| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // This test creates a fake safebrowsing service, where we can inject known- | 5 // This test creates a fake safebrowsing service, where we can inject known- |
| 6 // threat urls. It then uses a real browser to go to these urls, and sends | 6 // threat urls. It then uses a real browser to go to these urls, and sends |
| 7 // "goback" or "proceed" commands and verifies they work. | 7 // "goback" or "proceed" commands and verifies they work. |
| 8 | 8 |
| 9 #include <algorithm> | 9 #include <algorithm> |
| 10 | 10 |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 61 using content::NavigationController; | 61 using content::NavigationController; |
| 62 using content::RenderFrameHost; | 62 using content::RenderFrameHost; |
| 63 using content::WebContents; | 63 using content::WebContents; |
| 64 | 64 |
| 65 namespace safe_browsing { | 65 namespace safe_browsing { |
| 66 | 66 |
| 67 namespace { | 67 namespace { |
| 68 | 68 |
| 69 const char kEmptyPage[] = "empty.html"; | 69 const char kEmptyPage[] = "empty.html"; |
| 70 const char kHTTPSPage[] = "/ssl/google.html"; | 70 const char kHTTPSPage[] = "/ssl/google.html"; |
| 71 const char kMalwarePage[] = "safe_browsing/malware.html"; | 71 const char kMaliciousPage[] = "safe_browsing/malware.html"; |
| 72 const char kCrossSiteMalwarePage[] = "safe_browsing/malware2.html"; | 72 const char kCrossSiteMaliciousPage[] = "safe_browsing/malware2.html"; |
| 73 const char kMalwareIframe[] = "safe_browsing/malware_iframe.html"; | 73 const char kMaliciousIframe[] = "safe_browsing/malware_iframe.html"; |
| 74 const char kCrossSiteIframeUrl[] = "http://example.com/cross_site_iframe.html"; | |
| 75 const char kUnrelatedUrl[] = "https://www.google.com"; | 74 const char kUnrelatedUrl[] = "https://www.google.com"; |
| 76 | 75 |
| 77 // A SafeBrowsingDatabaseManager class that allows us to inject the malicious | 76 // A SafeBrowsingDatabaseManager class that allows us to inject the malicious |
| 78 // URLs. | 77 // URLs. |
| 79 class FakeSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager { | 78 class FakeSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager { |
| 80 public: | 79 public: |
| 81 FakeSafeBrowsingDatabaseManager() {} | 80 FakeSafeBrowsingDatabaseManager() {} |
| 82 | 81 |
| 83 // Called on the IO thread to check if the given url is safe or not. If we | 82 // Called on the IO thread to check if the given url is safe or not. If we |
| 84 // can synchronously determine that the url is safe, CheckUrl returns true. | 83 // can synchronously determine that the url is safe, CheckUrl returns true. |
| (...skipping 277 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 362 ->GetInterstitialPage(); | 361 ->GetInterstitialPage(); |
| 363 EXPECT_EQ(SSLBlockingPage::kTypeForTesting, | 362 EXPECT_EQ(SSLBlockingPage::kTypeForTesting, |
| 364 https_warning->GetDelegateForTesting()->GetTypeForTesting()); | 363 https_warning->GetDelegateForTesting()->GetTypeForTesting()); |
| 365 https_warning->Proceed(); | 364 https_warning->Proceed(); |
| 366 content::WaitForInterstitialDetach( | 365 content::WaitForInterstitialDetach( |
| 367 browser()->tab_strip_model()->GetActiveWebContents()); | 366 browser()->tab_strip_model()->GetActiveWebContents()); |
| 368 | 367 |
| 369 return SetupWarningAndNavigateToURL(url); | 368 return SetupWarningAndNavigateToURL(url); |
| 370 } | 369 } |
| 371 | 370 |
| 372 // Adds two safebrowsing threat results to the fake safebrowsing service, | 371 // Adds a safebrowsing threat results to the fake safebrowsing service, |
| 373 // navigates to a page with an iframe containing the threat site, and another | 372 // navigates to a page with an iframe containing the threat site, and returns |
| 374 // cross site iframe containing another threat site, and returns the url of | 373 // the url of the parent page. |
| 375 // the parent page. | |
| 376 GURL SetupThreatIframeWarningAndNavigate() { | 374 GURL SetupThreatIframeWarningAndNavigate() { |
| 377 GURL url = net::URLRequestMockHTTPJob::GetMockUrl(kCrossSiteMalwarePage); | 375 GURL url = net::URLRequestMockHTTPJob::GetMockUrl(kCrossSiteMaliciousPage); |
| 378 GURL iframe_url = net::URLRequestMockHTTPJob::GetMockUrl(kMalwareIframe); | 376 GURL iframe_url = net::URLRequestMockHTTPJob::GetMockUrl(kMaliciousIframe); |
| 379 GURL cross_site_url(kCrossSiteIframeUrl); | |
| 380 SetURLThreatType(iframe_url, testing::get<0>(GetParam())); | 377 SetURLThreatType(iframe_url, testing::get<0>(GetParam())); |
| 381 SetURLThreatType(cross_site_url, testing::get<0>(GetParam())); | |
| 382 | 378 |
| 383 ui_test_utils::NavigateToURL(browser(), url); | 379 ui_test_utils::NavigateToURL(browser(), url); |
| 384 EXPECT_TRUE(WaitForReady()); | 380 EXPECT_TRUE(WaitForReady()); |
| 385 return url; | 381 return url; |
| 386 } | 382 } |
| 387 | 383 |
| 388 void SendCommand( | 384 void SendCommand( |
| 389 security_interstitials::SecurityInterstitialCommands command) { | 385 security_interstitials::SecurityInterstitialCommands command) { |
| 390 WebContents* contents = | 386 WebContents* contents = |
| 391 browser()->tab_strip_model()->GetActiveWebContents(); | 387 browser()->tab_strip_model()->GetActiveWebContents(); |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 439 | 435 |
| 440 std::string GetReportSent() { | 436 std::string GetReportSent() { |
| 441 return static_cast<FakeSafeBrowsingUIManager*>( | 437 return static_cast<FakeSafeBrowsingUIManager*>( |
| 442 factory_.test_safe_browsing_service()->ui_manager().get()) | 438 factory_.test_safe_browsing_service()->ui_manager().get()) |
| 443 ->GetReport(); | 439 ->GetReport(); |
| 444 } | 440 } |
| 445 | 441 |
| 446 void MalwareRedirectCancelAndProceed(const std::string& open_function) { | 442 void MalwareRedirectCancelAndProceed(const std::string& open_function) { |
| 447 GURL load_url = net::URLRequestMockHTTPJob::GetMockUrl( | 443 GURL load_url = net::URLRequestMockHTTPJob::GetMockUrl( |
| 448 "safe_browsing/interstitial_cancel.html"); | 444 "safe_browsing/interstitial_cancel.html"); |
| 449 GURL malware_url = net::URLRequestMockHTTPJob::GetMockUrl(kMalwarePage); | 445 GURL malware_url = net::URLRequestMockHTTPJob::GetMockUrl(kMaliciousPage); |
| 450 SetURLThreatType(malware_url, testing::get<0>(GetParam())); | 446 SetURLThreatType(malware_url, testing::get<0>(GetParam())); |
| 451 | 447 |
| 452 // Load the test page. | 448 // Load the test page. |
| 453 ui_test_utils::NavigateToURL(browser(), load_url); | 449 ui_test_utils::NavigateToURL(browser(), load_url); |
| 454 // Trigger the safe browsing interstitial page via a redirect in | 450 // Trigger the safe browsing interstitial page via a redirect in |
| 455 // "openWin()". | 451 // "openWin()". |
| 456 ui_test_utils::NavigateToURLWithDisposition( | 452 ui_test_utils::NavigateToURLWithDisposition( |
| 457 browser(), GURL("javascript:" + open_function + "()"), | 453 browser(), GURL("javascript:" + open_function + "()"), |
| 458 WindowOpenDisposition::CURRENT_TAB, | 454 WindowOpenDisposition::CURRENT_TAB, |
| 459 ui_test_utils::BROWSER_TEST_WAIT_FOR_TAB); | 455 ui_test_utils::BROWSER_TEST_WAIT_FOR_TAB); |
| (...skipping 221 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 681 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); | 677 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link")); |
| 682 AssertNoInterstitial(true); // Assert the interstitial is gone | 678 AssertNoInterstitial(true); // Assert the interstitial is gone |
| 683 | 679 |
| 684 EXPECT_EQ(url, | 680 EXPECT_EQ(url, |
| 685 browser()->tab_strip_model()->GetActiveWebContents()->GetURL()); | 681 browser()->tab_strip_model()->GetActiveWebContents()->GetURL()); |
| 686 } | 682 } |
| 687 | 683 |
| 688 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, | 684 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
| 689 IframeOptInAndReportThreatDetails) { | 685 IframeOptInAndReportThreatDetails) { |
| 690 // The extended reporting opt-in is presented in the interstitial for malware, | 686 // The extended reporting opt-in is presented in the interstitial for malware, |
| 691 // phishing, and UwS threats. This test uses malware as an example to verify | 687 // phishing, and UwS threats. |
| 692 // this reporting functionality. | |
| 693 const bool expect_threat_details = | 688 const bool expect_threat_details = |
| 694 SafeBrowsingBlockingPage::ShouldReportThreatDetails( | 689 SafeBrowsingBlockingPage::ShouldReportThreatDetails( |
| 695 testing::get<0>(GetParam())); | 690 testing::get<0>(GetParam())); |
| 696 | 691 |
| 697 scoped_refptr<content::MessageLoopRunner> threat_report_sent_runner( | 692 scoped_refptr<content::MessageLoopRunner> threat_report_sent_runner( |
| 698 new content::MessageLoopRunner); | 693 new content::MessageLoopRunner); |
| 699 if (expect_threat_details) | 694 if (expect_threat_details) |
| 700 SetReportSentCallback(threat_report_sent_runner->QuitClosure()); | 695 SetReportSentCallback(threat_report_sent_runner->QuitClosure()); |
| 701 | 696 |
| 702 // Set up testing url containing iframe and cross site iframe. | 697 // Set up testing url containing iframe and cross site iframe. |
| (...skipping 13 matching lines...) Expand all Loading... |
| 716 | 711 |
| 717 if (expect_threat_details) { | 712 if (expect_threat_details) { |
| 718 threat_report_sent_runner->Run(); | 713 threat_report_sent_runner->Run(); |
| 719 std::string serialized = GetReportSent(); | 714 std::string serialized = GetReportSent(); |
| 720 ClientSafeBrowsingReportRequest report; | 715 ClientSafeBrowsingReportRequest report; |
| 721 ASSERT_TRUE(report.ParseFromString(serialized)); | 716 ASSERT_TRUE(report.ParseFromString(serialized)); |
| 722 // Verify the report is complete. | 717 // Verify the report is complete. |
| 723 EXPECT_TRUE(report.complete()); | 718 EXPECT_TRUE(report.complete()); |
| 724 // Do some basic verification of report contents. | 719 // Do some basic verification of report contents. |
| 725 EXPECT_EQ(url.spec(), report.page_url()); | 720 EXPECT_EQ(url.spec(), report.page_url()); |
| 726 EXPECT_EQ(net::URLRequestMockHTTPJob::GetMockUrl(kMalwareIframe).spec(), | 721 EXPECT_EQ(net::URLRequestMockHTTPJob::GetMockUrl(kMaliciousIframe).spec(), |
| 727 report.url()); | 722 report.url()); |
| 728 std::vector<ClientSafeBrowsingReportRequest::Resource> resources; | 723 std::vector<ClientSafeBrowsingReportRequest::Resource> resources; |
| 729 for (auto resource: report.resources()) { | 724 for (auto resource: report.resources()) { |
| 730 resources.push_back(resource); | 725 resources.push_back(resource); |
| 731 } | 726 } |
| 732 // Sort resources based on their urls. | 727 // Sort resources based on their urls. |
| 733 std::sort(resources.begin(), resources.end(), | 728 std::sort(resources.begin(), resources.end(), |
| 734 [](const ClientSafeBrowsingReportRequest::Resource& a, | 729 [](const ClientSafeBrowsingReportRequest::Resource& a, |
| 735 const ClientSafeBrowsingReportRequest::Resource& b) -> bool { | 730 const ClientSafeBrowsingReportRequest::Resource& b) -> bool { |
| 736 return a.url() < b.url(); | 731 return a.url() < b.url(); |
| 737 }); | 732 }); |
| 738 ASSERT_EQ(3U, resources.size()); | 733 ASSERT_EQ(2U, resources.size()); |
| 739 VerifyResource( | 734 VerifyResource( |
| 740 report, resources[0], kCrossSiteIframeUrl, | 735 report, resources[0], |
| 741 net::URLRequestMockHTTPJob::GetMockUrl(kCrossSiteMalwarePage).spec(), 0, | 736 net::URLRequestMockHTTPJob::GetMockUrl(kCrossSiteMaliciousPage).spec(), |
| 742 "IFRAME"); | 737 net::URLRequestMockHTTPJob::GetMockUrl(kCrossSiteMaliciousPage).spec(), |
| 738 1, ""); |
| 743 VerifyResource( | 739 VerifyResource( |
| 744 report, resources[1], | 740 report, resources[1], |
| 745 net::URLRequestMockHTTPJob::GetMockUrl(kCrossSiteMalwarePage).spec(), | 741 net::URLRequestMockHTTPJob::GetMockUrl(kMaliciousIframe).spec(), |
| 746 net::URLRequestMockHTTPJob::GetMockUrl(kCrossSiteMalwarePage).spec(), 2, | 742 url.spec(), // kCrossSiteMaliciousPage |
| 747 ""); | |
| 748 VerifyResource( | |
| 749 report, resources[2], | |
| 750 net::URLRequestMockHTTPJob::GetMockUrl(kMalwareIframe).spec(), | |
| 751 url.spec(), // kCrossSiteMalwarePage | |
| 752 0, "IFRAME"); | 743 0, "IFRAME"); |
| 753 } | 744 } |
| 754 } | 745 } |
| 755 | 746 |
| 756 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, | 747 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
| 757 MainFrameBlockedShouldHaveNoDOMDetailsWhenDontProceed) { | 748 MainFrameBlockedShouldHaveNoDOMDetailsWhenDontProceed) { |
| 758 const bool expect_threat_details = | 749 const bool expect_threat_details = |
| 759 SafeBrowsingBlockingPage::ShouldReportThreatDetails( | 750 SafeBrowsingBlockingPage::ShouldReportThreatDetails( |
| 760 testing::get<0>(GetParam())); | 751 testing::get<0>(GetParam())); |
| 761 | 752 |
| 762 scoped_refptr<content::MessageLoopRunner> threat_report_sent_runner( | 753 scoped_refptr<content::MessageLoopRunner> threat_report_sent_runner( |
| 763 new content::MessageLoopRunner); | 754 new content::MessageLoopRunner); |
| 764 if (expect_threat_details) | 755 if (expect_threat_details) |
| 765 SetReportSentCallback(threat_report_sent_runner->QuitClosure()); | 756 SetReportSentCallback(threat_report_sent_runner->QuitClosure()); |
| 766 | 757 |
| 767 // Navigate to a safe page which contains multiple potential DOM details. | 758 // Navigate to a safe page which contains multiple potential DOM details. |
| 768 // (Despite the name, kMalwarePage is not the page flagged as malware in this | 759 // (Despite the name, kMaliciousPage is not the page flagged as bad in this |
| 769 // test.) | 760 // test.) |
| 770 GURL safe_url(net::URLRequestMockHTTPJob::GetMockUrl(kMalwarePage)); | 761 GURL safe_url(net::URLRequestMockHTTPJob::GetMockUrl(kMaliciousPage)); |
| 771 ui_test_utils::NavigateToURL(browser(), safe_url); | 762 ui_test_utils::NavigateToURL(browser(), safe_url); |
| 772 | 763 |
| 773 EXPECT_EQ(nullptr, details_factory_.get_details()); | 764 EXPECT_EQ(nullptr, details_factory_.get_details()); |
| 774 | 765 |
| 775 // Start navigation to bad page (kEmptyPage), which will be blocked before it | 766 // Start navigation to bad page (kEmptyPage), which will be blocked before it |
| 776 // is committed. | 767 // is committed. |
| 777 GURL url = SetupWarningAndNavigate(); | 768 GURL url = SetupWarningAndNavigate(); |
| 778 | 769 |
| 779 ThreatDetails* threat_details = details_factory_.get_details(); | 770 ThreatDetails* threat_details = details_factory_.get_details(); |
| 780 EXPECT_EQ(expect_threat_details, threat_details != nullptr); | 771 EXPECT_EQ(expect_threat_details, threat_details != nullptr); |
| (...skipping 29 matching lines...) Expand all Loading... |
| 810 const bool expect_threat_details = | 801 const bool expect_threat_details = |
| 811 SafeBrowsingBlockingPage::ShouldReportThreatDetails( | 802 SafeBrowsingBlockingPage::ShouldReportThreatDetails( |
| 812 testing::get<0>(GetParam())); | 803 testing::get<0>(GetParam())); |
| 813 | 804 |
| 814 scoped_refptr<content::MessageLoopRunner> threat_report_sent_runner( | 805 scoped_refptr<content::MessageLoopRunner> threat_report_sent_runner( |
| 815 new content::MessageLoopRunner); | 806 new content::MessageLoopRunner); |
| 816 if (expect_threat_details) | 807 if (expect_threat_details) |
| 817 SetReportSentCallback(threat_report_sent_runner->QuitClosure()); | 808 SetReportSentCallback(threat_report_sent_runner->QuitClosure()); |
| 818 | 809 |
| 819 // Navigate to a safe page which contains multiple potential DOM details. | 810 // Navigate to a safe page which contains multiple potential DOM details. |
| 820 // (Despite the name, kMalwarePage is not the page flagged as malware in this | 811 // (Despite the name, kMaliciousPage is not the page flagged as bad in this |
| 821 // test.) | 812 // test.) |
| 822 ui_test_utils::NavigateToURL( | 813 ui_test_utils::NavigateToURL( |
| 823 browser(), net::URLRequestMockHTTPJob::GetMockUrl(kMalwarePage)); | 814 browser(), net::URLRequestMockHTTPJob::GetMockUrl(kMaliciousPage)); |
| 824 | 815 |
| 825 EXPECT_EQ(nullptr, details_factory_.get_details()); | 816 EXPECT_EQ(nullptr, details_factory_.get_details()); |
| 826 | 817 |
| 827 // Start navigation to bad page (kEmptyPage), which will be blocked before it | 818 // Start navigation to bad page (kEmptyPage), which will be blocked before it |
| 828 // is committed. | 819 // is committed. |
| 829 GURL url = SetupWarningAndNavigate(); | 820 GURL url = SetupWarningAndNavigate(); |
| 830 | 821 |
| 831 ThreatDetails* threat_details = details_factory_.get_details(); | 822 ThreatDetails* threat_details = details_factory_.get_details(); |
| 832 EXPECT_EQ(expect_threat_details, threat_details != nullptr); | 823 EXPECT_EQ(expect_threat_details, threat_details != nullptr); |
| 833 | 824 |
| (...skipping 328 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1162 | 1153 |
| 1163 INSTANTIATE_TEST_CASE_P( | 1154 INSTANTIATE_TEST_CASE_P( |
| 1164 SafeBrowsingBlockingPageIDNTestWithThreatType, | 1155 SafeBrowsingBlockingPageIDNTestWithThreatType, |
| 1165 SafeBrowsingBlockingPageIDNTest, | 1156 SafeBrowsingBlockingPageIDNTest, |
| 1166 testing::Combine(testing::Values(false, true), | 1157 testing::Combine(testing::Values(false, true), |
| 1167 testing::Values(SB_THREAT_TYPE_URL_MALWARE, | 1158 testing::Values(SB_THREAT_TYPE_URL_MALWARE, |
| 1168 SB_THREAT_TYPE_URL_PHISHING, | 1159 SB_THREAT_TYPE_URL_PHISHING, |
| 1169 SB_THREAT_TYPE_URL_UNWANTED))); | 1160 SB_THREAT_TYPE_URL_UNWANTED))); |
| 1170 | 1161 |
| 1171 } // namespace safe_browsing | 1162 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2388343003:
Simplify SafeBrowsingBlockingPageBrowserTest.IframeOptInAndReportThreatDetails (Closed)
