search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update CrOS OOBE throbber to MD throbber; delete old asset
[chromium-blink-merge.git] / chrome / common / extensions / permissions / permissions_data_unittest.cc
blob493ef923734856c7b762d54c6b4a975a4f38f886
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <vector>
6
7 #include "base/command_line.h"
8 #include "base/memory/ref_counted.h"
9 #include "base/strings/string16.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "chrome/common/extensions/extension_test_util.h"
12 #include "components/crx_file/id_util.h"
13 #include "content/public/common/socket_permission_request.h"
14 #include "extensions/common/error_utils.h"
15 #include "extensions/common/extension.h"
16 #include "extensions/common/extension_builder.h"
17 #include "extensions/common/manifest.h"
18 #include "extensions/common/manifest_constants.h"
19 #include "extensions/common/permissions/api_permission.h"
20 #include "extensions/common/permissions/permission_message_test_util.h"
21 #include "extensions/common/permissions/permission_set.h"
22 #include "extensions/common/permissions/permissions_data.h"
23 #include "extensions/common/permissions/socket_permission.h"
24 #include "extensions/common/switches.h"
25 #include "extensions/common/url_pattern_set.h"
26 #include "extensions/common/value_builder.h"
27 #include "testing/gtest/include/gtest/gtest.h"
28 #include "url/gurl.h"
29
30 using base::UTF16ToUTF8;
31 using content::SocketPermissionRequest;
32 using extension_test_util::LoadManifest;
33 using extension_test_util::LoadManifestUnchecked;
34 using extension_test_util::LoadManifestStrict;
35
36 namespace extensions {
37
38 namespace {
39
40 const char kAllHostsPermission[] = "*://*/*";
41
42 bool CheckSocketPermission(
43 scoped_refptr<Extension> extension,
44 SocketPermissionRequest::OperationType type,
45 const char* host,
46 uint16 port) {
47 SocketPermission::CheckParam param(type, host, port);
48 return extension->permissions_data()->CheckAPIPermissionWithParam(
49 APIPermission::kSocket, &param);
50 }
51
52 // Creates and returns an extension with the given |id|, |host_permissions|, and
53 // manifest |location|.
54 scoped_refptr<const Extension> GetExtensionWithHostPermission(
55 const std::string& id,
56 const std::string& host_permissions,
57 Manifest::Location location) {
58 ListBuilder permissions;
59 if (!host_permissions.empty())
60 permissions.Append(host_permissions);
61
62 return ExtensionBuilder()
63 .SetManifest(
64 DictionaryBuilder()
65 .Set("name", id)
66 .Set("description", "an extension")
67 .Set("manifest_version", 2)
68 .Set("version", "1.0.0")
69 .Set("permissions", permissions.Pass())
70 .Build())
71 .SetLocation(location)
72 .SetID(id)
73 .Build();
74 }
75
76 // Checks that urls are properly restricted for the given extension.
77 void CheckRestrictedUrls(const Extension* extension,
78 bool block_chrome_urls) {
79 // We log the name so we know _which_ extension failed here.
80 const std::string& name = extension->name();
81 const GURL chrome_settings_url("chrome://settings/");
82 const GURL chrome_extension_url("chrome-extension://foo/bar.html");
83 const GURL google_url("https://www.google.com/");
84 const GURL self_url("chrome-extension://" + extension->id() + "/foo.html");
85 const GURL invalid_url("chrome-debugger://foo/bar.html");
86
87 std::string error;
88 EXPECT_EQ(block_chrome_urls,
89 PermissionsData::IsRestrictedUrl(
90 chrome_settings_url,
91 extension,
92 &error)) << name;
93 if (block_chrome_urls)
94 EXPECT_EQ(manifest_errors::kCannotAccessChromeUrl, error) << name;
95 else
96 EXPECT_TRUE(error.empty()) << name;
97
98 error.clear();
99 EXPECT_EQ(block_chrome_urls,
100 PermissionsData::IsRestrictedUrl(
101 chrome_extension_url,
102 extension,
103 &error)) << name;
104 if (block_chrome_urls)
105 EXPECT_EQ(manifest_errors::kCannotAccessExtensionUrl, error) << name;
106 else
107 EXPECT_TRUE(error.empty()) << name;
108
109 // Google should never be a restricted url.
110 error.clear();
111 EXPECT_FALSE(PermissionsData::IsRestrictedUrl(
112 google_url, extension, &error)) << name;
113 EXPECT_TRUE(error.empty()) << name;
114
115 // We should always be able to access our own extension pages.
116 error.clear();
117 EXPECT_FALSE(PermissionsData::IsRestrictedUrl(
118 self_url, extension, &error)) << name;
119 EXPECT_TRUE(error.empty()) << name;
120
121 // We should only allow other schemes for extensions when it's a whitelisted
122 // extension.
123 error.clear();
124 bool allow_on_other_schemes =
125 PermissionsData::CanExecuteScriptEverywhere(extension);
126 EXPECT_EQ(!allow_on_other_schemes,
127 PermissionsData::IsRestrictedUrl(
128 invalid_url, extension, &error)) << name;
129 if (!allow_on_other_schemes) {
130 EXPECT_EQ(ErrorUtils::FormatErrorMessage(
131 manifest_errors::kCannotAccessPage,
132 invalid_url.spec()),
133 error) << name;
134 } else {
135 EXPECT_TRUE(error.empty());
136 }
137 }
138
139 } // namespace
140
141 // NOTE: These tests run in Chrome's unit_tests suite because they depend on
142 // extension manifest keys (like "content_scripts") that do not exist yet in the
143 // src/extensions module.
144 TEST(PermissionsDataTest, EffectiveHostPermissions) {
145 scoped_refptr<Extension> extension;
146 URLPatternSet hosts;
147
148 extension = LoadManifest("effective_host_permissions", "empty.json");
149 EXPECT_EQ(0u,
150 extension->permissions_data()
151 ->GetEffectiveHostPermissions()
152 .patterns()
153 .size());
154 EXPECT_FALSE(hosts.MatchesURL(GURL("http://www.google.com")));
155 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
156
157 extension = LoadManifest("effective_host_permissions", "one_host.json");
158 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
159 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
160 EXPECT_FALSE(hosts.MatchesURL(GURL("https://www.google.com")));
161 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
162
163 extension = LoadManifest("effective_host_permissions",
164 "one_host_wildcard.json");
165 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
166 EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
167 EXPECT_TRUE(hosts.MatchesURL(GURL("http://foo.google.com")));
168 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
169
170 extension = LoadManifest("effective_host_permissions", "two_hosts.json");
171 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
172 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
173 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
174 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
175
176 extension = LoadManifest("effective_host_permissions",
177 "https_not_considered.json");
178 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
179 EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
180 EXPECT_TRUE(hosts.MatchesURL(GURL("https://google.com")));
181 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
182
183 extension = LoadManifest("effective_host_permissions",
184 "two_content_scripts.json");
185 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
186 EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
187 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
188 EXPECT_TRUE(extension->permissions_data()
189 ->active_permissions()
190 ->HasEffectiveAccessToURL(GURL("http://www.reddit.com")));
191 EXPECT_TRUE(hosts.MatchesURL(GURL("http://news.ycombinator.com")));
192 EXPECT_TRUE(
193 extension->permissions_data()
194 ->active_permissions()
195 ->HasEffectiveAccessToURL(GURL("http://news.ycombinator.com")));
196 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
197
198 extension = LoadManifest("effective_host_permissions", "all_hosts.json");
199 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
200 EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
201 EXPECT_FALSE(hosts.MatchesURL(GURL("https://test/")));
202 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
203 EXPECT_TRUE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
204
205 extension = LoadManifest("effective_host_permissions", "all_hosts2.json");
206 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
207 EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
208 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
209 EXPECT_TRUE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
210
211 extension = LoadManifest("effective_host_permissions", "all_hosts3.json");
212 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
213 EXPECT_FALSE(hosts.MatchesURL(GURL("http://test/")));
214 EXPECT_TRUE(hosts.MatchesURL(GURL("https://test/")));
215 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
216 EXPECT_TRUE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
217
218 // Tab-specific permissions should be included in the effective hosts.
219 GURL tab_url("http://www.example.com/");
220 URLPatternSet new_hosts;
221 new_hosts.AddOrigin(URLPattern::SCHEME_ALL, tab_url);
222 extension->permissions_data()->UpdateTabSpecificPermissions(
223 1,
224 new PermissionSet(APIPermissionSet(),
225 ManifestPermissionSet(),
226 new_hosts,
227 URLPatternSet()));
228 EXPECT_TRUE(extension->permissions_data()->GetEffectiveHostPermissions().
229 MatchesURL(tab_url));
230 extension->permissions_data()->ClearTabSpecificPermissions(1);
231 EXPECT_FALSE(extension->permissions_data()->GetEffectiveHostPermissions().
232 MatchesURL(tab_url));
233 }
234
235 TEST(PermissionsDataTest, SocketPermissions) {
236 scoped_refptr<Extension> extension;
237 std::string error;
238
239 extension = LoadManifest("socket_permissions", "empty.json");
240 EXPECT_FALSE(CheckSocketPermission(extension,
241 SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
242
243 extension = LoadManifestUnchecked("socket_permissions",
244 "socket1.json",
245 Manifest::INTERNAL, Extension::NO_FLAGS,
246 &error);
247 EXPECT_TRUE(extension.get() == NULL);
248 std::string expected_error_msg_header = ErrorUtils::FormatErrorMessage(
249 manifest_errors::kInvalidPermissionWithDetail,
250 "socket",
251 "NULL or empty permission list");
252 EXPECT_EQ(expected_error_msg_header, error);
253
254 extension = LoadManifest("socket_permissions", "socket2.json");
255 EXPECT_TRUE(CheckSocketPermission(extension,
256 SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
257 EXPECT_FALSE(CheckSocketPermission(
258 extension, SocketPermissionRequest::UDP_BIND, "", 80));
259 EXPECT_TRUE(CheckSocketPermission(
260 extension, SocketPermissionRequest::UDP_BIND, "", 8888));
261
262 EXPECT_FALSE(CheckSocketPermission(
263 extension, SocketPermissionRequest::UDP_SEND_TO, "example.com", 1900));
264 EXPECT_TRUE(CheckSocketPermission(
265 extension,
266 SocketPermissionRequest::UDP_SEND_TO,
267 "239.255.255.250", 1900));
268 }
269
270 TEST(PermissionsDataTest, IsRestrictedUrl) {
271 scoped_refptr<const Extension> extension =
272 GetExtensionWithHostPermission("normal_extension",
273 kAllHostsPermission,
274 Manifest::INTERNAL);
275 // Chrome urls should be blocked for normal extensions.
276 CheckRestrictedUrls(extension.get(), true);
277
278 scoped_refptr<const Extension> component =
279 GetExtensionWithHostPermission("component",
280 kAllHostsPermission,
281 Manifest::COMPONENT);
282 // Chrome urls should be accessible by component extensions.
283 CheckRestrictedUrls(component.get(), false);
284
285 base::CommandLine::ForCurrentProcess()->AppendSwitch(
286 switches::kExtensionsOnChromeURLs);
287 // Enabling the switch should allow all extensions to access chrome urls.
288 CheckRestrictedUrls(extension.get(), false);
289 }
290
291 TEST(PermissionsDataTest, GetPermissionMessages_ManyAPIPermissions) {
292 scoped_refptr<Extension> extension;
293 extension = LoadManifest("permissions", "many-apis.json");
294 // Warning for "tabs" is suppressed by "history" permission.
295 std::vector<std::string> expected_messages;
296 expected_messages.push_back("Read and change your data on api.flickr.com");
297 expected_messages.push_back("Read and change your bookmarks");
298 expected_messages.push_back("Detect your physical location");
299 expected_messages.push_back("Read and change your browsing history");
300 expected_messages.push_back("Manage your apps, extensions, and themes");
301 EXPECT_TRUE(VerifyPermissionMessages(extension->permissions_data(),
302 expected_messages, false));
303 }
304
305 TEST(PermissionsDataTest, GetPermissionMessages_ManyHostsPermissions) {
306 scoped_refptr<Extension> extension;
307 extension = LoadManifest("permissions", "more-than-3-hosts.json");
308 std::vector<std::string> submessages;
309 submessages.push_back("www.a.com");
310 submessages.push_back("www.b.com");
311 submessages.push_back("www.c.com");
312 submessages.push_back("www.d.com");
313 submessages.push_back("www.e.com");
314 EXPECT_TRUE(VerifyOnePermissionMessageWithSubmessages(
315 extension->permissions_data(),
316 "Read and change your data on a number of websites", submessages));
317 }
318
319 TEST(PermissionsDataTest, GetPermissionMessages_LocationApiPermission) {
320 scoped_refptr<Extension> extension;
321 extension = LoadManifest("permissions",
322 "location-api.json",
323 Manifest::COMPONENT,
324 Extension::NO_FLAGS);
325 EXPECT_TRUE(VerifyOnePermissionMessage(extension->permissions_data(),
326 "Detect your physical location"));
327 }
328
329 TEST(PermissionsDataTest, GetPermissionMessages_ManyHosts) {
330 scoped_refptr<Extension> extension;
331 extension = LoadManifest("permissions", "many-hosts.json");
332 EXPECT_TRUE(VerifyOnePermissionMessage(
333 extension->permissions_data(),
334 "Read and change your data on encrypted.google.com and www.google.com"));
335 }
336
337 TEST(PermissionsDataTest, GetPermissionMessages_Plugins) {
338 scoped_refptr<Extension> extension;
339 extension = LoadManifest("permissions", "plugins.json");
340 // We don't parse the plugins key on Chrome OS, so it should not ask for any
341 // permissions.
342 #if defined(OS_CHROMEOS)
343 EXPECT_TRUE(VerifyNoPermissionMessages(extension->permissions_data()));
344 #else
345 EXPECT_TRUE(VerifyOnePermissionMessage(
346 extension->permissions_data(),
347 "Read and change all your data on your computer and the websites you "
348 "visit"));
349 #endif
350 }
351
352 TEST(PermissionsDataTest, ExternalFiles) {
353 GURL external_file("externalfile:abc");
354 scoped_refptr<const Extension> extension;
355
356 // A regular extension shouldn't get access to externalfile: scheme URLs
357 // even with <all_urls> specified.
358 extension = GetExtensionWithHostPermission(
359 "regular_extension", "<all_urls>", Manifest::UNPACKED);
360 ASSERT_FALSE(extension->permissions_data()->HasHostPermission(external_file));
361
362 // Component extensions should get access to externalfile: scheme URLs when
363 // <all_urls> is specified.
364 extension = GetExtensionWithHostPermission(
365 "component_extension", "<all_urls>", Manifest::COMPONENT);
366 ASSERT_TRUE(extension->permissions_data()->HasHostPermission(external_file));
367 }
368
369 TEST(PermissionsDataTest, ExtensionScheme) {
370 GURL external_file(
371 "chrome-extension://abcdefghijklmnopabcdefghijklmnop/index.html");
372 scoped_refptr<const Extension> extension;
373
374 // A regular extension shouldn't get access to chrome-extension: scheme URLs
375 // even with <all_urls> specified.
376 extension = GetExtensionWithHostPermission("regular_extension", "<all_urls>",
377 Manifest::UNPACKED);
378 ASSERT_FALSE(extension->permissions_data()->HasHostPermission(external_file));
379
380 // Component extensions should get access to chrome-extension: scheme URLs
381 // when <all_urls> is specified.
382 extension = GetExtensionWithHostPermission("component_extension",
383 "<all_urls>", Manifest::COMPONENT);
384 ASSERT_TRUE(extension->permissions_data()->HasHostPermission(external_file));
385 }
386
387 // Base class for testing the CanAccessPage and CanCaptureVisiblePage
388 // methods of Extension for extensions with various permissions.
389 class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
390 protected:
391 ExtensionScriptAndCaptureVisibleTest()
392 : http_url("http://www.google.com"),
393 http_url_with_path("http://www.google.com/index.html"),
394 https_url("https://www.google.com"),
395 file_url("file:///foo/bar"),
396 favicon_url("chrome://favicon/http://www.google.com"),
397 extension_url("chrome-extension://" +
398 crx_file::id_util::GenerateIdForPath(
399 base::FilePath(FILE_PATH_LITERAL("foo")))),
400 settings_url("chrome://settings"),
401 about_url("about:flags") {
402 urls_.insert(http_url);
403 urls_.insert(http_url_with_path);
404 urls_.insert(https_url);
405 urls_.insert(file_url);
406 urls_.insert(favicon_url);
407 urls_.insert(extension_url);
408 urls_.insert(settings_url);
409 urls_.insert(about_url);
410 // Ignore the policy delegate for this test.
411 PermissionsData::SetPolicyDelegate(NULL);
412 }
413
414 bool AllowedScript(const Extension* extension, const GURL& url) {
415 return AllowedScript(extension, url, -1);
416 }
417
418 bool AllowedScript(const Extension* extension, const GURL& url, int tab_id) {
419 return extension->permissions_data()->CanAccessPage(
420 extension, url, tab_id, -1, NULL);
421 }
422
423 bool BlockedScript(const Extension* extension, const GURL& url) {
424 return !extension->permissions_data()->CanAccessPage(
425 extension, url, -1, -1, NULL);
426 }
427
428 bool Allowed(const Extension* extension, const GURL& url) {
429 return Allowed(extension, url, -1);
430 }
431
432 bool Allowed(const Extension* extension, const GURL& url, int tab_id) {
433 return (extension->permissions_data()->CanAccessPage(
434 extension, url, tab_id, -1, NULL) &&
435 extension->permissions_data()->CanCaptureVisiblePage(tab_id, NULL));
436 }
437
438 bool CaptureOnly(const Extension* extension, const GURL& url) {
439 return CaptureOnly(extension, url, -1);
440 }
441
442 bool CaptureOnly(const Extension* extension, const GURL& url, int tab_id) {
443 return !extension->permissions_data()->CanAccessPage(
444 extension, url, tab_id, -1, NULL) &&
445 extension->permissions_data()->CanCaptureVisiblePage(tab_id, NULL);
446 }
447
448 bool ScriptOnly(const Extension* extension, const GURL& url) {
449 return ScriptOnly(extension, url, -1);
450 }
451
452 bool ScriptOnly(const Extension* extension, const GURL& url, int tab_id) {
453 return AllowedScript(extension, url, tab_id) &&
454 !extension->permissions_data()->CanCaptureVisiblePage(tab_id, NULL);
455 }
456
457 bool Blocked(const Extension* extension, const GURL& url) {
458 return Blocked(extension, url, -1);
459 }
460
461 bool Blocked(const Extension* extension, const GURL& url, int tab_id) {
462 return !(extension->permissions_data()->CanAccessPage(
463 extension, url, tab_id, -1, NULL) ||
464 extension->permissions_data()->CanCaptureVisiblePage(tab_id,
465 NULL));
466 }
467
468 bool ScriptAllowedExclusivelyOnTab(
469 const Extension* extension,
470 const std::set<GURL>& allowed_urls,
471 int tab_id) {
472 bool result = true;
473 for (std::set<GURL>::iterator it = urls_.begin(); it != urls_.end(); ++it) {
474 const GURL& url = *it;
475 if (allowed_urls.count(url))
476 result &= AllowedScript(extension, url, tab_id);
477 else
478 result &= Blocked(extension, url, tab_id);
479 }
480 return result;
481 }
482
483 // URLs that are "safe" to provide scripting and capture visible tab access
484 // to if the permissions allow it.
485 const GURL http_url;
486 const GURL http_url_with_path;
487 const GURL https_url;
488 const GURL file_url;
489
490 // We should allow host permission but not scripting permission for favicon
491 // urls.
492 const GURL favicon_url;
493
494 // URLs that regular extensions should never get access to.
495 const GURL extension_url;
496 const GURL settings_url;
497 const GURL about_url;
498
499 private:
500 // The set of all URLs above.
501 std::set<GURL> urls_;
502 };
503
504 TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
505 // Test <all_urls> for regular extensions.
506 scoped_refptr<Extension> extension = LoadManifestStrict("script_and_capture",
507 "extension_regular_all.json");
508
509 EXPECT_TRUE(Allowed(extension.get(), http_url));
510 EXPECT_TRUE(Allowed(extension.get(), https_url));
511 EXPECT_TRUE(CaptureOnly(extension.get(), file_url));
512 EXPECT_TRUE(CaptureOnly(extension.get(), settings_url));
513 EXPECT_TRUE(CaptureOnly(extension.get(), favicon_url));
514 EXPECT_TRUE(CaptureOnly(extension.get(), about_url));
515 EXPECT_TRUE(CaptureOnly(extension.get(), extension_url));
516
517 // Test access to iframed content.
518 GURL within_extension_url = extension->GetResourceURL("page.html");
519 EXPECT_TRUE(AllowedScript(extension.get(), http_url));
520 EXPECT_TRUE(AllowedScript(extension.get(), http_url_with_path));
521 EXPECT_TRUE(AllowedScript(extension.get(), https_url));
522 EXPECT_TRUE(BlockedScript(extension.get(), within_extension_url));
523 EXPECT_TRUE(BlockedScript(extension.get(), extension_url));
524
525 EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
526 EXPECT_FALSE(extension->permissions_data()->HasHostPermission(about_url));
527 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
528
529 // Test * for scheme, which implies just the http/https schemes.
530 extension = LoadManifestStrict("script_and_capture",
531 "extension_wildcard.json");
532 EXPECT_TRUE(ScriptOnly(extension.get(), http_url));
533 EXPECT_TRUE(ScriptOnly(extension.get(), https_url));
534 EXPECT_TRUE(Blocked(extension.get(), settings_url));
535 EXPECT_TRUE(Blocked(extension.get(), about_url));
536 EXPECT_TRUE(Blocked(extension.get(), file_url));
537 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
538 extension =
539 LoadManifest("script_and_capture", "extension_wildcard_settings.json");
540 EXPECT_TRUE(Blocked(extension.get(), settings_url));
541
542 // Having chrome://*/ should not work for regular extensions. Note that
543 // for favicon access, we require the explicit pattern chrome://favicon/*.
544 std::string error;
545 extension = LoadManifestUnchecked("script_and_capture",
546 "extension_wildcard_chrome.json",
547 Manifest::INTERNAL, Extension::NO_FLAGS,
548 &error);
549 std::vector<InstallWarning> warnings = extension->install_warnings();
550 EXPECT_FALSE(warnings.empty());
551 EXPECT_EQ(ErrorUtils::FormatErrorMessage(
552 manifest_errors::kInvalidPermissionScheme,
553 "chrome://*/"),
554 warnings[0].message);
555 EXPECT_TRUE(Blocked(extension.get(), settings_url));
556 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
557 EXPECT_TRUE(Blocked(extension.get(), about_url));
558
559 // Having chrome://favicon/* should not give you chrome://*
560 extension = LoadManifestStrict("script_and_capture",
561 "extension_chrome_favicon_wildcard.json");
562 EXPECT_TRUE(Blocked(extension.get(), settings_url));
563 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
564 EXPECT_TRUE(Blocked(extension.get(), about_url));
565 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
566
567 // Having http://favicon should not give you chrome://favicon
568 extension = LoadManifestStrict("script_and_capture",
569 "extension_http_favicon.json");
570 EXPECT_TRUE(Blocked(extension.get(), settings_url));
571 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
572
573 // Component extensions with <all_urls> should get everything.
574 extension = LoadManifest("script_and_capture", "extension_component_all.json",
575 Manifest::COMPONENT, Extension::NO_FLAGS);
576 EXPECT_TRUE(Allowed(extension.get(), http_url));
577 EXPECT_TRUE(Allowed(extension.get(), https_url));
578 EXPECT_TRUE(Allowed(extension.get(), settings_url));
579 EXPECT_TRUE(Allowed(extension.get(), about_url));
580 EXPECT_TRUE(Allowed(extension.get(), favicon_url));
581 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
582
583 // Component extensions should only get access to what they ask for.
584 extension = LoadManifest("script_and_capture",
585 "extension_component_google.json", Manifest::COMPONENT,
586 Extension::NO_FLAGS);
587 EXPECT_TRUE(ScriptOnly(extension.get(), http_url));
588 EXPECT_TRUE(Blocked(extension.get(), https_url));
589 EXPECT_TRUE(Blocked(extension.get(), file_url));
590 EXPECT_TRUE(Blocked(extension.get(), settings_url));
591 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
592 EXPECT_TRUE(Blocked(extension.get(), about_url));
593 EXPECT_TRUE(Blocked(extension.get(), extension_url));
594 EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
595 }
596
597 TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
598 base::CommandLine::ForCurrentProcess()->AppendSwitch(
599 switches::kExtensionsOnChromeURLs);
600
601 scoped_refptr<Extension> extension;
602
603 // Test <all_urls> for regular extensions.
604 extension = LoadManifestStrict("script_and_capture",
605 "extension_regular_all.json");
606 EXPECT_TRUE(Allowed(extension.get(), http_url));
607 EXPECT_TRUE(Allowed(extension.get(), https_url));
608 EXPECT_TRUE(CaptureOnly(extension.get(), file_url));
609 EXPECT_TRUE(CaptureOnly(extension.get(), settings_url));
610 EXPECT_TRUE(Allowed(extension.get(), favicon_url)); // chrome:// requested
611 EXPECT_TRUE(CaptureOnly(extension.get(), about_url));
612 EXPECT_TRUE(CaptureOnly(extension.get(), extension_url));
613
614 // Test access to iframed content.
615 GURL within_extension_url = extension->GetResourceURL("page.html");
616 EXPECT_TRUE(AllowedScript(extension.get(), http_url));
617 EXPECT_TRUE(AllowedScript(extension.get(), http_url_with_path));
618 EXPECT_TRUE(AllowedScript(extension.get(), https_url));
619 EXPECT_TRUE(BlockedScript(extension.get(), within_extension_url));
620 EXPECT_TRUE(BlockedScript(extension.get(), extension_url));
621
622 const PermissionsData* permissions_data = extension->permissions_data();
623 EXPECT_FALSE(permissions_data->HasHostPermission(settings_url));
624 EXPECT_FALSE(permissions_data->HasHostPermission(about_url));
625 EXPECT_TRUE(permissions_data->HasHostPermission(favicon_url));
626
627 // Test * for scheme, which implies just the http/https schemes.
628 extension = LoadManifestStrict("script_and_capture",
629 "extension_wildcard.json");
630 EXPECT_TRUE(ScriptOnly(extension.get(), http_url));
631 EXPECT_TRUE(ScriptOnly(extension.get(), https_url));
632 EXPECT_TRUE(Blocked(extension.get(), settings_url));
633 EXPECT_TRUE(Blocked(extension.get(), about_url));
634 EXPECT_TRUE(Blocked(extension.get(), file_url));
635 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
636 extension =
637 LoadManifest("script_and_capture", "extension_wildcard_settings.json");
638 EXPECT_TRUE(Blocked(extension.get(), settings_url));
639
640 // Having chrome://*/ should work for regular extensions with the flag
641 // enabled.
642 std::string error;
643 extension = LoadManifestUnchecked("script_and_capture",
644 "extension_wildcard_chrome.json",
645 Manifest::INTERNAL, Extension::NO_FLAGS,
646 &error);
647 EXPECT_FALSE(extension.get() == NULL);
648 EXPECT_TRUE(Blocked(extension.get(), http_url));
649 EXPECT_TRUE(Blocked(extension.get(), https_url));
650 EXPECT_TRUE(ScriptOnly(extension.get(), settings_url));
651 EXPECT_TRUE(Blocked(extension.get(), about_url));
652 EXPECT_TRUE(Blocked(extension.get(), file_url));
653 EXPECT_TRUE(ScriptOnly(extension.get(), favicon_url));
654
655 // Having chrome://favicon/* should not give you chrome://*
656 extension = LoadManifestStrict("script_and_capture",
657 "extension_chrome_favicon_wildcard.json");
658 EXPECT_TRUE(Blocked(extension.get(), settings_url));
659 EXPECT_TRUE(ScriptOnly(extension.get(), favicon_url));
660 EXPECT_TRUE(Blocked(extension.get(), about_url));
661 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
662
663 // Having http://favicon should not give you chrome://favicon
664 extension = LoadManifestStrict("script_and_capture",
665 "extension_http_favicon.json");
666 EXPECT_TRUE(Blocked(extension.get(), settings_url));
667 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
668
669 // Component extensions with <all_urls> should get everything.
670 extension = LoadManifest("script_and_capture", "extension_component_all.json",
671 Manifest::COMPONENT, Extension::NO_FLAGS);
672 EXPECT_TRUE(Allowed(extension.get(), http_url));
673 EXPECT_TRUE(Allowed(extension.get(), https_url));
674 EXPECT_TRUE(Allowed(extension.get(), settings_url));
675 EXPECT_TRUE(Allowed(extension.get(), about_url));
676 EXPECT_TRUE(Allowed(extension.get(), favicon_url));
677 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
678
679 // Component extensions should only get access to what they ask for.
680 extension = LoadManifest("script_and_capture",
681 "extension_component_google.json", Manifest::COMPONENT,
682 Extension::NO_FLAGS);
683 EXPECT_TRUE(ScriptOnly(extension.get(), http_url));
684 EXPECT_TRUE(Blocked(extension.get(), https_url));
685 EXPECT_TRUE(Blocked(extension.get(), file_url));
686 EXPECT_TRUE(Blocked(extension.get(), settings_url));
687 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
688 EXPECT_TRUE(Blocked(extension.get(), about_url));
689 EXPECT_TRUE(Blocked(extension.get(), extension_url));
690 EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
691 }
692
693 TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) {
694 scoped_refptr<Extension> extension =
695 LoadManifestStrict("script_and_capture", "tab_specific.json");
696
697 const PermissionsData* permissions_data = extension->permissions_data();
698 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0).get());
699 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(1).get());
700 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(2).get());
701
702 std::set<GURL> no_urls;
703
704 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
705 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
706 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
707
708 URLPatternSet allowed_hosts;
709 allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
710 http_url.spec()));
711 std::set<GURL> allowed_urls;
712 allowed_urls.insert(http_url);
713 // http_url_with_path() will also be allowed, because Extension should be
714 // considering the security origin of the URL not the URL itself, and
715 // http_url is in allowed_hosts.
716 allowed_urls.insert(http_url_with_path);
717
718 {
719 scoped_refptr<PermissionSet> permissions(
720 new PermissionSet(APIPermissionSet(), ManifestPermissionSet(),
721 allowed_hosts, URLPatternSet()));
722 permissions_data->UpdateTabSpecificPermissions(0, permissions);
723 EXPECT_EQ(permissions->explicit_hosts(),
724 permissions_data->GetTabSpecificPermissionsForTesting(0)
725 ->explicit_hosts());
726 }
727
728 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), allowed_urls, 0));
729 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
730 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
731
732 permissions_data->ClearTabSpecificPermissions(0);
733 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0).get());
734
735 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
736 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
737 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
738
739 std::set<GURL> more_allowed_urls = allowed_urls;
740 more_allowed_urls.insert(https_url);
741 URLPatternSet more_allowed_hosts = allowed_hosts;
742 more_allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
743 https_url.spec()));
744
745 {
746 scoped_refptr<PermissionSet> permissions(
747 new PermissionSet(APIPermissionSet(), ManifestPermissionSet(),
748 allowed_hosts, URLPatternSet()));
749 permissions_data->UpdateTabSpecificPermissions(0, permissions);
750 EXPECT_EQ(permissions->explicit_hosts(),
751 permissions_data->GetTabSpecificPermissionsForTesting(0)
752 ->explicit_hosts());
753
754 permissions = new PermissionSet(APIPermissionSet(),
755 ManifestPermissionSet(),
756 more_allowed_hosts,
757 URLPatternSet());
758 permissions_data->UpdateTabSpecificPermissions(1, permissions);
759 EXPECT_EQ(permissions->explicit_hosts(),
760 permissions_data->GetTabSpecificPermissionsForTesting(1)
761 ->explicit_hosts());
762 }
763
764 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), allowed_urls, 0));
765 EXPECT_TRUE(
766 ScriptAllowedExclusivelyOnTab(extension.get(), more_allowed_urls, 1));
767 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
768
769 permissions_data->ClearTabSpecificPermissions(0);
770 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0).get());
771
772 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
773 EXPECT_TRUE(
774 ScriptAllowedExclusivelyOnTab(extension.get(), more_allowed_urls, 1));
775 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
776
777 permissions_data->ClearTabSpecificPermissions(1);
778 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(1).get());
779
780 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
781 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
782 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
783 }
784
785 } // namespace extensions