Chromium Code Reviews Chromium Code Reviews
Issue 2797813002:
Replicate feature policy container policies. (Closed)
| Index: third_party/WebKit/Source/core/html/HTMLIFrameElementTest.cpp |
| diff --git a/third_party/WebKit/Source/core/html/HTMLIFrameElementTest.cpp b/third_party/WebKit/Source/core/html/HTMLIFrameElementTest.cpp |
| index 2df838ca7e857bb3c30a276aee042b220dfd6e83..88717bb3d742b5165dd6447ac290d016ab0f51b7 100644 |
| --- a/third_party/WebKit/Source/core/html/HTMLIFrameElementTest.cpp |
| +++ b/third_party/WebKit/Source/core/html/HTMLIFrameElementTest.cpp |
| @@ -29,4 +29,253 @@ TEST(HTMLIFrameElementTest, SetAllowAttributeJS) { |
| EXPECT_EQ("fullscreen", iframe->getAttribute(HTMLNames::allowAttr)); |
| } |
| +// Test that the correct origin is used when constructing the container policy, |
| +// and that frames which should inherit their parent document's origin do so. |
| +TEST(HTMLIFrameElementTest, FramesUseCorrectOrigin) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::srcAttr, "about:blank"); |
| + RefPtr<SecurityOrigin> effective_origin = |
| + frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_TRUE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| + |
| + frame_element->setAttribute(HTMLNames::srcAttr, |
| + "data:text/html;base64,PHRpdGxlPkFCQzwvdGl0bGU+"); |
| + effective_origin = frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_FALSE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| + EXPECT_TRUE(effective_origin->IsUnique()); |
| + |
| + frame_element->setAttribute(HTMLNames::srcAttr, "http://example.net/"); |
| + effective_origin = frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_FALSE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| + EXPECT_FALSE(effective_origin->IsUnique()); |
| +} |
| + |
| +// Test that a unique origin is used when constructing the container policy in a |
| +// sandboxed iframe. |
| +TEST(HTMLIFrameElementTest, SandboxFramesUseCorrectOrigin) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::sandboxAttr, ""); |
| + frame_element->setAttribute(HTMLNames::srcAttr, "http://example.com/"); |
| + RefPtr<SecurityOrigin> effective_origin = |
| + frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_FALSE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| + EXPECT_TRUE(effective_origin->IsUnique()); |
| + |
| + frame_element->setAttribute(HTMLNames::srcAttr, "http://example.net/"); |
| + effective_origin = frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_FALSE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| + EXPECT_TRUE(effective_origin->IsUnique()); |
| +} |
| + |
| +// Test that a sandboxed iframe with the allow-same-origin sandbox flag uses the |
| +// parent document's origin for the container policy. |
| +TEST(HTMLIFrameElementTest, SameOriginSandboxFramesUseCorrectOrigin) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::sandboxAttr, "allow-same-origin"); |
| + frame_element->setAttribute(HTMLNames::srcAttr, "http://example.com/"); |
| + RefPtr<SecurityOrigin> effective_origin = |
| + frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_TRUE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| + EXPECT_FALSE(effective_origin->IsUnique()); |
| +} |
| + |
| +// Test that the parent document's origin is used when constructing the |
| +// container policy in a srcdoc iframe. |
| +TEST(HTMLIFrameElementTest, SrcdocFramesUseCorrectOrigin) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::srcdocAttr, "<title>title</title>"); |
| + RefPtr<SecurityOrigin> effective_origin = |
| + frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_TRUE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| +} |
| + |
| +// Test that a unique origin is used when constructing the container policy in a |
| +// sandboxed iframe with a srcdoc. |
| +TEST(HTMLIFrameElementTest, SandboxedSrcdocFramesUseCorrectOrigin) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::sandboxAttr, ""); |
| + frame_element->setAttribute(HTMLNames::srcdocAttr, "<title>title</title>"); |
| + RefPtr<SecurityOrigin> effective_origin = |
| + frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_FALSE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| + EXPECT_TRUE(effective_origin->IsUnique()); |
| +} |
| + |
| +// Test that a iframes with relative src urls correctly construct their origin |
|
alexmos
2017/04/14 23:42:45
nit: remove "a" before iframes
iclelland
2017/04/15 03:36:06
Done.
|
| +// relative to the parent document. |
| +TEST(HTMLIFrameElementTest, RelativeURLsUseCorrectOrigin) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + // Host-relative URLs should resolve to the same domain as the parent. |
| + frame_element->setAttribute(HTMLNames::srcAttr, "index2.html"); |
| + RefPtr<SecurityOrigin> effective_origin = |
| + frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_TRUE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| + |
| + // Scheme-relative URLs should not resolve to the same domain as the parent. |
| + frame_element->setAttribute(HTMLNames::srcAttr, "//example.net/index2.html"); |
| + effective_origin = frame_element->GetOriginForFeaturePolicy(); |
| + EXPECT_FALSE( |
| + effective_origin->IsSameSchemeHostPort(document->GetSecurityOrigin())); |
| +} |
| + |
| +// Test that various iframe attribute configurations result in the correct |
| +// container policies. |
| + |
| +// Test that the correct container policy is constructed on an iframe element. |
| +TEST(HTMLIFrameElementTest, DefaultContainerPolicy) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::srcAttr, "http://example.net/"); |
| + frame_element->UpdateContainerPolicyForTests(); |
| + |
| + const WebParsedFeaturePolicy& container_policy = |
| + frame_element->ContainerPolicy(); |
| + EXPECT_EQ(container_policy.size(), 0UL); |
|
alexmos
2017/04/14 23:42:45
nit: reverse order
(should be (expected, actual) -
iclelland
2017/04/15 03:36:06
Thanks, all fixed now.
|
| +} |
| + |
| +// Test that the allow attribute results in a container policy which is |
| +// restricted to the domain in the src attribute. |
| +TEST(HTMLIFrameElementTest, AllowAttributeContainerPolicy) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::srcAttr, "http://example.net/"); |
| + frame_element->setAttribute(HTMLNames::allowAttr, "fullscreen"); |
| + frame_element->UpdateContainerPolicyForTests(); |
| + |
| + const WebParsedFeaturePolicy& container_policy1 = |
| + frame_element->ContainerPolicy(); |
| + |
| + EXPECT_EQ(container_policy1.size(), 1UL); |
| + EXPECT_EQ(container_policy1[0].feature, WebFeaturePolicyFeature::kFullscreen); |
| + EXPECT_FALSE(container_policy1[0].matches_all_origins); |
| + EXPECT_EQ(container_policy1[0].origins.size(), 1UL); |
| + EXPECT_EQ(container_policy1[0].origins[0].ToString(), "http://example.net"); |
| + |
| + frame_element->setAttribute(HTMLNames::allowAttr, "payment fullscreen"); |
| + frame_element->UpdateContainerPolicyForTests(); |
| + |
| + const WebParsedFeaturePolicy& container_policy2 = |
| + frame_element->ContainerPolicy(); |
| + EXPECT_EQ(container_policy2.size(), 2UL); |
| + EXPECT_TRUE( |
| + container_policy2[0].feature == WebFeaturePolicyFeature::kFullscreen || |
| + container_policy2[1].feature == WebFeaturePolicyFeature::kFullscreen); |
| + EXPECT_TRUE( |
| + container_policy2[0].feature == WebFeaturePolicyFeature::kPayment || |
| + container_policy2[1].feature == WebFeaturePolicyFeature::kPayment); |
| + EXPECT_FALSE(container_policy2[0].matches_all_origins); |
| + EXPECT_EQ(container_policy2[0].origins.size(), 1UL); |
| + EXPECT_EQ(container_policy2[0].origins[0].ToString(), "http://example.net"); |
| + EXPECT_FALSE(container_policy2[1].matches_all_origins); |
| + EXPECT_EQ(container_policy2[1].origins.size(), 1UL); |
| + EXPECT_EQ(container_policy2[1].origins[0].ToString(), "http://example.net"); |
| +} |
| + |
| +// Test that the allow attribute on a sandboxed frame results in a container |
| +// policy which is restricted to a unique origin. |
| +TEST(HTMLIFrameElementTest, SandboxAttributeContainerPolicy) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::srcAttr, "http://example.net/"); |
| + frame_element->setAttribute(HTMLNames::allowAttr, "fullscreen"); |
| + frame_element->setAttribute(HTMLNames::sandboxAttr, ""); |
| + frame_element->UpdateContainerPolicyForTests(); |
| + |
| + const WebParsedFeaturePolicy& container_policy1 = |
|
alexmos
2017/04/14 23:42:45
nit: can probably drop the "1" here, also below
iclelland
2017/04/15 03:36:06
Definitely, thanks. Done. (And below)
|
| + frame_element->ContainerPolicy(); |
| + |
| + EXPECT_EQ(container_policy1.size(), 1UL); |
| + EXPECT_EQ(container_policy1[0].feature, WebFeaturePolicyFeature::kFullscreen); |
| + EXPECT_FALSE(container_policy1[0].matches_all_origins); |
| + EXPECT_EQ(container_policy1[0].origins.size(), 1UL); |
| + EXPECT_TRUE(container_policy1[0].origins[0].IsUnique()); |
| +} |
| + |
| +// Test that the allow attribute on a sandboxed frame with the allow-same-origin |
| +// flag results in a container policy which is restricted to the origin of the |
| +// containing document. |
| +TEST(HTMLIFrameElementTest, SameOriginSandboxAttributeContainerPolicy) { |
| + Document* document = Document::Create(); |
| + KURL document_url = KURL(KURL(), "http://example.com"); |
| + document->SetURL(document_url); |
| + document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| + |
| + HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| + |
| + frame_element->setAttribute(HTMLNames::srcAttr, "http://example.net/"); |
| + frame_element->setAttribute(HTMLNames::allowAttr, "fullscreen"); |
| + frame_element->setAttribute(HTMLNames::sandboxAttr, "allow-same-origin"); |
| + frame_element->UpdateContainerPolicyForTests(); |
| + |
| + const WebParsedFeaturePolicy& container_policy1 = |
| + frame_element->ContainerPolicy(); |
| + |
| + EXPECT_EQ(container_policy1.size(), 1UL); |
| + EXPECT_EQ(container_policy1[0].feature, WebFeaturePolicyFeature::kFullscreen); |
| + EXPECT_FALSE(container_policy1[0].matches_all_origins); |
| + EXPECT_EQ(container_policy1[0].origins.size(), 1UL); |
| + EXPECT_FALSE(container_policy1[0].origins[0].IsUnique()); |
| + EXPECT_EQ(container_policy1[0].origins[0].ToString(), "http://example.net"); |
| +} |
| + |
| } // namespace blink |
