[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 1 | // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
avi | a2f4804a | 2015-12-24 23:11:13 | [diff] [blame] | 5 | #include <stddef.h> |
| 6 | |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 7 | #include <map> |
limasdf | 3d10254 | 2015-12-09 03:58:45 | [diff] [blame] | 8 | #include <utility> |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 9 | |
Sebastien Marchand | f1349f5 | 2019-01-25 03:16:41 | [diff] [blame] | 10 | #include "base/bind.h" |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 11 | #include "base/values.h" |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 12 | #include "chrome/browser/extensions/active_tab_permission_granter.h" |
rdevlin.cronin | 699ca6ff | 2014-09-29 23:59:57 | [diff] [blame] | 13 | #include "chrome/browser/extensions/api/extension_action/extension_action_api.h" |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 14 | #include "chrome/browser/extensions/extension_action_runner.h" |
rdevlin.cronin | d1aa852 | 2015-02-13 00:25:57 | [diff] [blame] | 15 | #include "chrome/browser/extensions/extension_sync_service_factory.h" |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 16 | #include "chrome/browser/extensions/permissions_updater.h" |
rdevlin.cronin | cb9f86e | 2015-10-15 15:13:42 | [diff] [blame] | 17 | #include "chrome/browser/extensions/scripting_permissions_modifier.h" |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 18 | #include "chrome/browser/extensions/tab_helper.h" |
| 19 | #include "chrome/test/base/chrome_render_view_host_test_harness.h" |
| 20 | #include "chrome/test/base/testing_profile.h" |
[email protected] | fdd2837 | 2014-08-21 02:27:26 | [diff] [blame] | 21 | #include "components/crx_file/id_util.h" |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 22 | #include "content/public/browser/navigation_controller.h" |
| 23 | #include "content/public/browser/navigation_entry.h" |
| 24 | #include "content/public/browser/web_contents.h" |
clamy | f205303 | 2017-10-20 16:01:59 | [diff] [blame] | 25 | #include "content/public/test/navigation_simulator.h" |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 26 | #include "extensions/browser/extension_registry.h" |
| 27 | #include "extensions/common/extension.h" |
| 28 | #include "extensions/common/extension_builder.h" |
Devlin Cronin | cac45cb | 2018-04-25 04:43:03 | [diff] [blame] | 29 | #include "extensions/common/extension_features.h" |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 30 | #include "extensions/common/manifest.h" |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 31 | #include "extensions/common/user_script.h" |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 32 | #include "extensions/common/value_builder.h" |
| 33 | |
| 34 | namespace extensions { |
| 35 | |
| 36 | namespace { |
| 37 | |
| 38 | const char kAllHostsPermission[] = "*://*/*"; |
| 39 | |
| 40 | } // namespace |
| 41 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 42 | // Unittests for the ExtensionActionRunner mostly test the internal logic |
| 43 | // of the runner itself (when to allow/deny extension script injection). |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 44 | // Testing real injection is allowed/denied as expected (i.e., that the |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 45 | // ExtensionActionRunner correctly interfaces in the system) is done in the |
| 46 | // ExtensionActionRunnerBrowserTests. |
| 47 | class ExtensionActionRunnerUnitTest : public ChromeRenderViewHostTestHarness { |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 48 | protected: |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 49 | ExtensionActionRunnerUnitTest(); |
| 50 | ~ExtensionActionRunnerUnitTest() override; |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 51 | |
| 52 | // Creates an extension with all hosts permission and adds it to the registry. |
| 53 | const Extension* AddExtension(); |
| 54 | |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 55 | // Reloads |extension_| by removing it from the registry and recreating it. |
| 56 | const Extension* ReloadExtension(); |
| 57 | |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 58 | // Returns true if the |extension| requires user consent before injecting |
| 59 | // a script. |
| 60 | bool RequiresUserConsent(const Extension* extension) const; |
| 61 | |
| 62 | // Request an injection for the given |extension|. |
| 63 | void RequestInjection(const Extension* extension); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 64 | void RequestInjection(const Extension* extension, |
| 65 | UserScript::RunLocation run_location); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 66 | |
| 67 | // Returns the number of times a given extension has had a script execute. |
| 68 | size_t GetExecutionCountForExtension(const std::string& extension_id) const; |
| 69 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 70 | ExtensionActionRunner* runner() const { return extension_action_runner_; } |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 71 | |
| 72 | private: |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 73 | // Returns a closure to use as a script execution for a given extension. |
| 74 | base::Closure GetExecutionCallbackForExtension( |
| 75 | const std::string& extension_id); |
| 76 | |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 77 | // Increment the number of executions for the given |extension_id|. |
| 78 | void IncrementExecutionCount(const std::string& extension_id); |
| 79 | |
dcheng | 7219181 | 2014-10-28 20:49:56 | [diff] [blame] | 80 | void SetUp() override; |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 81 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 82 | // The associated ExtensionActionRunner. |
Devlin Cronin | cac45cb | 2018-04-25 04:43:03 | [diff] [blame] | 83 | ExtensionActionRunner* extension_action_runner_ = nullptr; |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 84 | |
| 85 | // The map of observed executions, keyed by extension id. |
| 86 | std::map<std::string, int> extension_executions_; |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 87 | |
| 88 | scoped_refptr<const Extension> extension_; |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 89 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 90 | DISALLOW_COPY_AND_ASSIGN(ExtensionActionRunnerUnitTest); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 91 | }; |
| 92 | |
Devlin Cronin | cac45cb | 2018-04-25 04:43:03 | [diff] [blame] | 93 | ExtensionActionRunnerUnitTest::ExtensionActionRunnerUnitTest() = default; |
| 94 | ExtensionActionRunnerUnitTest::~ExtensionActionRunnerUnitTest() = default; |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 95 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 96 | const Extension* ExtensionActionRunnerUnitTest::AddExtension() { |
[email protected] | fdd2837 | 2014-08-21 02:27:26 | [diff] [blame] | 97 | const std::string kId = crx_file::id_util::GenerateId("all_hosts_extension"); |
limasdf | 3d10254 | 2015-12-09 03:58:45 | [diff] [blame] | 98 | extension_ = |
| 99 | ExtensionBuilder() |
dcheng | 794d2bd | 2016-02-27 03:51:32 | [diff] [blame] | 100 | .SetManifest( |
limasdf | 21d67e6 | 2015-12-19 12:04:49 | [diff] [blame] | 101 | DictionaryBuilder() |
| 102 | .Set("name", "all_hosts_extension") |
| 103 | .Set("description", "an extension") |
| 104 | .Set("manifest_version", 2) |
| 105 | .Set("version", "1.0.0") |
| 106 | .Set("permissions", |
dcheng | 794d2bd | 2016-02-27 03:51:32 | [diff] [blame] | 107 | ListBuilder().Append(kAllHostsPermission).Build()) |
| 108 | .Build()) |
limasdf | 3d10254 | 2015-12-09 03:58:45 | [diff] [blame] | 109 | .SetLocation(Manifest::INTERNAL) |
| 110 | .SetID(kId) |
| 111 | .Build(); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 112 | |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 113 | ExtensionRegistry::Get(profile())->AddEnabled(extension_); |
dcheng | c704794 | 2014-08-26 05:05:31 | [diff] [blame] | 114 | PermissionsUpdater(profile()).InitializePermissions(extension_.get()); |
Devlin Cronin | f355f1de | 2018-05-14 15:27:24 | [diff] [blame] | 115 | |
| 116 | ScriptingPermissionsModifier(profile(), extension_.get()) |
Devlin Cronin | c583070 | 2018-07-03 00:26:16 | [diff] [blame] | 117 | .SetWithholdHostPermissions(true); |
dcheng | c704794 | 2014-08-26 05:05:31 | [diff] [blame] | 118 | return extension_.get(); |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 119 | } |
| 120 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 121 | const Extension* ExtensionActionRunnerUnitTest::ReloadExtension() { |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 122 | ExtensionRegistry::Get(profile())->RemoveEnabled(extension_->id()); |
| 123 | return AddExtension(); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 124 | } |
| 125 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 126 | bool ExtensionActionRunnerUnitTest::RequiresUserConsent( |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 127 | const Extension* extension) const { |
Devlin Cronin | 3e532b8 | 2018-05-03 21:27:19 | [diff] [blame] | 128 | PermissionsData::PageAccess access_type = |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 129 | runner()->RequiresUserConsentForScriptInjectionForTesting( |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 130 | extension, UserScript::PROGRAMMATIC_SCRIPT); |
| 131 | // We should never downright refuse access in these tests. |
Devlin Cronin | 3e532b8 | 2018-05-03 21:27:19 | [diff] [blame] | 132 | DCHECK_NE(PermissionsData::PageAccess::kDenied, access_type); |
| 133 | return access_type == PermissionsData::PageAccess::kWithheld; |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 134 | } |
| 135 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 136 | void ExtensionActionRunnerUnitTest::RequestInjection( |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 137 | const Extension* extension) { |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 138 | RequestInjection(extension, UserScript::DOCUMENT_IDLE); |
| 139 | } |
| 140 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 141 | void ExtensionActionRunnerUnitTest::RequestInjection( |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 142 | const Extension* extension, |
| 143 | UserScript::RunLocation run_location) { |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 144 | runner()->RequestScriptInjectionForTesting( |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 145 | extension, run_location, |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 146 | GetExecutionCallbackForExtension(extension->id())); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 147 | } |
| 148 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 149 | size_t ExtensionActionRunnerUnitTest::GetExecutionCountForExtension( |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 150 | const std::string& extension_id) const { |
jdoerrie | 13cd648c8 | 2018-10-02 21:21:02 | [diff] [blame] | 151 | auto iter = extension_executions_.find(extension_id); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 152 | if (iter != extension_executions_.end()) |
| 153 | return iter->second; |
| 154 | return 0u; |
| 155 | } |
| 156 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 157 | base::Closure ExtensionActionRunnerUnitTest::GetExecutionCallbackForExtension( |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 158 | const std::string& extension_id) { |
| 159 | // We use base unretained here, but if this ever gets executed outside of |
| 160 | // this test's lifetime, we have a major problem anyway. |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 161 | return base::Bind(&ExtensionActionRunnerUnitTest::IncrementExecutionCount, |
| 162 | base::Unretained(this), extension_id); |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 163 | } |
| 164 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 165 | void ExtensionActionRunnerUnitTest::IncrementExecutionCount( |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 166 | const std::string& extension_id) { |
| 167 | ++extension_executions_[extension_id]; |
| 168 | } |
| 169 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 170 | void ExtensionActionRunnerUnitTest::SetUp() { |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 171 | ChromeRenderViewHostTestHarness::SetUp(); |
| 172 | |
isherman | 30fa851a | 2015-06-09 23:32:10 | [diff] [blame] | 173 | // Skip syncing for testing purposes. |
Sylvain Defresne | 711ff6b | 2018-10-04 12:33:54 | [diff] [blame] | 174 | ExtensionSyncServiceFactory::GetInstance()->SetTestingFactory( |
| 175 | profile(), BrowserContextKeyedServiceFactory::TestingFactory()); |
rdevlin.cronin | d1aa852 | 2015-02-13 00:25:57 | [diff] [blame] | 176 | |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 177 | TabHelper::CreateForWebContents(web_contents()); |
| 178 | TabHelper* tab_helper = TabHelper::FromWebContents(web_contents()); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 179 | // These should never be null. |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 180 | DCHECK(tab_helper); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 181 | extension_action_runner_ = tab_helper->extension_action_runner(); |
| 182 | DCHECK(extension_action_runner_); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 183 | } |
| 184 | |
| 185 | // Test that extensions with all_hosts require permission to execute, and, once |
| 186 | // that permission is granted, do execute. |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 187 | TEST_F(ExtensionActionRunnerUnitTest, RequestPermissionAndExecute) { |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 188 | const Extension* extension = AddExtension(); |
| 189 | ASSERT_TRUE(extension); |
| 190 | |
| 191 | NavigateAndCommit(GURL("https://www.google.com")); |
| 192 | |
| 193 | // Ensure that there aren't any executions pending. |
| 194 | ASSERT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 195 | ASSERT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 196 | |
| 197 | // Since the extension requests all_hosts, we should require user consent. |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 198 | EXPECT_TRUE(RequiresUserConsent(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 199 | |
rdevlin.cronin | 91f162a1 | 2014-09-03 16:48:40 | [diff] [blame] | 200 | // Request an injection. The extension should want to run, but should not have |
| 201 | // executed. |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 202 | RequestInjection(extension); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 203 | EXPECT_TRUE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 204 | EXPECT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
| 205 | |
| 206 | // Click to accept the extension executing. |
rdevlin.cronin | 4a78c48b | 2016-03-24 00:02:29 | [diff] [blame] | 207 | runner()->RunForTesting(extension); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 208 | |
rdevlin.cronin | 91f162a1 | 2014-09-03 16:48:40 | [diff] [blame] | 209 | // The extension should execute, and the extension shouldn't want to run. |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 210 | EXPECT_EQ(1u, GetExecutionCountForExtension(extension->id())); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 211 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 212 | |
| 213 | // Since we already executed on the given page, we shouldn't need permission |
| 214 | // for a second time. |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 215 | EXPECT_FALSE(RequiresUserConsent(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 216 | |
[email protected] | 4b8d1c6 | 2014-08-16 01:22:21 | [diff] [blame] | 217 | // Reloading and same-origin navigations shouldn't clear those permissions, |
| 218 | // and we shouldn't require user constent again. |
clamy | f205303 | 2017-10-20 16:01:59 | [diff] [blame] | 219 | content::NavigationSimulator::Reload(web_contents()); |
[email protected] | 4b8d1c6 | 2014-08-16 01:22:21 | [diff] [blame] | 220 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 221 | NavigateAndCommit(GURL("https://www.google.com/foo")); |
| 222 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 223 | NavigateAndCommit(GURL("https://www.google.com/bar")); |
| 224 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 225 | |
| 226 | // Cross-origin navigations should clear permissions. |
| 227 | NavigateAndCommit(GURL("https://otherdomain.google.com")); |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 228 | EXPECT_TRUE(RequiresUserConsent(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 229 | |
| 230 | // Grant access. |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 231 | RequestInjection(extension); |
rdevlin.cronin | 4a78c48b | 2016-03-24 00:02:29 | [diff] [blame] | 232 | runner()->RunForTesting(extension); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 233 | EXPECT_EQ(2u, GetExecutionCountForExtension(extension->id())); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 234 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 235 | |
| 236 | // Navigating to another site should also clear the permissions. |
| 237 | NavigateAndCommit(GURL("https://www.foo.com")); |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 238 | EXPECT_TRUE(RequiresUserConsent(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 239 | } |
| 240 | |
| 241 | // Test that injections that are not executed by the time the user navigates are |
| 242 | // ignored and never execute. |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 243 | TEST_F(ExtensionActionRunnerUnitTest, PendingInjectionsRemovedAtNavigation) { |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 244 | const Extension* extension = AddExtension(); |
| 245 | ASSERT_TRUE(extension); |
| 246 | |
| 247 | NavigateAndCommit(GURL("https://www.google.com")); |
| 248 | |
| 249 | ASSERT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
| 250 | |
rdevlin.cronin | 91f162a1 | 2014-09-03 16:48:40 | [diff] [blame] | 251 | // Request an injection. The extension should want to run, but not execute. |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 252 | RequestInjection(extension); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 253 | EXPECT_TRUE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 254 | EXPECT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
| 255 | |
[email protected] | 8d5cb21 | 2014-06-04 09:00:39 | [diff] [blame] | 256 | // Reload. This should remove the pending injection, and we should not |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 257 | // execute anything. |
clamy | f205303 | 2017-10-20 16:01:59 | [diff] [blame] | 258 | content::NavigationSimulator::Reload(web_contents()); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 259 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 260 | EXPECT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
| 261 | |
| 262 | // Request and accept a new injection. |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 263 | RequestInjection(extension); |
rdevlin.cronin | 4a78c48b | 2016-03-24 00:02:29 | [diff] [blame] | 264 | runner()->RunForTesting(extension); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 265 | |
| 266 | // The extension should only have executed once, even though a grand total |
| 267 | // of two executions were requested. |
| 268 | EXPECT_EQ(1u, GetExecutionCountForExtension(extension->id())); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 269 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 270 | } |
| 271 | |
| 272 | // Test that queueing multiple pending injections, and then accepting, triggers |
| 273 | // them all. |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 274 | TEST_F(ExtensionActionRunnerUnitTest, MultiplePendingInjection) { |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 275 | const Extension* extension = AddExtension(); |
| 276 | ASSERT_TRUE(extension); |
| 277 | NavigateAndCommit(GURL("https://www.google.com")); |
| 278 | |
| 279 | ASSERT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
| 280 | |
| 281 | const size_t kNumInjections = 3u; |
| 282 | // Queue multiple pending injections. |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 283 | for (size_t i = 0u; i < kNumInjections; ++i) |
| 284 | RequestInjection(extension); |
| 285 | |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 286 | EXPECT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
| 287 | |
rdevlin.cronin | 4a78c48b | 2016-03-24 00:02:29 | [diff] [blame] | 288 | runner()->RunForTesting(extension); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 289 | |
| 290 | // All pending injections should have executed. |
| 291 | EXPECT_EQ(kNumInjections, GetExecutionCountForExtension(extension->id())); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 292 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 293 | } |
| 294 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 295 | TEST_F(ExtensionActionRunnerUnitTest, ActiveScriptsUseActiveTabPermissions) { |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 296 | const Extension* extension = AddExtension(); |
| 297 | NavigateAndCommit(GURL("https://www.google.com")); |
| 298 | |
| 299 | ActiveTabPermissionGranter* active_tab_permission_granter = |
| 300 | TabHelper::FromWebContents(web_contents()) |
| 301 | ->active_tab_permission_granter(); |
| 302 | ASSERT_TRUE(active_tab_permission_granter); |
| 303 | // Grant the extension active tab permissions. This normally happens, e.g., |
| 304 | // if the user clicks on a browser action. |
| 305 | active_tab_permission_granter->GrantIfRequested(extension); |
| 306 | |
| 307 | // Since we have active tab permissions, we shouldn't need user consent |
| 308 | // anymore. |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 309 | EXPECT_FALSE(RequiresUserConsent(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 310 | |
[email protected] | 4b8d1c6 | 2014-08-16 01:22:21 | [diff] [blame] | 311 | // Reloading and other same-origin navigations maintain the permission to |
| 312 | // execute. |
clamy | f205303 | 2017-10-20 16:01:59 | [diff] [blame] | 313 | content::NavigationSimulator::Reload(web_contents()); |
[email protected] | 4b8d1c6 | 2014-08-16 01:22:21 | [diff] [blame] | 314 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 315 | NavigateAndCommit(GURL("https://www.google.com/foo")); |
| 316 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 317 | NavigateAndCommit(GURL("https://www.google.com/bar")); |
| 318 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 319 | |
| 320 | // Navigating to a different origin will require user consent again. |
| 321 | NavigateAndCommit(GURL("https://yahoo.com")); |
| 322 | EXPECT_TRUE(RequiresUserConsent(extension)); |
| 323 | |
| 324 | // Back to the original origin should also re-require constent. |
| 325 | NavigateAndCommit(GURL("https://www.google.com")); |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 326 | EXPECT_TRUE(RequiresUserConsent(extension)); |
[email protected] | 11814f5 | 2014-05-23 06:50:35 | [diff] [blame] | 327 | |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 328 | RequestInjection(extension); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 329 | EXPECT_TRUE(runner()->WantsToRun(extension)); |
[email protected] | 11814f5 | 2014-05-23 06:50:35 | [diff] [blame] | 330 | EXPECT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
| 331 | |
| 332 | // Grant active tab. |
| 333 | active_tab_permission_granter->GrantIfRequested(extension); |
| 334 | |
| 335 | // The pending injections should have run since active tab permission was |
| 336 | // granted. |
| 337 | EXPECT_EQ(1u, GetExecutionCountForExtension(extension->id())); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 338 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 339 | } |
| 340 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 341 | TEST_F(ExtensionActionRunnerUnitTest, ActiveScriptsCanHaveAllUrlsPref) { |
[email protected] | b33c8c2 | 2014-05-29 19:51:08 | [diff] [blame] | 342 | const Extension* extension = AddExtension(); |
| 343 | ASSERT_TRUE(extension); |
| 344 | |
| 345 | NavigateAndCommit(GURL("https://www.google.com")); |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 346 | EXPECT_TRUE(RequiresUserConsent(extension)); |
[email protected] | b33c8c2 | 2014-05-29 19:51:08 | [diff] [blame] | 347 | |
| 348 | // Enable the extension on all urls. |
rdevlin.cronin | d01837b | 2016-08-17 01:37:18 | [diff] [blame] | 349 | ScriptingPermissionsModifier permissions_modifier(profile(), extension); |
Devlin Cronin | c583070 | 2018-07-03 00:26:16 | [diff] [blame] | 350 | permissions_modifier.SetWithholdHostPermissions(false); |
[email protected] | b33c8c2 | 2014-05-29 19:51:08 | [diff] [blame] | 351 | |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 352 | EXPECT_FALSE(RequiresUserConsent(extension)); |
[email protected] | b33c8c2 | 2014-05-29 19:51:08 | [diff] [blame] | 353 | // This should carry across navigations, and websites. |
| 354 | NavigateAndCommit(GURL("http://www.foo.com")); |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 355 | EXPECT_FALSE(RequiresUserConsent(extension)); |
[email protected] | b33c8c2 | 2014-05-29 19:51:08 | [diff] [blame] | 356 | |
| 357 | // Turning off the preference should have instant effect. |
Devlin Cronin | c583070 | 2018-07-03 00:26:16 | [diff] [blame] | 358 | permissions_modifier.SetWithholdHostPermissions(true); |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 359 | EXPECT_TRUE(RequiresUserConsent(extension)); |
[email protected] | b33c8c2 | 2014-05-29 19:51:08 | [diff] [blame] | 360 | |
| 361 | // And should also persist across navigations and websites. |
| 362 | NavigateAndCommit(GURL("http://www.bar.com")); |
[email protected] | 23a8536 | 2014-07-07 23:26:19 | [diff] [blame] | 363 | EXPECT_TRUE(RequiresUserConsent(extension)); |
[email protected] | b33c8c2 | 2014-05-29 19:51:08 | [diff] [blame] | 364 | } |
| 365 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 366 | TEST_F(ExtensionActionRunnerUnitTest, TestAlwaysRun) { |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 367 | const Extension* extension = AddExtension(); |
| 368 | ASSERT_TRUE(extension); |
| 369 | |
| 370 | NavigateAndCommit(GURL("https://www.google.com/?gws_rd=ssl")); |
| 371 | |
| 372 | // Ensure that there aren't any executions pending. |
| 373 | ASSERT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 374 | ASSERT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 375 | |
| 376 | // Since the extension requests all_hosts, we should require user consent. |
| 377 | EXPECT_TRUE(RequiresUserConsent(extension)); |
| 378 | |
rdevlin.cronin | 91f162a1 | 2014-09-03 16:48:40 | [diff] [blame] | 379 | // Request an injection. The extension should want to run, but not execute. |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 380 | RequestInjection(extension); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 381 | EXPECT_TRUE(runner()->WantsToRun(extension)); |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 382 | EXPECT_EQ(0u, GetExecutionCountForExtension(extension->id())); |
| 383 | |
| 384 | // Allow the extension to always run on this origin. |
rdevlin.cronin | cb9f86e | 2015-10-15 15:13:42 | [diff] [blame] | 385 | ScriptingPermissionsModifier modifier(profile(), extension); |
| 386 | modifier.GrantHostPermission(web_contents()->GetLastCommittedURL()); |
rdevlin.cronin | 4a78c48b | 2016-03-24 00:02:29 | [diff] [blame] | 387 | runner()->RunForTesting(extension); |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 388 | |
rdevlin.cronin | 91f162a1 | 2014-09-03 16:48:40 | [diff] [blame] | 389 | // The extension should execute, and the extension shouldn't want to run. |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 390 | EXPECT_EQ(1u, GetExecutionCountForExtension(extension->id())); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 391 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 392 | |
| 393 | // Since we already executed on the given page, we shouldn't need permission |
| 394 | // for a second time. |
| 395 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 396 | |
| 397 | // Navigating to another site that hasn't been granted a persisted permission |
| 398 | // should necessitate user consent. |
| 399 | NavigateAndCommit(GURL("https://www.foo.com/bar")); |
| 400 | EXPECT_TRUE(RequiresUserConsent(extension)); |
| 401 | |
| 402 | // We shouldn't need user permission upon returning to the original origin. |
| 403 | NavigateAndCommit(GURL("https://www.google.com/foo/bar")); |
| 404 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 405 | |
| 406 | // Reloading the extension should not clear any granted host permissions. |
| 407 | extension = ReloadExtension(); |
clamy | f205303 | 2017-10-20 16:01:59 | [diff] [blame] | 408 | content::NavigationSimulator::Reload(web_contents()); |
[email protected] | e167058 | 2014-08-15 23:05:41 | [diff] [blame] | 409 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 410 | |
| 411 | // Different host... |
| 412 | NavigateAndCommit(GURL("https://www.foo.com/bar")); |
| 413 | EXPECT_TRUE(RequiresUserConsent(extension)); |
| 414 | // Different scheme... |
| 415 | NavigateAndCommit(GURL("http://www.google.com/foo/bar")); |
| 416 | EXPECT_TRUE(RequiresUserConsent(extension)); |
| 417 | // Different subdomain... |
| 418 | NavigateAndCommit(GURL("https://en.google.com/foo/bar")); |
| 419 | EXPECT_TRUE(RequiresUserConsent(extension)); |
| 420 | // Only the "always run" origin should be allowed to run without user consent. |
| 421 | NavigateAndCommit(GURL("https://www.google.com/foo/bar")); |
| 422 | EXPECT_FALSE(RequiresUserConsent(extension)); |
| 423 | } |
| 424 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 425 | TEST_F(ExtensionActionRunnerUnitTest, TestDifferentScriptRunLocations) { |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 426 | const Extension* extension = AddExtension(); |
| 427 | ASSERT_TRUE(extension); |
| 428 | |
| 429 | NavigateAndCommit(GURL("https://www.foo.com")); |
| 430 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 431 | EXPECT_EQ(BLOCKED_ACTION_NONE, runner()->GetBlockedActions(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 432 | |
| 433 | RequestInjection(extension, UserScript::DOCUMENT_END); |
| 434 | EXPECT_EQ(BLOCKED_ACTION_SCRIPT_OTHER, |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 435 | runner()->GetBlockedActions(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 436 | RequestInjection(extension, UserScript::DOCUMENT_IDLE); |
| 437 | EXPECT_EQ(BLOCKED_ACTION_SCRIPT_OTHER, |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 438 | runner()->GetBlockedActions(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 439 | RequestInjection(extension, UserScript::DOCUMENT_START); |
| 440 | EXPECT_EQ(BLOCKED_ACTION_SCRIPT_AT_START | BLOCKED_ACTION_SCRIPT_OTHER, |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 441 | runner()->GetBlockedActions(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 442 | |
rdevlin.cronin | 4a78c48b | 2016-03-24 00:02:29 | [diff] [blame] | 443 | runner()->RunForTesting(extension); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 444 | EXPECT_EQ(BLOCKED_ACTION_NONE, runner()->GetBlockedActions(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 445 | } |
| 446 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 447 | TEST_F(ExtensionActionRunnerUnitTest, TestWebRequestBlocked) { |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 448 | const Extension* extension = AddExtension(); |
| 449 | ASSERT_TRUE(extension); |
| 450 | |
| 451 | NavigateAndCommit(GURL("https://www.foo.com")); |
| 452 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 453 | EXPECT_EQ(BLOCKED_ACTION_NONE, runner()->GetBlockedActions(extension)); |
| 454 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 455 | |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 456 | runner()->OnWebRequestBlocked(extension); |
| 457 | EXPECT_EQ(BLOCKED_ACTION_WEB_REQUEST, runner()->GetBlockedActions(extension)); |
| 458 | EXPECT_TRUE(runner()->WantsToRun(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 459 | |
| 460 | RequestInjection(extension); |
| 461 | EXPECT_EQ(BLOCKED_ACTION_WEB_REQUEST | BLOCKED_ACTION_SCRIPT_OTHER, |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 462 | runner()->GetBlockedActions(extension)); |
| 463 | EXPECT_TRUE(runner()->WantsToRun(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 464 | |
| 465 | NavigateAndCommit(GURL("https://www.bar.com")); |
rdevlin.cronin | 8408b4f9 | 2016-03-15 19:14:14 | [diff] [blame] | 466 | EXPECT_EQ(BLOCKED_ACTION_NONE, runner()->GetBlockedActions(extension)); |
| 467 | EXPECT_FALSE(runner()->WantsToRun(extension)); |
rdevlin.cronin | 8d034e5 | 2016-02-02 22:46:32 | [diff] [blame] | 468 | } |
| 469 | |
[email protected] | 78cd68e | 2014-05-22 20:33:52 | [diff] [blame] | 470 | } // namespace extensions |