1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/common/extensions/manifest_tests/extension_manifest_test.h" 6 #include "extensions/common/manifest_constants.h" 7 #include "extensions/common/manifest_handlers/csp_info.h" 8 #include "testing/gtest/include/gtest/gtest.h" 9 10 namespace extensions { 11 12 namespace errors = manifest_errors; 13 14 class SandboxedPagesManifestTest : public ExtensionManifestTest { 15 }; 16 17 TEST_F(SandboxedPagesManifestTest, SandboxedPages) { 18 // Sandboxed pages specified, no custom CSP value. 19 scoped_refptr<Extension> extension1( 20 LoadAndExpectSuccess("sandboxed_pages_valid_1.json")); 21 22 // No sandboxed pages. 23 scoped_refptr<Extension> extension2( 24 LoadAndExpectSuccess("sandboxed_pages_valid_2.json")); 25 26 // Sandboxed pages specified with a custom CSP value. 27 scoped_refptr<Extension> extension3( 28 LoadAndExpectSuccess("sandboxed_pages_valid_3.json")); 29 30 // Sandboxed pages specified with wildcard, no custom CSP value. 31 scoped_refptr<Extension> extension4( 32 LoadAndExpectSuccess("sandboxed_pages_valid_4.json")); 33 34 // Sandboxed pages specified with filename wildcard, no custom CSP value. 35 scoped_refptr<Extension> extension5( 36 LoadAndExpectSuccess("sandboxed_pages_valid_5.json")); 37 38 const char kSandboxedCSP[] = "sandbox allow-scripts allow-forms allow-popups"; 39 const char kDefaultCSP[] = 40 "script-src 'self' chrome-extension-resource:; object-src 'self'"; 41 const char kCustomSandboxedCSP[] = 42 "sandbox; script-src: https://www.google.com"; 43 44 EXPECT_EQ( 45 kSandboxedCSP, 46 CSPInfo::GetResourceContentSecurityPolicy(extension1.get(), "/test")); 47 EXPECT_EQ( 48 kDefaultCSP, 49 CSPInfo::GetResourceContentSecurityPolicy(extension1.get(), "/none")); 50 EXPECT_EQ( 51 kDefaultCSP, 52 CSPInfo::GetResourceContentSecurityPolicy(extension2.get(), "/test")); 53 EXPECT_EQ( 54 kCustomSandboxedCSP, 55 CSPInfo::GetResourceContentSecurityPolicy(extension3.get(), "/test")); 56 EXPECT_EQ( 57 kDefaultCSP, 58 CSPInfo::GetResourceContentSecurityPolicy(extension3.get(), "/none")); 59 EXPECT_EQ( 60 kSandboxedCSP, 61 CSPInfo::GetResourceContentSecurityPolicy(extension4.get(), "/test")); 62 EXPECT_EQ(kSandboxedCSP, 63 CSPInfo::GetResourceContentSecurityPolicy(extension5.get(), 64 "/path/test.ext")); 65 EXPECT_EQ( 66 kDefaultCSP, 67 CSPInfo::GetResourceContentSecurityPolicy(extension5.get(), "/test")); 68 69 Testcase testcases[] = { 70 Testcase("sandboxed_pages_invalid_1.json", 71 errors::kInvalidSandboxedPagesList), 72 Testcase("sandboxed_pages_invalid_2.json", 73 errors::kInvalidSandboxedPage), 74 Testcase("sandboxed_pages_invalid_3.json", 75 errors::kInvalidSandboxedPagesCSP), 76 Testcase("sandboxed_pages_invalid_4.json", 77 errors::kInvalidSandboxedPagesCSP), 78 Testcase("sandboxed_pages_invalid_5.json", 79 errors::kInvalidSandboxedPagesCSP) 80 }; 81 RunTestcases(testcases, arraysize(testcases), 82 EXPECT_TYPE_ERROR); 83 } 84 85 } // namespace extensions 86