Chromium Code Reviews Chromium Code Reviews
Issue 2678253002:
Add metrics for Safe Browsing blacklist response. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/permissions/permission_decision_auto_blocker.h" | 5 #include "chrome/browser/permissions/permission_decision_auto_blocker.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
| 11 #include "base/test/histogram_tester.h" | |
| 11 #include "base/test/scoped_feature_list.h" | 12 #include "base/test/scoped_feature_list.h" |
| 12 #include "base/test/simple_test_clock.h" | 13 #include "base/test/simple_test_clock.h" |
| 13 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 14 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
| 15 #include "chrome/browser/permissions/permission_uma_util.h" | |
|
dominickn
2017/02/07 05:36:54
Not sure if this is used?
meredithl
2017/02/07 06:27:29
The enums for SafeBrowsingResponse are defined in
dominickn
2017/02/07 22:28:25
Acknowledged.
| |
| 14 #include "chrome/browser/permissions/permission_util.h" | 16 #include "chrome/browser/permissions/permission_util.h" |
| 15 #include "chrome/common/chrome_features.h" | 17 #include "chrome/common/chrome_features.h" |
| 16 #include "chrome/test/base/chrome_render_view_host_test_harness.h" | 18 #include "chrome/test/base/chrome_render_view_host_test_harness.h" |
| 17 #include "chrome/test/base/testing_profile.h" | 19 #include "chrome/test/base/testing_profile.h" |
| 18 #include "components/content_settings/core/browser/host_content_settings_map.h" | 20 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 19 #include "components/safe_browsing_db/test_database_manager.h" | 21 #include "components/safe_browsing_db/test_database_manager.h" |
| 20 #include "content/public/browser/permission_type.h" | 22 #include "content/public/browser/permission_type.h" |
| 21 | 23 |
| 22 namespace { | 24 namespace { |
| 23 | 25 |
| (...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 247 url2, content::PermissionType::GEOLOCATION)); | 249 url2, content::PermissionType::GEOLOCATION)); |
| 248 EXPECT_EQ(0, autoblocker()->GetIgnoreCount( | 250 EXPECT_EQ(0, autoblocker()->GetIgnoreCount( |
| 249 url2, content::PermissionType::DURABLE_STORAGE)); | 251 url2, content::PermissionType::DURABLE_STORAGE)); |
| 250 EXPECT_EQ(0, autoblocker()->GetIgnoreCount( | 252 EXPECT_EQ(0, autoblocker()->GetIgnoreCount( |
| 251 url2, content::PermissionType::MIDI_SYSEX)); | 253 url2, content::PermissionType::MIDI_SYSEX)); |
| 252 } | 254 } |
| 253 | 255 |
| 254 // Test that an origin that has been blacklisted for a permission is embargoed. | 256 // Test that an origin that has been blacklisted for a permission is embargoed. |
| 255 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestUpdateEmbargoBlacklist) { | 257 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestUpdateEmbargoBlacklist) { |
| 256 GURL url("https://www.google.com"); | 258 GURL url("https://www.google.com"); |
| 259 base::HistogramTester histograms; | |
| 257 | 260 |
| 258 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = | 261 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = |
| 259 new MockSafeBrowsingDatabaseManager(true /* perform_callback */); | 262 new MockSafeBrowsingDatabaseManager(true /* perform_callback */); |
| 260 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; | 263 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; |
| 261 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); | 264 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); |
| 262 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, | 265 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
| 263 2000 /* timeout in ms */); | 266 2000 /* timeout in ms */); |
| 264 | 267 |
| 265 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); | 268 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); |
| 266 EXPECT_TRUE(last_embargoed_status()); | 269 EXPECT_TRUE(last_embargoed_status()); |
| 270 histograms.ExpectUniqueSample("Permissions.AutoBlocker.SafeBrowsingResponse", | |
| 271 SafeBrowsingResponse::BLACKLISTED, 1); | |
| 267 } | 272 } |
| 268 | 273 |
| 269 // Check that IsUnderEmbargo returns the correct value when the embargo is set | 274 // Check that IsUnderEmbargo returns the correct value when the embargo is set |
| 270 // and expires. | 275 // and expires. |
| 271 TEST_F(PermissionDecisionAutoBlockerUnitTest, CheckEmbargoStatus) { | 276 TEST_F(PermissionDecisionAutoBlockerUnitTest, CheckEmbargoStatus) { |
| 272 GURL url("https://www.google.com"); | 277 GURL url("https://www.google.com"); |
| 273 clock()->SetNow(base::Time::Now()); | 278 clock()->SetNow(base::Time::Now()); |
| 274 | 279 |
| 275 PlaceUnderBlacklistEmbargo(content::PermissionType::GEOLOCATION, url); | 280 PlaceUnderBlacklistEmbargo(content::PermissionType::GEOLOCATION, url); |
| 276 EXPECT_TRUE( | 281 EXPECT_TRUE( |
| (...skipping 28 matching lines...) Expand all Loading... | |
| 305 } | 310 } |
| 306 | 311 |
| 307 // Tests the alternating pattern of the block on multiple dismiss behaviour. On | 312 // Tests the alternating pattern of the block on multiple dismiss behaviour. On |
| 308 // N dismissals, the origin to be embargoed for the requested permission and | 313 // N dismissals, the origin to be embargoed for the requested permission and |
| 309 // automatically blocked. Each time the embargo is lifted, the site gets another | 314 // automatically blocked. Each time the embargo is lifted, the site gets another |
| 310 // chance to request the permission, but if it is again dismissed it is placed | 315 // chance to request the permission, but if it is again dismissed it is placed |
| 311 // under embargo again and its permission requests blocked. | 316 // under embargo again and its permission requests blocked. |
| 312 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestDismissEmbargoBackoff) { | 317 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestDismissEmbargoBackoff) { |
| 313 GURL url("https://www.google.com"); | 318 GURL url("https://www.google.com"); |
| 314 clock()->SetNow(base::Time::Now()); | 319 clock()->SetNow(base::Time::Now()); |
| 320 base::HistogramTester histograms; | |
|
dominickn
2017/02/07 05:36:54
This is currently unused?
meredithl
2017/02/07 06:27:29
Done.
| |
| 315 | 321 |
| 316 // Record some dismisses. | 322 // Record some dismisses. |
| 317 EXPECT_FALSE(autoblocker()->RecordDismissAndEmbargo( | 323 EXPECT_FALSE(autoblocker()->RecordDismissAndEmbargo( |
| 318 url, content::PermissionType::GEOLOCATION)); | 324 url, content::PermissionType::GEOLOCATION)); |
| 319 EXPECT_FALSE(autoblocker()->RecordDismissAndEmbargo( | 325 EXPECT_FALSE(autoblocker()->RecordDismissAndEmbargo( |
| 320 url, content::PermissionType::GEOLOCATION)); | 326 url, content::PermissionType::GEOLOCATION)); |
| 321 | 327 |
| 322 // A request with < 3 prior dismisses should not be automatically blocked. | 328 // A request with < 3 prior dismisses should not be automatically blocked. |
| 323 EXPECT_FALSE( | 329 EXPECT_FALSE( |
| 324 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 330 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 339 EXPECT_TRUE(autoblocker()->RecordDismissAndEmbargo( | 345 EXPECT_TRUE(autoblocker()->RecordDismissAndEmbargo( |
| 340 url, content::PermissionType::GEOLOCATION)); | 346 url, content::PermissionType::GEOLOCATION)); |
| 341 EXPECT_TRUE( | 347 EXPECT_TRUE( |
| 342 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 348 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| 343 | 349 |
| 344 // Accelerate time again, check embargo is lifted and another permission | 350 // Accelerate time again, check embargo is lifted and another permission |
| 345 // request is let through. | 351 // request is let through. |
| 346 clock()->Advance(base::TimeDelta::FromDays(8)); | 352 clock()->Advance(base::TimeDelta::FromDays(8)); |
| 347 EXPECT_FALSE( | 353 EXPECT_FALSE( |
| 348 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 354 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| 355 | |
| 356 // Record another dismiss, subsequent requests should be autoblocked again. | |
| 357 EXPECT_TRUE(autoblocker()->RecordDismissAndEmbargo( | |
| 358 url, content::PermissionType::GEOLOCATION)); | |
| 359 EXPECT_TRUE( | |
| 360 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | |
| 349 } | 361 } |
| 350 | 362 |
| 351 // Test the logic for a combination of blacklisting and dismissal embargo. | 363 // Test the logic for a combination of blacklisting and dismissal embargo. |
| 352 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestExpiredBlacklistEmbargo) { | 364 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestExpiredBlacklistEmbargo) { |
| 353 GURL url("https://www.google.com"); | 365 GURL url("https://www.google.com"); |
| 354 clock()->SetNow(base::Time::Now()); | 366 clock()->SetNow(base::Time::Now()); |
| 355 | 367 |
| 356 // Place under blacklist embargo and check the status. | 368 // Place under blacklist embargo and check the status. |
| 357 PlaceUnderBlacklistEmbargo(content::PermissionType::GEOLOCATION, url); | 369 PlaceUnderBlacklistEmbargo(content::PermissionType::GEOLOCATION, url); |
| 358 clock()->Advance(base::TimeDelta::FromDays(5)); | 370 clock()->Advance(base::TimeDelta::FromDays(5)); |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 370 // Accelerate time to a point where the blacklist embargo should be expired | 382 // Accelerate time to a point where the blacklist embargo should be expired |
| 371 // and check that dismissal embargo is still set. | 383 // and check that dismissal embargo is still set. |
| 372 clock()->Advance(base::TimeDelta::FromDays(3)); | 384 clock()->Advance(base::TimeDelta::FromDays(3)); |
| 373 EXPECT_TRUE( | 385 EXPECT_TRUE( |
| 374 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 386 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| 375 } | 387 } |
| 376 | 388 |
| 377 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestSafeBrowsingTimeout) { | 389 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestSafeBrowsingTimeout) { |
| 378 GURL url("https://www.google.com"); | 390 GURL url("https://www.google.com"); |
| 379 clock()->SetNow(base::Time::Now()); | 391 clock()->SetNow(base::Time::Now()); |
| 392 base::HistogramTester histograms; | |
| 380 | 393 |
| 381 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = | 394 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = |
| 382 new MockSafeBrowsingDatabaseManager(false /* perform_callback */); | 395 new MockSafeBrowsingDatabaseManager(false /* perform_callback */); |
| 383 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; | 396 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; |
| 384 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); | 397 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); |
| 385 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, | 398 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
| 386 0 /* timeout in ms */); | 399 0 /* timeout in ms */); |
| 387 | 400 |
| 388 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); | 401 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); |
| 389 EXPECT_FALSE(last_embargoed_status()); | 402 EXPECT_FALSE(last_embargoed_status()); |
| 390 EXPECT_FALSE( | 403 EXPECT_FALSE( |
| 391 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 404 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| 405 histograms.ExpectUniqueSample("Permissions.AutoBlocker.SafeBrowsingResponse", | |
| 406 SafeBrowsingResponse::TIMEOUT, 1); | |
| 392 db_manager->SetPerformCallback(true); | 407 db_manager->SetPerformCallback(true); |
| 393 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, | 408 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, |
| 394 2000 /* timeout in ms */); | 409 2000 /* timeout in ms */); |
| 395 | 410 |
| 396 clock()->Advance(base::TimeDelta::FromDays(1)); | 411 clock()->Advance(base::TimeDelta::FromDays(1)); |
| 397 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); | 412 UpdateEmbargoedStatus(content::PermissionType::GEOLOCATION, url); |
| 398 EXPECT_TRUE(last_embargoed_status()); | 413 EXPECT_TRUE(last_embargoed_status()); |
| 414 histograms.ExpectTotalCount("Permissions.AutoBlocker.SafeBrowsingResponse", | |
|
dominickn
2017/02/07 05:36:54
Can you ExpectBucketCount the specific bucket that
meredithl
2017/02/07 06:27:29
Done.
| |
| 415 2); | |
| 399 | 416 |
| 400 clock()->Advance(base::TimeDelta::FromDays(1)); | 417 clock()->Advance(base::TimeDelta::FromDays(1)); |
| 401 EXPECT_TRUE( | 418 EXPECT_TRUE( |
| 402 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); | 419 autoblocker()->IsUnderEmbargo(content::PermissionType::GEOLOCATION, url)); |
| 403 } | 420 } |
| 404 | 421 |
| 405 // TODO(raymes): See crbug.com/681709. Remove after M60. | 422 // TODO(raymes): See crbug.com/681709. Remove after M60. |
| 406 TEST_F(PermissionDecisionAutoBlockerUnitTest, | 423 TEST_F(PermissionDecisionAutoBlockerUnitTest, |
| 407 MigrateNoDecisionCountToPermissionAutoBlockerData) { | 424 MigrateNoDecisionCountToPermissionAutoBlockerData) { |
| 408 GURL url("https://www.google.com"); | 425 GURL url("https://www.google.com"); |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 466 profile()->GetPrefs(), false /* is_incognito_profile */, | 483 profile()->GetPrefs(), false /* is_incognito_profile */, |
| 467 false /* is_guest_profile */)); | 484 false /* is_guest_profile */)); |
| 468 temp_map->ShutdownOnUIThread(); | 485 temp_map->ShutdownOnUIThread(); |
| 469 } | 486 } |
| 470 | 487 |
| 471 EXPECT_EQ(100, autoblocker()->GetDismissCount( | 488 EXPECT_EQ(100, autoblocker()->GetDismissCount( |
| 472 url, content::PermissionType::GEOLOCATION)); | 489 url, content::PermissionType::GEOLOCATION)); |
| 473 EXPECT_EQ(50, autoblocker()->GetIgnoreCount( | 490 EXPECT_EQ(50, autoblocker()->GetIgnoreCount( |
| 474 url, content::PermissionType::GEOLOCATION)); | 491 url, content::PermissionType::GEOLOCATION)); |
| 475 } | 492 } |
| 493 | |
| 494 TEST_F(PermissionDecisionAutoBlockerUnitTest, TestSafeBrowsingResponse) { | |
| 495 GURL url("https://www.google.com"); | |
| 496 clock()->SetNow(base::Time::Now()); | |
| 497 base::HistogramTester histograms; | |
| 498 | |
| 499 scoped_refptr<MockSafeBrowsingDatabaseManager> db_manager = | |
| 500 new MockSafeBrowsingDatabaseManager(true /* perform_callback */); | |
| 501 std::set<std::string> blacklisted_permissions{"GEOLOCATION"}; | |
| 502 db_manager->BlacklistUrlPermissions(url, blacklisted_permissions); | |
| 503 SetSafeBrowsingDatabaseManagerAndTimeoutForTesting(db_manager, | |
| 504 0 /* timeout in ms */); | |
| 505 | |
| 506 UpdateEmbargoedStatus(content::PermissionType::NOTIFICATIONS, url); | |
| 507 EXPECT_FALSE(last_embargoed_status()); | |
| 508 histograms.ExpectUniqueSample("Permissions.AutoBlocker.SafeBrowsingResponse", | |
| 509 SafeBrowsingResponse::NOT_BLACKLISTED, 1); | |
| 510 } | |
| OLD | NEW |
