LEFT | RIGHT |
(no file at all) | |
| 1 /* |
| 2 * Copyright (C) 2018 Google LLC. All rights reserved. |
| 3 * |
| 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions |
| 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the |
| 11 * documentation and/or other materials provided with the distribution. |
| 12 * |
| 13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' |
| 14 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, |
| 15 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
| 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS |
| 17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
| 18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
| 19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
| 20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
| 21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| 22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF |
| 23 * THE POSSIBILITY OF SUCH DAMAGE. |
| 24 */ |
| 25 |
| 26 #include "config.h" |
| 27 |
| 28 #if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101300 |
| 29 |
| 30 #import "PlatformUtilities.h" |
| 31 #import "TestProtocol.h" |
| 32 #import <WebKit/WKNavigationActionPrivate.h> |
| 33 #import <WebKit/WKWebViewConfiguration.h> |
| 34 #import <WebKit/WKWebViewPrivate.h> |
| 35 #import <wtf/RetainPtr.h> |
| 36 |
| 37 #if WK_API_ENABLED |
| 38 |
| 39 static bool shouldCancelNavigation; |
| 40 static bool decidedNavigationPolicy; |
| 41 static bool finishedNavigation; |
| 42 static bool finishedRedirectNavigation; |
| 43 |
| 44 static NSString *firstURL = @"sb://host/good.html"; |
| 45 static NSString *secondURL = @"sb://host/good2.html"; |
| 46 static NSString *unsafeURL = @"sb://host/phishing.html"; |
| 47 static NSString *warningURL = @"file:///SafeBrowsing"; |
| 48 |
| 49 @interface SBScheme : NSObject <WKURLSchemeHandler> |
| 50 @end |
| 51 |
| 52 @implementation SBScheme |
| 53 |
| 54 - (void)webView:(WKWebView *)webView startURLSchemeTask:(id <WKURLSchemeTask>)ur
lSchemeTask |
| 55 { |
| 56 NSString *data = @"Lorem ipsum dolor sit amet"; |
| 57 [urlSchemeTask didReceiveResponse:[[[NSURLResponse alloc] initWithURL:urlSch
emeTask.request.URL MIMEType:@"text/html" expectedContentLength:data.length text
EncodingName:nil] autorelease]]; |
| 58 [urlSchemeTask didReceiveData:[data dataUsingEncoding:NSUTF8StringEncoding]]
; |
| 59 [urlSchemeTask didFinish]; |
| 60 } |
| 61 |
| 62 - (void)webView:(WKWebView *)webView stopURLSchemeTask:(id <WKURLSchemeTask>)url
SchemeTask |
| 63 { |
| 64 } |
| 65 |
| 66 @end |
| 67 |
| 68 @interface SafeBrowsingTestController : NSObject <WKNavigationDelegate, WKUIDele
gate> |
| 69 @end |
| 70 |
| 71 @implementation SafeBrowsingTestController |
| 72 |
| 73 - (void)webView:(WKWebView *)webView decidePolicyForNavigationAction:(WKNavigati
onAction *)navigationAction decisionHandler:(void (^)(WKNavigationActionPolicy))
decisionHandler |
| 74 { |
| 75 if (shouldCancelNavigation) |
| 76 decisionHandler(WKNavigationActionPolicyCancel); |
| 77 else |
| 78 decisionHandler(WKNavigationActionPolicyAllow); |
| 79 decidedNavigationPolicy = true; |
| 80 } |
| 81 |
| 82 - (void)webView:(WKWebView *)webView didFinishNavigation:(WKNavigation *)navigat
ion |
| 83 { |
| 84 if (finishedNavigation) |
| 85 finishedRedirectNavigation = true; |
| 86 else |
| 87 finishedNavigation = true; |
| 88 } |
| 89 |
| 90 |
| 91 @end |
| 92 |
| 93 TEST(WebKit, SafeBrowsingForSafePage) |
| 94 { |
| 95 RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfigu
ration alloc] init]); |
| 96 RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); |
| 97 [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; |
| 98 [configuration preferences].safeBrowsingEnabled = YES; |
| 99 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800
, 600) configuration:configuration.get()]); |
| 100 [webView _setUseTestSafeBrowsingContext:YES]; |
| 101 |
| 102 auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame]
styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES])
; |
| 103 [[window contentView] addSubview:webView.get()]; |
| 104 |
| 105 auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); |
| 106 [webView setNavigationDelegate:controller.get()]; |
| 107 [webView setUIDelegate:controller.get()]; |
| 108 |
| 109 finishedNavigation = false; |
| 110 decidedNavigationPolicy = false; |
| 111 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:first
URL]]]; |
| 112 TestWebKitAPI::Util::run(&finishedNavigation); |
| 113 |
| 114 EXPECT_TRUE(decidedNavigationPolicy); |
| 115 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], firstURL); |
| 116 EXPECT_WK_STREQ([[webView URL] absoluteString], firstURL); |
| 117 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], firstURL); |
| 118 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], ""); |
| 119 } |
| 120 |
| 121 TEST(WebKit, SafeBrowsingForUnsafePage) |
| 122 { |
| 123 RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfigu
ration alloc] init]); |
| 124 RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); |
| 125 [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; |
| 126 [configuration preferences].safeBrowsingEnabled = YES; |
| 127 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800
, 600) configuration:configuration.get()]); |
| 128 [webView _setUseTestSafeBrowsingContext:YES]; |
| 129 |
| 130 auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame]
styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES])
; |
| 131 [[window contentView] addSubview:webView.get()]; |
| 132 |
| 133 auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); |
| 134 [webView setNavigationDelegate:controller.get()]; |
| 135 [webView setUIDelegate:controller.get()]; |
| 136 |
| 137 finishedNavigation = false; |
| 138 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:first
URL]]]; |
| 139 TestWebKitAPI::Util::run(&finishedNavigation); |
| 140 |
| 141 finishedNavigation = false; |
| 142 decidedNavigationPolicy = false; |
| 143 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:unsaf
eURL]]]; |
| 144 TestWebKitAPI::Util::run(&finishedNavigation); |
| 145 |
| 146 EXPECT_TRUE(decidedNavigationPolicy); |
| 147 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], unsafeURL); |
| 148 EXPECT_WK_STREQ([[[[webView backForwardList] backItem] URL] absoluteString],
firstURL); |
| 149 EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); |
| 150 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); |
| 151 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); |
| 152 |
| 153 finishedNavigation = false; |
| 154 decidedNavigationPolicy = false; |
| 155 [webView evaluateJavaScript:@"var evt = document.createEvent('MouseEvent');
evt.initMouseEvent('click'); document.getElementById('visitAnyway').dispatchEven
t(evt);" completionHandler:nil]; |
| 156 TestWebKitAPI::Util::run(&finishedNavigation); |
| 157 EXPECT_TRUE(decidedNavigationPolicy); |
| 158 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], unsafeURL); |
| 159 EXPECT_WK_STREQ([[[[webView backForwardList] backItem] URL] absoluteString],
firstURL); |
| 160 EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); |
| 161 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], unsafeURL); |
| 162 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], ""); |
| 163 } |
| 164 |
| 165 |
| 166 TEST(WebKit, SafeBrowsingForUnsafePageBackForward) |
| 167 { |
| 168 RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfigu
ration alloc] init]); |
| 169 RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); |
| 170 [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; |
| 171 [configuration preferences].safeBrowsingEnabled = YES; |
| 172 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800
, 600) configuration:configuration.get()]); |
| 173 [webView _setUseTestSafeBrowsingContext:YES]; |
| 174 |
| 175 auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame]
styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES])
; |
| 176 [[window contentView] addSubview:webView.get()]; |
| 177 |
| 178 auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); |
| 179 [webView setNavigationDelegate:controller.get()]; |
| 180 [webView setUIDelegate:controller.get()]; |
| 181 |
| 182 finishedNavigation = false; |
| 183 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:first
URL]]]; |
| 184 TestWebKitAPI::Util::run(&finishedNavigation); |
| 185 |
| 186 finishedNavigation = false; |
| 187 decidedNavigationPolicy = false; |
| 188 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:unsaf
eURL]]]; |
| 189 TestWebKitAPI::Util::run(&finishedNavigation); |
| 190 |
| 191 EXPECT_TRUE(decidedNavigationPolicy); |
| 192 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], unsafeURL); |
| 193 EXPECT_WK_STREQ([[[[webView backForwardList] backItem] URL] absoluteString],
firstURL); |
| 194 EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); |
| 195 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); |
| 196 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); |
| 197 |
| 198 finishedNavigation = false; |
| 199 [webView goBack]; |
| 200 TestWebKitAPI::Util::run(&finishedNavigation); |
| 201 |
| 202 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], firstURL); |
| 203 EXPECT_WK_STREQ([[[[webView backForwardList] forwardItem] URL] absoluteStrin
g], unsafeURL); |
| 204 EXPECT_WK_STREQ([[webView URL] absoluteString], firstURL); |
| 205 |
| 206 finishedNavigation = false; |
| 207 decidedNavigationPolicy = false; |
| 208 [webView goForward]; |
| 209 TestWebKitAPI::Util::run(&finishedNavigation); |
| 210 |
| 211 EXPECT_TRUE(decidedNavigationPolicy); |
| 212 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], unsafeURL); |
| 213 EXPECT_WK_STREQ([[[[webView backForwardList] backItem] URL] absoluteString],
firstURL); |
| 214 EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); |
| 215 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); |
| 216 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); |
| 217 |
| 218 finishedNavigation = false; |
| 219 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:secon
dURL]]]; |
| 220 TestWebKitAPI::Util::run(&finishedNavigation); |
| 221 |
| 222 finishedNavigation = false; |
| 223 decidedNavigationPolicy = false; |
| 224 [webView goBack]; |
| 225 TestWebKitAPI::Util::run(&finishedNavigation); |
| 226 |
| 227 EXPECT_TRUE(decidedNavigationPolicy); |
| 228 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], unsafeURL); |
| 229 // FIXME: Also check backItem and forwardItem, once those are updated correc
tly. |
| 230 |
| 231 EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); |
| 232 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); |
| 233 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); |
| 234 } |
| 235 |
| 236 |
| 237 TEST(WebKit, SafeBrowsingForUnsafePageCancelNavigation) |
| 238 { |
| 239 RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfigu
ration alloc] init]); |
| 240 RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); |
| 241 [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; |
| 242 [configuration preferences].safeBrowsingEnabled = YES; |
| 243 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800
, 600) configuration:configuration.get()]); |
| 244 [webView _setUseTestSafeBrowsingContext:YES]; |
| 245 |
| 246 auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame]
styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES])
; |
| 247 [[window contentView] addSubview:webView.get()]; |
| 248 |
| 249 auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); |
| 250 [webView setNavigationDelegate:controller.get()]; |
| 251 [webView setUIDelegate:controller.get()]; |
| 252 |
| 253 finishedNavigation = false; |
| 254 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:first
URL]]]; |
| 255 TestWebKitAPI::Util::run(&finishedNavigation); |
| 256 |
| 257 finishedNavigation = false; |
| 258 decidedNavigationPolicy = false; |
| 259 shouldCancelNavigation = true; |
| 260 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:unsaf
eURL]]]; |
| 261 TestWebKitAPI::Util::run(&decidedNavigationPolicy); |
| 262 shouldCancelNavigation = false; |
| 263 |
| 264 EXPECT_FALSE(finishedNavigation); |
| 265 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], firstURL); |
| 266 EXPECT_WK_STREQ([[webView URL] absoluteString], firstURL); |
| 267 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], firstURL); |
| 268 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], ""); |
| 269 } |
| 270 |
| 271 TEST(WebKit, SafeBrowsingForUnsafePageRedirect) |
| 272 { |
| 273 RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfigu
ration alloc] init]); |
| 274 RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); |
| 275 [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; |
| 276 [configuration preferences].safeBrowsingEnabled = YES; |
| 277 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800
, 600) configuration:configuration.get()]); |
| 278 [webView _setUseTestSafeBrowsingContext:YES]; |
| 279 |
| 280 auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame]
styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES])
; |
| 281 [[window contentView] addSubview:webView.get()]; |
| 282 |
| 283 auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); |
| 284 [webView setNavigationDelegate:controller.get()]; |
| 285 [webView setUIDelegate:controller.get()]; |
| 286 |
| 287 finishedNavigation = false; |
| 288 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:first
URL]]]; |
| 289 TestWebKitAPI::Util::run(&finishedNavigation); |
| 290 |
| 291 finishedNavigation = false; |
| 292 finishedRedirectNavigation = false; |
| 293 decidedNavigationPolicy = false; |
| 294 [webView loadRequest:[NSURLRequest requestWithURL:[[NSBundle mainBundle] URL
ForResource:@"redirect-to-unsafe" withExtension:@"html" subdirectory:@"TestWebKi
tAPI.resources"]]]; |
| 295 TestWebKitAPI::Util::run(&finishedRedirectNavigation); |
| 296 |
| 297 EXPECT_TRUE(decidedNavigationPolicy); |
| 298 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], unsafeURL); |
| 299 // FIXME: Also check that backItem is firstURL, once that backItem is update
d correctly. |
| 300 |
| 301 EXPECT_WK_STREQ([[webView URL] absoluteString], unsafeURL); |
| 302 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); |
| 303 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], unsafeURL); |
| 304 } |
| 305 |
| 306 TEST(WebKit, SafeBrowsingForUnsafeSubframe) |
| 307 { |
| 308 RetainPtr<WKWebViewConfiguration> configuration = adoptNS([[WKWebViewConfigu
ration alloc] init]); |
| 309 RetainPtr<SBScheme> handler = adoptNS([[SBScheme alloc] init]); |
| 310 [configuration setURLSchemeHandler:handler.get() forURLScheme:@"SB"]; |
| 311 [configuration preferences].safeBrowsingEnabled = YES; |
| 312 auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800
, 600) configuration:configuration.get()]); |
| 313 [webView _setUseTestSafeBrowsingContext:YES]; |
| 314 |
| 315 auto window = adoptNS([[NSWindow alloc] initWithContentRect:[webView frame]
styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:YES])
; |
| 316 [[window contentView] addSubview:webView.get()]; |
| 317 |
| 318 auto controller = adoptNS([[SafeBrowsingTestController alloc] init]); |
| 319 [webView setNavigationDelegate:controller.get()]; |
| 320 [webView setUIDelegate:controller.get()]; |
| 321 |
| 322 finishedNavigation = false; |
| 323 [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:first
URL]]]; |
| 324 TestWebKitAPI::Util::run(&finishedNavigation); |
| 325 |
| 326 finishedNavigation = false; |
| 327 finishedRedirectNavigation = false; |
| 328 decidedNavigationPolicy = false; |
| 329 NSURLRequest* request = [NSURLRequest requestWithURL:[[NSBundle mainBundle]
URLForResource:@"unsafe-iframe" withExtension:@"html" subdirectory:@"TestWebKitA
PI.resources"]]; |
| 330 [webView loadRequest:request]; |
| 331 TestWebKitAPI::Util::run(&finishedRedirectNavigation); |
| 332 |
| 333 EXPECT_TRUE(decidedNavigationPolicy); |
| 334 EXPECT_WK_STREQ([[[[webView backForwardList] currentItem] URL] absoluteStrin
g], [[request URL] absoluteString]); |
| 335 // FIXME: Also check that backItem is firstURL, once that backItem is update
d correctly. |
| 336 |
| 337 EXPECT_WK_STREQ([[webView URL] absoluteString], [[request URL] absoluteStrin
g]); |
| 338 EXPECT_WK_STREQ([[webView _committedURL] absoluteString], warningURL); |
| 339 EXPECT_WK_STREQ([[webView _unreachableURL] absoluteString], [[request URL] a
bsoluteString]); |
| 340 } |
| 341 |
| 342 #endif |
| 343 |
| 344 #endif |
LEFT | RIGHT |