OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/command_line.h" | 5 #include "base/command_line.h" |
6 #include "base/path_service.h" | 6 #include "base/path_service.h" |
7 #include "base/prefs/pref_service.h" | 7 #include "base/prefs/pref_service.h" |
8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
(...skipping 1132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1143 // Load again but over SSL. It should be marked as displaying insecure | 1143 // Load again but over SSL. It should be marked as displaying insecure |
1144 // content (even though the image comes from the WebCore memory cache). | 1144 // content (even though the image comes from the WebCore memory cache). |
1145 const GURL url_https = https_server_.GetURL(replacement_path); | 1145 const GURL url_https = https_server_.GetURL(replacement_path); |
1146 ui_test_utils::NavigateToURL(browser(), url_https); | 1146 ui_test_utils::NavigateToURL(browser(), url_https); |
1147 CheckAuthenticationBrokenState( | 1147 CheckAuthenticationBrokenState( |
1148 tab, | 1148 tab, |
1149 CertError::NONE, | 1149 CertError::NONE, |
1150 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); | 1150 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); |
1151 } | 1151 } |
1152 | 1152 |
| 1153 IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInlineUsingInvalidCertificate) { |
| 1154 ASSERT_TRUE(https_server_mismatched_.Start()); |
| 1155 ASSERT_TRUE(https_server_.Start()); |
| 1156 |
| 1157 // Load the image using insecure server. |
| 1158 GURL url(https_server_mismatched_.GetURL("files/ssl/google_files/logo.gif")); |
| 1159 ui_test_utils::NavigateToURL(browser(), url); |
| 1160 |
| 1161 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 1162 CheckAuthenticationBrokenState(tab, |
| 1163 net::CERT_STATUS_COMMON_NAME_INVALID, |
| 1164 AuthState::SHOWING_INTERSTITIAL); |
| 1165 ProceedThroughInterstitial(tab); |
| 1166 CheckAuthenticationBrokenState( |
| 1167 tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE); |
| 1168 |
| 1169 // Load the webpage using secure server. |
| 1170 std::string replacement_path; |
| 1171 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( |
| 1172 "files/ssl/page_with_dynamic_insecure_content.html", |
| 1173 https_server_mismatched_.host_port_pair(), |
| 1174 &replacement_path)); |
| 1175 ui_test_utils::NavigateToURL(browser(), |
| 1176 https_server_.GetURL(replacement_path)); |
| 1177 CheckAuthenticatedState(tab, AuthState::NONE); |
| 1178 EXPECT_FALSE(tab->DisplayedInsecureContent()); |
| 1179 |
| 1180 // Load the inline image using insecure server. |
| 1181 bool js_result = false; |
| 1182 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
| 1183 tab, "loadBadImage('https');", &js_result)); |
| 1184 EXPECT_TRUE(js_result); |
| 1185 |
| 1186 // Page security should be downgraded. |
| 1187 CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); |
| 1188 EXPECT_TRUE(tab->DisplayedInsecureContent()); |
| 1189 } |
| 1190 |
1153 // This test ensures the CN invalid status does not 'stick' to a certificate | 1191 // This test ensures the CN invalid status does not 'stick' to a certificate |
1154 // (see bug #1044942) and that it depends on the host-name. | 1192 // (see bug #1044942) and that it depends on the host-name. |
1155 IN_PROC_BROWSER_TEST_F(SSLUITest, TestCNInvalidStickiness) { | 1193 IN_PROC_BROWSER_TEST_F(SSLUITest, TestCNInvalidStickiness) { |
1156 ASSERT_TRUE(https_server_.Start()); | 1194 ASSERT_TRUE(https_server_.Start()); |
1157 ASSERT_TRUE(https_server_mismatched_.Start()); | 1195 ASSERT_TRUE(https_server_mismatched_.Start()); |
1158 | 1196 |
1159 // First we hit the server with hostname, this generates an invalid policy | 1197 // First we hit the server with hostname, this generates an invalid policy |
1160 // error. | 1198 // error. |
1161 ui_test_utils::NavigateToURL(browser(), | 1199 ui_test_utils::NavigateToURL(browser(), |
1162 https_server_mismatched_.GetURL("files/ssl/google.html")); | 1200 https_server_mismatched_.GetURL("files/ssl/google.html")); |
(...skipping 585 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1748 | 1786 |
1749 // Visit a page over https that contains a frame with a redirect. | 1787 // Visit a page over https that contains a frame with a redirect. |
1750 | 1788 |
1751 // XMLHttpRequest insecure content in synchronous mode. | 1789 // XMLHttpRequest insecure content in synchronous mode. |
1752 | 1790 |
1753 // XMLHttpRequest insecure content in asynchronous mode. | 1791 // XMLHttpRequest insecure content in asynchronous mode. |
1754 | 1792 |
1755 // XMLHttpRequest over bad ssl in synchronous mode. | 1793 // XMLHttpRequest over bad ssl in synchronous mode. |
1756 | 1794 |
1757 // XMLHttpRequest over OK ssl in synchronous mode. | 1795 // XMLHttpRequest over OK ssl in synchronous mode. |
OLD | NEW |