// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "chrome/browser/safe_browsing/download_protection/download_protection_service.h" #include <stddef.h> #include <stdint.h> #include <map> #include <memory> #include <string> #include <utility> #include "base/base_paths.h" #include "base/command_line.h" #include "base/containers/flat_map.h" #include "base/containers/span.h" #include "base/feature_list.h" #include "base/files/file_path.h" #include "base/files/file_util.h" #include "base/files/scoped_temp_dir.h" #include "base/functional/bind.h" #include "base/functional/callback.h" #include "base/functional/callback_helpers.h" #include "base/location.h" #include "base/memory/raw_ptr.h" #include "base/memory/ref_counted.h" #include "base/memory/scoped_refptr.h" #include "base/path_service.h" #include "base/run_loop.h" #include "base/strings/string_number_conversions.h" #include "base/task/single_thread_task_runner.h" #include "base/task/thread_pool/thread_pool_instance.h" #include "base/test/bind.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/mock_callback.h" #include "base/test/scoped_feature_list.h" #include "build/build_config.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/content_settings/host_content_settings_map_factory.h" #include "chrome/browser/download/chrome_download_manager_delegate.h" #include "chrome/browser/download/download_core_service.h" #include "chrome/browser/download/download_core_service_factory.h" #include "chrome/browser/download/download_item_warning_data.h" #include "chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router.h" #include "chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router_factory.h" #include "chrome/browser/history/history_service_factory.h" #include "chrome/browser/password_manager/account_password_store_factory.h" #include "chrome/browser/password_manager/profile_password_store_factory.h" #include "chrome/browser/policy/dm_token_utils.h" #include "chrome/browser/policy/policy_test_utils.h" #include "chrome/browser/safe_browsing/advanced_protection_status_manager.h" #include "chrome/browser/safe_browsing/advanced_protection_status_manager_factory.h" #include "chrome/browser/safe_browsing/cloud_content_scanning/binary_upload_service.h" #include "chrome/browser/safe_browsing/cloud_content_scanning/cloud_binary_upload_service_factory.h" #include "chrome/browser/safe_browsing/cloud_content_scanning/test_binary_upload_service.h" #include "chrome/browser/safe_browsing/download_protection/check_file_system_access_write_request.h" #include "chrome/browser/safe_browsing/download_protection/download_feedback_service.h" #include "chrome/browser/safe_browsing/download_protection/download_protection_unittest_util.h" #include "chrome/browser/safe_browsing/download_protection/download_protection_util.h" #include "chrome/browser/safe_browsing/download_protection/ppapi_download_request.h" #include "chrome/browser/safe_browsing/incident_reporting/incident_reporting_service.h" #include "chrome/browser/safe_browsing/safe_browsing_navigation_observer_manager_factory.h" #include "chrome/browser/safe_browsing/safe_browsing_service.h" #include "chrome/browser/safe_browsing/test_extension_event_observer.h" #include "chrome/browser/safe_browsing/test_safe_browsing_service.h" #include "chrome/browser/signin/identity_test_environment_profile_adaptor.h" #include "chrome/browser/sync/sync_service_factory.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/extensions/api/safe_browsing_private.h" #include "chrome/common/safe_browsing/binary_feature_extractor.h" #include "chrome/common/safe_browsing/mock_binary_feature_extractor.h" #include "chrome/test/base/chrome_render_view_host_test_harness.h" #include "chrome/test/base/testing_browser_process.h" #include "chrome/test/base/testing_profile.h" #include "chrome/test/base/testing_profile_manager.h" #include "components/download/public/common/download_danger_type.h" #include "components/download/public/common/mock_download_item.h" #include "components/enterprise/buildflags/buildflags.h" #include "components/enterprise/common/proto/connectors.pb.h" #include "components/history/core/browser/history_service.h" #include "components/keyed_service/content/browser_context_keyed_service_factory.h" #include "components/password_manager/core/browser/features/password_features.h" #include "components/password_manager/core/browser/password_manager_test_utils.h" #include "components/password_manager/core/browser/password_store/test_password_store.h" #include "components/password_manager/core/common/password_manager_features.h" #include "components/policy/core/common/cloud/mock_cloud_policy_client.h" #include "components/policy/core/common/cloud/realtime_reporting_job_configuration.h" #include "components/policy/policy_constants.h" #include "components/prefs/pref_service.h" #include "components/prefs/scoped_user_pref_update.h" #include "components/safe_browsing/content/browser/safe_browsing_navigation_observer.h" #include "components/safe_browsing/content/browser/web_ui/safe_browsing_ui.h" #include "components/safe_browsing/content/common/file_type_policies_test_util.h" #include "components/safe_browsing/core/browser/db/database_manager.h" #include "components/safe_browsing/core/browser/db/test_database_manager.h" #include "components/safe_browsing/core/browser/db/v4_protocol_manager_util.h" #include "components/safe_browsing/core/common/features.h" #include "components/safe_browsing/core/common/proto/csd.pb.h" #include "components/safe_browsing/core/common/safe_browsing_prefs.h" #include "components/safe_browsing/core/common/safebrowsing_switches.h" #include "components/signin/public/identity_manager/identity_test_environment.h" #include "content/public/browser/browser_task_traits.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/download_item_utils.h" #include "content/public/browser/global_routing_id.h" #include "content/public/browser/page_navigator.h" #include "content/public/test/browser_task_environment.h" #include "content/public/test/navigation_simulator.h" #include "content/public/test/test_utils.h" #include "content/public/test/web_contents_tester.h" #include "extensions/browser/test_event_router.h" #include "net/base/url_util.h" #include "net/cert/x509_certificate.h" #include "net/cert/x509_util.h" #include "net/http/http_status_code.h" #include "services/network/public/cpp/shared_url_loader_factory.h" #include "services/network/public/cpp/weak_wrapper_shared_url_loader_factory.h" #include "services/network/public/mojom/url_response_head.mojom.h" #include "services/network/test/test_url_loader_factory.h" #include "services/network/test/test_utils.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" #include "third_party/zlib/google/zip.h" #include "url/gurl.h" #if BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) #include "chrome/browser/enterprise/connectors/connectors_service.h" #include "chrome/browser/enterprise/connectors/reporting/realtime_reporting_client_factory.h" #include "chrome/browser/enterprise/connectors/test/deep_scanning_test_utils.h" #endif // BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) RunLoop; BrowserThread; FileSystemAccessWriteItem; _; Assign; AtMost; ContainerEq; DoAll; ElementsAre; Invoke; Mock; NiceMock; NotNull; Return; ReturnRef; SaveArg; SizeIs; StrictMock; OnDangerousDownloadOpened; namespace safe_browsing { namespace { // A SafeBrowsingDatabaseManager implementation that returns a fixed result for // a given URL. class MockSafeBrowsingDatabaseManager : public TestSafeBrowsingDatabaseManager { … }; std::unique_ptr<KeyedService> CreateTestBinaryUploadService( content::BrowserContext* browser_context) { … } class FakeSafeBrowsingService : public TestSafeBrowsingService { … }; NiceMockDownloadItem; } // namespace ACTION_P(SetCertificateContents, contents) { … } ACTION_P(SetDosHeaderContents, contents) { … } ACTION_P(TrustSignature, contents) { … } ACTION_P(CheckDownloadUrlDone, threat_type) { … } class DownloadProtectionServiceTestBase : public ChromeRenderViewHostTestHarness { … }; DownloadProtectionServiceTest; DeepScanningDownloadTest; class DownloadProtectionServiceMockTimeTest : public DownloadProtectionServiceTestBase { … }; // A test with the appropriate feature flags enabled to test the behavior for // Enhanced Protection users. class EnhancedProtectionDownloadTest : public DownloadProtectionServiceTestBase { … }; void DownloadProtectionServiceTestBase::CheckClientDownloadReportCorruptArchive( ArchiveType type) { … } // TODO(crbug.com/41319255): Create specific unit tests for // check_client_download_request.*, download_url_sb_client.*, and // ppapi_download_request.*. TEST_F(DownloadProtectionServiceTest, CheckClientDownloadInvalidUrl) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadNotABinary) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadAllowlistedUrlWithoutSampling) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadAllowlistedUrlWithSampling) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadSampledFile) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadFetchFailed) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadSuccess) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadHTTPS) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadBlob) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadData) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadZip) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadReportCorruptZip) { … } #if BUILDFLAG(IS_MAC) TEST_F(DownloadProtectionServiceTest, CheckClientDownloadReportCorruptDmg) { CheckClientDownloadReportCorruptArchive(DMG); } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadReportValidDmg) { PrepareResponse(ClientDownloadResponse::SAFE, net::HTTP_OK, net::OK); base::FilePath test_dmg; EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &test_dmg)); test_dmg = test_dmg.AppendASCII("safe_browsing") .AppendASCII("mach_o") .AppendASCII("signed-archive.dmg"); NiceMockDownloadItem item; PrepareBasicDownloadItemWithFullPaths( &item, {"http://www.evil.com/a.dmg"}, // url_chain "http://www.google.com/", // referrer test_dmg, // tmp_path temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path content::DownloadItemUtils::AttachInfoForTesting(&item, profile(), nullptr); RunLoop run_loop; download_service_->CheckClientDownload( &item, base::BindRepeating(&DownloadProtectionServiceTest::CheckDoneCallback, base::Unretained(this), run_loop.QuitClosure())); run_loop.Run(); ASSERT_TRUE(HasClientDownloadRequest()); EXPECT_EQ(GetClientDownloadRequest()->archive_summary().parser_status(), ClientDownloadRequest::ArchiveSummary::VALID); ClearClientDownloadRequest(); Mock::VerifyAndClearExpectations(sb_service_.get()); Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); } // Tests that signatures get recorded and uploaded for signed DMGs. TEST_F(DownloadProtectionServiceTest, CheckClientDownloadReportDmgWithSignature) { PrepareResponse(ClientDownloadResponse::SAFE, net::HTTP_OK, net::OK); base::FilePath signed_dmg; EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &signed_dmg)); signed_dmg = signed_dmg.AppendASCII("safe_browsing") .AppendASCII("mach_o") .AppendASCII("signed-archive.dmg"); NiceMockDownloadItem item; PrepareBasicDownloadItemWithFullPaths( &item, {"http://www.evil.com/a.dmg"}, // url_chain "http://www.google.com/", // referrer signed_dmg, // tmp_path temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path content::DownloadItemUtils::AttachInfoForTesting(&item, profile(), nullptr); RunLoop run_loop; download_service_->CheckClientDownload( &item, base::BindRepeating(&DownloadProtectionServiceTest::CheckDoneCallback, base::Unretained(this), run_loop.QuitClosure())); run_loop.Run(); ASSERT_TRUE(HasClientDownloadRequest()); EXPECT_TRUE(GetClientDownloadRequest()->has_udif_code_signature()); EXPECT_EQ(2215u, GetClientDownloadRequest()->udif_code_signature().length()); base::FilePath signed_dmg_signature; EXPECT_TRUE( base::PathService::Get(chrome::DIR_TEST_DATA, &signed_dmg_signature)); signed_dmg_signature = signed_dmg_signature.AppendASCII("safe_browsing") .AppendASCII("mach_o") .AppendASCII("signed-archive-signature.data"); std::string signature; base::ReadFileToString(signed_dmg_signature, &signature); EXPECT_EQ(2215u, signature.length()); EXPECT_EQ(signature, GetClientDownloadRequest()->udif_code_signature()); ClearClientDownloadRequest(); Mock::VerifyAndClearExpectations(sb_service_.get()); Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); } // Tests that no signature gets recorded and uploaded for unsigned DMGs. TEST_F(DownloadProtectionServiceTest, CheckClientDownloadReportDmgWithoutSignature) { PrepareResponse(ClientDownloadResponse::SAFE, net::HTTP_OK, net::OK); base::FilePath unsigned_dmg; EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &unsigned_dmg)); unsigned_dmg = unsigned_dmg.AppendASCII("safe_browsing") .AppendASCII("dmg") .AppendASCII("data") .AppendASCII("mach_o_in_dmg.dmg"); NiceMockDownloadItem item; PrepareBasicDownloadItemWithFullPaths( &item, {"http://www.evil.com/a.dmg"}, // url_chain "http://www.google.com/", // referrer unsigned_dmg, // tmp_path temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path content::DownloadItemUtils::AttachInfoForTesting(&item, profile(), nullptr); RunLoop run_loop; download_service_->CheckClientDownload( &item, base::BindRepeating(&DownloadProtectionServiceTest::CheckDoneCallback, base::Unretained(this), run_loop.QuitClosure())); run_loop.Run(); ASSERT_TRUE(HasClientDownloadRequest()); EXPECT_EQ(GetClientDownloadRequest()->archive_summary().parser_status(), ClientDownloadRequest::ArchiveSummary::VALID); EXPECT_FALSE(GetClientDownloadRequest()->has_udif_code_signature()); ClearClientDownloadRequest(); Mock::VerifyAndClearExpectations(sb_service_.get()); Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); } // Test that downloaded files with no disk image extension that have a 'koly' // trailer are treated as disk images and processed accordingly. TEST_F(DownloadProtectionServiceTest, CheckClientDownloadReportDmgWithoutExtension) { PrepareResponse(ClientDownloadResponse::SAFE, net::HTTP_OK, net::OK); base::FilePath test_data; EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &test_data)); test_data = test_data.AppendASCII("safe_browsing") .AppendASCII("dmg") .AppendASCII("data") .AppendASCII("mach_o_in_dmg.txt"); NiceMockDownloadItem item; PrepareBasicDownloadItemWithFullPaths( &item, {"http://www.evil.com/a.dmg"}, // url_chain "http://www.google.com/", // referrer test_data, // tmp_path temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path content::DownloadItemUtils::AttachInfoForTesting(&item, profile(), nullptr); RunLoop run_loop; download_service_->CheckClientDownload( &item, base::BindRepeating(&DownloadProtectionServiceTest::CheckDoneCallback, base::Unretained(this), run_loop.QuitClosure())); run_loop.Run(); ASSERT_TRUE(HasClientDownloadRequest()); EXPECT_EQ(GetClientDownloadRequest()->archive_summary().parser_status(), ClientDownloadRequest::ArchiveSummary::VALID); ClearClientDownloadRequest(); Mock::VerifyAndClearExpectations(sb_service_.get()); Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); } // Demonstrate that a .dmg file whose a) extension has been changed to .txt and // b) 'koly' signature has been removed is not processed as a disk image. TEST_F(DownloadProtectionServiceTest, CheckClientDownloadReportDmgWithoutKoly) { PrepareResponse(ClientDownloadResponse::SAFE, net::HTTP_OK, net::OK); base::FilePath test_data; EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &test_data)); test_data = test_data.AppendASCII("safe_browsing") .AppendASCII("dmg") .AppendASCII("data") .AppendASCII("mach_o_in_dmg_no_koly_signature.txt"); NiceMockDownloadItem item; PrepareBasicDownloadItemWithFullPaths( &item, {"http://www.evil.com/a.dmg"}, // url_chain "http://www.google.com/", // referrer test_data, // tmp_path temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path content::DownloadItemUtils::AttachInfoForTesting(&item, profile(), nullptr); RunLoop run_loop; download_service_->CheckClientDownload( &item, base::BindRepeating(&DownloadProtectionServiceTest::CheckDoneCallback, base::Unretained(this), run_loop.QuitClosure())); run_loop.Run(); ASSERT_TRUE(HasClientDownloadRequest()); EXPECT_NE(GetClientDownloadRequest()->archive_summary().parser_status(), ClientDownloadRequest::ArchiveSummary::VALID); ClearClientDownloadRequest(); Mock::VerifyAndClearExpectations(sb_service_.get()); Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); } // Test that a large DMG (size equals max value of 64 bit signed int) is not // unpacked for binary feature analysis. TEST_F(DownloadProtectionServiceTest, CheckClientDownloadReportLargeDmg) { PrepareResponse(ClientDownloadResponse::SAFE, net::HTTP_OK, net::OK); base::FilePath unsigned_dmg; EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &unsigned_dmg)); unsigned_dmg = unsigned_dmg.AppendASCII("safe_browsing") .AppendASCII("dmg") .AppendASCII("data") .AppendASCII("mach_o_in_dmg.dmg"); NiceMockDownloadItem item; PrepareBasicDownloadItemWithFullPaths( &item, {"http://www.evil.com/a.dmg"}, // url_chain "http://www.google.com/", // referrer unsigned_dmg, // tmp_path temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path content::DownloadItemUtils::AttachInfoForTesting(&item, profile(), nullptr); // Set the max file size to unpack to 0, so that this DMG is now "too large" std::unique_ptr<DownloadFileTypeConfig> config = policies_.DuplicateConfig(); for (int i = 0; i < config->file_types_size(); i++) { if (config->file_types(i).extension() == "dmg") { for (int j = 0; j < config->file_types(i).platform_settings_size(); j++) { config->mutable_file_types(i) ->mutable_platform_settings(j) ->set_max_file_size_to_analyze(0); } } } policies_.SwapConfig(config); RunLoop run_loop; download_service_->CheckClientDownload( &item, base::BindRepeating(&DownloadProtectionServiceTest::CheckDoneCallback, base::Unretained(this), run_loop.QuitClosure())); run_loop.Run(); ASSERT_TRUE(HasClientDownloadRequest()); // Even though the test DMG is valid, it is not unpacked due to its large // size. EXPECT_NE(GetClientDownloadRequest()->archive_summary().parser_status(), ClientDownloadRequest::ArchiveSummary::VALID); ClearClientDownloadRequest(); Mock::VerifyAndClearExpectations(sb_service_.get()); Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); } // Verifies the results of DMG analysis end-to-end. TEST_F(DownloadProtectionServiceTest, DMGAnalysisEndToEnd) { PrepareResponse(ClientDownloadResponse::SAFE, net::HTTP_OK, net::OK); base::FilePath dmg; EXPECT_TRUE(base::PathService::Get(chrome::DIR_TEST_DATA, &dmg)); dmg = dmg.AppendASCII("safe_browsing") .AppendASCII("dmg") .AppendASCII("data") .AppendASCII("mach_o_in_dmg.dmg"); NiceMockDownloadItem item; PrepareBasicDownloadItemWithFullPaths( &item, {"http://www.evil.com/a.dmg"}, // url_chain "http://www.google.com/", // referrer dmg, // tmp_path temp_dir_.GetPath().Append(FILE_PATH_LITERAL("a.dmg"))); // final_path content::DownloadItemUtils::AttachInfoForTesting(&item, profile(), nullptr); RunLoop run_loop; download_service_->CheckClientDownload( &item, base::BindRepeating(&DownloadProtectionServiceTest::CheckDoneCallback, base::Unretained(this), run_loop.QuitClosure())); run_loop.Run(); ASSERT_TRUE(HasClientDownloadRequest()); auto* request = GetClientDownloadRequest(); EXPECT_EQ(GetClientDownloadRequest()->archive_summary().parser_status(), ClientDownloadRequest::ArchiveSummary::VALID); EXPECT_FALSE(request->has_udif_code_signature()); EXPECT_EQ(ClientDownloadRequest_DownloadType_MAC_EXECUTABLE, request->download_type()); ASSERT_EQ(2, request->archived_binary().size()); for (const auto& binary : request->archived_binary()) { EXPECT_FALSE(binary.file_path().empty()); EXPECT_EQ(ClientDownloadRequest_DownloadType_MAC_EXECUTABLE, binary.download_type()); ASSERT_TRUE(binary.has_digests()); EXPECT_TRUE(binary.digests().has_sha256()); EXPECT_TRUE(binary.has_length()); ASSERT_TRUE(binary.has_image_headers()); ASSERT_FALSE(binary.image_headers().mach_o_headers().empty()); EXPECT_FALSE( binary.image_headers().mach_o_headers().Get(0).mach_header().empty()); EXPECT_FALSE( binary.image_headers().mach_o_headers().Get(0).load_commands().empty()); } ASSERT_EQ(1, request->detached_code_signature().size()); EXPECT_FALSE(request->detached_code_signature().Get(0).file_name().empty()); EXPECT_FALSE(request->detached_code_signature().Get(0).contents().empty()); ClearClientDownloadRequest(); Mock::VerifyAndClearExpectations(sb_service_.get()); Mock::VerifyAndClearExpectations(binary_feature_extractor_.get()); } #endif // BUILDFLAG(IS_MAC) TEST_F(DownloadProtectionServiceTest, CheckClientDownloadValidateRequest) { … } // Similar to above, but with an unsigned binary. TEST_F(DownloadProtectionServiceTest, CheckClientDownloadValidateRequestNoSignature) { … } // Similar to above, but with tab history. TEST_F(DownloadProtectionServiceTest, CheckClientDownloadValidateRequestTabHistory) { … } TEST_F(DownloadProtectionServiceTest, TestCheckDownloadUrl) { … } TEST_F(DownloadProtectionServiceTest, TestCheckDownloadUrlOnPolicyAllowlistedDownload) { … } TEST_F(DownloadProtectionServiceMockTimeTest, TestDownloadRequestTimeout) { … } TEST_F(DownloadProtectionServiceTest, TestDownloadItemDestroyed) { … } TEST_F(DownloadProtectionServiceTest, TestDownloadItemDestroyedDuringAllowlistCheck) { … } namespace { class MockPageNavigator : public content::PageNavigator { … }; // A custom matcher that matches a OpenURLParams value with a url with a query // parameter patching |value|. MATCHER_P(OpenURLParamsWithContextValue, value, "") { … } } // namespace // ShowDetailsForDownload() should open a URL showing more information about why // a download was flagged by SafeBrowsing. The URL should have a &ctx= parameter // whose value is the DownloadDangerType. TEST_F(DownloadProtectionServiceTest, ShowDetailsForDownloadHasContext) { … } TEST_F(DownloadProtectionServiceTest, GetAndSetDownloadProtectionData) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_Unsupported) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_SupportedDefault) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_SupportedAlternate) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_AllowlistedURL) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_FetchFailed) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_InvalidResponse) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_Timeout) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_Payload) { … } TEST_F(DownloadProtectionServiceTest, PPAPIDownloadRequest_AllowlistedByPolicy) { … } TEST_F(DownloadProtectionServiceTest, VerifyMaybeSendDangerousDownloadOpenedReport) { … } #if BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) TEST_F(DownloadProtectionServiceTest, VerifyBypassReportSentImmediatelyIfVerdictDangerous) { … } TEST_F(DownloadProtectionServiceTest, VerifyBypassReportSentImmediatelyIfVerdictSensitive) { … } TEST_F(DownloadProtectionServiceTest, VerifyBypassReportSentAfterDangerousVerdictReceived) { … } TEST_F(DownloadProtectionServiceTest, VerifyBypassReportSentAfterDlpVerdictReceived) { … } TEST_F(DownloadProtectionServiceTest, VerifyBypassReportSentAfterDlpBlockVerdictReceived) { … } #endif // BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) TEST_F(DownloadProtectionServiceTest, VerifyDangerousDownloadOpenedAPICall) { … } TEST_F(DownloadProtectionServiceTest, CheckClientDownloadAllowlistedByPolicy) { … } TEST_F(DownloadProtectionServiceTest, CheckOffTheRecordDoesNotSendFeedback) { … } // ------------ class DownloadProtectionServiceFlagTest ---------------- class DownloadProtectionServiceFlagTest : public DownloadProtectionServiceTestBase, public testing::WithParamInterface<bool> { … }; TEST_F(DownloadProtectionServiceFlagTest, CheckClientDownloadOverridenByFlag) { … } // Test a real .zip with a real .exe in it, where the .exe is manually // blocklisted by hash. TEST_F(DownloadProtectionServiceFlagTest, CheckClientDownloadZipOverridenByFlag) { … } TEST_F(DownloadProtectionServiceTest, VerifyReferrerChainWithEmptyNavigationHistory) { … } TEST_F(DownloadProtectionServiceTest, VerifyReferrerChainLengthForExtendedReporting) { … } TEST_F(DownloadProtectionServiceTest, DoesNotSendPingForCancelledDownloads) { … } #if BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) TEST_F(DeepScanningDownloadTest, PasswordProtectedArchivesBlockedByPreference) { … } TEST_F(DeepScanningDownloadTest, LargeFileBlockedByPreference) { … } #endif // BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) TEST_F(DownloadProtectionServiceTest, FileSystemAccessWriteRequest_NotABinary) { … } TEST_F(DownloadProtectionServiceTest, FileSystemAccessWriteRequest_SampledFile) { … } TEST_F(DownloadProtectionServiceTest, FileSystemAccessWriteRequest_FetchFailed) { … } TEST_F(DownloadProtectionServiceTest, FileSystemAccessWriteRequest_Success) { … } TEST_F(DownloadProtectionServiceTest, FileSystemAccessWriteRequest_WebContentsNull) { … } TEST_F(DownloadProtectionServiceTest, FileSystemAccessWriteRequest_ProfileDestroyed) { … } TEST_F(DownloadProtectionServiceTest, FileSystemAccessWriteRequest_AllowlistedByPolicy) { … } TEST_F(DownloadProtectionServiceTest, FileSystemAccessWriteRequest_CheckRequest) { … } TEST_F(EnhancedProtectionDownloadTest, AccessTokenForEnhancedProtectionUsers) { … } TEST_F(EnhancedProtectionDownloadTest, AccessTokenOnlyWhenSignedIn) { … } TEST_F(EnhancedProtectionDownloadTest, NoAccessTokenWhileIncognito) { … } TEST_F(DownloadProtectionServiceTest, DifferentProfilesUseDifferentNetworkContexts) { … } #if BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) TEST_F(DeepScanningDownloadTest, PolicyEnabled) { … } TEST_F(DeepScanningDownloadTest, PolicyDisabled) { … } TEST_F(DeepScanningDownloadTest, SafeVerdictPrecedence) { … } #endif // BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) TEST_F(DownloadProtectionServiceTest, AdvancedProtectionRequestScan) { … } TEST_F(DownloadProtectionServiceTest, AdvancedProtectionRequestScanWithSafeResponse) { … } TEST_F(DownloadProtectionServiceTest, AdvancedProtectionRequestScanFalse) { … } TEST_F(DownloadProtectionServiceTest, ESBRequestScan) { … } TEST_F(DownloadProtectionServiceTest, ESBRequestScanFalse) { … } TEST_F(DownloadProtectionServiceTest, ESBRequestScanFalseWhenTooLarge) { … } TEST_F(DownloadProtectionServiceTest, ESBRequestScanFalseWhenIncognito) { … } TEST_F(DownloadProtectionServiceTest, ESBRequestScanPolicyEnabled) { … } TEST_F(DownloadProtectionServiceTest, ESBRequestScanPolicyDisabled) { … } class EnterpriseCsdDownloadTest : public DownloadProtectionServiceTestBase { … }; #if BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) TEST_F(EnterpriseCsdDownloadTest, SkipsConsumerCsdWhenEnabled) { … } TEST_F(EnterpriseCsdDownloadTest, PopulatesCsdFieldWhenEnabled) { … } TEST_F(EnterpriseCsdDownloadTest, StillDoesMetadataCheckForLargeFile) { … } #endif // BUILDFLAG(ENTERPRISE_CLOUD_CONTENT_ANALYSIS) class ImmediateDeepScanTest : public DownloadProtectionServiceTest { … }; TEST_F(ImmediateDeepScanTest, ESBRequestScan) { … } TEST_F(ImmediateDeepScanTest, APPRequestScan) { … } TEST_F(ImmediateDeepScanTest, EncryptedArchive) { … } TEST_F(ImmediateDeepScanTest, ImmediateDeepScansSetPref) { … } } // namespace safe_browsing
Codebase Browser
chromium