Index: chrome/browser/ui/login/login_prompt_browsertest.cc |
diff --git a/chrome/browser/ui/login/login_prompt_browsertest.cc b/chrome/browser/ui/login/login_prompt_browsertest.cc |
index 8f0d5327390e6ddd439fcf1cb9afe6d952d850c3..f5c6a8b5fd6972e27817e5abc5fc6cc1cff83d12 100644 |
--- a/chrome/browser/ui/login/login_prompt_browsertest.cc |
+++ b/chrome/browser/ui/login/login_prompt_browsertest.cc |
@@ -1076,4 +1076,183 @@ IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
EXPECT_TRUE(test_server()->Stop()); |
} |
+// If an XMLHttpRequest is made with incorrect credentials, there should be no |
+// login prompt; instead the 401 status should be returned to the script. |
+IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
+ NoLoginPromptForXHRWithBadCredentials) { |
+ const char* kXHRTestPage = "files/login/xhr_with_credentials.html#incorrect"; |
+ |
+ ASSERT_TRUE(test_server()->Start()); |
+ |
+ content::WebContents* contents = |
+ browser()->tab_strip_model()->GetActiveWebContents(); |
+ NavigationController* controller = &contents->GetController(); |
+ LoginPromptBrowserTestObserver observer; |
+ |
+ observer.Register(content::Source<NavigationController>(controller)); |
+ |
+ // Load a page which makes a synchronous XMLHttpRequest for an authenticated |
+ // resource with the wrong credentials. There should be no login prompt. |
+ { |
+ GURL test_page = test_server()->GetURL(kXHRTestPage); |
+ WindowedLoadStopObserver load_stop_waiter(controller, 1); |
+ browser()->OpenURL(OpenURLParams( |
+ test_page, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_TYPED, |
+ false)); |
+ load_stop_waiter.Wait(); |
+ } |
+ |
+ base::string16 expected_title(base::UTF8ToUTF16("status=401")); |
+ |
+ EXPECT_EQ(expected_title, contents->GetTitle()); |
+ EXPECT_EQ(0, observer.auth_supplied_count_); |
+ EXPECT_EQ(0, observer.auth_needed_count_); |
+ EXPECT_EQ(0, observer.auth_cancelled_count_); |
+ EXPECT_TRUE(test_server()->Stop()); |
+} |
+ |
+// If an XMLHttpRequest is made with correct credentials, there should be no |
+// login prompt either. |
+IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
+ NoLoginPromptForXHRWithGoodCredentials) { |
+ const char* kXHRTestPage = "files/login/xhr_with_credentials.html#secret"; |
+ |
+ ASSERT_TRUE(test_server()->Start()); |
+ |
+ content::WebContents* contents = |
+ browser()->tab_strip_model()->GetActiveWebContents(); |
+ NavigationController* controller = &contents->GetController(); |
+ LoginPromptBrowserTestObserver observer; |
+ |
+ observer.Register(content::Source<NavigationController>(controller)); |
+ |
+ // Load a page which makes a synchronous XMLHttpRequest for an authenticated |
+ // resource with the wrong credentials. There should be no login prompt. |
+ { |
+ GURL test_page = test_server()->GetURL(kXHRTestPage); |
+ WindowedLoadStopObserver load_stop_waiter(controller, 1); |
+ browser()->OpenURL(OpenURLParams( |
+ test_page, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_TYPED, |
+ false)); |
+ load_stop_waiter.Wait(); |
+ } |
+ |
+ base::string16 expected_title(base::UTF8ToUTF16("status=200")); |
+ |
+ EXPECT_EQ(expected_title, contents->GetTitle()); |
+ EXPECT_EQ(0, observer.auth_supplied_count_); |
+ EXPECT_EQ(0, observer.auth_needed_count_); |
+ EXPECT_EQ(0, observer.auth_cancelled_count_); |
+ EXPECT_TRUE(test_server()->Stop()); |
+} |
+ |
+// If an XMLHttpRequest is made without credentials, there should be a login |
+// prompt. |
+IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
+ LoginPromptForXHRWithoutCredentials) { |
+ const char* kXHRTestPage = "files/login/xhr_without_credentials.html"; |
+ |
+ ASSERT_TRUE(test_server()->Start()); |
+ |
+ content::WebContents* contents = |
+ browser()->tab_strip_model()->GetActiveWebContents(); |
+ NavigationController* controller = &contents->GetController(); |
+ LoginPromptBrowserTestObserver observer; |
+ |
+ observer.Register(content::Source<NavigationController>(controller)); |
+ |
+ // Load a page which makes a synchronous XMLHttpRequest for an authenticated |
+ // resource with the wrong credentials. There should be no login prompt. |
+ { |
+ GURL test_page = test_server()->GetURL(kXHRTestPage); |
+ WindowedAuthNeededObserver auth_needed_waiter(controller); |
+ browser()->OpenURL(OpenURLParams( |
+ test_page, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_TYPED, |
+ false)); |
+ auth_needed_waiter.Wait(); |
+ } |
+ |
+ ASSERT_FALSE(observer.handlers_.empty()); |
+ { |
+ WindowedAuthNeededObserver auth_needed_waiter(controller); |
+ WindowedAuthSuppliedObserver auth_supplied_waiter(controller); |
+ LoginHandler* handler = *observer.handlers_.begin(); |
+ |
+ ASSERT_TRUE(handler); |
+ handler->SetAuth(base::UTF8ToUTF16(bad_username_), |
+ base::UTF8ToUTF16(bad_password_)); |
+ auth_supplied_waiter.Wait(); |
+ |
+ // The request should be retried after the incorrect password is |
+ // supplied. This should result in a new AUTH_NEEDED notification |
+ // for the same realm. |
+ auth_needed_waiter.Wait(); |
+ } |
+ |
+ ASSERT_EQ(1u, observer.handlers_.size()); |
+ WindowedAuthSuppliedObserver auth_supplied_waiter(controller); |
+ LoginHandler* handler = *observer.handlers_.begin(); |
+ |
+ base::string16 username(base::UTF8ToUTF16(username_digest_)); |
+ base::string16 password(base::UTF8ToUTF16(password_)); |
+ handler->SetAuth(username, password); |
+ auth_supplied_waiter.Wait(); |
+ |
+ WindowedLoadStopObserver load_stop_waiter(controller, 1); |
+ load_stop_waiter.Wait(); |
+ |
+ base::string16 expected_title(base::UTF8ToUTF16("status=200")); |
+ |
+ EXPECT_EQ(expected_title, contents->GetTitle()); |
+ EXPECT_EQ(2, observer.auth_supplied_count_); |
+ EXPECT_EQ(2, observer.auth_needed_count_); |
+ EXPECT_EQ(0, observer.auth_cancelled_count_); |
+ EXPECT_TRUE(test_server()->Stop()); |
+} |
+ |
+// If an XMLHttpRequest is made without credentials, there should be a login |
+// prompt. If it's cancelled, the script should get a 401 status. |
+IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
+ LoginPromptForXHRWithoutCredentialsCancelled) { |
+ const char* kXHRTestPage = "files/login/xhr_without_credentials.html"; |
+ |
+ ASSERT_TRUE(test_server()->Start()); |
+ |
+ content::WebContents* contents = |
+ browser()->tab_strip_model()->GetActiveWebContents(); |
+ NavigationController* controller = &contents->GetController(); |
+ LoginPromptBrowserTestObserver observer; |
+ |
+ observer.Register(content::Source<NavigationController>(controller)); |
+ |
+ // Load a page which makes a synchronous XMLHttpRequest for an authenticated |
+ // resource with the wrong credentials. There should be no login prompt. |
+ { |
+ GURL test_page = test_server()->GetURL(kXHRTestPage); |
+ WindowedAuthNeededObserver auth_needed_waiter(controller); |
+ browser()->OpenURL(OpenURLParams( |
+ test_page, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_TYPED, |
+ false)); |
+ auth_needed_waiter.Wait(); |
+ } |
+ |
+ ASSERT_EQ(1u, observer.handlers_.size()); |
+ WindowedAuthCancelledObserver auth_cancelled_waiter(controller); |
+ LoginHandler* handler = *observer.handlers_.begin(); |
+ |
+ handler->CancelAuth(); |
+ auth_cancelled_waiter.Wait(); |
+ |
+ WindowedLoadStopObserver load_stop_waiter(controller, 1); |
+ load_stop_waiter.Wait(); |
+ |
+ base::string16 expected_title(base::UTF8ToUTF16("status=401")); |
+ |
+ EXPECT_EQ(expected_title, contents->GetTitle()); |
+ EXPECT_EQ(0, observer.auth_supplied_count_); |
+ EXPECT_EQ(1, observer.auth_needed_count_); |
+ EXPECT_EQ(1, observer.auth_cancelled_count_); |
+ EXPECT_TRUE(test_server()->Stop()); |
+} |
+ |
} // namespace |