Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / chrome / browser / extensions / api / web_request / web_request_permissions_unittest.cc
blobe77c585f1216753c31dff1d055bf533dbaaa98c8
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "extensions/browser/api/web_request/web_request_permissions.h"
7 #include "base/memory/scoped_ptr.h"
8 #include "base/message_loop/message_loop.h"
9 #include "chrome/common/extensions/extension_test_util.h"
10 #include "content/public/browser/resource_request_info.h"
11 #include "content/public/test/test_browser_thread_bundle.h"
12 #include "extensions/browser/info_map.h"
13 #include "extensions/common/constants.h"
14 #include "ipc/ipc_message.h"
15 #include "net/base/request_priority.h"
16 #include "net/url_request/url_request.h"
17 #include "net/url_request/url_request_test_util.h"
18 #include "testing/gtest/include/gtest/gtest.h"
20 using content::ResourceRequestInfo;
21 using content::ResourceType;
22 using extensions::Extension;
23 using extensions::Manifest;
24 using extension_test_util::LoadManifestUnchecked;
26 class ExtensionWebRequestHelpersTestWithThreadsTest : public testing::Test {
27 public:
28 ExtensionWebRequestHelpersTestWithThreadsTest()
29 : thread_bundle_(content::TestBrowserThreadBundle::IO_MAINLOOP) {}
31 protected:
32 void SetUp() override;
34 private:
35 content::TestBrowserThreadBundle thread_bundle_;
37 protected:
38 net::TestURLRequestContext context;
40 // This extension has Web Request permissions, but no host permission.
41 scoped_refptr<Extension> permissionless_extension_;
42 // This extension has Web Request permissions, and *.com a host permission.
43 scoped_refptr<Extension> com_extension_;
44 scoped_refptr<extensions::InfoMap> extension_info_map_;
47 void ExtensionWebRequestHelpersTestWithThreadsTest::SetUp() {
48 testing::Test::SetUp();
50 std::string error;
51 permissionless_extension_ = LoadManifestUnchecked("permissions",
52 "web_request_no_host.json",
53 Manifest::INVALID_LOCATION,
54 Extension::NO_FLAGS,
55 "ext_id_1",
56 &error);
57 ASSERT_TRUE(permissionless_extension_.get()) << error;
58 com_extension_ =
59 LoadManifestUnchecked("permissions",
60 "web_request_com_host_permissions.json",
61 Manifest::INVALID_LOCATION,
62 Extension::NO_FLAGS,
63 "ext_id_2",
64 &error);
65 ASSERT_TRUE(com_extension_.get()) << error;
66 extension_info_map_ = new extensions::InfoMap;
67 extension_info_map_->AddExtension(permissionless_extension_.get(),
68 base::Time::Now(),
69 false /*incognito_enabled*/,
70 false /*notifications_disabled*/);
71 extension_info_map_->AddExtension(
72 com_extension_.get(),
73 base::Time::Now(),
74 false /*incognito_enabled*/,
75 false /*notifications_disabled*/);
78 TEST_F(ExtensionWebRequestHelpersTestWithThreadsTest, TestHideRequestForURL) {
79 net::TestURLRequestContext context;
80 const char* const sensitive_urls[] = {
81 "http://clients2.google.com",
82 "http://clients22.google.com",
83 "https://clients2.google.com",
84 "http://clients2.google.com/service/update2/crx",
85 "https://clients.google.com",
86 "https://test.clients.google.com",
87 "https://clients2.google.com/service/update2/crx",
88 "http://www.gstatic.com/chrome/extensions/blacklist",
89 "https://www.gstatic.com/chrome/extensions/blacklist",
90 "notregisteredscheme://www.foobar.com",
91 "https://chrome.google.com/webstore/",
92 "https://chrome.google.com/webstore/"
93 "inlineinstall/detail/kcnhkahnjcbndmmehfkdnkjomaanaooo"
95 const char* const non_sensitive_urls[] = {
96 "http://www.google.com/"
99 // Check that requests are rejected based on the destination
100 for (size_t i = 0; i < arraysize(sensitive_urls); ++i) {
101 GURL sensitive_url(sensitive_urls[i]);
102 scoped_ptr<net::URLRequest> request(context.CreateRequest(
103 sensitive_url, net::DEFAULT_PRIORITY, NULL));
104 EXPECT_TRUE(WebRequestPermissions::HideRequest(
105 extension_info_map_.get(), request.get())) << sensitive_urls[i];
107 // Check that requests are accepted if they don't touch sensitive urls.
108 for (size_t i = 0; i < arraysize(non_sensitive_urls); ++i) {
109 GURL non_sensitive_url(non_sensitive_urls[i]);
110 scoped_ptr<net::URLRequest> request(context.CreateRequest(
111 non_sensitive_url, net::DEFAULT_PRIORITY, NULL));
112 EXPECT_FALSE(WebRequestPermissions::HideRequest(
113 extension_info_map_.get(), request.get())) << non_sensitive_urls[i];
116 // Check protection of requests originating from the frame showing the Chrome
117 // WebStore.
118 // Normally this request is not protected:
119 GURL non_sensitive_url("http://www.google.com/test.js");
120 scoped_ptr<net::URLRequest> non_sensitive_request(context.CreateRequest(
121 non_sensitive_url, net::DEFAULT_PRIORITY, NULL));
122 EXPECT_FALSE(WebRequestPermissions::HideRequest(
123 extension_info_map_.get(), non_sensitive_request.get()));
124 // If the origin is labeled by the WebStoreAppId, it becomes protected.
126 int process_id = 42;
127 int site_instance_id = 23;
128 int view_id = 17;
129 scoped_ptr<net::URLRequest> sensitive_request(context.CreateRequest(
130 non_sensitive_url, net::DEFAULT_PRIORITY, NULL));
131 ResourceRequestInfo::AllocateForTesting(sensitive_request.get(),
132 content::RESOURCE_TYPE_SCRIPT,
133 NULL,
134 process_id,
135 view_id,
136 MSG_ROUTING_NONE,
137 false, // is_main_frame
138 false, // parent_is_main_frame
139 true, // allow_download
140 false); // is_async
141 extension_info_map_->RegisterExtensionProcess(
142 extensions::kWebStoreAppId, process_id, site_instance_id);
143 EXPECT_TRUE(WebRequestPermissions::HideRequest(
144 extension_info_map_.get(), sensitive_request.get()));
148 TEST_F(ExtensionWebRequestHelpersTestWithThreadsTest,
149 TestCanExtensionAccessURL_HostPermissions) {
150 scoped_ptr<net::URLRequest> request(context.CreateRequest(
151 GURL("http://example.com"), net::DEFAULT_PRIORITY, NULL));
153 EXPECT_TRUE(WebRequestPermissions::CanExtensionAccessURL(
154 extension_info_map_.get(),
155 permissionless_extension_->id(),
156 request->url(),
157 false /*crosses_incognito*/,
158 WebRequestPermissions::DO_NOT_CHECK_HOST));
159 EXPECT_FALSE(WebRequestPermissions::CanExtensionAccessURL(
160 extension_info_map_.get(),
161 permissionless_extension_->id(),
162 request->url(),
163 false /*crosses_incognito*/,
164 WebRequestPermissions::REQUIRE_HOST_PERMISSION));
165 EXPECT_TRUE(WebRequestPermissions::CanExtensionAccessURL(
166 extension_info_map_.get(),
167 com_extension_->id(),
168 request->url(),
169 false /*crosses_incognito*/,
170 WebRequestPermissions::REQUIRE_HOST_PERMISSION));
171 EXPECT_FALSE(WebRequestPermissions::CanExtensionAccessURL(
172 extension_info_map_.get(),
173 com_extension_->id(),
174 request->url(),
175 false /*crosses_incognito*/,
176 WebRequestPermissions::REQUIRE_ALL_URLS));