| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <list> | 5 #include <list> |
| 6 | 6 |
| 7 #include "base/prefs/pref_service.h" | 7 #include "base/prefs/pref_service.h" |
| 8 #include "base/run_loop.h" | 8 #include "base/run_loop.h" |
| 9 #include "chrome/browser/profiles/profile.h" | 9 #include "chrome/browser/profiles/profile.h" |
| 10 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" | 10 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" |
| 11 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 11 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 12 #include "chrome/browser/safe_browsing/threat_details.h" | 12 #include "chrome/browser/safe_browsing/threat_details.h" |
| 13 #include "chrome/browser/safe_browsing/ui_manager.h" | 13 #include "chrome/browser/safe_browsing/ui_manager.h" |
| 14 #include "chrome/common/pref_names.h" | 14 #include "chrome/common/pref_names.h" |
| 15 #include "chrome/test/base/chrome_render_view_host_test_harness.h" | 15 #include "chrome/test/base/chrome_render_view_host_test_harness.h" |
| 16 #include "content/public/browser/interstitial_page.h" | 16 #include "content/public/browser/interstitial_page.h" |
| 17 #include "content/public/browser/navigation_entry.h" | 17 #include "content/public/browser/navigation_entry.h" |
| 18 #include "content/public/browser/render_process_host.h" | 18 #include "content/public/browser/render_process_host.h" |
| 19 #include "content/public/browser/web_contents.h" | 19 #include "content/public/browser/web_contents.h" |
| 20 #include "content/public/test/web_contents_tester.h" | 20 #include "content/public/test/web_contents_tester.h" |
| 21 | 21 |
| 22 using content::InterstitialPage; | 22 using content::InterstitialPage; |
| 23 using content::NavigationEntry; | 23 using content::NavigationEntry; |
| 24 using content::WebContents; | 24 using content::WebContents; |
| 25 using content::WebContentsTester; | 25 using content::WebContentsTester; |
| 26 | 26 |
| 27 static const char* kGoogleURL = "http://www.google.com/"; | 27 static const char* kGoogleURL = "http://www.google.com/"; |
| 28 static const char* kGoodURL = "http://www.goodguys.com/"; | 28 static const char* kGoodURL = "http://www.goodguys.com/"; |
| 29 static const char* kGoodHTTPSURL = "https://www.goodguys.com/"; |
| 29 static const char* kBadURL = "http://www.badguys.com/"; | 30 static const char* kBadURL = "http://www.badguys.com/"; |
| 30 static const char* kBadURL2 = "http://www.badguys2.com/"; | 31 static const char* kBadURL2 = "http://www.badguys2.com/"; |
| 31 static const char* kBadURL3 = "http://www.badguys3.com/"; | 32 static const char* kBadURL3 = "http://www.badguys3.com/"; |
| 33 static const char* kBadHTTPSURL = "https://www.badguys.com/"; |
| 32 | 34 |
| 33 namespace safe_browsing { | 35 namespace safe_browsing { |
| 34 | 36 |
| 35 namespace { | 37 namespace { |
| 36 | 38 |
| 37 // A SafeBrowingBlockingPage class that does not create windows. | 39 // A SafeBrowingBlockingPage class that does not create windows. |
| 38 class TestSafeBrowsingBlockingPage : public SafeBrowsingBlockingPage { | 40 class TestSafeBrowsingBlockingPage : public SafeBrowsingBlockingPage { |
| 39 public: | 41 public: |
| 40 TestSafeBrowsingBlockingPage(SafeBrowsingUIManager* manager, | 42 TestSafeBrowsingBlockingPage(SafeBrowsingUIManager* manager, |
| 41 WebContents* web_contents, | 43 WebContents* web_contents, |
| 42 const UnsafeResourceList& unsafe_resources) | 44 const GURL& main_frame_url, |
| 43 : SafeBrowsingBlockingPage(manager, web_contents, unsafe_resources) { | 45 const UnsafeResourceList& unsafe_resources) |
| 46 : SafeBrowsingBlockingPage(manager, |
| 47 web_contents, |
| 48 main_frame_url, |
| 49 unsafe_resources) { |
| 44 // Don't delay details at all for the unittest. | 50 // Don't delay details at all for the unittest. |
| 45 malware_details_proceed_delay_ms_ = 0; | 51 malware_details_proceed_delay_ms_ = 0; |
| 46 DontCreateViewForTesting(); | 52 DontCreateViewForTesting(); |
| 47 } | 53 } |
| 48 }; | 54 }; |
| 49 | 55 |
| 50 class TestSafeBrowsingUIManager: public SafeBrowsingUIManager { | 56 class TestSafeBrowsingUIManager: public SafeBrowsingUIManager { |
| 51 public: | 57 public: |
| 52 explicit TestSafeBrowsingUIManager(SafeBrowsingService* service) | 58 explicit TestSafeBrowsingUIManager(SafeBrowsingService* service) |
| 53 : SafeBrowsingUIManager(service) { | 59 : SafeBrowsingUIManager(service) { |
| (...skipping 15 matching lines...) Expand all Loading... |
| 69 | 75 |
| 70 class TestSafeBrowsingBlockingPageFactory | 76 class TestSafeBrowsingBlockingPageFactory |
| 71 : public SafeBrowsingBlockingPageFactory { | 77 : public SafeBrowsingBlockingPageFactory { |
| 72 public: | 78 public: |
| 73 TestSafeBrowsingBlockingPageFactory() { } | 79 TestSafeBrowsingBlockingPageFactory() { } |
| 74 ~TestSafeBrowsingBlockingPageFactory() override {} | 80 ~TestSafeBrowsingBlockingPageFactory() override {} |
| 75 | 81 |
| 76 SafeBrowsingBlockingPage* CreateSafeBrowsingPage( | 82 SafeBrowsingBlockingPage* CreateSafeBrowsingPage( |
| 77 SafeBrowsingUIManager* manager, | 83 SafeBrowsingUIManager* manager, |
| 78 WebContents* web_contents, | 84 WebContents* web_contents, |
| 85 const GURL& main_frame_url, |
| 79 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) | 86 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) |
| 80 override { | 87 override { |
| 81 return new TestSafeBrowsingBlockingPage(manager, web_contents, | 88 return new TestSafeBrowsingBlockingPage(manager, web_contents, |
| 82 unsafe_resources); | 89 main_frame_url, unsafe_resources); |
| 83 } | 90 } |
| 84 }; | 91 }; |
| 85 | 92 |
| 86 } // namespace | 93 } // namespace |
| 87 | 94 |
| 88 class SafeBrowsingBlockingPageTest : public ChromeRenderViewHostTestHarness { | 95 class SafeBrowsingBlockingPageTest : public ChromeRenderViewHostTestHarness { |
| 89 public: | 96 public: |
| 90 // The decision the user made. | 97 // The decision the user made. |
| 91 enum UserResponse { | 98 enum UserResponse { |
| 92 PENDING, | 99 PENDING, |
| (...skipping 537 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 630 prefs::kSafeBrowsingExtendedReportingEnabled, false); | 637 prefs::kSafeBrowsingExtendedReportingEnabled, false); |
| 631 | 638 |
| 632 // Start a load. | 639 // Start a load. |
| 633 controller().LoadURL(GURL(kBadURL), content::Referrer(), | 640 controller().LoadURL(GURL(kBadURL), content::Referrer(), |
| 634 ui::PAGE_TRANSITION_TYPED, std::string()); | 641 ui::PAGE_TRANSITION_TYPED, std::string()); |
| 635 | 642 |
| 636 // Simulate the load causing a safe browsing interstitial to be shown. | 643 // Simulate the load causing a safe browsing interstitial to be shown. |
| 637 ShowInterstitial(false, kBadURL); | 644 ShowInterstitial(false, kBadURL); |
| 638 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); | 645 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 639 ASSERT_TRUE(sb_interstitial); | 646 ASSERT_TRUE(sb_interstitial); |
| 647 EXPECT_TRUE(sb_interstitial->CanShowThreatDetailsOption()); |
| 640 | 648 |
| 641 base::RunLoop().RunUntilIdle(); | 649 base::RunLoop().RunUntilIdle(); |
| 642 | 650 |
| 643 // Simulate the user clicking "don't proceed". | 651 // Simulate the user clicking "don't proceed". |
| 644 DontProceedThroughInterstitial(sb_interstitial); | 652 DontProceedThroughInterstitial(sb_interstitial); |
| 645 | 653 |
| 646 // The interstitial should be gone. | 654 // The interstitial should be gone. |
| 647 EXPECT_EQ(CANCEL, user_response()); | 655 EXPECT_EQ(CANCEL, user_response()); |
| 648 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); | 656 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 649 | 657 |
| (...skipping 14 matching lines...) Expand all Loading... |
| 664 prefs::kSafeBrowsingExtendedReportingEnabled, false); | 672 prefs::kSafeBrowsingExtendedReportingEnabled, false); |
| 665 | 673 |
| 666 // Start a load. | 674 // Start a load. |
| 667 controller().LoadURL(GURL(kBadURL), content::Referrer(), | 675 controller().LoadURL(GURL(kBadURL), content::Referrer(), |
| 668 ui::PAGE_TRANSITION_TYPED, std::string()); | 676 ui::PAGE_TRANSITION_TYPED, std::string()); |
| 669 | 677 |
| 670 // Simulate the load causing a safe browsing interstitial to be shown. | 678 // Simulate the load causing a safe browsing interstitial to be shown. |
| 671 ShowInterstitial(false, kBadURL); | 679 ShowInterstitial(false, kBadURL); |
| 672 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); | 680 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 673 ASSERT_TRUE(sb_interstitial); | 681 ASSERT_TRUE(sb_interstitial); |
| 682 EXPECT_TRUE(sb_interstitial->CanShowThreatDetailsOption()); |
| 674 | 683 |
| 675 base::RunLoop().RunUntilIdle(); | 684 base::RunLoop().RunUntilIdle(); |
| 676 | 685 |
| 677 EXPECT_FALSE(profile->GetPrefs()->GetBoolean( | 686 EXPECT_FALSE(profile->GetPrefs()->GetBoolean( |
| 678 prefs::kSafeBrowsingExtendedReportingEnabled)); | 687 prefs::kSafeBrowsingExtendedReportingEnabled)); |
| 679 | 688 |
| 680 // Simulate the user check the report agreement checkbox. | 689 // Simulate the user check the report agreement checkbox. |
| 681 sb_interstitial->SetReportingPreference(true); | 690 sb_interstitial->SetReportingPreference(true); |
| 682 | 691 |
| 683 EXPECT_TRUE(profile->GetPrefs()->GetBoolean( | 692 EXPECT_TRUE(profile->GetPrefs()->GetBoolean( |
| 684 prefs::kSafeBrowsingExtendedReportingEnabled)); | 693 prefs::kSafeBrowsingExtendedReportingEnabled)); |
| 685 | 694 |
| 686 // Simulate the user uncheck the report agreement checkbox. | 695 // Simulate the user uncheck the report agreement checkbox. |
| 687 sb_interstitial->SetReportingPreference(false); | 696 sb_interstitial->SetReportingPreference(false); |
| 688 | 697 |
| 689 EXPECT_FALSE(profile->GetPrefs()->GetBoolean( | 698 EXPECT_FALSE(profile->GetPrefs()->GetBoolean( |
| 690 prefs::kSafeBrowsingExtendedReportingEnabled)); | 699 prefs::kSafeBrowsingExtendedReportingEnabled)); |
| 691 } | 700 } |
| 692 | 701 |
| 702 // Test that extended reporting option is not shown on blocking an HTTPS main |
| 703 // page, and no report is sent. |
| 704 TEST_F(SafeBrowsingBlockingPageTest, ExtendedReportingNotShownOnSecurePage) { |
| 705 // Enable malware details. |
| 706 Profile* profile = Profile::FromBrowserContext( |
| 707 web_contents()->GetBrowserContext()); |
| 708 profile->GetPrefs()->SetBoolean( |
| 709 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 710 |
| 711 // Start a load. |
| 712 controller().LoadURL(GURL(kBadHTTPSURL), content::Referrer(), |
| 713 ui::PAGE_TRANSITION_TYPED, std::string()); |
| 714 |
| 715 // Simulate the load causing a safe browsing interstitial to be shown. |
| 716 ShowInterstitial(false, kBadHTTPSURL); |
| 717 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 718 ASSERT_TRUE(sb_interstitial); |
| 719 EXPECT_FALSE(sb_interstitial->CanShowThreatDetailsOption()); |
| 720 |
| 721 base::RunLoop().RunUntilIdle(); |
| 722 |
| 723 // Simulate the user clicking "don't proceed". |
| 724 DontProceedThroughInterstitial(sb_interstitial); |
| 725 |
| 726 // The interstitial should be gone. |
| 727 EXPECT_EQ(CANCEL, user_response()); |
| 728 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 729 |
| 730 // No report should have been sent. |
| 731 EXPECT_EQ(0u, ui_manager_->GetDetails()->size()); |
| 732 ui_manager_->GetDetails()->clear(); |
| 733 } |
| 734 |
| 735 // Test that extended reporting option is not shown on blocking an HTTPS |
| 736 // subresource on an HTTPS page, and no report is sent. |
| 737 TEST_F(SafeBrowsingBlockingPageTest, |
| 738 ExtendedReportingNotShownOnSecurePageWithSecureSubresource) { |
| 739 // Enable malware details. |
| 740 Profile* profile = Profile::FromBrowserContext( |
| 741 web_contents()->GetBrowserContext()); |
| 742 profile->GetPrefs()->SetBoolean( |
| 743 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 744 |
| 745 // Commit a load. |
| 746 content::WebContentsTester::For(web_contents()) |
| 747 ->NavigateAndCommit(GURL(kGoodHTTPSURL)); |
| 748 |
| 749 // Simulate a subresource load causing a safe browsing interstitial to be |
| 750 // shown. |
| 751 ShowInterstitial(true, kBadHTTPSURL); |
| 752 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 753 ASSERT_TRUE(sb_interstitial); |
| 754 EXPECT_FALSE(sb_interstitial->CanShowThreatDetailsOption()); |
| 755 |
| 756 base::RunLoop().RunUntilIdle(); |
| 757 |
| 758 // Simulate the user clicking "don't proceed". |
| 759 DontProceedThroughInterstitial(sb_interstitial); |
| 760 |
| 761 // The interstitial should be gone. |
| 762 EXPECT_EQ(CANCEL, user_response()); |
| 763 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 764 |
| 765 // No report should have been sent. |
| 766 EXPECT_EQ(0u, ui_manager_->GetDetails()->size()); |
| 767 ui_manager_->GetDetails()->clear(); |
| 768 } |
| 769 |
| 770 // Test that extended reporting option is not shown on blocking an HTTP |
| 771 // subresource on an HTTPS page, and no report is sent. |
| 772 TEST_F(SafeBrowsingBlockingPageTest, |
| 773 ExtendedReportingNotShownOnSecurePageWithInsecureSubresource) { |
| 774 // Enable malware details. |
| 775 Profile* profile = Profile::FromBrowserContext( |
| 776 web_contents()->GetBrowserContext()); |
| 777 profile->GetPrefs()->SetBoolean( |
| 778 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 779 |
| 780 // Commit a load. |
| 781 content::WebContentsTester::For(web_contents()) |
| 782 ->NavigateAndCommit(GURL(kGoodHTTPSURL)); |
| 783 |
| 784 // Simulate a subresource load causing a safe browsing interstitial to be |
| 785 // shown. |
| 786 ShowInterstitial(true, kBadURL); |
| 787 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 788 ASSERT_TRUE(sb_interstitial); |
| 789 EXPECT_FALSE(sb_interstitial->CanShowThreatDetailsOption()); |
| 790 |
| 791 base::RunLoop().RunUntilIdle(); |
| 792 |
| 793 // Simulate the user clicking "don't proceed". |
| 794 DontProceedThroughInterstitial(sb_interstitial); |
| 795 |
| 796 // The interstitial should be gone. |
| 797 EXPECT_EQ(CANCEL, user_response()); |
| 798 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 799 |
| 800 // No report should have been sent. |
| 801 EXPECT_EQ(0u, ui_manager_->GetDetails()->size()); |
| 802 ui_manager_->GetDetails()->clear(); |
| 803 } |
| 804 |
| 805 // Test that extended reporting option is shown on blocking an HTTPS |
| 806 // subresource on an HTTP page. |
| 807 TEST_F(SafeBrowsingBlockingPageTest, |
| 808 ExtendedReportingOnInsecurePageWithSecureSubresource) { |
| 809 // Enable malware details. |
| 810 Profile* profile = Profile::FromBrowserContext( |
| 811 web_contents()->GetBrowserContext()); |
| 812 profile->GetPrefs()->SetBoolean( |
| 813 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 814 |
| 815 // Commit a load. |
| 816 content::WebContentsTester::For(web_contents()) |
| 817 ->NavigateAndCommit(GURL(kGoodURL)); |
| 818 |
| 819 // Simulate a subresource load causing a safe browsing interstitial to be |
| 820 // shown. |
| 821 ShowInterstitial(true, kBadHTTPSURL); |
| 822 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 823 ASSERT_TRUE(sb_interstitial); |
| 824 EXPECT_TRUE(sb_interstitial->CanShowThreatDetailsOption()); |
| 825 |
| 826 base::RunLoop().RunUntilIdle(); |
| 827 |
| 828 // Simulate the user clicking "don't proceed". |
| 829 DontProceedThroughInterstitial(sb_interstitial); |
| 830 |
| 831 // The interstitial should be gone. |
| 832 EXPECT_EQ(CANCEL, user_response()); |
| 833 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 834 |
| 835 // A report should have been sent. |
| 836 EXPECT_EQ(1u, ui_manager_->GetDetails()->size()); |
| 837 ui_manager_->GetDetails()->clear(); |
| 838 } |
| 839 |
| 840 // Test that extended reporting option is not shown on blocking an HTTPS |
| 841 // subresource on an HTTPS page while there is a pending load for an HTTP page, |
| 842 // and no report is sent. |
| 843 TEST_F(SafeBrowsingBlockingPageTest, |
| 844 ExtendedReportingNotShownOnSecurePageWithPendingInsecureLoad) { |
| 845 // Enable malware details. |
| 846 Profile* profile = Profile::FromBrowserContext( |
| 847 web_contents()->GetBrowserContext()); |
| 848 profile->GetPrefs()->SetBoolean( |
| 849 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 850 |
| 851 // Commit a load. |
| 852 content::WebContentsTester::For(web_contents()) |
| 853 ->NavigateAndCommit(GURL(kGoodHTTPSURL)); |
| 854 |
| 855 GURL pending_url("http://slow.example.com"); |
| 856 |
| 857 // Start a pending load. |
| 858 content::WebContentsTester::For(web_contents())->StartNavigation(pending_url); |
| 859 |
| 860 // Simulate a subresource load on the committed page causing a safe browsing |
| 861 // interstitial to be shown. |
| 862 ShowInterstitial(true, kBadHTTPSURL); |
| 863 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 864 ASSERT_TRUE(sb_interstitial); |
| 865 // Threat details option should not be shown. (The blocking page is for the |
| 866 // committed HTTPS page, not the pending HTTP page.) |
| 867 EXPECT_FALSE(sb_interstitial->CanShowThreatDetailsOption()); |
| 868 |
| 869 base::RunLoop().RunUntilIdle(); |
| 870 |
| 871 // Simulate the user clicking "don't proceed". |
| 872 DontProceedThroughInterstitial(sb_interstitial); |
| 873 |
| 874 // The interstitial should be gone. |
| 875 EXPECT_EQ(CANCEL, user_response()); |
| 876 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 877 |
| 878 // No report should have been sent. |
| 879 EXPECT_EQ(0u, ui_manager_->GetDetails()->size()); |
| 880 ui_manager_->GetDetails()->clear(); |
| 881 } |
| 882 |
| 883 // TODO(mattm): Add test for extended reporting not shown or sent in incognito |
| 884 // window. |
| 885 |
| 693 } // namespace safe_browsing | 886 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1509073002:
Fixes for Safe Browsing with unrelated pending navigations. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master