OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/html/HTMLIFrameElement.h" | 5 #include "core/html/HTMLIFrameElement.h" |
6 | 6 |
7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
8 #include "testing/gtest/include/gtest/gtest.h" | 8 #include "testing/gtest/include/gtest/gtest.h" |
9 | 9 |
10 namespace blink { | 10 namespace blink { |
(...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
278 frame_element->ContainerPolicy(); | 278 frame_element->ContainerPolicy(); |
279 | 279 |
280 EXPECT_EQ(1UL, container_policy.size()); | 280 EXPECT_EQ(1UL, container_policy.size()); |
281 EXPECT_EQ(WebFeaturePolicyFeature::kFullscreen, container_policy[0].feature); | 281 EXPECT_EQ(WebFeaturePolicyFeature::kFullscreen, container_policy[0].feature); |
282 EXPECT_FALSE(container_policy[0].matches_all_origins); | 282 EXPECT_FALSE(container_policy[0].matches_all_origins); |
283 EXPECT_EQ(1UL, container_policy[0].origins.size()); | 283 EXPECT_EQ(1UL, container_policy[0].origins.size()); |
284 EXPECT_FALSE(container_policy[0].origins[0].IsUnique()); | 284 EXPECT_FALSE(container_policy[0].origins[0].IsUnique()); |
285 EXPECT_EQ("http://example.net", container_policy[0].origins[0].ToString()); | 285 EXPECT_EQ("http://example.net", container_policy[0].origins[0].ToString()); |
286 } | 286 } |
287 | 287 |
| 288 // Test the ConstructContainerPolicy method when no attributes are set on the |
| 289 // iframe element. |
| 290 TEST_F(HTMLIFrameElementTest, ConstructEmptyContainerPolicy) { |
| 291 Document* document = Document::Create(); |
| 292 KURL document_url = KURL(KURL(), "http://example.com"); |
| 293 document->SetURL(document_url); |
| 294 document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| 295 |
| 296 HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| 297 |
| 298 WebParsedFeaturePolicy container_policy = |
| 299 frame_element->ConstructContainerPolicy(); |
| 300 EXPECT_EQ(0UL, container_policy.size()); |
| 301 } |
| 302 |
| 303 // Test the ConstructContainerPolicy method when the "allow" attribute is used |
| 304 // to enable features in the frame. |
| 305 TEST_F(HTMLIFrameElementTest, ConstructContainerPolicy) { |
| 306 Document* document = Document::Create(); |
| 307 KURL document_url = KURL(KURL(), "http://example.com"); |
| 308 document->SetURL(document_url); |
| 309 document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| 310 |
| 311 HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| 312 frame_element->setAttribute(HTMLNames::allowAttr, "payment usb"); |
| 313 WebParsedFeaturePolicy container_policy = |
| 314 frame_element->ConstructContainerPolicy(); |
| 315 EXPECT_EQ(2UL, container_policy.size()); |
| 316 EXPECT_EQ(WebFeaturePolicyFeature::kPayment, container_policy[0].feature); |
| 317 EXPECT_FALSE(container_policy[0].matches_all_origins); |
| 318 EXPECT_EQ(1UL, container_policy[0].origins.size()); |
| 319 EXPECT_TRUE(GetOriginForFeaturePolicy(frame_element) |
| 320 ->IsSameSchemeHostPortAndSuborigin( |
| 321 container_policy[0].origins[0].Get())); |
| 322 EXPECT_EQ(WebFeaturePolicyFeature::kUsb, container_policy[1].feature); |
| 323 EXPECT_FALSE(container_policy[1].matches_all_origins); |
| 324 EXPECT_EQ(1UL, container_policy[1].origins.size()); |
| 325 EXPECT_TRUE(GetOriginForFeaturePolicy(frame_element) |
| 326 ->IsSameSchemeHostPortAndSuborigin( |
| 327 container_policy[1].origins[0].Get())); |
| 328 } |
| 329 |
| 330 // Test the ConstructContainerPolicy method when the "allowfullscreen" attribute |
| 331 // is used to enable fullscreen in the frame. |
| 332 TEST_F(HTMLIFrameElementTest, ConstructContainerPolicyWithAllowFullscreen) { |
| 333 Document* document = Document::Create(); |
| 334 KURL document_url = KURL(KURL(), "http://example.com"); |
| 335 document->SetURL(document_url); |
| 336 document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| 337 |
| 338 HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| 339 frame_element->SetBooleanAttribute(HTMLNames::allowfullscreenAttr, true); |
| 340 |
| 341 WebParsedFeaturePolicy container_policy = |
| 342 frame_element->ConstructContainerPolicy(); |
| 343 EXPECT_EQ(1UL, container_policy.size()); |
| 344 EXPECT_EQ(WebFeaturePolicyFeature::kFullscreen, container_policy[0].feature); |
| 345 EXPECT_TRUE(container_policy[0].matches_all_origins); |
| 346 } |
| 347 |
| 348 // Test the ConstructContainerPolicy method when the "allowpaymentrequest" |
| 349 // attribute is used to enable the paymentrequest API in the frame. |
| 350 TEST_F(HTMLIFrameElementTest, ConstructContainerPolicyWithAllowPaymentRequest) { |
| 351 Document* document = Document::Create(); |
| 352 KURL document_url = KURL(KURL(), "http://example.com"); |
| 353 document->SetURL(document_url); |
| 354 document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| 355 |
| 356 HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| 357 frame_element->setAttribute(HTMLNames::allowAttr, "usb"); |
| 358 frame_element->SetBooleanAttribute(HTMLNames::allowpaymentrequestAttr, true); |
| 359 |
| 360 WebParsedFeaturePolicy container_policy = |
| 361 frame_element->ConstructContainerPolicy(); |
| 362 EXPECT_EQ(2UL, container_policy.size()); |
| 363 EXPECT_EQ(WebFeaturePolicyFeature::kUsb, container_policy[0].feature); |
| 364 EXPECT_FALSE(container_policy[0].matches_all_origins); |
| 365 EXPECT_EQ(1UL, container_policy[0].origins.size()); |
| 366 EXPECT_TRUE(GetOriginForFeaturePolicy(frame_element) |
| 367 ->IsSameSchemeHostPortAndSuborigin( |
| 368 container_policy[0].origins[0].Get())); |
| 369 EXPECT_EQ(WebFeaturePolicyFeature::kPayment, container_policy[1].feature); |
| 370 EXPECT_TRUE(container_policy[1].matches_all_origins); |
| 371 } |
| 372 |
| 373 // Test the ConstructContainerPolicy method when both "allowfullscreen" and |
| 374 // "allowpaymentrequest" attributes are set on the iframe element, and the |
| 375 // "allow" attribute is also used to override the paymentrequest feature. In the |
| 376 // resulting container policy, the payment and usb features should be enabled |
| 377 // only for the frame's origin, (since the allow attribute overrides |
| 378 // allowpaymentrequest,) while fullscreen should be enabled for all origins. |
| 379 TEST_F(HTMLIFrameElementTest, ConstructContainerPolicyWithAllowAttributes) { |
| 380 Document* document = Document::Create(); |
| 381 KURL document_url = KURL(KURL(), "http://example.com"); |
| 382 document->SetURL(document_url); |
| 383 document->UpdateSecurityOrigin(SecurityOrigin::Create(document_url)); |
| 384 |
| 385 HTMLIFrameElement* frame_element = HTMLIFrameElement::Create(*document); |
| 386 frame_element->setAttribute(HTMLNames::allowAttr, "payment usb"); |
| 387 frame_element->SetBooleanAttribute(HTMLNames::allowfullscreenAttr, true); |
| 388 frame_element->SetBooleanAttribute(HTMLNames::allowpaymentrequestAttr, true); |
| 389 |
| 390 WebParsedFeaturePolicy container_policy = |
| 391 frame_element->ConstructContainerPolicy(); |
| 392 EXPECT_EQ(3UL, container_policy.size()); |
| 393 EXPECT_EQ(WebFeaturePolicyFeature::kPayment, container_policy[0].feature); |
| 394 EXPECT_FALSE(container_policy[0].matches_all_origins); |
| 395 EXPECT_EQ(1UL, container_policy[0].origins.size()); |
| 396 EXPECT_TRUE(GetOriginForFeaturePolicy(frame_element) |
| 397 ->IsSameSchemeHostPortAndSuborigin( |
| 398 container_policy[0].origins[0].Get())); |
| 399 EXPECT_EQ(WebFeaturePolicyFeature::kUsb, container_policy[1].feature); |
| 400 EXPECT_FALSE(container_policy[1].matches_all_origins); |
| 401 EXPECT_EQ(1UL, container_policy[1].origins.size()); |
| 402 EXPECT_TRUE(GetOriginForFeaturePolicy(frame_element) |
| 403 ->IsSameSchemeHostPortAndSuborigin( |
| 404 container_policy[1].origins[0].Get())); |
| 405 EXPECT_EQ(WebFeaturePolicyFeature::kFullscreen, container_policy[2].feature); |
| 406 EXPECT_TRUE(container_policy[2].matches_all_origins); |
| 407 } |
| 408 |
288 } // namespace blink | 409 } // namespace blink |
OLD | NEW |