diff --git a/browser/net/global_privacy_control_network_delegate_helper_browsertest.cc b/browser/net/global_privacy_control_network_delegate_helper_browsertest.cc new file mode 100644 index 000000000000..fefa8f518a10 --- /dev/null +++ b/browser/net/global_privacy_control_network_delegate_helper_browsertest.cc @@ -0,0 +1,126 @@ +/* Copyright (c) 2020 The Brave Authors. All rights reserved. + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at https://mozilla.org/MPL/2.0/. */ + +#include "brave/common/brave_features.h" +#include "brave/common/network_constants.h" +#include "chrome/browser/ui/browser.h" +#include "chrome/test/base/in_process_browser_test.h" +#include "chrome/test/base/ui_test_utils.h" +#include "components/network_session_configurator/common/network_switches.h" +#include "content/public/test/browser_test.h" +#include "content/public/test/browser_test_utils.h" +#include "content/public/test/test_utils.h" +#include "net/dns/mock_host_resolver.h" +#include "net/test/embedded_test_server/http_request.h" + +enum class GPCHeaderResult { + kOk, + kNoRequest, + kNoHeader, + kWrongValue, +}; + +class GlobalPrivacyControlNetworkDelegateBrowserTest + : public InProcessBrowserTest { + public: + GlobalPrivacyControlNetworkDelegateBrowserTest() + : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { + feature_list_.InitAndEnableFeature(features::kGlobalPrivacyControl); + } + + void SetUpOnMainThread() override { + InProcessBrowserTest::SetUpOnMainThread(); + + header_result_ = GPCHeaderResult::kNoRequest; + + host_resolver()->AddRule("*", "127.0.0.1"); + + https_server_.RegisterRequestMonitor(base::BindRepeating( + &GlobalPrivacyControlNetworkDelegateBrowserTest::HandleRequest, + base::Unretained(this))); + + ASSERT_TRUE(https_server_.Start()); + } + + void HandleRequest(const net::test_server::HttpRequest& request) { + base::AutoLock auto_lock(header_result_lock_); + + auto it = request.headers.find(kSecGpcHeader); + if (it == request.headers.end()) { + header_result_ = GPCHeaderResult::kNoHeader; + } else if (it ->second != "1") { + header_result_ = GPCHeaderResult::kWrongValue; + } else { + header_result_ = GPCHeaderResult::kOk; + } + } + + void SetUpCommandLine(base::CommandLine* command_line) override { + InProcessBrowserTest::SetUpCommandLine(command_line); + // Allows the embedded test server to serve HTTPS + command_line->AppendSwitch(switches::kIgnoreCertificateErrors); + } + + const net::EmbeddedTestServer& https_server() { return https_server_; } + + GPCHeaderResult header_result() { + base::AutoLock auto_lock(header_result_lock_); + return header_result_; + } + + protected: + base::test::ScopedFeatureList feature_list_; + + private: + net::test_server::EmbeddedTestServer https_server_; + mutable base::Lock header_result_lock_; + GPCHeaderResult header_result_; +}; + +// When kGlobalPrivacyControl is enabled, the Sec-GPC flag should appear on +// request headers. +IN_PROC_BROWSER_TEST_F(GlobalPrivacyControlNetworkDelegateBrowserTest, + IncludesSecGPCHeader) { + const GURL target = https_server().GetURL("example.com", "/index.html"); + ui_test_utils::NavigateToURL(browser(), target); + EXPECT_EQ(header_result(), GPCHeaderResult::kOk); +} + +// The Global Privacy Control spec also defines the +// `navigator.globalPrivacyControl` JS property, which is read-only. In Brave +// it will always return `true`. +IN_PROC_BROWSER_TEST_F(GlobalPrivacyControlNetworkDelegateBrowserTest, + NavigatorGlobalPrivacyAPI) { + const GURL target = https_server().GetURL("example.com", "/index.html"); + ui_test_utils::NavigateToURL(browser(), target); + + auto* rfh = + browser()->tab_strip_model()->GetActiveWebContents()->GetMainFrame(); + + EXPECT_EQ(true, content::EvalJs(rfh, "navigator.globalPrivacyControl")); + EXPECT_EQ(true, content::EvalJs(rfh, + "(function() {" + " navigator.globalPrivacyControl = false;" + " return navigator.globalPrivacyControl;" + "})()")); +} + +class DisabledGlobalPrivacyControlNetworkDelegateBrowserTest + : public GlobalPrivacyControlNetworkDelegateBrowserTest { + public: + DisabledGlobalPrivacyControlNetworkDelegateBrowserTest() { + feature_list_.Reset(); + feature_list_.InitAndDisableFeature(features::kGlobalPrivacyControl); + } +}; + +// When kGlobalPrivacyControl is disabled, the Sec-GPC flag should not appear +// on request headers. +IN_PROC_BROWSER_TEST_F(DisabledGlobalPrivacyControlNetworkDelegateBrowserTest, + ExcludesSecGPCHeader) { + const GURL target = https_server().GetURL("example.com", "/index.html"); + ui_test_utils::NavigateToURL(browser(), target); + EXPECT_EQ(header_result(), GPCHeaderResult::kNoHeader); +} diff --git a/test/BUILD.gn b/test/BUILD.gn index 8e2e6bc0a4b3..8f41e3df358a 100644 --- a/test/BUILD.gn +++ b/test/BUILD.gn @@ -531,6 +531,7 @@ test("brave_browser_tests") { "//brave/browser/net/brave_network_delegate_hsts_fingerprinting_browsertest.cc", "//brave/browser/net/brave_site_hacks_network_delegate_helper_browsertest.cc", "//brave/browser/net/brave_system_request_handler_browsertest.cc", + "//brave/browser/net/global_privacy_control_network_delegate_helper_browsertest.cc", "//brave/browser/policy/brave_policy_browsertest.cc", "//brave/browser/profiles/brave_bookmark_model_loaded_observer_browsertest.cc", "//brave/browser/profiles/brave_profile_manager_browsertest.cc",