| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/strings/string_split.h" | 10 #include "base/strings/string_split.h" |
| (...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 104 int error, | 104 int error, |
| 105 Browser* browser) { | 105 Browser* browser) { |
| 106 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATION_BROKEN, | 106 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATION_BROKEN, |
| 107 observer.latest_security_style()); | 107 observer.latest_security_style()); |
| 108 | 108 |
| 109 const content::SecurityStyleExplanations& expired_explanation = | 109 const content::SecurityStyleExplanations& expired_explanation = |
| 110 observer.latest_explanations(); | 110 observer.latest_explanations(); |
| 111 EXPECT_EQ(0u, expired_explanation.unauthenticated_explanations.size()); | 111 EXPECT_EQ(0u, expired_explanation.unauthenticated_explanations.size()); |
| 112 ASSERT_EQ(1u, expired_explanation.broken_explanations.size()); | 112 ASSERT_EQ(1u, expired_explanation.broken_explanations.size()); |
| 113 EXPECT_FALSE(expired_explanation.pkp_bypassed); | 113 EXPECT_FALSE(expired_explanation.pkp_bypassed); |
| 114 EXPECT_TRUE(expired_explanation.info_explanations.empty()); |
| 114 | 115 |
| 115 // Check that the summary and description are as expected. | 116 // Check that the summary and description are as expected. |
| 116 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_CERTIFICATE_CHAIN_ERROR), | 117 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_CERTIFICATE_CHAIN_ERROR), |
| 117 expired_explanation.broken_explanations[0].summary); | 118 expired_explanation.broken_explanations[0].summary); |
| 118 | 119 |
| 119 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error)); | 120 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error)); |
| 120 EXPECT_EQ(l10n_util::GetStringFUTF8( | 121 EXPECT_EQ(l10n_util::GetStringFUTF8( |
| 121 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), | 122 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), |
| 122 expired_explanation.broken_explanations[0].description); | 123 expired_explanation.broken_explanations[0].description); |
| 123 | 124 |
| (...skipping 513 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 637 https_server_.GetURL("/ssl/google.html")); | 638 https_server_.GetURL("/ssl/google.html")); |
| 638 | 639 |
| 639 CheckSecurityInfoForSecure( | 640 CheckSecurityInfoForSecure( |
| 640 browser()->tab_strip_model()->GetActiveWebContents(), | 641 browser()->tab_strip_model()->GetActiveWebContents(), |
| 641 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, | 642 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, |
| 642 SecurityStateModel::NO_MIXED_CONTENT, true, false); | 643 SecurityStateModel::NO_MIXED_CONTENT, true, false); |
| 643 | 644 |
| 644 const content::SecurityStyleExplanations& explanation = | 645 const content::SecurityStyleExplanations& explanation = |
| 645 observer.latest_explanations(); | 646 observer.latest_explanations(); |
| 646 EXPECT_TRUE(explanation.pkp_bypassed); | 647 EXPECT_TRUE(explanation.pkp_bypassed); |
| 648 EXPECT_FALSE(explanation.info_explanations.empty()); |
| 647 } | 649 } |
| 648 | 650 |
| 649 IN_PROC_BROWSER_TEST_F(PKPModelClientTest, PKPEnforced) { | 651 IN_PROC_BROWSER_TEST_F(PKPModelClientTest, PKPEnforced) { |
| 650 content::WebContents* web_contents = | 652 content::WebContents* web_contents = |
| 651 browser()->tab_strip_model()->GetActiveWebContents(); | 653 browser()->tab_strip_model()->GetActiveWebContents(); |
| 652 SecurityStyleTestObserver observer(web_contents); | 654 SecurityStyleTestObserver observer(web_contents); |
| 653 | 655 |
| 654 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate()); | 656 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate()); |
| 655 net::CertVerifyResult verify_result; | 657 net::CertVerifyResult verify_result; |
| 656 // PKP requires |is_issued_by_known_root| to be true. | 658 // PKP requires |is_issued_by_known_root| to be true. |
| (...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 789 GURL http_url(embedded_test_server()->GetURL("/")); | 791 GURL http_url(embedded_test_server()->GetURL("/")); |
| 790 ui_test_utils::NavigateToURL(browser(), http_url); | 792 ui_test_utils::NavigateToURL(browser(), http_url); |
| 791 EXPECT_EQ(content::SECURITY_STYLE_UNAUTHENTICATED, | 793 EXPECT_EQ(content::SECURITY_STYLE_UNAUTHENTICATED, |
| 792 observer.latest_security_style()); | 794 observer.latest_security_style()); |
| 793 EXPECT_EQ(0u, | 795 EXPECT_EQ(0u, |
| 794 observer.latest_explanations().unauthenticated_explanations.size()); | 796 observer.latest_explanations().unauthenticated_explanations.size()); |
| 795 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | 797 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); |
| 796 EXPECT_EQ(0u, observer.latest_explanations().secure_explanations.size()); | 798 EXPECT_EQ(0u, observer.latest_explanations().secure_explanations.size()); |
| 797 EXPECT_FALSE(observer.latest_explanations().scheme_is_cryptographic); | 799 EXPECT_FALSE(observer.latest_explanations().scheme_is_cryptographic); |
| 798 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 800 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 801 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 799 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); | 802 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); |
| 800 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); | 803 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); |
| 801 | 804 |
| 802 // Visit an (otherwise valid) HTTPS page that displays mixed content. | 805 // Visit an (otherwise valid) HTTPS page that displays mixed content. |
| 803 std::string replacement_path; | 806 std::string replacement_path; |
| 804 GetFilePathWithHostAndPortReplacement( | 807 GetFilePathWithHostAndPortReplacement( |
| 805 "/ssl/page_displays_insecure_content.html", | 808 "/ssl/page_displays_insecure_content.html", |
| 806 embedded_test_server()->host_port_pair(), &replacement_path); | 809 embedded_test_server()->host_port_pair(), &replacement_path); |
| 807 | 810 |
| 808 GURL mixed_content_url(https_server_.GetURL(replacement_path)); | 811 GURL mixed_content_url(https_server_.GetURL(replacement_path)); |
| 809 ui_test_utils::NavigateToURL(browser(), mixed_content_url); | 812 ui_test_utils::NavigateToURL(browser(), mixed_content_url); |
| 810 EXPECT_EQ(content::SECURITY_STYLE_UNAUTHENTICATED, | 813 EXPECT_EQ(content::SECURITY_STYLE_UNAUTHENTICATED, |
| 811 observer.latest_security_style()); | 814 observer.latest_security_style()); |
| 812 | 815 |
| 813 const content::SecurityStyleExplanations& mixed_content_explanation = | 816 const content::SecurityStyleExplanations& mixed_content_explanation = |
| 814 observer.latest_explanations(); | 817 observer.latest_explanations(); |
| 815 ASSERT_EQ(0u, mixed_content_explanation.unauthenticated_explanations.size()); | 818 ASSERT_EQ(0u, mixed_content_explanation.unauthenticated_explanations.size()); |
| 816 ASSERT_EQ(0u, mixed_content_explanation.broken_explanations.size()); | 819 ASSERT_EQ(0u, mixed_content_explanation.broken_explanations.size()); |
| 817 CheckSecureExplanations(mixed_content_explanation.secure_explanations, | 820 CheckSecureExplanations(mixed_content_explanation.secure_explanations, |
| 818 VALID_CERTIFICATE, browser()); | 821 VALID_CERTIFICATE, browser()); |
| 819 EXPECT_TRUE(mixed_content_explanation.scheme_is_cryptographic); | 822 EXPECT_TRUE(mixed_content_explanation.scheme_is_cryptographic); |
| 820 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 823 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 824 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 821 EXPECT_TRUE(mixed_content_explanation.displayed_insecure_content); | 825 EXPECT_TRUE(mixed_content_explanation.displayed_insecure_content); |
| 822 EXPECT_FALSE(mixed_content_explanation.ran_insecure_content); | 826 EXPECT_FALSE(mixed_content_explanation.ran_insecure_content); |
| 823 EXPECT_EQ(content::SECURITY_STYLE_UNAUTHENTICATED, | 827 EXPECT_EQ(content::SECURITY_STYLE_UNAUTHENTICATED, |
| 824 mixed_content_explanation.displayed_insecure_content_style); | 828 mixed_content_explanation.displayed_insecure_content_style); |
| 825 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATION_BROKEN, | 829 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATION_BROKEN, |
| 826 mixed_content_explanation.ran_insecure_content_style); | 830 mixed_content_explanation.ran_insecure_content_style); |
| 827 | 831 |
| 828 // Visit a broken HTTPS url. | 832 // Visit a broken HTTPS url. |
| 829 GURL expired_url(https_test_server_expired.GetURL(std::string("/"))); | 833 GURL expired_url(https_test_server_expired.GetURL(std::string("/"))); |
| 830 ui_test_utils::NavigateToURL(browser(), expired_url); | 834 ui_test_utils::NavigateToURL(browser(), expired_url); |
| 831 | 835 |
| 832 // An interstitial should show, and an event for the lock icon on the | 836 // An interstitial should show, and an event for the lock icon on the |
| 833 // interstitial should fire. | 837 // interstitial should fire. |
| 834 content::WaitForInterstitialAttach(web_contents); | 838 content::WaitForInterstitialAttach(web_contents); |
| 835 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); | 839 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); |
| 836 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser()); | 840 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser()); |
| 837 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 841 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 838 INVALID_CERTIFICATE, browser()); | 842 INVALID_CERTIFICATE, browser()); |
| 839 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 843 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 840 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 844 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 845 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 841 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); | 846 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); |
| 842 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); | 847 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); |
| 843 | 848 |
| 844 // Before clicking through, navigate to a different page, and then go | 849 // Before clicking through, navigate to a different page, and then go |
| 845 // back to the interstitial. | 850 // back to the interstitial. |
| 846 GURL valid_https_url(https_server_.GetURL(std::string("/"))); | 851 GURL valid_https_url(https_server_.GetURL(std::string("/"))); |
| 847 ui_test_utils::NavigateToURL(browser(), valid_https_url); | 852 ui_test_utils::NavigateToURL(browser(), valid_https_url); |
| 848 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATED, | 853 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATED, |
| 849 observer.latest_security_style()); | 854 observer.latest_security_style()); |
| 850 EXPECT_EQ(0u, | 855 EXPECT_EQ(0u, |
| 851 observer.latest_explanations().unauthenticated_explanations.size()); | 856 observer.latest_explanations().unauthenticated_explanations.size()); |
| 852 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | 857 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); |
| 853 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 858 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 854 VALID_CERTIFICATE, browser()); | 859 VALID_CERTIFICATE, browser()); |
| 855 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 860 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 856 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 861 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 862 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 857 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); | 863 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); |
| 858 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); | 864 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); |
| 859 | 865 |
| 860 // After going back to the interstitial, an event for a broken lock | 866 // After going back to the interstitial, an event for a broken lock |
| 861 // icon should fire again. | 867 // icon should fire again. |
| 862 ui_test_utils::NavigateToURL(browser(), expired_url); | 868 ui_test_utils::NavigateToURL(browser(), expired_url); |
| 863 content::WaitForInterstitialAttach(web_contents); | 869 content::WaitForInterstitialAttach(web_contents); |
| 864 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); | 870 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); |
| 865 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser()); | 871 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser()); |
| 866 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 872 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 867 INVALID_CERTIFICATE, browser()); | 873 INVALID_CERTIFICATE, browser()); |
| 868 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 874 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 869 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 875 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 876 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 870 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); | 877 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); |
| 871 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); | 878 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); |
| 872 | 879 |
| 873 // Since the next expected style is the same as the previous, clear | 880 // Since the next expected style is the same as the previous, clear |
| 874 // the observer (to make sure that the event fires twice and we don't | 881 // the observer (to make sure that the event fires twice and we don't |
| 875 // just see the previous event's style). | 882 // just see the previous event's style). |
| 876 observer.ClearLatestSecurityStyleAndExplanations(); | 883 observer.ClearLatestSecurityStyleAndExplanations(); |
| 877 | 884 |
| 878 // Other conditions cannot be tested on this host after clicking | 885 // Other conditions cannot be tested on this host after clicking |
| 879 // through because once the interstitial is clicked through, all URLs | 886 // through because once the interstitial is clicked through, all URLs |
| 880 // for this host will remain in a broken state. | 887 // for this host will remain in a broken state. |
| 881 ProceedThroughInterstitial(web_contents); | 888 ProceedThroughInterstitial(web_contents); |
| 882 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser()); | 889 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser()); |
| 883 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 890 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 884 INVALID_CERTIFICATE, browser()); | 891 INVALID_CERTIFICATE, browser()); |
| 885 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 892 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 886 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 893 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 894 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 887 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); | 895 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); |
| 888 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); | 896 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); |
| 889 } | 897 } |
| 890 | 898 |
| 891 // Visit a valid HTTPS page, then a broken HTTPS page, and then go back, | 899 // Visit a valid HTTPS page, then a broken HTTPS page, and then go back, |
| 892 // and test that the observed security style matches. | 900 // and test that the observed security style matches. |
| 893 IN_PROC_BROWSER_TEST_F(SecurityStyleChangedTest, | 901 IN_PROC_BROWSER_TEST_F(SecurityStyleChangedTest, |
| 894 SecurityStyleChangedObserverGoBack) { | 902 SecurityStyleChangedObserverGoBack) { |
| 895 ASSERT_TRUE(https_server_.Start()); | 903 ASSERT_TRUE(https_server_.Start()); |
| 896 | 904 |
| (...skipping 13 matching lines...) Expand all Loading... |
| 910 ui_test_utils::NavigateToURL(browser(), valid_https_url); | 918 ui_test_utils::NavigateToURL(browser(), valid_https_url); |
| 911 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATED, | 919 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATED, |
| 912 observer.latest_security_style()); | 920 observer.latest_security_style()); |
| 913 EXPECT_EQ(0u, | 921 EXPECT_EQ(0u, |
| 914 observer.latest_explanations().unauthenticated_explanations.size()); | 922 observer.latest_explanations().unauthenticated_explanations.size()); |
| 915 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | 923 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); |
| 916 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 924 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 917 VALID_CERTIFICATE, browser()); | 925 VALID_CERTIFICATE, browser()); |
| 918 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 926 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 919 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 927 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 928 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 920 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); | 929 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); |
| 921 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); | 930 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); |
| 922 | 931 |
| 923 // Navigate to a bad HTTPS page on a different host, and then click | 932 // Navigate to a bad HTTPS page on a different host, and then click |
| 924 // Back to verify that the previous good security style is seen again. | 933 // Back to verify that the previous good security style is seen again. |
| 925 GURL expired_https_url(https_test_server_expired.GetURL(std::string("/"))); | 934 GURL expired_https_url(https_test_server_expired.GetURL(std::string("/"))); |
| 926 host_resolver()->AddRule("www.example_broken.test", "127.0.0.1"); | 935 host_resolver()->AddRule("www.example_broken.test", "127.0.0.1"); |
| 927 GURL::Replacements replace_host; | 936 GURL::Replacements replace_host; |
| 928 replace_host.SetHostStr("www.example_broken.test"); | 937 replace_host.SetHostStr("www.example_broken.test"); |
| 929 GURL https_url_different_host = | 938 GURL https_url_different_host = |
| 930 expired_https_url.ReplaceComponents(replace_host); | 939 expired_https_url.ReplaceComponents(replace_host); |
| 931 | 940 |
| 932 ui_test_utils::NavigateToURL(browser(), https_url_different_host); | 941 ui_test_utils::NavigateToURL(browser(), https_url_different_host); |
| 933 | 942 |
| 934 content::WaitForInterstitialAttach(web_contents); | 943 content::WaitForInterstitialAttach(web_contents); |
| 935 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); | 944 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); |
| 936 CheckBrokenSecurityStyle(observer, net::ERR_CERT_COMMON_NAME_INVALID, | 945 CheckBrokenSecurityStyle(observer, net::ERR_CERT_COMMON_NAME_INVALID, |
| 937 browser()); | 946 browser()); |
| 938 ProceedThroughInterstitial(web_contents); | 947 ProceedThroughInterstitial(web_contents); |
| 939 CheckBrokenSecurityStyle(observer, net::ERR_CERT_COMMON_NAME_INVALID, | 948 CheckBrokenSecurityStyle(observer, net::ERR_CERT_COMMON_NAME_INVALID, |
| 940 browser()); | 949 browser()); |
| 941 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 950 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 942 INVALID_CERTIFICATE, browser()); | 951 INVALID_CERTIFICATE, browser()); |
| 943 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 952 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 944 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 953 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 954 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 945 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); | 955 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); |
| 946 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); | 956 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); |
| 947 | 957 |
| 948 content::WindowedNotificationObserver back_nav_load_observer( | 958 content::WindowedNotificationObserver back_nav_load_observer( |
| 949 content::NOTIFICATION_LOAD_STOP, | 959 content::NOTIFICATION_LOAD_STOP, |
| 950 content::Source<content::NavigationController>( | 960 content::Source<content::NavigationController>( |
| 951 &web_contents->GetController())); | 961 &web_contents->GetController())); |
| 952 chrome::GoBack(browser(), CURRENT_TAB); | 962 chrome::GoBack(browser(), CURRENT_TAB); |
| 953 back_nav_load_observer.Wait(); | 963 back_nav_load_observer.Wait(); |
| 954 | 964 |
| 955 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATED, | 965 EXPECT_EQ(content::SECURITY_STYLE_AUTHENTICATED, |
| 956 observer.latest_security_style()); | 966 observer.latest_security_style()); |
| 957 EXPECT_EQ(0u, | 967 EXPECT_EQ(0u, |
| 958 observer.latest_explanations().unauthenticated_explanations.size()); | 968 observer.latest_explanations().unauthenticated_explanations.size()); |
| 959 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | 969 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); |
| 960 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 970 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 961 VALID_CERTIFICATE, browser()); | 971 VALID_CERTIFICATE, browser()); |
| 962 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 972 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 963 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 973 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 974 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 964 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); | 975 EXPECT_FALSE(observer.latest_explanations().displayed_insecure_content); |
| 965 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); | 976 EXPECT_FALSE(observer.latest_explanations().ran_insecure_content); |
| 966 } | 977 } |
| 967 | 978 |
| 968 // After AddNonsecureUrlHandler() is called, requests to this hostname | 979 // After AddNonsecureUrlHandler() is called, requests to this hostname |
| 969 // will use obsolete TLS settings. | 980 // will use obsolete TLS settings. |
| 970 const char kMockNonsecureHostname[] = "example-nonsecure.test"; | 981 const char kMockNonsecureHostname[] = "example-nonsecure.test"; |
| 971 | 982 |
| 972 // A URLRequestMockHTTPJob that mocks a TLS connection with an obsolete | 983 // A URLRequestMockHTTPJob that mocks a TLS connection with an obsolete |
| 973 // protocol version. | 984 // protocol version. |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1096 // downgraded: SECURE_PROTOCOL_AND_CIPHERSUITE should not show up when | 1107 // downgraded: SECURE_PROTOCOL_AND_CIPHERSUITE should not show up when |
| 1097 // the TLS settings are obsolete. | 1108 // the TLS settings are obsolete. |
| 1098 for (const auto& explanation : | 1109 for (const auto& explanation : |
| 1099 observer.latest_explanations().secure_explanations) { | 1110 observer.latest_explanations().secure_explanations) { |
| 1100 EXPECT_NE(l10n_util::GetStringUTF8(IDS_SECURE_PROTOCOL_AND_CIPHERSUITE), | 1111 EXPECT_NE(l10n_util::GetStringUTF8(IDS_SECURE_PROTOCOL_AND_CIPHERSUITE), |
| 1101 explanation.summary); | 1112 explanation.summary); |
| 1102 } | 1113 } |
| 1103 } | 1114 } |
| 1104 | 1115 |
| 1105 } // namespace | 1116 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2118583003:
Display when PKP is bypassed in devtools (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master