1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
7 #include "base/command_line.h"
8 #include "base/memory/ref_counted.h"
9 #include "base/strings/string16.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "chrome/common/chrome_version_info.h"
12 #include "chrome/common/extensions/extension_test_util.h"
13 #include "chrome/common/extensions/features/feature_channel.h"
14 #include "content/public/common/socket_permission_request.h"
15 #include "extensions/common/error_utils.h"
16 #include "extensions/common/extension.h"
17 #include "extensions/common/extension_builder.h"
18 #include "extensions/common/id_util.h"
19 #include "extensions/common/manifest.h"
20 #include "extensions/common/manifest_constants.h"
21 #include "extensions/common/permissions/api_permission.h"
22 #include "extensions/common/permissions/permission_set.h"
23 #include "extensions/common/permissions/permissions_data.h"
24 #include "extensions/common/permissions/socket_permission.h"
25 #include "extensions/common/switches.h"
26 #include "extensions/common/url_pattern_set.h"
27 #include "extensions/common/value_builder.h"
28 #include "testing/gtest/include/gtest/gtest.h"
31 using base::UTF16ToUTF8;
32 using content::SocketPermissionRequest;
33 using extension_test_util::LoadManifest;
34 using extension_test_util::LoadManifestUnchecked;
35 using extension_test_util::LoadManifestStrict;
37 namespace extensions {
41 const char kAllHostsPermission[] = "*://*/*";
43 bool CheckSocketPermission(
44 scoped_refptr<Extension> extension,
45 SocketPermissionRequest::OperationType type,
48 SocketPermission::CheckParam param(type, host, port);
49 return extension->permissions_data()->CheckAPIPermissionWithParam(
50 APIPermission::kSocket, ¶m);
53 // Creates and returns an extension with the given |id|, |host_permissions|, and
54 // manifest |location|.
55 scoped_refptr<const Extension> GetExtensionWithHostPermission(
56 const std::string& id,
57 const std::string& host_permissions,
58 Manifest::Location location) {
59 ListBuilder permissions;
60 if (!host_permissions.empty())
61 permissions.Append(host_permissions);
63 return ExtensionBuilder()
67 .Set("description", "an extension")
68 .Set("manifest_version", 2)
69 .Set("version", "1.0.0")
70 .Set("permissions", permissions.Pass())
72 .SetLocation(location)
77 // Checks that urls are properly restricted for the given extension.
78 void CheckRestrictedUrls(const Extension* extension,
79 bool block_chrome_urls) {
80 // We log the name so we know _which_ extension failed here.
81 const std::string& name = extension->name();
82 const GURL chrome_settings_url("chrome://settings/");
83 const GURL chrome_extension_url("chrome-extension://foo/bar.html");
84 const GURL google_url("https://www.google.com/");
85 const GURL self_url("chrome-extension://" + extension->id() + "/foo.html");
86 const GURL invalid_url("chrome-debugger://foo/bar.html");
89 EXPECT_EQ(block_chrome_urls,
90 PermissionsData::IsRestrictedUrl(
95 if (block_chrome_urls)
96 EXPECT_EQ(manifest_errors::kCannotAccessChromeUrl, error) << name;
98 EXPECT_TRUE(error.empty()) << name;
101 EXPECT_EQ(block_chrome_urls,
102 PermissionsData::IsRestrictedUrl(
103 chrome_extension_url,
104 chrome_extension_url,
107 if (block_chrome_urls)
108 EXPECT_EQ(manifest_errors::kCannotAccessExtensionUrl, error) << name;
110 EXPECT_TRUE(error.empty()) << name;
112 // Google should never be a restricted url.
114 EXPECT_FALSE(PermissionsData::IsRestrictedUrl(
115 google_url, google_url, extension, &error)) << name;
116 EXPECT_TRUE(error.empty()) << name;
118 // We should always be able to access our own extension pages.
120 EXPECT_FALSE(PermissionsData::IsRestrictedUrl(
121 self_url, self_url, extension, &error)) << name;
122 EXPECT_TRUE(error.empty()) << name;
124 // We should only allow other schemes for extensions when it's a whitelisted
127 bool allow_on_other_schemes =
128 PermissionsData::CanExecuteScriptEverywhere(extension);
129 EXPECT_EQ(!allow_on_other_schemes,
130 PermissionsData::IsRestrictedUrl(
131 invalid_url, invalid_url, extension, &error)) << name;
132 if (!allow_on_other_schemes) {
133 EXPECT_EQ(ErrorUtils::FormatErrorMessage(
134 manifest_errors::kCannotAccessPage,
138 EXPECT_TRUE(error.empty());
144 TEST(ExtensionPermissionsTest, EffectiveHostPermissions) {
145 scoped_refptr<Extension> extension;
148 extension = LoadManifest("effective_host_permissions", "empty.json");
150 extension->permissions_data()
151 ->GetEffectiveHostPermissions()
154 EXPECT_FALSE(hosts.MatchesURL(GURL("http://www.google.com")));
155 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
157 extension = LoadManifest("effective_host_permissions", "one_host.json");
158 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
159 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
160 EXPECT_FALSE(hosts.MatchesURL(GURL("https://www.google.com")));
161 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
163 extension = LoadManifest("effective_host_permissions",
164 "one_host_wildcard.json");
165 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
166 EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
167 EXPECT_TRUE(hosts.MatchesURL(GURL("http://foo.google.com")));
168 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
170 extension = LoadManifest("effective_host_permissions", "two_hosts.json");
171 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
172 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
173 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
174 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
176 extension = LoadManifest("effective_host_permissions",
177 "https_not_considered.json");
178 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
179 EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
180 EXPECT_TRUE(hosts.MatchesURL(GURL("https://google.com")));
181 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
183 extension = LoadManifest("effective_host_permissions",
184 "two_content_scripts.json");
185 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
186 EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
187 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
188 EXPECT_TRUE(extension->permissions_data()
189 ->active_permissions()
190 ->HasEffectiveAccessToURL(GURL("http://www.reddit.com")));
191 EXPECT_TRUE(hosts.MatchesURL(GURL("http://news.ycombinator.com")));
193 extension->permissions_data()
194 ->active_permissions()
195 ->HasEffectiveAccessToURL(GURL("http://news.ycombinator.com")));
196 EXPECT_FALSE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
198 extension = LoadManifest("effective_host_permissions", "all_hosts.json");
199 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
200 EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
201 EXPECT_FALSE(hosts.MatchesURL(GURL("https://test/")));
202 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
203 EXPECT_TRUE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
205 extension = LoadManifest("effective_host_permissions", "all_hosts2.json");
206 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
207 EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
208 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
209 EXPECT_TRUE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
211 extension = LoadManifest("effective_host_permissions", "all_hosts3.json");
212 hosts = extension->permissions_data()->GetEffectiveHostPermissions();
213 EXPECT_FALSE(hosts.MatchesURL(GURL("http://test/")));
214 EXPECT_TRUE(hosts.MatchesURL(GURL("https://test/")));
215 EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
216 EXPECT_TRUE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
219 TEST(ExtensionPermissionsTest, SocketPermissions) {
220 // Set feature current channel to appropriate value.
221 ScopedCurrentChannel scoped_channel(chrome::VersionInfo::CHANNEL_DEV);
222 scoped_refptr<Extension> extension;
225 extension = LoadManifest("socket_permissions", "empty.json");
226 EXPECT_FALSE(CheckSocketPermission(extension,
227 SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
229 extension = LoadManifestUnchecked("socket_permissions",
231 Manifest::INTERNAL, Extension::NO_FLAGS,
233 EXPECT_TRUE(extension.get() == NULL);
234 std::string expected_error_msg_header = ErrorUtils::FormatErrorMessage(
235 manifest_errors::kInvalidPermissionWithDetail,
237 "NULL or empty permission list");
238 EXPECT_EQ(expected_error_msg_header, error);
240 extension = LoadManifest("socket_permissions", "socket2.json");
241 EXPECT_TRUE(CheckSocketPermission(extension,
242 SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
243 EXPECT_FALSE(CheckSocketPermission(
244 extension, SocketPermissionRequest::UDP_BIND, "", 80));
245 EXPECT_TRUE(CheckSocketPermission(
246 extension, SocketPermissionRequest::UDP_BIND, "", 8888));
248 EXPECT_FALSE(CheckSocketPermission(
249 extension, SocketPermissionRequest::UDP_SEND_TO, "example.com", 1900));
250 EXPECT_TRUE(CheckSocketPermission(
252 SocketPermissionRequest::UDP_SEND_TO,
253 "239.255.255.250", 1900));
256 TEST(ExtensionPermissionsTest, IsRestrictedUrl) {
257 scoped_refptr<const Extension> extension =
258 GetExtensionWithHostPermission("normal_extension",
261 // Chrome urls should be blocked for normal extensions.
262 CheckRestrictedUrls(extension, true);
264 scoped_refptr<const Extension> component =
265 GetExtensionWithHostPermission("component",
267 Manifest::COMPONENT);
268 // Chrome urls should be accessible by component extensions.
269 CheckRestrictedUrls(component, false);
271 base::CommandLine::ForCurrentProcess()->AppendSwitch(
272 switches::kExtensionsOnChromeURLs);
273 // Enabling the switch should allow all extensions to access chrome urls.
274 CheckRestrictedUrls(extension, false);
278 TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyAPIPermissions) {
279 scoped_refptr<Extension> extension;
280 extension = LoadManifest("permissions", "many-apis.json");
281 std::vector<base::string16> warnings =
282 extension->permissions_data()->GetPermissionMessageStrings();
283 // Warning for "tabs" is suppressed by "history" permission.
284 ASSERT_EQ(5u, warnings.size());
285 EXPECT_EQ("Read and change your data on api.flickr.com",
286 UTF16ToUTF8(warnings[0]));
287 EXPECT_EQ("Read and change your bookmarks", UTF16ToUTF8(warnings[1]));
288 EXPECT_EQ("Detect your physical location", UTF16ToUTF8(warnings[2]));
289 EXPECT_EQ("Read and change your browsing history", UTF16ToUTF8(warnings[3]));
290 EXPECT_EQ("Manage your apps, extensions, and themes",
291 UTF16ToUTF8(warnings[4]));
294 TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyHostsPermissions) {
295 scoped_refptr<Extension> extension;
296 extension = LoadManifest("permissions", "more-than-3-hosts.json");
297 std::vector<base::string16> warnings =
298 extension->permissions_data()->GetPermissionMessageStrings();
299 std::vector<base::string16> warnings_details =
300 extension->permissions_data()->GetPermissionMessageDetailsStrings();
301 ASSERT_EQ(1u, warnings.size());
302 ASSERT_EQ(1u, warnings_details.size());
303 EXPECT_EQ("Read and change your data on a number of websites",
304 UTF16ToUTF8(warnings[0]));
305 EXPECT_EQ("- www.a.com\n- www.b.com\n- www.c.com\n- www.d.com\n- www.e.com",
306 UTF16ToUTF8(warnings_details[0]));
309 TEST(ExtensionPermissionsTest, GetPermissionMessages_LocationApiPermission) {
310 scoped_refptr<Extension> extension;
311 extension = LoadManifest("permissions",
314 Extension::NO_FLAGS);
315 std::vector<base::string16> warnings =
316 extension->permissions_data()->GetPermissionMessageStrings();
317 ASSERT_EQ(1u, warnings.size());
318 EXPECT_EQ("Detect your physical location", UTF16ToUTF8(warnings[0]));
321 TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyHosts) {
322 scoped_refptr<Extension> extension;
323 extension = LoadManifest("permissions", "many-hosts.json");
324 std::vector<base::string16> warnings =
325 extension->permissions_data()->GetPermissionMessageStrings();
326 ASSERT_EQ(1u, warnings.size());
328 "Read and change your data on encrypted.google.com and www.google.com",
329 UTF16ToUTF8(warnings[0]));
332 TEST(ExtensionPermissionsTest, GetPermissionMessages_Plugins) {
333 scoped_refptr<Extension> extension;
334 extension = LoadManifest("permissions", "plugins.json");
335 std::vector<base::string16> warnings =
336 extension->permissions_data()->GetPermissionMessageStrings();
337 // We don't parse the plugins key on Chrome OS, so it should not ask for any
339 #if defined(OS_CHROMEOS)
340 ASSERT_EQ(0u, warnings.size());
342 ASSERT_EQ(1u, warnings.size());
344 "Read and change all your data on your computer and the websites you "
346 UTF16ToUTF8(warnings[0]));
350 // Base class for testing the CanAccessPage and CanCaptureVisiblePage
351 // methods of Extension for extensions with various permissions.
352 class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
354 ExtensionScriptAndCaptureVisibleTest()
355 : http_url("http://www.google.com"),
356 http_url_with_path("http://www.google.com/index.html"),
357 https_url("https://www.google.com"),
358 file_url("file:///foo/bar"),
359 favicon_url("chrome://favicon/http://www.google.com"),
360 extension_url("chrome-extension://" +
361 id_util::GenerateIdForPath(
362 base::FilePath(FILE_PATH_LITERAL("foo")))),
363 settings_url("chrome://settings"),
364 about_url("about:flags") {
365 urls_.insert(http_url);
366 urls_.insert(http_url_with_path);
367 urls_.insert(https_url);
368 urls_.insert(file_url);
369 urls_.insert(favicon_url);
370 urls_.insert(extension_url);
371 urls_.insert(settings_url);
372 urls_.insert(about_url);
373 // Ignore the policy delegate for this test.
374 PermissionsData::SetPolicyDelegate(NULL);
377 bool AllowedScript(const Extension* extension, const GURL& url,
378 const GURL& top_url) {
379 return AllowedScript(extension, url, top_url, -1);
382 bool AllowedScript(const Extension* extension, const GURL& url,
383 const GURL& top_url, int tab_id) {
384 return extension->permissions_data()->CanAccessPage(
385 extension, url, top_url, tab_id, -1, NULL);
388 bool BlockedScript(const Extension* extension, const GURL& url,
389 const GURL& top_url) {
390 return !extension->permissions_data()->CanAccessPage(
391 extension, url, top_url, -1, -1, NULL);
394 bool Allowed(const Extension* extension, const GURL& url) {
395 return Allowed(extension, url, -1);
398 bool Allowed(const Extension* extension, const GURL& url, int tab_id) {
399 return (extension->permissions_data()->CanAccessPage(
400 extension, url, url, tab_id, -1, NULL) &&
401 extension->permissions_data()->CanCaptureVisiblePage(tab_id, NULL));
404 bool CaptureOnly(const Extension* extension, const GURL& url) {
405 return CaptureOnly(extension, url, -1);
408 bool CaptureOnly(const Extension* extension, const GURL& url, int tab_id) {
409 return !extension->permissions_data()->CanAccessPage(
410 extension, url, url, tab_id, -1, NULL) &&
411 extension->permissions_data()->CanCaptureVisiblePage(tab_id, NULL);
414 bool ScriptOnly(const Extension* extension, const GURL& url,
415 const GURL& top_url) {
416 return ScriptOnly(extension, url, top_url, -1);
419 bool ScriptOnly(const Extension* extension, const GURL& url,
420 const GURL& top_url, int tab_id) {
421 return AllowedScript(extension, url, top_url, tab_id) &&
422 !extension->permissions_data()->CanCaptureVisiblePage(tab_id, NULL);
425 bool Blocked(const Extension* extension, const GURL& url) {
426 return Blocked(extension, url, -1);
429 bool Blocked(const Extension* extension, const GURL& url, int tab_id) {
430 return !(extension->permissions_data()->CanAccessPage(
431 extension, url, url, tab_id, -1, NULL) ||
432 extension->permissions_data()->CanCaptureVisiblePage(tab_id,
436 bool ScriptAllowedExclusivelyOnTab(
437 const Extension* extension,
438 const std::set<GURL>& allowed_urls,
441 for (std::set<GURL>::iterator it = urls_.begin(); it != urls_.end(); ++it) {
442 const GURL& url = *it;
443 if (allowed_urls.count(url))
444 result &= AllowedScript(extension, url, url, tab_id);
446 result &= Blocked(extension, url, tab_id);
451 // URLs that are "safe" to provide scripting and capture visible tab access
452 // to if the permissions allow it.
454 const GURL http_url_with_path;
455 const GURL https_url;
458 // We should allow host permission but not scripting permission for favicon
460 const GURL favicon_url;
462 // URLs that regular extensions should never get access to.
463 const GURL extension_url;
464 const GURL settings_url;
465 const GURL about_url;
468 // The set of all URLs above.
469 std::set<GURL> urls_;
472 TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
473 // Test <all_urls> for regular extensions.
474 scoped_refptr<Extension> extension = LoadManifestStrict("script_and_capture",
475 "extension_regular_all.json");
477 EXPECT_TRUE(Allowed(extension.get(), http_url));
478 EXPECT_TRUE(Allowed(extension.get(), https_url));
479 EXPECT_TRUE(CaptureOnly(extension.get(), file_url));
480 EXPECT_TRUE(CaptureOnly(extension.get(), settings_url));
481 EXPECT_TRUE(CaptureOnly(extension.get(), favicon_url));
482 EXPECT_TRUE(CaptureOnly(extension.get(), about_url));
483 EXPECT_TRUE(CaptureOnly(extension.get(), extension_url));
485 // Test access to iframed content.
486 GURL within_extension_url = extension->GetResourceURL("page.html");
487 EXPECT_TRUE(AllowedScript(extension.get(), http_url, http_url_with_path));
488 EXPECT_TRUE(AllowedScript(extension.get(), https_url, http_url_with_path));
489 EXPECT_TRUE(AllowedScript(extension.get(), http_url, within_extension_url));
490 EXPECT_TRUE(AllowedScript(extension.get(), https_url, within_extension_url));
491 EXPECT_TRUE(BlockedScript(extension.get(), http_url, extension_url));
492 EXPECT_TRUE(BlockedScript(extension.get(), https_url, extension_url));
494 EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
495 EXPECT_FALSE(extension->permissions_data()->HasHostPermission(about_url));
496 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
498 // Test * for scheme, which implies just the http/https schemes.
499 extension = LoadManifestStrict("script_and_capture",
500 "extension_wildcard.json");
501 EXPECT_TRUE(ScriptOnly(extension.get(), http_url, http_url));
502 EXPECT_TRUE(ScriptOnly(extension.get(), https_url, https_url));
503 EXPECT_TRUE(Blocked(extension.get(), settings_url));
504 EXPECT_TRUE(Blocked(extension.get(), about_url));
505 EXPECT_TRUE(Blocked(extension.get(), file_url));
506 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
508 LoadManifest("script_and_capture", "extension_wildcard_settings.json");
509 EXPECT_TRUE(Blocked(extension.get(), settings_url));
511 // Having chrome://*/ should not work for regular extensions. Note that
512 // for favicon access, we require the explicit pattern chrome://favicon/*.
514 extension = LoadManifestUnchecked("script_and_capture",
515 "extension_wildcard_chrome.json",
516 Manifest::INTERNAL, Extension::NO_FLAGS,
518 std::vector<InstallWarning> warnings = extension->install_warnings();
519 EXPECT_FALSE(warnings.empty());
520 EXPECT_EQ(ErrorUtils::FormatErrorMessage(
521 manifest_errors::kInvalidPermissionScheme,
523 warnings[0].message);
524 EXPECT_TRUE(Blocked(extension.get(), settings_url));
525 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
526 EXPECT_TRUE(Blocked(extension.get(), about_url));
528 // Having chrome://favicon/* should not give you chrome://*
529 extension = LoadManifestStrict("script_and_capture",
530 "extension_chrome_favicon_wildcard.json");
531 EXPECT_TRUE(Blocked(extension.get(), settings_url));
532 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
533 EXPECT_TRUE(Blocked(extension.get(), about_url));
534 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
536 // Having http://favicon should not give you chrome://favicon
537 extension = LoadManifestStrict("script_and_capture",
538 "extension_http_favicon.json");
539 EXPECT_TRUE(Blocked(extension.get(), settings_url));
540 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
542 // Component extensions with <all_urls> should get everything.
543 extension = LoadManifest("script_and_capture", "extension_component_all.json",
544 Manifest::COMPONENT, Extension::NO_FLAGS);
545 EXPECT_TRUE(Allowed(extension.get(), http_url));
546 EXPECT_TRUE(Allowed(extension.get(), https_url));
547 EXPECT_TRUE(Allowed(extension.get(), settings_url));
548 EXPECT_TRUE(Allowed(extension.get(), about_url));
549 EXPECT_TRUE(Allowed(extension.get(), favicon_url));
550 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
552 // Component extensions should only get access to what they ask for.
553 extension = LoadManifest("script_and_capture",
554 "extension_component_google.json", Manifest::COMPONENT,
555 Extension::NO_FLAGS);
556 EXPECT_TRUE(ScriptOnly(extension.get(), http_url, http_url));
557 EXPECT_TRUE(Blocked(extension.get(), https_url));
558 EXPECT_TRUE(Blocked(extension.get(), file_url));
559 EXPECT_TRUE(Blocked(extension.get(), settings_url));
560 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
561 EXPECT_TRUE(Blocked(extension.get(), about_url));
562 EXPECT_TRUE(Blocked(extension.get(), extension_url));
563 EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
566 TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
567 CommandLine::ForCurrentProcess()->AppendSwitch(
568 switches::kExtensionsOnChromeURLs);
570 scoped_refptr<Extension> extension;
572 // Test <all_urls> for regular extensions.
573 extension = LoadManifestStrict("script_and_capture",
574 "extension_regular_all.json");
575 EXPECT_TRUE(Allowed(extension.get(), http_url));
576 EXPECT_TRUE(Allowed(extension.get(), https_url));
577 EXPECT_TRUE(CaptureOnly(extension.get(), file_url));
578 EXPECT_TRUE(CaptureOnly(extension.get(), settings_url));
579 EXPECT_TRUE(Allowed(extension.get(), favicon_url)); // chrome:// requested
580 EXPECT_TRUE(CaptureOnly(extension.get(), about_url));
581 EXPECT_TRUE(CaptureOnly(extension.get(), extension_url));
583 // Test access to iframed content.
584 GURL within_extension_url = extension->GetResourceURL("page.html");
585 EXPECT_TRUE(AllowedScript(extension.get(), http_url, http_url_with_path));
586 EXPECT_TRUE(AllowedScript(extension.get(), https_url, http_url_with_path));
587 EXPECT_TRUE(AllowedScript(extension.get(), http_url, within_extension_url));
588 EXPECT_TRUE(AllowedScript(extension.get(), https_url, within_extension_url));
589 EXPECT_TRUE(AllowedScript(extension.get(), http_url, extension_url));
590 EXPECT_TRUE(AllowedScript(extension.get(), https_url, extension_url));
592 const PermissionsData* permissions_data = extension->permissions_data();
593 EXPECT_FALSE(permissions_data->HasHostPermission(settings_url));
594 EXPECT_FALSE(permissions_data->HasHostPermission(about_url));
595 EXPECT_TRUE(permissions_data->HasHostPermission(favicon_url));
597 // Test * for scheme, which implies just the http/https schemes.
598 extension = LoadManifestStrict("script_and_capture",
599 "extension_wildcard.json");
600 EXPECT_TRUE(ScriptOnly(extension.get(), http_url, http_url));
601 EXPECT_TRUE(ScriptOnly(extension.get(), https_url, https_url));
602 EXPECT_TRUE(Blocked(extension.get(), settings_url));
603 EXPECT_TRUE(Blocked(extension.get(), about_url));
604 EXPECT_TRUE(Blocked(extension.get(), file_url));
605 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
607 LoadManifest("script_and_capture", "extension_wildcard_settings.json");
608 EXPECT_TRUE(Blocked(extension.get(), settings_url));
610 // Having chrome://*/ should work for regular extensions with the flag
613 extension = LoadManifestUnchecked("script_and_capture",
614 "extension_wildcard_chrome.json",
615 Manifest::INTERNAL, Extension::NO_FLAGS,
617 EXPECT_FALSE(extension.get() == NULL);
618 EXPECT_TRUE(Blocked(extension.get(), http_url));
619 EXPECT_TRUE(Blocked(extension.get(), https_url));
620 EXPECT_TRUE(ScriptOnly(extension.get(), settings_url, settings_url));
621 EXPECT_TRUE(Blocked(extension.get(), about_url));
622 EXPECT_TRUE(Blocked(extension.get(), file_url));
623 EXPECT_TRUE(ScriptOnly(extension.get(), favicon_url, favicon_url));
625 // Having chrome://favicon/* should not give you chrome://*
626 extension = LoadManifestStrict("script_and_capture",
627 "extension_chrome_favicon_wildcard.json");
628 EXPECT_TRUE(Blocked(extension.get(), settings_url));
629 EXPECT_TRUE(ScriptOnly(extension.get(), favicon_url, favicon_url));
630 EXPECT_TRUE(Blocked(extension.get(), about_url));
631 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
633 // Having http://favicon should not give you chrome://favicon
634 extension = LoadManifestStrict("script_and_capture",
635 "extension_http_favicon.json");
636 EXPECT_TRUE(Blocked(extension.get(), settings_url));
637 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
639 // Component extensions with <all_urls> should get everything.
640 extension = LoadManifest("script_and_capture", "extension_component_all.json",
641 Manifest::COMPONENT, Extension::NO_FLAGS);
642 EXPECT_TRUE(Allowed(extension.get(), http_url));
643 EXPECT_TRUE(Allowed(extension.get(), https_url));
644 EXPECT_TRUE(Allowed(extension.get(), settings_url));
645 EXPECT_TRUE(Allowed(extension.get(), about_url));
646 EXPECT_TRUE(Allowed(extension.get(), favicon_url));
647 EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
649 // Component extensions should only get access to what they ask for.
650 extension = LoadManifest("script_and_capture",
651 "extension_component_google.json", Manifest::COMPONENT,
652 Extension::NO_FLAGS);
653 EXPECT_TRUE(ScriptOnly(extension.get(), http_url, http_url));
654 EXPECT_TRUE(Blocked(extension.get(), https_url));
655 EXPECT_TRUE(Blocked(extension.get(), file_url));
656 EXPECT_TRUE(Blocked(extension.get(), settings_url));
657 EXPECT_TRUE(Blocked(extension.get(), favicon_url));
658 EXPECT_TRUE(Blocked(extension.get(), about_url));
659 EXPECT_TRUE(Blocked(extension.get(), extension_url));
660 EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
663 TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) {
664 scoped_refptr<Extension> extension =
665 LoadManifestStrict("script_and_capture", "tab_specific.json");
667 const PermissionsData* permissions_data = extension->permissions_data();
668 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0));
669 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(1));
670 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(2));
672 std::set<GURL> no_urls;
674 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
675 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
676 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
678 URLPatternSet allowed_hosts;
679 allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
681 std::set<GURL> allowed_urls;
682 allowed_urls.insert(http_url);
683 // http_url_with_path() will also be allowed, because Extension should be
684 // considering the security origin of the URL not the URL itself, and
685 // http_url is in allowed_hosts.
686 allowed_urls.insert(http_url_with_path);
689 scoped_refptr<PermissionSet> permissions(
690 new PermissionSet(APIPermissionSet(), ManifestPermissionSet(),
691 allowed_hosts, URLPatternSet()));
692 permissions_data->UpdateTabSpecificPermissions(0, permissions);
693 EXPECT_EQ(permissions->explicit_hosts(),
694 permissions_data->GetTabSpecificPermissionsForTesting(0)
698 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), allowed_urls, 0));
699 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
700 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
702 permissions_data->ClearTabSpecificPermissions(0);
703 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0));
705 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
706 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
707 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
709 std::set<GURL> more_allowed_urls = allowed_urls;
710 more_allowed_urls.insert(https_url);
711 URLPatternSet more_allowed_hosts = allowed_hosts;
712 more_allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
716 scoped_refptr<PermissionSet> permissions(
717 new PermissionSet(APIPermissionSet(), ManifestPermissionSet(),
718 allowed_hosts, URLPatternSet()));
719 permissions_data->UpdateTabSpecificPermissions(0, permissions);
720 EXPECT_EQ(permissions->explicit_hosts(),
721 permissions_data->GetTabSpecificPermissionsForTesting(0)
724 permissions = new PermissionSet(APIPermissionSet(),
725 ManifestPermissionSet(),
728 permissions_data->UpdateTabSpecificPermissions(1, permissions);
729 EXPECT_EQ(permissions->explicit_hosts(),
730 permissions_data->GetTabSpecificPermissionsForTesting(1)
734 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), allowed_urls, 0));
736 ScriptAllowedExclusivelyOnTab(extension.get(), more_allowed_urls, 1));
737 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
739 permissions_data->ClearTabSpecificPermissions(0);
740 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0));
742 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
744 ScriptAllowedExclusivelyOnTab(extension.get(), more_allowed_urls, 1));
745 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
747 permissions_data->ClearTabSpecificPermissions(1);
748 EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(1));
750 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
751 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
752 EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
755 } // namespace extensions