Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(350)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/service_worker/service_worker_dispatcher_host_unittest.cc

Issue 618113005: Kill renderers that dink with Service Workers from non-secure origins. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Remove copy-pasted provider_hosts. Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/browser/service_worker/service_worker_dispatcher_host.cc ('K') | « content/browser/service_worker/service_worker_dispatcher_host.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "base/run_loop.h" 9 #include "base/run_loop.h"
10 #include "content/browser/browser_thread_impl.h" 10 #include "content/browser/browser_thread_impl.h"
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after
117 EXPECT_TRUE(dispatcher_host_->ipc_sink()->GetUniqueMessageMatching( 117 EXPECT_TRUE(dispatcher_host_->ipc_sink()->GetUniqueMessageMatching(
118 expected_message)); 118 expected_message));
119 dispatcher_host_->ipc_sink()->ClearMessages(); 119 dispatcher_host_->ipc_sink()->ClearMessages();
120 } 120 }
121 121
122 TestBrowserThreadBundle browser_thread_bundle_; 122 TestBrowserThreadBundle browser_thread_bundle_;
123 scoped_ptr<EmbeddedWorkerTestHelper> helper_; 123 scoped_ptr<EmbeddedWorkerTestHelper> helper_;
124 scoped_refptr<TestingServiceWorkerDispatcherHost> dispatcher_host_; 124 scoped_refptr<TestingServiceWorkerDispatcherHost> dispatcher_host_;
125 }; 125 };
126 126
127 TEST_F(ServiceWorkerDispatcherHostTest, Register_SameOrigin) { 127 TEST_F(ServiceWorkerDispatcherHostTest, Register_HTTPS) {
128 const int64 kProviderId = 99; // Dummy value 128 const int64 kProviderId = 99; // Dummy value
129 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost( 129 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
130 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL)); 130 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
131 host->SetDocumentUrl(GURL("https://www.example.com/foo")); 131 host->SetDocumentUrl(GURL("https://www.example.com/foo"));
132 base::WeakPtr<ServiceWorkerProviderHost> provider_host = host->AsWeakPtr();
133 context()->AddProviderHost(host.Pass()); 132 context()->AddProviderHost(host.Pass());
134 133
135 Register(kProviderId, 134 Register(kProviderId,
136 GURL("https://www.example.com/"), 135 GURL("https://www.example.com/"),
137 GURL("https://www.example.com/bar"), 136 GURL("https://www.example.com/bar"),
138 ServiceWorkerMsg_ServiceWorkerRegistered::ID); 137 ServiceWorkerMsg_ServiceWorkerRegistered::ID);
139 } 138 }
140 139
141 TEST_F(ServiceWorkerDispatcherHostTest, Register_CrossOrigin) { 140 TEST_F(ServiceWorkerDispatcherHostTest, Register_NonSecureTransportLocalhost) {
141 const int64 kProviderId = 99; // Dummy value
142 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
143 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
144 host->SetDocumentUrl(GURL("http://127.0.0.3:81/foo"));
145 context()->AddProviderHost(host.Pass());
146
147 Register(kProviderId,
148 GURL("http://127.0.0.3:81/bar"),
149 GURL("http://127.0.0.3:81/baz"),
150 ServiceWorkerMsg_ServiceWorkerRegistered::ID);
151 }
152
153 TEST_F(ServiceWorkerDispatcherHostTest, Register_NonSecureOriginShouldFail) {
154 const int64 kProviderId = 99; // Dummy value
155 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
156 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
157 host->SetDocumentUrl(GURL("http://www.example.com/foo"));
158 context()->AddProviderHost(host.Pass());
159
160 SendRegister(kProviderId,
161 GURL("http://www.example.com/"),
162 GURL("http://www.example.com/bar"));
163 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_);
164 }
165
166 TEST_F(ServiceWorkerDispatcherHostTest, Register_CrossOriginShouldFail) {
142 const int64 kProviderId = 99; // Dummy value 167 const int64 kProviderId = 99; // Dummy value
143 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost( 168 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
144 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL)); 169 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
145 host->SetDocumentUrl(GURL("https://www.example.com/foo")); 170 host->SetDocumentUrl(GURL("https://www.example.com/foo"));
146 base::WeakPtr<ServiceWorkerProviderHost> provider_host = host->AsWeakPtr();
147 context()->AddProviderHost(host.Pass()); 171 context()->AddProviderHost(host.Pass());
148 172
149 // Script has a different host 173 // Script has a different host
150 SendRegister(kProviderId, 174 SendRegister(kProviderId,
151 GURL("https://www.example.com/"), 175 GURL("https://www.example.com/"),
152 GURL("https://foo.example.com/bar")); 176 GURL("https://foo.example.com/bar"));
153 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_); 177 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_);
154 178
155 // Scope has a different host 179 // Scope has a different host
156 SendRegister(kProviderId, 180 SendRegister(kProviderId,
157 GURL("https://foo.example.com/"), 181 GURL("https://foo.example.com/"),
158 GURL("https://www.example.com/bar")); 182 GURL("https://www.example.com/bar"));
159 EXPECT_EQ(2, dispatcher_host_->bad_messages_received_count_); 183 EXPECT_EQ(2, dispatcher_host_->bad_messages_received_count_);
160 184
161 // Script has a different port 185 // Script has a different port
162 SendRegister(kProviderId, 186 SendRegister(kProviderId,
163 GURL("https://www.example.com/"), 187 GURL("https://www.example.com/"),
164 GURL("https://www.example.com:8080/bar")); 188 GURL("https://www.example.com:8080/bar"));
165 EXPECT_EQ(3, dispatcher_host_->bad_messages_received_count_); 189 EXPECT_EQ(3, dispatcher_host_->bad_messages_received_count_);
166 190
167 // Scope has a different transport 191 // Scope has a different transport
168 SendRegister(kProviderId, 192 SendRegister(kProviderId,
169 GURL("wss://www.example.com/"), 193 GURL("wss://www.example.com/"),
170 GURL("https://www.example.com/bar")); 194 GURL("https://www.example.com/bar"));
171 EXPECT_EQ(4, dispatcher_host_->bad_messages_received_count_); 195 EXPECT_EQ(4, dispatcher_host_->bad_messages_received_count_);
172 196
173 // Script and scope have different hosts 197 // Script and scope have a different host but match each other
174 SendRegister(kProviderId, 198 SendRegister(kProviderId,
175 GURL("https://foo.example.com/"), 199 GURL("https://foo.example.com/"),
176 GURL("https://foo.example.com/bar")); 200 GURL("https://foo.example.com/bar"));
177 EXPECT_EQ(5, dispatcher_host_->bad_messages_received_count_); 201 EXPECT_EQ(5, dispatcher_host_->bad_messages_received_count_);
178 202
179 // Script and scope URLs are invalid 203 // Script and scope URLs are invalid
180 SendRegister(kProviderId, 204 SendRegister(kProviderId,
181 GURL(), 205 GURL(),
182 GURL("h@ttps://@")); 206 GURL("h@ttps://@"));
183 EXPECT_EQ(6, dispatcher_host_->bad_messages_received_count_); 207 EXPECT_EQ(6, dispatcher_host_->bad_messages_received_count_);
184 } 208 }
185 209
186 TEST_F(ServiceWorkerDispatcherHostTest, Unregister_SameOrigin) { 210 TEST_F(ServiceWorkerDispatcherHostTest, Unregister_HTTPS) {
211 const int64 kProviderId = 99; // Dummy value
212 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
213 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
214 host->SetDocumentUrl(GURL("https://www.example.com/foo"));
215 context()->AddProviderHost(host.Pass());
216
217 Unregister(kProviderId,
218 GURL("https://www.example.com/"),
219 ServiceWorkerMsg_ServiceWorkerUnregistered::ID);
220 }
221
222 TEST_F(ServiceWorkerDispatcherHostTest,
223 Unregister_NonSecureTransportLocalhost) {
224 const int64 kProviderId = 99; // Dummy value
225 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
226 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
227 host->SetDocumentUrl(GURL("http://localhost/foo"));
228 context()->AddProviderHost(host.Pass());
229
230 Unregister(kProviderId,
231 GURL("http://localhost/"),
232 ServiceWorkerMsg_ServiceWorkerUnregistered::ID);
233 }
234
235 TEST_F(ServiceWorkerDispatcherHostTest, Unregister_CrossOriginShouldFail) {
236 const int64 kProviderId = 99; // Dummy value
237 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
238 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
239 host->SetDocumentUrl(GURL("https://www.example.com/foo"));
240 context()->AddProviderHost(host.Pass());
241
242 SendUnregister(kProviderId, GURL("https://foo.example.com/"));
243 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_);
244 }
245
246 TEST_F(ServiceWorkerDispatcherHostTest, Unregister_NonSecureOriginShouldFail) {
187 const int64 kProviderId = 99; // Dummy value 247 const int64 kProviderId = 99; // Dummy value
188 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost( 248 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
189 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL)); 249 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
190 host->SetDocumentUrl(GURL("http://www.example.com/foo")); 250 host->SetDocumentUrl(GURL("http://www.example.com/foo"));
191 base::WeakPtr<ServiceWorkerProviderHost> provider_host = host->AsWeakPtr();
192 context()->AddProviderHost(host.Pass()); 251 context()->AddProviderHost(host.Pass());
193 252
194 Unregister(kProviderId, 253 SendUnregister(kProviderId, GURL("http://www.example.com/"));
195 GURL("http://www.example.com/"),
196 ServiceWorkerMsg_ServiceWorkerUnregistered::ID);
197 }
198
199 TEST_F(ServiceWorkerDispatcherHostTest, Unregister_CrossOrigin) {
200 const int64 kProviderId = 99; // Dummy value
201 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
202 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
203 host->SetDocumentUrl(GURL("http://www.example.com/foo"));
204 base::WeakPtr<ServiceWorkerProviderHost> provider_host = host->AsWeakPtr();
205 context()->AddProviderHost(host.Pass());
206
207 SendUnregister(kProviderId, GURL("http://foo.example.com/"));
208 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_); 254 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_);
209 } 255 }
210 256
211 TEST_F(ServiceWorkerDispatcherHostTest, EarlyContextDeletion) { 257 TEST_F(ServiceWorkerDispatcherHostTest, EarlyContextDeletion) {
212 helper_->ShutdownContext(); 258 helper_->ShutdownContext();
213 259
214 // Let the shutdown reach the simulated IO thread. 260 // Let the shutdown reach the simulated IO thread.
215 base::RunLoop().RunUntilIdle(); 261 base::RunLoop().RunUntilIdle();
216 262
217 Register(-1, 263 Register(-1,
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after
249 EXPECT_TRUE(dispatcher_host_->HasOneRef()); 295 EXPECT_TRUE(dispatcher_host_->HasOneRef());
250 dispatcher_host_ = NULL; 296 dispatcher_host_ = NULL;
251 EXPECT_FALSE(context()->GetProviderHost(kRenderProcessId, kProviderId)); 297 EXPECT_FALSE(context()->GetProviderHost(kRenderProcessId, kProviderId));
252 } 298 }
253 299
254 TEST_F(ServiceWorkerDispatcherHostTest, GetRegistration_SameOrigin) { 300 TEST_F(ServiceWorkerDispatcherHostTest, GetRegistration_SameOrigin) {
255 const int64 kProviderId = 99; // Dummy value 301 const int64 kProviderId = 99; // Dummy value
256 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost( 302 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
257 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL)); 303 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
258 host->SetDocumentUrl(GURL("https://www.example.com/foo")); 304 host->SetDocumentUrl(GURL("https://www.example.com/foo"));
259 base::WeakPtr<ServiceWorkerProviderHost> provider_host = host->AsWeakPtr();
260 context()->AddProviderHost(host.Pass()); 305 context()->AddProviderHost(host.Pass());
261 306
262 GetRegistration(kProviderId, 307 GetRegistration(kProviderId,
263 GURL("https://www.example.com/"), 308 GURL("https://www.example.com/"),
264 ServiceWorkerMsg_DidGetRegistration::ID); 309 ServiceWorkerMsg_DidGetRegistration::ID);
265 } 310 }
266 311
267 TEST_F(ServiceWorkerDispatcherHostTest, GetRegistration_CrossOrigin) { 312 TEST_F(ServiceWorkerDispatcherHostTest, GetRegistration_CrossOriginShouldFail) {
268 const int64 kProviderId = 99; // Dummy value 313 const int64 kProviderId = 99; // Dummy value
269 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost( 314 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
270 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL)); 315 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
271 host->SetDocumentUrl(GURL("https://www.example.com/foo")); 316 host->SetDocumentUrl(GURL("https://www.example.com/foo"));
272 base::WeakPtr<ServiceWorkerProviderHost> provider_host = host->AsWeakPtr();
273 context()->AddProviderHost(host.Pass()); 317 context()->AddProviderHost(host.Pass());
274 318
275 SendGetRegistration(kProviderId, GURL("https://foo.example.com/")); 319 SendGetRegistration(kProviderId, GURL("https://foo.example.com/"));
276 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_); 320 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_);
277 } 321 }
278 322
323 TEST_F(ServiceWorkerDispatcherHostTest,
324 GetRegistration_NotSecureOriginShouldFail) {
325 const int64 kProviderId = 99; // Dummy value
326 scoped_ptr<ServiceWorkerProviderHost> host(new ServiceWorkerProviderHost(
327 kRenderProcessId, kProviderId, context()->AsWeakPtr(), NULL));
328 host->SetDocumentUrl(GURL("http://www.example.com/foo"));
329 context()->AddProviderHost(host.Pass());
330
331 SendGetRegistration(kProviderId, GURL("http://www.example.com/"));
332 EXPECT_EQ(1, dispatcher_host_->bad_messages_received_count_);
333 }
334
279 TEST_F(ServiceWorkerDispatcherHostTest, GetRegistration_EarlyContextDeletion) { 335 TEST_F(ServiceWorkerDispatcherHostTest, GetRegistration_EarlyContextDeletion) {
280 helper_->ShutdownContext(); 336 helper_->ShutdownContext();
281 337
282 // Let the shutdown reach the simulated IO thread. 338 // Let the shutdown reach the simulated IO thread.
283 base::RunLoop().RunUntilIdle(); 339 base::RunLoop().RunUntilIdle();
284 340
285 GetRegistration(-1, 341 GetRegistration(-1,
286 GURL(), 342 GURL(),
287 ServiceWorkerMsg_ServiceWorkerGetRegistrationError::ID); 343 ServiceWorkerMsg_ServiceWorkerGetRegistrationError::ID);
288 } 344 }
289 345
290 } // namespace content 346 } // namespace content
OLDNEW
« content/browser/service_worker/service_worker_dispatcher_host.cc ('K') | « content/browser/service_worker/service_worker_dispatcher_host.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698