chrome/browser/prefs/tracked/pref_hash_browsertest.cc - Issue 2521823007: Added browser test for TemplateUrlService protected prefs

Side by Side Diff: chrome/browser/prefs/tracked/pref_hash_browsertest.cc

Issue 2521823007: Added browser test for TemplateUrlService protected prefs (Closed)

Patch Set: Added test that checks protection of default search preferences Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <memory>	5 #include <memory>

6 #include <string>	6 #include <string>

7	7

8 #include "base/base_switches.h"	8 #include "base/base_switches.h"

9 #include "base/command_line.h"	9 #include "base/command_line.h"

10 #include "base/files/file_path.h"	10 #include "base/files/file_path.h"

11 #include "base/files/file_util.h"	11 #include "base/files/file_util.h"

12 #include "base/json/json_file_value_serializer.h"	12 #include "base/json/json_file_value_serializer.h"

	13 #include "base/json/json_reader.h"

13 #include "base/metrics/histogram_base.h"	14 #include "base/metrics/histogram_base.h"

14 #include "base/metrics/histogram_samples.h"	15 #include "base/metrics/histogram_samples.h"

15 #include "base/metrics/statistics_recorder.h"	16 #include "base/metrics/statistics_recorder.h"

16 #include "base/path_service.h"	17 #include "base/path_service.h"

17 #include "base/strings/string_number_conversions.h"	18 #include "base/strings/string_number_conversions.h"

18 #include "base/strings/string_util.h"	19 #include "base/strings/string_util.h"

	20 #include "base/strings/utf_string_conversions.h"

19 #include "base/values.h"	21 #include "base/values.h"

20 #include "build/build_config.h"	22 #include "build/build_config.h"

21 #include "chrome/browser/extensions/extension_browsertest.h"	23 #include "chrome/browser/extensions/extension_browsertest.h"

22 #include "chrome/browser/extensions/extension_service.h"	24 #include "chrome/browser/extensions/extension_service.h"

23 #include "chrome/browser/prefs/chrome_pref_service_factory.h"	25 #include "chrome/browser/prefs/chrome_pref_service_factory.h"

24 #include "chrome/browser/prefs/profile_pref_store_manager.h"	26 #include "chrome/browser/prefs/profile_pref_store_manager.h"

25 #include "chrome/browser/prefs/session_startup_pref.h"	27 #include "chrome/browser/prefs/session_startup_pref.h"

26 #include "chrome/browser/profiles/profile.h"	28 #include "chrome/browser/profiles/profile.h"

27 #include "chrome/browser/ui/browser.h"	29 #include "chrome/browser/ui/browser.h"

28 #include "chrome/common/chrome_constants.h"	30 #include "chrome/common/chrome_constants.h"

29 #include "chrome/common/chrome_paths.h"	31 #include "chrome/common/chrome_paths.h"

30 #include "chrome/common/pref_names.h"	32 #include "chrome/common/pref_names.h"

31 #include "chrome/test/base/testing_profile.h"	33 #include "chrome/test/base/testing_profile.h"

32 #include "components/search_engines/default_search_manager.h"	34 #include "components/search_engines/default_search_manager.h"

	35 #include "components/search_engines/template_url_data.h"

33 #include "components/user_prefs/tracked/tracked_preference_histogram_names.h"	36 #include "components/user_prefs/tracked/tracked_preference_histogram_names.h"

34 #include "extensions/browser/pref_names.h"	37 #include "extensions/browser/pref_names.h"

35 #include "extensions/common/extension.h"	38 #include "extensions/common/extension.h"

36	39

37 #if defined(OS_CHROMEOS)	40 #if defined(OS_CHROMEOS)

38 #include "chromeos/chromeos_switches.h"	41 #include "chromeos/chromeos_switches.h"

39 #endif	42 #endif

40	43

41 #if defined(OS_WIN)	44 #if defined(OS_WIN)

42 #include "base/test/test_reg_util_win.h"	45 #include "base/test/test_reg_util_win.h"

(...skipping 1121 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1164 user_prefs::tracked::kTrackedPrefHistogramChanged,	1167 user_prefs::tracked::kTrackedPrefHistogramChanged,

1165 user_prefs::tracked::kTrackedPrefRegistryValidationSuffix,	1168 user_prefs::tracked::kTrackedPrefRegistryValidationSuffix,

1166 BEGIN_ALLOW_SINGLE_BUCKET + 2));	1169 BEGIN_ALLOW_SINGLE_BUCKET + 2));

1167 }	1170 }

1168 }	1171 }

1169 };	1172 };

1170	1173

1171 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestRegistryValidationFailure,	1174 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestRegistryValidationFailure,

1172 RegistryValidationFailure);	1175 RegistryValidationFailure);

1173 #endif	1176 #endif

	1177

	1178 static constexpr char default_search_provider_data[] =
	gab 2016/12/07 16:18:44 No need for "static" keyword at file-scope No need for "static" keyword at file-scope Peter Kasting 2016/12/07 18:40:18 Better yet, make these function-scope, since they' Show quoted text On 2016/12/07 16:18:44, gab wrote: > No need for "static" keyword at file-scope Better yet, make these function-scope, since they're only used within a single function. Alexander Yashkin 2016/12/08 04:53:57 Done Show quoted text On 2016/12/07 at 18:40:18, Peter Kasting wrote: > On 2016/12/07 16:18:44, gab wrote: > > No need for "static" keyword at file-scope > > Better yet, make these function-scope, since they're only used within a single function. Done
	1179 R"({
	Peter Kasting 2016/12/07 18:40:18 Nit: I suggest formatting these like: static cons Nit: I suggest formatting these like: static constexpr char default_search_provider_data[] = R"( { "default_search_provider_data" : { "template_url_data" : { "keyword" : "unknown", ... } } })"; ... "search_provider_overrides" : [ { "keyword" : "unknown" ... }, { ... } ] ... * Starting at the beginning of the line helps to reduce excessive indenting and thus >80-column lines * Placing the opening brace at the end of the previous line matches how you do list formatting for search_provider_overrides and in general shortens things without harming readability; this also fixes an erroneous one-space brace indentation * Modified indenting/wrapping of list items eliminates successive symbols at the same indentation level (which is error-prone) Peter Kasting 2016/12/07 18:41:34 (Note, read the above comment on the review tool, Show quoted text On 2016/12/07 18:40:18, Peter Kasting wrote: > Nit: I suggest formatting these like: (Note, read the above comment on the review tool, as email will strip the leading whitespace) Alexander Yashkin 2016/12/08 04:53:57 Tried to follow your guide, yet not sure if I succ Tried to follow your guide, yet not sure if I succeed. :) Maybe add it to chromium C++ code style? I saw a lot of embedded json in chromium test code.
	1180 "default_search_provider_data" :

	1181 {

	1182 "template_url_data" :

	1183 {

	1184 "keyword" : "malwarekeyword",
	gab 2016/12/07 16:18:44 Let's not use "malware" in our codebase, "bad" or Let's not use "malware" in our codebase, "bad" or "unknown" will work just as well. Alexander Yashkin 2016/12/08 04:53:57 replaced with "bad" Show quoted text On 2016/12/07 at 16:18:44, gab wrote: > Let's not use "malware" in our codebase, "bad" or "unknown" will work just as well. replaced with "bad"
	1185 "short_name" : "malwarename",

	1186 "url" : "http://malware_default_engine/search?q=dirty_user_query"

	1187 }

	1188 }

	1189 })";

	1190 static constexpr char search_provider_overrides[] =

	1191 R"({

	1192 "search_provider_overrides" : [

	1193 {

	1194 "keyword" : "malwarekeyword",

	1195 "name" : "malwarename",

	1196 "search_url" : "http://malware_default_engine/search?q=dirty_user_qu ery",

	1197 "encoding" : "utf-8",

	1198 "id" : 1

	1199 },

	1200 {

	1201 "keyword" : "malwarekeyword2",

	1202 "name" : "malwarename2",

	1203 "search_url" : "http://malware_default_engine2/search?q=dirty_user_q uery",

	1204 "encoding" : "utf-8",

	1205 "id" : 2

	1206 }

	1207 ]

	1208 })";

	1209 static constexpr char default_search_provider[] =

	1210 R"({

	1211 "default_search_provider" :

	1212 {

	1213 "keyword" : "malwarekeyword",

	1214 "name" : "malwarename",

	1215 "search_url" : "http://malware_default_engine/search?q=dirty_user_qu ery"

	1216 }

	1217 })";

	1218

	1219 // Verifies that all preferences related to choice of default search engine are

	1220 // protected.

	1221 class TestDefaultSearchProtected : public PrefHashBrowserTestBase {
	gab 2016/12/07 16:18:44 All other fixtures in this file are prefixed with All other fixtures in this file are prefixed with PrefHashBrowserTest, let's do this for this one too (allows --gtest_filter=PrefHashBrowserTest) Alexander Yashkin 2016/12/08 04:53:57 Done Show quoted text On 2016/12/07 at 16:18:44, gab wrote: > All other fixtures in this file are prefixed with PrefHashBrowserTest, let's do this for this one too (allows --gtest_filter=PrefHashBrowserTest) Done
	1222 public:

	1223 void SetupPreferences() override {

	1224 // Set user selected default search engine.

	1225 DefaultSearchManager default_search_manager(

	1226 profile()->GetPrefs(), DefaultSearchManager::ObserverCallback());

	1227 DefaultSearchManager::Source dse_source =

	1228 static_cast<DefaultSearchManager::Source>(-1);

	1229

	1230 TemplateURLData user_dse;

	1231 user_dse.SetKeyword(base::UTF8ToUTF16("userkeyword"));

	1232 user_dse.SetShortName(base::UTF8ToUTF16("username"));

	1233 user_dse.SetURL("http://user_default_engine/search?q=good_user_query");

	1234 default_search_manager.SetUserSelectedDefaultSearchEngine(user_dse);

	1235

	1236 const TemplateURLData* current_dse =

	1237 default_search_manager.GetDefaultSearchEngine(&dse_source);

	1238 EXPECT_EQ(DefaultSearchManager::FROM_USER, dse_source);

	1239 EXPECT_EQ(current_dse->keyword(), base::UTF8ToUTF16("userkeyword"));

	1240 EXPECT_EQ(current_dse->short_name(), base::UTF8ToUTF16("username"));

	1241 EXPECT_EQ(current_dse->url(),

	1242 "http://user_default_engine/search?q=good_user_query");

	1243 }

	1244

	1245 void AttackPreferencesOnDisk(

	1246 base::DictionaryValue* unprotected_preferences,

	1247 base::DictionaryValue* protected_preferences) override {

	1248 // Try to override default search in all three of available preferences.

	1249 auto attack1 = base::DictionaryValue::From(

	1250 base::JSONReader::Read(default_search_provider_data));

	1251 auto attack2 = base::DictionaryValue::From(

	1252 base::JSONReader::Read(search_provider_overrides));

	1253 auto attack3 = base::DictionaryValue::From(

	1254 base::JSONReader::Read(default_search_provider));

	1255 unprotected_preferences->MergeDictionary(attack1.get());

	1256 unprotected_preferences->MergeDictionary(attack2.get());

	1257 unprotected_preferences->MergeDictionary(attack3.get());

	1258 if (protected_preferences) {

	1259 // Override here, too.

	1260 protected_preferences->MergeDictionary(attack1.get());

	1261 protected_preferences->MergeDictionary(attack2.get());

	1262 protected_preferences->MergeDictionary(attack3.get());

	1263 }

	1264 }

	1265

	1266 void VerifyReactionToPrefAttack() override {

	1267 // Check that no malware written engine is active.

	1268 DefaultSearchManager default_search_manager(

	1269 profile()->GetPrefs(), DefaultSearchManager::ObserverCallback());

	1270 DefaultSearchManager::Source dse_source =

	1271 static_cast<DefaultSearchManager::Source>(-1);

	1272

	1273 const TemplateURLData* current_dse =

	1274 default_search_manager.GetDefaultSearchEngine(&dse_source);

	1275

	1276 if (protection_level_ < PROTECTION_ENABLED_DSE) {

	1277 // Attack is successfull.
	Peter Kasting 2016/12/07 18:40:18 Nit: Only one l Nit: Only one l Alexander Yashkin 2016/12/08 04:53:57 Successfully corrected :) Show quoted text On 2016/12/07 at 18:40:18, Peter Kasting wrote: > Nit: Only one l Successfully corrected :)
	1278 EXPECT_EQ(DefaultSearchManager::FROM_USER, dse_source);

	1279 EXPECT_EQ(current_dse->keyword(), base::UTF8ToUTF16("malwarekeyword"));

	1280 EXPECT_EQ(current_dse->short_name(), base::UTF8ToUTF16("malwarename"));

	1281 EXPECT_EQ(current_dse->url(),

	1282 "http://malware_default_engine/search?q=dirty_user_query");

	1283 } else {

	1284 // Attack fails.

	1285 EXPECT_EQ(DefaultSearchManager::FROM_FALLBACK, dse_source);

	1286 EXPECT_NE(current_dse->keyword(), base::UTF8ToUTF16("malwarekeyword"));

	1287 EXPECT_NE(current_dse->short_name(), base::UTF8ToUTF16("malwarename"));

	1288 EXPECT_NE(current_dse->url(),

	1289 "http://malware_default_engine/search?q=dirty_user_query");

	1290 }

	1291 }

	1292 };

	1293

	1294 PREF_HASH_BROWSER_TEST(TestDefaultSearchProtected, DefaultSearch);

OLD	NEW

« no previous file with comments | « no previous file | no next file » | no next file with comments »