search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Adding instrumentation to locate the source of jankiness
[chromium-blink-merge.git] / chrome / browser / safe_browsing / safe_browsing_blocking_page_test.cc
blob862d8a0b9d493b98d7e68b18f3de31be99300298
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // This test creates a fake safebrowsing service, where we can inject
6 // malware and phishing urls. It then uses a real browser to go to
7 // these urls, and sends "goback" or "proceed" commands and verifies
8 // they work.
9
10 #include "base/bind.h"
11 #include "base/command_line.h"
12 #include "base/prefs/pref_service.h"
13 #include "base/strings/utf_string_conversions.h"
14 #include "base/values.h"
15 #include "chrome/browser/browser_process.h"
16 #include "chrome/browser/profiles/profile.h"
17 #include "chrome/browser/safe_browsing/database_manager.h"
18 #include "chrome/browser/safe_browsing/malware_details.h"
19 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
20 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
21 #include "chrome/browser/safe_browsing/safe_browsing_util.h"
22 #include "chrome/browser/safe_browsing/ui_manager.h"
23 #include "chrome/browser/ui/browser.h"
24 #include "chrome/browser/ui/browser_tabstrip.h"
25 #include "chrome/browser/ui/tabs/tab_strip_model.h"
26 #include "chrome/common/pref_names.h"
27 #include "chrome/common/url_constants.h"
28 #include "chrome/test/base/in_process_browser_test.h"
29 #include "chrome/test/base/test_switches.h"
30 #include "chrome/test/base/ui_test_utils.h"
31 #include "content/public/browser/interstitial_page.h"
32 #include "content/public/browser/navigation_controller.h"
33 #include "content/public/browser/notification_types.h"
34 #include "content/public/browser/render_frame_host.h"
35 #include "content/public/browser/render_view_host.h"
36 #include "content/public/browser/web_contents.h"
37 #include "content/public/test/browser_test_utils.h"
38 #include "content/public/test/test_browser_thread.h"
39 #include "content/public/test/test_utils.h"
40
41 using content::BrowserThread;
42 using content::InterstitialPage;
43 using content::NavigationController;
44 using content::WebContents;
45
46 namespace {
47
48 const char kEmptyPage[] = "files/empty.html";
49 const char kMalwarePage[] = "files/safe_browsing/malware.html";
50 const char kMalwareIframe[] = "files/safe_browsing/malware_iframe.html";
51
52 // A SafeBrowsingDatabaseManager class that allows us to inject the malicious
53 // URLs.
54 class FakeSafeBrowsingDatabaseManager : public SafeBrowsingDatabaseManager {
55 public:
56 explicit FakeSafeBrowsingDatabaseManager(SafeBrowsingService* service)
57 : SafeBrowsingDatabaseManager(service) { }
58
59 // Called on the IO thread to check if the given url is safe or not. If we
60 // can synchronously determine that the url is safe, CheckUrl returns true.
61 // Otherwise it returns false, and "client" is called asynchronously with the
62 // result when it is ready.
63 // Overrides SafeBrowsingDatabaseManager::CheckBrowseUrl.
64 virtual bool CheckBrowseUrl(const GURL& gurl, Client* client) override {
65 if (badurls[gurl.spec()] == SB_THREAT_TYPE_SAFE)
66 return true;
67
68 BrowserThread::PostTask(
69 BrowserThread::IO, FROM_HERE,
70 base::Bind(&FakeSafeBrowsingDatabaseManager::OnCheckBrowseURLDone,
71 this, gurl, client));
72 return false;
73 }
74
75 void OnCheckBrowseURLDone(const GURL& gurl, Client* client) {
76 std::vector<SBThreatType> expected_threats;
77 expected_threats.push_back(SB_THREAT_TYPE_URL_MALWARE);
78 expected_threats.push_back(SB_THREAT_TYPE_URL_PHISHING);
79 SafeBrowsingDatabaseManager::SafeBrowsingCheck sb_check(
80 std::vector<GURL>(1, gurl),
81 std::vector<SBFullHash>(),
82 client,
83 safe_browsing_util::MALWARE,
84 expected_threats);
85 sb_check.url_results[0] = badurls[gurl.spec()];
86 client->OnSafeBrowsingResult(sb_check);
87 }
88
89 void SetURLThreatType(const GURL& url, SBThreatType threat_type) {
90 badurls[url.spec()] = threat_type;
91 }
92
93 private:
94 virtual ~FakeSafeBrowsingDatabaseManager() {}
95
96 base::hash_map<std::string, SBThreatType> badurls;
97 DISALLOW_COPY_AND_ASSIGN(FakeSafeBrowsingDatabaseManager);
98 };
99
100 // A SafeBrowingUIManager class that allows intercepting malware details.
101 class FakeSafeBrowsingUIManager : public SafeBrowsingUIManager {
102 public:
103 explicit FakeSafeBrowsingUIManager(SafeBrowsingService* service) :
104 SafeBrowsingUIManager(service) { }
105
106 // Overrides SafeBrowsingUIManager
107 virtual void SendSerializedMalwareDetails(
108 const std::string& serialized) override {
109 // Notify the UI thread that we got a report.
110 BrowserThread::PostTask(
111 BrowserThread::UI,
112 FROM_HERE,
113 base::Bind(&FakeSafeBrowsingUIManager::OnMalwareDetailsDone,
114 this,
115 serialized));
116 }
117
118 void OnMalwareDetailsDone(const std::string& serialized) {
119 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::UI));
120 report_ = serialized;
121
122 EXPECT_FALSE(malware_details_done_callback_.is_null());
123 if (!malware_details_done_callback_.is_null()) {
124 malware_details_done_callback_.Run();
125 malware_details_done_callback_ = base::Closure();
126 }
127 }
128
129 void set_malware_details_done_callback(const base::Closure& callback) {
130 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::UI));
131 EXPECT_TRUE(malware_details_done_callback_.is_null());
132 malware_details_done_callback_ = callback;
133 }
134
135 std::string GetReport() {
136 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::UI));
137 return report_;
138 }
139
140 protected:
141 virtual ~FakeSafeBrowsingUIManager() { }
142
143 private:
144 std::string report_;
145 base::Closure malware_details_done_callback_;
146
147 DISALLOW_COPY_AND_ASSIGN(FakeSafeBrowsingUIManager);
148 };
149
150 class FakeSafeBrowsingService : public SafeBrowsingService {
151 public:
152 FakeSafeBrowsingService()
153 : fake_database_manager_(),
154 fake_ui_manager_() { }
155
156 // Returned pointer has the same lifespan as the database_manager_ refcounted
157 // object.
158 FakeSafeBrowsingDatabaseManager* fake_database_manager() {
159 return fake_database_manager_;
160 }
161 // Returned pointer has the same lifespan as the ui_manager_ refcounted
162 // object.
163 FakeSafeBrowsingUIManager* fake_ui_manager() {
164 return fake_ui_manager_;
165 }
166
167 protected:
168 virtual ~FakeSafeBrowsingService() { }
169
170 virtual SafeBrowsingDatabaseManager* CreateDatabaseManager() override {
171 fake_database_manager_ = new FakeSafeBrowsingDatabaseManager(this);
172 return fake_database_manager_;
173 }
174
175 virtual SafeBrowsingUIManager* CreateUIManager() override {
176 fake_ui_manager_ = new FakeSafeBrowsingUIManager(this);
177 return fake_ui_manager_;
178 }
179
180 private:
181 FakeSafeBrowsingDatabaseManager* fake_database_manager_;
182 FakeSafeBrowsingUIManager* fake_ui_manager_;
183
184 DISALLOW_COPY_AND_ASSIGN(FakeSafeBrowsingService);
185 };
186
187 // Factory that creates FakeSafeBrowsingService instances.
188 class TestSafeBrowsingServiceFactory : public SafeBrowsingServiceFactory {
189 public:
190 TestSafeBrowsingServiceFactory() :
191 most_recent_service_(NULL) { }
192 virtual ~TestSafeBrowsingServiceFactory() { }
193
194 virtual SafeBrowsingService* CreateSafeBrowsingService() override {
195 most_recent_service_ = new FakeSafeBrowsingService();
196 return most_recent_service_;
197 }
198
199 FakeSafeBrowsingService* most_recent_service() const {
200 return most_recent_service_;
201 }
202
203 private:
204 FakeSafeBrowsingService* most_recent_service_;
205 };
206
207 // A MalwareDetails class lets us intercept calls from the renderer.
208 class FakeMalwareDetails : public MalwareDetails {
209 public:
210 FakeMalwareDetails(
211 SafeBrowsingUIManager* delegate,
212 WebContents* web_contents,
213 const SafeBrowsingUIManager::UnsafeResource& unsafe_resource)
214 : MalwareDetails(delegate, web_contents, unsafe_resource),
215 got_dom_(false),
216 waiting_(false) { }
217
218 virtual void AddDOMDetails(
219 const std::vector<SafeBrowsingHostMsg_MalwareDOMDetails_Node>& params)
220 override {
221 EXPECT_TRUE(BrowserThread::CurrentlyOn(BrowserThread::IO));
222 MalwareDetails::AddDOMDetails(params);
223
224 // Notify the UI thread that we got the dom details.
225 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
226 base::Bind(&FakeMalwareDetails::OnDOMDetailsDone,
227 this));
228 }
229
230 void WaitForDOM() {
231 if (got_dom_) {
232 return;
233 }
234 // This condition might not trigger normally, but if you add a
235 // sleep(1) in malware_dom_details it triggers :).
236 waiting_ = true;
237 content::RunMessageLoop();
238 EXPECT_TRUE(got_dom_);
239 }
240
241 private:
242 virtual ~FakeMalwareDetails() {}
243
244 void OnDOMDetailsDone() {
245 got_dom_ = true;
246 if (waiting_) {
247 base::MessageLoopForUI::current()->Quit();
248 }
249 }
250
251 // Some logic to figure out if we should wait for the dom details or not.
252 // These variables should only be accessed in the UI thread.
253 bool got_dom_;
254 bool waiting_;
255 };
256
257 class TestMalwareDetailsFactory : public MalwareDetailsFactory {
258 public:
259 TestMalwareDetailsFactory() : details_() { }
260 virtual ~TestMalwareDetailsFactory() { }
261
262 virtual MalwareDetails* CreateMalwareDetails(
263 SafeBrowsingUIManager* delegate,
264 WebContents* web_contents,
265 const SafeBrowsingUIManager::UnsafeResource& unsafe_resource) override {
266 details_ = new FakeMalwareDetails(delegate, web_contents,
267 unsafe_resource);
268 return details_;
269 }
270
271 FakeMalwareDetails* get_details() {
272 return details_;
273 }
274
275 private:
276 FakeMalwareDetails* details_;
277 };
278
279 // A SafeBrowingBlockingPage class that lets us wait until it's hidden.
280 class TestSafeBrowsingBlockingPage : public SafeBrowsingBlockingPage {
281 public:
282 TestSafeBrowsingBlockingPage(SafeBrowsingUIManager* manager,
283 WebContents* web_contents,
284 const UnsafeResourceList& unsafe_resources)
285 : SafeBrowsingBlockingPage(manager, web_contents, unsafe_resources),
286 wait_for_delete_(false) {
287 // Don't wait the whole 3 seconds for the browser test.
288 malware_details_proceed_delay_ms_ = 100;
289 }
290
291 virtual ~TestSafeBrowsingBlockingPage() {
292 if (!wait_for_delete_)
293 return;
294
295 // Notify that we are gone
296 base::MessageLoopForUI::current()->Quit();
297 wait_for_delete_ = false;
298 }
299
300 void WaitForDelete() {
301 wait_for_delete_ = true;
302 content::RunMessageLoop();
303 }
304
305 // InterstitialPageDelegate methods:
306 virtual void CommandReceived(const std::string& command) override {
307 SafeBrowsingBlockingPage::CommandReceived(command);
308 }
309 virtual void OnProceed() override {
310 SafeBrowsingBlockingPage::OnProceed();
311 }
312 virtual void OnDontProceed() override {
313 SafeBrowsingBlockingPage::OnDontProceed();
314 }
315
316 private:
317 bool wait_for_delete_;
318 };
319
320 class TestSafeBrowsingBlockingPageFactory
321 : public SafeBrowsingBlockingPageFactory {
322 public:
323 TestSafeBrowsingBlockingPageFactory() { }
324 virtual ~TestSafeBrowsingBlockingPageFactory() { }
325
326 virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
327 SafeBrowsingUIManager* delegate,
328 WebContents* web_contents,
329 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources)
330 override {
331 return new TestSafeBrowsingBlockingPage(delegate, web_contents,
332 unsafe_resources);
333 }
334 };
335
336 } // namespace
337
338 // Tests the safe browsing blocking page in a browser.
339 class SafeBrowsingBlockingPageBrowserTest
340 : public InProcessBrowserTest,
341 public testing::WithParamInterface<int> {
342 public:
343 enum Visibility {
344 VISIBILITY_ERROR = -1,
345 HIDDEN = 0,
346 VISIBLE = 1
347 };
348
349 SafeBrowsingBlockingPageBrowserTest() {
350 }
351
352 virtual void SetUp() override {
353 SafeBrowsingService::RegisterFactory(&factory_);
354 SafeBrowsingBlockingPage::RegisterFactory(&blocking_page_factory_);
355 MalwareDetails::RegisterFactory(&details_factory_);
356 InProcessBrowserTest::SetUp();
357 }
358
359 virtual void TearDown() override {
360 InProcessBrowserTest::TearDown();
361 SafeBrowsingBlockingPage::RegisterFactory(NULL);
362 SafeBrowsingService::RegisterFactory(NULL);
363 MalwareDetails::RegisterFactory(NULL);
364 }
365
366 virtual void SetUpInProcessBrowserTestFixture() override {
367 ASSERT_TRUE(test_server()->Start());
368 }
369
370 void SetURLThreatType(const GURL& url, SBThreatType threat_type) {
371 FakeSafeBrowsingService* service =
372 static_cast<FakeSafeBrowsingService*>(
373 g_browser_process->safe_browsing_service());
374
375 ASSERT_TRUE(service);
376 service->fake_database_manager()->SetURLThreatType(url, threat_type);
377 }
378
379 // Adds a safebrowsing result of type |threat_type| to the fake safebrowsing
380 // service, navigates to that page, and returns the url.
381 GURL SetupWarningAndNavigate(SBThreatType threat_type) {
382 GURL url = test_server()->GetURL(kEmptyPage);
383 SetURLThreatType(url, threat_type);
384
385 ui_test_utils::NavigateToURL(browser(), url);
386 EXPECT_TRUE(WaitForReady());
387 return url;
388 }
389
390 // Adds a safebrowsing malware result to the fake safebrowsing service,
391 // navigates to a page with an iframe containing the malware site, and
392 // returns the url of the parent page.
393 GURL SetupMalwareIframeWarningAndNavigate() {
394 GURL url = test_server()->GetURL(kMalwarePage);
395 GURL iframe_url = test_server()->GetURL(kMalwareIframe);
396 SetURLThreatType(iframe_url, SB_THREAT_TYPE_URL_MALWARE);
397
398 ui_test_utils::NavigateToURL(browser(), url);
399 EXPECT_TRUE(WaitForReady());
400 return url;
401 }
402
403 void SendCommand(const std::string& command) {
404 WebContents* contents =
405 browser()->tab_strip_model()->GetActiveWebContents();
406 // We use InterstitialPage::GetInterstitialPage(tab) instead of
407 // tab->GetInterstitialPage() because the tab doesn't have a pointer
408 // to its interstital page until it gets a command from the renderer
409 // that it has indeed displayed it -- and this sometimes happens after
410 // NavigateToURL returns.
411 SafeBrowsingBlockingPage* interstitial_page =
412 static_cast<SafeBrowsingBlockingPage*>(
413 InterstitialPage::GetInterstitialPage(contents)->
414 GetDelegateForTesting());
415 ASSERT_TRUE(interstitial_page);
416 interstitial_page->CommandReceived(command);
417 }
418
419 void DontProceedThroughInterstitial() {
420 WebContents* contents =
421 browser()->tab_strip_model()->GetActiveWebContents();
422 InterstitialPage* interstitial_page = InterstitialPage::GetInterstitialPage(
423 contents);
424 ASSERT_TRUE(interstitial_page);
425 interstitial_page->DontProceed();
426 }
427
428 void ProceedThroughInterstitial() {
429 WebContents* contents =
430 browser()->tab_strip_model()->GetActiveWebContents();
431 InterstitialPage* interstitial_page = InterstitialPage::GetInterstitialPage(
432 contents);
433 ASSERT_TRUE(interstitial_page);
434 interstitial_page->Proceed();
435 }
436
437 void AssertNoInterstitial(bool wait_for_delete) {
438 WebContents* contents =
439 browser()->tab_strip_model()->GetActiveWebContents();
440
441 if (contents->ShowingInterstitialPage() && wait_for_delete) {
442 // We'll get notified when the interstitial is deleted.
443 TestSafeBrowsingBlockingPage* page =
444 static_cast<TestSafeBrowsingBlockingPage*>(
445 contents->GetInterstitialPage()->GetDelegateForTesting());
446 page->WaitForDelete();
447 }
448
449 // Can't use InterstitialPage::GetInterstitialPage() because that
450 // gets updated after the TestSafeBrowsingBlockingPage destructor
451 ASSERT_FALSE(contents->ShowingInterstitialPage());
452 }
453
454 bool YesInterstitial() {
455 WebContents* contents =
456 browser()->tab_strip_model()->GetActiveWebContents();
457 InterstitialPage* interstitial_page = InterstitialPage::GetInterstitialPage(
458 contents);
459 return interstitial_page != NULL;
460 }
461
462 void SetReportSentCallback(const base::Closure& callback) {
463 factory_.most_recent_service()
464 ->fake_ui_manager()
465 ->set_malware_details_done_callback(callback);
466 }
467
468 std::string GetReportSent() {
469 return factory_.most_recent_service()->fake_ui_manager()->GetReport();
470 }
471
472 void MalwareRedirectCancelAndProceed(const std::string& open_function) {
473 GURL load_url = test_server()->GetURL(
474 "files/safe_browsing/interstitial_cancel.html");
475 GURL malware_url("http://localhost/files/safe_browsing/malware.html");
476 SetURLThreatType(malware_url, SB_THREAT_TYPE_URL_MALWARE);
477
478 // Load the test page.
479 ui_test_utils::NavigateToURL(browser(), load_url);
480 // Trigger the safe browsing interstitial page via a redirect in
481 // "openWin()".
482 ui_test_utils::NavigateToURLWithDisposition(
483 browser(),
484 GURL("javascript:" + open_function + "()"),
485 CURRENT_TAB,
486 ui_test_utils::BROWSER_TEST_WAIT_FOR_TAB);
487 WebContents* contents =
488 browser()->tab_strip_model()->GetActiveWebContents();
489 content::WaitForInterstitialAttach(contents);
490 // Cancel the redirect request while interstitial page is open.
491 browser()->tab_strip_model()->ActivateTabAt(0, true);
492 ui_test_utils::NavigateToURLWithDisposition(
493 browser(),
494 GURL("javascript:stopWin()"),
495 CURRENT_TAB,
496 ui_test_utils::BROWSER_TEST_WAIT_FOR_NAVIGATION);
497 browser()->tab_strip_model()->ActivateTabAt(1, true);
498 // Simulate the user clicking "proceed", there should be no crash. Since
499 // clicking proceed may do nothing (see comment in MalwareRedirectCanceled
500 // below, and crbug.com/76460), we use SendCommand to trigger the callback
501 // directly rather than using ClickAndWaitForDetach since there might not
502 // be a notification to wait for.
503 SendCommand("\"proceed\"");
504 }
505
506 content::RenderViewHost* GetRenderViewHost() {
507 InterstitialPage* interstitial = InterstitialPage::GetInterstitialPage(
508 browser()->tab_strip_model()->GetActiveWebContents());
509 if (!interstitial)
510 return NULL;
511 return interstitial->GetRenderViewHostForTesting();
512 }
513
514 bool WaitForReady() {
515 content::RenderViewHost* rvh = GetRenderViewHost();
516 if (!rvh)
517 return false;
518 // Wait until all <script> tags have executed, including jstemplate.
519 // TODO(joaodasilva): it would be nice to avoid the busy loop, though in
520 // practice it spins at most once or twice.
521 std::string ready_state;
522 do {
523 scoped_ptr<base::Value> value = content::ExecuteScriptAndGetValue(
524 rvh->GetMainFrame(), "document.readyState");
525 if (!value.get() || !value->GetAsString(&ready_state))
526 return false;
527 } while (ready_state != "complete");
528 return true;
529 }
530
531 Visibility GetVisibility(const std::string& node_id) {
532 content::RenderViewHost* rvh = GetRenderViewHost();
533 if (!rvh)
534 return VISIBILITY_ERROR;
535 scoped_ptr<base::Value> value = content::ExecuteScriptAndGetValue(
536 rvh->GetMainFrame(),
537 "var node = document.getElementById('" + node_id + "');\n"
538 "if (node)\n"
539 " node.offsetWidth > 0 && node.offsetHeight > 0;"
540 "else\n"
541 " 'node not found';\n");
542 if (!value.get())
543 return VISIBILITY_ERROR;
544 bool result = false;
545 if (!value->GetAsBoolean(&result))
546 return VISIBILITY_ERROR;
547 return result ? VISIBLE : HIDDEN;
548 }
549
550 bool Click(const std::string& node_id) {
551 content::RenderViewHost* rvh = GetRenderViewHost();
552 if (!rvh)
553 return false;
554 // We don't use ExecuteScriptAndGetValue for this one, since clicking
555 // the button/link may navigate away before the injected javascript can
556 // reply, hanging the test.
557 rvh->GetMainFrame()->ExecuteJavaScript(
558 base::ASCIIToUTF16(
559 "document.getElementById('" + node_id + "').click();\n"));
560 return true;
561 }
562
563 bool ClickAndWaitForDetach(const std::string& node_id) {
564 // We wait for interstitial_detached rather than nav_entry_committed, as
565 // going back from a main-frame malware interstitial page will not cause a
566 // nav entry committed event.
567 if (!Click(node_id))
568 return false;
569 content::WaitForInterstitialDetach(
570 browser()->tab_strip_model()->GetActiveWebContents());
571 return true;
572 }
573
574 protected:
575 TestMalwareDetailsFactory details_factory_;
576
577 private:
578 TestSafeBrowsingServiceFactory factory_;
579 TestSafeBrowsingBlockingPageFactory blocking_page_factory_;
580
581 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageBrowserTest);
582 };
583
584 // TODO(linux_aura) http://crbug.com/163931
585 // TODO(win_aura) http://crbug.com/154081
586 #if defined(USE_AURA) && !defined(OS_CHROMEOS)
587 #define MAYBE_MalwareRedirectInIFrameCanceled DISABLED_MalwareRedirectInIFrameCanceled
588 #else
589 #define MAYBE_MalwareRedirectInIFrameCanceled MalwareRedirectInIFrameCanceled
590 #endif
591 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
592 MAYBE_MalwareRedirectInIFrameCanceled) {
593 // 1. Test the case that redirect is a subresource.
594 MalwareRedirectCancelAndProceed("openWinIFrame");
595 // If the redirect was from subresource but canceled, "proceed" will continue
596 // with the rest of resources.
597 AssertNoInterstitial(true);
598 }
599
600 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
601 MalwareRedirectCanceled) {
602 // 2. Test the case that redirect is the only resource.
603 MalwareRedirectCancelAndProceed("openWin");
604 // Clicking proceed won't do anything if the main request is cancelled
605 // already. See crbug.com/76460.
606 EXPECT_TRUE(YesInterstitial());
607 }
608
609 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
610 MalwareDontProceed) {
611 #if defined(OS_WIN) && defined(USE_ASH)
612 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
613 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
614 return;
615 #endif
616
617 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_MALWARE);
618
619 EXPECT_EQ(VISIBLE, GetVisibility("primary-button"));
620 EXPECT_EQ(HIDDEN, GetVisibility("details"));
621 EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
622 EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
623 EXPECT_TRUE(Click("details-button"));
624 EXPECT_EQ(VISIBLE, GetVisibility("details"));
625 EXPECT_EQ(VISIBLE, GetVisibility("proceed-link"));
626 EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
627 EXPECT_TRUE(ClickAndWaitForDetach("primary-button"));
628
629 AssertNoInterstitial(false); // Assert the interstitial is gone
630 EXPECT_EQ(GURL(url::kAboutBlankURL), // Back to "about:blank"
631 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
632 }
633
634 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
635 HarmfulDontProceed) {
636 #if defined(OS_WIN) && defined(USE_ASH)
637 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
638 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
639 return;
640 #endif
641
642 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_HARMFUL);
643
644 EXPECT_EQ(VISIBLE, GetVisibility("primary-button"));
645 EXPECT_EQ(HIDDEN, GetVisibility("details"));
646 EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
647 EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
648 EXPECT_TRUE(Click("details-button"));
649 EXPECT_EQ(VISIBLE, GetVisibility("details"));
650 EXPECT_EQ(VISIBLE, GetVisibility("proceed-link"));
651 EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
652 EXPECT_TRUE(ClickAndWaitForDetach("primary-button"));
653
654 AssertNoInterstitial(false); // Assert the interstitial is gone
655 EXPECT_EQ(GURL(url::kAboutBlankURL), // Back to "about:blank"
656 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
657 }
658
659 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest, MalwareProceed) {
660 GURL url = SetupWarningAndNavigate(SB_THREAT_TYPE_URL_MALWARE);
661
662 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link"));
663 AssertNoInterstitial(true); // Assert the interstitial is gone.
664 EXPECT_EQ(url,
665 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
666 }
667
668 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest, HarmfulProceed) {
669 GURL url = SetupWarningAndNavigate(SB_THREAT_TYPE_URL_HARMFUL);
670
671 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link"));
672 AssertNoInterstitial(true); // Assert the interstitial is gone.
673 EXPECT_EQ(url,
674 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
675 }
676
677 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
678 MalwareIframeDontProceed) {
679 #if defined(OS_WIN) && defined(USE_ASH)
680 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
681 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
682 return;
683 #endif
684
685 SetupMalwareIframeWarningAndNavigate();
686
687 EXPECT_EQ(VISIBLE, GetVisibility("primary-button"));
688 EXPECT_EQ(HIDDEN, GetVisibility("details"));
689 EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
690 EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
691 EXPECT_TRUE(Click("details-button"));
692 EXPECT_EQ(VISIBLE, GetVisibility("details"));
693 EXPECT_EQ(VISIBLE, GetVisibility("proceed-link"));
694 EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
695 EXPECT_TRUE(ClickAndWaitForDetach("primary-button"));
696
697 AssertNoInterstitial(false); // Assert the interstitial is gone
698
699 EXPECT_EQ(GURL(url::kAboutBlankURL), // Back to "about:blank"
700 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
701 }
702
703 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
704 MalwareIframeProceed) {
705 GURL url = SetupMalwareIframeWarningAndNavigate();
706
707 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link"));
708 AssertNoInterstitial(true); // Assert the interstitial is gone
709
710 EXPECT_EQ(url,
711 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
712 }
713
714 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
715 MalwareIframeReportDetails) {
716 scoped_refptr<content::MessageLoopRunner> malware_report_sent_runner(
717 new content::MessageLoopRunner);
718 SetReportSentCallback(malware_report_sent_runner->QuitClosure());
719
720 GURL url = SetupMalwareIframeWarningAndNavigate();
721
722 // If the DOM details from renderer did not already return, wait for them.
723 details_factory_.get_details()->WaitForDOM();
724
725 EXPECT_TRUE(Click("opt-in-checkbox"));
726 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link"));
727 AssertNoInterstitial(true); // Assert the interstitial is gone
728
729 ASSERT_TRUE(browser()->profile()->GetPrefs()->GetBoolean(
730 prefs::kSafeBrowsingExtendedReportingEnabled));
731 EXPECT_EQ(url,
732 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
733
734 malware_report_sent_runner->Run();
735 std::string serialized = GetReportSent();
736 safe_browsing::ClientMalwareReportRequest report;
737 ASSERT_TRUE(report.ParseFromString(serialized));
738 // Verify the report is complete.
739 EXPECT_TRUE(report.complete());
740 }
741
742 // Verifies that the "proceed anyway" link isn't available when it is disabled
743 // by the corresponding policy. Also verifies that sending the "proceed"
744 // command anyway doesn't advance to the malware site.
745 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest, ProceedDisabled) {
746 #if defined(OS_WIN) && defined(USE_ASH)
747 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
748 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
749 return;
750 #endif
751
752 // Simulate a policy disabling the "proceed anyway" link.
753 browser()->profile()->GetPrefs()->SetBoolean(
754 prefs::kSafeBrowsingProceedAnywayDisabled, true);
755
756 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_MALWARE);
757
758 EXPECT_EQ(VISIBLE, GetVisibility("primary-button"));
759 EXPECT_EQ(HIDDEN, GetVisibility("details"));
760 EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
761 EXPECT_EQ(HIDDEN, GetVisibility("final-paragraph"));
762 EXPECT_TRUE(Click("details-button"));
763 EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
764 EXPECT_EQ(HIDDEN, GetVisibility("final-paragraph"));
765 SendCommand("proceed");
766
767 // The "proceed" command should go back instead, if proceeding is disabled.
768 AssertNoInterstitial(true);
769 EXPECT_EQ(GURL(url::kAboutBlankURL), // Back to "about:blank"
770 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
771 }
772
773 // Verifies that the reporting checkbox is hidden on non-HTTP pages.
774 // TODO(mattm): Should also verify that no report is sent, but there isn't a
775 // good way to do that in the current design.
776 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
777 ReportingDisabled) {
778 #if defined(OS_WIN) && defined(USE_ASH)
779 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
780 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
781 return;
782 #endif
783
784 browser()->profile()->GetPrefs()->SetBoolean(
785 prefs::kSafeBrowsingExtendedReportingEnabled, true);
786
787 net::SpawnedTestServer https_server(
788 net::SpawnedTestServer::TYPE_HTTPS, net::SpawnedTestServer::kLocalhost,
789 base::FilePath(FILE_PATH_LITERAL("chrome/test/data")));
790 ASSERT_TRUE(https_server.Start());
791 GURL url = https_server.GetURL(kEmptyPage);
792 SetURLThreatType(url, SB_THREAT_TYPE_URL_MALWARE);
793 ui_test_utils::NavigateToURL(browser(), url);
794 ASSERT_TRUE(WaitForReady());
795
796 EXPECT_EQ(HIDDEN, GetVisibility("malware-opt-in"));
797 EXPECT_EQ(HIDDEN, GetVisibility("opt-in-checkbox"));
798 EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
799 EXPECT_TRUE(Click("details-button"));
800 EXPECT_EQ(VISIBLE, GetVisibility("help-link"));
801 EXPECT_EQ(VISIBLE, GetVisibility("proceed-link"));
802
803 EXPECT_TRUE(ClickAndWaitForDetach("primary-button"));
804 AssertNoInterstitial(false); // Assert the interstitial is gone
805 EXPECT_EQ(GURL(url::kAboutBlankURL), // Back to "about:blank"
806 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
807 }
808
809 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest,
810 PhishingDontProceed) {
811 #if defined(OS_WIN) && defined(USE_ASH)
812 // Disable this test in Metro+Ash for now (http://crbug.com/262796).
813 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAshBrowserTests))
814 return;
815 #endif
816
817 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_PHISHING);
818
819 EXPECT_EQ(VISIBLE, GetVisibility("primary-button"));
820 EXPECT_EQ(HIDDEN, GetVisibility("details"));
821 EXPECT_EQ(HIDDEN, GetVisibility("proceed-link"));
822 EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
823 EXPECT_TRUE(Click("details-button"));
824 EXPECT_EQ(VISIBLE, GetVisibility("details"));
825 EXPECT_EQ(VISIBLE, GetVisibility("proceed-link"));
826 EXPECT_EQ(HIDDEN, GetVisibility("error-code"));
827 EXPECT_TRUE(ClickAndWaitForDetach("primary-button"));
828
829 AssertNoInterstitial(false); // Assert the interstitial is gone
830 EXPECT_EQ(GURL(url::kAboutBlankURL), // We are back to "about:blank".
831 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
832 }
833
834 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest, PhishingProceed) {
835 GURL url = SetupWarningAndNavigate(SB_THREAT_TYPE_URL_PHISHING);
836 EXPECT_TRUE(ClickAndWaitForDetach("proceed-link"));
837 AssertNoInterstitial(true); // Assert the interstitial is gone
838 EXPECT_EQ(url,
839 browser()->tab_strip_model()->GetActiveWebContents()->GetURL());
840 }
841
842 IN_PROC_BROWSER_TEST_F(SafeBrowsingBlockingPageBrowserTest, PhishingLearnMore) {
843 SetupWarningAndNavigate(SB_THREAT_TYPE_URL_PHISHING);
844 EXPECT_TRUE(ClickAndWaitForDetach("help-link"));
845 AssertNoInterstitial(false); // Assert the interstitial is gone
846
847 // We are in the help page.
848 EXPECT_EQ(
849 "/transparencyreport/safebrowsing/",
850 browser()->tab_strip_model()->GetActiveWebContents()->GetURL().path());
851 }