| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/strings/string_split.h" | 10 #include "base/strings/string_split.h" |
| (...skipping 420 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 431 ui_test_utils::NavigateToURL(browser(), | 431 ui_test_utils::NavigateToURL(browser(), |
| 432 https_server_.GetURL(replacement_path)); | 432 https_server_.GetURL(replacement_path)); |
| 433 CheckSecurityInfoForSecure( | 433 CheckSecurityInfoForSecure( |
| 434 browser()->tab_strip_model()->GetActiveWebContents(), | 434 browser()->tab_strip_model()->GetActiveWebContents(), |
| 435 SecurityStateModel::SECURITY_ERROR, | 435 SecurityStateModel::SECURITY_ERROR, |
| 436 SecurityStateModel::NO_DEPRECATED_SHA1, | 436 SecurityStateModel::NO_DEPRECATED_SHA1, |
| 437 SecurityStateModel::CONTENT_STATUS_RAN, false, | 437 SecurityStateModel::CONTENT_STATUS_RAN, false, |
| 438 false /* expect cert status error */); | 438 false /* expect cert status error */); |
| 439 } | 439 } |
| 440 | 440 |
| 441 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, |
| 442 ActiveContentWithCertErrors) { |
| 443 ASSERT_TRUE(https_server_.Start()); |
| 444 SetUpMockCertVerifierForHttpsServer(0, net::OK); |
| 445 |
| 446 // Navigate to an HTTPS page and simulate active content with |
| 447 // certificate errors. |
| 448 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); |
| 449 content::WebContents* web_contents = |
| 450 browser()->tab_strip_model()->GetActiveWebContents(); |
| 451 ASSERT_TRUE(web_contents); |
| 452 content::NavigationEntry* entry = |
| 453 web_contents->GetController().GetVisibleEntry(); |
| 454 ASSERT_TRUE(entry); |
| 455 entry->GetSSL().content_status |= |
| 456 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS; |
| 457 |
| 458 ChromeSecurityStateModelClient* model_client = |
| 459 ChromeSecurityStateModelClient::FromWebContents(web_contents); |
| 460 ASSERT_TRUE(model_client); |
| 461 const SecurityStateModel::SecurityInfo& security_info = |
| 462 model_client->GetSecurityInfo(); |
| 463 |
| 464 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); |
| 465 EXPECT_EQ(SecurityStateModel::SECURITY_ERROR, security_info.security_level); |
| 466 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_RAN, |
| 467 security_info.content_with_cert_errors_status); |
| 468 } |
| 469 |
| 470 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, |
| 471 PassiveContentWithCertErrors) { |
| 472 ASSERT_TRUE(https_server_.Start()); |
| 473 SetUpMockCertVerifierForHttpsServer(0, net::OK); |
| 474 |
| 475 // Navigate to an HTTPS page and simulate passive content with |
| 476 // certificate errors. |
| 477 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); |
| 478 content::WebContents* web_contents = |
| 479 browser()->tab_strip_model()->GetActiveWebContents(); |
| 480 ASSERT_TRUE(web_contents); |
| 481 content::NavigationEntry* entry = |
| 482 web_contents->GetController().GetVisibleEntry(); |
| 483 ASSERT_TRUE(entry); |
| 484 entry->GetSSL().content_status |= |
| 485 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS; |
| 486 |
| 487 ChromeSecurityStateModelClient* model_client = |
| 488 ChromeSecurityStateModelClient::FromWebContents(web_contents); |
| 489 ASSERT_TRUE(model_client); |
| 490 const SecurityStateModel::SecurityInfo& security_info = |
| 491 model_client->GetSecurityInfo(); |
| 492 |
| 493 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); |
| 494 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); |
| 495 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED, |
| 496 security_info.content_with_cert_errors_status); |
| 497 } |
| 498 |
| 499 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, |
| 500 ActiveAndPassiveContentWithCertErrors) { |
| 501 ASSERT_TRUE(https_server_.Start()); |
| 502 SetUpMockCertVerifierForHttpsServer(0, net::OK); |
| 503 |
| 504 // Navigate to an HTTPS page and simulate active and passive content |
| 505 // with certificate errors. |
| 506 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); |
| 507 content::WebContents* web_contents = |
| 508 browser()->tab_strip_model()->GetActiveWebContents(); |
| 509 ASSERT_TRUE(web_contents); |
| 510 content::NavigationEntry* entry = |
| 511 web_contents->GetController().GetVisibleEntry(); |
| 512 ASSERT_TRUE(entry); |
| 513 entry->GetSSL().content_status |= |
| 514 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS; |
| 515 entry->GetSSL().content_status |= |
| 516 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS; |
| 517 |
| 518 ChromeSecurityStateModelClient* model_client = |
| 519 ChromeSecurityStateModelClient::FromWebContents(web_contents); |
| 520 ASSERT_TRUE(model_client); |
| 521 const SecurityStateModel::SecurityInfo& security_info = |
| 522 model_client->GetSecurityInfo(); |
| 523 |
| 524 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); |
| 525 EXPECT_EQ(SecurityStateModel::SECURITY_ERROR, security_info.security_level); |
| 526 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, |
| 527 security_info.content_with_cert_errors_status); |
| 528 } |
| 529 |
| 441 // Same as the test above but with a long-lived SHA1 cert. | 530 // Same as the test above but with a long-lived SHA1 cert. |
| 442 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, | 531 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, |
| 443 MixedContentWithBrokenSHA1) { | 532 MixedContentWithBrokenSHA1) { |
| 444 ASSERT_TRUE(embedded_test_server()->Start()); | 533 ASSERT_TRUE(embedded_test_server()->Start()); |
| 445 ASSERT_TRUE(https_server_.Start()); | 534 ASSERT_TRUE(https_server_.Start()); |
| 446 // The test server uses a long-lived cert by default, so a SHA1 | 535 // The test server uses a long-lived cert by default, so a SHA1 |
| 447 // signature in it will register as a "broken" condition rather than | 536 // signature in it will register as a "broken" condition rather than |
| 448 // "warning". | 537 // "warning". |
| 449 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, | 538 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, |
| 450 net::OK); | 539 net::OK); |
| (...skipping 798 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1249 ChromeSecurityStateModelClient* model_client = | 1338 ChromeSecurityStateModelClient* model_client = |
| 1250 ChromeSecurityStateModelClient::FromWebContents(web_contents); | 1339 ChromeSecurityStateModelClient::FromWebContents(web_contents); |
| 1251 ASSERT_TRUE(model_client); | 1340 ASSERT_TRUE(model_client); |
| 1252 const SecurityStateModel::SecurityInfo& security_info = | 1341 const SecurityStateModel::SecurityInfo& security_info = |
| 1253 model_client->GetSecurityInfo(); | 1342 model_client->GetSecurityInfo(); |
| 1254 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level); | 1343 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level); |
| 1255 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); | 1344 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); |
| 1256 } | 1345 } |
| 1257 | 1346 |
| 1258 } // namespace | 1347 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2224023003:
Teach SecurityStateModel about subresources with cert errors (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master