1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include <string>
6 #include <vector>
7
8 #include "base/logging.h"
9 #include "base/values.h"
10 #include "build/build_config.h"
11 #include "components/content_settings/core/browser/content_settings_info.h"
12 #include "components/content_settings/core/browser/content_settings_registry.h"
13 #include "components/content_settings/core/browser/content_settings_utils.h"
14 #include "components/content_settings/core/browser/website_settings_info.h"
15 #include "components/content_settings/core/browser/website_settings_registry.h"
16 #include "components/content_settings/core/common/content_settings.h"
17 #include "components/content_settings/core/common/content_settings_types.h"
18 #include "components/pref_registry/pref_registry_syncable.h"
19 #include "components/prefs/pref_registry.h"
20 #include "testing/gtest/include/gtest/gtest.h"
21 #include "url/gurl.h"
22 #include "url/origin.h"
23
24 namespace content_settings {
25
26 class ContentSettingsRegistryTest : public testing::Test {
27 protected:
ContentSettingsRegistryTest()28 ContentSettingsRegistryTest() : registry_(&website_settings_registry_) {}
registry()29 ContentSettingsRegistry* registry() { return ®istry_; }
website_settings_registry()30 WebsiteSettingsRegistry* website_settings_registry() {
31 return &website_settings_registry_;
32 }
33
34 private:
35 WebsiteSettingsRegistry website_settings_registry_;
36 ContentSettingsRegistry registry_;
37 };
38
TEST_F(ContentSettingsRegistryTest,GetPlatformDependent)39 TEST_F(ContentSettingsRegistryTest, GetPlatformDependent) {
40 #if defined(OS_IOS)
41 // Javascript shouldn't be registered on iOS.
42 EXPECT_FALSE(registry()->Get(ContentSettingsType::JAVASCRIPT));
43 #endif
44
45 #if defined(OS_IOS) || defined(OS_ANDROID)
46 // Images shouldn't be registered on mobile.
47 EXPECT_FALSE(registry()->Get(ContentSettingsType::IMAGES));
48 #endif
49
50 // Protected media identifier only get registered on android and chromeos.
51 #if defined(ANDROID) || defined(OS_CHROMEOS)
52 EXPECT_TRUE(registry()->Get(ContentSettingsType::PROTECTED_MEDIA_IDENTIFIER));
53 #else
54 EXPECT_FALSE(
55 registry()->Get(ContentSettingsType::PROTECTED_MEDIA_IDENTIFIER));
56 #endif
57
58 // Cookies is registered on all platforms.
59 EXPECT_TRUE(registry()->Get(ContentSettingsType::COOKIES));
60 }
61
TEST_F(ContentSettingsRegistryTest,Properties)62 TEST_F(ContentSettingsRegistryTest, Properties) {
63 // The cookies type should be registered.
64 const ContentSettingsInfo* info =
65 registry()->Get(ContentSettingsType::COOKIES);
66 ASSERT_TRUE(info);
67
68 // Check that the whitelisted types are correct.
69 std::vector<std::string> expected_whitelist;
70 expected_whitelist.push_back("chrome");
71 expected_whitelist.push_back("devtools");
72 EXPECT_EQ(expected_whitelist, info->whitelisted_schemes());
73
74 // Check the other properties are populated correctly.
75 EXPECT_TRUE(info->IsSettingValid(CONTENT_SETTING_SESSION_ONLY));
76 EXPECT_FALSE(info->IsSettingValid(CONTENT_SETTING_ASK));
77 EXPECT_EQ(ContentSettingsInfo::INHERIT_IN_INCOGNITO,
78 info->incognito_behavior());
79
80 // Check the WebsiteSettingsInfo is populated correctly.
81 const WebsiteSettingsInfo* website_settings_info =
82 info->website_settings_info();
83 EXPECT_EQ("cookies", website_settings_info->name());
84 EXPECT_EQ("profile.content_settings.exceptions.cookies",
85 website_settings_info->pref_name());
86 EXPECT_EQ("profile.default_content_setting_values.cookies",
87 website_settings_info->default_value_pref_name());
88 int setting;
89 ASSERT_TRUE(
90 website_settings_info->initial_default_value()->GetAsInteger(&setting));
91 EXPECT_EQ(CONTENT_SETTING_ALLOW, setting);
92 #if defined(OS_ANDROID) || defined(OS_IOS)
93 EXPECT_EQ(PrefRegistry::NO_REGISTRATION_FLAGS,
94 website_settings_info->GetPrefRegistrationFlags());
95 #else
96 EXPECT_EQ(user_prefs::PrefRegistrySyncable::SYNCABLE_PREF,
97 website_settings_info->GetPrefRegistrationFlags());
98 #endif
99
100 // Check the WebsiteSettingsInfo is registered correctly.
101 EXPECT_EQ(website_settings_registry()->Get(ContentSettingsType::COOKIES),
102 website_settings_info);
103 }
104
TEST_F(ContentSettingsRegistryTest,Iteration)105 TEST_F(ContentSettingsRegistryTest, Iteration) {
106 // Check that plugins and cookies settings appear once during iteration.
107 bool plugins_found = false;
108 bool cookies_found = false;
109 for (const ContentSettingsInfo* info : *registry()) {
110 ContentSettingsType type = info->website_settings_info()->type();
111 EXPECT_EQ(registry()->Get(type), info);
112 if (type == ContentSettingsType::PLUGINS) {
113 EXPECT_FALSE(plugins_found);
114 plugins_found = true;
115 } else if (type == ContentSettingsType::COOKIES) {
116 EXPECT_FALSE(cookies_found);
117 cookies_found = true;
118 }
119 }
120
121 #if defined(OS_ANDROID) || defined(OS_IOS)
122 EXPECT_FALSE(plugins_found);
123 #else
124 EXPECT_TRUE(plugins_found);
125 #endif
126
127 EXPECT_TRUE(cookies_found);
128 }
129
130 // Settings that control access to user data should not be inherited.
131 // Check that only safe settings are inherited in incognito.
TEST_F(ContentSettingsRegistryTest,Inheritance)132 TEST_F(ContentSettingsRegistryTest, Inheritance) {
133 // These settings are safe to inherit in incognito mode because they only
134 // disable features like popup blocking, download blocking or ad blocking.
135 // They do not allow access to user data.
136 const ContentSettingsType whitelist[] = {
137 ContentSettingsType::PLUGINS, //
138 ContentSettingsType::POPUPS, //
139 ContentSettingsType::AUTOMATIC_DOWNLOADS, //
140 ContentSettingsType::ADS, //
141 ContentSettingsType::DURABLE_STORAGE, //
142 ContentSettingsType::LEGACY_COOKIE_ACCESS,
143 ContentSettingsType::STORAGE_ACCESS,
144 };
145
146 for (const ContentSettingsInfo* info : *registry()) {
147 SCOPED_TRACE("Content setting: " + info->website_settings_info()->name());
148 // TODO(crbug.com/781756): Check IsSettingValid() because "protocol-handler"
149 // and "mixed-script" don't have a proper initial default value.
150 if (info->IsSettingValid(CONTENT_SETTING_ALLOW) &&
151 info->GetInitialDefaultSetting() == CONTENT_SETTING_ALLOW) {
152 // ALLOW-by-default settings are not affected by incognito_behavior, so
153 // they should be marked as INHERIT_IN_INCOGNITO.
154 EXPECT_EQ(info->incognito_behavior(),
155 ContentSettingsInfo::INHERIT_IN_INCOGNITO);
156 continue;
157 }
158 if (info->incognito_behavior() ==
159 ContentSettingsInfo::INHERIT_IN_INCOGNITO &&
160 !base::Contains(whitelist, info->website_settings_info()->type()))
161 FAIL() << "Content setting not whitelisted.";
162 }
163 }
164
TEST_F(ContentSettingsRegistryTest,IsDefaultSettingValid)165 TEST_F(ContentSettingsRegistryTest, IsDefaultSettingValid) {
166 const ContentSettingsInfo* info =
167 registry()->Get(ContentSettingsType::COOKIES);
168 EXPECT_TRUE(info->IsDefaultSettingValid(CONTENT_SETTING_ALLOW));
169
170 #if !defined(OS_IOS)
171 info = registry()->Get(ContentSettingsType::MEDIASTREAM_MIC);
172 EXPECT_FALSE(info->IsDefaultSettingValid(CONTENT_SETTING_ALLOW));
173
174 info = registry()->Get(ContentSettingsType::MEDIASTREAM_CAMERA);
175 EXPECT_FALSE(info->IsDefaultSettingValid(CONTENT_SETTING_ALLOW));
176 #endif
177
178 #if defined(OS_CHROMEOS)
179 info = registry()->Get(ContentSettingsType::PROTECTED_MEDIA_IDENTIFIER);
180 EXPECT_FALSE(info->IsDefaultSettingValid(CONTENT_SETTING_ALLOW));
181 #endif
182
183 #if !defined(OS_IOS) && !defined(OS_ANDROID)
184 info = registry()->Get(ContentSettingsType::NATIVE_FILE_SYSTEM_WRITE_GUARD);
185 EXPECT_FALSE(info->IsDefaultSettingValid(CONTENT_SETTING_ALLOW));
186 #endif
187 }
188
189 // Check the correct factory default setting is retrieved. Note the factory
190 // default settings are hard coded, so changing them in ContentSettingsRegistry
191 // would require this test to be updated.
TEST_F(ContentSettingsRegistryTest,GetInitialDefaultSetting)192 TEST_F(ContentSettingsRegistryTest, GetInitialDefaultSetting) {
193 // There is no default-ask content setting on iOS, so skip testing it there.
194 #if !defined(OS_IOS)
195 const ContentSettingsInfo* notifications =
196 registry()->Get(ContentSettingsType::NOTIFICATIONS);
197 EXPECT_EQ(CONTENT_SETTING_ASK, notifications->GetInitialDefaultSetting());
198 #endif
199
200 const ContentSettingsInfo* cookies =
201 registry()->Get(ContentSettingsType::COOKIES);
202 EXPECT_EQ(CONTENT_SETTING_ALLOW, cookies->GetInitialDefaultSetting());
203
204 const ContentSettingsInfo* popups =
205 registry()->Get(ContentSettingsType::POPUPS);
206 EXPECT_EQ(CONTENT_SETTING_BLOCK, popups->GetInitialDefaultSetting());
207 }
208
TEST_F(ContentSettingsRegistryTest,OriginAllowlist)209 TEST_F(ContentSettingsRegistryTest, OriginAllowlist) {
210 // On iOS, CLIPBOARD_READ_WRITE and chrome-untrusted:// are not available. Skip
211 // testing here.
212 #if !defined(OS_IOS)
213 const ContentSettingsInfo* info =
214 registry()->Get(ContentSettingsType::CLIPBOARD_READ_WRITE);
215 ASSERT_TRUE(info);
216 EXPECT_TRUE(info->force_allowed_origins().contains(
217 url::Origin::Create(GURL(kChromeUIUntrustedTerminalAppURL))));
218 EXPECT_EQ(1U, info->force_allowed_origins().size());
219 #endif
220
221 // We don't auto grant POPUPS permission.
222 const ContentSettingsInfo* info_popups =
223 registry()->Get(ContentSettingsType::POPUPS);
224 EXPECT_EQ(0U, info_popups->force_allowed_origins().size());
225 }
226
227 } // namespace content_settings
228