Content settings: whitelist kExtensionScheme and kChromeInternalScheme on the renderer side.

BUG=104700
TEST=ContentSettingsObserverTest.WhitelistedSchemes


Review URL: http://codereview.chromium.org/8775005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112665 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 111 insertions, 26 deletions

diff --git a/chrome/chrome_tests.gypi b/chrome/chrome_tests.gypi
index e19a1c2..5c76016 100644
--- a/chrome/chrome_tests.gypi
+++ b/chrome/chrome_tests.gypi
@@ -1990,6 +1990,7 @@
         'common/worker_thread_ticker_unittest.cc',
         'common/zip_reader_unittest.cc',
         'common/zip_unittest.cc',
+        'renderer/content_settings_observer_unittest.cc',
         'renderer/extensions/chrome_v8_context_set_unittest.cc',
         'renderer/extensions/extension_api_json_validity_unittest.cc',
         'renderer/extensions/json_schema_unittest.cc',
diff --git a/chrome/renderer/content_settings_observer.cc b/chrome/renderer/content_settings_observer.cc
index 1fcdc20..17b33ae 100644
--- a/chrome/renderer/content_settings_observer.cc
+++ b/chrome/renderer/content_settings_observer.cc
@@ -29,32 +29,6 @@ using content::NavigationState;
 
 namespace {
 
-// True if |frame| contains content that is white-listed for content settings.
-static bool IsWhitelistedForContentSettings(WebFrame* frame) {
-  WebSecurityOrigin origin = frame->document().securityOrigin();
-  if (origin.isUnique())
-    return false;  // Uninitialized document?
-
-  if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme))
-    return true;  // Browser UI elements should still work.
-
-  if (EqualsASCII(origin.protocol(), chrome::kChromeDevToolsScheme))
-    return true;  // DevTools UI elements should still work.
-
-  // If the scheme is ftp: or file:, an empty file name indicates a directory
-  // listing, which requires JavaScript to function properly.
-  GURL document_url = frame->document().url();
-  const char* kDirProtocols[] = { chrome::kFtpScheme, chrome::kFileScheme };
-  for (size_t i = 0; i < arraysize(kDirProtocols); ++i) {
-    if (EqualsASCII(origin.protocol(), kDirProtocols[i])) {
-      return document_url.SchemeIs(kDirProtocols[i]) &&
-             document_url.ExtractFileName().empty();
-    }
-  }
-
-  return false;
-}
-
 GURL GetOriginOrURL(const WebFrame* frame) {
   WebString top_origin = frame->top()->document().securityOrigin().toString();
   // The the |top_origin| is unique ("null") e.g., for file:// URLs. Use the
@@ -308,3 +282,39 @@ void ContentSettingsObserver::ClearBlockedContentSettings() {
   cached_storage_permissions_.clear();
   cached_script_permissions_.clear();
 }
+
+bool ContentSettingsObserver::IsWhitelistedForContentSettings(WebFrame* frame) {
+  return IsWhitelistedForContentSettings(frame->document().securityOrigin(),
+                                         frame->document().url());
+}
+
+bool ContentSettingsObserver::IsWhitelistedForContentSettings(
+    const WebSecurityOrigin& origin,
+    const GURL& document_url) {
+  if (origin.isUnique())
+    return false;  // Uninitialized document?
+
+  if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme))
+    return true;  // Browser UI elements should still work.
+
+  if (EqualsASCII(origin.protocol(), chrome::kChromeDevToolsScheme))
+    return true;  // DevTools UI elements should still work.
+
+  if (EqualsASCII(origin.protocol(), chrome::kExtensionScheme))
+    return true;
+
+  if (EqualsASCII(origin.protocol(), chrome::kChromeInternalScheme))
+    return true;
+
+  // If the scheme is ftp: or file:, an empty file name indicates a directory
+  // listing, which requires JavaScript to function properly.
+  const char* kDirProtocols[] = { chrome::kFtpScheme, chrome::kFileScheme };
+  for (size_t i = 0; i < arraysize(kDirProtocols); ++i) {
+    if (EqualsASCII(origin.protocol(), kDirProtocols[i])) {
+      return document_url.SchemeIs(kDirProtocols[i]) &&
+             document_url.ExtractFileName().empty();
+    }
+  }
+
+  return false;
+}
diff --git a/chrome/renderer/content_settings_observer.h b/chrome/renderer/content_settings_observer.h
index a76e71c..027867c 100644
--- a/chrome/renderer/content_settings_observer.h
+++ b/chrome/renderer/content_settings_observer.h
@@ -66,6 +66,8 @@ class ContentSettingsObserver
   void DidNotAllowScript(WebKit::WebFrame* frame);
 
  private:
+  FRIEND_TEST_ALL_PREFIXES(ContentSettingsObserverTest, WhitelistedSchemes);
+
   // RenderViewObserver implementation.
   virtual bool OnMessageReceived(const IPC::Message& message) OVERRIDE;
   virtual void DidCommitProvisionalLoad(WebKit::WebFrame* frame,
@@ -77,6 +79,13 @@ class ContentSettingsObserver
   // Resets the |content_blocked_| array.
   void ClearBlockedContentSettings();
 
+  // Helpers.
+  // True if |frame| contains content that is white-listed for content settings.
+  static bool IsWhitelistedForContentSettings(WebKit::WebFrame* frame);
+  static bool IsWhitelistedForContentSettings(
+      const WebKit::WebSecurityOrigin& origin,
+      const GURL& document_url);
+
   // A pointer to content setting rules stored by the renderer. Normally, the
   // |RendererContentSettingRules| object is owned by
   // |ChromeRenderProcessObserver|. In the tests it is owned by the caller of
diff --git a/chrome/renderer/content_settings_observer_unittest.cc b/chrome/renderer/content_settings_observer_unittest.cc
new file mode 100644
index 0000000..db587ff
--- /dev/null
+++ b/chrome/renderer/content_settings_observer_unittest.cc
@@ -0,0 +1,65 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/renderer/content_settings_observer.h"
+
+#include "chrome/common/url_constants.h"
+#include "content/public/common/url_constants.h"
+#include "googleurl/src/gurl.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h"
+
+using WebKit::WebSecurityOrigin;
+
+typedef testing::Test ContentSettingsObserverTest;
+
+TEST_F(ContentSettingsObserverTest, WhitelistedSchemes) {
+  std::string end_url = ":something";
+
+  GURL chrome_ui_url =
+      GURL(std::string(chrome::kChromeUIScheme).append(end_url));
+  EXPECT_TRUE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(chrome_ui_url),
+      GURL()));
+
+  GURL chrome_dev_tools_url =
+      GURL(std::string(chrome::kChromeDevToolsScheme).append(end_url));
+  EXPECT_TRUE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(chrome_dev_tools_url),
+      GURL()));
+
+  GURL extension_url =
+      GURL(std::string(chrome::kExtensionScheme).append(end_url));
+  EXPECT_TRUE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(extension_url),
+      GURL()));
+
+  GURL chrome_internal_url =
+      GURL(std::string(chrome::kChromeInternalScheme).append(end_url));
+  EXPECT_TRUE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(chrome_internal_url),
+      GURL()));
+
+  GURL file_url("file:///dir/");
+  EXPECT_TRUE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(file_url),
+      GURL("file:///dir/")));
+  EXPECT_FALSE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(file_url),
+      GURL("file:///dir/file")));
+
+  GURL ftp_url("ftp:///dir/");
+  EXPECT_TRUE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(ftp_url),
+      GURL("ftp:///dir/")));
+  EXPECT_FALSE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(ftp_url),
+      GURL("ftp:///dir/file")));
+
+  GURL http_url =
+      GURL("http://server.com/path");
+  EXPECT_FALSE(ContentSettingsObserver::IsWhitelistedForContentSettings(
+      WebSecurityOrigin::create(http_url),
+      GURL()));
+}