// Copyright 2013 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include #include "base/values.h" #include "chrome/browser/extensions/activity_log/activity_action_constants.h" #include "chrome/browser/extensions/activity_log/activity_actions.h" #include "chrome/browser/extensions/activity_log/activity_log_policy.h" #include "extensions/browser/api/activity_log/web_request_constants.h" #include "extensions/common/value_builder.h" #include "testing/gtest/include/gtest/gtest.h" namespace extensions { class ActivityLogPolicyUtilTest : public testing::Test {}; // Test that incognito values are stripped, and non-incognito ones aren't. TEST_F(ActivityLogPolicyUtilTest, StripPrivacySensitive) { scoped_refptr action = new Action("punky", base::Time::Now(), Action::ACTION_API_CALL, "tabs.executeScript"); action->mutable_args()->AppendString("woof"); action->set_page_url(GURL("http://www.google.com/")); action->set_page_incognito(true); action->set_page_title("private"); action->set_arg_url(GURL("http://www.youtube.com/?privatekey")); ASSERT_EQ("http://www.google.com/", action->SerializePageUrl()); ActivityLogPolicy::Util::StripPrivacySensitiveFields(action); ASSERT_FALSE(action->page_url().is_valid()); ASSERT_EQ("", action->SerializePageUrl()); ASSERT_EQ("", action->page_title()); ASSERT_EQ("http://www.youtube.com/", action->arg_url().spec()); } // Test that WebRequest details are stripped for privacy. TEST_F(ActivityLogPolicyUtilTest, StripPrivacySensitiveWebRequest) { scoped_refptr action = new Action( "punky", base::Time::Now(), Action::ACTION_WEB_REQUEST, "webRequest"); action->mutable_other()->Set( activity_log_constants::kActionWebRequest, DictionaryBuilder() .Set(activity_log_web_request_constants::kNewUrlKey, "http://www.youtube.com/") .Set(activity_log_web_request_constants::kAddedRequestHeadersKey, ListBuilder().Append("arg").Build()) .Build()); ActivityLogPolicy::Util::StripPrivacySensitiveFields(action); ASSERT_EQ( "{\"web_request\":{\"added_request_headers\":true,\"new_url\":true}}", ActivityLogPolicy::Util::Serialize(action->other())); } // Test that argument values are stripped as appropriate. TEST_F(ActivityLogPolicyUtilTest, StripArguments) { ActivityLogPolicy::Util::ApiSet whitelist; whitelist.insert( std::make_pair(Action::ACTION_API_CALL, "tabs.executeScript")); // API is in whitelist; not stripped. scoped_refptr action = new Action("punky", base::Time::Now(), Action::ACTION_API_CALL, "tabs.executeScript"); action->mutable_args()->AppendString("woof"); ActivityLogPolicy::Util::StripArguments(whitelist, action); ASSERT_EQ("[\"woof\"]", ActivityLogPolicy::Util::Serialize(action->args())); // Not in whitelist: stripped. action = new Action( "punky", base::Time::Now(), Action::ACTION_API_CALL, "tabs.create"); action->mutable_args()->AppendString("woof"); ActivityLogPolicy::Util::StripArguments(whitelist, action); ASSERT_EQ("", ActivityLogPolicy::Util::Serialize(action->args())); } // Test parsing of URLs serialized to strings. TEST_F(ActivityLogPolicyUtilTest, ParseUrls) { scoped_refptr action = new Action("punky", base::Time::Now(), Action::ACTION_API_CALL, "tabs.executeScript"); action->ParsePageUrl("http://www.google.com/"); EXPECT_EQ("http://www.google.com/", action->page_url().spec()); EXPECT_TRUE(action->page_incognito()); } } // namespace extensions