| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include <string> |
| 6 |
| 7 #include "base/compiler_specific.h" |
| 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/message_loop.h" |
| 10 #include "base/values.h" |
| 11 #include "chrome/browser/extensions/active_tab_permission_manager.h" |
| 12 #include "chrome/browser/extensions/extension_tab_helper.h" |
| 13 #include "chrome/browser/ui/tab_contents/tab_contents.h" |
| 14 #include "chrome/browser/ui/tab_contents/test_tab_contents.h" |
| 15 #include "chrome/common/chrome_notification_types.h" |
| 16 #include "chrome/common/extensions/extension.h" |
| 17 #include "content/public/browser/browser_thread.h" |
| 18 #include "content/public/browser/notification_service.h" |
| 19 #include "content/public/browser/notification_types.h" |
| 20 #include "content/public/browser/web_contents.h" |
| 21 #include "content/public/common/page_transition_types.h" |
| 22 #include "content/public/test/test_browser_thread.h" |
| 23 |
| 24 using base::DictionaryValue; |
| 25 using base::ListValue; |
| 26 using content::BrowserThread; |
| 27 using content::NavigationController; |
| 28 |
| 29 namespace extensions { |
| 30 namespace { |
| 31 |
| 32 scoped_refptr<const Extension> CreateTestExtension( |
| 33 const std::string& name, |
| 34 bool has_active_tab_permission) { |
| 35 DictionaryValue manifest; |
| 36 manifest.SetString("name", name); |
| 37 manifest.SetString("version", "1.0.0"); |
| 38 manifest.SetInteger("manifest_version", 2); |
| 39 |
| 40 if (has_active_tab_permission) { |
| 41 scoped_ptr<ListValue> permissions(new ListValue()); |
| 42 permissions->Append(Value::CreateStringValue("activeTab")); |
| 43 manifest.Set("permissions", permissions.release()); |
| 44 } |
| 45 |
| 46 std::string error; |
| 47 scoped_refptr<const Extension> extension = Extension::Create( |
| 48 FilePath(), |
| 49 Extension::INTERNAL, |
| 50 manifest, |
| 51 0, // no flags. |
| 52 name, |
| 53 &error); |
| 54 CHECK_EQ("", error); |
| 55 return extension; |
| 56 } |
| 57 |
| 58 class ActiveTabTest : public TabContentsTestHarness { |
| 59 public: |
| 60 ActiveTabTest() |
| 61 : extension(CreateTestExtension("extension", true)), |
| 62 another_extension(CreateTestExtension("another", true)), |
| 63 extension_without_active_tab( |
| 64 CreateTestExtension("without activeTab", false)), |
| 65 ui_thread_(BrowserThread::UI, MessageLoop::current()) {} |
| 66 |
| 67 protected: |
| 68 int tab_id() { |
| 69 return tab_contents()->extension_tab_helper()->tab_id(); |
| 70 } |
| 71 |
| 72 ActiveTabPermissionManager* active_tab_permission_manager() { |
| 73 return tab_contents()->extension_tab_helper()-> |
| 74 active_tab_permission_manager(); |
| 75 } |
| 76 |
| 77 bool IsAllowed(const scoped_refptr<const Extension>& extension, |
| 78 const GURL& url) { |
| 79 return IsAllowed(extension, url, tab_id()); |
| 80 } |
| 81 |
| 82 bool IsAllowed(const scoped_refptr<const Extension>& extension, |
| 83 const GURL& url, |
| 84 int tab_id) { |
| 85 return (extension->CanExecuteScriptOnPage(url, tab_id, NULL, NULL) && |
| 86 extension->CanCaptureVisiblePage(url, tab_id, NULL)); |
| 87 } |
| 88 |
| 89 bool IsBlocked(const scoped_refptr<const Extension>& extension, |
| 90 const GURL& url) { |
| 91 return IsBlocked(extension, url, tab_id()); |
| 92 } |
| 93 |
| 94 bool IsBlocked(const scoped_refptr<const Extension>& extension, |
| 95 const GURL& url, |
| 96 int tab_id) { |
| 97 return (!extension->CanExecuteScriptOnPage(url, tab_id, NULL, NULL) && |
| 98 !extension->CanCaptureVisiblePage(url, tab_id, NULL)); |
| 99 } |
| 100 |
| 101 // Fakes loading a new frame on the page using the WebContentsObserver |
| 102 // interface. |
| 103 // TODO(kalman): if somebody can tell me a way to do this from the |
| 104 // TabContentsTestHarness (or any other test harness) then pray tell. |
| 105 void AddFrame(const GURL& url) { |
| 106 active_tab_permission_manager()->DidCommitProvisionalLoadForFrame( |
| 107 0, // frame_id |
| 108 false, // is_main_frame |
| 109 url, |
| 110 content::PAGE_TRANSITION_AUTO_SUBFRAME, |
| 111 NULL); // render_view_host |
| 112 } |
| 113 |
| 114 // An extension with the activeTab permission. |
| 115 scoped_refptr<const Extension> extension; |
| 116 |
| 117 // Another extension with activeTab (for good measure). |
| 118 scoped_refptr<const Extension> another_extension; |
| 119 |
| 120 // An extension without the activeTab permission. |
| 121 scoped_refptr<const Extension> extension_without_active_tab; |
| 122 |
| 123 private: |
| 124 content::TestBrowserThread ui_thread_; |
| 125 }; |
| 126 |
| 127 TEST_F(ActiveTabTest, GrantToSinglePage) { |
| 128 GURL google("http://www.google.com"); |
| 129 NavigateAndCommit(google); |
| 130 |
| 131 // No access unless it's been granted. |
| 132 EXPECT_TRUE(IsBlocked(extension, google)); |
| 133 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 134 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 135 |
| 136 active_tab_permission_manager()->GrantIfRequested(extension); |
| 137 active_tab_permission_manager()->GrantIfRequested( |
| 138 extension_without_active_tab); |
| 139 |
| 140 // Granted to extension and extension_without_active_tab, but the latter |
| 141 // doesn't have the activeTab permission so not granted. |
| 142 EXPECT_TRUE(IsAllowed(extension, google)); |
| 143 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 144 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 145 |
| 146 // Other subdomains shouldn't be given access. |
| 147 GURL mail_google("http://mail.google.com"); |
| 148 EXPECT_TRUE(IsBlocked(extension, mail_google)); |
| 149 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 150 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 151 |
| 152 // Reloading the page should clear the active permissions. |
| 153 Reload(); |
| 154 |
| 155 EXPECT_TRUE(IsBlocked(extension, google)); |
| 156 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 157 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 158 |
| 159 // But they should still be able to be granted again. |
| 160 active_tab_permission_manager()->GrantIfRequested(extension); |
| 161 |
| 162 EXPECT_TRUE(IsAllowed(extension, google)); |
| 163 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 164 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 165 |
| 166 // And grant a few more times redundantly for good measure. |
| 167 active_tab_permission_manager()->GrantIfRequested(extension); |
| 168 active_tab_permission_manager()->GrantIfRequested(extension); |
| 169 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 170 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 171 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 172 active_tab_permission_manager()->GrantIfRequested(extension); |
| 173 active_tab_permission_manager()->GrantIfRequested(extension); |
| 174 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 175 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 176 |
| 177 EXPECT_TRUE(IsAllowed(extension, google)); |
| 178 EXPECT_TRUE(IsAllowed(another_extension, google)); |
| 179 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 180 |
| 181 // Navigating to a new URL should clear the active permissions. |
| 182 GURL chromium("http://www.chromium.org"); |
| 183 NavigateAndCommit(chromium); |
| 184 |
| 185 EXPECT_TRUE(IsBlocked(extension, google)); |
| 186 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 187 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 188 |
| 189 EXPECT_TRUE(IsBlocked(extension, chromium)); |
| 190 EXPECT_TRUE(IsBlocked(another_extension, chromium)); |
| 191 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); |
| 192 |
| 193 // Should be able to grant to multiple extensions at the same time (if they |
| 194 // have the activeTab permission, of course). |
| 195 active_tab_permission_manager()->GrantIfRequested(extension); |
| 196 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 197 active_tab_permission_manager()->GrantIfRequested( |
| 198 extension_without_active_tab); |
| 199 |
| 200 EXPECT_TRUE(IsBlocked(extension, google)); |
| 201 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 202 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 203 |
| 204 EXPECT_TRUE(IsAllowed(extension, chromium)); |
| 205 EXPECT_TRUE(IsAllowed(another_extension, chromium)); |
| 206 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); |
| 207 |
| 208 // Should be able to go back to URLs that were previously cleared. |
| 209 NavigateAndCommit(google); |
| 210 |
| 211 active_tab_permission_manager()->GrantIfRequested(extension); |
| 212 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 213 active_tab_permission_manager()->GrantIfRequested( |
| 214 extension_without_active_tab); |
| 215 |
| 216 EXPECT_TRUE(IsAllowed(extension, google)); |
| 217 EXPECT_TRUE(IsAllowed(another_extension, google)); |
| 218 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 219 |
| 220 EXPECT_TRUE(IsBlocked(extension, chromium)); |
| 221 EXPECT_TRUE(IsBlocked(another_extension, chromium)); |
| 222 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); |
| 223 }; |
| 224 |
| 225 TEST_F(ActiveTabTest, GrantToMultiplePages) { |
| 226 GURL google("http://www.google.com"); |
| 227 NavigateAndCommit(google); |
| 228 |
| 229 active_tab_permission_manager()->GrantIfRequested(extension); |
| 230 |
| 231 // Adding a frame after access was granted shouldn't give it access. |
| 232 GURL chromium("http://www.chromium.org"); |
| 233 AddFrame(chromium); |
| 234 |
| 235 EXPECT_TRUE(IsAllowed(extension, google)); |
| 236 EXPECT_TRUE(IsBlocked(extension, chromium)); |
| 237 |
| 238 // Granting access to another extension should give it access to both the |
| 239 // main and sub-frames, but still not to the first extension. |
| 240 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 241 |
| 242 EXPECT_TRUE(IsAllowed(extension, google)); |
| 243 EXPECT_TRUE(IsBlocked(extension, chromium)); |
| 244 EXPECT_TRUE(IsAllowed(another_extension, google)); |
| 245 EXPECT_TRUE(IsAllowed(another_extension, chromium)); |
| 246 |
| 247 // Granting access to the first extension should now give it access to the |
| 248 // frame. |
| 249 active_tab_permission_manager()->GrantIfRequested(extension); |
| 250 |
| 251 EXPECT_TRUE(IsAllowed(extension, google)); |
| 252 EXPECT_TRUE(IsAllowed(extension, chromium)); |
| 253 EXPECT_TRUE(IsAllowed(another_extension, google)); |
| 254 EXPECT_TRUE(IsAllowed(another_extension, chromium)); |
| 255 |
| 256 // Reloading should clear all access. |
| 257 Reload(); |
| 258 |
| 259 EXPECT_TRUE(IsBlocked(extension, google)); |
| 260 EXPECT_TRUE(IsBlocked(extension, chromium)); |
| 261 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 262 EXPECT_TRUE(IsBlocked(another_extension, chromium)); |
| 263 |
| 264 // And after granting, no access to the frames that were there. |
| 265 active_tab_permission_manager()->GrantIfRequested(extension); |
| 266 |
| 267 EXPECT_TRUE(IsAllowed(extension, google)); |
| 268 EXPECT_TRUE(IsBlocked(extension, chromium)); |
| 269 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 270 EXPECT_TRUE(IsBlocked(another_extension, chromium)); |
| 271 |
| 272 // Having lots of frames on the same page should behave as expected. |
| 273 GURL chromium_index("http://www.chromium.org/index.html"); |
| 274 GURL chromium_about("http://www.chromium.org/about.html"); |
| 275 GURL chromium_blank("http://www.chromium.org/blank.html"); |
| 276 GURL gmail("http://www.gmail.com"); |
| 277 GURL mail_google("http://mail.google.com"); |
| 278 GURL plus_google("http://plus.google.com"); |
| 279 GURL codereview_appspot("http://codereview.appspot.com"); |
| 280 GURL omahaproxy_appspot("http://omahaproxy.appspot.com"); |
| 281 |
| 282 AddFrame(chromium_index); |
| 283 AddFrame(chromium_about); |
| 284 AddFrame(gmail); |
| 285 AddFrame(mail_google); |
| 286 |
| 287 EXPECT_TRUE(IsBlocked(extension, chromium_index)); |
| 288 EXPECT_TRUE(IsBlocked(extension, chromium_about)); |
| 289 EXPECT_TRUE(IsBlocked(extension, chromium_blank)); |
| 290 EXPECT_TRUE(IsBlocked(extension, gmail)); |
| 291 EXPECT_TRUE(IsBlocked(extension, mail_google)); |
| 292 EXPECT_TRUE(IsBlocked(extension, plus_google)); |
| 293 EXPECT_TRUE(IsBlocked(extension, codereview_appspot)); |
| 294 EXPECT_TRUE(IsBlocked(extension, omahaproxy_appspot)); |
| 295 |
| 296 EXPECT_TRUE(IsBlocked(another_extension, chromium_index)); |
| 297 EXPECT_TRUE(IsBlocked(another_extension, chromium_about)); |
| 298 EXPECT_TRUE(IsBlocked(another_extension, chromium_blank)); |
| 299 EXPECT_TRUE(IsBlocked(another_extension, gmail)); |
| 300 EXPECT_TRUE(IsBlocked(another_extension, mail_google)); |
| 301 EXPECT_TRUE(IsBlocked(another_extension, plus_google)); |
| 302 EXPECT_TRUE(IsBlocked(another_extension, codereview_appspot)); |
| 303 EXPECT_TRUE(IsBlocked(another_extension, omahaproxy_appspot)); |
| 304 |
| 305 active_tab_permission_manager()->GrantIfRequested(extension); |
| 306 |
| 307 AddFrame(chromium_blank); |
| 308 AddFrame(plus_google); |
| 309 AddFrame(codereview_appspot); |
| 310 |
| 311 EXPECT_TRUE(IsAllowed(extension, chromium_index)); |
| 312 EXPECT_TRUE(IsAllowed(extension, chromium_about)); |
| 313 // Even though chromium_blank hasn't been given granted, this will work |
| 314 // because it's on the same origin as the other codereview URLs. |
| 315 // because k$b |
| 316 EXPECT_TRUE(IsAllowed(extension, chromium_blank)); |
| 317 EXPECT_TRUE(IsAllowed(extension, gmail)); |
| 318 EXPECT_TRUE(IsAllowed(extension, mail_google)); |
| 319 EXPECT_TRUE(IsBlocked(extension, plus_google)); |
| 320 EXPECT_TRUE(IsBlocked(extension, codereview_appspot)); |
| 321 EXPECT_TRUE(IsBlocked(extension, omahaproxy_appspot)); |
| 322 |
| 323 EXPECT_TRUE(IsBlocked(another_extension, chromium_index)); |
| 324 EXPECT_TRUE(IsBlocked(another_extension, chromium_about)); |
| 325 EXPECT_TRUE(IsBlocked(another_extension, chromium_blank)); |
| 326 EXPECT_TRUE(IsBlocked(another_extension, gmail)); |
| 327 EXPECT_TRUE(IsBlocked(another_extension, mail_google)); |
| 328 EXPECT_TRUE(IsBlocked(another_extension, plus_google)); |
| 329 EXPECT_TRUE(IsBlocked(another_extension, codereview_appspot)); |
| 330 EXPECT_TRUE(IsBlocked(another_extension, omahaproxy_appspot)); |
| 331 |
| 332 active_tab_permission_manager()->GrantIfRequested(another_extension); |
| 333 |
| 334 AddFrame(omahaproxy_appspot); |
| 335 |
| 336 EXPECT_TRUE(IsAllowed(extension, chromium_index)); |
| 337 EXPECT_TRUE(IsAllowed(extension, chromium_about)); |
| 338 EXPECT_TRUE(IsAllowed(extension, chromium_blank)); |
| 339 EXPECT_TRUE(IsAllowed(extension, gmail)); |
| 340 EXPECT_TRUE(IsAllowed(extension, mail_google)); |
| 341 EXPECT_TRUE(IsBlocked(extension, plus_google)); |
| 342 EXPECT_TRUE(IsBlocked(extension, codereview_appspot)); |
| 343 EXPECT_TRUE(IsBlocked(extension, omahaproxy_appspot)); |
| 344 |
| 345 EXPECT_TRUE(IsAllowed(another_extension, chromium_index)); |
| 346 EXPECT_TRUE(IsAllowed(another_extension, chromium_about)); |
| 347 EXPECT_TRUE(IsAllowed(another_extension, chromium_blank)); |
| 348 EXPECT_TRUE(IsAllowed(another_extension, gmail)); |
| 349 EXPECT_TRUE(IsAllowed(another_extension, mail_google)); |
| 350 EXPECT_TRUE(IsAllowed(another_extension, plus_google)); |
| 351 EXPECT_TRUE(IsAllowed(another_extension, codereview_appspot)); |
| 352 EXPECT_TRUE(IsBlocked(another_extension, omahaproxy_appspot)); |
| 353 |
| 354 active_tab_permission_manager()->GrantIfRequested(extension); |
| 355 |
| 356 EXPECT_TRUE(IsAllowed(extension, chromium_index)); |
| 357 EXPECT_TRUE(IsAllowed(extension, chromium_about)); |
| 358 EXPECT_TRUE(IsAllowed(extension, chromium_blank)); |
| 359 EXPECT_TRUE(IsAllowed(extension, gmail)); |
| 360 EXPECT_TRUE(IsAllowed(extension, mail_google)); |
| 361 EXPECT_TRUE(IsAllowed(extension, plus_google)); |
| 362 EXPECT_TRUE(IsAllowed(extension, codereview_appspot)); |
| 363 EXPECT_TRUE(IsAllowed(extension, omahaproxy_appspot)); |
| 364 |
| 365 EXPECT_TRUE(IsAllowed(another_extension, chromium_index)); |
| 366 EXPECT_TRUE(IsAllowed(another_extension, chromium_about)); |
| 367 EXPECT_TRUE(IsAllowed(another_extension, chromium_blank)); |
| 368 EXPECT_TRUE(IsAllowed(another_extension, gmail)); |
| 369 EXPECT_TRUE(IsAllowed(another_extension, mail_google)); |
| 370 EXPECT_TRUE(IsAllowed(another_extension, plus_google)); |
| 371 EXPECT_TRUE(IsAllowed(another_extension, codereview_appspot)); |
| 372 EXPECT_TRUE(IsBlocked(another_extension, omahaproxy_appspot)); |
| 373 } |
| 374 |
| 375 TEST_F(ActiveTabTest, Uninstalling) { |
| 376 // Some semi-arbitrary setup. |
| 377 GURL google("http://www.google.com"); |
| 378 NavigateAndCommit(google); |
| 379 |
| 380 GURL chromium("http://www.chromium.org"); |
| 381 AddFrame(chromium); |
| 382 |
| 383 active_tab_permission_manager()->GrantIfRequested(extension); |
| 384 |
| 385 GURL gmail("http://www.gmail.com"); |
| 386 AddFrame(gmail); |
| 387 |
| 388 EXPECT_TRUE(IsAllowed(extension, google)); |
| 389 EXPECT_TRUE(IsAllowed(extension, chromium)); |
| 390 EXPECT_TRUE(IsBlocked(extension, gmail)); |
| 391 |
| 392 // Uninstalling the extension should clear its tab permissions. |
| 393 UnloadedExtensionInfo details( |
| 394 extension, |
| 395 extension_misc::UNLOAD_REASON_DISABLE); |
| 396 content::NotificationService::current()->Notify( |
| 397 chrome::NOTIFICATION_EXTENSION_UNLOADED, |
| 398 content::Source<Profile>(tab_contents()->profile()), |
| 399 content::Details<UnloadedExtensionInfo>(&details)); |
| 400 |
| 401 EXPECT_TRUE(IsBlocked(extension, google)); |
| 402 EXPECT_TRUE(IsBlocked(extension, chromium)); |
| 403 EXPECT_TRUE(IsBlocked(extension, gmail)); |
| 404 |
| 405 // Granting the extension again should give them back. |
| 406 active_tab_permission_manager()->GrantIfRequested(extension); |
| 407 |
| 408 EXPECT_TRUE(IsAllowed(extension, google)); |
| 409 EXPECT_TRUE(IsAllowed(extension, chromium)); |
| 410 EXPECT_TRUE(IsAllowed(extension, gmail)); |
| 411 } |
| 412 |
| 413 TEST_F(ActiveTabTest, OnlyActiveTab) { |
| 414 GURL google("http://www.google.com"); |
| 415 NavigateAndCommit(google); |
| 416 |
| 417 active_tab_permission_manager()->GrantIfRequested(extension); |
| 418 |
| 419 EXPECT_TRUE(IsAllowed(extension, google, tab_id())); |
| 420 EXPECT_TRUE(IsBlocked(extension, google, tab_id() + 1)); |
| 421 } |
| 422 |
| 423 } // namespace |
| 424 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10443105:
Take 2 at implementing activeTab. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src