1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "base/values.h" 6#include "chrome/browser/extensions/activity_log/activity_action_constants.h" 7#include "chrome/browser/extensions/activity_log/activity_actions.h" 8#include "chrome/browser/extensions/activity_log/activity_log_policy.h" 9#include "chrome/browser/extensions/activity_log/web_request_constants.h" 10#include "extensions/common/value_builder.h" 11#include "testing/gtest/include/gtest/gtest.h" 12 13namespace extensions { 14 15class ActivityLogPolicyUtilTest : public testing::Test {}; 16 17// Test that incognito values are stripped, and non-incognito ones aren't. 18TEST_F(ActivityLogPolicyUtilTest, StripPrivacySensitive) { 19 scoped_refptr<Action> action = 20 new Action("punky", 21 base::Time::Now(), 22 Action::ACTION_API_CALL, 23 "tabs.executeScript"); 24 action->mutable_args()->AppendString("woof"); 25 action->set_page_url(GURL("http://www.google.com/")); 26 action->set_page_incognito(true); 27 action->set_page_title("private"); 28 action->set_arg_url(GURL("http://www.youtube.com/?privatekey")); 29 30 ASSERT_EQ("<incognito>http://www.google.com/", action->SerializePageUrl()); 31 32 ActivityLogPolicy::Util::StripPrivacySensitiveFields(action); 33 34 ASSERT_FALSE(action->page_url().is_valid()); 35 ASSERT_EQ("", action->SerializePageUrl()); 36 ASSERT_EQ("", action->page_title()); 37 ASSERT_EQ("http://www.youtube.com/", action->arg_url().spec()); 38} 39 40// Test that WebRequest details are stripped for privacy. 41TEST_F(ActivityLogPolicyUtilTest, StripPrivacySensitiveWebRequest) { 42 scoped_refptr<Action> action = new Action( 43 "punky", base::Time::Now(), Action::ACTION_WEB_REQUEST, "webRequest"); 44 action->mutable_other()->Set( 45 activity_log_constants::kActionWebRequest, 46 DictionaryBuilder() 47 .Set(activity_log_web_request_constants::kNewUrlKey, 48 "http://www.youtube.com/") 49 .Set(activity_log_web_request_constants::kAddedRequestHeadersKey, 50 ListBuilder().Append("arg")) 51 .Build().release()); 52 53 ActivityLogPolicy::Util::StripPrivacySensitiveFields(action); 54 55 ASSERT_EQ( 56 "{\"web_request\":{\"added_request_headers\":true,\"new_url\":true}}", 57 ActivityLogPolicy::Util::Serialize(action->other())); 58} 59 60// Test that argument values are stripped as appropriate. 61TEST_F(ActivityLogPolicyUtilTest, StripArguments) { 62 ActivityLogPolicy::Util::ApiSet whitelist; 63 whitelist.insert( 64 std::make_pair(Action::ACTION_API_CALL, "tabs.executeScript")); 65 66 // API is in whitelist; not stripped. 67 scoped_refptr<Action> action = 68 new Action("punky", 69 base::Time::Now(), 70 Action::ACTION_API_CALL, 71 "tabs.executeScript"); 72 action->mutable_args()->AppendString("woof"); 73 ActivityLogPolicy::Util::StripArguments(whitelist, action); 74 ASSERT_EQ("[\"woof\"]", ActivityLogPolicy::Util::Serialize(action->args())); 75 76 // Not in whitelist: stripped. 77 action = new Action( 78 "punky", base::Time::Now(), Action::ACTION_API_CALL, "tabs.create"); 79 action->mutable_args()->AppendString("woof"); 80 ActivityLogPolicy::Util::StripArguments(whitelist, action); 81 ASSERT_EQ("", ActivityLogPolicy::Util::Serialize(action->args())); 82} 83 84// Test parsing of URLs serialized to strings. 85TEST_F(ActivityLogPolicyUtilTest, ParseUrls) { 86 scoped_refptr<Action> action = 87 new Action("punky", 88 base::Time::Now(), 89 Action::ACTION_API_CALL, 90 "tabs.executeScript"); 91 action->ParsePageUrl("<incognito>http://www.google.com/"); 92 EXPECT_EQ("http://www.google.com/", action->page_url().spec()); 93 EXPECT_TRUE(action->page_incognito()); 94} 95 96} // namespace extensions 97