OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // This test creates a fake safebrowsing service, where we can inject known- | 5 // This test creates a fake safebrowsing service, where we can inject known- |
6 // threat urls. It then uses a real browser to go to these urls, and sends | 6 // threat urls. It then uses a real browser to go to these urls, and sends |
7 // "goback" or "proceed" commands and verifies they work. | 7 // "goback" or "proceed" commands and verifies they work. |
8 | 8 |
9 #include <algorithm> | 9 #include <algorithm> |
10 | 10 |
(...skipping 553 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
564 for (auto resource : report.resources()) { | 564 for (auto resource : report.resources()) { |
565 if (actual_resource.parent_id() == resource.id()) { | 565 if (actual_resource.parent_id() == resource.id()) { |
566 EXPECT_EQ(expected_parent, resource.url()); | 566 EXPECT_EQ(expected_parent, resource.url()); |
567 break; | 567 break; |
568 } | 568 } |
569 } | 569 } |
570 EXPECT_EQ(expected_child_size, actual_resource.child_ids_size()); | 570 EXPECT_EQ(expected_child_size, actual_resource.child_ids_size()); |
571 EXPECT_EQ(expected_tag_name, actual_resource.tag_name()); | 571 EXPECT_EQ(expected_tag_name, actual_resource.tag_name()); |
572 } | 572 } |
573 | 573 |
| 574 void ExpectSecurityIndicatorDowngrade(content::WebContents* tab, |
| 575 net::CertStatus cert_status) { |
| 576 ChromeSecurityStateModelClient* model_client = |
| 577 ChromeSecurityStateModelClient::FromWebContents(tab); |
| 578 ASSERT_TRUE(model_client); |
| 579 EXPECT_EQ(security_state::SecurityStateModel::SECURITY_ERROR, |
| 580 model_client->GetSecurityInfo().security_level); |
| 581 EXPECT_TRUE(model_client->GetSecurityInfo().fails_malware_check); |
| 582 // TODO(felt): Restore this check when https://crbug.com/641187 is fixed. |
| 583 // EXPECT_EQ(cert_status, model_client->GetSecurityInfo().cert_status); |
| 584 } |
| 585 |
574 protected: | 586 protected: |
575 TestThreatDetailsFactory details_factory_; | 587 TestThreatDetailsFactory details_factory_; |
576 | 588 |
577 private: | 589 private: |
578 // Adds a safebrowsing result of the current test threat to the fake | 590 // Adds a safebrowsing result of the current test threat to the fake |
579 // safebrowsing service, navigates to that page, and returns the url. | 591 // safebrowsing service, navigates to that page, and returns the url. |
580 // The various wrappers supply different URLs. | 592 // The various wrappers supply different URLs. |
581 GURL SetupWarningAndNavigateToURL(GURL url) { | 593 GURL SetupWarningAndNavigateToURL(GURL url) { |
582 SetURLThreatType(url, testing::get<0>(GetParam())); | 594 SetURLThreatType(url, testing::get<0>(GetParam())); |
583 ui_test_utils::NavigateToURL(browser(), url); | 595 ui_test_utils::NavigateToURL(browser(), url); |
(...skipping 458 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1042 ui_test_utils::NavigateToURL(browser(), url); | 1054 ui_test_utils::NavigateToURL(browser(), url); |
1043 EXPECT_TRUE(WaitForReady()); | 1055 EXPECT_TRUE(WaitForReady()); |
1044 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); | 1056 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); |
1045 AssertNoInterstitial(true); | 1057 AssertNoInterstitial(true); |
1046 } | 1058 } |
1047 | 1059 |
1048 // Test that the security indicator is downgraded after clicking through a | 1060 // Test that the security indicator is downgraded after clicking through a |
1049 // Safe Browsing interstitial. | 1061 // Safe Browsing interstitial. |
1050 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, | 1062 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
1051 SecurityState_HTTP) { | 1063 SecurityState_HTTP) { |
| 1064 // The security indicator should be downgraded while the interstitial shows. |
1052 SetupWarningAndNavigate(); | 1065 SetupWarningAndNavigate(); |
| 1066 WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 1067 ASSERT_TRUE(error_tab); |
| 1068 ExpectSecurityIndicatorDowngrade(error_tab, 0u); |
| 1069 |
| 1070 // The security indicator should still be downgraded post-interstitial. |
1053 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); | 1071 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); |
1054 AssertNoInterstitial(true); | 1072 AssertNoInterstitial(true); |
1055 | 1073 WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
1056 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); | 1074 ASSERT_TRUE(post_tab); |
1057 ASSERT_TRUE(tab); | 1075 ExpectSecurityIndicatorDowngrade(post_tab, 0u); |
1058 ChromeSecurityStateModelClient* model_client = | |
1059 ChromeSecurityStateModelClient::FromWebContents(tab); | |
1060 ASSERT_TRUE(model_client); | |
1061 EXPECT_EQ(security_state::SecurityStateModel::SECURITY_ERROR, | |
1062 model_client->GetSecurityInfo().security_level); | |
1063 EXPECT_TRUE(model_client->GetSecurityInfo().fails_malware_check); | |
1064 } | 1076 } |
1065 | 1077 |
1066 // Test that the security indicator is downgraded even if the website has valid | 1078 // Test that the security indicator is downgraded even if the website has valid |
1067 // HTTPS (meaning that the SB state overrides the HTTPS state). | 1079 // HTTPS (meaning that the SB state overrides the HTTPS state). |
1068 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, | 1080 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
1069 SecurityState_ValidHTTPS) { | 1081 SecurityState_ValidHTTPS) { |
| 1082 // The security indicator should be downgraded while the interstitial shows. |
1070 SetupWarningAndNavigateToValidHTTPS(); | 1083 SetupWarningAndNavigateToValidHTTPS(); |
| 1084 WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 1085 ASSERT_TRUE(error_tab); |
| 1086 ExpectSecurityIndicatorDowngrade(error_tab, 0u); |
| 1087 |
| 1088 // The security indicator should still be downgraded post-interstitial. |
1071 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); | 1089 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); |
1072 AssertNoInterstitial(true); | 1090 AssertNoInterstitial(true); |
1073 | 1091 WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
1074 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); | 1092 ASSERT_TRUE(post_tab); |
1075 ASSERT_TRUE(tab); | 1093 ExpectSecurityIndicatorDowngrade(post_tab, 0u); |
1076 ChromeSecurityStateModelClient* model_client = | |
1077 ChromeSecurityStateModelClient::FromWebContents(tab); | |
1078 ASSERT_TRUE(model_client); | |
1079 EXPECT_EQ(security_state::SecurityStateModel::SECURITY_ERROR, | |
1080 model_client->GetSecurityInfo().security_level); | |
1081 EXPECT_TRUE(model_client->GetSecurityInfo().fails_malware_check); | |
1082 EXPECT_EQ(0u, model_client->GetSecurityInfo().cert_status); | |
1083 } | 1094 } |
1084 | 1095 |
1085 // Test that the security indicator is still downgraded after two interstitials | 1096 // Test that the security indicator is still downgraded after two interstitials |
1086 // are shown in a row (one for Safe Browsing, one for invalid HTTPS). | 1097 // are shown in a row (one for Safe Browsing, one for invalid HTTPS). |
1087 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, | 1098 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
1088 SecurityState_InvalidHTTPS) { | 1099 SecurityState_InvalidHTTPS) { |
| 1100 // The security indicator should be downgraded while the interstitial shows. |
1089 SetupWarningAndNavigateToInvalidHTTPS(); | 1101 SetupWarningAndNavigateToInvalidHTTPS(); |
| 1102 WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 1103 ASSERT_TRUE(error_tab); |
| 1104 ExpectSecurityIndicatorDowngrade(error_tab, 0u); |
| 1105 |
| 1106 // The security indicator should still be downgraded post-interstitial. |
1090 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); | 1107 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); |
1091 AssertNoInterstitial(true); | 1108 AssertNoInterstitial(true); |
1092 | 1109 WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
1093 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); | 1110 ASSERT_TRUE(post_tab); |
1094 ASSERT_TRUE(tab); | 1111 // TODO(felt): Sometimes the cert status here is 0u, which is wrong. |
1095 ChromeSecurityStateModelClient* model_client = | 1112 // Filed https://crbug.com/641187 to investigate. |
1096 ChromeSecurityStateModelClient::FromWebContents(tab); | 1113 ExpectSecurityIndicatorDowngrade(post_tab, net::CERT_STATUS_INVALID); |
1097 ASSERT_TRUE(model_client); | |
1098 EXPECT_EQ(security_state::SecurityStateModel::SECURITY_ERROR, | |
1099 model_client->GetSecurityInfo().security_level); | |
1100 EXPECT_TRUE(model_client->GetSecurityInfo().fails_malware_check); | |
1101 | |
1102 // TODO(felt): In the testing framework, the cert status gets reset to 0 | |
1103 // after the malware interstitial and stays that way. | |
1104 //EXPECT_NE(0u, model_client->GetSecurityInfo().cert_status); | |
1105 } | 1114 } |
1106 | 1115 |
1107 INSTANTIATE_TEST_CASE_P( | 1116 INSTANTIATE_TEST_CASE_P( |
1108 SafeBrowsingBlockingPageBrowserTestWithThreatTypeAndIsolationSetting, | 1117 SafeBrowsingBlockingPageBrowserTestWithThreatTypeAndIsolationSetting, |
1109 SafeBrowsingBlockingPageBrowserTest, | 1118 SafeBrowsingBlockingPageBrowserTest, |
1110 testing::Combine( | 1119 testing::Combine( |
1111 testing::Values(SB_THREAT_TYPE_URL_MALWARE, // Threat types | 1120 testing::Values(SB_THREAT_TYPE_URL_MALWARE, // Threat types |
1112 SB_THREAT_TYPE_URL_PHISHING, | 1121 SB_THREAT_TYPE_URL_PHISHING, |
1113 SB_THREAT_TYPE_URL_UNWANTED), | 1122 SB_THREAT_TYPE_URL_UNWANTED), |
1114 testing::Bool())); // If isolate all sites for testing. | 1123 testing::Bool())); // If isolate all sites for testing. |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1152 | 1161 |
1153 INSTANTIATE_TEST_CASE_P( | 1162 INSTANTIATE_TEST_CASE_P( |
1154 SafeBrowsingBlockingPageIDNTestWithThreatType, | 1163 SafeBrowsingBlockingPageIDNTestWithThreatType, |
1155 SafeBrowsingBlockingPageIDNTest, | 1164 SafeBrowsingBlockingPageIDNTest, |
1156 testing::Combine(testing::Values(false, true), | 1165 testing::Combine(testing::Values(false, true), |
1157 testing::Values(SB_THREAT_TYPE_URL_MALWARE, | 1166 testing::Values(SB_THREAT_TYPE_URL_MALWARE, |
1158 SB_THREAT_TYPE_URL_PHISHING, | 1167 SB_THREAT_TYPE_URL_PHISHING, |
1159 SB_THREAT_TYPE_URL_UNWANTED))); | 1168 SB_THREAT_TYPE_URL_UNWANTED))); |
1160 | 1169 |
1161 } // namespace safe_browsing | 1170 } // namespace safe_browsing |
OLD | NEW |