Chromium Code Reviews Chromium Code Reviews
Issue 1294673005:
Disable Name Mismatch redirection for non-overridable SSL errors (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_error_handler.h" | 5 #include "chrome/browser/ssl/ssl_error_handler.h" |
| 6 | 6 |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/message_loop/message_loop.h" | 8 #include "base/message_loop/message_loop.h" |
| 9 #include "base/metrics/field_trial.h" | 9 #include "base/metrics/field_trial.h" |
| 10 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
| (...skipping 24 matching lines...) Expand all Loading... | |
| 35 GURL(), | 35 GURL(), |
| 36 0, | 36 0, |
| 37 nullptr, | 37 nullptr, |
| 38 base::Callback<void(bool)>()), | 38 base::Callback<void(bool)>()), |
| 39 profile_(profile), | 39 profile_(profile), |
| 40 captive_portal_checked_(false), | 40 captive_portal_checked_(false), |
| 41 suggested_url_exists_(false), | 41 suggested_url_exists_(false), |
| 42 suggested_url_checked_(false), | 42 suggested_url_checked_(false), |
| 43 ssl_interstitial_shown_(false), | 43 ssl_interstitial_shown_(false), |
| 44 captive_portal_interstitial_shown_(false), | 44 captive_portal_interstitial_shown_(false), |
| 45 common_name_mismatch_redirect_(false) {} | 45 common_name_mismatch_redirect_(false), |
| 46 is_overridable_error_(true) {} | |
| 46 | 47 |
| 47 ~TestSSLErrorHandler() override { | 48 ~TestSSLErrorHandler() override { |
| 48 } | 49 } |
| 49 | 50 |
| 50 using SSLErrorHandler::StartHandlingError; | 51 using SSLErrorHandler::StartHandlingError; |
| 51 | 52 |
| 52 void SendCaptivePortalNotification( | 53 void SendCaptivePortalNotification( |
| 53 captive_portal::CaptivePortalResult result) { | 54 captive_portal::CaptivePortalResult result) { |
| 54 CaptivePortalService::Results results; | 55 CaptivePortalService::Results results; |
| 55 results.previous_result = captive_portal::RESULT_INTERNET_CONNECTED; | 56 results.previous_result = captive_portal::RESULT_INTERNET_CONNECTED; |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 93 *suggested_url = GURL("www.example.com"); | 94 *suggested_url = GURL("www.example.com"); |
| 94 return true; | 95 return true; |
| 95 } | 96 } |
| 96 | 97 |
| 97 bool suggested_url_checked() const { return suggested_url_checked_; } | 98 bool suggested_url_checked() const { return suggested_url_checked_; } |
| 98 | 99 |
| 99 bool common_name_mismatch_redirect() const { | 100 bool common_name_mismatch_redirect() const { |
| 100 return common_name_mismatch_redirect_; | 101 return common_name_mismatch_redirect_; |
| 101 } | 102 } |
| 102 | 103 |
| 104 void set_non_overridable_error() { is_overridable_error_ = false; } | |
| 105 | |
| 103 void Reset() { | 106 void Reset() { |
| 104 captive_portal_checked_ = false; | 107 captive_portal_checked_ = false; |
| 105 suggested_url_exists_ = false; | 108 suggested_url_exists_ = false; |
| 106 suggested_url_checked_ = false; | 109 suggested_url_checked_ = false; |
| 107 ssl_interstitial_shown_ = false; | 110 ssl_interstitial_shown_ = false; |
| 108 captive_portal_interstitial_shown_ = false; | 111 captive_portal_interstitial_shown_ = false; |
| 109 common_name_mismatch_redirect_ = false; | 112 common_name_mismatch_redirect_ = false; |
| 110 } | 113 } |
| 111 | 114 |
| 112 private: | 115 private: |
| 113 void CheckForCaptivePortal() override { | 116 void CheckForCaptivePortal() override { |
| 114 captive_portal_checked_ = true; | 117 captive_portal_checked_ = true; |
| 115 } | 118 } |
| 116 | 119 |
| 117 void ShowSSLInterstitial() override { ssl_interstitial_shown_ = true; } | 120 void ShowSSLInterstitial() override { ssl_interstitial_shown_ = true; } |
| 118 | 121 |
| 119 void ShowCaptivePortalInterstitial(const GURL& landing_url) override { | 122 void ShowCaptivePortalInterstitial(const GURL& landing_url) override { |
| 120 captive_portal_interstitial_shown_ = true; | 123 captive_portal_interstitial_shown_ = true; |
| 121 } | 124 } |
| 122 | 125 |
| 123 void CheckSuggestedUrl(const GURL& suggested_url) override { | 126 void CheckSuggestedUrl(const GURL& suggested_url) override { |
| 124 suggested_url_checked_ = true; | 127 suggested_url_checked_ = true; |
| 125 } | 128 } |
| 126 | 129 |
| 127 void NavigateToSuggestedURL(const GURL& suggested_url) override { | 130 void NavigateToSuggestedURL(const GURL& suggested_url) override { |
| 128 common_name_mismatch_redirect_ = true; | 131 common_name_mismatch_redirect_ = true; |
| 129 } | 132 } |
| 130 | 133 |
| 134 bool IsErrorOverridable() const override { return is_overridable_error_; } | |
| 135 | |
| 131 Profile* profile_; | 136 Profile* profile_; |
| 132 bool captive_portal_checked_; | 137 bool captive_portal_checked_; |
| 133 bool suggested_url_exists_; | 138 bool suggested_url_exists_; |
| 134 bool suggested_url_checked_; | 139 bool suggested_url_checked_; |
| 135 bool ssl_interstitial_shown_; | 140 bool ssl_interstitial_shown_; |
| 136 bool captive_portal_interstitial_shown_; | 141 bool captive_portal_interstitial_shown_; |
| 137 bool common_name_mismatch_redirect_; | 142 bool common_name_mismatch_redirect_; |
| 143 bool is_overridable_error_; | |
| 138 | 144 |
| 139 DISALLOW_COPY_AND_ASSIGN(TestSSLErrorHandler); | 145 DISALLOW_COPY_AND_ASSIGN(TestSSLErrorHandler); |
| 140 }; | 146 }; |
| 141 | 147 |
| 142 class SSLErrorHandlerTest : public ChromeRenderViewHostTestHarness { | 148 class SSLErrorHandlerTest : public ChromeRenderViewHostTestHarness { |
| 143 public: | 149 public: |
| 144 SSLErrorHandlerTest() | 150 SSLErrorHandlerTest() |
| 145 : field_trial_list_(NULL) { | 151 : field_trial_list_(NULL) { |
| 146 } | 152 } |
| 147 | 153 |
| 148 void SetUp() override { | 154 void SetUp() override { |
| 149 ChromeRenderViewHostTestHarness::SetUp(); | 155 ChromeRenderViewHostTestHarness::SetUp(); |
| 150 SSLErrorHandler::SetInterstitialDelayTypeForTest(SSLErrorHandler::NONE); | 156 SSLErrorHandler::SetInterstitialDelayTypeForTest(SSLErrorHandler::NONE); |
| 151 ssl_info_.cert = | 157 ssl_info_.cert = |
| 152 net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem"); | 158 net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem"); |
| 153 ssl_info_.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID; | 159 ssl_info_.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID; |
| 154 error_handler_.reset(new TestSSLErrorHandler(profile(), | 160 error_handler_.reset(new TestSSLErrorHandler(profile(), |
| 155 web_contents(), | 161 web_contents(), |
| 156 ssl_info_)); | 162 ssl_info_)); |
| 157 // Enable finch experiment for captive portal interstitials. | 163 // Enable finch experiment for captive portal interstitials. |
| 158 ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial( | 164 ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial( |
| 159 "CaptivePortalInterstitial", "Enabled")); | 165 "CaptivePortalInterstitial", "Enabled")); |
| 160 // Enable finch experiment for SSL common name mismatch handling. | 166 // Enable finch experiment for SSL common name mismatch handling. |
| 161 ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial( | 167 ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial( |
| 162 "SSLCommonNameMismatchHandling", "Enabled")); | 168 "SSLCommonNameMismatchHandling", "Enabled")); |
| 163 } | 169 } |
| 164 | 170 |
| 165 void TearDown() override { | 171 void TearDown() override { |
| 166 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 172 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 167 error_handler_.reset(NULL); | 173 error_handler_.reset(NULL); |
| 168 ChromeRenderViewHostTestHarness::TearDown(); | 174 ChromeRenderViewHostTestHarness::TearDown(); |
| 169 } | 175 } |
| 170 | 176 |
| 171 TestSSLErrorHandler* error_handler() { return error_handler_.get(); } | 177 TestSSLErrorHandler* error_handler() { return error_handler_.get(); } |
| 172 | 178 |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 261 | 267 |
| 262 EXPECT_TRUE(error_handler()->IsTimerRunning()); | 268 EXPECT_TRUE(error_handler()->IsTimerRunning()); |
| 263 EXPECT_TRUE(error_handler()->suggested_url_checked()); | 269 EXPECT_TRUE(error_handler()->suggested_url_checked()); |
| 264 EXPECT_FALSE(error_handler()->captive_portal_checked()); | 270 EXPECT_FALSE(error_handler()->captive_portal_checked()); |
| 265 base::RunLoop().RunUntilIdle(); | 271 base::RunLoop().RunUntilIdle(); |
| 266 | 272 |
| 267 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 273 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 268 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); | 274 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| 269 } | 275 } |
| 270 | 276 |
| 277 TEST_F(SSLErrorHandlerTest, ShouldNotHandleNameMismatchOnNonOverridableError) { | |
| 278 error_handler()->SetSuggestedUrlExists(true); | |
| 279 error_handler()->set_non_overridable_error(); | |
|
meacer
2015/08/21 01:00:10
nit: Move this to the first line, so that it's a b
Bhanu Dev
2015/08/21 01:11:26
Done.
| |
| 280 error_handler()->StartHandlingError(); | |
| 281 | |
| 282 EXPECT_FALSE(error_handler()->suggested_url_checked()); | |
| 283 EXPECT_TRUE(error_handler()->captive_portal_checked()); | |
| 284 EXPECT_TRUE(error_handler()->IsTimerRunning()); | |
| 285 base::RunLoop().RunUntilIdle(); | |
| 286 | |
| 287 EXPECT_FALSE(error_handler()->IsTimerRunning()); | |
| 288 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); | |
| 289 } | |
| 290 | |
| 271 #else // #if !defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 291 #else // #if !defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 272 | 292 |
| 273 TEST_F(SSLErrorHandlerTest, | 293 TEST_F(SSLErrorHandlerTest, |
| 274 ShouldShowSSLInterstitialOnCaptivePortalDetectionDisabled) { | 294 ShouldShowSSLInterstitialOnCaptivePortalDetectionDisabled) { |
| 275 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 295 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 276 error_handler()->SetSuggestedUrlExists(false); | 296 error_handler()->SetSuggestedUrlExists(false); |
| 277 error_handler()->StartHandlingError(); | 297 error_handler()->StartHandlingError(); |
| 278 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 298 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 279 EXPECT_FALSE(error_handler()->captive_portal_checked()); | 299 EXPECT_FALSE(error_handler()->captive_portal_checked()); |
| 280 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); | 300 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 332 // Fake an Invalid Suggested URL Check result. | 352 // Fake an Invalid Suggested URL Check result. |
| 333 error_handler()->SendSuggestedUrlCheckResult( | 353 error_handler()->SendSuggestedUrlCheckResult( |
| 334 CommonNameMismatchHandler::SuggestedUrlCheckResult:: | 354 CommonNameMismatchHandler::SuggestedUrlCheckResult:: |
| 335 SUGGESTED_URL_NOT_AVAILABLE, | 355 SUGGESTED_URL_NOT_AVAILABLE, |
| 336 GURL()); | 356 GURL()); |
| 337 | 357 |
| 338 EXPECT_FALSE(error_handler()->IsTimerRunning()); | 358 EXPECT_FALSE(error_handler()->IsTimerRunning()); |
| 339 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); | 359 EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); |
| 340 EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); | 360 EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); |
| 341 } | 361 } |
| OLD | NEW |
