OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // This test creates a safebrowsing service using test safebrowsing database | 5 // This test creates a safebrowsing service using test safebrowsing database |
6 // and a test protocol manager. It is used to test logics in safebrowsing | 6 // and a test protocol manager. It is used to test logics in safebrowsing |
7 // service. | 7 // service. |
8 | 8 |
9 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 9 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
10 | 10 |
(...skipping 21 matching lines...) Expand all Loading... |
32 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 32 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
33 #include "chrome/browser/prerender/prerender_manager.h" | 33 #include "chrome/browser/prerender/prerender_manager.h" |
34 #include "chrome/browser/profiles/profile.h" | 34 #include "chrome/browser/profiles/profile.h" |
35 #include "chrome/browser/profiles/profile_manager.h" | 35 #include "chrome/browser/profiles/profile_manager.h" |
36 #include "chrome/browser/safe_browsing/client_side_detection_service.h" | 36 #include "chrome/browser/safe_browsing/client_side_detection_service.h" |
37 #include "chrome/browser/safe_browsing/local_database_manager.h" | 37 #include "chrome/browser/safe_browsing/local_database_manager.h" |
38 #include "chrome/browser/safe_browsing/protocol_manager.h" | 38 #include "chrome/browser/safe_browsing/protocol_manager.h" |
39 #include "chrome/browser/safe_browsing/safe_browsing_database.h" | 39 #include "chrome/browser/safe_browsing/safe_browsing_database.h" |
40 #include "chrome/browser/safe_browsing/test_safe_browsing_service.h" | 40 #include "chrome/browser/safe_browsing/test_safe_browsing_service.h" |
41 #include "chrome/browser/safe_browsing/ui_manager.h" | 41 #include "chrome/browser/safe_browsing/ui_manager.h" |
| 42 #include "chrome/browser/subresource_filter/test_ruleset_publisher.h" |
42 #include "chrome/browser/ui/browser.h" | 43 #include "chrome/browser/ui/browser.h" |
43 #include "chrome/browser/ui/browser_navigator_params.h" | 44 #include "chrome/browser/ui/browser_navigator_params.h" |
44 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 45 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
45 #include "chrome/common/chrome_paths.h" | 46 #include "chrome/common/chrome_paths.h" |
46 #include "chrome/common/pref_names.h" | 47 #include "chrome/common/pref_names.h" |
47 #include "chrome/test/base/in_process_browser_test.h" | 48 #include "chrome/test/base/in_process_browser_test.h" |
48 #include "chrome/test/base/ui_test_utils.h" | 49 #include "chrome/test/base/ui_test_utils.h" |
49 #include "components/bookmarks/browser/startup_task_runner_service.h" | 50 #include "components/bookmarks/browser/startup_task_runner_service.h" |
50 #include "components/content_settings/core/browser/host_content_settings_map.h" | 51 #include "components/content_settings/core/browser/host_content_settings_map.h" |
51 #include "components/prefs/pref_service.h" | 52 #include "components/prefs/pref_service.h" |
52 #include "components/safe_browsing/common/safebrowsing_switches.h" | 53 #include "components/safe_browsing/common/safebrowsing_switches.h" |
53 #include "components/safe_browsing_db/database_manager.h" | 54 #include "components/safe_browsing_db/database_manager.h" |
54 #include "components/safe_browsing_db/metadata.pb.h" | 55 #include "components/safe_browsing_db/metadata.pb.h" |
55 #include "components/safe_browsing_db/test_database_manager.h" | 56 #include "components/safe_browsing_db/test_database_manager.h" |
56 #include "components/safe_browsing_db/util.h" | 57 #include "components/safe_browsing_db/util.h" |
57 #include "components/safe_browsing_db/v4_database.h" | 58 #include "components/safe_browsing_db/v4_database.h" |
58 #include "components/safe_browsing_db/v4_feature_list.h" | 59 #include "components/safe_browsing_db/v4_feature_list.h" |
59 #include "components/safe_browsing_db/v4_get_hash_protocol_manager.h" | 60 #include "components/safe_browsing_db/v4_get_hash_protocol_manager.h" |
60 #include "components/safe_browsing_db/v4_protocol_manager_util.h" | 61 #include "components/safe_browsing_db/v4_protocol_manager_util.h" |
61 #include "components/subresource_filter/content/browser/content_subresource_filt
er_driver.h" | |
62 #include "components/subresource_filter/content/browser/content_subresource_filt
er_driver_factory.h" | 62 #include "components/subresource_filter/content/browser/content_subresource_filt
er_driver_factory.h" |
63 #include "components/subresource_filter/core/browser/subresource_filter_features
.h" | 63 #include "components/subresource_filter/core/browser/subresource_filter_features
.h" |
64 #include "components/subresource_filter/core/browser/subresource_filter_features
_test_support.h" | 64 #include "components/subresource_filter/core/browser/subresource_filter_features
_test_support.h" |
| 65 #include "components/subresource_filter/core/common/test_ruleset_creator.h" |
65 #include "content/public/browser/interstitial_page.h" | 66 #include "content/public/browser/interstitial_page.h" |
66 #include "content/public/browser/navigation_entry.h" | 67 #include "content/public/browser/navigation_entry.h" |
67 #include "content/public/browser/render_frame_host.h" | 68 #include "content/public/browser/render_frame_host.h" |
68 #include "content/public/browser/web_contents.h" | 69 #include "content/public/browser/web_contents.h" |
| 70 #include "content/public/common/content_switches.h" |
69 #include "content/public/test/browser_test_utils.h" | 71 #include "content/public/test/browser_test_utils.h" |
70 #include "crypto/sha2.h" | 72 #include "crypto/sha2.h" |
71 #include "net/cookies/cookie_store.h" | 73 #include "net/cookies/cookie_store.h" |
72 #include "net/cookies/cookie_util.h" | 74 #include "net/cookies/cookie_util.h" |
73 #include "net/test/embedded_test_server/embedded_test_server.h" | 75 #include "net/test/embedded_test_server/embedded_test_server.h" |
74 #include "net/test/embedded_test_server/http_request.h" | 76 #include "net/test/embedded_test_server/http_request.h" |
75 #include "net/test/embedded_test_server/http_response.h" | 77 #include "net/test/embedded_test_server/http_response.h" |
76 #include "sql/connection.h" | 78 #include "sql/connection.h" |
77 #include "sql/statement.h" | 79 #include "sql/statement.h" |
78 #include "testing/gmock/include/gmock/gmock.h" | 80 #include "testing/gmock/include/gmock/gmock.h" |
(...skipping 24 matching lines...) Expand all Loading... |
103 const char kMaliciousResource[] = "/malware/script.js"; | 105 const char kMaliciousResource[] = "/malware/script.js"; |
104 const char kMalwareFile[] = "/downloads/dangerous/dangerous.exe"; | 106 const char kMalwareFile[] = "/downloads/dangerous/dangerous.exe"; |
105 const char kMalwarePage[] = "/safe_browsing/malware.html"; | 107 const char kMalwarePage[] = "/safe_browsing/malware.html"; |
106 const char kMalwareDelayedLoadsPage[] = | 108 const char kMalwareDelayedLoadsPage[] = |
107 "/safe_browsing/malware_delayed_loads.html"; | 109 "/safe_browsing/malware_delayed_loads.html"; |
108 const char kMalwareIFrame[] = "/safe_browsing/malware_iframe.html"; | 110 const char kMalwareIFrame[] = "/safe_browsing/malware_iframe.html"; |
109 const char kMalwareImg[] = "/safe_browsing/malware_image.png"; | 111 const char kMalwareImg[] = "/safe_browsing/malware_image.png"; |
110 const char kNeverCompletesPath[] = "/never_completes"; | 112 const char kNeverCompletesPath[] = "/never_completes"; |
111 const char kPrefetchMalwarePage[] = "/safe_browsing/prefetch_malware.html"; | 113 const char kPrefetchMalwarePage[] = "/safe_browsing/prefetch_malware.html"; |
112 | 114 |
113 class MockSubresourceFilterDriver | |
114 : public subresource_filter::ContentSubresourceFilterDriver { | |
115 public: | |
116 explicit MockSubresourceFilterDriver( | |
117 content::RenderFrameHost* render_frame_host) | |
118 : subresource_filter::ContentSubresourceFilterDriver(render_frame_host) {} | |
119 | |
120 ~MockSubresourceFilterDriver() override = default; | |
121 | |
122 MOCK_METHOD2(ActivateForNextCommittedLoad, | |
123 void(subresource_filter::ActivationLevel, bool)); | |
124 | |
125 private: | |
126 DISALLOW_COPY_AND_ASSIGN(MockSubresourceFilterDriver); | |
127 }; | |
128 | |
129 class NeverCompletingHttpResponse : public net::test_server::HttpResponse { | 115 class NeverCompletingHttpResponse : public net::test_server::HttpResponse { |
130 public: | 116 public: |
131 ~NeverCompletingHttpResponse() override {} | 117 ~NeverCompletingHttpResponse() override {} |
132 | 118 |
133 void SendResponse( | 119 void SendResponse( |
134 const net::test_server::SendBytesCallback& send, | 120 const net::test_server::SendBytesCallback& send, |
135 const net::test_server::SendCompleteCallback& done) override { | 121 const net::test_server::SendCompleteCallback& done) override { |
136 // Do nothing. |done| is never called. | 122 // Do nothing. |done| is never called. |
137 } | 123 } |
138 }; | 124 }; |
(...skipping 407 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
546 SafeBrowsingDatabase::RegisterFactory(nullptr); | 532 SafeBrowsingDatabase::RegisterFactory(nullptr); |
547 SafeBrowsingProtocolManager::RegisterFactory(nullptr); | 533 SafeBrowsingProtocolManager::RegisterFactory(nullptr); |
548 SafeBrowsingService::RegisterFactory(nullptr); | 534 SafeBrowsingService::RegisterFactory(nullptr); |
549 } | 535 } |
550 | 536 |
551 void SetUpCommandLine(base::CommandLine* command_line) override { | 537 void SetUpCommandLine(base::CommandLine* command_line) override { |
552 // Makes sure the auto update is not triggered during the test. | 538 // Makes sure the auto update is not triggered during the test. |
553 // This test will fill up the database using testing prefixes | 539 // This test will fill up the database using testing prefixes |
554 // and urls. | 540 // and urls. |
555 command_line->AppendSwitch(safe_browsing::switches::kSbDisableAutoUpdate); | 541 command_line->AppendSwitch(safe_browsing::switches::kSbDisableAutoUpdate); |
| 542 command_line->AppendSwitchASCII( |
| 543 ::switches::kEnableFeatures, |
| 544 subresource_filter::kSafeBrowsingSubresourceFilter.name); |
556 #if defined(OS_CHROMEOS) | 545 #if defined(OS_CHROMEOS) |
557 command_line->AppendSwitch( | 546 command_line->AppendSwitch( |
558 chromeos::switches::kIgnoreUserProfileMappingForTests); | 547 chromeos::switches::kIgnoreUserProfileMappingForTests); |
559 #endif | 548 #endif |
560 } | 549 } |
561 | 550 |
562 void SetUpOnMainThread() override { | 551 void SetUpOnMainThread() override { |
563 InProcessBrowserTest::SetUpOnMainThread(); | 552 InProcessBrowserTest::SetUpOnMainThread(); |
564 g_browser_process->safe_browsing_service()->ui_manager()->AddObserver( | 553 g_browser_process->safe_browsing_service()->ui_manager()->AddObserver( |
565 &observer_); | 554 &observer_); |
566 WebContents* contents = | |
567 browser()->tab_strip_model()->GetActiveWebContents(); | |
568 driver_ = new MockSubresourceFilterDriver(contents->GetMainFrame()); | |
569 factory()->SetDriverForFrameHostForTesting(contents->GetMainFrame(), | |
570 base::WrapUnique(driver())); | |
571 } | |
572 | |
573 subresource_filter::ContentSubresourceFilterDriverFactory* factory() { | |
574 WebContents* contents = | |
575 browser()->tab_strip_model()->GetActiveWebContents(); | |
576 return subresource_filter::ContentSubresourceFilterDriverFactory:: | |
577 FromWebContents(contents); | |
578 } | 555 } |
579 | 556 |
580 void TearDownOnMainThread() override { | 557 void TearDownOnMainThread() override { |
581 g_browser_process->safe_browsing_service()->ui_manager()->RemoveObserver( | 558 g_browser_process->safe_browsing_service()->ui_manager()->RemoveObserver( |
582 &observer_); | 559 &observer_); |
583 InProcessBrowserTest::TearDownOnMainThread(); | 560 InProcessBrowserTest::TearDownOnMainThread(); |
584 } | 561 } |
585 | 562 |
586 void SetUpInProcessBrowserTestFixture() override { | 563 void SetUpInProcessBrowserTestFixture() override { |
587 base::FilePath test_data_dir; | 564 base::FilePath test_data_dir; |
(...skipping 20 matching lines...) Expand all Loading... |
608 pm->AddGetFullHashResponse(full_hash); | 585 pm->AddGetFullHashResponse(full_hash); |
609 } | 586 } |
610 | 587 |
611 bool ShowingInterstitialPage() { | 588 bool ShowingInterstitialPage() { |
612 WebContents* contents = | 589 WebContents* contents = |
613 browser()->tab_strip_model()->GetActiveWebContents(); | 590 browser()->tab_strip_model()->GetActiveWebContents(); |
614 InterstitialPage* interstitial_page = contents->GetInterstitialPage(); | 591 InterstitialPage* interstitial_page = contents->GetInterstitialPage(); |
615 return interstitial_page != nullptr; | 592 return interstitial_page != nullptr; |
616 } | 593 } |
617 | 594 |
| 595 bool WasSubresourceFilterProbeScriptLoaded() { |
| 596 bool script_resource_was_loaded = false; |
| 597 WebContents* web_contents = |
| 598 browser()->tab_strip_model()->GetActiveWebContents(); |
| 599 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
| 600 web_contents->GetMainFrame(), |
| 601 "domAutomationController.send(!!document.scriptExecuted)", |
| 602 &script_resource_was_loaded)); |
| 603 return script_resource_was_loaded; |
| 604 } |
| 605 |
618 void IntroduceGetHashDelay(const base::TimeDelta& delay) { | 606 void IntroduceGetHashDelay(const base::TimeDelta& delay) { |
619 pm_factory_.GetProtocolManager()->IntroduceDelay(delay); | 607 pm_factory_.GetProtocolManager()->IntroduceDelay(delay); |
620 } | 608 } |
621 | 609 |
622 // TODO(nparker): Remove the need for this by wiring in our own | 610 // TODO(nparker): Remove the need for this by wiring in our own |
623 // SafeBrowsingDatabaseManager factory and keep a ptr to the subclass. | 611 // SafeBrowsingDatabaseManager factory and keep a ptr to the subclass. |
624 // Or add a Get/SetTimeout to sbdbmgr. | 612 // Or add a Get/SetTimeout to sbdbmgr. |
625 static LocalSafeBrowsingDatabaseManager* LocalDatabaseManagerForService( | 613 static LocalSafeBrowsingDatabaseManager* LocalDatabaseManagerForService( |
626 SafeBrowsingService* sb_service) { | 614 SafeBrowsingService* sb_service) { |
627 return static_cast<LocalSafeBrowsingDatabaseManager*>( | 615 return static_cast<LocalSafeBrowsingDatabaseManager*>( |
(...skipping 24 matching lines...) Expand all Loading... |
652 | 640 |
653 FakeSafeBrowsingUIManager* ui_manager() { | 641 FakeSafeBrowsingUIManager* ui_manager() { |
654 return static_cast<FakeSafeBrowsingUIManager*>( | 642 return static_cast<FakeSafeBrowsingUIManager*>( |
655 g_browser_process->safe_browsing_service()->ui_manager().get()); | 643 g_browser_process->safe_browsing_service()->ui_manager().get()); |
656 } | 644 } |
657 bool got_hit_report() { return ui_manager()->got_hit_report_; } | 645 bool got_hit_report() { return ui_manager()->got_hit_report_; } |
658 const safe_browsing::HitReport& hit_report() { | 646 const safe_browsing::HitReport& hit_report() { |
659 return ui_manager()->hit_report_; | 647 return ui_manager()->hit_report_; |
660 } | 648 } |
661 | 649 |
662 MockSubresourceFilterDriver* driver() { return driver_; } | |
663 | |
664 protected: | 650 protected: |
665 StrictMock<MockObserver> observer_; | 651 StrictMock<MockObserver> observer_; |
666 | 652 |
667 // Temporary profile dir for test cases that create a second profile. This is | 653 // Temporary profile dir for test cases that create a second profile. This is |
668 // owned by the SafeBrowsingServiceTest object so that it will not get | 654 // owned by the SafeBrowsingServiceTest object so that it will not get |
669 // destructed until after the test Browser has been torn down, since the | 655 // destructed until after the test Browser has been torn down, since the |
670 // ImportantFileWriter may still be modifying it after the Profile object has | 656 // ImportantFileWriter may still be modifying it after the Profile object has |
671 // been destroyed. | 657 // been destroyed. |
672 base::ScopedTempDir temp_profile_dir_; | 658 base::ScopedTempDir temp_profile_dir_; |
673 | 659 |
(...skipping 20 matching lines...) Expand all Loading... |
694 service, enabled, | 680 service, enabled, |
695 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO).get())); | 681 BrowserThread::GetTaskRunnerForThread(BrowserThread::IO).get())); |
696 ASSERT_TRUE(enabled_helper->Run()); | 682 ASSERT_TRUE(enabled_helper->Run()); |
697 } | 683 } |
698 | 684 |
699 protected: | 685 protected: |
700 std::unique_ptr<TestSafeBrowsingServiceFactory> sb_factory_; | 686 std::unique_ptr<TestSafeBrowsingServiceFactory> sb_factory_; |
701 TestSafeBrowsingDatabaseFactory db_factory_; | 687 TestSafeBrowsingDatabaseFactory db_factory_; |
702 TestSBProtocolManagerFactory pm_factory_; | 688 TestSBProtocolManagerFactory pm_factory_; |
703 | 689 |
704 // Owned by ContentSubresourceFilterFactory. | |
705 MockSubresourceFilterDriver* driver_; | |
706 | |
707 private: | 690 private: |
708 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingServiceTest); | 691 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingServiceTest); |
709 }; | 692 }; |
710 | 693 |
711 class SafeBrowsingServiceMetadataTest | 694 class SafeBrowsingServiceMetadataTest |
712 : public SafeBrowsingServiceTest, | 695 : public SafeBrowsingServiceTest, |
713 public ::testing::WithParamInterface<ThreatPatternType> { | 696 public ::testing::WithParamInterface<ThreatPatternType> { |
714 public: | 697 public: |
715 SafeBrowsingServiceMetadataTest() {} | 698 SafeBrowsingServiceMetadataTest() {} |
716 | 699 |
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
913 ui_test_utils::NavigateToURL(¶ms); | 896 ui_test_utils::NavigateToURL(¶ms); |
914 | 897 |
915 EXPECT_TRUE(ShowingInterstitialPage()); | 898 EXPECT_TRUE(ShowingInterstitialPage()); |
916 EXPECT_TRUE(got_hit_report()); | 899 EXPECT_TRUE(got_hit_report()); |
917 EXPECT_EQ(bad_url, hit_report().malicious_url); | 900 EXPECT_EQ(bad_url, hit_report().malicious_url); |
918 EXPECT_EQ(bad_url, hit_report().page_url); | 901 EXPECT_EQ(bad_url, hit_report().page_url); |
919 EXPECT_EQ(first_url, hit_report().referrer_url); | 902 EXPECT_EQ(first_url, hit_report().referrer_url); |
920 EXPECT_FALSE(hit_report().is_subresource); | 903 EXPECT_FALSE(hit_report().is_subresource); |
921 } | 904 } |
922 | 905 |
923 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, | 906 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, SubresourceFilterEndToEndTest) { |
924 SocEngReportingBlacklistNotEmpty) { | |
925 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | 907 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle |
926 scoped_feature_toggle( | 908 scoped_feature_toggle( |
927 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | 909 base::FeatureList::OVERRIDE_ENABLE_FEATURE, |
928 subresource_filter::kActivationLevelEnabled, | 910 subresource_filter::kActivationLevelEnabled, |
929 subresource_filter::kActivationScopeActivationList, | 911 subresource_filter::kActivationScopeActivationList, |
930 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | 912 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); |
931 // Tests that when Safe Browsing gets hit which is corresponding to the | |
932 // SOCIAL_ENGINEERING_ADS threat type, then URL is added to the Subresource | |
933 // Filter. | |
934 GURL bad_url = embedded_test_server()->GetURL(kMalwarePage); | |
935 | 913 |
| 914 subresource_filter::testing::TestRulesetCreator ruleset_creator; |
| 915 subresource_filter::testing::TestRulesetPair test_ruleset_pair; |
| 916 ruleset_creator.CreateRulesetToDisallowURLsWithPathSuffix( |
| 917 "included_script.js", &test_ruleset_pair); |
| 918 subresource_filter::testing::TestRulesetPublisher test_ruleset_publisher; |
| 919 ASSERT_NO_FATAL_FAILURE( |
| 920 test_ruleset_publisher.SetRuleset(test_ruleset_pair.unindexed)); |
| 921 |
| 922 GURL phishing_url = embedded_test_server()->GetURL( |
| 923 "/subresource_filter/frame_with_included_script.html"); |
936 SBFullHashResult malware_full_hash; | 924 SBFullHashResult malware_full_hash; |
937 GenUrlFullHashResultWithMetadata(bad_url, | 925 GenUrlFullHashResultWithMetadata(phishing_url, PHISH, |
938 PHISH, | |
939 ThreatPatternType::SOCIAL_ENGINEERING_ADS, | 926 ThreatPatternType::SOCIAL_ENGINEERING_ADS, |
940 &malware_full_hash); | 927 &malware_full_hash); |
941 SetupResponseForUrl(bad_url, malware_full_hash); | 928 SetupResponseForUrl(phishing_url, malware_full_hash); |
942 | 929 |
943 WebContents* main_contents = | 930 // Navigation to a phishing page should trigger an interstitial. If the user |
| 931 // clicks through it, the page load should proceed, but with subresource |
| 932 // filtering activated. This is verified by probing whether `included_script` |
| 933 // that is disallowed above indeed fails to load. |
| 934 WebContents* web_contents = |
944 browser()->tab_strip_model()->GetActiveWebContents(); | 935 browser()->tab_strip_model()->GetActiveWebContents(); |
| 936 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))); |
| 937 ui_test_utils::NavigateToURL(browser(), phishing_url); |
| 938 ASSERT_TRUE(Mock::VerifyAndClearExpectations(&observer_)); |
| 939 ASSERT_TRUE(got_hit_report()); |
| 940 content::WaitForInterstitialAttach(web_contents); |
| 941 ASSERT_TRUE(ShowingInterstitialPage()); |
945 | 942 |
946 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(bad_url))) | 943 content::WindowedNotificationObserver load_stop_observer( |
947 .Times(1); | 944 content::NOTIFICATION_LOAD_STOP, |
948 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | 945 content::Source<content::NavigationController>( |
949 ui_test_utils::NavigateToURL(browser(), bad_url); | 946 &web_contents->GetController())); |
950 Mock::VerifyAndClearExpectations(&observer_); | 947 InterstitialPage* interstitial_page = web_contents->GetInterstitialPage(); |
951 ASSERT_TRUE(got_hit_report()); | |
952 | |
953 content::WaitForInterstitialAttach(main_contents); | |
954 EXPECT_TRUE(ShowingInterstitialPage()); | |
955 testing::Mock::VerifyAndClearExpectations(driver()); | |
956 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(1); | |
957 InterstitialPage* interstitial_page = main_contents->GetInterstitialPage(); | |
958 ASSERT_TRUE(interstitial_page); | 948 ASSERT_TRUE(interstitial_page); |
959 interstitial_page->Proceed(); | 949 interstitial_page->Proceed(); |
960 content::WaitForInterstitialDetach(main_contents); | 950 load_stop_observer.Wait(); |
| 951 ASSERT_FALSE(ShowingInterstitialPage()); |
| 952 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); |
| 953 |
| 954 // Navigate to a page that loads the same script, but is not a phishing page. |
| 955 // The load should be allowed. |
| 956 GURL safe_url = embedded_test_server()->GetURL( |
| 957 "/subresource_filter/frame_with_allowed_script.html"); |
| 958 ui_test_utils::NavigateToURL(browser(), safe_url); |
961 EXPECT_FALSE(ShowingInterstitialPage()); | 959 EXPECT_FALSE(ShowingInterstitialPage()); |
962 testing::Mock::VerifyAndClearExpectations(driver()); | 960 EXPECT_TRUE(WasSubresourceFilterProbeScriptLoaded()); |
963 } | |
964 | 961 |
965 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, SocEngReportingBlacklistEmpty) { | 962 // Navigate to the phishing page again -- should be no interstitial shown, but |
966 // Tests that URLS which doesn't belong to the SOCIAL_ENGINEERING_ADS threat | 963 // subresource filtering should still be activated. |
967 // type aren't seen by the Subresource Filter. | 964 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))) |
968 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | 965 .Times(0); |
969 scoped_feature_toggle( | 966 ui_test_utils::NavigateToURL(browser(), phishing_url); |
970 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | |
971 subresource_filter::kActivationLevelEnabled, | |
972 subresource_filter::kActivationScopeNoSites, | |
973 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | |
974 | |
975 GURL bad_url = embedded_test_server()->base_url().Resolve(kMalwarePage); | |
976 | |
977 SBFullHashResult malware_full_hash; | |
978 GenUrlFullHashResult(bad_url, MALWARE, &malware_full_hash); | |
979 SetupResponseForUrl(bad_url, malware_full_hash); | |
980 | |
981 WebContents* main_contents = | |
982 browser()->tab_strip_model()->GetActiveWebContents(); | |
983 | |
984 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(bad_url))) | |
985 .Times(1); | |
986 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | |
987 ui_test_utils::NavigateToURL(browser(), bad_url); | |
988 testing::Mock::VerifyAndClearExpectations(driver()); | |
989 ASSERT_TRUE(got_hit_report()); | |
990 | |
991 content::WaitForInterstitialAttach(main_contents); | |
992 EXPECT_TRUE(ShowingInterstitialPage()); | |
993 testing::Mock::VerifyAndClearExpectations(driver()); | |
994 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | |
995 InterstitialPage* interstitial_page = main_contents->GetInterstitialPage(); | |
996 ASSERT_TRUE(interstitial_page); | |
997 interstitial_page->Proceed(); | |
998 content::WaitForInterstitialDetach(main_contents); | |
999 EXPECT_FALSE(ShowingInterstitialPage()); | 967 EXPECT_FALSE(ShowingInterstitialPage()); |
1000 testing::Mock::VerifyAndClearExpectations(driver()); | 968 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); |
1001 } | 969 } |
1002 | 970 |
1003 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, | 971 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, |
1004 SubResourceHitWithMainFrameReferrer) { | 972 SubResourceHitWithMainFrameReferrer) { |
1005 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); | 973 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); |
1006 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); | 974 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); |
1007 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); | 975 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); |
1008 | 976 |
1009 SBFullHashResult malware_full_hash; | 977 SBFullHashResult malware_full_hash; |
1010 GenUrlFullHashResult(bad_url, MALWARE, &malware_full_hash); | 978 GenUrlFullHashResult(bad_url, MALWARE, &malware_full_hash); |
(...skipping 1117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2128 | 2096 |
2129 EXPECT_TRUE(ShowingInterstitialPage()); | 2097 EXPECT_TRUE(ShowingInterstitialPage()); |
2130 EXPECT_TRUE(got_hit_report()); | 2098 EXPECT_TRUE(got_hit_report()); |
2131 EXPECT_EQ(bad_url, hit_report().malicious_url); | 2099 EXPECT_EQ(bad_url, hit_report().malicious_url); |
2132 EXPECT_EQ(bad_url, hit_report().page_url); | 2100 EXPECT_EQ(bad_url, hit_report().page_url); |
2133 EXPECT_EQ(first_url, hit_report().referrer_url); | 2101 EXPECT_EQ(first_url, hit_report().referrer_url); |
2134 EXPECT_FALSE(hit_report().is_subresource); | 2102 EXPECT_FALSE(hit_report().is_subresource); |
2135 } | 2103 } |
2136 | 2104 |
2137 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, | 2105 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, |
2138 SocEngReportingBlacklistNotEmpty) { | 2106 SubresourceFilterEndToEndTest) { |
2139 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | 2107 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle |
2140 scoped_feature_toggle( | 2108 scoped_feature_toggle( |
2141 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | 2109 base::FeatureList::OVERRIDE_ENABLE_FEATURE, |
2142 subresource_filter::kActivationLevelEnabled, | 2110 subresource_filter::kActivationLevelEnabled, |
2143 subresource_filter::kActivationScopeActivationList, | 2111 subresource_filter::kActivationScopeActivationList, |
2144 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | 2112 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); |
2145 // Tests that when Safe Browsing gets hit which is corresponding to the | 2113 |
2146 // SOCIAL_ENGINEERING_ADS threat type, then URL is added to the Subresource | 2114 subresource_filter::testing::TestRulesetCreator ruleset_creator; |
2147 // Filter. | 2115 subresource_filter::testing::TestRulesetPair test_ruleset_pair; |
2148 GURL bad_url = embedded_test_server()->GetURL(kMalwarePage); | 2116 ruleset_creator.CreateRulesetToDisallowURLsWithPathSuffix( |
2149 MarkUrlForPhishingUnexpired(bad_url, | 2117 "included_script.js", &test_ruleset_pair); |
| 2118 subresource_filter::testing::TestRulesetPublisher test_ruleset_publisher; |
| 2119 ASSERT_NO_FATAL_FAILURE( |
| 2120 test_ruleset_publisher.SetRuleset(test_ruleset_pair.unindexed)); |
| 2121 |
| 2122 GURL phishing_url = embedded_test_server()->GetURL( |
| 2123 "/subresource_filter/frame_with_included_script.html"); |
| 2124 MarkUrlForPhishingUnexpired(phishing_url, |
2150 ThreatPatternType::SOCIAL_ENGINEERING_ADS); | 2125 ThreatPatternType::SOCIAL_ENGINEERING_ADS); |
2151 | 2126 |
2152 WebContents* main_contents = | 2127 // Navigation to a phishing page should trigger an interstitial. If the user |
| 2128 // clicks through it, the page load should proceed, but with subresource |
| 2129 // filtering activated. This is verified by probing whether `included_script` |
| 2130 // that is disallowed above indeed fails to load. |
| 2131 WebContents* web_contents = |
2153 browser()->tab_strip_model()->GetActiveWebContents(); | 2132 browser()->tab_strip_model()->GetActiveWebContents(); |
| 2133 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))); |
| 2134 ui_test_utils::NavigateToURL(browser(), phishing_url); |
| 2135 ASSERT_TRUE(Mock::VerifyAndClearExpectations(&observer_)); |
| 2136 ASSERT_TRUE(got_hit_report()); |
| 2137 content::WaitForInterstitialAttach(web_contents); |
| 2138 ASSERT_TRUE(ShowingInterstitialPage()); |
2154 | 2139 |
2155 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(bad_url))) | 2140 content::WindowedNotificationObserver load_stop_observer( |
2156 .Times(1); | 2141 content::NOTIFICATION_LOAD_STOP, |
2157 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | 2142 content::Source<content::NavigationController>( |
2158 ui_test_utils::NavigateToURL(browser(), bad_url); | 2143 &web_contents->GetController())); |
2159 Mock::VerifyAndClearExpectations(&observer_); | 2144 InterstitialPage* interstitial_page = web_contents->GetInterstitialPage(); |
2160 ASSERT_TRUE(got_hit_report()); | |
2161 | |
2162 content::WaitForInterstitialAttach(main_contents); | |
2163 EXPECT_TRUE(ShowingInterstitialPage()); | |
2164 testing::Mock::VerifyAndClearExpectations(driver()); | |
2165 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(1); | |
2166 InterstitialPage* interstitial_page = main_contents->GetInterstitialPage(); | |
2167 ASSERT_TRUE(interstitial_page); | 2145 ASSERT_TRUE(interstitial_page); |
2168 interstitial_page->Proceed(); | 2146 interstitial_page->Proceed(); |
2169 content::WaitForInterstitialDetach(main_contents); | 2147 load_stop_observer.Wait(); |
| 2148 ASSERT_FALSE(ShowingInterstitialPage()); |
| 2149 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); |
| 2150 |
| 2151 // Navigate to a page that loads the same script, but is not a phishing page. |
| 2152 // The load should be allowed. |
| 2153 GURL safe_url = embedded_test_server()->GetURL( |
| 2154 "/subresource_filter/frame_with_allowed_script.html"); |
| 2155 ui_test_utils::NavigateToURL(browser(), safe_url); |
2170 EXPECT_FALSE(ShowingInterstitialPage()); | 2156 EXPECT_FALSE(ShowingInterstitialPage()); |
2171 testing::Mock::VerifyAndClearExpectations(driver()); | 2157 EXPECT_TRUE(WasSubresourceFilterProbeScriptLoaded()); |
| 2158 |
| 2159 // Navigate to the phishing page again -- should be no interstitial shown, but |
| 2160 // subresource filtering should still be activated. |
| 2161 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))) |
| 2162 .Times(0); |
| 2163 ui_test_utils::NavigateToURL(browser(), phishing_url); |
| 2164 EXPECT_FALSE(ShowingInterstitialPage()); |
| 2165 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); |
2172 } | 2166 } |
2173 | 2167 |
2174 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, | 2168 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, |
2175 SocEngReportingBlacklistEmpty) { | |
2176 // Tests that URLS which doesn't belong to the SOCIAL_ENGINEERING_ADS threat | |
2177 // type aren't seen by the Subresource Filter. | |
2178 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | |
2179 scoped_feature_toggle( | |
2180 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | |
2181 subresource_filter::kActivationLevelEnabled, | |
2182 subresource_filter::kActivationScopeNoSites, | |
2183 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | |
2184 | |
2185 GURL bad_url = embedded_test_server()->base_url().Resolve(kMalwarePage); | |
2186 MarkUrlForMalwareUnexpired(bad_url); | |
2187 | |
2188 WebContents* main_contents = | |
2189 browser()->tab_strip_model()->GetActiveWebContents(); | |
2190 | |
2191 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(bad_url))) | |
2192 .Times(1); | |
2193 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | |
2194 ui_test_utils::NavigateToURL(browser(), bad_url); | |
2195 testing::Mock::VerifyAndClearExpectations(driver()); | |
2196 ASSERT_TRUE(got_hit_report()); | |
2197 | |
2198 content::WaitForInterstitialAttach(main_contents); | |
2199 EXPECT_TRUE(ShowingInterstitialPage()); | |
2200 testing::Mock::VerifyAndClearExpectations(driver()); | |
2201 EXPECT_CALL(*driver(), ActivateForNextCommittedLoad(_, _)).Times(0); | |
2202 InterstitialPage* interstitial_page = main_contents->GetInterstitialPage(); | |
2203 ASSERT_TRUE(interstitial_page); | |
2204 interstitial_page->Proceed(); | |
2205 content::WaitForInterstitialDetach(main_contents); | |
2206 EXPECT_FALSE(ShowingInterstitialPage()); | |
2207 testing::Mock::VerifyAndClearExpectations(driver()); | |
2208 } | |
2209 | |
2210 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, | |
2211 SubResourceHitWithMainFrameReferrer) { | 2169 SubResourceHitWithMainFrameReferrer) { |
2212 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); | 2170 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); |
2213 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); | 2171 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); |
2214 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); | 2172 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); |
2215 | 2173 |
2216 MarkUrlForMalwareUnexpired(bad_url); | 2174 MarkUrlForMalwareUnexpired(bad_url); |
2217 | 2175 |
2218 // Navigate to first, safe page. | 2176 // Navigate to first, safe page. |
2219 ui_test_utils::NavigateToURL(browser(), first_url); | 2177 ui_test_utils::NavigateToURL(browser(), first_url); |
2220 EXPECT_FALSE(ShowingInterstitialPage()); | 2178 EXPECT_FALSE(ShowingInterstitialPage()); |
(...skipping 436 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2657 } | 2615 } |
2658 | 2616 |
2659 INSTANTIATE_TEST_CASE_P( | 2617 INSTANTIATE_TEST_CASE_P( |
2660 MaybeSetMetadata, | 2618 MaybeSetMetadata, |
2661 V4SafeBrowsingServiceMetadataTest, | 2619 V4SafeBrowsingServiceMetadataTest, |
2662 testing::Values(ThreatPatternType::NONE, | 2620 testing::Values(ThreatPatternType::NONE, |
2663 ThreatPatternType::MALWARE_LANDING, | 2621 ThreatPatternType::MALWARE_LANDING, |
2664 ThreatPatternType::MALWARE_DISTRIBUTION)); | 2622 ThreatPatternType::MALWARE_DISTRIBUTION)); |
2665 | 2623 |
2666 } // namespace safe_browsing | 2624 } // namespace safe_browsing |
OLD | NEW |