| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include <openssl/ssl.h> | 7 #include <openssl/ssl.h> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
| (...skipping 849 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 860 | 860 |
| 861 // Navigate to a page that doesn't finish loading. Test that the | 861 // Navigate to a page that doesn't finish loading. Test that the |
| 862 // security state is neutral while the page is loading. | 862 // security state is neutral while the page is loading. |
| 863 browser()->OpenURL(content::OpenURLParams( | 863 browser()->OpenURL(content::OpenURLParams( |
| 864 embedded_test_server()->GetURL("/title1.html"), content::Referrer(), | 864 embedded_test_server()->GetURL("/title1.html"), content::Referrer(), |
| 865 WindowOpenDisposition::CURRENT_TAB, ui::PAGE_TRANSITION_TYPED, false)); | 865 WindowOpenDisposition::CURRENT_TAB, ui::PAGE_TRANSITION_TYPED, false)); |
| 866 CheckSecurityInfoForNonSecure( | 866 CheckSecurityInfoForNonSecure( |
| 867 browser()->tab_strip_model()->GetActiveWebContents()); | 867 browser()->tab_strip_model()->GetActiveWebContents()); |
| 868 } | 868 } |
| 869 | 869 |
| 870 // Tests that the NavigationEntry's flags for nonsecure password/credit |
| 871 // card inputs are reflected in the VisibleSecurityState. |
| 872 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, |
| 873 VisibleSecurityStateNonsecureFormInputs) { |
| 874 ASSERT_TRUE(https_server_.Start()); |
| 875 ui_test_utils::NavigateToURL(browser(), |
| 876 https_server_.GetURL("/ssl/google.html")); |
| 877 |
| 878 content::WebContents* contents = |
| 879 browser()->tab_strip_model()->GetActiveWebContents(); |
| 880 ASSERT_TRUE(contents); |
| 881 |
| 882 ChromeSecurityStateModelClient* model_client = |
| 883 ChromeSecurityStateModelClient::FromWebContents(contents); |
| 884 ASSERT_TRUE(model_client); |
| 885 |
| 886 // First, test that if the flags aren't set on the NavigationEntry, |
| 887 // then they also aren't set on the VisibleSecurityState. |
| 888 content::SSLStatus& ssl_status = |
| 889 contents->GetController().GetVisibleEntry()->GetSSL(); |
| 890 ASSERT_FALSE(ssl_status.content_status & |
| 891 content::SSLStatus::DISPLAYED_NONSECURE_PASSWORD_FIELD); |
| 892 ASSERT_FALSE(ssl_status.content_status & |
| 893 content::SSLStatus::DISPLAYED_NONSECURE_CREDIT_CARD_FIELD); |
| 894 SecurityStateModel::VisibleSecurityState |
| 895 visible_security_state_no_nonsecure_inputs; |
| 896 model_client->GetVisibleSecurityState( |
| 897 &visible_security_state_no_nonsecure_inputs); |
| 898 EXPECT_FALSE(visible_security_state_no_nonsecure_inputs |
| 899 .displayed_nonsecure_password_field); |
| 900 EXPECT_FALSE(visible_security_state_no_nonsecure_inputs |
| 901 .displayed_nonsecure_credit_card_field); |
| 902 |
| 903 // Now, set the flags on the NavigationEntry and test that they are |
| 904 // reflected in the VisibleSecurityState. |
| 905 ssl_status.content_status |= |
| 906 content::SSLStatus::DISPLAYED_NONSECURE_PASSWORD_FIELD; |
| 907 ssl_status.content_status |= |
| 908 content::SSLStatus::DISPLAYED_NONSECURE_CREDIT_CARD_FIELD; |
| 909 SecurityStateModel::VisibleSecurityState |
| 910 visible_security_state_nonsecure_inputs; |
| 911 model_client->GetVisibleSecurityState( |
| 912 &visible_security_state_nonsecure_inputs); |
| 913 EXPECT_TRUE(visible_security_state_nonsecure_inputs |
| 914 .displayed_nonsecure_password_field); |
| 915 EXPECT_TRUE(visible_security_state_nonsecure_inputs |
| 916 .displayed_nonsecure_credit_card_field); |
| 917 } |
| 918 |
| 870 // Tests that the SecurityStateModel for a WebContents is up to date | 919 // Tests that the SecurityStateModel for a WebContents is up to date |
| 871 // when the WebContents is inserted into a Browser's TabStripModel. | 920 // when the WebContents is inserted into a Browser's TabStripModel. |
| 872 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, AddedTab) { | 921 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, AddedTab) { |
| 873 ASSERT_TRUE(https_server_.Start()); | 922 ASSERT_TRUE(https_server_.Start()); |
| 874 SetUpMockCertVerifierForHttpsServer(0, net::OK); | 923 SetUpMockCertVerifierForHttpsServer(0, net::OK); |
| 875 | 924 |
| 876 content::WebContents* tab = | 925 content::WebContents* tab = |
| 877 browser()->tab_strip_model()->GetActiveWebContents(); | 926 browser()->tab_strip_model()->GetActiveWebContents(); |
| 878 ASSERT_TRUE(tab); | 927 ASSERT_TRUE(tab); |
| 879 | 928 |
| (...skipping 537 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1417 ChromeSecurityStateModelClient* model_client = | 1466 ChromeSecurityStateModelClient* model_client = |
| 1418 ChromeSecurityStateModelClient::FromWebContents(web_contents); | 1467 ChromeSecurityStateModelClient::FromWebContents(web_contents); |
| 1419 ASSERT_TRUE(model_client); | 1468 ASSERT_TRUE(model_client); |
| 1420 const SecurityStateModel::SecurityInfo& security_info = | 1469 const SecurityStateModel::SecurityInfo& security_info = |
| 1421 model_client->GetSecurityInfo(); | 1470 model_client->GetSecurityInfo(); |
| 1422 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level); | 1471 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level); |
| 1423 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); | 1472 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); |
| 1424 } | 1473 } |
| 1425 | 1474 |
| 1426 } // namespace | 1475 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2350273002:
Add SSLStatus flags to feed HTTP_WARNING security level (Closed)
