OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/permissions/permission_decision_auto_blocker.h" | 5 #include "chrome/browser/permissions/permission_decision_auto_blocker.h" |
6 | 6 |
7 #include <map> | 7 #include <map> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
| 11 #include "base/test/histogram_tester.h" |
11 #include "base/test/scoped_feature_list.h" | 12 #include "base/test/scoped_feature_list.h" |
12 #include "base/test/simple_test_clock.h" | 13 #include "base/test/simple_test_clock.h" |
13 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 14 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
| 15 #include "chrome/browser/permissions/permission_uma_util.h" |
14 #include "chrome/browser/permissions/permission_util.h" | 16 #include "chrome/browser/permissions/permission_util.h" |
15 #include "chrome/common/chrome_features.h" | 17 #include "chrome/common/chrome_features.h" |
16 #include "chrome/test/base/chrome_render_view_host_test_harness.h" | 18 #include "chrome/test/base/chrome_render_view_host_test_harness.h" |
17 #include "chrome/test/base/testing_profile.h" | 19 #include "chrome/test/base/testing_profile.h" |
18 #include "components/content_settings/core/browser/host_content_settings_map.h" | 20 #include "components/content_settings/core/browser/host_content_settings_map.h" |
19 #include "components/safe_browsing_db/test_database_manager.h" | 21 #include "components/safe_browsing_db/test_database_manager.h" |
20 #include "content/public/browser/permission_type.h" | 22 #include "content/public/browser/permission_type.h" |
21 | 23 |
22 namespace { | 24 namespace { |
23 | 25 |
(...skipping 234 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
258 url2, content::PermissionType::GEOLOCATION)); | 260 url2, content::PermissionType::GEOLOCATION)); |
259 EXPECT_EQ(0, autoblocker()->GetIgnoreCount( | 261 EXPECT_EQ(0, autoblocker()->GetIgnoreCount( |
260 url2, content::PermissionType::DURABLE_STORAGE)); | 262 url2, content::PermissionType::DURABLE_STORAGE)); |
261 EXPECT_EQ(0, autoblocker()->GetIgnoreCount( | 263 EXPECT_EQ(0, autoblocker()->GetIgnoreCount( |
262 url2, content::PermissionType::MIDI_SYSEX)); | 264 url2, content::PermissionType::MIDI_SYSEX)); |
263 } | 265 } |
264 | 266 |
265 // Test that an origin that has been blacklisted for a permission is embargoed. | 267 // Test that an origin that has been blacklisted for a permission is embargoed. |
266 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestUpdateEmbargoBlacklist) { | 268 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestUpdateEmbargoBlacklist) { |
267 GURL url("https://www.google.com"); | 269 GURL url("https://www.google.com"); |
| 270 base::HistogramTester histograms; |
268 | 271 |
269 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = | 272 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = |
270 new MockSafeBrowsingDatabaseManager(true /* perform_callback */, | 273 new MockSafeBrowsingDatabaseManager(true /* perform_callback */, |
271 true /* enabled */); | 274 true /* enabled */); |
272 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; | 275 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; |
273 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); | 276 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); |
274 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, | 277 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
275 2000 /* timeout in ms */); | 278 2000 /* timeout in ms */); |
276 | 279 |
277 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); | 280 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); |
278 EXPECT_TRUE(callback_was_run()); | 281 EXPECT_TRUE(callback_was_run()); |
279 EXPECT_TRUE(last_embargoed_status()); | 282 EXPECT_TRUE(last_embargoed_status()); |
| 283 histograms.ExpectUniqueSample("Permissions.AutoBlocker.SafeBrowsingResponse", |
| 284 SafeBrowsingResponse::BLACKLISTED, 1); |
| 285 histograms.ExpectTotalCount( |
| 286 "Permissions.AutoBlocker.SafeBrowsingResponseTime", 1); |
| 287 } |
| 288 |
| 289 // Test that an origin that is blacklisted for a permission will not be placed |
| 290 // under embargoed for another. |
| 291 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestRequestNotBlacklisted) { |
| 292 GURL url("https://www.google.com"); |
| 293 clock()->SetNow(base::Time::Now()); |
| 294 base::HistogramTester histograms; |
| 295 |
| 296 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = |
| 297 new MockSafeBrowsingDatabaseManager(true /* perform_callback */, |
| 298 true /* enabled */); |
| 299 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; |
| 300 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); |
| 301 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
| 302 0 /* timeout in ms */); |
| 303 |
| 304 UpdateEmbargoedStatus(content::PermissionType::NOTIFICATIONS, url); |
| 305 EXPECT_FALSE(last_embargoed_status()); |
| 306 histograms.ExpectUniqueSample("Permissions.AutoBlocker.SafeBrowsingResponse", |
| 307 SafeBrowsingResponse::NOT_BLACKLISTED, 1); |
| 308 histograms.ExpectTotalCount( |
| 309 "Permissions.AutoBlocker.SafeBrowsingResponseTime", 1); |
280 } | 310 } |
281 | 311 |
282 // Check that IsUnderEmbargo returns the correct value when the embargo is set | 312 // Check that IsUnderEmbargo returns the correct value when the embargo is set |
283 // and expires. | 313 // and expires. |
284 TEST_F(PermissionDecisionAutoBlockerUnitTest, CheckEmbargoStatus) { | 314 TEST_F(PermissionDecisionAutoBlockerUnitTest, CheckEmbargoStatus) { |
285 GURL url("https://www.google.com"); | 315 GURL url("https://www.google.com"); |
286 clock()->SetNow(base::Time::Now()); | 316 clock()->SetNow(base::Time::Now()); |
287 | 317 |
288 PlaceUnderBlacklistEmbargo(content::PermissionType::GEOLOCATION, url); | 318 PlaceUnderBlacklistEmbargo(content::PermissionType::GEOLOCATION, url); |
289 EXPECT_TRUE( | 319 EXPECT_TRUE( |
(...skipping 28 matching lines...) Expand all Loading... |
318 } | 348 } |
319 | 349 |
320 // Tests the alternating pattern of the block on multiple dismiss behaviour. On | 350 // Tests the alternating pattern of the block on multiple dismiss behaviour. On |
321 // N dismissals, the origin to be embargoed for the requested permission and | 351 // N dismissals, the origin to be embargoed for the requested permission and |
322 // automatically blocked. Each time the embargo is lifted, the site gets another | 352 // automatically blocked. Each time the embargo is lifted, the site gets another |
323 // chance to request the permission, but if it is again dismissed it is placed | 353 // chance to request the permission, but if it is again dismissed it is placed |
324 // under embargo again and its permission requests blocked. | 354 // under embargo again and its permission requests blocked. |
325 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestDismissEmbargoBackoff) { | 355 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestDismissEmbargoBackoff) { |
326 GURL url("https://www.google.com"); | 356 GURL url("https://www.google.com"); |
327 clock()->SetNow(base::Time::Now()); | 357 clock()->SetNow(base::Time::Now()); |
| 358 base::HistogramTester histograms; |
328 | 359 |
329 // Record some dismisses. | 360 // Record some dismisses. |
330 EXPECT_FALSE(autoblocker()->RecordDismissAndEmbargo( | 361 EXPECT_FALSE(autoblocker()->RecordDismissAndEmbargo( |
331 url, content::PermissionType::GEOLOCATION)); | 362 url, content::PermissionType::GEOLOCATION)); |
332 EXPECT_FALSE(autoblocker()->RecordDismissAndEmbargo( | 363 EXPECT_FALSE(autoblocker()->RecordDismissAndEmbargo( |
333 url, content::PermissionType::GEOLOCATION)); | 364 url, content::PermissionType::GEOLOCATION)); |
334 | 365 |
335 // A request with < 3 prior dismisses should not be automatically blocked. | 366 // A request with < 3 prior dismisses should not be automatically blocked. |
336 EXPECT_FALSE( | 367 EXPECT_FALSE( |
337 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 368 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
338 | 369 |
339 // After the 3rd dismiss subsequent permission requests should be autoblocked. | 370 // After the 3rd dismiss subsequent permission requests should be autoblocked. |
340 EXPECT_TRUE(autoblocker()->RecordDismissAndEmbargo( | 371 EXPECT_TRUE(autoblocker()->RecordDismissAndEmbargo( |
341 url, content::PermissionType::GEOLOCATION)); | 372 url, content::PermissionType::GEOLOCATION)); |
342 EXPECT_TRUE( | 373 EXPECT_TRUE( |
343 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 374 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
344 | 375 |
| 376 histograms.ExpectTotalCount("Permissions.AutoBlocker.SafeBrowsingResponse", |
| 377 0); |
| 378 histograms.ExpectTotalCount( |
| 379 "Permissions.AutoBlocker.SafeBrowsingResponseTime", 0); |
345 // Accelerate time forward, check that the embargo status is lifted and the | 380 // Accelerate time forward, check that the embargo status is lifted and the |
346 // request won't be automatically blocked. | 381 // request won't be automatically blocked. |
347 clock()->Advance(base::TimeDelta::FromDays(8)); | 382 clock()->Advance(base::TimeDelta::FromDays(8)); |
348 EXPECT_FALSE( | 383 EXPECT_FALSE( |
349 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 384 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
350 | 385 |
351 // Record another dismiss, subsequent requests should be autoblocked again. | 386 // Record another dismiss, subsequent requests should be autoblocked again. |
352 EXPECT_TRUE(autoblocker()->RecordDismissAndEmbargo( | 387 EXPECT_TRUE(autoblocker()->RecordDismissAndEmbargo( |
353 url, content::PermissionType::GEOLOCATION)); | 388 url, content::PermissionType::GEOLOCATION)); |
354 EXPECT_TRUE( | 389 EXPECT_TRUE( |
355 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 390 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
356 | 391 |
357 // Accelerate time again, check embargo is lifted and another permission | 392 // Accelerate time again, check embargo is lifted and another permission |
358 // request is let through. | 393 // request is let through. |
359 clock()->Advance(base::TimeDelta::FromDays(8)); | 394 clock()->Advance(base::TimeDelta::FromDays(8)); |
360 EXPECT_FALSE( | 395 EXPECT_FALSE( |
361 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 396 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| 397 |
| 398 // Record another dismiss, subsequent requests should be autoblocked again. |
| 399 EXPECT_TRUE(autoblocker()->RecordDismissAndEmbargo( |
| 400 url, content::PermissionType::GEOLOCATION)); |
| 401 EXPECT_TRUE( |
| 402 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| 403 histograms.ExpectTotalCount("Permissions.AutoBlocker.SafeBrowsingResponse", |
| 404 0); |
| 405 histograms.ExpectTotalCount( |
| 406 "Permissions.AutoBlocker.SafeBrowsingResponseTime", 0); |
362 } | 407 } |
363 | 408 |
364 // Test the logic for a combination of blacklisting and dismissal embargo. | 409 // Test the logic for a combination of blacklisting and dismissal embargo. |
365 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestExpiredBlacklistEmbargo) { | 410 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestExpiredBlacklistEmbargo) { |
366 GURL url("https://www.google.com"); | 411 GURL url("https://www.google.com"); |
367 clock()->SetNow(base::Time::Now()); | 412 clock()->SetNow(base::Time::Now()); |
368 | 413 |
369 // Place under blacklist embargo and check the status. | 414 // Place under blacklist embargo and check the status. |
370 PlaceUnderBlacklistEmbargo(content::PermissionType::GEOLOCATION, url); | 415 PlaceUnderBlacklistEmbargo(content::PermissionType::GEOLOCATION, url); |
371 clock()->Advance(base::TimeDelta::FromDays(5)); | 416 clock()->Advance(base::TimeDelta::FromDays(5)); |
(...skipping 11 matching lines...) Expand all Loading... |
383 // Accelerate time to a point where the blacklist embargo should be expired | 428 // Accelerate time to a point where the blacklist embargo should be expired |
384 // and check that dismissal embargo is still set. | 429 // and check that dismissal embargo is still set. |
385 clock()->Advance(base::TimeDelta::FromDays(3)); | 430 clock()->Advance(base::TimeDelta::FromDays(3)); |
386 EXPECT_TRUE( | 431 EXPECT_TRUE( |
387 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 432 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
388 } | 433 } |
389 | 434 |
390 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestSafeBrowsingTimeout) { | 435 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestSafeBrowsingTimeout) { |
391 GURL url("https://www.google.com"); | 436 GURL url("https://www.google.com"); |
392 clock()->SetNow(base::Time::Now()); | 437 clock()->SetNow(base::Time::Now()); |
| 438 base::HistogramTester histograms; |
393 | 439 |
394 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = | 440 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = |
395 new MockSafeBrowsingDatabaseManager(false /* perform_callback */, | 441 new MockSafeBrowsingDatabaseManager(false /* perform_callback */, |
396 true /* enabled */); | 442 true /* enabled */); |
397 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; | 443 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; |
398 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); | 444 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); |
399 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, | 445 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
400 0 /* timeout in ms */); | 446 0 /* timeout in ms */); |
401 | 447 |
402 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); | 448 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); |
403 EXPECT_TRUE(callback_was_run()); | 449 EXPECT_TRUE(callback_was_run()); |
404 EXPECT_FALSE(last_embargoed_status()); | 450 EXPECT_FALSE(last_embargoed_status()); |
405 EXPECT_FALSE( | 451 EXPECT_FALSE( |
406 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 452 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| 453 histograms.ExpectUniqueSample("Permissions.AutoBlocker.SafeBrowsingResponse", |
| 454 SafeBrowsingResponse::TIMEOUT, 1); |
| 455 histograms.ExpectTotalCount( |
| 456 "Permissions.AutoBlocker.SafeBrowsingResponseTime", 1); |
407 db_manager->SetPerformCallback(true); | 457 db_manager->SetPerformCallback(true); |
408 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, | 458 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
409 2000 /* timeout in ms */); | 459 2000 /* timeout in ms */); |
410 | 460 |
411 clock()->Advance(base::TimeDelta::FromDays(1)); | 461 clock()->Advance(base::TimeDelta::FromDays(1)); |
412 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); | 462 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); |
413 EXPECT_TRUE(callback_was_run()); | 463 EXPECT_TRUE(callback_was_run()); |
414 EXPECT_TRUE(last_embargoed_status()); | 464 EXPECT_TRUE(last_embargoed_status()); |
415 | 465 histograms.ExpectTotalCount("Permissions.AutoBlocker.SafeBrowsingResponse", |
| 466 2); |
| 467 histograms.ExpectTotalCount( |
| 468 "Permissions.AutoBlocker.SafeBrowsingResponseTime", 2); |
| 469 histograms.ExpectBucketCount("Permissions.AutoBlocker.SafeBrowsingResponse", |
| 470 SafeBrowsingResponse::BLACKLISTED, 1); |
416 clock()->Advance(base::TimeDelta::FromDays(1)); | 471 clock()->Advance(base::TimeDelta::FromDays(1)); |
417 EXPECT_TRUE( | 472 EXPECT_TRUE( |
418 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 473 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
419 } | 474 } |
420 | 475 |
421 // TODO(raymes): See crbug.com/681709. Remove after M60. | 476 // TODO(raymes): See crbug.com/681709. Remove after M60. |
422 TEST_F(PermissionDecisionAutoBlockerUnitTest, | 477 TEST_F(PermissionDecisionAutoBlockerUnitTest, |
423 MigrateNoDecisionCountToPermissionAutoBlockerData) { | 478 MigrateNoDecisionCountToPermissionAutoBlockerData) { |
424 GURL url("https://www.google.com"); | 479 GURL url("https://www.google.com"); |
425 auto* map = HostContentSettingsMapFactory::GetForProfile(profile()); | 480 auto* map = HostContentSettingsMapFactory::GetForProfile(profile()); |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
498 new MockSafeBrowsingDatabaseManager(true /* perform_callback */, | 553 new MockSafeBrowsingDatabaseManager(true /* perform_callback */, |
499 false /* enabled */); | 554 false /* enabled */); |
500 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; | 555 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; |
501 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); | 556 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); |
502 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, | 557 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
503 2000 /* timeout in ms */); | 558 2000 /* timeout in ms */); |
504 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); | 559 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); |
505 EXPECT_TRUE(callback_was_run()); | 560 EXPECT_TRUE(callback_was_run()); |
506 EXPECT_FALSE(last_embargoed_status()); | 561 EXPECT_FALSE(last_embargoed_status()); |
507 } | 562 } |
| 563 |
| 564 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestSafeBrowsingResponse) { |
| 565 GURL url("https://www.google.com"); |
| 566 clock()->SetNow(base::Time::Now()); |
| 567 base::HistogramTester histograms; |
| 568 |
| 569 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = |
| 570 new MockSafeBrowsingDatabaseManager(true /* perform_callback */, |
| 571 true /* enabled */); |
| 572 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; |
| 573 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); |
| 574 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
| 575 0 /* timeout in ms */); |
| 576 |
| 577 UpdateEmbargoedStatus(content::PermissionType::NOTIFICATIONS, url); |
| 578 EXPECT_FALSE(last_embargoed_status()); |
| 579 histograms.ExpectUniqueSample("Permissions.AutoBlocker.SafeBrowsingResponse", |
| 580 SafeBrowsingResponse::NOT_BLACKLISTED, 1); |
| 581 } |
OLD | NEW |