Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(389)

Unified Diff: chrome/browser/extensions/content_script_apitest.cc

Issue 2978953002: [Extensions] Don't allow content scripts on the New Tab Page (Closed)
Patch Set: Remove logging! Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/renderer/extensions/renderer_permissions_policy_delegate.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/content_script_apitest.cc
diff --git a/chrome/browser/extensions/content_script_apitest.cc b/chrome/browser/extensions/content_script_apitest.cc
index 242b99ddbed745b2542336ab3d686dc2684d782e..5f761322283bc23737dd08ab83e828b08969a5ca 100644
--- a/chrome/browser/extensions/content_script_apitest.cc
+++ b/chrome/browser/extensions/content_script_apitest.cc
@@ -18,6 +18,7 @@
#include "chrome/browser/extensions/extension_service.h"
#include "chrome/browser/extensions/extension_with_management_policy_apitest.h"
#include "chrome/browser/extensions/test_extension_dir.h"
+#include "chrome/browser/search/search.h"
#include "chrome/browser/ui/browser.h"
#include "chrome/browser/ui/javascript_dialogs/javascript_dialog_tab_helper.h"
#include "chrome/browser/ui/tabs/tab_strip_model.h"
@@ -622,6 +623,46 @@ IN_PROC_BROWSER_TEST_P(ContentScriptApiTest,
EXPECT_FALSE(content_script_listener.was_satisfied());
}
+IN_PROC_BROWSER_TEST_P(ContentScriptApiTest, CannotScriptTheNewTabPage) {
+ ASSERT_TRUE(StartEmbeddedTestServer());
+
+ ExtensionTestMessageListener test_listener("ready", true);
+ LoadExtension(test_data_dir_.AppendASCII("content_scripts/ntp"));
+ ASSERT_TRUE(test_listener.WaitUntilSatisfied());
+
+ auto did_script_inject = [](content::WebContents* web_contents) {
+ bool did_inject = false;
+ EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
+ web_contents,
+ "domAutomationController.send(document.title === 'injected');",
+ &did_inject));
+ return did_inject;
+ };
+
+ // First, test the executeScript() method.
+ ResultCatcher catcher;
+ test_listener.Reply(std::string());
+ ASSERT_TRUE(catcher.GetNextResult()) << catcher.message();
+ EXPECT_EQ(GURL("chrome://newtab"), browser()
+ ->tab_strip_model()
+ ->GetActiveWebContents()
+ ->GetLastCommittedURL());
+ EXPECT_FALSE(
+ did_script_inject(browser()->tab_strip_model()->GetActiveWebContents()));
+
+ // Next, check content script injection.
+ ui_test_utils::NavigateToURL(browser(), search::GetNewTabPageURL(profile()));
+ EXPECT_FALSE(
+ did_script_inject(browser()->tab_strip_model()->GetActiveWebContents()));
+
+ // The extension should inject on "normal" urls.
+ GURL unprotected_url = embedded_test_server()->GetURL(
+ "example.com", "/extensions/test_file.html");
+ ui_test_utils::NavigateToURL(browser(), unprotected_url);
+ EXPECT_TRUE(
+ did_script_inject(browser()->tab_strip_model()->GetActiveWebContents()));
+}
+
INSTANTIATE_TEST_CASE_P(
ContentScriptApiTests,
ContentScriptApiTest,
« no previous file with comments | « no previous file | chrome/renderer/extensions/renderer_permissions_policy_delegate.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698