| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <utility> | 5 #include <utility> |
| 6 | 6 |
| 7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/bind_helpers.h" | 9 #include "base/bind_helpers.h" |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| (...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 147 bool seen_; | 147 bool seen_; |
| 148 }; | 148 }; |
| 149 | 149 |
| 150 namespace AuthState { | 150 namespace AuthState { |
| 151 | 151 |
| 152 enum AuthStateFlags { | 152 enum AuthStateFlags { |
| 153 NONE = 0, | 153 NONE = 0, |
| 154 DISPLAYED_INSECURE_CONTENT = 1 << 0, | 154 DISPLAYED_INSECURE_CONTENT = 1 << 0, |
| 155 RAN_INSECURE_CONTENT = 1 << 1, | 155 RAN_INSECURE_CONTENT = 1 << 1, |
| 156 SHOWING_INTERSTITIAL = 1 << 2, | 156 SHOWING_INTERSTITIAL = 1 << 2, |
| 157 SHOWING_ERROR = 1 << 3, | 157 SHOWING_ERROR = 1 << 3 |
| 158 // Useful when a favicon load may or may not have finished loading, to avoid | |
| 159 // checking if a page displayed insecure content. | |
| 160 // TODO(estark): remove this once http://crbug.com/634171 is fixed. | |
| 161 DONT_CHECK_DISPLAYED_INSECURE_CONTENT = 1 << 4, | |
| 162 }; | 158 }; |
| 163 | 159 |
| 164 void Check(const NavigationEntry& entry, int expected_authentication_state) { | 160 void Check(const NavigationEntry& entry, int expected_authentication_state) { |
| 165 if (expected_authentication_state == AuthState::SHOWING_ERROR) { | 161 if (expected_authentication_state == AuthState::SHOWING_ERROR) { |
| 166 EXPECT_EQ(content::PAGE_TYPE_ERROR, entry.GetPageType()); | 162 EXPECT_EQ(content::PAGE_TYPE_ERROR, entry.GetPageType()); |
| 167 } else { | 163 } else { |
| 168 EXPECT_EQ( | 164 EXPECT_EQ( |
| 169 !!(expected_authentication_state & AuthState::SHOWING_INTERSTITIAL) | 165 !!(expected_authentication_state & AuthState::SHOWING_INTERSTITIAL) |
| 170 ? content::PAGE_TYPE_INTERSTITIAL | 166 ? content::PAGE_TYPE_INTERSTITIAL |
| 171 : content::PAGE_TYPE_NORMAL, | 167 : content::PAGE_TYPE_NORMAL, |
| 172 entry.GetPageType()); | 168 entry.GetPageType()); |
| 173 } | 169 } |
| 174 | 170 |
| 175 if (!(expected_authentication_state & | 171 bool displayed_insecure_content = |
| 176 AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT)) { | 172 !!(entry.GetSSL().content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT); |
| 177 bool displayed_insecure_content = | 173 EXPECT_EQ( |
| 178 !!(entry.GetSSL().content_status & | 174 !!(expected_authentication_state & AuthState::DISPLAYED_INSECURE_CONTENT), |
| 179 SSLStatus::DISPLAYED_INSECURE_CONTENT); | 175 displayed_insecure_content); |
| 180 EXPECT_EQ( | |
| 181 !!(expected_authentication_state & | |
| 182 AuthState::DISPLAYED_INSECURE_CONTENT), | |
| 183 displayed_insecure_content); | |
| 184 } | |
| 185 | 176 |
| 186 bool ran_insecure_content = | 177 bool ran_insecure_content = |
| 187 !!(entry.GetSSL().content_status & SSLStatus::RAN_INSECURE_CONTENT); | 178 !!(entry.GetSSL().content_status & SSLStatus::RAN_INSECURE_CONTENT); |
| 188 EXPECT_EQ(!!(expected_authentication_state & AuthState::RAN_INSECURE_CONTENT), | 179 EXPECT_EQ(!!(expected_authentication_state & AuthState::RAN_INSECURE_CONTENT), |
| 189 ran_insecure_content); | 180 ran_insecure_content); |
| 190 } | 181 } |
| 191 | 182 |
| 192 } // namespace AuthState | 183 } // namespace AuthState |
| 193 | 184 |
| 194 namespace SecurityStyle { | 185 namespace SecurityStyle { |
| (...skipping 1629 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1824 | 1815 |
| 1825 // Now try again the broken one to make sure it is still broken. | 1816 // Now try again the broken one to make sure it is still broken. |
| 1826 ui_test_utils::NavigateToURL( | 1817 ui_test_utils::NavigateToURL( |
| 1827 browser(), https_server_mismatched_.GetURL("/ssl/google.html")); | 1818 browser(), https_server_mismatched_.GetURL("/ssl/google.html")); |
| 1828 | 1819 |
| 1829 // Since we OKed the interstitial last time, we get right to the page. | 1820 // Since we OKed the interstitial last time, we get right to the page. |
| 1830 CheckAuthenticationBrokenState( | 1821 CheckAuthenticationBrokenState( |
| 1831 tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE); | 1822 tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE); |
| 1832 } | 1823 } |
| 1833 | 1824 |
| 1825 #if defined(OS_CHROMEOS) |
| 1826 // This test seems to be flaky and hang on chromiumos. |
| 1827 // http://crbug.com/84419 |
| 1828 #define MAYBE_TestRefNavigation DISABLED_TestRefNavigation |
| 1829 #else |
| 1830 #define MAYBE_TestRefNavigation TestRefNavigation |
| 1831 #endif |
| 1832 |
| 1834 // Test that navigating to a #ref does not change a bad security state. | 1833 // Test that navigating to a #ref does not change a bad security state. |
| 1835 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRefNavigation) { | 1834 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRefNavigation) { |
| 1836 ASSERT_TRUE(https_server_expired_.Start()); | 1835 ASSERT_TRUE(https_server_expired_.Start()); |
| 1837 | 1836 |
| 1838 ui_test_utils::NavigateToURL( | 1837 ui_test_utils::NavigateToURL( |
| 1839 browser(), https_server_expired_.GetURL("/ssl/page_with_refs.html")); | 1838 browser(), https_server_expired_.GetURL("/ssl/page_with_refs.html")); |
| 1840 | 1839 |
| 1841 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); | 1840 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 1842 CheckAuthenticationBrokenState( | 1841 CheckAuthenticationBrokenState( |
| 1843 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); | 1842 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); |
| 1844 | 1843 |
| 1845 ProceedThroughInterstitial(tab); | 1844 ProceedThroughInterstitial(tab); |
| 1846 | 1845 |
| 1847 CheckAuthenticationBrokenState( | 1846 CheckAuthenticationBrokenState( |
| 1848 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); | 1847 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); |
| 1849 // Now navigate to a ref in the page, the security state should not have | 1848 // Now navigate to a ref in the page, the security state should not have |
| 1850 // changed. | 1849 // changed. |
| 1851 ui_test_utils::NavigateToURL( | 1850 ui_test_utils::NavigateToURL( |
| 1852 browser(), https_server_expired_.GetURL("/ssl/page_with_refs.html#jp")); | 1851 browser(), https_server_expired_.GetURL("/ssl/page_with_refs.html#jp")); |
| 1853 | 1852 |
| 1854 CheckAuthenticationBrokenState( | 1853 CheckAuthenticationBrokenState( |
| 1855 tab, net::CERT_STATUS_DATE_INVALID, | 1854 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); |
| 1856 AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT); | |
| 1857 } | 1855 } |
| 1858 | 1856 |
| 1859 // Tests that closing a page that opened a pop-up with an interstitial does not | 1857 // Tests that closing a page that opened a pop-up with an interstitial does not |
| 1860 // crash the browser (crbug.com/1966). | 1858 // crash the browser (crbug.com/1966). |
| 1861 IN_PROC_BROWSER_TEST_F(SSLUITest, TestCloseTabWithUnsafePopup) { | 1859 IN_PROC_BROWSER_TEST_F(SSLUITest, TestCloseTabWithUnsafePopup) { |
| 1862 ASSERT_TRUE(embedded_test_server()->Start()); | 1860 ASSERT_TRUE(embedded_test_server()->Start()); |
| 1863 ASSERT_TRUE(https_server_expired_.Start()); | 1861 ASSERT_TRUE(https_server_expired_.Start()); |
| 1864 | 1862 |
| 1865 // Enable popups without user gesture. | 1863 // Enable popups without user gesture. |
| 1866 HostContentSettingsMapFactory::GetForProfile(browser()->profile()) | 1864 HostContentSettingsMapFactory::GetForProfile(browser()->profile()) |
| (...skipping 297 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2164 content::Source<NavigationController>(&tab->GetController())); | 2162 content::Source<NavigationController>(&tab->GetController())); |
| 2165 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( | 2163 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
| 2166 tab, | 2164 tab, |
| 2167 "window.domAutomationController.send(clickLink('goodHTTPSLink'));", | 2165 "window.domAutomationController.send(clickLink('goodHTTPSLink'));", |
| 2168 &success)); | 2166 &success)); |
| 2169 ASSERT_TRUE(success); | 2167 ASSERT_TRUE(success); |
| 2170 observer.Wait(); | 2168 observer.Wait(); |
| 2171 | 2169 |
| 2172 // We should still be authentication broken. | 2170 // We should still be authentication broken. |
| 2173 CheckAuthenticationBrokenState( | 2171 CheckAuthenticationBrokenState( |
| 2174 tab, net::CERT_STATUS_DATE_INVALID, | 2172 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); |
| 2175 AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT); | |
| 2176 } | 2173 } |
| 2177 | 2174 |
| 2178 // From an HTTP top frame, navigate to good and bad HTTPS (security state should | 2175 // From an HTTP top frame, navigate to good and bad HTTPS (security state should |
| 2179 // stay unauthenticated). | 2176 // stay unauthenticated). |
| 2180 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnauthenticatedFrameNavigation) { | 2177 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnauthenticatedFrameNavigation) { |
| 2181 ASSERT_TRUE(embedded_test_server()->Start()); | 2178 ASSERT_TRUE(embedded_test_server()->Start()); |
| 2182 ASSERT_TRUE(https_server_.Start()); | 2179 ASSERT_TRUE(https_server_.Start()); |
| 2183 ASSERT_TRUE(https_server_expired_.Start()); | 2180 ASSERT_TRUE(https_server_expired_.Start()); |
| 2184 | 2181 |
| 2185 std::string top_frame_path; | 2182 std::string top_frame_path; |
| (...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2280 | 2277 |
| 2281 // Navigate to safe page that has Worker loading unsafe content. | 2278 // Navigate to safe page that has Worker loading unsafe content. |
| 2282 // Expect content to load but be marked as auth broken due to running insecure | 2279 // Expect content to load but be marked as auth broken due to running insecure |
| 2283 // content. | 2280 // content. |
| 2284 std::string page_with_unsafe_worker_path; | 2281 std::string page_with_unsafe_worker_path; |
| 2285 GetPageWithUnsafeWorkerPath(https_server_mismatched_, | 2282 GetPageWithUnsafeWorkerPath(https_server_mismatched_, |
| 2286 &page_with_unsafe_worker_path); | 2283 &page_with_unsafe_worker_path); |
| 2287 ui_test_utils::NavigateToURL( | 2284 ui_test_utils::NavigateToURL( |
| 2288 browser(), https_server_.GetURL(page_with_unsafe_worker_path)); | 2285 browser(), https_server_.GetURL(page_with_unsafe_worker_path)); |
| 2289 CheckWorkerLoadResult(tab, true); // Worker loads insecure content | 2286 CheckWorkerLoadResult(tab, true); // Worker loads insecure content |
| 2290 CheckAuthenticationBrokenState( | 2287 CheckAuthenticationBrokenState(tab, CertError::NONE, |
| 2291 tab, CertError::NONE, | 2288 AuthState::RAN_INSECURE_CONTENT); |
| 2292 AuthState::RAN_INSECURE_CONTENT | | |
| 2293 AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT); | |
| 2294 } | 2289 } |
| 2295 | 2290 |
| 2296 // Visits a page with unsafe content and makes sure that if a user exception to | 2291 // Visits a page with unsafe content and makes sure that if a user exception to |
| 2297 // the certificate error is present, the image is loaded and script executes. | 2292 // the certificate error is present, the image is loaded and script executes. |
| 2298 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsWithUserException) { | 2293 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsWithUserException) { |
| 2299 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); | 2294 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 2300 ASSERT_NO_FATAL_FAILURE(SetUpUnsafeContentsWithUserException( | 2295 ASSERT_NO_FATAL_FAILURE(SetUpUnsafeContentsWithUserException( |
| 2301 "/ssl/page_with_unsafe_contents.html")); | 2296 "/ssl/page_with_unsafe_contents.html")); |
| 2302 CheckAuthenticationBrokenState( | 2297 CheckAuthenticationBrokenState( |
| 2303 tab, CertError::NONE, | 2298 tab, CertError::NONE, |
| (...skipping 18 matching lines...) Expand all Loading... |
| 2322 std::string replacement_path; | 2317 std::string replacement_path; |
| 2323 GetFilePathWithHostAndPortReplacement( | 2318 GetFilePathWithHostAndPortReplacement( |
| 2324 "/ssl/page_with_unsafe_contents.html", | 2319 "/ssl/page_with_unsafe_contents.html", |
| 2325 https_server_mismatched_.host_port_pair(), &replacement_path); | 2320 https_server_mismatched_.host_port_pair(), &replacement_path); |
| 2326 ui_test_utils::NavigateToURL( | 2321 ui_test_utils::NavigateToURL( |
| 2327 browser(), https_server_mismatched_.GetURL(replacement_path)); | 2322 browser(), https_server_mismatched_.GetURL(replacement_path)); |
| 2328 js_result = false; | 2323 js_result = false; |
| 2329 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( | 2324 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
| 2330 tab, "window.domAutomationController.send(IsFooSet());", &js_result)); | 2325 tab, "window.domAutomationController.send(IsFooSet());", &js_result)); |
| 2331 EXPECT_TRUE(js_result); | 2326 EXPECT_TRUE(js_result); |
| 2332 CheckAuthenticationBrokenState( | 2327 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID, |
| 2333 tab, net::CERT_STATUS_COMMON_NAME_INVALID, | 2328 AuthState::NONE); |
| 2334 AuthState::DONT_CHECK_DISPLAYED_INSECURE_CONTENT); | |
| 2335 } | 2329 } |
| 2336 | 2330 |
| 2337 // Like the test above, but only displaying inactive content (an image). | 2331 // Like the test above, but only displaying inactive content (an image). |
| 2338 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeImageWithUserException) { | 2332 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeImageWithUserException) { |
| 2339 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); | 2333 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 2340 ASSERT_NO_FATAL_FAILURE( | 2334 ASSERT_NO_FATAL_FAILURE( |
| 2341 SetUpUnsafeContentsWithUserException("/ssl/page_with_unsafe_image.html")); | 2335 SetUpUnsafeContentsWithUserException("/ssl/page_with_unsafe_image.html")); |
| 2342 CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); | 2336 CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); |
| 2343 | 2337 |
| 2344 int img_width; | 2338 int img_width; |
| (...skipping 658 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3003 | 2997 |
| 3004 // Visit a page over https that contains a frame with a redirect. | 2998 // Visit a page over https that contains a frame with a redirect. |
| 3005 | 2999 |
| 3006 // XMLHttpRequest insecure content in synchronous mode. | 3000 // XMLHttpRequest insecure content in synchronous mode. |
| 3007 | 3001 |
| 3008 // XMLHttpRequest insecure content in asynchronous mode. | 3002 // XMLHttpRequest insecure content in asynchronous mode. |
| 3009 | 3003 |
| 3010 // XMLHttpRequest over bad ssl in synchronous mode. | 3004 // XMLHttpRequest over bad ssl in synchronous mode. |
| 3011 | 3005 |
| 3012 // XMLHttpRequest over OK ssl in synchronous mode. | 3006 // XMLHttpRequest over OK ssl in synchronous mode. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2214293003:
Revert of Remove usage of SSLStatus in RenderFrameImpl. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master