Send PhishGuard pings for about:blank URLs

Begin reporting password re-use on URLs which were traditionally not valid for reputation computation, in an attempt to catch phishing on these URLs. Bug: 865625 Change-Id: Ib7492b9b9988dd1aa084973994dcda25c258bf93 Reviewed-on: https://chromium-review.googlesource.com/1155709 Commit-Queue: Daniel Rubery <drubery@chromium.org> Reviewed-by: Jialiu Lin <jialiul@chromium.org> Cr-Commit-Position: refs/heads/master@{#579606}

Send PhishGuard pings for about:blank URLs
Begin reporting password re-use on URLs which were traditionally not valid for reputation computation, in an attempt to catch phishing on these URLs. Bug: 865625 Change-Id: Ib7492b9b9988dd1aa084973994dcda25c258bf93 Reviewed-on: https://chromium-review.googlesource.com/1155709 Commit-Queue: Daniel Rubery <drubery@chromium.org> Reviewed-by: Jialiu Lin <jialiul@chromium.org> Cr-Commit-Position: refs/heads/master@{#579606}
2bf6a124 · Daniel Rubery · Commit Bot · de0cbe8b · 2bf6a124 · 2bf6a124
Commit 2bf6a124 authored Jul 31, 2018 by Daniel Rubery Committed by Commit Bot Jul 31, 2018
3 changed files
--- a/chrome/browser/safe_browsing/chrome_password_protection_service.h
+++ b/chrome/browser/safe_browsing/chrome_password_protection_service.h
@@ -281,6 +281,8 @@ class ChromePasswordProtectionService : public PasswordProtectionService {
      VerifyUnhandledSyncPasswordReuseUponClearHistoryDeletion);
  FRIEND_TEST_ALL_PREFIXES(ChromePasswordProtectionServiceTest,
                           VerifyCanShowInterstitial);
+  FRIEND_TEST_ALL_PREFIXES(ChromePasswordProtectionServiceTest,
+                           VerifySendsPingForAboutBlank);
  FRIEND_TEST_ALL_PREFIXES(ChromePasswordProtectionServiceBrowserTest,
                           VerifyCheckGaiaPasswordChange);
  FRIEND_TEST_ALL_PREFIXES(ChromePasswordProtectionServiceBrowserTest,

--- a/chrome/browser/safe_browsing/chrome_password_protection_service_unittest.cc
+++ b/chrome/browser/safe_browsing/chrome_password_protection_service_unittest.cc
@@ -145,6 +145,9 @@ class ChromePasswordProtectionServiceTest
  void SetUp() override {
    ChromeRenderViewHostTestHarness::SetUp();
    profile()->GetPrefs()->SetBoolean(prefs::kSafeBrowsingEnabled, true);
+    profile()->GetPrefs()->SetInteger(
+        prefs::kPasswordProtectionWarningTrigger,
+        PasswordProtectionTrigger::PHISHING_REUSE);
    HostContentSettingsMap::RegisterProfilePrefs(test_pref_service_.registry());
    content_setting_map_ = new HostContentSettingsMap(
        &test_pref_service_, false /* incognito */, false /* guest_profile */,
@@ -986,4 +989,11 @@ TEST_F(ChromePasswordProtectionServiceTest, VerifyCanShowInterstitial) {
      PasswordReuseEvent::ENTERPRISE_PASSWORD, trigger_url));
 }

+TEST_F(ChromePasswordProtectionServiceTest, VerifySendsPingForAboutBlank) {
+  RequestOutcome reason;
+  EXPECT_TRUE(service_->CanSendPing(
+      LoginReputationClientRequest::PASSWORD_REUSE_EVENT, GURL("about:blank"),
+      PasswordReuseEvent::SIGN_IN_PASSWORD, &reason));
+}
+
 }  // namespace safe_browsing
--- a/components/safe_browsing/password_protection/password_protection_service.cc
+++ b/components/safe_browsing/password_protection/password_protection_service.cc
@@ -395,10 +395,9 @@ bool PasswordProtectionService::CanSendPing(
    const GURL& main_frame_url,
    ReusedPasswordType password_type,
    RequestOutcome* reason) {
-  *reason = RequestOutcome::URL_NOT_VALID_FOR_REPUTATION_COMPUTING;
+  *reason = RequestOutcome::UNKNOWN;
  if (IsPingingEnabled(trigger_type, reason) &&
-      !IsURLWhitelistedForPasswordEntry(main_frame_url, reason) &&
-      CanGetReputationOfURL(main_frame_url)) {
+      !IsURLWhitelistedForPasswordEntry(main_frame_url, reason)) {
    return true;
  }
  LogNoPingingReason(trigger_type, *reason, password_type,