// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <memory> #include "base/command_line.h" #include "base/files/file_path.h" #include "base/files/file_util.h" #include "base/files/scoped_temp_dir.h" #include "base/run_loop.h" #include "base/strings/escape.h" #include "base/strings/stringprintf.h" #include "content/browser/child_process_security_policy_impl.h" #include "content/browser/renderer_host/frame_tree_node.h" #include "content/browser/renderer_host/render_frame_host_impl.h" #include "content/browser/web_contents/web_contents_impl.h" #include "content/public/browser/navigation_entry.h" #include "content/public/browser/navigation_handle.h" #include "content/public/browser/render_frame_host.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/web_contents.h" #include "content/public/common/content_switches.h" #include "content/public/test/browser_test.h" #include "content/public/test/browser_test_utils.h" #include "content/public/test/content_browser_test.h" #include "content/public/test/content_browser_test_utils.h" #include "content/public/test/navigation_handle_observer.h" #include "content/public/test/test_navigation_observer.h" #include "content/shell/browser/shell.h" #include "content/shell/browser/shell_content_browser_client.h" #include "content/shell/common/shell_switches.h" #include "content/test/content_browser_test_utils_internal.h" #include "net/dns/mock_host_resolver.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "testing/gmock/include/gmock/gmock-matchers.h" #include "url/gurl.h" namespace content { // WebContentsDelegate that fails to open a URL when there's a request that // needs to be transferred between renderers. class NoTransferRequestDelegate : public WebContentsDelegate { … }; class CrossSiteTransferTest : public ContentBrowserTest { … }; // The following tests crash in the ThreadSanitizer runtime, // http://crbug.com/356758. #if defined(THREAD_SANITIZER) #define MAYBE_ReplaceEntryCrossProcessThenTransfer … #define MAYBE_ReplaceEntryCrossProcessTwice … #else #define MAYBE_ReplaceEntryCrossProcessThenTransfer … #define MAYBE_ReplaceEntryCrossProcessTwice … #endif // Tests that the |should_replace_current_entry| flag persists correctly across // request transfers that began with a cross-process navigation. IN_PROC_BROWSER_TEST_F(CrossSiteTransferTest, MAYBE_ReplaceEntryCrossProcessThenTransfer) { … } // Tests that the |should_replace_current_entry| flag persists correctly across // request transfers that began with a content-initiated in-process // navigation. This test is the same as the test above, except transfering from // in-process. IN_PROC_BROWSER_TEST_F(CrossSiteTransferTest, ReplaceEntryInProcessThenTransfer) { … } // Tests that the |should_replace_current_entry| flag persists correctly across // request transfers that cross processes twice from renderer policy. IN_PROC_BROWSER_TEST_F(CrossSiteTransferTest, MAYBE_ReplaceEntryCrossProcessTwice) { … } // Tests that the request is destroyed when a cross process navigation is // cancelled. IN_PROC_BROWSER_TEST_F(CrossSiteTransferTest, NoLeakOnCrossSiteCancel) { … } // Test that verifies that a cross-process transfer retains ability to read // files encapsulated by HTTP POST body that is forwarded to the new renderer. // Invalid handling of this scenario has been suspected as the cause of at least // some of the renderer kills tracked in https://crbug.com/613260. IN_PROC_BROWSER_TEST_F(CrossSiteTransferTest, PostWithFileData) { … } // Test that verifies that if navigation originator doesn't have access to a // file, then no access is granted after a cross-process transfer of POST data. // This is a regression test for https://crbug.com/726067. // // This test is somewhat similar to // http/tests/navigation/form-targets-cross-site-frame-post.html web test // except that it 1) tests with files, 2) simulates a malicious scenario and 3) // verifies file access (all of these 3 things are not possible with web // tests). // // This test is very similar to CrossSiteTransferTest.PostWithFileData above, // except that it simulates a malicious form / POST originator. IN_PROC_BROWSER_TEST_F(CrossSiteTransferTest, MaliciousPostWithFileData) { … } // Regression test for https://crbug.com/538784 -- ensures that one can't // sidestep cross-process navigation by detaching a frame mid-request. IN_PROC_BROWSER_TEST_F(CrossSiteTransferTest, NoDeliveryToDetachedFrame) { … } } // namespace content
Codebase Browser
chromium