1 // Copyright 2020 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "chrome/browser/permissions/permission_manager_factory.h"
6 #include "chrome/browser/search_engines/ui_thread_search_terms_data.h"
7 #include "chrome/common/url_constants.h"
8 #include "chrome/common/webui_url_constants.h"
9 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
10 #include "chrome/test/base/testing_profile.h"
11 #include "components/permissions/features.h"
12 #include "components/permissions/permission_manager.h"
13 #include "testing/gtest/include/gtest/gtest.h"
14 
15 namespace {
16 class PermissionManagerTestingProfile : public TestingProfile {
17  public:
18   PermissionManagerTestingProfile() = default;
19   ~PermissionManagerTestingProfile() override = default;
20   PermissionManagerTestingProfile(const PermissionManagerTestingProfile&) =
21       delete;
22   PermissionManagerTestingProfile& operator=(
23       const PermissionManagerTestingProfile&) = delete;
24 
GetPermissionControllerDelegate()25   permissions::PermissionManager* GetPermissionControllerDelegate() override {
26     return PermissionManagerFactory::GetForProfile(this);
27   }
28 };
29 }  // namespace
30 
31 class ChromePermissionManagerTest : public ChromeRenderViewHostTestHarness {
32  protected:
GetPermissionControllerDelegate()33   permissions::PermissionManager* GetPermissionControllerDelegate() {
34     return profile_->GetPermissionControllerDelegate();
35   }
36 
37  private:
SetUp()38   void SetUp() override {
39     ChromeRenderViewHostTestHarness::SetUp();
40     profile_ = std::make_unique<PermissionManagerTestingProfile>();
41   }
42 
TearDown()43   void TearDown() override {
44     profile_ = nullptr;
45     ChromeRenderViewHostTestHarness::TearDown();
46   }
47 
48   std::unique_ptr<PermissionManagerTestingProfile> profile_;
49 };
50 
TEST_F(ChromePermissionManagerTest,GetCanonicalOriginSearch)51 TEST_F(ChromePermissionManagerTest, GetCanonicalOriginSearch) {
52   const GURL google_com("https://www.google.com");
53   const GURL google_de("https://www.google.de");
54   const GURL other_url("https://other.url");
55   const GURL google_base =
56       GURL(UIThreadSearchTermsData().GoogleBaseURLValue()).GetOrigin();
57   const GURL local_ntp = GURL(chrome::kChromeSearchLocalNtpUrl).GetOrigin();
58   const GURL remote_ntp = GURL(std::string("chrome-search://") +
59                                chrome::kChromeSearchRemoteNtpHost);
60   const GURL other_chrome_search = GURL("chrome-search://not-local-ntp");
61   const GURL top_level_ntp(chrome::kChromeUINewTabURL);
62 
63   // "Normal" URLs are not affected by GetCanonicalOrigin.
64   EXPECT_EQ(google_com,
65             GetPermissionControllerDelegate()->GetCanonicalOrigin(
66                 ContentSettingsType::GEOLOCATION, google_com, google_com));
67   EXPECT_EQ(google_de,
68             GetPermissionControllerDelegate()->GetCanonicalOrigin(
69                 ContentSettingsType::GEOLOCATION, google_de, google_de));
70   EXPECT_EQ(other_url,
71             GetPermissionControllerDelegate()->GetCanonicalOrigin(
72                 ContentSettingsType::GEOLOCATION, other_url, other_url));
73   EXPECT_EQ(google_base,
74             GetPermissionControllerDelegate()->GetCanonicalOrigin(
75                 ContentSettingsType::GEOLOCATION, google_base, google_base));
76 
77   // The local NTP URL gets mapped to the Google base URL.
78   EXPECT_EQ(google_base,
79             GetPermissionControllerDelegate()->GetCanonicalOrigin(
80                 ContentSettingsType::GEOLOCATION, local_ntp, top_level_ntp));
81   // However, other chrome-search:// URLs, including the remote NTP URL, are
82   // not affected.
83   EXPECT_EQ(remote_ntp,
84             GetPermissionControllerDelegate()->GetCanonicalOrigin(
85                 ContentSettingsType::GEOLOCATION, remote_ntp, top_level_ntp));
86   EXPECT_EQ(google_com,
87             GetPermissionControllerDelegate()->GetCanonicalOrigin(
88                 ContentSettingsType::GEOLOCATION, google_com, top_level_ntp));
89   EXPECT_EQ(other_chrome_search,
90             GetPermissionControllerDelegate()->GetCanonicalOrigin(
91                 ContentSettingsType::GEOLOCATION, other_chrome_search,
92                 top_level_ntp));
93 }
94 
TEST_F(ChromePermissionManagerTest,GetCanonicalOriginPermissionDelegation)95 TEST_F(ChromePermissionManagerTest, GetCanonicalOriginPermissionDelegation) {
96   const GURL requesting_origin("https://www.requesting.com");
97   const GURL embedding_origin("https://www.google.de");
98   const GURL extensions_requesting_origin(
99       "chrome-extension://abcdefghijklmnopqrstuvxyz");
100 
101   // The embedding origin should be returned
102   // except in the case of extensions and notifications.
103   EXPECT_EQ(embedding_origin,
104             GetPermissionControllerDelegate()->GetCanonicalOrigin(
105                 ContentSettingsType::GEOLOCATION, requesting_origin,
106                 embedding_origin));
107   EXPECT_EQ(extensions_requesting_origin,
108             GetPermissionControllerDelegate()->GetCanonicalOrigin(
109                 ContentSettingsType::GEOLOCATION, extensions_requesting_origin,
110                 embedding_origin));
111   EXPECT_EQ(requesting_origin,
112             GetPermissionControllerDelegate()->GetCanonicalOrigin(
113                 ContentSettingsType::NOTIFICATIONS, requesting_origin,
114                 embedding_origin));
115 }
116