OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <set> | 5 #include <set> |
6 #include <string> | 6 #include <string> |
7 | 7 |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "content/browser/child_process_security_policy_impl.h" | 9 #include "content/browser/child_process_security_policy_impl.h" |
10 #include "content/public/common/url_constants.h" | 10 #include "content/public/common/url_constants.h" |
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
150 | 150 |
151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); | 151 EXPECT_FALSE(p->IsPseudoScheme(kChromeUIScheme)); |
152 } | 152 } |
153 | 153 |
154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { | 154 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { |
155 ChildProcessSecurityPolicyImpl* p = | 155 ChildProcessSecurityPolicyImpl* p = |
156 ChildProcessSecurityPolicyImpl::GetInstance(); | 156 ChildProcessSecurityPolicyImpl::GetInstance(); |
157 | 157 |
158 p->Add(kRendererID); | 158 p->Add(kRendererID); |
159 | 159 |
160 // Safe to request or commit. | 160 // Safe to request, redirect or commit. |
161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); | 161 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); |
162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); | 162 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); |
163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 163 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 164 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
165 EXPECT_TRUE(p->CanRequestURL( | 165 EXPECT_TRUE(p->CanRequestURL( |
166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 166 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
167 EXPECT_TRUE(p->CanRedirectToURL(GURL("http://www.google.com/"))); | |
168 EXPECT_TRUE(p->CanRedirectToURL(GURL("https://www.paypal.com/"))); | |
169 EXPECT_TRUE(p->CanRedirectToURL(GURL("ftp://ftp.gnu.org/"))); | |
170 EXPECT_TRUE(p->CanRedirectToURL(GURL("data:text/html,<b>Hi</b>"))); | |
171 EXPECT_TRUE( | |
172 p->CanRedirectToURL(GURL("filesystem:http://localhost/temporary/a.gif"))); | |
167 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); | 173 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); |
168 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); | 174 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); |
169 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 175 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
170 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 176 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
171 EXPECT_TRUE(p->CanCommitURL( | 177 EXPECT_TRUE(p->CanCommitURL( |
172 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 178 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
173 EXPECT_TRUE( | 179 EXPECT_TRUE( |
174 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); | 180 p->CanSetAsOriginHeader(kRendererID, GURL("http://www.google.com/"))); |
175 EXPECT_TRUE( | 181 EXPECT_TRUE( |
176 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); | 182 p->CanSetAsOriginHeader(kRendererID, GURL("https://www.paypal.com/"))); |
177 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 183 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
178 EXPECT_TRUE( | 184 EXPECT_TRUE( |
179 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 185 p->CanSetAsOriginHeader(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
180 EXPECT_TRUE(p->CanSetAsOriginHeader( | 186 EXPECT_TRUE(p->CanSetAsOriginHeader( |
181 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); | 187 kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
182 | 188 |
183 // Dangerous to request, commit, or set as origin header. | 189 // Dangerous to request, commit, or set as origin header. |
184 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 190 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
185 GURL("file:///etc/passwd"))); | 191 GURL("file:///etc/passwd"))); |
186 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 192 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
187 GURL("chrome://foo/bar"))); | 193 GURL("chrome://foo/bar"))); |
188 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 194 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
189 GURL("view-source:http://www.google.com/"))); | 195 GURL("view-source:http://www.google.com/"))); |
196 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
197 EXPECT_TRUE(p->CanRedirectToURL(GURL("chrome://foo/bar"))); | |
198 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/"))); | |
190 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 199 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
191 GURL("file:///etc/passwd"))); | 200 GURL("file:///etc/passwd"))); |
192 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 201 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
193 GURL("chrome://foo/bar"))); | 202 GURL("chrome://foo/bar"))); |
194 EXPECT_FALSE( | 203 EXPECT_FALSE( |
195 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); | 204 p->CanCommitURL(kRendererID, GURL("view-source:http://www.google.com/"))); |
196 EXPECT_FALSE( | 205 EXPECT_FALSE( |
197 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 206 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
198 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); | 207 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("chrome://foo/bar"))); |
199 EXPECT_FALSE(p->CanSetAsOriginHeader( | 208 EXPECT_FALSE(p->CanSetAsOriginHeader( |
(...skipping 23 matching lines...) Expand all Loading... | |
223 kRendererID, GURL("blob:http://username@localhost/some-guid"))); | 232 kRendererID, GURL("blob:http://username@localhost/some-guid"))); |
224 EXPECT_FALSE(p->CanRequestURL( | 233 EXPECT_FALSE(p->CanRequestURL( |
225 kRendererID, GURL("blob:http://username @localhost/some-guid"))); | 234 kRendererID, GURL("blob:http://username @localhost/some-guid"))); |
226 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); | 235 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:blob:some-guid"))); |
227 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); | 236 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("blob:some-guid"))); |
228 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 237 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
229 GURL("blob:filesystem:http://localhost/path"))); | 238 GURL("blob:filesystem:http://localhost/path"))); |
230 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 239 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
231 GURL("filesystem:blob:http://localhost/guid"))); | 240 GURL("filesystem:blob:http://localhost/guid"))); |
232 | 241 |
242 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid"))); | |
Charlie Reis
2017/07/10 21:16:22
Are redirects to blob and filesystem URLs prevente
arthursonzogni
2017/07/11 16:21:31
I added some notes about this the CanRedirectToURL
| |
243 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:null/some-guid"))); | |
244 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid"))); | |
245 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:NulL/some-guid"))); | |
246 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:NulL/some-guid#fragment"))); | |
247 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:NulL/some-guid?query"))); | |
248 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:blobinternal://some-guid"))); | |
249 EXPECT_TRUE( | |
250 p->CanRedirectToURL(GURL("blob:http://username@localhost/some-guid"))); | |
251 EXPECT_TRUE(p->CanRedirectToURL( | |
252 GURL("blob:http://username @localhost/some-guid"))); | |
253 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:blob:some-guid"))); | |
254 EXPECT_TRUE(p->CanRedirectToURL(GURL("blob:some-guid"))); | |
255 EXPECT_TRUE( | |
256 p->CanRedirectToURL(GURL("blob:filesystem:http://localhost/path"))); | |
257 EXPECT_FALSE( | |
258 p->CanRedirectToURL(GURL("filesystem:blob:http://localhost/guid"))); | |
259 | |
233 EXPECT_TRUE( | 260 EXPECT_TRUE( |
234 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | 261 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
235 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); | 262 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); |
236 EXPECT_TRUE( | 263 EXPECT_TRUE( |
237 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); | 264 p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
238 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); | 265 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid"))); |
239 EXPECT_TRUE( | 266 EXPECT_TRUE( |
240 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); | 267 p->CanCommitURL(kRendererID, GURL("blob:NulL/some-guid#fragment"))); |
241 EXPECT_TRUE( | 268 EXPECT_TRUE( |
242 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid"))); | 269 p->CanCommitURL(kRendererID, GURL("blob:blobinternal://some-guid"))); |
(...skipping 14 matching lines...) Expand all Loading... | |
257 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { | 284 TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
258 ChildProcessSecurityPolicyImpl* p = | 285 ChildProcessSecurityPolicyImpl* p = |
259 ChildProcessSecurityPolicyImpl::GetInstance(); | 286 ChildProcessSecurityPolicyImpl::GetInstance(); |
260 | 287 |
261 p->Add(kRendererID); | 288 p->Add(kRendererID); |
262 | 289 |
263 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); | 290 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); |
264 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); | 291 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); |
265 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); | 292 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); |
266 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); | 293 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); |
294 EXPECT_TRUE(p->CanRedirectToURL(GURL("about:blank"))); | |
295 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:BlAnK"))); | |
296 EXPECT_FALSE(p->CanRedirectToURL(GURL("aBouT:BlAnK"))); | |
297 EXPECT_TRUE(p->CanRedirectToURL(GURL("aBouT:blank"))); | |
267 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); | 298 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); |
268 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); | 299 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); |
269 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); | 300 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); |
270 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); | 301 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("aBouT:blank"))); |
271 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); | 302 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("about:blank"))); |
272 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); | 303 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:BlAnK"))); |
273 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); | 304 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:BlAnK"))); |
274 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); | 305 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); |
275 | 306 |
276 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc"))); | 307 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc"))); |
308 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:srcdoc"))); | |
277 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc"))); | 309 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc"))); |
278 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc"))); | 310 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc"))); |
279 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC"))); | 311 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC"))); |
280 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:SRCDOC"))); | 312 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:SRCDOC"))); |
281 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:SRCDOC"))); | 313 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:SRCDOC"))); |
282 | 314 |
283 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 315 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
284 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); | 316 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); |
285 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); | 317 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); |
286 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); | 318 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); |
319 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash"))); | |
320 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:cache"))); | |
321 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:hang"))); | |
322 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:version"))); | |
287 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 323 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
288 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); | 324 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); |
289 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); | 325 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); |
290 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); | 326 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:version"))); |
291 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); | 327 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
292 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); | 328 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:cache"))); |
293 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); | 329 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:hang"))); |
294 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); | 330 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:version"))); |
295 | 331 |
296 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); | 332 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); |
297 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); | 333 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); |
298 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); | 334 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); |
335 EXPECT_FALSE(p->CanRedirectToURL(GURL("aBoUt:version"))); | |
336 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:CrASh"))); | |
337 EXPECT_FALSE(p->CanRedirectToURL(GURL("abOuT:cAChe"))); | |
299 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 338 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
300 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); | 339 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); |
301 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); | 340 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); |
302 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); | 341 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
303 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); | 342 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
304 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); | 343 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:CrASh"))); |
305 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); | 344 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("abOuT:cAChe"))); |
306 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); | 345 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("aBoUt:version"))); |
307 | 346 |
308 // Requests for about: pages should be denied. | 347 // Requests for about: pages should be denied. |
309 p->GrantRequestURL(kRendererID, GURL("about:crash")); | 348 p->GrantRequestURL(kRendererID, GURL("about:crash")); |
310 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); | 349 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
350 EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash"))); | |
311 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); | 351 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
312 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); | 352 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
313 | 353 |
314 // These requests for chrome:// pages should be granted. | 354 // These requests for chrome:// pages should be granted. |
315 GURL chrome_url("chrome://foo"); | 355 GURL chrome_url("chrome://foo"); |
316 p->GrantRequestURL(kRendererID, chrome_url); | 356 p->GrantRequestURL(kRendererID, chrome_url); |
317 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); | 357 EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); |
358 EXPECT_TRUE(p->CanRedirectToURL(GURL(chrome_url))); | |
318 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); | 359 EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); |
319 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); | 360 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); |
320 | 361 |
321 p->Remove(kRendererID); | 362 p->Remove(kRendererID); |
322 } | 363 } |
323 | 364 |
324 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { | 365 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { |
325 ChildProcessSecurityPolicyImpl* p = | 366 ChildProcessSecurityPolicyImpl* p = |
326 ChildProcessSecurityPolicyImpl::GetInstance(); | 367 ChildProcessSecurityPolicyImpl::GetInstance(); |
327 | 368 |
328 p->Add(kRendererID); | 369 p->Add(kRendererID); |
329 | 370 |
330 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 371 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
372 EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')"))); | |
331 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 373 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
332 EXPECT_FALSE( | 374 EXPECT_FALSE( |
333 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); | 375 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
334 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); | 376 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); |
335 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); | 377 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
378 EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')"))); | |
336 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); | 379 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
337 EXPECT_FALSE( | 380 EXPECT_FALSE( |
338 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); | 381 p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
339 | 382 |
340 p->Remove(kRendererID); | 383 p->Remove(kRendererID); |
341 } | 384 } |
342 | 385 |
343 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { | 386 TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { |
344 ChildProcessSecurityPolicyImpl* p = | 387 ChildProcessSecurityPolicyImpl* p = |
345 ChildProcessSecurityPolicyImpl::GetInstance(); | 388 ChildProcessSecurityPolicyImpl::GetInstance(); |
346 | 389 |
347 p->Add(kRendererID); | 390 p->Add(kRendererID); |
348 | 391 |
349 // Suborigin URLs are not requestable or committable. | 392 // Suborigin URLs are not requestable or committable. |
350 EXPECT_FALSE( | 393 EXPECT_FALSE( |
351 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); | 394 p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); |
352 EXPECT_FALSE( | 395 EXPECT_FALSE( |
353 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); | 396 p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); |
397 EXPECT_FALSE(p->CanRedirectToURL(GURL("http-so://foobar.example.com"))); | |
398 EXPECT_FALSE(p->CanRedirectToURL(GURL("https-so://foobar.example.com"))); | |
354 EXPECT_FALSE( | 399 EXPECT_FALSE( |
355 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); | 400 p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); |
356 EXPECT_FALSE( | 401 EXPECT_FALSE( |
357 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); | 402 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); |
358 | 403 |
359 // It's not possible to grant suborigins requestable status. | 404 // It's not possible to grant suborigins requestable status. |
360 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com")); | 405 p->GrantRequestURL(kRendererID, GURL("https-so://foobar.example.com")); |
361 EXPECT_FALSE( | 406 EXPECT_FALSE( |
362 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); | 407 p->CanCommitURL(kRendererID, GURL("https-so://foobar.example.com"))); |
363 | 408 |
364 // Suborigin URLs are valid origin headers. | 409 // Suborigin URLs are valid origin headers. |
365 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, | 410 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, |
366 GURL("http-so://foobar.example.com"))); | 411 GURL("http-so://foobar.example.com"))); |
367 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, | 412 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, |
368 GURL("https-so://foobar.example.com"))); | 413 GURL("https-so://foobar.example.com"))); |
369 | 414 |
370 p->Remove(kRendererID); | 415 p->Remove(kRendererID); |
371 } | 416 } |
372 | 417 |
373 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { | 418 TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { |
374 ChildProcessSecurityPolicyImpl* p = | 419 ChildProcessSecurityPolicyImpl* p = |
375 ChildProcessSecurityPolicyImpl::GetInstance(); | 420 ChildProcessSecurityPolicyImpl::GetInstance(); |
376 | 421 |
377 p->Add(kRendererID); | 422 p->Add(kRendererID); |
378 | 423 |
379 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be | 424 // Currently, "asdf" is destined for ShellExecute, so it is allowed to be |
380 // requested but not committed. | 425 // requested but not committed. |
381 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 426 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
427 EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
382 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 428 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
383 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 429 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
384 | 430 |
385 // Once we register "asdf", we default to deny. | 431 // Once we register "asdf", we default to deny. |
386 RegisterTestScheme("asdf"); | 432 RegisterTestScheme("asdf"); |
387 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 433 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
434 EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
388 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 435 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
389 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 436 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
390 | 437 |
391 // We can allow new schemes by adding them to the whitelist. | 438 // We can allow new schemes by adding them to the whitelist. |
392 p->RegisterWebSafeScheme("asdf"); | 439 p->RegisterWebSafeScheme("asdf"); |
393 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); | 440 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
441 EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers"))); | |
394 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); | 442 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
395 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); | 443 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
396 | 444 |
397 // Cleanup. | 445 // Cleanup. |
398 p->Remove(kRendererID); | 446 p->Remove(kRendererID); |
399 } | 447 } |
400 | 448 |
401 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { | 449 TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { |
402 ChildProcessSecurityPolicyImpl* p = | 450 ChildProcessSecurityPolicyImpl* p = |
403 ChildProcessSecurityPolicyImpl::GetInstance(); | 451 ChildProcessSecurityPolicyImpl::GetInstance(); |
404 | 452 |
405 p->Add(kRendererID); | 453 p->Add(kRendererID); |
406 | 454 |
407 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 455 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
456 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
408 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 457 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
409 EXPECT_FALSE( | 458 EXPECT_FALSE( |
410 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 459 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
411 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); | 460 p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); |
412 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 461 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
462 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
413 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 463 EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
414 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 464 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
415 | 465 |
416 // We should forget our state if we repeat a renderer id. | 466 // We should forget our state if we repeat a renderer id. |
417 p->Remove(kRendererID); | 467 p->Remove(kRendererID); |
418 p->Add(kRendererID); | 468 p->Add(kRendererID); |
419 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 469 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
470 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
420 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 471 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
421 EXPECT_FALSE( | 472 EXPECT_FALSE( |
422 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 473 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
423 p->Remove(kRendererID); | 474 p->Remove(kRendererID); |
424 } | 475 } |
425 | 476 |
426 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { | 477 TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { |
427 ChildProcessSecurityPolicyImpl* p = | 478 ChildProcessSecurityPolicyImpl* p = |
428 ChildProcessSecurityPolicyImpl::GetInstance(); | 479 ChildProcessSecurityPolicyImpl::GetInstance(); |
429 | 480 |
430 p->Add(kRendererID); | 481 p->Add(kRendererID); |
431 | 482 |
432 // Child processes cannot request view source URLs. | 483 // Child processes cannot request view source URLs. |
433 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 484 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
434 GURL("view-source:http://www.google.com/"))); | 485 GURL("view-source:http://www.google.com/"))); |
435 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 486 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
436 GURL("view-source:file:///etc/passwd"))); | 487 GURL("view-source:file:///etc/passwd"))); |
437 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 488 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
438 EXPECT_FALSE(p->CanRequestURL( | 489 EXPECT_FALSE(p->CanRequestURL( |
439 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 490 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
440 | 491 |
492 // Child processes cannot be redirected to view source URLs. | |
493 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/"))); | |
494 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd"))); | |
495 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
496 EXPECT_FALSE(p->CanRedirectToURL( | |
497 GURL("view-source:view-source:http://www.google.com/"))); | |
498 | |
441 // View source URLs don't actually commit; the renderer is put into view | 499 // View source URLs don't actually commit; the renderer is put into view |
442 // source mode, and the inner URL commits. | 500 // source mode, and the inner URL commits. |
443 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 501 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
444 GURL("view-source:http://www.google.com/"))); | 502 GURL("view-source:http://www.google.com/"))); |
445 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 503 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
446 GURL("view-source:file:///etc/passwd"))); | 504 GURL("view-source:file:///etc/passwd"))); |
447 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 505 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
448 EXPECT_FALSE(p->CanCommitURL( | 506 EXPECT_FALSE(p->CanCommitURL( |
449 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 507 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
450 | 508 |
451 // View source URLs should not be setable as origin headers | 509 // View source URLs should not be setable as origin headers |
452 EXPECT_FALSE(p->CanSetAsOriginHeader( | 510 EXPECT_FALSE(p->CanSetAsOriginHeader( |
453 kRendererID, GURL("view-source:http://www.google.com/"))); | 511 kRendererID, GURL("view-source:http://www.google.com/"))); |
454 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, | 512 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
455 GURL("view-source:file:///etc/passwd"))); | 513 GURL("view-source:file:///etc/passwd"))); |
456 EXPECT_FALSE( | 514 EXPECT_FALSE( |
457 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 515 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
458 EXPECT_FALSE(p->CanSetAsOriginHeader( | 516 EXPECT_FALSE(p->CanSetAsOriginHeader( |
459 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); | 517 kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
460 | 518 |
461 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); | 519 p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); |
462 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); | 520 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
521 EXPECT_TRUE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); | |
463 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); | 522 EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
464 EXPECT_FALSE( | 523 EXPECT_FALSE( |
465 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); | 524 p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
466 EXPECT_FALSE( | 525 EXPECT_FALSE( |
467 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); | 526 p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); |
527 EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd"))); | |
468 EXPECT_FALSE(p->CanCommitURL(kRendererID, | 528 EXPECT_FALSE(p->CanCommitURL(kRendererID, |
469 GURL("view-source:file:///etc/passwd"))); | 529 GURL("view-source:file:///etc/passwd"))); |
470 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, | 530 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
471 GURL("view-source:file:///etc/passwd"))); | 531 GURL("view-source:file:///etc/passwd"))); |
472 p->Remove(kRendererID); | 532 p->Remove(kRendererID); |
473 } | 533 } |
474 | 534 |
475 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { | 535 TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { |
476 ChildProcessSecurityPolicyImpl* p = | 536 ChildProcessSecurityPolicyImpl* p = |
477 ChildProcessSecurityPolicyImpl::GetInstance(); | 537 ChildProcessSecurityPolicyImpl::GetInstance(); |
478 | 538 |
479 p->Add(kRendererID); | 539 p->Add(kRendererID); |
480 | 540 |
481 GURL icon_url("file:///tmp/foo.png"); | 541 GURL icon_url("file:///tmp/foo.png"); |
482 GURL sensitive_url("file:///etc/passwd"); | 542 GURL sensitive_url("file:///etc/passwd"); |
483 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); | 543 EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); |
484 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 544 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
545 EXPECT_TRUE(p->CanRedirectToURL(icon_url)); | |
546 EXPECT_TRUE(p->CanRedirectToURL(sensitive_url)); | |
485 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); | 547 EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); |
486 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 548 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
487 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 549 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
488 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 550 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
489 | 551 |
490 p->GrantRequestSpecificFileURL(kRendererID, icon_url); | 552 p->GrantRequestSpecificFileURL(kRendererID, icon_url); |
491 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 553 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
492 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); | 554 EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
555 EXPECT_TRUE(p->CanRedirectToURL(icon_url)); | |
556 EXPECT_TRUE(p->CanRedirectToURL(sensitive_url)); | |
493 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 557 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
494 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); | 558 EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
495 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 559 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
496 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 560 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
497 | 561 |
498 p->GrantRequestURL(kRendererID, icon_url); | 562 p->GrantRequestURL(kRendererID, icon_url); |
499 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); | 563 EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
500 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); | 564 EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); |
565 EXPECT_TRUE(p->CanRedirectToURL(icon_url)); | |
566 EXPECT_TRUE(p->CanRedirectToURL(sensitive_url)); | |
501 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); | 567 EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
502 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); | 568 EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); |
503 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); | 569 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
504 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); | 570 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, sensitive_url)); |
505 | 571 |
506 p->Remove(kRendererID); | 572 p->Remove(kRendererID); |
507 } | 573 } |
508 | 574 |
509 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { | 575 TEST_F(ChildProcessSecurityPolicyTest, FileSystemGrantsTest) { |
510 ChildProcessSecurityPolicyImpl* p = | 576 ChildProcessSecurityPolicyImpl* p = |
(...skipping 290 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
801 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { | 867 TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { |
802 ChildProcessSecurityPolicyImpl* p = | 868 ChildProcessSecurityPolicyImpl* p = |
803 ChildProcessSecurityPolicyImpl::GetInstance(); | 869 ChildProcessSecurityPolicyImpl::GetInstance(); |
804 | 870 |
805 GURL url("chrome://thumb/http://www.google.com/"); | 871 GURL url("chrome://thumb/http://www.google.com/"); |
806 | 872 |
807 p->Add(kRendererID); | 873 p->Add(kRendererID); |
808 | 874 |
809 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 875 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
810 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 876 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
877 EXPECT_TRUE(p->CanRedirectToURL(url)); | |
811 p->GrantWebUIBindings(kRendererID); | 878 p->GrantWebUIBindings(kRendererID); |
812 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); | 879 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); |
813 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); | 880 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
881 EXPECT_TRUE(p->CanRedirectToURL(url)); | |
814 | 882 |
815 p->Remove(kRendererID); | 883 p->Remove(kRendererID); |
816 } | 884 } |
817 | 885 |
818 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { | 886 TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { |
819 ChildProcessSecurityPolicyImpl* p = | 887 ChildProcessSecurityPolicyImpl* p = |
820 ChildProcessSecurityPolicyImpl::GetInstance(); | 888 ChildProcessSecurityPolicyImpl::GetInstance(); |
821 | 889 |
822 GURL url("file:///etc/passwd"); | 890 GURL url("file:///etc/passwd"); |
823 base::FilePath file(TEST_PATH("/etc/passwd")); | 891 base::FilePath file(TEST_PATH("/etc/passwd")); |
824 | 892 |
825 p->Add(kRendererID); | 893 p->Add(kRendererID); |
826 | 894 |
827 p->GrantRequestURL(kRendererID, url); | 895 p->GrantRequestURL(kRendererID, url); |
828 p->GrantReadFile(kRendererID, file); | 896 p->GrantReadFile(kRendererID, file); |
829 p->GrantWebUIBindings(kRendererID); | 897 p->GrantWebUIBindings(kRendererID); |
830 | 898 |
831 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); | 899 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
900 EXPECT_TRUE(p->CanRedirectToURL(url)); | |
832 EXPECT_TRUE(p->CanReadFile(kRendererID, file)); | 901 EXPECT_TRUE(p->CanReadFile(kRendererID, file)); |
833 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); | 902 EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); |
834 | 903 |
835 p->Remove(kRendererID); | 904 p->Remove(kRendererID); |
836 | 905 |
837 // Renderers are added and removed on the UI thread, but the policy can be | 906 // Renderers are added and removed on the UI thread, but the policy can be |
838 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be | 907 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be |
839 // prepared to answer policy questions about renderers who no longer exist. | 908 // prepared to answer policy questions about renderers who no longer exist. |
840 | 909 |
841 // In this case, we default to secure behavior. | 910 // In this case, we default to secure behavior. |
842 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 911 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
912 EXPECT_TRUE(p->CanRedirectToURL(url)); | |
843 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); | 913 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); |
844 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 914 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
845 } | 915 } |
846 | 916 |
847 // Test the granting of origin permissions, and their interactions with | 917 // Test the granting of origin permissions, and their interactions with |
848 // granting scheme permissions. | 918 // granting scheme permissions. |
849 TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { | 919 TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { |
850 ChildProcessSecurityPolicyImpl* p = | 920 ChildProcessSecurityPolicyImpl* p = |
851 ChildProcessSecurityPolicyImpl::GetInstance(); | 921 ChildProcessSecurityPolicyImpl::GetInstance(); |
852 | 922 |
853 p->Add(kRendererID); | 923 p->Add(kRendererID); |
854 | 924 |
855 GURL url_foo1("chrome://foo/resource1"); | 925 GURL url_foo1("chrome://foo/resource1"); |
856 GURL url_foo2("chrome://foo/resource2"); | 926 GURL url_foo2("chrome://foo/resource2"); |
857 GURL url_bar("chrome://bar/resource3"); | 927 GURL url_bar("chrome://bar/resource3"); |
858 | 928 |
859 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); | 929 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); |
860 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); | 930 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); |
861 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 931 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
932 EXPECT_TRUE(p->CanRedirectToURL(url_foo1)); | |
933 EXPECT_TRUE(p->CanRedirectToURL(url_foo2)); | |
934 EXPECT_TRUE(p->CanRedirectToURL(url_bar)); | |
862 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); | 935 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); |
863 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); | 936 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); |
864 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 937 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
865 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 938 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
866 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 939 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
867 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 940 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
868 | 941 |
869 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); | 942 p->GrantOrigin(kRendererID, url::Origin(url_foo1)); |
870 | 943 |
871 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 944 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
872 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 945 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
873 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); | 946 EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
947 EXPECT_TRUE(p->CanRedirectToURL(url_foo1)); | |
948 EXPECT_TRUE(p->CanRedirectToURL(url_foo2)); | |
949 EXPECT_TRUE(p->CanRedirectToURL(url_bar)); | |
874 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 950 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
875 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 951 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
876 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); | 952 EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
877 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 953 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
878 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 954 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
879 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 955 EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
880 | 956 |
881 p->GrantScheme(kRendererID, kChromeUIScheme); | 957 p->GrantScheme(kRendererID, kChromeUIScheme); |
882 | 958 |
883 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); | 959 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
884 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); | 960 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
885 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); | 961 EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); |
962 EXPECT_TRUE(p->CanRedirectToURL(url_foo1)); | |
963 EXPECT_TRUE(p->CanRedirectToURL(url_foo2)); | |
964 EXPECT_TRUE(p->CanRedirectToURL(url_bar)); | |
886 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); | 965 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
887 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); | 966 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
888 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); | 967 EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); |
889 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); | 968 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo1)); |
890 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); | 969 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_foo2)); |
891 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); | 970 EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, url_bar)); |
892 | 971 |
893 p->Remove(kRendererID); | 972 p->Remove(kRendererID); |
894 } | 973 } |
895 | 974 |
(...skipping 16 matching lines...) Expand all Loading... | |
912 EXPECT_EQ(4U, policy->isolated_origins_.size()); | 991 EXPECT_EQ(4U, policy->isolated_origins_.size()); |
913 EXPECT_TRUE( | 992 EXPECT_TRUE( |
914 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); | 993 policy->IsIsolatedOrigin(url::Origin(GURL("http://isolated.foo.com")))); |
915 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("http://a.com")))); | 994 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("http://a.com")))); |
916 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("https://b.com")))); | 995 EXPECT_TRUE(policy->IsIsolatedOrigin(url::Origin(GURL("https://b.com")))); |
917 EXPECT_TRUE( | 996 EXPECT_TRUE( |
918 policy->IsIsolatedOrigin(url::Origin(GURL("https://c.com:8000")))); | 997 policy->IsIsolatedOrigin(url::Origin(GURL("https://c.com:8000")))); |
919 } | 998 } |
920 | 999 |
921 } // namespace content | 1000 } // namespace content |
OLD | NEW |