Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(223)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/safe_browsing/safe_browsing_service_browsertest.cc

Issue 2952583002: SafeBrowsing support for WebSocket (post-network-servicification) (Closed)
Patch Set: Revert change to WebSocketHandshakeThrottle.h Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « android_webview/renderer/aw_content_renderer_client.cc ('k') | chrome/renderer/BUILD.gn » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 // 4 //
5 // This test creates a safebrowsing service using test safebrowsing database 5 // This test creates a safebrowsing service using test safebrowsing database
6 // and a test protocol manager. It is used to test logics in safebrowsing 6 // and a test protocol manager. It is used to test logics in safebrowsing
7 // service. 7 // service.
8 8
9 #include "chrome/browser/safe_browsing/safe_browsing_service.h" 9 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
10 10
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
70 #include "crypto/sha2.h" 70 #include "crypto/sha2.h"
71 #include "net/cookies/cookie_store.h" 71 #include "net/cookies/cookie_store.h"
72 #include "net/cookies/cookie_util.h" 72 #include "net/cookies/cookie_util.h"
73 #include "net/test/embedded_test_server/embedded_test_server.h" 73 #include "net/test/embedded_test_server/embedded_test_server.h"
74 #include "net/test/embedded_test_server/http_request.h" 74 #include "net/test/embedded_test_server/http_request.h"
75 #include "net/test/embedded_test_server/http_response.h" 75 #include "net/test/embedded_test_server/http_response.h"
76 #include "sql/connection.h" 76 #include "sql/connection.h"
77 #include "sql/statement.h" 77 #include "sql/statement.h"
78 #include "testing/gmock/include/gmock/gmock.h" 78 #include "testing/gmock/include/gmock/gmock.h"
79 #include "url/gurl.h" 79 #include "url/gurl.h"
80 #include "url/url_canon.h"
80 81
81 #if defined(OS_CHROMEOS) 82 #if defined(OS_CHROMEOS)
82 #include "chrome/browser/chromeos/profiles/profile_helper.h" 83 #include "chrome/browser/chromeos/profiles/profile_helper.h"
83 #include "chromeos/chromeos_switches.h" 84 #include "chromeos/chromeos_switches.h"
84 #endif 85 #endif
85 86
86 #if !defined(SAFE_BROWSING_DB_LOCAL) 87 #if !defined(SAFE_BROWSING_DB_LOCAL)
87 #error This test requires SAFE_BROWSING_DB_LOCAL. 88 #error This test requires SAFE_BROWSING_DB_LOCAL.
88 #endif 89 #endif
89 90
(...skipping 10 matching lines...) Expand all
100 101
101 const char kBlacklistResource[] = "/blacklisted/script.js"; 102 const char kBlacklistResource[] = "/blacklisted/script.js";
102 const char kEmptyPage[] = "/empty.html"; 103 const char kEmptyPage[] = "/empty.html";
103 const char kMaliciousResource[] = "/malware/script.js"; 104 const char kMaliciousResource[] = "/malware/script.js";
104 const char kMalwareFile[] = "/downloads/dangerous/dangerous.exe"; 105 const char kMalwareFile[] = "/downloads/dangerous/dangerous.exe";
105 const char kMalwarePage[] = "/safe_browsing/malware.html"; 106 const char kMalwarePage[] = "/safe_browsing/malware.html";
106 const char kMalwareDelayedLoadsPage[] = 107 const char kMalwareDelayedLoadsPage[] =
107 "/safe_browsing/malware_delayed_loads.html"; 108 "/safe_browsing/malware_delayed_loads.html";
108 const char kMalwareIFrame[] = "/safe_browsing/malware_iframe.html"; 109 const char kMalwareIFrame[] = "/safe_browsing/malware_iframe.html";
109 const char kMalwareImg[] = "/safe_browsing/malware_image.png"; 110 const char kMalwareImg[] = "/safe_browsing/malware_image.png";
111 const char kMalwareWebSocketPage[] = "/safe_browsing/malware_websocket.html";
110 const char kNeverCompletesPath[] = "/never_completes"; 112 const char kNeverCompletesPath[] = "/never_completes";
111 const char kPrefetchMalwarePage[] = "/safe_browsing/prefetch_malware.html"; 113 const char kPrefetchMalwarePage[] = "/safe_browsing/prefetch_malware.html";
112 114
113 class NeverCompletingHttpResponse : public net::test_server::HttpResponse { 115 class NeverCompletingHttpResponse : public net::test_server::HttpResponse {
114 public: 116 public:
115 ~NeverCompletingHttpResponse() override {} 117 ~NeverCompletingHttpResponse() override {}
116 118
117 void SendResponse( 119 void SendResponse(
118 const net::test_server::SendBytesCallback& send, 120 const net::test_server::SendBytesCallback& send,
119 const net::test_server::SendCompleteCallback& done) override { 121 const net::test_server::SendCompleteCallback& done) override {
(...skipping 1349 matching lines...) Expand 10 before | Expand all | Expand 10 after
1469 EXPECT_TRUE(csd_service->enabled()); 1471 EXPECT_TRUE(csd_service->enabled());
1470 1472
1471 // Delete the Profile. SBS stops again. 1473 // Delete the Profile. SBS stops again.
1472 pref_service2 = nullptr; 1474 pref_service2 = nullptr;
1473 profile2.reset(); 1475 profile2.reset();
1474 EXPECT_FALSE(sb_service->enabled_by_prefs()); 1476 EXPECT_FALSE(sb_service->enabled_by_prefs());
1475 WaitForIOAndCheckEnabled(sb_service, false); 1477 WaitForIOAndCheckEnabled(sb_service, false);
1476 EXPECT_FALSE(csd_service->enabled()); 1478 EXPECT_FALSE(csd_service->enabled());
1477 } 1479 }
1478 1480
1481 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, MalwareWebSocketBlocked) {
1482 // This test currently only passes when the network service is enabled.
1483 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1484 ::switches::kEnableNetworkService)) {
1485 GURL main_url = embedded_test_server()->GetURL(kMalwareWebSocketPage);
1486 // This constructs the URL with the same logic as malware_websocket.html.
1487 GURL resolved = main_url.Resolve("/safe_browsing/malware-ws");
1488 GURL::Replacements replace_scheme;
1489 replace_scheme.SetScheme("ws", url::Component(0, strlen("ws")));
1490 GURL websocket_url = resolved.ReplaceComponents(replace_scheme);
1491
1492 // Add the WebSocket url as malware.
1493 SBFullHashResult uws_full_hash;
1494 GenUrlFullHashResult(websocket_url, MALWARE, &uws_full_hash);
1495 SetupResponseForUrl(websocket_url, uws_full_hash);
1496
1497 // Brute force method for waiting for the interstitial to be displayed.
1498 content::WindowedNotificationObserver load_stop_observer(
1499 content::NOTIFICATION_ALL,
1500 base::Bind(
1501 [](SafeBrowsingServiceTest* self,
1502 const content::NotificationSource& source,
1503 const content::NotificationDetails& details) {
1504 return self->ShowingInterstitialPage();
1505 },
1506 base::Unretained(this)));
1507
1508 EXPECT_CALL(observer_,
1509 OnSafeBrowsingHit(IsUnsafeResourceFor(websocket_url)));
1510 ui_test_utils::NavigateToURL(browser(), main_url);
1511
1512 // If the interstitial fails to be displayed, the test will hang here.
1513 load_stop_observer.Wait();
1514
1515 EXPECT_TRUE(ShowingInterstitialPage());
1516 EXPECT_TRUE(got_hit_report());
1517 }
1518 }
1519
1520 IN_PROC_BROWSER_TEST_F(SafeBrowsingServiceTest, UnknownWebSocketNotBlocked) {
1521 GURL main_url = embedded_test_server()->GetURL(kMalwareWebSocketPage);
1522
1523 auto expected_title = base::ASCIIToUTF16("COMPLETED");
1524 content::TitleWatcher title_watcher(
1525 browser()->tab_strip_model()->GetActiveWebContents(), expected_title);
1526
1527 // Load the parent page without marking the WebSocket as malware.
1528 ui_test_utils::NavigateToURL(browser(), main_url);
1529
1530 // Wait for the WebSocket connection attempt to complete.
1531 auto new_title = title_watcher.WaitAndGetTitle();
1532 EXPECT_EQ(expected_title, new_title);
1533 EXPECT_FALSE(ShowingInterstitialPage());
1534 EXPECT_FALSE(got_hit_report());
1535 }
1536
1479 class SafeBrowsingServiceShutdownTest : public SafeBrowsingServiceTest { 1537 class SafeBrowsingServiceShutdownTest : public SafeBrowsingServiceTest {
1480 public: 1538 public:
1481 void TearDown() override { 1539 void TearDown() override {
1482 // Browser should be fully torn down by now, so we can safely check these 1540 // Browser should be fully torn down by now, so we can safely check these
1483 // counters. 1541 // counters.
1484 EXPECT_EQ(1, TestProtocolManager::create_count()); 1542 EXPECT_EQ(1, TestProtocolManager::create_count());
1485 EXPECT_EQ(1, TestProtocolManager::delete_count()); 1543 EXPECT_EQ(1, TestProtocolManager::delete_count());
1486 1544
1487 SafeBrowsingServiceTest::TearDown(); 1545 SafeBrowsingServiceTest::TearDown();
1488 } 1546 }
(...skipping 694 matching lines...) Expand 10 before | Expand all | Expand 10 after
2183 { 2241 {
2184 scoped_refptr<TestSBClient> client(new TestSBClient); 2242 scoped_refptr<TestSBClient> client(new TestSBClient);
2185 2243
2186 MarkUrlForUwsUnexpired(bad_url); 2244 MarkUrlForUwsUnexpired(bad_url);
2187 2245
2188 client->CheckBrowseUrl(bad_url); 2246 client->CheckBrowseUrl(bad_url);
2189 EXPECT_EQ(SB_THREAT_TYPE_URL_MALWARE, client->GetThreatType()); 2247 EXPECT_EQ(SB_THREAT_TYPE_URL_MALWARE, client->GetThreatType());
2190 } 2248 }
2191 } 2249 }
2192 2250
2251 // This is almost identical to
2252 // SafeBrowsingServiceTest.MalwareWebSocketBlocked. That test will be deleted
2253 // when the old database backend stops being used.
yzshen1 2017/06/21 16:55:06 optional: You could use parameterized tests.
Adam Rice 2017/06/22 12:29:31 I thought you couldn't parameterize on test framew
2254 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, MalwareWebSocketBlocked) {
2255 // This test currently only passes when the network service is enabled.
2256 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
2257 ::switches::kEnableNetworkService)) {
2258 GURL main_url = embedded_test_server()->GetURL(kMalwareWebSocketPage);
2259 // This constructs the URL with the same logic as malware_websocket.html.
2260 GURL resolved = main_url.Resolve("/safe_browsing/malware-ws");
2261 GURL::Replacements replace_scheme;
2262 replace_scheme.SetScheme("ws", url::Component(0, strlen("ws")));
2263 GURL websocket_url = resolved.ReplaceComponents(replace_scheme);
2264
2265 MarkUrlForMalwareUnexpired(websocket_url);
2266
2267 // Brute force method for waiting for the interstitial to be displayed.
2268 content::WindowedNotificationObserver load_stop_observer(
2269 content::NOTIFICATION_ALL,
2270 base::Bind(
2271 [](SafeBrowsingServiceTest* self,
2272 const content::NotificationSource& source,
2273 const content::NotificationDetails& details) {
2274 return self->ShowingInterstitialPage();
2275 },
2276 base::Unretained(this)));
2277
2278 EXPECT_CALL(observer_,
2279 OnSafeBrowsingHit(IsUnsafeResourceFor(websocket_url)));
2280 ui_test_utils::NavigateToURL(browser(), main_url);
2281
2282 // If the interstitial fails to be displayed, the test will hang here.
2283 load_stop_observer.Wait();
2284
2285 EXPECT_TRUE(ShowingInterstitialPage());
2286 EXPECT_TRUE(got_hit_report());
2287 EXPECT_EQ(websocket_url, hit_report().malicious_url);
2288 EXPECT_EQ(main_url, hit_report().page_url);
2289 EXPECT_TRUE(hit_report().is_subresource);
2290 }
2291 }
2292
2293 // Identical to SafeBrowsingServiceTest.UnknownWebSocketNotBlocked. Uses the
2294 // V4 database backend.
2295 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, UnknownWebSocketNotBlocked) {
2296 GURL main_url = embedded_test_server()->GetURL(kMalwareWebSocketPage);
2297
2298 auto expected_title = base::ASCIIToUTF16("COMPLETED");
2299 content::TitleWatcher title_watcher(
2300 browser()->tab_strip_model()->GetActiveWebContents(), expected_title);
2301
2302 // Load the parent page without marking the WebSocket as malware.
2303 ui_test_utils::NavigateToURL(browser(), main_url);
2304
2305 // Wait for the WebSocket connection attempt to complete.
2306 auto new_title = title_watcher.WaitAndGetTitle();
2307 EXPECT_EQ(expected_title, new_title);
2308 EXPECT_FALSE(ShowingInterstitialPage());
2309 EXPECT_FALSE(got_hit_report());
2310 }
2311
2193 #if defined(GOOGLE_CHROME_BUILD) 2312 #if defined(GOOGLE_CHROME_BUILD)
2194 // This test is only enabled when GOOGLE_CHROME_BUILD is true because the store 2313 // This test is only enabled when GOOGLE_CHROME_BUILD is true because the store
2195 // that this test uses is only populated on GOOGLE_CHROME_BUILD builds. 2314 // that this test uses is only populated on GOOGLE_CHROME_BUILD builds.
2196 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, CheckDownloadUrlRedirects) { 2315 IN_PROC_BROWSER_TEST_F(V4SafeBrowsingServiceTest, CheckDownloadUrlRedirects) {
2197 GURL original_url = embedded_test_server()->GetURL(kEmptyPage); 2316 GURL original_url = embedded_test_server()->GetURL(kEmptyPage);
2198 GURL badbin_url = embedded_test_server()->GetURL(kMalwareFile); 2317 GURL badbin_url = embedded_test_server()->GetURL(kMalwareFile);
2199 GURL final_url = embedded_test_server()->GetURL(kEmptyPage); 2318 GURL final_url = embedded_test_server()->GetURL(kEmptyPage);
2200 std::vector<GURL> badbin_urls; 2319 std::vector<GURL> badbin_urls;
2201 badbin_urls.push_back(original_url); 2320 badbin_urls.push_back(original_url);
2202 badbin_urls.push_back(badbin_url); 2321 badbin_urls.push_back(badbin_url);
(...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after
2356 } 2475 }
2357 2476
2358 INSTANTIATE_TEST_CASE_P( 2477 INSTANTIATE_TEST_CASE_P(
2359 MaybeSetMetadata, 2478 MaybeSetMetadata,
2360 V4SafeBrowsingServiceMetadataTest, 2479 V4SafeBrowsingServiceMetadataTest,
2361 testing::Values(ThreatPatternType::NONE, 2480 testing::Values(ThreatPatternType::NONE,
2362 ThreatPatternType::MALWARE_LANDING, 2481 ThreatPatternType::MALWARE_LANDING,
2363 ThreatPatternType::MALWARE_DISTRIBUTION)); 2482 ThreatPatternType::MALWARE_DISTRIBUTION));
2364 2483
2365 } // namespace safe_browsing 2484 } // namespace safe_browsing
OLDNEW
« no previous file with comments | « android_webview/renderer/aw_content_renderer_client.cc ('k') | chrome/renderer/BUILD.gn » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698