| Index: components/safe_browsing/password_protection/password_protection_service_unittest.cc
|
| diff --git a/components/safe_browsing/password_protection/password_protection_service_unittest.cc b/components/safe_browsing/password_protection/password_protection_service_unittest.cc
|
| index d297ef1895e5566aff46776ae228bc528360bfe1..1baee7c57d65f1d31d6890107b82e0a984b55475 100644
|
| --- a/components/safe_browsing/password_protection/password_protection_service_unittest.cc
|
| +++ b/components/safe_browsing/password_protection/password_protection_service_unittest.cc
|
| @@ -201,18 +201,19 @@ class PasswordProtectionServiceTest : public testing::Test {
|
| }
|
|
|
| void CacheVerdict(const GURL& url,
|
| + LoginReputationClientRequest::TriggerType trigger,
|
| LoginReputationClientResponse::VerdictType verdict,
|
| int cache_duration_sec,
|
| const std::string& cache_expression,
|
| const base::Time& verdict_received_time) {
|
| LoginReputationClientResponse response(
|
| CreateVerdictProto(verdict, cache_duration_sec, cache_expression));
|
| - password_protection_service_->CacheVerdict(url, &response,
|
| + password_protection_service_->CacheVerdict(url, trigger, &response,
|
| verdict_received_time);
|
| }
|
|
|
| - size_t GetStoredVerdictCount() {
|
| - return password_protection_service_->GetStoredVerdictCount();
|
| + size_t GetStoredVerdictCount(LoginReputationClientRequest::TriggerType type) {
|
| + return password_protection_service_->GetStoredVerdictCount(type);
|
| }
|
|
|
| protected:
|
| @@ -304,80 +305,173 @@ TEST_F(PasswordProtectionServiceTest, TestPathVariantsMatchCacheExpression) {
|
| GURL("http://evil.com/worse/index.html"), cache_expression_with_slash));
|
| }
|
|
|
| -TEST_F(PasswordProtectionServiceTest, TestCachedVerdicts) {
|
| - ASSERT_EQ(0U, GetStoredVerdictCount());
|
| +TEST_F(PasswordProtectionServiceTest, TestCachePasswordReuseVerdicts) {
|
| + ASSERT_EQ(0U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| +
|
| // Assume each verdict has a TTL of 10 minutes.
|
| // Cache a verdict for http://www.test.com/foo/index.html
|
| CacheVerdict(GURL("http://www.test.com/foo/index.html"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foo",
|
| base::Time::Now());
|
|
|
| - EXPECT_EQ(1U, GetStoredVerdictCount());
|
| + EXPECT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
|
|
| // Cache another verdict with the some origin and cache_expression should
|
| // override the cache.
|
| CacheVerdict(GURL("http://www.test.com/foo/index2.html"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::PHISHING, 10 * 60, "test.com/foo",
|
| base::Time::Now());
|
| - EXPECT_EQ(1U, GetStoredVerdictCount());
|
| + EXPECT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| LoginReputationClientResponse out_verdict;
|
| - EXPECT_EQ(LoginReputationClientResponse::PHISHING,
|
| - password_protection_service_->GetCachedVerdict(
|
| - GURL("http://www.test.com/foo/index2.html"), &out_verdict));
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::PHISHING,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("http://www.test.com/foo/index2.html"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &out_verdict));
|
|
|
| // Cache another verdict with the same origin but different cache_expression
|
| // will not increase setting count, but will increase the number of verdicts
|
| // in the given origin.
|
| CacheVerdict(GURL("http://www.test.com/bar/index2.html"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::SAFE, 10 * 60, "test.com/bar",
|
| base::Time::Now());
|
| - EXPECT_EQ(2U, GetStoredVerdictCount());
|
| + EXPECT_EQ(2U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| +
|
| + // Now cache a UNFAMILIAR_LOGIN_PAGE verdict, stored verdict count for
|
| + // PASSWORD_REUSE_EVENT should be the same.
|
| + CacheVerdict(GURL("http://www.test.com/foobar/index3.html"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foobar",
|
| + base::Time::Now());
|
| + EXPECT_EQ(2U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| + EXPECT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| +}
|
| +
|
| +TEST_F(PasswordProtectionServiceTest, TestCacheUnfamiliarLoginVerdicts) {
|
| + ASSERT_EQ(0U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| +
|
| + // Assume each verdict has a TTL of 10 minutes.
|
| + // Cache a verdict for http://www.test.com/foo/index.html
|
| + CacheVerdict(GURL("http://www.test.com/foo/index.html"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foo",
|
| + base::Time::Now());
|
| +
|
| + EXPECT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| +
|
| + // Cache another verdict with the same origin but different cache_expression
|
| + // will not increase setting count, but will increase the number of verdicts
|
| + // in the given origin.
|
| + CacheVerdict(GURL("http://www.test.com/bar/index2.html"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::SAFE, 10 * 60, "test.com/bar",
|
| + base::Time::Now());
|
| + EXPECT_EQ(2U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| +
|
| + // Now cache a PASSWORD_REUSE_EVENT verdict, stored verdict count for
|
| + // UNFAMILIAR_LOGIN_PAGE should be the same.
|
| + CacheVerdict(GURL("http://www.test.com/foobar/index3.html"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| + LoginReputationClientResponse::SAFE, 10 * 60, "test.com/foobar",
|
| + base::Time::Now());
|
| + EXPECT_EQ(2U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| + EXPECT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| }
|
|
|
| TEST_F(PasswordProtectionServiceTest, TestGetCachedVerdicts) {
|
| - ASSERT_EQ(0U, GetStoredVerdictCount());
|
| - // Prepare 2 verdicts of the same origin with different cache expressions,
|
| - // one is expired, the other is not.
|
| + ASSERT_EQ(0U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| + ASSERT_EQ(0U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| + // Prepare 3 verdicts of the same origin with different cache expressions,
|
| + // one is expired, one is not, the other is of a different type.
|
| base::Time now = base::Time::Now();
|
| CacheVerdict(GURL("http://test.com/login.html"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::SAFE, 10 * 60, "test.com", now);
|
| CacheVerdict(
|
| GURL("http://test.com/def/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::PHISHING, 10 * 60, "test.com/def",
|
| base::Time::FromDoubleT(now.ToDoubleT() -
|
| 24.0 * 60.0 * 60.0)); // Yesterday, expired.
|
| - ASSERT_EQ(2U, GetStoredVerdictCount());
|
| + CacheVerdict(GURL("http://test.com/bar/login.html"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::PHISHING, 10 * 60, "test.com/bar",
|
| + now);
|
| +
|
| + ASSERT_EQ(2U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| + ASSERT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
|
|
| // Return VERDICT_TYPE_UNSPECIFIED if look up for a URL with unknown origin.
|
| LoginReputationClientResponse actual_verdict;
|
| - EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| - password_protection_service_->GetCachedVerdict(
|
| - GURL("http://www.unknown.com/"), &actual_verdict));
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("http://www.unknown.com/"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict));
|
|
|
| // Return SAFE if look up for a URL that matches "test.com" cache expression.
|
| - EXPECT_EQ(LoginReputationClientResponse::SAFE,
|
| - password_protection_service_->GetCachedVerdict(
|
| - GURL("http://test.com/xyz/foo.jsp"), &actual_verdict));
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::SAFE,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("http://test.com/xyz/foo.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict));
|
|
|
| // Return VERDICT_TYPE_UNSPECIFIED if look up for a URL whose variants match
|
| // test.com/def, but the corresponding verdict is expired.
|
| - EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| - password_protection_service_->GetCachedVerdict(
|
| - GURL("http://test.com/def/ghi/index.html"), &actual_verdict));
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("http://test.com/def/ghi/index.html"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict));
|
| }
|
|
|
| TEST_F(PasswordProtectionServiceTest, TestRemoveCachedVerdictOnURLsDeleted) {
|
| - ASSERT_EQ(0U, GetStoredVerdictCount());
|
| + ASSERT_EQ(0U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| + ASSERT_EQ(0U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| // Prepare 2 verdicts. One is for origin "http://foo.com", and the other is
|
| // for "http://bar.com".
|
| base::Time now = base::Time::Now();
|
| CacheVerdict(GURL("http://foo.com/abc/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::LOW_REPUTATION, 10 * 60,
|
| "foo.com/abc", now);
|
| CacheVerdict(GURL("http://bar.com/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::PHISHING, 10 * 60, "bar.com",
|
| now);
|
| - ASSERT_EQ(2U, GetStoredVerdictCount());
|
| + ASSERT_EQ(2U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| +
|
| + CacheVerdict(GURL("http://foo.com/abc/index.jsp"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::LOW_REPUTATION, 10 * 60,
|
| + "foo.com/abc", now);
|
| + CacheVerdict(GURL("http://bar.com/index.jsp"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::PHISHING, 10 * 60, "bar.com",
|
| + now);
|
| + ASSERT_EQ(2U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
|
|
| // Delete a bar.com URL. Corresponding content setting keyed on
|
| // origin "http://bar.com" should be removed,
|
| @@ -390,17 +484,31 @@ TEST_F(PasswordProtectionServiceTest, TestRemoveCachedVerdictOnURLsDeleted) {
|
|
|
| password_protection_service_->RemoveContentSettingsOnURLsDeleted(
|
| false /* all_history */, deleted_urls);
|
| - EXPECT_EQ(1U, GetStoredVerdictCount());
|
| + EXPECT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| + EXPECT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| +
|
| LoginReputationClientResponse actual_verdict;
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("http://bar.com"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict));
|
| EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| password_protection_service_->GetCachedVerdict(
|
| - GURL("http://bar.com"), &actual_verdict));
|
| + GURL("http://bar.com"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + &actual_verdict));
|
|
|
| // If delete all history. All password protection content settings should be
|
| // gone.
|
| password_protection_service_->RemoveContentSettingsOnURLsDeleted(
|
| true /* all_history */, history::URLRows());
|
| - EXPECT_EQ(0U, GetStoredVerdictCount());
|
| + EXPECT_EQ(0U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| + EXPECT_EQ(0U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| }
|
|
|
| TEST_F(PasswordProtectionServiceTest, VerifyCanGetReputationOfURL) {
|
| @@ -454,8 +562,10 @@ TEST_F(PasswordProtectionServiceTest, TestNoRequestSentForWhitelistedURL) {
|
|
|
| TEST_F(PasswordProtectionServiceTest, TestNoRequestSentIfVerdictAlreadyCached) {
|
| histograms_.ExpectTotalCount(kPasswordOnFocusRequestOutcomeHistogramName, 0);
|
| - CacheVerdict(GURL(kTargetUrl), LoginReputationClientResponse::LOW_REPUTATION,
|
| - 600, GURL(kTargetUrl).host(), base::Time::Now());
|
| + CacheVerdict(GURL(kTargetUrl),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::LOW_REPUTATION, 600,
|
| + GURL(kTargetUrl).host(), base::Time::Now());
|
| InitializeAndStartPasswordOnFocusRequest(false /* match whitelist */,
|
| 10000 /* timeout in ms*/);
|
| base::RunLoop().RunUntilIdle();
|
| @@ -562,42 +672,87 @@ TEST_F(PasswordProtectionServiceTest, TestTearDownWithPendingRequests) {
|
| }
|
|
|
| TEST_F(PasswordProtectionServiceTest, TestCleanUpExpiredVerdict) {
|
| - ASSERT_EQ(0U, GetStoredVerdictCount());
|
| - // Prepare 4 verdicts:
|
| + // Prepare 4 verdicts for PASSWORD_REUSE_EVENT:
|
| // (1) "foo.com/abc" valid
|
| // (2) "foo.com/def" expired
|
| // (3) "bar.com/abc" expired
|
| // (4) "bar.com/def" expired
|
| base::Time now = base::Time::Now();
|
| CacheVerdict(GURL("https://foo.com/abc/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::LOW_REPUTATION, 10 * 60,
|
| "foo.com/abc", now);
|
| CacheVerdict(GURL("https://foo.com/def/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::LOW_REPUTATION, 0, "foo.com/def",
|
| now);
|
| CacheVerdict(GURL("https://bar.com/abc/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::PHISHING, 0, "bar.com/abc", now);
|
| CacheVerdict(GURL("https://bar.com/def/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT,
|
| LoginReputationClientResponse::PHISHING, 0, "bar.com/def", now);
|
| - ASSERT_EQ(4U, GetStoredVerdictCount());
|
| + ASSERT_EQ(4U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| +
|
| + // Prepare 2 verdicts for UNFAMILIAR_LOGIN_PAGE:
|
| + // (1) "bar.com/def" valid
|
| + // (2) "bar.com/xyz" expired
|
| + CacheVerdict(GURL("https://bar.com/def/index.jsp"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::SAFE, 10 * 60, "bar.com/def",
|
| + now);
|
| + CacheVerdict(GURL("https://bar.com/xyz/index.jsp"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + LoginReputationClientResponse::PHISHING, 0, "bar.com/xyz", now);
|
| + ASSERT_EQ(2U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
|
|
| password_protection_service_->CleanUpExpiredVerdicts();
|
|
|
| - ASSERT_EQ(1U, GetStoredVerdictCount());
|
| + ASSERT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT));
|
| + ASSERT_EQ(1U, GetStoredVerdictCount(
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE));
|
| LoginReputationClientResponse actual_verdict;
|
| - // Has cached verdict for foo.com/abc.
|
| - EXPECT_EQ(LoginReputationClientResponse::LOW_REPUTATION,
|
| + // Has cached PASSWORD_REUSE_EVENT verdict for foo.com/abc.
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::LOW_REPUTATION,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("https://foo.com/abc/test.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict));
|
| + // No cached PASSWORD_REUSE_EVENT verdict for foo.com/def.
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("https://foo.com/def/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict));
|
| + // No cached PASSWORD_REUSE_EVENT verdict for bar.com/abc.
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("https://bar.com/abc/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict));
|
| + // No cached PASSWORD_REUSE_EVENT verdict for bar.com/def.
|
| + EXPECT_EQ(
|
| + LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| + password_protection_service_->GetCachedVerdict(
|
| + GURL("https://bar.com/def/index.jsp"),
|
| + LoginReputationClientRequest::PASSWORD_REUSE_EVENT, &actual_verdict));
|
| +
|
| + // Has cached UNFAMILIAR_LOGIN_PAGE verdict for bar.com/def.
|
| + EXPECT_EQ(LoginReputationClientResponse::SAFE,
|
| password_protection_service_->GetCachedVerdict(
|
| - GURL("https://foo.com/abc/test.jsp"), &actual_verdict));
|
| - // No cached verdict for foo.com/def.
|
| + GURL("https://bar.com/def/index.jsp"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + &actual_verdict));
|
| +
|
| + // No cached UNFAMILIAR_LOGIN_PAGE verdict for bar.com/xyz.
|
| EXPECT_EQ(LoginReputationClientResponse::VERDICT_TYPE_UNSPECIFIED,
|
| password_protection_service_->GetCachedVerdict(
|
| - GURL("https://foo.com/def/index.jsp"), &actual_verdict));
|
| - // Nothing in content setting for bar.com.
|
| - EXPECT_EQ(nullptr, content_setting_map_->GetWebsiteSetting(
|
| - GURL("https://bar.com"), GURL(),
|
| - CONTENT_SETTINGS_TYPE_PASSWORD_PROTECTION,
|
| - std::string(), nullptr));
|
| + GURL("https://bar.com/xyz/index.jsp"),
|
| + LoginReputationClientRequest::UNFAMILIAR_LOGIN_PAGE,
|
| + &actual_verdict));
|
| }
|
|
|
| TEST_F(PasswordProtectionServiceTest, VerifyPasswordOnFocusRequestProto) {
|
|
|
Chromium Code Reviews
Issue 2911293003:
Reland: Cache protected password entry and password on focus ping separately. (Closed)
