Revert 47347 - (Original patch reviewed at http://codereview.chromium.org/206...

chrome/browser/ssl/ssl_browser_tests.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/time.h"
 #include "chrome/browser/browser.h"
 #include "chrome/browser/pref_service.h"
 #include "chrome/browser/profile.h"
 #include "chrome/browser/tab_contents/interstitial_page.h"
 #include "chrome/browser/tab_contents/navigation_entry.h"
@@ skipping 16 matching lines @@
 
   scoped_refptr<HTTPSTestServer> GoodCertServer() {
     return HTTPSTestServer::CreateGoodServer(kDocRoot);
   }
 
   scoped_refptr<HTTPSTestServer> BadCertServer() {
     return HTTPSTestServer::CreateExpiredServer(kDocRoot);
   }
 
   void CheckAuthenticatedState(TabContents* tab,
-                               bool displayed_mixed_content) {
+                               bool mixed_content) {
     NavigationEntry* entry = tab->controller().GetActiveEntry();
     ASSERT_TRUE(entry);
     EXPECT_EQ(NavigationEntry::NORMAL_PAGE, entry->page_type());
     EXPECT_EQ(SECURITY_STYLE_AUTHENTICATED, entry->ssl().security_style());
     EXPECT_EQ(0, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS);
-    EXPECT_EQ(displayed_mixed_content, entry->ssl().displayed_mixed_content());
-    EXPECT_FALSE(entry->ssl().ran_mixed_content());
+    EXPECT_EQ(mixed_content, entry->ssl().has_mixed_content());
   }
 
   void CheckUnauthenticatedState(TabContents* tab) {
     NavigationEntry* entry = tab->controller().GetActiveEntry();
     ASSERT_TRUE(entry);
     EXPECT_EQ(NavigationEntry::NORMAL_PAGE, entry->page_type());
     EXPECT_EQ(SECURITY_STYLE_UNAUTHENTICATED, entry->ssl().security_style());
     EXPECT_EQ(0, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS);
-    EXPECT_FALSE(entry->ssl().displayed_mixed_content());
-    EXPECT_FALSE(entry->ssl().ran_mixed_content());
+    EXPECT_FALSE(entry->ssl().has_mixed_content());
   }
 
   void CheckAuthenticationBrokenState(TabContents* tab,
                                       int error,
-                                      bool ran_mixed_content,
                                       bool interstitial) {
     NavigationEntry* entry = tab->controller().GetActiveEntry();
     ASSERT_TRUE(entry);
     EXPECT_EQ(interstitial ? NavigationEntry::INTERSTITIAL_PAGE :
                              NavigationEntry::NORMAL_PAGE,
               entry->page_type());
     EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN,
               entry->ssl().security_style());
     // CERT_STATUS_UNABLE_TO_CHECK_REVOCATION doesn't lower the security style
     // to SECURITY_STYLE_AUTHENTICATION_BROKEN.
     ASSERT_NE(net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, error);
     EXPECT_EQ(error, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS);
-    EXPECT_FALSE(entry->ssl().displayed_mixed_content());
-    EXPECT_EQ(ran_mixed_content, entry->ssl().ran_mixed_content());
+    EXPECT_FALSE(entry->ssl().has_mixed_content());
   }
 
   void CheckWorkerLoadResult(TabContents* tab, bool expectLoaded) {
     // Workers are async and we don't have notifications for them passing
     // messages since they do it between renderer and worker processes.
     // So have a polling loop, check every 200ms, timeout at 30s.
     const int timeout_ms = 200;
     base::Time timeToQuit = base::Time::Now() +
         base::TimeDelta::FromMilliseconds(30000);
 
@@ skipping 73 matching lines @@
 
 // Visits a page with https error and proceed:
 IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPSExpiredCertAndProceed) {
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   ui_test_utils::NavigateToURL(browser(),
       bad_https_server->TestServerPage("files/ssl/google.html"));
 
   TabContents* tab = browser()->GetSelectedTabContents();
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing
 
   ProceedThroughInterstitial(tab);
 
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  false);  // No interstitial showing
 }
 
 // Visits a page with https error and don't proceed (and ensure we can still
 // navigate at that point):
 // Marked as flaky, see bug 40932.
 // Disabled, flakily exceeds test timeout, http://crbug.com/43575.
 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestHTTPSExpiredCertAndDontProceed) {
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
@@ skipping 18 matching lines @@
   GURL::Replacements replacements;
   std::string new_host("localhost");
   replacements.SetHostStr(new_host);
   cross_site_url = cross_site_url.ReplaceComponents(replacements);
 
   // Now go to a bad HTTPS page.
   ui_test_utils::NavigateToURL(browser(), cross_site_url);
 
   // An interstitial should be showing.
   CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
-                                 false, true);
+                                 true);  // Interstitial showing.
 
   // Simulate user clicking "Take me back".
   InterstitialPage* interstitial_page = tab->interstitial_page();
   ASSERT_TRUE(interstitial_page);
   interstitial_page->DontProceed();
 
   // We should be back to the original good page.
   CheckAuthenticatedState(tab, false);
 
   // Try to navigate to a new page. (to make sure bug 5800 is fixed).
@@ skipping 12 matching lines @@
   // First navigate to an HTTP page.
   ui_test_utils::NavigateToURL(browser(),
       http_server->TestServerPage("files/ssl/google.html"));
   TabContents* tab = browser()->GetSelectedTabContents();
   NavigationEntry* entry = tab->controller().GetActiveEntry();
   ASSERT_TRUE(entry);
 
   // Now go to a bad HTTPS page that shows an interstitial.
   ui_test_utils::NavigateToURL(browser(),
       bad_https_server->TestServerPage("files/ssl/google.html"));
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing
 
   // Simulate user clicking on back button (crbug.com/39248).
   browser()->GoBack(CURRENT_TAB);
 
   // We should be back at the original good page.
   EXPECT_FALSE(browser()->GetSelectedTabContents()->interstitial_page());
   CheckUnauthenticatedState(tab);
 }
 
 // Visits a page with https error and then goes back using GoToOffset.
 // Marked as flaky, see bug 40932.
 IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestHTTPSExpiredCertAndGoBackViaMenu) {
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   // First navigate to an HTTP page.
   ui_test_utils::NavigateToURL(browser(),
       http_server->TestServerPage("files/ssl/google.html"));
   TabContents* tab = browser()->GetSelectedTabContents();
   NavigationEntry* entry = tab->controller().GetActiveEntry();
   ASSERT_TRUE(entry);
 
   // Now go to a bad HTTPS page that shows an interstitial.
   ui_test_utils::NavigateToURL(browser(),
       bad_https_server->TestServerPage("files/ssl/google.html"));
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing
 
   // Simulate user clicking and holding on back button (crbug.com/37215).
   tab->controller().GoToOffset(-1);
 
   // We should be back at the original good page.
   EXPECT_FALSE(browser()->GetSelectedTabContents()->interstitial_page());
   CheckUnauthenticatedState(tab);
 }
 
@@ skipping 19 matching lines @@
   // Now go back so that a page is in the forward history.
   tab->controller().GoBack();
   ui_test_utils::WaitForNavigation(&(tab->controller()));
   ASSERT_TRUE(tab->controller().CanGoForward());
   NavigationEntry* entry3 = tab->controller().GetActiveEntry();
   ASSERT_TRUE(entry1 == entry3);
 
   // Now go to a bad HTTPS page that shows an interstitial.
   ui_test_utils::NavigateToURL(browser(),
       bad_https_server->TestServerPage("files/ssl/google.html"));
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing
 
   // Simulate user clicking and holding on forward button.
   tab->controller().GoToOffset(1);
   ui_test_utils::WaitForNavigation(&(tab->controller()));
 
   // We should be showing the second good page.
   EXPECT_FALSE(browser()->GetSelectedTabContents()->interstitial_page());
   CheckUnauthenticatedState(tab);
   EXPECT_FALSE(tab->controller().CanGoForward());
@@ skipping 41 matching lines @@
       &(browser()->GetSelectedTabContents()->controller()));
 
   // We should have an interstitial page showing.
   ASSERT_TRUE(browser()->GetSelectedTabContents()->interstitial_page());
 }
 
 //
 // Mixed contents
 //
 
-// Visits a page that displays mixed content.
-IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysMixedContent) {
+// Visits a page with mixed content.
+IN_PROC_BROWSER_TEST_F(SSLUITest, TestMixedContents) {
   scoped_refptr<HTTPSTestServer> https_server = GoodCertServer();
   ASSERT_TRUE(https_server.get() != NULL);
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
 
-  // Load a page that displays mixed content.
+  // Load a page with mixed-content, the default behavior is to show the mixed
+  // content.
   ui_test_utils::NavigateToURL(browser(), https_server->TestServerPage(
-                               "files/ssl/page_displays_mixed_content.html"));
+                               "files/ssl/page_with_mixed_contents.html"));
 
   CheckAuthenticatedState(browser()->GetSelectedTabContents(), true);
 }
 
-// Visits a page that runs mixed content and tries to suppress the mixed content
-// warnings by randomizing location.hash.
+// Visits a page with an http script that tries to suppress our mixed content
+// warnings by randomize location.hash.
 // Based on http://crbug.com/8706
-IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsMixedContentRandomizeHash) {
+IN_PROC_BROWSER_TEST_F(SSLUITest, TestMixedContentsRandomizeHash) {
   scoped_refptr<HTTPSTestServer> https_server = GoodCertServer();
   ASSERT_TRUE(https_server.get() != NULL);
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
 
   ui_test_utils::NavigateToURL(browser(),
-      https_server->TestServerPage("files/ssl/page_runs_mixed_content.html"));
+      https_server->TestServerPage("files/ssl/page_with_http_script.html"));
 
-  CheckAuthenticationBrokenState(browser()->GetSelectedTabContents(), 0, true,
-                                 false);
+  CheckAuthenticatedState(browser()->GetSelectedTabContents(), true);
 }
 
 // Visits a page with unsafe content and make sure that:
 // - frames content is replaced with warning
 // - images and scripts are filtered out entirely
 // Marked as flaky, see bug 40932.
 IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestUnsafeContents) {
   scoped_refptr<HTTPSTestServer> good_https_server = GoodCertServer();
   ASSERT_TRUE(good_https_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
@@ skipping 18 matching lines @@
   EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractInt(
       tab->render_view_host(), std::wstring(),
       L"window.domAutomationController.send(ImageWidth());", &img_width));
   // In order to check that the image was not loaded, we check its width.
   // The actual image (Google logo) is 114 pixels wide, we assume the broken
   // image is less than 100.
   EXPECT_LT(img_width, 100);
 
   bool js_result = false;
   EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool(
-      tab->render_view_host(), std::wstring(),
+      tab->render_view_host(), L"",
       L"window.domAutomationController.send(IsFooSet());", &js_result));
   EXPECT_FALSE(js_result);
 }
 
 // Visits a page with mixed content loaded by JS (after the initial page load).
-IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysMixedContentLoadedFromJS) {
+IN_PROC_BROWSER_TEST_F(SSLUITest, TestMixedContentsLoadedFromJS) {
   scoped_refptr<HTTPSTestServer> https_server = GoodCertServer();
   ASSERT_TRUE(https_server.get() != NULL);
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
 
   ui_test_utils::NavigateToURL(browser(), https_server->TestServerPage(
       "files/ssl/page_with_dynamic_mixed_contents.html"));
 
   TabContents* tab = browser()->GetSelectedTabContents();
   CheckAuthenticatedState(tab, false);
 
   // Load the insecure image.
   bool js_result = false;
   EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool(
       tab->render_view_host(), std::wstring(), L"loadBadImage();", &js_result));
   EXPECT_TRUE(js_result);
 
   // We should now have mixed-contents.
   CheckAuthenticatedState(tab, true);
 }
 
-// Visits two pages from the same origin: one that displays mixed content and
-// one that doesn't.  The test checks that we do not propagate the mixed content
-// state from one to the other.
-IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysMixedContentTwoTabs) {
+// Visits two pages from the same origin: one with mixed content and one
+// without.  The test checks that we propagate the mixed content state from one
+// to the other.
+// TODO(jcampan): http://crbug.com/15072 this test fails.
+IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestMixedContentsTwoTabs) {
   scoped_refptr<HTTPSTestServer> https_server = GoodCertServer();
   ASSERT_TRUE(https_server.get() != NULL);
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
 
   ui_test_utils::NavigateToURL(browser(),
       https_server->TestServerPage("files/ssl/blank_page.html"));
 
   TabContents* tab1 = browser()->GetSelectedTabContents();
 
   // This tab should be fine.
   CheckAuthenticatedState(tab1, false);
 
   // Create a new tab.
-  GURL url = https_server->TestServerPage(
-      "files/ssl/page_displays_mixed_content.html");
+  GURL url =
+      https_server->TestServerPage("files/ssl/page_with_http_script.html");
   TabContents* tab2 = browser()->AddTabWithURL(url, GURL(),
-      PageTransition::TYPED, 0, Browser::ADD_SELECTED, tab1->GetSiteInstance(),
-      std::string());
+      PageTransition::TYPED, 0, Browser::ADD_SELECTED, NULL, std::string());
   ui_test_utils::WaitForNavigation(&(tab2->controller()));
 
   // The new tab has mixed content.
   CheckAuthenticatedState(tab2, true);
 
-  // The original tab should not be contaminated.
-  CheckAuthenticatedState(tab1, false);
-}
-
-// Visits two pages from the same origin: one that runs mixed content and one
-// that doesn't.  The test checks that we propagate the mixed content state from
-// one to the other.
-IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsMixedContentTwoTabs) {
-  scoped_refptr<HTTPSTestServer> https_server = GoodCertServer();
-  ASSERT_TRUE(https_server.get() != NULL);
-  scoped_refptr<HTTPTestServer> http_server = PlainServer();
-  ASSERT_TRUE(http_server.get() != NULL);
-
-  ui_test_utils::NavigateToURL(browser(),
-      https_server->TestServerPage("files/ssl/blank_page.html"));
-
-  TabContents* tab1 = browser()->GetSelectedTabContents();
-
-  // This tab should be fine.
-  CheckAuthenticatedState(tab1, false);
-
-  // Create a new tab.
-  GURL url =
-      https_server->TestServerPage("files/ssl/page_runs_mixed_content.html");
-  TabContents* tab2 = browser()->AddTabWithURL(url, GURL(),
-      PageTransition::TYPED, 0, Browser::ADD_SELECTED, tab1->GetSiteInstance(),
-      std::string());
-  ui_test_utils::WaitForNavigation(&(tab2->controller()));
-
-  // The new tab has mixed content.
-  CheckAuthenticationBrokenState(tab2, 0, true, false);
-
   // Which means the origin for the first tab has also been contaminated with
   // mixed content.
-  CheckAuthenticationBrokenState(tab1, 0, true, false);
+  CheckAuthenticatedState(tab1, true);
 }
 
 // Visits a page with an image over http.  Visits another page over https
 // referencing that same image over http (hoping it is coming from the webcore
 // memory cache).
-IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysCachedMixedContent) {
+IN_PROC_BROWSER_TEST_F(SSLUITest, TestCachedMixedContents) {
   scoped_refptr<HTTPSTestServer> https_server = GoodCertServer();
   ASSERT_TRUE(https_server.get() != NULL);
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
 
   ui_test_utils::NavigateToURL(browser(), http_server->TestServerPage(
-      "files/ssl/page_displays_mixed_content.html"));
+      "files/ssl/page_with_mixed_contents.html"));
   TabContents* tab = browser()->GetSelectedTabContents();
   CheckUnauthenticatedState(tab);
 
-  // Load again but over SSL.  It should be marked as displaying mixed content
-  // (even though the image comes from the WebCore memory cache).
+  // Load again but over SSL.  It should have mixed-contents (even though the
+  // image comes from the WebCore memory cache).
   ui_test_utils::NavigateToURL(browser(), https_server->TestServerPage(
-      "files/ssl/page_displays_mixed_content.html"));
+      "files/ssl/page_with_mixed_contents.html"));
   CheckAuthenticatedState(tab, true);
 }
 
-// Visits a page with script over http.  Visits another page over https
-// referencing that same script over http (hoping it is coming from the webcore
-// memory cache).
-IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsCachedMixedContent) {
-  scoped_refptr<HTTPSTestServer> https_server = GoodCertServer();
-  ASSERT_TRUE(https_server.get() != NULL);
-  scoped_refptr<HTTPTestServer> http_server = PlainServer();
-  ASSERT_TRUE(http_server.get() != NULL);
-
-  ui_test_utils::NavigateToURL(browser(),
-      http_server->TestServerPage("files/ssl/page_runs_mixed_content.html"));
-  TabContents* tab = browser()->GetSelectedTabContents();
-  CheckUnauthenticatedState(tab);
-
-  // Load again but over SSL.  It should be marked as displaying mixed content
-  // (even though the image comes from the WebCore memory cache).
-  ui_test_utils::NavigateToURL(browser(),
-      https_server->TestServerPage("files/ssl/page_runs_mixed_content.html"));
-  CheckAuthenticationBrokenState(tab, 0, true, false);
-}
-
 // This test ensures the CN invalid status does not 'stick' to a certificate
 // (see bug #1044942) and that it depends on the host-name.
 IN_PROC_BROWSER_TEST_F(SSLUITest, TestCNInvalidStickiness) {
   const std::string kLocalHost = "localhost";
   scoped_refptr<HTTPSTestServer> https_server =
       HTTPSTestServer::CreateMismatchedServer(kDocRoot);
   ASSERT_TRUE(https_server.get() != NULL);
 
   // First we hit the server with hostname, this generates an invalid policy
   // error.
   ui_test_utils::NavigateToURL(browser(),
       https_server->TestServerPage("files/ssl/google.html"));
 
   // We get an interstitial page as a result.
   TabContents* tab = browser()->GetSelectedTabContents();
   CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
-                                 false, true);  // Interstitial showing.
+                                 true);  // Interstitial showing.
 
   ProceedThroughInterstitial(tab);
 
   CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
-                                 false, false);  // No interstitial showing.
+                                 false);  // No interstitial showing.
 
   // Now we try again with the right host name this time.
 
   // Let's change the host-name in the url.
   GURL url = https_server->TestServerPage("files/ssl/google.html");
   std::string::size_type hostname_index = url.spec().find(kLocalHost);
   ASSERT_TRUE(hostname_index != std::string::npos);  // Test sanity check.
   std::string new_url;
   new_url.append(url.spec().substr(0, hostname_index));
   new_url.append(net::TestServerLauncher::kHostName);
   new_url.append(url.spec().substr(hostname_index + kLocalHost.size()));
 
   ui_test_utils::NavigateToURL(browser(), GURL(new_url));
 
   // Security state should be OK.
   CheckAuthenticatedState(tab, false);
 
   // Now try again the broken one to make sure it is still broken.
   ui_test_utils::NavigateToURL(browser(),
       https_server->TestServerPage("files/ssl/google.html"));
 
   // Since we OKed the interstitial last time, we get right to the page.
   CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
-                                 false, false);  // No interstitial showing.
+                                 false);  // No interstitial showing.
 }
 
 // Test that navigating to a #ref does not change a bad security state.
 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRefNavigation) {
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   ui_test_utils::NavigateToURL(browser(),
       bad_https_server->TestServerPage("files/ssl/page_with_refs.html"));
 
   TabContents* tab = browser()->GetSelectedTabContents();
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing.
 
   ProceedThroughInterstitial(tab);
 
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  false);  // No interstitial showing.
 
   // Now navigate to a ref in the page, the security state should not have
   // changed.
   ui_test_utils::NavigateToURL(browser(),
       bad_https_server->TestServerPage("files/ssl/page_with_refs.html#jp"));
 
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  false);  // No interstitial showing.
 }
 
 // Tests that closing a page that has a unsafe pop-up does not crash the
 // browser (bug #1966).
 // TODO(jcampan): http://crbug.com/2136 disabled because the popup is not
 //                opened as it is not initiated by a user gesture.
 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCloseTabWithUnsafePopup) {
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
@@ skipping 35 matching lines @@
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   GURL url1 = bad_https_server->TestServerPage("server-redirect?");
   GURL url2 = good_https_server->TestServerPage("files/ssl/google.html");
 
   ui_test_utils::NavigateToURL(browser(), GURL(url1.spec() + url2.spec()));
 
   TabContents* tab = browser()->GetSelectedTabContents();
 
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing.
 
   ProceedThroughInterstitial(tab);
 
   // We have been redirected to the good page.
   CheckAuthenticatedState(tab, false);
 }
 
 // Visit a page over good https that is a redirect to a page with bad https.
 // Marked as flaky, see bug 40932.
 IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestRedirectGoodToBadHTTPS) {
   scoped_refptr<HTTPSTestServer> good_https_server = GoodCertServer();
   ASSERT_TRUE(good_https_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   GURL url1 = good_https_server->TestServerPage("server-redirect?");
   GURL url2 = bad_https_server->TestServerPage("files/ssl/google.html");
   ui_test_utils::NavigateToURL(browser(), GURL(url1.spec() + url2.spec()));
 
   TabContents* tab = browser()->GetSelectedTabContents();
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing.
 
   ProceedThroughInterstitial(tab);
 
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  false);  // No interstitial showing.
 }
 
 // Visit a page over http that is a redirect to a page with good HTTPS.
 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRedirectHTTPToGoodHTTPS) {
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> good_https_server = GoodCertServer();
   ASSERT_TRUE(good_https_server.get() != NULL);
 
@@ skipping 16 matching lines @@
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   TabContents* tab = browser()->GetSelectedTabContents();
 
   GURL http_url = http_server->TestServerPage("server-redirect?");
   GURL bad_https_url =
       bad_https_server->TestServerPage("files/ssl/google.html");
   ui_test_utils::NavigateToURL(browser(),
                                GURL(http_url.spec() + bad_https_url.spec()));
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing.
 
   ProceedThroughInterstitial(tab);
 
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  false);  // No interstitial showing.
 }
 
 // Visit a page over https that is a redirect to a page with http (to make sure
 // we don't keep the secure state).
 // Marked as flaky, see bug 40932.
 IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestRedirectHTTPSToHTTP) {
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> https_server = GoodCertServer();
@@ skipping 20 matching lines @@
 
 //
 // Frame navigation
 //
 
 // From a good HTTPS top frame:
 // - navigate to an OK HTTPS frame
 // - navigate to a bad HTTPS (expect unsafe content and filtered frame), then
 //   back
 // - navigate to HTTP (expect mixed content), then back
-IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestGoodFrameNavigation) {
+IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestGoodFrameNavigation) {
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> good_https_server = GoodCertServer();
   ASSERT_TRUE(good_https_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   TabContents* tab = browser()->GetSelectedTabContents();
   ui_test_utils::NavigateToURL(browser(),
       good_https_server->TestServerPage("files/ssl/top_frame.html"));
@@ skipping 60 matching lines @@
 // Marked as flaky, see bug 40932.
 IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestBadFrameNavigation) {
   scoped_refptr<HTTPSTestServer> good_https_server = GoodCertServer();
   ASSERT_TRUE(good_https_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   TabContents* tab = browser()->GetSelectedTabContents();
   ui_test_utils::NavigateToURL(browser(),
       bad_https_server->TestServerPage("files/ssl/top_frame.html"));
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing
 
   ProceedThroughInterstitial(tab);
 
   // Navigate to a good frame.
   bool success = false;
   EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool(
       tab->render_view_host(), std::wstring(),
       L"window.domAutomationController.send(clickLink('goodHTTPSLink'));",
       &success));
   EXPECT_TRUE(success);
   ui_test_utils::WaitForNavigation(&tab->controller());
 
   // We should still be authentication broken.
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
-                                 false);
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false);
 }
 
 // From an HTTP top frame, navigate to good and bad HTTPS (security state should
 // stay unauthenticated).
 // Marked as flaky, see bug 40932.
 // Disabled, flakily exceeds test timeout, http://crbug.com/43437.
 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestUnauthenticatedFrameNavigation) {
   scoped_refptr<HTTPTestServer> http_server = PlainServer();
   ASSERT_TRUE(http_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> good_https_server = GoodCertServer();
@@ skipping 63 matching lines @@
   scoped_refptr<HTTPSTestServer> good_https_server = GoodCertServer();
   ASSERT_TRUE(good_https_server.get() != NULL);
   scoped_refptr<HTTPSTestServer> bad_https_server = BadCertServer();
   ASSERT_TRUE(bad_https_server.get() != NULL);
 
   // Navigate to an unsafe site. Proceed with interstitial page to indicate
   // the user approves the bad certificate.
   ui_test_utils::NavigateToURL(browser(),
       bad_https_server->TestServerPage("files/ssl/blank_page.html"));
   TabContents* tab = browser()->GetSelectedTabContents();
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  true);  // Interstitial showing
   ProceedThroughInterstitial(tab);
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false,
+  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
                                  false);  // No Interstitial
 
   // Navigate to safe page that has Worker loading unsafe content.
-  // Expect content to load but be marked as auth broken due to running mixed
-  // content.
+  // Expect content to load but 'mixed' indicators show up.
   ui_test_utils::NavigateToURL(browser(), good_https_server->TestServerPage(
       "files/ssl/page_with_unsafe_worker.html"));
   CheckWorkerLoadResult(tab, true);  // Worker loads mixed content
-  CheckAuthenticationBrokenState(tab, 0, true, false);
+  CheckAuthenticatedState(tab, true);
 }
 
 // TODO(jcampan): more tests to do below.
 
 // Visit a page over https that contains a frame with a redirect.
 
 // XMLHttpRequest mixed in synchronous mode.
 
 // XMLHttpRequest mixed in asynchronous mode.
 
 // XMLHttpRequest over bad ssl in synchronous mode.
 
 // XMLHttpRequest over OK ssl in synchronous mode.