summaryrefslogtreecommitdiffstats
path: root/chrome/browser/content_settings/content_settings_browsertest.cc
diff options
context:
space:
mode:
authorabarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-06-17 10:39:09 +0000
committerabarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-06-17 10:39:09 +0000
commit6326d8b152d2fb48416720faaa9e9684a64b83ac (patch)
tree86970b51280be685bd94669b883ccb3f9276b516 /chrome/browser/content_settings/content_settings_browsertest.cc
parent53fa16073b7f17ca0c46432b1ec7dad30bcb3b6e (diff)
downloadchromium_src-6326d8b152d2fb48416720faaa9e9684a64b83ac.zip
chromium_src-6326d8b152d2fb48416720faaa9e9684a64b83ac.tar.gz
chromium_src-6326d8b152d2fb48416720faaa9e9684a64b83ac.tar.bz2
Correctly apply content settings to data URLs.
Data URLs don't round-trip through the browser's network stack, so they don't trigger the content settings code to upload the proper settings to the renderer. This patch proactively pushes the default content settings into the renderer so that it can use them for data URLs (and other sandboxed frames). Review URL: http://codereview.chromium.org/7167003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@89466 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/content_settings/content_settings_browsertest.cc')
-rw-r--r--chrome/browser/content_settings/content_settings_browsertest.cc15
1 files changed, 15 insertions, 0 deletions
diff --git a/chrome/browser/content_settings/content_settings_browsertest.cc b/chrome/browser/content_settings/content_settings_browsertest.cc
index b1e5556..383dc7e 100644
--- a/chrome/browser/content_settings/content_settings_browsertest.cc
+++ b/chrome/browser/content_settings/content_settings_browsertest.cc
@@ -30,3 +30,18 @@ IN_PROC_BROWSER_TEST_F(InProcessBrowserTest, RedirectLoopCookies) {
EXPECT_TRUE(tab_contents->content_settings()->IsContentBlocked(
CONTENT_SETTINGS_TYPE_COOKIES));
}
+
+IN_PROC_BROWSER_TEST_F(InProcessBrowserTest, ContentSettingsBlockDataURLs) {
+ GURL url("data:text/html,<title>Data URL</title><script>alert(1)</script>");
+
+ browser()->profile()->GetHostContentSettingsMap()->SetDefaultContentSetting(
+ CONTENT_SETTINGS_TYPE_JAVASCRIPT, CONTENT_SETTING_BLOCK);
+
+ ui_test_utils::NavigateToURL(browser(), url);
+
+ TabContentsWrapper* tab_contents = browser()->GetSelectedTabContentsWrapper();
+ ASSERT_EQ(UTF8ToUTF16("Data URL"), tab_contents->tab_contents()->GetTitle());
+
+ EXPECT_TRUE(tab_contents->content_settings()->IsContentBlocked(
+ CONTENT_SETTINGS_TYPE_JAVASCRIPT));
+}