Revert of chrome.webRequest support for ExtensionSettings

chrome/browser/extensions/api/web_request/web_request_apitest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/command_line.h"
 #include "base/macros.h"
 #include "base/memory/ptr_util.h"
 #include "base/optional.h"
 #include "base/run_loop.h"
 #include "base/strings/stringprintf.h"
 #include "build/build_config.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/extensions/active_tab_permission_granter.h"
 #include "chrome/browser/extensions/extension_action_runner.h"
 #include "chrome/browser/extensions/extension_apitest.h"
 #include "chrome/browser/extensions/extension_service.h"
-#include "chrome/browser/extensions/extension_with_management_policy_apitest.h"
 #include "chrome/browser/extensions/tab_helper.h"
 #include "chrome/browser/extensions/test_extension_dir.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/search_engines/template_url_service_factory.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/browser/ui/browser_navigator_params.h"
 #include "chrome/browser/ui/login/login_handler.h"
 #include "chrome/browser/ui/tabs/tab_strip_model.h"
 #include "chrome/common/extensions/extension_process_policy.h"
 #include "chrome/test/base/search_test_utils.h"
@@ skipping 11 matching lines @@
 #include "content/public/test/browser_test_utils.h"
 #include "extensions/browser/api/web_request/web_request_api.h"
 #include "extensions/browser/blocked_action_type.h"
 #include "extensions/browser/extension_system.h"
 #include "extensions/common/extension_builder.h"
 #include "extensions/common/features/feature.h"
 #include "extensions/test/extension_test_message_listener.h"
 #include "extensions/test/result_catcher.h"
 #include "net/dns/mock_host_resolver.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
-#include "net/test/embedded_test_server/http_request.h"
 #include "net/test/test_data_directory.h"
 #include "net/traffic_annotation/network_traffic_annotation_test_helper.h"
 #include "net/url_request/test_url_fetcher_factory.h"
 #include "net/url_request/url_fetcher.h"
 #include "net/url_request/url_fetcher_delegate.h"
 #include "net/url_request/url_request_context_getter.h"
 #include "third_party/WebKit/public/platform/WebInputEvent.h"
 
 #if defined(OS_CHROMEOS)
 #include "chromeos/login/login_state.h"
@@ skipping 19 matching lines @@
                const content::NotificationSource& source,
                const content::NotificationDetails& details) override {
     LoginHandler* handler =
         content::Details<LoginNotificationDetails>(details).ptr()->handler();
     handler->CancelAuth();
   }
 
  private:
   content::NotificationRegistrar registrar_;
 
-  DISALLOW_COPY_AND_ASSIGN(CancelLoginDialog);
+ DISALLOW_COPY_AND_ASSIGN(CancelLoginDialog);
 };
 
 // Sends an XHR request to the provided host, port, and path, and responds when
 // the request was sent.
 const char kPerformXhrJs[] =
     "var url = 'http://%s:%d/%s';\n"
     "var xhr = new XMLHttpRequest();\n"
     "xhr.open('GET', url);\n"
     "xhr.onload = function() {\n"
     "  window.domAutomationController.send(true);\n"
@@ skipping 848 matching lines @@
     // example.com should also succeed, since it's not through the profile's
     // request context.
     SCOPED_TRACE("example.com with System's request context");
     TestURLFetcherDelegate url_fetcher(system_context, example_url,
                                        net::URLRequestStatus());
     url_fetcher.SetExpectedResponse(kExampleFullContent);
     url_fetcher.WaitForCompletion();
   }
 }
 
-// Tests that the webRequest events aren't dispatched when the request initiator
-// is protected by policy.
-IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy,
-                       InitiatorProtectedByPolicy) {
-  // We expect that no request will be hidden or modification blocked. This
-  // means that the request to example.com will be seen by the extension.
-  {
-    ExtensionManagementPolicyUpdater pref(&policy_provider_);
-    pref.AddRuntimeBlockedHost("*", "*://notexample.com");
-  }
-
-  ASSERT_TRUE(StartEmbeddedTestServer());
-
-  // Host navigated to.
-  const std::string example_com = "example.com";
-
-  // URL of a page that initiates a cross domain requests when navigated to.
-  const GURL extension_test_url = embedded_test_server()->GetURL(
-      example_com,
-      "/extensions/api_test/webrequest/policy_blocked/ref_remote_js.html");
-
-  LoadExtension(test_data_dir_.AppendASCII("webrequest/policy_blocked"));
-
-  // Extension communicates back using this listener name.
-  const std::string listener_message = "protected_origin";
-
-  // Listen to verify extension sees the web request.
-  ExtensionTestMessageListener before_request_listener(listener_message, false);
-
-  // Wait until all remote Javascript files have been blocked / pulled down.
-  ui_test_utils::NavigateToURLWithDisposition(
-      browser(), extension_test_url, WindowOpenDisposition::CURRENT_TAB,
-      ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
-
-  // Domain that hosts javascript file referenced by example_com.
-  const std::string example2_com = "example2.com";
-
-  // The server saw a request for the remote Javascript file.
-  EXPECT_TRUE(BrowsedTo(example2_com));
-
-  // The request was seen by the extension.
-  EXPECT_TRUE(before_request_listener.was_satisfied());
-
-  // Clear the list of domains the server has seen.
-  ClearRequestLog();
-
-  // Make sure we've cleared the embedded server history.
-  EXPECT_FALSE(BrowsedTo(example2_com));
-
-  // Set the policy to hide requests to example.com or any resource
-  // it includes. We expect that in this test, the request to example2.com
-  // will not be seen by the extension.
-  {
-    ExtensionManagementPolicyUpdater pref(&policy_provider_);
-    pref.AddRuntimeBlockedHost("*", "*://" + example_com);
-  }
-
-  // Listen in case extension sees the requst.
-  ExtensionTestMessageListener before_request_listener2(listener_message,
-                                                        false);
-
-  // Wait until all remote Javascript files have been pulled down.
-  ui_test_utils::NavigateToURLWithDisposition(
-      browser(), extension_test_url, WindowOpenDisposition::CURRENT_TAB,
-      ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
-
-  // The server saw a request for the remote Javascript file.
-  EXPECT_TRUE(BrowsedTo(example2_com));
-
-  // The request was hidden from the extension.
-  EXPECT_FALSE(before_request_listener2.was_satisfied());
-}
-
-// Tests that the webRequest events aren't dispatched when the URL of the
-// request is protected by policy.
-IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy,
-                       UrlProtectedByPolicy) {
-  // Host protected by policy.
-  const std::string protected_domain = "example.com";
-
-  {
-    ExtensionManagementPolicyUpdater pref(&policy_provider_);
-    pref.AddRuntimeBlockedHost("*", "*://" + protected_domain);
-  }
-
-  ASSERT_TRUE(StartEmbeddedTestServer());
-
-  LoadExtension(test_data_dir_.AppendASCII("webrequest/policy_blocked"));
-
-  // Listen in case extension sees the requst.
-  ExtensionTestMessageListener before_request_listener("protected_url", false);
-
-  // Path to resolve during test navigations.
-  const std::string test_path = "/defaultresponse?protected_url";
-
-  // Navigate to the protected domain and wait until page fully loads.
-  ui_test_utils::NavigateToURLWithDisposition(
-      browser(), embedded_test_server()->GetURL(protected_domain, test_path),
-      WindowOpenDisposition::CURRENT_TAB,
-      ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
-
-  // The server saw a request for the protected site.
-  EXPECT_TRUE(BrowsedTo(protected_domain));
-
-  // The request was hidden from the extension.
-  EXPECT_FALSE(before_request_listener.was_satisfied());
-
-  // Host not protected by policy.
-  const std::string unprotected_domain = "notblockedexample.com";
-
-  // Now we'll test browsing to a non-protected website where we expect the
-  // extension to see the request.
-  ui_test_utils::NavigateToURLWithDisposition(
-      browser(), embedded_test_server()->GetURL(unprotected_domain, test_path),
-      WindowOpenDisposition::CURRENT_TAB,
-      ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
-
-  // The server saw a request for the non-protected site.
-  EXPECT_TRUE(BrowsedTo(unprotected_domain));
-
-  // The request was visible from the extension.
-  EXPECT_TRUE(before_request_listener.was_satisfied());
-}
-
-// Test that no webRequest events are seen for a protected host during normal
-// navigation. This replicates most of the tests from
-// WebRequestWithWithheldPermissions with a protected host. Granting a tab
-// specific permission shouldn't bypass our policy.
-IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy,
-                       WebRequestProtectedByPolicy) {
-  FeatureSwitch::ScopedOverride enable_scripts_require_action(
-      FeatureSwitch::scripts_require_action(), true);
-
-  // Host protected by policy.
-  const std::string protected_domain = "example.com";
-
-  {
-    ExtensionManagementPolicyUpdater pref(&policy_provider_);
-    pref.AddRuntimeBlockedHost("*", "*://" + protected_domain);
-  }
-
-  ASSERT_TRUE(StartEmbeddedTestServer());
-
-  ExtensionTestMessageListener listener("ready", false);
-  const Extension* extension =
-      LoadExtension(test_data_dir_.AppendASCII("webrequest_activetab"));
-  ASSERT_TRUE(extension) << message_;
-  EXPECT_TRUE(listener.WaitUntilSatisfied());
-
-  // Navigate the browser to a page in a new tab.
-  GURL url = embedded_test_server()->GetURL(protected_domain, "/empty.html");
-  chrome::NavigateParams params(browser(), url, ui::PAGE_TRANSITION_LINK);
-  params.disposition = WindowOpenDisposition::NEW_FOREGROUND_TAB;
-  ui_test_utils::NavigateToURL(&params);
-
-  content::WebContents* web_contents =
-      browser()->tab_strip_model()->GetActiveWebContents();
-  ASSERT_TRUE(web_contents);
-  ExtensionActionRunner* runner =
-      ExtensionActionRunner::GetForWebContents(web_contents);
-  ASSERT_TRUE(runner);
-
-  int port = embedded_test_server()->port();
-  const std::string kXhrPath = "simple.html";
-
-  // The extension shouldn't have currently received any webRequest events,
-  // since it doesn't have permission (and shouldn't receive any from an XHR).
-  EXPECT_EQ(0, GetWebRequestCountFromBackgroundPage(extension, profile()));
-  PerformXhrInFrame(web_contents->GetMainFrame(), protected_domain, port,
-                    kXhrPath);
-  EXPECT_EQ(0, GetWebRequestCountFromBackgroundPage(extension, profile()));
-
-  // Grant activeTab permission, and perform another XHR. The extension should
-  // still be blocked due to ExtensionSettings policy on example.com.
-  // Only records ACCESS_WITHHELD, not ACCESS_DENIED, this is why it matches
-  // BLOCKED_ACTION_NONE.
-  EXPECT_EQ(BLOCKED_ACTION_NONE, runner->GetBlockedActions(extension));
-  runner->set_default_bubble_close_action_for_testing(
-      base::WrapUnique(new ToolbarActionsBarBubbleDelegate::CloseAction(
-          ToolbarActionsBarBubbleDelegate::CLOSE_EXECUTE)));
-  runner->RunAction(extension, true);
-  base::RunLoop().RunUntilIdle();
-  EXPECT_TRUE(content::WaitForLoadStop(web_contents));
-  EXPECT_EQ(BLOCKED_ACTION_NONE, runner->GetBlockedActions(extension));
-  int xhr_count = GetWebRequestCountFromBackgroundPage(extension, profile());
-  // ... which means that we should have a non-zero xhr count if the policy
-  // didn't block the events.
-  EXPECT_EQ(0, xhr_count);
-  // And the extension should also block future events.
-  PerformXhrInFrame(web_contents->GetMainFrame(), protected_domain, port,
-                    kXhrPath);
-  EXPECT_EQ(0, GetWebRequestCountFromBackgroundPage(extension, profile()));
-}
-
 }  // namespace extensions