| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <utility> | 5 #include <utility> |
| 6 | 6 |
| 7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/bind_helpers.h" | 9 #include "base/bind_helpers.h" |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| (...skipping 718 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 729 CheckAuthenticationBrokenState( | 729 CheckAuthenticationBrokenState( |
| 730 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); | 730 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); |
| 731 | 731 |
| 732 ProceedThroughInterstitial(tab); | 732 ProceedThroughInterstitial(tab); |
| 733 | 733 |
| 734 CheckAuthenticationBrokenState(tab, | 734 CheckAuthenticationBrokenState(tab, |
| 735 net::CERT_STATUS_DATE_INVALID, | 735 net::CERT_STATUS_DATE_INVALID, |
| 736 AuthState::DISPLAYED_INSECURE_CONTENT); | 736 AuthState::DISPLAYED_INSECURE_CONTENT); |
| 737 } | 737 } |
| 738 | 738 |
| 739 // Tests that the NavigationEntry gets marked as active mixed content, |
| 740 // even if there is a certificate error. Regression test for |
| 741 // https://crbug.com/593950. |
| 742 IN_PROC_BROWSER_TEST_F(SSLUITest, TestBrokenHTTPSWithActiveInsecureContent) { |
| 743 ASSERT_TRUE(https_server_expired_.Start()); |
| 744 |
| 745 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 746 ASSERT_TRUE(tab); |
| 747 |
| 748 // Navigate to a page with a certificate error and click through the |
| 749 // interstitial. |
| 750 ui_test_utils::NavigateToURL( |
| 751 browser(), |
| 752 https_server_expired_.GetURL("/ssl/page_runs_insecure_content.html")); |
| 753 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, |
| 754 AuthState::SHOWING_INTERSTITIAL); |
| 755 ProceedThroughInterstitial(tab); |
| 756 |
| 757 // Now check that the page is marked as having run insecure content. |
| 758 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, |
| 759 AuthState::RAN_INSECURE_CONTENT); |
| 760 } |
| 761 |
| 739 IN_PROC_BROWSER_TEST_F(SSLUITest, TestBrokenHTTPSMetricsReporting_Proceed) { | 762 IN_PROC_BROWSER_TEST_F(SSLUITest, TestBrokenHTTPSMetricsReporting_Proceed) { |
| 740 ASSERT_TRUE(https_server_expired_.Start()); | 763 ASSERT_TRUE(https_server_expired_.Start()); |
| 741 ASSERT_NO_FATAL_FAILURE(SetUpMockReporter()); | 764 ASSERT_NO_FATAL_FAILURE(SetUpMockReporter()); |
| 742 base::HistogramTester histograms; | 765 base::HistogramTester histograms; |
| 743 const std::string decision_histogram = | 766 const std::string decision_histogram = |
| 744 "interstitial.ssl_overridable.decision"; | 767 "interstitial.ssl_overridable.decision"; |
| 745 const std::string interaction_histogram = | 768 const std::string interaction_histogram = |
| 746 "interstitial.ssl_overridable.interaction"; | 769 "interstitial.ssl_overridable.interaction"; |
| 747 | 770 |
| 748 // Histograms should start off empty. | 771 // Histograms should start off empty. |
| (...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 910 GURL url = https_server_.GetURL("/ssl/page_with_subresource.html"); | 933 GURL url = https_server_.GetURL("/ssl/page_with_subresource.html"); |
| 911 GURL::Replacements replacements; | 934 GURL::Replacements replacements; |
| 912 std::string new_host("localhost"); | 935 std::string new_host("localhost"); |
| 913 replacements.SetHostStr(new_host); | 936 replacements.SetHostStr(new_host); |
| 914 url = url.ReplaceComponents(replacements); | 937 url = url.ReplaceComponents(replacements); |
| 915 | 938 |
| 916 ui_test_utils::NavigateToURL(browser(), url); | 939 ui_test_utils::NavigateToURL(browser(), url); |
| 917 | 940 |
| 918 // We should see no interstitial, but we should have an error | 941 // We should see no interstitial, but we should have an error |
| 919 // (red-crossed-out-https) in the URL bar. | 942 // (red-crossed-out-https) in the URL bar. |
| 943 // TODO(estark): once http://crbug.com/634171 is fixed and certificate |
| 944 // errors for subresources don't generate |
| 945 // DISPLAYED/RAN_INSECURE_CONTENT switch this back to AuthState::NONE. |
| 920 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID, | 946 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID, |
| 921 AuthState::NONE); | 947 AuthState::RAN_INSECURE_CONTENT); |
| 922 | 948 |
| 923 // We should see that the script tag in the page loaded and ran (and | 949 // We should see that the script tag in the page loaded and ran (and |
| 924 // wasn't blocked by the certificate error). | 950 // wasn't blocked by the certificate error). |
| 925 base::string16 title; | 951 base::string16 title; |
| 926 base::string16 expected_title = base::ASCIIToUTF16("This script has loaded"); | 952 base::string16 expected_title = base::ASCIIToUTF16("This script has loaded"); |
| 927 ui_test_utils::GetCurrentTabTitle(browser(), &title); | 953 ui_test_utils::GetCurrentTabTitle(browser(), &title); |
| 928 EXPECT_EQ(title, expected_title); | 954 EXPECT_EQ(title, expected_title); |
| 929 } | 955 } |
| 930 | 956 |
| 931 IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPSErrorCausedByClockUsingBuildTime) { | 957 IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPSErrorCausedByClockUsingBuildTime) { |
| (...skipping 1266 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2198 content::NOTIFICATION_LOAD_STOP, | 2224 content::NOTIFICATION_LOAD_STOP, |
| 2199 content::Source<NavigationController>(&tab->GetController())); | 2225 content::Source<NavigationController>(&tab->GetController())); |
| 2200 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( | 2226 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
| 2201 tab, | 2227 tab, |
| 2202 "window.domAutomationController.send(clickLink('goodHTTPSLink'));", | 2228 "window.domAutomationController.send(clickLink('goodHTTPSLink'));", |
| 2203 &success)); | 2229 &success)); |
| 2204 ASSERT_TRUE(success); | 2230 ASSERT_TRUE(success); |
| 2205 observer.Wait(); | 2231 observer.Wait(); |
| 2206 | 2232 |
| 2207 // We should still be authentication broken. | 2233 // We should still be authentication broken. |
| 2208 CheckAuthenticationBrokenState( | 2234 // TODO(estark): once http://crbug.com/634171 is fixed and certificate |
| 2209 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); | 2235 // errors for subresources don't generate |
| 2236 // DISPLAYED/RAN_INSECURE_CONTENT switch this back to AuthState::NONE. |
| 2237 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, |
| 2238 AuthState::RAN_INSECURE_CONTENT); |
| 2210 } | 2239 } |
| 2211 | 2240 |
| 2212 // From an HTTP top frame, navigate to good and bad HTTPS (security state should | 2241 // From an HTTP top frame, navigate to good and bad HTTPS (security state should |
| 2213 // stay unauthenticated). | 2242 // stay unauthenticated). |
| 2214 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnauthenticatedFrameNavigation) { | 2243 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnauthenticatedFrameNavigation) { |
| 2215 ASSERT_TRUE(embedded_test_server()->Start()); | 2244 ASSERT_TRUE(embedded_test_server()->Start()); |
| 2216 ASSERT_TRUE(https_server_.Start()); | 2245 ASSERT_TRUE(https_server_.Start()); |
| 2217 ASSERT_TRUE(https_server_expired_.Start()); | 2246 ASSERT_TRUE(https_server_expired_.Start()); |
| 2218 | 2247 |
| 2219 std::string top_frame_path; | 2248 std::string top_frame_path; |
| (...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2354 std::string replacement_path; | 2383 std::string replacement_path; |
| 2355 GetFilePathWithHostAndPortReplacement( | 2384 GetFilePathWithHostAndPortReplacement( |
| 2356 "/ssl/page_with_unsafe_contents.html", | 2385 "/ssl/page_with_unsafe_contents.html", |
| 2357 https_server_mismatched_.host_port_pair(), &replacement_path); | 2386 https_server_mismatched_.host_port_pair(), &replacement_path); |
| 2358 ui_test_utils::NavigateToURL( | 2387 ui_test_utils::NavigateToURL( |
| 2359 browser(), https_server_mismatched_.GetURL(replacement_path)); | 2388 browser(), https_server_mismatched_.GetURL(replacement_path)); |
| 2360 js_result = false; | 2389 js_result = false; |
| 2361 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( | 2390 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
| 2362 tab, "window.domAutomationController.send(IsFooSet());", &js_result)); | 2391 tab, "window.domAutomationController.send(IsFooSet());", &js_result)); |
| 2363 EXPECT_TRUE(js_result); | 2392 EXPECT_TRUE(js_result); |
| 2364 // TODO(estark): once http://crbug.com/634171 is fixed and certificate errors | 2393 // TODO(estark): once http://crbug.com/634171 is fixed and certificate |
| 2365 // for subresources don't generate DISPLAYED_INSECURE_CONTENT switch this back | 2394 // errors for subresources don't generate |
| 2366 // to AuthState::NONE. | 2395 // DISPLAYED/RAN_INSECURE_CONTENT switch this back to AuthState::NONE. |
| 2367 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID, | 2396 CheckAuthenticationBrokenState( |
| 2368 AuthState::DISPLAYED_INSECURE_CONTENT); | 2397 tab, net::CERT_STATUS_COMMON_NAME_INVALID, |
| 2398 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); |
| 2369 } | 2399 } |
| 2370 | 2400 |
| 2371 // Like the test above, but only displaying inactive content (an image). | 2401 // Like the test above, but only displaying inactive content (an image). |
| 2372 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeImageWithUserException) { | 2402 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeImageWithUserException) { |
| 2373 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); | 2403 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); |
| 2374 ASSERT_NO_FATAL_FAILURE( | 2404 ASSERT_NO_FATAL_FAILURE( |
| 2375 SetUpUnsafeContentsWithUserException("/ssl/page_with_unsafe_image.html")); | 2405 SetUpUnsafeContentsWithUserException("/ssl/page_with_unsafe_image.html")); |
| 2376 CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); | 2406 CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); |
| 2377 | 2407 |
| 2378 int img_width; | 2408 int img_width; |
| (...skipping 660 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3039 | 3069 |
| 3040 // Visit a page over https that contains a frame with a redirect. | 3070 // Visit a page over https that contains a frame with a redirect. |
| 3041 | 3071 |
| 3042 // XMLHttpRequest insecure content in synchronous mode. | 3072 // XMLHttpRequest insecure content in synchronous mode. |
| 3043 | 3073 |
| 3044 // XMLHttpRequest insecure content in asynchronous mode. | 3074 // XMLHttpRequest insecure content in asynchronous mode. |
| 3045 | 3075 |
| 3046 // XMLHttpRequest over bad ssl in synchronous mode. | 3076 // XMLHttpRequest over bad ssl in synchronous mode. |
| 3047 | 3077 |
| 3048 // XMLHttpRequest over OK ssl in synchronous mode. | 3078 // XMLHttpRequest over OK ssl in synchronous mode. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2224693002:
Mark active mixed content even if there is a certificate error (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master