Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(210)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_unittest.cc

Issue 2973433003: Block redirects to renderer-debug urls. (Closed)
Patch Set: Nit: Charlie Harrison Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/browser/child_process_security_policy_impl.cc ('K') | « content/browser/child_process_security_policy_impl.cc ('k') | content/browser/frame_host/navigation_handle_impl.h » ('j') | content/browser/frame_host/navigation_handle_impl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <set> 5 #include <set>
6 #include <string> 6 #include <string>
7 7
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "content/browser/child_process_security_policy_impl.h" 9 #include "content/browser/child_process_security_policy_impl.h"
10 #include "content/public/common/url_constants.h" 10 #include "content/public/common/url_constants.h"
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after
150 150
151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); 151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme));
152 } 152 }
153 153
154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { 154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) {
155 ChildProcessSecurityPolicyImpl* p = 155 ChildProcessSecurityPolicyImpl* p =
156 ChildProcessSecurityPolicyImpl::GetInstance(); 156 ChildProcessSecurityPolicyImpl::GetInstance();
157 157
158 p->Add(kRendererID); 158 p->Add(kRendererID);
159 159
160 // Safe to request or commit. 160 // Safe to request, redirect or commit.
161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); 161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/")));
162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); 162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/")));
163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); 163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/")));
164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); 164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>")));
165 EXPECT_TRUE(p->CanRequestURL( 165 EXPECT_TRUE(p->CanRequestURL(
166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); 166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif")));
167 EXPECT_TRUE(p->CanRedirectToURL(GURL("http://www.google.com/")));
168 EXPECT_TRUE(p->CanRedirectToURL(GURL("https://www.paypal.com/")));
169 EXPECT_TRUE(p->CanRedirectToURL(GURL("ftp://ftp.gnu.org/")));
170 EXPECT_TRUE(p->CanRedirectToURL(GURL("data:text/html,<b>Hi</b>")));
Charlie Reis 2017/07/07 17:12:59 Hmm, this is surprising to me in the other directi
arthursonzogni 2017/07/10 16:07:03 Yes, eventually. So, this is already enforced some
Charlie Reis 2017/07/10 21:16:21 Acknowledged.
171 EXPECT_FALSE(
172 p->CanRedirectToURL(GURL("filesystem:http://localhost/temporary/a.gif")));
167 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); 173 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/")));
168 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); 174 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/")));
169 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); 175 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/")));
170 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); 176 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>")));
171 EXPECT_TRUE(p->CanCommitURL( 177 EXPECT_TRUE(p->CanCommitURL(
172 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); 178 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif")));
173 EXPECT_TRUE( 179 EXPECT_TRUE(
174 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); 180 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/")));
175 EXPECT_TRUE( 181 EXPECT_TRUE(
176 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); 182 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/")));
177 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); 183 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/")));
178 EXPECT_TRUE( 184 EXPECT_TRUE(
179 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); 185 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>")));
180 EXPECT_TRUE(p->CanSetAsOriginHeader( 186 EXPECT_TRUE(p->CanSetAsOriginHeader(
181 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); 187 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif")));
182 188
183 // Dangerous to request, commit, or set as origin header. 189 // Dangerous to request, commit, or set as origin header.
184 EXPECT_FALSE(p->CanRequestURL(kRendererID, 190 EXPECT_FALSE(p->CanRequestURL(kRendererID,
185 GURL("file:///etc/passwd"))); 191 GURL("file:///etc/passwd")));
186 EXPECT_FALSE(p->CanRequestURL(kRendererID, 192 EXPECT_FALSE(p->CanRequestURL(kRendererID,
187 GURL("chrome://foo/bar"))); 193 GURL("chrome://foo/bar")));
188 EXPECT_FALSE(p->CanRequestURL(kRendererID, 194 EXPECT_FALSE(p->CanRequestURL(kRendererID,
189 GURL("view-source:http://www.google.com/"))); 195 GURL("view-source:http://www.google.com/")));
196 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd")));
197 EXPECT_FALSE(p->CanRedirectToURL(GURL("chrome://foo/bar")));
198 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/")));
190 EXPECT_FALSE(p->CanCommitURL(kRendererID, 199 EXPECT_FALSE(p->CanCommitURL(kRendererID,
191 GURL("file:///etc/passwd"))); 200 GURL("file:///etc/passwd")));
192 EXPECT_FALSE(p->CanCommitURL(kRendererID, 201 EXPECT_FALSE(p->CanCommitURL(kRendererID,
193 GURL("chrome://foo/bar"))); 202 GURL("chrome://foo/bar")));
194 EXPECT_FALSE( 203 EXPECT_FALSE(
195 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); 204 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/")));
196 EXPECT_FALSE( 205 EXPECT_FALSE(
197 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); 206 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd")));
198 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); 207 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar")));
199 EXPECT_FALSE(p->CanSetAsOriginHeader( 208 EXPECT_FALSE(p->CanSetAsOriginHeader(
(...skipping 23 matching lines...) Expand all
223 kRendererID, GURL("blob:http://username@localhost/some-guid"))); 232 kRendererID, GURL("blob:http://username@localhost/some-guid")));
224 EXPECT_FALSE(p->CanRequestURL( 233 EXPECT_FALSE(p->CanRequestURL(
225 kRendererID, GURL("blob:http://username @localhost/some-guid"))); 234 kRendererID, GURL("blob:http://username @localhost/some-guid")));
226 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); 235 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid")));
227 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); 236 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid")));
228 EXPECT_FALSE(p->CanRequestURL(kRendererID, 237 EXPECT_FALSE(p->CanRequestURL(kRendererID,
229 GURL("blob:filesystem:http://localhost/path"))); 238 GURL("blob:filesystem:http://localhost/path")));
230 EXPECT_FALSE(p->CanRequestURL(kRendererID, 239 EXPECT_FALSE(p->CanRequestURL(kRendererID,
231 GURL("filesystem:blob:http://localhost/guid"))); 240 GURL("filesystem:blob:http://localhost/guid")));
232 241
242 // No redirect to a blob-url or a filesystem-url are allowed.
Charlie Reis 2017/07/07 17:12:59 nit: redirects
arthursonzogni 2017/07/10 16:07:04 Line removed.
243 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid")));
244 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:null/some-guid")));
245 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid")));
246 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid")));
247 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid#fragment")));
248 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid?query")));
249 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:blobinternal://some-guid")));
250 EXPECT_FALSE(
251 p->CanRedirectToURL(GURL("blob:http://username@localhost/some-guid")));
252 EXPECT_FALSE(p->CanRedirectToURL(
253 GURL("blob:http://username @localhost/some-guid")));
254 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:blob:some-guid")));
255 EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:some-guid")));
256 EXPECT_FALSE(
257 p->CanRedirectToURL(GURL("blob:filesystem:http://localhost/path")));
258 EXPECT_FALSE(
259 p->CanRedirectToURL(GURL("filesystem:blob:http://localhost/guid")));
260
233 EXPECT_TRUE( 261 EXPECT_TRUE(
234 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); 262 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid")));
235 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); 263 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid")));
236 EXPECT_TRUE( 264 EXPECT_TRUE(
237 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); 265 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid")));
238 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); 266 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid")));
239 EXPECT_TRUE( 267 EXPECT_TRUE(
240 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); 268 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment")));
241 EXPECT_TRUE( 269 EXPECT_TRUE(
242 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid"))); 270 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid")));
(...skipping 14 matching lines...) Expand all
257 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { 285 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) {
258 ChildProcessSecurityPolicyImpl* p = 286 ChildProcessSecurityPolicyImpl* p =
259 ChildProcessSecurityPolicyImpl::GetInstance(); 287 ChildProcessSecurityPolicyImpl::GetInstance();
260 288
261 p->Add(kRendererID); 289 p->Add(kRendererID);
262 290
263 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); 291 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank")));
264 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); 292 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK")));
265 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); 293 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK")));
266 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); 294 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank")));
295 EXPECT_TRUE(p->CanRedirectToURL(GURL("about:blank")));
296 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:BlAnK")));
297 EXPECT_FALSE(p->CanRedirectToURL(GURL("aBouT:BlAnK")));
298 EXPECT_TRUE(p->CanRedirectToURL(GURL("aBouT:blank")));
267 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); 299 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank")));
268 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); 300 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK")));
269 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); 301 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK")));
270 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); 302 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank")));
271 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); 303 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank")));
272 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); 304 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK")));
273 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); 305 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK")));
274 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); 306 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank")));
275 307
276 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc"))); 308 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc")));
309 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:srcdoc")));
277 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc"))); 310 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc")));
278 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc"))); 311 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc")));
279 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC"))); 312 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC")));
280 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:SRCDOC"))); 313 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:SRCDOC")));
281 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:SRCDOC"))); 314 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:SRCDOC")));
282 315
283 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); 316 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash")));
284 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); 317 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache")));
285 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); 318 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang")));
286 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); 319 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version")));
320 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash")));
321 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:cache")));
322 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:hang")));
323 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:version")));
287 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); 324 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash")));
288 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); 325 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache")));
289 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); 326 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang")));
290 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); 327 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version")));
291 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); 328 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash")));
292 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); 329 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache")));
293 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); 330 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang")));
294 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); 331 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version")));
295 332
296 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); 333 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version")));
297 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); 334 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh")));
298 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); 335 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe")));
336 EXPECT_FALSE(p->CanRedirectToURL(GURL("aBoUt:version")));
337 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:CrASh")));
338 EXPECT_FALSE(p->CanRedirectToURL(GURL("abOuT:cAChe")));
299 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); 339 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version")));
300 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); 340 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh")));
301 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); 341 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe")));
302 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); 342 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version")));
303 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); 343 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version")));
304 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); 344 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh")));
305 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); 345 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe")));
306 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); 346 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version")));
307 347
308 // Requests for about: pages should be denied. 348 // Requests for about: pages should be denied.
309 p->GrantRequestURL(kRendererID, GURL("about:crash")); 349 p->GrantRequestURL(kRendererID, GURL("about:crash"));
310 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); 350 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash")));
351 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash")));
311 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); 352 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash")));
312 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); 353 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash")));
313 354
314 // These requests for chrome:// pages should be granted. 355 // These requests for chrome:// pages should be granted if there is no
Charlie Reis 2017/07/07 17:12:59 nit: s/is/are/
arthursonzogni 2017/07/10 16:07:04 Undoing my change on this line.
356 // redirects.
315 GURL chrome_url("chrome://foo"); 357 GURL chrome_url("chrome://foo");
316 p->GrantRequestURL(kRendererID, chrome_url); 358 p->GrantRequestURL(kRendererID, chrome_url);
317 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); 359 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url));
360 EXPECT_FALSE(p->CanRedirectToURL(GURL(chrome_url)));
318 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); 361 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url));
319 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); 362 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url));
320 363
321 p->Remove(kRendererID); 364 p->Remove(kRendererID);
322 } 365 }
323 366
324 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { 367 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) {
325 ChildProcessSecurityPolicyImpl* p = 368 ChildProcessSecurityPolicyImpl* p =
326 ChildProcessSecurityPolicyImpl::GetInstance(); 369 ChildProcessSecurityPolicyImpl::GetInstance();
327 370
328 p->Add(kRendererID); 371 p->Add(kRendererID);
329 372
330 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); 373 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')")));
374 EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')")));
331 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); 375 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')")));
332 EXPECT_FALSE( 376 EXPECT_FALSE(
333 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); 377 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')")));
334 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); 378 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')"));
335 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); 379 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')")));
380 EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')")));
336 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); 381 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')")));
337 EXPECT_FALSE( 382 EXPECT_FALSE(
338 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); 383 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')")));
339 384
340 p->Remove(kRendererID); 385 p->Remove(kRendererID);
341 } 386 }
342 387
343 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { 388 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) {
344 ChildProcessSecurityPolicyImpl* p = 389 ChildProcessSecurityPolicyImpl* p =
345 ChildProcessSecurityPolicyImpl::GetInstance(); 390 ChildProcessSecurityPolicyImpl::GetInstance();
346 391
347 p->Add(kRendererID); 392 p->Add(kRendererID);
348 393
349 // Suborigin URLs are not requestable or committable. 394 // Suborigin URLs are not requestable or committable.
350 EXPECT_FALSE( 395 EXPECT_FALSE(
351 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); 396 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com")));
352 EXPECT_FALSE( 397 EXPECT_FALSE(
353 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); 398 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com")));
399 EXPECT_FALSE(p->CanRedirectToURL(GURL("http-so://foobar.example.com")));
400 EXPECT_FALSE(p->CanRedirectToURL(GURL("https-so://foobar.example.com")));
354 EXPECT_FALSE( 401 EXPECT_FALSE(
355 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); 402 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com")));
356 EXPECT_FALSE( 403 EXPECT_FALSE(
357 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); 404 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com")));
358 405
359 // It's not possible to grant suborigins requestable status. 406 // It's not possible to grant suborigins requestable status.
360 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com")); 407 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com"));
361 EXPECT_FALSE( 408 EXPECT_FALSE(
362 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); 409 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com")));
363 410
364 // Suborigin URLs are valid origin headers. 411 // Suborigin URLs are valid origin headers.
365 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, 412 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID,
366 GURL("http-so://foobar.example.com"))); 413 GURL("http-so://foobar.example.com")));
367 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, 414 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID,
368 GURL("https-so://foobar.example.com"))); 415 GURL("https-so://foobar.example.com")));
369 416
370 p->Remove(kRendererID); 417 p->Remove(kRendererID);
371 } 418 }
372 419
373 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { 420 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) {
374 ChildProcessSecurityPolicyImpl* p = 421 ChildProcessSecurityPolicyImpl* p =
375 ChildProcessSecurityPolicyImpl::GetInstance(); 422 ChildProcessSecurityPolicyImpl::GetInstance();
376 423
377 p->Add(kRendererID); 424 p->Add(kRendererID);
378 425
379 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be 426 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be
380 // requested but not committed. 427 // requested but not committed.
381 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); 428 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers")));
429 EXPECT_FALSE(p->CanRedirectToURL(GURL("asdf:rockers")));
382 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); 430 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers")));
383 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); 431 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers")));
384 432
385 // Once we register "asdf", we default to deny. 433 // Once we register "asdf", we default to deny.
386 RegisterTestScheme("asdf"); 434 RegisterTestScheme("asdf");
387 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); 435 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers")));
436 EXPECT_FALSE(p->CanRedirectToURL(GURL("asdf:rockers")));
388 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); 437 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers")));
389 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); 438 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers")));
390 439
391 // We can allow new schemes by adding them to the whitelist. 440 // We can allow new schemes by adding them to the whitelist.
392 p->RegisterWebSafeScheme("asdf"); 441 p->RegisterWebSafeScheme("asdf");
393 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); 442 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers")));
443 EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers")));
394 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); 444 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers")));
395 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); 445 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers")));
396 446
397 // Cleanup. 447 // Cleanup.
398 p->Remove(kRendererID); 448 p->Remove(kRendererID);
399 } 449 }
400 450
401 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { 451 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) {
402 ChildProcessSecurityPolicyImpl* p = 452 ChildProcessSecurityPolicyImpl* p =
403 ChildProcessSecurityPolicyImpl::GetInstance(); 453 ChildProcessSecurityPolicyImpl::GetInstance();
404 454
405 p->Add(kRendererID); 455 p->Add(kRendererID);
406 456
407 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); 457 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
458 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd")));
408 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); 459 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd")));
409 EXPECT_FALSE( 460 EXPECT_FALSE(
410 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); 461 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd")));
411 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); 462 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd"));
412 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); 463 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
464 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd")));
413 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); 465 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd")));
414 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); 466 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd")));
415 467
416 // We should forget our state if we repeat a renderer id. 468 // We should forget our state if we repeat a renderer id.
417 p->Remove(kRendererID); 469 p->Remove(kRendererID);
418 p->Add(kRendererID); 470 p->Add(kRendererID);
419 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); 471 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
472 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd")));
420 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); 473 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd")));
421 EXPECT_FALSE( 474 EXPECT_FALSE(
422 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); 475 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd")));
423 p->Remove(kRendererID); 476 p->Remove(kRendererID);
424 } 477 }
425 478
426 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { 479 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) {
427 ChildProcessSecurityPolicyImpl* p = 480 ChildProcessSecurityPolicyImpl* p =
428 ChildProcessSecurityPolicyImpl::GetInstance(); 481 ChildProcessSecurityPolicyImpl::GetInstance();
429 482
430 p->Add(kRendererID); 483 p->Add(kRendererID);
431 484
432 // Child processes cannot request view source URLs. 485 // Child processes cannot request view source URLs.
433 EXPECT_FALSE(p->CanRequestURL(kRendererID, 486 EXPECT_FALSE(p->CanRequestURL(kRendererID,
434 GURL("view-source:http://www.google.com/"))); 487 GURL("view-source:http://www.google.com/")));
435 EXPECT_FALSE(p->CanRequestURL(kRendererID, 488 EXPECT_FALSE(p->CanRequestURL(kRendererID,
436 GURL("view-source:file:///etc/passwd"))); 489 GURL("view-source:file:///etc/passwd")));
437 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); 490 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
438 EXPECT_FALSE(p->CanRequestURL( 491 EXPECT_FALSE(p->CanRequestURL(
439 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); 492 kRendererID, GURL("view-source:view-source:http://www.google.com/")));
440 493
494 // Child processes cannot be redirected to view source URLs.
495 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/")));
496 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd")));
497 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd")));
498 EXPECT_FALSE(p->CanRedirectToURL(
499 GURL("view-source:view-source:http://www.google.com/")));
500
441 // View source URLs don't actually commit; the renderer is put into view 501 // View source URLs don't actually commit; the renderer is put into view
442 // source mode, and the inner URL commits. 502 // source mode, and the inner URL commits.
443 EXPECT_FALSE(p->CanCommitURL(kRendererID, 503 EXPECT_FALSE(p->CanCommitURL(kRendererID,
444 GURL("view-source:http://www.google.com/"))); 504 GURL("view-source:http://www.google.com/")));
445 EXPECT_FALSE(p->CanCommitURL(kRendererID, 505 EXPECT_FALSE(p->CanCommitURL(kRendererID,
446 GURL("view-source:file:///etc/passwd"))); 506 GURL("view-source:file:///etc/passwd")));
447 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); 507 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd")));
448 EXPECT_FALSE(p->CanCommitURL( 508 EXPECT_FALSE(p->CanCommitURL(
449 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); 509 kRendererID, GURL("view-source:view-source:http://www.google.com/")));
450 510
451 // View source URLs should not be setable as origin headers 511 // View source URLs should not be setable as origin headers
452 EXPECT_FALSE(p->CanSetAsOriginHeader( 512 EXPECT_FALSE(p->CanSetAsOriginHeader(
453 kRendererID, GURL("view-source:http://www.google.com/"))); 513 kRendererID, GURL("view-source:http://www.google.com/")));
454 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, 514 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID,
455 GURL("view-source:file:///etc/passwd"))); 515 GURL("view-source:file:///etc/passwd")));
456 EXPECT_FALSE( 516 EXPECT_FALSE(
457 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); 517 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd")));
458 EXPECT_FALSE(p->CanSetAsOriginHeader( 518 EXPECT_FALSE(p->CanSetAsOriginHeader(
459 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); 519 kRendererID, GURL("view-source:view-source:http://www.google.com/")));
460 520
461 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); 521 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"));
462 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); 522 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
523 EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd")));
463 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); 524 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd")));
464 EXPECT_FALSE( 525 EXPECT_FALSE(
465 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); 526 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd")));
466 EXPECT_FALSE( 527 EXPECT_FALSE(
467 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); 528 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")));
529 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd")));
468 EXPECT_FALSE(p->CanCommitURL(kRendererID, 530 EXPECT_FALSE(p->CanCommitURL(kRendererID,
469 GURL("view-source:file:///etc/passwd"))); 531 GURL("view-source:file:///etc/passwd")));
470 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, 532 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID,
471 GURL("view-source:file:///etc/passwd"))); 533 GURL("view-source:file:///etc/passwd")));
472 p->Remove(kRendererID); 534 p->Remove(kRendererID);
473 } 535 }
474 536
475 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { 537 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) {
476 ChildProcessSecurityPolicyImpl* p = 538 ChildProcessSecurityPolicyImpl* p =
477 ChildProcessSecurityPolicyImpl::GetInstance(); 539 ChildProcessSecurityPolicyImpl::GetInstance();
478 540
479 p->Add(kRendererID); 541 p->Add(kRendererID);
480 542
481 GURL icon_url("file:///tmp/foo.png"); 543 GURL icon_url("file:///tmp/foo.png");
482 GURL sensitive_url("file:///etc/passwd"); 544 GURL sensitive_url("file:///etc/passwd");
483 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); 545 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url));
484 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); 546 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url));
547 EXPECT_FALSE(p->CanRedirectToURL(icon_url));
548 EXPECT_FALSE(p->CanRedirectToURL(sensitive_url));
485 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); 549 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url));
486 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); 550 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url));
487 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); 551 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url));
488 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); 552 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url));
489 553
490 p->GrantRequestSpecificFileURL(kRendererID, icon_url); 554 p->GrantRequestSpecificFileURL(kRendererID, icon_url);
491 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); 555 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url));
492 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); 556 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url));
557 EXPECT_FALSE(p->CanRedirectToURL(icon_url));
558 EXPECT_FALSE(p->CanRedirectToURL(sensitive_url));
493 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); 559 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url));
494 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); 560 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url));
495 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); 561 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url));
496 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); 562 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url));
497 563
498 p->GrantRequestURL(kRendererID, icon_url); 564 p->GrantRequestURL(kRendererID, icon_url);
499 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); 565 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url));
500 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); 566 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url));
567 EXPECT_FALSE(p->CanRedirectToURL(icon_url));
568 EXPECT_FALSE(p->CanRedirectToURL(sensitive_url));
501 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); 569 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url));
502 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); 570 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url));
503 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); 571 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url));
504 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); 572 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url));
505 573
506 p->Remove(kRendererID); 574 p->Remove(kRendererID);
507 } 575 }
508 576
509 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { 577 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) {
510 ChildProcessSecurityPolicyImpl* p = 578 ChildProcessSecurityPolicyImpl* p =
(...skipping 290 matching lines...) Expand 10 before | Expand all | Expand 10 after
801 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { 869 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) {
802 ChildProcessSecurityPolicyImpl* p = 870 ChildProcessSecurityPolicyImpl* p =
803 ChildProcessSecurityPolicyImpl::GetInstance(); 871 ChildProcessSecurityPolicyImpl::GetInstance();
804 872
805 GURL url("chrome://thumb/http://www.google.com/"); 873 GURL url("chrome://thumb/http://www.google.com/");
806 874
807 p->Add(kRendererID); 875 p->Add(kRendererID);
808 876
809 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); 877 EXPECT_FALSE(p->HasWebUIBindings(kRendererID));
810 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); 878 EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
879 EXPECT_FALSE(p->CanRedirectToURL(url));
811 p->GrantWebUIBindings(kRendererID); 880 p->GrantWebUIBindings(kRendererID);
812 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); 881 EXPECT_TRUE(p->HasWebUIBindings(kRendererID));
813 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); 882 EXPECT_TRUE(p->CanRequestURL(kRendererID, url));
883 EXPECT_FALSE(p->CanRedirectToURL(url));
814 884
815 p->Remove(kRendererID); 885 p->Remove(kRendererID);
816 } 886 }
817 887
818 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { 888 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) {
819 ChildProcessSecurityPolicyImpl* p = 889 ChildProcessSecurityPolicyImpl* p =
820 ChildProcessSecurityPolicyImpl::GetInstance(); 890 ChildProcessSecurityPolicyImpl::GetInstance();
821 891
822 GURL url("file:///etc/passwd"); 892 GURL url("file:///etc/passwd");
823 base::FilePath file(TEST_PATH("/etc/passwd")); 893 base::FilePath file(TEST_PATH("/etc/passwd"));
824 894
825 p->Add(kRendererID); 895 p->Add(kRendererID);
826 896
827 p->GrantRequestURL(kRendererID, url); 897 p->GrantRequestURL(kRendererID, url);
828 p->GrantReadFile(kRendererID, file); 898 p->GrantReadFile(kRendererID, file);
829 p->GrantWebUIBindings(kRendererID); 899 p->GrantWebUIBindings(kRendererID);
830 900
831 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); 901 EXPECT_TRUE(p->CanRequestURL(kRendererID, url));
902 EXPECT_FALSE(p->CanRedirectToURL(url));
832 EXPECT_TRUE(p->CanReadFile(kRendererID, file)); 903 EXPECT_TRUE(p->CanReadFile(kRendererID, file));
833 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); 904 EXPECT_TRUE(p->HasWebUIBindings(kRendererID));
834 905
835 p->Remove(kRendererID); 906 p->Remove(kRendererID);
836 907
837 // Renderers are added and removed on the UI thread, but the policy can be 908 // Renderers are added and removed on the UI thread, but the policy can be
838 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be 909 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be
839 // prepared to answer policy questions about renderers who no longer exist. 910 // prepared to answer policy questions about renderers who no longer exist.
840 911
841 // In this case, we default to secure behavior. 912 // In this case, we default to secure behavior.
842 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); 913 EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
914 EXPECT_FALSE(p->CanRedirectToURL(url));
843 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); 915 EXPECT_FALSE(p->CanReadFile(kRendererID, file));
844 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); 916 EXPECT_FALSE(p->HasWebUIBindings(kRendererID));
845 } 917 }
846 918
847 // Test the granting of origin permissions, and their interactions with 919 // Test the granting of origin permissions, and their interactions with
848 // granting scheme permissions. 920 // granting scheme permissions.
849 TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { 921 TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) {
850 ChildProcessSecurityPolicyImpl* p = 922 ChildProcessSecurityPolicyImpl* p =
851 ChildProcessSecurityPolicyImpl::GetInstance(); 923 ChildProcessSecurityPolicyImpl::GetInstance();
852 924
853 p->Add(kRendererID); 925 p->Add(kRendererID);
854 926
855 GURL url_foo1("chrome://foo/resource1"); 927 GURL url_foo1("chrome://foo/resource1");
856 GURL url_foo2("chrome://foo/resource2"); 928 GURL url_foo2("chrome://foo/resource2");
857 GURL url_bar("chrome://bar/resource3"); 929 GURL url_bar("chrome://bar/resource3");
858 930
859 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); 931 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1));
860 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); 932 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2));
861 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); 933 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar));
934 EXPECT_FALSE(p->CanRedirectToURL(url_foo1));
935 EXPECT_FALSE(p->CanRedirectToURL(url_foo2));
936 EXPECT_FALSE(p->CanRedirectToURL(url_bar));
862 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); 937 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1));
863 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); 938 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2));
864 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); 939 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar));
865 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); 940 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1));
866 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); 941 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2));
867 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); 942 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar));
868 943
869 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); 944 p->GrantOrigin(kRendererID, url::Origin(url_foo1));
870 945
871 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); 946 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1));
872 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); 947 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2));
873 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); 948 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar));
949 EXPECT_FALSE(p->CanRedirectToURL(url_foo1));
950 EXPECT_FALSE(p->CanRedirectToURL(url_foo2));
951 EXPECT_FALSE(p->CanRedirectToURL(url_bar));
874 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); 952 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1));
875 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); 953 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2));
876 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); 954 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar));
877 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); 955 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1));
878 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); 956 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2));
879 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); 957 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar));
880 958
881 p->GrantScheme(kRendererID, kChromeUIScheme); 959 p->GrantScheme(kRendererID, kChromeUIScheme);
882 960
883 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); 961 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1));
884 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); 962 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2));
885 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); 963 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar));
964 EXPECT_FALSE(p->CanRedirectToURL(url_foo1));
965 EXPECT_FALSE(p->CanRedirectToURL(url_foo2));
966 EXPECT_FALSE(p->CanRedirectToURL(url_bar));
886 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); 967 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1));
887 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); 968 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2));
888 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); 969 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar));
889 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); 970 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1));
890 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); 971 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2));
891 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); 972 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar));
892 973
893 p->Remove(kRendererID); 974 p->Remove(kRendererID);
894 } 975 }
895 976
(...skipping 16 matching lines...) Expand all
912 EXPECT_EQ(4U, policy->isolated_origins_.size()); 993 EXPECT_EQ(4U, policy->isolated_origins_.size());
913 EXPECT_TRUE( 994 EXPECT_TRUE(
914 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); 995 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com"))));
915 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("http://a.com")))); 996 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("http://a.com"))));
916 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("https://b.com")))); 997 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("https://b.com"))));
917 EXPECT_TRUE( 998 EXPECT_TRUE(
918 policy->IsIsolatedOrigin(url::Origin(GURL("https://c.com:8000")))); 999 policy->IsIsolatedOrigin(url::Origin(GURL("https://c.com:8000"))));
919 } 1000 }
920 1001
921 } // namespace content 1002 } // namespace content
OLDNEW
« content/browser/child_process_security_policy_impl.cc ('K') | « content/browser/child_process_security_policy_impl.cc ('k') | content/browser/frame_host/navigation_handle_impl.h » ('j') | content/browser/frame_host/navigation_handle_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698