// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "content/browser/renderer_host/navigation_policy_container_builder.h" #include <iosfwd> #include <utility> #include "base/files/file_path.h" #include "base/test/bind.h" #include "base/test/gtest_util.h" #include "content/public/browser/browser_thread.h" #include "content/public/test/navigation_simulator.h" #include "content/test/test_render_view_host.h" #include "content/test/test_web_contents.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "services/network/public/mojom/content_security_policy.mojom.h" #include "services/network/public/mojom/referrer_policy.mojom-shared.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "url/url_constants.h" namespace content { namespace { ByRef; Eq; IsNull; NotNull; Pointee; SizeIs; network::mojom::ContentSecurityPolicyPtr MakeTestCSP() { … } // Returns non-default policies for use in tests. PolicyContainerPolicies MakeTestPolicies() { … } // Shorthand. scoped_refptr<PolicyContainerHost> NewHost(PolicyContainerPolicies policies) { … } GURL AboutBlankUrl() { … } GURL AboutSrcdocUrl() { … } // RenderViewHostImplTestHarness allows interacting with RenderFrameHosts in the // form of TestRenderFrameHosts. This allows us to easily set policies on frames // for testing. It also instantiates a BrowserTaskEnvironment so that tests are // executed "on the UI thread". // // This test fixture is moderately expensive to set up (~100ms overhead per // test), but still an order of magnitude faster than browser tests. class NavigationPolicyContainerBuilderTest : public RenderViewHostImplTestHarness { … }; // Verifies that the initial delivered policies are default-constructed. TEST_F(NavigationPolicyContainerBuilderTest, DefaultDeliveredPolicies) { … } // Verifies that SetIPAddressSpace sets the address space in the builder's // delivered policies. TEST_F(NavigationPolicyContainerBuilderTest, SetIPAddressSpace) { … } // Verifies that SetIsOriginPotentiallyTrustworthy sets the secure context bit // in the builder's delivered policies. TEST_F(NavigationPolicyContainerBuilderTest, SetIsOriginPotentiallyTrustworthy) { … } // Verifies that SetCrossOriginOpenerPolicy sets the cross-origin-opener-policy // in the builder's delivered policies. TEST_F(NavigationPolicyContainerBuilderTest, SetCrossOriginOpenerPolicy) { … } // Verifies that SetDocumentIsolationPolicy sets the document-isolation-policy // in the builder's delivered policies. TEST_F(NavigationPolicyContainerBuilderTest, SetDocumentIsolationPolicy) { … } // Verifies that the default final policies of a builder are // default-constructed, and are equal to the policies of the builder's policy // container host. TEST_F(NavigationPolicyContainerBuilderTest, DefaultFinalPolicies) { … } // Verifies that when the URL of the document to commit does not have a local // scheme, then the final policies are copied from the delivered policies. TEST_F(NavigationPolicyContainerBuilderTest, FinalPoliciesNormalUrl) { … } // Verifies the final policies when the URL of the document to commit is // `about:blank` but there is no initiator. TEST_F(NavigationPolicyContainerBuilderTest, FinalPoliciesAboutBlankWithoutInitiator) { … } // Verifies the final policies when the URL of the document to commit is // `about:blank` but there is no initiator, and we have some additional CSPs. TEST_F(NavigationPolicyContainerBuilderTest, FinalPoliciesAboutBlankWithoutInitiatorAdditionalCSP) { … } // This test verifies the default final policies on error pages. TEST_F(NavigationPolicyContainerBuilderTest, DefaultFinalPoliciesForErrorPage) { … } // This test verifies that error pages commit in the same IP address space as // the underlying page would have, had it not failed to load. TEST_F(NavigationPolicyContainerBuilderTest, ErrorPageIPAddressSpace) { … } // Variation of: NavigationPolicyContainerBuilderTest.ErrorPageIPAddressSpace // The decision to commit an error happens after receiving the response. TEST_F(NavigationPolicyContainerBuilderTest, ErrorPageIPAddressSpaceAfterResponse) { … } // CSP delivered by the HTTP response are ignored for error document. TEST_F(NavigationPolicyContainerBuilderTest, DeliveredCSPIgnoredForErrorDocument) { … } // Verifies that InitiatorPolicies() returns nullptr in the absence of an // initiator frame token. TEST_F(NavigationPolicyContainerBuilderTest, InitiatorPoliciesWithoutInitiator) { … } // Verifies that ParentPolicies returns nullptr in the absence of a parent. TEST_F(NavigationPolicyContainerBuilderTest, ParentPoliciesWithoutParent) { … } // Verifies that ParentPolicies returns a pointer to a copy of the parent's // policies. TEST_F(NavigationPolicyContainerBuilderTest, ParentPoliciesWithParent) { … } // Verifies that when the the URL of the document to commit is `about:srcdoc`, // the builder's final policies are copied from the parent. TEST_F(NavigationPolicyContainerBuilderTest, FinalPoliciesAboutSrcdocWithParent) { … } // Verifies that when a document has a potentially-trustworthy origin and no // parent, then it is a secure context. TEST_F(NavigationPolicyContainerBuilderTest, IsWebSecureContextTrustworthyOriginNoParent) { … } // Verifies that when a document has a non-potentially-trustworthy origin and no // parent, then it is not a secure context. TEST_F(NavigationPolicyContainerBuilderTest, IsWebSecureContextNonTrustworthyOriginNoParent) { … } // Verifies that when a document has a potentially-trustworthy origin and a // parent that is not a secure context, then it is not a secure context. TEST_F(NavigationPolicyContainerBuilderTest, IsWebSecureContextTrustworthyOriginNonSecureParent) { … } // Verifies that when a document has a non-potentially-trustworthy origin and a // parent that is a secure context, then it is not a secure context. TEST_F(NavigationPolicyContainerBuilderTest, IsWebSecureContextNonTrustworthyOriginSecureParent) { … } // Verifies that when a document has a potentially-trustworthy origin and a // parent that is a secure context, then it is a secure context. TEST_F(NavigationPolicyContainerBuilderTest, IsWebSecureContextTrustworthyOriginSecureParent) { … } // Verifies that when the the URL of the document to commit is `about:srcdoc`, // the builder's final policies are copied from the parent, and additional // delivered policies are merged. TEST_F(NavigationPolicyContainerBuilderTest, FinalPoliciesAboutSrcdocWithParentAndAdditionalCSP) { … } // Calling ComputePolicies() twice triggers a DCHECK. TEST_F(NavigationPolicyContainerBuilderTest, ComputePoliciesTwiceDCHECK) { … } // Calling ComputePolicies() followed by ComputePoliciesForError() is supported. TEST_F(NavigationPolicyContainerBuilderTest, ComputePoliciesThenError) { … } // After ComputePolicies() or ComputePoliciesForError(), the parent // policies are still accessible. TEST_F(NavigationPolicyContainerBuilderTest, AccessParentAfterComputingPolicies) { … } // Verifies that the parent policies are preserved on // ResetForCrossDocumentRestart. TEST_F(NavigationPolicyContainerBuilderTest, ResetForCrossDocumentRestartParentPolicies) { … } } // namespace } // namespace content
Codebase Browser
chromium