Remove usage of SSLStatus in RenderFrameImpl.

chrome/browser/ssl/ssl_browser_tests.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <utility>
 
 #include "base/base_switches.h"
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/callback.h"
@@ skipping 136 matching lines @@
   bool seen_;
 };
 
 namespace AuthState {
 
 enum AuthStateFlags {
   NONE = 0,
   DISPLAYED_INSECURE_CONTENT = 1 << 0,
   RAN_INSECURE_CONTENT = 1 << 1,
   SHOWING_INTERSTITIAL = 1 << 2,
-  SHOWING_ERROR = 1 << 3
+  SHOWING_ERROR = 1 << 3,
+  // Useful when a favicon load may or may not have finised loading, to avoid

[estark, 2016/08/04 04:31:17]

nit: typo, finised -> finished

[jam, 2016/08/04 17:41:53]

Done.

+  // checking if a page displayed insecure content.
+  DONT_CHECK_DISPLAYED_INSECURE_CONTENT = 1 << 4,

[estark, 2016/08/04 04:31:17]

Just a note for posterity, this shouldn't be necessary if I clean up this big
hack where we treat broken-https subresources the same as plain-http mixed
content in the browser (https://crbug.com/634171). If you are making changes
before you submit and want to add a TODO(estark) here, I wouldn't mind that :)

[jam, 2016/08/04 17:41:53]

Done.

 };
 
 void Check(const NavigationEntry& entry, int expected_authentication_state) {
   if (expected_authentication_state == AuthState::SHOWING_ERROR) {
     EXPECT_EQ(content::PAGE_TYPE_ERROR, entry.GetPageType());
   } else {
     EXPECT_EQ(
         !!(expected_authentication_state & AuthState::SHOWING_INTERSTITIAL)
             ? content::PAGE_TYPE_INTERSTITIAL
             : content::PAGE_TYPE_NORMAL,
         entry.GetPageType());
   }
 
-  bool displayed_insecure_content =
-      !!(entry.GetSSL().content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT);
-  EXPECT_EQ(
-      !!(expected_authentication_state & AuthState::DISPLAYED_INSECURE_CONTENT),
-      displayed_insecure_content);
+  if (!(expected_authentication_state &
+        AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT)) {
+    bool displayed_insecure_content =
+         !!(entry.GetSSL().content_status &
+            SSLStatus::DISPLAYED_INSECURE_CONTENT);
+    EXPECT_EQ(
+        !!(expected_authentication_state &
+           AuthState::DISPLAYED_INSECURE_CONTENT),
+        displayed_insecure_content);
+  }
 
   bool ran_insecure_content =
       !!(entry.GetSSL().content_status & SSLStatus::RAN_INSECURE_CONTENT);
   EXPECT_EQ(!!(expected_authentication_state & AuthState::RAN_INSECURE_CONTENT),
             ran_insecure_content);
 }
 
 }  // namespace AuthState
 
 namespace SecurityStyle {
@@ skipping 1638 matching lines @@
 
 #if defined(OS_CHROMEOS)
 // This test seems to be flaky and hang on chromiumos.
 // http://crbug.com/84419
 #define MAYBE_TestRefNavigation DISABLED_TestRefNavigation
 #else
 #define MAYBE_TestRefNavigation TestRefNavigation
 #endif
 
 // Test that navigating to a #ref does not change a bad security state.
-IN_PROC_BROWSER_TEST_F(SSLUITest, TestRefNavigation) {
+IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRefNavigation) {

[estark, 2016/08/04 04:31:17]

That's odd -- if MAYBE_ wasn't here before, maybe we don't need the MAYBE_?

[jam, 2016/08/04 17:41:53]

true, I should have checked flakiness results.

http://chromium-try-flakes.appspot.com/search?q=SSLUITest.TestRefNavigation
doesn't show any hits, so I've undone this and closed the bug.

   ASSERT_TRUE(https_server_expired_.Start());
 
   ui_test_utils::NavigateToURL(
       browser(), https_server_expired_.GetURL("/ssl/page_with_refs.html"));
 
   WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
   CheckAuthenticationBrokenState(
       tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
 
   ProceedThroughInterstitial(tab);
 
   CheckAuthenticationBrokenState(
       tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
   // Now navigate to a ref in the page, the security state should not have
   // changed.
   ui_test_utils::NavigateToURL(
       browser(), https_server_expired_.GetURL("/ssl/page_with_refs.html#jp"));
 
   CheckAuthenticationBrokenState(
-      tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
+      tab, net::CERT_STATUS_DATE_INVALID,
+      AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT);
 }
 
 // Tests that closing a page that opened a pop-up with an interstitial does not
 // crash the browser (crbug.com/1966).
 IN_PROC_BROWSER_TEST_F(SSLUITest, TestCloseTabWithUnsafePopup) {
   ASSERT_TRUE(embedded_test_server()->Start());
   ASSERT_TRUE(https_server_expired_.Start());
 
   // Enable popups without user gesture.
   HostContentSettingsMapFactory::GetForProfile(browser()->profile())
@@ skipping 297 matching lines @@
         content::Source<NavigationController>(&tab->GetController()));
   EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
       tab,
       "window.domAutomationController.send(clickLink('goodHTTPSLink'));",
       &success));
   ASSERT_TRUE(success);
   observer.Wait();
 
   // We should still be authentication broken.
   CheckAuthenticationBrokenState(
-      tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
+      tab, net::CERT_STATUS_DATE_INVALID,
+      AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT);
 }
 
 // From an HTTP top frame, navigate to good and bad HTTPS (security state should
 // stay unauthenticated).
 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnauthenticatedFrameNavigation) {
   ASSERT_TRUE(embedded_test_server()->Start());
   ASSERT_TRUE(https_server_.Start());
   ASSERT_TRUE(https_server_expired_.Start());
 
   std::string top_frame_path;
@@ skipping 94 matching lines @@
 
   // Navigate to safe page that has Worker loading unsafe content.
   // Expect content to load but be marked as auth broken due to running insecure
   // content.
   std::string page_with_unsafe_worker_path;
   GetPageWithUnsafeWorkerPath(https_server_mismatched_,
                               &page_with_unsafe_worker_path);
   ui_test_utils::NavigateToURL(
       browser(), https_server_.GetURL(page_with_unsafe_worker_path));
   CheckWorkerLoadResult(tab, true);  // Worker loads insecure content
-  CheckAuthenticationBrokenState(tab, CertError::NONE,
-                                 AuthState::RAN_INSECURE_CONTENT);
+  CheckAuthenticationBrokenState(
+      tab, CertError::NONE,
+      AuthState::RAN_INSECURE_CONTENT |
+          AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT);
 }
 
 // Visits a page with unsafe content and makes sure that if a user exception to
 // the certificate error is present, the image is loaded and script executes.
 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsWithUserException) {
   WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
   ASSERT_NO_FATAL_FAILURE(SetUpUnsafeContentsWithUserException(
       "/ssl/page_with_unsafe_contents.html"));
   CheckAuthenticationBrokenState(
       tab, CertError::NONE,
@@ skipping 18 matching lines @@
   std::string replacement_path;
   GetFilePathWithHostAndPortReplacement(
       "/ssl/page_with_unsafe_contents.html",
       https_server_mismatched_.host_port_pair(), &replacement_path);
   ui_test_utils::NavigateToURL(
       browser(), https_server_mismatched_.GetURL(replacement_path));
   js_result = false;
   EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
       tab, "window.domAutomationController.send(IsFooSet());", &js_result));
   EXPECT_TRUE(js_result);
-  CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
-                                 AuthState::NONE);
+  CheckAuthenticationBrokenState(
+      tab, net::CERT_STATUS_COMMON_NAME_INVALID,
+      AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT);
 }
 
 // Like the test above, but only displaying inactive content (an image).
 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeImageWithUserException) {
   WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
   ASSERT_NO_FATAL_FAILURE(
       SetUpUnsafeContentsWithUserException("/ssl/page_with_unsafe_image.html"));
   CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT);
 
   int img_width;
@@ skipping 658 matching lines @@
 
 // Visit a page over https that contains a frame with a redirect.
 
 // XMLHttpRequest insecure content in synchronous mode.
 
 // XMLHttpRequest insecure content in asynchronous mode.
 
 // XMLHttpRequest over bad ssl in synchronous mode.
 
 // XMLHttpRequest over OK ssl in synchronous mode.