); |
471 std::unique_ptr<FeaturePolicy> policy2 = | 457 std::unique_ptr<FeaturePolicy> policy2 = |
472 CreateFromParentPolicy(policy1.get(), origin_b_); | 458 CreateFromParentPolicy(policy1.get(), origin_b_); |
473 policy2->SetHeaderPolicy( | 459 policy2->SetHeaderPolicy( |
474 {{{"default-self", true, std::vector<url::Origin>()}}}); | 460 {{{kDefaultSelfFeature, true, std::vector<url::Origin>()}}}); |
475 std::unique_ptr<FeaturePolicy> policy3 = | 461 std::unique_ptr<FeaturePolicy> policy3 = |
476 CreateFromParentPolicy(policy2.get(), origin_a_); | 462 CreateFromParentPolicy(policy2.get(), origin_a_); |
477 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 463 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
478 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 464 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
479 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 465 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
480 } | 466 } |
481 | 467 |
482 TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) { | 468 TEST_F(FeaturePolicyTest, TestBlockedFrameCannotReenable) { |
483 // +--------------------------------------+ | 469 // +--------------------------------------+ |
484 // |(1)Origin A | | 470 // |(1)Origin A | |
485 // |Policy: {"default-self": ["self"]} | | 471 // |Policy: {"default-self": ["self"]} | |
486 // | +----------------------------------+ | | 472 // | +----------------------------------+ | |
487 // | |(2)Origin B | | | 473 // | |(2)Origin B | | |
488 // | |Policy: {"default-self": ["*"]} | | | 474 // | |Policy: {"default-self": ["*"]} | | |
489 // | | +-------------+ +-------------+ | | | 475 // | | +-------------+ +-------------+ | | |
490 // | | |(3)Origin A | |(4)Origin C | | | | 476 // | | |(3)Origin A | |(4)Origin C | | | |
491 // | | |No Policy | |No Policy | | | | 477 // | | |No Policy | |No Policy | | | |
492 // | | +-------------+ +-------------+ | | | 478 // | | +-------------+ +-------------+ | | |
493 // | +----------------------------------+ | | 479 // | +----------------------------------+ | |
494 // +--------------------------------------+ | 480 // +--------------------------------------+ |
495 // Feature should be enabled at the top level; disabled in all other frames. | 481 // Feature should be enabled at the top level; disabled in all other frames. |
496 std::unique_ptr<FeaturePolicy> policy1 = | 482 std::unique_ptr<FeaturePolicy> policy1 = |
497 CreateFromParentPolicy(nullptr, origin_a_); | 483 CreateFromParentPolicy(nullptr, origin_a_); |
498 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_}}}}); | 484 policy1->SetHeaderPolicy({{{kDefaultSelfFeature, false, {origin_a_}}}}); |
499 std::unique_ptr<FeaturePolicy> policy2 = | 485 std::unique_ptr<FeaturePolicy> policy2 = |
500 CreateFromParentPolicy(policy1.get(), origin_b_); | 486 CreateFromParentPolicy(policy1.get(), origin_b_); |
501 policy2->SetHeaderPolicy( | 487 policy2->SetHeaderPolicy( |
502 {{{"default-self", true, std::vector<url::Origin>()}}}); | 488 {{{kDefaultSelfFeature, true, std::vector<url::Origin>()}}}); |
503 std::unique_ptr<FeaturePolicy> policy3 = | 489 std::unique_ptr<FeaturePolicy> policy3 = |
504 CreateFromParentPolicy(policy2.get(), origin_a_); | 490 CreateFromParentPolicy(policy2.get(), origin_a_); |
505 std::unique_ptr<FeaturePolicy> policy4 = | 491 std::unique_ptr<FeaturePolicy> policy4 = |
506 CreateFromParentPolicy(policy2.get(), origin_c_); | 492 CreateFromParentPolicy(policy2.get(), origin_c_); |
507 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 493 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
508 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 494 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
509 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 495 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
510 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | 496 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); |
511 } | 497 } |
512 | 498 |
513 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) { | 499 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegate) { |
514 // +---------------------------------------------------+ | 500 // +---------------------------------------------------+ |
515 // |(1) Origin A | | 501 // |(1) Origin A | |
516 // |Policy: {"default-self": ["self", "Origin B"]} | | 502 // |Policy: {"default-self": ["self", "Origin B"]} | |
517 // | +-----------------------------------------------+ | | 503 // | +-----------------------------------------------+ | |
518 // | |(2) Origin B | | | 504 // | |(2) Origin B | | |
519 // | |Policy: {"default-self": ["self", "Origin C"]} | | | 505 // | |Policy: {"default-self": ["self", "Origin C"]} | | |
520 // | | +-------------+ | | | 506 // | | +-------------+ | | |
521 // | | |(3)Origin C | | | | 507 // | | |(3)Origin C | | | |
522 // | | |No Policy | | | | 508 // | | |No Policy | | | |
523 // | | +-------------+ | | | 509 // | | +-------------+ | | |
524 // | +-----------------------------------------------+ | | 510 // | +-----------------------------------------------+ | |
525 // +---------------------------------------------------+ | 511 // +---------------------------------------------------+ |
526 // Feature should be enabled in all frames. | 512 // Feature should be enabled in all frames. |
527 std::unique_ptr<FeaturePolicy> policy1 = | 513 std::unique_ptr<FeaturePolicy> policy1 = |
528 CreateFromParentPolicy(nullptr, origin_a_); | 514 CreateFromParentPolicy(nullptr, origin_a_); |
529 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_, origin_b_}}}}); | 515 policy1->SetHeaderPolicy( |
| 516 {{{kDefaultSelfFeature, false, {origin_a_, origin_b_}}}}); |
530 std::unique_ptr<FeaturePolicy> policy2 = | 517 std::unique_ptr<FeaturePolicy> policy2 = |
531 CreateFromParentPolicy(policy1.get(), origin_b_); | 518 CreateFromParentPolicy(policy1.get(), origin_b_); |
532 policy2->SetHeaderPolicy({{{"default-self", false, {origin_b_, origin_c_}}}}); | 519 policy2->SetHeaderPolicy( |
| 520 {{{kDefaultSelfFeature, false, {origin_b_, origin_c_}}}}); |
533 std::unique_ptr<FeaturePolicy> policy3 = | 521 std::unique_ptr<FeaturePolicy> policy3 = |
534 CreateFromParentPolicy(policy2.get(), origin_c_); | 522 CreateFromParentPolicy(policy2.get(), origin_c_); |
535 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 523 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
536 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 524 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
537 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 525 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
538 } | 526 } |
539 | 527 |
540 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) { | 528 TEST_F(FeaturePolicyTest, TestEnabledFrameCanDelegateByDefault) { |
541 // +-----------------------------------------------+ | 529 // +-----------------------------------------------+ |
542 // |(1) Origin A | | 530 // |(1) Origin A | |
543 // |Policy: {"default-on": ["self", "Origin B"]} | | 531 // |Policy: {"default-on": ["self", "Origin B"]} | |
544 // | +--------------------+ +--------------------+ | | 532 // | +--------------------+ +--------------------+ | |
545 // | |(2) Origin B | | (4) Origin C | | | 533 // | |(2) Origin B | | (4) Origin C | | |
546 // | |No Policy | | No Policy | | | 534 // | |No Policy | | No Policy | | |
547 // | | +-------------+ | | | | | 535 // | | +-------------+ | | | | |
548 // | | |(3)Origin C | | | | | | 536 // | | |(3)Origin C | | | | | |
549 // | | |No Policy | | | | | | 537 // | | |No Policy | | | | | |
550 // | | +-------------+ | | | | | 538 // | | +-------------+ | | | | |
551 // | +--------------------+ +--------------------+ | | 539 // | +--------------------+ +--------------------+ | |
552 // +-----------------------------------------------+ | 540 // +-----------------------------------------------+ |
553 // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4. | 541 // Feature should be enabled in frames 1, 2, and 3, and disabled in frame 4. |
554 std::unique_ptr<FeaturePolicy> policy1 = | 542 std::unique_ptr<FeaturePolicy> policy1 = |
555 CreateFromParentPolicy(nullptr, origin_a_); | 543 CreateFromParentPolicy(nullptr, origin_a_); |
556 policy1->SetHeaderPolicy({{{"default-on", false, {origin_a_, origin_b_}}}}); | 544 policy1->SetHeaderPolicy( |
| 545 {{{kDefaultOnFeature, false, {origin_a_, origin_b_}}}}); |
557 std::unique_ptr<FeaturePolicy> policy2 = | 546 std::unique_ptr<FeaturePolicy> policy2 = |
558 CreateFromParentPolicy(policy1.get(), origin_b_); | 547 CreateFromParentPolicy(policy1.get(), origin_b_); |
559 std::unique_ptr<FeaturePolicy> policy3 = | 548 std::unique_ptr<FeaturePolicy> policy3 = |
560 CreateFromParentPolicy(policy2.get(), origin_c_); | 549 CreateFromParentPolicy(policy2.get(), origin_c_); |
561 std::unique_ptr<FeaturePolicy> policy4 = | 550 std::unique_ptr<FeaturePolicy> policy4 = |
562 CreateFromParentPolicy(policy1.get(), origin_c_); | 551 CreateFromParentPolicy(policy1.get(), origin_c_); |
563 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | 552 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); |
564 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 553 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
565 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | 554 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultOnFeature)); |
566 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOnFeature)); | 555 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultOnFeature)); |
567 } | 556 } |
568 | 557 |
569 TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) { | 558 TEST_F(FeaturePolicyTest, TestNonNestedFeaturesDontDelegateByDefault) { |
570 // +-----------------------------------------------+ | 559 // +-----------------------------------------------+ |
571 // |(1) Origin A | | 560 // |(1) Origin A | |
572 // |Policy: {"default-self": ["self", "Origin B"]} | | 561 // |Policy: {"default-self": ["self", "Origin B"]} | |
573 // | +--------------------+ +--------------------+ | | 562 // | +--------------------+ +--------------------+ | |
574 // | |(2) Origin B | | (4) Origin C | | | 563 // | |(2) Origin B | | (4) Origin C | | |
575 // | |No Policy | | No Policy | | | 564 // | |No Policy | | No Policy | | |
576 // | | +-------------+ | | | | | 565 // | | +-------------+ | | | | |
577 // | | |(3)Origin C | | | | | | 566 // | | |(3)Origin C | | | | | |
578 // | | |No Policy | | | | | | 567 // | | |No Policy | | | | | |
579 // | | +-------------+ | | | | | 568 // | | +-------------+ | | | | |
580 // | +--------------------+ +--------------------+ | | 569 // | +--------------------+ +--------------------+ | |
581 // +-----------------------------------------------+ | 570 // +-----------------------------------------------+ |
582 // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and | 571 // Feature should be enabled in frames 1 and 2, and disabled in frames 3 and |
583 // 4. | 572 // 4. |
584 std::unique_ptr<FeaturePolicy> policy1 = | 573 std::unique_ptr<FeaturePolicy> policy1 = |
585 CreateFromParentPolicy(nullptr, origin_a_); | 574 CreateFromParentPolicy(nullptr, origin_a_); |
586 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_, origin_b_}}}}); | 575 policy1->SetHeaderPolicy( |
| 576 {{{kDefaultSelfFeature, false, {origin_a_, origin_b_}}}}); |
587 std::unique_ptr<FeaturePolicy> policy2 = | 577 std::unique_ptr<FeaturePolicy> policy2 = |
588 CreateFromParentPolicy(policy1.get(), origin_b_); | 578 CreateFromParentPolicy(policy1.get(), origin_b_); |
589 std::unique_ptr<FeaturePolicy> policy3 = | 579 std::unique_ptr<FeaturePolicy> policy3 = |
590 CreateFromParentPolicy(policy2.get(), origin_c_); | 580 CreateFromParentPolicy(policy2.get(), origin_c_); |
591 std::unique_ptr<FeaturePolicy> policy4 = | 581 std::unique_ptr<FeaturePolicy> policy4 = |
592 CreateFromParentPolicy(policy1.get(), origin_c_); | 582 CreateFromParentPolicy(policy1.get(), origin_c_); |
593 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 583 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
594 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 584 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
595 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 585 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
596 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); | 586 EXPECT_FALSE(policy4->IsFeatureEnabled(kDefaultSelfFeature)); |
(...skipping 11 matching lines...) Expand all Loading... |
608 // | | +-------------+ | | | 598 // | | +-------------+ | | |
609 // | | |(3)Origin C | | | | 599 // | | |(3)Origin C | | | |
610 // | | |No Policy | | | | 600 // | | |No Policy | | | |
611 // | | +-------------+ | | | 601 // | | +-------------+ | | |
612 // | +-------------------------------------------+ | | 602 // | +-------------------------------------------+ | |
613 // +-----------------------------------------------+ | 603 // +-----------------------------------------------+ |
614 // Default-self feature should be enabled in all frames; Default-on feature | 604 // Default-self feature should be enabled in all frames; Default-on feature |
615 // should be enabled in frame 1, and disabled in frames 2 and 3. | 605 // should be enabled in frame 1, and disabled in frames 2 and 3. |
616 std::unique_ptr<FeaturePolicy> policy1 = | 606 std::unique_ptr<FeaturePolicy> policy1 = |
617 CreateFromParentPolicy(nullptr, origin_a_); | 607 CreateFromParentPolicy(nullptr, origin_a_); |
618 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_, origin_b_}}, | 608 policy1->SetHeaderPolicy( |
619 {"default-on", false, {origin_a_}}}}); | 609 {{{kDefaultSelfFeature, false, {origin_a_, origin_b_}}, |
| 610 {kDefaultOnFeature, false, {origin_a_}}}}); |
620 std::unique_ptr<FeaturePolicy> policy2 = | 611 std::unique_ptr<FeaturePolicy> policy2 = |
621 CreateFromParentPolicy(policy1.get(), origin_b_); | 612 CreateFromParentPolicy(policy1.get(), origin_b_); |
622 policy2->SetHeaderPolicy( | 613 policy2->SetHeaderPolicy( |
623 {{{"default-self", true, std::vector<url::Origin>()}, | 614 {{{kDefaultSelfFeature, true, std::vector<url::Origin>()}, |
624 {"default-on", true, std::vector<url::Origin>()}}}); | 615 {kDefaultOnFeature, true, std::vector<url::Origin>()}}}); |
625 std::unique_ptr<FeaturePolicy> policy3 = | 616 std::unique_ptr<FeaturePolicy> policy3 = |
626 CreateFromParentPolicy(policy2.get(), origin_c_); | 617 CreateFromParentPolicy(policy2.get(), origin_c_); |
627 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); | 618 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultSelfFeature)); |
628 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); | 619 EXPECT_TRUE(policy1->IsFeatureEnabled(kDefaultOnFeature)); |
629 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); | 620 EXPECT_TRUE(policy2->IsFeatureEnabled(kDefaultSelfFeature)); |
630 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); | 621 EXPECT_FALSE(policy2->IsFeatureEnabled(kDefaultOnFeature)); |
631 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); | 622 EXPECT_TRUE(policy3->IsFeatureEnabled(kDefaultSelfFeature)); |
632 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); | 623 EXPECT_FALSE(policy3->IsFeatureEnabled(kDefaultOnFeature)); |
633 } | 624 } |
634 | 625 |
635 TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) { | 626 TEST_F(FeaturePolicyTest, TestFeatureEnabledForOrigin) { |
636 // +-----------------------------------------------+ | 627 // +-----------------------------------------------+ |
637 // |(1) Origin A | | 628 // |(1) Origin A | |
638 // |Policy: {"default-off": ["self", "Origin B"]} | | 629 // |Policy: {"default-off": ["self", "Origin B"]} | |
639 // +-----------------------------------------------+ | 630 // +-----------------------------------------------+ |
640 // Features should be enabled by the policy in frame 1 for origins A and B, | 631 // Features should be enabled by the policy in frame 1 for origins A and B, |
641 // and disabled for origin C. | 632 // and disabled for origin C. |
642 std::unique_ptr<FeaturePolicy> policy1 = | 633 std::unique_ptr<FeaturePolicy> policy1 = |
643 CreateFromParentPolicy(nullptr, origin_a_); | 634 CreateFromParentPolicy(nullptr, origin_a_); |
644 policy1->SetHeaderPolicy({{{"default-off", false, {origin_a_, origin_b_}}}}); | 635 policy1->SetHeaderPolicy( |
| 636 {{{kDefaultOffFeature, false, {origin_a_, origin_b_}}}}); |
645 EXPECT_TRUE( | 637 EXPECT_TRUE( |
646 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 638 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
647 EXPECT_TRUE( | 639 EXPECT_TRUE( |
648 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); | 640 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); |
649 EXPECT_FALSE( | 641 EXPECT_FALSE( |
650 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); | 642 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); |
651 } | 643 } |
652 | 644 |
653 // Test frame policies | 645 // Test frame policies |
654 | 646 |
655 TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) { | 647 TEST_F(FeaturePolicyTest, TestSimpleFramePolicy) { |
656 // +-------------------------------------------------+ | 648 // +-------------------------------------------------+ |
657 // |(1)Origin A | | 649 // |(1)Origin A | |
658 // |No Policy | | 650 // |No Policy | |
659 // | | | 651 // | | |
660 // |<iframe policy='{"default-self": ["Origin B"]}'> | | 652 // |<iframe policy='{"default-self": ["Origin B"]}'> | |
661 // | +-------------+ | | 653 // | +-------------+ | |
662 // | |(2)Origin B | | | 654 // | |(2)Origin B | | |
663 // | |No Policy | | | 655 // | |No Policy | | |
664 // | +-------------+ | | 656 // | +-------------+ | |
665 // +-------------------------------------------------+ | 657 // +-------------------------------------------------+ |
666 // Default-self feature should be enabled in cross-origin child frame because | 658 // Default-self feature should be enabled in cross-origin child frame because |
667 // permission was delegated through frame policy. | 659 // permission was delegated through frame policy. |
668 // This is the same scenario as when the iframe is declared as | 660 // This is the same scenario as when the iframe is declared as |
669 // <iframe allow="default-self"> | 661 // <iframe allow="default-self"> |
670 std::unique_ptr<FeaturePolicy> policy1 = | 662 std::unique_ptr<FeaturePolicy> policy1 = |
671 CreateFromParentPolicy(nullptr, origin_a_); | 663 CreateFromParentPolicy(nullptr, origin_a_); |
672 ParsedFeaturePolicyHeader frame_policy = { | 664 ParsedFeaturePolicyHeader frame_policy = { |
673 {{"default-self", false, {origin_b_}}}}; | 665 {{kDefaultSelfFeature, false, {origin_b_}}}}; |
674 std::unique_ptr<FeaturePolicy> policy2 = | 666 std::unique_ptr<FeaturePolicy> policy2 = |
675 CreateFromParentWithFramePolicy(policy1.get(), frame_policy, origin_b_); | 667 CreateFromParentWithFramePolicy(policy1.get(), frame_policy, origin_b_); |
676 EXPECT_TRUE( | 668 EXPECT_TRUE( |
677 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 669 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
678 EXPECT_FALSE( | 670 EXPECT_FALSE( |
679 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 671 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
680 EXPECT_FALSE( | 672 EXPECT_FALSE( |
681 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 673 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
682 EXPECT_FALSE( | 674 EXPECT_FALSE( |
683 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 675 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
(...skipping 14 matching lines...) Expand all Loading... |
698 // | |No Policy | | | 690 // | |No Policy | | |
699 // | +-------------+ | | 691 // | +-------------+ | |
700 // +------------------------------------------+ | 692 // +------------------------------------------+ |
701 // Default-self feature should be enabled in cross-origin child frame because | 693 // Default-self feature should be enabled in cross-origin child frame because |
702 // permission was delegated through frame policy. | 694 // permission was delegated through frame policy. |
703 // This is the same scenario that arises when the iframe is declared as | 695 // This is the same scenario that arises when the iframe is declared as |
704 // <iframe allowfullscreen> | 696 // <iframe allowfullscreen> |
705 std::unique_ptr<FeaturePolicy> policy1 = | 697 std::unique_ptr<FeaturePolicy> policy1 = |
706 CreateFromParentPolicy(nullptr, origin_a_); | 698 CreateFromParentPolicy(nullptr, origin_a_); |
707 ParsedFeaturePolicyHeader frame_policy = { | 699 ParsedFeaturePolicyHeader frame_policy = { |
708 {{"default-self", true, std::vector<url::Origin>()}}}; | 700 {{kDefaultSelfFeature, true, std::vector<url::Origin>()}}}; |
709 std::unique_ptr<FeaturePolicy> policy2 = | 701 std::unique_ptr<FeaturePolicy> policy2 = |
710 CreateFromParentWithFramePolicy(policy1.get(), frame_policy, origin_b_); | 702 CreateFromParentWithFramePolicy(policy1.get(), frame_policy, origin_b_); |
711 EXPECT_TRUE( | 703 EXPECT_TRUE( |
712 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 704 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
713 EXPECT_FALSE( | 705 EXPECT_FALSE( |
714 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 706 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
715 EXPECT_FALSE( | 707 EXPECT_FALSE( |
716 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 708 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
717 EXPECT_FALSE( | 709 EXPECT_FALSE( |
718 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 710 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
(...skipping 25 matching lines...) Expand all Loading... |
744 // | | |No Policy | | | | 736 // | | |No Policy | | | |
745 // | | +-------------+ | | | 737 // | | +-------------+ | | |
746 // | +-------------------------------------------------+ | | 738 // | +-------------------------------------------------+ | |
747 // +-----------------------------------------------------+ | 739 // +-----------------------------------------------------+ |
748 // Default-self feature should be enabled in cross-origin child frames 2 and | 740 // Default-self feature should be enabled in cross-origin child frames 2 and |
749 // 3. Feature should be disabled in frame 4 because it was not further | 741 // 3. Feature should be disabled in frame 4 because it was not further |
750 // delegated through frame policy. | 742 // delegated through frame policy. |
751 std::unique_ptr<FeaturePolicy> policy1 = | 743 std::unique_ptr<FeaturePolicy> policy1 = |
752 CreateFromParentPolicy(nullptr, origin_a_); | 744 CreateFromParentPolicy(nullptr, origin_a_); |
753 ParsedFeaturePolicyHeader frame_policy1 = { | 745 ParsedFeaturePolicyHeader frame_policy1 = { |
754 {{"default-self", false, {origin_b_}}}}; | 746 {{kDefaultSelfFeature, false, {origin_b_}}}}; |
755 std::unique_ptr<FeaturePolicy> policy2 = | 747 std::unique_ptr<FeaturePolicy> policy2 = |
756 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); | 748 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); |
757 ParsedFeaturePolicyHeader frame_policy2 = { | 749 ParsedFeaturePolicyHeader frame_policy2 = { |
758 {{"default-self", false, {origin_c_}}}}; | 750 {{kDefaultSelfFeature, false, {origin_c_}}}}; |
759 std::unique_ptr<FeaturePolicy> policy3 = | 751 std::unique_ptr<FeaturePolicy> policy3 = |
760 CreateFromParentWithFramePolicy(policy2.get(), frame_policy2, origin_c_); | 752 CreateFromParentWithFramePolicy(policy2.get(), frame_policy2, origin_c_); |
761 std::unique_ptr<FeaturePolicy> policy4 = | 753 std::unique_ptr<FeaturePolicy> policy4 = |
762 CreateFromParentPolicy(policy2.get(), origin_c_); | 754 CreateFromParentPolicy(policy2.get(), origin_c_); |
763 EXPECT_FALSE( | 755 EXPECT_FALSE( |
764 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 756 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
765 EXPECT_FALSE( | 757 EXPECT_FALSE( |
766 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 758 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
767 EXPECT_TRUE( | 759 EXPECT_TRUE( |
768 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 760 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
(...skipping 20 matching lines...) Expand all Loading... |
789 // | +-------------+ | | 781 // | +-------------+ | |
790 // | |(3)Origin B | | | 782 // | |(3)Origin B | | |
791 // | |No Policy | | | 783 // | |No Policy | | |
792 // | +-------------+ | | 784 // | +-------------+ | |
793 // +-------------------------------------+ | 785 // +-------------------------------------+ |
794 // Default-on feature should be disabled in both same-origin and cross-origin | 786 // Default-on feature should be disabled in both same-origin and cross-origin |
795 // child frames because permission was removed through frame policy. | 787 // child frames because permission was removed through frame policy. |
796 std::unique_ptr<FeaturePolicy> policy1 = | 788 std::unique_ptr<FeaturePolicy> policy1 = |
797 CreateFromParentPolicy(nullptr, origin_a_); | 789 CreateFromParentPolicy(nullptr, origin_a_); |
798 ParsedFeaturePolicyHeader frame_policy1 = { | 790 ParsedFeaturePolicyHeader frame_policy1 = { |
799 {{"default-on", false, std::vector<url::Origin>()}}}; | 791 {{kDefaultOnFeature, false, std::vector<url::Origin>()}}}; |
800 std::unique_ptr<FeaturePolicy> policy2 = | 792 std::unique_ptr<FeaturePolicy> policy2 = |
801 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); | 793 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); |
802 ParsedFeaturePolicyHeader frame_policy2 = { | 794 ParsedFeaturePolicyHeader frame_policy2 = { |
803 {{"default-on", false, std::vector<url::Origin>()}}}; | 795 {{kDefaultOnFeature, false, std::vector<url::Origin>()}}}; |
804 std::unique_ptr<FeaturePolicy> policy3 = | 796 std::unique_ptr<FeaturePolicy> policy3 = |
805 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); | 797 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); |
806 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_a_)); | 798 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_a_)); |
807 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_b_)); | 799 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_b_)); |
808 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_c_)); | 800 EXPECT_TRUE(policy1->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_c_)); |
809 EXPECT_FALSE( | 801 EXPECT_FALSE( |
810 policy2->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_a_)); | 802 policy2->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_a_)); |
811 EXPECT_FALSE( | 803 EXPECT_FALSE( |
812 policy2->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_b_)); | 804 policy2->IsFeatureEnabledForOrigin(kDefaultOnFeature, origin_b_)); |
813 EXPECT_FALSE( | 805 EXPECT_FALSE( |
(...skipping 20 matching lines...) Expand all Loading... |
834 // |<iframe policy='{"default-off": ["Origin B"]}'> | | 826 // |<iframe policy='{"default-off": ["Origin B"]}'> | |
835 // | +-------------+ | | 827 // | +-------------+ | |
836 // | |(3)Origin B | | | 828 // | |(3)Origin B | | |
837 // | |No Policy | | | 829 // | |No Policy | | |
838 // | +-------------+ | | 830 // | +-------------+ | |
839 // +------------------------------------------------+ | 831 // +------------------------------------------------+ |
840 // Default-off feature should be disabled in both same-origin and cross-origin | 832 // Default-off feature should be disabled in both same-origin and cross-origin |
841 // child frames because they did not declare their own policy to enable it. | 833 // child frames because they did not declare their own policy to enable it. |
842 std::unique_ptr<FeaturePolicy> policy1 = | 834 std::unique_ptr<FeaturePolicy> policy1 = |
843 CreateFromParentPolicy(nullptr, origin_a_); | 835 CreateFromParentPolicy(nullptr, origin_a_); |
844 policy1->SetHeaderPolicy({{{"default-off", false, {origin_a_}}}}); | 836 policy1->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_a_}}}}); |
845 ParsedFeaturePolicyHeader frame_policy1 = { | 837 ParsedFeaturePolicyHeader frame_policy1 = { |
846 {{"default-off", false, {origin_a_}}}}; | 838 {{kDefaultOffFeature, false, {origin_a_}}}}; |
847 std::unique_ptr<FeaturePolicy> policy2 = | 839 std::unique_ptr<FeaturePolicy> policy2 = |
848 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); | 840 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); |
849 ParsedFeaturePolicyHeader frame_policy2 = { | 841 ParsedFeaturePolicyHeader frame_policy2 = { |
850 {{"default-off", false, {origin_b_}}}}; | 842 {{kDefaultOffFeature, false, {origin_b_}}}}; |
851 std::unique_ptr<FeaturePolicy> policy3 = | 843 std::unique_ptr<FeaturePolicy> policy3 = |
852 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); | 844 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); |
853 EXPECT_TRUE( | 845 EXPECT_TRUE( |
854 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 846 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
855 EXPECT_FALSE( | 847 EXPECT_FALSE( |
856 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); | 848 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); |
857 EXPECT_FALSE( | 849 EXPECT_FALSE( |
858 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); | 850 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); |
859 EXPECT_FALSE( | 851 EXPECT_FALSE( |
860 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 852 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
(...skipping 24 matching lines...) Expand all Loading... |
885 // | +--------------------------------------------+ | | 877 // | +--------------------------------------------+ | |
886 // | |(3)Origin B | | | 878 // | |(3)Origin B | | |
887 // | |Policy: {"default-off": ["self"]} | | | 879 // | |Policy: {"default-off": ["self"]} | | |
888 // | +--------------------------------------------+ | | 880 // | +--------------------------------------------+ | |
889 // +------------------------------------------------+ | 881 // +------------------------------------------------+ |
890 // Default-off feature should be enabled in both same-origin and cross-origin | 882 // Default-off feature should be enabled in both same-origin and cross-origin |
891 // child frames because it is delegated through the parent's frame policy, and | 883 // child frames because it is delegated through the parent's frame policy, and |
892 // they declare their own policy to enable it. | 884 // they declare their own policy to enable it. |
893 std::unique_ptr<FeaturePolicy> policy1 = | 885 std::unique_ptr<FeaturePolicy> policy1 = |
894 CreateFromParentPolicy(nullptr, origin_a_); | 886 CreateFromParentPolicy(nullptr, origin_a_); |
895 policy1->SetHeaderPolicy({{{"default-off", false, {origin_a_}}}}); | 887 policy1->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_a_}}}}); |
896 ParsedFeaturePolicyHeader frame_policy1 = { | 888 ParsedFeaturePolicyHeader frame_policy1 = { |
897 {{"default-off", false, {origin_a_}}}}; | 889 {{kDefaultOffFeature, false, {origin_a_}}}}; |
898 std::unique_ptr<FeaturePolicy> policy2 = | 890 std::unique_ptr<FeaturePolicy> policy2 = |
899 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); | 891 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_a_); |
900 policy2->SetHeaderPolicy({{{"default-off", false, {origin_a_}}}}); | 892 policy2->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_a_}}}}); |
901 ParsedFeaturePolicyHeader frame_policy2 = { | 893 ParsedFeaturePolicyHeader frame_policy2 = { |
902 {{"default-off", false, {origin_b_}}}}; | 894 {{kDefaultOffFeature, false, {origin_b_}}}}; |
903 std::unique_ptr<FeaturePolicy> policy3 = | 895 std::unique_ptr<FeaturePolicy> policy3 = |
904 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); | 896 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); |
905 policy3->SetHeaderPolicy({{{"default-off", false, {origin_b_}}}}); | 897 policy3->SetHeaderPolicy({{{kDefaultOffFeature, false, {origin_b_}}}}); |
906 EXPECT_TRUE( | 898 EXPECT_TRUE( |
907 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 899 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
908 EXPECT_FALSE( | 900 EXPECT_FALSE( |
909 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); | 901 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); |
910 EXPECT_FALSE( | 902 EXPECT_FALSE( |
911 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); | 903 policy1->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_c_)); |
912 EXPECT_TRUE( | 904 EXPECT_TRUE( |
913 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); | 905 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_a_)); |
914 EXPECT_FALSE( | 906 EXPECT_FALSE( |
915 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); | 907 policy2->IsFeatureEnabledForOrigin(kDefaultOffFeature, origin_b_)); |
(...skipping 23 matching lines...) Expand all Loading... |
939 // | |(3)Origin B | | | 931 // | |(3)Origin B | | |
940 // | |Policy: {"default-self": ["self"]} | | | 932 // | |Policy: {"default-self": ["self"]} | | |
941 // | +-------------------------------------------+ | | 933 // | +-------------------------------------------+ | |
942 // +-----------------------------------------------+ | 934 // +-----------------------------------------------+ |
943 // Default-self feature should be disabled in both cross-origin child frames | 935 // Default-self feature should be disabled in both cross-origin child frames |
944 // by frame policy, even though the parent frame's header policy would | 936 // by frame policy, even though the parent frame's header policy would |
945 // otherwise enable it. This is true regardless of the child frame's header | 937 // otherwise enable it. This is true regardless of the child frame's header |
946 // policy. | 938 // policy. |
947 std::unique_ptr<FeaturePolicy> policy1 = | 939 std::unique_ptr<FeaturePolicy> policy1 = |
948 CreateFromParentPolicy(nullptr, origin_a_); | 940 CreateFromParentPolicy(nullptr, origin_a_); |
949 policy1->SetHeaderPolicy({{{"default-self", false, {origin_a_, origin_b_}}}}); | 941 policy1->SetHeaderPolicy( |
| 942 {{{kDefaultSelfFeature, false, {origin_a_, origin_b_}}}}); |
950 ParsedFeaturePolicyHeader frame_policy1 = { | 943 ParsedFeaturePolicyHeader frame_policy1 = { |
951 {{"default-self", false, std::vector<url::Origin>()}}}; | 944 {{kDefaultSelfFeature, false, std::vector<url::Origin>()}}}; |
952 std::unique_ptr<FeaturePolicy> policy2 = | 945 std::unique_ptr<FeaturePolicy> policy2 = |
953 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); | 946 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); |
954 ParsedFeaturePolicyHeader frame_policy2 = { | 947 ParsedFeaturePolicyHeader frame_policy2 = { |
955 {{"default-self", false, std::vector<url::Origin>()}}}; | 948 {{kDefaultSelfFeature, false, std::vector<url::Origin>()}}}; |
956 std::unique_ptr<FeaturePolicy> policy3 = | 949 std::unique_ptr<FeaturePolicy> policy3 = |
957 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); | 950 CreateFromParentWithFramePolicy(policy1.get(), frame_policy2, origin_b_); |
958 policy3->SetHeaderPolicy({{{"default-self", false, {origin_b_}}}}); | 951 policy3->SetHeaderPolicy({{{kDefaultSelfFeature, false, {origin_b_}}}}); |
959 EXPECT_FALSE( | 952 EXPECT_FALSE( |
960 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 953 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
961 EXPECT_FALSE( | 954 EXPECT_FALSE( |
962 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 955 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
963 } | 956 } |
964 | 957 |
965 TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) { | 958 TEST_F(FeaturePolicyTest, TestCombineFrameAndHeaderPolicies) { |
966 // +-------------------------------------------------+ | 959 // +-------------------------------------------------+ |
967 // |(1)Origin A | | 960 // |(1)Origin A | |
968 // |No Policy | | 961 // |No Policy | |
(...skipping 14 matching lines...) Expand all Loading... |
983 // | | |(4)Origin C | | | | 976 // | | |(4)Origin C | | | |
984 // | | |No Policy | | | | 977 // | | |No Policy | | | |
985 // | | +-------------+ | | | 978 // | | +-------------+ | | |
986 // | +---------------------------------------------+ | | 979 // | +---------------------------------------------+ | |
987 // +-------------------------------------------------+ | 980 // +-------------------------------------------------+ |
988 // Default-self feature should be enabled in cross-origin child frames 2 and | 981 // Default-self feature should be enabled in cross-origin child frames 2 and |
989 // 4. Feature should be disabled in frame 3 by frame policy. | 982 // 4. Feature should be disabled in frame 3 by frame policy. |
990 std::unique_ptr<FeaturePolicy> policy1 = | 983 std::unique_ptr<FeaturePolicy> policy1 = |
991 CreateFromParentPolicy(nullptr, origin_a_); | 984 CreateFromParentPolicy(nullptr, origin_a_); |
992 ParsedFeaturePolicyHeader frame_policy1 = { | 985 ParsedFeaturePolicyHeader frame_policy1 = { |
993 {{"default-self", false, {origin_b_}}}}; | 986 {{kDefaultSelfFeature, false, {origin_b_}}}}; |
994 std::unique_ptr<FeaturePolicy> policy2 = | 987 std::unique_ptr<FeaturePolicy> policy2 = |
995 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); | 988 CreateFromParentWithFramePolicy(policy1.get(), frame_policy1, origin_b_); |
996 policy2->SetHeaderPolicy( | 989 policy2->SetHeaderPolicy( |
997 {{{"default-self", true, std::vector<url::Origin>()}}}); | 990 {{{kDefaultSelfFeature, true, std::vector<url::Origin>()}}}); |
998 ParsedFeaturePolicyHeader frame_policy2 = { | 991 ParsedFeaturePolicyHeader frame_policy2 = { |
999 {{"default-self", false, std::vector<url::Origin>()}}}; | 992 {{kDefaultSelfFeature, false, std::vector<url::Origin>()}}}; |
1000 std::unique_ptr<FeaturePolicy> policy3 = | 993 std::unique_ptr<FeaturePolicy> policy3 = |
1001 CreateFromParentWithFramePolicy(policy2.get(), frame_policy2, origin_c_); | 994 CreateFromParentWithFramePolicy(policy2.get(), frame_policy2, origin_c_); |
1002 std::unique_ptr<FeaturePolicy> policy4 = | 995 std::unique_ptr<FeaturePolicy> policy4 = |
1003 CreateFromParentPolicy(policy2.get(), origin_c_); | 996 CreateFromParentPolicy(policy2.get(), origin_c_); |
1004 EXPECT_TRUE( | 997 EXPECT_TRUE( |
1005 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); | 998 policy1->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_a_)); |
1006 EXPECT_TRUE( | 999 EXPECT_TRUE( |
1007 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); | 1000 policy2->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_b_)); |
1008 EXPECT_FALSE( | 1001 EXPECT_FALSE( |
1009 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 1002 policy3->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
1010 EXPECT_TRUE( | 1003 EXPECT_TRUE( |
1011 policy4->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); | 1004 policy4->IsFeatureEnabledForOrigin(kDefaultSelfFeature, origin_c_)); |
1012 } | 1005 } |
| 1006 |
1013 } // namespace content | 1007 } // namespace content |
OLD | NEW |