Wire up CertificateReportingService to handle report uploads

chrome/browser/safe_browsing/certificate_reporting_service_browsertest.cc

+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/safe_browsing/certificate_reporting_service.h"
+
+#include "base/base_switches.h"
+#include "base/command_line.h"
+#include "base/macros.h"
+#include "base/test/simple_test_clock.h"
+#include "base/time/clock.h"
+#include "base/time/time.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/safe_browsing/certificate_reporting_service_factory.h"
+#include "chrome/browser/safe_browsing/certificate_reporting_service_test_utils.h"
+#include "chrome/browser/ssl/certificate_reporting_test_utils.h"
+#include "chrome/browser/ui/browser.h"
+#include "chrome/browser/ui/tabs/tab_strip_model.h"
+#include "chrome/common/pref_names.h"
+#include "chrome/test/base/in_process_browser_test.h"
+#include "chrome/test/base/ui_test_utils.h"
+#include "components/prefs/pref_service.h"
+#include "components/variations/variations_switches.h"
+#include "content/public/browser/web_contents.h"
+#include "content/public/test/browser_test_utils.h"
+#include "content/public/test/test_utils.h"
+#include "net/test/embedded_test_server/embedded_test_server.h"
+#include "net/url_request/report_sender.h"
+#include "net/url_request/url_request_context_getter.h"
+#include "net/url_request/url_request_filter.h"
+#include "net/url_request/url_request_test_util.h"
+
+namespace {
+
+void CleanUpOnIOThread() {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
+  net::URLRequestFilter::GetInstance()->ClearHandlers();
+}
+
+}  // namespace
+
+namespace safe_browsing {
+
+class CertificateReportingServiceBrowserTest
+    : public InProcessBrowserTest,
+      public certificate_reporting_test_utils::
+          CertificateReportingServiceTestBase {
+ public:
+  CertificateReportingServiceBrowserTest()
+      : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {}
+
+  void SetUpOnMainThread() override {
+    DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
+    SetUpInterceptor();
+
+    https_server_.SetSSLConfig(net::EmbeddedTestServer::CERT_MISMATCHED_NAME);
+    https_server_.ServeFilesFromSourceDirectory("chrome/test/data");
+    ASSERT_TRUE(https_server_.Start());
+
+    InProcessBrowserTest::SetUpOnMainThread();
+  }
+
+  void TearDownOnMainThread() override {
+    content::BrowserThread::PostTask(content::BrowserThread::IO, FROM_HERE,
+                                     base::Bind(&CleanUpOnIOThread));
+  }
+
+  void SetUpCommandLine(base::CommandLine* command_line) override {
+    command_line->AppendSwitchASCII(
+        switches::kForceFieldTrials,
+        "ReportCertificateErrors/ShowAndPossiblySend/");
+    // Setting the sending threshold to 1.0 ensures reporting is enabled.
+    command_line->AppendSwitchASCII(
+        variations::switches::kForceFieldTrialParams,
+        "ReportCertificateErrors.ShowAndPossiblySend:sendingThreshold/1.0");
+  }
+
+ protected:
+  CertificateReportingService* reporting_service() const {
+    return CertificateReportingServiceFactory::GetForBrowserContext(
+        browser()->profile());
+  }
+
+  // Navigates to an interstitial page and away from it to trigger a report and
+  // checks expected events
+  void SendReport(ObservedReportEvent expected_observed_event,
+                  const std::set<int>& expected_successful_report_ids,
+                  const std::set<int>& expected_failed_report_ids) {
+    // Navigate to a page with SSL error.
+    TabStripModel* tab_strip_model = browser()->tab_strip_model();
+    content::WebContents* contents = tab_strip_model->GetActiveWebContents();
+    const GURL kCertErrorURL = https_server_.GetURL("/");
+    ui_test_utils::NavigateToURL(browser(), kCertErrorURL);
+    content::WaitForInterstitialAttach(contents);
+
+    // Navigate away from the interstitial to trigger report upload and observe
+    // events: 1 event for send completion or cancellation, the rest for
+    // observed reports after send completion.
+    certificate_reporting_test_utils::ReportEventObserver* report_observer =
+        NewEventObserver(1u + expected_successful_report_ids.size() +
+                         expected_failed_report_ids.size());
+    ui_test_utils::NavigateToURL(browser(), GURL("about:blank"));
+    content::WaitForInterstitialDetach(contents);
+    report_observer->WaitForEvents();
+
+    EXPECT_NE(EXPECT_SERVICE_RESET, expected_observed_event);
+    CheckExpectedResults(*report_observer, expected_observed_event,
+                         expected_successful_report_ids,
+                         expected_failed_report_ids);
+  }
+
+  // Sends pending reports and checks expected events.
+  void SendPendingReports(ObservedReportEvent expected_observed_event,
+                          const std::set<int>& expected_successful_report_ids,
+                          const std::set<int>& expected_failed_report_ids) {
+    // Observe events: 1 event for send completion or cancellation,
+    // the rest for observed reports after send completion.
+    certificate_reporting_test_utils::ReportEventObserver* report_observer =
+        NewEventObserver(1u + expected_successful_report_ids.size() +
+                         expected_failed_report_ids.size());
+    reporting_service()->SendPending();
+    report_observer->WaitForEvents();
+
+    EXPECT_NE(EXPECT_SERVICE_RESET, expected_observed_event);
+    CheckExpectedResults(*report_observer, expected_observed_event,
+                         expected_successful_report_ids,
+                         expected_failed_report_ids);
+  }
+
+  // Resumes delayed requests and checks expected events.
+  void ResumeDelayedRequests(
+      size_t num_expected_events,
+      const std::set<int>& expected_successful_report_ids,
+      const std::set<int>& expected_failed_report_ids) {
+    certificate_reporting_test_utils::ReportEventObserver* report_observer =
+        NewEventObserver(num_expected_events);
+    ResumeDelayedRequest();
+    report_observer->WaitForEvents();
+
+    CheckExpectedResults(*report_observer, EXPECT_NONE,
+                         expected_successful_report_ids,
+                         expected_failed_report_ids);
+  }
+
+  // Changes opt-in status and waits for the cert reporting service to reset.
+  // Can only be used after the service is initialized. When changing the
+  // value at the beginning of a test,
+  // certificate_reporting_test_utils::SetCertReportingOptIn should be used
+  // instead since the service is only created upon first SSL error.
+  void ChangeOptInAndWaitForServiceReset(
+      certificate_reporting_test_utils::OptIn opt_in) {
+    certificate_reporting_test_utils::ReportEventObserver* report_observer =
+        NewEventObserver(1);
+    certificate_reporting_test_utils::SetCertReportingOptIn(browser(), opt_in);
+    report_observer->WaitForEvents();
+
+    CheckExpectedResults(*report_observer, EXPECT_SERVICE_RESET,
+                         std::set<int>(), std::set<int>());
+  }
+
+  // Same as ChangeOptInAndWaitForServiceReset, but enables/disables
+  // SafeBrowsing instead.
+  void ToggleSafeBrowsingAndWaitForServiceReset(bool safebrowsing_enabled) {
+    certificate_reporting_test_utils::ReportEventObserver* report_observer =
+        new certificate_reporting_test_utils::ReportEventObserver(1);
+    reporting_service()->SetEventObserverForTesting(
+        std::unique_ptr<CertificateReportingService::EventObserver>(
+            report_observer));
+    browser()->profile()->GetPrefs()->SetBoolean(prefs::kSafeBrowsingEnabled,
+                                                 safebrowsing_enabled);
+    report_observer->WaitForEvents();
+
+    CheckExpectedResults(*report_observer, EXPECT_SERVICE_RESET,
+                         std::set<int>(), std::set<int>());
+  }
+
+ private:
+  // Creates and sets a new event observer for the reporting service and
+  // returns it.
+  certificate_reporting_test_utils::ReportEventObserver* NewEventObserver(
+      int num_events_to_wait_for) {
+    certificate_reporting_test_utils::ReportEventObserver* observer =
+        new certificate_reporting_test_utils::ReportEventObserver(
+            num_events_to_wait_for);
+    reporting_service()->SetEventObserverForTesting(
+        std::unique_ptr<CertificateReportingService::EventObserver>(observer));
+    return observer;
+  }
+
+  net::EmbeddedTestServer https_server_;
+
+  DISALLOW_COPY_AND_ASSIGN(CertificateReportingServiceBrowserTest);
+};
+
+// Tests that report send attempt should be cancelled when extended
+// reporting is not opted in.
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       NotOptedIn_ShouldNotSendReports) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(),
+      certificate_reporting_test_utils::EXTENDED_REPORTING_DO_NOT_OPT_IN);
+  // Will wait for a single "attempt cancelled" event. No reports will be sent.
+  SendReport(EXPECT_SEND_ATTEMPT_CANCELLED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+}
+
+// Tests that report send attempts are not cancelled when extended reporting is
+// opted in. Goes to an interstitial page and navigates away to force a report
+// send event.
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       OptedIn_ShouldSendSuccessfulReport) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+
+  // Let reports uploads successfully complete.
+  SetFailureMode(certificate_reporting_test_utils::ReportSendingResult::
+                     REPORTS_SUCCESSFUL);
+
+  // Send a report. Reporting is opted in, so the report sending attempt
+  // should not be cancelled and a report with id = 0 will be successfully sent.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>{0} /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+}
+
+// Tests that report send attempts are not cancelled when extended reporting is
+// opted in. Goes to an interstitial page and navigate away to force a report
+// send event. Repeats this three times and checks expected number of reports.
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       OptedIn_ShouldQueueFailedReport) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_FAIL);
+
+  // Send a report. A report with id = 0 should be sent but sending fails.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{0} /* expected_failed_report_ids */);
+
+  // Another report with id = 1 should be sent but sending fails.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{1} /* expected_failed_report_ids */);
+
+  // Let all report uploads complete successfully now.
+  SetFailureMode(certificate_reporting_test_utils::ReportSendingResult::
+                     REPORTS_SUCCESSFUL);
+
+  // Third time's the charm. Send another report. This time the report with
+  // id = 2 should be successfully sent.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>{2} /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+
+  // Send all pending reports. Sending pending reports counts as a single
+  // completed attempt. Two previously failed reports with ids 0 and 1 should
+  // have been queued, and now be sent successfully.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_COMPLETED,
+                     std::set<int>{0, 1} /* expected_successful_report_ids */,
+                     std::set<int>() /* expected_failed_report_ids */);
+
+  // Try sending pending reports again. Since there is no pending report,
+  // nothing should be sent this time.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_COMPLETED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>() /* expected_failed_report_ids */);
+}
+
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       OptedIn_ThenOptedOut) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_FAIL);
+
+  // Send a report. A report with id = 0 should be sent but sending fails.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{0} /* expected_failed_report_ids */);
+
+  // Disable reporting. This should reset the reporting service and
+  // clear all pending reports. Also clear reports observed by the url request
+  // interceptor.
+  ChangeOptInAndWaitForServiceReset(
+      certificate_reporting_test_utils::EXTENDED_REPORTING_DO_NOT_OPT_IN);
+
+  // Send pending reports. A send pending event counts as a single attempt
+  // and it should be cancelled. No reports should be observed.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_CANCELLED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>() /* expected_failed_report_ids */);
+}
+
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       OptedOut_ThenOptedIn_ThenOptedOut) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(),
+      certificate_reporting_test_utils::EXTENDED_REPORTING_DO_NOT_OPT_IN);
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_FAIL);
+
+  // Send attempt should be cancelled since reporting is opted out.
+  SendReport(EXPECT_SEND_ATTEMPT_CANCELLED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+
+  // Enable reporting.
+  ChangeOptInAndWaitForServiceReset(
+      certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+
+  // A failed report should be observed.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{0} /* expected_failed_report_ids */);
+
+  // Disable reporting. This should reset the reporting service and
+  // clear all pending reports.
+  ChangeOptInAndWaitForServiceReset(
+      certificate_reporting_test_utils::EXTENDED_REPORTING_DO_NOT_OPT_IN);
+
+  // The attempt should be cancelled since reporting is opted out.
+  SendReport(EXPECT_SEND_ATTEMPT_CANCELLED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+
+  // Send pending reports. Nothing should be sent since there aren't any
+  // pending reports.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_CANCELLED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>() /* expected_failed_report_ids */);
+}
+
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       DisableSafebrowsing) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_FAIL);
+
+  // Send a report. A report with id = 0 should be sent but sending fails.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{0} /* expected_failed_report_ids */);
+
+  // Disable SafeBrowsing. This should reset the reporting service and
+  // clear all pending reports. Also clear reports observed by the url request
+  // interceptor.
+  ToggleSafeBrowsingAndWaitForServiceReset(false);
+
+  // Send pending reports. A send pending event counts as a single attempt
+  // and it should be cancelled. No reports should be observed.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_CANCELLED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>() /* expected_failed_report_ids */);
+
+  // Re-enable SafeBrowsing and trigger a report.
+  ToggleSafeBrowsingAndWaitForServiceReset(true);
+
+  // Navigate to and away from an interstitial to make sure a report send
+  // attempt is made. A report with id = 0 should be sent but sending fails.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{0} /* expected_failed_report_ids */);
+
+  // Reports should now be successfully sent.
+  SetFailureMode(certificate_reporting_test_utils::ReportSendingResult::
+                     REPORTS_SUCCESSFUL);
+  SendPendingReports(EXPECT_SEND_ATTEMPT_COMPLETED,
+                     std::set<int>{0} /* expected_successful_report_ids */,
+                     std::set<int>() /* expected_failed_report_ids */);
+}
+
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       DontSendOldReports) {
+  base::SimpleTestClock* clock = new base::SimpleTestClock();
+  base::Time reference_time = base::Time::Now();
+  clock->SetNow(reference_time);
+  reporting_service()->SetClockForTesting(clock);
+  // The service should ignore reports older than 24 hours.
+  reporting_service()->SetMaxReportAgeForTesting(
+      base::TimeDelta::FromHours(24));
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_FAIL);
+
+  // Send a report.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{0} /* expected_failed_report_ids */);
+
+  // Advance the clock a bit and trigger another report.
+  // A report with id = 0 should be sent but sending fails.
+  clock->Advance(base::TimeDelta::FromHours(5));
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{1} /* expected_failed_report_ids */);
+
+  // Advance the clock to 20 hours, putting it 25 hours ahead of the reference
+  // time. This makes the first report with id = 0 older than max age (24
+  // hours). The second report is now 20 hours.
+  clock->Advance(base::TimeDelta::FromHours(20));
+  // Send pending reports. First report (id = 0) should be discarded since
+  // it's too old. Second report (id = 1) should be queued again.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_COMPLETED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>{1} /* expected_failed_report_ids */);
+
+  // Trigger another failed report.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{2} /* expected_failed_report_ids */);
+
+  // Advance the clock 5 hours. The report with id = 1 will now be 25 hours old.
+  clock->Advance(base::TimeDelta::FromHours(5));
+  // Send pending reports. Report with id = 1 should be discarded since
+  // it's too old. Report with id = 2 should be queued again.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_COMPLETED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>{2} /* expected_failed_report_ids */);
+
+  // Advance the clock 20 hours again so that the report with id = 2 is 25
+  // hours old and is older than max age (24 hours)
+  clock->Advance(base::TimeDelta::FromHours(20));
+  // Send pending reports. Report with id = 2 should be discarded since
+  // it's too old. No other reports remain.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_COMPLETED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>() /* expected_failed_report_ids */);
+}
+
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       DiscardOldReports) {
+  base::SimpleTestClock* clock = new base::SimpleTestClock();
+  base::Time reference_time = base::Time::Now();
+  clock->SetNow(reference_time);
+  reporting_service()->SetClockForTesting(clock);
+
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+  // The service should queue a maximum of 3 reports and ignore reports older
+  // than 24 hours.
+  reporting_service()->SetMaxQueuedReportCountForTesting(3);
+  reporting_service()->SetMaxReportAgeForTesting(
+      base::TimeDelta::FromHours(24));
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_FAIL);
+
+  // Trigger a failed report.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>{0} /* expected_failed_report_ids */);
+
+  // Trigger three more reports within two hours of each other. After this:
+  // Report with id = 0 is 0 hours after reference time.
+  // Report with id = 1 is 5 hours after reference time.
+  // Report with id = 2 is 10 hours after reference time.
+  // Report with id = 3 is 15 hours after reference time.
+  for (size_t report_id = 1; report_id <= 3; report_id++) {
+    clock->Advance(base::TimeDelta::FromHours(5));
+    SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+               std::set<int>(), /* expected_successful_report_ids */
+               std::set<int>{report_id} /* expected_failed_report_ids */);
+  }
+
+  // Send pending reports. Four reports were generated above, but the service
+  // only queues three reports, so the very first one should be dropped since
+  // it's the oldest.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_COMPLETED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>{1, 2, 3} /* expected_failed_report_ids */);
+
+  // Let all reports succeed.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_FAIL);
+
+  // Advance clock to 15 hours. The current time is now 30 hours after
+  // reference time. The ages of reports are now as follows:
+  // Report with id = 1 is 25 hours old.
+  // Report with id = 2 is 20 hours old.
+  // Report with id = 3 is 15 hours old.
+  clock->Advance(base::TimeDelta::FromHours(15));
+  // Send pending reports. Only reports 2 and 3 should be sent, report 1
+  // should be ignored because it's too old.
+  SendPendingReports(EXPECT_SEND_ATTEMPT_COMPLETED,
+                     std::set<int>() /* expected_successful_report_ids */,
+                     std::set<int>{2, 3} /* expected_failed_report_ids */);
+}
+
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       Delayed_NotResumed_ShouldNotCrash) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_DELAY);
+
+  // Navigate to and away from an interstitial to trigger a report. The report
+  // is triggered but hangs, so no error or success callbacks should be called.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+}
+
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest,
+                       Delayed_Resumed) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_DELAY);
+
+  // Navigate to and away from an interstitial to trigger a report. The
+  // report is triggered but hangs, so no error or success callbacks should be
+  // called.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+
+  // Resume the report upload and run the callbacks. The report should be
+  // successfully sent.
+  ResumeDelayedRequests(1 /* num_expected_events */,
+                        std::set<int>{0} /* expected_successful_report_ids */,
+                        std::set<int>() /* expected_failed_report_ids */);
+}
+
+IN_PROC_BROWSER_TEST_F(CertificateReportingServiceBrowserTest, Delayed_Reset) {
+  certificate_reporting_test_utils::SetCertReportingOptIn(
+      browser(), certificate_reporting_test_utils::EXTENDED_REPORTING_OPT_IN);
+  // Let all reports fail.
+  SetFailureMode(
+      certificate_reporting_test_utils::ReportSendingResult::REPORTS_DELAY);
+
+  // Navigate to and away from an interstitial to trigger a report. The
+  // report
+  // is triggered but hangs, so no error or success callbacks should be
+  // called.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+
+  // Disable SafeBrowsing. This should reset the reporting service and
+  // clear all pending reports.
+  ToggleSafeBrowsingAndWaitForServiceReset(false);
+
+  // Resume delayed report. No response should be observed since the service
+  // should have reset and all pending reports should be cleared.
+  ResumeDelayedRequests(0u /* num_expected_events */,
+                        std::set<int>() /* expected_successful_report_ids */,
+                        std::set<int>() /* expected_failed_report_ids */);
+
+  ToggleSafeBrowsingAndWaitForServiceReset(true);
+
+  // Navigate to and away from an interstitial to trigger a report. The report
+  // is triggered but hangs, so no error or success callbacks should be called.
+  SendReport(EXPECT_SEND_ATTEMPT_COMPLETED,
+             std::set<int>() /* expected_successful_report_ids */,
+             std::set<int>() /* expected_failed_report_ids */);
+
+  // Resume delayed report. The report should be observed.
+  ResumeDelayedRequests(1u /* num_expected_events */,
+                        std::set<int>{0} /* expected_successful_report_ids */,
+                        std::set<int>() /* expected_failed_report_ids */);
+}
+
+}  // namespace safe_browsing