| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/site_per_process_browsertest.h" | 5 #include "content/browser/site_per_process_browsertest.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <algorithm> | 10 #include <algorithm> |
| (...skipping 2390 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2401 " B = http://b.com/", | 2401 " B = http://b.com/", |
| 2402 DepictFrameTree(root)); | 2402 DepictFrameTree(root)); |
| 2403 EXPECT_NE(shell()->web_contents()->GetSiteInstance(), | 2403 EXPECT_NE(shell()->web_contents()->GetSiteInstance(), |
| 2404 child->current_frame_host()->GetSiteInstance()); | 2404 child->current_frame_host()->GetSiteInstance()); |
| 2405 } | 2405 } |
| 2406 | 2406 |
| 2407 // The FrameTreeNode should update its URL (so that we don't affect other uses | 2407 // The FrameTreeNode should update its URL (so that we don't affect other uses |
| 2408 // of the API), but the frame's last_successful_url shouldn't change and the | 2408 // of the API), but the frame's last_successful_url shouldn't change and the |
| 2409 // origin should be empty. | 2409 // origin should be empty. |
| 2410 // PlzNavigate: We have switched RenderFrameHosts for the subframe, so the | 2410 // PlzNavigate: We have switched RenderFrameHosts for the subframe, so the |
| 2411 // last successful url should be empty (since the frame only loaded an error | 2411 // last succesful url should be empty (since the frame only loaded an error |
| 2412 // page). | 2412 // page). |
| 2413 if (IsBrowserSideNavigationEnabled()) | 2413 if (IsBrowserSideNavigationEnabled()) |
| 2414 EXPECT_EQ(GURL(), child->current_frame_host()->last_successful_url()); | 2414 EXPECT_EQ(GURL(), child->current_frame_host()->last_successful_url()); |
| 2415 else | 2415 else |
| 2416 EXPECT_EQ(url_a, child->current_frame_host()->last_successful_url()); | 2416 EXPECT_EQ(url_a, child->current_frame_host()->last_successful_url()); |
| 2417 EXPECT_EQ(url_b, child->current_url()); | 2417 EXPECT_EQ(url_b, child->current_url()); |
| 2418 EXPECT_EQ("null", child->current_origin().Serialize()); | 2418 EXPECT_EQ("null", child->current_origin().Serialize()); |
| 2419 | 2419 |
| 2420 // Try again after re-enabling host resolution. | 2420 // Try again after re-enabling host resolution. |
| 2421 host_resolver()->AddRule("*", "127.0.0.1"); | 2421 host_resolver()->AddRule("*", "127.0.0.1"); |
| (...skipping 4995 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 7417 | 7417 |
| 7418 // The blocked frame should still fire a load event in its parent's process. | 7418 // The blocked frame should still fire a load event in its parent's process. |
| 7419 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 7419 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
| 7420 | 7420 |
| 7421 // Check that the current RenderFrameHost has stopped loading. | 7421 // Check that the current RenderFrameHost has stopped loading. |
| 7422 if (root->child_at(0)->current_frame_host()->is_loading()) { | 7422 if (root->child_at(0)->current_frame_host()->is_loading()) { |
| 7423 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 7423 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
| 7424 load_observer.Wait(); | 7424 load_observer.Wait(); |
| 7425 } | 7425 } |
| 7426 | 7426 |
| 7427 // The last successful url shouldn't be the blocked url. | 7427 // The blocked frame should stay at the old location. |
| 7428 EXPECT_EQ(old_subframe_url, | 7428 EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url()); |
| 7429 root->child_at(0)->current_frame_host()->last_successful_url()); | |
| 7430 | 7429 |
| 7431 if (IsBrowserSideNavigationEnabled()) { | 7430 // The blocked frame should keep the old title. |
| 7432 // The blocked frame should go to an error page. Errors currently commit | 7431 std::string frame_title; |
| 7433 // with the URL of the blocked page. | 7432 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 7434 EXPECT_EQ(blocked_url, root->child_at(0)->current_url()); | 7433 root->child_at(0), "domAutomationController.send(document.title)", |
| 7435 | 7434 &frame_title)); |
| 7436 // The page should get the title of an error page (i.e "") and not the | 7435 EXPECT_EQ("Title Of Awesomeness", frame_title); |
| 7437 // title of the blocked page. | |
| 7438 std::string frame_title; | |
| 7439 EXPECT_TRUE(ExecuteScriptAndExtractString( | |
| 7440 root->child_at(0), "domAutomationController.send(document.title)", | |
| 7441 &frame_title)); | |
| 7442 EXPECT_EQ("", frame_title); | |
| 7443 } else { | |
| 7444 // The blocked frame should stay at the old location. | |
| 7445 EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url()); | |
| 7446 | |
| 7447 // The blocked frame should keep the old title. | |
| 7448 std::string frame_title; | |
| 7449 EXPECT_TRUE(ExecuteScriptAndExtractString( | |
| 7450 root->child_at(0), "domAutomationController.send(document.title)", | |
| 7451 &frame_title)); | |
| 7452 EXPECT_EQ("Title Of Awesomeness", frame_title); | |
| 7453 } | |
| 7454 | 7436 |
| 7455 // Navigate to a URL without CSP. | 7437 // Navigate to a URL without CSP. |
| 7456 EXPECT_TRUE(NavigateToURL( | 7438 EXPECT_TRUE(NavigateToURL( |
| 7457 shell(), embedded_test_server()->GetURL("a.com", "/title1.html"))); | 7439 shell(), embedded_test_server()->GetURL("a.com", "/title1.html"))); |
| 7458 | 7440 |
| 7459 // Verify that the frame's CSP got correctly reset to an empty set. | 7441 // Verify that the frame's CSP got correctly reset to an empty set. |
| 7460 EXPECT_EQ(0u, | 7442 EXPECT_EQ(0u, |
| 7461 root->current_replication_state().accumulated_csp_headers.size()); | 7443 root->current_replication_state().accumulated_csp_headers.size()); |
| 7462 } | 7444 } |
| 7463 | 7445 |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 7510 | 7492 |
| 7511 // The blocked frame should still fire a load event in its parent's process. | 7493 // The blocked frame should still fire a load event in its parent's process. |
| 7512 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 7494 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
| 7513 | 7495 |
| 7514 // Check that the current RenderFrameHost has stopped loading. | 7496 // Check that the current RenderFrameHost has stopped loading. |
| 7515 if (root->child_at(0)->current_frame_host()->is_loading()) { | 7497 if (root->child_at(0)->current_frame_host()->is_loading()) { |
| 7516 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 7498 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
| 7517 load_observer2.Wait(); | 7499 load_observer2.Wait(); |
| 7518 } | 7500 } |
| 7519 | 7501 |
| 7520 // The last successful url shouldn't be the blocked url. | 7502 // The blocked frame should stay at the old location. |
| 7521 EXPECT_EQ(old_subframe_url, | 7503 EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url()); |
| 7522 root->child_at(0)->current_frame_host()->last_successful_url()); | |
| 7523 | 7504 |
| 7524 if (IsBrowserSideNavigationEnabled()) { | 7505 // The blocked frame should keep the old title. |
| 7525 // The blocked frame should go to an error page. Errors currently commit | 7506 std::string frame_title; |
| 7526 // with the URL of the blocked page. | 7507 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 7527 EXPECT_EQ(blocked_url, root->child_at(0)->current_url()); | 7508 root->child_at(0), "domAutomationController.send(document.title)", |
| 7528 | 7509 &frame_title)); |
| 7529 // The page should get the title of an error page (i.e "") and not the | 7510 EXPECT_EQ("Title Of Awesomeness", frame_title); |
| 7530 // title of the blocked page. | |
| 7531 std::string frame_title; | |
| 7532 EXPECT_TRUE(ExecuteScriptAndExtractString( | |
| 7533 root->child_at(0), "domAutomationController.send(document.title)", | |
| 7534 &frame_title)); | |
| 7535 EXPECT_EQ("", frame_title); | |
| 7536 } else { | |
| 7537 // The blocked frame should stay at the old location. | |
| 7538 EXPECT_EQ(old_subframe_url, root->child_at(0)->current_url()); | |
| 7539 | |
| 7540 // The blocked frame should keep the old title. | |
| 7541 std::string frame_title; | |
| 7542 EXPECT_TRUE(ExecuteScriptAndExtractString( | |
| 7543 root->child_at(0), "domAutomationController.send(document.title)", | |
| 7544 &frame_title)); | |
| 7545 EXPECT_EQ("Title Of Awesomeness", frame_title); | |
| 7546 } | |
| 7547 } | 7511 } |
| 7548 | 7512 |
| 7549 // Test that a cross-origin frame's navigation can be blocked by CSP frame-src. | 7513 // Test that a cross-origin frame's navigation can be blocked by CSP frame-src. |
| 7550 // In this version of a test, CSP is inherited by srcdoc iframe from a parent | 7514 // In this version of a test, CSP is inherited by srcdoc iframe from a parent |
| 7551 // that declared CSP via HTTP headers. Cross-origin frame navigating to a | 7515 // that declared CSP via HTTP headers. Cross-origin frame navigating to a |
| 7552 // blocked location is a child of the srcdoc iframe. | 7516 // blocked location is a child of the srcdoc iframe. |
| 7553 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, | 7517 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, |
| 7554 CrossSiteIframeBlockedByCSPInheritedBySrcDocParent) { | 7518 CrossSiteIframeBlockedByCSPInheritedBySrcDocParent) { |
| 7555 GURL main_url( | 7519 GURL main_url( |
| 7556 embedded_test_server()->GetURL("a.com", "/frame-src-self-and-b.html")); | 7520 embedded_test_server()->GetURL("a.com", "/frame-src-self-and-b.html")); |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 7597 | 7561 |
| 7598 // The blocked frame should still fire a load event in its parent's process. | 7562 // The blocked frame should still fire a load event in its parent's process. |
| 7599 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); | 7563 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
| 7600 | 7564 |
| 7601 // Check that the current RenderFrameHost has stopped loading. | 7565 // Check that the current RenderFrameHost has stopped loading. |
| 7602 if (navigating_frame->current_frame_host()->is_loading()) { | 7566 if (navigating_frame->current_frame_host()->is_loading()) { |
| 7603 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; | 7567 ADD_FAILURE() << "Blocked RenderFrameHost shouldn't be loading anything"; |
| 7604 load_observer2.Wait(); | 7568 load_observer2.Wait(); |
| 7605 } | 7569 } |
| 7606 | 7570 |
| 7607 // The last successful url shouldn't be the blocked url. | 7571 // The blocked frame should stay at the old location. |
| 7608 EXPECT_EQ(old_subframe_url, | 7572 EXPECT_EQ(old_subframe_url, navigating_frame->current_url()); |
| 7609 navigating_frame->current_frame_host()->last_successful_url()); | |
| 7610 | 7573 |
| 7611 if (IsBrowserSideNavigationEnabled()) { | 7574 // The blocked frame should keep the old title. |
| 7612 // The blocked frame should go to an error page. Errors currently commit | 7575 std::string frame_title; |
| 7613 // with the URL of the blocked page. | 7576 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 7614 EXPECT_EQ(blocked_url, navigating_frame->current_url()); | 7577 navigating_frame, "domAutomationController.send(document.title)", |
| 7615 | 7578 &frame_title)); |
| 7616 // The page should get the title of an error page (i.e "") and not the | 7579 EXPECT_EQ("Title Of Awesomeness", frame_title); |
| 7617 // title of the blocked page. | |
| 7618 std::string frame_title; | |
| 7619 EXPECT_TRUE(ExecuteScriptAndExtractString( | |
| 7620 navigating_frame, "domAutomationController.send(document.title)", | |
| 7621 &frame_title)); | |
| 7622 EXPECT_EQ("", frame_title); | |
| 7623 } else { | |
| 7624 // The blocked frame should stay at the old location. | |
| 7625 EXPECT_EQ(old_subframe_url, navigating_frame->current_url()); | |
| 7626 | |
| 7627 // The blocked frame should keep the old title. | |
| 7628 std::string frame_title; | |
| 7629 EXPECT_TRUE(ExecuteScriptAndExtractString( | |
| 7630 navigating_frame, "domAutomationController.send(document.title)", | |
| 7631 &frame_title)); | |
| 7632 EXPECT_EQ("Title Of Awesomeness", frame_title); | |
| 7633 } | |
| 7634 | 7580 |
| 7635 // Navigate the subframe to a URL without CSP. | 7581 // Navigate the subframe to a URL without CSP. |
| 7636 NavigateFrameToURL(srcdoc_frame, | 7582 NavigateFrameToURL(srcdoc_frame, |
| 7637 embedded_test_server()->GetURL("a.com", "/title1.html")); | 7583 embedded_test_server()->GetURL("a.com", "/title1.html")); |
| 7638 | 7584 |
| 7639 // Verify that the frame's CSP got correctly reset to an empty set. | 7585 // Verify that the frame's CSP got correctly reset to an empty set. |
| 7640 EXPECT_EQ( | 7586 EXPECT_EQ( |
| 7641 0u, | 7587 0u, |
| 7642 srcdoc_frame->current_replication_state().accumulated_csp_headers.size()); | 7588 srcdoc_frame->current_replication_state().accumulated_csp_headers.size()); |
| 7643 } | 7589 } |
| (...skipping 2251 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 9895 | 9841 |
| 9896 // Try the same navigation, but use the browser-initiated path. | 9842 // Try the same navigation, but use the browser-initiated path. |
| 9897 NavigateFrameToURL(root->child_at(0), frame_url); | 9843 NavigateFrameToURL(root->child_at(0), frame_url); |
| 9898 EXPECT_FALSE(root->child_at(0)->render_manager()->pending_frame_host()); | 9844 EXPECT_FALSE(root->child_at(0)->render_manager()->pending_frame_host()); |
| 9899 EXPECT_EQ(root->child_at(0)->current_url(), redirected_url); | 9845 EXPECT_EQ(root->child_at(0)->current_url(), redirected_url); |
| 9900 EXPECT_EQ(b_site_instance, | 9846 EXPECT_EQ(b_site_instance, |
| 9901 root->child_at(0)->current_frame_host()->GetSiteInstance()); | 9847 root->child_at(0)->current_frame_host()->GetSiteInstance()); |
| 9902 } | 9848 } |
| 9903 | 9849 |
| 9904 } // namespace content | 9850 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2756913002:
Revert of PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
