Chromium Code Reviews Chromium Code Reviews
Issue 2451623005:
Remove Dangerous indicator after going back from interstitial (Closed)
| Index: chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc |
| diff --git a/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc b/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc |
| index 468adf7f11532a578712a079b0c2613db5377aab..7e78f5da0576688aea4139919b8df05c8d702da5 100644 |
| --- a/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc |
| +++ b/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc |
| @@ -44,6 +44,7 @@ |
| #include "components/security_interstitials/core/metrics_helper.h" |
| #include "content/public/browser/interstitial_page.h" |
| #include "content/public/browser/navigation_controller.h" |
| +#include "content/public/browser/navigation_entry.h" |
| #include "content/public/browser/notification_types.h" |
| #include "content/public/browser/render_frame_host.h" |
| #include "content/public/browser/render_process_host.h" |
| @@ -117,6 +118,8 @@ class FakeSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager { |
| badurls[url.spec()] = threat_type; |
| } |
| + void ClearURL(const GURL& url) { badurls.erase(url.spec()); } |
|
Nathan Parker
2016/10/31 23:54:38
nit: ClearBadURL. Same below.
estark
2016/11/01 02:41:16
Done.
|
| + |
| // These are called when checking URLs, so we implement them. |
| bool IsSupported() const override { return true; } |
| bool ChecksAreAlwaysAsync() const override { return false; } |
| @@ -327,6 +330,15 @@ class SafeBrowsingBlockingPageBrowserTest |
| ->SetURLThreatType(url, threat_type); |
| } |
| + void ClearURL(const GURL& url) { |
| + TestSafeBrowsingService* service = factory_.test_safe_browsing_service(); |
| + ASSERT_TRUE(service); |
| + |
| + static_cast<FakeSafeBrowsingDatabaseManager*>( |
| + service->database_manager().get()) |
| + ->ClearURL(url); |
| + } |
| + |
| // The basic version of this method, which uses a HTTP test URL. |
| GURL SetupWarningAndNavigate() { |
| return SetupWarningAndNavigateToURL( |
| @@ -581,6 +593,17 @@ class SafeBrowsingBlockingPageBrowserTest |
| // EXPECT_EQ(cert_status, model_client->GetSecurityInfo().cert_status); |
| } |
| + void ExpectNoSecurityIndicatorDowngrade(content::WebContents* tab) { |
| + ChromeSecurityStateModelClient* model_client = |
| + ChromeSecurityStateModelClient::FromWebContents(tab); |
| + ASSERT_TRUE(model_client); |
| + security_state::SecurityStateModel::SecurityInfo security_info; |
| + model_client->GetSecurityInfo(&security_info); |
| + EXPECT_EQ(security_state::SecurityStateModel::NONE, |
| + security_info.security_level); |
| + EXPECT_FALSE(security_info.fails_malware_check); |
| + } |
| + |
| protected: |
| TestThreatDetailsFactory details_factory_; |
| @@ -1053,7 +1076,7 @@ class SecurityStyleTestObserver : public content::WebContentsObserver { |
| public: |
| explicit SecurityStyleTestObserver(content::WebContents* web_contents) |
| : content::WebContentsObserver(web_contents), |
| - latest_security_style_(blink::WebSecurityStyleUnknown){}; |
| + latest_security_style_(blink::WebSecurityStyleUnknown) {} |
| blink::WebSecurityStyle latest_security_style() const { |
| return latest_security_style_; |
| @@ -1095,6 +1118,92 @@ IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
| ExpectSecurityIndicatorDowngrade(post_tab, 0u); |
| } |
| +// Test that the security indicator does not stay downgraded after |
| +// clicking back from a Safe Browsing interstitial. Regression test for |
| +// https://crbug.com/659709. |
| +IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
| + SecurityStateGoBack) { |
| + // Navigate to a page so that there is somewhere to go back to. |
| + GURL start_url = |
| + net::URLRequestMockHTTPJob::GetMockUrl("http://example.test"); |
| + ui_test_utils::NavigateToURL(browser(), start_url); |
| + |
| + // The security indicator should be downgraded while the interstitial shows. |
| + GURL bad_url = net::URLRequestMockHTTPJob::GetMockUrl(kEmptyPage); |
| + SetupWarningAndNavigate(); |
| + WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| + ASSERT_TRUE(error_tab); |
| + ExpectSecurityIndicatorDowngrade(error_tab, 0u); |
| + content::NavigationEntry* entry = |
| + error_tab->GetController().GetVisibleEntry(); |
| + ASSERT_TRUE(entry); |
| + ASSERT_EQ(bad_url, entry->GetURL()); |
| + |
| + // Go back. |
| + EXPECT_EQ(VISIBLE, GetVisibility("primary-button")); |
| + EXPECT_EQ(HIDDEN, GetVisibility("details")); |
| + EXPECT_EQ(HIDDEN, GetVisibility("proceed-link")); |
| + EXPECT_EQ(HIDDEN, GetVisibility("error-code")); |
| + EXPECT_TRUE(Click("details-button")); |
| + EXPECT_EQ(VISIBLE, GetVisibility("details")); |
| + EXPECT_EQ(VISIBLE, GetVisibility("proceed-link")); |
| + EXPECT_EQ(HIDDEN, GetVisibility("error-code")); |
| + EXPECT_TRUE(ClickAndWaitForDetach("primary-button")); |
| + |
| + // The security indicator should *not* still be downgraded after going back. |
| + AssertNoInterstitial(true); |
| + WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| + ASSERT_TRUE(post_tab); |
| + entry = post_tab->GetController().GetVisibleEntry(); |
| + ASSERT_TRUE(entry); |
| + EXPECT_EQ(start_url, entry->GetURL()); |
| + ExpectNoSecurityIndicatorDowngrade(post_tab); |
| + |
| + ClearURL(bad_url); |
| + // Navigate to the URL that the interstitial was on, and check that it |
| + // is no longer marked as dangerous. |
| + ui_test_utils::NavigateToURL(browser(), bad_url); |
| + ExpectNoSecurityIndicatorDowngrade( |
| + browser()->tab_strip_model()->GetActiveWebContents()); |
| +} |
| + |
| +// Test that the security indicator does not stay downgraded after |
| +// clicking back from a Safe Browsing interstitial triggered by a |
| +// subresource. Regression test for https://crbug.com/659709. |
| +IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
| + SecurityStateGoBackOnSubresourceInterstitial) { |
| + // Navigate to a page so that there is somewhere to go back to. |
| + GURL start_url = |
| + net::URLRequestMockHTTPJob::GetMockUrl("http://example.test"); |
| + ui_test_utils::NavigateToURL(browser(), start_url); |
| + |
| + // The security indicator should be downgraded while the interstitial shows. |
| + SetupThreatIframeWarningAndNavigate(); |
| + WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| + ASSERT_TRUE(error_tab); |
| + ExpectSecurityIndicatorDowngrade(error_tab, 0u); |
| + |
| + // Go back. |
| + EXPECT_EQ(VISIBLE, GetVisibility("primary-button")); |
| + EXPECT_EQ(HIDDEN, GetVisibility("details")); |
| + EXPECT_EQ(HIDDEN, GetVisibility("proceed-link")); |
| + EXPECT_EQ(HIDDEN, GetVisibility("error-code")); |
| + EXPECT_TRUE(Click("details-button")); |
| + EXPECT_EQ(VISIBLE, GetVisibility("details")); |
| + EXPECT_EQ(VISIBLE, GetVisibility("proceed-link")); |
| + EXPECT_EQ(HIDDEN, GetVisibility("error-code")); |
| + EXPECT_TRUE(ClickAndWaitForDetach("primary-button")); |
| + |
| + // The security indicator should *not* still be downgraded after going back. |
| + AssertNoInterstitial(true); |
| + WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| + ASSERT_TRUE(post_tab); |
| + content::NavigationEntry* entry = post_tab->GetController().GetVisibleEntry(); |
| + ASSERT_TRUE(entry); |
| + EXPECT_EQ(start_url, entry->GetURL()); |
| + ExpectNoSecurityIndicatorDowngrade(post_tab); |
| +} |
| + |
| // Test that the security indicator is downgraded after clicking through a |
| // Safe Browsing interstitial. |
| IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
| @@ -1170,6 +1279,7 @@ class SafeBrowsingBlockingPageIDNTest |
| SecurityInterstitialPage* CreateInterstitial( |
| content::WebContents* contents, |
| const GURL& request_url) const override { |
| + SafeBrowsingUIManager::CreateWhitelistForTesting(contents); |
| const bool is_subresource = testing::get<0>(GetParam()); |
| SafeBrowsingService* sb_service = |
