OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // This test creates a safebrowsing service using test safebrowsing database | 5 // This test creates a safebrowsing service using test safebrowsing database |
6 // and a test protocol manager. It is used to test logics in safebrowsing | 6 // and a test protocol manager. It is used to test logics in safebrowsing |
7 // service. | 7 // service. |
8 | 8 |
9 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 9 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
10 | 10 |
(...skipping 21 matching lines...) Expand all Loading... | |
32 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 32 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
33 #include "chrome/browser/prerender/prerender_manager.h" | 33 #include "chrome/browser/prerender/prerender_manager.h" |
34 #include "chrome/browser/profiles/profile.h" | 34 #include "chrome/browser/profiles/profile.h" |
35 #include "chrome/browser/profiles/profile_manager.h" | 35 #include "chrome/browser/profiles/profile_manager.h" |
36 #include "chrome/browser/safe_browsing/client_side_detection_service.h" | 36 #include "chrome/browser/safe_browsing/client_side_detection_service.h" |
37 #include "chrome/browser/safe_browsing/local_database_manager.h" | 37 #include "chrome/browser/safe_browsing/local_database_manager.h" |
38 #include "chrome/browser/safe_browsing/protocol_manager.h" | 38 #include "chrome/browser/safe_browsing/protocol_manager.h" |
39 #include "chrome/browser/safe_browsing/safe_browsing_database.h" | 39 #include "chrome/browser/safe_browsing/safe_browsing_database.h" |
40 #include "chrome/browser/safe_browsing/test_safe_browsing_service.h" | 40 #include "chrome/browser/safe_browsing/test_safe_browsing_service.h" |
41 #include "chrome/browser/safe_browsing/ui_manager.h" | 41 #include "chrome/browser/safe_browsing/ui_manager.h" |
42 #include "chrome/browser/subresource_filter/test_ruleset_publisher.h" | |
42 #include "chrome/browser/ui/browser.h" | 43 #include "chrome/browser/ui/browser.h" |
43 #include "chrome/browser/ui/browser_navigator_params.h" | 44 #include "chrome/browser/ui/browser_navigator_params.h" |
44 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 45 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
45 #include "chrome/common/chrome_paths.h" | 46 #include "chrome/common/chrome_paths.h" |
46 #include "chrome/common/pref_names.h" | 47 #include "chrome/common/pref_names.h" |
47 #include "chrome/test/base/in_process_browser_test.h" | 48 #include "chrome/test/base/in_process_browser_test.h" |
48 #include "chrome/test/base/ui_test_utils.h" | 49 #include "chrome/test/base/ui_test_utils.h" |
49 #include "components/bookmarks/browser/startup_task_runner_service.h" | 50 #include "components/bookmarks/browser/startup_task_runner_service.h" |
50 #include "components/content_settings/core/browser/host_content_settings_map.h" | 51 #include "components/content_settings/core/browser/host_content_settings_map.h" |
51 #include "components/prefs/pref_service.h" | 52 #include "components/prefs/pref_service.h" |
52 #include "components/safe_browsing/common/safebrowsing_switches.h" | 53 #include "components/safe_browsing/common/safebrowsing_switches.h" |
53 #include "components/safe_browsing_db/database_manager.h" | 54 #include "components/safe_browsing_db/database_manager.h" |
54 #include "components/safe_browsing_db/metadata.pb.h" | 55 #include "components/safe_browsing_db/metadata.pb.h" |
55 #include "components/safe_browsing_db/test_database_manager.h" | 56 #include "components/safe_browsing_db/test_database_manager.h" |
56 #include "components/safe_browsing_db/util.h" | 57 #include "components/safe_browsing_db/util.h" |
57 #include "components/safe_browsing_db/v4_database.h" | 58 #include "components/safe_browsing_db/v4_database.h" |
58 #include "components/safe_browsing_db/v4_feature_list.h" | 59 #include "components/safe_browsing_db/v4_feature_list.h" |
59 #include "components/safe_browsing_db/v4_get_hash_protocol_manager.h" | 60 #include "components/safe_browsing_db/v4_get_hash_protocol_manager.h" |
60 #include "components/safe_browsing_db/v4_protocol_manager_util.h" | 61 #include "components/safe_browsing_db/v4_protocol_manager_util.h" |
61 #include "components/subresource_filter/content/browser/content_subresource_filt er_driver.h" | 62 #include "components/subresource_filter/content/browser/content_subresource_filt er_driver.h" |
62 #include "components/subresource_filter/content/browser/content_subresource_filt er_driver_factory.h" | 63 #include "components/subresource_filter/content/browser/content_subresource_filt er_driver_factory.h" |
63 #include "components/subresource_filter/core/browser/subresource_filter_features .h" | 64 #include "components/subresource_filter/core/browser/subresource_filter_features .h" |
64 #include "components/subresource_filter/core/browser/subresource_filter_features _test_support.h" | 65 #include "components/subresource_filter/core/browser/subresource_filter_features _test_support.h" |
66 #include "components/subresource_filter/core/common/test_ruleset_creator.h" | |
65 #include "content/public/browser/interstitial_page.h" | 67 #include "content/public/browser/interstitial_page.h" |
66 #include "content/public/browser/navigation_entry.h" | 68 #include "content/public/browser/navigation_entry.h" |
67 #include "content/public/browser/render_frame_host.h" | 69 #include "content/public/browser/render_frame_host.h" |
68 #include "content/public/browser/web_contents.h" | 70 #include "content/public/browser/web_contents.h" |
71 #include "content/public/common/content_switches.h" | |
69 #include "content/public/test/browser_test_utils.h" | 72 #include "content/public/test/browser_test_utils.h" |
70 #include "crypto/sha2.h" | 73 #include "crypto/sha2.h" |
71 #include "net/cookies/cookie_store.h" | 74 #include "net/cookies/cookie_store.h" |
72 #include "net/cookies/cookie_util.h" | 75 #include "net/cookies/cookie_util.h" |
73 #include "net/test/embedded_test_server/embedded_test_server.h" | 76 #include "net/test/embedded_test_server/embedded_test_server.h" |
74 #include "net/test/embedded_test_server/http_request.h" | 77 #include "net/test/embedded_test_server/http_request.h" |
75 #include "net/test/embedded_test_server/http_response.h" | 78 #include "net/test/embedded_test_server/http_response.h" |
76 #include "sql/connection.h" | 79 #include "sql/connection.h" |
77 #include "sql/statement.h" | 80 #include "sql/statement.h" |
78 #include "testing/gmock/include/gmock/gmock.h" | 81 #include "testing/gmock/include/gmock/gmock.h" |
(...skipping 24 matching lines...) Expand all Loading... | |
103 const char kMaliciousResource[] = "/malware/script.js"; | 106 const char kMaliciousResource[] = "/malware/script.js"; |
104 const char kMalwareFile[] = "/downloads/dangerous/dangerous.exe"; | 107 const char kMalwareFile[] = "/downloads/dangerous/dangerous.exe"; |
105 const char kMalwarePage[] = "/safe_browsing/malware.html"; | 108 const char kMalwarePage[] = "/safe_browsing/malware.html"; |
106 const char kMalwareDelayedLoadsPage[] = | 109 const char kMalwareDelayedLoadsPage[] = |
107 "/safe_browsing/malware_delayed_loads.html"; | 110 "/safe_browsing/malware_delayed_loads.html"; |
108 const char kMalwareIFrame[] = "/safe_browsing/malware_iframe.html"; | 111 const char kMalwareIFrame[] = "/safe_browsing/malware_iframe.html"; |
109 const char kMalwareImg[] = "/safe_browsing/malware_image.png"; | 112 const char kMalwareImg[] = "/safe_browsing/malware_image.png"; |
110 const char kNeverCompletesPath[] = "/never_completes"; | 113 const char kNeverCompletesPath[] = "/never_completes"; |
111 const char kPrefetchMalwarePage[] = "/safe_browsing/prefetch_malware.html"; | 114 const char kPrefetchMalwarePage[] = "/safe_browsing/prefetch_malware.html"; |
112 | 115 |
113 class MockSubresourceFilterDriver | |
114 : public subresource_filter::ContentSubresourceFilterDriver { | |
115 public: | |
116 explicit MockSubresourceFilterDriver( | |
117 content::RenderFrameHost* render_frame_host) | |
118 : subresource_filter::ContentSubresourceFilterDriver(render_frame_host) {} | |
119 | |
120 ~MockSubresourceFilterDriver() override = default; | |
121 | |
122 MOCK_METHOD2(ActivateForNextCommittedLoad, | |
123 void(subresource_filter::ActivationLevel, bool)); | |
124 | |
125 private: | |
126 DISALLOW_COPY_AND_ASSIGN(MockSubresourceFilterDriver); | |
127 }; | |
128 | |
129 class NeverCompletingHttpResponse : public net::test_server::HttpResponse { | 116 class NeverCompletingHttpResponse : public net::test_server::HttpResponse { |
130 public: | 117 public: |
131 ~NeverCompletingHttpResponse() override {} | 118 ~NeverCompletingHttpResponse() override {} |
132 | 119 |
133 void SendResponse( | 120 void SendResponse( |
134 const net::test_server::SendBytesCallback& send, | 121 const net::test_server::SendBytesCallback& send, |
135 const net::test_server::SendCompleteCallback& done) override { | 122 const net::test_server::SendCompleteCallback& done) override { |
136 // Do nothing. |done| is never called. | 123 // Do nothing. |done| is never called. |
137 } | 124 } |
138 }; | 125 }; |
(...skipping 407 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
546 SafeBrowsingDatabase::RegisterFactory(nullptr); | 533 SafeBrowsingDatabase::RegisterFactory(nullptr); |
547 SafeBrowsingProtocolManager::RegisterFactory(nullptr); | 534 SafeBrowsingProtocolManager::RegisterFactory(nullptr); |
548 SafeBrowsingService::RegisterFactory(nullptr); | 535 SafeBrowsingService::RegisterFactory(nullptr); |
549 } | 536 } |
550 | 537 |
551 void SetUpCommandLine(base::CommandLine* command_line) override { | 538 void SetUpCommandLine(base::CommandLine* command_line) override { |
552 // Makes sure the auto update is not triggered during the test. | 539 // Makes sure the auto update is not triggered during the test. |
553 // This test will fill up the database using testing prefixes | 540 // This test will fill up the database using testing prefixes |
554 // and urls. | 541 // and urls. |
555 command_line->AppendSwitch(safe_browsing::switches::kSbDisableAutoUpdate); | 542 command_line->AppendSwitch(safe_browsing::switches::kSbDisableAutoUpdate); |
543 command_line->AppendSwitchASCII( | |
544 ::switches::kEnableFeatures, | |
545 subresource_filter::kSafeBrowsingSubresourceFilter.name); | |
556 #if defined(OS_CHROMEOS) | 546 #if defined(OS_CHROMEOS) |
557 command_line->AppendSwitch( | 547 command_line->AppendSwitch( |
558 chromeos::switches::kIgnoreUserProfileMappingForTests); | 548 chromeos::switches::kIgnoreUserProfileMappingForTests); |
559 #endif | 549 #endif |
560 } | 550 } |
561 | 551 |
562 void SetUpOnMainThread() override { | 552 void SetUpOnMainThread() override { |
563 InProcessBrowserTest::SetUpOnMainThread(); | 553 InProcessBrowserTest::SetUpOnMainThread(); |
564 g_browser_process->safe_browsing_service()->ui_manager()->AddObserver( | 554 g_browser_process->safe_browsing_service()->ui_manager()->AddObserver( |
565 &observer_); | 555 &observer_); |
566 WebContents* contents = | |
567 browser()->tab_strip_model()->GetActiveWebContents(); | |
568 driver_ = new MockSubresourceFilterDriver(contents->GetMainFrame()); | |
569 factory()->SetDriverForFrameHostForTesting(contents->GetMainFrame(), | |
570 base::WrapUnique(driver())); | |
571 } | |
572 | |
573 subresource_filter::ContentSubresourceFilterDriverFactory* factory() { | |
574 WebContents* contents = | |
575 browser()->tab_strip_model()->GetActiveWebContents(); | |
576 return subresource_filter::ContentSubresourceFilterDriverFactory:: | |
577 FromWebContents(contents); | |
578 } | 556 } |
579 | 557 |
580 void TearDownOnMainThread() override { | 558 void TearDownOnMainThread() override { |
581 g_browser_process->safe_browsing_service()->ui_manager()->RemoveObserver( | 559 g_browser_process->safe_browsing_service()->ui_manager()->RemoveObserver( |
582 &observer_); | 560 &observer_); |
583 InProcessBrowserTest::TearDownOnMainThread(); | 561 InProcessBrowserTest::TearDownOnMainThread(); |
584 } | 562 } |
585 | 563 |
586 void SetUpInProcessBrowserTestFixture() override { | 564 void SetUpInProcessBrowserTestFixture() override { |
587 base::FilePath test_data_dir; | 565 base::FilePath test_data_dir; |
(...skipping 20 matching lines...) Expand all Loading... | |
608 pm->AddGetFullHashResponse(full_hash); | 586 pm->AddGetFullHashResponse(full_hash); |
609 } | 587 } |
610 | 588 |
611 bool ShowingInterstitialPage() { | 589 bool ShowingInterstitialPage() { |
612 WebContents* contents = | 590 WebContents* contents = |
613 browser()->tab_strip_model()->GetActiveWebContents(); | 591 browser()->tab_strip_model()->GetActiveWebContents(); |
614 InterstitialPage* interstitial_page = contents->GetInterstitialPage(); | 592 InterstitialPage* interstitial_page = contents->GetInterstitialPage(); |
615 return interstitial_page != nullptr; | 593 return interstitial_page != nullptr; |
616 } | 594 } |
617 | 595 |
596 bool WasSubresourceFilterProbeScriptLoaded() { | |
597 bool script_resource_was_loaded = false; | |
598 WebContents* web_contents = | |
599 browser()->tab_strip_model()->GetActiveWebContents(); | |
600 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( | |
601 web_contents->GetMainFrame(), | |
602 "domAutomationController.send(!!document.scriptExecuted)", | |
603 &script_resource_was_loaded)); | |
604 return script_resource_was_loaded; | |
605 } | |
606 | |
618 void IntroduceGetHashDelay(const base::TimeDelta& delay) { | 607 void IntroduceGetHashDelay(const base::TimeDelta& delay) { |
619 pm_factory_.GetProtocolManager()->IntroduceDelay(delay); | 608 pm_factory_.GetProtocolManager()->IntroduceDelay(delay); |
620 } | 609 } |
621 | 610 |
622 // TODO(nparker): Remove the need for this by wiring in our own | 611 // TODO(nparker): Remove the need for this by wiring in our own |
623 // SafeBrowsingDatabaseManager factory and keep a ptr to the subclass. | 612 // SafeBrowsingDatabaseManager factory and keep a ptr to the subclass. |
624 // Or add a Get/SetTimeout to sbdbmgr. | 613 // Or add a Get/SetTimeout to sbdbmgr. |
625 static LocalSafeBrowsingDatabaseManager* LocalDatabaseManagerForService( | 614 static LocalSafeBrowsingDatabaseManager* LocalDatabaseManagerForService( |
626 SafeBrowsingService* sb_service) { | 615 SafeBrowsingService* sb_service) { |
627 return static_cast<LocalSafeBrowsingDatabaseManager*>( | 616 return static_cast<LocalSafeBrowsingDatabaseManager*>( |
(...skipping 24 matching lines...) Expand all Loading... | |
652 | 641 |
653 FakeSafeBrowsingUIManager* ui_manager() { | 642 FakeSafeBrowsingUIManager* ui_manager() { |
654 return static_cast<FakeSafeBrowsingUIManager*>( | 643 return static_cast<FakeSafeBrowsingUIManager*>( |
655 g_browser_process->safe_browsing_service()->ui_manager().get()); | 644 g_browser_process->safe_browsing_service()->ui_manager().get()); |
656 } | 645 } |
657 bool got_hit_report() { return ui_manager()->got_hit_report_; } | 646 bool got_hit_report() { return ui_manager()->got_hit_report_; } |
658 const safe_browsing::HitReport& hit_report() { | 647 const safe_browsing::HitReport& hit_report() { |
659 return ui_manager()->hit_report_; | 648 return ui_manager()->hit_report_; |
660 } | 649 } |
661 | 650 |
662 MockSubresourceFilterDriver* driver() { return driver_; } | |
663 | |
664 protected: | 651 protected: |
665 StrictMock<MockObserver> observer_; | 652 StrictMock<MockObserver> observer_; |
666 | 653 |
667 // Temporary profile dir for test cases that create a second profile. This is | 654 // Temporary profile dir for test cases that create a second profile. This is |
668 // owned by the SafeBrowsingServiceTest object so that it will not get | 655 // owned by the SafeBrowsingServiceTest object so that it will not get |
669 // destructed until after the test Browser has been torn down, since the | 656 // destructed until after the test Browser has been torn down, since the |
670 // ImportantFileWriter may still be modifying it after the Profile object has | 657 // ImportantFileWriter may still be modifying it after the Profile object has |
671 // been destroyed. | 658 // been destroyed. |
672 base::ScopedTempDir temp_profile_dir_; | 659 base::ScopedTempDir temp_profile_dir_; |
673 | 660 |
(...skipping 20 matching lines...) Expand all Loading... | |
694 service, enabled, | 681 service, enabled, |
695 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO).get())); | 682 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO).get())); |
696 ASSERT_TRUE(enabled_helper->Run()); | 683 ASSERT_TRUE(enabled_helper->Run()); |
697 } | 684 } |
698 | 685 |
699 protected: | 686 protected: |
700 std::unique_ptr<TestSafeBrowsingServiceFactory> sb_factory_; | 687 std::unique_ptr<TestSafeBrowsingServiceFactory> sb_factory_; |
701 TestSafeBrowsingDatabaseFactory db_factory_; | 688 TestSafeBrowsingDatabaseFactory db_factory_; |
702 TestSBProtocolManagerFactory pm_factory_; | 689 TestSBProtocolManagerFactory pm_factory_; |
703 | 690 |
704 // Owned by ContentSubresourceFilterFactory. | |
705 MockSubresourceFilterDriver* driver_; | |
706 | |
707 private: | 691 private: |
708 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingServiceTest); | 692 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingServiceTest); |
709 }; | 693 }; |
710 | 694 |
711 class SafeBrowsingServiceMetadataTest | 695 class SafeBrowsingServiceMetadataTest |
712 : public SafeBrowsingServiceTest, | 696 : public SafeBrowsingServiceTest, |
713 public ::testing::WithParamInterface<ThreatPatternType> { | 697 public ::testing::WithParamInterface<ThreatPatternType> { |
714 public: | 698 public: |
715 SafeBrowsingServiceMetadataTest() {} | 699 SafeBrowsingServiceMetadataTest() {} |
716 | 700 |
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
913 ui_test_utils::NavigateToURL(¶ms); | 897 ui_test_utils::NavigateToURL(¶ms); |
914 | 898 |
915 EXPECT_TRUE(ShowingInterstitialPage()); | 899 EXPECT_TRUE(ShowingInterstitialPage()); |
916 EXPECT_TRUE(got_hit_report()); | 900 EXPECT_TRUE(got_hit_report()); |
917 EXPECT_EQ(bad_url, hit_report().malicious_url); | 901 EXPECT_EQ(bad_url, hit_report().malicious_url); |
918 EXPECT_EQ(bad_url, hit_report().page_url); | 902 EXPECT_EQ(bad_url, hit_report().page_url); |
919 EXPECT_EQ(first_url, hit_report().referrer_url); | 903 EXPECT_EQ(first_url, hit_report().referrer_url); |
920 EXPECT_FALSE(hit_report().is_subresource); | 904 EXPECT_FALSE(hit_report().is_subresource); |
921 } | 905 } |
922 | 906 |
923 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, | 907 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, SubresourceFilterEndToEndTest) { |
924 SocEngReportingBlacklistNotEmpty) { | |
925 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | 908 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle |
926 scoped_feature_toggle( | 909 scoped_feature_toggle( |
927 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | 910 base::FeatureList::OVERRIDE_ENABLE_FEATURE, |
928 subresource_filter::kActivationLevelEnabled, | 911 subresource_filter::kActivationLevelEnabled, |
929 subresource_filter::kActivationScopeActivationList, | 912 subresource_filter::kActivationScopeActivationList, |
930 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | 913 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); |
931 // Tests that when Safe Browsing gets hit which is corresponding to the | |
932 // SOCIAL_ENGINEERING_ADS threat type, then URL is added to the Subresource | |
933 // Filter. | |
934 GURL bad_url = embedded_test_server()->GetURL(kMalwarePage); | |
935 | 914 |
915 subresource_filter::testing::TestRulesetCreator ruleset_creator; | |
916 subresource_filter::testing::TestRulesetPair test_ruleset_pair; | |
917 ruleset_creator.CreateRulesetToDisallowURLsWithPathSuffix( | |
918 "included_script.js", &test_ruleset_pair); | |
919 subresource_filter::testing::TestRulesetPublisher test_ruleset_publisher; | |
920 ASSERT_NO_FATAL_FAILURE( | |
921 test_ruleset_publisher.SetRuleset(test_ruleset_pair.unindexed)); | |
922 | |
923 GURL phishing_url = embedded_test_server()->GetURL( | |
924 "/subresource_filter/frame_with_included_script.html"); | |
936 SBFullHashResult malware_full_hash; | 925 SBFullHashResult malware_full_hash; |
937 GenUrlFullHashResultWithMetadata(bad_url, | 926 GenUrlFullHashResultWithMetadata(phishing_url, PHISH, |
938 PHISH, | |
939 ThreatPatternType::SOCIAL_ENGINEERING_ADS, | 927 ThreatPatternType::SOCIAL_ENGINEERING_ADS, |
940 &malware_full_hash); | 928 &malware_full_hash); |
941 SetupResponseForUrl(bad_url, malware_full_hash); | 929 SetupResponseForUrl(phishing_url, malware_full_hash); |
942 | 930 |
943 WebContents* main_contents = | 931 // Navigation to a phishing page should trigger an interstitial. If the user |
932 // clicks through it, the page load should proceed, but with subresource | |
933 // filtering activated. This is verified by probing whether `included_script` | |
934 // that is disallowed above indeed fails to load. | |
935 WebContents* web_contents = | |
944 browser()->tab_strip_model()->GetActiveWebContents(); | 936 browser()->tab_strip_model()->GetActiveWebContents(); |
937 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))); | |
938 ui_test_utils::NavigateToURL(browser(), phishing_url); | |
939 ASSERT_TRUE(Mock::VerifyAndClearExpectations(&observer_)); | |
940 ASSERT_TRUE(got_hit_report()); | |
941 content::WaitForInterstitialAttach(web_contents); | |
942 ASSERT_TRUE(ShowingInterstitialPage()); | |
945 | 943 |
946 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(bad_url))) | 944 content::WindowedNotificationObserver load_stop_observer( |
947 .Times(1); | 945 content::NOTIFICATION_LOAD_STOP, |
948 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | 946 content::Source<content::NavigationController>( |
949 ui_test_utils::NavigateToURL(browser(), bad_url); | 947 &web_contents->GetController())); |
950 Mock::VerifyAndClearExpectations(&observer_); | 948 InterstitialPage* interstitial_page = web_contents->GetInterstitialPage(); |
951 ASSERT_TRUE(got_hit_report()); | |
952 | |
953 content::WaitForInterstitialAttach(main_contents); | |
954 EXPECT_TRUE(ShowingInterstitialPage()); | |
955 testing::Mock::VerifyAndClearExpectations(driver()); | |
956 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(1); | |
957 InterstitialPage* interstitial_page = main_contents->GetInterstitialPage(); | |
958 ASSERT_TRUE(interstitial_page); | 949 ASSERT_TRUE(interstitial_page); |
959 interstitial_page->Proceed(); | 950 interstitial_page->Proceed(); |
960 content::WaitForInterstitialDetach(main_contents); | 951 load_stop_observer.Wait(); |
952 ASSERT_FALSE(ShowingInterstitialPage()); | |
953 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); | |
954 | |
955 // Navigate to a page that loads the same script, but is not a phishing page. | |
956 // The load should be allowed. | |
957 GURL safe_url = embedded_test_server()->GetURL( | |
958 "/subresource_filter/frame_with_allowed_script.html"); | |
959 ui_test_utils::NavigateToURL(browser(), safe_url); | |
961 EXPECT_FALSE(ShowingInterstitialPage()); | 960 EXPECT_FALSE(ShowingInterstitialPage()); |
962 testing::Mock::VerifyAndClearExpectations(driver()); | 961 EXPECT_TRUE(WasSubresourceFilterProbeScriptLoaded()); |
963 } | |
964 | 962 |
965 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, SocEngReportingBlacklistEmpty) { | 963 // Navigate to the phishing page again -- should be no interstitial shown, but |
966 // Tests that URLS which doesn't belong to the SOCIAL_ENGINEERING_ADS threat | 964 // subresource filtering should still be activated. |
Charlie Harrison
2017/02/15 18:51:21
The fact that subresource filtering should still b
engedy
2017/02/15 18:55:25
So it is tested to some degree by line 969, but I
| |
967 // type aren't seen by the Subresource Filter. | 965 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))) |
968 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | 966 .Times(0); |
969 scoped_feature_toggle( | 967 ui_test_utils::NavigateToURL(browser(), phishing_url); |
970 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | |
971 subresource_filter::kActivationLevelEnabled, | |
972 subresource_filter::kActivationScopeNoSites, | |
973 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | |
974 | |
975 GURL bad_url = embedded_test_server()->base_url().Resolve(kMalwarePage); | |
976 | |
977 SBFullHashResult malware_full_hash; | |
978 GenUrlFullHashResult(bad_url, MALWARE, &malware_full_hash); | |
979 SetupResponseForUrl(bad_url, malware_full_hash); | |
980 | |
981 WebContents* main_contents = | |
982 browser()->tab_strip_model()->GetActiveWebContents(); | |
983 | |
984 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(bad_url))) | |
985 .Times(1); | |
986 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | |
987 ui_test_utils::NavigateToURL(browser(), bad_url); | |
988 testing::Mock::VerifyAndClearExpectations(driver()); | |
989 ASSERT_TRUE(got_hit_report()); | |
990 | |
991 content::WaitForInterstitialAttach(main_contents); | |
992 EXPECT_TRUE(ShowingInterstitialPage()); | |
993 testing::Mock::VerifyAndClearExpectations(driver()); | |
994 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | |
995 InterstitialPage* interstitial_page = main_contents->GetInterstitialPage(); | |
996 ASSERT_TRUE(interstitial_page); | |
997 interstitial_page->Proceed(); | |
998 content::WaitForInterstitialDetach(main_contents); | |
999 EXPECT_FALSE(ShowingInterstitialPage()); | 968 EXPECT_FALSE(ShowingInterstitialPage()); |
1000 testing::Mock::VerifyAndClearExpectations(driver()); | 969 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); |
1001 } | 970 } |
1002 | 971 |
1003 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, | 972 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, |
1004 SubResourceHitWithMainFrameReferrer) { | 973 SubResourceHitWithMainFrameReferrer) { |
1005 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); | 974 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); |
1006 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); | 975 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); |
1007 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); | 976 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); |
1008 | 977 |
1009 SBFullHashResult malware_full_hash; | 978 SBFullHashResult malware_full_hash; |
1010 GenUrlFullHashResult(bad_url, MALWARE, &malware_full_hash); | 979 GenUrlFullHashResult(bad_url, MALWARE, &malware_full_hash); |
(...skipping 1117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2128 | 2097 |
2129 EXPECT_TRUE(ShowingInterstitialPage()); | 2098 EXPECT_TRUE(ShowingInterstitialPage()); |
2130 EXPECT_TRUE(got_hit_report()); | 2099 EXPECT_TRUE(got_hit_report()); |
2131 EXPECT_EQ(bad_url, hit_report().malicious_url); | 2100 EXPECT_EQ(bad_url, hit_report().malicious_url); |
2132 EXPECT_EQ(bad_url, hit_report().page_url); | 2101 EXPECT_EQ(bad_url, hit_report().page_url); |
2133 EXPECT_EQ(first_url, hit_report().referrer_url); | 2102 EXPECT_EQ(first_url, hit_report().referrer_url); |
2134 EXPECT_FALSE(hit_report().is_subresource); | 2103 EXPECT_FALSE(hit_report().is_subresource); |
2135 } | 2104 } |
2136 | 2105 |
2137 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, | 2106 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, |
2138 SocEngReportingBlacklistNotEmpty) { | 2107 SubresourceFilterEndToEndTest) { |
2139 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | 2108 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle |
2140 scoped_feature_toggle( | 2109 scoped_feature_toggle( |
2141 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | 2110 base::FeatureList::OVERRIDE_ENABLE_FEATURE, |
2142 subresource_filter::kActivationLevelEnabled, | 2111 subresource_filter::kActivationLevelEnabled, |
2143 subresource_filter::kActivationScopeActivationList, | 2112 subresource_filter::kActivationScopeActivationList, |
2144 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | 2113 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); |
2145 // Tests that when Safe Browsing gets hit which is corresponding to the | 2114 |
2146 // SOCIAL_ENGINEERING_ADS threat type, then URL is added to the Subresource | 2115 subresource_filter::testing::TestRulesetCreator ruleset_creator; |
2147 // Filter. | 2116 subresource_filter::testing::TestRulesetPair test_ruleset_pair; |
2148 GURL bad_url = embedded_test_server()->GetURL(kMalwarePage); | 2117 ruleset_creator.CreateRulesetToDisallowURLsWithPathSuffix( |
2149 MarkUrlForPhishingUnexpired(bad_url, | 2118 "included_script.js", &test_ruleset_pair); |
2119 subresource_filter::testing::TestRulesetPublisher test_ruleset_publisher; | |
2120 ASSERT_NO_FATAL_FAILURE( | |
2121 test_ruleset_publisher.SetRuleset(test_ruleset_pair.unindexed)); | |
2122 | |
2123 GURL phishing_url = embedded_test_server()->GetURL( | |
2124 "/subresource_filter/frame_with_included_script.html"); | |
2125 MarkUrlForPhishingUnexpired(phishing_url, | |
2150 ThreatPatternType::SOCIAL_ENGINEERING_ADS); | 2126 ThreatPatternType::SOCIAL_ENGINEERING_ADS); |
2151 | 2127 |
2152 WebContents* main_contents = | 2128 // Navigation to a phishing page should trigger an interstitial. If the user |
2129 // clicks through it, the page load should proceed, but with subresource | |
2130 // filtering activated. This is verified by probing whether `included_script` | |
2131 // that is disallowed above indeed fails to load. | |
2132 WebContents* web_contents = | |
2153 browser()->tab_strip_model()->GetActiveWebContents(); | 2133 browser()->tab_strip_model()->GetActiveWebContents(); |
2134 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))); | |
2135 ui_test_utils::NavigateToURL(browser(), phishing_url); | |
2136 ASSERT_TRUE(Mock::VerifyAndClearExpectations(&observer_)); | |
2137 ASSERT_TRUE(got_hit_report()); | |
2138 content::WaitForInterstitialAttach(web_contents); | |
2139 ASSERT_TRUE(ShowingInterstitialPage()); | |
2154 | 2140 |
2155 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(bad_url))) | 2141 content::WindowedNotificationObserver load_stop_observer( |
2156 .Times(1); | 2142 content::NOTIFICATION_LOAD_STOP, |
2157 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | 2143 content::Source<content::NavigationController>( |
2158 ui_test_utils::NavigateToURL(browser(), bad_url); | 2144 &web_contents->GetController())); |
2159 Mock::VerifyAndClearExpectations(&observer_); | 2145 InterstitialPage* interstitial_page = web_contents->GetInterstitialPage(); |
2160 ASSERT_TRUE(got_hit_report()); | |
2161 | |
2162 content::WaitForInterstitialAttach(main_contents); | |
2163 EXPECT_TRUE(ShowingInterstitialPage()); | |
2164 testing::Mock::VerifyAndClearExpectations(driver()); | |
2165 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(1); | |
2166 InterstitialPage* interstitial_page = main_contents->GetInterstitialPage(); | |
2167 ASSERT_TRUE(interstitial_page); | 2146 ASSERT_TRUE(interstitial_page); |
2168 interstitial_page->Proceed(); | 2147 interstitial_page->Proceed(); |
2169 content::WaitForInterstitialDetach(main_contents); | 2148 load_stop_observer.Wait(); |
2149 ASSERT_FALSE(ShowingInterstitialPage()); | |
2150 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); | |
2151 | |
2152 // Navigate to a page that loads the same script, but is not a phishing page. | |
2153 // The load should be allowed. | |
2154 GURL safe_url = embedded_test_server()->GetURL( | |
2155 "/subresource_filter/frame_with_allowed_script.html"); | |
2156 ui_test_utils::NavigateToURL(browser(), safe_url); | |
2170 EXPECT_FALSE(ShowingInterstitialPage()); | 2157 EXPECT_FALSE(ShowingInterstitialPage()); |
2171 testing::Mock::VerifyAndClearExpectations(driver()); | 2158 EXPECT_TRUE(WasSubresourceFilterProbeScriptLoaded()); |
2159 | |
2160 // Navigate to the phishing page again -- should be no interstitial shown, but | |
2161 // subresource filtering should still be activated. | |
2162 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))) | |
2163 .Times(0); | |
2164 ui_test_utils::NavigateToURL(browser(), phishing_url); | |
2165 EXPECT_FALSE(ShowingInterstitialPage()); | |
2166 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); | |
2172 } | 2167 } |
2173 | 2168 |
2174 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, | 2169 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, |
2175 SocEngReportingBlacklistEmpty) { | |
2176 // Tests that URLS which doesn't belong to the SOCIAL_ENGINEERING_ADS threat | |
2177 // type aren't seen by the Subresource Filter. | |
2178 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | |
2179 scoped_feature_toggle( | |
2180 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | |
2181 subresource_filter::kActivationLevelEnabled, | |
2182 subresource_filter::kActivationScopeNoSites, | |
2183 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | |
2184 | |
2185 GURL bad_url = embedded_test_server()->base_url().Resolve(kMalwarePage); | |
2186 MarkUrlForMalwareUnexpired(bad_url); | |
2187 | |
2188 WebContents* main_contents = | |
2189 browser()->tab_strip_model()->GetActiveWebContents(); | |
2190 | |
2191 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(bad_url))) | |
2192 .Times(1); | |
2193 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | |
2194 ui_test_utils::NavigateToURL(browser(), bad_url); | |
2195 testing::Mock::VerifyAndClearExpectations(driver()); | |
2196 ASSERT_TRUE(got_hit_report()); | |
2197 | |
2198 content::WaitForInterstitialAttach(main_contents); | |
2199 EXPECT_TRUE(ShowingInterstitialPage()); | |
2200 testing::Mock::VerifyAndClearExpectations(driver()); | |
2201 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | |
2202 InterstitialPage* interstitial_page = main_contents->GetInterstitialPage(); | |
2203 ASSERT_TRUE(interstitial_page); | |
2204 interstitial_page->Proceed(); | |
2205 content::WaitForInterstitialDetach(main_contents); | |
2206 EXPECT_FALSE(ShowingInterstitialPage()); | |
2207 testing::Mock::VerifyAndClearExpectations(driver()); | |
2208 } | |
2209 | |
2210 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, | |
2211 SubResourceHitWithMainFrameReferrer) { | 2170 SubResourceHitWithMainFrameReferrer) { |
2212 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); | 2171 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); |
2213 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); | 2172 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); |
2214 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); | 2173 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); |
2215 | 2174 |
2216 MarkUrlForMalwareUnexpired(bad_url); | 2175 MarkUrlForMalwareUnexpired(bad_url); |
2217 | 2176 |
2218 // Navigate to first, safe page. | 2177 // Navigate to first, safe page. |
2219 ui_test_utils::NavigateToURL(browser(), first_url); | 2178 ui_test_utils::NavigateToURL(browser(), first_url); |
2220 EXPECT_FALSE(ShowingInterstitialPage()); | 2179 EXPECT_FALSE(ShowingInterstitialPage()); |
(...skipping 436 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2657 } | 2616 } |
2658 | 2617 |
2659 INSTANTIATE_TEST_CASE_P( | 2618 INSTANTIATE_TEST_CASE_P( |
2660 MaybeSetMetadata, | 2619 MaybeSetMetadata, |
2661 V4SafeBrowsingServiceMetadataTest, | 2620 V4SafeBrowsingServiceMetadataTest, |
2662 testing::Values(ThreatPatternType::NONE, | 2621 testing::Values(ThreatPatternType::NONE, |
2663 ThreatPatternType::MALWARE_LANDING, | 2622 ThreatPatternType::MALWARE_LANDING, |
2664 ThreatPatternType::MALWARE_DISTRIBUTION)); | 2623 ThreatPatternType::MALWARE_DISTRIBUTION)); |
2665 | 2624 |
2666 } // namespace safe_browsing | 2625 } // namespace safe_browsing |
OLD | NEW |