OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <set> | 5 #include <set> |
6 #include <string> | 6 #include <string> |
7 | 7 |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "content/browser/child_process_security_policy_impl.h" | 9 #include "content/browser/child_process_security_policy_impl.h" |
10 #include "content/public/common/url_constants.h" | 10 #include "content/public/common/url_constants.h" |
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
150 | 150 |
151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); | 151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); |
152 } | 152 } |
153 | 153 |
154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { | 154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { |
155 ChildProcessSecurityPolicyImpl* p = | 155 ChildProcessSecurityPolicyImpl* p = |
156 ChildProcessSecurityPolicyImpl::GetInstance(); | 156 ChildProcessSecurityPolicyImpl::GetInstance(); |
157 | 157 |
158 p->Add(kRendererID); | 158 p->Add(kRendererID); |
159 | 159 |
160 // Safe to request or commit. | 160 // Safe to request, redirect or commit. |
161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); | 161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); |
162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); | 162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); |
163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
165 EXPECT_TRUE(p->CanRequestURL( | 165 EXPECT_TRUE(p->CanRequestURL( |
166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
167 EXPECT_TRUE(p->CanRedirectToURL(GURL("http://www.google.com/"))); | |
168 EXPECT_TRUE(p->CanRedirectToURL(GURL("https://www.paypal.com/"))); | |
169 EXPECT_TRUE(p->CanRedirectToURL(GURL("ftp://ftp.gnu.org/"))); | |
170 EXPECT_TRUE(p->CanRedirectToURL(GURL("data:text/html,<b>Hi</b>"))); | |
Charlie Reis
2017/07/07 17:12:59
Hmm, this is surprising to me in the other directi
arthursonzogni
2017/07/10 16:07:03
Yes, eventually.
So, this is already enforced some
Charlie Reis
2017/07/10 21:16:21
Acknowledged.
| |
171 EXPECT_FALSE( | |
172 p->CanRedirectToURL(GURL("filesystem:http://localhost/temporary/a.gif"))); | |
167 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); | 173 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); |
168 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); | 174 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); |
169 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 175 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
170 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 176 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
171 EXPECT_TRUE(p->CanCommitURL( | 177 EXPECT_TRUE(p->CanCommitURL( |
172 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 178 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
173 EXPECT_TRUE( | 179 EXPECT_TRUE( |
174 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); | 180 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); |
175 EXPECT_TRUE( | 181 EXPECT_TRUE( |
176 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); | 182 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); |
177 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 183 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
178 EXPECT_TRUE( | 184 EXPECT_TRUE( |
179 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 185 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
180 EXPECT_TRUE(p->CanSetAsOriginHeader( | 186 EXPECT_TRUE(p->CanSetAsOriginHeader( |
181 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 187 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
182 | 188 |
183 // Dangerous to request, commit, or set as origin header. | 189 // Dangerous to request, commit, or set as origin header. |
184 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 190 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
185 GURL("file:///etc/passwd"))); | 191 GURL("file:///etc/passwd"))); |
186 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 192 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
187 GURL("chrome://foo/bar"))); | 193 GURL("chrome://foo/bar"))); |
188 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 194 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
189 GURL("view-source:http://www.google.com/"))); | 195 GURL("view-source:http://www.google.com/"))); |
196 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
197 EXPECT_FALSE(p->CanRedirectToURL(GURL("chrome://foo/bar"))); | |
198 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/"))); | |
190 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 199 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
191 GURL("file:///etc/passwd"))); | 200 GURL("file:///etc/passwd"))); |
192 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 201 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
193 GURL("chrome://foo/bar"))); | 202 GURL("chrome://foo/bar"))); |
194 EXPECT_FALSE( | 203 EXPECT_FALSE( |
195 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); | 204 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); |
196 EXPECT_FALSE( | 205 EXPECT_FALSE( |
197 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 206 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
198 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); | 207 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); |
199 EXPECT_FALSE(p->CanSetAsOriginHeader( | 208 EXPECT_FALSE(p->CanSetAsOriginHeader( |
(...skipping 23 matching lines...) Expand all Loading... | |
223 kRendererID, GURL("blob:http://username@localhost/some-guid"))); | 232 kRendererID, GURL("blob:http://username@localhost/some-guid"))); |
224 EXPECT_FALSE(p->CanRequestURL( | 233 EXPECT_FALSE(p->CanRequestURL( |
225 kRendererID, GURL("blob:http://username @localhost/some-guid"))); | 234 kRendererID, GURL("blob:http://username @localhost/some-guid"))); |
226 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); | 235 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); |
227 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); | 236 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); |
228 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 237 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
229 GURL("blob:filesystem:http://localhost/path"))); | 238 GURL("blob:filesystem:http://localhost/path"))); |
230 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 239 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
231 GURL("filesystem:blob:http://localhost/guid"))); | 240 GURL("filesystem:blob:http://localhost/guid"))); |
232 | 241 |
242 // No redirect to a blob-url or a filesystem-url are allowed. | |
Charlie Reis
2017/07/07 17:12:59
nit: redirects
arthursonzogni
2017/07/10 16:07:04
Line removed.
| |
243 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid"))); | |
244 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:null/some-guid"))); | |
245 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid"))); | |
246 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid"))); | |
247 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid#fragment"))); | |
248 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid?query"))); | |
249 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:blobinternal://some-guid"))); | |
250 EXPECT_FALSE( | |
251 p->CanRedirectToURL(GURL("blob:http://username@localhost/some-guid"))); | |
252 EXPECT_FALSE(p->CanRedirectToURL( | |
253 GURL("blob:http://username @localhost/some-guid"))); | |
254 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:blob:some-guid"))); | |
255 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:some-guid"))); | |
256 EXPECT_FALSE( | |
257 p->CanRedirectToURL(GURL("blob:filesystem:http://localhost/path"))); | |
258 EXPECT_FALSE( | |
259 p->CanRedirectToURL(GURL("filesystem:blob:http://localhost/guid"))); | |
260 | |
233 EXPECT_TRUE( | 261 EXPECT_TRUE( |
234 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | 262 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
235 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); | 263 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); |
236 EXPECT_TRUE( | 264 EXPECT_TRUE( |
237 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | 265 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
238 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); | 266 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); |
239 EXPECT_TRUE( | 267 EXPECT_TRUE( |
240 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); | 268 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); |
241 EXPECT_TRUE( | 269 EXPECT_TRUE( |
242 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid"))); | 270 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid"))); |
(...skipping 14 matching lines...) Expand all Loading... | |
257 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { | 285 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
258 ChildProcessSecurityPolicyImpl* p = | 286 ChildProcessSecurityPolicyImpl* p = |
259 ChildProcessSecurityPolicyImpl::GetInstance(); | 287 ChildProcessSecurityPolicyImpl::GetInstance(); |
260 | 288 |
261 p->Add(kRendererID); | 289 p->Add(kRendererID); |
262 | 290 |
263 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); | 291 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); |
264 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); | 292 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); |
265 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); | 293 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); |
266 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); | 294 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); |
295 EXPECT_TRUE(p->CanRedirectToURL(GURL("about:blank"))); | |
296 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:BlAnK"))); | |
297 EXPECT_FALSE(p->CanRedirectToURL(GURL("aBouT:BlAnK"))); | |
298 EXPECT_TRUE(p->CanRedirectToURL(GURL("aBouT:blank"))); | |
267 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); | 299 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); |
268 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); | 300 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); |
269 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); | 301 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); |
270 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); | 302 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); |
271 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); | 303 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); |
272 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); | 304 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); |
273 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); | 305 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); |
274 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); | 306 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); |
275 | 307 |
276 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc"))); | 308 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc"))); |
309 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:srcdoc"))); | |
277 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc"))); | 310 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc"))); |
278 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc"))); | 311 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc"))); |
279 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC"))); | 312 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC"))); |
280 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:SRCDOC"))); | 313 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:SRCDOC"))); |
281 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:SRCDOC"))); | 314 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:SRCDOC"))); |
282 | 315 |
283 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 316 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
284 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); | 317 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); |
285 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); | 318 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); |
286 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); | 319 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); |
320 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash"))); | |
321 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:cache"))); | |
322 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:hang"))); | |
323 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:version"))); | |
287 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 324 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
288 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); | 325 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); |
289 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); | 326 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); |
290 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); | 327 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); |
291 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); | 328 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
292 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); | 329 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); |
293 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); | 330 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); |
294 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); | 331 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); |
295 | 332 |
296 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); | 333 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); |
297 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); | 334 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); |
298 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); | 335 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); |
336 EXPECT_FALSE(p->CanRedirectToURL(GURL("aBoUt:version"))); | |
337 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:CrASh"))); | |
338 EXPECT_FALSE(p->CanRedirectToURL(GURL("abOuT:cAChe"))); | |
299 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 339 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
300 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); | 340 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); |
301 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); | 341 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); |
302 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 342 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
303 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); | 343 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
304 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); | 344 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); |
305 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); | 345 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); |
306 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); | 346 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
307 | 347 |
308 // Requests for about: pages should be denied. | 348 // Requests for about: pages should be denied. |
309 p->GrantRequestURL(kRendererID, GURL("about:crash")); | 349 p->GrantRequestURL(kRendererID, GURL("about:crash")); |
310 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 350 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
351 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash"))); | |
311 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 352 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
312 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); | 353 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
313 | 354 |
314 // These requests for chrome:// pages should be granted. | 355 // These requests for chrome:// pages should be granted if there is no |
Charlie Reis
2017/07/07 17:12:59
nit: s/is/are/
arthursonzogni
2017/07/10 16:07:04
Undoing my change on this line.
| |
356 // redirects. | |
315 GURL chrome_url("chrome://foo"); | 357 GURL chrome_url("chrome://foo"); |
316 p->GrantRequestURL(kRendererID, chrome_url); | 358 p->GrantRequestURL(kRendererID, chrome_url); |
317 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); | 359 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); |
360 EXPECT_FALSE(p->CanRedirectToURL(GURL(chrome_url))); | |
318 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); | 361 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); |
319 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); | 362 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); |
320 | 363 |
321 p->Remove(kRendererID); | 364 p->Remove(kRendererID); |
322 } | 365 } |
323 | 366 |
324 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { | 367 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { |
325 ChildProcessSecurityPolicyImpl* p = | 368 ChildProcessSecurityPolicyImpl* p = |
326 ChildProcessSecurityPolicyImpl::GetInstance(); | 369 ChildProcessSecurityPolicyImpl::GetInstance(); |
327 | 370 |
328 p->Add(kRendererID); | 371 p->Add(kRendererID); |
329 | 372 |
330 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 373 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
374 EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')"))); | |
331 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 375 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
332 EXPECT_FALSE( | 376 EXPECT_FALSE( |
333 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); | 377 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
334 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); | 378 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); |
335 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 379 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
380 EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')"))); | |
336 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 381 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
337 EXPECT_FALSE( | 382 EXPECT_FALSE( |
338 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); | 383 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
339 | 384 |
340 p->Remove(kRendererID); | 385 p->Remove(kRendererID); |
341 } | 386 } |
342 | 387 |
343 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { | 388 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { |
344 ChildProcessSecurityPolicyImpl* p = | 389 ChildProcessSecurityPolicyImpl* p = |
345 ChildProcessSecurityPolicyImpl::GetInstance(); | 390 ChildProcessSecurityPolicyImpl::GetInstance(); |
346 | 391 |
347 p->Add(kRendererID); | 392 p->Add(kRendererID); |
348 | 393 |
349 // Suborigin URLs are not requestable or committable. | 394 // Suborigin URLs are not requestable or committable. |
350 EXPECT_FALSE( | 395 EXPECT_FALSE( |
351 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); | 396 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); |
352 EXPECT_FALSE( | 397 EXPECT_FALSE( |
353 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); | 398 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); |
399 EXPECT_FALSE(p->CanRedirectToURL(GURL("http-so://foobar.example.com"))); | |
400 EXPECT_FALSE(p->CanRedirectToURL(GURL("https-so://foobar.example.com"))); | |
354 EXPECT_FALSE( | 401 EXPECT_FALSE( |
355 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); | 402 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); |
356 EXPECT_FALSE( | 403 EXPECT_FALSE( |
357 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); | 404 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); |
358 | 405 |
359 // It's not possible to grant suborigins requestable status. | 406 // It's not possible to grant suborigins requestable status. |
360 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com")); | 407 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com")); |
361 EXPECT_FALSE( | 408 EXPECT_FALSE( |
362 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); | 409 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); |
363 | 410 |
364 // Suborigin URLs are valid origin headers. | 411 // Suborigin URLs are valid origin headers. |
365 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, | 412 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, |
366 GURL("http-so://foobar.example.com"))); | 413 GURL("http-so://foobar.example.com"))); |
367 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, | 414 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, |
368 GURL("https-so://foobar.example.com"))); | 415 GURL("https-so://foobar.example.com"))); |
369 | 416 |
370 p->Remove(kRendererID); | 417 p->Remove(kRendererID); |
371 } | 418 } |
372 | 419 |
373 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { | 420 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { |
374 ChildProcessSecurityPolicyImpl* p = | 421 ChildProcessSecurityPolicyImpl* p = |
375 ChildProcessSecurityPolicyImpl::GetInstance(); | 422 ChildProcessSecurityPolicyImpl::GetInstance(); |
376 | 423 |
377 p->Add(kRendererID); | 424 p->Add(kRendererID); |
378 | 425 |
379 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be | 426 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be |
380 // requested but not committed. | 427 // requested but not committed. |
381 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 428 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
429 EXPECT_FALSE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
382 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 430 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
383 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 431 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
384 | 432 |
385 // Once we register "asdf", we default to deny. | 433 // Once we register "asdf", we default to deny. |
386 RegisterTestScheme("asdf"); | 434 RegisterTestScheme("asdf"); |
387 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 435 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
436 EXPECT_FALSE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
388 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 437 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
389 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 438 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
390 | 439 |
391 // We can allow new schemes by adding them to the whitelist. | 440 // We can allow new schemes by adding them to the whitelist. |
392 p->RegisterWebSafeScheme("asdf"); | 441 p->RegisterWebSafeScheme("asdf"); |
393 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 442 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
443 EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
394 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 444 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
395 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 445 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
396 | 446 |
397 // Cleanup. | 447 // Cleanup. |
398 p->Remove(kRendererID); | 448 p->Remove(kRendererID); |
399 } | 449 } |
400 | 450 |
401 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { | 451 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { |
402 ChildProcessSecurityPolicyImpl* p = | 452 ChildProcessSecurityPolicyImpl* p = |
403 ChildProcessSecurityPolicyImpl::GetInstance(); | 453 ChildProcessSecurityPolicyImpl::GetInstance(); |
404 | 454 |
405 p->Add(kRendererID); | 455 p->Add(kRendererID); |
406 | 456 |
407 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 457 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
458 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
408 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 459 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
409 EXPECT_FALSE( | 460 EXPECT_FALSE( |
410 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 461 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
411 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); | 462 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); |
412 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 463 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
464 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
413 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 465 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
414 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 466 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
415 | 467 |
416 // We should forget our state if we repeat a renderer id. | 468 // We should forget our state if we repeat a renderer id. |
417 p->Remove(kRendererID); | 469 p->Remove(kRendererID); |
418 p->Add(kRendererID); | 470 p->Add(kRendererID); |
419 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 471 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
472 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
420 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 473 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
421 EXPECT_FALSE( | 474 EXPECT_FALSE( |
422 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 475 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
423 p->Remove(kRendererID); | 476 p->Remove(kRendererID); |
424 } | 477 } |
425 | 478 |
426 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { | 479 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { |
427 ChildProcessSecurityPolicyImpl* p = | 480 ChildProcessSecurityPolicyImpl* p = |
428 ChildProcessSecurityPolicyImpl::GetInstance(); | 481 ChildProcessSecurityPolicyImpl::GetInstance(); |
429 | 482 |
430 p->Add(kRendererID); | 483 p->Add(kRendererID); |
431 | 484 |
432 // Child processes cannot request view source URLs. | 485 // Child processes cannot request view source URLs. |
433 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 486 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
434 GURL("view-source:http://www.google.com/"))); | 487 GURL("view-source:http://www.google.com/"))); |
435 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 488 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
436 GURL("view-source:file:///etc/passwd"))); | 489 GURL("view-source:file:///etc/passwd"))); |
437 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 490 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
438 EXPECT_FALSE(p->CanRequestURL( | 491 EXPECT_FALSE(p->CanRequestURL( |
439 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 492 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
440 | 493 |
494 // Child processes cannot be redirected to view source URLs. | |
495 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/"))); | |
496 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd"))); | |
497 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
498 EXPECT_FALSE(p->CanRedirectToURL( | |
499 GURL("view-source:view-source:http://www.google.com/"))); | |
500 | |
441 // View source URLs don't actually commit; the renderer is put into view | 501 // View source URLs don't actually commit; the renderer is put into view |
442 // source mode, and the inner URL commits. | 502 // source mode, and the inner URL commits. |
443 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 503 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
444 GURL("view-source:http://www.google.com/"))); | 504 GURL("view-source:http://www.google.com/"))); |
445 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 505 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
446 GURL("view-source:file:///etc/passwd"))); | 506 GURL("view-source:file:///etc/passwd"))); |
447 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 507 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
448 EXPECT_FALSE(p->CanCommitURL( | 508 EXPECT_FALSE(p->CanCommitURL( |
449 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 509 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
450 | 510 |
451 // View source URLs should not be setable as origin headers | 511 // View source URLs should not be setable as origin headers |
452 EXPECT_FALSE(p->CanSetAsOriginHeader( | 512 EXPECT_FALSE(p->CanSetAsOriginHeader( |
453 kRendererID, GURL("view-source:http://www.google.com/"))); | 513 kRendererID, GURL("view-source:http://www.google.com/"))); |
454 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, | 514 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
455 GURL("view-source:file:///etc/passwd"))); | 515 GURL("view-source:file:///etc/passwd"))); |
456 EXPECT_FALSE( | 516 EXPECT_FALSE( |
457 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 517 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
458 EXPECT_FALSE(p->CanSetAsOriginHeader( | 518 EXPECT_FALSE(p->CanSetAsOriginHeader( |
459 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 519 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
460 | 520 |
461 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); | 521 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); |
462 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 522 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
523 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
463 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 524 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
464 EXPECT_FALSE( | 525 EXPECT_FALSE( |
465 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 526 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
466 EXPECT_FALSE( | 527 EXPECT_FALSE( |
467 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); | 528 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); |
529 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd"))); | |
468 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 530 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
469 GURL("view-source:file:///etc/passwd"))); | 531 GURL("view-source:file:///etc/passwd"))); |
470 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, | 532 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
471 GURL("view-source:file:///etc/passwd"))); | 533 GURL("view-source:file:///etc/passwd"))); |
472 p->Remove(kRendererID); | 534 p->Remove(kRendererID); |
473 } | 535 } |
474 | 536 |
475 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { | 537 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { |
476 ChildProcessSecurityPolicyImpl* p = | 538 ChildProcessSecurityPolicyImpl* p = |
477 ChildProcessSecurityPolicyImpl::GetInstance(); | 539 ChildProcessSecurityPolicyImpl::GetInstance(); |
478 | 540 |
479 p->Add(kRendererID); | 541 p->Add(kRendererID); |
480 | 542 |
481 GURL icon_url("file:///tmp/foo.png"); | 543 GURL icon_url("file:///tmp/foo.png"); |
482 GURL sensitive_url("file:///etc/passwd"); | 544 GURL sensitive_url("file:///etc/passwd"); |
483 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); | 545 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); |
484 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 546 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
547 EXPECT_FALSE(p->CanRedirectToURL(icon_url)); | |
548 EXPECT_FALSE(p->CanRedirectToURL(sensitive_url)); | |
485 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); | 549 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); |
486 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 550 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
487 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 551 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
488 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 552 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
489 | 553 |
490 p->GrantRequestSpecificFileURL(kRendererID, icon_url); | 554 p->GrantRequestSpecificFileURL(kRendererID, icon_url); |
491 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 555 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
492 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 556 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
557 EXPECT_FALSE(p->CanRedirectToURL(icon_url)); | |
558 EXPECT_FALSE(p->CanRedirectToURL(sensitive_url)); | |
493 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 559 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
494 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 560 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
495 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 561 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
496 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 562 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
497 | 563 |
498 p->GrantRequestURL(kRendererID, icon_url); | 564 p->GrantRequestURL(kRendererID, icon_url); |
499 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 565 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
500 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); | 566 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); |
567 EXPECT_FALSE(p->CanRedirectToURL(icon_url)); | |
568 EXPECT_FALSE(p->CanRedirectToURL(sensitive_url)); | |
501 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 569 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
502 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); | 570 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); |
503 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 571 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
504 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 572 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
505 | 573 |
506 p->Remove(kRendererID); | 574 p->Remove(kRendererID); |
507 } | 575 } |
508 | 576 |
509 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { | 577 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { |
510 ChildProcessSecurityPolicyImpl* p = | 578 ChildProcessSecurityPolicyImpl* p = |
(...skipping 290 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
801 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { | 869 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { |
802 ChildProcessSecurityPolicyImpl* p = | 870 ChildProcessSecurityPolicyImpl* p = |
803 ChildProcessSecurityPolicyImpl::GetInstance(); | 871 ChildProcessSecurityPolicyImpl::GetInstance(); |
804 | 872 |
805 GURL url("chrome://thumb/http://www.google.com/"); | 873 GURL url("chrome://thumb/http://www.google.com/"); |
806 | 874 |
807 p->Add(kRendererID); | 875 p->Add(kRendererID); |
808 | 876 |
809 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 877 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
810 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 878 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
879 EXPECT_FALSE(p->CanRedirectToURL(url)); | |
811 p->GrantWebUIBindings(kRendererID); | 880 p->GrantWebUIBindings(kRendererID); |
812 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); | 881 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); |
813 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); | 882 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
883 EXPECT_FALSE(p->CanRedirectToURL(url)); | |
814 | 884 |
815 p->Remove(kRendererID); | 885 p->Remove(kRendererID); |
816 } | 886 } |
817 | 887 |
818 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { | 888 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { |
819 ChildProcessSecurityPolicyImpl* p = | 889 ChildProcessSecurityPolicyImpl* p = |
820 ChildProcessSecurityPolicyImpl::GetInstance(); | 890 ChildProcessSecurityPolicyImpl::GetInstance(); |
821 | 891 |
822 GURL url("file:///etc/passwd"); | 892 GURL url("file:///etc/passwd"); |
823 base::FilePath file(TEST_PATH("/etc/passwd")); | 893 base::FilePath file(TEST_PATH("/etc/passwd")); |
824 | 894 |
825 p->Add(kRendererID); | 895 p->Add(kRendererID); |
826 | 896 |
827 p->GrantRequestURL(kRendererID, url); | 897 p->GrantRequestURL(kRendererID, url); |
828 p->GrantReadFile(kRendererID, file); | 898 p->GrantReadFile(kRendererID, file); |
829 p->GrantWebUIBindings(kRendererID); | 899 p->GrantWebUIBindings(kRendererID); |
830 | 900 |
831 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); | 901 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
902 EXPECT_FALSE(p->CanRedirectToURL(url)); | |
832 EXPECT_TRUE(p->CanReadFile(kRendererID, file)); | 903 EXPECT_TRUE(p->CanReadFile(kRendererID, file)); |
833 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); | 904 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); |
834 | 905 |
835 p->Remove(kRendererID); | 906 p->Remove(kRendererID); |
836 | 907 |
837 // Renderers are added and removed on the UI thread, but the policy can be | 908 // Renderers are added and removed on the UI thread, but the policy can be |
838 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be | 909 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be |
839 // prepared to answer policy questions about renderers who no longer exist. | 910 // prepared to answer policy questions about renderers who no longer exist. |
840 | 911 |
841 // In this case, we default to secure behavior. | 912 // In this case, we default to secure behavior. |
842 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 913 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
914 EXPECT_FALSE(p->CanRedirectToURL(url)); | |
843 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); | 915 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); |
844 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 916 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
845 } | 917 } |
846 | 918 |
847 // Test the granting of origin permissions, and their interactions with | 919 // Test the granting of origin permissions, and their interactions with |
848 // granting scheme permissions. | 920 // granting scheme permissions. |
849 TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { | 921 TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { |
850 ChildProcessSecurityPolicyImpl* p = | 922 ChildProcessSecurityPolicyImpl* p = |
851 ChildProcessSecurityPolicyImpl::GetInstance(); | 923 ChildProcessSecurityPolicyImpl::GetInstance(); |
852 | 924 |
853 p->Add(kRendererID); | 925 p->Add(kRendererID); |
854 | 926 |
855 GURL url_foo1("chrome://foo/resource1"); | 927 GURL url_foo1("chrome://foo/resource1"); |
856 GURL url_foo2("chrome://foo/resource2"); | 928 GURL url_foo2("chrome://foo/resource2"); |
857 GURL url_bar("chrome://bar/resource3"); | 929 GURL url_bar("chrome://bar/resource3"); |
858 | 930 |
859 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); | 931 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); |
860 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); | 932 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); |
861 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 933 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
934 EXPECT_FALSE(p->CanRedirectToURL(url_foo1)); | |
935 EXPECT_FALSE(p->CanRedirectToURL(url_foo2)); | |
936 EXPECT_FALSE(p->CanRedirectToURL(url_bar)); | |
862 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); | 937 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); |
863 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); | 938 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); |
864 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 939 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
865 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 940 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
866 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 941 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
867 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 942 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
868 | 943 |
869 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); | 944 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); |
870 | 945 |
871 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 946 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
872 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 947 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
873 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 948 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
949 EXPECT_FALSE(p->CanRedirectToURL(url_foo1)); | |
950 EXPECT_FALSE(p->CanRedirectToURL(url_foo2)); | |
951 EXPECT_FALSE(p->CanRedirectToURL(url_bar)); | |
874 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 952 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
875 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 953 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
876 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 954 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
877 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 955 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
878 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 956 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
879 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 957 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
880 | 958 |
881 p->GrantScheme(kRendererID, kChromeUIScheme); | 959 p->GrantScheme(kRendererID, kChromeUIScheme); |
882 | 960 |
883 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 961 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
884 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 962 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
885 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); | 963 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); |
964 EXPECT_FALSE(p->CanRedirectToURL(url_foo1)); | |
965 EXPECT_FALSE(p->CanRedirectToURL(url_foo2)); | |
966 EXPECT_FALSE(p->CanRedirectToURL(url_bar)); | |
886 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 967 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
887 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 968 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
888 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); | 969 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); |
889 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 970 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
890 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 971 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
891 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 972 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
892 | 973 |
893 p->Remove(kRendererID); | 974 p->Remove(kRendererID); |
894 } | 975 } |
895 | 976 |
(...skipping 16 matching lines...) Expand all Loading... | |
912 EXPECT_EQ(4U, policy->isolated_origins_.size()); | 993 EXPECT_EQ(4U, policy->isolated_origins_.size()); |
913 EXPECT_TRUE( | 994 EXPECT_TRUE( |
914 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); | 995 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); |
915 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("http://a.com")))); | 996 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("http://a.com")))); |
916 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("https://b.com")))); | 997 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("https://b.com")))); |
917 EXPECT_TRUE( | 998 EXPECT_TRUE( |
918 policy->IsIsolatedOrigin(url::Origin(GURL("https://c.com:8000")))); | 999 policy->IsIsolatedOrigin(url::Origin(GURL("https://c.com:8000")))); |
919 } | 1000 } |
920 | 1001 |
921 } // namespace content | 1002 } // namespace content |
OLD | NEW |