Replicate sandbox flags for OOPIF (Chromium part 2)

content/browser/frame_host/frame_tree_browsertest.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/command_line.h"
 #include "content/browser/frame_host/frame_tree.h"
 #include "content/browser/frame_host/frame_tree_node.h"
 #include "content/browser/renderer_host/render_view_host_impl.h"
 #include "content/browser/web_contents/web_contents_impl.h"
 #include "content/public/browser/notification_service.h"
@@ skipping 205 matching lines @@
   // Navigating to a data URL should set a unique origin.  This is represented
   // as "null" per RFC 6454.
   EXPECT_EQ(root->current_replication_state().origin.string(), "null");
 
   // Re-navigating to a normal URL should update the origin.
   EXPECT_TRUE(NavigateToURL(shell(), main_url));
   EXPECT_EQ(root->current_replication_state().origin.string() + '/',
             main_url.GetOrigin().spec());
 }
 
+// Ensure that sandbox flags are correctly set when child frames are created.
+IN_PROC_BROWSER_TEST_F(FrameTreeBrowserTest, SandboxFlagsSetForChildFrames) {
+  GURL main_url(embedded_test_server()->GetURL("/sandboxed_frames.html"));
+  EXPECT_TRUE(NavigateToURL(shell(), main_url));
+
+  // It is safe to obtain the root frame tree node here, as it doesn't change.
+  FrameTreeNode* root = static_cast<WebContentsImpl*>(shell()->web_contents())
+                            ->GetFrameTree()->root();
+
+  // Verify that sandbox flags are set properly for all FrameTreeNodes.
+  // First frame is completely sandboxed; second frame uses "allow-scripts",
+  // which resets both SandboxFlags::Scripts and
+  // SandboxFlags::AutomaticFeatures bits per blink::parseSandboxPolicy(), and
+  // third frame has "allow-scripts allow-same-origin".
+  EXPECT_EQ(root->current_replication_state().sandbox_flags,
+            SandboxFlags::NONE);
+  EXPECT_EQ(root->child_at(0)->current_replication_state().sandbox_flags,
+            SandboxFlags::ALL);
+  EXPECT_EQ(root->child_at(1)->current_replication_state().sandbox_flags,
+            SandboxFlags::ALL & ~SandboxFlags::SCRIPTS &
+                ~SandboxFlags::AUTOMATIC_FEATURES);
+  EXPECT_EQ(root->child_at(2)->current_replication_state().sandbox_flags,
+            SandboxFlags::ALL & ~SandboxFlags::SCRIPTS &
+                ~SandboxFlags::AUTOMATIC_FEATURES & ~SandboxFlags::ORIGIN);
+
+  // Sandboxed frames should set a unique origin unless they have the
+  // "allow-same-origin" directive.
+  EXPECT_EQ(root->child_at(0)->current_replication_state().origin.string(),
+            "null");
+  EXPECT_EQ(root->child_at(1)->current_replication_state().origin.string(),
+            "null");
+  EXPECT_EQ(
+      root->child_at(2)->current_replication_state().origin.string() + "/",
+      main_url.GetOrigin().spec());
+
+  // Navigating to a different URL should not clear sandbox flags.
+  GURL frame_url(embedded_test_server()->GetURL("/title1.html"));
+  NavigateFrameToURL(root->child_at(0), frame_url);
+  EXPECT_EQ(root->child_at(0)->current_replication_state().sandbox_flags,
+            SandboxFlags::ALL);
+}
+
 class CrossProcessFrameTreeBrowserTest : public ContentBrowserTest {
  public:
   CrossProcessFrameTreeBrowserTest() {}
 
   void SetUpCommandLine(base::CommandLine* command_line) override {
     command_line->AppendSwitch(switches::kSitePerProcess);
   }
 
   void SetUpOnMainThread() override {
     host_resolver()->AddRule("*", "127.0.0.1");
@@ skipping 104 matching lines @@
   GURL data_url("data:text/html,foo");
   NavigateFrameToURL(root->child_at(1), data_url);
 
   // Navigating to a data URL should set a unique origin.  This is represented
   // as "null" per RFC 6454.
   EXPECT_EQ(root->child_at(1)->current_replication_state().origin.string(),
             "null");
 }
 
 }  // namespace content