Index: chrome/browser/ssl/ssl_browser_tests.cc |
diff --git a/chrome/browser/ssl/ssl_browser_tests.cc b/chrome/browser/ssl/ssl_browser_tests.cc |
index 3d78d5fb63914a30ac0302a47531eba5cd0593a1..949705a3a32175f7033825820a931bbb236743fa 100644 |
--- a/chrome/browser/ssl/ssl_browser_tests.cc |
+++ b/chrome/browser/ssl/ssl_browser_tests.cc |
@@ -1185,6 +1185,44 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRunsCachedInsecureContent) { |
AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); |
} |
+IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInlineUsingInvalidCertificate) { |
+ ASSERT_TRUE(https_server_mismatched_.Start()); |
+ ASSERT_TRUE(https_server_.Start()); |
+ |
+ // Load the image using insecure server. |
+ GURL url(https_server_mismatched_.GetURL("files/ssl/google_files/logo.gif")); |
+ ui_test_utils::NavigateToURL(browser(), url); |
+ |
+ WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
+ CheckAuthenticationBrokenState(tab, |
+ net::CERT_STATUS_COMMON_NAME_INVALID, |
+ AuthState::SHOWING_INTERSTITIAL); |
+ ProceedThroughInterstitial(tab); |
+ CheckAuthenticationBrokenState( |
+ tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE); |
+ |
+ // Load the webpage using secure server. |
+ std::string replacement_path; |
+ ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( |
+ "files/ssl/page_with_dynamic_insecure_content.html", |
+ https_server_mismatched_.host_port_pair(), |
+ &replacement_path)); |
+ ui_test_utils::NavigateToURL(browser(), |
+ https_server_.GetURL(replacement_path)); |
+ CheckAuthenticatedState(tab, AuthState::NONE); |
+ EXPECT_FALSE(tab->DisplayedInsecureContent()); |
+ |
+ // Load the inline image using insecure server. |
+ bool js_result = false; |
+ EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
+ tab, "loadBadImage('https');", &js_result)); |
+ EXPECT_TRUE(js_result); |
+ |
+ // Page security should be downgraded. |
+ CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); |
+ EXPECT_TRUE(tab->DisplayedInsecureContent()); |
+} |
+ |
// This test ensures the CN invalid status does not 'stick' to a certificate |
// (see bug #1044942) and that it depends on the host-name. |
// Test if disabled due to flakiness http://crbug.com/368280 . |
@@ -1566,7 +1604,9 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, TestBadFrameNavigation) { |
// We should still be authentication broken. |
CheckAuthenticationBrokenState( |
- tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); |
+ tab, |
+ net::CERT_STATUS_DATE_INVALID, |
+ AuthState::DISPLAYED_INSECURE_CONTENT); |
} |
// From an HTTP top frame, navigate to good and bad HTTPS (security state should |
@@ -1677,7 +1717,9 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsInWorker) { |
page_with_unsafe_worker_path)); |
CheckWorkerLoadResult(tab, true); // Worker loads insecure content |
CheckAuthenticationBrokenState( |
- tab, CertError::NONE, AuthState::RAN_INSECURE_CONTENT); |
+ tab, |
+ CertError::NONE, |
+ AuthState::RAN_INSECURE_CONTENT | AuthState::DISPLAYED_INSECURE_CONTENT); |
} |
// Test that when the browser blocks displaying insecure content (images), the |