Google Git
Sign in
chromium / chromium / src / f600666a8e1bf5f0227ace0f5a9c8ca75bb7eeab / . / third_party / WebKit / Source / core / frame / FeaturePolicyInFrameTest.cpp
blob: e14e5f33fd7b8201f0dc4c5e21d4cd3b2ecc7e2b [file] [log] [blame]
// Copyright 2016 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "platform/feature_policy/FeaturePolicy.h"
#include "bindings/core/v8/ConditionalFeatures.h"
#include "core/frame/LocalFrame.h"
#include "core/testing/DummyPageHolder.h"
#include "platform/RuntimeEnabledFeatures.h"
#include "testing/gtest/include/gtest/gtest.h"
// Origin strings used for tests
#define ORIGIN_A "https://example.com/"
#define ORIGIN_B "https://example.net/"
namespace blink {
namespace {
// This is an example of a feature which should be enabled by default in all
// frames.
const FeaturePolicy::Feature kDefaultOnFeature{
"default-on", FeaturePolicy::FeatureDefault::EnableForAll};
// This is an example of a feature which should be enabled in top-level frames,
// and same-origin child-frames, but must be delegated to all cross-origin
// frames explicitly.
const FeaturePolicy::Feature kDefaultSelfFeature{
"default-self", FeaturePolicy::FeatureDefault::EnableForSelf};
// This is an example of a feature which should be disabled by default, both in
// top-level and nested frames.
const FeaturePolicy::Feature kDefaultOffFeature{
"default-off", FeaturePolicy::FeatureDefault::DisableForAll};
} // namespace
class FeaturePolicyInFrameTest : public ::testing::Test {
protected:
FeaturePolicyInFrameTest()
: m_frameworkWasEnabled(RuntimeEnabledFeatures::featurePolicyEnabled()),
m_featureList(
{&kDefaultOnFeature, &kDefaultSelfFeature, &kDefaultOffFeature}) {
RuntimeEnabledFeatures::setFeaturePolicyEnabled(true);
m_dummyPageHolder = DummyPageHolder::create(IntSize(800, 600));
m_dummyPageHolder->document().setSecurityOrigin(m_originA);
}
~FeaturePolicyInFrameTest() {
RuntimeEnabledFeatures::setFeaturePolicyEnabled(m_frameworkWasEnabled);
}
std::unique_ptr<FeaturePolicy> createFromParentPolicy(
const FeaturePolicy* parent,
RefPtr<SecurityOrigin> origin) {
return FeaturePolicy::createFromParentPolicy(parent, origin, m_featureList);
}
Document& document() { return m_dummyPageHolder->document(); }
LocalFrame* frame() { return m_dummyPageHolder->document().frame(); }
RefPtr<SecurityOrigin> m_originA = SecurityOrigin::createFromString(ORIGIN_A);
RefPtr<SecurityOrigin> m_originB = SecurityOrigin::createFromString(ORIGIN_B);
private:
const bool m_frameworkWasEnabled;
std::unique_ptr<DummyPageHolder> m_dummyPageHolder;
// Contains the list of controlled features, so that we are guaranteed to
// have at least one of each kind of default behaviour represented.
FeaturePolicy::FeatureList m_featureList;
};
TEST_F(FeaturePolicyInFrameTest, TestFeatureDefaultsInTopLevelFrame) {
std::unique_ptr<FeaturePolicy> policy1 =
createFromParentPolicy(nullptr, m_originA);
document().setFeaturePolicy(std::move(policy1));
EXPECT_TRUE(isFeatureEnabledInFrame(kDefaultOnFeature, frame()));
EXPECT_TRUE(isFeatureEnabledInFrame(kDefaultSelfFeature, frame()));
EXPECT_FALSE(isFeatureEnabledInFrame(kDefaultOffFeature, frame()));
}
TEST_F(FeaturePolicyInFrameTest, TestFeatureDefaultsInCrossOriginFrame) {
std::unique_ptr<FeaturePolicy> policy1 =
createFromParentPolicy(nullptr, m_originB);
std::unique_ptr<FeaturePolicy> policy2 =
createFromParentPolicy(policy1.get(), m_originA);
document().setFeaturePolicy(std::move(policy2));
EXPECT_TRUE(isFeatureEnabledInFrame(kDefaultOnFeature, frame()));
EXPECT_FALSE(isFeatureEnabledInFrame(kDefaultSelfFeature, frame()));
EXPECT_FALSE(isFeatureEnabledInFrame(kDefaultOffFeature, frame()));
}
TEST_F(FeaturePolicyInFrameTest, TestFeatureOverriddenInFrame) {
Vector<String> messages;
std::unique_ptr<FeaturePolicy> policy1 =
createFromParentPolicy(nullptr, m_originA);
policy1->setHeaderPolicy("{\"default-off\": [\"self\"], \"default-on\": []}",
messages);
EXPECT_EQ(0UL, messages.size());
document().setFeaturePolicy(std::move(policy1));
EXPECT_TRUE(isFeatureEnabledInFrame(kDefaultOffFeature, frame()));
EXPECT_FALSE(isFeatureEnabledInFrame(kDefaultOnFeature, frame()));
}
// Ensure that features are enabled / disabled correctly when the FP runtime
// flag is turned off.
TEST_F(FeaturePolicyInFrameTest, TestFeatureDefaultsWhenFPDisabled) {
RuntimeEnabledFeatures::setFeaturePolicyEnabled(false);
EXPECT_TRUE(isFeatureEnabledInFrame(kDefaultOnFeature, frame()));
EXPECT_TRUE(isFeatureEnabledInFrame(kDefaultSelfFeature, frame()));
EXPECT_FALSE(isFeatureEnabledInFrame(kDefaultOffFeature, frame()));
}
// Ensure that feature policy has no effect when the FP runtime flag is turned
// off.
TEST_F(FeaturePolicyInFrameTest, TestPolicyInactiveWhenFPDisabled) {
RuntimeEnabledFeatures::setFeaturePolicyEnabled(false);
Vector<String> messages;
std::unique_ptr<FeaturePolicy> policy1 =
createFromParentPolicy(nullptr, m_originA);
policy1->setHeaderPolicy("{\"default-on\": []}", messages);
EXPECT_EQ(0UL, messages.size());
document().setFeaturePolicy(std::move(policy1));
EXPECT_TRUE(isFeatureEnabledInFrame(kDefaultOnFeature, frame()));
}
} // namespace blink