OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/macros.h" | 5 #include "base/macros.h" |
6 #include "build/build_config.h" | 6 #include "build/build_config.h" |
7 #include "content/browser/frame_host/frame_tree.h" | 7 #include "content/browser/frame_host/frame_tree.h" |
8 #include "content/browser/frame_host/frame_tree_node.h" | 8 #include "content/browser/frame_host/frame_tree_node.h" |
9 #include "content/browser/renderer_host/render_view_host_impl.h" | 9 #include "content/browser/renderer_host/render_view_host_impl.h" |
10 #include "content/browser/web_contents/web_contents_impl.h" | 10 #include "content/browser/web_contents/web_contents_impl.h" |
(...skipping 690 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
701 // FrameTreeBrowserTest variant where we isolate http://*.is, Iceland's top | 701 // FrameTreeBrowserTest variant where we isolate http://*.is, Iceland's top |
702 // level domain. This is an analogue to isolating extensions, which we can use | 702 // level domain. This is an analogue to isolating extensions, which we can use |
703 // inside content_browsertests, where extensions don't exist. Iceland, like an | 703 // inside content_browsertests, where extensions don't exist. Iceland, like an |
704 // extension process, is a special place with magical powers; we want to protect | 704 // extension process, is a special place with magical powers; we want to protect |
705 // it from outsiders. | 705 // it from outsiders. |
706 class IsolateIcelandFrameTreeBrowserTest : public ContentBrowserTest { | 706 class IsolateIcelandFrameTreeBrowserTest : public ContentBrowserTest { |
707 public: | 707 public: |
708 IsolateIcelandFrameTreeBrowserTest() {} | 708 IsolateIcelandFrameTreeBrowserTest() {} |
709 | 709 |
710 void SetUpCommandLine(base::CommandLine* command_line) override { | 710 void SetUpCommandLine(base::CommandLine* command_line) override { |
711 // blink suppresses navigations to blob URLs of origins different from the | |
712 // frame initiating the navigation. We disable those checks for this test, t o | |
sadrul
2017/05/10 01:47:53
git cl format
| |
713 // test what happens in a compromise scenario. | |
714 command_line->AppendSwitch(switches::kDisableWebSecurity); | |
711 command_line->AppendSwitchASCII(switches::kIsolateSitesForTesting, "*.is"); | 715 command_line->AppendSwitchASCII(switches::kIsolateSitesForTesting, "*.is"); |
712 } | 716 } |
713 | 717 |
714 void SetUpOnMainThread() override { | 718 void SetUpOnMainThread() override { |
715 host_resolver()->AddRule("*", "127.0.0.1"); | 719 host_resolver()->AddRule("*", "127.0.0.1"); |
716 SetupCrossSiteRedirector(embedded_test_server()); | 720 SetupCrossSiteRedirector(embedded_test_server()); |
717 ASSERT_TRUE(embedded_test_server()->Start()); | 721 ASSERT_TRUE(embedded_test_server()->Start()); |
718 } | 722 } |
719 | 723 |
720 private: | 724 private: |
721 DISALLOW_COPY_AND_ASSIGN(IsolateIcelandFrameTreeBrowserTest); | 725 DISALLOW_COPY_AND_ASSIGN(IsolateIcelandFrameTreeBrowserTest); |
722 }; | 726 }; |
723 | 727 |
724 // Regression test for https://crbug.com/644966 | 728 // Regression test for https://crbug.com/644966 |
725 IN_PROC_BROWSER_TEST_F(IsolateIcelandFrameTreeBrowserTest, | 729 IN_PROC_BROWSER_TEST_F(IsolateIcelandFrameTreeBrowserTest, |
726 ProcessSwitchForIsolatedBlob) { | 730 ProcessSwitchForIsolatedBlob) { |
727 // blink suppresses navigations to blob URLs of origins different from the | |
728 // frame initiating the navigation. We disable those checks for this test, to | |
729 // test what happens in a compromise scenario. | |
730 base::CommandLine::ForCurrentProcess()->AppendSwitch( | |
731 switches::kDisableWebSecurity); | |
732 | |
733 // Set up an iframe. | 731 // Set up an iframe. |
734 WebContents* contents = shell()->web_contents(); | 732 WebContents* contents = shell()->web_contents(); |
735 FrameTreeNode* root = | 733 FrameTreeNode* root = |
736 static_cast<WebContentsImpl*>(contents)->GetFrameTree()->root(); | 734 static_cast<WebContentsImpl*>(contents)->GetFrameTree()->root(); |
737 GURL main_url(embedded_test_server()->GetURL( | 735 GURL main_url(embedded_test_server()->GetURL( |
738 "a.com", "/cross_site_iframe_factory.html?a(a)")); | 736 "a.com", "/cross_site_iframe_factory.html?a(a)")); |
739 EXPECT_TRUE(NavigateToURL(shell(), main_url)); | 737 EXPECT_TRUE(NavigateToURL(shell(), main_url)); |
740 | 738 |
741 // The navigation targets an invalid blob url; that's intentional to trigger | 739 // The navigation targets an invalid blob url; that's intentional to trigger |
742 // an error response. The response should commit in a process dedicated to | 740 // an error response. The response should commit in a process dedicated to |
(...skipping 12 matching lines...) Expand all Loading... | |
755 // Make sure we did a process transfer back to "b.is". | 753 // Make sure we did a process transfer back to "b.is". |
756 EXPECT_EQ( | 754 EXPECT_EQ( |
757 " Site A ------------ proxies for B\n" | 755 " Site A ------------ proxies for B\n" |
758 " +--Site B ------- proxies for A\n" | 756 " +--Site B ------- proxies for A\n" |
759 "Where A = http://a.com/\n" | 757 "Where A = http://a.com/\n" |
760 " B = http://b.is/", | 758 " B = http://b.is/", |
761 FrameTreeVisualizer().DepictFrameTree(root)); | 759 FrameTreeVisualizer().DepictFrameTree(root)); |
762 } | 760 } |
763 | 761 |
764 } // namespace content | 762 } // namespace content |
OLD | NEW |