Add support for gcf:about:plugins in chrome frame full tab mode. The URL validation code path

in ChromeFrame now takes in an interface NavigationConstraints which allows the delegateslike
the ActiveX, ActiveDocument and the NPAPI plugins to control the navigation decisions.

We no longer refer to the InternetSecurityManager interface which is IE only for performing
zone decisions in the ChromeFrame NPAPI plugin.

Fixes bug http://code.google.com/p/chromium/issues/detail?id=66118

BUG=66118
TEST=Covered by additional CanNavigate unit tests.

Review URL: http://codereview.chromium.org/5698005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69101 0039d316-1c4b-4281-b951-d872f2087c98

2 files changed, 158 insertions, 57 deletions

diff --git a/chrome_frame/test/automation_client_mock.cc b/chrome_frame/test/automation_client_mock.cc
index c02d7e0d..729ecbd 100644
--- a/chrome_frame/test/automation_client_mock.cc
+++ b/chrome_frame/test/automation_client_mock.cc
@@ -4,9 +4,10 @@
 #include "chrome_frame/test/automation_client_mock.h"
 
 #include "base/callback.h"
-#include "net/base/net_errors.h"
 #include "chrome_frame/custom_sync_call_context.h"
+#include "chrome_frame/navigation_constraints.h"
 #include "chrome_frame/test/chrome_frame_test_utils.h"
+#include "net/base/net_errors.h"
 
 #define GMOCK_MUTANT_INCLUDE_LATE_OBJECT_BINDING
 #include "testing/gmock_mutant.h"
@@ -85,8 +86,8 @@ ACTION_P4(HandleCreateTab, tab_handle, external_tab_container, tab_wnd,
   delete context;
 }
 
-ACTION_P4(InitiateNavigation, client, url, referrer, privileged) {
-  client->InitiateNavigation(url, referrer, privileged);
+ACTION_P4(InitiateNavigation, client, url, referrer, constraints) {
+  client->InitiateNavigation(url, referrer, constraints);
 }
 
 // We mock ChromeFrameDelegate only. The rest is with real AutomationProxy
@@ -151,6 +152,8 @@ TEST(CFACWithChrome, CreateNotSoFast) {
 
 TEST(CFACWithChrome, NavigateOk) {
   MockCFDelegate cfd;
+  NavigationConstraintsImpl navigation_constraints;
+
   chrome_frame_test::TimedMsgLoop loop;
   const std::string url = "about:version";
   const FilePath profile_path(
@@ -162,7 +165,8 @@ TEST(CFACWithChrome, NavigateOk) {
 
   EXPECT_CALL(cfd, OnAutomationServerReady())
       .WillOnce(InitiateNavigation(client.get(),
-                                   url, std::string(), false));
+                                   url, std::string(),
+                                   &navigation_constraints));
 
   EXPECT_CALL(cfd, GetBounds(_)).Times(testing::AnyNumber());
 
@@ -196,6 +200,7 @@ TEST(CFACWithChrome, NavigateOk) {
 
 TEST(CFACWithChrome, NavigateFailed) {
   MockCFDelegate cfd;
+  NavigationConstraintsImpl navigation_constraints;
   chrome_frame_test::TimedMsgLoop loop;
   const FilePath profile_path(
       chrome_frame_test::GetProfilePath(L"Adam.N.Epilinter"));
@@ -210,7 +215,7 @@ TEST(CFACWithChrome, NavigateFailed) {
   EXPECT_CALL(cfd, OnAutomationServerReady())
       .WillOnce(testing::IgnoreResult(testing::InvokeWithoutArgs(CreateFunctor(
           client.get(), &ChromeFrameAutomationClient::InitiateNavigation,
-          url, std::string(), false))));
+          url, std::string(), &navigation_constraints))));
 
   EXPECT_CALL(cfd, GetBounds(_)).Times(testing::AnyNumber());
   EXPECT_CALL(cfd, OnNavigationStateChanged(_, _)).Times(testing::AnyNumber());
@@ -419,6 +424,8 @@ TEST_F(CFACMockTest, OnChannelError) {
 
 TEST_F(CFACMockTest, NavigateTwiceAfterInitToSameUrl) {
   int timeout = 500;
+  NavigationConstraintsImpl navigation_constraints;
+
   CreateTab();
   SetAutomationServerOk(1);
 
@@ -439,7 +446,7 @@ TEST_F(CFACMockTest, NavigateTwiceAfterInitToSameUrl) {
   EXPECT_CALL(cfd_, OnAutomationServerReady())
       .WillOnce(InitiateNavigation(client_.get(),
                                    std::string("http://www.nonexistent.com"),
-                                   std::string(), false));
+                                   std::string(), &navigation_constraints));
 
   EXPECT_CALL(mock_proxy_, SendAsAsync(testing::Property(
       &IPC::SyncMessage::type, AutomationMsg_NavigateInExternalTab::ID),
diff --git a/chrome_frame/test/util_unittests.cc b/chrome_frame/test/util_unittests.cc
index 0964296..68173b9 100644
--- a/chrome_frame/test/util_unittests.cc
+++ b/chrome_frame/test/util_unittests.cc
@@ -5,7 +5,10 @@
 #include "base/file_path.h"
 #include "base/file_version_info.h"
 #include "base/file_version_info_win.h"
+#include "base/string_util.h"
+#include "base/utf_string_conversions.h"
 #include "base/win/registry.h"
+#include "chrome_frame/navigation_constraints.h"
 #include "chrome_frame/test/chrome_frame_test_utils.h"
 #include "chrome_frame/utils.h"
 
@@ -228,8 +231,36 @@ class MockIInternetSecurityManager : public IInternetSecurityManager {
       HRESULT(DWORD zone, IEnumString** enum_string, DWORD flags));
 };
 
+// This class provides a partial mock for the NavigationConstraints
+// interface by providing specialized zone overrides.
+class MockNavigationConstraintsZoneOverride
+    : public NavigationConstraintsImpl {
+ public:
+  MOCK_METHOD1(IsZoneAllowed, bool(const GURL&url));
+};
+
+// Mock NavigationConstraints
+class MockNavigationConstraints : public NavigationConstraints {
+ public:
+  MOCK_METHOD0(AllowUnsafeUrls, bool());
+  MOCK_METHOD1(IsSchemeAllowed, bool(const GURL& url));
+  MOCK_METHOD1(IsZoneAllowed, bool(const GURL& url));
+};
+
+// Matcher which returns true if the URL passed in starts with the prefix
+// specified.
+MATCHER_P(UrlPathStartsWith, url_prefix, "url starts with prefix") {
+  return StartsWith(UTF8ToWide(arg.spec()), url_prefix, false);
+}
+
+ACTION_P3(HandleZone, mock, url_prefix, zone) {
+  if (StartsWith(UTF8ToWide(arg0.spec()), url_prefix, false))
+    return zone != URLZONE_UNTRUSTED;
+  return false;
+}
+
 TEST_F(UtilTests, CanNavigateTest) {
-  MockIInternetSecurityManager mock;
+  MockNavigationConstraintsZoneOverride mock;
 
   struct Zones {
     const wchar_t* url_prefix;
@@ -247,76 +278,139 @@ TEST_F(UtilTests, CanNavigateTest) {
 
   for (int i = 0; i < arraysize(test_zones); ++i) {
     const Zones& zone = test_zones[i];
-    EXPECT_CALL(mock, MapUrlToZone(testing::StartsWith(zone.url_prefix),
-                                                       testing::_, testing::_))
-      .WillRepeatedly(testing::DoAll(
-          testing::SetArgumentPointee<1>(zone.zone),
-          testing::Return(S_OK)));
+    EXPECT_CALL(mock, IsZoneAllowed(UrlPathStartsWith(zone.url_prefix)))
+        .WillRepeatedly(testing::Return(zone.zone != URLZONE_UNTRUSTED));
   }
 
   struct Cases {
     const char* url;
-    bool is_privileged;
     bool default_expected;
     bool unsafe_expected;
   } test_cases[] = {
     // Invalid URL
-    { "          ", false, false, false },
-    { "foo bar", true, false, false },
+    { "          ", false, false },
+    { "foo bar", false, false },
 
     // non-privileged test cases
-    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore", false,
-        true, true },
-    { "http://untrusted/bar.html", false, false, true },
-    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore", false,
-        true, true },
-    { "view-source:http://www.google.ca", false, true, true },
-    { "view-source:javascript:alert('foo');", false, false, true },
-    { "about:blank", false, true, true },
-    { "About:Version", false, true, true },
-    { "about:config", false, false, true },
-    { "chrome-extension://aaaaaaaaaaaaaaaaaaa/toolstrip.html", false, false,
-        true },
-    { "ftp://www.google.ca", false, false, true },
-    { "file://www.google.ca", false, false, true },
-    { "file://C:\boot.ini", false, false, true },
-    { "SIP:someone@10.1.2.3", false, false, true },
-
-    // privileged test cases
-    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore", true, true,
-        true },
-    { "http://untrusted/bar.html", true, false, true },
-    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore", true, true,
-        true },
-    { "view-source:http://www.google.ca", true, true, true },
-    { "view-source:javascript:alert('foo');", true, false, true },
-    { "about:blank", true, true, true },
-    { "About:Version", true, true, true },
-    { "about:config", true, false, true },
-    { "chrome-extension://aaaaaaaaaaaaaaaaaaa/toolstrip.html", true, true,
-        true },
-    { "ftp://www.google.ca", true, false, true },
-    { "file://www.google.ca", true, false, true },
-    { "file://C:\boot.ini", true, false, true },
-    { "sip:someone@10.1.2.3", false, false, true },
+    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore", true,
+       true },
+    { "http://untrusted/bar.html", false, true },
+    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore", true,
+       true },
+    { "view-source:http://www.google.ca", true, true },
+    { "view-source:javascript:alert('foo');", false, true },
+    { "about:blank", true, true },
+    { "About:Version", true, true },
+    { "about:config", false, true },
+    { "chrome-extension://aaaaaaaaaaaaaaaaaaa/toolstrip.html", false, true },
+    { "ftp://www.google.ca", false, true },
+    { "file://www.google.ca", false, true },
+    { "file://C:\boot.ini", false, true },
+    { "SIP:someone@10.1.2.3", false, true },
   };
 
   for (int i = 0; i < arraysize(test_cases); ++i) {
     const Cases& test = test_cases[i];
-    bool actual = CanNavigate(GURL(test.url), &mock, test.is_privileged);
+    bool actual = CanNavigate(GURL(test.url), &mock);
     EXPECT_EQ(test.default_expected, actual) << "Failure url: " << test.url;
   }
+}
 
-  bool enable_gcf = GetConfigBool(false, kAllowUnsafeURLs);
-  SetConfigBool(kAllowUnsafeURLs, true);
+TEST_F(UtilTests, CanNavigateTestDenyAll) {
+  MockNavigationConstraints mock;
 
-  for (int i = 0; i < arraysize(test_cases); ++i) {
-    const Cases& test = test_cases[i];
-    bool actual = CanNavigate(GURL(test.url), &mock, test.is_privileged);
-    EXPECT_EQ(test.unsafe_expected, actual) << "Failure url: " << test.url;
+  EXPECT_CALL(mock, IsZoneAllowed(testing::_))
+      .Times(testing::AnyNumber())
+      .WillRepeatedly(testing::Return(false));
+
+  EXPECT_CALL(mock, IsSchemeAllowed(testing::_))
+      .Times(testing::AnyNumber())
+      .WillRepeatedly(testing::Return(false));
+
+  EXPECT_CALL(mock, AllowUnsafeUrls())
+      .Times(testing::AnyNumber())
+      .WillRepeatedly(testing::Return(false));
+
+  char *urls[] = {
+    { "          "},
+    { "foo bar"},
+    // non-privileged test cases
+    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore"},
+    { "http://untrusted/bar.html"},
+    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore"},
+    { "view-source:http://www.google.ca"},
+    { "view-source:javascript:alert('foo');"},
+    { "about:blank"},
+    { "About:Version"},
+    { "about:config"},
+    { "chrome-extension://aaaaaaaaaaaaaaaaaaa/toolstrip.html"},
+    { "ftp://www.google.ca"},
+    { "file://www.google.ca"},
+    { "file://C:\boot.ini"},
+    { "SIP:someone@10.1.2.3"},
+  };
+
+  for (int i = 0; i < arraysize(urls); ++i) {
+    EXPECT_FALSE(CanNavigate(GURL(urls[i]), &mock));
   }
+}
+
+TEST_F(UtilTests, CanNavigateTestAllowAll) {
+  MockNavigationConstraints mock;
 
-  SetConfigBool(kAllowUnsafeURLs, enable_gcf);
+  EXPECT_CALL(mock, AllowUnsafeUrls())
+      .Times(testing::AnyNumber())
+      .WillRepeatedly(testing::Return(false));
+
+  EXPECT_CALL(mock, IsSchemeAllowed(testing::_))
+      .Times(testing::AnyNumber())
+      .WillRepeatedly(testing::Return(true));
+
+  EXPECT_CALL(mock, IsZoneAllowed(testing::_))
+      .Times(testing::AnyNumber())
+      .WillRepeatedly(testing::Return(true));
+
+  char *urls[] = {
+    // non-privileged test cases
+    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore"},
+    { "http://untrusted/bar.html"},
+    { "http://blah/?attach_external_tab&10&1&0&0&100&100&iexplore"},
+    { "view-source:http://www.google.ca"},
+    { "view-source:javascript:alert('foo');"},
+    { "about:blank"},
+    { "About:Version"},
+    { "about:config"},
+    { "chrome-extension://aaaaaaaaaaaaaaaaaaa/toolstrip.html"},
+    { "ftp://www.google.ca"},
+    { "file://www.google.ca"},
+    { "file://C:\boot.ini"},
+    { "SIP:someone@10.1.2.3"},
+    { "gcf:about:cache"},
+    { "gcf:about:plugins"},
+  };
+
+  for (int i = 0; i < arraysize(urls); ++i) {
+    EXPECT_TRUE(CanNavigate(GURL(urls[i]), &mock));
+  }
+}
+
+TEST_F(UtilTests, CanNavigateTestAllowAllUnsafeUrls) {
+  MockNavigationConstraints mock;
+
+  EXPECT_CALL(mock, AllowUnsafeUrls())
+      .Times(testing::AnyNumber())
+      .WillRepeatedly(testing::Return(true));
+
+  char *urls[] = {
+    {"gcf:about:cache"},
+    {"gcf:http://www.google.com"},
+    {"view-source:javascript:alert('foo');"},
+    {"http://www.google.com"},
+  };
+
+  for (int i = 0; i < arraysize(urls); ++i) {
+    EXPECT_TRUE(CanNavigate(GURL(urls[i]), &mock));
+  }
 }
 
 TEST_F(UtilTests, IsDefaultRendererTest) {