permissions_policy_unittest.cc | Explore in Territory

// Copyright 2016 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "third_party/blink/public/common/permissions_policy/permissions_policy.h"

#include <optional>
#include <unordered_set>

#include "base/containers/contains.h"
#include "base/strings/stringprintf.h"
#include "base/test/gtest_util.h"
#include "base/test/scoped_feature_list.h"
#include "services/network/public/cpp/resource_request.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "third_party/blink/common/permissions_policy/permissions_policy_features_internal.h"
#include "third_party/blink/public/common/features.h"
#include "third_party/blink/public/common/frame/fenced_frame_permissions_policies.h"
#include "third_party/blink/public/common/permissions_policy/permissions_policy_features.h"
#include "third_party/blink/public/mojom/permissions_policy/permissions_policy_feature.mojom-shared.h"
#include "third_party/blink/public/mojom/permissions_policy/permissions_policy_feature.mojom.h"
#include "third_party/blink/public/mojom/permissions_policy/policy_value.mojom.h"
#include "url/gurl.h"
#include "url/origin.h"

namespace blink {

namespace {

const mojom::PermissionsPolicyFeature kDefaultOnFeature = …;

const mojom::PermissionsPolicyFeature kDefaultSelfFeature = …;

const mojom::PermissionsPolicyFeature kDefaultOffFeature = …;

// This feature is defined in code, but not present in the feature list.
const mojom::PermissionsPolicyFeature kUnavailableFeature = …;

}  // namespace

class PermissionsPolicyTest : public testing::Test { … };

TEST_F(PermissionsPolicyTest, TestInitialPolicy) { … }

TEST_F(PermissionsPolicyTest, TestCanEnableOffFeatureWithAll) { … }

TEST_F(PermissionsPolicyTest, TestCanEnableOffFeatureWithSelf) { … }

TEST_F(PermissionsPolicyTest, TestInitialSameOriginChildPolicy) { … }

TEST_F(PermissionsPolicyTest, TestInitialCrossOriginChildPolicy) { … }

TEST_F(PermissionsPolicyTest, TestCrossOriginChildCannotEnableFeature) { … }

TEST_F(PermissionsPolicyTest, TestSameOriginChildCannotEnableOffFeature) { … }

TEST_F(PermissionsPolicyTest,
       TestSameOriginChildWithParentEnabledCannotEnableOffFeature) { … }

TEST_F(PermissionsPolicyTest,
       TestSameOriginChildWithParentEnabledCannotEnableOffFeatureWithoutAllow) { … }

TEST_F(PermissionsPolicyTest,
       TestSameOriginChildWithParentEnabledCanEnableOffFeatureWithAllow) { … }

TEST_F(PermissionsPolicyTest,
       TestCrossOriginChildWithParentEnabledCanEnableOffFeatureWithAllow) { … }

TEST_F(PermissionsPolicyTest, TestFrameSelfInheritance) { … }

TEST_F(PermissionsPolicyTest, TestReflexiveFrameSelfInheritance) { … }

TEST_F(PermissionsPolicyTest, TestReflexiveFrameOriginAInheritance) { … }

TEST_F(PermissionsPolicyTest, TestSelectiveFrameInheritance) { … }

TEST_F(PermissionsPolicyTest, TestSelectiveFrameInheritance2) { … }

TEST_F(PermissionsPolicyTest, TestPolicyCanBlockSelf) { … }

TEST_F(PermissionsPolicyTest, TestParentPolicyBlocksSameOriginChildPolicy) { … }

TEST_F(PermissionsPolicyTest, TestChildPolicyCanBlockSelf) { … }

TEST_F(PermissionsPolicyTest, TestChildPolicyCanBlockChildren) { … }

TEST_F(PermissionsPolicyTest, TestParentPolicyBlocksCrossOriginChildPolicy) { … }

TEST_F(PermissionsPolicyTest, TestEnableForAllOrigins) { … }

TEST_F(PermissionsPolicyTest, TestEnableForAllOriginsAndDelegate) { … }

TEST_F(PermissionsPolicyTest, TestDefaultOnStillNeedsSelf) { … }

TEST_F(PermissionsPolicyTest, TestDefaultOnEnablesForAllDescendants) { … }

TEST_F(PermissionsPolicyTest, TestDefaultSelfRequiresDelegation) { … }

TEST_F(PermissionsPolicyTest, TestDefaultSelfRespectsSameOriginEmbedding) { … }

TEST_F(PermissionsPolicyTest, TestDelegationRequiredAtAllLevels) { … }

TEST_F(PermissionsPolicyTest, TestBlockedFrameCannotReenable) { … }

TEST_F(PermissionsPolicyTest, TestEnabledFrameCanDelegate) { … }

TEST_F(PermissionsPolicyTest, TestEnabledFrameCanDelegateByDefault) { … }

TEST_F(PermissionsPolicyTest, TestFeaturesDontDelegateByDefault) { … }

TEST_F(PermissionsPolicyTest, TestFeaturesAreIndependent) { … }

// Test frame policies

TEST_F(PermissionsPolicyTest, TestSimpleFramePolicy) { … }

TEST_F(PermissionsPolicyTest, TestAllOriginFramePolicy) { … }

TEST_F(PermissionsPolicyTest, TestFramePolicyCanBeFurtherDelegated) { … }

TEST_F(PermissionsPolicyTest, TestDefaultOnCanBeDisabledByFramePolicy) { … }

TEST_F(PermissionsPolicyTest, TestFramePolicyModifiesHeaderPolicy) { … }

TEST_F(PermissionsPolicyTest, TestCombineFrameAndHeaderPolicies) { … }

TEST_F(PermissionsPolicyTest, TestFeatureDeclinedAtTopLevel) { … }

TEST_F(PermissionsPolicyTest, TestFeatureDelegatedAndAllowed) { … }

TEST_F(PermissionsPolicyTest, TestDefaultSandboxedFramePolicy) { … }

TEST_F(PermissionsPolicyTest, TestSandboxedFramePolicyForAllOrigins) { … }

TEST_F(PermissionsPolicyTest, TestSandboxedFramePolicyForSelf) { … }

TEST_F(PermissionsPolicyTest, TestSandboxedFramePolicyForOpaqueSrcOrigin) { … }

TEST_F(PermissionsPolicyTest, TestSandboxedFrameFromHeaderPolicy) { … }

TEST_F(PermissionsPolicyTest, TestSandboxedPolicyIsNotInherited) { … }

TEST_F(PermissionsPolicyTest, TestSandboxedPolicyCanBePropagated) { … }

TEST_F(PermissionsPolicyTest, TestUndefinedFeaturesInFramePolicy) { … }

// Tests for proposed algorithm change in
// https://github.com/w3c/webappsec-permissions-policy/pull/499 to construct
// the policy for subresource request when there exists an equivalent and
// enabled opt-in flag for the request.

// A cross-origin subresource request that explicitly sets the browsingTopics
// flag should have the browsing-topics permission as long as it passes
// allowlist check, regardless of the feature's default state. Similarly for the
// sharedStorageWritable flag.
TEST_F(PermissionsPolicyTest,
       ProposedTestIsFeatureEnabledForSubresourceRequest) { … }

// A cross-origin subresource request that explicitly sets the
// sharedStorageWritable flag should have the Shared Storage permission as long
// as it passes the allowlist check, regardless of the feature's default state.
TEST_F(PermissionsPolicyTest,
       ProposedTestIsFeatureEnabledForSubresourceRequestAssumingOptIn) { … }

// Tests for proposed algorithm change. These tests construct policies in
// various embedding scenarios, and verify that the proposed value for "should
// feature be allowed in the child frame" matches what we expect. The points
// where this differs from the current feature policy algorithm are called
// out specifically. See https://crbug.com/937131 for additional context.

TEST_F(PermissionsPolicyTest, ProposedTestImplicitPolicy) { … }

TEST_F(PermissionsPolicyTest, ProposedTestCompletelyBlockedPolicy) { … }

TEST_F(PermissionsPolicyTest, ProposedTestDisallowedCrossOriginChildPolicy) { … }

TEST_F(PermissionsPolicyTest, ProposedTestAllowedCrossOriginChildPolicy) { … }

TEST_F(PermissionsPolicyTest, ProposedTestAllAllowedCrossOriginChildPolicy) { … }

TEST_F(PermissionsPolicyTest, ProposedTestNestedPolicyPropagates) { … }

TEST_F(PermissionsPolicyTest, CreateFlexibleForFencedFrame) { … }

TEST_F(PermissionsPolicyTest, CreateForFledgeFencedFrame) { … }

TEST_F(PermissionsPolicyTest, CreateForSharedStorageFencedFrame) { … }

TEST_F(PermissionsPolicyTest, CreateFromParsedPolicy) { … }

TEST_F(PermissionsPolicyTest, CreateFromParsedPolicyExcludingSelf) { … }

TEST_F(PermissionsPolicyTest, CreateFromParsedPolicyWithEmptyAllowlist) { … }

TEST_F(PermissionsPolicyTest, OverwriteHeaderPolicyForClientHints) { … }

TEST_F(PermissionsPolicyTest, GetAllowlistForFeatureIfExists) { … }

// Tests that "unload"'s default is controlled by the deprecation flag.
TEST_F(PermissionsPolicyTest, UnloadDefaultEnabledForAll) { … }

// Tests that "unload"'s default is controlled by the deprecation flag.
TEST_F(PermissionsPolicyTest, UnloadDefaultEnabledForNone) { … }

blink::PermissionsPolicyFeatureDefault GetDefaultForUnload(
    const url::Origin& origin) { … }

// Test that for a given URL and rollout-percent, that all buckets get the
// correct fraction of EnabledForNone vs EnableForAll.
TEST_F(PermissionsPolicyTest, GetPermissionsPolicyFeatureListForUnload) { … }

// Test that parameter parsing works.
TEST_F(PermissionsPolicyTest, UnloadDeprecationAllowedHosts) { … }

// Test that parameter parsing handles empty hosts.
TEST_F(PermissionsPolicyTest, UnloadDeprecationAllowedHostsEmpty) { … }

// Test that the UnloadDeprecationAllowedForHost works correctly with
// an empty and a non-empty allowlist.
TEST_F(PermissionsPolicyTest, UnloadDeprecationAllowedForHostHostLists) { … }

TEST_F(PermissionsPolicyTest, UnloadDeprecationAllowedForOrigin_NonHttp) { … }

TEST_F(PermissionsPolicyTest,
       UnloadDeprecationAllowedForOrigin_GradualRollout) { … }
}  // namespace blink
chromium/third_party/blink/common/permissions_policy/permissions_policy_unittest.cc
