| // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "base/command_line.h" |
| #include "base/logging.h" |
| #include "chrome/browser/extensions/extension_apitest.h" |
| #include "chrome/browser/ui/browser.h" |
| #include "chrome/browser/ui/tabs/tab_strip_model.h" |
| #include "chrome/test/base/test_switches.h" |
| #include "chrome/test/base/ui_test_utils.h" |
| #include "content/public/browser/web_contents.h" |
| #include "content/public/test/browser_test_utils.h" |
| #include "extensions/common/switches.h" |
| #include "net/dns/mock_host_resolver.h" |
| #include "url/gurl.h" |
| |
| class ExtensionResourceRequestPolicyTest : public ExtensionApiTest { |
| protected: |
| virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { |
| ExtensionApiTest::SetUpCommandLine(command_line); |
| command_line->AppendSwitch( |
| extensions::switches::kAllowLegacyExtensionManifests); |
| } |
| }; |
| |
| // Note, this mostly tests the logic of chrome/renderer/extensions/ |
| // extension_resource_request_policy.*, but we have it as a browser test so that |
| // can make sure it works end-to-end. |
| IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest, OriginPrivileges) { |
| #if defined(OS_WIN) && defined(USE_ASH) |
| // Disable this test in Metro+Ash for now (http://crbug.com/262796). |
| if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests)) |
| return; |
| #endif |
| |
| host_resolver()->AddRule("*", "127.0.0.1"); |
| ASSERT_TRUE(test_server()->Start()); |
| ASSERT_TRUE(LoadExtensionWithFlags(test_data_dir_ |
| .AppendASCII("extension_resource_request_policy") |
| .AppendASCII("extension"), |
| // Tests manifest_version 1 behavior, so warnings are expected. |
| ExtensionBrowserTest::kFlagIgnoreManifestWarnings)); |
| |
| GURL web_resource( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "index.html")); |
| |
| std::string host_a("a.com"); |
| GURL::Replacements make_host_a_com; |
| make_host_a_com.SetHostStr(host_a); |
| |
| std::string host_b("b.com"); |
| GURL::Replacements make_host_b_com; |
| make_host_b_com.SetHostStr(host_b); |
| |
| // A web host that has permission. |
| ui_test_utils::NavigateToURL( |
| browser(), web_resource.ReplaceComponents(make_host_a_com)); |
| std::string result; |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ(result, "Loaded"); |
| |
| // A web host that loads a non-existent extension. |
| GURL non_existent_extension( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "non_existent_extension.html")); |
| ui_test_utils::NavigateToURL(browser(), non_existent_extension); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ(result, "Image failed to load"); |
| |
| // A data URL. Data URLs should always be able to load chrome-extension:// |
| // resources. |
| std::string file_source; |
| ASSERT_TRUE(file_util::ReadFileToString( |
| test_data_dir_.AppendASCII("extension_resource_request_policy") |
| .AppendASCII("index.html"), &file_source)); |
| ui_test_utils::NavigateToURL(browser(), |
| GURL(std::string("data:text/html;charset=utf-8,") + file_source)); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ(result, "Loaded"); |
| |
| // A different extension. Legacy (manifest_version 1) extensions should always |
| // be able to load each other's resources. |
| ASSERT_TRUE(LoadExtensionWithFlags(test_data_dir_ |
| .AppendASCII("extension_resource_request_policy") |
| .AppendASCII("extension2"), |
| // Tests manifest_version 1 behavior, so warnings are expected. |
| ExtensionBrowserTest::kFlagIgnoreManifestWarnings)); |
| ui_test_utils::NavigateToURL( |
| browser(), |
| GURL("chrome-extension://pbkkcbgdkliohhfaeefcijaghglkahja/index.html")); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ(result, "Loaded"); |
| } |
| |
| IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest, |
| ExtensionCanLoadHostedAppIcons) { |
| ASSERT_TRUE(LoadExtensionWithFlags(test_data_dir_ |
| .AppendASCII("extension_resource_request_policy") |
| .AppendASCII("extension"), |
| // Tests manifest_version 1 behavior, so warnings are expected. |
| ExtensionBrowserTest::kFlagIgnoreManifestWarnings)); |
| |
| ASSERT_TRUE(RunExtensionSubtest( |
| "extension_resource_request_policy/extension2/", |
| "can_load_icons_from_hosted_apps.html", |
| // Tests manifest_version 1 behavior, so warnings are expected. |
| ExtensionApiTest::kFlagIgnoreManifestWarnings)) << message_; |
| } |
| |
| IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest, Audio) { |
| EXPECT_TRUE(RunExtensionSubtest( |
| "extension_resource_request_policy/extension2", |
| "audio.html", |
| // Tests manifest_version 1 behavior, so warnings are expected. |
| ExtensionApiTest::kFlagIgnoreManifestWarnings)) << message_; |
| } |
| |
| #if defined(OS_MACOSX) || defined(OS_WIN) |
| // http://crbug.com/238733 - Video is flaky on Mac and Win. |
| #define MAYBE_Video DISABLED_Video |
| #else |
| #define MAYBE_Video Video |
| #endif |
| |
| IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest, MAYBE_Video) { |
| EXPECT_TRUE(RunExtensionSubtest( |
| "extension_resource_request_policy/extension2", |
| "video.html", |
| // Tests manifest_version 1 behavior, so warnings are expected. |
| ExtensionApiTest::kFlagIgnoreManifestWarnings)) << message_; |
| } |
| |
| // This test times out regularly on win_rel trybots. See http://crbug.com/122154 |
| #if defined(OS_WIN) |
| #define MAYBE_WebAccessibleResources DISABLED_WebAccessibleResources |
| #else |
| #define MAYBE_WebAccessibleResources WebAccessibleResources |
| #endif |
| IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest, |
| MAYBE_WebAccessibleResources) { |
| std::string result; |
| ASSERT_TRUE(test_server()->Start()); |
| ASSERT_TRUE(LoadExtension(test_data_dir_ |
| .AppendASCII("extension_resource_request_policy") |
| .AppendASCII("web_accessible"))); |
| |
| GURL accessible_resource( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "web_accessible/accessible_resource.html")); |
| ui_test_utils::NavigateToURL(browser(), accessible_resource); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ("Loaded", result); |
| |
| GURL xhr_accessible_resource( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "web_accessible/xhr_accessible_resource.html")); |
| ui_test_utils::NavigateToURL( |
| browser(), xhr_accessible_resource); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ("XHR completed with status: 200", result); |
| |
| GURL xhr_inaccessible_resource( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "web_accessible/xhr_inaccessible_resource.html")); |
| ui_test_utils::NavigateToURL( |
| browser(), xhr_inaccessible_resource); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ("XHR failed to load resource", result); |
| |
| GURL nonaccessible_resource( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "web_accessible/nonaccessible_resource.html")); |
| ui_test_utils::NavigateToURL(browser(), nonaccessible_resource); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ("Image failed to load", result); |
| |
| GURL nonexistent_resource( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "web_accessible/nonexistent_resource.html")); |
| ui_test_utils::NavigateToURL(browser(), nonexistent_resource); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ("Image failed to load", result); |
| |
| GURL nonaccessible_cer_resource( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "web_accessible/nonaccessible_chrome_resource_scheme.html")); |
| ui_test_utils::NavigateToURL(browser(), nonaccessible_cer_resource); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ("Loading CER:// failed.", result); |
| |
| GURL newtab_page("chrome://newtab"); |
| GURL accessible_newtab_override( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "web_accessible/accessible_history_navigation.html")); |
| ui_test_utils::NavigateToURL(browser(), newtab_page); |
| ui_test_utils::NavigateToURLBlockUntilNavigationsComplete( |
| browser(), accessible_newtab_override, 2); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ("New Tab Page Loaded Successfully", result); |
| } |
| |
| IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest, |
| WebAccessibleResourcesWithCSP) { |
| std::string result; |
| ASSERT_TRUE(test_server()->Start()); |
| ASSERT_TRUE(LoadExtension(test_data_dir_ |
| .AppendASCII("extension_resource_request_policy") |
| .AppendASCII("web_accessible"))); |
| |
| GURL accessible_resource_with_csp( |
| test_server()->GetURL( |
| "files/extensions/api_test/extension_resource_request_policy/" |
| "web_accessible/accessible_resource_with_csp.html")); |
| ui_test_utils::NavigateToURL(browser(), accessible_resource_with_csp); |
| ASSERT_TRUE(content::ExecuteScriptAndExtractString( |
| browser()->tab_strip_model()->GetActiveWebContents(), |
| "window.domAutomationController.send(document.title)", |
| &result)); |
| EXPECT_EQ("Loaded", result); |
| } |
| |
| IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest, Iframe) { |
| // Load another extension, which the test one shouldn't be able to get |
| // resources from. |
| ASSERT_TRUE(LoadExtension(test_data_dir_ |
| .AppendASCII("extension_resource_request_policy") |
| .AppendASCII("inaccessible"))); |
| EXPECT_TRUE(RunExtensionSubtest( |
| "extension_resource_request_policy/web_accessible", |
| "iframe.html")) << message_; |
| } |
| |
| #if defined(OS_MACOSX) |
| #define MAYBE_ExtensionAccessibleResources DISABLED_ExtensionAccessibleResources |
| #else |
| #define MAYBE_ExtensionAccessibleResources ExtensionAccessibleResources |
| #endif |
| IN_PROC_BROWSER_TEST_F(ExtensionResourceRequestPolicyTest, |
| MAYBE_ExtensionAccessibleResources) { |
| ASSERT_TRUE(RunExtensionSubtest("accessible_cer", "main.html")) << message_; |
| } |