| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h" | 5 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/callback.h" |
| 10 #include "base/command_line.h" | 11 #include "base/command_line.h" |
| 11 #include "base/strings/string_number_conversions.h" | 12 #include "base/strings/string_number_conversions.h" |
| 12 #include "base/test/simple_test_clock.h" | 13 #include "base/test/simple_test_clock.h" |
| 13 #include "chrome/browser/browsing_data/browsing_data_helper.h" | 14 #include "chrome/browser/browsing_data/browsing_data_helper.h" |
| 14 #include "chrome/browser/browsing_data/browsing_data_remover.h" | 15 #include "chrome/browser/browsing_data/browsing_data_remover.h" |
| 15 #include "chrome/browser/browsing_data/browsing_data_remover_factory.h" | 16 #include "chrome/browser/browsing_data/browsing_data_remover_factory.h" |
| 16 #include "chrome/browser/browsing_data/browsing_data_remover_test_util.h" | 17 #include "chrome/browser/browsing_data/browsing_data_remover_test_util.h" |
| 17 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 18 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
| 18 #include "chrome/browser/profiles/profile.h" | 19 #include "chrome/browser/profiles/profile.h" |
| 19 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate_factory.h" | 20 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate_factory.h" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 45 scoped_refptr<net::X509Certificate> GetOkCert() { | 46 scoped_refptr<net::X509Certificate> GetOkCert() { |
| 46 return net::ImportCertFromFile(net::GetTestCertsDirectory(), kOkCertFile); | 47 return net::ImportCertFromFile(net::GetTestCertsDirectory(), kOkCertFile); |
| 47 } | 48 } |
| 48 | 49 |
| 49 // Helper function for setting Finch options | 50 // Helper function for setting Finch options |
| 50 void SetFinchConfig(base::CommandLine* command_line, const std::string& group) { | 51 void SetFinchConfig(base::CommandLine* command_line, const std::string& group) { |
| 51 command_line->AppendSwitchASCII("--force-fieldtrials", | 52 command_line->AppendSwitchASCII("--force-fieldtrials", |
| 52 "RevertCertificateErrorDecisions/" + group); | 53 "RevertCertificateErrorDecisions/" + group); |
| 53 } | 54 } |
| 54 | 55 |
| 56 bool CStrStringMatcher(const char* a, const std::string& b) { |
| 57 return a == b; |
| 58 } |
| 59 |
| 55 } // namespace | 60 } // namespace |
| 56 | 61 |
| 57 class ChromeSSLHostStateDelegateTest : public InProcessBrowserTest {}; | 62 class ChromeSSLHostStateDelegateTest : public InProcessBrowserTest {}; |
| 58 | 63 |
| 59 // ChromeSSLHostStateDelegateTest tests basic unit test functionality of the | 64 // ChromeSSLHostStateDelegateTest tests basic unit test functionality of the |
| 60 // SSLHostStateDelegate class. For example, tests that if a certificate is | 65 // SSLHostStateDelegate class. For example, tests that if a certificate is |
| 61 // accepted, then it is added to queryable, and if it is revoked, it is not | 66 // accepted, then it is added to queryable, and if it is revoked, it is not |
| 62 // queryable. Even though it is effectively a unit test, in needs to be an | 67 // queryable. Even though it is effectively a unit test, in needs to be an |
| 63 // InProcessBrowserTest because the actual functionality is provided by | 68 // InProcessBrowserTest because the actual functionality is provided by |
| 64 // ChromeSSLHostStateDelegate which is provided per-profile. | 69 // ChromeSSLHostStateDelegate which is provided per-profile. |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 164 content::WebContents* tab = | 169 content::WebContents* tab = |
| 165 browser()->tab_strip_model()->GetActiveWebContents(); | 170 browser()->tab_strip_model()->GetActiveWebContents(); |
| 166 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 171 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| 167 ChromeSSLHostStateDelegate* state = | 172 ChromeSSLHostStateDelegate* state = |
| 168 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); | 173 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); |
| 169 bool unused_value; | 174 bool unused_value; |
| 170 | 175 |
| 171 // Simulate a user decision to allow an invalid certificate exception for | 176 // Simulate a user decision to allow an invalid certificate exception for |
| 172 // kWWWGoogleHost and for kExampleHost. | 177 // kWWWGoogleHost and for kExampleHost. |
| 173 state->AllowCert(kWWWGoogleHost, *cert, net::CERT_STATUS_DATE_INVALID); | 178 state->AllowCert(kWWWGoogleHost, *cert, net::CERT_STATUS_DATE_INVALID); |
| 179 state->AllowCert(kExampleHost, *cert, net::CERT_STATUS_DATE_INVALID); |
| 174 | 180 |
| 175 // Do a full clear, then make sure that both kWWWGoogleHost, which had a | 181 EXPECT_TRUE(state->HasAllowException(kWWWGoogleHost)); |
| 176 // decision made, and kExampleHost, which was untouched, are now in a denied | 182 EXPECT_TRUE(state->HasAllowException(kExampleHost)); |
| 177 // state. | 183 |
| 178 state->Clear(); | 184 // Clear data for kWWWGoogleHost. kExampleHost will not be modified. |
| 185 state->Clear( |
| 186 base::Bind(&CStrStringMatcher, base::Unretained(kWWWGoogleHost))); |
| 187 |
| 188 EXPECT_FALSE(state->HasAllowException(kWWWGoogleHost)); |
| 189 EXPECT_TRUE(state->HasAllowException(kExampleHost)); |
| 190 |
| 191 // Do a full clear, then make sure that both kWWWGoogleHost and kExampleHost, |
| 192 // which had a decision made, and kGoogleHost, which was untouched, are now |
| 193 // in a denied state. |
| 194 state->Clear(base::Callback<bool(const std::string&)>()); |
| 179 EXPECT_FALSE(state->HasAllowException(kWWWGoogleHost)); | 195 EXPECT_FALSE(state->HasAllowException(kWWWGoogleHost)); |
| 180 EXPECT_EQ(content::SSLHostStateDelegate::DENIED, | 196 EXPECT_EQ(content::SSLHostStateDelegate::DENIED, |
| 181 state->QueryPolicy(kWWWGoogleHost, *cert, | 197 state->QueryPolicy(kWWWGoogleHost, *cert, |
| 182 net::CERT_STATUS_DATE_INVALID, &unused_value)); | 198 net::CERT_STATUS_DATE_INVALID, &unused_value)); |
| 183 EXPECT_FALSE(state->HasAllowException(kExampleHost)); | 199 EXPECT_FALSE(state->HasAllowException(kExampleHost)); |
| 184 EXPECT_EQ(content::SSLHostStateDelegate::DENIED, | 200 EXPECT_EQ(content::SSLHostStateDelegate::DENIED, |
| 185 state->QueryPolicy(kExampleHost, *cert, | 201 state->QueryPolicy(kExampleHost, *cert, |
| 186 net::CERT_STATUS_DATE_INVALID, &unused_value)); | 202 net::CERT_STATUS_DATE_INVALID, &unused_value)); |
| 203 EXPECT_FALSE(state->HasAllowException(kGoogleHost)); |
| 204 EXPECT_EQ(content::SSLHostStateDelegate::DENIED, |
| 205 state->QueryPolicy(kGoogleHost, *cert, |
| 206 net::CERT_STATUS_DATE_INVALID, &unused_value)); |
| 187 } | 207 } |
| 188 | 208 |
| 189 // DidHostRunInsecureContent unit tests the expected behavior of calling | 209 // DidHostRunInsecureContent unit tests the expected behavior of calling |
| 190 // DidHostRunInsecureContent as well as HostRanInsecureContent to check if | 210 // DidHostRunInsecureContent as well as HostRanInsecureContent to check if |
| 191 // insecure content has been run and to mark it as such. | 211 // insecure content has been run and to mark it as such. |
| 192 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, | 212 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, |
| 193 DidHostRunInsecureContent) { | 213 DidHostRunInsecureContent) { |
| 194 content::WebContents* tab = | 214 content::WebContents* tab = |
| 195 browser()->tab_strip_model()->GetActiveWebContents(); | 215 browser()->tab_strip_model()->GetActiveWebContents(); |
| 196 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 216 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| (...skipping 479 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 676 EXPECT_EQ( | 696 EXPECT_EQ( |
| 677 content::SSLHostStateDelegate::ALLOWED, | 697 content::SSLHostStateDelegate::ALLOWED, |
| 678 state->QueryPolicy("localhost", *cert, | 698 state->QueryPolicy("localhost", *cert, |
| 679 net::CERT_STATUS_COMMON_NAME_INVALID, &unused_value)); | 699 net::CERT_STATUS_COMMON_NAME_INVALID, &unused_value)); |
| 680 | 700 |
| 681 EXPECT_EQ( | 701 EXPECT_EQ( |
| 682 content::SSLHostStateDelegate::ALLOWED, | 702 content::SSLHostStateDelegate::ALLOWED, |
| 683 state->QueryPolicy("127.0.0.1", *cert, | 703 state->QueryPolicy("127.0.0.1", *cert, |
| 684 net::CERT_STATUS_COMMON_NAME_INVALID, &unused_value)); | 704 net::CERT_STATUS_COMMON_NAME_INVALID, &unused_value)); |
| 685 } | 705 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2292443003:
Support host-based deletion for SSLHostStateDelegate (Closed)
