| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 #include "components/safe_browsing/password_protection/password_protection_servi
ce.h" | 4 #include "components/safe_browsing/password_protection/password_protection_servi
ce.h" |
| 5 | 5 |
| 6 #include "base/memory/ptr_util.h" | 6 #include "base/memory/ptr_util.h" |
| 7 #include "base/run_loop.h" | 7 #include "base/run_loop.h" |
| 8 #include "base/strings/string_number_conversions.h" | 8 #include "base/strings/string_number_conversions.h" |
| 9 #include "base/test/histogram_tester.h" | 9 #include "base/test/histogram_tester.h" |
| 10 #include "base/test/null_task_runner.h" | 10 #include "base/test/null_task_runner.h" |
| 11 #include "components/content_settings/core/browser/host_content_settings_map.h" | 11 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 12 #include "components/safe_browsing/password_protection/password_protection_reque
st.h" | 12 #include "components/safe_browsing/password_protection/password_protection_reque
st.h" |
| 13 #include "components/safe_browsing_db/test_database_manager.h" | 13 #include "components/safe_browsing_db/test_database_manager.h" |
| 14 #include "components/sync_preferences/testing_pref_service_syncable.h" | 14 #include "components/sync_preferences/testing_pref_service_syncable.h" |
| 15 #include "content/public/test/test_browser_thread_bundle.h" | 15 #include "content/public/test/test_browser_thread_bundle.h" |
| 16 #include "net/url_request/test_url_fetcher_factory.h" | 16 #include "net/url_request/test_url_fetcher_factory.h" |
| 17 #include "testing/gmock/include/gmock/gmock.h" | 17 #include "testing/gmock/include/gmock/gmock.h" |
| 18 #include "testing/gtest/include/gtest/gtest.h" | 18 #include "testing/gtest/include/gtest/gtest.h" |
| 19 | 19 |
| 20 namespace { | 20 namespace { |
| 21 | 21 |
| 22 const char kPasswordReuseMatchWhitelistHistogramName[] = | 22 const char kPasswordReuseMatchWhitelistHistogramName[] = |
| 23 "PasswordManager.PasswordReuse.MainFrameMatchCsdWhitelist"; | 23 "PasswordManager.PasswordReuse.MainFrameMatchCsdWhitelist"; |
| 24 const char kWhitelistedUrl[] = "http://inwhitelist.com"; | 24 const char kWhitelistedUrl[] = "http://inwhitelist.com"; |
| 25 const char kNoneWhitelistedUrl[] = "http://notinwhitelist.com"; | 25 const char kNoneWhitelistedUrl[] = "http://notinwhitelist.com"; |
| 26 const char kRequestOutcomeHistogramName[] = "PasswordProtection.RequestOutcome"; | |
| 27 const char kTargetUrl[] = "http://foo.com"; | 26 const char kTargetUrl[] = "http://foo.com"; |
| 27 const char kVerdictHistogramName[] = |
| 28 "PasswordProtection.Verdict.PasswordFieldOnFocus"; |
| 28 | 29 |
| 29 } // namespace | 30 } // namespace |
| 30 | 31 |
| 31 namespace safe_browsing { | 32 namespace safe_browsing { |
| 32 | 33 |
| 33 class MockSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager { | 34 class MockSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager { |
| 34 public: | 35 public: |
| 35 MockSafeBrowsingDatabaseManager() {} | 36 MockSafeBrowsingDatabaseManager() {} |
| 36 | 37 |
| 37 MOCK_METHOD1(MatchCsdWhitelistUrl, bool(const GURL&)); | 38 MOCK_METHOD1(MatchCsdWhitelistUrl, bool(const GURL&)); |
| (...skipping 361 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 399 | 400 |
| 400 // If delete all history. All password protection content settings should be | 401 // If delete all history. All password protection content settings should be |
| 401 // gone. | 402 // gone. |
| 402 password_protection_service_->RemoveContentSettingsOnURLsDeleted( | 403 password_protection_service_->RemoveContentSettingsOnURLsDeleted( |
| 403 true /* all_history */, history::URLRows()); | 404 true /* all_history */, history::URLRows()); |
| 404 EXPECT_EQ(0U, GetStoredVerdictCount()); | 405 EXPECT_EQ(0U, GetStoredVerdictCount()); |
| 405 } | 406 } |
| 406 TEST_F(PasswordProtectionServiceTest, | 407 TEST_F(PasswordProtectionServiceTest, |
| 407 TestNoRequestCreatedIfMainFrameURLIsNotValid) { | 408 TestNoRequestCreatedIfMainFrameURLIsNotValid) { |
| 408 ASSERT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); | 409 ASSERT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); |
| 409 password_protection_service_->MaybeStartLowReputationRequest( | 410 password_protection_service_->MaybeStartPasswordFieldOnFocusRequest( |
| 410 GURL(), GURL("http://foo.com/submit"), GURL("http://foo.com/frame")); | 411 GURL(), GURL("http://foo.com/submit"), GURL("http://foo.com/frame")); |
| 411 EXPECT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); | 412 EXPECT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); |
| 412 } | 413 } |
| 413 | 414 |
| 414 TEST_F(PasswordProtectionServiceTest, | 415 TEST_F(PasswordProtectionServiceTest, |
| 415 TestNoRequestCreatedIfMainFrameURLIsNotHttpOrHttps) { | 416 TestNoRequestCreatedIfMainFrameURLIsNotHttpOrHttps) { |
| 416 ASSERT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); | 417 ASSERT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); |
| 417 // If main frame url is data url, don't create request. | 418 // If main frame url is data url, don't create request. |
| 418 password_protection_service_->MaybeStartLowReputationRequest( | 419 password_protection_service_->MaybeStartPasswordFieldOnFocusRequest( |
| 419 GURL("data:text/html, <p>hellow"), GURL("http://foo.com/submit"), | 420 GURL("data:text/html, <p>hellow"), GURL("http://foo.com/submit"), |
| 420 GURL("http://foo.com/frame")); | 421 GURL("http://foo.com/frame")); |
| 421 EXPECT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); | 422 EXPECT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); |
| 422 | 423 |
| 423 // If main frame url is ftp, don't create request. | 424 // If main frame url is ftp, don't create request. |
| 424 password_protection_service_->MaybeStartLowReputationRequest( | 425 password_protection_service_->MaybeStartPasswordFieldOnFocusRequest( |
| 425 GURL("ftp://foo.com:21"), GURL("http://foo.com/submit"), | 426 GURL("ftp://foo.com:21"), GURL("http://foo.com/submit"), |
| 426 GURL("http://foo.com/frame")); | 427 GURL("http://foo.com/frame")); |
| 427 EXPECT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); | 428 EXPECT_EQ(0u, password_protection_service_->GetPendingRequestsCount()); |
| 428 } | 429 } |
| 429 | 430 |
| 430 TEST_F(PasswordProtectionServiceTest, TestNoRequestSentForWhitelistedURL) { | 431 TEST_F(PasswordProtectionServiceTest, TestNoRequestSentForWhitelistedURL) { |
| 431 histograms_.ExpectTotalCount(kRequestOutcomeHistogramName, 0); | 432 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); |
| 432 InitializeAndStartRequest(true /* match whitelist */, | 433 InitializeAndStartRequest(true /* match whitelist */, |
| 433 10000 /* timeout in ms*/); | 434 10000 /* timeout in ms*/); |
| 434 base::RunLoop().RunUntilIdle(); | 435 base::RunLoop().RunUntilIdle(); |
| 435 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); | 436 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); |
| 436 EXPECT_THAT(histograms_.GetAllSamples(kRequestOutcomeHistogramName), | 437 EXPECT_THAT( |
| 437 testing::ElementsAre(base::Bucket(4 /* MATCHED_WHITELIST */, 1))); | 438 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 439 testing::ElementsAre(base::Bucket(4 /* MATCHED_WHITELIST */, 1))); |
| 438 } | 440 } |
| 439 | 441 |
| 440 TEST_F(PasswordProtectionServiceTest, TestNoRequestSentIfVerdictAlreadyCached) { | 442 TEST_F(PasswordProtectionServiceTest, TestNoRequestSentIfVerdictAlreadyCached) { |
| 441 histograms_.ExpectTotalCount(kRequestOutcomeHistogramName, 0); | 443 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); |
| 442 CacheVerdict(GURL(kTargetUrl), LoginReputationClientResponse::LOW_REPUTATION, | 444 CacheVerdict(GURL(kTargetUrl), LoginReputationClientResponse::LOW_REPUTATION, |
| 443 600, GURL(kTargetUrl).host(), base::Time::Now()); | 445 600, GURL(kTargetUrl).host(), base::Time::Now()); |
| 444 InitializeAndStartRequest(false /* match whitelist */, | 446 InitializeAndStartRequest(false /* match whitelist */, |
| 445 10000 /* timeout in ms*/); | 447 10000 /* timeout in ms*/); |
| 446 base::RunLoop().RunUntilIdle(); | 448 base::RunLoop().RunUntilIdle(); |
| 447 EXPECT_THAT( | 449 EXPECT_THAT( |
| 448 histograms_.GetAllSamples(kRequestOutcomeHistogramName), | 450 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 449 testing::ElementsAre(base::Bucket(5 /* RESPONSE_ALREADY_CACHED */, 1))); | 451 testing::ElementsAre(base::Bucket(5 /* RESPONSE_ALREADY_CACHED */, 1))); |
| 450 EXPECT_EQ(LoginReputationClientResponse::LOW_REPUTATION, | 452 EXPECT_EQ(LoginReputationClientResponse::LOW_REPUTATION, |
| 451 password_protection_service_->latest_response()->verdict_type()); | 453 password_protection_service_->latest_response()->verdict_type()); |
| 452 } | 454 } |
| 453 | 455 |
| 454 TEST_F(PasswordProtectionServiceTest, TestResponseFetchFailed) { | 456 TEST_F(PasswordProtectionServiceTest, TestResponseFetchFailed) { |
| 455 histograms_.ExpectTotalCount(kRequestOutcomeHistogramName, 0); | 457 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); |
| 456 net::TestURLFetcher failed_fetcher(0, GURL("http://bar.com"), nullptr); | 458 net::TestURLFetcher failed_fetcher(0, GURL("http://bar.com"), nullptr); |
| 457 // Set up failed response. | 459 // Set up failed response. |
| 458 failed_fetcher.set_status( | 460 failed_fetcher.set_status( |
| 459 net::URLRequestStatus(net::URLRequestStatus::FAILED, net::ERR_FAILED)); | 461 net::URLRequestStatus(net::URLRequestStatus::FAILED, net::ERR_FAILED)); |
| 460 | 462 |
| 461 InitializeAndStartRequest(false /* match whitelist */, | 463 InitializeAndStartRequest(false /* match whitelist */, |
| 462 10000 /* timeout in ms*/); | 464 10000 /* timeout in ms*/); |
| 463 request_->OnURLFetchComplete(&failed_fetcher); | 465 request_->OnURLFetchComplete(&failed_fetcher); |
| 464 base::RunLoop().RunUntilIdle(); | 466 base::RunLoop().RunUntilIdle(); |
| 465 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); | 467 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); |
| 466 EXPECT_THAT(histograms_.GetAllSamples(kRequestOutcomeHistogramName), | 468 EXPECT_THAT( |
| 467 testing::ElementsAre(base::Bucket(9 /* FETCH_FAILED */, 1))); | 469 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 470 testing::ElementsAre(base::Bucket(9 /* FETCH_FAILED */, 1))); |
| 468 } | 471 } |
| 469 | 472 |
| 470 TEST_F(PasswordProtectionServiceTest, TestMalformedResponse) { | 473 TEST_F(PasswordProtectionServiceTest, TestMalformedResponse) { |
| 471 histograms_.ExpectTotalCount(kRequestOutcomeHistogramName, 0); | 474 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); |
| 472 // Set up malformed response. | 475 // Set up malformed response. |
| 473 net::TestURLFetcher fetcher(0, GURL("http://bar.com"), nullptr); | 476 net::TestURLFetcher fetcher(0, GURL("http://bar.com"), nullptr); |
| 474 fetcher.set_status( | 477 fetcher.set_status( |
| 475 net::URLRequestStatus(net::URLRequestStatus::SUCCESS, net::OK)); | 478 net::URLRequestStatus(net::URLRequestStatus::SUCCESS, net::OK)); |
| 476 fetcher.set_response_code(200); | 479 fetcher.set_response_code(200); |
| 477 fetcher.SetResponseString("invalid response"); | 480 fetcher.SetResponseString("invalid response"); |
| 478 | 481 |
| 479 InitializeAndStartRequest(false /* match whitelist */, | 482 InitializeAndStartRequest(false /* match whitelist */, |
| 480 10000 /* timeout in ms*/); | 483 10000 /* timeout in ms*/); |
| 481 request_->OnURLFetchComplete(&fetcher); | 484 request_->OnURLFetchComplete(&fetcher); |
| 482 base::RunLoop().RunUntilIdle(); | 485 base::RunLoop().RunUntilIdle(); |
| 483 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); | 486 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); |
| 484 EXPECT_THAT( | 487 EXPECT_THAT( |
| 485 histograms_.GetAllSamples(kRequestOutcomeHistogramName), | 488 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 486 testing::ElementsAre(base::Bucket(10 /* RESPONSE_MALFORMED */, 1))); | 489 testing::ElementsAre(base::Bucket(10 /* RESPONSE_MALFORMED */, 1))); |
| 487 } | 490 } |
| 488 | 491 |
| 489 TEST_F(PasswordProtectionServiceTest, TestRequestTimedout) { | 492 TEST_F(PasswordProtectionServiceTest, TestRequestTimedout) { |
| 490 histograms_.ExpectTotalCount(kRequestOutcomeHistogramName, 0); | 493 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); |
| 491 InitializeAndStartRequest(false /* match whitelist */, | 494 InitializeAndStartRequest(false /* match whitelist */, |
| 492 0 /* timeout immediately */); | 495 0 /* timeout immediately */); |
| 493 base::RunLoop().RunUntilIdle(); | 496 base::RunLoop().RunUntilIdle(); |
| 494 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); | 497 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); |
| 495 EXPECT_THAT(histograms_.GetAllSamples(kRequestOutcomeHistogramName), | 498 EXPECT_THAT( |
| 496 testing::ElementsAre(base::Bucket(3 /* TIMEDOUT */, 1))); | 499 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 500 testing::ElementsAre(base::Bucket(3 /* TIMEDOUT */, 1))); |
| 497 } | 501 } |
| 498 | 502 |
| 499 TEST_F(PasswordProtectionServiceTest, TestRequestAndResponseSuccessfull) { | 503 TEST_F(PasswordProtectionServiceTest, TestRequestAndResponseSuccessfull) { |
| 500 histograms_.ExpectTotalCount(kRequestOutcomeHistogramName, 0); | 504 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); |
| 501 // Set up valid response. | 505 // Set up valid response. |
| 502 net::TestURLFetcher fetcher(0, GURL("http://bar.com"), nullptr); | 506 net::TestURLFetcher fetcher(0, GURL("http://bar.com"), nullptr); |
| 503 fetcher.set_status( | 507 fetcher.set_status( |
| 504 net::URLRequestStatus(net::URLRequestStatus::SUCCESS, net::OK)); | 508 net::URLRequestStatus(net::URLRequestStatus::SUCCESS, net::OK)); |
| 505 fetcher.set_response_code(200); | 509 fetcher.set_response_code(200); |
| 506 LoginReputationClientResponse expected_response = CreateVerdictProto( | 510 LoginReputationClientResponse expected_response = CreateVerdictProto( |
| 507 LoginReputationClientResponse::PHISHING, 600, GURL(kTargetUrl).host()); | 511 LoginReputationClientResponse::PHISHING, 600, GURL(kTargetUrl).host()); |
| 508 fetcher.SetResponseString(expected_response.SerializeAsString()); | 512 fetcher.SetResponseString(expected_response.SerializeAsString()); |
| 509 | 513 |
| 510 InitializeAndStartRequest(false /* match whitelist */, | 514 InitializeAndStartRequest(false /* match whitelist */, |
| 511 10000 /* timeout in ms*/); | 515 10000 /* timeout in ms*/); |
| 512 request_->OnURLFetchComplete(&fetcher); | 516 request_->OnURLFetchComplete(&fetcher); |
| 513 base::RunLoop().RunUntilIdle(); | 517 base::RunLoop().RunUntilIdle(); |
| 514 EXPECT_THAT(histograms_.GetAllSamples(kRequestOutcomeHistogramName), | 518 EXPECT_THAT( |
| 515 testing::ElementsAre(base::Bucket(1 /* SUCCEEDED */, 1))); | 519 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 520 testing::ElementsAre(base::Bucket(1 /* SUCCEEDED */, 1))); |
| 521 EXPECT_THAT(histograms_.GetAllSamples(kVerdictHistogramName), |
| 522 testing::ElementsAre(base::Bucket(3 /* PHISHING */, 1))); |
| 516 LoginReputationClientResponse* actual_response = | 523 LoginReputationClientResponse* actual_response = |
| 517 password_protection_service_->latest_response(); | 524 password_protection_service_->latest_response(); |
| 518 EXPECT_EQ(expected_response.verdict_type(), actual_response->verdict_type()); | 525 EXPECT_EQ(expected_response.verdict_type(), actual_response->verdict_type()); |
| 519 EXPECT_EQ(expected_response.cache_expression(), | 526 EXPECT_EQ(expected_response.cache_expression(), |
| 520 actual_response->cache_expression()); | 527 actual_response->cache_expression()); |
| 521 EXPECT_EQ(expected_response.cache_duration_sec(), | 528 EXPECT_EQ(expected_response.cache_duration_sec(), |
| 522 actual_response->cache_duration_sec()); | 529 actual_response->cache_duration_sec()); |
| 523 } | 530 } |
| 524 | 531 |
| 525 TEST_F(PasswordProtectionServiceTest, TestTearDownWithPendingRequests) { | 532 TEST_F(PasswordProtectionServiceTest, TestTearDownWithPendingRequests) { |
| 526 histograms_.ExpectTotalCount(kRequestOutcomeHistogramName, 0); | 533 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); |
| 527 GURL target_url(kTargetUrl); | 534 GURL target_url(kTargetUrl); |
| 528 EXPECT_CALL(*database_manager_.get(), MatchCsdWhitelistUrl(target_url)) | 535 EXPECT_CALL(*database_manager_.get(), MatchCsdWhitelistUrl(target_url)) |
| 529 .WillRepeatedly(testing::Return(false)); | 536 .WillRepeatedly(testing::Return(false)); |
| 530 password_protection_service_->StartRequest( | 537 password_protection_service_->StartRequest( |
| 531 target_url, GURL("http://foo.com/submit"), GURL("http://foo.com/frame"), | 538 target_url, GURL("http://foo.com/submit"), GURL("http://foo.com/frame"), |
| 532 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE); | 539 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE); |
| 533 | 540 |
| 534 // Destroy password_protection_service_ while there is one request pending. | 541 // Destroy password_protection_service_ while there is one request pending. |
| 535 password_protection_service_.reset(); | 542 password_protection_service_.reset(); |
| 536 base::RunLoop().RunUntilIdle(); | 543 base::RunLoop().RunUntilIdle(); |
| 537 | 544 |
| 538 EXPECT_THAT(histograms_.GetAllSamples(kRequestOutcomeHistogramName), | 545 EXPECT_THAT( |
| 539 testing::ElementsAre(base::Bucket(2 /* CANCELED */, 1))); | 546 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 547 testing::ElementsAre(base::Bucket(2 /* CANCELED */, 1))); |
| 540 } | 548 } |
| 541 } // namespace safe_browsing | 549 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2869253002:
Add UMA metrics to phishguard pings (Closed)
