OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/ContentSecurityPolicy.h" | 5 #include "core/frame/csp/ContentSecurityPolicy.h" |
6 | 6 |
7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
8 #include "core/frame/csp/CSPDirectiveList.h" | 8 #include "core/frame/csp/CSPDirectiveList.h" |
9 #include "core/html/HTMLScriptElement.h" | 9 #include "core/html/HTMLScriptElement.h" |
10 #include "core/loader/DocumentLoader.h" | 10 #include "core/loader/DocumentLoader.h" |
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
123 csp->didReceiveHeader("img-src http://example.com", | 123 csp->didReceiveHeader("img-src http://example.com", |
124 ContentSecurityPolicyHeaderTypeReport, | 124 ContentSecurityPolicyHeaderTypeReport, |
125 ContentSecurityPolicyHeaderSourceHTTP); | 125 ContentSecurityPolicyHeaderSourceHTTP); |
126 | 126 |
127 KURL exampleUrl(KURL(), "http://example.com"); | 127 KURL exampleUrl(KURL(), "http://example.com"); |
128 KURL notExampleUrl(KURL(), "http://not-example.com"); | 128 KURL notExampleUrl(KURL(), "http://not-example.com"); |
129 | 129 |
130 ContentSecurityPolicy* csp2 = ContentSecurityPolicy::create(); | 130 ContentSecurityPolicy* csp2 = ContentSecurityPolicy::create(); |
131 csp2->copyStateFrom(csp.get()); | 131 csp2->copyStateFrom(csp.get()); |
132 EXPECT_FALSE(csp2->allowScriptFromSource( | 132 EXPECT_FALSE(csp2->allowScriptFromSource( |
133 exampleUrl, String(), ParserInserted, | 133 exampleUrl, String(), IntegrityMetadataSet(), ParserInserted, |
134 ResourceRequest::RedirectStatus::NoRedirect, | 134 ResourceRequest::RedirectStatus::NoRedirect, |
135 SecurityViolationReportingPolicy::SuppressReporting)); | 135 SecurityViolationReportingPolicy::SuppressReporting)); |
136 EXPECT_TRUE(csp2->allowPluginType( | 136 EXPECT_TRUE(csp2->allowPluginType( |
137 "application/x-type-1", "application/x-type-1", exampleUrl, | 137 "application/x-type-1", "application/x-type-1", exampleUrl, |
138 SecurityViolationReportingPolicy::SuppressReporting)); | 138 SecurityViolationReportingPolicy::SuppressReporting)); |
139 EXPECT_TRUE(csp2->allowImageFromSource( | 139 EXPECT_TRUE(csp2->allowImageFromSource( |
140 exampleUrl, ResourceRequest::RedirectStatus::NoRedirect, | 140 exampleUrl, ResourceRequest::RedirectStatus::NoRedirect, |
141 SecurityViolationReportingPolicy::SuppressReporting)); | 141 SecurityViolationReportingPolicy::SuppressReporting)); |
142 EXPECT_FALSE(csp2->allowImageFromSource( | 142 EXPECT_FALSE(csp2->allowImageFromSource( |
143 notExampleUrl, ResourceRequest::RedirectStatus::NoRedirect, | 143 notExampleUrl, ResourceRequest::RedirectStatus::NoRedirect, |
(...skipping 10 matching lines...) Expand all Loading... |
154 csp->didReceiveHeader("img-src http://example.com", | 154 csp->didReceiveHeader("img-src http://example.com", |
155 ContentSecurityPolicyHeaderTypeEnforce, | 155 ContentSecurityPolicyHeaderTypeEnforce, |
156 ContentSecurityPolicyHeaderSourceHTTP); | 156 ContentSecurityPolicyHeaderSourceHTTP); |
157 | 157 |
158 KURL exampleUrl(KURL(), "http://example.com"); | 158 KURL exampleUrl(KURL(), "http://example.com"); |
159 KURL notExampleUrl(KURL(), "http://not-example.com"); | 159 KURL notExampleUrl(KURL(), "http://not-example.com"); |
160 | 160 |
161 ContentSecurityPolicy* csp2 = ContentSecurityPolicy::create(); | 161 ContentSecurityPolicy* csp2 = ContentSecurityPolicy::create(); |
162 csp2->copyPluginTypesFrom(csp.get()); | 162 csp2->copyPluginTypesFrom(csp.get()); |
163 EXPECT_TRUE(csp2->allowScriptFromSource( | 163 EXPECT_TRUE(csp2->allowScriptFromSource( |
164 exampleUrl, String(), ParserInserted, | 164 exampleUrl, String(), IntegrityMetadataSet(), ParserInserted, |
165 ResourceRequest::RedirectStatus::NoRedirect, | 165 ResourceRequest::RedirectStatus::NoRedirect, |
166 SecurityViolationReportingPolicy::SuppressReporting)); | 166 SecurityViolationReportingPolicy::SuppressReporting)); |
167 EXPECT_TRUE(csp2->allowPluginType( | 167 EXPECT_TRUE(csp2->allowPluginType( |
168 "application/x-type-1", "application/x-type-1", exampleUrl, | 168 "application/x-type-1", "application/x-type-1", exampleUrl, |
169 SecurityViolationReportingPolicy::SuppressReporting)); | 169 SecurityViolationReportingPolicy::SuppressReporting)); |
170 EXPECT_TRUE(csp2->allowImageFromSource( | 170 EXPECT_TRUE(csp2->allowImageFromSource( |
171 exampleUrl, ResourceRequest::RedirectStatus::NoRedirect, | 171 exampleUrl, ResourceRequest::RedirectStatus::NoRedirect, |
172 SecurityViolationReportingPolicy::SuppressReporting)); | 172 SecurityViolationReportingPolicy::SuppressReporting)); |
173 EXPECT_TRUE(csp2->allowImageFromSource( | 173 EXPECT_TRUE(csp2->allowImageFromSource( |
174 notExampleUrl, ResourceRequest::RedirectStatus::NoRedirect, | 174 notExampleUrl, ResourceRequest::RedirectStatus::NoRedirect, |
(...skipping 480 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
655 | 655 |
656 unsigned expectedReports = test.allowed ? 0u : 1u; | 656 unsigned expectedReports = test.allowed ? 0u : 1u; |
657 | 657 |
658 // Single enforce-mode policy should match `test.expected`: | 658 // Single enforce-mode policy should match `test.expected`: |
659 Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create(); | 659 Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create(); |
660 policy->bindToExecutionContext(document.get()); | 660 policy->bindToExecutionContext(document.get()); |
661 policy->didReceiveHeader(test.policy, | 661 policy->didReceiveHeader(test.policy, |
662 ContentSecurityPolicyHeaderTypeEnforce, | 662 ContentSecurityPolicyHeaderTypeEnforce, |
663 ContentSecurityPolicyHeaderSourceHTTP); | 663 ContentSecurityPolicyHeaderSourceHTTP); |
664 EXPECT_EQ(test.allowed, policy->allowScriptFromSource( | 664 EXPECT_EQ(test.allowed, policy->allowScriptFromSource( |
665 resource, String(test.nonce), ParserInserted)); | 665 resource, String(test.nonce), |
| 666 IntegrityMetadataSet(), ParserInserted)); |
666 // If this is expected to generate a violation, we should have sent a | 667 // If this is expected to generate a violation, we should have sent a |
667 // report. | 668 // report. |
668 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 669 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
669 | 670 |
670 // Single report-mode policy should always be `true`: | 671 // Single report-mode policy should always be `true`: |
671 policy = ContentSecurityPolicy::create(); | 672 policy = ContentSecurityPolicy::create(); |
672 policy->bindToExecutionContext(document.get()); | 673 policy->bindToExecutionContext(document.get()); |
673 policy->didReceiveHeader(test.policy, ContentSecurityPolicyHeaderTypeReport, | 674 policy->didReceiveHeader(test.policy, ContentSecurityPolicyHeaderTypeReport, |
674 ContentSecurityPolicyHeaderSourceHTTP); | 675 ContentSecurityPolicyHeaderSourceHTTP); |
675 EXPECT_TRUE(policy->allowScriptFromSource(resource, String(test.nonce), | 676 EXPECT_TRUE(policy->allowScriptFromSource( |
676 ParserInserted)); | 677 resource, String(test.nonce), IntegrityMetadataSet(), ParserInserted)); |
677 // If this is expected to generate a violation, we should have sent a | 678 // If this is expected to generate a violation, we should have sent a |
678 // report, even though we don't deny access in `allowScriptFromSource`: | 679 // report, even though we don't deny access in `allowScriptFromSource`: |
679 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 680 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
680 } | 681 } |
681 } | 682 } |
682 | 683 |
683 TEST_F(ContentSecurityPolicyTest, NonceInline) { | 684 TEST_F(ContentSecurityPolicyTest, NonceInline) { |
684 struct TestCase { | 685 struct TestCase { |
685 const char* policy; | 686 const char* policy; |
686 const char* nonce; | 687 const char* nonce; |
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
808 // Enforce / Report | 809 // Enforce / Report |
809 Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create(); | 810 Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create(); |
810 policy->bindToExecutionContext(document.get()); | 811 policy->bindToExecutionContext(document.get()); |
811 policy->didReceiveHeader(test.policy1, | 812 policy->didReceiveHeader(test.policy1, |
812 ContentSecurityPolicyHeaderTypeEnforce, | 813 ContentSecurityPolicyHeaderTypeEnforce, |
813 ContentSecurityPolicyHeaderSourceHTTP); | 814 ContentSecurityPolicyHeaderSourceHTTP); |
814 policy->didReceiveHeader(test.policy2, | 815 policy->didReceiveHeader(test.policy2, |
815 ContentSecurityPolicyHeaderTypeReport, | 816 ContentSecurityPolicyHeaderTypeReport, |
816 ContentSecurityPolicyHeaderSourceHTTP); | 817 ContentSecurityPolicyHeaderSourceHTTP); |
817 EXPECT_EQ(test.allowed1, policy->allowScriptFromSource( | 818 EXPECT_EQ(test.allowed1, policy->allowScriptFromSource( |
818 resource, String(test.nonce), ParserInserted)); | 819 resource, String(test.nonce), |
| 820 IntegrityMetadataSet(), ParserInserted)); |
819 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 821 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
820 | 822 |
821 // Report / Enforce | 823 // Report / Enforce |
822 policy = ContentSecurityPolicy::create(); | 824 policy = ContentSecurityPolicy::create(); |
823 policy->bindToExecutionContext(document.get()); | 825 policy->bindToExecutionContext(document.get()); |
824 policy->didReceiveHeader(test.policy1, | 826 policy->didReceiveHeader(test.policy1, |
825 ContentSecurityPolicyHeaderTypeReport, | 827 ContentSecurityPolicyHeaderTypeReport, |
826 ContentSecurityPolicyHeaderSourceHTTP); | 828 ContentSecurityPolicyHeaderSourceHTTP); |
827 policy->didReceiveHeader(test.policy2, | 829 policy->didReceiveHeader(test.policy2, |
828 ContentSecurityPolicyHeaderTypeEnforce, | 830 ContentSecurityPolicyHeaderTypeEnforce, |
829 ContentSecurityPolicyHeaderSourceHTTP); | 831 ContentSecurityPolicyHeaderSourceHTTP); |
830 EXPECT_EQ(test.allowed2, policy->allowScriptFromSource( | 832 EXPECT_EQ(test.allowed2, policy->allowScriptFromSource( |
831 resource, String(test.nonce), ParserInserted)); | 833 resource, String(test.nonce), |
| 834 IntegrityMetadataSet(), ParserInserted)); |
832 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 835 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
833 | 836 |
834 // Enforce / Enforce | 837 // Enforce / Enforce |
835 policy = ContentSecurityPolicy::create(); | 838 policy = ContentSecurityPolicy::create(); |
836 policy->bindToExecutionContext(document.get()); | 839 policy->bindToExecutionContext(document.get()); |
837 policy->didReceiveHeader(test.policy1, | 840 policy->didReceiveHeader(test.policy1, |
838 ContentSecurityPolicyHeaderTypeEnforce, | 841 ContentSecurityPolicyHeaderTypeEnforce, |
839 ContentSecurityPolicyHeaderSourceHTTP); | 842 ContentSecurityPolicyHeaderSourceHTTP); |
840 policy->didReceiveHeader(test.policy2, | 843 policy->didReceiveHeader(test.policy2, |
841 ContentSecurityPolicyHeaderTypeEnforce, | 844 ContentSecurityPolicyHeaderTypeEnforce, |
842 ContentSecurityPolicyHeaderSourceHTTP); | 845 ContentSecurityPolicyHeaderSourceHTTP); |
843 EXPECT_EQ(test.allowed1 && test.allowed2, | 846 EXPECT_EQ( |
844 policy->allowScriptFromSource(resource, String(test.nonce), | 847 test.allowed1 && test.allowed2, |
845 ParserInserted)); | 848 policy->allowScriptFromSource(resource, String(test.nonce), |
| 849 IntegrityMetadataSet(), ParserInserted)); |
846 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 850 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
847 | 851 |
848 // Report / Report | 852 // Report / Report |
849 policy = ContentSecurityPolicy::create(); | 853 policy = ContentSecurityPolicy::create(); |
850 policy->bindToExecutionContext(document.get()); | 854 policy->bindToExecutionContext(document.get()); |
851 policy->didReceiveHeader(test.policy1, | 855 policy->didReceiveHeader(test.policy1, |
852 ContentSecurityPolicyHeaderTypeReport, | 856 ContentSecurityPolicyHeaderTypeReport, |
853 ContentSecurityPolicyHeaderSourceHTTP); | 857 ContentSecurityPolicyHeaderSourceHTTP); |
854 policy->didReceiveHeader(test.policy2, | 858 policy->didReceiveHeader(test.policy2, |
855 ContentSecurityPolicyHeaderTypeReport, | 859 ContentSecurityPolicyHeaderTypeReport, |
856 ContentSecurityPolicyHeaderSourceHTTP); | 860 ContentSecurityPolicyHeaderSourceHTTP); |
857 EXPECT_TRUE(policy->allowScriptFromSource(resource, String(test.nonce), | 861 EXPECT_TRUE(policy->allowScriptFromSource( |
858 ParserInserted)); | 862 resource, String(test.nonce), IntegrityMetadataSet(), ParserInserted)); |
859 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); | 863 EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size()); |
860 } | 864 } |
861 } | 865 } |
862 | 866 |
863 TEST_F(ContentSecurityPolicyTest, ShouldEnforceEmbeddersPolicy) { | 867 TEST_F(ContentSecurityPolicyTest, ShouldEnforceEmbeddersPolicy) { |
864 struct TestCase { | 868 struct TestCase { |
865 const char* resourceURL; | 869 const char* resourceURL; |
866 const bool inherits; | 870 const bool inherits; |
867 } cases[] = { | 871 } cases[] = { |
868 // Same-origin | 872 // Same-origin |
(...skipping 243 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1112 String(), IntegrityMetadataSet(), | 1116 String(), IntegrityMetadataSet(), |
1113 ParserInserted, | 1117 ParserInserted, |
1114 ResourceRequest::RedirectStatus::NoRedirect, | 1118 ResourceRequest::RedirectStatus::NoRedirect, |
1115 SecurityViolationReportingPolicy::SuppressReport
ing)); | 1119 SecurityViolationReportingPolicy::SuppressReport
ing)); |
1116 | 1120 |
1117 SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy( | 1121 SchemeRegistry::removeURLSchemeRegisteredAsBypassingContentSecurityPolicy( |
1118 "https"); | 1122 "https"); |
1119 } | 1123 } |
1120 | 1124 |
1121 } // namespace blink | 1125 } // namespace blink |
OLD | NEW |