1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "base/utf_string_conversions.h" 6 #include "chrome/browser/automation/automation_util.h" 7 #include "chrome/browser/extensions/extension_apitest.h" 8 #include "chrome/browser/extensions/extension_host.h" 9 #include "chrome/browser/profiles/profile.h" 10 #include "chrome/browser/ui/browser.h" 11 #include "chrome/common/chrome_switches.h" 12 #include "chrome/test/ui_test_utils.h" 13 #include "content/browser/renderer_host/browser_render_process_host.h" 14 #include "content/browser/renderer_host/render_view_host.h" 15 #include "content/browser/tab_contents/tab_contents.h" 16 #include "net/base/mock_host_resolver.h" 17 18 namespace { 19 20 class IsolatedAppApiTest : public ExtensionApiTest { 21 public: 22 // Returns whether the given tab's current URL has the given cookie. 23 bool WARN_UNUSED_RESULT HasCookie(TabContents* contents, std::string cookie) { 24 int value_size; 25 std::string actual_cookie; 26 automation_util::GetCookies(contents->GetURL(), contents, &value_size, 27 &actual_cookie); 28 return actual_cookie.find(cookie) != std::string::npos; 29 } 30 31 const Extension* GetInstalledApp(TabContents* contents) { 32 return static_cast<BrowserRenderProcessHost*>( 33 contents->render_view_host()->process())->installed_app(); 34 } 35 }; 36 37 } // namespace 38 39 // Tests that cookies set within an isolated app are not visible to normal 40 // pages or other apps. 41 IN_PROC_BROWSER_TEST_F(IsolatedAppApiTest, CookieIsolation) { 42 CommandLine::ForCurrentProcess()->AppendSwitch( 43 switches::kDisablePopupBlocking); 44 CommandLine::ForCurrentProcess()->AppendSwitch( 45 switches::kEnableExperimentalAppManifests); 46 47 host_resolver()->AddRule("*", "127.0.0.1"); 48 ASSERT_TRUE(test_server()->Start()); 49 50 ASSERT_TRUE(LoadExtension(test_data_dir_.AppendASCII("isolated_apps/app1"))); 51 ASSERT_TRUE(LoadExtension(test_data_dir_.AppendASCII("isolated_apps/app2"))); 52 53 // The app under test acts on URLs whose host is "localhost", 54 // so the URLs we navigate to must have host "localhost". 55 GURL base_url = test_server()->GetURL( 56 "files/extensions/api_test/isolated_apps/"); 57 GURL::Replacements replace_host; 58 std::string host_str("localhost"); // Must stay in scope with replace_host. 59 replace_host.SetHostStr(host_str); 60 base_url = base_url.ReplaceComponents(replace_host); 61 62 browser()->NewTab(); 63 ui_test_utils::NavigateToURL(browser(), base_url.Resolve("app1/main.html")); 64 browser()->NewTab(); 65 ui_test_utils::NavigateToURL(browser(), base_url.Resolve("app2/main.html")); 66 browser()->NewTab(); 67 ui_test_utils::NavigateToURL(browser(), 68 base_url.Resolve("non_app/main.html")); 69 70 // Ensure first two tabs have installed apps. 71 TabContents* tab1 = browser()->GetTabContentsAt(1); 72 TabContents* tab2 = browser()->GetTabContentsAt(2); 73 TabContents* tab3 = browser()->GetTabContentsAt(3); 74 ASSERT_TRUE(GetInstalledApp(tab1)); 75 ASSERT_TRUE(GetInstalledApp(tab2)); 76 ASSERT_TRUE(!GetInstalledApp(tab3)); 77 78 // Check that each tab sees its own cookie. 79 ASSERT_TRUE(HasCookie(tab1, "app1=3")); 80 ASSERT_TRUE(HasCookie(tab2, "app2=4")); 81 ASSERT_TRUE(HasCookie(tab3, "normalPage=5")); 82 83 // Check that app1 tab cannot see the other cookies. 84 ASSERT_FALSE(HasCookie(tab1, "app2")); 85 ASSERT_FALSE(HasCookie(tab1, "normalPage")); 86 87 // Check that app2 tab cannot see the other cookies. 88 ASSERT_FALSE(HasCookie(tab2, "app1")); 89 ASSERT_FALSE(HasCookie(tab2, "normalPage")); 90 91 // Check that normal tab cannot see the other cookies. 92 ASSERT_FALSE(HasCookie(tab3, "app1")); 93 ASSERT_FALSE(HasCookie(tab3, "app2")); 94 95 // Check that the non_app iframe cookie is associated with app1 and not the 96 // normal tab. (For now, iframes are always rendered in their parent 97 // process, even if they aren't in the app manifest.) 98 ASSERT_TRUE(HasCookie(tab1, "nonAppFrame=6")); 99 ASSERT_FALSE(HasCookie(tab3, "nonAppFrame")); 100 } 101 102 // Without the --enable-experimental-app-manifests flag, all the tabs 103 // should see each others' cookies. 104 IN_PROC_BROWSER_TEST_F(IsolatedAppApiTest, CookieIsolationRequiresFlag) { 105 CommandLine::ForCurrentProcess()->AppendSwitch( 106 switches::kDisablePopupBlocking); 107 108 host_resolver()->AddRule("*", "127.0.0.1"); 109 ASSERT_TRUE(test_server()->Start()); 110 111 ASSERT_TRUE(LoadExtension(test_data_dir_.AppendASCII("isolated_apps/app1"))); 112 ASSERT_TRUE(LoadExtension(test_data_dir_.AppendASCII("isolated_apps/app2"))); 113 114 // The app under test acts on URLs whose host is "localhost", 115 // so the URLs we navigate to must have host "localhost". 116 GURL base_url = test_server()->GetURL( 117 "files/extensions/api_test/isolated_apps/"); 118 GURL::Replacements replace_host; 119 std::string host_str("localhost"); // Must stay in scope with replace_host. 120 replace_host.SetHostStr(host_str); 121 base_url = base_url.ReplaceComponents(replace_host); 122 123 browser()->NewTab(); 124 ui_test_utils::NavigateToURL(browser(), base_url.Resolve("app1/main.html")); 125 browser()->NewTab(); 126 ui_test_utils::NavigateToURL(browser(), base_url.Resolve("app2/main.html")); 127 browser()->NewTab(); 128 ui_test_utils::NavigateToURL(browser(), 129 base_url.Resolve("non_app/main.html")); 130 131 // Check that tabs see each others' cookies. 132 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(1), "app2=4")); 133 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(1), "normalPage=5")); 134 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(1), "nonAppFrame=6")); 135 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(2), "app1=3")); 136 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(2), "normalPage=5")); 137 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(2), "nonAppFrame=6")); 138 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(3), "app1=3")); 139 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(3), "app2=4")); 140 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(3), "nonAppFrame=6")); 141 } 142
