Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(431)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/web_contents/web_contents_impl_browsertest.cc

Issue 23978003: Delete unneeded pending entries in DidFailProvisionalLoad to prevent a spoof. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Only clear the pending entry, not the transient. Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/web_contents/web_contents_impl.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/web_contents/web_contents_impl_browsertest.cc
diff --git a/content/browser/web_contents/web_contents_impl_browsertest.cc b/content/browser/web_contents/web_contents_impl_browsertest.cc
index 05e3ebe0ab68bee9cb9c52c3aa077e37f05457b3..462dd6a86a5f308a1a7f65d91560160145764042 100644
--- a/content/browser/web_contents/web_contents_impl_browsertest.cc
+++ b/content/browser/web_contents/web_contents_impl_browsertest.cc
@@ -185,6 +185,33 @@ IN_PROC_BROWSER_TEST_F(WebContentsImplBrowserTest,
EXPECT_EQ(&shell()->web_contents()->GetController(),
load_observer.controller_);
}
+// Test that a renderer-initiated navigation to an invalid URL does not leave
+// around a pending entry that could be used in a URL spoof. We test this in
+// a browser test because our unit test framework incorrectly calls
+// DidStartProvisionalLoadForFrame for in-page navigations.
+// See http://crbug.com/280512.
+IN_PROC_BROWSER_TEST_F(WebContentsImplBrowserTest,
+ ClearNonVisiblePendingOnFail) {
+ ASSERT_TRUE(embedded_test_server()->InitializeAndWaitUntilReady());
+
+ NavigateToURL(shell(), embedded_test_server()->GetURL("/title1.html"));
+
+ // Navigate to an invalid URL and make sure it doesn't leave a pending entry.
+ LoadStopNotificationObserver load_observer1(
+ &shell()->web_contents()->GetController());
+ ASSERT_TRUE(ExecuteScript(shell()->web_contents(),
+ "window.location.href=\"nonexistent:12121\";"));
+ load_observer1.Wait();
+ EXPECT_FALSE(shell()->web_contents()->GetController().GetPendingEntry());
+
+ LoadStopNotificationObserver load_observer2(
+ &shell()->web_contents()->GetController());
+ ASSERT_TRUE(ExecuteScript(shell()->web_contents(),
+ "window.location.href=\"#foo\";"));
+ load_observer2.Wait();
+ EXPECT_EQ(embedded_test_server()->GetURL("/title1.html#foo"),
+ shell()->web_contents()->GetVisibleURL());
+}
// Test that the browser receives the proper frame attach/detach messages from
// the renderer and builds proper frame tree.
« no previous file with comments | « content/browser/web_contents/web_contents_impl.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698