Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1886)

Unified Diff: content/browser/site_per_process_browsertest.cc

Issue 2797813002: Replicate feature policy container policies. (Closed)
Patch Set: Addressing review comments Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/browser/site_per_process_browsertest.cc
diff --git a/content/browser/site_per_process_browsertest.cc b/content/browser/site_per_process_browsertest.cc
index cb7a479d278c1781ffa6b7d373b786eb0e27a4cf..372a996ddada5fd957315f854e1b40ab1bf5e7bc 100644
--- a/content/browser/site_per_process_browsertest.cc
+++ b/content/browser/site_per_process_browsertest.cc
@@ -740,12 +740,6 @@ class SitePerProcessFeaturePolicyBrowserTest
}
};
-bool operator==(const ParsedFeaturePolicyDeclaration& first,
- const ParsedFeaturePolicyDeclaration& second) {
- return std::tie(first.feature, first.matches_all_origins, first.origins) ==
- std::tie(second.feature, second.matches_all_origins, second.origins);
-}
-
IN_PROC_BROWSER_TEST_F(SitePerProcessHighDPIBrowserTest,
SubframeLoadsWithCorrectDeviceScaleFactor) {
GURL main_url(embedded_test_server()->GetURL(
@@ -9511,6 +9505,84 @@ IN_PROC_BROWSER_TEST_F(SitePerProcessFeaturePolicyBrowserTest,
blink::WebFeaturePolicyFeature::kVibrate);
}
+// Test iframe container policy is replicated properly to the browser.
+IN_PROC_BROWSER_TEST_F(SitePerProcessFeaturePolicyBrowserTest,
+ ContainerPolicy) {
+ GURL url(embedded_test_server()->GetURL("/allowed_frames.html"));
+ EXPECT_TRUE(NavigateToURL(shell(), url));
+
+ FrameTreeNode* root = web_contents()->GetFrameTree()->root();
+
+ EXPECT_EQ(0UL, root->effective_container_policy().size());
+ EXPECT_EQ(0UL, root->child_at(0)->effective_container_policy().size());
+ EXPECT_EQ(0UL, root->child_at(1)->effective_container_policy().size());
+ EXPECT_EQ(2UL, root->child_at(2)->effective_container_policy().size());
+ EXPECT_EQ(2UL, root->child_at(3)->effective_container_policy().size());
+}
+
+// Test dynamic updates to iframe "allow" attribute are propagated correctly.
+IN_PROC_BROWSER_TEST_F(SitePerProcessFeaturePolicyBrowserTest,
+ ContainerPolicyDynamic) {
+ GURL main_url(embedded_test_server()->GetURL("/allowed_frames.html"));
+ GURL nav_url(
+ embedded_test_server()->GetURL("b.com", "/feature-policy2.html"));
+ EXPECT_TRUE(NavigateToURL(shell(), main_url));
+
+ FrameTreeNode* root = web_contents()->GetFrameTree()->root();
+
+ EXPECT_EQ(2UL, root->child_at(2)->effective_container_policy().size());
+
+ // Removing the "allow" attribute; pending policy should update, but effective
+ // policy remains unchanged.
+ EXPECT_TRUE(ExecuteScript(
+ root, "document.getElementById('child-2').setAttribute('allow','')"));
+ EXPECT_EQ(2UL, root->child_at(2)->effective_container_policy().size());
+ EXPECT_EQ(0UL, root->child_at(2)->pending_container_policy_.size());
+
+ // Navigate the frame; pending policy should be committed.
+ NavigateFrameToURL(root->child_at(2), nav_url);
+ EXPECT_EQ(0UL, root->child_at(2)->effective_container_policy().size());
+}
+
+// Test that dynamic updates to iframe sandbox attribute correctly set the
+// replicated container policy.
+IN_PROC_BROWSER_TEST_F(SitePerProcessFeaturePolicyBrowserTest,
+ ContainerPolicySandboxDynamic) {
+ GURL main_url(embedded_test_server()->GetURL("/allowed_frames.html"));
+ GURL nav_url(
+ embedded_test_server()->GetURL("b.com", "/feature-policy2.html"));
+ EXPECT_TRUE(NavigateToURL(shell(), main_url));
+
+ FrameTreeNode* root = web_contents()->GetFrameTree()->root();
+
+ // Validate that the effective container policy contains a single non-unique
+ // origin.
+ const ParsedFeaturePolicyHeader initial_effective_policy =
+ root->child_at(2)->effective_container_policy();
+ EXPECT_EQ(1UL, initial_effective_policy[0].origins.size());
+ EXPECT_FALSE(initial_effective_policy[0].origins[0].unique());
+
+ // Set the "sandbox" attribute; pending policy should update, and should now
+ // contain a unique origin, but effective policy should remain unchanged.
+ EXPECT_TRUE(ExecuteScript(
+ root, "document.getElementById('child-2').setAttribute('sandbox','')"));
+ const ParsedFeaturePolicyHeader updated_effective_policy =
+ root->child_at(2)->effective_container_policy();
+ const ParsedFeaturePolicyHeader updated_pending_policy =
+ root->child_at(2)->pending_container_policy_;
+ EXPECT_EQ(1UL, updated_effective_policy[0].origins.size());
+ EXPECT_FALSE(updated_effective_policy[0].origins[0].unique());
+ EXPECT_EQ(1UL, updated_pending_policy[0].origins.size());
+ EXPECT_TRUE(updated_pending_policy[0].origins[0].unique());
+
+ // Navigate the frame; pending policy should now be committed.
+ NavigateFrameToURL(root->child_at(2), nav_url);
+ const ParsedFeaturePolicyHeader final_effective_policy =
+ root->child_at(2)->effective_container_policy();
+ EXPECT_EQ(1UL, final_effective_policy[0].origins.size());
+ EXPECT_TRUE(final_effective_policy[0].origins[0].unique());
+}
+
// Test harness that allows for "barrier" style delaying of requests matching
// certain paths. Call SetDelayedRequestsForPath to delay requests, then
// SetUpEmbeddedTestServer to register handlers and start the server.
« no previous file with comments | « content/browser/frame_host/render_frame_message_filter.cc ('k') | content/browser/web_contents/web_contents_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698