| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <algorithm> | 5 #include <algorithm> |
| 6 #include <list> | 6 #include <list> |
| 7 #include <map> | 7 #include <map> |
| 8 | 8 |
| 9 #include "base/metrics/field_trial.h" | 9 #include "base/metrics/field_trial.h" |
| 10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
| (...skipping 1058 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1069 | 1069 |
| 1070 EXPECT_EQ(1, observer.auth_needed_count_); | 1070 EXPECT_EQ(1, observer.auth_needed_count_); |
| 1071 EXPECT_EQ(1, observer.auth_supplied_count_); | 1071 EXPECT_EQ(1, observer.auth_supplied_count_); |
| 1072 EXPECT_EQ(0, observer.auth_cancelled_count_); | 1072 EXPECT_EQ(0, observer.auth_cancelled_count_); |
| 1073 EXPECT_EQ(1, observer_incognito.auth_needed_count_); | 1073 EXPECT_EQ(1, observer_incognito.auth_needed_count_); |
| 1074 EXPECT_EQ(0, observer_incognito.auth_supplied_count_); | 1074 EXPECT_EQ(0, observer_incognito.auth_supplied_count_); |
| 1075 EXPECT_EQ(0, observer_incognito.auth_cancelled_count_); | 1075 EXPECT_EQ(0, observer_incognito.auth_cancelled_count_); |
| 1076 EXPECT_TRUE(test_server()->Stop()); | 1076 EXPECT_TRUE(test_server()->Stop()); |
| 1077 } | 1077 } |
| 1078 | 1078 |
| 1079 // If an XMLHttpRequest is made with incorrect credentials, there should be no |
| 1080 // login prompt; instead the 401 status should be returned to the script. |
| 1081 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
| 1082 NoLoginPromptForXHRWithBadCredentials) { |
| 1083 const char* kXHRTestPage = "files/login/xhr_with_credentials.html#incorrect"; |
| 1084 |
| 1085 ASSERT_TRUE(test_server()->Start()); |
| 1086 |
| 1087 content::WebContents* contents = |
| 1088 browser()->tab_strip_model()->GetActiveWebContents(); |
| 1089 NavigationController* controller = &contents->GetController(); |
| 1090 LoginPromptBrowserTestObserver observer; |
| 1091 |
| 1092 observer.Register(content::Source<NavigationController>(controller)); |
| 1093 |
| 1094 // Load a page which makes a synchronous XMLHttpRequest for an authenticated |
| 1095 // resource with the wrong credentials. There should be no login prompt. |
| 1096 { |
| 1097 GURL test_page = test_server()->GetURL(kXHRTestPage); |
| 1098 WindowedLoadStopObserver load_stop_waiter(controller, 1); |
| 1099 browser()->OpenURL(OpenURLParams( |
| 1100 test_page, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_TYPED, |
| 1101 false)); |
| 1102 load_stop_waiter.Wait(); |
| 1103 } |
| 1104 |
| 1105 base::string16 expected_title(base::UTF8ToUTF16("status=401")); |
| 1106 |
| 1107 EXPECT_EQ(expected_title, contents->GetTitle()); |
| 1108 EXPECT_EQ(0, observer.auth_supplied_count_); |
| 1109 EXPECT_EQ(0, observer.auth_needed_count_); |
| 1110 EXPECT_EQ(0, observer.auth_cancelled_count_); |
| 1111 EXPECT_TRUE(test_server()->Stop()); |
| 1112 } |
| 1113 |
| 1114 // If an XMLHttpRequest is made with correct credentials, there should be no |
| 1115 // login prompt either. |
| 1116 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
| 1117 NoLoginPromptForXHRWithGoodCredentials) { |
| 1118 const char* kXHRTestPage = "files/login/xhr_with_credentials.html#secret"; |
| 1119 |
| 1120 ASSERT_TRUE(test_server()->Start()); |
| 1121 |
| 1122 content::WebContents* contents = |
| 1123 browser()->tab_strip_model()->GetActiveWebContents(); |
| 1124 NavigationController* controller = &contents->GetController(); |
| 1125 LoginPromptBrowserTestObserver observer; |
| 1126 |
| 1127 observer.Register(content::Source<NavigationController>(controller)); |
| 1128 |
| 1129 // Load a page which makes a synchronous XMLHttpRequest for an authenticated |
| 1130 // resource with the wrong credentials. There should be no login prompt. |
| 1131 { |
| 1132 GURL test_page = test_server()->GetURL(kXHRTestPage); |
| 1133 WindowedLoadStopObserver load_stop_waiter(controller, 1); |
| 1134 browser()->OpenURL(OpenURLParams( |
| 1135 test_page, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_TYPED, |
| 1136 false)); |
| 1137 load_stop_waiter.Wait(); |
| 1138 } |
| 1139 |
| 1140 base::string16 expected_title(base::UTF8ToUTF16("status=200")); |
| 1141 |
| 1142 EXPECT_EQ(expected_title, contents->GetTitle()); |
| 1143 EXPECT_EQ(0, observer.auth_supplied_count_); |
| 1144 EXPECT_EQ(0, observer.auth_needed_count_); |
| 1145 EXPECT_EQ(0, observer.auth_cancelled_count_); |
| 1146 EXPECT_TRUE(test_server()->Stop()); |
| 1147 } |
| 1148 |
| 1149 // If an XMLHttpRequest is made without credentials, there should be a login |
| 1150 // prompt. |
| 1151 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
| 1152 LoginPromptForXHRWithoutCredentials) { |
| 1153 const char* kXHRTestPage = "files/login/xhr_without_credentials.html"; |
| 1154 |
| 1155 ASSERT_TRUE(test_server()->Start()); |
| 1156 |
| 1157 content::WebContents* contents = |
| 1158 browser()->tab_strip_model()->GetActiveWebContents(); |
| 1159 NavigationController* controller = &contents->GetController(); |
| 1160 LoginPromptBrowserTestObserver observer; |
| 1161 |
| 1162 observer.Register(content::Source<NavigationController>(controller)); |
| 1163 |
| 1164 // Load a page which makes a synchronous XMLHttpRequest for an authenticated |
| 1165 // resource with the wrong credentials. There should be no login prompt. |
| 1166 { |
| 1167 GURL test_page = test_server()->GetURL(kXHRTestPage); |
| 1168 WindowedAuthNeededObserver auth_needed_waiter(controller); |
| 1169 browser()->OpenURL(OpenURLParams( |
| 1170 test_page, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_TYPED, |
| 1171 false)); |
| 1172 auth_needed_waiter.Wait(); |
| 1173 } |
| 1174 |
| 1175 ASSERT_FALSE(observer.handlers_.empty()); |
| 1176 { |
| 1177 WindowedAuthNeededObserver auth_needed_waiter(controller); |
| 1178 WindowedAuthSuppliedObserver auth_supplied_waiter(controller); |
| 1179 LoginHandler* handler = *observer.handlers_.begin(); |
| 1180 |
| 1181 ASSERT_TRUE(handler); |
| 1182 handler->SetAuth(base::UTF8ToUTF16(bad_username_), |
| 1183 base::UTF8ToUTF16(bad_password_)); |
| 1184 auth_supplied_waiter.Wait(); |
| 1185 |
| 1186 // The request should be retried after the incorrect password is |
| 1187 // supplied. This should result in a new AUTH_NEEDED notification |
| 1188 // for the same realm. |
| 1189 auth_needed_waiter.Wait(); |
| 1190 } |
| 1191 |
| 1192 ASSERT_EQ(1u, observer.handlers_.size()); |
| 1193 WindowedAuthSuppliedObserver auth_supplied_waiter(controller); |
| 1194 LoginHandler* handler = *observer.handlers_.begin(); |
| 1195 |
| 1196 base::string16 username(base::UTF8ToUTF16(username_digest_)); |
| 1197 base::string16 password(base::UTF8ToUTF16(password_)); |
| 1198 handler->SetAuth(username, password); |
| 1199 auth_supplied_waiter.Wait(); |
| 1200 |
| 1201 WindowedLoadStopObserver load_stop_waiter(controller, 1); |
| 1202 load_stop_waiter.Wait(); |
| 1203 |
| 1204 base::string16 expected_title(base::UTF8ToUTF16("status=200")); |
| 1205 |
| 1206 EXPECT_EQ(expected_title, contents->GetTitle()); |
| 1207 EXPECT_EQ(2, observer.auth_supplied_count_); |
| 1208 EXPECT_EQ(2, observer.auth_needed_count_); |
| 1209 EXPECT_EQ(0, observer.auth_cancelled_count_); |
| 1210 EXPECT_TRUE(test_server()->Stop()); |
| 1211 } |
| 1212 |
| 1213 // If an XMLHttpRequest is made without credentials, there should be a login |
| 1214 // prompt. If it's cancelled, the script should get a 401 status. |
| 1215 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
| 1216 LoginPromptForXHRWithoutCredentialsCancelled) { |
| 1217 const char* kXHRTestPage = "files/login/xhr_without_credentials.html"; |
| 1218 |
| 1219 ASSERT_TRUE(test_server()->Start()); |
| 1220 |
| 1221 content::WebContents* contents = |
| 1222 browser()->tab_strip_model()->GetActiveWebContents(); |
| 1223 NavigationController* controller = &contents->GetController(); |
| 1224 LoginPromptBrowserTestObserver observer; |
| 1225 |
| 1226 observer.Register(content::Source<NavigationController>(controller)); |
| 1227 |
| 1228 // Load a page which makes a synchronous XMLHttpRequest for an authenticated |
| 1229 // resource with the wrong credentials. There should be no login prompt. |
| 1230 { |
| 1231 GURL test_page = test_server()->GetURL(kXHRTestPage); |
| 1232 WindowedAuthNeededObserver auth_needed_waiter(controller); |
| 1233 browser()->OpenURL(OpenURLParams( |
| 1234 test_page, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_TYPED, |
| 1235 false)); |
| 1236 auth_needed_waiter.Wait(); |
| 1237 } |
| 1238 |
| 1239 ASSERT_EQ(1u, observer.handlers_.size()); |
| 1240 WindowedAuthCancelledObserver auth_cancelled_waiter(controller); |
| 1241 LoginHandler* handler = *observer.handlers_.begin(); |
| 1242 |
| 1243 handler->CancelAuth(); |
| 1244 auth_cancelled_waiter.Wait(); |
| 1245 |
| 1246 WindowedLoadStopObserver load_stop_waiter(controller, 1); |
| 1247 load_stop_waiter.Wait(); |
| 1248 |
| 1249 base::string16 expected_title(base::UTF8ToUTF16("status=401")); |
| 1250 |
| 1251 EXPECT_EQ(expected_title, contents->GetTitle()); |
| 1252 EXPECT_EQ(0, observer.auth_supplied_count_); |
| 1253 EXPECT_EQ(1, observer.auth_needed_count_); |
| 1254 EXPECT_EQ(1, observer.auth_cancelled_count_); |
| 1255 EXPECT_TRUE(test_server()->Stop()); |
| 1256 } |
| 1257 |
| 1079 } // namespace | 1258 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 143903003:
Disable HTTP authentication dialog for XHR with credentials (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master