Commit 8f063369 authored by mihaip@chromium.org's avatar mihaip@chromium.org

When allowing an extension file:/// URL access, grant its process access to that scheme.

This allows XHRs from the background page to file:/// URLs to succeed. XHRs from
content scripts still fail, since they're running in a regular renderer process,
and there is currently no mechanism for only whitelisting the isolated world
within it for the file: scheme.

Also re-enable ExtensionApiTest.CrossOriginXHRContentScript since it doesn't
appear to have flaked recently.

BUG=104547,96725
R=aa@chromium.org


Review URL: http://codereview.chromium.org/8587052

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110614 0039d316-1c4b-4281-b951-d872f2087c98
parent ff3e5c4b
...@@ -17,9 +17,17 @@ IN_PROC_BROWSER_TEST_F(ExtensionApiTest, CrossOriginXHRAllURLs) { ...@@ -17,9 +17,17 @@ IN_PROC_BROWSER_TEST_F(ExtensionApiTest, CrossOriginXHRAllURLs) {
ASSERT_TRUE(RunExtensionTest("cross_origin_xhr/all_urls")) << message_; ASSERT_TRUE(RunExtensionTest("cross_origin_xhr/all_urls")) << message_;
} }
// Flaky on the trybots. See http://crbug.com/96725. IN_PROC_BROWSER_TEST_F(ExtensionApiTest, CrossOriginXHRContentScript) {
IN_PROC_BROWSER_TEST_F(ExtensionApiTest, FLAKY_CrossOriginXHRContentScript) {
host_resolver()->AddRule("*.com", "127.0.0.1"); host_resolver()->AddRule("*.com", "127.0.0.1");
ASSERT_TRUE(StartTestServer()); ASSERT_TRUE(StartTestServer());
ASSERT_TRUE(RunExtensionTest("cross_origin_xhr/content_script")) << message_; ASSERT_TRUE(RunExtensionTest("cross_origin_xhr/content_script")) << message_;
} }
IN_PROC_BROWSER_TEST_F(ExtensionApiTest, CrossOriginXHRFileAccess) {
ASSERT_TRUE(RunExtensionTest("cross_origin_xhr/file_access")) << message_;
}
IN_PROC_BROWSER_TEST_F(ExtensionApiTest, CrossOriginXHRNoFileAccess) {
ASSERT_TRUE(RunExtensionTestNoFileAccess(
"cross_origin_xhr/no_file_access")) << message_;
}
...@@ -18,6 +18,7 @@ ...@@ -18,6 +18,7 @@
namespace { namespace {
const char kTestServerPort[] = "testServer.port"; const char kTestServerPort[] = "testServer.port";
const char kTestDataDirectory[] = "testDataDirectory";
}; // namespace }; // namespace
...@@ -93,6 +94,8 @@ void ExtensionApiTest::ResultCatcher::Observe( ...@@ -93,6 +94,8 @@ void ExtensionApiTest::ResultCatcher::Observe(
void ExtensionApiTest::SetUpInProcessBrowserTestFixture() { void ExtensionApiTest::SetUpInProcessBrowserTestFixture() {
DCHECK(!test_config_.get()) << "Previous test did not clear config state."; DCHECK(!test_config_.get()) << "Previous test did not clear config state.";
test_config_.reset(new DictionaryValue()); test_config_.reset(new DictionaryValue());
test_config_->SetString(kTestDataDirectory,
net::FilePathToFileURL(test_data_dir_).spec());
ExtensionTestGetConfigFunction::set_test_config_state(test_config_.get()); ExtensionTestGetConfigFunction::set_test_config_state(test_config_.get());
} }
...@@ -233,8 +236,8 @@ bool ExtensionApiTest::StartTestServer() { ...@@ -233,8 +236,8 @@ bool ExtensionApiTest::StartTestServer() {
return false; return false;
// Build a dictionary of values that tests can use to build URLs that // Build a dictionary of values that tests can use to build URLs that
// access the test server. Tests can see these values using the extension // access the test server and local file system. Tests can see these values
// API function chrome.test.getConfig(). // using the extension API function chrome.test.getConfig().
test_config_->SetInteger(kTestServerPort, test_config_->SetInteger(kTestServerPort,
test_server()->host_port_pair().port()); test_server()->host_port_pair().port());
......
...@@ -116,6 +116,13 @@ void ChromeRenderViewHostObserver::InitRenderViewForExtensions() { ...@@ -116,6 +116,13 @@ void ChromeRenderViewHostObserver::InitRenderViewForExtensions() {
process->id(), chrome::kChromeUIScheme); process->id(), chrome::kChromeUIScheme);
} }
if (type == Extension::TYPE_EXTENSION &&
profile_->GetExtensionService()->extension_prefs()->AllowFileAccess(
extension->id())) {
ChildProcessSecurityPolicy::GetInstance()->GrantScheme(
process->id(), chrome::kFileScheme);
}
if (type == Extension::TYPE_EXTENSION || if (type == Extension::TYPE_EXTENSION ||
type == Extension::TYPE_USER_SCRIPT || type == Extension::TYPE_USER_SCRIPT ||
type == Extension::TYPE_PACKAGED_APP || type == Extension::TYPE_PACKAGED_APP ||
......
...@@ -6334,6 +6334,10 @@ ...@@ -6334,6 +6334,10 @@
"maximum": 65535 "maximum": 65535
} }
} }
},
"testDataDirectory": {
"type": "string",
"description": "file:/// URL for the API test data directory."
} }
} }
} }
......
{
"name": "Cross origin XHR to file:/// URLs with access",
"version": "1.0",
"description": "Tests bug 104547",
"background_page": "test.html",
"permissions": [ "<all_urls>" ]
}
<script>
chrome.test.getConfig(function(config) {
chrome.test.runTests([
function fileAccessAllowed() {
var req = new XMLHttpRequest();
var url = config.testDataDirectory + "/../test_file.txt";
chrome.test.log("Requesting url: " + url);
req.open("GET", url, true);
req.onload = function() {
chrome.test.assertEq("Hello!", req.responseText);
chrome.test.runNextTest();
}
req.onerror = function() {
chrome.test.log("status: " + req.status);
chrome.test.log("text: " + req.responseText);
chrome.test.fail("Unexpected error for url: " + url);
}
req.send(null);
}
]);
});
</script>
{
"name": "Cross origin XHR to file:/// URLs without access",
"version": "1.0",
"description": "Tests bug 104547",
"background_page": "test.html",
"permissions": [ "<all_urls>" ]
}
<script>
chrome.test.getConfig(function(config) {
chrome.test.runTests([
function fileAccessNotAllowed() {
var req = new XMLHttpRequest();
var url = config.testDataDirectory + "/../test_file.txt";
chrome.test.log("Requesting url: " + url);
req.open("GET", url, true);
req.onload = function() {
chrome.test.fail("Unexpected success for url: " + url);
}
req.onerror = function() {
chrome.test.assertEq(0, req.status);
chrome.test.runNextTest();
}
req.send(null);
}
]);
});
</script>
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment