| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <set> |
| 6 |
| 5 #include "content/common/content_security_policy/csp_context.h" | 7 #include "content/common/content_security_policy/csp_context.h" |
| 6 #include "content/common/content_security_policy_header.h" | 8 #include "content/common/content_security_policy_header.h" |
| 7 #include "content/common/navigation_params.h" | 9 #include "content/common/navigation_params.h" |
| 8 #include "testing/gtest/include/gtest/gtest.h" | 10 #include "testing/gtest/include/gtest/gtest.h" |
| 9 | 11 |
| 10 namespace content { | 12 namespace content { |
| 11 | 13 |
| 12 namespace { | 14 namespace { |
| 13 | 15 |
| 14 class CSPContextTest : public CSPContext { | 16 class CSPContextTest : public CSPContext { |
| 15 public: | 17 public: |
| 16 const std::string& LastConsoleMessage() { return console_message_; } | 18 const CSPViolationParams& LastViolation() { return last_violation_; } |
| 17 | 19 |
| 18 void AddSchemeToBypassCSP(const std::string& scheme) { | 20 void AddSchemeToBypassCSP(const std::string& scheme) { |
| 19 scheme_to_bypass_.push_back(scheme); | 21 scheme_to_bypass_.insert(scheme); |
| 20 } | 22 } |
| 21 | 23 |
| 22 bool SchemeShouldBypassCSP(const base::StringPiece& scheme) override { | 24 bool SchemeShouldBypassCSP(const base::StringPiece& scheme) override { |
| 23 return std::find(scheme_to_bypass_.begin(), scheme_to_bypass_.end(), | 25 return scheme_to_bypass_.count(scheme.as_string()); |
| 24 scheme) != scheme_to_bypass_.end(); | 26 } |
| 27 |
| 28 void AddOriginUnsafeToUseInCspViolation(const url::Origin& origin) { |
| 29 origins_unsafe_to_use_in_csp_violation_.insert(origin); |
| 30 } |
| 31 |
| 32 bool ShouldProtectDataInCspViolation( |
| 33 const url::Origin& origin) const override { |
| 34 return origins_unsafe_to_use_in_csp_violation_.count(origin); |
| 25 } | 35 } |
| 26 | 36 |
| 27 private: | 37 private: |
| 28 void ReportContentSecurityPolicyViolation( | 38 void ReportContentSecurityPolicyViolation( |
| 29 const CSPViolationParams& violation_params) override { | 39 const CSPViolationParams& violation_params) override { |
| 30 console_message_ = violation_params.console_message; | 40 last_violation_ = violation_params; |
| 31 } | 41 } |
| 32 std::string console_message_; | 42 CSPViolationParams last_violation_; |
| 33 std::vector<std::string> scheme_to_bypass_; | 43 SourceLocation source_location_; |
| 44 std::set<std::string> scheme_to_bypass_; |
| 45 std::set<url::Origin> origins_unsafe_to_use_in_csp_violation_; |
| 34 }; | 46 }; |
| 35 | 47 |
| 36 // Build a new policy made of only one directive and no report endpoints. | 48 // Build a new policy made of only one directive and no report endpoints. |
| 37 ContentSecurityPolicy BuildPolicy(CSPDirective::Name directive_name, | 49 ContentSecurityPolicy BuildPolicy(CSPDirective::Name directive_name, |
| 38 std::vector<CSPSource> sources) { | 50 std::vector<CSPSource> sources) { |
| 39 return ContentSecurityPolicy( | 51 return ContentSecurityPolicy( |
| 40 ContentSecurityPolicyHeader(std::string(), // header | 52 ContentSecurityPolicyHeader(std::string(), // header |
| 41 blink::kWebContentSecurityPolicyTypeEnforce, | 53 blink::kWebContentSecurityPolicyTypeEnforce, |
| 42 blink::kWebContentSecurityPolicySourceHTTP), | 54 blink::kWebContentSecurityPolicySourceHTTP), |
| 43 {CSPDirective(directive_name, CSPSourceList(false, false, sources))}, | 55 {CSPDirective(directive_name, CSPSourceList(false, false, sources))}, |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 79 EXPECT_TRUE(context.IsAllowedByCsp( | 91 EXPECT_TRUE(context.IsAllowedByCsp( |
| 80 CSPDirective::FrameSrc, GURL("http://a.com"), false, SourceLocation())); | 92 CSPDirective::FrameSrc, GURL("http://a.com"), false, SourceLocation())); |
| 81 EXPECT_FALSE(context.IsAllowedByCsp( | 93 EXPECT_FALSE(context.IsAllowedByCsp( |
| 82 CSPDirective::FrameSrc, GURL("http://b.com"), false, SourceLocation())); | 94 CSPDirective::FrameSrc, GURL("http://b.com"), false, SourceLocation())); |
| 83 EXPECT_FALSE(context.IsAllowedByCsp( | 95 EXPECT_FALSE(context.IsAllowedByCsp( |
| 84 CSPDirective::FrameSrc, GURL("http://c.com"), false, SourceLocation())); | 96 CSPDirective::FrameSrc, GURL("http://c.com"), false, SourceLocation())); |
| 85 EXPECT_FALSE(context.IsAllowedByCsp( | 97 EXPECT_FALSE(context.IsAllowedByCsp( |
| 86 CSPDirective::FrameSrc, GURL("http://d.com"), false, SourceLocation())); | 98 CSPDirective::FrameSrc, GURL("http://d.com"), false, SourceLocation())); |
| 87 } | 99 } |
| 88 | 100 |
| 101 TEST(CSPContextTest, ShouldProtectDataInCspViolation) { |
| 102 CSPContextTest context; |
| 103 context.SetSelf(url::Origin(GURL("http://a.com"))); |
| 104 |
| 105 // Content-Security-Policy: frame-src "a.com/iframe" |
| 106 context.AddContentSecurityPolicy( |
| 107 BuildPolicy(CSPDirective::FrameSrc, |
| 108 {CSPSource("", "a.com", false, url::PORT_UNSPECIFIED, false, |
| 109 "/iframe")})); |
| 110 |
| 111 GURL blocked_url("http://a.com/login?password=1234"); |
| 112 SourceLocation source_location("http://a.com/login", 10u, 20u); |
| 113 |
| 114 // When the |blocked_url| and |source_location| aren't sensitive information. |
| 115 { |
| 116 EXPECT_FALSE(context.IsAllowedByCsp(CSPDirective::FrameSrc, blocked_url, |
| 117 false, source_location)); |
| 118 EXPECT_EQ(context.LastViolation().blocked_url, blocked_url); |
| 119 EXPECT_EQ(context.LastViolation().source_location.url, |
| 120 "http://a.com/login"); |
| 121 EXPECT_EQ(context.LastViolation().source_location.line_number, 10u); |
| 122 EXPECT_EQ(context.LastViolation().source_location.column_number, 20u); |
| 123 EXPECT_EQ(context.LastViolation().console_message, |
| 124 "Refused to frame 'http://a.com/login?password=1234' because it " |
| 125 "violates the following Content Security Policy directive: " |
| 126 "\"frame-src a.com/iframe\".\n"); |
| 127 } |
| 128 |
| 129 context.AddOriginUnsafeToUseInCspViolation(url::Origin(GURL("http://a.com"))); |
| 130 |
| 131 // When the |blocked_url| and |source_location| are sensitive information. |
| 132 { |
| 133 EXPECT_FALSE(context.IsAllowedByCsp(CSPDirective::FrameSrc, blocked_url, |
| 134 false, source_location)); |
| 135 EXPECT_EQ(context.LastViolation().blocked_url, blocked_url.GetOrigin()); |
| 136 EXPECT_EQ(context.LastViolation().source_location.url, "http://a.com"); |
| 137 EXPECT_EQ(context.LastViolation().source_location.line_number, 0u); |
| 138 EXPECT_EQ(context.LastViolation().source_location.column_number, 0u); |
| 139 EXPECT_EQ(context.LastViolation().console_message, |
| 140 "Refused to frame 'http://a.com/' because it violates the " |
| 141 "following Content Security Policy directive: \"frame-src " |
| 142 "a.com/iframe\".\n"); |
| 143 } |
| 144 } |
| 145 |
| 89 } // namespace content | 146 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2869423002:
PlzNavigate: Do not disclose urls between cross-origin renderers. (Closed)
