Remove Dangerous indicator after going back from interstitial

chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc

Index: chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc
diff --git a/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc b/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc
index 468adf7f11532a578712a079b0c2613db5377aab..e02fecbdad4a909dc0c2f2f7d314efaddd56a61b 100644
--- a/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc
+++ b/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc
@@ -44,6 +44,7 @@
 #include "components/security_interstitials/core/metrics_helper.h"
 #include "content/public/browser/interstitial_page.h"
 #include "content/public/browser/navigation_controller.h"
+#include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/notification_types.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/render_process_host.h"
@@ -117,6 +118,8 @@ class FakeSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager {
     badurls[url.spec()] = threat_type;
   }
 
+  void ClearBadURL(const GURL& url) { badurls.erase(url.spec()); }
+
   // These are called when checking URLs, so we implement them.
   bool IsSupported() const override { return true; }
   bool ChecksAreAlwaysAsync() const override { return false; }
@@ -327,6 +330,15 @@ class SafeBrowsingBlockingPageBrowserTest
         ->SetURLThreatType(url, threat_type);
   }
 
+  void ClearBadURL(const GURL& url) {
+    TestSafeBrowsingService* service = factory_.test_safe_browsing_service();
+    ASSERT_TRUE(service);
+
+    static_cast<FakeSafeBrowsingDatabaseManager*>(
+        service->database_manager().get())
+        ->ClearBadURL(url);
+  }
+
   // The basic version of this method, which uses a HTTP test URL.
   GURL SetupWarningAndNavigate() {
     return SetupWarningAndNavigateToURL(
@@ -581,6 +593,17 @@ class SafeBrowsingBlockingPageBrowserTest
     // EXPECT_EQ(cert_status, model_client->GetSecurityInfo().cert_status);
   }
 
+  void ExpectNoSecurityIndicatorDowngrade(content::WebContents* tab) {
+    ChromeSecurityStateModelClient* model_client =
+        ChromeSecurityStateModelClient::FromWebContents(tab);
+    ASSERT_TRUE(model_client);
+    security_state::SecurityStateModel::SecurityInfo security_info;
+    model_client->GetSecurityInfo(&security_info);
+    EXPECT_EQ(security_state::SecurityStateModel::NONE,
+              security_info.security_level);
+    EXPECT_FALSE(security_info.fails_malware_check);
+  }
+
  protected:
   TestThreatDetailsFactory details_factory_;
 
@@ -1053,7 +1076,7 @@ class SecurityStyleTestObserver : public content::WebContentsObserver {
  public:
   explicit SecurityStyleTestObserver(content::WebContents* web_contents)
       : content::WebContentsObserver(web_contents),
-        latest_security_style_(blink::WebSecurityStyleUnknown){};
+        latest_security_style_(blink::WebSecurityStyleUnknown) {}
 
   blink::WebSecurityStyle latest_security_style() const {
     return latest_security_style_;
@@ -1095,6 +1118,92 @@ IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest,
   ExpectSecurityIndicatorDowngrade(post_tab, 0u);
 }
 
+// Test that the security indicator does not stay downgraded after
+// clicking back from a Safe Browsing interstitial. Regression test for
+// https://crbug.com/659709.
+IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest,
+                       SecurityStateGoBack) {
+  // Navigate to a page so that there is somewhere to go back to.
+  GURL start_url =
+      net::URLRequestMockHTTPJob::GetMockUrl("http://example.test");
+  ui_test_utils::NavigateToURL(browser(), start_url);
+
+  // The security indicator should be downgraded while the interstitial shows.
+  GURL bad_url = net::URLRequestMockHTTPJob::GetMockUrl(kEmptyPage);
+  SetupWarningAndNavigate();
+  WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents();
+  ASSERT_TRUE(error_tab);
+  ExpectSecurityIndicatorDowngrade(error_tab, 0u);
+  content::NavigationEntry* entry =
+      error_tab->GetController().GetVisibleEntry();
+  ASSERT_TRUE(entry);
+  ASSERT_EQ(bad_url, entry->GetURL());
+
+  // Go back.
+  EXPECT_EQ(VISIBLE, GetVisibility("primary-button"));
+  EXPECT_EQ(HIDDEN, GetVisibility("details"));
+  EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
+  EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
+  EXPECT_TRUE(Click("details-button"));
+  EXPECT_EQ(VISIBLE, GetVisibility("details"));
+  EXPECT_EQ(VISIBLE, GetVisibility("proceed-link"));
+  EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
+  EXPECT_TRUE(ClickAndWaitForDetach("primary-button"));
+
+  // The security indicator should *not* still be downgraded after going back.
+  AssertNoInterstitial(true);
+  WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents();
+  ASSERT_TRUE(post_tab);
+  entry = post_tab->GetController().GetVisibleEntry();
+  ASSERT_TRUE(entry);
+  EXPECT_EQ(start_url, entry->GetURL());
+  ExpectNoSecurityIndicatorDowngrade(post_tab);
+
+  ClearBadURL(bad_url);
+  // Navigate to the URL that the interstitial was on, and check that it
+  // is no longer marked as dangerous.
+  ui_test_utils::NavigateToURL(browser(), bad_url);
+  ExpectNoSecurityIndicatorDowngrade(
+      browser()->tab_strip_model()->GetActiveWebContents());
+}
+
+// Test that the security indicator does not stay downgraded after
+// clicking back from a Safe Browsing interstitial triggered by a
+// subresource. Regression test for https://crbug.com/659709.
+IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest,
+                       SecurityStateGoBackOnSubresourceInterstitial) {
+  // Navigate to a page so that there is somewhere to go back to.
+  GURL start_url =
+      net::URLRequestMockHTTPJob::GetMockUrl("http://example.test");
+  ui_test_utils::NavigateToURL(browser(), start_url);
+
+  // The security indicator should be downgraded while the interstitial shows.
+  SetupThreatIframeWarningAndNavigate();
+  WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents();
+  ASSERT_TRUE(error_tab);
+  ExpectSecurityIndicatorDowngrade(error_tab, 0u);
+
+  // Go back.
+  EXPECT_EQ(VISIBLE, GetVisibility("primary-button"));
+  EXPECT_EQ(HIDDEN, GetVisibility("details"));
+  EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
+  EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
+  EXPECT_TRUE(Click("details-button"));
+  EXPECT_EQ(VISIBLE, GetVisibility("details"));
+  EXPECT_EQ(VISIBLE, GetVisibility("proceed-link"));
+  EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
+  EXPECT_TRUE(ClickAndWaitForDetach("primary-button"));
+
+  // The security indicator should *not* still be downgraded after going back.
+  AssertNoInterstitial(true);
+  WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents();
+  ASSERT_TRUE(post_tab);
+  content::NavigationEntry* entry = post_tab->GetController().GetVisibleEntry();
+  ASSERT_TRUE(entry);
+  EXPECT_EQ(start_url, entry->GetURL());
+  ExpectNoSecurityIndicatorDowngrade(post_tab);
+}
+
 // Test that the security indicator is downgraded after clicking through a
 // Safe Browsing interstitial.
 IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest,
@@ -1170,6 +1279,7 @@ class SafeBrowsingBlockingPageIDNTest
   SecurityInterstitialPage* CreateInterstitial(
       content::WebContents* contents,
       const GURL& request_url) const override {
+    SafeBrowsingUIManager::CreateWhitelistForTesting(contents);
     const bool is_subresource = testing::get<0>(GetParam());
 
     SafeBrowsingService* sb_service =