Make (&CGID_Explorer, SBCMDID_MIXEDZONE) command more sane.

Add test for navigation to sites in restricted sites zone.
Review URL: http://codereview.chromium.org/1217001

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42484 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 65 insertions, 10 deletions

diff --git a/chrome_frame/chrome_active_document.cc b/chrome_frame/chrome_active_document.cc
index fe9499d..2c9cba6 100644
--- a/chrome_frame/chrome_active_document.cc
+++ b/chrome_frame/chrome_active_document.cc
@@ -752,6 +752,8 @@ void ChromeActiveDocument::OnDetermineSecurityZone(const GUID* cmd_group_guid,
                                                    DWORD cmd_exec_opt,
                                                    VARIANT* in_args,
                                                    VARIANT* out_args) {
+  // Always return URLZONE_INTERNET since that is the Chrome's behaviour.
+  // Correct step is to use MapUrlToZone().
   if (out_args != NULL) {
     out_args->vt = VT_UI4;
     out_args->ulVal = URLZONE_INTERNET;
@@ -878,7 +880,8 @@ HRESULT ChromeActiveDocument::IEExec(const GUID* cmd_group_guid,
   return hr;
 }
 
-bool ChromeActiveDocument::IsUrlZoneRestricted(const std::wstring& url) {
+unsigned long ChromeActiveDocument::MapUrlToZone(const wchar_t* url) {
+  unsigned long zone = URLZONE_INVALID;
   if (security_manager_.get() == NULL) {
     HRESULT hr = CoCreateInstance(
         CLSID_InternetSecurityManager,
@@ -891,13 +894,12 @@ bool ChromeActiveDocument::IsUrlZoneRestricted(const std::wstring& url) {
       NOTREACHED() << __FUNCTION__
                    << " Failed to create InternetSecurityManager. Error: 0x%x"
                    << hr;
-      return true;
+      return zone;
     }
   }
 
-  DWORD zone = URLZONE_UNTRUSTED;
-  security_manager_->MapUrlToZone(url.c_str(), &zone, 0);
-  return zone == URLZONE_UNTRUSTED;
+  security_manager_->MapUrlToZone(url, &zone, 0);
+  return zone;
 }
 
 bool ChromeActiveDocument::ParseUrl(const std::wstring& url,
@@ -928,7 +930,7 @@ bool ChromeActiveDocument::ParseUrl(const std::wstring& url,
     return false;
   }
 
-  if (IsUrlZoneRestricted(initial_url)) {
+  if (URLZONE_UNTRUSTED == MapUrlToZone(initial_url.c_str())) {
     DLOG(WARNING) << __FUNCTION__
                   << " Disallowing navigation to restricted url: "
                   << initial_url;
diff --git a/chrome_frame/chrome_active_document.h b/chrome_frame/chrome_active_document.h
index 56e1822..07d7c20 100644
--- a/chrome_frame/chrome_active_document.h
+++ b/chrome_frame/chrome_active_document.h
@@ -296,7 +296,7 @@ END_EXEC_COMMAND_MAP()
   HRESULT IEExec(const GUID* cmd_group_guid, DWORD command_id,
                  DWORD cmd_exec_opt, VARIANT* in_args, VARIANT* out_args);
 
-  bool IsUrlZoneRestricted(const std::wstring& url);
+  unsigned long MapUrlToZone(const wchar_t* url);
 
   // Parses the URL and returns information whether it is a new navigation and
   // the actual url after stripping out the cf: prefix if any.
diff --git a/chrome_frame/test/test_mock_with_web_server.cc b/chrome_frame/test/test_mock_with_web_server.cc
index 519cd00..a2bd962 100644
--- a/chrome_frame/test/test_mock_with_web_server.cc
+++ b/chrome_frame/test/test_mock_with_web_server.cc
@@ -1255,3 +1255,55 @@ TEST_F(ChromeFrameTestWithWebServer,
   loop.RunFor(kChromeFrameLongNavigationTimeoutInSeconds * 2);
 }
 
+TEST(IEPrivacy, NavigationToRestrictedSite) {
+  CloseIeAtEndOfScope last_resort_close_ie;
+  chrome_frame_test::TimedMsgLoop loop;
+  ComStackObjectWithUninitialize<MockWebBrowserEventSink> mock;
+  ChromeFrameHTTPServer server;
+  server.SetUp();
+
+  ScopedComPtr<IInternetSecurityManager> security_manager;
+  HRESULT hr = security_manager.CreateInstance(CLSID_InternetSecurityManager);
+  ASSERT_HRESULT_SUCCEEDED(hr);
+  // Add localhost to restricted sites zone.
+  hr = security_manager->SetZoneMapping(URLZONE_UNTRUSTED,
+      L"http://localhost:1337", SZM_CREATE);
+
+  EXPECT_CALL(mock, OnFileDownload(VARIANT_TRUE, _))
+      .Times(testing::AnyNumber());
+
+  testing::InSequence s;
+  const wchar_t* url = L"http://localhost:1337/files/meta_tag.html";
+  EXPECT_CALL(mock, OnBeforeNavigate2(_,
+      testing::Field(&VARIANT::bstrVal,
+      testing::StrCaseEq(url)), _, _, _, _, _)).Times(1);
+
+  EXPECT_CALL(mock, OnNavigateComplete2(_,
+      testing::Field(&VARIANT::bstrVal, testing::StrCaseEq(url)))).Times(1);
+
+  EXPECT_CALL(mock, OnBeforeNavigate2(_,
+      testing::Field(&VARIANT::bstrVal,
+      testing::StrCaseEq(url)), _, _, _, _, _)).Times(1);
+
+  EXPECT_CALL(mock, OnBeforeNavigate2(_,
+      testing::Field(&VARIANT::bstrVal,
+      testing::StartsWith(L"res://")), _, _, _, _, _)).Times(1);
+
+  EXPECT_CALL(mock, OnNavigateComplete2(_,
+      testing::Field(&VARIANT::bstrVal, testing::StrCaseEq(url))))
+      .Times(1).WillOnce(CloseBrowserMock(&mock));
+
+  EXPECT_CALL(mock, OnQuit()).WillOnce(QUIT_LOOP(loop));
+
+  EXPECT_CALL(mock, OnLoad(_)).Times(0);
+
+  hr = mock.LaunchIEAndNavigate(url);
+  ASSERT_HRESULT_SUCCEEDED(hr);
+  if (hr == S_OK) {
+    ASSERT_TRUE(mock.web_browser2() != NULL);
+    loop.RunFor(kChromeFrameLongNavigationTimeoutInSeconds * 2);
+  }
+
+  ASSERT_HRESULT_SUCCEEDED(security_manager->SetZoneMapping(URLZONE_UNTRUSTED,
+      L"http://localhost:1337", SZM_DELETE));
+}
diff --git a/chrome_frame/urlmon_moniker.cc b/chrome_frame/urlmon_moniker.cc
index 0873f13..eba574e 100644
--- a/chrome_frame/urlmon_moniker.cc
+++ b/chrome_frame/urlmon_moniker.cc
@@ -450,9 +450,10 @@ HRESULT MonikerPatch::BindToObject(IMoniker_BindToObject_Fn original,
         hr = persist_moniker.QueryFrom(cf_doc);
         DCHECK(SUCCEEDED(hr));
         hr = persist_moniker->Load(TRUE, me, bind_ctx, STGM_READ);
-        DCHECK(SUCCEEDED(hr));
-        hr = persist_moniker.QueryInterface(iid, obj);
-        DCHECK(SUCCEEDED(hr));
+        if (SUCCEEDED(hr)) {
+          hr = persist_moniker.QueryInterface(iid, obj);
+          DCHECK(SUCCEEDED(hr));
+        }
       } else {
         DLOG(INFO) << " creating callback object";
         CComObject<CFUrlmonBindStatusCallback>* callback = NULL;