Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / content / child / site_isolation_policy_browsertest.cc
blob2bf0b9a200f390538a28501b97b72d0890623288
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/command_line.h"
6 #include "content/public/common/content_switches.h"
7 #include "content/public/test/browser_test_utils.h"
8 #include "content/public/test/content_browser_test.h"
9 #include "content/public/test/content_browser_test_utils.h"
11 namespace content {
13 // These tests simulate exploited renderer processes, which can fetch arbitrary
14 // resources from other websites, not constrained by the Same Origin Policy. We
15 // are trying to verify that the renderer cannot fetch any cross-site document
16 // responses even when the Same Origin Policy is turned off inside the renderer.
17 class SiteIsolationPolicyBrowserTest : public ContentBrowserTest {
18 public:
19 SiteIsolationPolicyBrowserTest() {}
20 ~SiteIsolationPolicyBrowserTest() override {}
22 void SetUpCommandLine(base::CommandLine* command_line) override {
23 ASSERT_TRUE(test_server()->Start());
24 net::SpawnedTestServer https_server(
25 net::SpawnedTestServer::TYPE_HTTPS,
26 net::SpawnedTestServer::kLocalhost,
27 base::FilePath(FILE_PATH_LITERAL("content/test/data")));
28 ASSERT_TRUE(https_server.Start());
30 // Add a host resolver rule to map all outgoing requests to the test server.
31 // This allows us to use "real" hostnames in URLs, which we can use to
32 // create arbitrary SiteInstances.
33 command_line->AppendSwitchASCII(
34 switches::kHostResolverRules,
35 "MAP * " + test_server()->host_port_pair().ToString() +
36 ",EXCLUDE localhost");
38 // Since we assume exploited renderer process, it can bypass the same origin
39 // policy at will. Simulate that by passing the disable-web-security flag.
40 command_line->AppendSwitch(switches::kDisableWebSecurity);
42 // We assume that we're using our cross-site document blocking logic which
43 // is turned on even when the Same Origin Policy is turned off.
44 command_line->AppendSwitch(switches::kBlockCrossSiteDocuments);
47 private:
48 DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicyBrowserTest);
51 // TODO(dsjang): we cannot run these tests on Android since SetUpCommandLine()
52 // is executed before the I/O thread is created on Android. After this bug
53 // (crbug.com/278425) is resolved, we can enable this test case on Android.
54 #if defined(OS_ANDROID)
55 #define MAYBE_CrossSiteDocumentBlockingForMimeType \
56 DISABLED_CrossSiteDocumentBlockingForMimeType
57 #else
58 #define MAYBE_CrossSiteDocumentBlockingForMimeType \
59 CrossSiteDocumentBlockingForMimeType
60 #endif
62 IN_PROC_BROWSER_TEST_F(SiteIsolationPolicyBrowserTest,
63 MAYBE_CrossSiteDocumentBlockingForMimeType) {
64 // Load a page that issues illegal cross-site document requests to bar.com.
65 // The page uses XHR to request HTML/XML/JSON documents from bar.com, and
66 // inspects if any of them were successfully received. The XHR requests will
67 // get a one character string ' ' for a blocked response. This test is only
68 // possible since we run the browser without the same origin policy.
69 GURL foo("http://foo.com/files/cross_site_document_request.html");
71 content::DOMMessageQueue msg_queue;
73 NavigateToURL(shell(), foo);
75 std::string status;
76 // The page will return 1 from the DOMAutomationController if it succeeds,
77 // otherwise it will return 0.
78 std::string expected_status("1");
79 EXPECT_TRUE(msg_queue.WaitForMessage(&status));
80 EXPECT_STREQ(status.c_str(), expected_status.c_str());
83 // TODO(dsjang): we cannot run these tests on Android since SetUpCommandLine()
84 // is executed before the I/O thread is created on Android. After this bug
85 // (crbug.com/278425) is resolved, we can enable this test case on Android.
86 #if defined(OS_ANDROID)
87 #define MAYBE_CrossSiteDocumentBlockingForDifferentTargets \
88 DISABLED_CrossSiteDocumentBlockingForDifferentTargets
89 #else
90 #define MAYBE_CrossSiteDocumentBlockingForDifferentTargets \
91 CrossSiteDocumentBlockingForDifferentTargets
92 #endif
94 IN_PROC_BROWSER_TEST_F(SiteIsolationPolicyBrowserTest,
95 MAYBE_CrossSiteDocumentBlockingForDifferentTargets) {
96 // TODO(creis): Re-enable this test in --site-per-process mode once we support
97 // sibling frames from the same site with correct DidStopLoading behavior.
98 // See http://crbug.com/419087 and http://crbug.com/436250.
99 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
100 switches::kSitePerProcess))
101 return;
103 // This webpage loads a cross-site HTML page in different targets such as
104 // <img>,<link>,<embed>, etc. Since the requested document is blocked, and one
105 // character string (' ') is returned instead, this tests that the renderer
106 // does not crash even when it receives a response body which is " ", whose
107 // length is different from what's described in "content-length" for such
108 // different targets.
109 GURL foo("http://foo.com/files/cross_site_document_request_target.html");
110 NavigateToURL(shell(), foo);