Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(231)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/renderer_host/render_view_host_manager_browsertest.cc

Issue 13846007: Allow showing pending URL for new tab navigations, but only if safe. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/renderer_host/render_view_host_impl.cc ('k') | content/browser/web_contents/navigation_controller_impl.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/renderer_host/render_view_host_manager_browsertest.cc
diff --git a/content/browser/renderer_host/render_view_host_manager_browsertest.cc b/content/browser/renderer_host/render_view_host_manager_browsertest.cc
index 085fb1b1988625b20bedfa6d1737ab568566041e..e2a8dde47c8c4464ffe779a77bab56793c5d9965 100644
--- a/content/browser/renderer_host/render_view_host_manager_browsertest.cc
+++ b/content/browser/renderer_host/render_view_host_manager_browsertest.cc
@@ -893,6 +893,92 @@ IN_PROC_BROWSER_TEST_F(RenderViewHostManagerTest, ClickLinkAfter204Error) {
EXPECT_EQ(orig_site_instance, noref_site_instance);
}
+// Test for crbug.com/9682. We should show the URL for a pending renderer-
+// initiated navigation in a new tab, until the content of the initial
+// about:blank page is modified by another window. At that point, we should
+// revert to showing about:blank to prevent a URL spoof.
+IN_PROC_BROWSER_TEST_F(RenderViewHostManagerTest, ShowLoadingURLUntilSpoof) {
+ ASSERT_TRUE(test_server()->Start());
+
+ // Load a page that can open a URL that won't commit in a new window.
+ NavigateToURL(
+ shell(), test_server()->GetURL("files/click-nocontent-link.html"));
+ WebContents* orig_contents = shell()->web_contents();
+
+ // Click a /nocontent link that opens in a new window but never commits.
+ ShellAddedObserver new_shell_observer;
+ bool success = false;
+ EXPECT_TRUE(ExecuteScriptAndExtractBool(
+ orig_contents,
+ "window.domAutomationController.send(clickNoContentTargetedLink());",
+ &success));
+ EXPECT_TRUE(success);
+
+ // Wait for the window to open.
+ Shell* new_shell = new_shell_observer.GetShell();
+
+ // Ensure the destination URL is visible, because it is considered the
+ // initial navigation.
+ WebContents* contents = new_shell->web_contents();
+ EXPECT_TRUE(contents->GetController().IsInitialNavigation());
+ EXPECT_EQ("/nocontent",
+ contents->GetController().GetVisibleEntry()->GetURL().path());
+
+ // Now modify the contents of the new window from the opener. This will also
+ // modify the title of the document to give us something to listen for.
+ WindowedNotificationObserver title_observer(
+ NOTIFICATION_WEB_CONTENTS_TITLE_UPDATED,
+ Source<WebContents>(contents));
+ success = false;
+ EXPECT_TRUE(ExecuteScriptAndExtractBool(
+ orig_contents,
+ "window.domAutomationController.send(modifyNewWindow());",
+ &success));
+ EXPECT_TRUE(success);
+ title_observer.Wait();
+ EXPECT_EQ(ASCIIToUTF16("Modified Title"), contents->GetTitle());
+
+ // At this point, we should no longer be showing the destination URL.
+ // The visible entry should be null, resulting in about:blank in the address
+ // bar.
+ EXPECT_FALSE(contents->GetController().GetVisibleEntry());
+}
+
+// Test for crbug.com/9682. We should not show the URL for a pending renderer-
+// initiated navigation in a new tab if it is not the initial navigation. In
+// this case, the renderer will not notify us of a modification, so we cannot
+// show the pending URL without allowing a spoof.
+IN_PROC_BROWSER_TEST_F(RenderViewHostManagerTest,
+ DontShowLoadingURLIfNotInitialNav) {
+ ASSERT_TRUE(test_server()->Start());
+
+ // Load a page that can open a URL that won't commit in a new window.
+ NavigateToURL(
+ shell(), test_server()->GetURL("files/click-nocontent-link.html"));
+ WebContents* orig_contents = shell()->web_contents();
+
+ // Click a /nocontent link that opens in a new window but never commits.
+ // By using an onclick handler that first creates the window, the slow
+ // navigation is not considered an initial navigation.
+ ShellAddedObserver new_shell_observer;
+ bool success = false;
+ EXPECT_TRUE(ExecuteScriptAndExtractBool(
+ orig_contents,
+ "window.domAutomationController.send("
+ "clickNoContentScriptedTargetedLink());",
+ &success));
+ EXPECT_TRUE(success);
+
+ // Wait for the window to open.
+ Shell* new_shell = new_shell_observer.GetShell();
+
+ // Ensure the destination URL is not visible, because it is not the initial
+ // navigation.
+ WebContents* contents = new_shell->web_contents();
+ EXPECT_FALSE(contents->GetController().IsInitialNavigation());
+ EXPECT_FALSE(contents->GetController().GetVisibleEntry());
+}
+
// Test for http://crbug.com/93427. Ensure that cross-site navigations
// do not cause back/forward navigations to be considered stale by the
// renderer.
« no previous file with comments | « content/browser/renderer_host/render_view_host_impl.cc ('k') | content/browser/web_contents/navigation_controller_impl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698