chrome/browser/chrome_site_per_process_browsertest.cc

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "base/command_line.h"
   6 #include "base/strings/stringprintf.h"
   7 #include "chrome/browser/ui/browser.h"
   8 #include "chrome/browser/ui/tabs/tab_strip_model.h"
   9 #include "chrome/test/base/in_process_browser_test.h"
  10 #include "chrome/test/base/ui_test_utils.h"
  11 #include "content/public/browser/notification_observer.h"
  12 #include "content/public/browser/notification_service.h"
  13 #include "content/public/browser/notification_types.h"
  14 #include "content/public/browser/render_frame_host.h"
  15 #include "content/public/browser/web_contents.h"
  16 #include "content/public/browser/web_contents_observer.h"
  17 #include "content/public/common/content_switches.h"
  18 #include "content/public/test/browser_test_utils.h"
  19 #include "content/public/test/content_browser_test_utils.h"
  20 #include "content/public/test/test_utils.h"
  21 #include "net/dns/mock_host_resolver.h"
  22 #include "net/test/embedded_test_server/embedded_test_server.h"
  23 #include "url/gurl.h"
  24
  25 class ChromeSitePerProcessTest : public InProcessBrowserTest {
  26  public:
  27   ChromeSitePerProcessTest() {}
  28   ~ChromeSitePerProcessTest() override {}
  29
  30   void SetUpCommandLine(base::CommandLine* command_line) override {
  31     command_line->AppendSwitch(switches::kSitePerProcess);
  32   }
  33
  34   void SetUpOnMainThread() override {
  35     host_resolver()->AddRule("*", "127.0.0.1");
  36     ASSERT_TRUE(embedded_test_server()->InitializeAndWaitUntilReady());
  37     content::SetupCrossSiteRedirector(embedded_test_server());
  38   }
  39
  40  private:
  41   DISALLOW_COPY_AND_ASSIGN(ChromeSitePerProcessTest);
  42 };
  43
  44 // Verify that browser shutdown path works correctly when there's a
  45 // RenderFrameProxyHost for a child frame.
  46 IN_PROC_BROWSER_TEST_F(ChromeSitePerProcessTest, RenderFrameProxyHostShutdown) {
  47   GURL main_url(embedded_test_server()->GetURL(
  48         "a.com",
  49         "/frame_tree/page_with_two_frames_remote_and_local.html"));
  50   ui_test_utils::NavigateToURL(browser(), main_url);
  51 }
  52
  53 // Verify that origin replication allows JS access to localStorage, database,
  54 // and FileSystem APIs.  These features involve a check on the
  55 // WebSecurityOrigin of the topmost WebFrame in ContentSettingsObserver, and
  56 // this test ensures this check works when the top frame is remote.
  57 //
  58 // Disabled due to a shutdown race condition that can lead to UAF in the
  59 // renderer (https://crbug.com/470055).
  60 IN_PROC_BROWSER_TEST_F(ChromeSitePerProcessTest,
  61                        DISABLED_OriginReplicationAllowsAccessToStorage) {
  62   // Navigate to a page with a same-site iframe.
  63   GURL main_url(embedded_test_server()->GetURL("a.com", "/iframe.html"));
  64   ui_test_utils::NavigateToURL(browser(), main_url);
  65
  66   // Navigate subframe cross-site.
  67   content::WebContents* active_web_contents =
  68       browser()->tab_strip_model()->GetActiveWebContents();
  69   GURL cross_site_url(embedded_test_server()->GetURL("b.com", "/title2.html"));
  70   EXPECT_TRUE(NavigateIframeToURL(active_web_contents, "test", cross_site_url));
  71
  72   // Find the subframe's RenderFrameHost.
  73   content::RenderFrameHost* frame_host = FrameMatchingPredicate(
  74       active_web_contents,
  75       base::Bind(&content::FrameHasSourceUrl, cross_site_url));
  76   ASSERT_TRUE(frame_host);
  77   EXPECT_TRUE(frame_host->IsCrossProcessSubframe());
  78
  79   // Check that JS storage APIs can be accessed successfully.
  80   EXPECT_TRUE(
  81       content::ExecuteScript(frame_host, "localStorage['foo'] = 'bar'"));
  82   std::string result;
  83   EXPECT_TRUE(ExecuteScriptAndExtractString(
  84       frame_host, "window.domAutomationController.send(localStorage['foo']);",
  85       &result));
  86   EXPECT_EQ(result, "bar");
  87   bool is_object_created = false;
  88   EXPECT_TRUE(ExecuteScriptAndExtractBool(
  89       frame_host,
  90       "window.domAutomationController.send(!!indexedDB.open('testdb', 2));",
  91       &is_object_created));
  92   EXPECT_TRUE(is_object_created);
  93   is_object_created = false;
  94   EXPECT_TRUE(ExecuteScriptAndExtractBool(
  95       frame_host,
  96       "window.domAutomationController.send(!!openDatabase("
  97       "'foodb', '1.0', 'Test DB', 1024));",
  98       &is_object_created));
  99   EXPECT_TRUE(is_object_created);
 100   EXPECT_TRUE(ExecuteScript(frame_host,
 101                             "window.webkitRequestFileSystem("
 102                             "window.TEMPORARY, 1024, function() {});"));
 103 }