Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(143)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/security_exploit_browsertest.cc

Issue 2954343005: Merge ResourceRequestBodyImpl and ResourceRequestBody. (Closed)
Patch Set: Remove comment Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/loader/upload_data_stream_builder_unittest.cc ('k') | content/browser/service_worker/foreign_fetch_request_handler.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stdint.h> 5 #include <stdint.h>
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/containers/hash_tables.h" 8 #include "base/containers/hash_tables.h"
9 #include "base/macros.h" 9 #include "base/macros.h"
10 #include "base/strings/utf_string_conversions.h" 10 #include "base/strings/utf_string_conversions.h"
(...skipping 16 matching lines...) Expand all
27 #include "content/public/browser/content_browser_client.h" 27 #include "content/public/browser/content_browser_client.h"
28 #include "content/public/browser/interstitial_page.h" 28 #include "content/public/browser/interstitial_page.h"
29 #include "content/public/browser/interstitial_page_delegate.h" 29 #include "content/public/browser/interstitial_page_delegate.h"
30 #include "content/public/browser/resource_context.h" 30 #include "content/public/browser/resource_context.h"
31 #include "content/public/browser/resource_dispatcher_host.h" 31 #include "content/public/browser/resource_dispatcher_host.h"
32 #include "content/public/browser/storage_partition.h" 32 #include "content/public/browser/storage_partition.h"
33 #include "content/public/common/appcache_info.h" 33 #include "content/public/common/appcache_info.h"
34 #include "content/public/common/browser_side_navigation_policy.h" 34 #include "content/public/common/browser_side_navigation_policy.h"
35 #include "content/public/common/content_switches.h" 35 #include "content/public/common/content_switches.h"
36 #include "content/public/common/file_chooser_params.h" 36 #include "content/public/common/file_chooser_params.h"
37 #include "content/public/common/resource_request_body.h"
37 #include "content/public/test/browser_test_utils.h" 38 #include "content/public/test/browser_test_utils.h"
38 #include "content/public/test/content_browser_test.h" 39 #include "content/public/test/content_browser_test.h"
39 #include "content/public/test/content_browser_test_utils.h" 40 #include "content/public/test/content_browser_test_utils.h"
40 #include "content/public/test/test_utils.h" 41 #include "content/public/test/test_utils.h"
41 #include "content/shell/browser/shell.h" 42 #include "content/shell/browser/shell.h"
42 #include "content/test/content_browser_test_utils_internal.h" 43 #include "content/test/content_browser_test_utils_internal.h"
43 #include "content/test/test_content_browser_client.h" 44 #include "content/test/test_content_browser_client.h"
44 #include "ipc/ipc_security_test_util.h" 45 #include "ipc/ipc_security_test_util.h"
45 #include "net/dns/mock_host_resolver.h" 46 #include "net/dns/mock_host_resolver.h"
46 #include "net/test/embedded_test_server/embedded_test_server.h" 47 #include "net/test/embedded_test_server/embedded_test_server.h"
(...skipping 537 matching lines...) Expand 10 before | Expand all | Expand 10 after
584 ASSERT_TRUE(temp_dir.CreateUniqueTempDir()); 585 ASSERT_TRUE(temp_dir.CreateUniqueTempDir());
585 ASSERT_TRUE(base::CreateTemporaryFileInDir(temp_dir.GetPath(), &file_path)); 586 ASSERT_TRUE(base::CreateTemporaryFileInDir(temp_dir.GetPath(), &file_path));
586 ASSERT_LT( 587 ASSERT_LT(
587 0, base::WriteFile(file_path, file_content.data(), file_content.size())); 588 0, base::WriteFile(file_path, file_content.data(), file_content.size()));
588 589
589 // Simulate an IPC message asking to POST a file that the renderer shouldn't 590 // Simulate an IPC message asking to POST a file that the renderer shouldn't
590 // have access to. 591 // have access to.
591 FrameHostMsg_OpenURL_Params params; 592 FrameHostMsg_OpenURL_Params params;
592 params.url = target_url; 593 params.url = target_url;
593 params.uses_post = true; 594 params.uses_post = true;
594 params.resource_request_body = new ResourceRequestBodyImpl; 595 params.resource_request_body = new ResourceRequestBody;
595 params.resource_request_body->AppendFileRange( 596 params.resource_request_body->AppendFileRange(
596 file_path, 0, file_content.size(), base::Time()); 597 file_path, 0, file_content.size(), base::Time());
597 params.disposition = WindowOpenDisposition::CURRENT_TAB; 598 params.disposition = WindowOpenDisposition::CURRENT_TAB;
598 params.should_replace_current_entry = true; 599 params.should_replace_current_entry = true;
599 params.user_gesture = true; 600 params.user_gesture = true;
600 params.is_history_navigation_in_new_child = false; 601 params.is_history_navigation_in_new_child = false;
601 602
602 FrameHostMsg_OpenURL msg(root->current_frame_host()->routing_id(), params); 603 FrameHostMsg_OpenURL msg(root->current_frame_host()->routing_id(), params);
603 IPC::IpcSecurityTestUtil::PwnMessageReceived( 604 IPC::IpcSecurityTestUtil::PwnMessageReceived(
604 root->current_frame_host()->GetProcess()->GetChannel(), msg); 605 root->current_frame_host()->GetProcess()->GetChannel(), msg);
605 606
606 // Verify that the malicious navigation did not commit the navigation to 607 // Verify that the malicious navigation did not commit the navigation to
607 // |target_url|. 608 // |target_url|.
608 WaitForLoadStop(shell()->web_contents()); 609 WaitForLoadStop(shell()->web_contents());
609 EXPECT_EQ(start_url, root->current_frame_host()->GetLastCommittedURL()); 610 EXPECT_EQ(start_url, root->current_frame_host()->GetLastCommittedURL());
610 611
611 // Verify that the malicious renderer got killed. 612 // Verify that the malicious renderer got killed.
612 exit_observer.Wait(); 613 exit_observer.Wait();
613 EXPECT_FALSE(exit_observer.did_exit_normally()); 614 EXPECT_FALSE(exit_observer.did_exit_normally());
614 } 615 }
615 616
616 } // namespace content 617 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/loader/upload_data_stream_builder_unittest.cc ('k') | content/browser/service_worker/foreign_fetch_request_handler.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698