1 // Copyright 2020 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/permissions/permission_manager_factory.h"
6 #include "chrome/browser/search_engines/ui_thread_search_terms_data.h"
7 #include "chrome/common/url_constants.h"
8 #include "chrome/common/webui_url_constants.h"
9 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
10 #include "chrome/test/base/testing_profile.h"
11 #include "components/permissions/features.h"
12 #include "components/permissions/permission_manager.h"
13 #include "testing/gtest/include/gtest/gtest.h"
14
15 namespace {
16 class PermissionManagerTestingProfile : public TestingProfile {
17 public:
18 PermissionManagerTestingProfile() = default;
19 ~PermissionManagerTestingProfile() override = default;
20 PermissionManagerTestingProfile(const PermissionManagerTestingProfile&) =
21 delete;
22 PermissionManagerTestingProfile& operator=(
23 const PermissionManagerTestingProfile&) = delete;
24
GetPermissionControllerDelegate()25 permissions::PermissionManager* GetPermissionControllerDelegate() override {
26 return PermissionManagerFactory::GetForProfile(this);
27 }
28 };
29 } // namespace
30
31 class ChromePermissionManagerTest : public ChromeRenderViewHostTestHarness {
32 protected:
GetPermissionControllerDelegate()33 permissions::PermissionManager* GetPermissionControllerDelegate() {
34 return profile_->GetPermissionControllerDelegate();
35 }
36
37 private:
SetUp()38 void SetUp() override {
39 ChromeRenderViewHostTestHarness::SetUp();
40 profile_ = std::make_unique<PermissionManagerTestingProfile>();
41 }
42
TearDown()43 void TearDown() override {
44 profile_ = nullptr;
45 ChromeRenderViewHostTestHarness::TearDown();
46 }
47
48 std::unique_ptr<PermissionManagerTestingProfile> profile_;
49 };
50
TEST_F(ChromePermissionManagerTest,GetCanonicalOriginSearch)51 TEST_F(ChromePermissionManagerTest, GetCanonicalOriginSearch) {
52 const GURL google_com("https://www.google.com");
53 const GURL google_de("https://www.google.de");
54 const GURL other_url("https://other.url");
55 const GURL google_base =
56 GURL(UIThreadSearchTermsData().GoogleBaseURLValue()).GetOrigin();
57 const GURL local_ntp = GURL(chrome::kChromeSearchLocalNtpUrl).GetOrigin();
58 const GURL remote_ntp = GURL(std::string("chrome-search://") +
59 chrome::kChromeSearchRemoteNtpHost);
60 const GURL other_chrome_search = GURL("chrome-search://not-local-ntp");
61 const GURL top_level_ntp(chrome::kChromeUINewTabURL);
62
63 // "Normal" URLs are not affected by GetCanonicalOrigin.
64 EXPECT_EQ(google_com,
65 GetPermissionControllerDelegate()->GetCanonicalOrigin(
66 ContentSettingsType::GEOLOCATION, google_com, google_com));
67 EXPECT_EQ(google_de,
68 GetPermissionControllerDelegate()->GetCanonicalOrigin(
69 ContentSettingsType::GEOLOCATION, google_de, google_de));
70 EXPECT_EQ(other_url,
71 GetPermissionControllerDelegate()->GetCanonicalOrigin(
72 ContentSettingsType::GEOLOCATION, other_url, other_url));
73 EXPECT_EQ(google_base,
74 GetPermissionControllerDelegate()->GetCanonicalOrigin(
75 ContentSettingsType::GEOLOCATION, google_base, google_base));
76
77 // The local NTP URL gets mapped to the Google base URL.
78 EXPECT_EQ(google_base,
79 GetPermissionControllerDelegate()->GetCanonicalOrigin(
80 ContentSettingsType::GEOLOCATION, local_ntp, top_level_ntp));
81 // However, other chrome-search:// URLs, including the remote NTP URL, are
82 // not affected.
83 EXPECT_EQ(remote_ntp,
84 GetPermissionControllerDelegate()->GetCanonicalOrigin(
85 ContentSettingsType::GEOLOCATION, remote_ntp, top_level_ntp));
86 EXPECT_EQ(google_com,
87 GetPermissionControllerDelegate()->GetCanonicalOrigin(
88 ContentSettingsType::GEOLOCATION, google_com, top_level_ntp));
89 EXPECT_EQ(other_chrome_search,
90 GetPermissionControllerDelegate()->GetCanonicalOrigin(
91 ContentSettingsType::GEOLOCATION, other_chrome_search,
92 top_level_ntp));
93 }
94
TEST_F(ChromePermissionManagerTest,GetCanonicalOriginPermissionDelegation)95 TEST_F(ChromePermissionManagerTest, GetCanonicalOriginPermissionDelegation) {
96 const GURL requesting_origin("https://www.requesting.com");
97 const GURL embedding_origin("https://www.google.de");
98 const GURL extensions_requesting_origin(
99 "chrome-extension://abcdefghijklmnopqrstuvxyz");
100
101 // The embedding origin should be returned
102 // except in the case of extensions and notifications.
103 EXPECT_EQ(embedding_origin,
104 GetPermissionControllerDelegate()->GetCanonicalOrigin(
105 ContentSettingsType::GEOLOCATION, requesting_origin,
106 embedding_origin));
107 EXPECT_EQ(extensions_requesting_origin,
108 GetPermissionControllerDelegate()->GetCanonicalOrigin(
109 ContentSettingsType::GEOLOCATION, extensions_requesting_origin,
110 embedding_origin));
111 EXPECT_EQ(requesting_origin,
112 GetPermissionControllerDelegate()->GetCanonicalOrigin(
113 ContentSettingsType::NOTIFICATIONS, requesting_origin,
114 embedding_origin));
115 }
116