search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
cros: Remove default pinned apps trial.
[chromium-blink-merge.git] / chrome / browser / safe_browsing / safe_browsing_blocking_page_test.cc
blob70ed042b219414c3b95f5ab626ffd56e1138bbee
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // This test creates a fake safebrowsing service, where we can inject
6 // malware and phishing urls. It then uses a real browser to go to
7 // these urls, and sends "goback" or "proceed" commands and verifies
8 // they work.
9
10 #include "base/bind.h"
11 #include "base/command_line.h"
12 #include "base/prefs/pref_service.h"
13 #include "base/strings/utf_string_conversions.h"
14 #include "base/values.h"
15 #include "chrome/browser/browser_process.h"
16 #include "chrome/browser/profiles/profile.h"
17 #include "chrome/browser/safe_browsing/database_manager.h"
18 #include "chrome/browser/safe_browsing/malware_details.h"
19 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
20 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
21 #include "chrome/browser/safe_browsing/safe_browsing_util.h"
22 #include "chrome/browser/safe_browsing/ui_manager.h"
23 #include "chrome/browser/ui/browser.h"
24 #include "chrome/browser/ui/browser_tabstrip.h"
25 #include "chrome/browser/ui/tabs/tab_strip_model.h"
26 #include "chrome/common/pref_names.h"
27 #include "chrome/common/url_constants.h"
28 #include "chrome/test/base/in_process_browser_test.h"
29 #include "chrome/test/base/test_switches.h"
30 #include "chrome/test/base/ui_test_utils.h"
31 #include "content/public/browser/interstitial_page.h"
32 #include "content/public/browser/navigation_controller.h"
33 #include "content/public/browser/notification_types.h"
34 #include "content/public/browser/render_view_host.h"
35 #include "content/public/browser/web_contents.h"
36 #include "content/public/browser/web_contents_view.h"
37 #include "content/public/test/test_browser_thread.h"
38 #include "content/public/test/test_utils.h"
39
40 using content::BrowserThread;
41 using content::InterstitialPage;
42 using content::NavigationController;
43 using content::WebContents;
44
45 namespace {
46
47 const char kEmptyPage[] = "files/empty.html";
48 const char kMalwarePage[] = "files/safe_browsing/malware.html";
49 const char kMalwareIframe[] = "files/safe_browsing/malware_iframe.html";
50
51 class InterstitialObserver : public content::WebContentsObserver {
52 public:
53 InterstitialObserver(content::WebContents* web_contents,
54 const base::Closure& attach_callback,
55 const base::Closure& detach_callback)
56 : WebContentsObserver(web_contents),
57 attach_callback_(attach_callback),
58 detach_callback_(detach_callback) {
59 }
60
61 virtual void DidAttachInterstitialPage() OVERRIDE {
62 attach_callback_.Run();
63 }
64
65 virtual void DidDetachInterstitialPage() OVERRIDE {
66 detach_callback_.Run();
67 }
68
69 private:
70 base::Closure attach_callback_;
71 base::Closure detach_callback_;
72
73 DISALLOW_COPY_AND_ASSIGN(InterstitialObserver);
74 };
75
76 // A SafeBrowsingDatabaseManager class that allows us to inject the malicious
77 // URLs.
78 class FakeSafeBrowsingDatabaseManager : public SafeBrowsingDatabaseManager {
79 public:
80 explicit FakeSafeBrowsingDatabaseManager(SafeBrowsingService* service)
81 : SafeBrowsingDatabaseManager(service) { }
82
83 // Called on the IO thread to check if the given url is safe or not. If we
84 // can synchronously determine that the url is safe, CheckUrl returns true.
85 // Otherwise it returns false, and "client" is called asynchronously with the
86 // result when it is ready.
87 // Overrides SafeBrowsingDatabaseManager::CheckBrowseUrl.
88 virtual bool CheckBrowseUrl(const GURL& gurl, Client* client) OVERRIDE {
89 if (badurls[gurl.spec()] == SB_THREAT_TYPE_SAFE)
90 return true;
91
92 BrowserThread::PostTask(
93 BrowserThread::IO, FROM_HERE,
94 base::Bind(&FakeSafeBrowsingDatabaseManager::OnCheckBrowseURLDone,
95 this, gurl, client));
96 return false;
97 }
98
99 void OnCheckBrowseURLDone(const GURL& gurl, Client* client) {
100 std::vector<SBThreatType> expected_threats;
101 expected_threats.push_back(SB_THREAT_TYPE_URL_MALWARE);
102 expected_threats.push_back(SB_THREAT_TYPE_URL_PHISHING);
103 SafeBrowsingDatabaseManager::SafeBrowsingCheck sb_check(
104 std::vector<GURL>(1, gurl),
105 std::vector<SBFullHash>(),
106 client,
107 safe_browsing_util::MALWARE,
108 expected_threats);
109 sb_check.url_results[0] = badurls[gurl.spec()];
110 client->OnSafeBrowsingResult(sb_check);
111 }
112
113 void SetURLThreatType(const GURL& url, SBThreatType threat_type) {
114 badurls[url.spec()] = threat_type;
115 }
116
117 private:
118 virtual ~FakeSafeBrowsingDatabaseManager() {}
119
120 base::hash_map<std::string, SBThreatType> badurls;
121 DISALLOW_COPY_AND_ASSIGN(FakeSafeBrowsingDatabaseManager);
122 };
123
124 // A SafeBrowingUIManager class that allows intercepting malware details.
125 class FakeSafeBrowsingUIManager : public SafeBrowsingUIManager {
126 public:
127 explicit FakeSafeBrowsingUIManager(SafeBrowsingService* service) :
128 SafeBrowsingUIManager(service) { }
129
130 // Overrides SafeBrowsingUIManager
131 virtual void SendSerializedMalwareDetails(
132 const std::string& serialized) OVERRIDE {
133 reports_.push_back(serialized);
134 // Notify the UI thread that we got a report.
135 BrowserThread::PostTask(
136 BrowserThread::UI, FROM_HERE,
137 base::Bind(&FakeSafeBrowsingUIManager::OnMalwareDetailsDone, this));
138 }
139
140 void OnMalwareDetailsDone() {
141 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::UI));
142 base::MessageLoopForUI::current()->Quit();
143 }
144
145 std::string GetReport() {
146 EXPECT_TRUE(reports_.size() == 1);
147 return reports_[0];
148 }
149
150 protected:
151 virtual ~FakeSafeBrowsingUIManager() { }
152
153 private:
154 std::vector<std::string> reports_;
155
156 DISALLOW_COPY_AND_ASSIGN(FakeSafeBrowsingUIManager);
157 };
158
159 class FakeSafeBrowsingService : public SafeBrowsingService {
160 public:
161 FakeSafeBrowsingService()
162 : fake_database_manager_(),
163 fake_ui_manager_() { }
164
165 // Returned pointer has the same lifespan as the database_manager_ refcounted
166 // object.
167 FakeSafeBrowsingDatabaseManager* fake_database_manager() {
168 return fake_database_manager_;
169 }
170 // Returned pointer has the same lifespan as the ui_manager_ refcounted
171 // object.
172 FakeSafeBrowsingUIManager* fake_ui_manager() {
173 return fake_ui_manager_;
174 }
175
176 protected:
177 virtual ~FakeSafeBrowsingService() { }
178
179 virtual SafeBrowsingDatabaseManager* CreateDatabaseManager() OVERRIDE {
180 fake_database_manager_ = new FakeSafeBrowsingDatabaseManager(this);
181 return fake_database_manager_;
182 }
183
184 virtual SafeBrowsingUIManager* CreateUIManager() OVERRIDE {
185 fake_ui_manager_ = new FakeSafeBrowsingUIManager(this);
186 return fake_ui_manager_;
187 }
188
189 private:
190 FakeSafeBrowsingDatabaseManager* fake_database_manager_;
191 FakeSafeBrowsingUIManager* fake_ui_manager_;
192
193 DISALLOW_COPY_AND_ASSIGN(FakeSafeBrowsingService);
194 };
195
196 // Factory that creates FakeSafeBrowsingService instances.
197 class TestSafeBrowsingServiceFactory : public SafeBrowsingServiceFactory {
198 public:
199 TestSafeBrowsingServiceFactory() :
200 most_recent_service_(NULL) { }
201 virtual ~TestSafeBrowsingServiceFactory() { }
202
203 virtual SafeBrowsingService* CreateSafeBrowsingService() OVERRIDE {
204 most_recent_service_ = new FakeSafeBrowsingService();
205 return most_recent_service_;
206 }
207
208 FakeSafeBrowsingService* most_recent_service() const {
209 return most_recent_service_;
210 }
211
212 private:
213 FakeSafeBrowsingService* most_recent_service_;
214 };
215
216 // A MalwareDetails class lets us intercept calls from the renderer.
217 class FakeMalwareDetails : public MalwareDetails {
218 public:
219 FakeMalwareDetails(
220 SafeBrowsingUIManager* delegate,
221 WebContents* web_contents,
222 const SafeBrowsingUIManager::UnsafeResource& unsafe_resource)
223 : MalwareDetails(delegate, web_contents, unsafe_resource),
224 got_dom_(false),
225 waiting_(false) { }
226
227 virtual void AddDOMDetails(
228 const std::vector<SafeBrowsingHostMsg_MalwareDOMDetails_Node>& params)
229 OVERRIDE {
230 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::IO));
231 MalwareDetails::AddDOMDetails(params);
232
233 // Notify the UI thread that we got the dom details.
234 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
235 base::Bind(&FakeMalwareDetails::OnDOMDetailsDone,
236 this));
237 }
238
239 void WaitForDOM() {
240 if (got_dom_) {
241 LOG(INFO) << "Already got the dom details.";
242 return;
243 }
244 // This condition might not trigger normally, but if you add a
245 // sleep(1) in malware_dom_details it triggers :).
246 waiting_ = true;
247 LOG(INFO) << "Waiting for dom details.";
248 content::RunMessageLoop();
249 EXPECT_TRUE(got_dom_);
250 }
251
252 private:
253 virtual ~FakeMalwareDetails() {}
254
255 void OnDOMDetailsDone() {
256 got_dom_ = true;
257 if (waiting_) {
258 base::MessageLoopForUI::current()->Quit();
259 }
260 }
261
262 // Some logic to figure out if we should wait for the dom details or not.
263 // These variables should only be accessed in the UI thread.
264 bool got_dom_;
265 bool waiting_;
266 };
267
268 class TestMalwareDetailsFactory : public MalwareDetailsFactory {
269 public:
270 TestMalwareDetailsFactory() : details_() { }
271 virtual ~TestMalwareDetailsFactory() { }
272
273 virtual MalwareDetails* CreateMalwareDetails(
274 SafeBrowsingUIManager* delegate,
275 WebContents* web_contents,
276 const SafeBrowsingUIManager::UnsafeResource& unsafe_resource) OVERRIDE {
277 details_ = new FakeMalwareDetails(delegate, web_contents,
278 unsafe_resource);
279 return details_;
280 }
281
282 FakeMalwareDetails* get_details() {
283 return details_;
284 }
285
286 private:
287 FakeMalwareDetails* details_;
288 };
289
290 // A SafeBrowingBlockingPage class that lets us wait until it's hidden.
291 class TestSafeBrowsingBlockingPage : public SafeBrowsingBlockingPageV2 {
292 public:
293 TestSafeBrowsingBlockingPage(SafeBrowsingUIManager* manager,
294 WebContents* web_contents,
295 const UnsafeResourceList& unsafe_resources)
296 : SafeBrowsingBlockingPageV2(manager, web_contents, unsafe_resources),
297 wait_for_delete_(false) {
298 // Don't wait the whole 3 seconds for the browser test.
299 malware_details_proceed_delay_ms_ = 100;
300 }
301
302 virtual ~TestSafeBrowsingBlockingPage() {
303 if (!wait_for_delete_)
304 return;
305
306 // Notify that we are gone
307 base::MessageLoopForUI::current()->Quit();
308 wait_for_delete_ = false;
309 }
310
311 void WaitForDelete() {
312 wait_for_delete_ = true;
313 content::RunMessageLoop();
314 }
315
316 private:
317 bool wait_for_delete_;
318 };
319
320 class TestSafeBrowsingBlockingPageFactory
321 : public SafeBrowsingBlockingPageFactory {
322 public:
323 TestSafeBrowsingBlockingPageFactory() { }
324 virtual ~TestSafeBrowsingBlockingPageFactory() { }
325
326 virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
327 SafeBrowsingUIManager* delegate,
328 WebContents* web_contents,
329 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources)
330 OVERRIDE {
331 return new TestSafeBrowsingBlockingPage(delegate, web_contents,
332 unsafe_resources);
333 }
334 };
335
336 } // namespace
337
338 // Tests the safe browsing blocking page in a browser.
339 class SafeBrowsingBlockingPageTest : public InProcessBrowserTest {
340 public:
341 enum Visibility {
342 VISIBILITY_ERROR = -1,
343 HIDDEN = 0,
344 VISIBLE = 1,
345 };
346
347 SafeBrowsingBlockingPageTest() {
348 }
349
350 virtual void SetUp() OVERRIDE {
351 SafeBrowsingService::RegisterFactory(&factory_);
352 SafeBrowsingBlockingPage::RegisterFactory(&blocking_page_factory_);
353 MalwareDetails::RegisterFactory(&details_factory_);
354 InProcessBrowserTest::SetUp();
355 }
356
357 virtual void TearDown() OVERRIDE {
358 InProcessBrowserTest::TearDown();
359 SafeBrowsingBlockingPage::RegisterFactory(NULL);
360 SafeBrowsingService::RegisterFactory(NULL);
361 MalwareDetails::RegisterFactory(NULL);
362 }
363
364 virtual void SetUpInProcessBrowserTestFixture() OVERRIDE {
365 ASSERT_TRUE(test_server()->Start());
366 }
367
368 void SetURLThreatType(const GURL& url, SBThreatType threat_type) {
369 FakeSafeBrowsingService* service =
370 static_cast<FakeSafeBrowsingService*>(
371 g_browser_process->safe_browsing_service());
372
373 ASSERT_TRUE(service);
374 service->fake_database_manager()->SetURLThreatType(url, threat_type);
375 }
376
377 // Adds a safebrowsing result of type |threat_type| to the fake safebrowsing
378 // service, navigates to that page, and returns the url.
379 GURL SetupWarningAndNavigate(SBThreatType threat_type) {
380 GURL url = test_server()->GetURL(kEmptyPage);
381 SetURLThreatType(url, threat_type);
382
383 ui_test_utils::NavigateToURL(browser(), url);
384 EXPECT_TRUE(WaitForReady());
385 return url;
386 }
387
388 // Adds a safebrowsing malware result to the fake safebrowsing service,
389 // navigates to a page with an iframe containing the malware site, and
390 // returns the url of the parent page.
391 GURL SetupMalwareIframeWarningAndNavigate() {
392 GURL url = test_server()->GetURL(kMalwarePage);
393 GURL iframe_url = test_server()->GetURL(kMalwareIframe);
394 SetURLThreatType(iframe_url, SB_THREAT_TYPE_URL_MALWARE);
395
396 ui_test_utils::NavigateToURL(browser(), url);
397 EXPECT_TRUE(WaitForReady());
398 return url;
399 }
400
401 void SendCommand(const std::string& command) {
402 WebContents* contents =
403 browser()->tab_strip_model()->GetActiveWebContents();
404 // We use InterstitialPage::GetInterstitialPage(tab) instead of
405 // tab->GetInterstitialPage() because the tab doesn't have a pointer
406 // to its interstital page until it gets a command from the renderer
407 // that it has indeed displayed it -- and this sometimes happens after
408 // NavigateToURL returns.
409 SafeBrowsingBlockingPage* interstitial_page =
410 static_cast<SafeBrowsingBlockingPage*>(
411 InterstitialPage::GetInterstitialPage(contents)->
412 GetDelegateForTesting());
413 ASSERT_TRUE(interstitial_page);
414 interstitial_page->CommandReceived(command);
415 }
416
417 void DontProceedThroughInterstitial() {
418 WebContents* contents =
419 browser()->tab_strip_model()->GetActiveWebContents();
420 InterstitialPage* interstitial_page = InterstitialPage::GetInterstitialPage(
421 contents);
422 ASSERT_TRUE(interstitial_page);
423 interstitial_page->DontProceed();
424 }
425
426 void ProceedThroughInterstitial() {
427 WebContents* contents =
428 browser()->tab_strip_model()->GetActiveWebContents();
429 InterstitialPage* interstitial_page = InterstitialPage::GetInterstitialPage(
430 contents);
431 ASSERT_TRUE(interstitial_page);
432 interstitial_page->Proceed();
433 }
434
435 void AssertNoInterstitial(bool wait_for_delete) {
436 WebContents* contents =
437 browser()->tab_strip_model()->GetActiveWebContents();
438
439 if (contents->ShowingInterstitialPage() && wait_for_delete) {
440 // We'll get notified when the interstitial is deleted.
441 TestSafeBrowsingBlockingPage* page =
442 static_cast<TestSafeBrowsingBlockingPage*>(
443 contents->GetInterstitialPage()->GetDelegateForTesting());
444 page->WaitForDelete();
445 }
446
447 // Can't use InterstitialPage::GetInterstitialPage() because that
448 // gets updated after the TestSafeBrowsingBlockingPage destructor
449 ASSERT_FALSE(contents->ShowingInterstitialPage());
450 }
451
452 bool YesInterstitial() {
453 WebContents* contents =
454 browser()->tab_strip_model()->GetActiveWebContents();
455 InterstitialPage* interstitial_page = InterstitialPage::GetInterstitialPage(
456 contents);
457 return interstitial_page != NULL;
458 }
459
460 void WaitForInterstitial() {
461 WebContents* contents =
462 browser()->tab_strip_model()->GetActiveWebContents();
463 scoped_refptr<content::MessageLoopRunner> loop_runner(
464 new content::MessageLoopRunner);
465 InterstitialObserver observer(contents,
466 loop_runner->QuitClosure(),
467 base::Closure());
468 if (!InterstitialPage::GetInterstitialPage(contents))
469 loop_runner->Run();
470 }
471
472 void AssertReportSent() {
473 // When a report is scheduled in the IO thread we should get notified.
474 content::RunMessageLoop();
475
476 std::string serialized = factory_.most_recent_service()->
477 fake_ui_manager()->GetReport();
478
479 safe_browsing::ClientMalwareReportRequest report;
480 ASSERT_TRUE(report.ParseFromString(serialized));
481
482 // Verify the report is complete.
483 EXPECT_TRUE(report.complete());
484 }
485
486 void MalwareRedirectCancelAndProceed(const std::string& open_function) {
487 GURL load_url = test_server()->GetURL(
488 "files/safe_browsing/interstitial_cancel.html");
489 GURL malware_url("http://localhost/files/safe_browsing/malware.html");
490 SetURLThreatType(malware_url, SB_THREAT_TYPE_URL_MALWARE);
491
492 // Load the test page.
493 ui_test_utils::NavigateToURL(browser(), load_url);
494 // Trigger the safe browsing interstitial page via a redirect in
495 // "openWin()".
496 ui_test_utils::NavigateToURLWithDisposition(
497 browser(),
498 GURL("javascript:" + open_function + "()"),
499 CURRENT_TAB,
500 ui_test_utils::BROWSER_TEST_WAIT_FOR_TAB);
501 WaitForInterstitial();
502 // Cancel the redirect request while interstitial page is open.
503 browser()->tab_strip_model()->ActivateTabAt(0, true);
504 ui_test_utils::NavigateToURLWithDisposition(
505 browser(),
506 GURL("javascript:stopWin()"),
507 CURRENT_TAB,
508 ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
509 browser()->tab_strip_model()->ActivateTabAt(1, true);
510 // Simulate the user clicking "proceed", there should be no crash. Since
511 // clicking proceed may do nothing (see comment in MalwareRedirectCanceled
512 // below, and crbug.com/76460), we use SendCommand to trigger the callback
513 // directly rather than using ClickAndWaitForDetach since there might not
514 // be a notification to wait for.
515 SendCommand("\"proceed\"");
516 }
517
518 content::RenderViewHost* GetRenderViewHost() {
519 InterstitialPage* interstitial = InterstitialPage::GetInterstitialPage(
520 browser()->tab_strip_model()->GetActiveWebContents());
521 if (!interstitial)
522 return NULL;
523 return interstitial->GetRenderViewHostForTesting();
524 }
525
526 bool WaitForReady() {
527 content::RenderViewHost* rvh = GetRenderViewHost();
528 if (!rvh)
529 return false;
530 // Wait until all <script> tags have executed, including jstemplate.
531 // TODO(joaodasilva): it would be nice to avoid the busy loop, though in
532 // practice it spins at most once or twice.
533 std::string ready_state;
534 do {
535 scoped_ptr<base::Value> value = content::ExecuteScriptAndGetValue(
536 rvh, "document.readyState");
537 if (!value.get() || !value->GetAsString(&ready_state))
538 return false;
539 } while (ready_state != "complete");
540 return true;
541 }
542
543 Visibility GetVisibility(const std::string& node_id) {
544 content::RenderViewHost* rvh = GetRenderViewHost();
545 if (!rvh)
546 return VISIBILITY_ERROR;
547 scoped_ptr<base::Value> value = content::ExecuteScriptAndGetValue(
548 rvh,
549 "var node = document.getElementById('" + node_id + "');\n"
550 "if (node)\n"
551 " node.offsetWidth > 0 && node.offsetHeight > 0;"
552 "else\n"
553 " 'node not found';\n");
554 if (!value.get())
555 return VISIBILITY_ERROR;
556 bool result = false;
557 if (!value->GetAsBoolean(&result))
558 return VISIBILITY_ERROR;
559 return result ? VISIBLE : HIDDEN;
560 }
561
562 bool Click(const std::string& node_id) {
563 content::RenderViewHost* rvh = GetRenderViewHost();
564 if (!rvh)
565 return false;
566 // We don't use ExecuteScriptAndGetValue for this one, since clicking
567 // the button/link may navigate away before the injected javascript can
568 // reply, hanging the test.
569 rvh->ExecuteJavascriptInWebFrame(
570 base::string16(),
571 ASCIIToUTF16("document.getElementById('" + node_id + "').click();\n"));
572 return true;
573 }
574
575 bool ClickAndWaitForDetach(const std::string& node_id) {
576 // We wait for interstitial_detached rather than nav_entry_committed, as
577 // going back from a main-frame malware interstitial page will not cause a
578 // nav entry committed event.
579 scoped_refptr<content::MessageLoopRunner> loop_runner(
580 new content::MessageLoopRunner);
581 InterstitialObserver observer(
582 browser()->tab_strip_model()->GetActiveWebContents(),
583 base::Closure(),
584 loop_runner->QuitClosure());
585 if (!Click(node_id))
586 return false;
587 loop_runner->Run();
588 return true;
589 }
590
591 protected:
592 TestMalwareDetailsFactory details_factory_;
593
594 private:
595 TestSafeBrowsingServiceFactory factory_;
596 TestSafeBrowsingBlockingPageFactory blocking_page_factory_;
597
598 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageTest);
599 };
600
601 // TODO(linux_aura) http://crbug.com/163931
602 // TODO(win_aura) http://crbug.com/154081
603 #if defined(USE_AURA) && !defined(OS_CHROMEOS)
604 #define MAYBE_MalwareRedirectInIFrameCanceled DISABLED_MalwareRedirectInIFrameCanceled
605 #else
606 #define MAYBE_MalwareRedirectInIFrameCanceled MalwareRedirectInIFrameCanceled
607 #endif
608 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest,
609 MAYBE_MalwareRedirectInIFrameCanceled) {
610 // 1. Test the case that redirect is a subresource.
611 MalwareRedirectCancelAndProceed("openWinIFrame");
612 // If the redirect was from subresource but canceled, "proceed" will continue
613 // with the rest of resources.
614 AssertNoInterstitial(true);
615 }
616
617 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest,
618 MalwareRedirectCanceled) {
619 // 2. Test the case that redirect is the only resource.
620 MalwareRedirectCancelAndProceed("openWin");
621 // Clicking proceed won't do anything if the main request is cancelled
622 // already. See crbug.com/76460.
623 EXPECT_TRUE(YesInterstitial());
624 }
625
626 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, MalwareDontProceed) {
627 #if defined(OS_WIN) && defined(USE_ASH)
628 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
629 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
630 return;
631 #endif
632
633 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_MALWARE);
634
635 EXPECT_EQ(VISIBLE, GetVisibility("malware-icon"));
636 EXPECT_EQ(HIDDEN, GetVisibility("subresource-icon"));
637 EXPECT_EQ(HIDDEN, GetVisibility("phishing-icon"));
638 EXPECT_EQ(VISIBLE, GetVisibility("check-report"));
639 EXPECT_EQ(HIDDEN, GetVisibility("show-diagnostic-link"));
640 EXPECT_EQ(HIDDEN, GetVisibility("report-error-link"));
641 EXPECT_EQ(HIDDEN, GetVisibility("proceed"));
642 EXPECT_TRUE(Click("see-more-link"));
643 EXPECT_EQ(VISIBLE, GetVisibility("show-diagnostic-link"));
644 EXPECT_EQ(HIDDEN, GetVisibility("report-error-link"));
645 EXPECT_EQ(VISIBLE, GetVisibility("proceed"));
646
647 EXPECT_TRUE(ClickAndWaitForDetach("back"));
648 AssertNoInterstitial(false); // Assert the interstitial is gone
649 EXPECT_EQ(
650 GURL(content::kAboutBlankURL), // Back to "about:blank"
651 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
652 }
653
654 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, MalwareProceed) {
655 GURL url = SetupWarningAndNavigate(SB_THREAT_TYPE_URL_MALWARE);
656
657 EXPECT_TRUE(ClickAndWaitForDetach("proceed"));
658 AssertNoInterstitial(true); // Assert the interstitial is gone.
659 EXPECT_EQ(url,
660 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
661 }
662
663 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest,
664 MalwareLearnMore) {
665 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_MALWARE);
666
667 EXPECT_TRUE(ClickAndWaitForDetach("learn-more-link"));
668 AssertNoInterstitial(false); // Assert the interstitial is gone
669
670 // We are in the help page.
671 EXPECT_EQ(
672 "/goodtoknow/online-safety/malware/",
673 browser()->tab_strip_model()->GetActiveWebContents()->GetURL().path());
674 }
675
676 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest,
677 MalwareIframeDontProceed) {
678 #if defined(OS_WIN) && defined(USE_ASH)
679 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
680 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
681 return;
682 #endif
683
684 SetupMalwareIframeWarningAndNavigate();
685
686 EXPECT_EQ(HIDDEN, GetVisibility("malware-icon"));
687 EXPECT_EQ(VISIBLE, GetVisibility("subresource-icon"));
688 EXPECT_EQ(HIDDEN, GetVisibility("phishing-icon"));
689 EXPECT_EQ(VISIBLE, GetVisibility("check-report"));
690 EXPECT_EQ(HIDDEN, GetVisibility("show-diagnostic-link"));
691 EXPECT_EQ(HIDDEN, GetVisibility("report-error-link"));
692 EXPECT_EQ(HIDDEN, GetVisibility("proceed"));
693 EXPECT_TRUE(Click("see-more-link"));
694 EXPECT_EQ(VISIBLE, GetVisibility("show-diagnostic-link"));
695 EXPECT_EQ(HIDDEN, GetVisibility("report-error-link"));
696 EXPECT_EQ(VISIBLE, GetVisibility("proceed"));
697
698 EXPECT_TRUE(ClickAndWaitForDetach("back"));
699 AssertNoInterstitial(false); // Assert the interstitial is gone
700
701 EXPECT_EQ(
702 GURL(content::kAboutBlankURL), // Back to "about:blank"
703 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
704 }
705
706 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, MalwareIframeProceed) {
707 GURL url = SetupMalwareIframeWarningAndNavigate();
708
709 EXPECT_TRUE(ClickAndWaitForDetach("proceed"));
710 AssertNoInterstitial(true); // Assert the interstitial is gone
711
712 EXPECT_EQ(url,
713 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
714 }
715
716 // http://crbug.com/273302
717 #if defined(OS_WIN)
718 #define MAYBE_MalwareIframeReportDetails DISABLED_MalwareIframeReportDetails
719 #else
720 #define MAYBE_MalwareIframeReportDetails MalwareIframeReportDetails
721 #endif
722 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest,
723 MAYBE_MalwareIframeReportDetails) {
724 GURL url = SetupMalwareIframeWarningAndNavigate();
725
726 // If the DOM details from renderer did not already return, wait for them.
727 details_factory_.get_details()->WaitForDOM();
728
729 EXPECT_TRUE(Click("check-report"));
730
731 EXPECT_TRUE(ClickAndWaitForDetach("proceed"));
732 AssertNoInterstitial(true); // Assert the interstitial is gone
733
734 EXPECT_TRUE(browser()->profile()->GetPrefs()->GetBoolean(
735 prefs::kSafeBrowsingReportingEnabled));
736
737 EXPECT_EQ(url,
738 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
739 AssertReportSent();
740 }
741
742 // Verifies that the "proceed anyway" link isn't available when it is disabled
743 // by the corresponding policy. Also verifies that sending the "proceed"
744 // command anyway doesn't advance to the malware site.
745 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, ProceedDisabled) {
746 #if defined(OS_WIN) && defined(USE_ASH)
747 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
748 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
749 return;
750 #endif
751
752 // Simulate a policy disabling the "proceed anyway" link.
753 browser()->profile()->GetPrefs()->SetBoolean(
754 prefs::kSafeBrowsingProceedAnywayDisabled, true);
755
756 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_MALWARE);
757
758 EXPECT_EQ(VISIBLE, GetVisibility("check-report"));
759 EXPECT_EQ(HIDDEN, GetVisibility("show-diagnostic-link"));
760 EXPECT_EQ(HIDDEN, GetVisibility("proceed"));
761 EXPECT_EQ(HIDDEN, GetVisibility("proceed-span"));
762 EXPECT_TRUE(Click("see-more-link"));
763 EXPECT_EQ(VISIBLE, GetVisibility("show-diagnostic-link"));
764 EXPECT_EQ(HIDDEN, GetVisibility("proceed"));
765 EXPECT_EQ(HIDDEN, GetVisibility("proceed-span"));
766
767 // The "proceed" command should go back instead, if proceeding is disabled.
768 EXPECT_TRUE(ClickAndWaitForDetach("proceed"));
769 AssertNoInterstitial(true);
770 EXPECT_EQ(
771 GURL(content::kAboutBlankURL), // Back to "about:blank"
772 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
773 }
774
775 // Verifies that the reporting checkbox is hidden on non-HTTP pages.
776 // TODO(mattm): Should also verify that no report is sent, but there isn't a
777 // good way to do that in the current design.
778 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, ReportingDisabled) {
779 #if defined(OS_WIN) && defined(USE_ASH)
780 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
781 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
782 return;
783 #endif
784
785 browser()->profile()->GetPrefs()->SetBoolean(
786 prefs::kSafeBrowsingReportingEnabled, true);
787
788 net::SpawnedTestServer https_server(
789 net::SpawnedTestServer::TYPE_HTTPS, net::SpawnedTestServer::kLocalhost,
790 base::FilePath(FILE_PATH_LITERAL("chrome/test/data")));
791 ASSERT_TRUE(https_server.Start());
792 GURL url = https_server.GetURL(kEmptyPage);
793 SetURLThreatType(url, SB_THREAT_TYPE_URL_MALWARE);
794 ui_test_utils::NavigateToURL(browser(), url);
795 ASSERT_TRUE(WaitForReady());
796
797 EXPECT_EQ(HIDDEN, GetVisibility("check-report"));
798 EXPECT_EQ(HIDDEN, GetVisibility("show-diagnostic-link"));
799 EXPECT_EQ(HIDDEN, GetVisibility("proceed"));
800 EXPECT_TRUE(Click("see-more-link"));
801 EXPECT_EQ(VISIBLE, GetVisibility("show-diagnostic-link"));
802 EXPECT_EQ(VISIBLE, GetVisibility("proceed"));
803
804 EXPECT_TRUE(ClickAndWaitForDetach("back"));
805 AssertNoInterstitial(false); // Assert the interstitial is gone
806 EXPECT_EQ(
807 GURL(content::kAboutBlankURL), // Back to "about:blank"
808 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
809 }
810
811 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, PhishingDontProceed) {
812 #if defined(OS_WIN) && defined(USE_ASH)
813 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
814 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
815 return;
816 #endif
817
818 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_PHISHING);
819
820 EXPECT_EQ(HIDDEN, GetVisibility("malware-icon"));
821 EXPECT_EQ(HIDDEN, GetVisibility("subresource-icon"));
822 EXPECT_EQ(VISIBLE, GetVisibility("phishing-icon"));
823 EXPECT_EQ(HIDDEN, GetVisibility("check-report"));
824 EXPECT_EQ(HIDDEN, GetVisibility("show-diagnostic-link"));
825 EXPECT_EQ(HIDDEN, GetVisibility("report-error-link"));
826 EXPECT_EQ(HIDDEN, GetVisibility("proceed"));
827 EXPECT_TRUE(Click("see-more-link"));
828 EXPECT_EQ(HIDDEN, GetVisibility("show-diagnostic-link"));
829 EXPECT_EQ(VISIBLE, GetVisibility("report-error-link"));
830 EXPECT_EQ(VISIBLE, GetVisibility("proceed"));
831
832 EXPECT_TRUE(ClickAndWaitForDetach("back"));
833 AssertNoInterstitial(false); // Assert the interstitial is gone
834 EXPECT_EQ(
835 GURL(content::kAboutBlankURL), // We are back to "about:blank".
836 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
837 }
838
839 // http://crbug.com/247763
840 #if defined(OS_WIN)
841 #define MAYBE_PhishingProceed DISABLED_PhishingProceed
842 #else
843 #define MAYBE_PhishingProceed PhishingProceed
844 #endif
845
846 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, MAYBE_PhishingProceed) {
847 GURL url = SetupWarningAndNavigate(SB_THREAT_TYPE_URL_PHISHING);
848
849 EXPECT_TRUE(ClickAndWaitForDetach("proceed"));
850 AssertNoInterstitial(true); // Assert the interstitial is gone
851 EXPECT_EQ(url,
852 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
853 }
854
855 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, PhishingReportError) {
856 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_PHISHING);
857
858 EXPECT_TRUE(ClickAndWaitForDetach("report-error-link"));
859 AssertNoInterstitial(false); // Assert the interstitial is gone
860
861 // We are in the error reporting page.
862 EXPECT_EQ(
863 "/safebrowsing/report_error/",
864 browser()->tab_strip_model()->GetActiveWebContents()->GetURL().path());
865 }
866
867 // See crbug.com/248447
868 #if defined(OS_WIN)
869 #define MAYBE_PhishingLearnMore DISABLED_PhishingLearnMore
870 #else
871 #define MAYBE_PhishingLearnMore PhishingLearnMore
872 #endif
873
874 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageTest, MAYBE_PhishingLearnMore) {
875 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_PHISHING);
876
877 EXPECT_TRUE(ClickAndWaitForDetach("learn-more-link"));
878 AssertNoInterstitial(false); // Assert the interstitial is gone
879
880 // We are in the help page.
881 EXPECT_EQ(
882 "/goodtoknow/online-safety/phishing/",
883 browser()->tab_strip_model()->GetActiveWebContents()->GetURL().path());
884 }