// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "base/strings/stringprintf.h" #include "chrome/common/safe_browsing/safebrowsing_messages.h" #include "chrome/renderer/safe_browsing/threat_dom_details.h" #include "chrome/test/base/chrome_render_view_test.h" #include "content/public/renderer/render_view.h" #include "net/base/escape.h" typedef ChromeRenderViewTest ThreatDOMDetailsTest; TEST_F(ThreatDOMDetailsTest, Everything) { scoped_ptr details( safe_browsing::ThreatDOMDetails::Create(view_->GetMainRenderFrame())); // Lower kMaxNodes for the test. Loading 500 subframes in a // debug build takes a while. details->kMaxNodes = 50; const char urlprefix[] = "data:text/html;charset=utf-8,"; { // A page with an internal script std::string html = ""; LoadHTML(html.c_str()); std::vector params; details->ExtractResources(¶ms); ASSERT_EQ(1u, params.size()); EXPECT_EQ(GURL(urlprefix + html), params[0].url); } { // A page with 2 external scripts. // Note: This part of the test causes 2 leaks: LEAK: 5 WebCoreNode // LEAK: 2 CachedResource. GURL script1_url("data:text/javascript;charset=utf-8,var a=1;"); GURL script2_url("data:text/javascript;charset=utf-8,var b=2;"); std::string html = ""; GURL url(urlprefix + html); LoadHTML(html.c_str()); std::vector params; details->ExtractResources(¶ms); ASSERT_EQ(3u, params.size()); EXPECT_EQ(script1_url, params[0].url); EXPECT_EQ("SCRIPT", params[0].tag_name); EXPECT_EQ(script2_url, params[1].url); EXPECT_EQ("SCRIPT", params[0].tag_name); EXPECT_EQ(url, params[2].url); } { // A page with an iframe which in turn contains an iframe. // html // \ iframe1 // \ iframe2 // Since ThreatDOMDetails is a RenderFrameObserver, it will only // extract resources from the frame it assigned to (in this case, // the main frame). Extracting resources from all frames within a // page is covered in SafeBrowsingBlockingPageBrowserTest. // In this example, ExtractResources() will still touch iframe1 // since it is the direct child of the main frame, but it would not // go inside of iframe1. std::string iframe2_html = "iframe2"; GURL iframe2_url(urlprefix + iframe2_html); std::string iframe1_html = ""; GURL iframe1_url(urlprefix + iframe1_html); std::string html = ""; GURL url(urlprefix + html); LoadHTML(html.c_str()); std::vector params; details->ExtractResources(¶ms); ASSERT_EQ(2u, params.size()); std::sort(params.begin(), params.end(), [](const SafeBrowsingHostMsg_ThreatDOMDetails_Node& a, const SafeBrowsingHostMsg_ThreatDOMDetails_Node& b) -> bool { return a.parent < b.parent; }); EXPECT_EQ(url, params[0].url); EXPECT_EQ(GURL(), params[0].parent); EXPECT_EQ(1u, params[0].children.size()); EXPECT_EQ(iframe1_url, params[0].children[0]); EXPECT_EQ(iframe1_url, params[1].url); EXPECT_EQ(url, params[1].parent); EXPECT_EQ(0u, params[1].children.size()); } { // Test >50 subframes. std::string html; for (int i = 0; i < 55; ++i) { // The iframe contents is just a number. GURL iframe_url(base::StringPrintf("%s%d", urlprefix, i)); html += ""; } GURL url(urlprefix + html); LoadHTML(html.c_str()); std::vector params; details->ExtractResources(¶ms); ASSERT_EQ(51u, params.size()); } { // A page with >50 scripts, to verify kMaxNodes. std::string html; for (int i = 0; i < 55; ++i) { // The iframe contents is just a number. GURL script_url(base::StringPrintf("%s%d", urlprefix, i)); html += ""; } GURL url(urlprefix + html); LoadHTML(html.c_str()); std::vector params; details->ExtractResources(¶ms); ASSERT_EQ(51u, params.size()); } }