| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <list> | 5 #include <list> |
| 6 | 6 |
| 7 #include "base/prefs/pref_service.h" | 7 #include "base/prefs/pref_service.h" |
| 8 #include "base/run_loop.h" | 8 #include "base/run_loop.h" |
| 9 #include "chrome/browser/profiles/profile.h" | 9 #include "chrome/browser/profiles/profile.h" |
| 10 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" | 10 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" |
| 11 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 11 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 12 #include "chrome/browser/safe_browsing/threat_details.h" | 12 #include "chrome/browser/safe_browsing/threat_details.h" |
| 13 #include "chrome/browser/safe_browsing/ui_manager.h" | 13 #include "chrome/browser/safe_browsing/ui_manager.h" |
| 14 #include "chrome/common/pref_names.h" | 14 #include "chrome/common/pref_names.h" |
| 15 #include "chrome/test/base/chrome_render_view_host_test_harness.h" | 15 #include "chrome/test/base/chrome_render_view_host_test_harness.h" |
| 16 #include "content/public/browser/interstitial_page.h" | 16 #include "content/public/browser/interstitial_page.h" |
| 17 #include "content/public/browser/navigation_entry.h" | 17 #include "content/public/browser/navigation_entry.h" |
| 18 #include "content/public/browser/render_process_host.h" | 18 #include "content/public/browser/render_process_host.h" |
| 19 #include "content/public/browser/web_contents.h" | 19 #include "content/public/browser/web_contents.h" |
| 20 #include "content/public/test/web_contents_tester.h" | 20 #include "content/public/test/web_contents_tester.h" |
| 21 | 21 |
| 22 using content::InterstitialPage; | 22 using content::InterstitialPage; |
| 23 using content::NavigationEntry; | 23 using content::NavigationEntry; |
| 24 using content::WebContents; | 24 using content::WebContents; |
| 25 using content::WebContentsTester; | 25 using content::WebContentsTester; |
| 26 | 26 |
| 27 static const char* kGoogleURL = "http://www.google.com/"; | 27 static const char* kGoogleURL = "http://www.google.com/"; |
| 28 static const char* kGoodURL = "http://www.goodguys.com/"; | 28 static const char* kGoodURL = "http://www.goodguys.com/"; |
| 29 static const char* kGoodHTTPSURL = "https://www.goodguys.com/"; |
| 29 static const char* kBadURL = "http://www.badguys.com/"; | 30 static const char* kBadURL = "http://www.badguys.com/"; |
| 30 static const char* kBadURL2 = "http://www.badguys2.com/"; | 31 static const char* kBadURL2 = "http://www.badguys2.com/"; |
| 31 static const char* kBadURL3 = "http://www.badguys3.com/"; | 32 static const char* kBadURL3 = "http://www.badguys3.com/"; |
| 33 static const char* kBadHTTPSURL = "https://www.badguys.com/"; |
| 32 | 34 |
| 33 namespace safe_browsing { | 35 namespace safe_browsing { |
| 34 | 36 |
| 35 namespace { | 37 namespace { |
| 36 | 38 |
| 37 // A SafeBrowingBlockingPage class that does not create windows. | 39 // A SafeBrowingBlockingPage class that does not create windows. |
| 38 class TestSafeBrowsingBlockingPage : public SafeBrowsingBlockingPage { | 40 class TestSafeBrowsingBlockingPage : public SafeBrowsingBlockingPage { |
| 39 public: | 41 public: |
| 40 TestSafeBrowsingBlockingPage(SafeBrowsingUIManager* manager, | 42 TestSafeBrowsingBlockingPage(SafeBrowsingUIManager* manager, |
| 41 WebContents* web_contents, | 43 WebContents* web_contents, |
| 42 const UnsafeResourceList& unsafe_resources) | 44 const UnsafeResourceList& unsafe_resources, |
| 43 : SafeBrowsingBlockingPage(manager, web_contents, unsafe_resources) { | 45 const GURL& main_frame_url) |
| 46 : SafeBrowsingBlockingPage(manager, |
| 47 web_contents, |
| 48 unsafe_resources, |
| 49 main_frame_url) { |
| 44 // Don't delay details at all for the unittest. | 50 // Don't delay details at all for the unittest. |
| 45 malware_details_proceed_delay_ms_ = 0; | 51 malware_details_proceed_delay_ms_ = 0; |
| 46 DontCreateViewForTesting(); | 52 DontCreateViewForTesting(); |
| 47 } | 53 } |
| 48 }; | 54 }; |
| 49 | 55 |
| 50 class TestSafeBrowsingUIManager: public SafeBrowsingUIManager { | 56 class TestSafeBrowsingUIManager: public SafeBrowsingUIManager { |
| 51 public: | 57 public: |
| 52 explicit TestSafeBrowsingUIManager(SafeBrowsingService* service) | 58 explicit TestSafeBrowsingUIManager(SafeBrowsingService* service) |
| 53 : SafeBrowsingUIManager(service) { | 59 : SafeBrowsingUIManager(service) { |
| (...skipping 15 matching lines...) Expand all Loading... |
| 69 | 75 |
| 70 class TestSafeBrowsingBlockingPageFactory | 76 class TestSafeBrowsingBlockingPageFactory |
| 71 : public SafeBrowsingBlockingPageFactory { | 77 : public SafeBrowsingBlockingPageFactory { |
| 72 public: | 78 public: |
| 73 TestSafeBrowsingBlockingPageFactory() { } | 79 TestSafeBrowsingBlockingPageFactory() { } |
| 74 ~TestSafeBrowsingBlockingPageFactory() override {} | 80 ~TestSafeBrowsingBlockingPageFactory() override {} |
| 75 | 81 |
| 76 SafeBrowsingBlockingPage* CreateSafeBrowsingPage( | 82 SafeBrowsingBlockingPage* CreateSafeBrowsingPage( |
| 77 SafeBrowsingUIManager* manager, | 83 SafeBrowsingUIManager* manager, |
| 78 WebContents* web_contents, | 84 WebContents* web_contents, |
| 79 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) | 85 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources, |
| 80 override { | 86 const GURL& main_frame_url) override { |
| 81 return new TestSafeBrowsingBlockingPage(manager, web_contents, | 87 return new TestSafeBrowsingBlockingPage(manager, web_contents, |
| 82 unsafe_resources); | 88 unsafe_resources, main_frame_url); |
| 83 } | 89 } |
| 84 }; | 90 }; |
| 85 | 91 |
| 86 } // namespace | 92 } // namespace |
| 87 | 93 |
| 88 class SafeBrowsingBlockingPageTest : public ChromeRenderViewHostTestHarness { | 94 class SafeBrowsingBlockingPageTest : public ChromeRenderViewHostTestHarness { |
| 89 public: | 95 public: |
| 90 // The decision the user made. | 96 // The decision the user made. |
| 91 enum UserResponse { | 97 enum UserResponse { |
| 92 PENDING, | 98 PENDING, |
| (...skipping 537 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 630 prefs::kSafeBrowsingExtendedReportingEnabled, false); | 636 prefs::kSafeBrowsingExtendedReportingEnabled, false); |
| 631 | 637 |
| 632 // Start a load. | 638 // Start a load. |
| 633 controller().LoadURL(GURL(kBadURL), content::Referrer(), | 639 controller().LoadURL(GURL(kBadURL), content::Referrer(), |
| 634 ui::PAGE_TRANSITION_TYPED, std::string()); | 640 ui::PAGE_TRANSITION_TYPED, std::string()); |
| 635 | 641 |
| 636 // Simulate the load causing a safe browsing interstitial to be shown. | 642 // Simulate the load causing a safe browsing interstitial to be shown. |
| 637 ShowInterstitial(false, kBadURL); | 643 ShowInterstitial(false, kBadURL); |
| 638 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); | 644 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 639 ASSERT_TRUE(sb_interstitial); | 645 ASSERT_TRUE(sb_interstitial); |
| 646 EXPECT_TRUE(sb_interstitial->CanShowThreatDetailsOption()); |
| 640 | 647 |
| 641 base::RunLoop().RunUntilIdle(); | 648 base::RunLoop().RunUntilIdle(); |
| 642 | 649 |
| 643 // Simulate the user clicking "don't proceed". | 650 // Simulate the user clicking "don't proceed". |
| 644 DontProceedThroughInterstitial(sb_interstitial); | 651 DontProceedThroughInterstitial(sb_interstitial); |
| 645 | 652 |
| 646 // The interstitial should be gone. | 653 // The interstitial should be gone. |
| 647 EXPECT_EQ(CANCEL, user_response()); | 654 EXPECT_EQ(CANCEL, user_response()); |
| 648 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); | 655 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 649 | 656 |
| (...skipping 14 matching lines...) Expand all Loading... |
| 664 prefs::kSafeBrowsingExtendedReportingEnabled, false); | 671 prefs::kSafeBrowsingExtendedReportingEnabled, false); |
| 665 | 672 |
| 666 // Start a load. | 673 // Start a load. |
| 667 controller().LoadURL(GURL(kBadURL), content::Referrer(), | 674 controller().LoadURL(GURL(kBadURL), content::Referrer(), |
| 668 ui::PAGE_TRANSITION_TYPED, std::string()); | 675 ui::PAGE_TRANSITION_TYPED, std::string()); |
| 669 | 676 |
| 670 // Simulate the load causing a safe browsing interstitial to be shown. | 677 // Simulate the load causing a safe browsing interstitial to be shown. |
| 671 ShowInterstitial(false, kBadURL); | 678 ShowInterstitial(false, kBadURL); |
| 672 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); | 679 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 673 ASSERT_TRUE(sb_interstitial); | 680 ASSERT_TRUE(sb_interstitial); |
| 681 EXPECT_TRUE(sb_interstitial->CanShowThreatDetailsOption()); |
| 674 | 682 |
| 675 base::RunLoop().RunUntilIdle(); | 683 base::RunLoop().RunUntilIdle(); |
| 676 | 684 |
| 677 EXPECT_FALSE(profile->GetPrefs()->GetBoolean( | 685 EXPECT_FALSE(profile->GetPrefs()->GetBoolean( |
| 678 prefs::kSafeBrowsingExtendedReportingEnabled)); | 686 prefs::kSafeBrowsingExtendedReportingEnabled)); |
| 679 | 687 |
| 680 // Simulate the user check the report agreement checkbox. | 688 // Simulate the user check the report agreement checkbox. |
| 681 sb_interstitial->SetReportingPreference(true); | 689 sb_interstitial->SetReportingPreference(true); |
| 682 | 690 |
| 683 EXPECT_TRUE(profile->GetPrefs()->GetBoolean( | 691 EXPECT_TRUE(profile->GetPrefs()->GetBoolean( |
| 684 prefs::kSafeBrowsingExtendedReportingEnabled)); | 692 prefs::kSafeBrowsingExtendedReportingEnabled)); |
| 685 | 693 |
| 686 // Simulate the user uncheck the report agreement checkbox. | 694 // Simulate the user uncheck the report agreement checkbox. |
| 687 sb_interstitial->SetReportingPreference(false); | 695 sb_interstitial->SetReportingPreference(false); |
| 688 | 696 |
| 689 EXPECT_FALSE(profile->GetPrefs()->GetBoolean( | 697 EXPECT_FALSE(profile->GetPrefs()->GetBoolean( |
| 690 prefs::kSafeBrowsingExtendedReportingEnabled)); | 698 prefs::kSafeBrowsingExtendedReportingEnabled)); |
| 691 } | 699 } |
| 692 | 700 |
| 701 // Test that extended reporting option is not shown on blocking an HTTPS main |
| 702 // page, and no report is sent. |
| 703 TEST_F(SafeBrowsingBlockingPageTest, ExtendedReportingNotShownOnSecurePage) { |
| 704 // Enable malware details. |
| 705 Profile* profile = Profile::FromBrowserContext( |
| 706 web_contents()->GetBrowserContext()); |
| 707 profile->GetPrefs()->SetBoolean( |
| 708 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 709 |
| 710 // Start a load. |
| 711 controller().LoadURL(GURL(kBadHTTPSURL), content::Referrer(), |
| 712 ui::PAGE_TRANSITION_TYPED, std::string()); |
| 713 |
| 714 // Simulate the load causing a safe browsing interstitial to be shown. |
| 715 ShowInterstitial(false, kBadHTTPSURL); |
| 716 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 717 ASSERT_TRUE(sb_interstitial); |
| 718 EXPECT_FALSE(sb_interstitial->CanShowThreatDetailsOption()); |
| 719 |
| 720 base::RunLoop().RunUntilIdle(); |
| 721 |
| 722 // Simulate the user clicking "don't proceed". |
| 723 DontProceedThroughInterstitial(sb_interstitial); |
| 724 |
| 725 // The interstitial should be gone. |
| 726 EXPECT_EQ(CANCEL, user_response()); |
| 727 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 728 |
| 729 // No report should have been sent. |
| 730 EXPECT_EQ(0u, ui_manager_->GetDetails()->size()); |
| 731 ui_manager_->GetDetails()->clear(); |
| 732 } |
| 733 |
| 734 // Test that extended reporting option is not shown on blocking an HTTPS |
| 735 // subresource on an HTTPS page, and no report is sent. |
| 736 TEST_F(SafeBrowsingBlockingPageTest, |
| 737 ExtendedReportingNotShownOnSecurePageWithSecureSubresource) { |
| 738 // Enable malware details. |
| 739 Profile* profile = Profile::FromBrowserContext( |
| 740 web_contents()->GetBrowserContext()); |
| 741 profile->GetPrefs()->SetBoolean( |
| 742 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 743 |
| 744 // Commit a load. |
| 745 content::WebContentsTester::For(web_contents()) |
| 746 ->NavigateAndCommit(GURL(kGoodHTTPSURL)); |
| 747 |
| 748 // Simulate a subresource load causing a safe browsing interstitial to be |
| 749 // shown. |
| 750 ShowInterstitial(true, kBadHTTPSURL); |
| 751 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 752 ASSERT_TRUE(sb_interstitial); |
| 753 EXPECT_FALSE(sb_interstitial->CanShowThreatDetailsOption()); |
| 754 |
| 755 base::RunLoop().RunUntilIdle(); |
| 756 |
| 757 // Simulate the user clicking "don't proceed". |
| 758 DontProceedThroughInterstitial(sb_interstitial); |
| 759 |
| 760 // The interstitial should be gone. |
| 761 EXPECT_EQ(CANCEL, user_response()); |
| 762 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 763 |
| 764 // No report should have been sent. |
| 765 EXPECT_EQ(0u, ui_manager_->GetDetails()->size()); |
| 766 ui_manager_->GetDetails()->clear(); |
| 767 } |
| 768 |
| 769 // Test that extended reporting option is not shown on blocking an HTTP |
| 770 // subresource on an HTTPS page, and no report is sent. |
| 771 TEST_F(SafeBrowsingBlockingPageTest, |
| 772 ExtendedReportingNotShownOnSecurePageWithInsecureSubresource) { |
| 773 // Enable malware details. |
| 774 Profile* profile = Profile::FromBrowserContext( |
| 775 web_contents()->GetBrowserContext()); |
| 776 profile->GetPrefs()->SetBoolean( |
| 777 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 778 |
| 779 // Commit a load. |
| 780 content::WebContentsTester::For(web_contents()) |
| 781 ->NavigateAndCommit(GURL(kGoodHTTPSURL)); |
| 782 |
| 783 // Simulate a subresource load causing a safe browsing interstitial to be |
| 784 // shown. |
| 785 ShowInterstitial(true, kBadURL); |
| 786 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 787 ASSERT_TRUE(sb_interstitial); |
| 788 EXPECT_FALSE(sb_interstitial->CanShowThreatDetailsOption()); |
| 789 |
| 790 base::RunLoop().RunUntilIdle(); |
| 791 |
| 792 // Simulate the user clicking "don't proceed". |
| 793 DontProceedThroughInterstitial(sb_interstitial); |
| 794 |
| 795 // The interstitial should be gone. |
| 796 EXPECT_EQ(CANCEL, user_response()); |
| 797 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 798 |
| 799 // No report should have been sent. |
| 800 EXPECT_EQ(0u, ui_manager_->GetDetails()->size()); |
| 801 ui_manager_->GetDetails()->clear(); |
| 802 } |
| 803 |
| 804 // Test that extended reporting option is shown on blocking an HTTPS |
| 805 // subresource on an HTTP page. |
| 806 TEST_F(SafeBrowsingBlockingPageTest, |
| 807 ExtendedReportingOnInsecurePageWithSecureSubresource) { |
| 808 // Enable malware details. |
| 809 Profile* profile = Profile::FromBrowserContext( |
| 810 web_contents()->GetBrowserContext()); |
| 811 profile->GetPrefs()->SetBoolean( |
| 812 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 813 |
| 814 // Commit a load. |
| 815 content::WebContentsTester::For(web_contents()) |
| 816 ->NavigateAndCommit(GURL(kGoodURL)); |
| 817 |
| 818 // Simulate a subresource load causing a safe browsing interstitial to be |
| 819 // shown. |
| 820 ShowInterstitial(true, kBadHTTPSURL); |
| 821 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 822 ASSERT_TRUE(sb_interstitial); |
| 823 EXPECT_TRUE(sb_interstitial->CanShowThreatDetailsOption()); |
| 824 |
| 825 base::RunLoop().RunUntilIdle(); |
| 826 |
| 827 // Simulate the user clicking "don't proceed". |
| 828 DontProceedThroughInterstitial(sb_interstitial); |
| 829 |
| 830 // The interstitial should be gone. |
| 831 EXPECT_EQ(CANCEL, user_response()); |
| 832 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 833 |
| 834 // A report should have been sent. |
| 835 EXPECT_EQ(1u, ui_manager_->GetDetails()->size()); |
| 836 ui_manager_->GetDetails()->clear(); |
| 837 } |
| 838 |
| 839 // Test that extended reporting option is not shown on blocking an HTTPS |
| 840 // subresource on an HTTPS page while there is a pending load for an HTTP page, |
| 841 // and no report is sent. |
| 842 TEST_F(SafeBrowsingBlockingPageTest, |
| 843 ExtendedReportingNotShownOnSecurePageWithPendingInsecureLoad) { |
| 844 // Enable malware details. |
| 845 Profile* profile = Profile::FromBrowserContext( |
| 846 web_contents()->GetBrowserContext()); |
| 847 profile->GetPrefs()->SetBoolean( |
| 848 prefs::kSafeBrowsingExtendedReportingEnabled, true); |
| 849 |
| 850 // Commit a load. |
| 851 content::WebContentsTester::For(web_contents()) |
| 852 ->NavigateAndCommit(GURL(kGoodHTTPSURL)); |
| 853 |
| 854 GURL pending_url("http://slow.example.com"); |
| 855 |
| 856 // Start a pending load. |
| 857 content::WebContentsTester::For(web_contents())->StartNavigation(pending_url); |
| 858 |
| 859 // Simulate a subresource load on the committed page causing a safe browsing |
| 860 // interstitial to be shown. |
| 861 ShowInterstitial(true, kBadHTTPSURL); |
| 862 SafeBrowsingBlockingPage* sb_interstitial = GetSafeBrowsingBlockingPage(); |
| 863 ASSERT_TRUE(sb_interstitial); |
| 864 // Threat details option should not be shown. (The blocking page is for the |
| 865 // committed HTTPS page, not the pending HTTP page.) |
| 866 EXPECT_FALSE(sb_interstitial->CanShowThreatDetailsOption()); |
| 867 |
| 868 base::RunLoop().RunUntilIdle(); |
| 869 |
| 870 // Simulate the user clicking "don't proceed". |
| 871 DontProceedThroughInterstitial(sb_interstitial); |
| 872 |
| 873 // The interstitial should be gone. |
| 874 EXPECT_EQ(CANCEL, user_response()); |
| 875 EXPECT_FALSE(GetSafeBrowsingBlockingPage()); |
| 876 |
| 877 // No report should have been sent. |
| 878 EXPECT_EQ(0u, ui_manager_->GetDetails()->size()); |
| 879 ui_manager_->GetDetails()->clear(); |
| 880 } |
| 881 |
| 882 // TODO(mattm): Add test for extended reporting not shown or sent in incognito |
| 883 // window. |
| 884 |
| 693 } // namespace safe_browsing | 885 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1509073002:
Fixes for Safe Browsing with unrelated pending navigations. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master