OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/command_line.h" | 5 #include "base/command_line.h" |
6 #include "base/containers/hash_tables.h" | 6 #include "base/containers/hash_tables.h" |
7 #include "content/browser/dom_storage/dom_storage_context_wrapper.h" | 7 #include "content/browser/dom_storage/dom_storage_context_wrapper.h" |
8 #include "content/browser/dom_storage/session_storage_namespace_impl.h" | 8 #include "content/browser/dom_storage/session_storage_namespace_impl.h" |
9 #include "content/browser/frame_host/navigator.h" | 9 #include "content/browser/frame_host/navigator.h" |
10 #include "content/browser/renderer_host/render_view_host_factory.h" | 10 #include "content/browser/renderer_host/render_view_host_factory.h" |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
77 } // namespace | 77 } // namespace |
78 | 78 |
79 | 79 |
80 // The goal of these tests will be to "simulate" exploited renderer processes, | 80 // The goal of these tests will be to "simulate" exploited renderer processes, |
81 // which can send arbitrary IPC messages and confuse browser process internal | 81 // which can send arbitrary IPC messages and confuse browser process internal |
82 // state, leading to security bugs. We are trying to verify that the browser | 82 // state, leading to security bugs. We are trying to verify that the browser |
83 // doesn't perform any dangerous operations in such cases. | 83 // doesn't perform any dangerous operations in such cases. |
84 class SecurityExploitBrowserTest : public ContentBrowserTest { | 84 class SecurityExploitBrowserTest : public ContentBrowserTest { |
85 public: | 85 public: |
86 SecurityExploitBrowserTest() {} | 86 SecurityExploitBrowserTest() {} |
87 virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { | 87 virtual void SetUpCommandLine(CommandLine* command_line) override { |
88 ASSERT_TRUE(test_server()->Start()); | 88 ASSERT_TRUE(test_server()->Start()); |
89 | 89 |
90 // Add a host resolver rule to map all outgoing requests to the test server. | 90 // Add a host resolver rule to map all outgoing requests to the test server. |
91 // This allows us to use "real" hostnames in URLs, which we can use to | 91 // This allows us to use "real" hostnames in URLs, which we can use to |
92 // create arbitrary SiteInstances. | 92 // create arbitrary SiteInstances. |
93 command_line->AppendSwitchASCII( | 93 command_line->AppendSwitchASCII( |
94 switches::kHostResolverRules, | 94 switches::kHostResolverRules, |
95 "MAP * " + test_server()->host_port_pair().ToString() + | 95 "MAP * " + test_server()->host_port_pair().ToString() + |
96 ",EXCLUDE localhost"); | 96 ",EXCLUDE localhost"); |
97 } | 97 } |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
160 // Since this test executes on the UI thread and hopping threads might cause | 160 // Since this test executes on the UI thread and hopping threads might cause |
161 // different timing in the test, let's simulate a CreateNewWidget call coming | 161 // different timing in the test, let's simulate a CreateNewWidget call coming |
162 // from the IO thread. Use the existing window routing id to cause a | 162 // from the IO thread. Use the existing window routing id to cause a |
163 // deliberate collision. | 163 // deliberate collision. |
164 pending_rvh->CreateNewWidget(duplicate_routing_id, blink::WebPopupTypeSelect); | 164 pending_rvh->CreateNewWidget(duplicate_routing_id, blink::WebPopupTypeSelect); |
165 | 165 |
166 // If the above operation doesn't crash, the test has succeeded! | 166 // If the above operation doesn't crash, the test has succeeded! |
167 } | 167 } |
168 | 168 |
169 } // namespace content | 169 } // namespace content |
OLD | NEW |