diff options
| author | bryner@chromium.org <bryner@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-04 18:47:50 +0000 |
|---|---|---|
| committer | bryner@chromium.org <bryner@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-04 18:47:50 +0000 |
| commit | 0d96aa9f248015b3a11e4eefe8732261c9a5953c (patch) | |
| tree | 12c144ce988e541be5910e0a12568d754be3ae77 /chrome | |
| parent | 9e733f3481046b24311115debb3694b96ff3fb33 (diff) | |
| download | chromium_src-0d96aa9f248015b3a11e4eefe8732261c9a5953c.zip chromium_src-0d96aa9f248015b3a11e4eefe8732261c9a5953c.tar.gz chromium_src-0d96aa9f248015b3a11e4eefe8732261c9a5953c.tar.bz2 | |
Only run the phishing classifier for GET requests.
BUG=none
TEST=PhishingClassifierTest
Review URL: http://codereview.chromium.org/3572008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61395 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
4 files changed, 31 insertions, 4 deletions
diff --git a/chrome/renderer/safe_browsing/phishing_classifier.cc b/chrome/renderer/safe_browsing/phishing_classifier.cc index 3be76ed..d9a304d 100644 --- a/chrome/renderer/safe_browsing/phishing_classifier.cc +++ b/chrome/renderer/safe_browsing/phishing_classifier.cc @@ -19,8 +19,10 @@ #include "chrome/renderer/safe_browsing/phishing_url_feature_extractor.h" #include "chrome/renderer/safe_browsing/scorer.h" #include "googleurl/src/gurl.h" +#include "third_party/WebKit/WebKit/chromium/public/WebDataSource.h" #include "third_party/WebKit/WebKit/chromium/public/WebFrame.h" #include "third_party/WebKit/WebKit/chromium/public/WebURL.h" +#include "third_party/WebKit/WebKit/chromium/public/WebURLRequest.h" #include "third_party/WebKit/WebKit/chromium/public/WebView.h" namespace safe_browsing { @@ -89,13 +91,19 @@ void PhishingClassifier::BeginFeatureExtraction() { } // Check whether the URL is one that we should classify. - // Currently, we only classify http: URLs. + // Currently, we only classify http: URLs that are GET requests. GURL url(frame->url()); if (!url.SchemeIs(chrome::kHttpScheme)) { RunFailureCallback(); return; } + WebKit::WebDataSource* ds = frame->dataSource(); + if (!ds || !EqualsASCII(ds->request().httpMethod(), "GET")) { + RunFailureCallback(); + return; + } + features_.reset(new FeatureMap); if (!url_extractor_->ExtractFeatures(url, features_.get())) { RunFailureCallback(); diff --git a/chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc b/chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc index 0ef78c9..324dd73 100644 --- a/chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc +++ b/chrome/renderer/safe_browsing/phishing_classifier_browsertest.cc @@ -128,13 +128,18 @@ TEST_F(PhishingClassifierTest, TestClassification) { responses_["http://localhost/"] = "<html><body>content</body></html>"; LoadURL("http://localhost/"); EXPECT_FALSE(RunPhishingClassifier(&page_text, &phishy_score)); - EXPECT_EQ(phishy_score, PhishingClassifier::kInvalidScore); + EXPECT_EQ(PhishingClassifier::kInvalidScore, phishy_score); // Extraction should also fail for this case, because the URL is not http. responses_["https://host.net/"] = "<html><body>secure</body></html>"; LoadURL("https://host.net/"); EXPECT_FALSE(RunPhishingClassifier(&page_text, &phishy_score)); - EXPECT_EQ(phishy_score, PhishingClassifier::kInvalidScore); + EXPECT_EQ(PhishingClassifier::kInvalidScore, phishy_score); + + // Extraction should fail for this case because the URL is a POST request. + LoadURLWithPost("http://host.net/"); + EXPECT_FALSE(RunPhishingClassifier(&page_text, &phishy_score)); + EXPECT_EQ(PhishingClassifier::kInvalidScore, phishy_score); } } // namespace safe_browsing diff --git a/chrome/renderer/safe_browsing/render_view_fake_resources_test.cc b/chrome/renderer/safe_browsing/render_view_fake_resources_test.cc index 97973f5..478f470 100644 --- a/chrome/renderer/safe_browsing/render_view_fake_resources_test.cc +++ b/chrome/renderer/safe_browsing/render_view_fake_resources_test.cc @@ -24,6 +24,7 @@ #include "net/http/http_response_headers.h" #include "net/url_request/url_request_status.h" #include "third_party/WebKit/WebKit/chromium/public/WebFrame.h" +#include "third_party/WebKit/WebKit/chromium/public/WebString.h" #include "third_party/WebKit/WebKit/chromium/public/WebURLRequest.h" #include "third_party/WebKit/WebKit/chromium/public/WebView.h" #include "webkit/glue/webkit_glue.h" @@ -110,7 +111,16 @@ WebKit::WebFrame* RenderViewFakeResourcesTest::GetMainFrame() { } void RenderViewFakeResourcesTest::LoadURL(const std::string& url) { - GetMainFrame()->loadRequest(WebKit::WebURLRequest(GURL(url))); + GURL g_url(url); + GetMainFrame()->loadRequest(WebKit::WebURLRequest(g_url)); + message_loop_.Run(); +} + +void RenderViewFakeResourcesTest::LoadURLWithPost(const std::string& url) { + GURL g_url(url); + WebKit::WebURLRequest request(g_url); + request.setHTTPMethod(WebKit::WebString::fromUTF8("POST")); + GetMainFrame()->loadRequest(request); message_loop_.Run(); } diff --git a/chrome/renderer/safe_browsing/render_view_fake_resources_test.h b/chrome/renderer/safe_browsing/render_view_fake_resources_test.h index 4e91cf5..953b0cb 100644 --- a/chrome/renderer/safe_browsing/render_view_fake_resources_test.h +++ b/chrome/renderer/safe_browsing/render_view_fake_resources_test.h @@ -90,6 +90,10 @@ class RenderViewFakeResourcesTest : public ::testing::Test, // to responses_. void LoadURL(const std::string& url); + // Same as LoadURL, but sends a POST request. Note that POST data is + // not supported. + void LoadURLWithPost(const std::string& url); + // Returns the main WebFrame for our RenderView. WebKit::WebFrame* GetMainFrame(); |