Turn off safebrowsing for PREFETCH requests

chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // This test creates a safebrowsing service using test safebrowsing database
 // and a test protocol manager. It is used to test logics in safebrowsing
 // service.
 
 #include "base/command_line.h"
 #include "base/metrics/histogram.h"
@@ skipping 363 matching lines @@
   // we should see the interstitial page.
   SBFullHashResult malware_full_hash;
   int chunk_id = 0;
   GenUrlFullhashResult(url, safe_browsing_util::kMalwareList, chunk_id,
                        &malware_full_hash);
   SetupResponseForUrl(url, malware_full_hash);
   ui_test_utils::NavigateToURL(browser(), url);
   EXPECT_TRUE(ShowingInterstitialPage());
 }
 
+const char kPrefetchMalwarePage[] = "files/safe_browsing/prefetch_malware.html";
+
+// This test confirms that prefetches don't themselves get the
+// interstitial treatment.
+IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, Prefetch) {
+  GURL url = test_server()->GetURL(kPrefetchMalwarePage);
+  GURL malware_url = test_server()->GetURL(kMalwarePage);
+
+  class SetPrefetchForTest {
+   public:
+    explicit SetPrefetchForTest(bool prefetch)
+        : old_prefetch_state_(ResourceDispatcherHost::is_prefetch_enabled()) {
+      ResourceDispatcherHost::set_is_prefetch_enabled(prefetch);
+    }
+
+    ~SetPrefetchForTest() {
+      ResourceDispatcherHost::set_is_prefetch_enabled(old_prefetch_state_);
+    }
+   private:
+    bool old_prefetch_state_;
+  } set_prefetch_for_test(true);
+
+  // After adding the url to safebrowsing database and getfullhash result,

[lzheng, 2011/03/08 18:01:34]

nit: We may want to update this comment.

Should we first test set_prefetch_for_test(false) case to make sure the
ShowingInterestitialPage() is true, then test the "set_prefetch_for_test(false)"
case? This make sure the ShowingInterstitialPage is not always false for the
html we are testing.

[gavinp, 2011/03/08 22:33:04]

I fixed the comment.

With regard to testing, we'd expect the same result here for either prefetching
on or prefetching off.  The bug was that if you prefetched unsafe content, you
got an interstitial on the page that launched the prefetch.  If you turn off
prefetching, then you would definitely not expect to see a safebrowsing
interstitial: now there's no fetch of unsafe content at all!

There is a test that is worthwhile to add here though; I have added a
navigation, after the one that didn't get the interstitial, to the malware page
itself.  That navigation should get an interstitial, and shows that the safe
browsing has not been defeated through the prefetch load, however that might
happen.

+  // we should see the interstitial page.
+  SBFullHashResult malware_full_hash;
+  int chunk_id = 0;
+  GenUrlFullhashResult(malware_url, safe_browsing_util::kMalwareList,
+                       chunk_id, &malware_full_hash);
+  SetupResponseForUrl(malware_url, malware_full_hash);
+  ui_test_utils::NavigateToURL(browser(), url);
+  EXPECT_FALSE(ShowingInterstitialPage());
+}
+
 }  // namespace
 
 class TestSBClient
     : public base::RefCountedThreadSafe<TestSBClient>,
       public SafeBrowsingService::Client {
  public:
   TestSBClient() : result_(SafeBrowsingService::SAFE),
                    safe_browsing_service_(g_browser_process->
                                           resource_dispatcher_host()->
                                           safe_browsing_service()) {
@@ skipping 162 matching lines @@
   client->CheckDownloadHash(full_hash);
 
   // There should be a timeout and the hash would be considered as safe.
   EXPECT_EQ(SafeBrowsingService::SAFE, client->GetResult());
 
   // Need to set the timeout back to the default value.
   SetDownloadHashCheckTimeout(sb_service, default_hashcheck_timeout);
 }
 
 }  // namespace