Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5285)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ssl/ssl_browser_tests.cc

Issue 181253003: Downgrade page security if an inline has invalid certificate. Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Review follow up: added browser test. Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/test/data/ssl/page_with_dynamic_insecure_content.html » ('j') | content/browser/web_contents/web_contents_impl.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ssl/ssl_browser_tests.cc
diff --git a/chrome/browser/ssl/ssl_browser_tests.cc b/chrome/browser/ssl/ssl_browser_tests.cc
index bcf8cf123c4db3449f87c32ae54814fd4562e198..a995e9178c21972a38c755aef5cd00215f4c70b2 100644
--- a/chrome/browser/ssl/ssl_browser_tests.cc
+++ b/chrome/browser/ssl/ssl_browser_tests.cc
@@ -1076,6 +1076,43 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRunsCachedInsecureContent) {
CheckAuthenticationBrokenState(tab, 0, true, false);
}
+IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInlineUsingInvalidCertificate) {
+ ASSERT_TRUE(https_server_mismatched_.Start());
+ ASSERT_TRUE(https_server_.Start());
+
+ // Load the image using insecure server.
+ GURL url(https_server_mismatched_.GetURL("files/ssl/google_files/logo.gif"));
+ ui_test_utils::NavigateToURL(browser(), url);
+
+ WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
+ CheckAuthenticationBrokenState(
+ tab, net::CERT_STATUS_COMMON_NAME_INVALID, false, true);
+ ProceedThroughInterstitial(tab);
+ CheckAuthenticationBrokenState(
+ tab, net::CERT_STATUS_COMMON_NAME_INVALID, false, false);
+
+ // Load the webpage using secure server.
+ std::string replacement_path;
+ ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
+ "files/ssl/page_with_dynamic_insecure_content.html",
+ https_server_mismatched_.host_port_pair(),
+ &replacement_path));
+ ui_test_utils::NavigateToURL(browser(),
+ https_server_.GetURL(replacement_path));
+ CheckAuthenticatedState(tab, false);
+ EXPECT_FALSE(tab->DisplayedInsecureContent());
+
+ // Load the inline image using insecure server.
+ bool js_result = false;
+ EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
+ tab, "loadBadImage('https');", &js_result));
+ EXPECT_TRUE(js_result);
+
+ // Page security should be downgraded.
+ CheckAuthenticatedState(tab, true);
+ EXPECT_TRUE(tab->DisplayedInsecureContent());
+}
Ryan Sleevi 2014/03/11 01:39:39 Can you add an additional test to test for 'intran
+
// This test ensures the CN invalid status does not 'stick' to a certificate
// (see bug #1044942) and that it depends on the host-name.
IN_PROC_BROWSER_TEST_F(SSLUITest, TestCNInvalidStickiness) {
« no previous file with comments | « no previous file | chrome/test/data/ssl/page_with_dynamic_insecure_content.html » ('j') | content/browser/web_contents/web_contents_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698