// Copyright 2017 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/40285824): Remove this and convert code to safer constructs. #pragma allow_unsafe_buffers #endif #include "content/public/browser/site_isolation_policy.h" #include "base/command_line.h" #include "base/feature_list.h" #include "base/test/scoped_feature_list.h" #include "build/build_config.h" #include "chrome/browser/chrome_content_browser_client.h" #include "chrome/browser/profiles/profile.h" #include "chrome/common/chrome_features.h" #include "chrome/common/pref_names.h" #include "chrome/test/base/chrome_test_utils.h" #include "chrome/test/base/platform_browser_test.h" #include "components/policy/core/browser/browser_policy_connector.h" #include "components/policy/core/common/mock_configuration_policy_provider.h" #include "components/policy/policy_constants.h" #include "components/prefs/pref_service.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/child_process_security_policy.h" #include "content/public/browser/site_instance.h" #include "content/public/common/content_client.h" #include "content/public/common/content_switches.h" #include "content/public/test/browser_test.h" #include "content/public/test/browser_test_utils.h" #include "content/public/test/test_utils.h" #include "url/gurl.h" class SiteIsolationPolicyBrowserTest : public PlatformBrowserTest { … }; template <bool policy_value> class SitePerProcessPolicyBrowserTest : public SiteIsolationPolicyBrowserTest { … }; SitePerProcessPolicyBrowserTestEnabled; SitePerProcessPolicyBrowserTestDisabled; // Ensure that --disable-site-isolation-trials and/or // --disable-site-isolation-for-enterprise-policy do not override policies. class NoOverrideSitePerProcessPolicyBrowserTest : public SitePerProcessPolicyBrowserTestEnabled { … }; IN_PROC_BROWSER_TEST_F(SitePerProcessPolicyBrowserTestEnabled, Simple) { … } #if !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_CHROMEOS) // The policy is not supported on Android class IsolateOriginsPolicyBrowserTest : public SiteIsolationPolicyBrowserTest { … }; IN_PROC_BROWSER_TEST_F(IsolateOriginsPolicyBrowserTest, Simple) { … } #endif IN_PROC_BROWSER_TEST_F(NoOverrideSitePerProcessPolicyBrowserTest, Simple) { … } // After https://crbug.com/910273 was fixed, enterprise policy can only be used // to disable Site Isolation on Android - the // SitePerProcessPolicyBrowserTestFieldTrialTest tests should not be run on any // other platform. Note that browser_tests won't run on Android until // https://crbug.com/611756 is fixed. #if BUILDFLAG(IS_ANDROID) class SitePerProcessPolicyBrowserTestFieldTrialTest : public SitePerProcessPolicyBrowserTestDisabled { public: SitePerProcessPolicyBrowserTestFieldTrialTest() { scoped_feature_list_.InitAndEnableFeature(features::kSitePerProcess); } SitePerProcessPolicyBrowserTestFieldTrialTest( const SitePerProcessPolicyBrowserTestFieldTrialTest&) = delete; SitePerProcessPolicyBrowserTestFieldTrialTest& operator=( const SitePerProcessPolicyBrowserTestFieldTrialTest&) = delete; ~SitePerProcessPolicyBrowserTestFieldTrialTest() override = default; private: base::test::ScopedFeatureList scoped_feature_list_; }; IN_PROC_BROWSER_TEST_F(SitePerProcessPolicyBrowserTestFieldTrialTest, Simple) { // Skip this test if the --site-per-process switch is present (e.g. on Site // Isolation Android chromium.fyi bot). The test is still valid if // SitePerProcess is the default (e.g. via ContentBrowserClient's // ShouldEnableStrictSiteIsolation method) - don't skip the test in such case. if (base::CommandLine::ForCurrentProcess()->HasSwitch( switches::kSitePerProcess)) { return; } // Policy should inject kDisableSiteIsolationForPolicy rather than // kDisableSiteIsolation switch. EXPECT_FALSE(base::CommandLine::ForCurrentProcess()->HasSwitch( switches::kDisableSiteIsolation)); ASSERT_TRUE(base::CommandLine::ForCurrentProcess()->HasSwitch( switches::kDisableSiteIsolationForPolicy)); EXPECT_FALSE( content::SiteIsolationPolicy::UseDedicatedProcessesForAllSites()); Expectations expectations[] = { {"https://foo.com/noodles.html", false}, {"http://example.org/pumpkins.html", false}, }; CheckExpectations(expectations, std::size(expectations)); } #endif IN_PROC_BROWSER_TEST_F(SiteIsolationPolicyBrowserTest, NoPolicyNoTrialsFlags) { … }
Codebase Browser
chromium