Index: chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc |
diff --git a/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc b/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc |
index 468adf7f11532a578712a079b0c2613db5377aab..e02fecbdad4a909dc0c2f2f7d314efaddd56a61b 100644 |
--- a/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc |
+++ b/chrome/browser/safe_browsing/safe_browsing_blocking_page_test.cc |
@@ -44,6 +44,7 @@ |
#include "components/security_interstitials/core/metrics_helper.h" |
#include "content/public/browser/interstitial_page.h" |
#include "content/public/browser/navigation_controller.h" |
+#include "content/public/browser/navigation_entry.h" |
#include "content/public/browser/notification_types.h" |
#include "content/public/browser/render_frame_host.h" |
#include "content/public/browser/render_process_host.h" |
@@ -117,6 +118,8 @@ class FakeSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager { |
badurls[url.spec()] = threat_type; |
} |
+ void ClearBadURL(const GURL& url) { badurls.erase(url.spec()); } |
+ |
// These are called when checking URLs, so we implement them. |
bool IsSupported() const override { return true; } |
bool ChecksAreAlwaysAsync() const override { return false; } |
@@ -327,6 +330,15 @@ class SafeBrowsingBlockingPageBrowserTest |
->SetURLThreatType(url, threat_type); |
} |
+ void ClearBadURL(const GURL& url) { |
+ TestSafeBrowsingService* service = factory_.test_safe_browsing_service(); |
+ ASSERT_TRUE(service); |
+ |
+ static_cast<FakeSafeBrowsingDatabaseManager*>( |
+ service->database_manager().get()) |
+ ->ClearBadURL(url); |
+ } |
+ |
// The basic version of this method, which uses a HTTP test URL. |
GURL SetupWarningAndNavigate() { |
return SetupWarningAndNavigateToURL( |
@@ -581,6 +593,17 @@ class SafeBrowsingBlockingPageBrowserTest |
// EXPECT_EQ(cert_status, model_client->GetSecurityInfo().cert_status); |
} |
+ void ExpectNoSecurityIndicatorDowngrade(content::WebContents* tab) { |
+ ChromeSecurityStateModelClient* model_client = |
+ ChromeSecurityStateModelClient::FromWebContents(tab); |
+ ASSERT_TRUE(model_client); |
+ security_state::SecurityStateModel::SecurityInfo security_info; |
+ model_client->GetSecurityInfo(&security_info); |
+ EXPECT_EQ(security_state::SecurityStateModel::NONE, |
+ security_info.security_level); |
+ EXPECT_FALSE(security_info.fails_malware_check); |
+ } |
+ |
protected: |
TestThreatDetailsFactory details_factory_; |
@@ -1053,7 +1076,7 @@ class SecurityStyleTestObserver : public content::WebContentsObserver { |
public: |
explicit SecurityStyleTestObserver(content::WebContents* web_contents) |
: content::WebContentsObserver(web_contents), |
- latest_security_style_(blink::WebSecurityStyleUnknown){}; |
+ latest_security_style_(blink::WebSecurityStyleUnknown) {} |
blink::WebSecurityStyle latest_security_style() const { |
return latest_security_style_; |
@@ -1095,6 +1118,92 @@ IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
ExpectSecurityIndicatorDowngrade(post_tab, 0u); |
} |
+// Test that the security indicator does not stay downgraded after |
+// clicking back from a Safe Browsing interstitial. Regression test for |
+// https://crbug.com/659709. |
+IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
+ SecurityStateGoBack) { |
+ // Navigate to a page so that there is somewhere to go back to. |
+ GURL start_url = |
+ net::URLRequestMockHTTPJob::GetMockUrl("http://example.test"); |
+ ui_test_utils::NavigateToURL(browser(), start_url); |
+ |
+ // The security indicator should be downgraded while the interstitial shows. |
+ GURL bad_url = net::URLRequestMockHTTPJob::GetMockUrl(kEmptyPage); |
+ SetupWarningAndNavigate(); |
+ WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
+ ASSERT_TRUE(error_tab); |
+ ExpectSecurityIndicatorDowngrade(error_tab, 0u); |
+ content::NavigationEntry* entry = |
+ error_tab->GetController().GetVisibleEntry(); |
+ ASSERT_TRUE(entry); |
+ ASSERT_EQ(bad_url, entry->GetURL()); |
+ |
+ // Go back. |
+ EXPECT_EQ(VISIBLE, GetVisibility("primary-button")); |
+ EXPECT_EQ(HIDDEN, GetVisibility("details")); |
+ EXPECT_EQ(HIDDEN, GetVisibility("proceed-link")); |
+ EXPECT_EQ(HIDDEN, GetVisibility("error-code")); |
+ EXPECT_TRUE(Click("details-button")); |
+ EXPECT_EQ(VISIBLE, GetVisibility("details")); |
+ EXPECT_EQ(VISIBLE, GetVisibility("proceed-link")); |
+ EXPECT_EQ(HIDDEN, GetVisibility("error-code")); |
+ EXPECT_TRUE(ClickAndWaitForDetach("primary-button")); |
+ |
+ // The security indicator should *not* still be downgraded after going back. |
+ AssertNoInterstitial(true); |
+ WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
+ ASSERT_TRUE(post_tab); |
+ entry = post_tab->GetController().GetVisibleEntry(); |
+ ASSERT_TRUE(entry); |
+ EXPECT_EQ(start_url, entry->GetURL()); |
+ ExpectNoSecurityIndicatorDowngrade(post_tab); |
+ |
+ ClearBadURL(bad_url); |
+ // Navigate to the URL that the interstitial was on, and check that it |
+ // is no longer marked as dangerous. |
+ ui_test_utils::NavigateToURL(browser(), bad_url); |
+ ExpectNoSecurityIndicatorDowngrade( |
+ browser()->tab_strip_model()->GetActiveWebContents()); |
+} |
+ |
+// Test that the security indicator does not stay downgraded after |
+// clicking back from a Safe Browsing interstitial triggered by a |
+// subresource. Regression test for https://crbug.com/659709. |
+IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
+ SecurityStateGoBackOnSubresourceInterstitial) { |
+ // Navigate to a page so that there is somewhere to go back to. |
+ GURL start_url = |
+ net::URLRequestMockHTTPJob::GetMockUrl("http://example.test"); |
+ ui_test_utils::NavigateToURL(browser(), start_url); |
+ |
+ // The security indicator should be downgraded while the interstitial shows. |
+ SetupThreatIframeWarningAndNavigate(); |
+ WebContents* error_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
+ ASSERT_TRUE(error_tab); |
+ ExpectSecurityIndicatorDowngrade(error_tab, 0u); |
+ |
+ // Go back. |
+ EXPECT_EQ(VISIBLE, GetVisibility("primary-button")); |
+ EXPECT_EQ(HIDDEN, GetVisibility("details")); |
+ EXPECT_EQ(HIDDEN, GetVisibility("proceed-link")); |
+ EXPECT_EQ(HIDDEN, GetVisibility("error-code")); |
+ EXPECT_TRUE(Click("details-button")); |
+ EXPECT_EQ(VISIBLE, GetVisibility("details")); |
+ EXPECT_EQ(VISIBLE, GetVisibility("proceed-link")); |
+ EXPECT_EQ(HIDDEN, GetVisibility("error-code")); |
+ EXPECT_TRUE(ClickAndWaitForDetach("primary-button")); |
+ |
+ // The security indicator should *not* still be downgraded after going back. |
+ AssertNoInterstitial(true); |
+ WebContents* post_tab = browser()->tab_strip_model()->GetActiveWebContents(); |
+ ASSERT_TRUE(post_tab); |
+ content::NavigationEntry* entry = post_tab->GetController().GetVisibleEntry(); |
+ ASSERT_TRUE(entry); |
+ EXPECT_EQ(start_url, entry->GetURL()); |
+ ExpectNoSecurityIndicatorDowngrade(post_tab); |
+} |
+ |
// Test that the security indicator is downgraded after clicking through a |
// Safe Browsing interstitial. |
IN_PROC_BROWSER_TEST_P(SafeBrowsingBlockingPageBrowserTest, |
@@ -1170,6 +1279,7 @@ class SafeBrowsingBlockingPageIDNTest |
SecurityInterstitialPage* CreateInterstitial( |
content::WebContents* contents, |
const GURL& request_url) const override { |
+ SafeBrowsingUIManager::CreateWhitelistForTesting(contents); |
const bool is_subresource = testing::get<0>(GetParam()); |
SafeBrowsingService* sb_service = |