From afa2e4927e95efbb6e298a10bfc1a4793418937b Mon Sep 17 00:00:00 2001 From: Pranjal Jumde Date: Wed, 29 Jan 2020 13:12:21 -0800 Subject: [PATCH] Fix 7522: Disable WebSQL --- app/brave_main_delegate.cc | 2 ++ app/brave_main_delegate_browsertest.cc | 6 ++++ app/websql_browsertest.cc | 43 ++++++++++++++++++++++++++ test/BUILD.gn | 1 + 4 files changed, 52 insertions(+) create mode 100644 app/websql_browsertest.cc diff --git a/app/brave_main_delegate.cc b/app/brave_main_delegate.cc index 4be66f9662fa..d28d6dc65664 100644 --- a/app/brave_main_delegate.cc +++ b/app/brave_main_delegate.cc @@ -149,6 +149,8 @@ bool BraveMainDelegate::BasicStartupComplete(int* exit_code) { command_line.AppendSwitchASCII(switches::kSyncServiceURL, "https://no-thanks.invalid"); + command_line.AppendSwitch(switches::kDisableDatabases); + // Enabled features. const std::unordered_set enabled_features = { password_manager::features::kPasswordImport.name, diff --git a/app/brave_main_delegate_browsertest.cc b/app/brave_main_delegate_browsertest.cc index 457193ed56b1..9b3801b385f1 100644 --- a/app/brave_main_delegate_browsertest.cc +++ b/app/brave_main_delegate_browsertest.cc @@ -15,6 +15,7 @@ #include "components/password_manager/core/common/password_manager_features.h" #include "content/public/browser/render_view_host.h" #include "content/public/common/content_features.h" +#include "content/public/common/content_switches.h" #include "content/public/common/web_preferences.h" #include "gpu/config/gpu_finch_features.h" #include "services/network/public/cpp/features.h" @@ -39,6 +40,11 @@ IN_PROC_BROWSER_TEST_F(BraveMainDelegateBrowserTest, DisableHyperlinkAuditing) { EXPECT_FALSE(prefs.hyperlink_auditing_enabled); } +IN_PROC_BROWSER_TEST_F(BraveMainDelegateBrowserTest, DisableWebSQL) { + EXPECT_TRUE(base::CommandLine::ForCurrentProcess()->HasSwitch( + switches::kDisableDatabases)); +} + IN_PROC_BROWSER_TEST_F(BraveMainDelegateBrowserTest, DisabledFeatures) { const base::Feature* disabled_features[] = { &autofill::features::kAutofillServerCommunication, diff --git a/app/websql_browsertest.cc b/app/websql_browsertest.cc new file mode 100644 index 000000000000..5874e3199dad --- /dev/null +++ b/app/websql_browsertest.cc @@ -0,0 +1,43 @@ +/* Copyright (c) 2019 The Brave Authors. All rights reserved. + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "base/path_service.h" +#include "brave/common/brave_paths.h" +#include "chrome/browser/ui/browser.h" +#include "chrome/test/base/in_process_browser_test.h" +#include "chrome/test/base/ui_test_utils.h" +#include "content/public/common/content_switches.h" +#include "content/public/test/browser_test_utils.h" + +class WebSQLDisabledTest : public InProcessBrowserTest { + public: + void SetUpOnMainThread() override { + InProcessBrowserTest::SetUpOnMainThread(); + content::SetupCrossSiteRedirector(embedded_test_server()); + + brave::RegisterPathProvider(); + base::FilePath test_data_dir; + base::PathService::Get(brave::DIR_TEST_DATA, &test_data_dir); + embedded_test_server()->ServeFilesFromDirectory(test_data_dir); + + ASSERT_TRUE(embedded_test_server()->Start()); + } +}; + +IN_PROC_BROWSER_TEST_F(WebSQLDisabledTest, IsDisabled) { + GURL url = embedded_test_server()->GetURL("/simple.html"); + ui_test_utils::NavigateToURL(browser(), url); + content::WebContents* contents = + browser()->tab_strip_model()->GetActiveWebContents(); + ASSERT_TRUE(content::WaitForLoadStop(contents)); + EXPECT_EQ(url, contents->GetURL()); + + bool websql_blocked; + ASSERT_TRUE(ExecuteScriptAndExtractBool( + contents, + "window.domAutomationController.send(window.openDatabase == undefined)", + &websql_blocked)); + EXPECT_TRUE(websql_blocked); +} diff --git a/test/BUILD.gn b/test/BUILD.gn index 9dea520ae899..3d9a8c4c8c1e 100644 --- a/test/BUILD.gn +++ b/test/BUILD.gn @@ -498,6 +498,7 @@ test("brave_browser_tests") { testonly = true sources = [ "//brave/app/brave_main_delegate_browsertest.cc", + "//brave/app/websql_browsertest.cc", "//brave/browser/autocomplete/brave_autocomplete_provider_client_browsertest.cc", "//brave/browser/brave_scheme_load_browsertest.cc", "//brave/browser/autoplay/autoplay_permission_context_browsertest.cc",