Blame - content/browser/child_process_security_policy_unittest.cc - chromium/src.git

blob: 53799b73c7e99b1b48ba70b9821016261c8c9cc7 [file] [log] [blame]

[email protected]	cbe04ef	2011-01-11 00:13:24	[diff] [blame]	1	// Copyright (c) 2011 The Chromium Authors. All rights reserved.
license.bot	bf09a50	2008-08-24 00:55:55	[diff] [blame]	2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	4
				5	#include <string>
				6
				7	#include "base/basictypes.h"
[email protected]	561abe6	2009-04-06 18:08:34	[diff] [blame]	8	#include "base/file_path.h"
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	9	#include "base/platform_file.h"
[email protected]	f255c7fc	2009-02-26 18:50:55	[diff] [blame]	10	#include "chrome/common/url_constants.h"
[email protected]	df8e899b	2011-02-22 22:58:22	[diff] [blame]	11	#include "content/browser/child_process_security_policy.h"
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	12	#include "net/url_request/url_request.h"
				13	#include "net/url_request/url_request_test_job.h"
				14	#include "testing/gtest/include/gtest/gtest.h"
				15
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	16	class ChildProcessSecurityPolicyTest : public testing::Test {
[email protected]	ee5e379	2009-10-13 23:23:47	[diff] [blame]	17	protected:
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	18	// testing::Test
				19	virtual void SetUp() {
[email protected]	60e44898	2009-05-06 04:21:16	[diff] [blame]	20	// In the real world, "chrome:" is a handled scheme.
[email protected]	6981d963	2010-11-30 21:34:02	[diff] [blame]	21	net::URLRequest::RegisterProtocolFactory(chrome::kChromeUIScheme,
[email protected]	cbe04ef	2011-01-11 00:13:24	[diff] [blame]	22	&net::URLRequestTestJob::Factory);
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	23	}
				24	virtual void TearDown() {
[email protected]	6981d963	2010-11-30 21:34:02	[diff] [blame]	25	net::URLRequest::RegisterProtocolFactory(chrome::kChromeUIScheme, NULL);
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	26	}
				27	};
				28
				29	static int kRendererID = 42;
				30
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	31	TEST_F(ChildProcessSecurityPolicyTest, IsWebSafeSchemeTest) {
				32	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	33
[email protected]	e0d48158	2009-09-15 21:06:25	[diff] [blame]	34	EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpScheme));
				35	EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpsScheme));
				36	EXPECT_TRUE(p->IsWebSafeScheme(chrome::kFtpScheme));
				37	EXPECT_TRUE(p->IsWebSafeScheme(chrome::kDataScheme));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	38	EXPECT_TRUE(p->IsWebSafeScheme("feed"));
[email protected]	e0d48158	2009-09-15 21:06:25	[diff] [blame]	39	EXPECT_TRUE(p->IsWebSafeScheme(chrome::kExtensionScheme));
[email protected]	039c7b0b2	2011-03-04 23:15:42	[diff] [blame]	40	EXPECT_TRUE(p->IsWebSafeScheme(chrome::kBlobScheme));
				41	EXPECT_TRUE(p->IsWebSafeScheme(chrome::kFileSystemScheme));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	42
				43	EXPECT_FALSE(p->IsWebSafeScheme("registered-web-safe-scheme"));
				44	p->RegisterWebSafeScheme("registered-web-safe-scheme");
				45	EXPECT_TRUE(p->IsWebSafeScheme("registered-web-safe-scheme"));
				46	}
				47
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	48	TEST_F(ChildProcessSecurityPolicyTest, IsPseudoSchemeTest) {
				49	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	50
[email protected]	e0d48158	2009-09-15 21:06:25	[diff] [blame]	51	EXPECT_TRUE(p->IsPseudoScheme(chrome::kAboutScheme));
				52	EXPECT_TRUE(p->IsPseudoScheme(chrome::kJavaScriptScheme));
				53	EXPECT_TRUE(p->IsPseudoScheme(chrome::kViewSourceScheme));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	54
[email protected]	419a057	2011-04-18 22:21:46	[diff] [blame^]	55	EXPECT_FALSE(p->IsPseudoScheme("registered-pseudo-scheme"));
				56	p->RegisterPseudoScheme("registered-pseudo-scheme");
				57	EXPECT_TRUE(p->IsPseudoScheme("registered-pseudo-scheme"));
				58	}
				59
				60	TEST_F(ChildProcessSecurityPolicyTest, IsDisabledSchemeTest) {
				61	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
				62
				63	EXPECT_FALSE(p->IsDisabledScheme("evil-scheme"));
				64	std::set<std::string> disabled_set;
				65	disabled_set.insert("evil-scheme");
				66	p->RegisterDisabledSchemes(disabled_set);
				67	EXPECT_TRUE(p->IsDisabledScheme("evil-scheme"));
				68	EXPECT_FALSE(p->IsDisabledScheme("good-scheme"));
				69
				70	disabled_set.clear();
				71	p->RegisterDisabledSchemes(disabled_set);
				72	EXPECT_FALSE(p->IsDisabledScheme("evil-scheme"));
				73	EXPECT_FALSE(p->IsDisabledScheme("good-scheme"));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	74	}
				75
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	76	TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) {
				77	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	78
				79	p->Add(kRendererID);
				80
				81	// Safe
				82	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/")));
				83	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/")));
				84	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/")));
				85	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>")));
				86	EXPECT_TRUE(p->CanRequestURL(kRendererID,
				87	GURL("view-source:http://www.google.com/")));
[email protected]	27eef9c	2009-02-14 04:09:51	[diff] [blame]	88	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("chrome-extension://xy/z")));
[email protected]	039c7b0b2	2011-03-04 23:15:42	[diff] [blame]	89	EXPECT_TRUE(p->CanRequestURL(
				90	kRendererID, GURL("filesystem:http://localhost/temporary/a.gif")));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	91
				92	// Dangerous
				93	EXPECT_FALSE(p->CanRequestURL(kRendererID,
				94	GURL("file:///etc/passwd")));
				95	EXPECT_FALSE(p->CanRequestURL(kRendererID,
[email protected]	60e44898	2009-05-06 04:21:16	[diff] [blame]	96	GURL("chrome://foo/bar")));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	97
				98	p->Remove(kRendererID);
				99	}
				100
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	101	TEST_F(ChildProcessSecurityPolicyTest, AboutTest) {
				102	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	103
				104	p->Add(kRendererID);
				105
				106	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank")));
				107	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:BlAnK")));
				108	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:BlAnK")));
				109	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("aBouT:blank")));
				110
[email protected]	ed3456f	2009-02-26 20:24:48	[diff] [blame]	111	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:memory")));
				112	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash")));
				113	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache")));
				114	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang")));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	115
				116	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:memory")));
				117	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh")));
				118	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe")));
				119
[email protected]	e0d48158	2009-09-15 21:06:25	[diff] [blame]	120	p->GrantRequestURL(kRendererID, GURL(chrome::kAboutMemoryURL));
				121	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kAboutMemoryURL)));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	122
[email protected]	e0d48158	2009-09-15 21:06:25	[diff] [blame]	123	p->GrantRequestURL(kRendererID, GURL(chrome::kAboutCrashURL));
				124	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kAboutCrashURL)));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	125
[email protected]	e0d48158	2009-09-15 21:06:25	[diff] [blame]	126	p->GrantRequestURL(kRendererID, GURL(chrome::kAboutCacheURL));
				127	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kAboutCacheURL)));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	128
[email protected]	e0d48158	2009-09-15 21:06:25	[diff] [blame]	129	p->GrantRequestURL(kRendererID, GURL(chrome::kAboutHangURL));
				130	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kAboutHangURL)));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	131
				132	p->Remove(kRendererID);
				133	}
				134
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	135	TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) {
				136	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	137
				138	p->Add(kRendererID);
				139
				140	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')")));
				141	p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')"));
				142	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')")));
				143
				144	p->Remove(kRendererID);
				145	}
				146
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	147	TEST_F(ChildProcessSecurityPolicyTest, RegisterWebSafeSchemeTest) {
				148	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	149
				150	p->Add(kRendererID);
				151
				152	// Currently, "asdf" is destined for ShellExecute, so it is allowed.
				153	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers")));
				154
				155	// Once we register a ProtocolFactory for "asdf", we default to deny.
[email protected]	cbe04ef	2011-01-11 00:13:24	[diff] [blame]	156	net::URLRequest::RegisterProtocolFactory("asdf",
				157	&net::URLRequestTestJob::Factory);
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	158	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("asdf:rockers")));
				159
				160	// We can allow new schemes by adding them to the whitelist.
				161	p->RegisterWebSafeScheme("asdf");
				162	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers")));
				163
				164	// Cleanup.
[email protected]	6981d963	2010-11-30 21:34:02	[diff] [blame]	165	net::URLRequest::RegisterProtocolFactory("asdf", NULL);
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	166	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("asdf:rockers")));
				167
				168	p->Remove(kRendererID);
				169	}
				170
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	171	TEST_F(ChildProcessSecurityPolicyTest, CanServiceCommandsTest) {
				172	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	173
				174	p->Add(kRendererID);
				175
				176	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
				177	p->GrantRequestURL(kRendererID, GURL("file:///etc/passwd"));
				178	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
				179
[email protected]	419a057	2011-04-18 22:21:46	[diff] [blame^]	180	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("evil-scheme:/path")));
				181	std::set<std::string> disabled_set;
				182	disabled_set.insert("evil-scheme");
				183	p->RegisterDisabledSchemes(disabled_set);
				184	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com")));
				185	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("evil-scheme:/path")));
				186	disabled_set.clear();
				187	p->RegisterDisabledSchemes(disabled_set);
				188	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com")));
				189	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("evil-scheme:/path")));
				190
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	191	// We should forget our state if we repeat a renderer id.
				192	p->Remove(kRendererID);
				193	p->Add(kRendererID);
				194	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
				195	p->Remove(kRendererID);
				196	}
				197
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	198	TEST_F(ChildProcessSecurityPolicyTest, ViewSource) {
				199	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	200
				201	p->Add(kRendererID);
				202
				203	// View source is determined by the embedded scheme.
				204	EXPECT_TRUE(p->CanRequestURL(kRendererID,
				205	GURL("view-source:http://www.google.com/")));
				206	EXPECT_FALSE(p->CanRequestURL(kRendererID,
				207	GURL("view-source:file:///etc/passwd")));
				208	EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
[email protected]	690d0a917	2010-01-06 00:19:36	[diff] [blame]	209	EXPECT_FALSE(p->CanRequestURL(
				210	kRendererID, GURL("view-source:view-source:http://www.google.com/")));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	211
				212	p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"));
				213	// View source needs to be able to request the embedded scheme.
				214	EXPECT_TRUE(p->CanRequestURL(kRendererID,
				215	GURL("view-source:file:///etc/passwd")));
				216	EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
				217
				218	p->Remove(kRendererID);
				219	}
				220
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	221	TEST_F(ChildProcessSecurityPolicyTest, CanReadFiles) {
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	222	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	223
				224	p->Add(kRendererID);
				225
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	226	EXPECT_FALSE(p->CanReadFile(kRendererID,
[email protected]	561abe6	2009-04-06 18:08:34	[diff] [blame]	227	FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	228	p->GrantReadFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/passwd")));
				229	EXPECT_TRUE(p->CanReadFile(kRendererID,
[email protected]	561abe6	2009-04-06 18:08:34	[diff] [blame]	230	FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	231	EXPECT_FALSE(p->CanReadFile(kRendererID,
[email protected]	561abe6	2009-04-06 18:08:34	[diff] [blame]	232	FilePath(FILE_PATH_LITERAL("/etc/shadow"))));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	233
				234	p->Remove(kRendererID);
				235	p->Add(kRendererID);
				236
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	237	EXPECT_FALSE(p->CanReadFile(kRendererID,
[email protected]	561abe6	2009-04-06 18:08:34	[diff] [blame]	238	FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	239	EXPECT_FALSE(p->CanReadFile(kRendererID,
[email protected]	561abe6	2009-04-06 18:08:34	[diff] [blame]	240	FilePath(FILE_PATH_LITERAL("/etc/shadow"))));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	241
				242	p->Remove(kRendererID);
				243	}
				244
[email protected]	600ea40	2011-04-12 00:01:51	[diff] [blame]	245	TEST_F(ChildProcessSecurityPolicyTest, CanReadDirectories) {
				246	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
				247
				248	p->Add(kRendererID);
				249
				250	EXPECT_FALSE(p->CanReadDirectory(kRendererID,
				251	FilePath(FILE_PATH_LITERAL("/etc/"))));
				252	p->GrantReadDirectory(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/")));
				253	EXPECT_TRUE(p->CanReadDirectory(kRendererID,
				254	FilePath(FILE_PATH_LITERAL("/etc/"))));
				255	EXPECT_TRUE(p->CanReadFile(kRendererID,
				256	FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
				257
				258	p->Remove(kRendererID);
				259	p->Add(kRendererID);
				260
				261	EXPECT_FALSE(p->CanReadDirectory(kRendererID,
				262	FilePath(FILE_PATH_LITERAL("/etc/"))));
				263	EXPECT_FALSE(p->CanReadFile(kRendererID,
				264	FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
				265
				266	// Just granting read permission as a file doesn't imply reading as a
				267	// directory.
				268	p->GrantReadFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/")));
				269	EXPECT_TRUE(p->CanReadFile(kRendererID,
				270	FilePath(FILE_PATH_LITERAL("/etc/passwd"))));
				271	EXPECT_FALSE(p->CanReadDirectory(kRendererID,
				272	FilePath(FILE_PATH_LITERAL("/etc/"))));
				273
				274	p->Remove(kRendererID);
				275	}
				276
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	277	TEST_F(ChildProcessSecurityPolicyTest, FilePermissions) {
				278	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
				279
				280	// Grant permissions for a file.
				281	p->Add(kRendererID);
				282	FilePath file = FilePath(FILE_PATH_LITERAL("/etc/passwd"));
				283	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				284	base::PLATFORM_FILE_OPEN));
				285
				286	p->GrantPermissionsForFile(kRendererID, file,
				287	base::PLATFORM_FILE_OPEN \|
				288	base::PLATFORM_FILE_READ \|
				289	base::PLATFORM_FILE_WRITE \|
				290	base::PLATFORM_FILE_TRUNCATE);
				291	EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file,
				292	base::PLATFORM_FILE_OPEN \|
				293	base::PLATFORM_FILE_READ \|
				294	base::PLATFORM_FILE_WRITE \|
				295	base::PLATFORM_FILE_TRUNCATE));
				296	EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file,
				297	base::PLATFORM_FILE_OPEN \|
				298	base::PLATFORM_FILE_READ));
				299	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				300	base::PLATFORM_FILE_CREATE));
				301	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				302	base::PLATFORM_FILE_CREATE \|
				303	base::PLATFORM_FILE_READ \|
				304	base::PLATFORM_FILE_WRITE \|
				305	base::PLATFORM_FILE_TRUNCATE));
				306	p->Remove(kRendererID);
				307
				308	// Grant permissions for the directory the file is in.
				309	p->Add(kRendererID);
				310	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				311	base::PLATFORM_FILE_OPEN));
				312	p->GrantPermissionsForFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc")),
				313	base::PLATFORM_FILE_OPEN \|
				314	base::PLATFORM_FILE_READ);
				315	EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file,
				316	base::PLATFORM_FILE_OPEN));
				317	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				318	base::PLATFORM_FILE_READ \|
				319	base::PLATFORM_FILE_WRITE));
				320	p->Remove(kRendererID);
				321
				322	// Grant permissions for the directory the file is in (with trailing '/').
				323	p->Add(kRendererID);
				324	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				325	base::PLATFORM_FILE_OPEN));
				326	p->GrantPermissionsForFile(kRendererID, FilePath(FILE_PATH_LITERAL("/etc/")),
				327	base::PLATFORM_FILE_OPEN \|
				328	base::PLATFORM_FILE_READ);
				329	EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file,
				330	base::PLATFORM_FILE_OPEN));
				331	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				332	base::PLATFORM_FILE_READ \|
				333	base::PLATFORM_FILE_WRITE));
				334
				335	// Grant permissions for the file (should overwrite the permissions granted
				336	// for the directory).
				337	p->GrantPermissionsForFile(kRendererID, file, base::PLATFORM_FILE_TEMPORARY);
				338	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				339	base::PLATFORM_FILE_OPEN));
				340	EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file,
				341	base::PLATFORM_FILE_TEMPORARY));
[email protected]	77930fe	2010-10-01 22:45:34	[diff] [blame]	342
				343	// Revoke all permissions for the file (it should inherit its permissions
				344	// from the directory again).
				345	p->RevokeAllPermissionsForFile(kRendererID, file);
				346	EXPECT_TRUE(p->HasPermissionsForFile(kRendererID, file,
				347	base::PLATFORM_FILE_OPEN \|
				348	base::PLATFORM_FILE_READ));
				349	EXPECT_FALSE(p->HasPermissionsForFile(kRendererID, file,
				350	base::PLATFORM_FILE_TEMPORARY));
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	351	p->Remove(kRendererID);
				352	}
				353
[email protected]	c5000851	2011-02-03 01:17:27	[diff] [blame]	354	TEST_F(ChildProcessSecurityPolicyTest, CanServiceWebUIBindings) {
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	355	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	356
[email protected]	60e44898	2009-05-06 04:21:16	[diff] [blame]	357	GURL url("chrome://thumb/http://www.google.com/");
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	358
				359	p->Add(kRendererID);
				360
[email protected]	c5000851	2011-02-03 01:17:27	[diff] [blame]	361	EXPECT_FALSE(p->HasWebUIBindings(kRendererID));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	362	EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
[email protected]	c5000851	2011-02-03 01:17:27	[diff] [blame]	363	p->GrantWebUIBindings(kRendererID);
				364	EXPECT_TRUE(p->HasWebUIBindings(kRendererID));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	365	EXPECT_TRUE(p->CanRequestURL(kRendererID, url));
				366
				367	p->Remove(kRendererID);
				368	}
				369
[email protected]	f58ddcf	2009-05-18 22:22:06	[diff] [blame]	370	TEST_F(ChildProcessSecurityPolicyTest, RemoveRace) {
				371	ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	372
				373	GURL url("file:///etc/passwd");
[email protected]	561abe6	2009-04-06 18:08:34	[diff] [blame]	374	FilePath file(FILE_PATH_LITERAL("/etc/passwd"));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	375
				376	p->Add(kRendererID);
				377
				378	p->GrantRequestURL(kRendererID, url);
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	379	p->GrantReadFile(kRendererID, file);
[email protected]	c5000851	2011-02-03 01:17:27	[diff] [blame]	380	p->GrantWebUIBindings(kRendererID);
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	381
				382	EXPECT_TRUE(p->CanRequestURL(kRendererID, url));
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	383	EXPECT_TRUE(p->CanReadFile(kRendererID, file));
[email protected]	c5000851	2011-02-03 01:17:27	[diff] [blame]	384	EXPECT_TRUE(p->HasWebUIBindings(kRendererID));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	385
				386	p->Remove(kRendererID);
				387
				388	// Renderers are added and removed on the UI thread, but the policy can be
[email protected]	58052263	2009-08-17 21:55:55	[diff] [blame]	389	// queried on the IO thread. The ChildProcessSecurityPolicy needs to be
				390	// prepared to answer policy questions about renderers who no longer exist.
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	391
				392	// In this case, we default to secure behavior.
				393	EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
[email protected]	e54edc3	2010-09-28 01:09:19	[diff] [blame]	394	EXPECT_FALSE(p->CanReadFile(kRendererID, file));
[email protected]	c5000851	2011-02-03 01:17:27	[diff] [blame]	395	EXPECT_FALSE(p->HasWebUIBindings(kRendererID));
initial.commit	09911bf	2008-07-26 23:55:29	[diff] [blame]	396	}