Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Google Inc. All rights reserved. | 2 * Copyright (C) 2011 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 29 */ | 29 */ |
| 30 | 30 |
| 31 #include "public/web/WebFrameSerializer.h" | 31 #include "public/web/WebFrameSerializer.h" |
| 32 | 32 |
| 33 #include "platform/mhtml/MHTMLArchive.h" | |
| 34 #include "platform/mhtml/MHTMLParser.h" | |
| 33 #include "platform/testing/URLTestHelpers.h" | 35 #include "platform/testing/URLTestHelpers.h" |
| 34 #include "platform/testing/UnitTestHelpers.h" | 36 #include "platform/testing/UnitTestHelpers.h" |
| 35 #include "platform/weborigin/KURL.h" | 37 #include "platform/weborigin/KURL.h" |
| 36 #include "platform/wtf/text/StringBuilder.h" | 38 #include "platform/wtf/text/StringBuilder.h" |
| 37 #include "public/platform/Platform.h" | 39 #include "public/platform/Platform.h" |
| 38 #include "public/platform/WebCString.h" | 40 #include "public/platform/WebCString.h" |
| 39 #include "public/platform/WebCache.h" | 41 #include "public/platform/WebCache.h" |
| 40 #include "public/platform/WebString.h" | 42 #include "public/platform/WebString.h" |
| 41 #include "public/platform/WebURL.h" | 43 #include "public/platform/WebURL.h" |
| 42 #include "public/platform/WebURLLoaderMockFactory.h" | 44 #include "public/platform/WebURLLoaderMockFactory.h" |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 205 EXPECT_EQ(expected_html, actual_html); | 207 EXPECT_EQ(expected_html, actual_html); |
| 206 } | 208 } |
| 207 | 209 |
| 208 TEST_F(WebFrameSerializerTest, FromUrlWithMinusMinus) { | 210 TEST_F(WebFrameSerializerTest, FromUrlWithMinusMinus) { |
| 209 String actual_html = | 211 String actual_html = |
| 210 SerializeFile("http://www.test.com?--x--", "text_only_page.html"); | 212 SerializeFile("http://www.test.com?--x--", "text_only_page.html"); |
| 211 EXPECT_EQ("<!-- saved from url=(0030)http://www.test.com/?-%2Dx-%2D -->", | 213 EXPECT_EQ("<!-- saved from url=(0030)http://www.test.com/?-%2Dx-%2D -->", |
| 212 actual_html.Substring(1, 60)); | 214 actual_html.Substring(1, 60)); |
| 213 } | 215 } |
| 214 | 216 |
| 215 class WebFrameSerializerSanitizationTest : public WebFrameSerializerTest { | 217 class WebFrameSerializerSanitizationTest : public WebFrameSerializerTest { |
|
jianli
2017/04/26 00:54:45
I think we'd better move this class out of this fi
carlosk
2017/04/26 01:07:50
Acknowledged. I will follow up with that.
| |
| 216 protected: | 218 protected: |
| 217 WebFrameSerializerSanitizationTest() {} | 219 WebFrameSerializerSanitizationTest() {} |
| 218 | 220 |
| 219 ~WebFrameSerializerSanitizationTest() override {} | 221 ~WebFrameSerializerSanitizationTest() override {} |
| 220 | 222 |
| 221 String GenerateMHTMLParts(const String& url, | 223 String GenerateMHTML(const String& url, |
| 222 const String& file_name, | 224 const String& file_name, |
| 223 const String& mime_type = "text/html") { | 225 const String& mime_type = "text/html", |
| 226 const bool only_body_parts = false) { | |
| 224 KURL parsed_url(kParsedURLString, url); | 227 KURL parsed_url(kParsedURLString, url); |
| 225 String file_path("frameserialization/" + file_name); | 228 String file_path("frameserialization/" + file_name); |
| 226 RegisterMockedFileURLLoad(parsed_url, file_path, mime_type); | 229 RegisterMockedFileURLLoad(parsed_url, file_path, mime_type); |
| 227 FrameTestHelpers::LoadFrame(MainFrameImpl(), url.Utf8().data()); | 230 FrameTestHelpers::LoadFrame(MainFrameImpl(), url.Utf8().data()); |
| 228 WebThreadSafeData result = WebFrameSerializer::GenerateMHTMLParts( | 231 // Boundaries are normally randomly generated but this one is predefined for |
| 229 WebString("boundary"), MainFrameImpl(), &mhtml_delegate_); | 232 // simplicity and as good as any other. Plus it gets used in almost all the |
| 230 return String(result.Data(), result.size()); | 233 // examples in the MHTML spec - RFC 2557. |
| 234 const WebString boundary("boundary-example"); | |
| 235 StringBuilder mhtml; | |
| 236 if (!only_body_parts) { | |
| 237 WebThreadSafeData header_result = WebFrameSerializer::GenerateMHTMLHeader( | |
| 238 boundary, MainFrameImpl(), &mhtml_delegate_); | |
| 239 mhtml.Append(header_result.Data(), header_result.size()); | |
| 240 } | |
| 241 WebThreadSafeData body_result = WebFrameSerializer::GenerateMHTMLParts( | |
| 242 boundary, MainFrameImpl(), &mhtml_delegate_); | |
| 243 mhtml.Append(body_result.Data(), body_result.size()); | |
| 244 if (!only_body_parts) { | |
| 245 RefPtr<RawData> footer_data = RawData::Create(); | |
| 246 MHTMLArchive::GenerateMHTMLFooterForTesting(boundary, | |
| 247 *footer_data->MutableData()); | |
| 248 mhtml.Append(footer_data->data(), footer_data->length()); | |
| 249 } | |
| 250 String mhtml_string = mhtml.ToString(); | |
| 251 | |
| 252 if (!only_body_parts) { | |
| 253 // Validate the generated MHTML. | |
| 254 MHTMLParser parser(SharedBuffer::Create(mhtml_string.Characters8(), | |
| 255 size_t(mhtml_string.length()))); | |
| 256 if (parser.ParseArchive().IsEmpty()) { | |
|
jianli
2017/04/26 00:54:45
Do we have plan to validate the number of resource
carlosk
2017/04/26 01:07:51
For MHTML well-formed-ness checks -- which is the
| |
| 257 ADD_FAILURE() << "Invalid MHTML"; | |
| 258 mhtml_string = String(); | |
| 259 } | |
| 260 } | |
| 261 return mhtml_string; | |
| 231 } | 262 } |
| 232 | 263 |
| 233 void SetRemovePopupOverlay(bool remove_popup_overlay) { | 264 void SetRemovePopupOverlay(bool remove_popup_overlay) { |
| 234 mhtml_delegate_.SetRemovePopupOverlay(remove_popup_overlay); | 265 mhtml_delegate_.SetRemovePopupOverlay(remove_popup_overlay); |
| 235 } | 266 } |
| 236 | 267 |
| 237 private: | 268 private: |
| 238 SimpleMHTMLPartsGenerationDelegate mhtml_delegate_; | 269 SimpleMHTMLPartsGenerationDelegate mhtml_delegate_; |
| 239 }; | 270 }; |
| 240 | 271 |
| 241 TEST_F(WebFrameSerializerSanitizationTest, RemoveInlineScriptInAttributes) { | 272 TEST_F(WebFrameSerializerSanitizationTest, RemoveInlineScriptInAttributes) { |
| 242 String mhtml = | 273 String mhtml = |
| 243 GenerateMHTMLParts("http://www.test.com", "script_in_attributes.html"); | 274 GenerateMHTML("http://www.test.com", "script_in_attributes.html"); |
| 275 ASSERT_FALSE(HasFailure()); | |
| 244 | 276 |
| 245 // These scripting attributes should be removed. | 277 // These scripting attributes should be removed. |
| 246 EXPECT_EQ(WTF::kNotFound, mhtml.Find("onload=")); | 278 EXPECT_EQ(WTF::kNotFound, mhtml.Find("onload=")); |
| 247 EXPECT_EQ(WTF::kNotFound, mhtml.Find("ONLOAD=")); | 279 EXPECT_EQ(WTF::kNotFound, mhtml.Find("ONLOAD=")); |
| 248 EXPECT_EQ(WTF::kNotFound, mhtml.Find("onclick=")); | 280 EXPECT_EQ(WTF::kNotFound, mhtml.Find("onclick=")); |
| 249 EXPECT_EQ(WTF::kNotFound, mhtml.Find("href=")); | 281 EXPECT_EQ(WTF::kNotFound, mhtml.Find("href=")); |
| 250 EXPECT_EQ(WTF::kNotFound, mhtml.Find("from=")); | 282 EXPECT_EQ(WTF::kNotFound, mhtml.Find("from=")); |
| 251 EXPECT_EQ(WTF::kNotFound, mhtml.Find("to=")); | 283 EXPECT_EQ(WTF::kNotFound, mhtml.Find("to=")); |
| 252 EXPECT_EQ(WTF::kNotFound, mhtml.Find("javascript:")); | 284 EXPECT_EQ(WTF::kNotFound, mhtml.Find("javascript:")); |
| 253 | 285 |
| 254 // These non-scripting attributes should remain intact. | 286 // These non-scripting attributes should remain intact. |
| 255 EXPECT_NE(WTF::kNotFound, mhtml.Find("class=")); | 287 EXPECT_NE(WTF::kNotFound, mhtml.Find("class=")); |
| 256 EXPECT_NE(WTF::kNotFound, mhtml.Find("id=")); | 288 EXPECT_NE(WTF::kNotFound, mhtml.Find("id=")); |
| 257 | 289 |
| 258 // srcdoc attribute of frame element should be replaced with src attribute. | 290 // srcdoc attribute of frame element should be replaced with src attribute. |
| 259 EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcdoc=")); | 291 EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcdoc=")); |
| 260 EXPECT_NE(WTF::kNotFound, mhtml.Find("src=")); | 292 EXPECT_NE(WTF::kNotFound, mhtml.Find("src=")); |
| 261 } | 293 } |
| 262 | 294 |
| 263 TEST_F(WebFrameSerializerSanitizationTest, DisableFormElements) { | 295 TEST_F(WebFrameSerializerSanitizationTest, DisableFormElements) { |
| 264 String mhtml = GenerateMHTMLParts("http://www.test.com", "form.html"); | 296 String mhtml = GenerateMHTML("http://www.test.com", "form.html"); |
| 297 ASSERT_FALSE(HasFailure()); | |
| 265 | 298 |
| 266 const char kDisabledAttr[] = "disabled=3D\"\""; | 299 const char kDisabledAttr[] = "disabled=3D\"\""; |
| 267 int matches = | 300 int matches = |
| 268 MatchSubstring(mhtml, kDisabledAttr, arraysize(kDisabledAttr) - 1); | 301 MatchSubstring(mhtml, kDisabledAttr, arraysize(kDisabledAttr) - 1); |
| 269 EXPECT_EQ(21, matches); | 302 EXPECT_EQ(21, matches); |
| 270 } | 303 } |
| 271 | 304 |
| 272 TEST_F(WebFrameSerializerSanitizationTest, RemoveHiddenElements) { | 305 TEST_F(WebFrameSerializerSanitizationTest, RemoveHiddenElements) { |
| 273 String mhtml = | 306 String mhtml = GenerateMHTML("http://www.test.com", "hidden_elements.html"); |
| 274 GenerateMHTMLParts("http://www.test.com", "hidden_elements.html"); | 307 ASSERT_FALSE(HasFailure()); |
| 275 | 308 |
| 276 // The element with hidden attribute should be removed. | 309 // The element with hidden attribute should be removed. |
| 277 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<p id=3D\"hidden_id\"")); | 310 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<p id=3D\"hidden_id\"")); |
| 278 | 311 |
| 279 // The hidden form element should be removed. | 312 // The hidden form element should be removed. |
| 280 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<input type=3D\"hidden\"")); | 313 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<input type=3D\"hidden\"")); |
| 281 | 314 |
| 282 // All other hidden elements should not be removed. | 315 // All other hidden elements should not be removed. |
| 283 EXPECT_NE(WTF::kNotFound, mhtml.Find("<html")); | 316 EXPECT_NE(WTF::kNotFound, mhtml.Find("<html")); |
| 284 EXPECT_NE(WTF::kNotFound, mhtml.Find("<head")); | 317 EXPECT_NE(WTF::kNotFound, mhtml.Find("<head")); |
| (...skipping 13 matching lines...) Expand all Loading... | |
| 298 // These visible elements should remain intact. | 331 // These visible elements should remain intact. |
| 299 EXPECT_NE(WTF::kNotFound, mhtml.Find("<p id=3D\"visible_id\"")); | 332 EXPECT_NE(WTF::kNotFound, mhtml.Find("<p id=3D\"visible_id\"")); |
| 300 EXPECT_NE(WTF::kNotFound, mhtml.Find("<form")); | 333 EXPECT_NE(WTF::kNotFound, mhtml.Find("<form")); |
| 301 EXPECT_NE(WTF::kNotFound, mhtml.Find("<input type=3D\"text\"")); | 334 EXPECT_NE(WTF::kNotFound, mhtml.Find("<input type=3D\"text\"")); |
| 302 EXPECT_NE(WTF::kNotFound, mhtml.Find("<div")); | 335 EXPECT_NE(WTF::kNotFound, mhtml.Find("<div")); |
| 303 } | 336 } |
| 304 | 337 |
| 305 // Regression test for crbug.com/678893, where in some cases serializing an | 338 // Regression test for crbug.com/678893, where in some cases serializing an |
| 306 // image document could cause code to pick an element from an empty container. | 339 // image document could cause code to pick an element from an empty container. |
| 307 TEST_F(WebFrameSerializerSanitizationTest, FromBrokenImageDocument) { | 340 TEST_F(WebFrameSerializerSanitizationTest, FromBrokenImageDocument) { |
| 308 String mhtml = GenerateMHTMLParts("http://www.test.com", "broken-image.png", | 341 // For this specific test we only care that the result of the body parts |
| 309 "image/png"); | 342 // generation is empty so it is simpler to check it by only generating that |
| 343 // part of the MHTML output by setting |only_body_parts| to true. | |
| 344 String mhtml = GenerateMHTML("http://www.test.com", "broken-image.png", | |
| 345 "image/png", true); | |
|
jianli
2017/04/26 00:54:45
I don't think you need to pass another parameter s
carlosk
2017/04/26 01:07:50
I would prefer to keep it explicit because handlin
jianli
2017/04/26 01:12:27
I prefer not to adding too many arguments to compl
carlosk
2017/04/28 01:16:19
Changing the returned contents solely based on mim
| |
| 346 ASSERT_FALSE(HasFailure()); | |
| 310 EXPECT_TRUE(mhtml.IsEmpty()); | 347 EXPECT_TRUE(mhtml.IsEmpty()); |
| 311 } | 348 } |
| 312 | 349 |
| 313 TEST_F(WebFrameSerializerSanitizationTest, ImageLoadedFromSrcsetForHiDPI) { | 350 TEST_F(WebFrameSerializerSanitizationTest, ImageLoadedFromSrcsetForHiDPI) { |
| 314 RegisterMockedFileURLLoad( | 351 RegisterMockedFileURLLoad( |
| 315 KURL(kParsedURLString, "http://www.test.com/1x.png"), | 352 KURL(kParsedURLString, "http://www.test.com/1x.png"), |
| 316 "frameserialization/1x.png"); | 353 "frameserialization/1x.png"); |
| 317 RegisterMockedFileURLLoad( | 354 RegisterMockedFileURLLoad( |
| 318 KURL(kParsedURLString, "http://www.test.com/2x.png"), | 355 KURL(kParsedURLString, "http://www.test.com/2x.png"), |
| 319 "frameserialization/2x.png"); | 356 "frameserialization/2x.png"); |
| 320 | 357 |
| 321 // Set high DPR in order to load image from srcset, instead of src. | 358 // Set high DPR in order to load image from srcset, instead of src. |
| 322 WebView()->SetDeviceScaleFactor(2.0f); | 359 WebView()->SetDeviceScaleFactor(2.0f); |
| 323 | 360 |
| 324 String mhtml = GenerateMHTMLParts("http://www.test.com", "img_srcset.html"); | 361 String mhtml = GenerateMHTML("http://www.test.com", "img_srcset.html"); |
| 362 ASSERT_FALSE(HasFailure()); | |
| 325 | 363 |
| 326 // srcset attribute should be skipped. | 364 // srcset attribute should be skipped. |
| 327 EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcset=")); | 365 EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcset=")); |
| 328 | 366 |
| 329 // Width and height attributes should be set when none is present in <img>. | 367 // Width and height attributes should be set when none is present in <img>. |
| 330 EXPECT_NE(WTF::kNotFound, | 368 EXPECT_NE(WTF::kNotFound, |
| 331 mhtml.Find("id=3D\"i1\" width=3D\"6\" height=3D\"6\">")); | 369 mhtml.Find("id=3D\"i1\" width=3D\"6\" height=3D\"6\">")); |
| 332 | 370 |
| 333 // Height attribute should not be set if width attribute is already present in | 371 // Height attribute should not be set if width attribute is already present in |
| 334 // <img> | 372 // <img> |
| 335 EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i2\" width=3D\"8\">")); | 373 EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i2\" width=3D\"8\">")); |
| 336 } | 374 } |
| 337 | 375 |
| 338 TEST_F(WebFrameSerializerSanitizationTest, ImageLoadedFromSrcForNormalDPI) { | 376 TEST_F(WebFrameSerializerSanitizationTest, ImageLoadedFromSrcForNormalDPI) { |
| 339 RegisterMockedFileURLLoad( | 377 RegisterMockedFileURLLoad( |
| 340 KURL(kParsedURLString, "http://www.test.com/1x.png"), | 378 KURL(kParsedURLString, "http://www.test.com/1x.png"), |
| 341 "frameserialization/1x.png"); | 379 "frameserialization/1x.png"); |
| 342 RegisterMockedFileURLLoad( | 380 RegisterMockedFileURLLoad( |
| 343 KURL(kParsedURLString, "http://www.test.com/2x.png"), | 381 KURL(kParsedURLString, "http://www.test.com/2x.png"), |
| 344 "frameserialization/2x.png"); | 382 "frameserialization/2x.png"); |
| 345 | 383 |
| 346 String mhtml = GenerateMHTMLParts("http://www.test.com", "img_srcset.html"); | 384 String mhtml = GenerateMHTML("http://www.test.com", "img_srcset.html"); |
| 385 ASSERT_FALSE(HasFailure()); | |
| 347 | 386 |
| 348 // srcset attribute should be skipped. | 387 // srcset attribute should be skipped. |
| 349 EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcset=")); | 388 EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcset=")); |
| 350 | 389 |
| 351 // New width and height attributes should not be set. | 390 // New width and height attributes should not be set. |
| 352 EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i1\">")); | 391 EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i1\">")); |
| 353 EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i2\" width=3D\"8\">")); | 392 EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i2\" width=3D\"8\">")); |
| 354 } | 393 } |
| 355 | 394 |
| 356 TEST_F(WebFrameSerializerSanitizationTest, RemovePopupOverlayIfRequested) { | 395 TEST_F(WebFrameSerializerSanitizationTest, RemovePopupOverlayIfRequested) { |
| 357 WebView()->Resize(WebSize(500, 500)); | 396 WebView()->Resize(WebSize(500, 500)); |
| 358 SetRemovePopupOverlay(true); | 397 SetRemovePopupOverlay(true); |
| 359 String mhtml = GenerateMHTMLParts("http://www.test.com", "popup.html"); | 398 String mhtml = GenerateMHTML("http://www.test.com", "popup.html"); |
| 399 ASSERT_FALSE(HasFailure()); | |
| 360 EXPECT_EQ(WTF::kNotFound, mhtml.Find("class=3D\"overlay")); | 400 EXPECT_EQ(WTF::kNotFound, mhtml.Find("class=3D\"overlay")); |
| 361 EXPECT_EQ(WTF::kNotFound, mhtml.Find("class=3D\"modal")); | 401 EXPECT_EQ(WTF::kNotFound, mhtml.Find("class=3D\"modal")); |
| 362 } | 402 } |
| 363 | 403 |
| 364 TEST_F(WebFrameSerializerSanitizationTest, KeepPopupOverlayIfNotRequested) { | 404 TEST_F(WebFrameSerializerSanitizationTest, KeepPopupOverlayIfNotRequested) { |
| 365 WebView()->Resize(WebSize(500, 500)); | 405 WebView()->Resize(WebSize(500, 500)); |
| 366 SetRemovePopupOverlay(false); | 406 SetRemovePopupOverlay(false); |
| 367 String mhtml = GenerateMHTMLParts("http://www.test.com", "popup.html"); | 407 String mhtml = GenerateMHTML("http://www.test.com", "popup.html"); |
| 408 ASSERT_FALSE(HasFailure()); | |
| 368 EXPECT_NE(WTF::kNotFound, mhtml.Find("class=3D\"overlay")); | 409 EXPECT_NE(WTF::kNotFound, mhtml.Find("class=3D\"overlay")); |
| 369 EXPECT_NE(WTF::kNotFound, mhtml.Find("class=3D\"modal")); | 410 EXPECT_NE(WTF::kNotFound, mhtml.Find("class=3D\"modal")); |
| 370 } | 411 } |
| 371 | 412 |
| 372 TEST_F(WebFrameSerializerSanitizationTest, RemoveElements) { | 413 TEST_F(WebFrameSerializerSanitizationTest, RemoveElements) { |
| 373 String mhtml = | 414 String mhtml = GenerateMHTML("http://www.test.com", "remove_elements.html"); |
| 374 GenerateMHTMLParts("http://www.test.com", "remove_elements.html"); | 415 ASSERT_FALSE(HasFailure()); |
| 375 LOG(ERROR) << mhtml; | |
| 376 | 416 |
| 377 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<script")); | 417 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<script")); |
| 378 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<noscript")); | 418 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<noscript")); |
| 379 | 419 |
| 380 // Only the meta element containing "Content-Security-Policy" is removed. | 420 // Only the meta element containing "Content-Security-Policy" is removed. |
| 381 // Other meta elements should be preserved. | 421 // Other meta elements should be preserved. |
| 382 EXPECT_EQ(WTF::kNotFound, | 422 EXPECT_EQ(WTF::kNotFound, |
| 383 mhtml.Find("<meta http-equiv=3D\"Content-Security-Policy")); | 423 mhtml.Find("<meta http-equiv=3D\"Content-Security-Policy")); |
| 384 EXPECT_NE(WTF::kNotFound, mhtml.Find("<meta name=3D\"description")); | 424 EXPECT_NE(WTF::kNotFound, mhtml.Find("<meta name=3D\"description")); |
| 385 EXPECT_NE(WTF::kNotFound, mhtml.Find("<meta http-equiv=3D\"refresh")); | 425 EXPECT_NE(WTF::kNotFound, mhtml.Find("<meta http-equiv=3D\"refresh")); |
| 386 | 426 |
| 387 // If an element is removed, its children should also be skipped. | 427 // If an element is removed, its children should also be skipped. |
| 388 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<select")); | 428 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<select")); |
| 389 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<option")); | 429 EXPECT_EQ(WTF::kNotFound, mhtml.Find("<option")); |
| 390 } | 430 } |
| 391 | 431 |
| 392 } // namespace blink | 432 } // namespace blink |
| OLD | NEW |