WebFrameSerializerSanitizationTest validates generated MHTML.

third_party/WebKit/Source/web/tests/WebFrameSerializerTest.cpp

 /*
  * Copyright (C) 2011 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 13 matching lines @@
  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #include "public/web/WebFrameSerializer.h"
 
 #include "core/exported/WebViewBase.h"
+#include "platform/mhtml/MHTMLArchive.h"
+#include "platform/mhtml/MHTMLParser.h"
 #include "platform/testing/HistogramTester.h"
 #include "platform/testing/URLTestHelpers.h"
 #include "platform/testing/UnitTestHelpers.h"
 #include "platform/weborigin/KURL.h"
 #include "platform/wtf/text/StringBuilder.h"
 #include "public/platform/Platform.h"
 #include "public/platform/WebCString.h"
 #include "public/platform/WebCache.h"
 #include "public/platform/WebString.h"
 #include "public/platform/WebURL.h"
@@ skipping 168 matching lines @@
   EXPECT_EQ("<!-- saved from url=(0030)http://www.test.com/?-%2Dx-%2D -->",
             actual_html.Substring(1, 60));
 }
 
 class WebFrameSerializerSanitizationTest : public WebFrameSerializerTest {
  protected:
   WebFrameSerializerSanitizationTest() {}
 
   ~WebFrameSerializerSanitizationTest() override {}
 
-  String GenerateMHTMLParts(const String& url,
-                            const String& file_name,
-                            const String& mime_type = "text/html") {
+  String GenerateMHTMLFromHtml(const String& url, const String& file_name) {
+    return GenerateMHTML(url, file_name, "text/html", false);
+  }
+
+  String GenerateMHTMLPartsFromPng(const String& url, const String& file_name) {
+    return GenerateMHTML(url, file_name, "image/png", true);
+  }
+
+  String GenerateMHTML(const String& url,
+                       const String& file_name,
+                       const String& mime_type,
+                       const bool only_body_parts) {
     KURL parsed_url(kParsedURLString, url);
     String file_path("frameserialization/" + file_name);
     RegisterMockedFileURLLoad(parsed_url, file_path, mime_type);
     FrameTestHelpers::LoadFrame(MainFrameImpl(), url.Utf8().data());
-    WebThreadSafeData result = WebFrameSerializer::GenerateMHTMLParts(
-        WebString("boundary"), MainFrameImpl(), &mhtml_delegate_);
-    return String(result.Data(), result.size());
+    // Boundaries are normally randomly generated but this one is predefined for
+    // simplicity and as good as any other. Plus it gets used in almost all the
+    // examples in the MHTML spec - RFC 2557.
+    const WebString boundary("boundary-example");
+    StringBuilder mhtml;
+    if (!only_body_parts) {
+      WebThreadSafeData header_result = WebFrameSerializer::GenerateMHTMLHeader(
+          boundary, MainFrameImpl(), &mhtml_delegate_);
+      mhtml.Append(header_result.Data(), header_result.size());
+    }
+
+    WebThreadSafeData body_result = WebFrameSerializer::GenerateMHTMLParts(
+        boundary, MainFrameImpl(), &mhtml_delegate_);
+    mhtml.Append(body_result.Data(), body_result.size());
+
+    if (!only_body_parts) {
+      RefPtr<RawData> footer_data = RawData::Create();
+      MHTMLArchive::GenerateMHTMLFooterForTesting(boundary,
+                                                  *footer_data->MutableData());
+      mhtml.Append(footer_data->data(), footer_data->length());
+    }
+
+    String mhtml_string = mhtml.ToString();
+    if (!only_body_parts) {
+      // Validate the generated MHTML.
+      MHTMLParser parser(SharedBuffer::Create(mhtml_string.Characters8(),
+                                              size_t(mhtml_string.length())));
+      EXPECT_FALSE(parser.ParseArchive().IsEmpty())
+          << "Generated MHTML is not well formed";
+    }
+    return mhtml_string;
   }
 
   void SetRemovePopupOverlay(bool remove_popup_overlay) {
     mhtml_delegate_.SetRemovePopupOverlay(remove_popup_overlay);
   }
 
  protected:
   HistogramTester histogram_tester_;
 
  private:
   SimpleMHTMLPartsGenerationDelegate mhtml_delegate_;
 };
 
 TEST_F(WebFrameSerializerSanitizationTest, RemoveInlineScriptInAttributes) {
   String mhtml =
-      GenerateMHTMLParts("http://www.test.com", "script_in_attributes.html");
+      GenerateMHTMLFromHtml("http://www.test.com", "script_in_attributes.html");
 
   // These scripting attributes should be removed.
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("onload="));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("ONLOAD="));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("onclick="));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("href="));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("from="));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("to="));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("javascript:"));
 
   // These non-scripting attributes should remain intact.
   EXPECT_NE(WTF::kNotFound, mhtml.Find("class="));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("id="));
 
   // srcdoc attribute of frame element should be replaced with src attribute.
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcdoc="));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("src="));
 }
 
 TEST_F(WebFrameSerializerSanitizationTest, DisableFormElements) {
-  String mhtml = GenerateMHTMLParts("http://www.test.com", "form.html");
+  String mhtml = GenerateMHTMLFromHtml("http://www.test.com", "form.html");
 
   const char kDisabledAttr[] = "disabled=3D\"\"";
   int matches =
       MatchSubstring(mhtml, kDisabledAttr, arraysize(kDisabledAttr) - 1);
   EXPECT_EQ(21, matches);
 }
 
 TEST_F(WebFrameSerializerSanitizationTest, RemoveHiddenElements) {
   String mhtml =
-      GenerateMHTMLParts("http://www.test.com", "hidden_elements.html");
+      GenerateMHTMLFromHtml("http://www.test.com", "hidden_elements.html");
 
   // The element with hidden attribute should be removed.
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("<p id=3D\"hidden_id\""));
 
   // The hidden form element should be removed.
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("<input type=3D\"hidden\""));
 
   // All other hidden elements should not be removed.
   EXPECT_NE(WTF::kNotFound, mhtml.Find("<html"));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("<head"));
@@ skipping 13 matching lines @@
   // These visible elements should remain intact.
   EXPECT_NE(WTF::kNotFound, mhtml.Find("<p id=3D\"visible_id\""));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("<form"));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("<input type=3D\"text\""));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("<div"));
 }
 
 // Regression test for crbug.com/678893, where in some cases serializing an
 // image document could cause code to pick an element from an empty container.
 TEST_F(WebFrameSerializerSanitizationTest, FromBrokenImageDocument) {
-  String mhtml = GenerateMHTMLParts("http://www.test.com", "broken-image.png",
-                                    "image/png");
+  // This test only cares that the result of the parts generation is empty so it
+  // is simpler to not generate only that instead of the full MHTML.
+  String mhtml =
+      GenerateMHTMLPartsFromPng("http://www.test.com", "broken-image.png");
   EXPECT_TRUE(mhtml.IsEmpty());
 }
 
 TEST_F(WebFrameSerializerSanitizationTest, ImageLoadedFromSrcsetForHiDPI) {
   RegisterMockedFileURLLoad(
       KURL(kParsedURLString, "http://www.test.com/1x.png"),
       "frameserialization/1x.png");
   RegisterMockedFileURLLoad(
       KURL(kParsedURLString, "http://www.test.com/2x.png"),
       "frameserialization/2x.png");
 
   // Set high DPR in order to load image from srcset, instead of src.
   WebView()->SetDeviceScaleFactor(2.0f);
 
-  String mhtml = GenerateMHTMLParts("http://www.test.com", "img_srcset.html");
+  String mhtml =
+      GenerateMHTMLFromHtml("http://www.test.com", "img_srcset.html");
 
   // srcset attribute should be skipped.
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcset="));
 
   // Width and height attributes should be set when none is present in <img>.
   EXPECT_NE(WTF::kNotFound,
             mhtml.Find("id=3D\"i1\" width=3D\"6\" height=3D\"6\">"));
 
   // Height attribute should not be set if width attribute is already present in
   // <img>
   EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i2\" width=3D\"8\">"));
 }
 
 TEST_F(WebFrameSerializerSanitizationTest, ImageLoadedFromSrcForNormalDPI) {
   RegisterMockedFileURLLoad(
       KURL(kParsedURLString, "http://www.test.com/1x.png"),
       "frameserialization/1x.png");
   RegisterMockedFileURLLoad(
       KURL(kParsedURLString, "http://www.test.com/2x.png"),
       "frameserialization/2x.png");
 
-  String mhtml = GenerateMHTMLParts("http://www.test.com", "img_srcset.html");
+  String mhtml =
+      GenerateMHTMLFromHtml("http://www.test.com", "img_srcset.html");
 
   // srcset attribute should be skipped.
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("srcset="));
 
   // New width and height attributes should not be set.
   EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i1\">"));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("id=3D\"i2\" width=3D\"8\">"));
 }
 
 TEST_F(WebFrameSerializerSanitizationTest, RemovePopupOverlayIfRequested) {
   WebView()->Resize(WebSize(500, 500));
   SetRemovePopupOverlay(true);
-  String mhtml = GenerateMHTMLParts("http://www.test.com", "popup.html");
+  String mhtml = GenerateMHTMLFromHtml("http://www.test.com", "popup.html");
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("class=3D\"overlay"));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("class=3D\"modal"));
   histogram_tester_.ExpectUniqueSample(
       "PageSerialization.MhtmlGeneration.PopupOverlaySkipped", true, 1);
 }
 
 TEST_F(WebFrameSerializerSanitizationTest, PopupOverlayNotFound) {
   WebView()->Resize(WebSize(500, 500));
   SetRemovePopupOverlay(true);
   String mhtml =
-      GenerateMHTMLParts("http://www.test.com", "text_only_page.html");
+      GenerateMHTMLFromHtml("http://www.test.com", "text_only_page.html");
   histogram_tester_.ExpectUniqueSample(
       "PageSerialization.MhtmlGeneration.PopupOverlaySkipped", false, 1);
 }
 
 TEST_F(WebFrameSerializerSanitizationTest, KeepPopupOverlayIfNotRequested) {
   WebView()->Resize(WebSize(500, 500));
   SetRemovePopupOverlay(false);
-  String mhtml = GenerateMHTMLParts("http://www.test.com", "popup.html");
+  String mhtml = GenerateMHTMLFromHtml("http://www.test.com", "popup.html");
   EXPECT_NE(WTF::kNotFound, mhtml.Find("class=3D\"overlay"));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("class=3D\"modal"));
   histogram_tester_.ExpectTotalCount(
       "PageSerialization.MhtmlGeneration.PopupOverlaySkipped", 0);
 }
 
 TEST_F(WebFrameSerializerSanitizationTest, RemoveElements) {
   String mhtml =
-      GenerateMHTMLParts("http://www.test.com", "remove_elements.html");
-  LOG(ERROR) << mhtml;
+      GenerateMHTMLFromHtml("http://www.test.com", "remove_elements.html");
 
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("<script"));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("<noscript"));
 
   // Only the meta element containing "Content-Security-Policy" is removed.
   // Other meta elements should be preserved.
   EXPECT_EQ(WTF::kNotFound,
             mhtml.Find("<meta http-equiv=3D\"Content-Security-Policy"));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("<meta name=3D\"description"));
   EXPECT_NE(WTF::kNotFound, mhtml.Find("<meta http-equiv=3D\"refresh"));
 
   // If an element is removed, its children should also be skipped.
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("<select"));
   EXPECT_EQ(WTF::kNotFound, mhtml.Find("<option"));
 }
 
 }  // namespace blink