// Copyright 2017 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "components/blocked_content/safe_browsing_triggered_popup_blocker.h" #include <memory> #include <set> #include <string> #include <utility> #include <vector> #include "base/containers/contains.h" #include "base/path_service.h" #include "base/test/bind.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/scoped_feature_list.h" #include "build/build_config.h" #include "chrome/browser/content_settings/host_content_settings_map_factory.h" #include "chrome/browser/profiles/profile.h" #include "chrome/browser/safe_browsing/test_safe_browsing_database_helper.h" #include "chrome/browser/ui/browser.h" #include "chrome/browser/ui/browser_commands.h" #include "chrome/browser/ui/tabs/tab_strip_model.h" #include "chrome/common/pref_names.h" #include "chrome/test/base/in_process_browser_test.h" #include "chrome/test/base/ui_test_utils.h" #include "components/back_forward_cache/back_forward_cache_disable.h" #include "components/blocked_content/popup_blocker_tab_helper.h" #include "components/content_settings/browser/page_specific_content_settings.h" #include "components/content_settings/core/browser/host_content_settings_map.h" #include "components/content_settings/core/common/content_settings_types.h" #include "components/policy/core/browser/browser_policy_connector.h" #include "components/policy/core/common/mock_configuration_policy_provider.h" #include "components/policy/core/common/policy_map.h" #include "components/policy/core/common/policy_types.h" #include "components/policy/policy_constants.h" #include "components/prefs/pref_service.h" #include "components/safe_browsing/core/browser/db/safebrowsing.pb.h" #include "components/safe_browsing/core/browser/db/v4_embedded_test_server_util.h" #include "components/safe_browsing/core/browser/db/v4_test_util.h" #include "components/subresource_filter/core/browser/subresource_filter_features.h" #include "content/public/browser/render_frame_host.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/web_contents.h" #include "content/public/test/back_forward_cache_util.h" #include "content/public/test/browser_test.h" #include "content/public/test/browser_test_utils.h" #include "content/public/test/fenced_frame_test_util.h" #include "content/public/test/prerender_test_util.h" #include "content/public/test/test_navigation_observer.h" #include "net/dns/mock_host_resolver.h" #include "net/test/embedded_test_server/embedded_test_server.h" #include "testing/gtest/include/gtest/gtest.h" #include "url/gurl.h" PageSpecificContentSettings; SubresourceFilterLevel; SubresourceFilterType; namespace { // Checks console messages. void RoundTripAndVerifyLogMessages( const content::WebContentsConsoleObserver& observer, content::WebContents* web_contents, std::set<std::string> messages_expected, std::set<std::string> messages_not_expected) { … } } // namespace // Tests for the subresource_filter popup blocker. class SafeBrowsingTriggeredPopupBlockerBrowserTest : public InProcessBrowserTest { … }; class SafeBrowsingTriggeredPopupBlockerDisabledTest : public SafeBrowsingTriggeredPopupBlockerBrowserTest { … }; // This test harness does not mock the safe browsing v4 hash protocol manager. // Instead, it mocks actual HTTP responses from the v4 server by redirecting // requests to a custom test server with a special full hash request handler. class SafeBrowsingTriggeredInterceptingBrowserTest : public SafeBrowsingTriggeredPopupBlockerBrowserTest { … }; IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerDisabledTest, NoFeature_AllowCreatingNewWindows) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerDisabledTest, NoFeature_NoMessages) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, DrivenByEnterprisePolicy) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, NoList_AllowCreatingNewWindows) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, NoAbusive_AllowCreatingNewWindows) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, BlockCreatingNewWindows) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, ShowBlockedPopup) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, BlockCreatingNewWindows_LogsToConsole) { … } // Allowlisted sites should not have console logging. IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, AllowCreatingNewWindows_NoLogToConsole) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, BlockOpenURLFromTab) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, BlockOpenURLFromTabInIframe) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, MultipleNavigations) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, WarningDoNotBlockCreatingNewWindows_LogsToConsole) { … } // If the site activates in warning mode, make sure warning messages are logged // even if the user has popups allowlisted via settings. IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, WarningAllowCreatingNewWindows_LogsToConsole) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredInterceptingBrowserTest, AbusiveMetadata) { … } IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, AbusivePagesAreNotPutIntoBackForwardCache) { … } // Tests that the popup blocker UI is shown when a sub frame tries to // open a new window if the main frame is marked as abusive since // SafeBrowsingTriggeredPopupBlocker works based on a main frame. IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerBrowserTest, OpenNewWindowInSubFrame) { … } class SafeBrowsingTriggeredPopupBlockerPrerenderingBrowserTest : public SafeBrowsingTriggeredPopupBlockerBrowserTest { … }; // Tests that the console logs for SafeBrowsingTriggeredPopupBlocker are from // correct source frames. // TODO: crbug.com/329145811 - The test is flaky on all platforms. IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerPrerenderingBrowserTest, DISABLED_ConsoleLogWithSourceFrame) { … } // Tests that a prerendered page doesn't create a window and if it's activated // creating a window triggers the popup blocker. IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerPrerenderingBrowserTest, PopupBlockedAfterActivation) { … } class SafeBrowsingTriggeredPopupBlockerFencedFrameBrowserTest : public SafeBrowsingTriggeredPopupBlockerBrowserTest { … }; // The following two tests ensure that SafeBrowsingTriggeredPopupBlocker // isn't triggered for a fenced frame since it's treated as a subframe for // SafeBrowsingTriggeredPopupBlocker even though it's a main frame in a frame // tree. // This test ensures that opening a new window in a fenced frame doesn't trigger // the popup blocker when the primary page is not marked as abusive, even if the // fenced frame's URL is. IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerFencedFrameBrowserTest, ShouldNotTriggerPopupBlocker) { … } // This test ensures that the primary page has the popup blocker when // the primary page is marked as abusive and the fenced frame tries to open a // new window. IN_PROC_BROWSER_TEST_F(SafeBrowsingTriggeredPopupBlockerFencedFrameBrowserTest, ShouldTriggerPopupBlocker) { … }
Codebase Browser
chromium