permissions_data_unittest.cc revision 4e180b6a0b4720a9b8e9e959a882386f690f08ff 
1// Copyright (c) 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include <vector>
6
7#include "base/command_line.h"
8#include "base/memory/ref_counted.h"
9#include "base/strings/string16.h"
10#include "base/strings/utf_string_conversions.h"
11#include "chrome/common/chrome_version_info.h"
12#include "chrome/common/extensions/extension.h"
13#include "chrome/common/extensions/extension_test_util.h"
14#include "chrome/common/extensions/features/feature_channel.h"
15#include "chrome/common/extensions/permissions/permission_set.h"
16#include "chrome/common/extensions/permissions/permissions_data.h"
17#include "chrome/common/extensions/permissions/socket_permission.h"
18#include "content/public/common/socket_permission_request.h"
19#include "extensions/common/error_utils.h"
20#include "extensions/common/id_util.h"
21#include "extensions/common/manifest_constants.h"
22#include "extensions/common/permissions/api_permission.h"
23#include "extensions/common/switches.h"
24#include "extensions/common/url_pattern_set.h"
25#include "testing/gtest/include/gtest/gtest.h"
26
27using content::SocketPermissionRequest;
28using extension_test_util::LoadManifest;
29using extension_test_util::LoadManifestUnchecked;
30using extension_test_util::LoadManifestStrict;
31
32namespace extensions {
33
34namespace {
35
36bool CheckSocketPermission(
37    scoped_refptr<Extension> extension,
38    SocketPermissionRequest::OperationType type,
39    const char* host,
40    int port) {
41  SocketPermission::CheckParam param(type, host, port);
42  return PermissionsData::CheckAPIPermissionWithParam(
43      extension.get(), APIPermission::kSocket, &param);
44}
45
46}  // namespace
47
48TEST(ExtensionPermissionsTest, EffectiveHostPermissions) {
49  scoped_refptr<Extension> extension;
50  URLPatternSet hosts;
51
52  extension = LoadManifest("effective_host_permissions", "empty.json");
53  EXPECT_EQ(0u,
54            PermissionsData::GetEffectiveHostPermissions(extension.get())
55                .patterns().size());
56  EXPECT_FALSE(hosts.MatchesURL(GURL("http://www.google.com")));
57  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
58
59  extension = LoadManifest("effective_host_permissions", "one_host.json");
60  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
61  EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
62  EXPECT_FALSE(hosts.MatchesURL(GURL("https://www.google.com")));
63  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
64
65  extension = LoadManifest("effective_host_permissions",
66                           "one_host_wildcard.json");
67  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
68  EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
69  EXPECT_TRUE(hosts.MatchesURL(GURL("http://foo.google.com")));
70  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
71
72  extension = LoadManifest("effective_host_permissions", "two_hosts.json");
73  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
74  EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
75  EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
76  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
77
78  extension = LoadManifest("effective_host_permissions",
79                           "https_not_considered.json");
80  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
81  EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
82  EXPECT_TRUE(hosts.MatchesURL(GURL("https://google.com")));
83  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
84
85  extension = LoadManifest("effective_host_permissions",
86                           "two_content_scripts.json");
87  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
88  EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
89  EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
90  EXPECT_TRUE(extension->GetActivePermissions()->HasEffectiveAccessToURL(
91      GURL("http://www.reddit.com")));
92  EXPECT_TRUE(hosts.MatchesURL(GURL("http://news.ycombinator.com")));
93  EXPECT_TRUE(extension->GetActivePermissions()->HasEffectiveAccessToURL(
94      GURL("http://news.ycombinator.com")));
95  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
96
97  extension = LoadManifest("effective_host_permissions", "all_hosts.json");
98  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
99  EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
100  EXPECT_FALSE(hosts.MatchesURL(GURL("https://test/")));
101  EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
102  EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
103
104  extension = LoadManifest("effective_host_permissions", "all_hosts2.json");
105  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
106  EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
107  EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
108  EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
109
110  extension = LoadManifest("effective_host_permissions", "all_hosts3.json");
111  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
112  EXPECT_FALSE(hosts.MatchesURL(GURL("http://test/")));
113  EXPECT_TRUE(hosts.MatchesURL(GURL("https://test/")));
114  EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
115  EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
116}
117
118TEST(ExtensionPermissionsTest, SocketPermissions) {
119  // Set feature current channel to appropriate value.
120  ScopedCurrentChannel scoped_channel(chrome::VersionInfo::CHANNEL_DEV);
121  scoped_refptr<Extension> extension;
122  std::string error;
123
124  extension = LoadManifest("socket_permissions", "empty.json");
125  EXPECT_FALSE(CheckSocketPermission(extension,
126      SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
127
128  extension = LoadManifestUnchecked("socket_permissions",
129                                    "socket1.json",
130                                    Manifest::INTERNAL, Extension::NO_FLAGS,
131                                    &error);
132  EXPECT_TRUE(extension.get() == NULL);
133  ASSERT_EQ(ErrorUtils::FormatErrorMessage(
134                manifest_errors::kInvalidPermission, "socket"),
135            error);
136
137  extension = LoadManifest("socket_permissions", "socket2.json");
138  EXPECT_TRUE(CheckSocketPermission(extension,
139      SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
140  EXPECT_FALSE(CheckSocketPermission(
141        extension, SocketPermissionRequest::UDP_BIND, "", 80));
142  EXPECT_TRUE(CheckSocketPermission(
143        extension, SocketPermissionRequest::UDP_BIND, "", 8888));
144
145  EXPECT_FALSE(CheckSocketPermission(
146        extension, SocketPermissionRequest::UDP_SEND_TO, "example.com", 1900));
147  EXPECT_TRUE(CheckSocketPermission(
148        extension,
149        SocketPermissionRequest::UDP_SEND_TO,
150        "239.255.255.250", 1900));
151}
152
153TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyAPIPermissions) {
154  scoped_refptr<Extension> extension;
155  extension = LoadManifest("permissions", "many-apis.json");
156  std::vector<string16> warnings =
157      PermissionsData::GetPermissionMessageStrings(extension.get());
158  ASSERT_EQ(6u, warnings.size());
159  EXPECT_EQ("Access your data on api.flickr.com",
160            UTF16ToUTF8(warnings[0]));
161  EXPECT_EQ("Read and modify your bookmarks", UTF16ToUTF8(warnings[1]));
162  EXPECT_EQ("Detect your physical location", UTF16ToUTF8(warnings[2]));
163  EXPECT_EQ("Read and modify your browsing history", UTF16ToUTF8(warnings[3]));
164  EXPECT_EQ("Access your tabs and browsing activity", UTF16ToUTF8(warnings[4]));
165  EXPECT_EQ("Manage your apps, extensions, and themes",
166            UTF16ToUTF8(warnings[5]));
167}
168
169TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyHostsPermissions) {
170  scoped_refptr<Extension> extension;
171  extension = LoadManifest("permissions", "more-than-3-hosts.json");
172  std::vector<string16> warnings =
173      PermissionsData::GetPermissionMessageStrings(extension.get());
174  std::vector<string16> warnings_details =
175      PermissionsData::GetPermissionMessageDetailsStrings(extension.get());
176  ASSERT_EQ(1u, warnings.size());
177  ASSERT_EQ(1u, warnings_details.size());
178  EXPECT_EQ("Access your data on 5 websites", UTF16ToUTF8(warnings[0]));
179  EXPECT_EQ("- www.a.com\n- www.b.com\n- www.c.com\n- www.d.com\n- www.e.com",
180            UTF16ToUTF8(warnings_details[0]));
181}
182
183TEST(ExtensionPermissionsTest, GetPermissionMessages_LocationApiPermission) {
184  scoped_refptr<Extension> extension;
185  extension = LoadManifest("permissions",
186                           "location-api.json",
187                           Manifest::COMPONENT,
188                           Extension::NO_FLAGS);
189  std::vector<string16> warnings =
190      PermissionsData::GetPermissionMessageStrings(extension.get());
191  ASSERT_EQ(1u, warnings.size());
192  EXPECT_EQ("Detect your physical location", UTF16ToUTF8(warnings[0]));
193}
194
195TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyHosts) {
196  scoped_refptr<Extension> extension;
197  extension = LoadManifest("permissions", "many-hosts.json");
198  std::vector<string16> warnings =
199      PermissionsData::GetPermissionMessageStrings(extension.get());
200  ASSERT_EQ(1u, warnings.size());
201  EXPECT_EQ("Access your data on encrypted.google.com and www.google.com",
202            UTF16ToUTF8(warnings[0]));
203}
204
205TEST(ExtensionPermissionsTest, GetPermissionMessages_Plugins) {
206  scoped_refptr<Extension> extension;
207  extension = LoadManifest("permissions", "plugins.json");
208  std::vector<string16> warnings =
209      PermissionsData::GetPermissionMessageStrings(extension.get());
210// We don't parse the plugins key on Chrome OS, so it should not ask for any
211// permissions.
212#if defined(OS_CHROMEOS)
213  ASSERT_EQ(0u, warnings.size());
214#else
215  ASSERT_EQ(1u, warnings.size());
216  EXPECT_EQ("Access all data on your computer and the websites you visit",
217            UTF16ToUTF8(warnings[0]));
218#endif
219}
220
221// Base class for testing the CanExecuteScriptOnPage and CanCaptureVisiblePage
222// methods of Extension for extensions with various permissions.
223class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
224 protected:
225  ExtensionScriptAndCaptureVisibleTest()
226      : http_url("http://www.google.com"),
227        http_url_with_path("http://www.google.com/index.html"),
228        https_url("https://www.google.com"),
229        file_url("file:///foo/bar"),
230        favicon_url("chrome://favicon/http://www.google.com"),
231        extension_url("chrome-extension://" +
232            id_util::GenerateIdForPath(
233                base::FilePath(FILE_PATH_LITERAL("foo")))),
234        settings_url("chrome://settings"),
235        about_url("about:flags") {
236    urls_.insert(http_url);
237    urls_.insert(http_url_with_path);
238    urls_.insert(https_url);
239    urls_.insert(file_url);
240    urls_.insert(favicon_url);
241    urls_.insert(extension_url);
242    urls_.insert(settings_url);
243    urls_.insert(about_url);
244    // Ignore the policy delegate for this test.
245    PermissionsData::SetPolicyDelegate(NULL);
246  }
247
248  bool AllowedScript(const Extension* extension, const GURL& url,
249                     const GURL& top_url) {
250    return PermissionsData::CanExecuteScriptOnPage(
251        extension, url, top_url, -1, NULL, -1, NULL);
252  }
253
254  bool BlockedScript(const Extension* extension, const GURL& url,
255                     const GURL& top_url) {
256    return !PermissionsData::CanExecuteScriptOnPage(
257        extension, url, top_url, -1, NULL, -1, NULL);
258  }
259
260  bool Allowed(const Extension* extension, const GURL& url) {
261    return Allowed(extension, url, -1);
262  }
263
264  bool Allowed(const Extension* extension, const GURL& url, int tab_id) {
265    return (PermissionsData::CanExecuteScriptOnPage(
266                extension, url, url, tab_id, NULL, -1, NULL) &&
267            PermissionsData::CanCaptureVisiblePage(
268                extension, url, tab_id, NULL));
269  }
270
271  bool CaptureOnly(const Extension* extension, const GURL& url) {
272    return CaptureOnly(extension, url, -1);
273  }
274
275  bool CaptureOnly(const Extension* extension, const GURL& url, int tab_id) {
276    return !PermissionsData::CanExecuteScriptOnPage(
277                extension, url, url, tab_id, NULL, -1, NULL) &&
278           PermissionsData::CanCaptureVisiblePage(extension, url, tab_id, NULL);
279  }
280
281  bool Blocked(const Extension* extension, const GURL& url) {
282    return Blocked(extension, url, -1);
283  }
284
285  bool Blocked(const Extension* extension, const GURL& url, int tab_id) {
286    return !(PermissionsData::CanExecuteScriptOnPage(
287                 extension, url, url, tab_id, NULL, -1, NULL) ||
288             PermissionsData::CanCaptureVisiblePage(
289                 extension, url, tab_id, NULL));
290  }
291
292  bool AllowedExclusivelyOnTab(
293      const Extension* extension,
294      const std::set<GURL>& allowed_urls,
295      int tab_id) {
296    bool result = true;
297    for (std::set<GURL>::iterator it = urls_.begin(); it != urls_.end(); ++it) {
298      const GURL& url = *it;
299      if (allowed_urls.count(url))
300        result &= Allowed(extension, url, tab_id);
301      else
302        result &= Blocked(extension, url, tab_id);
303    }
304    return result;
305  }
306
307  // URLs that are "safe" to provide scripting and capture visible tab access
308  // to if the permissions allow it.
309  const GURL http_url;
310  const GURL http_url_with_path;
311  const GURL https_url;
312  const GURL file_url;
313
314  // We should allow host permission but not scripting permission for favicon
315  // urls.
316  const GURL favicon_url;
317
318  // URLs that regular extensions should never get access to.
319  const GURL extension_url;
320  const GURL settings_url;
321  const GURL about_url;
322
323 private:
324  // The set of all URLs above.
325  std::set<GURL> urls_;
326};
327
328TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
329  // Test <all_urls> for regular extensions.
330  scoped_refptr<Extension> extension = LoadManifestStrict("script_and_capture",
331      "extension_regular_all.json");
332
333  EXPECT_TRUE(Allowed(extension.get(), http_url));
334  EXPECT_TRUE(Allowed(extension.get(), https_url));
335  EXPECT_TRUE(Blocked(extension.get(), file_url));
336  EXPECT_TRUE(Blocked(extension.get(), settings_url));
337  EXPECT_TRUE(CaptureOnly(extension.get(), favicon_url));
338  EXPECT_TRUE(Blocked(extension.get(), about_url));
339  EXPECT_TRUE(Blocked(extension.get(), extension_url));
340
341  // Test access to iframed content.
342  GURL within_extension_url = extension->GetResourceURL("page.html");
343  EXPECT_TRUE(AllowedScript(extension.get(), http_url, http_url_with_path));
344  EXPECT_TRUE(AllowedScript(extension.get(), https_url, http_url_with_path));
345  EXPECT_TRUE(AllowedScript(extension.get(), http_url, within_extension_url));
346  EXPECT_TRUE(AllowedScript(extension.get(), https_url, within_extension_url));
347  EXPECT_TRUE(BlockedScript(extension.get(), http_url, extension_url));
348  EXPECT_TRUE(BlockedScript(extension.get(), https_url, extension_url));
349
350  EXPECT_FALSE(
351      PermissionsData::HasHostPermission(extension.get(), settings_url));
352  EXPECT_FALSE(PermissionsData::HasHostPermission(extension.get(), about_url));
353  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
354
355  // Test * for scheme, which implies just the http/https schemes.
356  extension = LoadManifestStrict("script_and_capture",
357      "extension_wildcard.json");
358  EXPECT_TRUE(Allowed(extension.get(), http_url));
359  EXPECT_TRUE(Allowed(extension.get(), https_url));
360  EXPECT_TRUE(Blocked(extension.get(), settings_url));
361  EXPECT_TRUE(Blocked(extension.get(), about_url));
362  EXPECT_TRUE(Blocked(extension.get(), file_url));
363  EXPECT_TRUE(Blocked(extension.get(), favicon_url));
364  extension =
365      LoadManifest("script_and_capture", "extension_wildcard_settings.json");
366  EXPECT_TRUE(Blocked(extension.get(), settings_url));
367
368  // Having chrome://*/ should not work for regular extensions. Note that
369  // for favicon access, we require the explicit pattern chrome://favicon/*.
370  std::string error;
371  extension = LoadManifestUnchecked("script_and_capture",
372                                    "extension_wildcard_chrome.json",
373                                    Manifest::INTERNAL, Extension::NO_FLAGS,
374                                    &error);
375  std::vector<InstallWarning> warnings = extension->install_warnings();
376  EXPECT_FALSE(warnings.empty());
377  EXPECT_EQ(ErrorUtils::FormatErrorMessage(
378                manifest_errors::kInvalidPermissionScheme,
379                "chrome://*/"),
380            warnings[0].message);
381  EXPECT_TRUE(Blocked(extension.get(), settings_url));
382  EXPECT_TRUE(Blocked(extension.get(), favicon_url));
383  EXPECT_TRUE(Blocked(extension.get(), about_url));
384
385  // Having chrome://favicon/* should not give you chrome://*
386  extension = LoadManifestStrict("script_and_capture",
387      "extension_chrome_favicon_wildcard.json");
388  EXPECT_TRUE(Blocked(extension.get(), settings_url));
389  EXPECT_TRUE(CaptureOnly(extension.get(), favicon_url));
390  EXPECT_TRUE(Blocked(extension.get(), about_url));
391  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
392
393  // Having http://favicon should not give you chrome://favicon
394  extension = LoadManifestStrict("script_and_capture",
395      "extension_http_favicon.json");
396  EXPECT_TRUE(Blocked(extension.get(), settings_url));
397  EXPECT_TRUE(Blocked(extension.get(), favicon_url));
398
399  // Component extensions with <all_urls> should get everything.
400  extension = LoadManifest("script_and_capture", "extension_component_all.json",
401      Manifest::COMPONENT, Extension::NO_FLAGS);
402  EXPECT_TRUE(Allowed(extension.get(), http_url));
403  EXPECT_TRUE(Allowed(extension.get(), https_url));
404  EXPECT_TRUE(Allowed(extension.get(), settings_url));
405  EXPECT_TRUE(Allowed(extension.get(), about_url));
406  EXPECT_TRUE(Allowed(extension.get(), favicon_url));
407  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
408
409  // Component extensions should only get access to what they ask for.
410  extension = LoadManifest("script_and_capture",
411      "extension_component_google.json", Manifest::COMPONENT,
412      Extension::NO_FLAGS);
413  EXPECT_TRUE(Allowed(extension.get(), http_url));
414  EXPECT_TRUE(Blocked(extension.get(), https_url));
415  EXPECT_TRUE(Blocked(extension.get(), file_url));
416  EXPECT_TRUE(Blocked(extension.get(), settings_url));
417  EXPECT_TRUE(Blocked(extension.get(), favicon_url));
418  EXPECT_TRUE(Blocked(extension.get(), about_url));
419  EXPECT_TRUE(Blocked(extension.get(), extension_url));
420  EXPECT_FALSE(
421      PermissionsData::HasHostPermission(extension.get(), settings_url));
422}
423
424TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
425  CommandLine::ForCurrentProcess()->AppendSwitch(
426      switches::kExtensionsOnChromeURLs);
427
428  scoped_refptr<Extension> extension;
429
430  // Test <all_urls> for regular extensions.
431  extension = LoadManifestStrict("script_and_capture",
432      "extension_regular_all.json");
433  EXPECT_TRUE(Allowed(extension.get(), http_url));
434  EXPECT_TRUE(Allowed(extension.get(), https_url));
435  EXPECT_TRUE(Blocked(extension.get(), file_url));
436  EXPECT_TRUE(Blocked(extension.get(), settings_url));
437  EXPECT_TRUE(Allowed(extension.get(), favicon_url));  // chrome:// requested
438  EXPECT_TRUE(Blocked(extension.get(), about_url));
439  EXPECT_TRUE(Blocked(extension.get(), extension_url));
440
441  // Test access to iframed content.
442  GURL within_extension_url = extension->GetResourceURL("page.html");
443  EXPECT_TRUE(AllowedScript(extension.get(), http_url, http_url_with_path));
444  EXPECT_TRUE(AllowedScript(extension.get(), https_url, http_url_with_path));
445  EXPECT_TRUE(AllowedScript(extension.get(), http_url, within_extension_url));
446  EXPECT_TRUE(AllowedScript(extension.get(), https_url, within_extension_url));
447  EXPECT_TRUE(BlockedScript(extension.get(), http_url, extension_url));
448  EXPECT_TRUE(BlockedScript(extension.get(), https_url, extension_url));
449
450  EXPECT_FALSE(
451      PermissionsData::HasHostPermission(extension.get(), settings_url));
452  EXPECT_FALSE(PermissionsData::HasHostPermission(extension.get(), about_url));
453  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
454
455  // Test * for scheme, which implies just the http/https schemes.
456  extension = LoadManifestStrict("script_and_capture",
457      "extension_wildcard.json");
458  EXPECT_TRUE(Allowed(extension.get(), http_url));
459  EXPECT_TRUE(Allowed(extension.get(), https_url));
460  EXPECT_TRUE(Blocked(extension.get(), settings_url));
461  EXPECT_TRUE(Blocked(extension.get(), about_url));
462  EXPECT_TRUE(Blocked(extension.get(), file_url));
463  EXPECT_TRUE(Blocked(extension.get(), favicon_url));
464  extension =
465      LoadManifest("script_and_capture", "extension_wildcard_settings.json");
466  EXPECT_TRUE(Blocked(extension.get(), settings_url));
467
468  // Having chrome://*/ should work for regular extensions with the flag
469  // enabled.
470  std::string error;
471  extension = LoadManifestUnchecked("script_and_capture",
472                                    "extension_wildcard_chrome.json",
473                                    Manifest::INTERNAL, Extension::NO_FLAGS,
474                                    &error);
475  EXPECT_FALSE(extension.get() == NULL);
476  EXPECT_TRUE(Blocked(extension.get(), http_url));
477  EXPECT_TRUE(Blocked(extension.get(), https_url));
478  EXPECT_TRUE(Allowed(extension.get(), settings_url));
479  EXPECT_TRUE(Blocked(extension.get(), about_url));
480  EXPECT_TRUE(Blocked(extension.get(), file_url));
481  EXPECT_TRUE(Allowed(extension.get(), favicon_url));  // chrome:// requested
482
483  // Having chrome://favicon/* should not give you chrome://*
484  extension = LoadManifestStrict("script_and_capture",
485      "extension_chrome_favicon_wildcard.json");
486  EXPECT_TRUE(Blocked(extension.get(), settings_url));
487  EXPECT_TRUE(Allowed(extension.get(), favicon_url));  // chrome:// requested
488  EXPECT_TRUE(Blocked(extension.get(), about_url));
489  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
490
491  // Having http://favicon should not give you chrome://favicon
492  extension = LoadManifestStrict("script_and_capture",
493      "extension_http_favicon.json");
494  EXPECT_TRUE(Blocked(extension.get(), settings_url));
495  EXPECT_TRUE(Blocked(extension.get(), favicon_url));
496
497  // Component extensions with <all_urls> should get everything.
498  extension = LoadManifest("script_and_capture", "extension_component_all.json",
499      Manifest::COMPONENT, Extension::NO_FLAGS);
500  EXPECT_TRUE(Allowed(extension.get(), http_url));
501  EXPECT_TRUE(Allowed(extension.get(), https_url));
502  EXPECT_TRUE(Allowed(extension.get(), settings_url));
503  EXPECT_TRUE(Allowed(extension.get(), about_url));
504  EXPECT_TRUE(Allowed(extension.get(), favicon_url));
505  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
506
507  // Component extensions should only get access to what they ask for.
508  extension = LoadManifest("script_and_capture",
509      "extension_component_google.json", Manifest::COMPONENT,
510      Extension::NO_FLAGS);
511  EXPECT_TRUE(Allowed(extension.get(), http_url));
512  EXPECT_TRUE(Blocked(extension.get(), https_url));
513  EXPECT_TRUE(Blocked(extension.get(), file_url));
514  EXPECT_TRUE(Blocked(extension.get(), settings_url));
515  EXPECT_TRUE(Blocked(extension.get(), favicon_url));
516  EXPECT_TRUE(Blocked(extension.get(), about_url));
517  EXPECT_TRUE(Blocked(extension.get(), extension_url));
518  EXPECT_FALSE(
519      PermissionsData::HasHostPermission(extension.get(), settings_url));
520}
521
522TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) {
523  scoped_refptr<Extension> extension =
524      LoadManifestStrict("script_and_capture", "tab_specific.json");
525
526  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
527                   .get());
528  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 1)
529                   .get());
530  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 2)
531                   .get());
532
533  std::set<GURL> no_urls;
534
535  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 0));
536  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 1));
537  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 2));
538
539  URLPatternSet allowed_hosts;
540  allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
541                                      http_url.spec()));
542  std::set<GURL> allowed_urls;
543  allowed_urls.insert(http_url);
544  // http_url_with_path() will also be allowed, because Extension should be
545  // considering the security origin of the URL not the URL itself, and
546  // http_url is in allowed_hosts.
547  allowed_urls.insert(http_url_with_path);
548
549  {
550    scoped_refptr<PermissionSet> permissions(
551        new PermissionSet(APIPermissionSet(), allowed_hosts, URLPatternSet()));
552    PermissionsData::UpdateTabSpecificPermissions(
553        extension.get(), 0, permissions);
554    EXPECT_EQ(permissions->explicit_hosts(),
555              PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
556                  ->explicit_hosts());
557  }
558
559  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), allowed_urls, 0));
560  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 1));
561  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 2));
562
563  PermissionsData::ClearTabSpecificPermissions(extension.get(), 0);
564  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
565                   .get());
566
567  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 0));
568  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 1));
569  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 2));
570
571  std::set<GURL> more_allowed_urls = allowed_urls;
572  more_allowed_urls.insert(https_url);
573  URLPatternSet more_allowed_hosts = allowed_hosts;
574  more_allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
575                                           https_url.spec()));
576
577  {
578    scoped_refptr<PermissionSet> permissions(
579        new PermissionSet(APIPermissionSet(), allowed_hosts, URLPatternSet()));
580    PermissionsData::UpdateTabSpecificPermissions(
581        extension.get(), 0, permissions);
582    EXPECT_EQ(permissions->explicit_hosts(),
583              PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
584                  ->explicit_hosts());
585
586    permissions = new PermissionSet(APIPermissionSet(),
587                                    more_allowed_hosts,
588                                    URLPatternSet());
589    PermissionsData::UpdateTabSpecificPermissions(
590        extension.get(), 1, permissions);
591    EXPECT_EQ(permissions->explicit_hosts(),
592              PermissionsData::GetTabSpecificPermissions(extension.get(), 1)
593                  ->explicit_hosts());
594  }
595
596  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), allowed_urls, 0));
597  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), more_allowed_urls, 1));
598  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 2));
599
600  PermissionsData::ClearTabSpecificPermissions(extension.get(), 0);
601  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
602                   .get());
603
604  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 0));
605  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), more_allowed_urls, 1));
606  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 2));
607
608  PermissionsData::ClearTabSpecificPermissions(extension.get(), 1);
609  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 1)
610                   .get());
611
612  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 0));
613  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 1));
614  EXPECT_TRUE(AllowedExclusivelyOnTab(extension.get(), no_urls, 2));
615}
616
617}  // namespace extensions
618