New issue
Advanced search Search tips

Issue 861815 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Jul 11
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug



Sign in to add a comment

File App tests include resources that violate CSP

Project Member Reported by dbertoni@chromium.org, Jul 9

Issue description

There are a number of File Manager API and Video Player tests that are missing CSPs for a base test class they use.
 
Project Member

Comment 1 by bugdroid1@chromium.org, Jul 9

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b197a62f22383255558f2a417ee96967f53e9ac7

commit b197a62f22383255558f2a417ee96967f53e9ac7
Author: David Bertoni <dbertoni@chromium.org>
Date: Mon Jul 09 23:50:27 2018

[Apps] Update FileSystemProvider API Tests CSP

The FileSystemProvider API tests load up platform apps that rely on an
external extension's web accessible script to be injected. This script
would normally be blocked by the platform app's CSP. Update the tests to
use an explicit CSP allowing the extension's resource.

Bug:  861815 
Change-Id: Ifd2ce1ce01cb6578663b10ac11940cd9a066769f
Reviewed-on: https://chromium-review.googlesource.com/1129473
Commit-Queue: David Bertoni <dbertoni@chromium.org>
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#573535}
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/add_watcher/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/big_file/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/configure/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/copy_entry/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/create_directory/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/create_file/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/delete_entry/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/evil/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/execute_action/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/get_actions/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/get_all/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/get_metadata/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/mime_type/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/move_entry/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/notify/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/read_directory/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/read_file/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/remove_watcher/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/thumbnail/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/truncate/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/unmount/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/unresponsive_app/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/unresponsive_extension/manifest.json
[modify] https://crrev.com/b197a62f22383255558f2a417ee96967f53e9ac7/chrome/test/data/extensions/api_test/file_system_provider/write_file/manifest.json

Description: Show this description
Project Member

Comment 3 by bugdroid1@chromium.org, Jul 11

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/cd62293b3cca951905963157dacf832c4b2dcd55

commit cd62293b3cca951905963157dacf832c4b2dcd55
Author: David Bertoni <dbertoni@chromium.org>
Date: Wed Jul 11 15:16:50 2018

[APPS] Add content security policy to the ChromeOS video player app.

The Video Player app has a test, VideoPlayerBrowserTest.OpenSingleVideoOnDrive, that loads a script from ui/file_manager/integration_tests. This script would normally be blocked by the platform app's CSP. Update the app to use an explicit CSP allowing the extension's resource.

Bug:  861815 
Cq-Include-Trybots: luci.chromium.try:closure_compilation
Change-Id: Idf10b0eea4e284ea4c3f0c624dc05c5a340fc4ed
Reviewed-on: https://chromium-review.googlesource.com/1132314
Commit-Queue: David Bertoni <dbertoni@chromium.org>
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Reviewed-by: Yoshiki Iguchi <yoshiki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#574167}
[modify] https://crrev.com/cd62293b3cca951905963157dacf832c4b2dcd55/ui/file_manager/video_player/manifest.json

Status: Fixed (was: Assigned)

Sign in to add a comment