Chromium Code Reviews Chromium Code Reviews
Issue 2973433003:
Block redirects to renderer-debug urls. (Closed)
| Index: content/browser/child_process_security_policy_unittest.cc |
| diff --git a/content/browser/child_process_security_policy_unittest.cc b/content/browser/child_process_security_policy_unittest.cc |
| index 3da1c80538f613ad05326142e705106f36385bf4..80790b40c6f6350b3615d13bbfbae40ba9368959 100644 |
| --- a/content/browser/child_process_security_policy_unittest.cc |
| +++ b/content/browser/child_process_security_policy_unittest.cc |
| @@ -157,13 +157,19 @@ TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { |
| p->Add(kRendererID); |
| - // Safe to request or commit. |
| + // Safe to request, redirect or commit. |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
| EXPECT_TRUE(p->CanRequestURL( |
| kRendererID, GURL("filesystem:http://localhost/temporary/a.gif"))); |
| + EXPECT_TRUE(p->CanRedirectToURL(GURL("http://www.google.com/"))); |
| + EXPECT_TRUE(p->CanRedirectToURL(GURL("https://www.paypal.com/"))); |
| + EXPECT_TRUE(p->CanRedirectToURL(GURL("ftp://ftp.gnu.org/"))); |
| + EXPECT_TRUE(p->CanRedirectToURL(GURL("data:text/html,<b>Hi</b>"))); |
|
Charlie Reis
2017/07/07 17:12:59
Hmm, this is surprising to me in the other directi
arthursonzogni
2017/07/10 16:07:03
Yes, eventually.
So, this is already enforced some
Charlie Reis
2017/07/10 21:16:21
Acknowledged.
|
| + EXPECT_FALSE( |
| + p->CanRedirectToURL(GURL("filesystem:http://localhost/temporary/a.gif"))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("http://www.google.com/"))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("https://www.paypal.com/"))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
| @@ -187,6 +193,9 @@ TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { |
| GURL("chrome://foo/bar"))); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| GURL("view-source:http://www.google.com/"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("chrome://foo/bar"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| GURL("file:///etc/passwd"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| @@ -230,6 +239,25 @@ TEST_F(ChildProcessSecurityPolicyTest, BlobSchemeTest) { |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| GURL("filesystem:blob:http://localhost/guid"))); |
| + // No redirect to a blob-url or a filesystem-url are allowed. |
|
Charlie Reis
2017/07/07 17:12:59
nit: redirects
arthursonzogni
2017/07/10 16:07:04
Line removed.
|
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:null/some-guid"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:http://localhost/some-guid"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid#fragment"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:NulL/some-guid?query"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:blobinternal://some-guid"))); |
| + EXPECT_FALSE( |
| + p->CanRedirectToURL(GURL("blob:http://username@localhost/some-guid"))); |
| + EXPECT_FALSE(p->CanRedirectToURL( |
| + GURL("blob:http://username @localhost/some-guid"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:blob:some-guid"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("blob:some-guid"))); |
| + EXPECT_FALSE( |
| + p->CanRedirectToURL(GURL("blob:filesystem:http://localhost/path"))); |
| + EXPECT_FALSE( |
| + p->CanRedirectToURL(GURL("filesystem:blob:http://localhost/guid"))); |
| + |
| EXPECT_TRUE( |
| p->CanCommitURL(kRendererID, GURL("blob:http://localhost/some-guid"))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("blob:null/some-guid"))); |
| @@ -264,6 +292,10 @@ TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:BlAnK"))); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK"))); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank"))); |
| + EXPECT_TRUE(p->CanRedirectToURL(GURL("about:blank"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("about:BlAnK"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("aBouT:BlAnK"))); |
| + EXPECT_TRUE(p->CanRedirectToURL(GURL("aBouT:blank"))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:blank"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:BlAnK"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBouT:BlAnK"))); |
| @@ -274,6 +306,7 @@ TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
| EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("aBouT:blank"))); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:srcdoc"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("about:srcdoc"))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("about:srcdoc"))); |
| EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:srcdoc"))); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:SRCDOC"))); |
| @@ -284,6 +317,10 @@ TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:version"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("about:cache"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("about:hang"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("about:version"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:cache"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:hang"))); |
| @@ -296,6 +333,9 @@ TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:version"))); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("aBoUt:version"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("about:CrASh"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("abOuT:cAChe"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("aBoUt:version"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:CrASh"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("abOuT:cAChe"))); |
| @@ -308,13 +348,16 @@ TEST_F(ChildProcessSecurityPolicyTest, AboutTest) { |
| // Requests for about: pages should be denied. |
| p->GrantRequestURL(kRendererID, GURL("about:crash")); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("about:crash"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("about:crash"))); |
| EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("about:crash"))); |
| - // These requests for chrome:// pages should be granted. |
| + // These requests for chrome:// pages should be granted if there is no |
|
Charlie Reis
2017/07/07 17:12:59
nit: s/is/are/
arthursonzogni
2017/07/10 16:07:04
Undoing my change on this line.
|
| + // redirects. |
| GURL chrome_url("chrome://foo"); |
| p->GrantRequestURL(kRendererID, chrome_url); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, chrome_url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL(chrome_url))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, chrome_url)); |
| EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, chrome_url)); |
| @@ -328,11 +371,13 @@ TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { |
| p->Add(kRendererID); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
| EXPECT_FALSE( |
| p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
| p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("javascript:alert('xss')"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("javascript:alert('xss')"))); |
| EXPECT_FALSE( |
| p->CanSetAsOriginHeader(kRendererID, GURL("javascript:alert('xss')"))); |
| @@ -351,6 +396,8 @@ TEST_F(ChildProcessSecurityPolicyTest, SuboriginTest) { |
| p->CanRequestURL(kRendererID, GURL("http-so://foobar.example.com"))); |
| EXPECT_FALSE( |
| p->CanRequestURL(kRendererID, GURL("https-so://foobar.example.com"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("http-so://foobar.example.com"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("https-so://foobar.example.com"))); |
| EXPECT_FALSE( |
| p->CanCommitURL(kRendererID, GURL("http-so://foobar.example.com"))); |
| EXPECT_FALSE( |
| @@ -379,18 +426,21 @@ TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) { |
| // Currently, "asdf" is destined for ShellExecute, so it is allowed to be |
| // requested but not committed. |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("asdf:rockers"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
| // Once we register "asdf", we default to deny. |
| RegisterTestScheme("asdf"); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("asdf:rockers"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
| // We can allow new schemes by adding them to the whitelist. |
| p->RegisterWebSafeScheme("asdf"); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers"))); |
| + EXPECT_TRUE(p->CanRedirectToURL(GURL("asdf:rockers"))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("asdf:rockers"))); |
| EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("asdf:rockers"))); |
| @@ -405,11 +455,13 @@ TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { |
| p->Add(kRendererID); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| EXPECT_FALSE( |
| p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd")); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| @@ -417,6 +469,7 @@ TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) { |
| p->Remove(kRendererID); |
| p->Add(kRendererID); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| EXPECT_FALSE( |
| p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| @@ -438,6 +491,13 @@ TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { |
| EXPECT_FALSE(p->CanRequestURL( |
| kRendererID, GURL("view-source:view-source:http://www.google.com/"))); |
| + // Child processes cannot be redirected to view source URLs. |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:http://www.google.com/"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); |
| + EXPECT_FALSE(p->CanRedirectToURL( |
| + GURL("view-source:view-source:http://www.google.com/"))); |
| + |
| // View source URLs don't actually commit; the renderer is put into view |
| // source mode, and the inner URL commits. |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| @@ -460,11 +520,13 @@ TEST_F(ChildProcessSecurityPolicyTest, ViewSource) { |
| p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd")); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("file:///etc/passwd"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, GURL("file:///etc/passwd"))); |
| EXPECT_FALSE( |
| p->CanSetAsOriginHeader(kRendererID, GURL("file:///etc/passwd"))); |
| EXPECT_FALSE( |
| p->CanRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"))); |
| + EXPECT_FALSE(p->CanRedirectToURL(GURL("view-source:file:///etc/passwd"))); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, |
| GURL("view-source:file:///etc/passwd"))); |
| EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, |
| @@ -482,6 +544,8 @@ TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { |
| GURL sensitive_url("file:///etc/passwd"); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, icon_url)); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(icon_url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(sensitive_url)); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, icon_url)); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
| EXPECT_FALSE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| @@ -490,6 +554,8 @@ TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { |
| p->GrantRequestSpecificFileURL(kRendererID, icon_url); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, sensitive_url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(icon_url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(sensitive_url)); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, sensitive_url)); |
| EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| @@ -498,6 +564,8 @@ TEST_F(ChildProcessSecurityPolicyTest, SpecificFile) { |
| p->GrantRequestURL(kRendererID, icon_url); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, icon_url)); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, sensitive_url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(icon_url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(sensitive_url)); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, icon_url)); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, sensitive_url)); |
| EXPECT_TRUE(p->CanSetAsOriginHeader(kRendererID, icon_url)); |
| @@ -808,9 +876,11 @@ TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) { |
| EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url)); |
| p->GrantWebUIBindings(kRendererID); |
| EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url)); |
| p->Remove(kRendererID); |
| } |
| @@ -829,6 +899,7 @@ TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { |
| p->GrantWebUIBindings(kRendererID); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url)); |
| EXPECT_TRUE(p->CanReadFile(kRendererID, file)); |
| EXPECT_TRUE(p->HasWebUIBindings(kRendererID)); |
| @@ -840,6 +911,7 @@ TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) { |
| // In this case, we default to secure behavior. |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url)); |
| EXPECT_FALSE(p->CanReadFile(kRendererID, file)); |
| EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
| } |
| @@ -859,6 +931,9 @@ TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo1)); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, url_foo2)); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_foo1)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_foo2)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_bar)); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo1)); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, url_foo2)); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
| @@ -871,6 +946,9 @@ TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
| EXPECT_FALSE(p->CanRequestURL(kRendererID, url_bar)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_foo1)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_foo2)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_bar)); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
| EXPECT_FALSE(p->CanCommitURL(kRendererID, url_bar)); |
| @@ -883,6 +961,9 @@ TEST_F(ChildProcessSecurityPolicyTest, OriginGranting) { |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo1)); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, url_foo2)); |
| EXPECT_TRUE(p->CanRequestURL(kRendererID, url_bar)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_foo1)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_foo2)); |
| + EXPECT_FALSE(p->CanRedirectToURL(url_bar)); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo1)); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, url_foo2)); |
| EXPECT_TRUE(p->CanCommitURL(kRendererID, url_bar)); |
