| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/utf_string_conversions.h" | |
| 6 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
| 7 #include "content/browser/renderer_host/test_render_view_host.h" | 6 #include "content/browser/renderer_host/test_render_view_host.h" |
| 8 #include "content/browser/web_contents/navigation_controller_impl.h" | 7 #include "content/browser/web_contents/navigation_controller_impl.h" |
| 9 #include "content/browser/web_contents/test_web_contents.h" | 8 #include "content/browser/web_contents/test_web_contents.h" |
| 10 #include "content/common/view_messages.h" | 9 #include "content/common/view_messages.h" |
| 11 #include "content/port/browser/render_view_host_delegate_view.h" | 10 #include "content/port/browser/render_view_host_delegate_view.h" |
| 12 #include "content/public/browser/navigation_entry.h" | 11 #include "content/public/browser/navigation_entry.h" |
| 13 #include "content/public/common/bindings_policy.h" | 12 #include "content/public/common/bindings_policy.h" |
| 14 #include "content/public/common/page_transition_types.h" | 13 #include "content/public/common/page_transition_types.h" |
| 15 #include "content/test/mock_render_process_host.h" | 14 #include "content/test/mock_render_process_host.h" |
| (...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 148 drop_data.html_base_url = http_url; | 147 drop_data.html_base_url = http_url; |
| 149 test_rvh()->TestOnMsgStartDragging(drop_data); | 148 test_rvh()->TestOnMsgStartDragging(drop_data); |
| 150 EXPECT_EQ(javascript_url, delegate_view.drag_url()); | 149 EXPECT_EQ(javascript_url, delegate_view.drag_url()); |
| 151 EXPECT_EQ(http_url, delegate_view.html_base_url()); | 150 EXPECT_EQ(http_url, delegate_view.html_base_url()); |
| 152 } | 151 } |
| 153 | 152 |
| 154 TEST_F(RenderViewHostTest, DragEnteredFileURLsStillBlocked) { | 153 TEST_F(RenderViewHostTest, DragEnteredFileURLsStillBlocked) { |
| 155 WebDropData dropped_data; | 154 WebDropData dropped_data; |
| 156 gfx::Point client_point; | 155 gfx::Point client_point; |
| 157 gfx::Point screen_point; | 156 gfx::Point screen_point; |
| 158 FilePath highlighted_file_path(FILE_PATH_LITERAL("/etc/passwd")); | 157 GURL file_url = GURL("file:///etc/passwd"); |
| 159 FilePath selected_file_path(FILE_PATH_LITERAL("/tmp/image.jpg")); | 158 dropped_data.url = file_url; |
| 160 GURL highlighted_file_url = net::FilePathToFileURL(highlighted_file_path); | |
| 161 GURL selected_file_url = net::FilePathToFileURL(selected_file_path); | |
| 162 dropped_data.url = highlighted_file_url; | |
| 163 dropped_data.filenames.push_back(WebDropData::FileInfo( | |
| 164 UTF8ToUTF16(selected_file_path.AsUTF8Unsafe()), string16())); | |
| 165 | |
| 166 rvh()->DragTargetDragEnter(dropped_data, client_point, screen_point, | 159 rvh()->DragTargetDragEnter(dropped_data, client_point, screen_point, |
| 167 WebKit::WebDragOperationNone, 0); | 160 WebKit::WebDragOperationNone, 0); |
| 168 | 161 EXPECT_FALSE(ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL( |
| 169 int id = process()->GetID(); | 162 process()->GetID(), file_url)); |
| 170 ChildProcessSecurityPolicyImpl* policy = | |
| 171 ChildProcessSecurityPolicyImpl::GetInstance(); | |
| 172 | |
| 173 EXPECT_FALSE(policy->CanRequestURL(id, highlighted_file_url)); | |
| 174 EXPECT_FALSE(policy->CanReadFile(id, highlighted_file_path)); | |
| 175 EXPECT_FALSE(policy->CanRequestURL(id, selected_file_url)); | |
| 176 EXPECT_TRUE(policy->CanReadFile(id, selected_file_path)); | |
| 177 } | 163 } |
| 178 | 164 |
| 179 // The test that follow trigger DCHECKS in debug build. | 165 // The test that follow trigger DCHECKS in debug build. |
| 180 #if defined(NDEBUG) && !defined(DCHECK_ALWAYS_ON) | 166 #if defined(NDEBUG) && !defined(DCHECK_ALWAYS_ON) |
| 181 | 167 |
| 182 // Test that when we fail to de-serialize a message, RenderViewHost calls the | 168 // Test that when we fail to de-serialize a message, RenderViewHost calls the |
| 183 // ReceivedBadMessage() handler. | 169 // ReceivedBadMessage() handler. |
| 184 TEST_F(RenderViewHostTest, BadMessageHandlerRenderViewHost) { | 170 TEST_F(RenderViewHostTest, BadMessageHandlerRenderViewHost) { |
| 185 EXPECT_EQ(0, process()->bad_msg_count()); | 171 EXPECT_EQ(0, process()->bad_msg_count()); |
| 186 // craft an incorrect ViewHostMsg_UpdateTargetURL message. The real one has | 172 // craft an incorrect ViewHostMsg_UpdateTargetURL message. The real one has |
| (...skipping 23 matching lines...) Expand all Loading... |
| 210 // the code actually expects it to have at least one int para, this this | 196 // the code actually expects it to have at least one int para, this this |
| 211 // bogus message will not fail at de-serialization but should fail in | 197 // bogus message will not fail at de-serialization but should fail in |
| 212 // OnMsgInputEventAck() processing. | 198 // OnMsgInputEventAck() processing. |
| 213 IPC::Message message(0, ViewHostMsg_HandleInputEvent_ACK::ID, | 199 IPC::Message message(0, ViewHostMsg_HandleInputEvent_ACK::ID, |
| 214 IPC::Message::PRIORITY_NORMAL); | 200 IPC::Message::PRIORITY_NORMAL); |
| 215 test_rvh()->OnMessageReceived(message); | 201 test_rvh()->OnMessageReceived(message); |
| 216 EXPECT_EQ(1, process()->bad_msg_count()); | 202 EXPECT_EQ(1, process()->bad_msg_count()); |
| 217 } | 203 } |
| 218 | 204 |
| 219 #endif | 205 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10476003:
Revert 137184 - DragEnter grants both read and navigate permissions to files. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/