Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1572)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/api/web_request/web_request_permissions_unittest.cc

Issue 10825102: Protect Chrome WebStore based on process IDs (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fixed unit test Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/extensions/api/web_request/web_request_permissions.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/api/web_request/web_request_permissions_unittest.cc
diff --git a/chrome/browser/extensions/api/web_request/web_request_permissions_unittest.cc b/chrome/browser/extensions/api/web_request/web_request_permissions_unittest.cc
index 7a83e58eb030c2e8a19f61b1b37826c2d543bb99..b96c6f6a7efb8961bf952e1bbbb3e19361e17209 100644
--- a/chrome/browser/extensions/api/web_request/web_request_permissions_unittest.cc
+++ b/chrome/browser/extensions/api/web_request/web_request_permissions_unittest.cc
@@ -5,25 +5,26 @@
#include "chrome/browser/extensions/api/web_request/web_request_permissions.h"
#include "base/message_loop.h"
+#include "chrome/browser/extensions/extension_info_map.h"
+#include "chrome/common/extensions/extension_constants.h"
#include "chrome/test/base/testing_profile.h"
+#include "content/public/browser/resource_request_info.h"
#include "net/url_request/url_request_test_util.h"
#include "testing/gtest/include/gtest/gtest.h"
+using content::ResourceRequestInfo;
+
TEST(ExtensionWebRequestHelpersTest, TestHideRequestForURL) {
MessageLoopForIO message_loop;
TestURLRequestContext context;
+ scoped_refptr<ExtensionInfoMap> extension_info_map(new ExtensionInfoMap);
const char* sensitive_urls[] = {
- "http://www.google.com/chrome",
- "https://www.google.com/chrome",
- "http://www.google.com/chrome/foobar",
- "https://www.google.com/chrome/foobar",
- "http://chrome.google.com",
- "https://chrome.google.com",
- "http://client2.google.com",
- "https://client2.google.com",
- // No http version of webstore.
- "https://chrome.google.com/webstore",
+ "http://clients2.google.com",
+ "http://clients22.google.com",
+ "https://clients2.google.com",
"http://clients2.google.com/service/update2/crx",
+ "https://clients.google.com",
+ "https://test.clients.google.com",
"https://clients2.google.com/service/update2/crx",
"http://www.gstatic.com/chrome/extensions/blacklist",
"https://www.gstatic.com/chrome/extensions/blacklist",
@@ -36,24 +37,35 @@ TEST(ExtensionWebRequestHelpersTest, TestHideRequestForURL) {
for (size_t i = 0; i < arraysize(sensitive_urls); ++i) {
GURL sensitive_url(sensitive_urls[i]);
TestURLRequest request(sensitive_url, NULL, &context);
- EXPECT_TRUE(WebRequestPermissions::HideRequest(&request))
+ EXPECT_TRUE(
+ WebRequestPermissions::HideRequest(extension_info_map.get(), &request))
<< sensitive_urls[i];
}
// Check that requests are accepted if they don't touch sensitive urls.
for (size_t i = 0; i < arraysize(non_sensitive_urls); ++i) {
GURL non_sensitive_url(non_sensitive_urls[i]);
TestURLRequest request(non_sensitive_url, NULL, &context);
- EXPECT_FALSE(WebRequestPermissions::HideRequest(&request))
+ EXPECT_FALSE(
+ WebRequestPermissions::HideRequest(extension_info_map.get(), &request))
<< non_sensitive_urls[i];
}
- // Check that requests are rejected if their first party url is sensitive.
- ASSERT_GE(arraysize(non_sensitive_urls), 1u);
- GURL non_sensitive_url(non_sensitive_urls[0]);
- for (size_t i = 0; i < arraysize(sensitive_urls); ++i) {
- TestURLRequest request(non_sensitive_url, NULL, &context);
- GURL sensitive_url(sensitive_urls[i]);
- request.set_first_party_for_cookies(sensitive_url);
- EXPECT_TRUE(WebRequestPermissions::HideRequest(&request))
- << sensitive_urls[i];
- }
+
+ // Check protection of requests originating from the frame showing the Chrome
+ // WebStore.
+ // Normally this request is not protected:
+ GURL non_sensitive_url("http://www.google.com/test.js");
+ TestURLRequest non_sensitive_request(non_sensitive_url, NULL, &context);
+ EXPECT_FALSE(WebRequestPermissions::HideRequest(extension_info_map.get(),
+ &non_sensitive_request));
+ // If the origin is labeled by the WebStoreAppId, it becomes protected.
+ int process_id = 42;
+ int site_instance_id = 23;
+ int frame_id = 17;
+ TestURLRequest sensitive_request(non_sensitive_url, NULL, &context);
+ ResourceRequestInfo::AllocateForTesting(&sensitive_request,
+ ResourceType::SCRIPT, NULL, process_id, frame_id);
+ extension_info_map->RegisterExtensionProcess(extension_misc::kWebStoreAppId,
+ process_id, site_instance_id);
+ EXPECT_TRUE(WebRequestPermissions::HideRequest(extension_info_map.get(),
+ &sensitive_request));
}
« no previous file with comments | « chrome/browser/extensions/api/web_request/web_request_permissions.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698