Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1026)

Side by Side Diff: chrome/common/extensions/csp_validator_unittest.cc

Issue 10458063: Add sanbdoxed_pages to allow extension/app pages to be served in a sandboxed, unique origin (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: CheckCurrentContextAccessToExtensionAPI Created 8 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/extensions/csp_validator.h" 5 #include "chrome/common/extensions/csp_validator.h"
6 #include "testing/gtest/include/gtest/gtest.h" 6 #include "testing/gtest/include/gtest/gtest.h"
7 7
8 using extensions::csp_validator::ContentSecurityPolicyIsLegal; 8 using extensions::csp_validator::ContentSecurityPolicyIsLegal;
9 using extensions::csp_validator::ContentSecurityPolicyIsSecure; 9 using extensions::csp_validator::ContentSecurityPolicyIsSecure;
10 using extensions::csp_validator::ContentSecurityPolicyIsSandboxed;
11 using extensions::Extension;
10 12
11 TEST(ExtensionCSPValidator, IsLegal) { 13 TEST(ExtensionCSPValidator, IsLegal) {
12 EXPECT_TRUE(ContentSecurityPolicyIsLegal("foo")); 14 EXPECT_TRUE(ContentSecurityPolicyIsLegal("foo"));
13 EXPECT_TRUE(ContentSecurityPolicyIsLegal( 15 EXPECT_TRUE(ContentSecurityPolicyIsLegal(
14 "default-src 'self'; script-src http://www.google.com")); 16 "default-src 'self'; script-src http://www.google.com"));
15 EXPECT_FALSE(ContentSecurityPolicyIsLegal( 17 EXPECT_FALSE(ContentSecurityPolicyIsLegal(
16 "default-src 'self';\nscript-src http://www.google.com")); 18 "default-src 'self';\nscript-src http://www.google.com"));
17 EXPECT_FALSE(ContentSecurityPolicyIsLegal( 19 EXPECT_FALSE(ContentSecurityPolicyIsLegal(
18 "default-src 'self';\rscript-src http://www.google.com")); 20 "default-src 'self';\rscript-src http://www.google.com"));
19 } 21 }
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
68 "default-src 'self' http:")); 70 "default-src 'self' http:"));
69 EXPECT_FALSE(ContentSecurityPolicyIsSecure( 71 EXPECT_FALSE(ContentSecurityPolicyIsSecure(
70 "default-src 'self' https://*")); 72 "default-src 'self' https://*"));
71 EXPECT_FALSE(ContentSecurityPolicyIsSecure( 73 EXPECT_FALSE(ContentSecurityPolicyIsSecure(
72 "default-src 'self' *")); 74 "default-src 'self' *"));
73 EXPECT_FALSE(ContentSecurityPolicyIsSecure( 75 EXPECT_FALSE(ContentSecurityPolicyIsSecure(
74 "default-src 'self' google.com")); 76 "default-src 'self' google.com"));
75 EXPECT_TRUE(ContentSecurityPolicyIsSecure( 77 EXPECT_TRUE(ContentSecurityPolicyIsSecure(
76 "default-src 'self' https://*.google.com")); 78 "default-src 'self' https://*.google.com"));
77 } 79 }
80
81 TEST(ExtensionCSPValidator, IsSandboxed) {
82 EXPECT_FALSE(ContentSecurityPolicyIsSandboxed("", Extension::TYPE_EXTENSION));
83 EXPECT_FALSE(ContentSecurityPolicyIsSandboxed(
84 "img-src https://google.com", Extension::TYPE_EXTENSION));
85
86 // Sandbox directive is required.
87 EXPECT_TRUE(ContentSecurityPolicyIsSandboxed(
88 "sandbox", Extension::TYPE_EXTENSION));
89
90 // Additional sandbox tokens are OK.
91 EXPECT_TRUE(ContentSecurityPolicyIsSandboxed(
92 "sandbox allow-scripts", Extension::TYPE_EXTENSION));
93 // Except for allow-same-origin.
94 EXPECT_FALSE(ContentSecurityPolicyIsSandboxed(
95 "sandbox allow-same-origin", Extension::TYPE_EXTENSION));
96
97 // Additional directives are OK.
98 EXPECT_TRUE(ContentSecurityPolicyIsSandboxed(
99 "sandbox; img-src https://google.com", Extension::TYPE_EXTENSION));
100
101 // Extensions allow navigation and popups, platform apps don't.
102 EXPECT_TRUE(ContentSecurityPolicyIsSandboxed(
103 "sandbox allow-top-navigation", Extension::TYPE_EXTENSION));
104 EXPECT_FALSE(ContentSecurityPolicyIsSandboxed(
105 "sandbox allow-top-navigation", Extension::TYPE_PLATFORM_APP));
106 EXPECT_TRUE(ContentSecurityPolicyIsSandboxed(
107 "sandbox allow-popups", Extension::TYPE_EXTENSION));
108 EXPECT_FALSE(ContentSecurityPolicyIsSandboxed(
109 "sandbox allow-popups", Extension::TYPE_PLATFORM_APP));
110 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698