// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <memory> #include <optional> #include <tuple> #include <utility> #include "base/files/file_path.h" #include "base/functional/bind.h" #include "base/functional/callback_helpers.h" #include "base/memory/raw_ptr.h" #include "base/memory/read_only_shared_memory_region.h" #include "base/memory/ref_counted.h" #include "base/run_loop.h" #include "base/synchronization/waitable_event.h" #include "base/test/gmock_move_support.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/scoped_command_line.h" #include "base/test/scoped_feature_list.h" #include "base/test/simple_test_tick_clock.h" #include "chrome/browser/safe_browsing/chrome_client_side_detection_host_delegate.h" #include "chrome/browser/safe_browsing/chrome_safe_browsing_blocking_page_factory.h" #include "chrome/browser/safe_browsing/chrome_ui_manager_delegate.h" #include "chrome/browser/safe_browsing/safe_browsing_service.h" #include "chrome/browser/safe_browsing/verdict_cache_manager_factory.h" #include "chrome/common/chrome_switches.h" #include "chrome/common/url_constants.h" #include "chrome/test/base/chrome_render_view_host_test_harness.h" #include "chrome/test/base/testing_profile.h" #include "components/permissions/test/mock_permission_prompt_factory.h" #include "components/permissions/test/mock_permission_request.h" #include "components/prefs/scoped_user_pref_update.h" #include "components/safe_browsing/content/browser/async_check_tracker.h" #include "components/safe_browsing/content/browser/client_side_detection_feature_cache.h" #include "components/safe_browsing/content/browser/client_side_detection_service.h" #include "components/safe_browsing/content/browser/client_side_phishing_model.h" #include "components/safe_browsing/content/browser/ui_manager.h" #include "components/safe_browsing/content/browser/unsafe_resource_util.h" #include "components/safe_browsing/content/browser/url_checker_holder.h" #include "components/safe_browsing/content/common/safe_browsing.mojom-shared.h" #include "components/safe_browsing/core/browser/db/database_manager.h" #include "components/safe_browsing/core/browser/db/test_database_manager.h" #include "components/safe_browsing/core/browser/db/v4_protocol_manager_util.h" #include "components/safe_browsing/core/browser/sync/sync_utils.h" #include "components/safe_browsing/core/common/features.h" #include "components/safe_browsing/core/common/proto/csd.pb.h" #include "components/safe_browsing/core/common/safe_browsing_prefs.h" #include "components/security_interstitials/core/unsafe_resource.h" #include "components/signin/public/identity_manager/identity_test_environment.h" #include "content/public/browser/back_forward_cache.h" #include "content/public/browser/browser_task_traits.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/navigation_entry.h" #include "content/public/browser/render_frame_host.h" #include "content/public/browser/web_contents.h" #include "content/public/test/browser_test_utils.h" #include "content/public/test/mock_render_process_host.h" #include "content/public/test/navigation_simulator.h" #include "content/public/test/test_renderer_host.h" #include "content/public/test/web_contents_tester.h" #include "ipc/ipc_test_sink.h" #include "mojo/public/cpp/base/proto_wrapper.h" #include "mojo/public/cpp/bindings/associated_receiver_set.h" #include "mojo/public/cpp/bindings/pending_receiver.h" #include "net/http/http_status_code.h" #include "services/network/public/cpp/shared_url_loader_factory.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "third_party/blink/public/common/associated_interfaces/associated_interface_provider.h" #include "url/gurl.h" BrowserThread; RenderFrameHostTester; WebContents; _; DeleteArg; DoAll; Eq; Invoke; IsNull; Mock; NiceMock; NotNull; Pointee; Return; ReturnRef; SaveArg; SetArgPointee; StrictMock; namespace { const bool kFalse = …; const bool kTrue = …; std::unique_ptr<content::NavigationSimulator> NavigateAndKeepLoading( content::WebContents* web_contents, const GURL& url) { … } } // namespace namespace safe_browsing { namespace { class MockSafeBrowsingTokenFetcher : public SafeBrowsingTokenFetcher { … }; // This matcher verifies that the client computed verdict // (ClientPhishingRequest) which is passed to SendClientReportPhishingRequest // has the expected fields set. Note: we can't simply compare the protocol // buffer strings because the BrowserFeatureExtractor might add features to the // verdict object before calling SendClientReportPhishingRequest. MATCHER_P(PartiallyEqualVerdict, other, "") { … } // Test that the callback is nullptr when the verdict is not phishing. MATCHER(CallbackIsNull, "") { … } class MockClientSideDetectionService : public ClientSideDetectionService { … }; class MockSafeBrowsingUIManager : public SafeBrowsingUIManager { … }; class MockSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager { … }; } // namespace class FakePhishingDetector : public mojom::PhishingDetector { … }; class ClientSideDetectionHostTestBase : public ChromeRenderViewHostTestHarness { … }; class ClientSideDetectionHostTest : public ClientSideDetectionHostTestBase { … }; class ClientSideDetectionHostIncognitoTest : public ClientSideDetectionHostTestBase { … }; TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneInvalidVerdict) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneNotPhishing) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneDisabled) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneShowInterstitial) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneMultiplePings) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneVerdictNotPhishing) { … } TEST_F( ClientSideDetectionHostTest, PhishingDetectionDoneServerModelPhishyAndExistsInHighConfidenceAllowlist) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneVerdictNotPhishingButSBMatchSubResource) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneVerdictNotPhishingButSBMatchOnNewRVH) { … } TEST_F( ClientSideDetectionHostTest, PhishingDetectionDoneVerdictNotPhishingButSBMatchOnSubresourceWhileNavPending) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneEnhancedProtectionShouldHaveToken) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneCalledTwiceShouldSucceed) { … } TEST_F(ClientSideDetectionHostIncognitoTest, PhishingDetectionDoneIncognitoShouldNotHaveToken) { … } TEST_F(ClientSideDetectionHostTest, PhishingDetectionDoneNoEnhancedProtectionShouldNotHaveToken) { … } // This test doesn't work because it makes assumption about how // the message loop is run, and those assumptions are wrong when properly // simulating a navigation with browser-side navigations. // TODO(clamy): Fix the test and re-enable. See crbug.com/753357. TEST_F(ClientSideDetectionHostTest, DISABLED_NavigationCancelsShouldClassifyUrl) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckPass) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckMatchCSDAllowlist) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckMatchHighConfidenceAllowlist) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckSameDocumentNavigation) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckXHTML) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckTwoNavigations) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckPrivateIpAddress) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckLocalResource) { … } TEST_F(ClientSideDetectionHostIncognitoTest, TestPreClassificationCheckIncognito) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckOverPhishingReportingLimit) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckOverBothReportingLimits) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckHttpsUrl) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckNoneHttpOrHttpsUrl) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationCheckValidCached) { … } TEST_F(ClientSideDetectionHostTest, TestPreClassificationAllowlistedByPolicy) { … } TEST_F(ClientSideDetectionHostTest, RecordsPhishingDetectorResults) { … } TEST_F(ClientSideDetectionHostTest, RecordsPhishingDetectionDuration) { … } TEST_F(ClientSideDetectionHostTest, PopulatesPageLoadToken) { … } TEST_F(ClientSideDetectionHostTest, CSDFeaturesCacheContainsVerdictAndFullDebuggingMetadata) { … } TEST_F(ClientSideDetectionHostTest, RTLookupResponseForceRequestSendsCSPPPingWhenVerdictNotPhishing) { … } class ClientSideDetectionHostNotificationTest : public ClientSideDetectionHostTest { … }; TEST_F(ClientSideDetectionHostNotificationTest, NotificationPermissionPromptTriggersClassificationRequest) { … } TEST_F(ClientSideDetectionHostNotificationTest, NotPhishingVerdictSendsPingFromNotificationPermissionPrompt) { … } class ClientSideDetectionRTLookupResponseForceRequestTest : public ClientSideDetectionHostTest { … }; TEST_F(ClientSideDetectionRTLookupResponseForceRequestTest, AsyncCheckTrackerTriggersClassificationRequest) { … } TEST_F(ClientSideDetectionRTLookupResponseForceRequestTest, AsyncCheckTrackerNotTriggerClassificationRequestNoEnforcedPing) { … } TEST_F(ClientSideDetectionRTLookupResponseForceRequestTest, AsyncCheckTrackerNotTriggerClassificationRequestAlreadyPhishing) { … } class ClientSideDetectionHostDebugFeaturesTest : public ClientSideDetectionHostTest { … }; TEST_F(ClientSideDetectionHostDebugFeaturesTest, SkipsAllowlistWhenDumpingFeatures) { … } TEST_F(ClientSideDetectionHostDebugFeaturesTest, SkipsCacheWhenDumpingFeatures) { … } TEST_F(ClientSideDetectionHostDebugFeaturesTest, SkipsReportLimitWhenDumpingFeatures) { … } } // namespace safe_browsing
Codebase Browser
chromium