diff options
| author | tommi@chromium.org <tommi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-07-15 20:03:50 +0000 |
|---|---|---|
| committer | tommi@chromium.org <tommi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-07-15 20:03:50 +0000 |
| commit | 6ed457ea80358fdb4d0d6901cf80568b23eae2f8 (patch) | |
| tree | be96f4b7df9749d5359a6c1e42894f69fb1ec0bc /chrome | |
| parent | 2b56832683197686038bcbf7b1ef662e9a41268a (diff) | |
| download | chromium_src-6ed457ea80358fdb4d0d6901cf80568b23eae2f8.zip chromium_src-6ed457ea80358fdb4d0d6901cf80568b23eae2f8.tar.gz chromium_src-6ed457ea80358fdb4d0d6901cf80568b23eae2f8.tar.bz2 | |
Adding handling of target and origin in external tab's postMessage + a unit test.
TEST=run ExternalTabPostMessageTarget test.
BUG=none
Review URL: http://codereview.chromium.org/155516
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@20775 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
| -rw-r--r-- | chrome/renderer/external_host_bindings.cc | 37 | ||||
| -rw-r--r-- | chrome/test/automation/automation_proxy_uitest.cc | 45 | ||||
| -rw-r--r-- | chrome/test/data/external_tab/post_message.html | 18 |
3 files changed, 94 insertions, 6 deletions
diff --git a/chrome/renderer/external_host_bindings.cc b/chrome/renderer/external_host_bindings.cc index 09c8e78..108ee34 100644 --- a/chrome/renderer/external_host_bindings.cc +++ b/chrome/renderer/external_host_bindings.cc @@ -28,6 +28,15 @@ void ExternalHostBindings::postMessage( std::string target; if (args.size() >= 2 && args[1].isString()) { target = args[1].ToString(); + if (target.compare("*") != 0) { + GURL resolved(target); + if (!resolved.is_valid()) { + DLOG(WARNING) << "Unable to parse the specified target URL. " << target; + result->Set(false); + return; + } + target = resolved.spec(); + } } else { target = "*"; } @@ -54,13 +63,29 @@ bool ExternalHostBindings::ForwardMessageFromExternalHost( bool status = false; - // TODO(tommi): Do the appropriate target check and drop the event if - // the target doesn't match the url of the current document. - // See: http://dev.w3.org/html5/spec/Overview.html#posting-messages if (target.compare("*") != 0) { - DLOG(WARNING) << "Dropping posted message since the target wasn't '*' " - "and we haven't implemented parsing of the target param"; - return false; + GURL frame_url(frame_->GetURL()); + GURL frame_origin(frame_url.GetOrigin()); + GURL target_origin(GURL(target).GetOrigin()); + + // We want to compare the origins of the two URLs but first + // we need to make sure that we don't compare an invalid one + // to a valid one. + bool drop = (frame_origin.is_valid() != target_origin.is_valid()); + + if (!drop) { + if (!frame_origin.is_valid()) { + // Both origins are invalid, so compare the URLs as opaque strings. + drop = (frame_url.spec().compare(target) != 0); + } else { + drop = (frame_origin != target_origin); + } + } + + if (drop) { + DLOG(WARNING) << "Dropping posted message. Origins don't match"; + return false; + } } // Construct an event object, assign the origin to the origin member and diff --git a/chrome/test/automation/automation_proxy_uitest.cc b/chrome/test/automation/automation_proxy_uitest.cc index eeedf20..5739ca5 100644 --- a/chrome/test/automation/automation_proxy_uitest.cc +++ b/chrome/test/automation/automation_proxy_uitest.cc @@ -22,6 +22,7 @@ #include "chrome/test/automation/window_proxy.h" #include "chrome/test/ui/ui_test.h" #include "net/base/net_util.h" +#include "net/url_request/url_request_unittest.h" #include "views/event.h" class AutomationProxyTest : public UITest { @@ -867,6 +868,50 @@ TEST_F(ExternalTabTestType, ExternalTabPostMessage) { } } } + +TEST_F(ExternalTabTestType, ExternalTabPostMessageTarget) { + AutomationProxyForExternalTab* proxy = + static_cast<AutomationProxyForExternalTab*>(automation()); + + IPC::ExternalTabSettings settings = { + NULL, + gfx::Rect(), + WS_POPUP, + false, + false + }; + HWND external_tab_container = NULL; + HWND tab_wnd = NULL; + scoped_refptr<TabProxy> tab(proxy->CreateExternalTab(settings, + &external_tab_container, &tab_wnd)); + EXPECT_TRUE(tab != NULL); + EXPECT_NE(FALSE, ::IsWindow(external_tab_container)); + if (tab != NULL) { + const wchar_t kDocRoot[] = L"chrome/test/data/external_tab"; + scoped_refptr<HTTPTestServer> server( + HTTPTestServer::CreateServer(kDocRoot, NULL)); + + const char kTestUrl[] = "http://localhost:1337/files/post_message.html"; + tab->NavigateInExternalTab(GURL(kTestUrl)); + EXPECT_TRUE(proxy->WaitForNavigationComplete(10000)); + + // Post a message to the page, specifying a target. + // If the page receives it, it will post the same message right back to us. + const char kTestMessage[] = "Hello from gtest"; + const char kTestOrigin[] = "http://www.external.tab"; + tab->HandleMessageFromExternalHost(kTestMessage, kTestOrigin, + "http://localhost:1337/"); + + EXPECT_TRUE(ExternalTabMessageLoop(external_tab_container, 10000)); + EXPECT_NE(0, proxy->messages_received()); + + if (proxy->messages_received()) { + EXPECT_EQ(kTestMessage, proxy->message()); + EXPECT_EQ(GURL(kTestOrigin).GetOrigin(), GURL(proxy->target())); + } + } +} + #endif // defined(OS_WIN) // TODO(port): Need to port autocomplete_edit_proxy.* first. diff --git a/chrome/test/data/external_tab/post_message.html b/chrome/test/data/external_tab/post_message.html new file mode 100644 index 0000000..960827f --- /dev/null +++ b/chrome/test/data/external_tab/post_message.html @@ -0,0 +1,18 @@ +<html> +<head> + <script> + function onload() { + window.externalHost.onmessage = onMessage; + } + function onMessage(evt) { + var msg = "message received from: " + evt.origin; + document.getElementById("dbg").innerHTML = msg; + window.externalHost.postMessage(evt.data, evt.origin); + } + </script> + <title>External Tab</title> +</head> +<body onload='onload()'> + <h1>External Tab postMessage test</h1> + <div id="dbg"></div> +</body></html> |