| Index: chrome/browser/safe_browsing/download_protection_service_unittest.cc
|
| diff --git a/chrome/browser/safe_browsing/download_protection_service_unittest.cc b/chrome/browser/safe_browsing/download_protection_service_unittest.cc
|
| index 4752b16f9d62d429103953d34fecfe0ca53c35d1..34bcf1a3ddabff50b99c62c28f89cf9e0eda97af 100644
|
| --- a/chrome/browser/safe_browsing/download_protection_service_unittest.cc
|
| +++ b/chrome/browser/safe_browsing/download_protection_service_unittest.cc
|
| @@ -357,38 +357,85 @@ TEST_F(DownloadProtectionServiceTest, CheckClientDownloadInvalidUrl) {
|
| }
|
|
|
| TEST_F(DownloadProtectionServiceTest, CheckClientDownloadWhitelistedUrl) {
|
| + // Response to any requests will be DANGEROUS.
|
| + ClientDownloadResponse response;
|
| + response.set_verdict(ClientDownloadResponse::DANGEROUS);
|
| + net::FakeURLFetcherFactory factory(NULL);
|
| + factory.SetFakeResponse(
|
| + DownloadProtectionService::GetDownloadRequestUrl(),
|
| + response.SerializeAsString(),
|
| + net::HTTP_OK, net::URLRequestStatus::SUCCESS);
|
| +
|
| + std::string hash = "hash";
|
| base::FilePath a_tmp(FILE_PATH_LITERAL("a.tmp"));
|
| base::FilePath a_exe(FILE_PATH_LITERAL("a.exe"));
|
| std::vector<GURL> url_chain;
|
| - url_chain.push_back(GURL("http://www.evil.com/bla.exe"));
|
| - url_chain.push_back(GURL("http://www.google.com/a.exe"));
|
| - GURL referrer("http://www.google.com/");
|
| + GURL referrer;
|
|
|
| content::MockDownloadItem item;
|
| - EXPECT_CALL(item, AddObserver(_)).Times(2);
|
| - EXPECT_CALL(item, RemoveObserver(_)).Times(2);
|
| + EXPECT_CALL(item, AddObserver(_)).Times(4);
|
| + EXPECT_CALL(item, RemoveObserver(_)).Times(4);
|
| EXPECT_CALL(item, GetFullPath()).WillRepeatedly(ReturnRef(a_tmp));
|
| EXPECT_CALL(item, GetTargetFilePath()).WillRepeatedly(ReturnRef(a_exe));
|
| EXPECT_CALL(item, GetUrlChain()).WillRepeatedly(ReturnRef(url_chain));
|
| EXPECT_CALL(item, GetReferrerUrl()).WillRepeatedly(ReturnRef(referrer));
|
| + EXPECT_CALL(item, GetHash()).WillRepeatedly(ReturnRef(hash));
|
| + EXPECT_CALL(item, GetReceivedBytes()).WillRepeatedly(Return(100));
|
| + EXPECT_CALL(item, HasUserGesture()).WillRepeatedly(Return(true));
|
| + EXPECT_CALL(item, GetRemoteAddress()).WillRepeatedly(Return(""));
|
| + EXPECT_CALL(*signature_util_.get(), CheckSignature(a_tmp, _)).Times(4);
|
| +
|
| + // We should not get whilelist checks for other URLs than specified below.
|
| EXPECT_CALL(*sb_service_->mock_database_manager(),
|
| - MatchDownloadWhitelistUrl(_))
|
| + MatchDownloadWhitelistUrl(_)).Times(0);
|
| + EXPECT_CALL(*sb_service_->mock_database_manager(),
|
| + MatchDownloadWhitelistUrl(GURL("http://www.evil.com/bla.exe")))
|
| .WillRepeatedly(Return(false));
|
| EXPECT_CALL(*sb_service_->mock_database_manager(),
|
| MatchDownloadWhitelistUrl(GURL("http://www.google.com/a.exe")))
|
| .WillRepeatedly(Return(true));
|
| - EXPECT_CALL(*signature_util_.get(), CheckSignature(a_tmp, _)).Times(2);
|
|
|
| + // With no referrer and just the bad url, should be marked DANGEROUS.
|
| + url_chain.push_back(GURL("http://www.evil.com/bla.exe"));
|
| download_service_->CheckClientDownload(
|
| &item,
|
| base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
|
| base::Unretained(this)));
|
| MessageLoop::current()->Run();
|
| +#if defined(OS_WIN)
|
| + EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS));
|
| +#else
|
| EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE));
|
| +#endif
|
|
|
| - // Check that the referrer is matched against the whitelist.
|
| - url_chain.pop_back();
|
| - referrer = GURL("http://www.google.com/a.exe");
|
| + // Check that the referrer is not matched against the whitelist.
|
| + referrer = GURL("http://www.google.com/");
|
| + download_service_->CheckClientDownload(
|
| + &item,
|
| + base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
|
| + base::Unretained(this)));
|
| + MessageLoop::current()->Run();
|
| +#if defined(OS_WIN)
|
| + EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS));
|
| +#else
|
| + EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE));
|
| +#endif
|
| +
|
| + // Redirect from a site shouldn't be checked either.
|
| + url_chain.insert(url_chain.begin(), GURL("http://www.google.com/redirect"));
|
| + download_service_->CheckClientDownload(
|
| + &item,
|
| + base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
|
| + base::Unretained(this)));
|
| + MessageLoop::current()->Run();
|
| +#if defined(OS_WIN)
|
| + EXPECT_TRUE(IsResult(DownloadProtectionService::DANGEROUS));
|
| +#else
|
| + EXPECT_TRUE(IsResult(DownloadProtectionService::SAFE));
|
| +#endif
|
| +
|
| + // Only if the final url is whitelisted should it be SAFE.
|
| + url_chain.push_back(GURL("http://www.google.com/a.exe"));
|
| download_service_->CheckClientDownload(
|
| &item,
|
| base::Bind(&DownloadProtectionServiceTest::CheckDoneCallback,
|
|
|
Chromium Code Reviews
Issue 166223004:
SafeBrowsing DownloadProtectionService: only check final URL against whitelist. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master