UMA uploads to localhost are no longer encrypted.

To allow testing with a local collector (that has decryption disabled),
we no longer encrypt HTTP UMA uploads if the destination is localhost.

Bug: 849127
Change-Id: Ied550633e7c11724bb6f61932963914b09560978
Reviewed-on: https://chromium-review.googlesource.com/1091274Reviewed-by: Alexei Svitkine <asvitkine@chromium.org>
Commit-Queue: Carlos IL <carlosil@chromium.org>
Cr-Commit-Position: refs/heads/master@{#565436}

components/metrics/net/net_metrics_log_uploader.cc

@@ -12,6 +12,7 @@
 #include "components/encrypted_messages/message_encrypter.h"
 #include "components/metrics/metrics_log_uploader.h"
 #include "net/base/load_flags.h"
+#include "net/base/url_util.h"
 #include "net/traffic_annotation/network_traffic_annotation.h"
 #include "net/url_request/url_fetcher.h"
 #include "third_party/metrics_proto/reporting_info.pb.h"
@@ -195,8 +196,10 @@ void NetMetricsLogUploader::UploadLogToURL(
                                                          service);
   current_fetch_->SetRequestContext(request_context_getter_);
   std::string reporting_info_string = SerializeReportingInfo(reporting_info);
-  // If we are not using HTTPS for this upload, encrypt it.
-  if (!url.SchemeIs(url::kHttpsScheme)) {
+  // If we are not using HTTPS for this upload, encrypt it. We do not encrypt
+  // requests to localhost to allow testing with a local collector that doesn't
+  // have decryption enabled.
+  if (!url.SchemeIs(url::kHttpsScheme) && !net::IsLocalhost(url)) {
     std::string encrypted_message;
     if (!EncryptString(compressed_log_data, &encrypted_message)) {
       current_fetch_.reset();

components/metrics/net/net_metrics_log_uploader_unittest.cc

@@ -32,11 +32,10 @@ class NetMetricsLogUploaderTest : public testing::Test {
                          reporting_info);
   }
 
-  void CreateUploaderAndUploadToSecureURL() {
+  void CreateUploaderAndUploadToSecureURL(const std::string& url) {
     ReportingInfo dummy_reporting_info;
     uploader_.reset(new NetMetricsLogUploader(
-        nullptr, "https://dummy_secure_server", "dummy_mime",
-        MetricsLogUploader::UMA,
+        nullptr, url, "dummy_mime", MetricsLogUploader::UMA,
         base::Bind(&NetMetricsLogUploaderTest::DummyOnUploadComplete,
                    base::Unretained(this))));
     uploader_->UploadLog("dummy_data", "dummy_hash", dummy_reporting_info);
@@ -128,7 +127,16 @@ TEST_F(NetMetricsLogUploaderTest, MessageOverHTTPIsEncrypted) {
 // message.
 TEST_F(NetMetricsLogUploaderTest, MessageOverHTTPSIsNotEncrypted) {
   net::TestURLFetcherFactory factory;
-  CreateUploaderAndUploadToSecureURL();
+  CreateUploaderAndUploadToSecureURL("https://dummy_secure_server");
+  net::TestURLFetcher* fetcher = factory.GetFetcherByID(0);
+  EXPECT_EQ(fetcher->upload_data(), "dummy_data");
+}
+
+// Test that attempting to upload to localhost over http results in an
+// unencrypted message.
+TEST_F(NetMetricsLogUploaderTest, MessageOverHTTPLocalhostIsNotEncrypted) {
+  net::TestURLFetcherFactory factory;
+  CreateUploaderAndUploadToSecureURL("http://localhost");
   net::TestURLFetcher* fetcher = factory.GetFetcherByID(0);
   EXPECT_EQ(fetcher->upload_data(), "dummy_data");
 }