Split same- and cross-origin featurePolicy tests.

This is in preparation for the change in feature policy header semantics, where the default behaviour will be different when only the header (and not the allow attribute) is used. To make the changes clearer, the two cases are split now. The comments for the combined header+allow policy tests are updated to clarify why each case is returning true or false as well, so that future changes will be more easily understood. Bug: 1095641 Change-Id: Ic615558e19d47e1aee699ec4ac2c3eb8614339a9 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2424657 Commit-Queue: Charlie Hu <chenleihu@google.com> Auto-Submit: Ian Clelland <iclelland@chromium.org> Reviewed-by: Charlie Hu <chenleihu@google.com> Cr-Commit-Position: refs/heads/master@{#809810}

Split same- and cross-origin featurePolicy tests.
This is in preparation for the change in feature policy header semantics, where the default behaviour will be different when only the header (and not the allow attribute) is used. To make the changes clearer, the two cases are split now. The comments for the combined header+allow policy tests are updated to clarify why each case is returning true or false as well, so that future changes will be more easily understood. Bug: 1095641 Change-Id: Ic615558e19d47e1aee699ec4ac2c3eb8614339a9 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2424657 Commit-Queue: Charlie Hu <chenleihu@google.com> Auto-Submit: Ian Clelland <iclelland@chromium.org> Reviewed-by: Charlie Hu <chenleihu@google.com> Cr-Commit-Position: refs/heads/master@{#809810}
232a3047 · Ian Clelland · Commit Bot · 4b545779 · 232a3047
Commit 232a3047 authored Sep 23, 2020 by Ian Clelland Committed by Commit Bot Sep 23, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 36 additions and 8 deletions

third_party/blink/renderer/core/feature_policy/policy_test.cc ...d_party/blink/renderer/core/feature_policy/policy_test.cc +36 -8

No files found.
--- a/third_party/blink/renderer/core/feature_policy/policy_test.cc
+++ b/third_party/blink/renderer/core/feature_policy/policy_test.cc
@@ -157,17 +157,40 @@ TEST_F(IFramePolicyTest, TestGetAllowList) {
              UnorderedElementsAre("*"));
 }
-TEST_F(IFramePolicyTest, TestAllowedFeatures) {
+TEST_F(IFramePolicyTest, TestSameOriginAllowedFeatures) {
  Vector<String> allowed_features = GetPolicy()->allowedFeatures(nullptr);
+  // These features are allowed in a same origin context, and not restricted by
+  // the parent document's policy.
  EXPECT_TRUE(allowed_features.Contains("fullscreen"));
  EXPECT_TRUE(allowed_features.Contains("payment"));
  EXPECT_TRUE(allowed_features.Contains("camera"));
-  // "geolocation" has default policy as allowed on self origin.
  EXPECT_TRUE(allowed_features.Contains("geolocation"));
+  // "midi" is restricted by the parent document's policy.
+  EXPECT_FALSE(allowed_features.Contains("midi"));
+  // "sync-xhr" is allowed on all origins.
+  EXPECT_TRUE(allowed_features.Contains("sync-xhr"));
+  // This feature does not exist, so should not be advertised as allowed.
  EXPECT_FALSE(allowed_features.Contains("badfeature"));
+}
+TEST_F(IFramePolicyTest, TestCrossOriginAllowedFeatures) {
+  // Update the iframe's policy, given a new origin.
+  GetPolicy()->UpdateContainerPolicy(
+      ParsedFeaturePolicy(), SecurityOrigin::CreateFromString(kOriginA));
+  Vector<String> allowed_features = GetPolicy()->allowedFeatures(nullptr);
+  // These features are allowed in the cross-origin frame by the Feature-Policy
+  // header.
+  EXPECT_TRUE(allowed_features.Contains("fullscreen"));
+  EXPECT_TRUE(allowed_features.Contains("camera"));
+  // These features are not allowed by the header, and so should not be allowed
+  // in a cross-origin context.
+  EXPECT_FALSE(allowed_features.Contains("payment"));
+  EXPECT_FALSE(allowed_features.Contains("geolocation"));
  EXPECT_FALSE(allowed_features.Contains("midi"));
-  // "sync-xhr" is allowed on all origins
+  // "sync-xhr" is allowed on all origins.
  EXPECT_TRUE(allowed_features.Contains("sync-xhr"));
+  // This feature does not exist, so should not be advertised as allowed.
+  EXPECT_FALSE(allowed_features.Contains("badfeature"));
 }
 TEST_F(IFramePolicyTest, TestCombinedPolicy) {
@@ -178,15 +201,20 @@ TEST_F(IFramePolicyTest, TestCombinedPolicy) {
  GetPolicy()->UpdateContainerPolicy(
      container_policy, SecurityOrigin::CreateFromString(kOriginA));
  Vector<String> allowed_features = GetPolicy()->allowedFeatures(nullptr);
-  EXPECT_TRUE(allowed_features.Contains("fullscreen"));
+  // These features are not allowed by either the header or attribute.
  EXPECT_FALSE(allowed_features.Contains("payment"));
+  // These features are allowed by the header.
+  EXPECT_TRUE(allowed_features.Contains("fullscreen"));
+  // These features are explicitly allowed by the attribute.
  EXPECT_TRUE(allowed_features.Contains("geolocation"));
-  EXPECT_FALSE(allowed_features.Contains("midi"));
  EXPECT_TRUE(allowed_features.Contains("camera"));
-  // "geolocation" has default policy as allowed on self origin.
+  // "midi" is allowed by the attribute, but still blocked by the parent
-  EXPECT_FALSE(allowed_features.Contains("badfeature"));
+  // document's policy.
-  // "sync-xhr" is still implicitly allowed on all origins
+  EXPECT_FALSE(allowed_features.Contains("midi"));
+  // "sync-xhr" is still implicitly allowed on all origins.
  EXPECT_TRUE(allowed_features.Contains("sync-xhr"));
+  // This feature does not exist, so should not be advertised as allowed.
+  EXPECT_FALSE(allowed_features.Contains("badfeature"));
 }
 }  // namespace blink