OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/bind.h" | 5 #include "base/bind.h" |
6 #include "base/bind_helpers.h" | 6 #include "base/bind_helpers.h" |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/path_service.h" | 8 #include "base/path_service.h" |
9 #include "base/prefs/pref_service.h" | 9 #include "base/prefs/pref_service.h" |
10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
(...skipping 1167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1178 // Load again but over SSL. It should be marked as displaying insecure | 1178 // Load again but over SSL. It should be marked as displaying insecure |
1179 // content (even though the image comes from the WebCore memory cache). | 1179 // content (even though the image comes from the WebCore memory cache). |
1180 const GURL url_https = https_server_.GetURL(replacement_path); | 1180 const GURL url_https = https_server_.GetURL(replacement_path); |
1181 ui_test_utils::NavigateToURL(browser(), url_https); | 1181 ui_test_utils::NavigateToURL(browser(), url_https); |
1182 CheckAuthenticationBrokenState( | 1182 CheckAuthenticationBrokenState( |
1183 tab, | 1183 tab, |
1184 CertError::NONE, | 1184 CertError::NONE, |
1185 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); | 1185 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); |
1186 } | 1186 } |
1187 | 1187 |
| 1188 IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInlineUsingInvalidCertificate) { |
| 1189 ASSERT_TRUE(https_server_mismatched_.Start()); |
| 1190 ASSERT_TRUE(https_server_.Start()); |
| 1191 |
| 1192 // Load the image using insecure server. |
| 1193 GURL url(https_server_mismatched_.GetURL("files/ssl/google_files/logo.gif")); |
| 1194 ui_test_utils::NavigateToURL(browser(), url); |
| 1195 |
| 1196 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 1197 CheckAuthenticationBrokenState(tab, |
| 1198 net::CERT_STATUS_COMMON_NAME_INVALID, |
| 1199 AuthState::SHOWING_INTERSTITIAL); |
| 1200 ProceedThroughInterstitial(tab); |
| 1201 CheckAuthenticationBrokenState( |
| 1202 tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE); |
| 1203 |
| 1204 // Load the webpage using secure server. |
| 1205 std::string replacement_path; |
| 1206 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( |
| 1207 "files/ssl/page_with_dynamic_insecure_content.html", |
| 1208 https_server_mismatched_.host_port_pair(), |
| 1209 &replacement_path)); |
| 1210 ui_test_utils::NavigateToURL(browser(), |
| 1211 https_server_.GetURL(replacement_path)); |
| 1212 CheckAuthenticatedState(tab, AuthState::NONE); |
| 1213 EXPECT_FALSE(tab->DisplayedInsecureContent()); |
| 1214 |
| 1215 // Load the inline image using insecure server. |
| 1216 bool js_result = false; |
| 1217 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
| 1218 tab, "loadBadImage('https');", &js_result)); |
| 1219 EXPECT_TRUE(js_result); |
| 1220 |
| 1221 // Page security should be downgraded. |
| 1222 CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); |
| 1223 EXPECT_TRUE(tab->DisplayedInsecureContent()); |
| 1224 } |
| 1225 |
1188 // This test ensures the CN invalid status does not 'stick' to a certificate | 1226 // This test ensures the CN invalid status does not 'stick' to a certificate |
1189 // (see bug #1044942) and that it depends on the host-name. | 1227 // (see bug #1044942) and that it depends on the host-name. |
1190 // Test if disabled due to flakiness http://crbug.com/368280 . | 1228 // Test if disabled due to flakiness http://crbug.com/368280 . |
1191 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCNInvalidStickiness) { | 1229 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCNInvalidStickiness) { |
1192 ASSERT_TRUE(https_server_.Start()); | 1230 ASSERT_TRUE(https_server_.Start()); |
1193 ASSERT_TRUE(https_server_mismatched_.Start()); | 1231 ASSERT_TRUE(https_server_mismatched_.Start()); |
1194 | 1232 |
1195 // First we hit the server with hostname, this generates an invalid policy | 1233 // First we hit the server with hostname, this generates an invalid policy |
1196 // error. | 1234 // error. |
1197 ui_test_utils::NavigateToURL(browser(), | 1235 ui_test_utils::NavigateToURL(browser(), |
(...skipping 361 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1559 content::Source<NavigationController>(&tab->GetController())); | 1597 content::Source<NavigationController>(&tab->GetController())); |
1560 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( | 1598 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
1561 tab, | 1599 tab, |
1562 "window.domAutomationController.send(clickLink('goodHTTPSLink'));", | 1600 "window.domAutomationController.send(clickLink('goodHTTPSLink'));", |
1563 &success)); | 1601 &success)); |
1564 ASSERT_TRUE(success); | 1602 ASSERT_TRUE(success); |
1565 observer.Wait(); | 1603 observer.Wait(); |
1566 | 1604 |
1567 // We should still be authentication broken. | 1605 // We should still be authentication broken. |
1568 CheckAuthenticationBrokenState( | 1606 CheckAuthenticationBrokenState( |
1569 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); | 1607 tab, |
| 1608 net::CERT_STATUS_DATE_INVALID, |
| 1609 AuthState::DISPLAYED_INSECURE_CONTENT); |
1570 } | 1610 } |
1571 | 1611 |
1572 // From an HTTP top frame, navigate to good and bad HTTPS (security state should | 1612 // From an HTTP top frame, navigate to good and bad HTTPS (security state should |
1573 // stay unauthenticated). | 1613 // stay unauthenticated). |
1574 // Disabled, flakily exceeds test timeout, http://crbug.com/43437. | 1614 // Disabled, flakily exceeds test timeout, http://crbug.com/43437. |
1575 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestUnauthenticatedFrameNavigation) { | 1615 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestUnauthenticatedFrameNavigation) { |
1576 ASSERT_TRUE(test_server()->Start()); | 1616 ASSERT_TRUE(test_server()->Start()); |
1577 ASSERT_TRUE(https_server_.Start()); | 1617 ASSERT_TRUE(https_server_.Start()); |
1578 ASSERT_TRUE(https_server_expired_.Start()); | 1618 ASSERT_TRUE(https_server_expired_.Start()); |
1579 | 1619 |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1670 // Navigate to safe page that has Worker loading unsafe content. | 1710 // Navigate to safe page that has Worker loading unsafe content. |
1671 // Expect content to load but be marked as auth broken due to running insecure | 1711 // Expect content to load but be marked as auth broken due to running insecure |
1672 // content. | 1712 // content. |
1673 std::string page_with_unsafe_worker_path; | 1713 std::string page_with_unsafe_worker_path; |
1674 ASSERT_TRUE(GetPageWithUnsafeWorkerPath(https_server_expired_, | 1714 ASSERT_TRUE(GetPageWithUnsafeWorkerPath(https_server_expired_, |
1675 &page_with_unsafe_worker_path)); | 1715 &page_with_unsafe_worker_path)); |
1676 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( | 1716 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( |
1677 page_with_unsafe_worker_path)); | 1717 page_with_unsafe_worker_path)); |
1678 CheckWorkerLoadResult(tab, true); // Worker loads insecure content | 1718 CheckWorkerLoadResult(tab, true); // Worker loads insecure content |
1679 CheckAuthenticationBrokenState( | 1719 CheckAuthenticationBrokenState( |
1680 tab, CertError::NONE, AuthState::RAN_INSECURE_CONTENT); | 1720 tab, |
| 1721 CertError::NONE, |
| 1722 AuthState::RAN_INSECURE_CONTENT | AuthState::DISPLAYED_INSECURE_CONTENT); |
1681 } | 1723 } |
1682 | 1724 |
1683 // Test that when the browser blocks displaying insecure content (images), the | 1725 // Test that when the browser blocks displaying insecure content (images), the |
1684 // indicator shows a secure page, because the blocking made the otherwise | 1726 // indicator shows a secure page, because the blocking made the otherwise |
1685 // unsafe page safe (the notification of this state is handled by other means). | 1727 // unsafe page safe (the notification of this state is handled by other means). |
1686 IN_PROC_BROWSER_TEST_F(SSLUITestBlock, TestBlockDisplayingInsecureImage) { | 1728 IN_PROC_BROWSER_TEST_F(SSLUITestBlock, TestBlockDisplayingInsecureImage) { |
1687 ASSERT_TRUE(test_server()->Start()); | 1729 ASSERT_TRUE(test_server()->Start()); |
1688 ASSERT_TRUE(https_server_.Start()); | 1730 ASSERT_TRUE(https_server_.Start()); |
1689 | 1731 |
1690 std::string replacement_path; | 1732 std::string replacement_path; |
(...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1869 | 1911 |
1870 // Visit a page over https that contains a frame with a redirect. | 1912 // Visit a page over https that contains a frame with a redirect. |
1871 | 1913 |
1872 // XMLHttpRequest insecure content in synchronous mode. | 1914 // XMLHttpRequest insecure content in synchronous mode. |
1873 | 1915 |
1874 // XMLHttpRequest insecure content in asynchronous mode. | 1916 // XMLHttpRequest insecure content in asynchronous mode. |
1875 | 1917 |
1876 // XMLHttpRequest over bad ssl in synchronous mode. | 1918 // XMLHttpRequest over bad ssl in synchronous mode. |
1877 | 1919 |
1878 // XMLHttpRequest over OK ssl in synchronous mode. | 1920 // XMLHttpRequest over OK ssl in synchronous mode. |
OLD | NEW |