Don't autofill credit cards on non-secure pages

components/autofill/core/browser/autofill_manager_unittest.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <algorithm>
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/format_macros.h"
 #include "base/memory/ref_counted.h"
@@ skipping 196 matching lines @@
     test::SetCreditCardInfo(credit_card, "", "", "", "");
     credit_card->set_guid("00000000-0000-0000-0000-000000000006");
     credit_cards->push_back(credit_card);
   }
 
   size_t num_times_save_imported_profile_called_;
 
   DISALLOW_COPY_AND_ASSIGN(TestPersonalDataManager);
 };
 
-// Populates |form| with data corresponding to a simple credit card form.
-// Note that this actually appends fields to the form data, which can be useful
-// for building up more complex test forms.
-void CreateTestCreditCardFormData(FormData* form,
-                                  bool is_https,
-                                  bool use_month_type) {
-  form->name = ASCIIToUTF16("MyForm");
-  if (is_https) {
-    form->origin = GURL("https://myform.com/form.html");
-    form->action = GURL("https://myform.com/submit.html");
-  } else {
-    form->origin = GURL("http://myform.com/form.html");
-    form->action = GURL("http://myform.com/submit.html");
-  }
-  form->user_submitted = true;
-
-  FormFieldData field;
-  test::CreateTestFormField("Name on Card", "nameoncard", "", "text", &field);
-  form->fields.push_back(field);
-  test::CreateTestFormField("Card Number", "cardnumber", "", "text", &field);
-  form->fields.push_back(field);
-  if (use_month_type) {
-    test::CreateTestFormField(
-        "Expiration Date", "ccmonth", "", "month", &field);
-    form->fields.push_back(field);
-  } else {
-    test::CreateTestFormField("Expiration Date", "ccmonth", "", "text", &field);
-    form->fields.push_back(field);
-    test::CreateTestFormField("", "ccyear", "", "text", &field);
-    form->fields.push_back(field);
-  }
-}
-
 void ExpectFilledField(const char* expected_label,
                        const char* expected_name,
                        const char* expected_value,
                        const char* expected_form_control_type,
                        const FormFieldData& field) {
   SCOPED_TRACE(expected_label);
   EXPECT_EQ(UTF8ToUTF16(expected_label), field.label);
   EXPECT_EQ(UTF8ToUTF16(expected_name), field.name);
   EXPECT_EQ(UTF8ToUTF16(expected_value), field.value);
   EXPECT_EQ(expected_form_control_type, field.form_control_type);
@@ skipping 465 matching lines @@
   int MakeFrontendID(const SuggestionBackendID& cc_sid,
                  const SuggestionBackendID& profile_sid) const {
     return autofill_manager_->MakeFrontendID(cc_sid, profile_sid);
   }
 
   bool WillFillCreditCardNumber(const FormData& form,
                                 const FormFieldData& field) {
     return autofill_manager_->WillFillCreditCardNumber(form, field);
   }
 
+  // Populates |form| with data corresponding to a simple credit card form.
+  // Note that this actually appends fields to the form data, which can be
+  // useful for building up more complex test forms.
+  void CreateTestCreditCardFormData(FormData* form,
+                                    bool is_https,
+                                    bool use_month_type) {
+    form->name = ASCIIToUTF16("MyForm");
+    if (is_https) {
+      form->origin = GURL("https://myform.com/form.html");
+      form->action = GURL("https://myform.com/submit.html");
+    } else {
+      form->origin = GURL("http://myform.com/form.html");
+      form->action = GURL("http://myform.com/submit.html");
+      autofill_client_.SetContextSecurity(false);

[sigbjorn, 2015/05/15 08:38:28]

This line is the reason for moving this function inside the class. The rest of
this function is unchanged (apart from breaking long lines).

+    }
+    form->user_submitted = true;
+
+    FormFieldData field;
+    test::CreateTestFormField("Name on Card", "nameoncard", "", "text", &field);
+    form->fields.push_back(field);
+    test::CreateTestFormField("Card Number", "cardnumber", "", "text", &field);
+    form->fields.push_back(field);
+    if (use_month_type) {
+      test::CreateTestFormField(
+          "Expiration Date", "ccmonth", "", "month", &field);
+      form->fields.push_back(field);
+    } else {
+      test::CreateTestFormField("Expiration Date", "ccmonth", "", "text",
+                                &field);
+      form->fields.push_back(field);
+      test::CreateTestFormField("", "ccyear", "", "text", &field);
+      form->fields.push_back(field);
+    }
+  }
+
+  // Tests if credit card data gets saved
+  void TestSaveCreditCards(bool is_https) {
+    // Set up our form data.
+    FormData form;
+    CreateTestCreditCardFormData(&form, is_https, false);
+    std::vector<FormData> forms(1, form);
+    FormsSeen(forms);
+
+    // Edit the data, and submit
+    form.fields[1].value = ASCIIToUTF16("4111111111111111");
+    form.fields[2].value = ASCIIToUTF16("11");
+    form.fields[3].value = ASCIIToUTF16("2017");
+    EXPECT_CALL(autofill_client_, ConfirmSaveCreditCard(_)).Times(1);
+    FormSubmitted(form);
+  }
+
  protected:
   base::MessageLoop message_loop_;
   MockAutofillClient autofill_client_;
   scoped_ptr<MockAutofillDriver> autofill_driver_;
   scoped_ptr<TestAutofillManager> autofill_manager_;
   scoped_ptr<TestAutofillExternalDelegate> external_delegate_;
   scoped_refptr<net::TestURLRequestContextGetter> request_context_;
   TestPersonalDataManager personal_data_;
 };
 
@@ skipping 227 matching lines @@
   // Test that we sent the right values to the external delegate.
   external_delegate_->CheckSuggestions(
       kDefaultPageID,
       Suggestion("Elvis Presley", kVisaSuggestion, kVisaCard,
                  autofill_manager_->GetPackedCreditCardID(4)),
       Suggestion("Buddy Holly", kMcSuggestion, kMasterCard,
                  autofill_manager_->GetPackedCreditCardID(5)));
 }
 
 // Test that we return a warning explaining that credit card profile suggestions
-// are unavailable when the form is not https.
+// are unavailable when the form is not secure.
 TEST_F(AutofillManagerTest, GetCreditCardSuggestionsNonHTTPS) {
   // Set up our form data.
   FormData form;
   CreateTestCreditCardFormData(&form, false, false);
   std::vector<FormData> forms(1, form);
   FormsSeen(forms);
 
   const FormFieldData& field = form.fields[0];
   GetAutofillSuggestions(form, field);
 
@@ skipping 1627 matching lines @@
 
   // Set the address field's value back to the default value.
   response_data.fields[3].value = ASCIIToUTF16("Enter your address");
 
   // Simulate form submission.  We should not call into the PDM to try to save
   // the filled data, since the filled form is effectively missing an address.
   FormSubmitted(response_data);
   EXPECT_EQ(1, personal_data_.num_times_save_imported_profile_called());
 }
 
+// Tests that credit card data are saved for forms on https
+TEST_F(AutofillManagerTest, ImportFormDataCreditCardHTTPS) {
+  TestSaveCreditCards(true);
+}
+
+// Tests that credit card data are saved for forms on http
+TEST_F(AutofillManagerTest, ImportFormDataCreditCardHTTP) {
+  TestSaveCreditCards(false);
+}
+
 // Checks that resetting the auxiliary profile enabled preference does the right
 // thing on all platforms.
 TEST_F(AutofillManagerTest, AuxiliaryProfilesReset) {
   PrefService* prefs = autofill_client_.GetPrefs();
 #if defined(OS_MACOSX)
   // Auxiliary profiles is implemented on Mac only.
   // OSX: This preference exists for legacy reasons. It is no longer used.
   ASSERT_TRUE(
       prefs->GetBoolean(::autofill::prefs::kAutofillAuxiliaryProfilesEnabled));
   prefs->SetBoolean(::autofill::prefs::kAutofillAuxiliaryProfilesEnabled,
@@ skipping 607 matching lines @@
       form.fields[i].value = ASCIIToUTF16("Texas");
     else if (form.fields[i].name == ASCIIToUTF16("zipcode"))
       form.fields[i].value = ASCIIToUTF16("77401");
     else if (form.fields[i].name == ASCIIToUTF16("country"))
       form.fields[i].value = ASCIIToUTF16("US");
   }
   autofill_manager_->OnFormSubmitted(form);
 }
 
 }  // namespace autofill