1
    2
    3
    4
    5
    6
    7
    8
    9
   10
   11
   12
   13
   14
   15
   16
   17
   18
   19
   20
   21
   22
   23
   24
   25
   26
   27
   28
   29
   30
   31
   32
   33
   34
   35
   36
   37
   38
   39
   40
   41
   42
   43
   44
   45
   46
   47
   48
   49
   50
   51
   52
   53
   54
   55
   56
   57
   58
   59
   60
   61
   62
   63
   64
   65
   66
   67
   68
   69
   70
   71
   72
   73
   74
   75
   76
   77
   78
   79
   80
   81
   82
   83
   84
   85
   86
   87
   88
   89
   90
   91
   92
   93
   94
   95
   96
   97
   98
   99
  100
  101
  102
  103
  104
  105
  106
  107
  108
  109
  110
  111
  112
  113
  114
  115
  116
  117
  118
  119
  120
  121
  122
  123
  124
  125
  126
  127
  128
  129
  130
  131
  132
  133
  134
  135
  136
  137
  138
  139
  140
  141
  142
  143
  144
  145
  146
  147
  148
  149
  150
  151
  152
  153
  154
  155


content / browser / dom_storage / dom_storage_context_wrapper_unittest.cc [blame]

// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "content/browser/dom_storage/dom_storage_context_wrapper.h"

#include <string_view>
#include <utility>

#include "base/functional/bind.h"
#include "base/run_loop.h"
#include "base/uuid.h"
#include "content/browser/child_process_security_policy_impl.h"
#include "content/browser/origin_agent_cluster_isolation_state.h"
#include "content/browser/site_instance_impl.h"
#include "content/public/test/browser_task_environment.h"
#include "content/public/test/test_browser_context.h"
#include "mojo/public/cpp/bindings/message.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "third_party/blink/public/common/storage_key/storage_key.h"
#include "third_party/blink/public/common/tokens/tokens.h"
#include "third_party/blink/public/mojom/dom_storage/storage_area.mojom.h"
#include "url/origin.h"

namespace content {

constexpr const int kTestProcessIdOrigin1 = 11;
constexpr const int kTestProcessIdOrigin2 = 12;

class DOMStorageContextWrapperTest : public testing::Test {
 public:
  DOMStorageContextWrapperTest() = default;

  void SetUp() override {
    context_ = base::MakeRefCounted<DOMStorageContextWrapper>(
        /*partition=*/nullptr);

    auto* security_policy = ChildProcessSecurityPolicyImpl::GetInstance();
    security_policy->Add(kTestProcessIdOrigin1, &browser_context_);
    security_policy->Add(kTestProcessIdOrigin2, &browser_context_);
    security_policy->AddFutureIsolatedOrigins(
        {test_storage_key1_.origin(), test_storage_key2_.origin()},
        ChildProcessSecurityPolicy::IsolatedOriginSource::TEST);
    IsolationContext isolation_context(
        BrowsingInstanceId(1), &browser_context_,
        /*is_guest=*/false, /*is_fenced=*/false,
        OriginAgentClusterIsolationState::CreateForDefaultIsolation(
            &browser_context_));
    security_policy->LockProcessForTesting(
        isolation_context, kTestProcessIdOrigin1,
        test_storage_key1_.origin().GetURL());
    security_policy->LockProcessForTesting(
        isolation_context, kTestProcessIdOrigin2,
        test_storage_key2_.origin().GetURL());
  }

  void TearDown() override {
    context_->Shutdown();
    context_.reset();
    base::RunLoop().RunUntilIdle();

    auto* security_policy = ChildProcessSecurityPolicyImpl::GetInstance();
    security_policy->Remove(kTestProcessIdOrigin1);
    security_policy->Remove(kTestProcessIdOrigin2);
    security_policy->ClearIsolatedOriginsForTesting();
  }

 protected:
  void OnBadMessage(std::string_view reason) {
    bad_message_called_ = true;
    bad_message_ = std::string(reason);
  }

  mojo::ReportBadMessageCallback MakeBadMessageCallback() {
    return base::BindOnce(&DOMStorageContextWrapperTest::OnBadMessage,
                          base::Unretained(this));
  }

  ChildProcessSecurityPolicyImpl::Handle CreateSecurityPolicyHandle(
      int process_id) {
    return ChildProcessSecurityPolicyImpl::GetInstance()->CreateHandle(
        process_id);
  }

  const std::string test_namespace_id_{
      base::Uuid::GenerateRandomV4().AsLowercaseString()};
  const blink::StorageKey test_storage_key1_{
      blink::StorageKey::CreateFromStringForTesting("https://host1.com/")};
  const blink::StorageKey test_storage_key2_{
      blink::StorageKey::CreateFromStringForTesting("https://host2.com/")};

  content::BrowserTaskEnvironment task_environment_;
  TestBrowserContext browser_context_;
  scoped_refptr<DOMStorageContextWrapper> context_;
  bool bad_message_called_ = false;
  std::string bad_message_;
};

// Tries to open a local storage area with a process that is locked to a
// different StorageKey and verifies the bad message callback.
TEST_F(DOMStorageContextWrapperTest,
       OpenLocalStorageProcessLockedToOtherStorageKey) {
  mojo::Remote<blink::mojom::StorageArea> area;
  context_->OpenLocalStorage(test_storage_key2_, std::nullopt,
                             area.BindNewPipeAndPassReceiver(),
                             CreateSecurityPolicyHandle(kTestProcessIdOrigin1),
                             MakeBadMessageCallback());
  EXPECT_TRUE(bad_message_called_);
  EXPECT_EQ(bad_message_,
            "Access denied for localStorage request due to "
            "ChildProcessSecurityPolicy.");
}

// Tries to open a local storage area with a process that is locked to a
// different LocalFrameToken and verifies there isn't a bad message callback.
TEST_F(DOMStorageContextWrapperTest,
       OpenLocalStorageProcessLockedToOtherLocalFrameToken) {
  mojo::Remote<blink::mojom::StorageArea> area;
  context_->OpenLocalStorage(test_storage_key2_, blink::LocalFrameToken(),
                             area.BindNewPipeAndPassReceiver(),
                             CreateSecurityPolicyHandle(kTestProcessIdOrigin1),
                             MakeBadMessageCallback());
  EXPECT_FALSE(bad_message_called_);
}

// Tries to open a session storage area with a process that is locked to a
// different StorageKey and verifies the bad message callback.
TEST_F(DOMStorageContextWrapperTest,
       BindStorageAreaProcessLockedToOtherStorageKey) {
  mojo::Remote<blink::mojom::StorageArea> area;
  context_->BindStorageArea(test_storage_key2_, std::nullopt,
                            test_namespace_id_,
                            area.BindNewPipeAndPassReceiver(),
                            CreateSecurityPolicyHandle(kTestProcessIdOrigin1),
                            MakeBadMessageCallback());
  EXPECT_TRUE(bad_message_called_);
  EXPECT_EQ(bad_message_,
            "Access denied for sessionStorage request due to "
            "ChildProcessSecurityPolicy.");
}

// Tries to open a session storage area with a process that is locked to a
// different LocalFrameToken and verifies there isn't a bad message callback.
TEST_F(DOMStorageContextWrapperTest,
       BindStorageAreaProcessLockedToOtherLocalFrameToken) {
  mojo::Remote<blink::mojom::StorageArea> area;
  context_->BindStorageArea(test_storage_key2_, blink::LocalFrameToken(),
                            test_namespace_id_,
                            area.BindNewPipeAndPassReceiver(),
                            CreateSecurityPolicyHandle(kTestProcessIdOrigin1),
                            MakeBadMessageCallback());
  EXPECT_FALSE(bad_message_called_);
}

}  // namespace content