chromium/chrome/browser/content_settings/content_settings_browsertest.cc

// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "base/command_line.h"
#include "base/functional/bind.h"
#include "base/path_service.h"
#include "base/strings/strcat.h"
#include "base/strings/stringprintf.h"
#include "base/strings/utf_string_conversions.h"
#include "base/test/bind.h"
#include "base/test/mock_callback.h"
#include "base/test/scoped_feature_list.h"
#include "build/build_config.h"
#include "build/chromeos_buildflags.h"
#include "chrome/browser/content_settings/cookie_settings_factory.h"
#include "chrome/browser/content_settings/host_content_settings_map_factory.h"
#include "chrome/browser/plugins/chrome_plugin_service_filter.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/browser.h"
#include "chrome/browser/ui/browser_commands.h"
#include "chrome/browser/ui/tabs/tab_strip_model.h"
#include "chrome/browser/ui/view_ids.h"
#include "chrome/common/chrome_features.h"
#include "chrome/common/chrome_paths.h"
#include "chrome/test/base/in_process_browser_test.h"
#include "chrome/test/base/test_launcher_utils.h"
#include "chrome/test/base/ui_test_utils.h"
#include "components/browsing_data/content/cookie_helper.h"
#include "components/browsing_data/content/local_storage_helper.h"
#include "components/content_settings/browser/page_specific_content_settings.h"
#include "components/content_settings/core/browser/cookie_settings.h"
#include "components/content_settings/core/browser/host_content_settings_map.h"
#include "components/content_settings/core/common/content_settings.h"
#include "components/content_settings/core/common/pref_names.h"
#include "components/nacl/common/buildflags.h"
#include "components/prefs/pref_service.h"
#include "content/public/browser/browser_task_traits.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/cookie_access_details.h"
#include "content/public/browser/navigation_handle.h"
#include "content/public/browser/render_frame_host.h"
#include "content/public/browser/render_process_host.h"
#include "content/public/browser/render_view_host.h"
#include "content/public/browser/storage_partition.h"
#include "content/public/browser/web_contents.h"
#include "content/public/common/content_constants.h"
#include "content/public/common/content_features.h"
#include "content/public/common/content_paths.h"
#include "content/public/test/back_forward_cache_util.h"
#include "content/public/test/browser_test.h"
#include "content/public/test/browser_test_utils.h"
#include "content/public/test/commit_message_delayer.h"
#include "content/public/test/fenced_frame_test_util.h"
#include "content/public/test/ppapi_test_utils.h"
#include "content/public/test/prerender_test_util.h"
#include "content/public/test/test_frame_navigation_observer.h"
#include "content/public/test/test_utils.h"
#include "net/cookies/canonical_cookie_test_helpers.h"
#include "net/dns/mock_host_resolver.h"
#include "net/test/embedded_test_server/default_handlers.h"
#include "net/test/embedded_test_server/embedded_test_server.h"
#include "net/test/embedded_test_server/http_request.h"
#include "net/test/embedded_test_server/http_response.h"
#include "net/test/url_request/url_request_mock_http_job.h"
#include "pdf/buildflags.h"
#include "ppapi/buildflags/buildflags.h"
#include "services/network/public/cpp/features.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "third_party/widevine/cdm/buildflags.h"

#if BUILDFLAG(IS_MAC)
#include "base/apple/scoped_nsautorelease_pool.h"
#endif

#if BUILDFLAG(ENABLE_PDF)
#include "chrome/browser/pdf/pdf_extension_test_base.h"
#include "components/pdf/browser/pdf_frame_util.h"
#endif

#if BUILDFLAG(ENABLE_PLUGINS)
#include "content/public/browser/plugin_service.h"
#endif

BrowserThread;
PageSpecificContentSettings;
URLRequestMockHTTPJob;

namespace {

BrowsingDataModel* GetSiteSettingsAllowedBrowsingDataModel(Browser* browser) { … }

BrowsingDataModel* GetSiteSettingsBlockedBrowsingDataModel(Browser* browser) { … }

net::CookieList ExtractCookiesFromModel(BrowsingDataModel* model) { … }

size_t GetRenderFrameHostCount(content::RenderFrameHost* starting_frame) { … }

class MockWebContentsLoadFailObserver : public content::WebContentsObserver { … };

MATCHER(IsErrorTooManyRedirects, "") { … }

// Return the active RenderFrameHost loaded in the last iframe in |parent_rfh|.
content::RenderFrameHost* LastChild(content::RenderFrameHost* parent_rfh) { … }

// Create an <iframe> inside |parent_rfh|, and navigate it toward |url|.
// |permission_policy| can be used to set permission policy to the iframe.
// For instance:
// ```
// child = CreateIframe(parent, url, "geolocation *; camera *");
// ```
// This returns the new RenderFrameHost associated with new document created in
// the iframe.
content::RenderFrameHost* CreateIframe(
    content::RenderFrameHost* parent_rfh,
    const GURL& url,
    const std::string& permission_policy = "") { … }

size_t GetModelCookieCount(const BrowsingDataModel* model) { … }

}  // namespace

class ContentSettingsTest : public InProcessBrowserTest { … };

// Test the combination of different ways of accessing cookies --- JS, HTML,
// or the new async cookie-store API.
enum class CookieMode { … };

class CookieSettingsTest
    : public ContentSettingsTest,
      public testing::WithParamInterface<std::pair<CookieMode, CookieMode>> { … };

// Sanity check on cookies before we do other tests. While these can be written
// in content_browsertests, we want to verify Chrome's cookie storage and how it
// handles incognito windows.
IN_PROC_BROWSER_TEST_P(CookieSettingsTest, PRE_BasicCookies) { … }

IN_PROC_BROWSER_TEST_P(CookieSettingsTest, BasicCookies) { … }

IN_PROC_BROWSER_TEST_P(CookieSettingsTest, PRE_BasicCookiesHttps) { … }

IN_PROC_BROWSER_TEST_P(CookieSettingsTest, BasicCookiesHttps) { … }

// Verify that cookies are being blocked.
IN_PROC_BROWSER_TEST_P(CookieSettingsTest, PRE_BlockCookies) { … }

// Ensure that the setting persists.
IN_PROC_BROWSER_TEST_P(CookieSettingsTest, BlockCookies) { … }

// Verify that cookies can be allowed and set using exceptions for particular
// website(s) when all others are blocked.
IN_PROC_BROWSER_TEST_P(CookieSettingsTest, AllowCookiesUsingExceptions) { … }

// Verify that cookies can be blocked for a specific website using exceptions.
//
// TODO(crbug.com/41440775): Re-enable test once flakiness is fixed.
IN_PROC_BROWSER_TEST_P(CookieSettingsTest,
                       DISABLED_BlockCookiesUsingExceptions) { … }

// Test that cookies that are considered "blocked" are excluded only due to the
// content settings blocking (i.e. not for other reasons like domain or path not
// matching). See https://crbug.com/1104451.
IN_PROC_BROWSER_TEST_P(CookieSettingsTest,
                       BlockedCookiesOnlyExcludedDueToBlocking) { … }

IN_PROC_BROWSER_TEST_P(CookieSettingsTest, BlockCookiesAlsoBlocksCacheStorage) { … }

IN_PROC_BROWSER_TEST_P(CookieSettingsTest, BlockCookiesAlsoBlocksIndexedDB) { … }

IN_PROC_BROWSER_TEST_P(CookieSettingsTest,
                       BlockCookiesAlsoBlocksIndexedDBPromiseBased) { … }

IN_PROC_BROWSER_TEST_P(CookieSettingsTest, BlockCookiesAlsoBlocksFileSystem) { … }

INSTANTIATE_TEST_SUITE_P(…);

// This fails on ChromeOS because kRestoreOnStartup is ignored and the startup
// preference is always "continue where I left off.
#if !BUILDFLAG(IS_CHROMEOS)

// Verify that cookies can be allowed and set using exceptions for particular
// website(s) only for a session when all others are blocked.
IN_PROC_BROWSER_TEST_F(ContentSettingsTest,
                       PRE_AllowCookiesForASessionUsingExceptions) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsTest,
                       AllowCookiesForASessionUsingExceptions) { … }

#endif  // !CHROME_OS

// Regression test for http://crbug.com/63649.
IN_PROC_BROWSER_TEST_F(ContentSettingsTest, RedirectLoopCookies) { … }

// Any cookie access during a navigation does not end up in a new document (e.g.
// due to the request returning HTTP 204) should not be tracked by the
// PageSpecificContentSettings.
IN_PROC_BROWSER_TEST_F(ContentSettingsTest, CookiesIgnoredFor204) { … }

class ContentSettingsBackForwardCacheBrowserTest : public ContentSettingsTest { … };

IN_PROC_BROWSER_TEST_F(ContentSettingsBackForwardCacheBrowserTest,
                       StateRestoredWhenNavigatingBack) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsBackForwardCacheBrowserTest,
                       SettingsUpdateWhileInCacheShouldBeProcessed) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsTest, ContentSettingsBlockDataURLs) { … }

// Tests that if redirect across origins occurs, the new process still gets the
// content settings before the resource headers.
IN_PROC_BROWSER_TEST_F(ContentSettingsTest, RedirectCrossOrigin) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsTest, SendRendererContentRules) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsTest,
                       SpareRenderProcessHostRulesAreUpdated) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsTest, NonMainFrameRulesAreUpdated) { … }

// Simulates script being blocked in the renderer and notifying the browser
// before DidCommitNavigation is sent to the browser (i.e. while the RFH is
// still pending commit).
IN_PROC_BROWSER_TEST_F(ContentSettingsTest, RendererUpdateWhilePendingCommit) { … }

// This test verifies that the site settings accurately reflect that an attempt
// to create a secure cookie by an insecure origin fails.
IN_PROC_BROWSER_TEST_F(ContentSettingsTest, SecureCookies) { … }

class ContentSettingsWorkerModulesBrowserTest : public ContentSettingsTest { … };

IN_PROC_BROWSER_TEST_F(ContentSettingsWorkerModulesBrowserTest,
                       WorkerImportModule) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsWorkerModulesBrowserTest, CookieStore) { … }

class ContentSettingsWithPrerenderingBrowserTest : public ContentSettingsTest { … };

// Used to wait for non-primary pages to set a cookie (eg: prerendering pages or
// fenced frames).
class NonPrimaryPageCookieAccessObserver : public content::WebContentsObserver { … };

IN_PROC_BROWSER_TEST_F(ContentSettingsWithPrerenderingBrowserTest,
                       PrerenderingPageSetsCookie) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsWithPrerenderingBrowserTest,
                       PrerenderingPageIframeSetsCookie) { … }

class ContentSettingsWithFencedFrameBrowserTest : public ContentSettingsTest { … };

IN_PROC_BROWSER_TEST_F(ContentSettingsWithFencedFrameBrowserTest,
                       StorageAccessInFencedFrame) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsWithFencedFrameBrowserTest,
                       RendererContentSettings) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsWithFencedFrameBrowserTest,
                       NestedFramesRendererContentSettings) { … }

IN_PROC_BROWSER_TEST_F(ContentSettingsWithFencedFrameBrowserTest,
                       FencedFrameSetsCookie) { … }

class ContentSettingsWorkerModulesWithFencedFrameBrowserTest
    : public ContentSettingsWorkerModulesBrowserTest { … };

IN_PROC_BROWSER_TEST_F(ContentSettingsWorkerModulesWithFencedFrameBrowserTest,
                       WorkerImportModuleBlocked) { … }

#if BUILDFLAG(ENABLE_PDF)
class ContentSettingsPdfTest : public PDFExtensionTestBase { … };

// Test that only PDF frames are allowed to use JavaScript.
IN_PROC_BROWSER_TEST_F(ContentSettingsPdfTest, JavaScriptAllowedForPdfFrames) { … }

#endif  // BUILDFLAG(ENABLE_PDF)