OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // This test creates a safebrowsing service using test safebrowsing database | 5 // This test creates a safebrowsing service using test safebrowsing database |
6 // and a test protocol manager. It is used to test logics in safebrowsing | 6 // and a test protocol manager. It is used to test logics in safebrowsing |
7 // service. | 7 // service. |
8 | 8 |
9 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 9 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
10 | 10 |
(...skipping 886 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
897 ui_test_utils::NavigateToURL(¶ms); | 897 ui_test_utils::NavigateToURL(¶ms); |
898 | 898 |
899 EXPECT_TRUE(ShowingInterstitialPage()); | 899 EXPECT_TRUE(ShowingInterstitialPage()); |
900 EXPECT_TRUE(got_hit_report()); | 900 EXPECT_TRUE(got_hit_report()); |
901 EXPECT_EQ(bad_url, hit_report().malicious_url); | 901 EXPECT_EQ(bad_url, hit_report().malicious_url); |
902 EXPECT_EQ(bad_url, hit_report().page_url); | 902 EXPECT_EQ(bad_url, hit_report().page_url); |
903 EXPECT_EQ(first_url, hit_report().referrer_url); | 903 EXPECT_EQ(first_url, hit_report().referrer_url); |
904 EXPECT_FALSE(hit_report().is_subresource); | 904 EXPECT_FALSE(hit_report().is_subresource); |
905 } | 905 } |
906 | 906 |
907 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, SubresourceFilterEndToEndTest) { | |
engedy
2017/04/20 11:16:10
Would it be possible to move these tests to the Su
melandory
2017/04/25 13:48:13
Hm, I thought that we have them there in a bit dif
engedy
2017/04/26 13:47:09
That's a fair point. In that case, could we just r
| |
908 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | |
909 scoped_feature_toggle( | |
910 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | |
911 subresource_filter::kActivationLevelEnabled, | |
912 subresource_filter::kActivationScopeActivationList, | |
913 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | |
914 | |
915 subresource_filter::testing::TestRulesetCreator ruleset_creator; | |
916 subresource_filter::testing::TestRulesetPair test_ruleset_pair; | |
917 ruleset_creator.CreateRulesetToDisallowURLsWithPathSuffix( | |
918 "included_script.js", &test_ruleset_pair); | |
919 subresource_filter::testing::TestRulesetPublisher test_ruleset_publisher; | |
920 ASSERT_NO_FATAL_FAILURE( | |
921 test_ruleset_publisher.SetRuleset(test_ruleset_pair.unindexed)); | |
922 | |
923 GURL phishing_url = embedded_test_server()->GetURL( | |
924 "/subresource_filter/frame_with_included_script.html"); | |
925 SBFullHashResult malware_full_hash; | |
926 GenUrlFullHashResultWithMetadata(phishing_url, PHISH, | |
927 ThreatPatternType::SOCIAL_ENGINEERING_ADS, | |
928 &malware_full_hash); | |
929 SetupResponseForUrl(phishing_url, malware_full_hash); | |
930 | |
931 WebContents* web_contents = | |
932 browser()->tab_strip_model()->GetActiveWebContents(); | |
933 auto* driver_factory = subresource_filter:: | |
934 ContentSubresourceFilterDriverFactory::FromWebContents(web_contents); | |
935 driver_factory->set_configuration_for_testing( | |
936 subresource_filter::GetActiveConfiguration()); | |
937 | |
938 // Navigation to a phishing page should trigger an interstitial. If the user | |
939 // clicks through it, the page load should proceed, but with subresource | |
940 // filtering activated. This is verified by probing whether `included_script` | |
941 // that is disallowed above indeed fails to load. | |
942 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))); | |
943 ui_test_utils::NavigateToURL(browser(), phishing_url); | |
944 ASSERT_TRUE(Mock::VerifyAndClearExpectations(&observer_)); | |
945 ASSERT_TRUE(got_hit_report()); | |
946 content::WaitForInterstitialAttach(web_contents); | |
947 ASSERT_TRUE(ShowingInterstitialPage()); | |
948 | |
949 content::WindowedNotificationObserver load_stop_observer( | |
950 content::NOTIFICATION_LOAD_STOP, | |
951 content::Source<content::NavigationController>( | |
952 &web_contents->GetController())); | |
953 InterstitialPage* interstitial_page = web_contents->GetInterstitialPage(); | |
954 ASSERT_TRUE(interstitial_page); | |
955 interstitial_page->Proceed(); | |
956 load_stop_observer.Wait(); | |
957 ASSERT_FALSE(ShowingInterstitialPage()); | |
958 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); | |
959 | |
960 // Navigate to a page that loads the same script, but is not a phishing page. | |
961 // The load should be allowed. | |
962 GURL safe_url = embedded_test_server()->GetURL( | |
963 "/subresource_filter/frame_with_allowed_script.html"); | |
964 ui_test_utils::NavigateToURL(browser(), safe_url); | |
965 EXPECT_FALSE(ShowingInterstitialPage()); | |
966 EXPECT_TRUE(WasSubresourceFilterProbeScriptLoaded()); | |
967 | |
968 // Navigate to the phishing page again -- should be no interstitial shown, but | |
969 // subresource filtering should still be activated. | |
970 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))) | |
971 .Times(0); | |
972 ui_test_utils::NavigateToURL(browser(), phishing_url); | |
973 EXPECT_FALSE(ShowingInterstitialPage()); | |
974 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); | |
975 } | |
976 | |
977 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, | 907 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, |
978 SubResourceHitWithMainFrameReferrer) { | 908 SubResourceHitWithMainFrameReferrer) { |
979 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); | 909 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); |
980 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); | 910 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); |
981 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); | 911 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); |
982 | 912 |
983 SBFullHashResult malware_full_hash; | 913 SBFullHashResult malware_full_hash; |
984 GenUrlFullHashResult(bad_url, MALWARE, &malware_full_hash); | 914 GenUrlFullHashResult(bad_url, MALWARE, &malware_full_hash); |
985 SetupResponseForUrl(bad_url, malware_full_hash); | 915 SetupResponseForUrl(bad_url, malware_full_hash); |
986 | 916 |
(...skipping 986 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1973 | 1903 |
1974 EXPECT_TRUE(ShowingInterstitialPage()); | 1904 EXPECT_TRUE(ShowingInterstitialPage()); |
1975 EXPECT_TRUE(got_hit_report()); | 1905 EXPECT_TRUE(got_hit_report()); |
1976 EXPECT_EQ(bad_url, hit_report().malicious_url); | 1906 EXPECT_EQ(bad_url, hit_report().malicious_url); |
1977 EXPECT_EQ(bad_url, hit_report().page_url); | 1907 EXPECT_EQ(bad_url, hit_report().page_url); |
1978 EXPECT_EQ(first_url, hit_report().referrer_url); | 1908 EXPECT_EQ(first_url, hit_report().referrer_url); |
1979 EXPECT_FALSE(hit_report().is_subresource); | 1909 EXPECT_FALSE(hit_report().is_subresource); |
1980 } | 1910 } |
1981 | 1911 |
1982 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, | 1912 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, |
1983 SubresourceFilterEndToEndTest) { | |
1984 subresource_filter::testing::ScopedSubresourceFilterFeatureToggle | |
1985 scoped_feature_toggle( | |
1986 base::FeatureList::OVERRIDE_ENABLE_FEATURE, | |
1987 subresource_filter::kActivationLevelEnabled, | |
1988 subresource_filter::kActivationScopeActivationList, | |
1989 subresource_filter::kActivationListSocialEngineeringAdsInterstitial); | |
1990 | |
1991 subresource_filter::testing::TestRulesetCreator ruleset_creator; | |
1992 subresource_filter::testing::TestRulesetPair test_ruleset_pair; | |
1993 ruleset_creator.CreateRulesetToDisallowURLsWithPathSuffix( | |
1994 "included_script.js", &test_ruleset_pair); | |
1995 subresource_filter::testing::TestRulesetPublisher test_ruleset_publisher; | |
1996 ASSERT_NO_FATAL_FAILURE( | |
1997 test_ruleset_publisher.SetRuleset(test_ruleset_pair.unindexed)); | |
1998 | |
1999 GURL phishing_url = embedded_test_server()->GetURL( | |
2000 "/subresource_filter/frame_with_included_script.html"); | |
2001 MarkUrlForPhishingUnexpired(phishing_url, | |
2002 ThreatPatternType::SOCIAL_ENGINEERING_ADS); | |
2003 | |
2004 WebContents* web_contents = | |
2005 browser()->tab_strip_model()->GetActiveWebContents(); | |
2006 auto* driver_factory = subresource_filter:: | |
2007 ContentSubresourceFilterDriverFactory::FromWebContents(web_contents); | |
2008 driver_factory->set_configuration_for_testing( | |
2009 subresource_filter::GetActiveConfiguration()); | |
2010 | |
2011 // Navigation to a phishing page should trigger an interstitial. If the user | |
2012 // clicks through it, the page load should proceed, but with subresource | |
2013 // filtering activated. This is verified by probing whether `included_script` | |
2014 // that is disallowed above indeed fails to load. | |
2015 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))); | |
2016 ui_test_utils::NavigateToURL(browser(), phishing_url); | |
2017 ASSERT_TRUE(Mock::VerifyAndClearExpectations(&observer_)); | |
2018 ASSERT_TRUE(got_hit_report()); | |
2019 content::WaitForInterstitialAttach(web_contents); | |
2020 ASSERT_TRUE(ShowingInterstitialPage()); | |
2021 | |
2022 content::WindowedNotificationObserver load_stop_observer( | |
2023 content::NOTIFICATION_LOAD_STOP, | |
2024 content::Source<content::NavigationController>( | |
2025 &web_contents->GetController())); | |
2026 InterstitialPage* interstitial_page = web_contents->GetInterstitialPage(); | |
2027 ASSERT_TRUE(interstitial_page); | |
2028 interstitial_page->Proceed(); | |
2029 load_stop_observer.Wait(); | |
2030 ASSERT_FALSE(ShowingInterstitialPage()); | |
2031 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); | |
2032 | |
2033 // Navigate to a page that loads the same script, but is not a phishing page. | |
2034 // The load should be allowed. | |
2035 GURL safe_url = embedded_test_server()->GetURL( | |
2036 "/subresource_filter/frame_with_allowed_script.html"); | |
2037 ui_test_utils::NavigateToURL(browser(), safe_url); | |
2038 EXPECT_FALSE(ShowingInterstitialPage()); | |
2039 EXPECT_TRUE(WasSubresourceFilterProbeScriptLoaded()); | |
2040 | |
2041 // Navigate to the phishing page again -- should be no interstitial shown, but | |
2042 // subresource filtering should still be activated. | |
2043 EXPECT_CALL(observer_, OnSafeBrowsingHit(IsUnsafeResourceFor(phishing_url))) | |
2044 .Times(0); | |
2045 ui_test_utils::NavigateToURL(browser(), phishing_url); | |
2046 EXPECT_FALSE(ShowingInterstitialPage()); | |
2047 EXPECT_FALSE(WasSubresourceFilterProbeScriptLoaded()); | |
2048 } | |
2049 | |
2050 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, | |
2051 SubResourceHitWithMainFrameReferrer) { | 1913 SubResourceHitWithMainFrameReferrer) { |
2052 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); | 1914 GURL first_url = embedded_test_server()->GetURL(kEmptyPage); |
2053 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); | 1915 GURL second_url = embedded_test_server()->GetURL(kMalwarePage); |
2054 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); | 1916 GURL bad_url = embedded_test_server()->GetURL(kMalwareImg); |
2055 | 1917 |
2056 MarkUrlForMalwareUnexpired(bad_url); | 1918 MarkUrlForMalwareUnexpired(bad_url); |
2057 | 1919 |
2058 // Navigate to first, safe page. | 1920 // Navigate to first, safe page. |
2059 ui_test_utils::NavigateToURL(browser(), first_url); | 1921 ui_test_utils::NavigateToURL(browser(), first_url); |
2060 EXPECT_FALSE(ShowingInterstitialPage()); | 1922 EXPECT_FALSE(ShowingInterstitialPage()); |
(...skipping 436 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2497 } | 2359 } |
2498 | 2360 |
2499 INSTANTIATE_TEST_CASE_P( | 2361 INSTANTIATE_TEST_CASE_P( |
2500 MaybeSetMetadata, | 2362 MaybeSetMetadata, |
2501 V4SafeBrowsingServiceMetadataTest, | 2363 V4SafeBrowsingServiceMetadataTest, |
2502 testing::Values(ThreatPatternType::NONE, | 2364 testing::Values(ThreatPatternType::NONE, |
2503 ThreatPatternType::MALWARE_LANDING, | 2365 ThreatPatternType::MALWARE_LANDING, |
2504 ThreatPatternType::MALWARE_DISTRIBUTION)); | 2366 ThreatPatternType::MALWARE_DISTRIBUTION)); |
2505 | 2367 |
2506 } // namespace safe_browsing | 2368 } // namespace safe_browsing |
OLD | NEW |