Commit 232a3047 authored by Ian Clelland's avatar Ian Clelland Committed by Commit Bot

Split same- and cross-origin featurePolicy tests.

This is in preparation for the change in feature policy header
semantics, where the default behaviour will be different when only
the header (and not the allow attribute) is used. To make the changes
clearer, the two cases are split now.

The comments for the combined header+allow policy tests are updated to
clarify why each case is returning true or false as well, so that
future changes will be more easily understood.

Bug: 1095641
Change-Id: Ic615558e19d47e1aee699ec4ac2c3eb8614339a9
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2424657
Commit-Queue: Charlie Hu <chenleihu@google.com>
Auto-Submit: Ian Clelland <iclelland@chromium.org>
Reviewed-by: default avatarCharlie Hu <chenleihu@google.com>
Cr-Commit-Position: refs/heads/master@{#809810}
parent 4b545779
...@@ -157,17 +157,40 @@ TEST_F(IFramePolicyTest, TestGetAllowList) { ...@@ -157,17 +157,40 @@ TEST_F(IFramePolicyTest, TestGetAllowList) {
UnorderedElementsAre("*")); UnorderedElementsAre("*"));
} }
TEST_F(IFramePolicyTest, TestAllowedFeatures) { TEST_F(IFramePolicyTest, TestSameOriginAllowedFeatures) {
Vector<String> allowed_features = GetPolicy()->allowedFeatures(nullptr); Vector<String> allowed_features = GetPolicy()->allowedFeatures(nullptr);
// These features are allowed in a same origin context, and not restricted by
// the parent document's policy.
EXPECT_TRUE(allowed_features.Contains("fullscreen")); EXPECT_TRUE(allowed_features.Contains("fullscreen"));
EXPECT_TRUE(allowed_features.Contains("payment")); EXPECT_TRUE(allowed_features.Contains("payment"));
EXPECT_TRUE(allowed_features.Contains("camera")); EXPECT_TRUE(allowed_features.Contains("camera"));
// "geolocation" has default policy as allowed on self origin.
EXPECT_TRUE(allowed_features.Contains("geolocation")); EXPECT_TRUE(allowed_features.Contains("geolocation"));
// "midi" is restricted by the parent document's policy.
EXPECT_FALSE(allowed_features.Contains("midi"));
// "sync-xhr" is allowed on all origins.
EXPECT_TRUE(allowed_features.Contains("sync-xhr"));
// This feature does not exist, so should not be advertised as allowed.
EXPECT_FALSE(allowed_features.Contains("badfeature")); EXPECT_FALSE(allowed_features.Contains("badfeature"));
}
TEST_F(IFramePolicyTest, TestCrossOriginAllowedFeatures) {
// Update the iframe's policy, given a new origin.
GetPolicy()->UpdateContainerPolicy(
ParsedFeaturePolicy(), SecurityOrigin::CreateFromString(kOriginA));
Vector<String> allowed_features = GetPolicy()->allowedFeatures(nullptr);
// These features are allowed in the cross-origin frame by the Feature-Policy
// header.
EXPECT_TRUE(allowed_features.Contains("fullscreen"));
EXPECT_TRUE(allowed_features.Contains("camera"));
// These features are not allowed by the header, and so should not be allowed
// in a cross-origin context.
EXPECT_FALSE(allowed_features.Contains("payment"));
EXPECT_FALSE(allowed_features.Contains("geolocation"));
EXPECT_FALSE(allowed_features.Contains("midi")); EXPECT_FALSE(allowed_features.Contains("midi"));
// "sync-xhr" is allowed on all origins // "sync-xhr" is allowed on all origins.
EXPECT_TRUE(allowed_features.Contains("sync-xhr")); EXPECT_TRUE(allowed_features.Contains("sync-xhr"));
// This feature does not exist, so should not be advertised as allowed.
EXPECT_FALSE(allowed_features.Contains("badfeature"));
} }
TEST_F(IFramePolicyTest, TestCombinedPolicy) { TEST_F(IFramePolicyTest, TestCombinedPolicy) {
...@@ -178,15 +201,20 @@ TEST_F(IFramePolicyTest, TestCombinedPolicy) { ...@@ -178,15 +201,20 @@ TEST_F(IFramePolicyTest, TestCombinedPolicy) {
GetPolicy()->UpdateContainerPolicy( GetPolicy()->UpdateContainerPolicy(
container_policy, SecurityOrigin::CreateFromString(kOriginA)); container_policy, SecurityOrigin::CreateFromString(kOriginA));
Vector<String> allowed_features = GetPolicy()->allowedFeatures(nullptr); Vector<String> allowed_features = GetPolicy()->allowedFeatures(nullptr);
EXPECT_TRUE(allowed_features.Contains("fullscreen")); // These features are not allowed by either the header or attribute.
EXPECT_FALSE(allowed_features.Contains("payment")); EXPECT_FALSE(allowed_features.Contains("payment"));
// These features are allowed by the header.
EXPECT_TRUE(allowed_features.Contains("fullscreen"));
// These features are explicitly allowed by the attribute.
EXPECT_TRUE(allowed_features.Contains("geolocation")); EXPECT_TRUE(allowed_features.Contains("geolocation"));
EXPECT_FALSE(allowed_features.Contains("midi"));
EXPECT_TRUE(allowed_features.Contains("camera")); EXPECT_TRUE(allowed_features.Contains("camera"));
// "geolocation" has default policy as allowed on self origin. // "midi" is allowed by the attribute, but still blocked by the parent
EXPECT_FALSE(allowed_features.Contains("badfeature")); // document's policy.
// "sync-xhr" is still implicitly allowed on all origins EXPECT_FALSE(allowed_features.Contains("midi"));
// "sync-xhr" is still implicitly allowed on all origins.
EXPECT_TRUE(allowed_features.Contains("sync-xhr")); EXPECT_TRUE(allowed_features.Contains("sync-xhr"));
// This feature does not exist, so should not be advertised as allowed.
EXPECT_FALSE(allowed_features.Contains("badfeature"));
} }
} // namespace blink } // namespace blink
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment