OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stdint.h> | 5 #include <stdint.h> |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/strings/stringprintf.h" | 8 #include "base/strings/stringprintf.h" |
9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
10 #include "content/browser/child_process_security_policy_impl.h" | 10 #include "content/browser/child_process_security_policy_impl.h" |
(...skipping 363 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
374 bool result = false; | 374 bool result = false; |
375 EXPECT_TRUE(ExecuteScriptAndExtractBool( | 375 EXPECT_TRUE(ExecuteScriptAndExtractBool( |
376 shell(), | 376 shell(), |
377 "window.domAutomationController.send(true);" | 377 "window.domAutomationController.send(true);" |
378 "document.getElementById('file-form').submit();", | 378 "document.getElementById('file-form').submit();", |
379 &result)); | 379 &result)); |
380 EXPECT_TRUE(result); | 380 EXPECT_TRUE(result); |
381 process_exit_observer.Wait(); | 381 process_exit_observer.Wait(); |
382 } | 382 } |
383 | 383 |
| 384 // Test case to verify that redirects to data: URLs are properly disallowed, |
| 385 // even when invoked through a reload. |
| 386 // See https://crbug.com/723796. |
| 387 // |
| 388 // Note: This is PlzNavigate specific test, as the behavior of reloads in the |
| 389 // non-PlzNavigate path differs. The WebURLRequest for the reload is generated |
| 390 // based on Blink's state instead of the history state in the browser process, |
| 391 // which ends up loading the originally blocked URL. With PlzNavigate, the |
| 392 // reload uses the NavigationEntry state to create a navigation and commit it. |
| 393 IN_PROC_BROWSER_TEST_F(BrowserSideNavigationBrowserTest, |
| 394 VerifyBlockedErrorPageURL_Reload) { |
| 395 NavigationControllerImpl& controller = static_cast<NavigationControllerImpl&>( |
| 396 shell()->web_contents()->GetController()); |
| 397 |
| 398 GURL start_url(embedded_test_server()->GetURL("/title1.html")); |
| 399 EXPECT_TRUE(NavigateToURL(shell(), start_url)); |
| 400 EXPECT_EQ(0, controller.GetLastCommittedEntryIndex()); |
| 401 |
| 402 // Navigate to an URL, which redirects to a data: URL, since it is an |
| 403 // unsafe redirect and will result in a blocked navigation and error page. |
| 404 GURL redirect_to_blank_url( |
| 405 embedded_test_server()->GetURL("/server-redirect?data:text/html,Hello!")); |
| 406 EXPECT_FALSE(NavigateToURL(shell(), redirect_to_blank_url)); |
| 407 EXPECT_EQ(1, controller.GetLastCommittedEntryIndex()); |
| 408 EXPECT_EQ(PAGE_TYPE_ERROR, controller.GetLastCommittedEntry()->GetPageType()); |
| 409 |
| 410 TestNavigationObserver reload_observer(shell()->web_contents()); |
| 411 EXPECT_TRUE(ExecuteScript(shell(), "location.reload()")); |
| 412 reload_observer.Wait(); |
| 413 |
| 414 // The expectation is that about:blank was loaded and the virtual URL is set |
| 415 // to the URL that was blocked. |
| 416 EXPECT_EQ(1, controller.GetLastCommittedEntryIndex()); |
| 417 EXPECT_FALSE( |
| 418 controller.GetLastCommittedEntry()->GetURL().SchemeIs(url::kDataScheme)); |
| 419 EXPECT_TRUE(controller.GetLastCommittedEntry()->GetVirtualURL().SchemeIs( |
| 420 url::kDataScheme)); |
| 421 EXPECT_EQ(url::kAboutBlankURL, |
| 422 controller.GetLastCommittedEntry()->GetURL().spec()); |
| 423 } |
| 424 |
384 } // namespace content | 425 } // namespace content |
OLD | NEW |