| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stddef.h> | 5 #include <stddef.h> |
| 6 #include <stdint.h> | 6 #include <stdint.h> |
| 7 | 7 |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <set> | 9 #include <set> |
| 10 | 10 |
| (...skipping 3148 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3159 root->child_at(0)->child_at(0)->child_at(0)->child_at(0); | 3159 root->child_at(0)->child_at(0)->child_at(0)->child_at(0); |
| 3160 EXPECT_TRUE(bottom_child->current_url().is_empty()); | 3160 EXPECT_TRUE(bottom_child->current_url().is_empty()); |
| 3161 EXPECT_FALSE(bottom_child->has_committed_real_load()); | 3161 EXPECT_FALSE(bottom_child->has_committed_real_load()); |
| 3162 } | 3162 } |
| 3163 | 3163 |
| 3164 // Ensures that nested subframes with the same URL but different fragments can | 3164 // Ensures that nested subframes with the same URL but different fragments can |
| 3165 // only be nested once. See https://crbug.com/650332. | 3165 // only be nested once. See https://crbug.com/650332. |
| 3166 IN_PROC_BROWSER_TEST_F(RenderFrameHostManagerTest, | 3166 IN_PROC_BROWSER_TEST_F(RenderFrameHostManagerTest, |
| 3167 SelfReferencingFragmentFrames) { | 3167 SelfReferencingFragmentFrames) { |
| 3168 StartEmbeddedServer(); | 3168 StartEmbeddedServer(); |
| 3169 GURL url( | 3169 GURL url(embedded_test_server()->GetURL("a.com", "/title1.html#123")); |
| 3170 embedded_test_server()->GetURL("a.com", "/page_with_iframe.html#123")); | |
| 3171 EXPECT_TRUE(NavigateToURL(shell(), url)); | 3170 EXPECT_TRUE(NavigateToURL(shell(), url)); |
| 3172 | 3171 |
| 3173 WebContentsImpl* web_contents = | 3172 WebContentsImpl* web_contents = |
| 3174 static_cast<WebContentsImpl*>(shell()->web_contents()); | 3173 static_cast<WebContentsImpl*>(shell()->web_contents()); |
| 3175 | 3174 |
| 3176 FrameTreeNode* root = web_contents->GetFrameTree()->root(); | 3175 FrameTreeNode* root = web_contents->GetFrameTree()->root(); |
| 3176 |
| 3177 GURL url2(url.spec() + "456"); |
| 3178 const char kSetupIframe[] = |
| 3179 "var f = document.createElement('iframe');" |
| 3180 "f.src = '%s';" |
| 3181 "document.body.appendChild(f);"; |
| 3182 { |
| 3183 TestNavigationManager manager(web_contents, url2); |
| 3184 std::string script = base::StringPrintf(kSetupIframe, url2.spec().c_str()); |
| 3185 EXPECT_TRUE(ExecuteScript(root, script)); |
| 3186 manager.WaitForNavigationFinished(); |
| 3187 } |
| 3188 |
| 3177 FrameTreeNode* child = root->child_at(0); | 3189 FrameTreeNode* child = root->child_at(0); |
| 3178 | 3190 EXPECT_TRUE(WaitForLoadStop(web_contents)); |
| 3179 // ExecuteScript is used here and once more below because it is important to | 3191 EXPECT_EQ(url2, child->current_url()); |
| 3180 // use renderer-initiated navigations since browser-initiated navigations are | |
| 3181 // bypassed in the self-referencing navigation check. | |
| 3182 TestFrameNavigationObserver observer1(child); | |
| 3183 EXPECT_TRUE( | |
| 3184 ExecuteScript(child, "location.href = '" + url.spec() + "456" + "';")); | |
| 3185 observer1.Wait(); | |
| 3186 | |
| 3187 FrameTreeNode* grandchild = child->child_at(0); | |
| 3188 GURL expected_url(embedded_test_server()->GetURL("a.com", "/title1.html")); | |
| 3189 EXPECT_EQ(expected_url, grandchild->current_url()); | |
| 3190 | 3192 |
| 3191 // This navigation should be blocked. | 3193 // This navigation should be blocked. |
| 3192 GURL blocked_url(embedded_test_server()->GetURL( | 3194 GURL url3(url2.spec() + "789"); |
| 3193 "a.com", "/page_with_iframe.html#123456789")); | 3195 { |
| 3194 TestNavigationManager manager(web_contents, blocked_url); | 3196 TestNavigationManager manager(web_contents, url3); |
| 3195 EXPECT_TRUE(ExecuteScript(grandchild, | 3197 std::string script = base::StringPrintf(kSetupIframe, url3.spec().c_str()); |
| 3196 "location.href = '" + blocked_url.spec() + "';")); | 3198 EXPECT_TRUE(ExecuteScript(child, script)); |
| 3197 // Wait for WillStartRequest and verify that the request is aborted before | 3199 |
| 3198 // starting it. | 3200 // Wait for WillStartRequest and verify that the request is aborted before |
| 3199 EXPECT_FALSE(manager.WaitForRequestStart()); | 3201 // starting it. |
| 3200 WaitForLoadStop(web_contents); | 3202 EXPECT_FALSE(manager.WaitForRequestStart()); |
| 3203 WaitForLoadStop(web_contents); |
| 3204 } |
| 3201 | 3205 |
| 3202 // The FrameTree contains two successful instances of the url plus an | 3206 // The FrameTree contains two successful instances of the url plus an |
| 3203 // unsuccessfully-navigated third instance with a blank URL. | 3207 // unsuccessfully-navigated third instance with a blank URL. |
| 3204 EXPECT_EQ( | 3208 EXPECT_EQ( |
| 3205 " Site A\n" | 3209 " Site A\n" |
| 3206 " +--Site A\n" | 3210 " +--Site A\n" |
| 3207 " +--Site A\n" | 3211 " +--Site A\n" |
| 3208 "Where A = http://a.com/", | 3212 "Where A = http://a.com/", |
| 3209 FrameTreeVisualizer().DepictFrameTree(root)); | 3213 FrameTreeVisualizer().DepictFrameTree(root)); |
| 3210 | 3214 |
| 3211 // The URL of the grandchild has not changed. | 3215 EXPECT_EQ(GURL(), child->child_at(0)->current_url()); |
| 3212 EXPECT_EQ(expected_url, grandchild->current_url()); | 3216 EXPECT_FALSE(child->child_at(0)->has_committed_real_load()); |
| 3213 } | 3217 } |
| 3214 | 3218 |
| 3215 // Ensure that loading a page with a meta refresh iframe does not cause an | 3219 // Ensure that loading a page with a meta refresh iframe does not cause an |
| 3216 // infinite number of nested iframes to be created. This test loads a page with | 3220 // infinite number of nested iframes to be created. This test loads a page with |
| 3217 // an about:blank iframe where the page injects html containing a meta refresh | 3221 // an about:blank iframe where the page injects html containing a meta refresh |
| 3218 // into the iframe. This test then checks that this does not cause infinite | 3222 // into the iframe. This test then checks that this does not cause infinite |
| 3219 // nested iframes to be created. See https://crbug.com/527367. | 3223 // nested iframes to be created. See https://crbug.com/527367. |
| 3220 IN_PROC_BROWSER_TEST_F(RenderFrameHostManagerTest, | 3224 IN_PROC_BROWSER_TEST_F(RenderFrameHostManagerTest, |
| 3221 SelfReferencingMetaRefreshFrames) { | 3225 SelfReferencingMetaRefreshFrames) { |
| 3222 // Load a page with a blank iframe. | 3226 // Load a page with a blank iframe. |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3273 // This navigation shouldn't be blocked. Blocking should only occur when more | 3277 // This navigation shouldn't be blocked. Blocking should only occur when more |
| 3274 // than one ancestor has the same URL (excluding fragments), and the | 3278 // than one ancestor has the same URL (excluding fragments), and the |
| 3275 // navigating frame's current URL shouldn't count toward that. | 3279 // navigating frame's current URL shouldn't count toward that. |
| 3276 EXPECT_TRUE( | 3280 EXPECT_TRUE( |
| 3277 ExecuteScript(child, "location.href = '" + first_url.spec() + "';")); | 3281 ExecuteScript(child, "location.href = '" + first_url.spec() + "';")); |
| 3278 observer2.Wait(); | 3282 observer2.Wait(); |
| 3279 | 3283 |
| 3280 EXPECT_EQ(child->current_url(), first_url); | 3284 EXPECT_EQ(child->current_url(), first_url); |
| 3281 } | 3285 } |
| 3282 | 3286 |
| 3287 // Ensures that POST requests bypass self-referential URL checks. See |
| 3288 // https://crbug.com/710008. |
| 3289 IN_PROC_BROWSER_TEST_F(RenderFrameHostManagerTest, |
| 3290 SelfReferencingFramesWithPOST) { |
| 3291 StartEmbeddedServer(); |
| 3292 GURL url(embedded_test_server()->GetURL("a.com", "/page_with_iframe.html")); |
| 3293 EXPECT_TRUE(NavigateToURL(shell(), url)); |
| 3294 |
| 3295 WebContentsImpl* web_contents = |
| 3296 static_cast<WebContentsImpl*>(shell()->web_contents()); |
| 3297 |
| 3298 FrameTreeNode* root = web_contents->GetFrameTree()->root(); |
| 3299 FrameTreeNode* child = root->child_at(0); |
| 3300 |
| 3301 GURL child_url(embedded_test_server()->GetURL("a.com", "/title1.html")); |
| 3302 EXPECT_EQ(url, root->current_url()); |
| 3303 EXPECT_EQ(child_url, child->current_url()); |
| 3304 |
| 3305 // Navigate the child frame to the same URL as parent via POST. |
| 3306 std::string script = |
| 3307 "var f = document.createElement('form');\n" |
| 3308 "f.method = 'POST';\n" |
| 3309 "f.action = '/page_with_iframe.html';\n" |
| 3310 "document.body.appendChild(f);\n" |
| 3311 "f.submit();"; |
| 3312 { |
| 3313 TestFrameNavigationObserver observer(child); |
| 3314 EXPECT_TRUE(ExecuteScript(child, script)); |
| 3315 observer.Wait(); |
| 3316 } |
| 3317 |
| 3318 FrameTreeNode* grandchild = child->child_at(0); |
| 3319 EXPECT_EQ(url, child->current_url()); |
| 3320 EXPECT_EQ(child_url, grandchild->current_url()); |
| 3321 |
| 3322 // Now navigate the grandchild to the same URL as its two ancestors. This |
| 3323 // should be allowed since it uses POST; it was blocked prior to |
| 3324 // fixing https://crbug.com/710008. |
| 3325 { |
| 3326 TestFrameNavigationObserver observer(grandchild); |
| 3327 EXPECT_TRUE(ExecuteScript(grandchild, script)); |
| 3328 observer.Wait(); |
| 3329 } |
| 3330 |
| 3331 EXPECT_EQ(url, grandchild->current_url()); |
| 3332 ASSERT_EQ(1U, grandchild->child_count()); |
| 3333 EXPECT_EQ(child_url, grandchild->child_at(0)->current_url()); |
| 3334 } |
| 3335 |
| 3283 } // namespace content | 3336 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2815413002:
Relax self-referential frame checks for non-initial navigations. (Closed)
