| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "base/test/scoped_feature_list.h" |
| 6 #include "chrome/browser/geolocation/geolocation_permission_context.h" |
| 7 #include "chrome/browser/media/midi_permission_context.h" |
| 8 #include "chrome/browser/notifications/notification_permission_context.h" |
| 9 #include "chrome/browser/profiles/profile.h" |
| 10 #include "chrome/test/base/chrome_render_view_host_test_harness.h" |
| 11 #include "chrome/test/base/testing_profile.h" |
| 12 #include "content/public/browser/render_frame_host.h" |
| 13 #include "content/public/browser/web_contents.h" |
| 14 #include "content/public/common/content_features.h" |
| 15 #include "content/public/test/navigation_simulator.h" |
| 16 #include "content/public/test/test_renderer_host.h" |
| 17 #include "third_party/WebKit/public/platform/WebFeaturePolicyFeature.h" |
| 18 #include "url/gurl.h" |
| 19 #include "url/origin.h" |
| 20 |
| 21 // Integration tests for querying permissions that have a feature policy set. |
| 22 // These tests are not meant to cover every edge case as the FeaturePolicy class |
| 23 // itself is tested thoroughly in feature_policy_unittest.cc and in |
| 24 // render_frame_host_feature_policy_unittest.cc. Instead they are meant to |
| 25 // ensure that integration with content::PermissionContextBase works correctly. |
| 26 class PermissionContextBaseFeaturePolicyTest |
| 27 : public ChromeRenderViewHostTestHarness { |
| 28 public: |
| 29 void SetUp() override { |
| 30 ChromeRenderViewHostTestHarness::SetUp(); |
| 31 feature_list_.InitAndEnableFeature( |
| 32 features::kUseFeaturePolicyForPermissions); |
| 33 } |
| 34 |
| 35 protected: |
| 36 static constexpr const char* kOrigin1 = "https://google.com"; |
| 37 static constexpr const char* kOrigin2 = "https://maps.google.com"; |
| 38 |
| 39 content::RenderFrameHost* GetMainRFH(const char* origin) { |
| 40 content::RenderFrameHost* result = web_contents()->GetMainFrame(); |
| 41 content::RenderFrameHostTester::For(result) |
| 42 ->InitializeRenderFrameIfNeeded(); |
| 43 SimulateNavigation(&result, GURL(origin)); |
| 44 return result; |
| 45 } |
| 46 |
| 47 content::RenderFrameHost* AddChildRFH(content::RenderFrameHost* parent, |
| 48 const char* origin) { |
| 49 content::RenderFrameHost* result = |
| 50 content::RenderFrameHostTester::For(parent)->AppendChild(""); |
| 51 content::RenderFrameHostTester::For(result) |
| 52 ->InitializeRenderFrameIfNeeded(); |
| 53 SimulateNavigation(&result, GURL(origin)); |
| 54 return result; |
| 55 } |
| 56 |
| 57 // The header policy should only be set once on page load, so we refresh the |
| 58 // page to simulate that. |
| 59 void RefreshPageAndSetHeaderPolicy(content::RenderFrameHost** rfh, |
| 60 blink::WebFeaturePolicyFeature feature, |
| 61 const std::vector<std::string>& origins) { |
| 62 content::RenderFrameHost* current = *rfh; |
| 63 SimulateNavigation(¤t, current->GetLastCommittedURL()); |
| 64 std::vector<url::Origin> parsed_origins; |
| 65 for (const std::string& origin : origins) |
| 66 parsed_origins.push_back(url::Origin(GURL(origin))); |
| 67 content::RenderFrameHostTester::For(current)->SimulateFeaturePolicyHeader( |
| 68 feature, parsed_origins); |
| 69 *rfh = current; |
| 70 } |
| 71 |
| 72 ContentSetting GetPermissionForFrame(PermissionContextBase* pcb, |
| 73 content::RenderFrameHost* rfh) { |
| 74 return pcb |
| 75 ->GetPermissionStatus( |
| 76 rfh, rfh->GetLastCommittedURL(), |
| 77 web_contents()->GetMainFrame()->GetLastCommittedURL()) |
| 78 .content_setting; |
| 79 } |
| 80 |
| 81 private: |
| 82 void SimulateNavigation(content::RenderFrameHost** rfh, const GURL& url) { |
| 83 auto navigation_simulator = |
| 84 content::NavigationSimulator::CreateRendererInitiated(url, *rfh); |
| 85 navigation_simulator->Commit(); |
| 86 *rfh = navigation_simulator->GetFinalRenderFrameHost(); |
| 87 } |
| 88 |
| 89 base::test::ScopedFeatureList feature_list_; |
| 90 }; |
| 91 |
| 92 // Feature policy should be ignored when the kUseFeaturePolicyForPermissions |
| 93 // feature is disabled. |
| 94 TEST_F(PermissionContextBaseFeaturePolicyTest, FeatureDisabled) { |
| 95 // Disable the feature. |
| 96 base::test::ScopedFeatureList feature_list; |
| 97 feature_list.Init(); |
| 98 |
| 99 content::RenderFrameHost* parent = GetMainRFH(kOrigin1); |
| 100 |
| 101 RefreshPageAndSetHeaderPolicy(&parent, |
| 102 blink::WebFeaturePolicyFeature::kMidiFeature, |
| 103 std::vector<std::string>()); |
| 104 MidiPermissionContext midi(profile()); |
| 105 EXPECT_EQ(CONTENT_SETTING_ALLOW, GetPermissionForFrame(&midi, parent)); |
| 106 |
| 107 RefreshPageAndSetHeaderPolicy(&parent, |
| 108 blink::WebFeaturePolicyFeature::kGeolocation, |
| 109 std::vector<std::string>()); |
| 110 GeolocationPermissionContext geolocation(profile()); |
| 111 EXPECT_EQ(CONTENT_SETTING_ASK, GetPermissionForFrame(&geolocation, parent)); |
| 112 } |
| 113 |
| 114 TEST_F(PermissionContextBaseFeaturePolicyTest, DefaultPolicy) { |
| 115 content::RenderFrameHost* parent = GetMainRFH(kOrigin1); |
| 116 content::RenderFrameHost* child = AddChildRFH(parent, kOrigin2); |
| 117 |
| 118 // Midi is allowed by default in the top level frame but not in subframes. |
| 119 MidiPermissionContext midi(profile()); |
| 120 EXPECT_EQ(CONTENT_SETTING_ALLOW, GetPermissionForFrame(&midi, parent)); |
| 121 EXPECT_EQ(CONTENT_SETTING_BLOCK, GetPermissionForFrame(&midi, child)); |
| 122 |
| 123 // Geolocation is ask by default in top level frames but not in subframes. |
| 124 GeolocationPermissionContext geolocation(profile()); |
| 125 EXPECT_EQ(CONTENT_SETTING_ASK, GetPermissionForFrame(&geolocation, parent)); |
| 126 EXPECT_EQ(CONTENT_SETTING_BLOCK, GetPermissionForFrame(&geolocation, child)); |
| 127 |
| 128 // Notifications doesn't have an associated feature policy so it should be ask |
| 129 // by default in top level and subframes. |
| 130 NotificationPermissionContext notifications( |
| 131 profile(), CONTENT_SETTINGS_TYPE_NOTIFICATIONS); |
| 132 EXPECT_EQ(CONTENT_SETTING_ASK, GetPermissionForFrame(¬ifications, parent)); |
| 133 EXPECT_EQ(CONTENT_SETTING_ASK, GetPermissionForFrame(¬ifications, child)); |
| 134 } |
| 135 |
| 136 TEST_F(PermissionContextBaseFeaturePolicyTest, DisabledTopLevelFrame) { |
| 137 content::RenderFrameHost* parent = GetMainRFH(kOrigin1); |
| 138 |
| 139 // Disable midi in the top level frame. |
| 140 RefreshPageAndSetHeaderPolicy(&parent, |
| 141 blink::WebFeaturePolicyFeature::kMidiFeature, |
| 142 std::vector<std::string>()); |
| 143 content::RenderFrameHost* child = AddChildRFH(parent, kOrigin2); |
| 144 MidiPermissionContext midi(profile()); |
| 145 EXPECT_EQ(CONTENT_SETTING_BLOCK, GetPermissionForFrame(&midi, parent)); |
| 146 EXPECT_EQ(CONTENT_SETTING_BLOCK, GetPermissionForFrame(&midi, child)); |
| 147 |
| 148 // Disable geolocation in the top level frame. |
| 149 RefreshPageAndSetHeaderPolicy(&parent, |
| 150 blink::WebFeaturePolicyFeature::kGeolocation, |
| 151 std::vector<std::string>()); |
| 152 child = AddChildRFH(parent, kOrigin2); |
| 153 GeolocationPermissionContext geolocation(profile()); |
| 154 EXPECT_EQ(CONTENT_SETTING_BLOCK, GetPermissionForFrame(&geolocation, parent)); |
| 155 EXPECT_EQ(CONTENT_SETTING_BLOCK, GetPermissionForFrame(&geolocation, child)); |
| 156 } |
| 157 |
| 158 TEST_F(PermissionContextBaseFeaturePolicyTest, EnabledForChildFrame) { |
| 159 content::RenderFrameHost* parent = GetMainRFH(kOrigin1); |
| 160 |
| 161 // Enable midi for the child frame. |
| 162 RefreshPageAndSetHeaderPolicy(&parent, |
| 163 blink::WebFeaturePolicyFeature::kMidiFeature, |
| 164 {kOrigin1, kOrigin2}); |
| 165 content::RenderFrameHost* child = AddChildRFH(parent, kOrigin2); |
| 166 MidiPermissionContext midi(profile()); |
| 167 EXPECT_EQ(CONTENT_SETTING_ALLOW, GetPermissionForFrame(&midi, parent)); |
| 168 EXPECT_EQ(CONTENT_SETTING_ALLOW, GetPermissionForFrame(&midi, child)); |
| 169 |
| 170 // Enable geolocation for the child frame. |
| 171 RefreshPageAndSetHeaderPolicy(&parent, |
| 172 blink::WebFeaturePolicyFeature::kGeolocation, |
| 173 {kOrigin1, kOrigin2}); |
| 174 child = AddChildRFH(parent, kOrigin2); |
| 175 GeolocationPermissionContext geolocation(profile()); |
| 176 EXPECT_EQ(CONTENT_SETTING_ASK, GetPermissionForFrame(&geolocation, parent)); |
| 177 EXPECT_EQ(CONTENT_SETTING_ASK, GetPermissionForFrame(&geolocation, child)); |
| 178 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2898663002:
Implement feature policy checks in the browser process (Closed)
