Revert "[CORS-RFC1918] Add UseCounter integration tests."

This reverts commit d92b6c97. Reason for revert: new test fails on the bots Bug: 1135654 Original change's description: > [CORS-RFC1918] Add UseCounter integration tests. > > These tests are defined in chrome/, as opposed to content/, because the > UseCounter integration with UMA histograms relies on chrome/ code. > > Bug: chromium:1124358 > Change-Id: I9faa667e2ced9e92f0c8bd10652ccc2f225c3b13 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2442013 > Commit-Queue: Titouan Rigoudy <titouan@chromium.org> > Auto-Submit: Titouan Rigoudy <titouan@chromium.org> > Reviewed-by: David Roger <droger@chromium.org> > Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> > Cr-Commit-Position: refs/heads/master@{#814235} TBR=droger@chromium.org,arthursonzogni@chromium.org,titouan@chromium.org Change-Id: Id40979616b58d0390a070ad5953fd4400954e8ce No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1124358 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2453571Reviewed-by: Frank Liberato <liberato@chromium.org> Commit-Queue: Frank Liberato <liberato@chromium.org> Cr-Commit-Position: refs/heads/master@{#814270}

Revert "[CORS-RFC1918] Add UseCounter integration tests."
This reverts commit d92b6c97. Reason for revert: new test fails on the bots Bug: 1135654 Original change's description: > [CORS-RFC1918] Add UseCounter integration tests. > > These tests are defined in chrome/, as opposed to content/, because the > UseCounter integration with UMA histograms relies on chrome/ code. > > Bug: chromium:1124358 > Change-Id: I9faa667e2ced9e92f0c8bd10652ccc2f225c3b13 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2442013 > Commit-Queue: Titouan Rigoudy <titouan@chromium.org> > Auto-Submit: Titouan Rigoudy <titouan@chromium.org> > Reviewed-by: David Roger <droger@chromium.org> > Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> > Cr-Commit-Position: refs/heads/master@{#814235} TBR=droger@chromium.org,arthursonzogni@chromium.org,titouan@chromium.org Change-Id: Id40979616b58d0390a070ad5953fd4400954e8ce No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1124358 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2453571Reviewed-by: Frank Liberato <liberato@chromium.org> Commit-Queue: Frank Liberato <liberato@chromium.org> Cr-Commit-Position: refs/heads/master@{#814270}
fb82736e · Frank Liberato · Commit Bot · e3787541 · fb82736e · e3787541
Commit fb82736e authored Oct 06, 2020 by Frank Liberato Committed by Commit Bot Oct 06, 2020
5 changed files
--- a/chrome/browser/OWNERS
+++ b/chrome/browser/OWNERS
@@ -89,9 +89,5 @@ per-file chrome_back_forward_cache_browsertest.cc=file://content/OWNERS
 per-file chrome_cross_origin_opener_policy_browsertest.cc=file://content/OWNERS
 per-file chrome_cross_origin_opener_policy_browsertest.cc=arthursonzogni@chromium.org

-# CORS-RFC1918
-per-file chrome_private_network_request_browsertest.cc=file://content/OWNERS
-per-file chrome_private_network_request_browsertest.cc=titouan@chromium.org
-
 # COMPONENT: UI>Browser
 # TEAM: chromium-reviews@chromium.org
--- a/chrome/browser/chrome_private_network_request_browsertest.cc
+++ b/chrome/browser/chrome_private_network_request_browsertest.cc
-// Copyright 2020 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include <map>
-#include <string>
-
-#include "base/strings/string_piece.h"
-#include "base/test/metrics/histogram_tester.h"
-#include "base/test/scoped_feature_list.h"
-#include "chrome/browser/ui/browser.h"
-#include "chrome/test/base/in_process_browser_test.h"
-#include "content/public/browser/web_contents.h"
-#include "content/public/common/content_features.h"
-#include "content/public/test/browser_test.h"
-#include "content/public/test/browser_test_utils.h"
-#include "content/public/test/content_browser_test_utils.h"
-#include "net/dns/mock_host_resolver.h"
-#include "net/test/embedded_test_server/embedded_test_server.h"
-#include "testing/gmock/include/gmock/gmock.h"
-#include "third_party/blink/public/mojom/web_feature/web_feature.mojom.h"
-
-namespace {
-
-using blink::mojom::WebFeature;
-using testing::ElementsAre;
-using testing::IsEmpty;
-using testing::Pair;
-
-constexpr char kTreatAsPublicAddressPath[] = "/treat-as-public-address.html";
-
-GURL PublicSecureURL(const net::EmbeddedTestServer& server) {
-  // Localhost is treated as secure even though this URL is not HTTPS.
-  return server.GetURL(kTreatAsPublicAddressPath);
-}
-
-GURL PublicNonSecureURL(const net::EmbeddedTestServer& server) {
-  return server.GetURL("foo.test", kTreatAsPublicAddressPath);
-}
-
-constexpr WebFeature kAllAddressSpaceFeatures[] = {
-    WebFeature::kAddressSpaceLocalEmbeddedInPrivateSecureContext,
-    WebFeature::kAddressSpaceLocalEmbeddedInPrivateNonSecureContext,
-    WebFeature::kAddressSpaceLocalEmbeddedInPublicSecureContext,
-    WebFeature::kAddressSpaceLocalEmbeddedInPublicNonSecureContext,
-    WebFeature::kAddressSpaceLocalEmbeddedInUnknownSecureContext,
-    WebFeature::kAddressSpaceLocalEmbeddedInUnknownNonSecureContext,
-    WebFeature::kAddressSpacePrivateEmbeddedInPublicSecureContext,
-    WebFeature::kAddressSpacePrivateEmbeddedInPublicNonSecureContext,
-    WebFeature::kAddressSpacePrivateEmbeddedInUnknownSecureContext,
-    WebFeature::kAddressSpacePrivateEmbeddedInUnknownNonSecureContext,
-};
-
-// Returns a map of WebFeature to bucket count. Skips buckets with zero counts.
-std::map<WebFeature, int> GetAddressSpaceFeatureBucketCounts(
-    const base::HistogramTester& tester) {
-  std::map<WebFeature, int> counts;
-  for (WebFeature feature : kAllAddressSpaceFeatures) {
-    int count = tester.GetBucketCount("Blink.UseCounter.Features", feature);
-    if (count == 0) {
-      continue;
-    }
-
-    counts.emplace(feature, count);
-  }
-  return counts;
-}
-
-// CORS-RFC1918 is a web platform specification aimed at securing requests made
-// from public websites to the private network and localhost. It is entirely
-// implemented in content/. Its integration with Blink UseCounters cannot be
-// tested in content/, however, thus we define this standalone test here.
-//
-// See also:
-//
-//  - specification: https://wicg.github.io/cors-rfc1918.
-//  - feature browsertests in content/: RenderFrameHostImplTest.
-//
-class ChromePrivateNetworkRequestBrowserTest : public InProcessBrowserTest {
- public:
-  content::WebContents* web_contents() {
-    return browser()->tab_strip_model()->GetActiveWebContents();
-  }
-
-  bool NavigateAndFlushHistograms() {
-    // Commit a new navigation in order to flush UseCounters incremented during
-    // the last navigation to the browser process, so they are reflected in
-    // histograms.
-    return content::NavigateToURL(web_contents(), GURL("about:blank"));
-  }
-
-  // Never returns nullptr. The returned server is already Start()ed.
-  //
-  // NOTE: This is defined as a method on the test fixture instead of a free
-  // function because GetChromeTestDataDir() is a test fixture method itself.
-  // We return a unique_ptr because EmbeddedTestServer is not movable and C++17
-  // support is not available at time of writing.
-  std::unique_ptr<net::EmbeddedTestServer> NewServer() {
-    auto server = std::make_unique<net::EmbeddedTestServer>();
-    server->AddDefaultHandlers(GetChromeTestDataDir());
-    EXPECT_TRUE(server->Start());
-    return server;
-  }
-
- private:
-  void SetUpOnMainThread() final { host_resolver()->AddRule("*", "127.0.0.1"); }
-};
-
-// This test verifies that no feature is counted for the initial navigation from
-// a new tab to a page served by localhost.
-//
-// Regression test for https://crbug.com/1134601.
-IN_PROC_BROWSER_TEST_F(ChromePrivateNetworkRequestBrowserTest,
-                       DoesNotRecordAddressSpaceFeatureForInitialNavigation) {
-  base::HistogramTester histogram_tester;
-  auto server = NewServer();
-
-  EXPECT_TRUE(content::NavigateToURL(web_contents(), PublicSecureURL(*server)));
-  EXPECT_TRUE(NavigateAndFlushHistograms());
-
-  // TODO(https://crbug.com/1134601): Expect no buckets.
-  EXPECT_THAT(
-      GetAddressSpaceFeatureBucketCounts(histogram_tester),
-      ElementsAre(Pair(
-          WebFeature::kAddressSpaceLocalEmbeddedInUnknownNonSecureContext, 1)));
-}
-
-// This test verifies that when a secure context served from the public address
-// space loads a resource from the local network, the correct WebFeature is
-// use-counted.
-IN_PROC_BROWSER_TEST_F(ChromePrivateNetworkRequestBrowserTest,
-                       RecordsAddressSpaceFeatureForFetch) {
-  base::HistogramTester histogram_tester;
-  auto server = NewServer();
-
-  EXPECT_TRUE(content::NavigateToURL(web_contents(), PublicSecureURL(*server)));
-  EXPECT_TRUE(content::ExecJs(web_contents(), R"(
-    fetch("defaultresponse")
-  )"));
-  EXPECT_TRUE(NavigateAndFlushHistograms());
-
-  EXPECT_THAT(
-      GetAddressSpaceFeatureBucketCounts(histogram_tester),
-      ElementsAre(
-          Pair(WebFeature::kAddressSpaceLocalEmbeddedInPublicSecureContext, 1),
-          // TODO(https://crbug.com/1134601): Stop expecting this bucket.
-          Pair(WebFeature::kAddressSpaceLocalEmbeddedInUnknownNonSecureContext,
-               1)));
-}
-
-// This test verifies that when a non-secure context served from the public
-// address space loads a resource from the local network, the correct WebFeature
-// is use-counted.
-IN_PROC_BROWSER_TEST_F(ChromePrivateNetworkRequestBrowserTest,
-                       RecordsAddressSpaceFeatureForFetchInNonSecureContext) {
-  base::HistogramTester histogram_tester;
-  auto server = NewServer();
-
-  EXPECT_TRUE(
-      content::NavigateToURL(web_contents(), PublicNonSecureURL(*server)));
-  EXPECT_TRUE(content::ExecJs(web_contents(), R"(
-    fetch("defaultresponse")
-  )"));
-  EXPECT_TRUE(NavigateAndFlushHistograms());
-
-  EXPECT_THAT(
-      GetAddressSpaceFeatureBucketCounts(histogram_tester),
-      ElementsAre(
-          Pair(WebFeature::kAddressSpaceLocalEmbeddedInPublicNonSecureContext,
-               1),
-          // TODO(https://crbug.com/1134601): Stop expecting this bucket.
-          Pair(WebFeature::kAddressSpaceLocalEmbeddedInUnknownNonSecureContext,
-               1)));
-}
-
-// This test verifies that when page embeds an empty iframe pointing to
-// about:blank, no address space feature is recorded. It serves as a basis for
-// comparison with the following tests, which test behavior with iframes.
-IN_PROC_BROWSER_TEST_F(
-    ChromePrivateNetworkRequestBrowserTest,
-    DoesNotRecordAddressSpaceFeatureForAboutBlankNavigation) {
-  base::HistogramTester histogram_tester;
-  auto server = NewServer();
-
-  EXPECT_TRUE(
-      content::NavigateToURL(web_contents(), PublicNonSecureURL(*server)));
-  EXPECT_TRUE(content::ExecJs(web_contents(), R"(
-    new Promise(resolve => {
-      const child = document.createElement("iframe");
-      child.src = "about:blank";
-      child.onload = resolve;
-      document.body.appendChild(child);
-    })
-  )"));
-  EXPECT_TRUE(NavigateAndFlushHistograms());
-
-  // TODO(https://crbug.com/1134601): Expect no buckets.
-  EXPECT_THAT(
-      GetAddressSpaceFeatureBucketCounts(histogram_tester),
-      ElementsAre(Pair(
-          WebFeature::kAddressSpaceLocalEmbeddedInUnknownNonSecureContext, 1)));
-}
-
-// This test verifies that when a non-secure context served from the public
-// address space loads a child frame from the local network, the correct
-// WebFeature is use-counted.
-IN_PROC_BROWSER_TEST_F(ChromePrivateNetworkRequestBrowserTest,
-                       RecordsAddressSpaceFeatureForChildNavigation) {
-  base::HistogramTester histogram_tester;
-  auto server = NewServer();
-
-  EXPECT_TRUE(
-      content::NavigateToURL(web_contents(), PublicNonSecureURL(*server)));
-  EXPECT_TRUE(content::ExecJs(web_contents(), R"(
-    new Promise(resolve => {
-      const child = document.createElement("iframe");
-      child.src = "defaultresponse";
-      child.onload = resolve;
-      document.body.appendChild(child);
-    })
-  )"));
-  EXPECT_TRUE(NavigateAndFlushHistograms());
-
-  // TODO(https://crbug.com/1129326): Expect InPublicNonSecureContext?
-  EXPECT_THAT(
-      GetAddressSpaceFeatureBucketCounts(histogram_tester),
-      ElementsAre(Pair(
-          WebFeature::kAddressSpaceLocalEmbeddedInUnknownNonSecureContext, 1)));
-}
-
-// This test verifies that when a non-secure context served from the public
-// address space loads a grand-child frame from the local network, the correct
-// WebFeature is use-counted. If inheritance did not work correctly, the
-// intermediate about:blank frame might confuse the address space logic.
-IN_PROC_BROWSER_TEST_F(ChromePrivateNetworkRequestBrowserTest,
-                       RecordsAddressSpaceFeatureForGrandchildNavigation) {
-  base::HistogramTester histogram_tester;
-  auto server = NewServer();
-
-  EXPECT_TRUE(
-      content::NavigateToURL(web_contents(), PublicNonSecureURL(*server)));
-  EXPECT_TRUE(content::ExecJs(web_contents(), R"(
-    function addChildFrame(doc, src) {
-      return new Promise(resolve => {
-        const child = doc.createElement("iframe");
-        child.src = src;
-        child.onload = () => { resolve(child); };
-        doc.body.appendChild(child);
-      });
-    }
-
-    addChildFrame(document, "about:blank")
-      .then(child => addChildFrame(child.contentDocument, "defaultresponse"))
-  )"));
-  EXPECT_TRUE(NavigateAndFlushHistograms());
-
-  // TODO(https://crbug.com/1129326): Expect InPublicNonSecureContext?
-  EXPECT_THAT(
-      GetAddressSpaceFeatureBucketCounts(histogram_tester),
-      ElementsAre(Pair(
-          WebFeature::kAddressSpaceLocalEmbeddedInUnknownNonSecureContext, 1)));
-}
-
-class ChromePrivateNetworkRequestWithFeatureEnabledBrowserTest
-    : public ChromePrivateNetworkRequestBrowserTest {
- public:
-  ChromePrivateNetworkRequestWithFeatureEnabledBrowserTest() {
-    features_.InitAndEnableFeature(
-        features::kBlockInsecurePrivateNetworkRequests);
-  }
-
- private:
-  base::test::ScopedFeatureList features_;
-};
-
-// This test verifies that private network requests that are blocked do not
-// result in a WebFeature being use-counted.
-IN_PROC_BROWSER_TEST_F(ChromePrivateNetworkRequestWithFeatureEnabledBrowserTest,
-                       DoesNotRecordAddressSpaceFeatureForBlockedRequests) {
-  base::HistogramTester histogram_tester;
-  auto server = NewServer();
-
-  EXPECT_TRUE(
-      content::NavigateToURL(web_contents(), PublicNonSecureURL(*server)));
-  EXPECT_EQ(true, content::EvalJs(web_contents(), R"(
-    fetch("defaultresponse").catch(() => true)
-  )"));
-  EXPECT_TRUE(NavigateAndFlushHistograms());
-
-  // TODO(https://crbug.com/1134601): Expect no buckets.
-  EXPECT_THAT(
-      GetAddressSpaceFeatureBucketCounts(histogram_tester),
-      ElementsAre(Pair(
-          WebFeature::kAddressSpaceLocalEmbeddedInUnknownNonSecureContext, 1)));
-}
-
-}  // namespace
--- a/chrome/test/BUILD.gn
+++ b/chrome/test/BUILD.gn
@@ -967,7 +967,6 @@ if (!is_android) {
      "../browser/chrome_navigation_browsertest.cc",
      "../browser/chrome_origin_trials_browsertest.cc",
      "../browser/chrome_plugin_browsertest.cc",
-      "../browser/chrome_private_network_request_browsertest.cc",
      "../browser/chrome_security_exploit_browsertest.cc",
      "../browser/chrome_service_worker_browsertest.cc",
      "../browser/chrome_worker_browsertest.cc",

--- a/chrome/test/data/treat-as-public-address.html
+++ b/chrome/test/data/treat-as-public-address.html
-<html>
-  <head>
-    <!-- Disable extra network request for /favicon.ico -->
-    <link rel="icon" href="data:,">
-  </head>
-  <body></body>
-</html>
--- a/chrome/test/data/treat-as-public-address.html.mock-http-headers
+++ b/chrome/test/data/treat-as-public-address.html.mock-http-headers
-HTTP/1.1 200 OK
-Content-Security-Policy: treat-as-public-address