Skip to content

Commit c2f35d3

Browse files
meacermeacer
committed
[Merge to M-58] Add a warning for the deprecation of content-initiated data URL navigations
This CL adds a console warning when a page navigates the top level frame to a data URL. The browser tests are added to WebContentsImpl tests to be consistent with the view-source URL tests. This CL also updates most of the layout tests to avoid loading data URLs at the top level. The only exceptions are xss-DENIED-* tests which will be updated when the actual blocking happens. BUG=594215,699277 CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation Review-Url: https://codereview.chromium.org/2694903007 Cr-Commit-Position: refs/heads/master@{#455226} (cherry picked from commit b29954e) Review-Url: https://codereview.chromium.org/2734783010 . Cr-Commit-Position: refs/branch-heads/3029@{#68} Cr-Branched-From: 939b32e-refs/heads/master@{#454471}
1 parent 20ec407 commit c2f35d3

File tree

86 files changed

+287
-123
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

86 files changed

+287
-123
lines changed

content/browser/frame_host/navigation_handle_impl.cc

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -656,6 +656,14 @@ void NavigationHandleImpl::DidCommitNavigation(
656656
} else {
657657
state_ = DID_COMMIT;
658658
}
659+
660+
if (url_.SchemeIs(url::kDataScheme) && IsInMainFrame() &&
661+
IsRendererInitiated()) {
662+
GetRenderFrameHost()->AddMessageToConsole(
663+
CONSOLE_MESSAGE_LEVEL_WARNING,
664+
"Upcoming versions will block content-initiated top frame navigations "
665+
"to data: URLs. For more information, see https://goo.gl/BaZAea.");
666+
}
659667
}
660668

661669
void NavigationHandleImpl::Transfer() {

content/browser/web_contents/web_contents_impl_browsertest.cc

Lines changed: 85 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44

55
#include "base/macros.h"
66
#include "base/run_loop.h"
7+
#include "base/strings/pattern.h"
78
#include "base/strings/utf_string_conversions.h"
89
#include "base/values.h"
910
#include "build/build_config.h"
@@ -845,6 +846,90 @@ IN_PROC_BROWSER_TEST_F(WebContentsImplBrowserTest, ViewSourceWebUI) {
845846
->IsViewSourceMode());
846847
}
847848

849+
namespace {
850+
const char kDataUrlWarningPattern[] =
851+
"Upcoming versions will block content-initiated top frame navigations*";
852+
853+
// This class listens for console messages other than the data: URL warning. It
854+
// fails the test if it sees a data: URL warning.
855+
class NoDataURLWarningConsoleObserverDelegate : public ConsoleObserverDelegate {
856+
public:
857+
using ConsoleObserverDelegate::ConsoleObserverDelegate;
858+
// WebContentsDelegate method:
859+
bool DidAddMessageToConsole(WebContents* source,
860+
int32_t level,
861+
const base::string16& message,
862+
int32_t line_no,
863+
const base::string16& source_id) override {
864+
std::string ascii_message = base::UTF16ToASCII(message);
865+
EXPECT_FALSE(base::MatchPattern(ascii_message, kDataUrlWarningPattern));
866+
return ConsoleObserverDelegate::DidAddMessageToConsole(
867+
source, level, message, line_no, source_id);
868+
}
869+
};
870+
871+
} // namespace
872+
873+
// Test that a direct navigation to a data URL doesn't show a console warning.
874+
IN_PROC_BROWSER_TEST_F(WebContentsImplBrowserTest, DataURLDirectNavigation) {
875+
ASSERT_TRUE(embedded_test_server()->Start());
876+
const GURL kUrl(embedded_test_server()->GetURL("/simple_page.html"));
877+
878+
NoDataURLWarningConsoleObserverDelegate console_delegate(
879+
shell()->web_contents(), "FINISH");
880+
shell()->web_contents()->SetDelegate(&console_delegate);
881+
882+
NavigateToURL(
883+
shell(),
884+
GURL("data:text/html,<html><script>console.log('FINISH');</script>"));
885+
console_delegate.Wait();
886+
EXPECT_TRUE(shell()->web_contents()->GetURL().SchemeIs(url::kDataScheme));
887+
EXPECT_FALSE(
888+
base::MatchPattern(console_delegate.message(), kDataUrlWarningPattern));
889+
}
890+
891+
// Test that window.open to a data URL shows a console warning.
892+
IN_PROC_BROWSER_TEST_F(WebContentsImplBrowserTest,
893+
DataURLWindowOpen_ShouldWarn) {
894+
ASSERT_TRUE(embedded_test_server()->Start());
895+
const GURL kUrl(embedded_test_server()->GetURL("/simple_page.html"));
896+
NavigateToURL(shell(), kUrl);
897+
898+
ShellAddedObserver new_shell_observer;
899+
EXPECT_TRUE(ExecuteScript(shell()->web_contents(),
900+
"window.open('data:text/plain,test');"));
901+
Shell* new_shell = new_shell_observer.GetShell();
902+
903+
ConsoleObserverDelegate console_delegate(
904+
new_shell->web_contents(),
905+
"Upcoming versions will block content-initiated top frame navigations*");
906+
new_shell->web_contents()->SetDelegate(&console_delegate);
907+
console_delegate.Wait();
908+
EXPECT_TRUE(new_shell->web_contents()->GetURL().SchemeIs(url::kDataScheme));
909+
}
910+
911+
// Test that a content initiated navigation to a data URL shows a console
912+
// warning.
913+
IN_PROC_BROWSER_TEST_F(WebContentsImplBrowserTest, DataURLRedirect_ShouldWarn) {
914+
ASSERT_TRUE(embedded_test_server()->Start());
915+
const GURL kUrl(embedded_test_server()->GetURL("/simple_page.html"));
916+
NavigateToURL(shell(), kUrl);
917+
918+
ConsoleObserverDelegate console_delegate(
919+
shell()->web_contents(),
920+
"Upcoming versions will block content-initiated top frame navigations*");
921+
shell()->web_contents()->SetDelegate(&console_delegate);
922+
EXPECT_TRUE(ExecuteScript(shell()->web_contents(),
923+
"window.location.href = 'data:text/plain,test';"));
924+
console_delegate.Wait();
925+
EXPECT_TRUE(shell()
926+
->web_contents()
927+
->GetController()
928+
.GetLastCommittedEntry()
929+
->GetURL()
930+
.SchemeIs(url::kDataScheme));
931+
}
932+
848933
IN_PROC_BROWSER_TEST_F(WebContentsImplBrowserTest, NewNamedWindow) {
849934
ASSERT_TRUE(embedded_test_server()->Start());
850935

third_party/WebKit/LayoutTests/fast/dom/Window/mozilla-focus-blur-expected.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,8 @@ This test is adopted from mozilla's tests.
44

55
PASS: The focus should not have been changed!
66
PASS: The focus should not have been changed!
7-
PASS: The focus should not have been changed with URL=data:text/html,<script>opener.focus();opener.postMessage("", "*");</script>
8-
PASS: The focus should not have been changed with URL=data:text/html,<script>blur();opener.postMessage("", "*");</script>
7+
PASS: The focus should not have been changed with URL=resources/mozilla-focus-blur-popup-opener-focus.html
8+
PASS: The focus should not have been changed with URL=resources/mozilla-focus-blur-popup-blur.html
99
PASS: The last opened window should be able to get focus
1010
PASS: All tests finished
1111

third_party/WebKit/LayoutTests/fast/dom/Window/mozilla-focus-blur.html

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -73,11 +73,11 @@
7373
}
7474

7575
function test3() {
76-
focusShouldNotChange2('data:text/html,<script>opener.focus();opener.postMessage("", "*");<\/script>', test4);
76+
focusShouldNotChange2('resources/mozilla-focus-blur-popup-opener-focus.html', test4);
7777
}
7878

7979
function test4() {
80-
focusShouldNotChange2('data:text/html,<script>blur();opener.postMessage("", "*");<\/script>', test5);
80+
focusShouldNotChange2('resources/mozilla-focus-blur-popup-blur.html', test5);
8181
}
8282

8383
function test5()

third_party/WebKit/LayoutTests/fast/dom/Window/resources/file-origin-window-open-frame.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,5 +8,5 @@
88
}
99
top.postMessage(exc ? '' + exc : null, '*');
1010
});
11-
newWindow = window.open('data:text/html,<script>opener.postMessage("runTest","*");</scr' + 'ipt>');
11+
newWindow = window.open('file-origin-window-open-popup.html');
1212
</script>

third_party/WebKit/LayoutTests/fast/dom/Window/resources/file-origin-window-open-popup.html

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
<script>opener.postMessage("runTest","*");</script>

third_party/WebKit/LayoutTests/fast/dom/Window/resources/mozilla-focus-blur-popup-blur.html

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
<script>blur();opener.postMessage("", "*");</script>

third_party/WebKit/LayoutTests/fast/dom/Window/resources/mozilla-focus-blur-popup-opener-focus.html

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
<script>opener.focus();opener.postMessage("", "*");</script>

third_party/WebKit/LayoutTests/fast/dom/id-attribute-shared-expected.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
PASS
1+
Hooray, you got here! That means the test succeeded!

third_party/WebKit/LayoutTests/fast/dom/id-attribute-shared.html

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@
2424
document.body.appendChild(object1);
2525
input = iframe.contentDocument.createElement('input');
2626
document.body.appendChild(input);
27-
noderef1 = input.parentElement;
27+
noderef1 = input.parentElement;
2828
node2.appendChild(noderef1);
2929
embed = document.createElement('embed');
3030
object1.id = 4294967294;
@@ -43,7 +43,7 @@
4343
template2content.appendChild(object2);
4444
gc();
4545
object2.cloneNode();
46-
document.location='data:text/html,<body>PASS<script>if (window.testRunner) testRunner.notifyDone()</scr' + 'ipt></body>';
46+
document.location = 'Window/resources/destination.html';
4747
}
4848

4949
runTest();

0 commit comments

Comments
 (0)