| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 #include "components/safe_browsing/password_protection/password_protection_servi
ce.h" | 4 #include "components/safe_browsing/password_protection/password_protection_servi
ce.h" |
| 5 | 5 |
| 6 #include "base/memory/ptr_util.h" | 6 #include "base/memory/ptr_util.h" |
| 7 #include "base/run_loop.h" | 7 #include "base/run_loop.h" |
| 8 #include "base/single_thread_task_runner.h" | 8 #include "base/single_thread_task_runner.h" |
| 9 #include "base/strings/string_number_conversions.h" | 9 #include "base/strings/string_number_conversions.h" |
| 10 #include "base/test/histogram_tester.h" | 10 #include "base/test/histogram_tester.h" |
| (...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 192 bool PathVariantsMatchCacheExpression(const GURL& url, | 192 bool PathVariantsMatchCacheExpression(const GURL& url, |
| 193 const std::string& cache_expression) { | 193 const std::string& cache_expression) { |
| 194 std::vector<std::string> paths; | 194 std::vector<std::string> paths; |
| 195 PasswordProtectionService::GeneratePathVariantsWithoutQuery(url, &paths); | 195 PasswordProtectionService::GeneratePathVariantsWithoutQuery(url, &paths); |
| 196 return PasswordProtectionService::PathVariantsMatchCacheExpression( | 196 return PasswordProtectionService::PathVariantsMatchCacheExpression( |
| 197 paths, | 197 paths, |
| 198 PasswordProtectionService::GetCacheExpressionPath(cache_expression)); | 198 PasswordProtectionService::GetCacheExpressionPath(cache_expression)); |
| 199 } | 199 } |
| 200 | 200 |
| 201 void CacheVerdict(const GURL& url, | 201 void CacheVerdict(const GURL& url, |
| 202 LoginReputationClientRequest::TriggerType trigger, |
| 202 LoginReputationClientResponse::VerdictType verdict, | 203 LoginReputationClientResponse::VerdictType verdict, |
| 203 int cache_duration_sec, | 204 int cache_duration_sec, |
| 204 const std::string& cache_expression, | 205 const std::string& cache_expression, |
| 205 const base::Time& verdict_received_time) { | 206 const base::Time& verdict_received_time) { |
| 206 LoginReputationClientResponse response( | 207 LoginReputationClientResponse response( |
| 207 CreateVerdictProto(verdict, cache_duration_sec, cache_expression)); | 208 CreateVerdictProto(verdict, cache_duration_sec, cache_expression)); |
| 208 password_protection_service_->CacheVerdict(url, &response, | 209 password_protection_service_->CacheVerdict(url, trigger, &response, |
| 209 verdict_received_time); | 210 verdict_received_time); |
| 210 } | 211 } |
| 211 | 212 |
| 212 size_t GetStoredVerdictCount() { | 213 size_t GetStoredVerdictCount(LoginReputationClientRequest::TriggerType type) { |
| 213 return password_protection_service_->GetStoredVerdictCount(); | 214 return password_protection_service_->GetStoredVerdictCount(type); |
| 214 } | 215 } |
| 215 | 216 |
| 216 protected: | 217 protected: |
| 217 // |thread_bundle_| is needed here because this test involves both UI and IO | 218 // |thread_bundle_| is needed here because this test involves both UI and IO |
| 218 // threads. | 219 // threads. |
| 219 content::TestBrowserThreadBundle thread_bundle_; | 220 content::TestBrowserThreadBundle thread_bundle_; |
| 220 scoped_refptr<MockSafeBrowsingDatabaseManager> database_manager_; | 221 scoped_refptr<MockSafeBrowsingDatabaseManager> database_manager_; |
| 221 sync_preferences::TestingPrefServiceSyncable test_pref_service_; | 222 sync_preferences::TestingPrefServiceSyncable test_pref_service_; |
| 222 scoped_refptr<HostContentSettingsMap> content_setting_map_; | 223 scoped_refptr<HostContentSettingsMap> content_setting_map_; |
| 223 scoped_refptr<DummyURLRequestContextGetter> dummy_request_context_getter_; | 224 scoped_refptr<DummyURLRequestContextGetter> dummy_request_context_getter_; |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 295 EXPECT_TRUE(PathVariantsMatchCacheExpression( | 296 EXPECT_TRUE(PathVariantsMatchCacheExpression( |
| 296 GURL("http://evil.com/bad/foo/index.html"), cache_expression)); | 297 GURL("http://evil.com/bad/foo/index.html"), cache_expression)); |
| 297 EXPECT_TRUE(PathVariantsMatchCacheExpression( | 298 EXPECT_TRUE(PathVariantsMatchCacheExpression( |
| 298 GURL("http://evil.com/bad/foo/index.html"), cache_expression_with_slash)); | 299 GURL("http://evil.com/bad/foo/index.html"), cache_expression_with_slash)); |
| 299 EXPECT_FALSE(PathVariantsMatchCacheExpression( | 300 EXPECT_FALSE(PathVariantsMatchCacheExpression( |
| 300 GURL("http://evil.com/worse/index.html"), cache_expression)); | 301 GURL("http://evil.com/worse/index.html"), cache_expression)); |
| 301 EXPECT_FALSE(PathVariantsMatchCacheExpression( | 302 EXPECT_FALSE(PathVariantsMatchCacheExpression( |
| 302 GURL("http://evil.com/worse/index.html"), cache_expression_with_slash)); | 303 GURL("http://evil.com/worse/index.html"), cache_expression_with_slash)); |
| 303 } | 304 } |
| 304 | 305 |
| 305 TEST_F(PasswordProtectionServiceTest, TestCachedVerdicts) { | 306 TEST_F(PasswordProtectionServiceTest, TestCachePasswordReuseVerdicts) { |
| 306 ASSERT_EQ(0U, GetStoredVerdictCount()); | 307 ASSERT_EQ(0U, GetStoredVerdictCount( |
| 308 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 309 |
| 307 // Assume each verdict has a TTL of 10 minutes. | 310 // Assume each verdict has a TTL of 10 minutes. |
| 308 // Cache a verdict for http://www.test.com/foo/index.html | 311 // Cache a verdict for http://www.test.com/foo/index.html |
| 309 CacheVerdict(GURL("http://www.test.com/foo/index.html"), | 312 CacheVerdict(GURL("http://www.test.com/foo/index.html"), |
| 313 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 310 LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foo", | 314 LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foo", |
| 311 base::Time::Now()); | 315 base::Time::Now()); |
| 312 | 316 |
| 313 EXPECT_EQ(1U, GetStoredVerdictCount()); | 317 EXPECT_EQ(1U, GetStoredVerdictCount( |
| 318 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 314 | 319 |
| 315 // Cache another verdict with the some origin and cache_expression should | 320 // Cache another verdict with the some origin and cache_expression should |
| 316 // override the cache. | 321 // override the cache. |
| 317 CacheVerdict(GURL("http://www.test.com/foo/index2.html"), | 322 CacheVerdict(GURL("http://www.test.com/foo/index2.html"), |
| 323 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 318 LoginReputationClientResponse::PHISHING, 10 * 60, "test.com/foo", | 324 LoginReputationClientResponse::PHISHING, 10 * 60, "test.com/foo", |
| 319 base::Time::Now()); | 325 base::Time::Now()); |
| 320 EXPECT_EQ(1U, GetStoredVerdictCount()); | 326 EXPECT_EQ(1U, GetStoredVerdictCount( |
| 327 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 321 LoginReputationClientResponse out_verdict; | 328 LoginReputationClientResponse out_verdict; |
| 322 EXPECT_EQ(LoginReputationClientResponse::PHISHING, | 329 EXPECT_EQ( |
| 323 password_protection_service_->GetCachedVerdict( | 330 LoginReputationClientResponse::PHISHING, |
| 324 GURL("http://www.test.com/foo/index2.html"), &out_verdict)); | 331 password_protection_service_->GetCachedVerdict( |
| 332 GURL("http://www.test.com/foo/index2.html"), |
| 333 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &out_verdict)); |
| 325 | 334 |
| 326 // Cache another verdict with the same origin but different cache_expression | 335 // Cache another verdict with the same origin but different cache_expression |
| 327 // will not increase setting count, but will increase the number of verdicts | 336 // will not increase setting count, but will increase the number of verdicts |
| 328 // in the given origin. | 337 // in the given origin. |
| 329 CacheVerdict(GURL("http://www.test.com/bar/index2.html"), | 338 CacheVerdict(GURL("http://www.test.com/bar/index2.html"), |
| 339 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 330 LoginReputationClientResponse::SAFE, 10 * 60, "test.com/bar", | 340 LoginReputationClientResponse::SAFE, 10 * 60, "test.com/bar", |
| 331 base::Time::Now()); | 341 base::Time::Now()); |
| 332 EXPECT_EQ(2U, GetStoredVerdictCount()); | 342 EXPECT_EQ(2U, GetStoredVerdictCount( |
| 343 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 344 |
| 345 // Now cache a UNFAMILIAR_LOGIN_PAGE verdict, stored verdict count for |
| 346 // PASSWORD_REUSE_EVENT should be the same. |
| 347 CacheVerdict(GURL("http://www.test.com/foobar/index3.html"), |
| 348 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 349 LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foobar", |
| 350 base::Time::Now()); |
| 351 EXPECT_EQ(2U, GetStoredVerdictCount( |
| 352 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 353 EXPECT_EQ(1U, GetStoredVerdictCount( |
| 354 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 355 } |
| 356 |
| 357 TEST_F(PasswordProtectionServiceTest, TestCacheUnfamiliarLoginVerdicts) { |
| 358 ASSERT_EQ(0U, GetStoredVerdictCount( |
| 359 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 360 |
| 361 // Assume each verdict has a TTL of 10 minutes. |
| 362 // Cache a verdict for http://www.test.com/foo/index.html |
| 363 CacheVerdict(GURL("http://www.test.com/foo/index.html"), |
| 364 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 365 LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foo", |
| 366 base::Time::Now()); |
| 367 |
| 368 EXPECT_EQ(1U, GetStoredVerdictCount( |
| 369 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 370 |
| 371 // Cache another verdict with the same origin but different cache_expression |
| 372 // will not increase setting count, but will increase the number of verdicts |
| 373 // in the given origin. |
| 374 CacheVerdict(GURL("http://www.test.com/bar/index2.html"), |
| 375 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 376 LoginReputationClientResponse::SAFE, 10 * 60, "test.com/bar", |
| 377 base::Time::Now()); |
| 378 EXPECT_EQ(2U, GetStoredVerdictCount( |
| 379 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 380 |
| 381 // Now cache a PASSWORD_REUSE_EVENT verdict, stored verdict count for |
| 382 // UNFAMILIAR_LOGIN_PAGE should be the same. |
| 383 CacheVerdict(GURL("http://www.test.com/foobar/index3.html"), |
| 384 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 385 LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foobar", |
| 386 base::Time::Now()); |
| 387 EXPECT_EQ(2U, GetStoredVerdictCount( |
| 388 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 389 EXPECT_EQ(1U, GetStoredVerdictCount( |
| 390 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 333 } | 391 } |
| 334 | 392 |
| 335 TEST_F(PasswordProtectionServiceTest, TestGetCachedVerdicts) { | 393 TEST_F(PasswordProtectionServiceTest, TestGetCachedVerdicts) { |
| 336 ASSERT_EQ(0U, GetStoredVerdictCount()); | 394 ASSERT_EQ(0U, GetStoredVerdictCount( |
| 337 // Prepare 2 verdicts of the same origin with different cache expressions, | 395 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 338 // one is expired, the other is not. | 396 ASSERT_EQ(0U, GetStoredVerdictCount( |
| 397 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 398 // Prepare 3 verdicts of the same origin with different cache expressions, |
| 399 // one is expired, one is not, the other is of a different type. |
| 339 base::Time now = base::Time::Now(); | 400 base::Time now = base::Time::Now(); |
| 340 CacheVerdict(GURL("http://test.com/login.html"), | 401 CacheVerdict(GURL("http://test.com/login.html"), |
| 402 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 341 LoginReputationClientResponse::SAFE, 10 * 60, "test.com", now); | 403 LoginReputationClientResponse::SAFE, 10 * 60, "test.com", now); |
| 342 CacheVerdict( | 404 CacheVerdict( |
| 343 GURL("http://test.com/def/index.jsp"), | 405 GURL("http://test.com/def/index.jsp"), |
| 406 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 344 LoginReputationClientResponse::PHISHING, 10 * 60, "test.com/def", | 407 LoginReputationClientResponse::PHISHING, 10 * 60, "test.com/def", |
| 345 base::Time::FromDoubleT(now.ToDoubleT() - | 408 base::Time::FromDoubleT(now.ToDoubleT() - |
| 346 24.0 * 60.0 * 60.0)); // Yesterday, expired. | 409 24.0 * 60.0 * 60.0)); // Yesterday, expired. |
| 347 ASSERT_EQ(2U, GetStoredVerdictCount()); | 410 CacheVerdict(GURL("http://test.com/bar/login.html"), |
| 411 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 412 LoginReputationClientResponse::PHISHING, 10 * 60, "test.com/bar", |
| 413 now); |
| 414 |
| 415 ASSERT_EQ(2U, GetStoredVerdictCount( |
| 416 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 417 ASSERT_EQ(1U, GetStoredVerdictCount( |
| 418 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 348 | 419 |
| 349 // Return VERDICT_TYPE_UNSPECIFIED if look up for a URL with unknown origin. | 420 // Return VERDICT_TYPE_UNSPECIFIED if look up for a URL with unknown origin. |
| 350 LoginReputationClientResponse actual_verdict; | 421 LoginReputationClientResponse actual_verdict; |
| 351 EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, | 422 EXPECT_EQ( |
| 352 password_protection_service_->GetCachedVerdict( | 423 LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, |
| 353 GURL("http://www.unknown.com/"), &actual_verdict)); | 424 password_protection_service_->GetCachedVerdict( |
| 425 GURL("http://www.unknown.com/"), |
| 426 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict)); |
| 354 | 427 |
| 355 // Return SAFE if look up for a URL that matches "test.com" cache expression. | 428 // Return SAFE if look up for a URL that matches "test.com" cache expression. |
| 356 EXPECT_EQ(LoginReputationClientResponse::SAFE, | 429 EXPECT_EQ( |
| 357 password_protection_service_->GetCachedVerdict( | 430 LoginReputationClientResponse::SAFE, |
| 358 GURL("http://test.com/xyz/foo.jsp"), &actual_verdict)); | 431 password_protection_service_->GetCachedVerdict( |
| 432 GURL("http://test.com/xyz/foo.jsp"), |
| 433 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict)); |
| 359 | 434 |
| 360 // Return VERDICT_TYPE_UNSPECIFIED if look up for a URL whose variants match | 435 // Return VERDICT_TYPE_UNSPECIFIED if look up for a URL whose variants match |
| 361 // test.com/def, but the corresponding verdict is expired. | 436 // test.com/def, but the corresponding verdict is expired. |
| 362 EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, | 437 EXPECT_EQ( |
| 363 password_protection_service_->GetCachedVerdict( | 438 LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, |
| 364 GURL("http://test.com/def/ghi/index.html"), &actual_verdict)); | 439 password_protection_service_->GetCachedVerdict( |
| 440 GURL("http://test.com/def/ghi/index.html"), |
| 441 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict)); |
| 365 } | 442 } |
| 366 | 443 |
| 367 TEST_F(PasswordProtectionServiceTest, TestRemoveCachedVerdictOnURLsDeleted) { | 444 TEST_F(PasswordProtectionServiceTest, TestRemoveCachedVerdictOnURLsDeleted) { |
| 368 ASSERT_EQ(0U, GetStoredVerdictCount()); | 445 ASSERT_EQ(0U, GetStoredVerdictCount( |
| 446 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 447 ASSERT_EQ(0U, GetStoredVerdictCount( |
| 448 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 369 // Prepare 2 verdicts. One is for origin "http://foo.com", and the other is | 449 // Prepare 2 verdicts. One is for origin "http://foo.com", and the other is |
| 370 // for "http://bar.com". | 450 // for "http://bar.com". |
| 371 base::Time now = base::Time::Now(); | 451 base::Time now = base::Time::Now(); |
| 372 CacheVerdict(GURL("http://foo.com/abc/index.jsp"), | 452 CacheVerdict(GURL("http://foo.com/abc/index.jsp"), |
| 453 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 373 LoginReputationClientResponse::LOW_REPUTATION, 10 * 60, | 454 LoginReputationClientResponse::LOW_REPUTATION, 10 * 60, |
| 374 "foo.com/abc", now); | 455 "foo.com/abc", now); |
| 375 CacheVerdict(GURL("http://bar.com/index.jsp"), | 456 CacheVerdict(GURL("http://bar.com/index.jsp"), |
| 457 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 376 LoginReputationClientResponse::PHISHING, 10 * 60, "bar.com", | 458 LoginReputationClientResponse::PHISHING, 10 * 60, "bar.com", |
| 377 now); | 459 now); |
| 378 ASSERT_EQ(2U, GetStoredVerdictCount()); | 460 ASSERT_EQ(2U, GetStoredVerdictCount( |
| 461 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 462 |
| 463 CacheVerdict(GURL("http://foo.com/abc/index.jsp"), |
| 464 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 465 LoginReputationClientResponse::LOW_REPUTATION, 10 * 60, |
| 466 "foo.com/abc", now); |
| 467 CacheVerdict(GURL("http://bar.com/index.jsp"), |
| 468 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 469 LoginReputationClientResponse::PHISHING, 10 * 60, "bar.com", |
| 470 now); |
| 471 ASSERT_EQ(2U, GetStoredVerdictCount( |
| 472 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 379 | 473 |
| 380 // Delete a bar.com URL. Corresponding content setting keyed on | 474 // Delete a bar.com URL. Corresponding content setting keyed on |
| 381 // origin "http://bar.com" should be removed, | 475 // origin "http://bar.com" should be removed, |
| 382 history::URLRows deleted_urls; | 476 history::URLRows deleted_urls; |
| 383 deleted_urls.push_back(history::URLRow(GURL("http://bar.com"))); | 477 deleted_urls.push_back(history::URLRow(GURL("http://bar.com"))); |
| 384 | 478 |
| 385 // Delete an arbitrary data URL, to ensure the service is robust against | 479 // Delete an arbitrary data URL, to ensure the service is robust against |
| 386 // filtering only http/s URLs. See crbug.com/709758. | 480 // filtering only http/s URLs. See crbug.com/709758. |
| 387 deleted_urls.push_back(history::URLRow(GURL("data:text/html, <p>hellow"))); | 481 deleted_urls.push_back(history::URLRow(GURL("data:text/html, <p>hellow"))); |
| 388 | 482 |
| 389 password_protection_service_->RemoveContentSettingsOnURLsDeleted( | 483 password_protection_service_->RemoveContentSettingsOnURLsDeleted( |
| 390 false /* all_history */, deleted_urls); | 484 false /* all_history */, deleted_urls); |
| 391 EXPECT_EQ(1U, GetStoredVerdictCount()); | 485 EXPECT_EQ(1U, GetStoredVerdictCount( |
| 486 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 487 EXPECT_EQ(1U, GetStoredVerdictCount( |
| 488 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 489 |
| 392 LoginReputationClientResponse actual_verdict; | 490 LoginReputationClientResponse actual_verdict; |
| 491 EXPECT_EQ( |
| 492 LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, |
| 493 password_protection_service_->GetCachedVerdict( |
| 494 GURL("http://bar.com"), |
| 495 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict)); |
| 393 EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, | 496 EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, |
| 394 password_protection_service_->GetCachedVerdict( | 497 password_protection_service_->GetCachedVerdict( |
| 395 GURL("http://bar.com"), &actual_verdict)); | 498 GURL("http://bar.com"), |
| 499 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 500 &actual_verdict)); |
| 396 | 501 |
| 397 // If delete all history. All password protection content settings should be | 502 // If delete all history. All password protection content settings should be |
| 398 // gone. | 503 // gone. |
| 399 password_protection_service_->RemoveContentSettingsOnURLsDeleted( | 504 password_protection_service_->RemoveContentSettingsOnURLsDeleted( |
| 400 true /* all_history */, history::URLRows()); | 505 true /* all_history */, history::URLRows()); |
| 401 EXPECT_EQ(0U, GetStoredVerdictCount()); | 506 EXPECT_EQ(0U, GetStoredVerdictCount( |
| 507 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 508 EXPECT_EQ(0U, GetStoredVerdictCount( |
| 509 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 402 } | 510 } |
| 403 | 511 |
| 404 TEST_F(PasswordProtectionServiceTest, VerifyCanGetReputationOfURL) { | 512 TEST_F(PasswordProtectionServiceTest, VerifyCanGetReputationOfURL) { |
| 405 // Invalid main frame URL. | 513 // Invalid main frame URL. |
| 406 EXPECT_FALSE(PasswordProtectionService::CanGetReputationOfURL(GURL())); | 514 EXPECT_FALSE(PasswordProtectionService::CanGetReputationOfURL(GURL())); |
| 407 | 515 |
| 408 // Main frame URL scheme is not HTTP or HTTPS. | 516 // Main frame URL scheme is not HTTP or HTTPS. |
| 409 EXPECT_FALSE(PasswordProtectionService::CanGetReputationOfURL( | 517 EXPECT_FALSE(PasswordProtectionService::CanGetReputationOfURL( |
| 410 GURL("data:text/html, <p>hellow"))); | 518 GURL("data:text/html, <p>hellow"))); |
| 411 | 519 |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 445 10000 /* timeout in ms*/); | 553 10000 /* timeout in ms*/); |
| 446 base::RunLoop().RunUntilIdle(); | 554 base::RunLoop().RunUntilIdle(); |
| 447 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); | 555 EXPECT_EQ(nullptr, password_protection_service_->latest_response()); |
| 448 EXPECT_THAT( | 556 EXPECT_THAT( |
| 449 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), | 557 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 450 testing::ElementsAre(base::Bucket(4 /* MATCHED_WHITELIST */, 1))); | 558 testing::ElementsAre(base::Bucket(4 /* MATCHED_WHITELIST */, 1))); |
| 451 } | 559 } |
| 452 | 560 |
| 453 TEST_F(PasswordProtectionServiceTest, TestNoRequestSentIfVerdictAlreadyCached) { | 561 TEST_F(PasswordProtectionServiceTest, TestNoRequestSentIfVerdictAlreadyCached) { |
| 454 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); | 562 histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0); |
| 455 CacheVerdict(GURL(kTargetUrl), LoginReputationClientResponse::LOW_REPUTATION, | 563 CacheVerdict(GURL(kTargetUrl), |
| 456 600, GURL(kTargetUrl).host(), base::Time::Now()); | 564 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 565 LoginReputationClientResponse::LOW_REPUTATION, 600, |
| 566 GURL(kTargetUrl).host(), base::Time::Now()); |
| 457 InitializeAndStartPasswordOnFocusRequest(false /* match whitelist */, | 567 InitializeAndStartPasswordOnFocusRequest(false /* match whitelist */, |
| 458 10000 /* timeout in ms*/); | 568 10000 /* timeout in ms*/); |
| 459 base::RunLoop().RunUntilIdle(); | 569 base::RunLoop().RunUntilIdle(); |
| 460 EXPECT_THAT( | 570 EXPECT_THAT( |
| 461 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), | 571 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 462 testing::ElementsAre(base::Bucket(5 /* RESPONSE_ALREADY_CACHED */, 1))); | 572 testing::ElementsAre(base::Bucket(5 /* RESPONSE_ALREADY_CACHED */, 1))); |
| 463 EXPECT_EQ(LoginReputationClientResponse::LOW_REPUTATION, | 573 EXPECT_EQ(LoginReputationClientResponse::LOW_REPUTATION, |
| 464 password_protection_service_->latest_response()->verdict_type()); | 574 password_protection_service_->latest_response()->verdict_type()); |
| 465 } | 575 } |
| 466 | 576 |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 553 // Destroy password_protection_service_ while there is one request pending. | 663 // Destroy password_protection_service_ while there is one request pending. |
| 554 password_protection_service_.reset(); | 664 password_protection_service_.reset(); |
| 555 base::RunLoop().RunUntilIdle(); | 665 base::RunLoop().RunUntilIdle(); |
| 556 | 666 |
| 557 EXPECT_THAT( | 667 EXPECT_THAT( |
| 558 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), | 668 histograms_.GetAllSamples(kPasswordOnFocusRequestOutcomeHistogramName), |
| 559 testing::ElementsAre(base::Bucket(2 /* CANCELED */, 1))); | 669 testing::ElementsAre(base::Bucket(2 /* CANCELED */, 1))); |
| 560 } | 670 } |
| 561 | 671 |
| 562 TEST_F(PasswordProtectionServiceTest, TestCleanUpExpiredVerdict) { | 672 TEST_F(PasswordProtectionServiceTest, TestCleanUpExpiredVerdict) { |
| 563 ASSERT_EQ(0U, GetStoredVerdictCount()); | 673 // Prepare 4 verdicts for PASSWORD_REUSE_EVENT: |
| 564 // Prepare 4 verdicts: | |
| 565 // (1) "foo.com/abc" valid | 674 // (1) "foo.com/abc" valid |
| 566 // (2) "foo.com/def" expired | 675 // (2) "foo.com/def" expired |
| 567 // (3) "bar.com/abc" expired | 676 // (3) "bar.com/abc" expired |
| 568 // (4) "bar.com/def" expired | 677 // (4) "bar.com/def" expired |
| 569 base::Time now = base::Time::Now(); | 678 base::Time now = base::Time::Now(); |
| 570 CacheVerdict(GURL("https://foo.com/abc/index.jsp"), | 679 CacheVerdict(GURL("https://foo.com/abc/index.jsp"), |
| 680 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 571 LoginReputationClientResponse::LOW_REPUTATION, 10 * 60, | 681 LoginReputationClientResponse::LOW_REPUTATION, 10 * 60, |
| 572 "foo.com/abc", now); | 682 "foo.com/abc", now); |
| 573 CacheVerdict(GURL("https://foo.com/def/index.jsp"), | 683 CacheVerdict(GURL("https://foo.com/def/index.jsp"), |
| 684 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 574 LoginReputationClientResponse::LOW_REPUTATION, 0, "foo.com/def", | 685 LoginReputationClientResponse::LOW_REPUTATION, 0, "foo.com/def", |
| 575 now); | 686 now); |
| 576 CacheVerdict(GURL("https://bar.com/abc/index.jsp"), | 687 CacheVerdict(GURL("https://bar.com/abc/index.jsp"), |
| 688 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 577 LoginReputationClientResponse::PHISHING, 0, "bar.com/abc", now); | 689 LoginReputationClientResponse::PHISHING, 0, "bar.com/abc", now); |
| 578 CacheVerdict(GURL("https://bar.com/def/index.jsp"), | 690 CacheVerdict(GURL("https://bar.com/def/index.jsp"), |
| 691 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 579 LoginReputationClientResponse::PHISHING, 0, "bar.com/def", now); | 692 LoginReputationClientResponse::PHISHING, 0, "bar.com/def", now); |
| 580 ASSERT_EQ(4U, GetStoredVerdictCount()); | 693 ASSERT_EQ(4U, GetStoredVerdictCount( |
| 694 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 695 |
| 696 // Prepare 2 verdicts for UNFAMILIAR_LOGIN_PAGE: |
| 697 // (1) "bar.com/def" valid |
| 698 // (2) "bar.com/xyz" expired |
| 699 CacheVerdict(GURL("https://bar.com/def/index.jsp"), |
| 700 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 701 LoginReputationClientResponse::SAFE, 10 * 60, "bar.com/def", |
| 702 now); |
| 703 CacheVerdict(GURL("https://bar.com/xyz/index.jsp"), |
| 704 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 705 LoginReputationClientResponse::PHISHING, 0, "bar.com/xyz", now); |
| 706 ASSERT_EQ(2U, GetStoredVerdictCount( |
| 707 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 581 | 708 |
| 582 password_protection_service_->CleanUpExpiredVerdicts(); | 709 password_protection_service_->CleanUpExpiredVerdicts(); |
| 583 | 710 |
| 584 ASSERT_EQ(1U, GetStoredVerdictCount()); | 711 ASSERT_EQ(1U, GetStoredVerdictCount( |
| 712 LoginReputationClientRequest::PASSWORD_REUSE_EVENT)); |
| 713 ASSERT_EQ(1U, GetStoredVerdictCount( |
| 714 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE)); |
| 585 LoginReputationClientResponse actual_verdict; | 715 LoginReputationClientResponse actual_verdict; |
| 586 // Has cached verdict for foo.com/abc. | 716 // Has cached PASSWORD_REUSE_EVENT verdict for foo.com/abc. |
| 587 EXPECT_EQ(LoginReputationClientResponse::LOW_REPUTATION, | 717 EXPECT_EQ( |
| 718 LoginReputationClientResponse::LOW_REPUTATION, |
| 719 password_protection_service_->GetCachedVerdict( |
| 720 GURL("https://foo.com/abc/test.jsp"), |
| 721 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict)); |
| 722 // No cached PASSWORD_REUSE_EVENT verdict for foo.com/def. |
| 723 EXPECT_EQ( |
| 724 LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, |
| 725 password_protection_service_->GetCachedVerdict( |
| 726 GURL("https://foo.com/def/index.jsp"), |
| 727 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict)); |
| 728 // No cached PASSWORD_REUSE_EVENT verdict for bar.com/abc. |
| 729 EXPECT_EQ( |
| 730 LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, |
| 731 password_protection_service_->GetCachedVerdict( |
| 732 GURL("https://bar.com/abc/index.jsp"), |
| 733 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict)); |
| 734 // No cached PASSWORD_REUSE_EVENT verdict for bar.com/def. |
| 735 EXPECT_EQ( |
| 736 LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, |
| 737 password_protection_service_->GetCachedVerdict( |
| 738 GURL("https://bar.com/def/index.jsp"), |
| 739 LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict)); |
| 740 |
| 741 // Has cached UNFAMILIAR_LOGIN_PAGE verdict for bar.com/def. |
| 742 EXPECT_EQ(LoginReputationClientResponse::SAFE, |
| 588 password_protection_service_->GetCachedVerdict( | 743 password_protection_service_->GetCachedVerdict( |
| 589 GURL("https://foo.com/abc/test.jsp"), &actual_verdict)); | 744 GURL("https://bar.com/def/index.jsp"), |
| 590 // No cached verdict for foo.com/def. | 745 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 746 &actual_verdict)); |
| 747 |
| 748 // No cached UNFAMILIAR_LOGIN_PAGE verdict for bar.com/xyz. |
| 591 EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, | 749 EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED, |
| 592 password_protection_service_->GetCachedVerdict( | 750 password_protection_service_->GetCachedVerdict( |
| 593 GURL("https://foo.com/def/index.jsp"), &actual_verdict)); | 751 GURL("https://bar.com/xyz/index.jsp"), |
| 594 // Nothing in content setting for bar.com. | 752 LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE, |
| 595 EXPECT_EQ(nullptr, content_setting_map_->GetWebsiteSetting( | 753 &actual_verdict)); |
| 596 GURL("https://bar.com"), GURL(), | |
| 597 CONTENT_SETTINGS_TYPE_PASSWORD_PROTECTION, | |
| 598 std::string(), nullptr)); | |
| 599 } | 754 } |
| 600 | 755 |
| 601 TEST_F(PasswordProtectionServiceTest, VerifyPasswordOnFocusRequestProto) { | 756 TEST_F(PasswordProtectionServiceTest, VerifyPasswordOnFocusRequestProto) { |
| 602 // Set up valid response. | 757 // Set up valid response. |
| 603 net::TestURLFetcher fetcher(0, GURL("http://bar.com"), nullptr); | 758 net::TestURLFetcher fetcher(0, GURL("http://bar.com"), nullptr); |
| 604 fetcher.set_status( | 759 fetcher.set_status( |
| 605 net::URLRequestStatus(net::URLRequestStatus::SUCCESS, net::OK)); | 760 net::URLRequestStatus(net::URLRequestStatus::SUCCESS, net::OK)); |
| 606 fetcher.set_response_code(200); | 761 fetcher.set_response_code(200); |
| 607 LoginReputationClientResponse expected_response = CreateVerdictProto( | 762 LoginReputationClientResponse expected_response = CreateVerdictProto( |
| 608 LoginReputationClientResponse::PHISHING, 600, GURL(kTargetUrl).host()); | 763 LoginReputationClientResponse::PHISHING, 600, GURL(kTargetUrl).host()); |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 648 EXPECT_EQ(kTargetUrl, actual_request->page_url()); | 803 EXPECT_EQ(kTargetUrl, actual_request->page_url()); |
| 649 EXPECT_EQ(LoginReputationClientRequest::PASSWORD_REUSE_EVENT, | 804 EXPECT_EQ(LoginReputationClientRequest::PASSWORD_REUSE_EVENT, |
| 650 actual_request->trigger_type()); | 805 actual_request->trigger_type()); |
| 651 EXPECT_EQ(1, actual_request->frames_size()); | 806 EXPECT_EQ(1, actual_request->frames_size()); |
| 652 EXPECT_EQ(kTargetUrl, actual_request->frames(0).url()); | 807 EXPECT_EQ(kTargetUrl, actual_request->frames(0).url()); |
| 653 // TODO(jialiul): Update this test when we're ready to fill more fields. | 808 // TODO(jialiul): Update this test when we're ready to fill more fields. |
| 654 ASSERT_FALSE(actual_request->has_password_reuse_event()); | 809 ASSERT_FALSE(actual_request->has_password_reuse_event()); |
| 655 } | 810 } |
| 656 | 811 |
| 657 } // namespace safe_browsing | 812 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2911293003:
Reland: Cache protected password entry and password on focus ping separately. (Closed)
