| // Copyright 2017 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include <memory> |
| #include <string> |
| #include <utility> |
| #include <vector> |
| |
| #include "base/macros.h" |
| #include "chrome/browser/safe_browsing/test_safe_browsing_database_helper.h" |
| #include "chrome/browser/subresource_filter/subresource_filter_browser_test_harness.h" |
| #include "chrome/test/base/ui_test_utils.h" |
| #include "components/safe_browsing/db/safebrowsing.pb.h" |
| #include "components/safe_browsing/db/v4_embedded_test_server_util.h" |
| #include "components/safe_browsing/db/v4_protocol_manager_util.h" |
| #include "components/safe_browsing/db/v4_test_util.h" |
| #include "components/subresource_filter/core/browser/subresource_filter_constants.h" |
| #include "components/subresource_filter/core/browser/subresource_filter_features.h" |
| #include "content/public/browser/web_contents.h" |
| #include "content/public/test/browser_test_utils.h" |
| #include "net/test/embedded_test_server/embedded_test_server.h" |
| #include "testing/gtest/include/gtest/gtest.h" |
| #include "url/gurl.h" |
| |
| namespace subresource_filter { |
| |
| // This test harness intercepts URLRequests going to the SafeBrowsing V4 server. |
| // It allows the tests to mock out proto responses. |
| class SubresourceFilterInterceptingBrowserTest |
| : public SubresourceFilterBrowserTest { |
| public: |
| SubresourceFilterInterceptingBrowserTest() |
| : safe_browsing_test_server_( |
| std::make_unique<net::test_server::EmbeddedTestServer>()) {} |
| ~SubresourceFilterInterceptingBrowserTest() override {} |
| |
| net::test_server::EmbeddedTestServer* safe_browsing_test_server() { |
| return safe_browsing_test_server_.get(); |
| } |
| |
| safe_browsing::ThreatMatch GetBetterAdsMatch(const GURL& url, |
| const std::string& bas_value) { |
| safe_browsing::ThreatMatch threat_match; |
| threat_match.set_threat_type(safe_browsing::SUBRESOURCE_FILTER); |
| threat_match.set_platform_type( |
| safe_browsing::GetUrlSubresourceFilterId().platform_type()); |
| threat_match.set_threat_entry_type(safe_browsing::URL); |
| |
| safe_browsing::FullHash enforce_full_hash = safe_browsing::GetFullHash(url); |
| threat_match.mutable_threat()->set_hash(enforce_full_hash); |
| threat_match.mutable_cache_duration()->set_seconds(300); |
| |
| safe_browsing::ThreatEntryMetadata::MetadataEntry* threat_meta = |
| threat_match.mutable_threat_entry_metadata()->add_entries(); |
| threat_meta->set_key("sf_bas"); |
| threat_meta->set_value(bas_value); |
| return threat_match; |
| } |
| |
| private: |
| // SubresourceFilterBrowserTest: |
| std::unique_ptr<TestSafeBrowsingDatabaseHelper> CreateTestDatabase() |
| override { |
| std::vector<safe_browsing::ListIdentifier> list_ids = { |
| safe_browsing::GetUrlSubresourceFilterId()}; |
| return std::make_unique<TestSafeBrowsingDatabaseHelper>( |
| nullptr, std::move(list_ids)); |
| } |
| void SetUp() override { |
| ASSERT_TRUE(safe_browsing_test_server()->InitializeAndListen()); |
| SubresourceFilterBrowserTest::SetUp(); |
| } |
| |
| // This class needs some specific test server managing to intercept V4 hash |
| // requests, so just use another server for that rather than try to use the |
| // parent class' server. |
| std::unique_ptr<net::test_server::EmbeddedTestServer> |
| safe_browsing_test_server_; |
| DISALLOW_COPY_AND_ASSIGN(SubresourceFilterInterceptingBrowserTest); |
| }; |
| |
| IN_PROC_BROWSER_TEST_F(SubresourceFilterInterceptingBrowserTest, |
| BetterAdsMetadata) { |
| ResetConfiguration(Configuration::MakePresetForLiveRunForBetterAds()); |
| ASSERT_NO_FATAL_FAILURE( |
| SetRulesetToDisallowURLsWithPathSuffix("included_script.js")); |
| |
| GURL enforce_url(embedded_test_server()->GetURL( |
| "enforce.example.com", |
| "/subresource_filter/frame_with_included_script.html")); |
| GURL warn_url(embedded_test_server()->GetURL( |
| "warn.example.com", |
| "/subresource_filter/frame_with_included_script.html")); |
| |
| // Mark the prefixes as bad so that safe browsing will request full hashes |
| // from the v4 server. |
| database_helper()->LocallyMarkPrefixAsBad( |
| enforce_url, safe_browsing::GetUrlSubresourceFilterId()); |
| database_helper()->LocallyMarkPrefixAsBad( |
| warn_url, safe_browsing::GetUrlSubresourceFilterId()); |
| |
| // Register the V4 server to handle full hash requests for the two URLs, with |
| // the given ThreatMatches, then start accepting connections on the v4 server. |
| std::map<GURL, safe_browsing::ThreatMatch> response_map{ |
| {enforce_url, GetBetterAdsMatch(enforce_url, "enforce")}, |
| {warn_url, GetBetterAdsMatch(warn_url, "warn")}}; |
| safe_browsing::StartRedirectingV4RequestsForTesting( |
| response_map, safe_browsing_test_server()); |
| safe_browsing_test_server()->StartAcceptingConnections(); |
| |
| content::ConsoleObserverDelegate enforce_console_observer( |
| web_contents(), kActivationConsoleMessage); |
| web_contents()->SetDelegate(&enforce_console_observer); |
| ui_test_utils::NavigateToURL(browser(), enforce_url); |
| EXPECT_FALSE(WasParsedScriptElementLoaded(web_contents()->GetMainFrame())); |
| EXPECT_EQ(enforce_console_observer.message(), kActivationConsoleMessage); |
| |
| content::ConsoleObserverDelegate warn_console_observer( |
| web_contents(), kActivationWarningConsoleMessage); |
| web_contents()->SetDelegate(&warn_console_observer); |
| ui_test_utils::NavigateToURL(browser(), warn_url); |
| warn_console_observer.Wait(); |
| EXPECT_TRUE(WasParsedScriptElementLoaded(web_contents()->GetMainFrame())); |
| EXPECT_EQ(warn_console_observer.message(), kActivationWarningConsoleMessage); |
| } |
| |
| } // namespace subresource_filter |