Google Git
Sign in
chromium / chromium / src / 689912289c / . / chrome / browser / payments / payment_handler_exploit_browsertest.cc
blob: b34b483845d52dbf189214791f2e413a8497ec34 [file] [log] [blame]
// Copyright 2019 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "base/macros.h"
#include "build/build_config.h"
#include "chrome/test/base/chrome_test_utils.h"
#include "chrome/test/payments/payment_request_test_controller.h"
#include "content/public/browser/render_process_host.h"
#include "content/public/browser/web_contents.h"
#include "content/public/test/browser_test_utils.h"
#include "content/public/test/content_browser_test_utils.h"
#include "content/public/test/service_worker_host_interceptor.h"
#include "net/dns/mock_host_resolver.h"
#include "net/test/embedded_test_server/embedded_test_server.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "url/gurl.h"
#include "url/origin.h"
#if defined(OS_ANDROID)
#include "chrome/test/base/android/android_browser_test.h"
#else
#include "chrome/test/base/in_process_browser_test.h"
#endif
namespace payments {
namespace {
class PaymentHandlerExploitTest : public PlatformBrowserTest,
public content::ServiceWorkerHostInterceptor {
public:
PaymentHandlerExploitTest()
: https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {}
~PaymentHandlerExploitTest() override {}
content::WebContents* GetActiveWebContents() {
return chrome_test_utils::GetActiveWebContents(this);
}
void set_payment_handler_window_url(const GURL& url) {
payment_handler_window_url_ = url;
}
GURL GetTestServerUrl(const std::string& relative_path) {
return https_server_.GetURL(relative_path);
}
private:
// PlatformBrowserTest:
void SetUpOnMainThread() override {
https_server_.ServeFilesFromSourceDirectory(
"components/test/data/payments");
ASSERT_TRUE(https_server_.Start());
ASSERT_TRUE(content::NavigateToURL(
GetActiveWebContents(), GetTestServerUrl("/payment_handler.html")));
test_controller_.SetUpOnMainThread();
PlatformBrowserTest::SetUpOnMainThread();
}
// content::ServiceWorkerHostInterceptor:
bool WillOpenPaymentHandlerWindow(GURL* url) override {
*url = payment_handler_window_url_;
return true;
}
GURL payment_handler_window_url_;
net::EmbeddedTestServer https_server_;
PaymentRequestTestController test_controller_;
DISALLOW_COPY_AND_ASSIGN(PaymentHandlerExploitTest);
};
// Unable to launch a payment handler window on Android through browser test.
// https://crbug.com/998737
#if defined(OS_ANDROID)
#define MAYBE_SmokeTest DISABLED_SmokeTest
#else
#define MAYBE_SmokeTest SmokeTest
#endif
IN_PROC_BROWSER_TEST_F(PaymentHandlerExploitTest, MAYBE_SmokeTest) {
std::string expected = "success";
EXPECT_EQ(expected, content::EvalJs(GetActiveWebContents(), "install()"));
EXPECT_EQ(expected, content::EvalJs(GetActiveWebContents(), "launch()"));
}
IN_PROC_BROWSER_TEST_F(PaymentHandlerExploitTest,
RendererCannotOpenCrossOriginWindow) {
std::string expected = "success";
EXPECT_EQ(expected, content::EvalJs(GetActiveWebContents(), "install()"));
GURL service_worker_scope = GetTestServerUrl("/");
int service_worker_process_id = -1;
EXPECT_EQ(blink::ServiceWorkerStatusCode::kOk,
InterceptServiceWorkerHostWithScope(
GetActiveWebContents()->GetBrowserContext(),
service_worker_scope, &service_worker_process_id));
content::RenderProcessHostWatcher crash_observer(
content::RenderProcessHost::FromID(service_worker_process_id),
content::RenderProcessHostWatcher::WATCH_FOR_PROCESS_EXIT);
GURL cross_origin_url("https://127.0.0.1:80");
EXPECT_FALSE(url::IsSameOriginWith(cross_origin_url, service_worker_scope));
set_payment_handler_window_url(cross_origin_url);
EXPECT_TRUE(content::ExecJs(GetActiveWebContents(), "launch()"));
crash_observer.Wait();
EXPECT_FALSE(crash_observer.did_exit_normally());
}
} // namespace
} // namespace payments