Initial script request detector.

chrome/browser/safe_browsing/incident_reporting/script_request_detector_unittest.cc

Index: chrome/browser/safe_browsing/incident_reporting/script_request_detector_unittest.cc
diff --git a/chrome/browser/safe_browsing/incident_reporting/script_request_detector_unittest.cc b/chrome/browser/safe_browsing/incident_reporting/script_request_detector_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..2fd8531b6edeba19306b51ddd7f9a5e8b2461f1e
--- /dev/null
+++ b/chrome/browser/safe_browsing/incident_reporting/script_request_detector_unittest.cc
@@ -0,0 +1,145 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.

[grt (UTC plus 2), 2015/02/06 15:24:54]

2015, please. :-)

[robertshield, 2015/02/06 22:36:48]

Done.

+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/bind.h"
+#include "base/run_loop.h"
+#include "chrome/browser/safe_browsing/incident_reporting/incident.h"
+#include "chrome/browser/safe_browsing/incident_reporting/incident_receiver.h"
+#include "chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.h"
+#include "chrome/browser/safe_browsing/incident_reporting/script_request_detector.h"
+#include "chrome/common/safe_browsing/csd.pb.h"
+#include "content/public/browser/resource_request_info.h"
+#include "content/public/common/resource_type.h"
+#include "content/public/test/test_browser_thread_bundle.h"
+#include "crypto/sha2.h"
+#include "ipc/ipc_message.h"
+#include "net/base/request_priority.h"
+#include "net/url_request/url_request.h"
+#include "net/url_request/url_request_test_util.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "url/gurl.h"
+
+namespace {
+const char* kMatchingTestUrl = "http://example.com/foo/bar/baz.js";

[grt (UTC plus 2), 2015/02/06 15:24:55]

const char kFoo[] = "..." for these three

[robertshield, 2015/02/06 22:36:48]

Done.

+const char* kMatchingTestUrlParams =
+    "http://example.com/foo/bar/baz.js#abc?foo=bar";
+const char* kNonMatchingTestUrl = "http://example.com/nonmatching/bar/baz.js";
+}
+
+namespace safe_browsing {
+
+class FakeIncidentReceiver : public IncidentReceiver {

[grt (UTC plus 2), 2015/02/06 15:24:54]

why not use MockIncidentReceiver (in mock_incident_receiver.h)? you could remove
this class and set up the fake detector with a StrictMock<MockIncidentReceiver>
and remove the count member. EventForBaseMatchingScript and
EventForMatchingScriptWithParams would each have a single EXPECT_CALL, whereas
the others would need nothing at all (the StrictMock will fail the tests if any
method is called). you can use the TakeIncident action to get and then inspect
the incident:

    scoped_ptr<Incident> incident;
    EXPECT_CALL(mock_receiver, DoAddIncidentForProfile(IsNull(), _))
        .WillOnce(WithArg<1>(TakeIncident(&incident)));
    // EXPECT/ASSERT various things on |incident|...

see the other unittests in this directory for examples.

[robertshield, 2015/02/06 22:36:48]

Done.

+ public:
+  explicit FakeIncidentReceiver(const base::Closure& callback)
+      : callback_(callback) {}
+
+  void AddIncidentForProfile(Profile* profile,
+                             scoped_ptr<Incident> incident) override {
+    callback_.Run();
+  }
+
+  void AddIncidentForProcess(scoped_ptr<Incident> incident) override {
+    callback_.Run();
+  }
+
+ private:
+  base::Closure callback_;
+};
+
+class FakeScriptRequestDetector : public ScriptRequestDetector {
+ public:
+  explicit FakeScriptRequestDetector(
+      scoped_ptr<IncidentReceiver> incident_receiver)
+      : ScriptRequestDetector(incident_receiver.Pass()) {
+    FakeScriptRequestDetector::set_allow_null_profile_for_testing(true);
+  }
+};
+
+class ScriptRequestDetectorTest : public testing::Test {
+ public:
+  ScriptRequestDetectorTest()
+      : fake_script_request_detector_(make_scoped_ptr(
+            new FakeIncidentReceiver(
+                base::Bind(&ScriptRequestDetectorTest::OnScriptDetectionEvent,
+                           base::Unretained(this))))),
+        script_detection_event_count_(0) {
+  }
+
+ protected:
+  scoped_ptr<net::URLRequest> GetTestURLRequest(
+      const std::string& url,
+      content::ResourceType resource_type) const {
+    scoped_ptr<net::URLRequest> url_request(
+        context_.CreateRequest(GURL(url), net::DEFAULT_PRIORITY, NULL, NULL));
+
+    content::ResourceRequestInfo::AllocateForTesting(
+        url_request.get(), resource_type,
+        NULL,              // resource_context
+        0,                 // render_process_id
+        0,                 // render_view_id
+        MSG_ROUTING_NONE,  // render_frame_id
+        true,              // is_main_frame
+        false,             // parent_is_main_frame
+        true,              // allow_download
+        false);            // is_async
+
+    return url_request.Pass();
+  }
+
+ protected:
+  FakeScriptRequestDetector fake_script_request_detector_;
+  int script_detection_event_count_;
+  scoped_ptr<ClientIncidentReport_IncidentData> incident_data_;
+
+ private:
+  void OnScriptDetectionEvent() {
+    ++script_detection_event_count_;
+  }
+
+  // UrlRequest requires a message loop. This provides one.
+  content::TestBrowserThreadBundle thread_bundle_;
+  net::TestURLRequestContext context_;
+};
+
+TEST_F(ScriptRequestDetectorTest, NoEventForIgnoredResourceTypes) {
+  scoped_ptr<net::URLRequest> ignored_request(
+      GetTestURLRequest(kNonMatchingTestUrl, content::RESOURCE_TYPE_IMAGE));
+
+  fake_script_request_detector_.OnResourceRequest(ignored_request.get());
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_EQ(0, script_detection_event_count_);
+}
+
+TEST_F(ScriptRequestDetectorTest, NoEventForNonMatchingScript) {
+  scoped_ptr<net::URLRequest> ignored_request(
+      GetTestURLRequest(kNonMatchingTestUrl, content::RESOURCE_TYPE_SCRIPT));
+
+  fake_script_request_detector_.OnResourceRequest(ignored_request.get());
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_EQ(0, script_detection_event_count_);
+}
+
+TEST_F(ScriptRequestDetectorTest, EventForBaseMatchingScript) {
+  GURL url(kMatchingTestUrl);
+  scoped_ptr<net::URLRequest> request(
+      GetTestURLRequest(kMatchingTestUrl, content::RESOURCE_TYPE_SCRIPT));
+  fake_script_request_detector_.OnResourceRequest(request.get());
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_EQ(1, script_detection_event_count_);
+}
+
+TEST_F(ScriptRequestDetectorTest, EventForMatchingScriptWithParams) {
+  GURL url(kMatchingTestUrlParams);
+  scoped_ptr<net::URLRequest> request(
+      GetTestURLRequest(kMatchingTestUrlParams, content::RESOURCE_TYPE_SCRIPT));
+  fake_script_request_detector_.OnResourceRequest(request.get());
+  base::RunLoop().RunUntilIdle();
+
+  EXPECT_EQ(1, script_detection_event_count_);
+}
+
+}  // namespace safe_browsing