| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/site_instance_impl.h" | 5 #include "content/browser/site_instance_impl.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 887 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 898 policy->AddIsolatedOrigin(url::Origin(isolated_foo_url)); | 898 policy->AddIsolatedOrigin(url::Origin(isolated_foo_url)); |
| 899 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_foo_url))); | 899 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_foo_url))); |
| 900 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(foo_url))); | 900 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(foo_url))); |
| 901 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(GURL("http://foo.com")))); | 901 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(GURL("http://foo.com")))); |
| 902 EXPECT_FALSE( | 902 EXPECT_FALSE( |
| 903 policy->IsIsolatedOrigin(url::Origin(GURL("http://www.bar.com")))); | 903 policy->IsIsolatedOrigin(url::Origin(GURL("http://www.bar.com")))); |
| 904 EXPECT_FALSE( | 904 EXPECT_FALSE( |
| 905 policy->IsIsolatedOrigin(url::Origin(GURL("https://isolated.foo.com")))); | 905 policy->IsIsolatedOrigin(url::Origin(GURL("https://isolated.foo.com")))); |
| 906 EXPECT_FALSE(policy->IsIsolatedOrigin( | 906 EXPECT_FALSE(policy->IsIsolatedOrigin( |
| 907 url::Origin(GURL("http://isolated.foo.com:12345")))); | 907 url::Origin(GURL("http://isolated.foo.com:12345")))); |
| 908 EXPECT_FALSE(policy->IsIsolatedOrigin( | |
| 909 url::Origin(GURL("http://bar.isolated.foo.com")))); | |
| 910 | 908 |
| 911 policy->AddIsolatedOrigin(url::Origin(isolated_bar_url)); | 909 policy->AddIsolatedOrigin(url::Origin(isolated_bar_url)); |
| 912 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_bar_url))); | 910 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_bar_url))); |
| 913 | 911 |
| 914 // IsSameWebSite should compare origins rather than sites if either URL is an | 912 // IsSameWebSite should compare origins rather than sites if either URL is an |
| 915 // isolated origin. | 913 // isolated origin. |
| 916 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, foo_url, isolated_foo_url)); | 914 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, foo_url, isolated_foo_url)); |
| 917 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, foo_url)); | 915 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, foo_url)); |
| 918 EXPECT_FALSE( | 916 EXPECT_FALSE( |
| 919 SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, isolated_bar_url)); | 917 SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, isolated_bar_url)); |
| (...skipping 22 matching lines...) Expand all Loading... |
| 942 | 940 |
| 943 // Isolated origins always require a dedicated process. | 941 // Isolated origins always require a dedicated process. |
| 944 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( | 942 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 945 nullptr, isolated_foo_url)); | 943 nullptr, isolated_foo_url)); |
| 946 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( | 944 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 947 nullptr, isolated_bar_url)); | 945 nullptr, isolated_bar_url)); |
| 948 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( | 946 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 949 nullptr, isolated_blob_foo_url)); | 947 nullptr, isolated_blob_foo_url)); |
| 950 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( | 948 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 951 nullptr, isolated_filesystem_foo_url)); | 949 nullptr, isolated_filesystem_foo_url)); |
| 950 |
| 951 // Cleanup. |
| 952 policy->RemoveIsolatedOriginForTesting(url::Origin(isolated_foo_url)); |
| 953 policy->RemoveIsolatedOriginForTesting(url::Origin(isolated_bar_url)); |
| 954 } |
| 955 |
| 956 TEST_F(SiteInstanceTest, SubdomainOnIsolatedSite) { |
| 957 GURL isolated_url("http://isolated.com"); |
| 958 GURL foo_isolated_url("http://foo.isolated.com"); |
| 959 |
| 960 auto* policy = ChildProcessSecurityPolicyImpl::GetInstance(); |
| 961 policy->AddIsolatedOrigin(url::Origin(isolated_url)); |
| 962 |
| 963 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_url))); |
| 964 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(foo_isolated_url))); |
| 965 EXPECT_FALSE( |
| 966 policy->IsIsolatedOrigin(url::Origin(GURL("http://unisolated.com")))); |
| 967 EXPECT_FALSE( |
| 968 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); |
| 969 // Wrong scheme. |
| 970 EXPECT_FALSE( |
| 971 policy->IsIsolatedOrigin(url::Origin(GURL("https://foo.isolated.com")))); |
| 972 |
| 973 // A new SiteInstance created for a subdomain on an isolated origin |
| 974 // should use the isolated origin's host and not its own host as the site |
| 975 // URL. |
| 976 EXPECT_EQ(isolated_url, |
| 977 SiteInstance::GetSiteForURL(nullptr, foo_isolated_url)); |
| 978 |
| 979 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 980 nullptr, foo_isolated_url)); |
| 981 |
| 982 EXPECT_TRUE( |
| 983 SiteInstance::IsSameWebSite(nullptr, isolated_url, foo_isolated_url)); |
| 984 EXPECT_TRUE( |
| 985 SiteInstance::IsSameWebSite(nullptr, foo_isolated_url, isolated_url)); |
| 986 |
| 987 // Cleanup. |
| 988 policy->RemoveIsolatedOriginForTesting(url::Origin(isolated_url)); |
| 989 } |
| 990 |
| 991 TEST_F(SiteInstanceTest, SubdomainOnIsolatedOrigin) { |
| 992 GURL foo_url("http://foo.com"); |
| 993 GURL isolated_foo_url("http://isolated.foo.com"); |
| 994 GURL bar_isolated_foo_url("http://bar.isolated.foo.com"); |
| 995 GURL baz_isolated_foo_url("http://baz.isolated.foo.com"); |
| 996 |
| 997 auto* policy = ChildProcessSecurityPolicyImpl::GetInstance(); |
| 998 policy->AddIsolatedOrigin(url::Origin(isolated_foo_url)); |
| 999 |
| 1000 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(foo_url))); |
| 1001 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_foo_url))); |
| 1002 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(bar_isolated_foo_url))); |
| 1003 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(baz_isolated_foo_url))); |
| 1004 |
| 1005 EXPECT_EQ(foo_url, SiteInstance::GetSiteForURL(nullptr, foo_url)); |
| 1006 EXPECT_EQ(isolated_foo_url, |
| 1007 SiteInstance::GetSiteForURL(nullptr, isolated_foo_url)); |
| 1008 EXPECT_EQ(isolated_foo_url, |
| 1009 SiteInstance::GetSiteForURL(nullptr, bar_isolated_foo_url)); |
| 1010 EXPECT_EQ(isolated_foo_url, |
| 1011 SiteInstance::GetSiteForURL(nullptr, baz_isolated_foo_url)); |
| 1012 |
| 1013 if (!AreAllSitesIsolatedForTesting()) { |
| 1014 EXPECT_FALSE( |
| 1015 SiteInstanceImpl::DoesSiteRequireDedicatedProcess(nullptr, foo_url)); |
| 1016 } |
| 1017 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1018 nullptr, isolated_foo_url)); |
| 1019 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1020 nullptr, bar_isolated_foo_url)); |
| 1021 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1022 nullptr, baz_isolated_foo_url)); |
| 1023 |
| 1024 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, foo_url, isolated_foo_url)); |
| 1025 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, foo_url)); |
| 1026 EXPECT_FALSE( |
| 1027 SiteInstance::IsSameWebSite(nullptr, foo_url, bar_isolated_foo_url)); |
| 1028 EXPECT_FALSE( |
| 1029 SiteInstance::IsSameWebSite(nullptr, bar_isolated_foo_url, foo_url)); |
| 1030 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, bar_isolated_foo_url, |
| 1031 isolated_foo_url)); |
| 1032 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, |
| 1033 bar_isolated_foo_url)); |
| 1034 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, bar_isolated_foo_url, |
| 1035 baz_isolated_foo_url)); |
| 1036 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, baz_isolated_foo_url, |
| 1037 bar_isolated_foo_url)); |
| 1038 |
| 1039 // Cleanup. |
| 1040 policy->RemoveIsolatedOriginForTesting(url::Origin(isolated_foo_url)); |
| 1041 } |
| 1042 |
| 1043 TEST_F(SiteInstanceTest, MultipleIsolatedOriginsWithCommonSite) { |
| 1044 GURL foo_url("http://foo.com"); |
| 1045 GURL bar_foo_url("http://bar.foo.com"); |
| 1046 GURL baz_bar_foo_url("http://baz.bar.foo.com"); |
| 1047 GURL qux_baz_bar_foo_url("http://qux.baz.bar.foo.com"); |
| 1048 |
| 1049 auto* policy = ChildProcessSecurityPolicyImpl::GetInstance(); |
| 1050 policy->AddIsolatedOrigin(url::Origin(foo_url)); |
| 1051 policy->AddIsolatedOrigin(url::Origin(baz_bar_foo_url)); |
| 1052 |
| 1053 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(foo_url))); |
| 1054 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(bar_foo_url))); |
| 1055 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(baz_bar_foo_url))); |
| 1056 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(qux_baz_bar_foo_url))); |
| 1057 |
| 1058 EXPECT_EQ(foo_url, SiteInstance::GetSiteForURL(nullptr, foo_url)); |
| 1059 EXPECT_EQ(foo_url, SiteInstance::GetSiteForURL(nullptr, bar_foo_url)); |
| 1060 EXPECT_EQ(baz_bar_foo_url, |
| 1061 SiteInstance::GetSiteForURL(nullptr, baz_bar_foo_url)); |
| 1062 EXPECT_EQ(baz_bar_foo_url, |
| 1063 SiteInstance::GetSiteForURL(nullptr, qux_baz_bar_foo_url)); |
| 1064 |
| 1065 EXPECT_TRUE( |
| 1066 SiteInstanceImpl::DoesSiteRequireDedicatedProcess(nullptr, foo_url)); |
| 1067 EXPECT_TRUE( |
| 1068 SiteInstanceImpl::DoesSiteRequireDedicatedProcess(nullptr, bar_foo_url)); |
| 1069 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1070 nullptr, baz_bar_foo_url)); |
| 1071 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1072 nullptr, qux_baz_bar_foo_url)); |
| 1073 |
| 1074 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, foo_url, bar_foo_url)); |
| 1075 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, foo_url, baz_bar_foo_url)); |
| 1076 EXPECT_FALSE( |
| 1077 SiteInstance::IsSameWebSite(nullptr, foo_url, qux_baz_bar_foo_url)); |
| 1078 |
| 1079 EXPECT_FALSE( |
| 1080 SiteInstance::IsSameWebSite(nullptr, bar_foo_url, baz_bar_foo_url)); |
| 1081 EXPECT_FALSE( |
| 1082 SiteInstance::IsSameWebSite(nullptr, bar_foo_url, qux_baz_bar_foo_url)); |
| 1083 |
| 1084 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, baz_bar_foo_url, |
| 1085 qux_baz_bar_foo_url)); |
| 1086 |
| 1087 // Cleanup. |
| 1088 policy->RemoveIsolatedOriginForTesting(url::Origin(foo_url)); |
| 1089 policy->RemoveIsolatedOriginForTesting(url::Origin(baz_bar_foo_url)); |
| 952 } | 1090 } |
| 953 | 1091 |
| 954 } // namespace content | 1092 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2891443002:
Keep subdomains of an isolated origin in the isolated origin's SiteInstance. (Closed)
