Chromium Code Reviews Chromium Code Reviews
Issue 2691073003:
Add javatests for the WebView SafeBrowsing feature (Closed)
| Index: android_webview/javatests/src/org/chromium/android_webview/test/SafeBrowsingTest.java |
| diff --git a/android_webview/javatests/src/org/chromium/android_webview/test/SafeBrowsingTest.java b/android_webview/javatests/src/org/chromium/android_webview/test/SafeBrowsingTest.java |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..5899e55cac0d3598067d1a426845f1f927ac7d51 |
| --- /dev/null |
| +++ b/android_webview/javatests/src/org/chromium/android_webview/test/SafeBrowsingTest.java |
| @@ -0,0 +1,177 @@ |
| +// Copyright 2017 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +package org.chromium.android_webview.test; |
| + |
| +import android.content.Context; |
| +import android.content.SharedPreferences; |
| +import android.graphics.Bitmap; |
| +import android.graphics.Color; |
| +import android.support.test.filters.LargeTest; |
| + |
| +import org.chromium.android_webview.AwBrowserContext; |
| +import org.chromium.android_webview.AwContents; |
| +import org.chromium.android_webview.test.util.GraphicsTestUtils; |
| +import org.chromium.base.test.util.Feature; |
| +import org.chromium.base.test.util.InMemorySharedPreferences; |
| +import org.chromium.components.safe_browsing.SafeBrowsingApiBridge; |
| +import org.chromium.components.safe_browsing.SafeBrowsingApiHandler; |
| +import org.chromium.net.test.EmbeddedTestServer; |
| + |
| +import java.util.concurrent.Callable; |
| + |
| +/** |
| + * Test suite for SafeBrowsing. |
| + * |
| + * Ensures that interstitials can be successfully created for malicous pages. |
| + */ |
| +public class SafeBrowsingTest extends AwTestBase { |
| + private TestAwContentsClient mContentsClient; |
| + private AwTestContainerView mContainerView; |
| + private AwContents mAwContents; |
| + |
| + private EmbeddedTestServer mTestServer; |
| + |
| + // These colors correspond to the body.background attribute in GREEN_HTML_PATH, SAFE_HTML_PATH, |
| + // MALWARE_HTML_PATH, and IFRAME_HTML_PATH. They should only be changed if those values are |
| + // changed as well |
| + private static final int COLOR_GREEN = Color.rgb(0, 255, 0); |
| + private static final int COLOR_BLUE = Color.rgb(0, 0, 255); |
| + private static final int COLOR_BLACK = Color.rgb(0, 0, 0); |
| + |
| + private static final String RESOURCE_PATH = "/android_webview/test/data"; |
| + |
| + // A blank green page |
| + private static final String GREEN_HTML_PATH = RESOURCE_PATH + "/green.html"; |
| + |
| + // Two blank blue pages, one which we treat as a malicious page |
| + private static final String SAFE_HTML_PATH = RESOURCE_PATH + "/safe.html"; |
| + private static final String MALWARE_HTML_PATH = RESOURCE_PATH + "/malware.html"; |
| + |
| + // A black page with an iframe to MALWARE_HTML_PATH |
| + private static final String IFRAME_HTML_PATH = RESOURCE_PATH + "/iframe.html"; |
| + |
| + /** |
| + * A fake SafeBrowsingApiHandler which treats URLs ending in MALWARE_HTML_PATH as malicious URLs |
| + * that should be blocked. |
| + */ |
| + public static class MockSafeBrowsingApiHandler implements SafeBrowsingApiHandler { |
| + private Observer mObserver; |
| + private static final String SAFE_METADATA = "{}"; |
| + private static final String MALWARE_METADATA = "{\"matches\":[{\"threat_type\":\"5\"}]}"; |
| + |
| + @Override |
| + public boolean init(Context context, Observer result) { |
| + mObserver = result; |
| + return true; |
| + } |
| + |
| + @Override |
| + public void startUriLookup(long callbackId, String uri, int[] threatsOfInterest) { |
| + int resultStatus = STATUS_SUCCESS; |
| + String metadata = isMaliciousUrl(uri) ? MALWARE_METADATA : SAFE_METADATA; |
| + |
| + mObserver.onUrlCheckDone(callbackId, resultStatus, metadata); |
| + } |
| + |
| + private static boolean isMaliciousUrl(String uri) { |
| + return uri.endsWith(MALWARE_HTML_PATH); |
| + } |
| + } |
| + |
| + /** |
| + * A fake AwBrowserContext which loads the MockSafeBrowsingApiHandler instead of the real one. |
| + */ |
| + private static class MockAwBrowserContext extends AwBrowserContext { |
| + public MockAwBrowserContext( |
| + SharedPreferences sharedPreferences, Context applicationContext) { |
| + super(sharedPreferences, applicationContext); |
| + SafeBrowsingApiBridge.setSafeBrowsingHandlerType(MockSafeBrowsingApiHandler.class); |
| + } |
| + } |
| + |
| + @Override |
| + public void setUp() throws Exception { |
| + super.setUp(); |
| + mContentsClient = new TestAwContentsClient(); |
| + mContainerView = createAwTestContainerViewOnMainSync(mContentsClient); |
| + mAwContents = mContainerView.getAwContents(); |
| + |
| + mTestServer = EmbeddedTestServer.createAndStartServer(getInstrumentation().getContext()); |
| + } |
| + |
| + @Override |
| + public void tearDown() throws Exception { |
| + mTestServer.stopAndDestroyServer(); |
| + super.tearDown(); |
| + } |
| + |
| + /** |
| + * Creates a special BrowserContext that has a safebrowsing api handler which always says |
| + * sites are malicious |
| + */ |
| + @Override |
| + protected AwBrowserContext createAwBrowserContextOnUiThread( |
| + InMemorySharedPreferences prefs, Context appContext) { |
| + return new MockAwBrowserContext(prefs, appContext); |
| + } |
| + |
| + private int getPageColor() { |
| + Bitmap bitmap = GraphicsTestUtils.drawAwContentsOnUiThread( |
| + mAwContents, mContainerView.getWidth(), mContainerView.getHeight()); |
| + return bitmap.getPixel(0, 0); |
| + } |
| + |
| + private void loadGreenPage() throws Exception { |
| + loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), |
| + mTestServer.getURL(GREEN_HTML_PATH)); |
| + } |
| + |
| + private void waitForPageToNotBeColor(final int col) throws Exception { |
| + pollUiThread(new Callable<Boolean>() { |
| + @Override |
| + public Boolean call() { |
| + return getPageColor() != col; |
| + } |
| + }); |
| + } |
| + |
| + @LargeTest |
| + @Feature({"AndroidWebView"}) |
| + public void testSafeBrowsingDoesNotBlockSafePages() throws Throwable { |
| + loadGreenPage(); |
| + final String responseUrl = mTestServer.getURL(SAFE_HTML_PATH); |
| + loadUrlAsync(mAwContents, responseUrl); |
| + waitForPixelColorAtCenterOfView(mAwContents, mContainerView, COLOR_BLUE); |
| + assertEquals("Target page should be visible", COLOR_BLUE, getPageColor()); |
| + } |
| + |
| + @LargeTest |
| + @Feature({"AndroidWebView"}) |
| + public void testSafeBrowsingShowsInterstitialForMalware() throws Throwable { |
| + loadGreenPage(); |
| + final String responseUrl = mTestServer.getURL(MALWARE_HTML_PATH); |
| + loadUrlAsync(mAwContents, responseUrl); |
| + waitForPageToNotBeColor(COLOR_GREEN); |
| + assertFalse("Original page should not be showing", COLOR_GREEN == getPageColor()); |
| + assertFalse("Target page should not be visible", COLOR_BLUE == getPageColor()); |
| + // Assume that we can render the interstitial, since we see neither the original page nor |
| + // the target page |
| + } |
| + |
| + @LargeTest |
| + @Feature({"AndroidWebView"}) |
| + public void testSafeBrowsingMaliciousSubresourceShowsInterstitial() throws Throwable { |
| + loadGreenPage(); |
| + final String responseUrl = mTestServer.getURL(IFRAME_HTML_PATH); |
| + loadUrlAsync(mAwContents, responseUrl); |
| + waitForPageToNotBeColor(COLOR_GREEN); |
| + waitForPageToNotBeColor(COLOR_BLACK); |
|
Nate Fischer
2017/02/15 22:53:20
It's necessary to wait for both colors to disappea
Nate Fischer
2017/02/15 23:35:21
Ignore this comment. It's from a previous patchset
|
| + assertFalse("Original page should not be showing", COLOR_GREEN == getPageColor()); |
| + assertFalse("Target page should not be visible", COLOR_BLACK == getPageColor()); |
| + assertFalse("The iframe should not be visible", COLOR_BLUE == getPageColor()); |
| + // Assume that we can render the interstitial, since we see neither the original page nor |
| + // the target page |
| + } |
| +} |
