Chromium Code Reviews Chromium Code Reviews
Issue 2973433003:
Block redirects to renderer-debug urls. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <set> | 5 #include <set> |
| 6 #include <string> | 6 #include <string> |
| 7 | 7 |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "content/browser/child_process_security_policy_impl.h" | 9 #include "content/browser/child_process_security_policy_impl.h" |
| 10 #include "content/public/common/url_constants.h" | 10 #include "content/public/common/url_constants.h" |
| (...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 150 | 150 |
| 151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); | 151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); |
| 152 } | 152 } |
| 153 | 153 |
| 154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { | 154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { |
| 155 ChildProcessSecurityPolicyImpl* p = | 155 ChildProcessSecurityPolicyImpl* p = |
| 156 ChildProcessSecurityPolicyImpl::GetInstance(); | 156 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 157 | 157 |
| 158 p->Add(kRendererID); | 158 p->Add(kRendererID); |
| 159 | 159 |
| 160 // Safe to request or commit. | 160 // Safe to request, redirect or commit. |
| 161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); | 161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); |
| 162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); | 162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); |
| 163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
| 164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
| 165 EXPECT_TRUE(p->CanRequestURL( | 165 EXPECT_TRUE(p->CanRequestURL( |
| 166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
| 167 EXPECT_TRUE(p->CanRedirectToURL(GURL("http://www.google.com/"))); | |
| 168 EXPECT_TRUE(p->CanRedirectToURL(GURL("https://www.paypal.com/"))); | |
| 169 EXPECT_TRUE(p->CanRedirectToURL(GURL("ftp://ftp.gnu.org/"))); | |
| 170 EXPECT_TRUE(p->CanRedirectToURL(GURL("data:text/html,<b>Hi</b>"))); | |
| 171 EXPECT_TRUE( | |
| 172 p->CanRedirectToURL(GURL("filesystem:http://localhost/temporary/a.gif"))); | |
| 167 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); | 173 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); |
| 168 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); | 174 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); |
| 169 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 175 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
| 170 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 176 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
| 171 EXPECT_TRUE(p->CanCommitURL( | 177 EXPECT_TRUE(p->CanCommitURL( |
| 172 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 178 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
| 173 EXPECT_TRUE( | 179 EXPECT_TRUE( |
| 174 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); | 180 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); |
| 175 EXPECT_TRUE( | 181 EXPECT_TRUE( |
| 176 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); | 182 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); |
| 177 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 183 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
| 178 EXPECT_TRUE( | 184 EXPECT_TRUE( |
| 179 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 185 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
| 180 EXPECT_TRUE(p->CanSetAsOriginHeader( | 186 EXPECT_TRUE(p->CanSetAsOriginHeader( |
| 181 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 187 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
| 182 | 188 |
| 183 // Dangerous to request, commit, or set as origin header. | 189 // Dangerous to request, commit, or set as origin header. |
| 184 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 190 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 185 GURL("file:///etc/passwd"))); | 191 GURL("file:///etc/passwd"))); |
| 186 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 192 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 187 GURL("chrome://foo/bar"))); | 193 GURL("chrome://foo/bar"))); |
| 188 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 194 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 189 GURL("view-source:http://www.google.com/"))); | 195 GURL("view-source:http://www.google.com/"))); |
| 196 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
| 197 EXPECT_TRUE(p->CanRedirectToURL(GURL("chrome://foo/bar"))); | |
| 198 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/"))); | |
| 190 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 199 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 191 GURL("file:///etc/passwd"))); | 200 GURL("file:///etc/passwd"))); |
| 192 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 201 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 193 GURL("chrome://foo/bar"))); | 202 GURL("chrome://foo/bar"))); |
| 194 EXPECT_FALSE( | 203 EXPECT_FALSE( |
| 195 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); | 204 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); |
| 196 EXPECT_FALSE( | 205 EXPECT_FALSE( |
| 197 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 206 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 198 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); | 207 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); |
| 199 EXPECT_FALSE(p->CanSetAsOriginHeader( | 208 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 223 kRendererID, GURL("blob:http://username@localhost/some-guid"))); | 232 kRendererID, GURL("blob:http://username@localhost/some-guid"))); |
| 224 EXPECT_FALSE(p->CanRequestURL( | 233 EXPECT_FALSE(p->CanRequestURL( |
| 225 kRendererID, GURL("blob:http://username @localhost/some-guid"))); | 234 kRendererID, GURL("blob:http://username @localhost/some-guid"))); |
| 226 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); | 235 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); |
| 227 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); | 236 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); |
| 228 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 237 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 229 GURL("blob:filesystem:http://localhost/path"))); | 238 GURL("blob:filesystem:http://localhost/path"))); |
| 230 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 239 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 231 GURL("filesystem:blob:http://localhost/guid"))); | 240 GURL("filesystem:blob:http://localhost/guid"))); |
| 232 | 241 |
| 242 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid"))); | |
|
Charlie Reis
2017/07/10 21:16:22
Are redirects to blob and filesystem URLs prevente
arthursonzogni
2017/07/11 16:21:31
I added some notes about this the CanRedirectToURL
| |
| 243 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:null/some-guid"))); | |
| 244 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid"))); | |
| 245 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:NulL/some-guid"))); | |
| 246 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:NulL/some-guid#fragment"))); | |
| 247 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:NulL/some-guid?query"))); | |
| 248 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:blobinternal://some-guid"))); | |
| 249 EXPECT_TRUE( | |
| 250 p->CanRedirectToURL(GURL("blob:http://username@localhost/some-guid"))); | |
| 251 EXPECT_TRUE(p->CanRedirectToURL( | |
| 252 GURL("blob:http://username @localhost/some-guid"))); | |
| 253 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:blob:some-guid"))); | |
| 254 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:some-guid"))); | |
| 255 EXPECT_TRUE( | |
| 256 p->CanRedirectToURL(GURL("blob:filesystem:http://localhost/path"))); | |
| 257 EXPECT_FALSE( | |
| 258 p->CanRedirectToURL(GURL("filesystem:blob:http://localhost/guid"))); | |
| 259 | |
| 233 EXPECT_TRUE( | 260 EXPECT_TRUE( |
| 234 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | 261 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
| 235 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); | 262 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); |
| 236 EXPECT_TRUE( | 263 EXPECT_TRUE( |
| 237 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | 264 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
| 238 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); | 265 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); |
| 239 EXPECT_TRUE( | 266 EXPECT_TRUE( |
| 240 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); | 267 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); |
| 241 EXPECT_TRUE( | 268 EXPECT_TRUE( |
| 242 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid"))); | 269 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid"))); |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 257 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { | 284 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
| 258 ChildProcessSecurityPolicyImpl* p = | 285 ChildProcessSecurityPolicyImpl* p = |
| 259 ChildProcessSecurityPolicyImpl::GetInstance(); | 286 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 260 | 287 |
| 261 p->Add(kRendererID); | 288 p->Add(kRendererID); |
| 262 | 289 |
| 263 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); | 290 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); |
| 264 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); | 291 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); |
| 265 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); | 292 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); |
| 266 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); | 293 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); |
| 294 EXPECT_TRUE(p->CanRedirectToURL(GURL("about:blank"))); | |
| 295 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:BlAnK"))); | |
| 296 EXPECT_FALSE(p->CanRedirectToURL(GURL("aBouT:BlAnK"))); | |
| 297 EXPECT_TRUE(p->CanRedirectToURL(GURL("aBouT:blank"))); | |
| 267 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); | 298 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); |
| 268 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); | 299 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); |
| 269 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); | 300 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); |
| 270 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); | 301 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); |
| 271 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); | 302 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); |
| 272 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); | 303 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); |
| 273 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); | 304 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); |
| 274 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); | 305 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); |
| 275 | 306 |
| 276 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc"))); | 307 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc"))); |
| 308 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:srcdoc"))); | |
| 277 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc"))); | 309 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc"))); |
| 278 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc"))); | 310 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc"))); |
| 279 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC"))); | 311 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC"))); |
| 280 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:SRCDOC"))); | 312 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:SRCDOC"))); |
| 281 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:SRCDOC"))); | 313 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:SRCDOC"))); |
| 282 | 314 |
| 283 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 315 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
| 284 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); | 316 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); |
| 285 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); | 317 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); |
| 286 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); | 318 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); |
| 319 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash"))); | |
| 320 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:cache"))); | |
| 321 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:hang"))); | |
| 322 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:version"))); | |
| 287 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 323 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
| 288 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); | 324 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); |
| 289 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); | 325 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); |
| 290 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); | 326 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); |
| 291 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); | 327 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
| 292 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); | 328 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); |
| 293 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); | 329 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); |
| 294 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); | 330 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); |
| 295 | 331 |
| 296 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); | 332 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); |
| 297 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); | 333 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); |
| 298 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); | 334 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); |
| 335 EXPECT_FALSE(p->CanRedirectToURL(GURL("aBoUt:version"))); | |
| 336 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:CrASh"))); | |
| 337 EXPECT_FALSE(p->CanRedirectToURL(GURL("abOuT:cAChe"))); | |
| 299 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 338 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
| 300 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); | 339 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); |
| 301 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); | 340 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); |
| 302 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 341 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
| 303 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); | 342 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
| 304 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); | 343 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); |
| 305 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); | 344 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); |
| 306 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); | 345 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
| 307 | 346 |
| 308 // Requests for about: pages should be denied. | 347 // Requests for about: pages should be denied. |
| 309 p->GrantRequestURL(kRendererID, GURL("about:crash")); | 348 p->GrantRequestURL(kRendererID, GURL("about:crash")); |
| 310 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 349 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
| 350 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash"))); | |
| 311 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 351 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
| 312 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); | 352 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
| 313 | 353 |
| 314 // These requests for chrome:// pages should be granted. | 354 // These requests for chrome:// pages should be granted. |
| 315 GURL chrome_url("chrome://foo"); | 355 GURL chrome_url("chrome://foo"); |
| 316 p->GrantRequestURL(kRendererID, chrome_url); | 356 p->GrantRequestURL(kRendererID, chrome_url); |
| 317 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); | 357 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); |
| 358 EXPECT_TRUE(p->CanRedirectToURL(GURL(chrome_url))); | |
| 318 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); | 359 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); |
| 319 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); | 360 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); |
| 320 | 361 |
| 321 p->Remove(kRendererID); | 362 p->Remove(kRendererID); |
| 322 } | 363 } |
| 323 | 364 |
| 324 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { | 365 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { |
| 325 ChildProcessSecurityPolicyImpl* p = | 366 ChildProcessSecurityPolicyImpl* p = |
| 326 ChildProcessSecurityPolicyImpl::GetInstance(); | 367 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 327 | 368 |
| 328 p->Add(kRendererID); | 369 p->Add(kRendererID); |
| 329 | 370 |
| 330 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 371 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
| 372 EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')"))); | |
| 331 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 373 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
| 332 EXPECT_FALSE( | 374 EXPECT_FALSE( |
| 333 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); | 375 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
| 334 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); | 376 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); |
| 335 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 377 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
| 378 EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')"))); | |
| 336 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 379 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
| 337 EXPECT_FALSE( | 380 EXPECT_FALSE( |
| 338 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); | 381 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
| 339 | 382 |
| 340 p->Remove(kRendererID); | 383 p->Remove(kRendererID); |
| 341 } | 384 } |
| 342 | 385 |
| 343 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { | 386 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { |
| 344 ChildProcessSecurityPolicyImpl* p = | 387 ChildProcessSecurityPolicyImpl* p = |
| 345 ChildProcessSecurityPolicyImpl::GetInstance(); | 388 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 346 | 389 |
| 347 p->Add(kRendererID); | 390 p->Add(kRendererID); |
| 348 | 391 |
| 349 // Suborigin URLs are not requestable or committable. | 392 // Suborigin URLs are not requestable or committable. |
| 350 EXPECT_FALSE( | 393 EXPECT_FALSE( |
| 351 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); | 394 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); |
| 352 EXPECT_FALSE( | 395 EXPECT_FALSE( |
| 353 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); | 396 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); |
| 397 EXPECT_FALSE(p->CanRedirectToURL(GURL("http-so://foobar.example.com"))); | |
| 398 EXPECT_FALSE(p->CanRedirectToURL(GURL("https-so://foobar.example.com"))); | |
| 354 EXPECT_FALSE( | 399 EXPECT_FALSE( |
| 355 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); | 400 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); |
| 356 EXPECT_FALSE( | 401 EXPECT_FALSE( |
| 357 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); | 402 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); |
| 358 | 403 |
| 359 // It's not possible to grant suborigins requestable status. | 404 // It's not possible to grant suborigins requestable status. |
| 360 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com")); | 405 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com")); |
| 361 EXPECT_FALSE( | 406 EXPECT_FALSE( |
| 362 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); | 407 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); |
| 363 | 408 |
| 364 // Suborigin URLs are valid origin headers. | 409 // Suborigin URLs are valid origin headers. |
| 365 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, | 410 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, |
| 366 GURL("http-so://foobar.example.com"))); | 411 GURL("http-so://foobar.example.com"))); |
| 367 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, | 412 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, |
| 368 GURL("https-so://foobar.example.com"))); | 413 GURL("https-so://foobar.example.com"))); |
| 369 | 414 |
| 370 p->Remove(kRendererID); | 415 p->Remove(kRendererID); |
| 371 } | 416 } |
| 372 | 417 |
| 373 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { | 418 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { |
| 374 ChildProcessSecurityPolicyImpl* p = | 419 ChildProcessSecurityPolicyImpl* p = |
| 375 ChildProcessSecurityPolicyImpl::GetInstance(); | 420 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 376 | 421 |
| 377 p->Add(kRendererID); | 422 p->Add(kRendererID); |
| 378 | 423 |
| 379 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be | 424 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be |
| 380 // requested but not committed. | 425 // requested but not committed. |
| 381 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 426 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
| 427 EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
| 382 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 428 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 383 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 429 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
| 384 | 430 |
| 385 // Once we register "asdf", we default to deny. | 431 // Once we register "asdf", we default to deny. |
| 386 RegisterTestScheme("asdf"); | 432 RegisterTestScheme("asdf"); |
| 387 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 433 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
| 434 EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
| 388 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 435 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 389 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 436 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
| 390 | 437 |
| 391 // We can allow new schemes by adding them to the whitelist. | 438 // We can allow new schemes by adding them to the whitelist. |
| 392 p->RegisterWebSafeScheme("asdf"); | 439 p->RegisterWebSafeScheme("asdf"); |
| 393 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 440 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
| 441 EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
| 394 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 442 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| 395 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 443 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
| 396 | 444 |
| 397 // Cleanup. | 445 // Cleanup. |
| 398 p->Remove(kRendererID); | 446 p->Remove(kRendererID); |
| 399 } | 447 } |
| 400 | 448 |
| 401 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { | 449 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { |
| 402 ChildProcessSecurityPolicyImpl* p = | 450 ChildProcessSecurityPolicyImpl* p = |
| 403 ChildProcessSecurityPolicyImpl::GetInstance(); | 451 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 404 | 452 |
| 405 p->Add(kRendererID); | 453 p->Add(kRendererID); |
| 406 | 454 |
| 407 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 455 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| 456 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
| 408 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 457 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 409 EXPECT_FALSE( | 458 EXPECT_FALSE( |
| 410 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 459 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 411 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); | 460 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); |
| 412 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 461 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| 462 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
| 413 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 463 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 414 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 464 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 415 | 465 |
| 416 // We should forget our state if we repeat a renderer id. | 466 // We should forget our state if we repeat a renderer id. |
| 417 p->Remove(kRendererID); | 467 p->Remove(kRendererID); |
| 418 p->Add(kRendererID); | 468 p->Add(kRendererID); |
| 419 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 469 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| 470 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
| 420 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 471 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 421 EXPECT_FALSE( | 472 EXPECT_FALSE( |
| 422 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 473 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 423 p->Remove(kRendererID); | 474 p->Remove(kRendererID); |
| 424 } | 475 } |
| 425 | 476 |
| 426 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { | 477 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { |
| 427 ChildProcessSecurityPolicyImpl* p = | 478 ChildProcessSecurityPolicyImpl* p = |
| 428 ChildProcessSecurityPolicyImpl::GetInstance(); | 479 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 429 | 480 |
| 430 p->Add(kRendererID); | 481 p->Add(kRendererID); |
| 431 | 482 |
| 432 // Child processes cannot request view source URLs. | 483 // Child processes cannot request view source URLs. |
| 433 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 484 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 434 GURL("view-source:http://www.google.com/"))); | 485 GURL("view-source:http://www.google.com/"))); |
| 435 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 486 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 436 GURL("view-source:file:///etc/passwd"))); | 487 GURL("view-source:file:///etc/passwd"))); |
| 437 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 488 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| 438 EXPECT_FALSE(p->CanRequestURL( | 489 EXPECT_FALSE(p->CanRequestURL( |
| 439 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 490 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
| 440 | 491 |
| 492 // Child processes cannot be redirected to view source URLs. | |
| 493 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/"))); | |
| 494 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd"))); | |
| 495 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
| 496 EXPECT_FALSE(p->CanRedirectToURL( | |
| 497 GURL("view-source:view-source:http://www.google.com/"))); | |
| 498 | |
| 441 // View source URLs don't actually commit; the renderer is put into view | 499 // View source URLs don't actually commit; the renderer is put into view |
| 442 // source mode, and the inner URL commits. | 500 // source mode, and the inner URL commits. |
| 443 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 501 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 444 GURL("view-source:http://www.google.com/"))); | 502 GURL("view-source:http://www.google.com/"))); |
| 445 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 503 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 446 GURL("view-source:file:///etc/passwd"))); | 504 GURL("view-source:file:///etc/passwd"))); |
| 447 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 505 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 448 EXPECT_FALSE(p->CanCommitURL( | 506 EXPECT_FALSE(p->CanCommitURL( |
| 449 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 507 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
| 450 | 508 |
| 451 // View source URLs should not be setable as origin headers | 509 // View source URLs should not be setable as origin headers |
| 452 EXPECT_FALSE(p->CanSetAsOriginHeader( | 510 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| 453 kRendererID, GURL("view-source:http://www.google.com/"))); | 511 kRendererID, GURL("view-source:http://www.google.com/"))); |
| 454 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, | 512 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
| 455 GURL("view-source:file:///etc/passwd"))); | 513 GURL("view-source:file:///etc/passwd"))); |
| 456 EXPECT_FALSE( | 514 EXPECT_FALSE( |
| 457 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 515 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 458 EXPECT_FALSE(p->CanSetAsOriginHeader( | 516 EXPECT_FALSE(p->CanSetAsOriginHeader( |
| 459 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 517 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
| 460 | 518 |
| 461 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); | 519 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); |
| 462 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 520 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| 521 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
| 463 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 522 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| 464 EXPECT_FALSE( | 523 EXPECT_FALSE( |
| 465 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 524 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| 466 EXPECT_FALSE( | 525 EXPECT_FALSE( |
| 467 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); | 526 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); |
| 527 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd"))); | |
| 468 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 528 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| 469 GURL("view-source:file:///etc/passwd"))); | 529 GURL("view-source:file:///etc/passwd"))); |
| 470 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, | 530 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
| 471 GURL("view-source:file:///etc/passwd"))); | 531 GURL("view-source:file:///etc/passwd"))); |
| 472 p->Remove(kRendererID); | 532 p->Remove(kRendererID); |
| 473 } | 533 } |
| 474 | 534 |
| 475 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { | 535 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { |
| 476 ChildProcessSecurityPolicyImpl* p = | 536 ChildProcessSecurityPolicyImpl* p = |
| 477 ChildProcessSecurityPolicyImpl::GetInstance(); | 537 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 478 | 538 |
| 479 p->Add(kRendererID); | 539 p->Add(kRendererID); |
| 480 | 540 |
| 481 GURL icon_url("file:///tmp/foo.png"); | 541 GURL icon_url("file:///tmp/foo.png"); |
| 482 GURL sensitive_url("file:///etc/passwd"); | 542 GURL sensitive_url("file:///etc/passwd"); |
| 483 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); | 543 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); |
| 484 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 544 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
| 545 EXPECT_TRUE(p->CanRedirectToURL(icon_url)); | |
| 546 EXPECT_TRUE(p->CanRedirectToURL(sensitive_url)); | |
| 485 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); | 547 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); |
| 486 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 548 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 487 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 549 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 488 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 550 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
| 489 | 551 |
| 490 p->GrantRequestSpecificFileURL(kRendererID, icon_url); | 552 p->GrantRequestSpecificFileURL(kRendererID, icon_url); |
| 491 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 553 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
| 492 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 554 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
| 555 EXPECT_TRUE(p->CanRedirectToURL(icon_url)); | |
| 556 EXPECT_TRUE(p->CanRedirectToURL(sensitive_url)); | |
| 493 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 557 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
| 494 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 558 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 495 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 559 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 496 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 560 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
| 497 | 561 |
| 498 p->GrantRequestURL(kRendererID, icon_url); | 562 p->GrantRequestURL(kRendererID, icon_url); |
| 499 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 563 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
| 500 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); | 564 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); |
| 565 EXPECT_TRUE(p->CanRedirectToURL(icon_url)); | |
| 566 EXPECT_TRUE(p->CanRedirectToURL(sensitive_url)); | |
| 501 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 567 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
| 502 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); | 568 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); |
| 503 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 569 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| 504 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 570 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
| 505 | 571 |
| 506 p->Remove(kRendererID); | 572 p->Remove(kRendererID); |
| 507 } | 573 } |
| 508 | 574 |
| 509 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { | 575 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { |
| 510 ChildProcessSecurityPolicyImpl* p = | 576 ChildProcessSecurityPolicyImpl* p = |
| (...skipping 290 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 801 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { | 867 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { |
| 802 ChildProcessSecurityPolicyImpl* p = | 868 ChildProcessSecurityPolicyImpl* p = |
| 803 ChildProcessSecurityPolicyImpl::GetInstance(); | 869 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 804 | 870 |
| 805 GURL url("chrome://thumb/http://www.google.com/"); | 871 GURL url("chrome://thumb/http://www.google.com/"); |
| 806 | 872 |
| 807 p->Add(kRendererID); | 873 p->Add(kRendererID); |
| 808 | 874 |
| 809 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 875 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
| 810 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 876 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
| 877 EXPECT_TRUE(p->CanRedirectToURL(url)); | |
| 811 p->GrantWebUIBindings(kRendererID); | 878 p->GrantWebUIBindings(kRendererID); |
| 812 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); | 879 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); |
| 813 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); | 880 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
| 881 EXPECT_TRUE(p->CanRedirectToURL(url)); | |
| 814 | 882 |
| 815 p->Remove(kRendererID); | 883 p->Remove(kRendererID); |
| 816 } | 884 } |
| 817 | 885 |
| 818 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { | 886 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { |
| 819 ChildProcessSecurityPolicyImpl* p = | 887 ChildProcessSecurityPolicyImpl* p = |
| 820 ChildProcessSecurityPolicyImpl::GetInstance(); | 888 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 821 | 889 |
| 822 GURL url("file:///etc/passwd"); | 890 GURL url("file:///etc/passwd"); |
| 823 base::FilePath file(TEST_PATH("/etc/passwd")); | 891 base::FilePath file(TEST_PATH("/etc/passwd")); |
| 824 | 892 |
| 825 p->Add(kRendererID); | 893 p->Add(kRendererID); |
| 826 | 894 |
| 827 p->GrantRequestURL(kRendererID, url); | 895 p->GrantRequestURL(kRendererID, url); |
| 828 p->GrantReadFile(kRendererID, file); | 896 p->GrantReadFile(kRendererID, file); |
| 829 p->GrantWebUIBindings(kRendererID); | 897 p->GrantWebUIBindings(kRendererID); |
| 830 | 898 |
| 831 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); | 899 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
| 900 EXPECT_TRUE(p->CanRedirectToURL(url)); | |
| 832 EXPECT_TRUE(p->CanReadFile(kRendererID, file)); | 901 EXPECT_TRUE(p->CanReadFile(kRendererID, file)); |
| 833 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); | 902 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); |
| 834 | 903 |
| 835 p->Remove(kRendererID); | 904 p->Remove(kRendererID); |
| 836 | 905 |
| 837 // Renderers are added and removed on the UI thread, but the policy can be | 906 // Renderers are added and removed on the UI thread, but the policy can be |
| 838 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be | 907 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be |
| 839 // prepared to answer policy questions about renderers who no longer exist. | 908 // prepared to answer policy questions about renderers who no longer exist. |
| 840 | 909 |
| 841 // In this case, we default to secure behavior. | 910 // In this case, we default to secure behavior. |
| 842 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 911 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
| 912 EXPECT_TRUE(p->CanRedirectToURL(url)); | |
| 843 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); | 913 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); |
| 844 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 914 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
| 845 } | 915 } |
| 846 | 916 |
| 847 // Test the granting of origin permissions, and their interactions with | 917 // Test the granting of origin permissions, and their interactions with |
| 848 // granting scheme permissions. | 918 // granting scheme permissions. |
| 849 TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { | 919 TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { |
| 850 ChildProcessSecurityPolicyImpl* p = | 920 ChildProcessSecurityPolicyImpl* p = |
| 851 ChildProcessSecurityPolicyImpl::GetInstance(); | 921 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 852 | 922 |
| 853 p->Add(kRendererID); | 923 p->Add(kRendererID); |
| 854 | 924 |
| 855 GURL url_foo1("chrome://foo/resource1"); | 925 GURL url_foo1("chrome://foo/resource1"); |
| 856 GURL url_foo2("chrome://foo/resource2"); | 926 GURL url_foo2("chrome://foo/resource2"); |
| 857 GURL url_bar("chrome://bar/resource3"); | 927 GURL url_bar("chrome://bar/resource3"); |
| 858 | 928 |
| 859 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); | 929 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); |
| 860 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); | 930 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); |
| 861 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 931 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
| 932 EXPECT_TRUE(p->CanRedirectToURL(url_foo1)); | |
| 933 EXPECT_TRUE(p->CanRedirectToURL(url_foo2)); | |
| 934 EXPECT_TRUE(p->CanRedirectToURL(url_bar)); | |
| 862 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); | 935 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); |
| 863 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); | 936 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); |
| 864 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 937 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
| 865 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 938 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 866 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 939 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 867 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 940 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
| 868 | 941 |
| 869 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); | 942 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); |
| 870 | 943 |
| 871 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 944 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
| 872 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 945 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
| 873 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 946 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
| 947 EXPECT_TRUE(p->CanRedirectToURL(url_foo1)); | |
| 948 EXPECT_TRUE(p->CanRedirectToURL(url_foo2)); | |
| 949 EXPECT_TRUE(p->CanRedirectToURL(url_bar)); | |
| 874 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 950 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
| 875 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 951 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
| 876 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 952 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
| 877 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 953 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 878 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 954 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 879 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 955 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
| 880 | 956 |
| 881 p->GrantScheme(kRendererID, kChromeUIScheme); | 957 p->GrantScheme(kRendererID, kChromeUIScheme); |
| 882 | 958 |
| 883 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 959 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
| 884 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 960 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
| 885 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); | 961 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); |
| 962 EXPECT_TRUE(p->CanRedirectToURL(url_foo1)); | |
| 963 EXPECT_TRUE(p->CanRedirectToURL(url_foo2)); | |
| 964 EXPECT_TRUE(p->CanRedirectToURL(url_bar)); | |
| 886 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 965 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
| 887 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 966 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
| 888 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); | 967 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); |
| 889 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 968 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
| 890 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 969 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
| 891 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 970 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
| 892 | 971 |
| 893 p->Remove(kRendererID); | 972 p->Remove(kRendererID); |
| 894 } | 973 } |
| 895 | 974 |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 912 EXPECT_EQ(4U, policy->isolated_origins_.size()); | 991 EXPECT_EQ(4U, policy->isolated_origins_.size()); |
| 913 EXPECT_TRUE( | 992 EXPECT_TRUE( |
| 914 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); | 993 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); |
| 915 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("http://a.com")))); | 994 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("http://a.com")))); |
| 916 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("https://b.com")))); | 995 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("https://b.com")))); |
| 917 EXPECT_TRUE( | 996 EXPECT_TRUE( |
| 918 policy->IsIsolatedOrigin(url::Origin(GURL("https://c.com:8000")))); | 997 policy->IsIsolatedOrigin(url::Origin(GURL("https://c.com:8000")))); |
| 919 } | 998 } |
| 920 | 999 |
| 921 } // namespace content | 1000 } // namespace content |
| OLD | NEW |
