1 files changed, 146 insertions, 28 deletions

diff --git a/chromium/chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router_unittest.cc b/chromium/chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router_unittest.cc
index 26c8393207c..b0085a1e5d2 100644
--- a/chromium/chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router_unittest.cc
+++ b/chromium/chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router_unittest.cc
@@ -4,6 +4,7 @@
 #include "chrome/browser/extensions/api/safe_browsing_private/safe_browsing_private_event_router.h"
 
 #include "base/bind.h"
+#include "base/strings/string16.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/test/mock_callback.h"
 #include "base/values.h"
@@ -94,7 +95,7 @@ class SafeBrowsingPrivateEventRouterTest : public testing::Test {
     SafeBrowsingPrivateEventRouterFactory::GetForProfile(profile_)
         ->OnDangerousDownloadOpened(GURL("https://evil.com/malware.exe"),
                                     "/path/to/malware.exe",
-                                    "sha256_or_malware_exe");
+                                    "sha256_of_malware_exe", "exe", 1234);
   }
 
   void TriggerOnSecurityInterstitialShownEvent() {
@@ -109,6 +110,20 @@ class SafeBrowsingPrivateEventRouterTest : public testing::Test {
                                           "PHISHING", -201);
   }
 
+  void TriggerOnDangerousDownloadWarningEvent() {
+    SafeBrowsingPrivateEventRouterFactory::GetForProfile(profile_)
+        ->OnDangerousDownloadWarning(
+            GURL("https://maybevil.com/warning.exe"), "/path/to/warning.exe",
+            "sha256_of_warning_exe", "POTENTIALLY_UNWANTED", "exe", 567);
+  }
+
+  void TriggerOnDangerousDownloadWarningEventBypass() {
+    SafeBrowsingPrivateEventRouterFactory::GetForProfile(profile_)
+        ->OnDangerousDownloadWarning(
+            GURL("https://bypassevil.com/bypass.exe"), "/path/to/bypass.exe",
+            "sha256_of_bypass_exe", "BYPASSED_WARNING", "exe", 890);
+  }
+
   void SetReportingPolicy(bool enabled) {
     TestingBrowserProcess::GetGlobal()->local_state()->SetBoolean(
         prefs::kUnsafeEventsReportingEnabled, enabled);
@@ -166,12 +181,16 @@ TEST_F(SafeBrowsingPrivateEventRouterTest, TestOnReuseDetected) {
 
   Mock::VerifyAndClearExpectations(client_);
   EXPECT_EQ(base::Value::Type::DICTIONARY, report.type());
-  base::Value* wrapper =
-      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventKey);
-  ASSERT_NE(nullptr, wrapper);
-  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper->type());
+  base::Value* event_list =
+      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventListKey);
+  ASSERT_NE(nullptr, event_list);
+  EXPECT_EQ(base::Value::Type::LIST, event_list->type());
+  base::Value::ListStorage& mutable_list = event_list->GetList();
+  ASSERT_EQ(1, (int)mutable_list.size());
+  base::Value wrapper = std::move(mutable_list[0]);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper.type());
   base::Value* event =
-      wrapper->FindKey(SafeBrowsingPrivateEventRouter::kKeyPasswordReuseEvent);
+      wrapper.FindKey(SafeBrowsingPrivateEventRouter::kKeyPasswordReuseEvent);
   EXPECT_NE(nullptr, event);
   EXPECT_EQ("https://phishing.com/",
             *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyUrl));
@@ -197,12 +216,16 @@ TEST_F(SafeBrowsingPrivateEventRouterTest, TestOnPasswordChanged) {
 
   Mock::VerifyAndClearExpectations(client_);
   EXPECT_EQ(base::Value::Type::DICTIONARY, report.type());
-  base::Value* wrapper =
-      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventKey);
-  ASSERT_NE(nullptr, wrapper);
-  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper->type());
-  base::Value* event = wrapper->FindKey(
-      SafeBrowsingPrivateEventRouter::kKeyPasswordChangedEvent);
+  base::Value* event_list =
+      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventListKey);
+  ASSERT_NE(nullptr, event_list);
+  EXPECT_EQ(base::Value::Type::LIST, event_list->type());
+  base::Value::ListStorage& mutable_list = event_list->GetList();
+  ASSERT_EQ(1, (int)mutable_list.size());
+  base::Value wrapper = std::move(mutable_list[0]);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper.type());
+  base::Value* event =
+      wrapper.FindKey(SafeBrowsingPrivateEventRouter::kKeyPasswordChangedEvent);
   EXPECT_NE(nullptr, event);
   EXPECT_EQ("user_name_2", *event->FindStringKey(
                                SafeBrowsingPrivateEventRouter::kKeyUserName));
@@ -227,21 +250,31 @@ TEST_F(SafeBrowsingPrivateEventRouterTest, TestOnDangerousDownloadOpened) {
   EXPECT_EQ("/path/to/malware.exe",
             captured_args.FindKey("fileName")->GetString());
   EXPECT_EQ("", captured_args.FindKey("userName")->GetString());
-  EXPECT_EQ("sha256_or_malware_exe",
+  EXPECT_EQ("sha256_of_malware_exe",
             captured_args.FindKey("downloadDigestSha256")->GetString());
 
   Mock::VerifyAndClearExpectations(client_);
   EXPECT_EQ(base::Value::Type::DICTIONARY, report.type());
-  base::Value* wrapper =
-      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventKey);
-  ASSERT_NE(nullptr, wrapper);
-  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper->type());
-  base::Value* event = wrapper->FindKey(
+  base::Value* event_list =
+      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventListKey);
+  ASSERT_NE(nullptr, event_list);
+  EXPECT_EQ(base::Value::Type::LIST, event_list->type());
+  base::Value::ListStorage& mutable_list = event_list->GetList();
+  ASSERT_EQ(1, (int)mutable_list.size());
+  base::Value wrapper = std::move(mutable_list[0]);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper.type());
+  base::Value* event = wrapper.FindKey(
       SafeBrowsingPrivateEventRouter::kKeyDangerousDownloadEvent);
   EXPECT_NE(nullptr, event);
   EXPECT_EQ(
       "/path/to/malware.exe",
       *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyFileName));
+  EXPECT_EQ("exe", *event->FindStringKey(
+                       SafeBrowsingPrivateEventRouter::kKeyContentType));
+  EXPECT_EQ(1234, *event->FindIntKey(
+                      SafeBrowsingPrivateEventRouter::kKeyContentSize));
+  EXPECT_EQ(SafeBrowsingPrivateEventRouter::kTriggerFileDownload,
+            *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyTrigger));
 }
 
 TEST_F(SafeBrowsingPrivateEventRouterTest,
@@ -266,12 +299,16 @@ TEST_F(SafeBrowsingPrivateEventRouterTest,
 
   Mock::VerifyAndClearExpectations(client_);
   EXPECT_EQ(base::Value::Type::DICTIONARY, report.type());
-  base::Value* wrapper =
-      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventKey);
-  ASSERT_NE(nullptr, wrapper);
-  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper->type());
+  base::Value* event_list =
+      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventListKey);
+  ASSERT_NE(nullptr, event_list);
+  EXPECT_EQ(base::Value::Type::LIST, event_list->type());
+  base::Value::ListStorage& mutable_list = event_list->GetList();
+  ASSERT_EQ(1, (int)mutable_list.size());
+  base::Value wrapper = std::move(mutable_list[0]);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper.type());
   base::Value* event =
-      wrapper->FindKey(SafeBrowsingPrivateEventRouter::kKeyInterstitialEvent);
+      wrapper.FindKey(SafeBrowsingPrivateEventRouter::kKeyInterstitialEvent);
   EXPECT_NE(nullptr, event);
   EXPECT_EQ("PHISHING",
             *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyReason));
@@ -302,12 +339,16 @@ TEST_F(SafeBrowsingPrivateEventRouterTest, TestOnSecurityInterstitialShown) {
 
   Mock::VerifyAndClearExpectations(client_);
   EXPECT_EQ(base::Value::Type::DICTIONARY, report.type());
-  base::Value* wrapper =
-      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventKey);
-  ASSERT_NE(nullptr, wrapper);
-  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper->type());
+  base::Value* event_list =
+      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventListKey);
+  ASSERT_NE(nullptr, event_list);
+  EXPECT_EQ(base::Value::Type::LIST, event_list->type());
+  base::Value::ListStorage& mutable_list = event_list->GetList();
+  ASSERT_EQ(1, (int)mutable_list.size());
+  base::Value wrapper = std::move(mutable_list[0]);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper.type());
   base::Value* event =
-      wrapper->FindKey(SafeBrowsingPrivateEventRouter::kKeyInterstitialEvent);
+      wrapper.FindKey(SafeBrowsingPrivateEventRouter::kKeyInterstitialEvent);
   EXPECT_NE(nullptr, event);
   EXPECT_EQ("PHISHING",
             *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyReason));
@@ -317,6 +358,83 @@ TEST_F(SafeBrowsingPrivateEventRouterTest, TestOnSecurityInterstitialShown) {
       *event->FindBoolKey(SafeBrowsingPrivateEventRouter::kKeyClickedThrough));
 }
 
+TEST_F(SafeBrowsingPrivateEventRouterTest, TestOnDangerousDownloadWarning) {
+  SetUpRouters();
+  SafeBrowsingEventObserver event_observer(
+      api::safe_browsing_private::OnDangerousDownloadOpened::kEventName);
+  event_router_->AddEventObserver(&event_observer);
+
+  base::Value report;
+  EXPECT_CALL(*client_, UploadRealtimeReport(_, _))
+      .WillOnce(CaptureArg(&report));
+
+  TriggerOnDangerousDownloadWarningEvent();
+  base::RunLoop().RunUntilIdle();
+
+  Mock::VerifyAndClearExpectations(client_);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, report.type());
+  base::Value* event_list =
+      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventListKey);
+  ASSERT_NE(nullptr, event_list);
+  EXPECT_EQ(base::Value::Type::LIST, event_list->type());
+  base::Value::ListStorage& mutable_list = event_list->GetList();
+  ASSERT_EQ(1, (int)mutable_list.size());
+  base::Value wrapper = std::move(mutable_list[0]);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper.type());
+  base::Value* event = wrapper.FindKey(
+      SafeBrowsingPrivateEventRouter::kKeyDangerousDownloadEvent);
+  EXPECT_NE(nullptr, event);
+  EXPECT_EQ(
+      "/path/to/warning.exe",
+      *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyFileName));
+  EXPECT_EQ("exe", *event->FindStringKey(
+                       SafeBrowsingPrivateEventRouter::kKeyContentType));
+  EXPECT_EQ(
+      567, *event->FindIntKey(SafeBrowsingPrivateEventRouter::kKeyContentSize));
+  EXPECT_EQ(
+      "POTENTIALLY_UNWANTED",
+      *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyThreatType));
+}
+
+TEST_F(SafeBrowsingPrivateEventRouterTest,
+       TestOnDangerousDownloadWarningBypass) {
+  SetUpRouters();
+  SafeBrowsingEventObserver event_observer(
+      api::safe_browsing_private::OnDangerousDownloadOpened::kEventName);
+  event_router_->AddEventObserver(&event_observer);
+
+  base::Value report;
+  EXPECT_CALL(*client_, UploadRealtimeReport(_, _))
+      .WillOnce(CaptureArg(&report));
+
+  TriggerOnDangerousDownloadWarningEventBypass();
+  base::RunLoop().RunUntilIdle();
+
+  Mock::VerifyAndClearExpectations(client_);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, report.type());
+  base::Value* event_list =
+      report.FindKey(policy::RealtimeReportingJobConfiguration::kEventListKey);
+  ASSERT_NE(nullptr, event_list);
+  EXPECT_EQ(base::Value::Type::LIST, event_list->type());
+  base::Value::ListStorage& mutable_list = event_list->GetList();
+  ASSERT_EQ(1, (int)mutable_list.size());
+  base::Value wrapper = std::move(mutable_list[0]);
+  EXPECT_EQ(base::Value::Type::DICTIONARY, wrapper.type());
+  base::Value* event = wrapper.FindKey(
+      SafeBrowsingPrivateEventRouter::kKeyDangerousDownloadEvent);
+  EXPECT_NE(nullptr, event);
+  EXPECT_EQ(
+      "/path/to/bypass.exe",
+      *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyFileName));
+  EXPECT_EQ("exe", *event->FindStringKey(
+                       SafeBrowsingPrivateEventRouter::kKeyContentType));
+  EXPECT_EQ(
+      890, *event->FindIntKey(SafeBrowsingPrivateEventRouter::kKeyContentSize));
+  EXPECT_EQ(
+      "BYPASSED_WARNING",
+      *event->FindStringKey(SafeBrowsingPrivateEventRouter::kKeyThreatType));
+}
+
 TEST_F(SafeBrowsingPrivateEventRouterTest, PolicyControlOnToOffIsDynamic) {
   SetUpRouters();
   SafeBrowsingEventObserver event_observer(