| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/site_instance_impl.h" | 5 #include "content/browser/site_instance_impl.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <vector> | 10 #include <vector> |
| 11 | 11 |
| 12 #include "base/command_line.h" | 12 #include "base/command_line.h" |
| 13 #include "base/compiler_specific.h" | 13 #include "base/compiler_specific.h" |
| 14 #include "base/memory/ptr_util.h" | 14 #include "base/memory/ptr_util.h" |
| 15 #include "base/run_loop.h" | 15 #include "base/run_loop.h" |
| 16 #include "base/strings/string16.h" | 16 #include "base/strings/string16.h" |
| 17 #include "base/test/scoped_feature_list.h" | 17 #include "base/test/scoped_feature_list.h" |
| 18 #include "content/browser/browser_thread_impl.h" | 18 #include "content/browser/browser_thread_impl.h" |
| 19 #include "content/browser/browsing_instance.h" | 19 #include "content/browser/browsing_instance.h" |
| 20 #include "content/browser/child_process_security_policy_impl.h" | 20 #include "content/browser/child_process_security_policy_impl.h" |
| 21 #include "content/browser/frame_host/navigation_entry_impl.h" | 21 #include "content/browser/frame_host/navigation_entry_impl.h" |
| 22 #include "content/browser/isolated_origin_util.h" |
| 22 #include "content/browser/renderer_host/render_process_host_impl.h" | 23 #include "content/browser/renderer_host/render_process_host_impl.h" |
| 23 #include "content/browser/renderer_host/render_view_host_impl.h" | 24 #include "content/browser/renderer_host/render_view_host_impl.h" |
| 24 #include "content/browser/web_contents/web_contents_impl.h" | 25 #include "content/browser/web_contents/web_contents_impl.h" |
| 25 #include "content/browser/webui/content_web_ui_controller_factory.h" | 26 #include "content/browser/webui/content_web_ui_controller_factory.h" |
| 26 #include "content/browser/webui/web_ui_controller_factory_registry.h" | 27 #include "content/browser/webui/web_ui_controller_factory_registry.h" |
| 27 #include "content/public/common/content_client.h" | 28 #include "content/public/common/content_client.h" |
| 28 #include "content/public/common/content_constants.h" | 29 #include "content/public/common/content_constants.h" |
| 29 #include "content/public/common/content_features.h" | 30 #include "content/public/common/content_features.h" |
| 30 #include "content/public/common/content_switches.h" | 31 #include "content/public/common/content_switches.h" |
| 31 #include "content/public/common/url_constants.h" | 32 #include "content/public/common/url_constants.h" |
| (...skipping 866 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 898 policy->AddIsolatedOrigin(url::Origin(isolated_foo_url)); | 899 policy->AddIsolatedOrigin(url::Origin(isolated_foo_url)); |
| 899 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_foo_url))); | 900 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_foo_url))); |
| 900 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(foo_url))); | 901 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(foo_url))); |
| 901 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(GURL("http://foo.com")))); | 902 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(GURL("http://foo.com")))); |
| 902 EXPECT_FALSE( | 903 EXPECT_FALSE( |
| 903 policy->IsIsolatedOrigin(url::Origin(GURL("http://www.bar.com")))); | 904 policy->IsIsolatedOrigin(url::Origin(GURL("http://www.bar.com")))); |
| 904 EXPECT_FALSE( | 905 EXPECT_FALSE( |
| 905 policy->IsIsolatedOrigin(url::Origin(GURL("https://isolated.foo.com")))); | 906 policy->IsIsolatedOrigin(url::Origin(GURL("https://isolated.foo.com")))); |
| 906 EXPECT_FALSE(policy->IsIsolatedOrigin( | 907 EXPECT_FALSE(policy->IsIsolatedOrigin( |
| 907 url::Origin(GURL("http://isolated.foo.com:12345")))); | 908 url::Origin(GURL("http://isolated.foo.com:12345")))); |
| 908 EXPECT_FALSE(policy->IsIsolatedOrigin( | |
| 909 url::Origin(GURL("http://bar.isolated.foo.com")))); | |
| 910 | 909 |
| 911 policy->AddIsolatedOrigin(url::Origin(isolated_bar_url)); | 910 policy->AddIsolatedOrigin(url::Origin(isolated_bar_url)); |
| 912 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_bar_url))); | 911 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_bar_url))); |
| 913 | 912 |
| 914 // IsSameWebSite should compare origins rather than sites if either URL is an | 913 // IsSameWebSite should compare origins rather than sites if either URL is an |
| 915 // isolated origin. | 914 // isolated origin. |
| 916 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, foo_url, isolated_foo_url)); | 915 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, foo_url, isolated_foo_url)); |
| 917 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, foo_url)); | 916 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, foo_url)); |
| 918 EXPECT_FALSE( | 917 EXPECT_FALSE( |
| 919 SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, isolated_bar_url)); | 918 SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, isolated_bar_url)); |
| (...skipping 22 matching lines...) Expand all Loading... |
| 942 | 941 |
| 943 // Isolated origins always require a dedicated process. | 942 // Isolated origins always require a dedicated process. |
| 944 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( | 943 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 945 nullptr, isolated_foo_url)); | 944 nullptr, isolated_foo_url)); |
| 946 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( | 945 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 947 nullptr, isolated_bar_url)); | 946 nullptr, isolated_bar_url)); |
| 948 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( | 947 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 949 nullptr, isolated_blob_foo_url)); | 948 nullptr, isolated_blob_foo_url)); |
| 950 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( | 949 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 951 nullptr, isolated_filesystem_foo_url)); | 950 nullptr, isolated_filesystem_foo_url)); |
| 951 |
| 952 // Cleanup. |
| 953 policy->RemoveIsolatedOriginForTesting(url::Origin(isolated_foo_url)); |
| 954 policy->RemoveIsolatedOriginForTesting(url::Origin(isolated_bar_url)); |
| 955 } |
| 956 |
| 957 // Check that only valid isolated origins are allowed to be registered. |
| 958 TEST_F(SiteInstanceTest, IsValidIsolatedOrigin) { |
| 959 // Unique origins are invalid, as are invalid URLs that resolve to |
| 960 // unique origins. |
| 961 EXPECT_FALSE(IsolatedOriginUtil::IsValidIsolatedOrigin(url::Origin())); |
| 962 EXPECT_FALSE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 963 url::Origin(GURL("invalid.url")))); |
| 964 |
| 965 // IP addresses are ok. |
| 966 EXPECT_TRUE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 967 url::Origin(GURL("http://127.0.0.1")))); |
| 968 |
| 969 // Hosts without a valid registry-controlled domain are disallowed. This |
| 970 // includes hosts that are themselves a registry-controlled domain. |
| 971 EXPECT_FALSE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 972 url::Origin(GURL("http://.com/")))); |
| 973 EXPECT_FALSE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 974 url::Origin(GURL("http://.com./")))); |
| 975 EXPECT_FALSE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 976 url::Origin(GURL("http://foo/")))); |
| 977 EXPECT_FALSE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 978 url::Origin(GURL("http://co.uk/")))); |
| 979 EXPECT_TRUE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 980 url::Origin(GURL("http://foo.bar.baz/")))); |
| 981 |
| 982 // Scheme must be HTTP or HTTPS. |
| 983 EXPECT_FALSE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 984 url::Origin(GURL(kChromeUIScheme + std::string("://gpu"))))); |
| 985 EXPECT_TRUE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 986 url::Origin(GURL("http://a.com")))); |
| 987 EXPECT_TRUE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 988 url::Origin(GURL("https://b.co.uk")))); |
| 989 |
| 990 // Trailing dot is disallowed. |
| 991 EXPECT_FALSE(IsolatedOriginUtil::IsValidIsolatedOrigin( |
| 992 url::Origin(GURL("http://a.com.")))); |
| 993 } |
| 994 |
| 995 TEST_F(SiteInstanceTest, SubdomainOnIsolatedSite) { |
| 996 GURL isolated_url("http://isolated.com"); |
| 997 GURL foo_isolated_url("http://foo.isolated.com"); |
| 998 |
| 999 auto* policy = ChildProcessSecurityPolicyImpl::GetInstance(); |
| 1000 policy->AddIsolatedOrigin(url::Origin(isolated_url)); |
| 1001 |
| 1002 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_url))); |
| 1003 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(foo_isolated_url))); |
| 1004 EXPECT_FALSE( |
| 1005 policy->IsIsolatedOrigin(url::Origin(GURL("http://unisolated.com")))); |
| 1006 EXPECT_FALSE( |
| 1007 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); |
| 1008 // Wrong scheme. |
| 1009 EXPECT_FALSE( |
| 1010 policy->IsIsolatedOrigin(url::Origin(GURL("https://foo.isolated.com")))); |
| 1011 |
| 1012 // Appending a trailing dot to a URL should not bypass process isolation. |
| 1013 EXPECT_TRUE( |
| 1014 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.com.")))); |
| 1015 EXPECT_TRUE( |
| 1016 policy->IsIsolatedOrigin(url::Origin(GURL("http://foo.isolated.com.")))); |
| 1017 |
| 1018 // A new SiteInstance created for a subdomain on an isolated origin |
| 1019 // should use the isolated origin's host and not its own host as the site |
| 1020 // URL. |
| 1021 EXPECT_EQ(isolated_url, |
| 1022 SiteInstance::GetSiteForURL(nullptr, foo_isolated_url)); |
| 1023 |
| 1024 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1025 nullptr, foo_isolated_url)); |
| 1026 |
| 1027 EXPECT_TRUE( |
| 1028 SiteInstance::IsSameWebSite(nullptr, isolated_url, foo_isolated_url)); |
| 1029 EXPECT_TRUE( |
| 1030 SiteInstance::IsSameWebSite(nullptr, foo_isolated_url, isolated_url)); |
| 1031 |
| 1032 // Don't try to match subdomains on IP addresses. |
| 1033 GURL isolated_ip("http://127.0.0.1"); |
| 1034 policy->AddIsolatedOrigin(url::Origin(isolated_ip)); |
| 1035 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_ip))); |
| 1036 EXPECT_FALSE( |
| 1037 policy->IsIsolatedOrigin(url::Origin(GURL("http://42.127.0.0.1")))); |
| 1038 |
| 1039 // Cleanup. |
| 1040 policy->RemoveIsolatedOriginForTesting(url::Origin(isolated_url)); |
| 1041 } |
| 1042 |
| 1043 TEST_F(SiteInstanceTest, SubdomainOnIsolatedOrigin) { |
| 1044 GURL foo_url("http://foo.com"); |
| 1045 GURL isolated_foo_url("http://isolated.foo.com"); |
| 1046 GURL bar_isolated_foo_url("http://bar.isolated.foo.com"); |
| 1047 GURL baz_isolated_foo_url("http://baz.isolated.foo.com"); |
| 1048 |
| 1049 auto* policy = ChildProcessSecurityPolicyImpl::GetInstance(); |
| 1050 policy->AddIsolatedOrigin(url::Origin(isolated_foo_url)); |
| 1051 |
| 1052 EXPECT_FALSE(policy->IsIsolatedOrigin(url::Origin(foo_url))); |
| 1053 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(isolated_foo_url))); |
| 1054 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(bar_isolated_foo_url))); |
| 1055 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(baz_isolated_foo_url))); |
| 1056 |
| 1057 EXPECT_EQ(foo_url, SiteInstance::GetSiteForURL(nullptr, foo_url)); |
| 1058 EXPECT_EQ(isolated_foo_url, |
| 1059 SiteInstance::GetSiteForURL(nullptr, isolated_foo_url)); |
| 1060 EXPECT_EQ(isolated_foo_url, |
| 1061 SiteInstance::GetSiteForURL(nullptr, bar_isolated_foo_url)); |
| 1062 EXPECT_EQ(isolated_foo_url, |
| 1063 SiteInstance::GetSiteForURL(nullptr, baz_isolated_foo_url)); |
| 1064 |
| 1065 if (!AreAllSitesIsolatedForTesting()) { |
| 1066 EXPECT_FALSE( |
| 1067 SiteInstanceImpl::DoesSiteRequireDedicatedProcess(nullptr, foo_url)); |
| 1068 } |
| 1069 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1070 nullptr, isolated_foo_url)); |
| 1071 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1072 nullptr, bar_isolated_foo_url)); |
| 1073 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1074 nullptr, baz_isolated_foo_url)); |
| 1075 |
| 1076 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, foo_url, isolated_foo_url)); |
| 1077 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, foo_url)); |
| 1078 EXPECT_FALSE( |
| 1079 SiteInstance::IsSameWebSite(nullptr, foo_url, bar_isolated_foo_url)); |
| 1080 EXPECT_FALSE( |
| 1081 SiteInstance::IsSameWebSite(nullptr, bar_isolated_foo_url, foo_url)); |
| 1082 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, bar_isolated_foo_url, |
| 1083 isolated_foo_url)); |
| 1084 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, isolated_foo_url, |
| 1085 bar_isolated_foo_url)); |
| 1086 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, bar_isolated_foo_url, |
| 1087 baz_isolated_foo_url)); |
| 1088 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, baz_isolated_foo_url, |
| 1089 bar_isolated_foo_url)); |
| 1090 |
| 1091 // Cleanup. |
| 1092 policy->RemoveIsolatedOriginForTesting(url::Origin(isolated_foo_url)); |
| 1093 } |
| 1094 |
| 1095 TEST_F(SiteInstanceTest, MultipleIsolatedOriginsWithCommonSite) { |
| 1096 GURL foo_url("http://foo.com"); |
| 1097 GURL bar_foo_url("http://bar.foo.com"); |
| 1098 GURL baz_bar_foo_url("http://baz.bar.foo.com"); |
| 1099 GURL qux_baz_bar_foo_url("http://qux.baz.bar.foo.com"); |
| 1100 |
| 1101 auto* policy = ChildProcessSecurityPolicyImpl::GetInstance(); |
| 1102 policy->AddIsolatedOrigin(url::Origin(foo_url)); |
| 1103 policy->AddIsolatedOrigin(url::Origin(baz_bar_foo_url)); |
| 1104 |
| 1105 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(foo_url))); |
| 1106 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(bar_foo_url))); |
| 1107 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(baz_bar_foo_url))); |
| 1108 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(qux_baz_bar_foo_url))); |
| 1109 |
| 1110 EXPECT_EQ(foo_url, SiteInstance::GetSiteForURL(nullptr, foo_url)); |
| 1111 EXPECT_EQ(foo_url, SiteInstance::GetSiteForURL(nullptr, bar_foo_url)); |
| 1112 EXPECT_EQ(baz_bar_foo_url, |
| 1113 SiteInstance::GetSiteForURL(nullptr, baz_bar_foo_url)); |
| 1114 EXPECT_EQ(baz_bar_foo_url, |
| 1115 SiteInstance::GetSiteForURL(nullptr, qux_baz_bar_foo_url)); |
| 1116 |
| 1117 EXPECT_TRUE( |
| 1118 SiteInstanceImpl::DoesSiteRequireDedicatedProcess(nullptr, foo_url)); |
| 1119 EXPECT_TRUE( |
| 1120 SiteInstanceImpl::DoesSiteRequireDedicatedProcess(nullptr, bar_foo_url)); |
| 1121 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1122 nullptr, baz_bar_foo_url)); |
| 1123 EXPECT_TRUE(SiteInstanceImpl::DoesSiteRequireDedicatedProcess( |
| 1124 nullptr, qux_baz_bar_foo_url)); |
| 1125 |
| 1126 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, foo_url, bar_foo_url)); |
| 1127 EXPECT_FALSE(SiteInstance::IsSameWebSite(nullptr, foo_url, baz_bar_foo_url)); |
| 1128 EXPECT_FALSE( |
| 1129 SiteInstance::IsSameWebSite(nullptr, foo_url, qux_baz_bar_foo_url)); |
| 1130 |
| 1131 EXPECT_FALSE( |
| 1132 SiteInstance::IsSameWebSite(nullptr, bar_foo_url, baz_bar_foo_url)); |
| 1133 EXPECT_FALSE( |
| 1134 SiteInstance::IsSameWebSite(nullptr, bar_foo_url, qux_baz_bar_foo_url)); |
| 1135 |
| 1136 EXPECT_TRUE(SiteInstance::IsSameWebSite(nullptr, baz_bar_foo_url, |
| 1137 qux_baz_bar_foo_url)); |
| 1138 |
| 1139 // Cleanup. |
| 1140 policy->RemoveIsolatedOriginForTesting(url::Origin(foo_url)); |
| 1141 policy->RemoveIsolatedOriginForTesting(url::Origin(baz_bar_foo_url)); |
| 952 } | 1142 } |
| 953 | 1143 |
| 954 } // namespace content | 1144 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2891443002:
Keep subdomains of an isolated origin in the isolated origin's SiteInstance. (Closed)
