-
Notifications
You must be signed in to change notification settings - Fork 3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Origin isolation: report that opaque origins are origin-isolated
This reports data: and sandboxed iframes as always origin-isolated, according to the window.originIsolationRestricted property. This is done regardless of the process isolation state or the presence/absence of the Origin-Isolation header. The web platform tests were revamped in the following ways: * Sandboxed iframes and data: URL tests were split into -yes and -no variants, to ensure that the parent frame didn't influence the result. For sandboxed iframes in particular, the -no variant was not tested previously, and was failing until after the code changes here. * Additional tests for javascript: URLs were introduced, as an earlier version of this CL would trigger a DCHECK on opaque-origin pages navigating to javascript: URLs. * Shared code was factored out. The .html files are now just wrappers that delegate to resources/*-test.mjs files. Bug: 1095653 Change-Id: I69a1f388250d1364dd33c365c936a76546add5b2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2334103 Reviewed-by: Nate Chapin <japhet@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Commit-Queue: Domenic Denicola <domenic@chromium.org> Cr-Commit-Position: refs/heads/master@{#798741}
- Loading branch information
1 parent
cc7af32
commit 4b36a44
Showing
27 changed files
with
285 additions
and
72 deletions.
There are no files selected for viewing
15 changes: 15 additions & 0 deletions
15
origin-isolation/getter-special-cases/csp-sandbox-no.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a top-level frame sandboxed by CSP with no Origin-Isolation header</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import { testOriginIsolationRestricted } from "../resources/helpers.mjs"; | ||
|
||
// Even without the header, sandboxing makes this page have an opaque origin, | ||
// so it is origin-isolated. | ||
testOriginIsolationRestricted(self, true); | ||
</script> |
1 change: 1 addition & 0 deletions
1
origin-isolation/getter-special-cases/csp-sandbox-no.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Content-Security-Policy: sandbox allow-scripts; |
15 changes: 15 additions & 0 deletions
15
origin-isolation/getter-special-cases/csp-sandbox-yes.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a top-level frame sandboxed by CSP with an Origin-Isolation header</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import { testOriginIsolationRestricted } from "../resources/helpers.mjs"; | ||
|
||
// We're definitely origin-isolated: both the CSP sandboxing and the | ||
// Origin-Isolation header should ensure this. | ||
testOriginIsolationRestricted(self, true); | ||
</script> |
2 changes: 2 additions & 0 deletions
2
origin-isolation/getter-special-cases/csp-sandbox-yes.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
Content-Security-Policy: sandbox allow-scripts; | ||
Origin-Isolation: ?1 |
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/data-to-javascript-no.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a javascript: URL navigated to from a data: URL on a non-isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/data-to-javascript-test.mjs"; | ||
runTest(); | ||
</script> |
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/data-to-javascript-yes.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a javascript: URL navigated to from a data: URL on an isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/data-to-javascript-test.mjs"; | ||
runTest(); | ||
</script> |
File renamed without changes.
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/data-url-no.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a data: URL on a non-isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/data-url-test.mjs"; | ||
runTest(); | ||
</script> |
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/data-url-yes.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a data: URL on an isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/data-url-test.mjs"; | ||
runTest(); | ||
</script> |
File renamed without changes.
This file was deleted.
Oops, something went wrong.
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/javascript-url-no.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a javascript: URL on a non-isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/data-url-test.mjs"; | ||
runTest({ expected: false }); | ||
</script> |
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/javascript-url-yes.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a javascript: URL on an isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/data-url-test.mjs"; | ||
runTest({ expected: true }); | ||
</script> |
1 change: 1 addition & 0 deletions
1
origin-isolation/getter-special-cases/javascript-url-yes.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Origin-Isolation: ?1 |
33 changes: 33 additions & 0 deletions
33
origin-isolation/getter-special-cases/resources/data-to-javascript-test.mjs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
import { insertCustomIframe, testSupportScript } from "./helpers.mjs"; | ||
import { waitForIframe, testOriginIsolationRestricted } from "../../resources/helpers.mjs"; | ||
|
||
const testSupportScriptSuitableForNesting = | ||
testSupportScript.replace('</script>', '</scri` + `pt>'); | ||
|
||
export default () => { | ||
promise_setup(async () => { | ||
const jsURL = `javascript:'${testSupportScript}'`; | ||
const iframe = await insertCustomIframe(`data:text/html, | ||
Start page | ||
<script> | ||
window.onmessage = () => { | ||
location.href = \`javascript:'End page${testSupportScriptSuitableForNesting}'\`; | ||
}; | ||
</script> | ||
`); | ||
|
||
const waitPromise = waitForIframe(iframe, "javascript: URL"); | ||
|
||
// Kick off the navigation. We can't do it directly because only same-origin | ||
// pages can navigate to a javascript: URL, and we're not same-origin with | ||
// a data: URL. | ||
iframe.contentWindow.postMessage(undefined, "*"); | ||
|
||
await waitPromise; | ||
}); | ||
|
||
// The javascript: URL iframe inherits its origin from the previous occupant | ||
// of the iframe, which is a data: URL, so it should always be true. | ||
|
||
testOriginIsolationRestricted(0, true); | ||
}; |
13 changes: 13 additions & 0 deletions
13
origin-isolation/getter-special-cases/resources/data-url-test.mjs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
import { insertCustomIframe, testSupportScript } from "./helpers.mjs"; | ||
import { testOriginIsolationRestricted } from "../../resources/helpers.mjs"; | ||
|
||
export default () => { | ||
promise_setup(() => { | ||
return insertCustomIframe(`data:text/html,${testSupportScript}`); | ||
}); | ||
|
||
// The data: URL iframe has an opaque origin, so it should return true, since | ||
// for them site === origin so they are always "origin-isolated". | ||
|
||
testOriginIsolationRestricted(0, true, "data: URL child"); | ||
}; |
29 changes: 29 additions & 0 deletions
29
origin-isolation/getter-special-cases/resources/helpers.mjs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
import { waitForIframe } from "../../resources/helpers.mjs"; | ||
|
||
/** | ||
* Inserts an iframe, not specialized for origin-isolation testing, pointing to | ||
* a custom URL. This is just a wrapper to remove some boilerplate. | ||
* @param {string} src - The src="" value for the iframe | ||
*/ | ||
export async function insertCustomIframe(src) { | ||
const iframe = document.createElement("iframe"); | ||
iframe.src = src; | ||
|
||
const waitPromise = waitForIframe(iframe); | ||
document.body.append(iframe); | ||
await waitPromise; | ||
|
||
return iframe; | ||
} | ||
|
||
/** | ||
* This is the part of send-origin-isolation-header.py that allows | ||
* us to reuse testOriginIsolationRestricted. | ||
*/ | ||
export const testSupportScript = ` | ||
<script> | ||
window.onmessage = () => { | ||
parent.postMessage(self.originIsolationRestricted, "*"); | ||
}; | ||
</script> | ||
`; |
14 changes: 14 additions & 0 deletions
14
origin-isolation/getter-special-cases/resources/javascript-url-test.mjs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
import { insertCustomIframe, testSupportScript } from "./helpers.mjs"; | ||
import { testOriginIsolationRestricted } from "../../resources/helpers.mjs"; | ||
|
||
export default ({ expected }) => { | ||
promise_setup(() => { | ||
return insertCustomIframe(`javascript:'${testSupportScript}'`); | ||
}); | ||
|
||
// The javascript: URL iframe inherits its origin from the previous occupant | ||
// of the iframe, which is about:blank, which in turn inherits from the | ||
// parent. So, the caller needs to tell us what to expect. | ||
|
||
testOriginIsolationRestricted(0, expected); | ||
}; |
20 changes: 20 additions & 0 deletions
20
origin-isolation/getter-special-cases/resources/sandboxed-iframe-test.sub.mjs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
import { | ||
navigateIframe, | ||
testOriginIsolationRestricted | ||
} from "../../resources/helpers.mjs"; | ||
|
||
export default () => { | ||
// We do this manually instead of using insertIframe because we want to add a | ||
// sandbox="" attribute and we don't want to set both document.domains. | ||
promise_setup(() => { | ||
const iframe = document.createElement("iframe"); | ||
iframe.sandbox = "allow-scripts"; | ||
const navigatePromise = navigateIframe(iframe, "{{hosts[][]}}", "?1"); | ||
document.body.append(iframe); | ||
return navigatePromise; | ||
}); | ||
|
||
// Sandboxed iframes have an opaque origin, so it should return true, since | ||
// for them site === origin so they are always "origin-isolated". | ||
testOriginIsolationRestricted(0, true); | ||
}; |
20 changes: 20 additions & 0 deletions
20
origin-isolation/getter-special-cases/resources/sandboxed-same-origin-iframe-test.sub.mjs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
import { | ||
navigateIframe, | ||
testOriginIsolationRestricted | ||
} from "../../resources/helpers.mjs"; | ||
|
||
export default ({ expected }) => { | ||
// We do this manually instead of using insertIframe because we want to add a | ||
// sandbox="" attribute and we don't want to set both document.domains. | ||
promise_setup(() => { | ||
const iframe = document.createElement("iframe"); | ||
iframe.sandbox = "allow-scripts allow-same-origin"; | ||
const navigatePromise = navigateIframe(iframe, "{{hosts[][]}}", "?1"); | ||
document.body.append(iframe); | ||
return navigatePromise; | ||
}); | ||
|
||
// Since the allow-same-origin token is set, this should behave like a normal | ||
// iframe, and follow the embedder. | ||
testOriginIsolationRestricted(0, expected); | ||
}; |
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/sandboxed-iframe-no.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a sandboxed iframe on a non-isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/sandboxed-iframe-test.sub.mjs"; | ||
runTest(); | ||
</script> |
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/sandboxed-iframe-yes.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a sandboxed iframe on an isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/sandboxed-iframe-test.sub.mjs"; | ||
runTest(); | ||
</script> |
1 change: 1 addition & 0 deletions
1
origin-isolation/getter-special-cases/sandboxed-iframe-yes.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Origin-Isolation: ?1 |
32 changes: 0 additions & 32 deletions
32
origin-isolation/getter-special-cases/sandboxed-iframe.sub.https.html
This file was deleted.
Oops, something went wrong.
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/sandboxed-same-origin-iframe-no.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a sandboxed, but same-origin, iframe on a non-isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/sandboxed-same-origin-iframe-test.sub.mjs"; | ||
runTest({ expected: false }); | ||
</script> |
12 changes: 12 additions & 0 deletions
12
origin-isolation/getter-special-cases/sandboxed-same-origin-iframe-yes.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
<!DOCTYPE html> | ||
<meta charset="utf-8"> | ||
<title>window.originIsolationRestricted for a sandboxed, but same-origin, iframe on an isolated page</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
|
||
<div id="log"></div> | ||
|
||
<script type="module"> | ||
import runTest from "./resources/sandboxed-same-origin-iframe-test.sub.mjs"; | ||
runTest({ expected: true }); | ||
</script> |
1 change: 1 addition & 0 deletions
1
origin-isolation/getter-special-cases/sandboxed-same-origin-iframe-yes.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Origin-Isolation: ?1 |