Index: net/http/transport_security_state_unittest.cc |
diff --git a/net/http/transport_security_state_unittest.cc b/net/http/transport_security_state_unittest.cc |
index 9f092d84a8462f27928f5630af1fd225c51681d9..5ad45571d03cff3f436e284adc9f047b078e0211 100644 |
--- a/net/http/transport_security_state_unittest.cc |
+++ b/net/http/transport_security_state_unittest.cc |
@@ -1288,6 +1288,24 @@ TEST_F(TransportSecurityStateTest, HPKPReporting) { |
EXPECT_EQ(std::string(), mock_report_sender.latest_report()); |
EXPECT_FALSE(state.CheckPublicKeyPins( |
+ host_port_pair, false, bad_hashes, cert1.get(), cert2.get(), |
+ TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); |
+ |
+ // No report should have been sent because the certificate chained to a |
+ // non-public root. |
+ EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri()); |
+ EXPECT_EQ(std::string(), mock_report_sender.latest_report()); |
+ |
+ EXPECT_TRUE(state.CheckPublicKeyPins( |
+ host_port_pair, false, good_hashes, cert1.get(), cert2.get(), |
+ TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); |
+ |
+ // No report should have been sent because there was no violation, even though |
+ // the certificate chained to a local trust anchor. |
+ EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri()); |
+ EXPECT_EQ(std::string(), mock_report_sender.latest_report()); |
+ |
+ EXPECT_FALSE(state.CheckPublicKeyPins( |
host_port_pair, true, bad_hashes, cert1.get(), cert2.get(), |
TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); |