Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(69)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc

Issue 2414913003: Inform WebContents when a password field is visible (Closed)
Patch Set: Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | components/password_manager/content/browser/content_password_manager_driver.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
6 6
7 #include <openssl/ssl.h> 7 #include <openssl/ssl.h>
8 8
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/files/file_path.h" 10 #include "base/files/file_path.h"
(...skipping 948 matching lines...) Expand 10 before | Expand all | Expand 10 after
959 security_info.security_level); 959 security_info.security_level);
960 960
961 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 961 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
962 ASSERT_TRUE(entry); 962 ASSERT_TRUE(entry);
963 EXPECT_TRUE(entry->GetSSL().content_status & 963 EXPECT_TRUE(entry->GetSSL().content_status &
964 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 964 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
965 } 965 }
966 966
967 // Tests that when an invisible password field is present on an HTTP page 967 // Tests that when an invisible password field is present on an HTTP page
968 // load, and when the command-line flag is set, the security level is 968 // load, and when the command-line flag is set, the security level is
969 // downgraded to HTTP_SHOW_WARNING. 969 // *not* downgraded to HTTP_SHOW_WARNING.
970 //
971 // TODO(estark): this will eventually be refined so that the warning
972 // will not show up for invisible password
973 // inputs. https://codereview.chromium.org/2378503002/
974 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 970 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch,
975 PasswordSecurityLevelDowngradedForInvisibleInput) { 971 PasswordSecurityLevelNotDowngradedForInvisibleInput) {
976 content::WebContents* contents = 972 content::WebContents* contents =
977 browser()->tab_strip_model()->GetActiveWebContents(); 973 browser()->tab_strip_model()->GetActiveWebContents();
978 ASSERT_TRUE(contents); 974 ASSERT_TRUE(contents);
979 975
980 ChromeSecurityStateModelClient* model_client = 976 ChromeSecurityStateModelClient* model_client =
981 ChromeSecurityStateModelClient::FromWebContents(contents); 977 ChromeSecurityStateModelClient::FromWebContents(contents);
982 ASSERT_TRUE(model_client); 978 ASSERT_TRUE(model_client);
983 979
984 ui_test_utils::NavigateToURL( 980 ui_test_utils::NavigateToURL(
985 browser(), 981 browser(),
986 GetURLWithNonLocalHostname(embedded_test_server(), 982 GetURLWithNonLocalHostname(embedded_test_server(),
987 "/password/invisible_password.html")); 983 "/password/invisible_password.html"));
988 security_state::SecurityStateModel::SecurityInfo security_info; 984 security_state::SecurityStateModel::SecurityInfo security_info;
989 model_client->GetSecurityInfo(&security_info); 985 model_client->GetSecurityInfo(&security_info);
990 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 986 EXPECT_EQ(security_state::SecurityStateModel::NONE,
991 security_info.security_level); 987 security_info.security_level);
992 988
993 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 989 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
994 ASSERT_TRUE(entry); 990 ASSERT_TRUE(entry);
995 EXPECT_TRUE(entry->GetSSL().content_status & 991 EXPECT_FALSE(entry->GetSSL().content_status &
996 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 992 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
997 } 993 }
998 994
999 // Tests that when a visible password field is detected inside an iframe 995 // Tests that when a visible password field is detected inside an iframe
1000 // on an HTTP page load, and when the command-line flag is set, the 996 // on an HTTP page load, and when the command-line flag is set, the
1001 // security level is downgraded to HTTP_SHOW_WARNING. 997 // security level is downgraded to HTTP_SHOW_WARNING.
1002 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 998 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch,
1003 PasswordSecurityLevelDowngradedFromIframe) { 999 PasswordSecurityLevelDowngradedFromIframe) {
1004 content::WebContents* contents = 1000 content::WebContents* contents =
1005 browser()->tab_strip_model()->GetActiveWebContents(); 1001 browser()->tab_strip_model()->GetActiveWebContents();
1006 ASSERT_TRUE(contents); 1002 ASSERT_TRUE(contents);
(...skipping 665 matching lines...) Expand 10 before | Expand all | Expand 10 after
1672 ChromeSecurityStateModelClient* model_client = 1668 ChromeSecurityStateModelClient* model_client =
1673 ChromeSecurityStateModelClient::FromWebContents(web_contents); 1669 ChromeSecurityStateModelClient::FromWebContents(web_contents);
1674 ASSERT_TRUE(model_client); 1670 ASSERT_TRUE(model_client);
1675 SecurityStateModel::SecurityInfo security_info; 1671 SecurityStateModel::SecurityInfo security_info;
1676 model_client->GetSecurityInfo(&security_info); 1672 model_client->GetSecurityInfo(&security_info);
1677 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level); 1673 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level);
1678 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); 1674 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses);
1679 } 1675 }
1680 1676
1681 } // namespace 1677 } // namespace
OLDNEW
« no previous file with comments | « no previous file | components/password_manager/content/browser/content_password_manager_driver.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698