Google Git
Sign in
chromium / chromium / src / 68e5e6de4f09b9bc50ec0460fcad02d5923304d9^! / . / chrome / browser / extensions / process_manager_browsertest.cc
commit68e5e6de4f09b9bc50ec0460fcad02d5923304d9[log] [tgz]
authornasko <[email protected]>Wed May 24 23:19:34 2017
committerCommit bot <[email protected]>Wed May 24 23:19:34 2017
treecafedf51655c139440851f53c8e487fc217b734c
parent59c3060ac761de2221eea6febe7be5d223f0266a [diff] [blame]
Block navigations to hosted apps non-icon resources with PlzNavigate.

BUG=717626

Review-Url: https://codereview.chromium.org/2875493002
Cr-Commit-Position: refs/heads/master@{#474469}

diff --git a/chrome/browser/extensions/process_manager_browsertest.cc b/chrome/browser/extensions/process_manager_browsertest.cc
index 88c5b96..38332dde 100644
--- a/chrome/browser/extensions/process_manager_browsertest.cc
+++ b/chrome/browser/extensions/process_manager_browsertest.cc

@@ -26,6 +26,7 @@
 #include "chrome/test/base/ui_test_utils.h"
 #include "components/guest_view/browser/test_guest_view_manager.h"
 #include "content/public/browser/child_process_security_policy.h"
+#include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/render_process_host.h"
@@ -1233,4 +1234,35 @@
   }
 }
 
+// Test to verify that loading a resource other than an icon file is
+// disallowed for hosted apps, while icons are allowed.
+// See https://crbug.com/717626.
+IN_PROC_BROWSER_TEST_F(ProcessManagerBrowserTest, HostedAppFilesAccess) {
+  // Load an extension with a background page.
+  scoped_refptr<const Extension> extension =
+      LoadExtension(test_data_dir_.AppendASCII("hosted_app"));
+  ASSERT_TRUE(extension);
+
+  content::WebContents* tab =
+      browser()->tab_strip_model()->GetActiveWebContents();
+
+  // Navigating to the manifest should be blocked with an error page.
+  {
+    content::TestNavigationObserver observer(tab);
+    NavigateToURL(extension->GetResourceURL("/manifest.json"));
+    EXPECT_FALSE(observer.last_navigation_succeeded());
+    EXPECT_EQ(tab->GetController().GetLastCommittedEntry()->GetPageType(),
+              content::PAGE_TYPE_ERROR);
+  }
+
+  // Navigation to the icon file should succeed.
+  {
+    content::TestNavigationObserver observer(tab);
+    NavigateToURL(extension->GetResourceURL("/icon.png"));
+    EXPECT_TRUE(observer.last_navigation_succeeded());
+    EXPECT_EQ(tab->GetController().GetLastCommittedEntry()->GetPageType(),
+              content::PAGE_TYPE_NORMAL);
+  }
+}
+
 }  // namespace extensions