Index: chrome/browser/ssl/ssl_browser_tests.cc |
diff --git a/chrome/browser/ssl/ssl_browser_tests.cc b/chrome/browser/ssl/ssl_browser_tests.cc |
index 4993bb58c26e63d9a30de7806a2fa40c415eb845..d25ba790aba3a1f09150fb5a92373796b6604330 100644 |
--- a/chrome/browser/ssl/ssl_browser_tests.cc |
+++ b/chrome/browser/ssl/ssl_browser_tests.cc |
@@ -1150,6 +1150,44 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRunsCachedInsecureContent) { |
AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); |
} |
+IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInlineUsingInvalidCertificate) { |
+ ASSERT_TRUE(https_server_mismatched_.Start()); |
+ ASSERT_TRUE(https_server_.Start()); |
+ |
+ // Load the image using insecure server. |
+ GURL url(https_server_mismatched_.GetURL("files/ssl/google_files/logo.gif")); |
+ ui_test_utils::NavigateToURL(browser(), url); |
+ |
+ WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
+ CheckAuthenticationBrokenState(tab, |
+ net::CERT_STATUS_COMMON_NAME_INVALID, |
+ AuthState::SHOWING_INTERSTITIAL); |
+ ProceedThroughInterstitial(tab); |
+ CheckAuthenticationBrokenState( |
+ tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE); |
+ |
+ // Load the webpage using secure server. |
+ std::string replacement_path; |
+ ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( |
+ "files/ssl/page_with_dynamic_insecure_content.html", |
+ https_server_mismatched_.host_port_pair(), |
+ &replacement_path)); |
+ ui_test_utils::NavigateToURL(browser(), |
+ https_server_.GetURL(replacement_path)); |
+ CheckAuthenticatedState(tab, AuthState::NONE); |
+ EXPECT_FALSE(tab->DisplayedInsecureContent()); |
+ |
+ // Load the inline image using insecure server. |
+ bool js_result = false; |
+ EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
+ tab, "loadBadImage('https');", &js_result)); |
+ EXPECT_TRUE(js_result); |
+ |
+ // Page security should be downgraded. |
+ CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); |
+ EXPECT_TRUE(tab->DisplayedInsecureContent()); |
+} |
+ |
// This test ensures the CN invalid status does not 'stick' to a certificate |
// (see bug #1044942) and that it depends on the host-name. |
IN_PROC_BROWSER_TEST_F(SSLUITest, TestCNInvalidStickiness) { |