diff options
| author | mvrable@chromium.org <mvrable@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-07-11 00:22:05 +0000 |
|---|---|---|
| committer | mvrable@chromium.org <mvrable@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-07-11 00:22:05 +0000 |
| commit | 8d703d107b10d249136ffde341998627261d89e8 (patch) | |
| tree | 599dbd2f9d845f2b91d523f50a489e9b3c11cf05 /chrome/test | |
| parent | 38fe289d165b0061586c58fd693a224ec2537cfd (diff) | |
| download | chromium_src-8d703d107b10d249136ffde341998627261d89e8.zip chromium_src-8d703d107b10d249136ffde341998627261d89e8.tar.gz chromium_src-8d703d107b10d249136ffde341998627261d89e8.tar.bz2 | |
Do not log URLs from incognito windows in the extension activity log
Change the handling of the chrome.tabs and chrome.webRequest APIs so
that activity involving incognito windows is logged (users should know
their extensions are interacting with incognito tabs) but URLs are
stripped.
Any URLs from incognito windows show up in the logs as
"http://incognito".
Also updates the tests to check that incognito URLs are stripped.
BUG=253368
Review URL: https://chromiumcodereview.appspot.com/18572012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@210980 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/test')
4 files changed, 109 insertions, 18 deletions
diff --git a/chrome/test/data/extensions/api_test/activity_log_private/friend/manifest.json b/chrome/test/data/extensions/api_test/activity_log_private/friend/manifest.json index fa11e51..9678245 100644 --- a/chrome/test/data/extensions/api_test/activity_log_private/friend/manifest.json +++ b/chrome/test/data/extensions/api_test/activity_log_private/friend/manifest.json @@ -7,6 +7,7 @@ "scripts": ["reply.js"] }, "omnibox": { "keyword" : "hello" }, + "incognito": "spanning", "options_page": "options.html", "permissions": ["cookies", "storage", "tabs", "webRequest", "webRequestBlocking", "http://*/*", "https://*/*"], diff --git a/chrome/test/data/extensions/api_test/activity_log_private/friend/options.html b/chrome/test/data/extensions/api_test/activity_log_private/friend/options.html index d7afb4b..e37288c 100644 --- a/chrome/test/data/extensions/api_test/activity_log_private/friend/options.html +++ b/chrome/test/data/extensions/api_test/activity_log_private/friend/options.html @@ -4,6 +4,8 @@ <script src="reply.js"></script> </head> <body> + <h1>Settings</h1> + <input type="checkbox" id="incognito_checkbox">Use incognito mode</input> <h1>Chrome API calls</h1> <button name="chromeButton" id="api_call"> Make a successful API call</button><br /> diff --git a/chrome/test/data/extensions/api_test/activity_log_private/friend/reply.js b/chrome/test/data/extensions/api_test/activity_log_private/friend/reply.js index 8490da9..412b4c6 100644 --- a/chrome/test/data/extensions/api_test/activity_log_private/friend/reply.js +++ b/chrome/test/data/extensions/api_test/activity_log_private/friend/reply.js @@ -4,6 +4,20 @@ var defaultUrl = 'http://www.google.com'; + +// Utility function to open a URL in a new tab. If the useIncognito global is +// true, the URL is opened in a new incognito window, otherwise it is opened in +// a new tab in the current window. Alternatively, whether to use incognito +// can be specified as a second argument which overrides the global setting. +var useIncognito = false; +function openTab(url, incognito) { + if (incognito == undefined ? useIncognito : incognito) { + chrome.windows.create({'url': url, 'incognito': true}); + } else { + window.open(url); + } +} + // CHROME API TEST METHODS -- PUT YOUR TESTS BELOW HERE //////////////////////////////////////////////////////////////////////////////// @@ -66,7 +80,7 @@ function injectContentScript() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Injects a blob of script into a page. @@ -86,7 +100,7 @@ function injectScriptBlob() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Modifies the headers sent and received in an HTTP request using the @@ -144,7 +158,7 @@ function doWebRequestModifications() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } function getSetObjectProperties() { @@ -160,7 +174,7 @@ function getSetObjectProperties() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } function callObjectMethod() { @@ -181,7 +195,7 @@ function sendMessageToCS() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } function sendMessageToSelf() { @@ -229,7 +243,7 @@ function tabIdTranslation() { function() { chrome.tabs.onUpdated.removeListener(testSingleInt); tabIds[0] = tabId; - window.open('http://www.google.be'); + openTab('http://www.google.be'); }); } } @@ -248,7 +262,7 @@ function tabIdTranslation() { } ); - window.open(defaultUrl); + openTab(defaultUrl); } // DOM API TEST METHODS -- PUT YOUR TESTS BELOW HERE @@ -290,7 +304,7 @@ function doContentScriptXHR() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Accesses the Location object from inside a content script. @@ -315,7 +329,7 @@ function doLocationAccess() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Mutates the DOM tree from inside a content script. @@ -340,7 +354,7 @@ function doDOMMutation1() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } function doDOMMutation2() { @@ -362,7 +376,7 @@ function doDOMMutation2() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Accesses the HTML5 Navigator API from inside a content script. @@ -387,7 +401,7 @@ function doNavigatorAPIAccess() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Accesses the HTML5 WebStorage API from inside a content script. @@ -412,7 +426,7 @@ function doWebStorageAPIAccess1() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } function doWebStorageAPIAccess2() { @@ -436,7 +450,7 @@ function doWebStorageAPIAccess2() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Accesses the HTML5 Notification API from inside a content script. @@ -461,7 +475,7 @@ function doNotificationAPIAccess() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Accesses the HTML5 ApplicationCache API from inside a content script. @@ -482,7 +496,7 @@ function doApplicationCacheAPIAccess() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Accesses the HTML5 WebDatabase API from inside a content script. @@ -504,7 +518,7 @@ function doWebDatabaseAPIAccess() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // Accesses the HTML5 Canvas API from inside a content script. @@ -526,7 +540,7 @@ function doCanvasAPIAccess() { } } ); - window.open(defaultUrl); + openTab(defaultUrl); } // ADD TESTS CASES TO THE MAP HERE. @@ -563,6 +577,13 @@ fnMap['canvas_access'] = doCanvasAPIAccess; try { chrome.runtime.onMessageExternal.addListener( function(message, sender, response) { + useIncognito = false; + if (message.match(/_incognito$/)) { + // Enable incognito windows for this test, then strip the _incognito + // suffix for the lookup below. + useIncognito = true; + message = message.slice(0, -10); + } if (fnMap.hasOwnProperty(message)) { fnMap[message](); } else { @@ -599,6 +620,9 @@ function setupEvents() { $(key).addEventListener('click', fnMap[key]); } } + $('incognito_checkbox').addEventListener( + 'click', + function() { useIncognito = $('incognito_checkbox').checked; }); setCompleted('setup events'); completed = 0; } diff --git a/chrome/test/data/extensions/api_test/activity_log_private/test/test.js b/chrome/test/data/extensions/api_test/activity_log_private/test/test.js index e354de1..57f9781 100644 --- a/chrome/test/data/extensions/api_test/activity_log_private/test/test.js +++ b/chrome/test/data/extensions/api_test/activity_log_private/test/test.js @@ -41,6 +41,20 @@ testCases.push({ ] }); testCases.push({ + func: function triggerInjectCSIncognito() { + chrome.runtime.sendMessage('pknkgggnfecklokoggaggchhaebkajji', + 'inject_cs_incognito', function response() { }); + }, + is_incognito: true, + expected_activity: [ + 'windows.create', + 'tabs.onUpdated', + 'tabs.onUpdated', + 'tabs.executeScript', + 'tabs.remove' + ] +}); +testCases.push({ func: function triggerInsertBlob() { chrome.runtime.sendMessage('pknkgggnfecklokoggaggchhaebkajji', 'inject_blob', function response() { }); @@ -263,6 +277,24 @@ testCases.push({ 'tabs.remove' ] }); +testCases.push({ + name: 'tab_ids_incognito', + func: function triggerTabIdsIncognito() { + chrome.runtime.sendMessage('pknkgggnfecklokoggaggchhaebkajji', + 'tab_ids_incognito', function response() { }); + }, + is_incognito: true, + expected_activity: [ + 'windows.create', + 'tabs.onUpdated', + 'tabs.onUpdated', + 'tabs.executeScript', + 'windows.create', + 'tabs.onUpdated', + 'tabs.onUpdated', + 'tabs.remove' + ] +}); testCases.push({ func: function triggerWebRequest() { @@ -282,6 +314,25 @@ testCases.push({ }); testCases.push({ + func: function triggerWebRequestIncognito() { + chrome.runtime.sendMessage('pknkgggnfecklokoggaggchhaebkajji', + 'webrequest_incognito', function response() { }); + }, + is_incognito: true, + expected_activity: [ + 'webRequestInternal.addEventListener', + 'webRequestInternal.addEventListener', + 'windows.create', + 'webRequest.onBeforeSendHeaders/3', + 'webRequestInternal.eventHandled', + 'webRequest.onBeforeSendHeaders', + 'tabs.onUpdated', + 'tabs.onUpdated', + 'tabs.remove' + ] +}); + +testCases.push({ func: function triggerBackgroundXHR() { chrome.runtime.sendMessage('pknkgggnfecklokoggaggchhaebkajji', 'cs_xhr', function response() { }); @@ -329,6 +380,19 @@ chrome.activityLogPrivate.onExtensionActivity.addListener( console.log('Logged:' + apiCall + ' Expected:' + expectedCall); chrome.test.assertEq(expectedCall, apiCall); + // Check that no real URLs are logged in incognito-mode tests. + if (activity['activityType'] == 'dom') { + var url = activity[activityDetailName]['url']; + if (url) { + if (testCases[testCaseIndx].is_incognito) { + chrome.test.assertEq('http://incognito/', url); + } else { + chrome.test.assertTrue(url != 'http://incognito/', + 'Non-incognito URL was anonymized'); + } + } + } + // If all the expected calls have been logged for this test case then // mark as suceeded and move to the next. Otherwise look for the next // expected api call. |