Send malware reports when a user opts-in from the safe browsing interstitial page. In this first iteration, the reports are minimal, but I created a new class because I would like to expand them.

Workflow: A SafeBrowsingBlockingPage is shown. A new MalwareReport object is created. The blocking page goes away, either when the user clicks proceed, go back or closed the tab. We read the user's preference, and if we have a pending report, we pass it on to the SafeBrowsingService so it can send it.

Depends on: http://codereview.chromium.org/4827001/
Also relevant: http://codereview.chromium.org/5102001/
Design doc: https://docs.google.com/document/edit?id=1s-7qMjm23onV68SyqO6yi-xsfFzz4OBSOyHoV3cY8mQ&authkey=CMCF-MID

BUG=60831
TEST=unit_tests,relevant browser_test

Review URL: http://codereview.chromium.org/4822002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@68828 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 172 insertions, 0 deletions

diff --git a/chrome/browser/safe_browsing/malware_details_unittest.cc b/chrome/browser/safe_browsing/malware_details_unittest.cc
new file mode 100644
index 0000000..85b2d45
--- /dev/null
+++ b/chrome/browser/safe_browsing/malware_details_unittest.cc
@@ -0,0 +1,172 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <algorithm>
+#include "chrome/browser/renderer_host/test/test_render_view_host.h"
+
+#include "chrome/browser/browser_thread.h"
+#include "chrome/browser/safe_browsing/malware_details.h"
+#include "chrome/browser/safe_browsing/report.pb.h"
+#include "chrome/browser/tab_contents/navigation_entry.h"
+#include "chrome/browser/tab_contents/test_tab_contents.h"
+#include "chrome/common/render_messages.h"
+#include "chrome/common/render_messages_params.h"
+
+static const char* kOriginalLandingURL = "http://www.originallandingpage.com/";
+static const char* kLandingURL = "http://www.landingpage.com/";
+static const char* kMalwareURL = "http://www.malware.com/";
+static const char* kHttpsURL = "https://www.url.com/";
+
+class MalwareDetailsTest : public RenderViewHostTestHarness {
+ public:
+  MalwareDetailsTest()
+      : ui_thread_(BrowserThread::UI, MessageLoop::current()),
+        io_thread_(BrowserThread::IO, MessageLoop::current()) {
+  }
+
+  virtual void SetUp() {
+    RenderViewHostTestHarness::SetUp();
+  }
+
+  static bool ResourceLessThan(
+      const safe_browsing::ClientMalwareReportRequest::Resource* lhs,
+      const safe_browsing::ClientMalwareReportRequest::Resource* rhs) {
+    return lhs->url() < rhs->url();
+  }
+
+ protected:
+  void InitResource(SafeBrowsingService::UnsafeResource* resource,
+                    ResourceType::Type resource_type,
+                    const GURL& url) {
+    resource->client = NULL;
+    resource->url = url;
+    resource->resource_type = resource_type;
+    resource->threat_type = SafeBrowsingService::URL_MALWARE;
+    resource->render_process_host_id = contents_->GetRenderProcessHost()->id();
+    resource->render_view_id = contents_->render_view_host()->routing_id();
+  }
+
+  void VerifyResults(
+      const safe_browsing::ClientMalwareReportRequest& report_pb,
+      const safe_browsing::ClientMalwareReportRequest& expected_pb) {
+    EXPECT_EQ(expected_pb.malware_url(), report_pb.malware_url());
+    EXPECT_EQ(expected_pb.page_url(), report_pb.page_url());
+    EXPECT_EQ(expected_pb.referrer_url(), report_pb.referrer_url());
+
+    ASSERT_EQ(expected_pb.nodes_size(), report_pb.nodes_size());
+    // Sort the nodes, to make the test deterministic
+    std::vector<const safe_browsing::ClientMalwareReportRequest::Resource*>
+        nodes;
+    for (int i = 0; i < report_pb.nodes_size(); ++i) {
+      const safe_browsing::ClientMalwareReportRequest::Resource& resource =
+        report_pb.nodes(i);
+      nodes.push_back(&resource);
+    }
+    std::sort(nodes.begin(), nodes.end(),
+              &MalwareDetailsTest::ResourceLessThan);
+
+    std::vector<const safe_browsing::ClientMalwareReportRequest::Resource*>
+        expected;
+    for (int i = 0; i < report_pb.nodes_size(); ++i) {
+      const safe_browsing::ClientMalwareReportRequest::Resource& resource =
+        expected_pb.nodes(i);
+      expected.push_back(&resource);
+    }
+    std::sort(expected.begin(), expected.end(),
+              &MalwareDetailsTest::ResourceLessThan);
+
+    for (uint32 i = 0; i < expected.size(); ++i) {
+      EXPECT_EQ(expected[i]->url(), nodes[i]->url());
+      EXPECT_EQ(expected[i]->parent(), nodes[i]->parent());
+    }
+  }
+
+  BrowserThread ui_thread_;
+  BrowserThread io_thread_;
+};
+
+// Tests creating a simple malware report.
+TEST_F(MalwareDetailsTest, MalwareSubResource) {
+  // Start a load.
+  controller().LoadURL(GURL(kLandingURL), GURL(), PageTransition::TYPED);
+
+  SafeBrowsingService::UnsafeResource resource;
+  InitResource(&resource, ResourceType::SUB_RESOURCE, GURL(kMalwareURL));
+
+  MalwareDetails* report = new MalwareDetails(contents(), resource);
+
+  scoped_ptr<const std::string> serialized(report->GetSerializedReport());
+  safe_browsing::ClientMalwareReportRequest actual;
+  actual.ParseFromString(*serialized);
+
+  safe_browsing::ClientMalwareReportRequest expected;
+  expected.set_malware_url(kMalwareURL);
+  expected.set_page_url(kLandingURL);
+  expected.set_referrer_url("");
+
+  safe_browsing::ClientMalwareReportRequest::Resource* node =
+      expected.add_nodes();
+  node->set_url(kLandingURL);
+  node = expected.add_nodes();
+  node->set_url(kMalwareURL);
+
+  VerifyResults(actual, expected);
+}
+
+// Tests creating a simple malware report where the subresource has a
+// different original_url.
+TEST_F(MalwareDetailsTest, MalwareSubResourceWithOriginalUrl) {
+  controller().LoadURL(GURL(kLandingURL), GURL(), PageTransition::TYPED);
+
+  SafeBrowsingService::UnsafeResource resource;
+  InitResource(&resource, ResourceType::SUB_RESOURCE, GURL(kMalwareURL));
+  resource.original_url = GURL(kOriginalLandingURL);
+
+  MalwareDetails* report = new MalwareDetails(contents(), resource);
+
+  scoped_ptr<const std::string> serialized(report->GetSerializedReport());
+  safe_browsing::ClientMalwareReportRequest actual;
+  actual.ParseFromString(*serialized);
+
+  safe_browsing::ClientMalwareReportRequest expected;
+  expected.set_malware_url(kMalwareURL);
+  expected.set_page_url(kLandingURL);
+  expected.set_referrer_url("");
+
+  safe_browsing::ClientMalwareReportRequest::Resource* node =
+      expected.add_nodes();
+  node->set_url(kLandingURL);
+
+  // Malware url should have originalurl as parent.
+  node = expected.add_nodes();
+  node->set_url(kMalwareURL);
+  node->set_parent(kOriginalLandingURL);
+
+  node = expected.add_nodes();
+  node->set_url(kOriginalLandingURL);
+
+  VerifyResults(actual, expected);
+}
+
+// Verify that https:// urls are dropped.
+TEST_F(MalwareDetailsTest, NotPublicUrl) {
+  controller().LoadURL(GURL(kHttpsURL), GURL(), PageTransition::TYPED);
+  SafeBrowsingService::UnsafeResource resource;
+  InitResource(&resource, ResourceType::SUB_RESOURCE, GURL(kMalwareURL));
+  MalwareDetails* report = new MalwareDetails(contents(), resource);
+
+  scoped_ptr<const std::string> serialized(report->GetSerializedReport());
+  safe_browsing::ClientMalwareReportRequest actual;
+  actual.ParseFromString(*serialized);
+
+  safe_browsing::ClientMalwareReportRequest expected;
+  expected.set_malware_url(kMalwareURL);  // No page_url
+  expected.set_referrer_url("");
+
+  safe_browsing::ClientMalwareReportRequest::Resource* node =
+      expected.add_nodes();
+  node->set_url(kMalwareURL);  // Only one node
+
+  VerifyResults(actual, expected);
+}