| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #import <EarlGrey/EarlGrey.h> | 5 #import <EarlGrey/EarlGrey.h> |
| 6 #import <XCTest/XCTest.h> | 6 #import <XCTest/XCTest.h> |
| 7 | 7 |
| 8 #include "base/ios/ios_util.h" | 8 #include "base/ios/ios_util.h" |
| 9 #include "components/strings/grit/components_strings.h" | 9 #include "components/strings/grit/components_strings.h" |
| 10 #import "ios/chrome/browser/ui/commands/generic_chrome_command.h" | 10 #import "ios/chrome/browser/ui/commands/generic_chrome_command.h" |
| (...skipping 322 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 333 [[EarlGrey selectElementWithMatcher:chrome_test_util::Omnibox()] | 333 [[EarlGrey selectElementWithMatcher:chrome_test_util::Omnibox()] |
| 334 assertWithMatcher:chrome_test_util::OmniboxText("")]; | 334 assertWithMatcher:chrome_test_util::OmniboxText("")]; |
| 335 } | 335 } |
| 336 | 336 |
| 337 // Types JavaScript into Omnibox and verify that an alert is displayed. | 337 // Types JavaScript into Omnibox and verify that an alert is displayed. |
| 338 - (void)testTypeJavaScriptIntoOmnibox { | 338 - (void)testTypeJavaScriptIntoOmnibox { |
| 339 // TODO(crbug.com/642544): Enable the test for iPad when typing bug is fixed. | 339 // TODO(crbug.com/642544): Enable the test for iPad when typing bug is fixed. |
| 340 if (IsIPadIdiom() && base::ios::IsRunningOnIOS10OrLater()) { | 340 if (IsIPadIdiom() && base::ios::IsRunningOnIOS10OrLater()) { |
| 341 EARL_GREY_TEST_DISABLED(@"Disabled for iOS10 iPad due to a typing bug."); | 341 EARL_GREY_TEST_DISABLED(@"Disabled for iOS10 iPad due to a typing bug."); |
| 342 } | 342 } |
| 343 [ChromeEarlGrey loadURL:GURL("chrome://version")]; | 343 |
| 344 std::map<GURL, std::string> responses; |
| 345 GURL URL = web::test::HttpServer::MakeUrl("http://foo"); |
| 346 responses[URL] = "bar"; |
| 347 web::test::SetUpSimpleHttpServer(responses); |
| 348 [ChromeEarlGrey loadURL:GURL(URL)]; |
| 349 |
| 344 [[EarlGrey selectElementWithMatcher:chrome_test_util::Omnibox()] | 350 [[EarlGrey selectElementWithMatcher:chrome_test_util::Omnibox()] |
| 345 performAction:grey_typeText(@"javascript:alert('Hello');")]; | 351 performAction:grey_typeText(@"javascript:alert('Hello');")]; |
| 346 | 352 |
| 347 [[EarlGrey selectElementWithMatcher:grey_accessibilityID(@"Go")] | 353 [[EarlGrey selectElementWithMatcher:grey_accessibilityID(@"Go")] |
| 348 performAction:grey_tap()]; | 354 performAction:grey_tap()]; |
| 349 | 355 |
| 350 [[EarlGrey selectElementWithMatcher:grey_accessibilityLabel(@"Hello")] | 356 [[EarlGrey selectElementWithMatcher:grey_accessibilityLabel(@"Hello")] |
| 351 assertWithMatcher:grey_notNil()]; | 357 assertWithMatcher:grey_notNil()]; |
| 352 } | 358 } |
| 353 | 359 |
| 360 // Loads WebUI page, types JavaScript into Omnibox and verifies that alert is |
| 361 // not displayed. WebUI pages have elevated privileges and should not allow |
| 362 // script execution. |
| 363 - (void)testTypeJavaScriptIntoOmniboxWithWebUIPage { |
| 364 // TODO(crbug.com/642544): Enable the test for iPad when typing bug is fixed. |
| 365 if (IsIPadIdiom() && base::ios::IsRunningOnIOS10OrLater()) { |
| 366 EARL_GREY_TEST_DISABLED(@"Disabled for iOS10 iPad due to a typing bug."); |
| 367 } |
| 368 [ChromeEarlGrey loadURL:GURL("chrome://version")]; |
| 369 [[EarlGrey selectElementWithMatcher:chrome_test_util::Omnibox()] |
| 370 performAction:grey_typeText(@"javascript:alert('Hello');")]; |
| 371 |
| 372 [[EarlGrey selectElementWithMatcher:grey_accessibilityID(@"Go")] |
| 373 performAction:grey_tap()]; |
| 374 |
| 375 [[EarlGrey selectElementWithMatcher:grey_accessibilityLabel(@"Hello")] |
| 376 assertWithMatcher:grey_nil()]; |
| 377 } |
| 378 |
| 354 // Tests typing in the omnibox. | 379 // Tests typing in the omnibox. |
| 355 - (void)testToolbarOmniboxTyping { | 380 - (void)testToolbarOmniboxTyping { |
| 356 // TODO(crbug.com/642559): Enable this test for iPad when typing bug is fixed. | 381 // TODO(crbug.com/642559): Enable this test for iPad when typing bug is fixed. |
| 357 if (IsIPadIdiom()) { | 382 if (IsIPadIdiom()) { |
| 358 EARL_GREY_TEST_DISABLED(@"Disabled for iPad due to a simulator bug."); | 383 EARL_GREY_TEST_DISABLED(@"Disabled for iPad due to a simulator bug."); |
| 359 } | 384 } |
| 360 SelectNewTabPagePanel(NewTabPage::kMostVisitedPanel); | 385 SelectNewTabPagePanel(NewTabPage::kMostVisitedPanel); |
| 361 | 386 |
| 362 id<GREYMatcher> locationbarButton = grey_allOf( | 387 id<GREYMatcher> locationbarButton = grey_allOf( |
| 363 grey_accessibilityLabel(l10n_util::GetNSString(IDS_OMNIBOX_EMPTY_HINT)), | 388 grey_accessibilityLabel(l10n_util::GetNSString(IDS_OMNIBOX_EMPTY_HINT)), |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 442 NSString* clearText = IsIPadIdiom() ? typingShield : cancelButtonText; | 467 NSString* clearText = IsIPadIdiom() ? typingShield : cancelButtonText; |
| 443 | 468 |
| 444 [[EarlGrey selectElementWithMatcher:grey_accessibilityLabel(clearText)] | 469 [[EarlGrey selectElementWithMatcher:grey_accessibilityLabel(clearText)] |
| 445 performAction:grey_tap()]; | 470 performAction:grey_tap()]; |
| 446 [[EarlGrey selectElementWithMatcher:chrome_test_util::Omnibox()] | 471 [[EarlGrey selectElementWithMatcher:chrome_test_util::Omnibox()] |
| 447 assertWithMatcher:chrome_test_util::OmniboxText("")]; | 472 assertWithMatcher:chrome_test_util::OmniboxText("")]; |
| 448 | 473 |
| 449 SelectNewTabPagePanel(NewTabPage::kMostVisitedPanel); | 474 SelectNewTabPagePanel(NewTabPage::kMostVisitedPanel); |
| 450 } | 475 } |
| 451 @end | 476 @end |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2761173002:
Disallow JS execution on WebUI pages. (Closed)
