Index: chrome/browser/net/chrome_network_delegate_unittest.cc |
diff --git a/chrome/browser/net/chrome_network_delegate_unittest.cc b/chrome/browser/net/chrome_network_delegate_unittest.cc |
index 3674f3874c202829528eb02b0771c7742e49b416..82dc9ec8c8c09107ee505c093a58f2dd999404ef 100644 |
--- a/chrome/browser/net/chrome_network_delegate_unittest.cc |
+++ b/chrome/browser/net/chrome_network_delegate_unittest.cc |
@@ -18,6 +18,7 @@ |
#include "build/build_config.h" |
#include "chrome/browser/browser_process.h" |
#include "chrome/browser/content_settings/cookie_settings_factory.h" |
+#include "chrome/browser/net/expect_ct_monitor.h" |
#include "chrome/browser/net/safe_search_util.h" |
#include "chrome/common/pref_names.h" |
#include "chrome/test/base/testing_browser_process.h" |
@@ -58,6 +59,7 @@ namespace { |
// |redirect| is true, it adds necessary socket data to have it follow redirect |
// before getting the final response. |
scoped_ptr<net::URLRequest> RequestURL( |
+ GURL url, |
net::URLRequestContext* context, |
net::MockClientSocketFactory* socket_factory, |
bool from_user, |
@@ -81,8 +83,8 @@ scoped_ptr<net::URLRequest> RequestURL( |
socket_factory->AddSocketDataProvider(&response_socket_data_provider); |
net::TestDelegate test_delegate; |
test_delegate.set_quit_on_complete(true); |
- scoped_ptr<net::URLRequest> request(context->CreateRequest( |
- GURL("http://example.com"), net::DEFAULT_PRIORITY, &test_delegate)); |
+ scoped_ptr<net::URLRequest> request( |
+ context->CreateRequest(url, net::DEFAULT_PRIORITY, &test_delegate)); |
if (from_user) { |
content::ResourceRequestInfo::AllocateForTesting( |
@@ -99,6 +101,28 @@ scoped_ptr<net::URLRequest> RequestURL( |
return request; |
} |
+scoped_ptr<net::URLRequest> RequestNonSSLURL( |
+ net::URLRequestContext* context, |
+ net::MockClientSocketFactory* socket_factory, |
+ bool from_user, |
+ bool redirect) { |
+ return RequestURL(GURL("http://example.test"), context, socket_factory, |
+ from_user, redirect); |
+} |
+ |
+scoped_ptr<net::URLRequest> RequestSSLURL( |
+ net::CertStatus cert_status, |
+ net::URLRequestContext* context, |
+ net::MockClientSocketFactory* socket_factory, |
+ bool from_user, |
+ bool redirect) { |
+ net::SSLSocketDataProvider ssl_data(net::ASYNC, net::OK); |
+ ssl_data.cert_status = cert_status; |
+ socket_factory->AddSSLSocketDataProvider(&ssl_data); |
+ return RequestURL(GURL("https://example.test"), context, socket_factory, |
+ from_user, redirect); |
+} |
+ |
// A fake DataUseAggregator for testing that only counts how many times its |
// respective methods have been called. |
class FakeDataUseAggregator : public data_usage::DataUseAggregator { |
@@ -137,6 +161,22 @@ class FakeDataUseAggregator : public data_usage::DataUseAggregator { |
int64_t off_the_record_rx_bytes_; |
}; |
+class TestExpectCTMonitor : public ExpectCTMonitor { |
+ public: |
+ TestExpectCTMonitor() : num_ct_compliance_failures_(0) {} |
+ ~TestExpectCTMonitor() override {} |
+ |
+ size_t num_ct_compliance_failures() { return num_ct_compliance_failures_; } |
+ |
+ // ExpectCTMonitor: |
+ void OnCTComplianceFailed(net::URLRequest* request) override { |
+ num_ct_compliance_failures_++; |
+ } |
+ |
+ private: |
+ size_t num_ct_compliance_failures_; |
+}; |
+ |
} // namespace |
class ChromeNetworkDelegateTest : public testing::Test { |
@@ -206,7 +246,7 @@ TEST_F(ChromeNetworkDelegateTest, DataUseMeasurementServiceTest) { |
base::HistogramTester histogram_tester; |
// A query from a service without redirection. |
- RequestURL(context(), socket_factory(), false, false); |
+ RequestNonSSLURL(context(), socket_factory(), false, false); |
histogram_tester.ExpectTotalCount( |
"DataUse.TrafficSize.System.Downstream.Foreground.NotCellular", 1); |
histogram_tester.ExpectTotalCount( |
@@ -228,7 +268,7 @@ TEST_F(ChromeNetworkDelegateTest, DataUseMeasurementUserTest) { |
base::HistogramTester histogram_tester; |
// A query from user without redirection. |
- RequestURL(context(), socket_factory(), true, false); |
+ RequestNonSSLURL(context(), socket_factory(), true, false); |
histogram_tester.ExpectTotalCount( |
"DataUse.TrafficSize.User.Downstream.Foreground.NotCellular", 1); |
histogram_tester.ExpectTotalCount( |
@@ -250,7 +290,7 @@ TEST_F(ChromeNetworkDelegateTest, DataUseMeasurementServiceTestWithRedirect) { |
base::HistogramTester histogram_tester; |
// A query from user with one redirection. |
- RequestURL(context(), socket_factory(), false, true); |
+ RequestNonSSLURL(context(), socket_factory(), false, true); |
histogram_tester.ExpectTotalCount( |
"DataUse.TrafficSize.System.Downstream.Foreground.NotCellular", 2); |
histogram_tester.ExpectTotalCount( |
@@ -272,7 +312,7 @@ TEST_F(ChromeNetworkDelegateTest, DataUseMeasurementUserTestWithRedirect) { |
base::HistogramTester histogram_tester; |
// A query from user with one redirection. |
- RequestURL(context(), socket_factory(), true, true); |
+ RequestNonSSLURL(context(), socket_factory(), true, true); |
histogram_tester.ExpectTotalCount( |
"DataUse.TrafficSize.User.Downstream.Foreground.NotCellular", 2); |
@@ -307,7 +347,7 @@ TEST_F(ChromeNetworkDelegateTest, ReportDataUseToAggregator) { |
&fake_aggregator, false /* is_data_usage_off_the_record */); |
scoped_ptr<net::URLRequest> request = |
- RequestURL(context(), socket_factory(), true, false); |
+ RequestNonSSLURL(context(), socket_factory(), true, false); |
EXPECT_EQ(request->GetTotalSentBytes(), |
fake_aggregator.on_the_record_tx_bytes()); |
EXPECT_EQ(request->GetTotalReceivedBytes(), |
@@ -323,7 +363,7 @@ TEST_F(ChromeNetworkDelegateTest, ReportOffTheRecordDataUseToAggregator) { |
chrome_network_delegate()->set_data_use_aggregator( |
&fake_aggregator, true /* is_data_usage_off_the_record */); |
scoped_ptr<net::URLRequest> request = |
- RequestURL(context(), socket_factory(), true, false); |
+ RequestNonSSLURL(context(), socket_factory(), true, false); |
EXPECT_EQ(0, fake_aggregator.on_the_record_tx_bytes()); |
EXPECT_EQ(0, fake_aggregator.on_the_record_rx_bytes()); |
@@ -544,3 +584,21 @@ TEST_F(ChromeNetworkDelegatePrivacyModeTest, |
EXPECT_FALSE(network_delegate_->CanEnablePrivacyMode(kAllowedSite, |
kBlockedFirstPartySite)); |
} |
+ |
+// Tests that the ExpectCTMonitor is invoked when an Expect CT site |
+// violates the Certificate Transparency policy, and not invoked for a |
+// non-HTTPS request or an HTTPS request that doesn't violate the CT |
+// policy. |
+TEST_F(ChromeNetworkDelegateTest, ExpectCTMonitor) { |
+ Initialize(); |
+ TestExpectCTMonitor monitor; |
+ chrome_network_delegate()->set_expect_ct_monitor(&monitor); |
+ EXPECT_EQ(0u, monitor.num_ct_compliance_failures()); |
+ RequestSSLURL(net::CERT_STATUS_CT_COMPLIANCE_FAILED, context(), |
+ socket_factory(), true, false); |
+ EXPECT_EQ(1u, monitor.num_ct_compliance_failures()); |
+ RequestNonSSLURL(context(), socket_factory(), true, false); |
+ EXPECT_EQ(1u, monitor.num_ct_compliance_failures()); |
+ RequestSSLURL(0, context(), socket_factory(), true, false); |
+ EXPECT_EQ(1u, monitor.num_ct_compliance_failures()); |
+} |