Only run the phishing classifier on HTML and XHTML documents.

This also adds support to TestRenderViewHost for changing the MIME type that
it reports in the ViewHostMsg_FrameNavigate_Params.

BUG=none
TEST=ClientSideDetectionHostTest.ShouldClassifyUrl

Review URL: http://codereview.chromium.org/6691036

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80505 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 58 insertions, 4 deletions

diff --git a/chrome/browser/safe_browsing/client_side_detection_host.cc b/chrome/browser/safe_browsing/client_side_detection_host.cc
index 879ff1a..ef2e70f 100644
--- a/chrome/browser/safe_browsing/client_side_detection_host.cc
+++ b/chrome/browser/safe_browsing/client_side_detection_host.cc
@@ -61,9 +61,19 @@ class ClientSideDetectionHost::ShouldClassifyUrlRequest
 
   void Start() {
     DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+    // We start by doing some simple checks that can run on the UI thread.
 
-    // We first start by doing the proxy, local IP and off-the-record checks
-    // synchronously because they are fast and they run on the UI thread.
+    // Only classify [X]HTML documents.
+    if (params_.contents_mime_type != "text/html" &&
+        params_.contents_mime_type != "application/xhtml+xml") {
+      VLOG(1) << "Skipping phishing classification for URL: " << params_.url
+              << " because it has an unsupported MIME type: "
+              << params_.contents_mime_type;
+      UMA_HISTOGRAM_ENUMERATION("SBClientPhishing.PreClassificationCheckFail",
+                                NO_CLASSIFY_UNSUPPORTED_MIME_TYPE,
+                                NO_CLASSIFY_MAX);
+      return;
+    }
 
     // Don't run the phishing classifier if the URL came from a private
     // network, since we don't want to ping back in this case.  We also need
@@ -132,6 +142,7 @@ class ClientSideDetectionHost::ShouldClassifyUrlRequest
     NO_CLASSIFY_OFF_THE_RECORD,
     NO_CLASSIFY_MATCH_CSD_WHITELIST,
     NO_CLASSIFY_TOO_MANY_REPORTS,
+    NO_CLASSIFY_UNSUPPORTED_MIME_TYPE,
 
     NO_CLASSIFY_MAX  // Always add new values before this one.
   };
diff --git a/chrome/browser/safe_browsing/client_side_detection_host_unittest.cc b/chrome/browser/safe_browsing/client_side_detection_host_unittest.cc
index 0943535..e56f908 100644
--- a/chrome/browser/safe_browsing/client_side_detection_host_unittest.cc
+++ b/chrome/browser/safe_browsing/client_side_detection_host_unittest.cc
@@ -433,6 +433,24 @@ TEST_F(ClientSideDetectionHostTest, ShouldClassifyUrl) {
       SafeBrowsingMsg_StartPhishingDetection::ID);
   ASSERT_FALSE(msg);
 
+  // Check that XHTML is supported, in addition to the default HTML type.
+  // Note: for this test to work correctly, the new URL must be on the
+  // same domain as the previous URL, otherwise it will create a new
+  // RenderViewHost that won't have the mime type set.
+  url = GURL("http://host.com/xhtml");
+  rvh()->set_contents_mime_type("application/xhtml+xml");
+  ExpectPreClassificationChecks(url, &kFalse, &kFalse, &kFalse, &kFalse,
+                                &kFalse, &kFalse);
+  NavigateAndCommit(url);
+  WaitAndCheckPreClassificationChecks();
+  msg = process()->sink().GetFirstMessageMatching(
+      SafeBrowsingMsg_StartPhishingDetection::ID);
+  ASSERT_TRUE(msg);
+  SafeBrowsingMsg_StartPhishingDetection::Read(msg, &actual_url);
+  EXPECT_EQ(url, actual_url.a);
+  EXPECT_EQ(rvh()->routing_id(), msg->routing_id());
+  process()->sink().ClearMessages();
+
   // Navigate to a new host, which should cause another IPC.
   url = GURL("http://host2.com/");
   ExpectPreClassificationChecks(url, &kFalse, &kFalse, &kFalse, &kFalse,
@@ -447,6 +465,19 @@ TEST_F(ClientSideDetectionHostTest, ShouldClassifyUrl) {
   EXPECT_EQ(rvh()->routing_id(), msg->routing_id());
   process()->sink().ClearMessages();
 
+  // If the mime type is not one that we support, no IPC should be triggered.
+  // Note: for this test to work correctly, the new URL must be on the
+  // same domain as the previous URL, otherwise it will create a new
+  // RenderViewHost that won't have the mime type set.
+  url = GURL("http://host2.com/image.jpg");
+  rvh()->set_contents_mime_type("image/jpeg");
+  ExpectPreClassificationChecks(url, NULL, NULL, NULL, NULL, NULL, NULL);
+  NavigateAndCommit(url);
+  WaitAndCheckPreClassificationChecks();
+  msg = process()->sink().GetFirstMessageMatching(
+      SafeBrowsingMsg_StartPhishingDetection::ID);
+  ASSERT_FALSE(msg);
+
   // If IsPrivateIPAddress returns true, no IPC should be triggered.
   url = GURL("http://host3.com/");
   ExpectPreClassificationChecks(url, &kTrue, NULL, NULL, NULL, NULL, NULL);
diff --git a/content/browser/renderer_host/test_render_view_host.cc b/content/browser/renderer_host/test_render_view_host.cc
index 06e884c..6eba441 100644
--- a/content/browser/renderer_host/test_render_view_host.cc
+++ b/content/browser/renderer_host/test_render_view_host.cc
@@ -46,7 +46,8 @@ TestRenderViewHost::TestRenderViewHost(SiteInstance* instance,
                      kInvalidSessionStorageNamespaceId),
       render_view_created_(false),
       delete_counter_(NULL),
-      simulate_fetch_via_proxy_(false) {
+      simulate_fetch_via_proxy_(false),
+      contents_mime_type_("text/html") {
   // For normal RenderViewHosts, this is freed when |Shutdown()| is called.
   // For TestRenderViewHost, the view is explicitly deleted in the destructor
   // below, because TestRenderWidgetHostView::Destroy() doesn't |delete this|.
@@ -95,7 +96,7 @@ void TestRenderViewHost::SendNavigateWithTransition(
   params.password_form = PasswordForm();
   params.security_info = std::string();
   params.gesture = NavigationGestureUser;
-  params.contents_mime_type = std::string();
+  params.contents_mime_type = contents_mime_type_;
   params.is_post = false;
   params.was_within_same_page = false;
   params.http_status_code = 0;
@@ -112,6 +113,10 @@ void TestRenderViewHost::set_simulate_fetch_via_proxy(bool proxy) {
   simulate_fetch_via_proxy_ = proxy;
 }
 
+void TestRenderViewHost::set_contents_mime_type(const std::string& mime_type) {
+  contents_mime_type_ = mime_type;
+}
+
 TestRenderWidgetHostView::TestRenderWidgetHostView(RenderWidgetHost* rwh)
     : rwh_(rwh),
       is_showing_(false) {
diff --git a/content/browser/renderer_host/test_render_view_host.h b/content/browser/renderer_host/test_render_view_host.h
index f25c8c7..4326529 100644
--- a/content/browser/renderer_host/test_render_view_host.h
+++ b/content/browser/renderer_host/test_render_view_host.h
@@ -206,6 +206,10 @@ class TestRenderViewHost : public RenderViewHost {
   // False by default.
   void set_simulate_fetch_via_proxy(bool proxy);
 
+  // If set, future loads will have |mime_type| set as the mime type.
+  // If not set, the mime type will default to "text/html".
+  void set_contents_mime_type(const std::string& mime_type);
+
   // RenderViewHost overrides --------------------------------------------------
 
   virtual bool CreateRenderView(const string16& frame_name);
@@ -224,6 +228,9 @@ class TestRenderViewHost : public RenderViewHost {
   // See set_simulate_fetch_via_proxy() above.
   bool simulate_fetch_via_proxy_;
 
+  // See set_contents_mime_type() above.
+  std::string contents_mime_type_;
+
   DISALLOW_COPY_AND_ASSIGN(TestRenderViewHost);
 };