Home | History | Annotate | Download | only in policy_JavaScriptAllowedForUrls 
      1 # Copyright 2015 The Chromium OS Authors. All rights reserved.
      2 # Use of this source code is governed by a BSD-style license that can be
      3 # found in the LICENSE file.
      4 
      5 import time
      6 import utils
      7 
      8 from autotest_lib.client.common_lib import error
      9 from autotest_lib.client.cros.enterprise import enterprise_policy_base
     10 
     11 
     12 class policy_JavaScriptAllowedForUrls(
     13     enterprise_policy_base.EnterprisePolicyTest):
     14     """Test JavaScriptAllowedForUrls policy effect on CrOS look & feel.
     15 
     16     This test verifies the behavior of Chrome OS with a range of valid values
     17     for the JavaScriptAllowedForUrls user policies. These values are covered
     18     by four test cases, named: NotSet_Block, SingleUrl_Allow,
     19     MultipleUrls_Block, and MultipleUrls_Allow.
     20 
     21     When the policy value is None (as in case=NotSet_Block), then
     22     JavaScript will be blocked on any page. When the value is set to a single
     23     URL pattern (as in case=SingleUrl_Allow), JavaScript will be allowed on
     24     any page that matches that pattern. When set to multiple URL patterns (as
     25     in case=MultipleUrls_Block or MultipleUrls_Allow) then JavaScript will
     26     be allowed on any page with a URL that matches any of the listed patterns.
     27 
     28     Two test cases (SingleUrl_Allow, MultipleUrls_Allow) are designed to allow
     29     JavaScript to run on the test page. The other two test cases
     30     (NotSet_Block, MultipleUrls_Block) are designed to block JavaScript
     31     from running on the test page.
     32 
     33     Note this test has a dependency on the DefaultJavaScriptSetting policy,
     34     which is partially tested herein, and in policy_JavaScriptBlockedForUrls.
     35     For this test, we set DefaultJavaScriptSetting=2. This blocks JavaScript
     36     on all pages except those with a URL matching a pattern in
     37     JavaScriptAllowedForUrls. For the test policy_JavaScriptBlockedForUrls, we
     38     set DefaultJavaScriptSetting=1. That allows JavaScript to be run on all
     39     pages except those with URLs that match patterns listed in
     40     JavaScriptBlockedForUrls.
     41 
     42     """
     43     version = 1
     44 
     45     def initialize(self, **kwargs):
     46         self._initialize_test_constants()
     47         super(policy_JavaScriptAllowedForUrls, self).initialize(**kwargs)
     48         self.start_webserver()
     49 
     50 
     51     def _initialize_test_constants(self):
     52         """Initialize test-specific constants, some from class constants."""
     53         self.POLICY_NAME = 'JavaScriptAllowedForUrls'
     54         self.TEST_FILE = 'js_test.html'
     55         self.TEST_URL = '%s/%s' % (self.WEB_HOST, self.TEST_FILE)
     56         self.TEST_CASES = {
     57             'NotSet_Block': None,
     58             'SingleUrl_Allow': [self.WEB_HOST],
     59             'MultipleUrls_Block': ['http://www.bing.com',
     60                                    'https://www.yahoo.com'],
     61             'MultipleUrls_Allow': ['http://www.bing.com',
     62                                    self.TEST_URL,
     63                                    'https://www.yahoo.com']
     64         }
     65 
     66         self.STARTUP_URLS = ['chrome://policy', 'chrome://settings']
     67         self.SUPPORTING_POLICIES = {
     68             'DefaultJavaScriptSetting': 2,
     69             'BookmarkBarEnabled': False,
     70             'RestoreOnStartupURLs': self.STARTUP_URLS,
     71             'RestoreOnStartup': 4
     72         }
     73 
     74 
     75     def _can_execute_javascript(self, tab):
     76         """Determine whether JavaScript is allowed to run on the given page.
     77 
     78         @param tab: browser tab containing JavaScript to run.
     79         """
     80         try:
     81             utils.poll_for_condition(
     82                 lambda: tab.EvaluateJavaScript('jsAllowed', timeout=2),
     83                 exception=error.TestError('Test page is not ready.'))
     84             return True
     85         except:
     86             return False
     87 
     88 
     89     def _test_javascript_allowed_for_urls(self, policy_value):
     90         """Verify CrOS enforces the JavaScriptAllowedForUrls policy.
     91 
     92         When JavaScriptAllowedForUrls is undefined, JavaScript execution shall
     93         be blocked on all pages. When JavaScriptAllowedForUrls contains one or
     94         more URL patterns, JavaScript execution shall be allowed only on the
     95         pages whose URL matches any of the listed patterns.
     96 
     97         Note: This test does not use self.navigate_to_url(), because it can
     98         not depend on methods that evaluate or execute JavaScript.
     99 
    100         @param policy_value: policy value for this case.
    101         """
    102         tab = self.cr.browser.tabs.New()
    103         tab.Activate()
    104         tab.Navigate(self.TEST_URL)
    105         time.sleep(1)
    106 
    107         utils.poll_for_condition(
    108             lambda: tab.url == self.TEST_URL,
    109             exception=error.TestError('Test page is not ready.'))
    110         javascript_is_allowed = self._can_execute_javascript(tab)
    111 
    112         if policy_value is not None and (self.WEB_HOST in policy_value or
    113                                          self.TEST_URL in policy_value):
    114             # If |WEB_HOST| is in |policy_value|, then JavaScript execution
    115             # should be allowed. If execution is blocked, raise an error.
    116             if not javascript_is_allowed:
    117                 raise error.TestFail('JavaScript should be allowed.')
    118         else:
    119             if javascript_is_allowed:
    120                 raise error.TestFail('JavaScript should be blocked.')
    121         tab.Close()
    122 
    123 
    124     def run_test_case(self, case):
    125         """Setup and run the test configured for the specified test case.
    126 
    127         @param case: Name of the test case to run.
    128 
    129         """
    130         case_value = self.TEST_CASES[case]
    131         self.setup_case(self.POLICY_NAME, case_value, self.SUPPORTING_POLICIES)
    132         self._test_javascript_allowed_for_urls(case_value)
    133