| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stdint.h> | 5 #include <stdint.h> |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/macros.h" | 10 #include "base/macros.h" |
| (...skipping 522 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 533 pb_element->set_resource_id(2); | 533 pb_element->set_resource_id(2); |
| 534 pb_element->add_attribute()->set_name("SRC"); | 534 pb_element->add_attribute()->set_name("SRC"); |
| 535 pb_element->mutable_attribute(0)->set_value(kDOMChildURL); | 535 pb_element->mutable_attribute(0)->set_value(kDOMChildURL); |
| 536 | 536 |
| 537 VerifyResults(actual, expected); | 537 VerifyResults(actual, expected); |
| 538 } | 538 } |
| 539 | 539 |
| 540 // Tests creating a threat report when receiving data from multiple renderers. | 540 // Tests creating a threat report when receiving data from multiple renderers. |
| 541 // We use three layers in this test: | 541 // We use three layers in this test: |
| 542 // kDOMParentURL | 542 // kDOMParentURL |
| 543 // \- <iframe src=kDOMChildURL> | 543 // \- <div id=outer> |
| 544 // \- <script src=kDOMChildURL2> | 544 // \- <iframe src=kDOMChildURL> |
| 545 // \- <div id=inner/> - div and script are at the same level. |
| 546 // \- <script src=kDOMChildURL2> |
| 545 TEST_F(ThreatDetailsTest, ThreatDOMDetails_MultipleFrames) { | 547 TEST_F(ThreatDetailsTest, ThreatDOMDetails_MultipleFrames) { |
| 546 // Define two sets of DOM nodes - one for an outer page containing an iframe, | 548 // Define two sets of DOM nodes - one for an outer page containing an iframe, |
| 547 // and then another for the inner page containing the contents of that iframe. | 549 // and then another for the inner page containing the contents of that iframe. |
| 548 std::vector<SafeBrowsingHostMsg_ThreatDOMDetails_Node> outer_params; | 550 std::vector<SafeBrowsingHostMsg_ThreatDOMDetails_Node> outer_params; |
| 549 SafeBrowsingHostMsg_ThreatDOMDetails_Node outer_child_node; | 551 SafeBrowsingHostMsg_ThreatDOMDetails_Node outer_child_div; |
| 550 outer_child_node.url = GURL(kDOMChildURL); | 552 outer_child_div.node_id = 1; |
| 551 outer_child_node.tag_name = "iframe"; | 553 outer_child_div.child_node_ids.push_back(2); |
| 552 outer_child_node.parent = GURL(kDOMParentURL); | 554 outer_child_div.tag_name = "div"; |
| 553 outer_params.push_back(outer_child_node); | 555 outer_child_div.parent = GURL(kDOMParentURL); |
| 556 outer_params.push_back(outer_child_div); |
| 557 |
| 558 SafeBrowsingHostMsg_ThreatDOMDetails_Node outer_child_iframe; |
| 559 outer_child_iframe.node_id = 2; |
| 560 outer_child_iframe.parent_node_id = 1; |
| 561 outer_child_iframe.url = GURL(kDOMChildURL); |
| 562 outer_child_iframe.tag_name = "iframe"; |
| 563 outer_child_iframe.parent = GURL(kDOMParentURL); |
| 564 outer_params.push_back(outer_child_iframe); |
| 565 |
| 554 SafeBrowsingHostMsg_ThreatDOMDetails_Node outer_summary_node; | 566 SafeBrowsingHostMsg_ThreatDOMDetails_Node outer_summary_node; |
| 555 outer_summary_node.url = GURL(kDOMParentURL); | 567 outer_summary_node.url = GURL(kDOMParentURL); |
| 556 outer_summary_node.children.push_back(GURL(kDOMChildURL)); | 568 outer_summary_node.children.push_back(GURL(kDOMChildURL)); |
| 557 outer_params.push_back(outer_summary_node); | 569 outer_params.push_back(outer_summary_node); |
| 558 | 570 |
| 559 // Now define some more nodes for the body of the iframe. | 571 // Now define some more nodes for the body of the iframe. |
| 560 std::vector<SafeBrowsingHostMsg_ThreatDOMDetails_Node> inner_params; | 572 std::vector<SafeBrowsingHostMsg_ThreatDOMDetails_Node> inner_params; |
| 561 SafeBrowsingHostMsg_ThreatDOMDetails_Node inner_child_node; | 573 SafeBrowsingHostMsg_ThreatDOMDetails_Node inner_child_div; |
| 562 inner_child_node.url = GURL(kDOMChildUrl2); | 574 inner_child_div.node_id = 1; |
| 563 inner_child_node.tag_name = "script"; | 575 inner_child_div.tag_name = "div"; |
| 564 inner_child_node.parent = GURL(kDOMChildURL); | 576 inner_child_div.parent = GURL(kDOMChildURL); |
| 565 inner_params.push_back(inner_child_node); | 577 inner_params.push_back(inner_child_div); |
| 578 |
| 579 SafeBrowsingHostMsg_ThreatDOMDetails_Node inner_child_script; |
| 580 inner_child_script.node_id = 2; |
| 581 inner_child_script.url = GURL(kDOMChildUrl2); |
| 582 inner_child_script.tag_name = "script"; |
| 583 inner_child_script.parent = GURL(kDOMChildURL); |
| 584 inner_params.push_back(inner_child_script); |
| 585 |
| 566 SafeBrowsingHostMsg_ThreatDOMDetails_Node inner_summary_node; | 586 SafeBrowsingHostMsg_ThreatDOMDetails_Node inner_summary_node; |
| 567 inner_summary_node.url = GURL(kDOMChildURL); | 587 inner_summary_node.url = GURL(kDOMChildURL); |
| 568 inner_summary_node.children.push_back(GURL(kDOMChildUrl2)); | 588 inner_summary_node.children.push_back(GURL(kDOMChildUrl2)); |
| 569 inner_params.push_back(inner_summary_node); | 589 inner_params.push_back(inner_summary_node); |
| 570 | 590 |
| 571 ClientSafeBrowsingReportRequest expected; | 591 ClientSafeBrowsingReportRequest expected; |
| 572 expected.set_type(ClientSafeBrowsingReportRequest::URL_UNWANTED); | 592 expected.set_type(ClientSafeBrowsingReportRequest::URL_UNWANTED); |
| 573 expected.set_url(kThreatURL); | 593 expected.set_url(kThreatURL); |
| 574 expected.set_page_url(kLandingURL); | 594 expected.set_page_url(kLandingURL); |
| 575 expected.set_referrer_url(""); | 595 expected.set_referrer_url(""); |
| (...skipping 23 matching lines...) Expand all Loading... |
| 599 res_dom_parent->add_child_ids(2); | 619 res_dom_parent->add_child_ids(2); |
| 600 | 620 |
| 601 ClientSafeBrowsingReportRequest::Resource* res_dom_child2 = | 621 ClientSafeBrowsingReportRequest::Resource* res_dom_child2 = |
| 602 expected.add_resources(); | 622 expected.add_resources(); |
| 603 res_dom_child2->set_id(4); | 623 res_dom_child2->set_id(4); |
| 604 res_dom_child2->set_url(kDOMChildUrl2); | 624 res_dom_child2->set_url(kDOMChildUrl2); |
| 605 res_dom_child2->set_parent_id(2); | 625 res_dom_child2->set_parent_id(2); |
| 606 | 626 |
| 607 expected.set_complete(false); // Since the cache was missing. | 627 expected.set_complete(false); // Since the cache was missing. |
| 608 | 628 |
| 609 HTMLElement* elem_dom_child = expected.add_dom(); | 629 HTMLElement* elem_dom_outer_div = expected.add_dom(); |
| 610 elem_dom_child->set_id(0); | 630 elem_dom_outer_div->set_id(0); |
| 611 elem_dom_child->set_tag("IFRAME"); | 631 elem_dom_outer_div->set_tag("DIV"); |
| 612 elem_dom_child->set_resource_id(res_dom_child->id()); | 632 elem_dom_outer_div->add_child_ids(1); |
| 613 elem_dom_child->add_attribute()->set_name("SRC"); | |
| 614 elem_dom_child->mutable_attribute(0)->set_value(kDOMChildURL); | |
| 615 elem_dom_child->add_child_ids(1); | |
| 616 | 633 |
| 617 HTMLElement* elem_dom_child2 = expected.add_dom(); | 634 HTMLElement* elem_dom_outer_iframe = expected.add_dom(); |
| 618 elem_dom_child2->set_id(1); | 635 elem_dom_outer_iframe->set_id(1); |
| 619 elem_dom_child2->set_tag("SCRIPT"); | 636 elem_dom_outer_iframe->set_tag("IFRAME"); |
| 620 elem_dom_child2->set_resource_id(res_dom_child2->id()); | 637 elem_dom_outer_iframe->set_resource_id(res_dom_child->id()); |
| 621 elem_dom_child2->add_attribute()->set_name("SRC"); | 638 elem_dom_outer_iframe->add_attribute()->set_name("SRC"); |
| 622 elem_dom_child2->mutable_attribute(0)->set_value(kDOMChildUrl2); | 639 elem_dom_outer_iframe->mutable_attribute(0)->set_value(kDOMChildURL); |
| 640 elem_dom_outer_iframe->add_child_ids(2); |
| 641 elem_dom_outer_iframe->add_child_ids(3); |
| 642 |
| 643 HTMLElement* elem_dom_inner_div = expected.add_dom(); |
| 644 elem_dom_inner_div->set_id(2); |
| 645 elem_dom_inner_div->set_tag("DIV"); |
| 646 |
| 647 HTMLElement* elem_dom_inner_script = expected.add_dom(); |
| 648 elem_dom_inner_script->set_id(3); |
| 649 elem_dom_inner_script->set_tag("SCRIPT"); |
| 650 elem_dom_inner_script->set_resource_id(res_dom_child2->id()); |
| 651 elem_dom_inner_script->add_attribute()->set_name("SRC"); |
| 652 elem_dom_inner_script->mutable_attribute(0)->set_value(kDOMChildUrl2); |
| 623 | 653 |
| 624 content::WebContentsTester::For(web_contents()) | 654 content::WebContentsTester::For(web_contents()) |
| 625 ->NavigateAndCommit(GURL(kLandingURL)); | 655 ->NavigateAndCommit(GURL(kLandingURL)); |
| 626 | 656 |
| 627 UnsafeResource resource; | 657 UnsafeResource resource; |
| 628 InitResource(&resource, SB_THREAT_TYPE_URL_UNWANTED, | 658 InitResource(&resource, SB_THREAT_TYPE_URL_UNWANTED, |
| 629 true /* is_subresource */, GURL(kThreatURL)); | 659 true /* is_subresource */, GURL(kThreatURL)); |
| 630 | 660 |
| 631 // Send both sets of nodes, from different render frames. | 661 // Send both sets of nodes, from different render frames. |
| 632 { | 662 { |
| 633 scoped_refptr<ThreatDetailsWrap> report = new ThreatDetailsWrap( | 663 scoped_refptr<ThreatDetailsWrap> report = new ThreatDetailsWrap( |
| 634 ui_manager_.get(), web_contents(), resource, NULL); | 664 ui_manager_.get(), web_contents(), resource, NULL); |
| 635 | 665 |
| 636 // We call AddDOMDetails directly so we can specify different render frame | 666 // We call AddDOMDetails directly so we can specify different render frame |
| 637 // IDs. | 667 // IDs. |
| 638 report->AddDOMDetails(100, GURL(kDOMParentURL), outer_params); | 668 report->AddDOMDetails(100, GURL(kDOMParentURL), outer_params); |
| 639 report->AddDOMDetails(200, GURL(kDOMChildURL), inner_params); | 669 report->AddDOMDetails(200, GURL(kDOMChildURL), inner_params); |
| 640 std::string serialized = WaitForSerializedReport( | 670 std::string serialized = WaitForSerializedReport( |
| 641 report.get(), false /* did_proceed*/, 0 /* num_visit */); | 671 report.get(), false /* did_proceed*/, 0 /* num_visit */); |
| 642 ClientSafeBrowsingReportRequest actual; | 672 ClientSafeBrowsingReportRequest actual; |
| 643 actual.ParseFromString(serialized); | 673 actual.ParseFromString(serialized); |
| 644 VerifyResults(actual, expected); | 674 VerifyResults(actual, expected); |
| 645 } | 675 } |
| 646 | 676 |
| 647 // Try again but with the messages coming in a different order. The IDs change | 677 // Try again but with the messages coming in a different order. The IDs change |
| 648 // slightly, but everything else remains the same. | 678 // slightly, but everything else remains the same. |
| 649 { | 679 { |
| 650 // Adjust the expected IDs: the inner params come first, so DomChild2 and | 680 // Adjust the expected IDs: the inner params come first, so InnerScript and |
| 651 // DomChild appear before DomParent | 681 // appear before DomParent |
| 652 res_dom_child2->set_id(2); | 682 res_dom_child2->set_id(2); |
| 653 res_dom_child2->set_parent_id(3); | 683 res_dom_child2->set_parent_id(3); |
| 654 res_dom_child->set_id(3); | 684 res_dom_child->set_id(3); |
| 655 res_dom_child->set_parent_id(4); | 685 res_dom_child->set_parent_id(4); |
| 656 res_dom_child->clear_child_ids(); | 686 res_dom_child->clear_child_ids(); |
| 657 res_dom_child->add_child_ids(2); | 687 res_dom_child->add_child_ids(2); |
| 658 res_dom_parent->set_id(4); | 688 res_dom_parent->set_id(4); |
| 659 res_dom_parent->clear_child_ids(); | 689 res_dom_parent->clear_child_ids(); |
| 660 res_dom_parent->add_child_ids(3); | 690 res_dom_parent->add_child_ids(3); |
| 661 | 691 |
| 662 // Also adjust the elements - they change order since DomChild2 comes in | 692 // Also adjust the elements - they change order since InnerDiv and |
| 663 // first. | 693 // InnerScript come in first. |
| 664 elem_dom_child2->set_id(0); | 694 elem_dom_inner_div->set_id(0); |
| 665 elem_dom_child2->set_resource_id(res_dom_child2->id()); | 695 elem_dom_inner_script->set_id(1); |
| 666 elem_dom_child->set_id(1); | 696 elem_dom_inner_script->set_resource_id(res_dom_child2->id()); |
| 667 elem_dom_child->set_resource_id(res_dom_child->id()); | 697 |
| 668 elem_dom_child->clear_child_ids(); | 698 elem_dom_outer_div->set_id(2); |
| 669 elem_dom_child->add_child_ids(0); | 699 elem_dom_outer_div->clear_child_ids(); |
| 700 elem_dom_outer_div->add_child_ids(3); |
| 701 elem_dom_outer_iframe->set_id(3); |
| 702 elem_dom_outer_iframe->set_resource_id(res_dom_child->id()); |
| 703 elem_dom_outer_iframe->clear_child_ids(); |
| 704 elem_dom_outer_iframe->add_child_ids(0); |
| 705 elem_dom_outer_iframe->add_child_ids(1); |
| 670 | 706 |
| 671 scoped_refptr<ThreatDetailsWrap> report = new ThreatDetailsWrap( | 707 scoped_refptr<ThreatDetailsWrap> report = new ThreatDetailsWrap( |
| 672 ui_manager_.get(), web_contents(), resource, NULL); | 708 ui_manager_.get(), web_contents(), resource, NULL); |
| 673 | 709 |
| 674 // We call AddDOMDetails directly so we can specify different render frame | 710 // We call AddDOMDetails directly so we can specify different render frame |
| 675 // IDs. | 711 // IDs. |
| 676 report->AddDOMDetails(200, GURL(kDOMChildURL), inner_params); | 712 report->AddDOMDetails(200, GURL(kDOMChildURL), inner_params); |
| 677 report->AddDOMDetails(100, GURL(kDOMParentURL), outer_params); | 713 report->AddDOMDetails(100, GURL(kDOMParentURL), outer_params); |
| 678 std::string serialized = WaitForSerializedReport( | 714 std::string serialized = WaitForSerializedReport( |
| 679 report.get(), false /* did_proceed*/, 0 /* num_visit */); | 715 report.get(), false /* did_proceed*/, 0 /* num_visit */); |
| (...skipping 593 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1273 pb_resource->set_parent_id(3); | 1309 pb_resource->set_parent_id(3); |
| 1274 pb_resource->set_url(kSecondRedirectURL); | 1310 pb_resource->set_url(kSecondRedirectURL); |
| 1275 pb_resource = expected.add_resources(); | 1311 pb_resource = expected.add_resources(); |
| 1276 pb_resource->set_id(3); | 1312 pb_resource->set_id(3); |
| 1277 pb_resource->set_url(kFirstRedirectURL); | 1313 pb_resource->set_url(kFirstRedirectURL); |
| 1278 | 1314 |
| 1279 VerifyResults(actual, expected); | 1315 VerifyResults(actual, expected); |
| 1280 } | 1316 } |
| 1281 | 1317 |
| 1282 } // namespace safe_browsing | 1318 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2713233002:
Update ThreatDOMDetails to be able to collect non-resource HTML Elements based on their attributes. (Closed)
