Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(6192)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc

Issue 1550723003: Adapt MixedContentChecker for remote frames (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: minor cleanup Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/test/data/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html » ('j') | content/browser/site_per_process_browsertest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc
diff --git a/chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc b/chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc
index 4c712e6c1820acc5399fadc8171209f2713ceebb..6ac4d092febd7cf20b22ef82e302e410c0ed0676 100644
--- a/chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc
+++ b/chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc
@@ -368,6 +368,33 @@ IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest,
false /* expect cert status error */);
}
+// Tests that the Content Security Policy block-all-mixed-content
+// directive stops mixed content from running.
+IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest,
+ MixedContentStrictBlocking) {
+ ASSERT_TRUE(https_server_.Start());
+ SetUpMockCertVerifierForHttpsServer(0, net::OK);
+
+ // Navigate to an HTTPS page that tries to run mixed content in an
+ // iframe, with strict mixed content blocking.
+ std::string replacement_path;
+ net::HostPortPair host_port_pair =
+ net::HostPortPair::FromURL(https_server_.GetURL("/"));
+ host_port_pair.set_host("different-host.test");
+ host_resolver()->AddRule("different-host.test",
+ https_server_.GetURL("/").host());
+ GetFilePathWithHostAndPortReplacement(
+ "/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html",
+ host_port_pair, &replacement_path);
+ ui_test_utils::NavigateToURL(browser(),
+ https_server_.GetURL(replacement_path));
+ CheckSecurityInfoForSecure(
+ browser()->tab_strip_model()->GetActiveWebContents(),
+ SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1,
+ SecurityStateModel::NO_MIXED_CONTENT,
+ false /* expect cert status error */);
+}
+
IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, BrokenHTTPS) {
ASSERT_TRUE(embedded_test_server()->Start());
ASSERT_TRUE(https_server_.Start());
« no previous file with comments | « no previous file | chrome/test/data/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html » ('j') | content/browser/site_per_process_browsertest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698