Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(66)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/chrome_security_state_model_browser_tests.cc

Issue 2448943002: Refactor SecurityStateModel/Clients for simplicity and reusability. (Closed)
Patch Set: Remove *SecurityModelClient. Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/ssl/chrome_security_state_model.cc ('k') | chrome/browser/ssl/chrome_security_state_model_client.h » ('j') | components/security_state/content/web_contents_security_state_model.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" 5 #include "chrome/browser/ssl/chrome_security_state_model.h"
6 6
7 #include <openssl/ssl.h> 7 #include <openssl/ssl.h>
8 8
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/files/file_path.h" 10 #include "base/files/file_path.h"
11 #include "base/macros.h" 11 #include "base/macros.h"
12 #include "base/strings/string_split.h" 12 #include "base/strings/string_split.h"
13 #include "base/strings/utf_string_conversions.h" 13 #include "base/strings/utf_string_conversions.h"
14 #include "chrome/browser/ssl/cert_verifier_browser_test.h" 14 #include "chrome/browser/ssl/cert_verifier_browser_test.h"
15 #include "chrome/browser/ssl/chrome_security_state_model_client.h" 15 #include "chrome/browser/ssl/chrome_security_state_model.h"
16 #include "chrome/browser/ssl/ssl_blocking_page.h" 16 #include "chrome/browser/ssl/ssl_blocking_page.h"
17 #include "chrome/browser/ui/browser.h" 17 #include "chrome/browser/ui/browser.h"
18 #include "chrome/browser/ui/browser_commands.h" 18 #include "chrome/browser/ui/browser_commands.h"
19 #include "chrome/browser/ui/tabs/tab_strip_model.h" 19 #include "chrome/browser/ui/tabs/tab_strip_model.h"
20 #include "chrome/common/chrome_paths.h" 20 #include "chrome/common/chrome_paths.h"
21 #include "chrome/common/chrome_switches.h" 21 #include "chrome/common/chrome_switches.h"
22 #include "chrome/common/pref_names.h" 22 #include "chrome/common/pref_names.h"
23 #include "chrome/grit/generated_resources.h"
24 #include "chrome/test/base/in_process_browser_test.h" 23 #include "chrome/test/base/in_process_browser_test.h"
25 #include "chrome/test/base/ui_test_utils.h" 24 #include "chrome/test/base/ui_test_utils.h"
26 #include "components/prefs/pref_service.h" 25 #include "components/prefs/pref_service.h"
27 #include "components/security_state/switches.h" 26 #include "components/security_state/core/switches.h"
27 #include "components/strings/grit/components_strings.h"
28 #include "content/public/browser/interstitial_page.h" 28 #include "content/public/browser/interstitial_page.h"
29 #include "content/public/browser/navigation_controller.h" 29 #include "content/public/browser/navigation_controller.h"
30 #include "content/public/browser/navigation_entry.h" 30 #include "content/public/browser/navigation_entry.h"
31 #include "content/public/browser/notification_service.h" 31 #include "content/public/browser/notification_service.h"
32 #include "content/public/browser/notification_types.h" 32 #include "content/public/browser/notification_types.h"
33 #include "content/public/browser/security_style_explanation.h" 33 #include "content/public/browser/security_style_explanation.h"
34 #include "content/public/browser/security_style_explanations.h" 34 #include "content/public/browser/security_style_explanations.h"
35 #include "content/public/browser/ssl_status.h" 35 #include "content/public/browser/ssl_status.h"
36 #include "content/public/browser/web_contents.h" 36 #include "content/public/browser/web_contents.h"
37 #include "content/public/common/referrer.h" 37 #include "content/public/common/referrer.h"
(...skipping 125 matching lines...) Expand 10 before | Expand all | Expand 10 after
163 EXPECT_TRUE(cert->Equals(expected_cert)); 163 EXPECT_TRUE(cert->Equals(expected_cert));
164 EXPECT_TRUE(secure_explanations[0].has_certificate); 164 EXPECT_TRUE(secure_explanations[0].has_certificate);
165 } 165 }
166 166
167 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), 167 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY),
168 secure_explanations.back().summary); 168 secure_explanations.back().summary);
169 169
170 content::WebContents* web_contents = 170 content::WebContents* web_contents =
171 browser->tab_strip_model()->GetActiveWebContents(); 171 browser->tab_strip_model()->GetActiveWebContents();
172 SecurityStateModel::SecurityInfo security_info; 172 SecurityStateModel::SecurityInfo security_info;
173 ChromeSecurityStateModelClient::FromWebContents(web_contents) 173 ChromeSecurityStateModel::FromWebContents(web_contents)
174 ->GetSecurityInfo(&security_info); 174 ->GetSecurityInfo(&security_info);
175 175
176 const char *protocol, *key_exchange, *cipher, *mac; 176 const char *protocol, *key_exchange, *cipher, *mac;
177 int ssl_version = 177 int ssl_version =
178 net::SSLConnectionStatusToVersion(security_info.connection_status); 178 net::SSLConnectionStatusToVersion(security_info.connection_status);
179 net::SSLVersionToString(&protocol, ssl_version); 179 net::SSLVersionToString(&protocol, ssl_version);
180 bool is_aead, is_tls13; 180 bool is_aead, is_tls13;
181 uint16_t cipher_suite = 181 uint16_t cipher_suite =
182 net::SSLConnectionStatusToCipherSuite(security_info.connection_status); 182 net::SSLConnectionStatusToCipherSuite(security_info.connection_status);
183 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 183 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead,
(...skipping 23 matching lines...) Expand all
207 207
208 void CheckSecurityInfoForSecure( 208 void CheckSecurityInfoForSecure(
209 content::WebContents* contents, 209 content::WebContents* contents,
210 SecurityStateModel::SecurityLevel expect_security_level, 210 SecurityStateModel::SecurityLevel expect_security_level,
211 SecurityStateModel::SHA1DeprecationStatus expect_sha1_status, 211 SecurityStateModel::SHA1DeprecationStatus expect_sha1_status,
212 SecurityStateModel::ContentStatus expect_mixed_content_status, 212 SecurityStateModel::ContentStatus expect_mixed_content_status,
213 bool pkp_bypassed, 213 bool pkp_bypassed,
214 bool expect_cert_error) { 214 bool expect_cert_error) {
215 ASSERT_TRUE(contents); 215 ASSERT_TRUE(contents);
216 216
217 ChromeSecurityStateModelClient* model_client = 217 ChromeSecurityStateModel* model =
218 ChromeSecurityStateModelClient::FromWebContents(contents); 218 ChromeSecurityStateModel::FromWebContents(contents);
219 ASSERT_TRUE(model_client); 219 ASSERT_TRUE(model);
220 SecurityStateModel::SecurityInfo security_info; 220 SecurityStateModel::SecurityInfo security_info;
221 model_client->GetSecurityInfo(&security_info); 221 model->GetSecurityInfo(&security_info);
222 EXPECT_EQ(expect_security_level, security_info.security_level); 222 EXPECT_EQ(expect_security_level, security_info.security_level);
223 EXPECT_EQ(expect_sha1_status, security_info.sha1_deprecation_status); 223 EXPECT_EQ(expect_sha1_status, security_info.sha1_deprecation_status);
224 EXPECT_EQ(expect_mixed_content_status, security_info.mixed_content_status); 224 EXPECT_EQ(expect_mixed_content_status, security_info.mixed_content_status);
225 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 225 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
226 EXPECT_TRUE(security_info.scheme_is_cryptographic); 226 EXPECT_TRUE(security_info.scheme_is_cryptographic);
227 EXPECT_EQ(pkp_bypassed, security_info.pkp_bypassed); 227 EXPECT_EQ(pkp_bypassed, security_info.pkp_bypassed);
228 EXPECT_EQ(expect_cert_error, 228 EXPECT_EQ(expect_cert_error,
229 net::IsCertStatusError(security_info.cert_status)); 229 net::IsCertStatusError(security_info.cert_status));
230 EXPECT_GT(security_info.security_bits, 0); 230 EXPECT_GT(security_info.security_bits, 0);
231 EXPECT_TRUE(!!security_info.certificate); 231 EXPECT_TRUE(!!security_info.certificate);
232 } 232 }
233 233
234 void CheckSecurityInfoForNonSecure(content::WebContents* contents) { 234 void CheckSecurityInfoForNonSecure(content::WebContents* contents) {
235 ASSERT_TRUE(contents); 235 ASSERT_TRUE(contents);
236 236
237 ChromeSecurityStateModelClient* model_client = 237 ChromeSecurityStateModel* model =
238 ChromeSecurityStateModelClient::FromWebContents(contents); 238 ChromeSecurityStateModel::FromWebContents(contents);
239 ASSERT_TRUE(model_client); 239 ASSERT_TRUE(model);
240 SecurityStateModel::SecurityInfo security_info; 240 SecurityStateModel::SecurityInfo security_info;
241 model_client->GetSecurityInfo(&security_info); 241 model->GetSecurityInfo(&security_info);
242 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 242 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level);
243 EXPECT_EQ(SecurityStateModel::NO_DEPRECATED_SHA1, 243 EXPECT_EQ(SecurityStateModel::NO_DEPRECATED_SHA1,
244 security_info.sha1_deprecation_status); 244 security_info.sha1_deprecation_status);
245 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_NONE, 245 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_NONE,
246 security_info.mixed_content_status); 246 security_info.mixed_content_status);
247 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 247 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
248 EXPECT_FALSE(security_info.scheme_is_cryptographic); 248 EXPECT_FALSE(security_info.scheme_is_cryptographic);
249 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 249 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
250 EXPECT_EQ(-1, security_info.security_bits); 250 EXPECT_EQ(-1, security_info.security_bits);
251 EXPECT_FALSE(!!security_info.certificate); 251 EXPECT_FALSE(!!security_info.certificate);
(...skipping 15 matching lines...) Expand all
267 const std::string& original_file_path, 267 const std::string& original_file_path,
268 const net::HostPortPair& host_port_pair, 268 const net::HostPortPair& host_port_pair,
269 std::string* replacement_path) { 269 std::string* replacement_path) {
270 base::StringPairs replacement_text; 270 base::StringPairs replacement_text;
271 replacement_text.push_back( 271 replacement_text.push_back(
272 make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString())); 272 make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString()));
273 net::test_server::GetFilePathWithReplacements( 273 net::test_server::GetFilePathWithReplacements(
274 original_file_path, replacement_text, replacement_path); 274 original_file_path, replacement_text, replacement_path);
275 } 275 }
276 276
277 class ChromeSecurityStateModelClientTest : public CertVerifierBrowserTest { 277 class ChromeSecurityStateModelTest : public CertVerifierBrowserTest {
278 public: 278 public:
279 ChromeSecurityStateModelClientTest() 279 ChromeSecurityStateModelTest()
280 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { 280 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
281 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot)); 281 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot));
282 } 282 }
283 283
284 void SetUpCommandLine(base::CommandLine* command_line) override { 284 void SetUpCommandLine(base::CommandLine* command_line) override {
285 // Browser will both run and display insecure content. 285 // Browser will both run and display insecure content.
286 command_line->AppendSwitch(switches::kAllowRunningInsecureContent); 286 command_line->AppendSwitch(switches::kAllowRunningInsecureContent);
287 } 287 }
288 288
289 protected: 289 protected:
290 void SetUpMockCertVerifierForHttpsServer(net::CertStatus cert_status, 290 void SetUpMockCertVerifierForHttpsServer(net::CertStatus cert_status,
291 int net_result) { 291 int net_result) {
292 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate()); 292 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate());
293 net::CertVerifyResult verify_result; 293 net::CertVerifyResult verify_result;
294 verify_result.is_issued_by_known_root = true; 294 verify_result.is_issued_by_known_root = true;
295 verify_result.verified_cert = cert; 295 verify_result.verified_cert = cert;
296 verify_result.cert_status = cert_status; 296 verify_result.cert_status = cert_status;
297 297
298 mock_cert_verifier()->AddResultForCert(cert, verify_result, net_result); 298 mock_cert_verifier()->AddResultForCert(cert, verify_result, net_result);
299 } 299 }
300 300
301 net::EmbeddedTestServer https_server_; 301 net::EmbeddedTestServer https_server_;
302 302
303 private: 303 private:
304 DISALLOW_COPY_AND_ASSIGN(ChromeSecurityStateModelClientTest); 304 DISALLOW_COPY_AND_ASSIGN(ChromeSecurityStateModelTest);
305 }; 305 };
306 306
307 GURL GetURLWithNonLocalHostname(net::EmbeddedTestServer* server, 307 GURL GetURLWithNonLocalHostname(net::EmbeddedTestServer* server,
308 const std::string& path) { 308 const std::string& path) {
309 GURL::Replacements replace_host; 309 GURL::Replacements replace_host;
310 replace_host.SetHostStr("example.test"); 310 replace_host.SetHostStr("example.test");
311 return server->GetURL(path).ReplaceComponents(replace_host); 311 return server->GetURL(path).ReplaceComponents(replace_host);
312 } 312 }
313 313
314 class ChromeSecurityStateModelClientTestWithPasswordCcSwitch 314 class ChromeSecurityStateModelTestWithPasswordCcSwitch
315 : public ChromeSecurityStateModelClientTest { 315 : public ChromeSecurityStateModelTest {
316 public: 316 public:
317 ChromeSecurityStateModelClientTestWithPasswordCcSwitch() 317 ChromeSecurityStateModelTestWithPasswordCcSwitch()
318 : ChromeSecurityStateModelClientTest() {} 318 : ChromeSecurityStateModelTest() {}
319 319
320 void SetUpOnMainThread() override { 320 void SetUpOnMainThread() override {
321 ASSERT_TRUE(embedded_test_server()->Start()); 321 ASSERT_TRUE(embedded_test_server()->Start());
322 ASSERT_TRUE(https_server_.Start()); 322 ASSERT_TRUE(https_server_.Start());
323 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 323 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
324 SetUpMockCertVerifierForHttpsServer(0, net::OK); 324 SetUpMockCertVerifierForHttpsServer(0, net::OK);
325 } 325 }
326 326
327 void SetUpCommandLine(base::CommandLine* command_line) override { 327 void SetUpCommandLine(base::CommandLine* command_line) override {
328 ChromeSecurityStateModelClientTest::SetUpCommandLine(command_line); 328 ChromeSecurityStateModelTest::SetUpCommandLine(command_line);
329 command_line->AppendSwitchASCII( 329 command_line->AppendSwitchASCII(
330 security_state::switches::kMarkHttpAs, 330 security_state::switches::kMarkHttpAs,
331 security_state::switches::kMarkHttpWithPasswordsOrCcWithChip); 331 security_state::switches::kMarkHttpWithPasswordsOrCcWithChip);
332 } 332 }
333 333
334 private: 334 private:
335 DISALLOW_COPY_AND_ASSIGN( 335 DISALLOW_COPY_AND_ASSIGN(
336 ChromeSecurityStateModelClientTestWithPasswordCcSwitch); 336 ChromeSecurityStateModelTestWithPasswordCcSwitch);
337 }; 337 };
338 338
339 class SecurityStyleChangedTest : public InProcessBrowserTest { 339 class SecurityStyleChangedTest : public InProcessBrowserTest {
340 public: 340 public:
341 SecurityStyleChangedTest() 341 SecurityStyleChangedTest()
342 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { 342 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
343 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot)); 343 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot));
344 } 344 }
345 345
346 void SetUpCommandLine(base::CommandLine* command_line) override { 346 void SetUpCommandLine(base::CommandLine* command_line) override {
347 // Browser will both run and display insecure content. 347 // Browser will both run and display insecure content.
348 command_line->AppendSwitch(switches::kAllowRunningInsecureContent); 348 command_line->AppendSwitch(switches::kAllowRunningInsecureContent);
349 } 349 }
350 350
351 protected: 351 protected:
352 net::EmbeddedTestServer https_server_; 352 net::EmbeddedTestServer https_server_;
353 353
354 private: 354 private:
355 DISALLOW_COPY_AND_ASSIGN(SecurityStyleChangedTest); 355 DISALLOW_COPY_AND_ASSIGN(SecurityStyleChangedTest);
356 }; 356 };
357 357
358 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, HttpPage) { 358 } // namespace
359
360 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest, HttpPage) {
359 ASSERT_TRUE(embedded_test_server()->Start()); 361 ASSERT_TRUE(embedded_test_server()->Start());
360 ui_test_utils::NavigateToURL( 362 ui_test_utils::NavigateToURL(
361 browser(), embedded_test_server()->GetURL("/ssl/google.html")); 363 browser(), embedded_test_server()->GetURL("/ssl/google.html"));
362 content::WebContents* contents = 364 content::WebContents* contents =
363 browser()->tab_strip_model()->GetActiveWebContents(); 365 browser()->tab_strip_model()->GetActiveWebContents();
364 ASSERT_TRUE(contents); 366 ASSERT_TRUE(contents);
365 367
366 ChromeSecurityStateModelClient* model_client = 368 ChromeSecurityStateModel* model =
367 ChromeSecurityStateModelClient::FromWebContents(contents); 369 ChromeSecurityStateModel::FromWebContents(contents);
368 ASSERT_TRUE(model_client); 370 ASSERT_TRUE(model);
369 SecurityStateModel::SecurityInfo security_info; 371 SecurityStateModel::SecurityInfo security_info;
370 model_client->GetSecurityInfo(&security_info); 372 model->GetSecurityInfo(&security_info);
371 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 373 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level);
372 EXPECT_EQ(SecurityStateModel::NO_DEPRECATED_SHA1, 374 EXPECT_EQ(SecurityStateModel::NO_DEPRECATED_SHA1,
373 security_info.sha1_deprecation_status); 375 security_info.sha1_deprecation_status);
374 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_NONE, 376 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_NONE,
375 security_info.mixed_content_status); 377 security_info.mixed_content_status);
376 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 378 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
377 EXPECT_FALSE(security_info.scheme_is_cryptographic); 379 EXPECT_FALSE(security_info.scheme_is_cryptographic);
378 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 380 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
379 EXPECT_FALSE(!!security_info.certificate); 381 EXPECT_FALSE(!!security_info.certificate);
380 EXPECT_EQ(-1, security_info.security_bits); 382 EXPECT_EQ(-1, security_info.security_bits);
381 EXPECT_EQ(0, security_info.connection_status); 383 EXPECT_EQ(0, security_info.connection_status);
382 } 384 }
383 385
384 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, HttpsPage) { 386 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest, HttpsPage) {
385 ASSERT_TRUE(https_server_.Start()); 387 ASSERT_TRUE(https_server_.Start());
386 SetUpMockCertVerifierForHttpsServer(0, net::OK); 388 SetUpMockCertVerifierForHttpsServer(0, net::OK);
387 389
388 ui_test_utils::NavigateToURL(browser(), 390 ui_test_utils::NavigateToURL(browser(),
389 https_server_.GetURL("/ssl/google.html")); 391 https_server_.GetURL("/ssl/google.html"));
390 CheckSecurityInfoForSecure( 392 CheckSecurityInfoForSecure(
391 browser()->tab_strip_model()->GetActiveWebContents(), 393 browser()->tab_strip_model()->GetActiveWebContents(),
392 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 394 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1,
393 SecurityStateModel::CONTENT_STATUS_NONE, false, 395 SecurityStateModel::CONTENT_STATUS_NONE, false,
394 false /* expect cert status error */); 396 false /* expect cert status error */);
395 } 397 }
396 398
397 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, SHA1Broken) { 399 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest, SHA1Broken) {
398 ASSERT_TRUE(https_server_.Start()); 400 ASSERT_TRUE(https_server_.Start());
399 // The test server uses a long-lived cert by default, so a SHA1 401 // The test server uses a long-lived cert by default, so a SHA1
400 // signature in it will register as a "broken" condition rather than 402 // signature in it will register as a "broken" condition rather than
401 // "warning". 403 // "warning".
402 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, 404 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT,
403 net::OK); 405 net::OK);
404 406
405 ui_test_utils::NavigateToURL(browser(), 407 ui_test_utils::NavigateToURL(browser(),
406 https_server_.GetURL("/ssl/google.html")); 408 https_server_.GetURL("/ssl/google.html"));
407 CheckSecurityInfoForSecure( 409 CheckSecurityInfoForSecure(
408 browser()->tab_strip_model()->GetActiveWebContents(), 410 browser()->tab_strip_model()->GetActiveWebContents(),
409 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 411 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR,
410 SecurityStateModel::CONTENT_STATUS_NONE, false, 412 SecurityStateModel::CONTENT_STATUS_NONE, false,
411 false /* expect cert status error */); 413 false /* expect cert status error */);
412 } 414 }
413 415
414 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, MixedContent) { 416 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest, MixedContent) {
415 ASSERT_TRUE(embedded_test_server()->Start()); 417 ASSERT_TRUE(embedded_test_server()->Start());
416 ASSERT_TRUE(https_server_.Start()); 418 ASSERT_TRUE(https_server_.Start());
417 SetUpMockCertVerifierForHttpsServer(0, net::OK); 419 SetUpMockCertVerifierForHttpsServer(0, net::OK);
418 host_resolver()->AddRule("example.test", 420 host_resolver()->AddRule("example.test",
419 https_server_.GetURL("/title1.html").host()); 421 https_server_.GetURL("/title1.html").host());
420 422
421 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); 423 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair();
422 replacement_pair.set_host("example.test"); 424 replacement_pair.set_host("example.test");
423 425
424 // Navigate to an HTTPS page that displays mixed content. 426 // Navigate to an HTTPS page that displays mixed content.
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after
495 &replacement_path); 497 &replacement_path);
496 ui_test_utils::NavigateToURL(browser(), 498 ui_test_utils::NavigateToURL(browser(),
497 https_server_.GetURL(replacement_path)); 499 https_server_.GetURL(replacement_path));
498 CheckSecurityInfoForSecure( 500 CheckSecurityInfoForSecure(
499 browser()->tab_strip_model()->GetActiveWebContents(), 501 browser()->tab_strip_model()->GetActiveWebContents(),
500 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 502 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1,
501 SecurityStateModel::CONTENT_STATUS_RAN, false, 503 SecurityStateModel::CONTENT_STATUS_RAN, false,
502 false /* expect cert status error */); 504 false /* expect cert status error */);
503 } 505 }
504 506
505 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 507 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest,
506 ActiveContentWithCertErrors) { 508 ActiveContentWithCertErrors) {
507 ASSERT_TRUE(https_server_.Start()); 509 ASSERT_TRUE(https_server_.Start());
508 SetUpMockCertVerifierForHttpsServer(0, net::OK); 510 SetUpMockCertVerifierForHttpsServer(0, net::OK);
509 511
510 // Navigate to an HTTPS page and simulate active content with 512 // Navigate to an HTTPS page and simulate active content with
511 // certificate errors. 513 // certificate errors.
512 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 514 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
513 content::WebContents* web_contents = 515 content::WebContents* web_contents =
514 browser()->tab_strip_model()->GetActiveWebContents(); 516 browser()->tab_strip_model()->GetActiveWebContents();
515 ASSERT_TRUE(web_contents); 517 ASSERT_TRUE(web_contents);
516 content::NavigationEntry* entry = 518 content::NavigationEntry* entry =
517 web_contents->GetController().GetVisibleEntry(); 519 web_contents->GetController().GetVisibleEntry();
518 ASSERT_TRUE(entry); 520 ASSERT_TRUE(entry);
519 entry->GetSSL().content_status |= 521 entry->GetSSL().content_status |=
520 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS; 522 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS;
521 523
522 ChromeSecurityStateModelClient* model_client = 524 ChromeSecurityStateModel* model =
523 ChromeSecurityStateModelClient::FromWebContents(web_contents); 525 ChromeSecurityStateModel::FromWebContents(web_contents);
524 ASSERT_TRUE(model_client); 526 ASSERT_TRUE(model);
525 SecurityStateModel::SecurityInfo security_info; 527 SecurityStateModel::SecurityInfo security_info;
526 model_client->GetSecurityInfo(&security_info); 528 model->GetSecurityInfo(&security_info);
527 529
528 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 530 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
529 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level); 531 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level);
530 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_RAN, 532 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_RAN,
531 security_info.content_with_cert_errors_status); 533 security_info.content_with_cert_errors_status);
532 } 534 }
533 535
534 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 536 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest,
535 PassiveContentWithCertErrors) { 537 PassiveContentWithCertErrors) {
536 ASSERT_TRUE(https_server_.Start()); 538 ASSERT_TRUE(https_server_.Start());
537 SetUpMockCertVerifierForHttpsServer(0, net::OK); 539 SetUpMockCertVerifierForHttpsServer(0, net::OK);
538 540
539 // Navigate to an HTTPS page and simulate passive content with 541 // Navigate to an HTTPS page and simulate passive content with
540 // certificate errors. 542 // certificate errors.
541 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 543 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
542 content::WebContents* web_contents = 544 content::WebContents* web_contents =
543 browser()->tab_strip_model()->GetActiveWebContents(); 545 browser()->tab_strip_model()->GetActiveWebContents();
544 ASSERT_TRUE(web_contents); 546 ASSERT_TRUE(web_contents);
545 content::NavigationEntry* entry = 547 content::NavigationEntry* entry =
546 web_contents->GetController().GetVisibleEntry(); 548 web_contents->GetController().GetVisibleEntry();
547 ASSERT_TRUE(entry); 549 ASSERT_TRUE(entry);
548 entry->GetSSL().content_status |= 550 entry->GetSSL().content_status |=
549 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS; 551 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS;
550 552
551 ChromeSecurityStateModelClient* model_client = 553 ChromeSecurityStateModel* model =
552 ChromeSecurityStateModelClient::FromWebContents(web_contents); 554 ChromeSecurityStateModel::FromWebContents(web_contents);
553 ASSERT_TRUE(model_client); 555 ASSERT_TRUE(model);
554 SecurityStateModel::SecurityInfo security_info; 556 SecurityStateModel::SecurityInfo security_info;
555 model_client->GetSecurityInfo(&security_info); 557 model->GetSecurityInfo(&security_info);
556 558
557 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 559 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
558 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 560 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level);
559 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED, 561 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED,
560 security_info.content_with_cert_errors_status); 562 security_info.content_with_cert_errors_status);
561 } 563 }
562 564
563 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 565 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest,
564 ActiveAndPassiveContentWithCertErrors) { 566 ActiveAndPassiveContentWithCertErrors) {
565 ASSERT_TRUE(https_server_.Start()); 567 ASSERT_TRUE(https_server_.Start());
566 SetUpMockCertVerifierForHttpsServer(0, net::OK); 568 SetUpMockCertVerifierForHttpsServer(0, net::OK);
567 569
568 // Navigate to an HTTPS page and simulate active and passive content 570 // Navigate to an HTTPS page and simulate active and passive content
569 // with certificate errors. 571 // with certificate errors.
570 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 572 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
571 content::WebContents* web_contents = 573 content::WebContents* web_contents =
572 browser()->tab_strip_model()->GetActiveWebContents(); 574 browser()->tab_strip_model()->GetActiveWebContents();
573 ASSERT_TRUE(web_contents); 575 ASSERT_TRUE(web_contents);
574 content::NavigationEntry* entry = 576 content::NavigationEntry* entry =
575 web_contents->GetController().GetVisibleEntry(); 577 web_contents->GetController().GetVisibleEntry();
576 ASSERT_TRUE(entry); 578 ASSERT_TRUE(entry);
577 entry->GetSSL().content_status |= 579 entry->GetSSL().content_status |=
578 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS; 580 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS;
579 entry->GetSSL().content_status |= 581 entry->GetSSL().content_status |=
580 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS; 582 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS;
581 583
582 ChromeSecurityStateModelClient* model_client = 584 ChromeSecurityStateModel* model =
583 ChromeSecurityStateModelClient::FromWebContents(web_contents); 585 ChromeSecurityStateModel::FromWebContents(web_contents);
584 ASSERT_TRUE(model_client); 586 ASSERT_TRUE(model);
585 SecurityStateModel::SecurityInfo security_info; 587 SecurityStateModel::SecurityInfo security_info;
586 model_client->GetSecurityInfo(&security_info); 588 model->GetSecurityInfo(&security_info);
587 589
588 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 590 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
589 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level); 591 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level);
590 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, 592 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN,
591 security_info.content_with_cert_errors_status); 593 security_info.content_with_cert_errors_status);
592 } 594 }
593 595
594 // Same as the test above but with a long-lived SHA1 cert. 596 // Same as the test above but with a long-lived SHA1 cert.
595 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 597 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest,
596 MixedContentWithBrokenSHA1) { 598 MixedContentWithBrokenSHA1) {
597 ASSERT_TRUE(embedded_test_server()->Start()); 599 ASSERT_TRUE(embedded_test_server()->Start());
598 ASSERT_TRUE(https_server_.Start()); 600 ASSERT_TRUE(https_server_.Start());
599 // The test server uses a long-lived cert by default, so a SHA1 601 // The test server uses a long-lived cert by default, so a SHA1
600 // signature in it will register as a "broken" condition rather than 602 // signature in it will register as a "broken" condition rather than
601 // "warning". 603 // "warning".
602 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, 604 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT,
603 net::OK); 605 net::OK);
604 606
605 host_resolver()->AddRule("example.test", 607 host_resolver()->AddRule("example.test",
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after
664 https_server_.GetURL(replacement_path)); 666 https_server_.GetURL(replacement_path));
665 CheckSecurityInfoForSecure( 667 CheckSecurityInfoForSecure(
666 browser()->tab_strip_model()->GetActiveWebContents(), 668 browser()->tab_strip_model()->GetActiveWebContents(),
667 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 669 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR,
668 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, false, 670 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, false,
669 false /* expect cert status error */); 671 false /* expect cert status error */);
670 } 672 }
671 673
672 // Tests that the Content Security Policy block-all-mixed-content 674 // Tests that the Content Security Policy block-all-mixed-content
673 // directive stops mixed content from running. 675 // directive stops mixed content from running.
674 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 676 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest,
675 MixedContentStrictBlocking) { 677 MixedContentStrictBlocking) {
676 ASSERT_TRUE(https_server_.Start()); 678 ASSERT_TRUE(https_server_.Start());
677 SetUpMockCertVerifierForHttpsServer(0, net::OK); 679 SetUpMockCertVerifierForHttpsServer(0, net::OK);
678 680
679 // Navigate to an HTTPS page that tries to run mixed content in an 681 // Navigate to an HTTPS page that tries to run mixed content in an
680 // iframe, with strict mixed content blocking. 682 // iframe, with strict mixed content blocking.
681 std::string replacement_path; 683 std::string replacement_path;
682 net::HostPortPair host_port_pair = 684 net::HostPortPair host_port_pair =
683 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html")); 685 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html"));
684 host_port_pair.set_host("different-host.test"); 686 host_port_pair.set_host("different-host.test");
685 host_resolver()->AddRule("different-host.test", 687 host_resolver()->AddRule("different-host.test",
686 https_server_.GetURL("/title1.html").host()); 688 https_server_.GetURL("/title1.html").host());
687 GetFilePathWithHostAndPortReplacement( 689 GetFilePathWithHostAndPortReplacement(
688 "/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html", 690 "/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html",
689 host_port_pair, &replacement_path); 691 host_port_pair, &replacement_path);
690 ui_test_utils::NavigateToURL(browser(), 692 ui_test_utils::NavigateToURL(browser(),
691 https_server_.GetURL(replacement_path)); 693 https_server_.GetURL(replacement_path));
692 CheckSecurityInfoForSecure( 694 CheckSecurityInfoForSecure(
693 browser()->tab_strip_model()->GetActiveWebContents(), 695 browser()->tab_strip_model()->GetActiveWebContents(),
694 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 696 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1,
695 SecurityStateModel::CONTENT_STATUS_NONE, false, 697 SecurityStateModel::CONTENT_STATUS_NONE, false,
696 false /* expect cert status error */); 698 false /* expect cert status error */);
697 } 699 }
698 700
699 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, BrokenHTTPS) { 701 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest, BrokenHTTPS) {
700 ASSERT_TRUE(embedded_test_server()->Start()); 702 ASSERT_TRUE(embedded_test_server()->Start());
701 ASSERT_TRUE(https_server_.Start()); 703 ASSERT_TRUE(https_server_.Start());
702 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_DATE_INVALID, 704 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_DATE_INVALID,
703 net::ERR_CERT_DATE_INVALID); 705 net::ERR_CERT_DATE_INVALID);
704 706
705 ui_test_utils::NavigateToURL(browser(), 707 ui_test_utils::NavigateToURL(browser(),
706 https_server_.GetURL("/ssl/google.html")); 708 https_server_.GetURL("/ssl/google.html"));
707 CheckSecurityInfoForSecure( 709 CheckSecurityInfoForSecure(
708 browser()->tab_strip_model()->GetActiveWebContents(), 710 browser()->tab_strip_model()->GetActiveWebContents(),
709 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 711 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1,
(...skipping 16 matching lines...) Expand all
726 embedded_test_server()->host_port_pair(), &replacement_path); 728 embedded_test_server()->host_port_pair(), &replacement_path);
727 ui_test_utils::NavigateToURL(browser(), 729 ui_test_utils::NavigateToURL(browser(),
728 https_server_.GetURL(replacement_path)); 730 https_server_.GetURL(replacement_path));
729 CheckSecurityInfoForSecure( 731 CheckSecurityInfoForSecure(
730 browser()->tab_strip_model()->GetActiveWebContents(), 732 browser()->tab_strip_model()->GetActiveWebContents(),
731 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 733 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1,
732 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 734 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false,
733 true /* expect cert status error */); 735 true /* expect cert status error */);
734 } 736 }
735 737
738 namespace {
739
736 const char kReportURI[] = "https://report-hpkp.test"; 740 const char kReportURI[] = "https://report-hpkp.test";
737 741
738 class PKPModelClientTest : public ChromeSecurityStateModelClientTest { 742 class PKPModelClientTest : public ChromeSecurityStateModelTest {
739 public: 743 public:
740 void SetUpOnMainThread() override { 744 void SetUpOnMainThread() override {
741 ASSERT_TRUE(https_server_.Start()); 745 ASSERT_TRUE(https_server_.Start());
742 url_request_context_getter_ = browser()->profile()->GetRequestContext(); 746 url_request_context_getter_ = browser()->profile()->GetRequestContext();
743 content::BrowserThread::PostTask( 747 content::BrowserThread::PostTask(
744 content::BrowserThread::IO, FROM_HERE, 748 content::BrowserThread::IO, FROM_HERE,
745 base::Bind(&PKPModelClientTest::SetUpOnIOThread, 749 base::Bind(&PKPModelClientTest::SetUpOnIOThread,
746 base::Unretained(this))); 750 base::Unretained(this)));
747 } 751 }
748 752
(...skipping 12 matching lines...) Expand all
761 hashes.push_back(hash); 765 hashes.push_back(hash);
762 766
763 security_state->AddHPKP(https_server_.host_port_pair().host(), expiration, 767 security_state->AddHPKP(https_server_.host_port_pair().host(), expiration,
764 true, hashes, GURL(kReportURI)); 768 true, hashes, GURL(kReportURI));
765 } 769 }
766 770
767 protected: 771 protected:
768 scoped_refptr<net::URLRequestContextGetter> url_request_context_getter_; 772 scoped_refptr<net::URLRequestContextGetter> url_request_context_getter_;
769 }; 773 };
770 774
775 } // namespace
776
771 IN_PROC_BROWSER_TEST_F(PKPModelClientTest, PKPBypass) { 777 IN_PROC_BROWSER_TEST_F(PKPModelClientTest, PKPBypass) {
772 content::WebContents* web_contents = 778 content::WebContents* web_contents =
773 browser()->tab_strip_model()->GetActiveWebContents(); 779 browser()->tab_strip_model()->GetActiveWebContents();
774 SecurityStyleTestObserver observer(web_contents); 780 SecurityStyleTestObserver observer(web_contents);
775 781
776 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate()); 782 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate());
777 net::CertVerifyResult verify_result; 783 net::CertVerifyResult verify_result;
778 // PKP is bypassed when |is_issued_by_known_root| is false. 784 // PKP is bypassed when |is_issued_by_known_root| is false.
779 verify_result.is_issued_by_known_root = false; 785 verify_result.is_issued_by_known_root = false;
780 verify_result.verified_cert = cert; 786 verify_result.verified_cert = cert;
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
813 verify_result.public_key_hashes.push_back(hash); 819 verify_result.public_key_hashes.push_back(hash);
814 820
815 mock_cert_verifier()->AddResultForCert(cert, verify_result, net::OK); 821 mock_cert_verifier()->AddResultForCert(cert, verify_result, net::OK);
816 822
817 ui_test_utils::NavigateToURL(browser(), 823 ui_test_utils::NavigateToURL(browser(),
818 https_server_.GetURL("/ssl/google.html")); 824 https_server_.GetURL("/ssl/google.html"));
819 CheckBrokenSecurityStyle(observer, net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN, 825 CheckBrokenSecurityStyle(observer, net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN,
820 browser(), cert.get()); 826 browser(), cert.get());
821 } 827 }
822 828
829 namespace {
830
823 // Fails requests with ERR_IO_PENDING. Can be used to simulate a navigation 831 // Fails requests with ERR_IO_PENDING. Can be used to simulate a navigation
824 // that never stops loading. 832 // that never stops loading.
825 class PendingJobInterceptor : public net::URLRequestInterceptor { 833 class PendingJobInterceptor : public net::URLRequestInterceptor {
826 public: 834 public:
827 PendingJobInterceptor() {} 835 PendingJobInterceptor() {}
828 ~PendingJobInterceptor() override {} 836 ~PendingJobInterceptor() override {}
829 837
830 // URLRequestInterceptor implementation 838 // URLRequestInterceptor implementation
831 net::URLRequestJob* MaybeInterceptRequest( 839 net::URLRequestJob* MaybeInterceptRequest(
832 net::URLRequest* request, 840 net::URLRequest* request,
833 net::NetworkDelegate* network_delegate) const override { 841 net::NetworkDelegate* network_delegate) const override {
834 return new net::URLRequestFailedJob(request, network_delegate, 842 return new net::URLRequestFailedJob(request, network_delegate,
835 net::ERR_IO_PENDING); 843 net::ERR_IO_PENDING);
836 } 844 }
837 845
838 private: 846 private:
839 DISALLOW_COPY_AND_ASSIGN(PendingJobInterceptor); 847 DISALLOW_COPY_AND_ASSIGN(PendingJobInterceptor);
840 }; 848 };
841 849
842 void InstallLoadingInterceptor(const std::string& host) { 850 void InstallLoadingInterceptor(const std::string& host) {
843 net::URLRequestFilter* filter = net::URLRequestFilter::GetInstance(); 851 net::URLRequestFilter* filter = net::URLRequestFilter::GetInstance();
844 filter->AddHostnameInterceptor( 852 filter->AddHostnameInterceptor(
845 "http", host, 853 "http", host,
846 std::unique_ptr<net::URLRequestInterceptor>(new PendingJobInterceptor())); 854 std::unique_ptr<net::URLRequestInterceptor>(new PendingJobInterceptor()));
847 } 855 }
848 856
849 class SecurityStateModelLoadingTest 857 class SecurityStateModelLoadingTest
850 : public ChromeSecurityStateModelClientTest { 858 : public ChromeSecurityStateModelTest {
851 public: 859 public:
852 SecurityStateModelLoadingTest() : ChromeSecurityStateModelClientTest() {} 860 SecurityStateModelLoadingTest() : ChromeSecurityStateModelTest() {}
853 ~SecurityStateModelLoadingTest() override{}; 861 ~SecurityStateModelLoadingTest() override{};
854 862
855 protected: 863 protected:
856 void SetUpOnMainThread() override { 864 void SetUpOnMainThread() override {
857 ASSERT_TRUE(embedded_test_server()->Start()); 865 ASSERT_TRUE(embedded_test_server()->Start());
858 866
859 content::BrowserThread::PostTask( 867 content::BrowserThread::PostTask(
860 content::BrowserThread::IO, FROM_HERE, 868 content::BrowserThread::IO, FROM_HERE,
861 base::Bind(&InstallLoadingInterceptor, 869 base::Bind(&InstallLoadingInterceptor,
862 embedded_test_server()->GetURL("/title1.html").host())); 870 embedded_test_server()->GetURL("/title1.html").host()));
863 } 871 }
864 872
865 DISALLOW_COPY_AND_ASSIGN(SecurityStateModelLoadingTest); 873 DISALLOW_COPY_AND_ASSIGN(SecurityStateModelLoadingTest);
866 }; 874 };
867 875
876 } // namespace
877
868 // Tests that navigation state changes cause the security state to be 878 // Tests that navigation state changes cause the security state to be
869 // updated. 879 // updated.
870 IN_PROC_BROWSER_TEST_F(SecurityStateModelLoadingTest, NavigationStateChanges) { 880 IN_PROC_BROWSER_TEST_F(SecurityStateModelLoadingTest, NavigationStateChanges) {
871 ASSERT_TRUE(https_server_.Start()); 881 ASSERT_TRUE(https_server_.Start());
872 SetUpMockCertVerifierForHttpsServer(0, net::OK); 882 SetUpMockCertVerifierForHttpsServer(0, net::OK);
873 883
874 // Navigate to an HTTPS page. 884 // Navigate to an HTTPS page.
875 ui_test_utils::NavigateToURL(browser(), 885 ui_test_utils::NavigateToURL(browser(),
876 https_server_.GetURL("/ssl/google.html")); 886 https_server_.GetURL("/ssl/google.html"));
877 CheckSecurityInfoForSecure( 887 CheckSecurityInfoForSecure(
878 browser()->tab_strip_model()->GetActiveWebContents(), 888 browser()->tab_strip_model()->GetActiveWebContents(),
879 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 889 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1,
880 SecurityStateModel::CONTENT_STATUS_NONE, false, 890 SecurityStateModel::CONTENT_STATUS_NONE, false,
881 false /* expect cert status error */); 891 false /* expect cert status error */);
882 892
883 // Navigate to a page that doesn't finish loading. Test that the 893 // Navigate to a page that doesn't finish loading. Test that the
884 // security state is neutral while the page is loading. 894 // security state is neutral while the page is loading.
885 browser()->OpenURL(content::OpenURLParams( 895 browser()->OpenURL(content::OpenURLParams(
886 embedded_test_server()->GetURL("/title1.html"), content::Referrer(), 896 embedded_test_server()->GetURL("/title1.html"), content::Referrer(),
887 WindowOpenDisposition::CURRENT_TAB, ui::PAGE_TRANSITION_TYPED, false)); 897 WindowOpenDisposition::CURRENT_TAB, ui::PAGE_TRANSITION_TYPED, false));
888 CheckSecurityInfoForNonSecure( 898 CheckSecurityInfoForNonSecure(
889 browser()->tab_strip_model()->GetActiveWebContents()); 899 browser()->tab_strip_model()->GetActiveWebContents());
890 } 900 }
891 901
892 // Tests that the NavigationEntry's flags for nonsecure password/credit 902 // Tests that the NavigationEntry's flags for nonsecure password/credit
893 // card inputs are reflected in the VisibleSecurityState. 903 // card inputs are reflected in the VisibleSecurityState.
894 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 904 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest,
895 VisibleSecurityStateNonsecureFormInputs) { 905 VisibleSecurityStateNonsecureFormInputs) {
896 ASSERT_TRUE(https_server_.Start()); 906 ASSERT_TRUE(https_server_.Start());
897 ui_test_utils::NavigateToURL(browser(), 907 ui_test_utils::NavigateToURL(browser(),
898 https_server_.GetURL("/ssl/google.html")); 908 https_server_.GetURL("/ssl/google.html"));
899 909
900 content::WebContents* contents = 910 content::WebContents* contents =
901 browser()->tab_strip_model()->GetActiveWebContents(); 911 browser()->tab_strip_model()->GetActiveWebContents();
902 ASSERT_TRUE(contents); 912 ASSERT_TRUE(contents);
903 913
904 ChromeSecurityStateModelClient* model_client = 914 ChromeSecurityStateModel* model =
905 ChromeSecurityStateModelClient::FromWebContents(contents); 915 ChromeSecurityStateModel::FromWebContents(contents);
906 ASSERT_TRUE(model_client); 916 ASSERT_TRUE(model);
907 917
908 // First, test that if the flags aren't set on the NavigationEntry, 918 // First, test that if the flags aren't set on the NavigationEntry,
909 // then they also aren't set on the VisibleSecurityState. 919 // then they also aren't set on the VisibleSecurityState.
910 content::SSLStatus& ssl_status = 920 content::SSLStatus& ssl_status =
911 contents->GetController().GetVisibleEntry()->GetSSL(); 921 contents->GetController().GetVisibleEntry()->GetSSL();
912 ASSERT_FALSE(ssl_status.content_status & 922 ASSERT_FALSE(ssl_status.content_status &
913 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 923 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
914 ASSERT_FALSE(ssl_status.content_status & 924 ASSERT_FALSE(ssl_status.content_status &
915 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); 925 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP);
916 SecurityStateModel::VisibleSecurityState 926 std::unique_ptr<SecurityStateModel::VisibleSecurityState>
917 visible_security_state_no_sensitive_inputs; 927 visible_security_state_no_sensitive_inputs =
918 model_client->GetVisibleSecurityState( 928 model->web_contents_model_->GetVisibleSecurityState(
919 &visible_security_state_no_sensitive_inputs); 929 model->GetMalwareStatus());
920 EXPECT_FALSE(visible_security_state_no_sensitive_inputs 930 EXPECT_FALSE(visible_security_state_no_sensitive_inputs
921 .displayed_password_field_on_http); 931 ->displayed_password_field_on_http);
922 EXPECT_FALSE(visible_security_state_no_sensitive_inputs 932 EXPECT_FALSE(visible_security_state_no_sensitive_inputs
923 .displayed_credit_card_field_on_http); 933 ->displayed_credit_card_field_on_http);
924 934
925 // Now, set the flags on the NavigationEntry and test that they are 935 // Now, set the flags on the NavigationEntry and test that they are
926 // reflected in the VisibleSecurityState. 936 // reflected in the VisibleSecurityState.
927 ssl_status.content_status |= 937 ssl_status.content_status |=
928 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP; 938 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP;
929 ssl_status.content_status |= 939 ssl_status.content_status |=
930 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP; 940 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP;
931 SecurityStateModel::VisibleSecurityState 941 std::unique_ptr<SecurityStateModel::VisibleSecurityState>
932 visible_security_state_sensitive_inputs; 942 visible_security_state_sensitive_inputs =
933 model_client->GetVisibleSecurityState( 943 model->web_contents_model_->GetVisibleSecurityState(
934 &visible_security_state_sensitive_inputs); 944 model->GetMalwareStatus());
935 EXPECT_TRUE(
936 visible_security_state_sensitive_inputs.displayed_password_field_on_http);
937 EXPECT_TRUE(visible_security_state_sensitive_inputs 945 EXPECT_TRUE(visible_security_state_sensitive_inputs
938 .displayed_credit_card_field_on_http); 946 ->displayed_password_field_on_http);
947 EXPECT_TRUE(visible_security_state_sensitive_inputs
948 ->displayed_credit_card_field_on_http);
939 } 949 }
940 950
941 // Tests that when a visible password field is detected on an HTTP page 951 // Tests that when a visible password field is detected on an HTTP page
942 // load, and when the command-line flag is set, the security level is 952 // load, and when the command-line flag is set, the security level is
943 // downgraded to HTTP_SHOW_WARNING. 953 // downgraded to HTTP_SHOW_WARNING.
944 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 954 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTestWithPasswordCcSwitch,
945 PasswordSecurityLevelDowngraded) { 955 PasswordSecurityLevelDowngraded) {
946 content::WebContents* contents = 956 content::WebContents* contents =
947 browser()->tab_strip_model()->GetActiveWebContents(); 957 browser()->tab_strip_model()->GetActiveWebContents();
948 ASSERT_TRUE(contents); 958 ASSERT_TRUE(contents);
949 959
950 ChromeSecurityStateModelClient* model_client = 960 ChromeSecurityStateModel* model =
951 ChromeSecurityStateModelClient::FromWebContents(contents); 961 ChromeSecurityStateModel::FromWebContents(contents);
952 ASSERT_TRUE(model_client); 962 ASSERT_TRUE(model);
953 963
954 ui_test_utils::NavigateToURL( 964 ui_test_utils::NavigateToURL(
955 browser(), GetURLWithNonLocalHostname(embedded_test_server(), 965 browser(), GetURLWithNonLocalHostname(embedded_test_server(),
956 "/password/simple_password.html")); 966 "/password/simple_password.html"));
957 security_state::SecurityStateModel::SecurityInfo security_info; 967 security_state::SecurityStateModel::SecurityInfo security_info;
958 model_client->GetSecurityInfo(&security_info); 968 model->GetSecurityInfo(&security_info);
959 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 969 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
960 security_info.security_level); 970 security_info.security_level);
961 971
962 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 972 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
963 ASSERT_TRUE(entry); 973 ASSERT_TRUE(entry);
964 EXPECT_TRUE(entry->GetSSL().content_status & 974 EXPECT_TRUE(entry->GetSSL().content_status &
965 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 975 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
966 } 976 }
967 977
968 // Tests that when an invisible password field is present on an HTTP page 978 // Tests that when an invisible password field is present on an HTTP page
969 // load, and when the command-line flag is set, the security level is 979 // load, and when the command-line flag is set, the security level is
970 // *not* downgraded to HTTP_SHOW_WARNING. 980 // *not* downgraded to HTTP_SHOW_WARNING.
971 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 981 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTestWithPasswordCcSwitch,
972 PasswordSecurityLevelNotDowngradedForInvisibleInput) { 982 PasswordSecurityLevelNotDowngradedForInvisibleInput) {
973 content::WebContents* contents = 983 content::WebContents* contents =
974 browser()->tab_strip_model()->GetActiveWebContents(); 984 browser()->tab_strip_model()->GetActiveWebContents();
975 ASSERT_TRUE(contents); 985 ASSERT_TRUE(contents);
976 986
977 ChromeSecurityStateModelClient* model_client = 987 ChromeSecurityStateModel* model =
978 ChromeSecurityStateModelClient::FromWebContents(contents); 988 ChromeSecurityStateModel::FromWebContents(contents);
979 ASSERT_TRUE(model_client); 989 ASSERT_TRUE(model);
980 990
981 ui_test_utils::NavigateToURL( 991 ui_test_utils::NavigateToURL(
982 browser(), 992 browser(),
983 GetURLWithNonLocalHostname(embedded_test_server(), 993 GetURLWithNonLocalHostname(embedded_test_server(),
984 "/password/invisible_password.html")); 994 "/password/invisible_password.html"));
985 security_state::SecurityStateModel::SecurityInfo security_info; 995 security_state::SecurityStateModel::SecurityInfo security_info;
986 model_client->GetSecurityInfo(&security_info); 996 model->GetSecurityInfo(&security_info);
987 EXPECT_EQ(security_state::SecurityStateModel::NONE, 997 EXPECT_EQ(security_state::SecurityStateModel::NONE,
988 security_info.security_level); 998 security_info.security_level);
989 999
990 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1000 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
991 ASSERT_TRUE(entry); 1001 ASSERT_TRUE(entry);
992 EXPECT_FALSE(entry->GetSSL().content_status & 1002 EXPECT_FALSE(entry->GetSSL().content_status &
993 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1003 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
994 } 1004 }
995 1005
996 // Tests that when a visible password field is detected inside an iframe 1006 // Tests that when a visible password field is detected inside an iframe
997 // on an HTTP page load, and when the command-line flag is set, the 1007 // on an HTTP page load, and when the command-line flag is set, the
998 // security level is downgraded to HTTP_SHOW_WARNING. 1008 // security level is downgraded to HTTP_SHOW_WARNING.
999 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1009 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTestWithPasswordCcSwitch,
1000 PasswordSecurityLevelDowngradedFromIframe) { 1010 PasswordSecurityLevelDowngradedFromIframe) {
1001 content::WebContents* contents = 1011 content::WebContents* contents =
1002 browser()->tab_strip_model()->GetActiveWebContents(); 1012 browser()->tab_strip_model()->GetActiveWebContents();
1003 ASSERT_TRUE(contents); 1013 ASSERT_TRUE(contents);
1004 1014
1005 ChromeSecurityStateModelClient* model_client = 1015 ChromeSecurityStateModel* model =
1006 ChromeSecurityStateModelClient::FromWebContents(contents); 1016 ChromeSecurityStateModel::FromWebContents(contents);
1007 ASSERT_TRUE(model_client); 1017 ASSERT_TRUE(model);
1008 1018
1009 ui_test_utils::NavigateToURL( 1019 ui_test_utils::NavigateToURL(
1010 browser(), 1020 browser(),
1011 GetURLWithNonLocalHostname(embedded_test_server(), 1021 GetURLWithNonLocalHostname(embedded_test_server(),
1012 "/password/simple_password_in_iframe.html")); 1022 "/password/simple_password_in_iframe.html"));
1013 security_state::SecurityStateModel::SecurityInfo security_info; 1023 security_state::SecurityStateModel::SecurityInfo security_info;
1014 model_client->GetSecurityInfo(&security_info); 1024 model->GetSecurityInfo(&security_info);
1015 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1025 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
1016 security_info.security_level); 1026 security_info.security_level);
1017 1027
1018 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1028 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1019 ASSERT_TRUE(entry); 1029 ASSERT_TRUE(entry);
1020 EXPECT_TRUE(entry->GetSSL().content_status & 1030 EXPECT_TRUE(entry->GetSSL().content_status &
1021 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1031 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1022 } 1032 }
1023 1033
1024 // Tests that when a visible password field is detected inside an iframe 1034 // Tests that when a visible password field is detected inside an iframe
1025 // on an HTTP page load, and when the command-line flag is set, the 1035 // on an HTTP page load, and when the command-line flag is set, the
1026 // security level is downgraded to HTTP_SHOW_WARNING, even if the iframe 1036 // security level is downgraded to HTTP_SHOW_WARNING, even if the iframe
1027 // itself was loaded over HTTPS. 1037 // itself was loaded over HTTPS.
1028 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1038 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTestWithPasswordCcSwitch,
1029 PasswordSecurityLevelDowngradedFromHttpsIframe) { 1039 PasswordSecurityLevelDowngradedFromHttpsIframe) {
1030 content::WebContents* contents = 1040 content::WebContents* contents =
1031 browser()->tab_strip_model()->GetActiveWebContents(); 1041 browser()->tab_strip_model()->GetActiveWebContents();
1032 ASSERT_TRUE(contents); 1042 ASSERT_TRUE(contents);
1033 1043
1034 ChromeSecurityStateModelClient* model_client = 1044 ChromeSecurityStateModel* model =
1035 ChromeSecurityStateModelClient::FromWebContents(contents); 1045 ChromeSecurityStateModel::FromWebContents(contents);
1036 ASSERT_TRUE(model_client); 1046 ASSERT_TRUE(model);
1037 1047
1038 // Navigate to an HTTP URL, which loads an iframe using the host and port of 1048 // Navigate to an HTTP URL, which loads an iframe using the host and port of
1039 // |https_server_|. 1049 // |https_server_|.
1040 std::string replacement_path; 1050 std::string replacement_path;
1041 GetFilePathWithHostAndPortReplacement( 1051 GetFilePathWithHostAndPortReplacement(
1042 "/password/simple_password_in_https_iframe.html", 1052 "/password/simple_password_in_https_iframe.html",
1043 https_server_.host_port_pair(), &replacement_path); 1053 https_server_.host_port_pair(), &replacement_path);
1044 ui_test_utils::NavigateToURL( 1054 ui_test_utils::NavigateToURL(
1045 browser(), 1055 browser(),
1046 GetURLWithNonLocalHostname(embedded_test_server(), replacement_path)); 1056 GetURLWithNonLocalHostname(embedded_test_server(), replacement_path));
1047 security_state::SecurityStateModel::SecurityInfo security_info; 1057 security_state::SecurityStateModel::SecurityInfo security_info;
1048 model_client->GetSecurityInfo(&security_info); 1058 model->GetSecurityInfo(&security_info);
1049 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1059 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
1050 security_info.security_level); 1060 security_info.security_level);
1051 1061
1052 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1062 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1053 ASSERT_TRUE(entry); 1063 ASSERT_TRUE(entry);
1054 EXPECT_TRUE(entry->GetSSL().content_status & 1064 EXPECT_TRUE(entry->GetSSL().content_status &
1055 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1065 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1056 } 1066 }
1057 1067
1058 // Tests that when a visible password field is detected on an HTTP page 1068 // Tests that when a visible password field is detected on an HTTP page
1059 // load, and when the command-line flag is *not* set, the security level is 1069 // load, and when the command-line flag is *not* set, the security level is
1060 // *not* downgraded to HTTP_SHOW_WARNING. 1070 // *not* downgraded to HTTP_SHOW_WARNING.
1061 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 1071 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest,
1062 PasswordSecurityLevelNotDowngradedWithoutSwitch) { 1072 PasswordSecurityLevelNotDowngradedWithoutSwitch) {
1063 ASSERT_TRUE(embedded_test_server()->Start()); 1073 ASSERT_TRUE(embedded_test_server()->Start());
1064 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 1074 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
1065 1075
1066 content::WebContents* contents = 1076 content::WebContents* contents =
1067 browser()->tab_strip_model()->GetActiveWebContents(); 1077 browser()->tab_strip_model()->GetActiveWebContents();
1068 ASSERT_TRUE(contents); 1078 ASSERT_TRUE(contents);
1069 1079
1070 ChromeSecurityStateModelClient* model_client = 1080 ChromeSecurityStateModel* model =
1071 ChromeSecurityStateModelClient::FromWebContents(contents); 1081 ChromeSecurityStateModel::FromWebContents(contents);
1072 ASSERT_TRUE(model_client); 1082 ASSERT_TRUE(model);
1073 1083
1074 ui_test_utils::NavigateToURL( 1084 ui_test_utils::NavigateToURL(
1075 browser(), GetURLWithNonLocalHostname(embedded_test_server(), 1085 browser(), GetURLWithNonLocalHostname(embedded_test_server(),
1076 "/password/simple_password.html")); 1086 "/password/simple_password.html"));
1077 // The security level should not be HTTP_SHOW_WARNING, because the 1087 // The security level should not be HTTP_SHOW_WARNING, because the
1078 // command-line switch was not set. 1088 // command-line switch was not set.
1079 security_state::SecurityStateModel::SecurityInfo security_info; 1089 security_state::SecurityStateModel::SecurityInfo security_info;
1080 model_client->GetSecurityInfo(&security_info); 1090 model->GetSecurityInfo(&security_info);
1081 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1091 EXPECT_EQ(security_state::SecurityStateModel::NONE,
1082 security_info.security_level); 1092 security_info.security_level);
1083 1093
1084 // The appropriate SSLStatus flags should be set, however. 1094 // The appropriate SSLStatus flags should be set, however.
1085 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1095 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1086 ASSERT_TRUE(entry); 1096 ASSERT_TRUE(entry);
1087 EXPECT_TRUE(entry->GetSSL().content_status & 1097 EXPECT_TRUE(entry->GetSSL().content_status &
1088 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1098 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1089 } 1099 }
1090 1100
1091 // Tests that when a visible password field is detected on an HTTPS page 1101 // Tests that when a visible password field is detected on an HTTPS page
1092 // load, and when the command-line flag is set, the security level is 1102 // load, and when the command-line flag is set, the security level is
1093 // *not* downgraded to HTTP_SHOW_WARNING. 1103 // *not* downgraded to HTTP_SHOW_WARNING.
1094 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1104 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTestWithPasswordCcSwitch,
1095 PasswordSecurityLevelNotDowngradedOnHttps) { 1105 PasswordSecurityLevelNotDowngradedOnHttps) {
1096 content::WebContents* contents = 1106 content::WebContents* contents =
1097 browser()->tab_strip_model()->GetActiveWebContents(); 1107 browser()->tab_strip_model()->GetActiveWebContents();
1098 ASSERT_TRUE(contents); 1108 ASSERT_TRUE(contents);
1099 1109
1100 ChromeSecurityStateModelClient* model_client = 1110 ChromeSecurityStateModel* model =
1101 ChromeSecurityStateModelClient::FromWebContents(contents); 1111 ChromeSecurityStateModel::FromWebContents(contents);
1102 ASSERT_TRUE(model_client); 1112 ASSERT_TRUE(model);
1103 1113
1104 GURL url = GetURLWithNonLocalHostname(&https_server_, 1114 GURL url = GetURLWithNonLocalHostname(&https_server_,
1105 "/password/simple_password.html"); 1115 "/password/simple_password.html");
1106 ui_test_utils::NavigateToURL(browser(), url); 1116 ui_test_utils::NavigateToURL(browser(), url);
1107 // The security level should not be HTTP_SHOW_WARNING, because the page was 1117 // The security level should not be HTTP_SHOW_WARNING, because the page was
1108 // HTTPS instead of HTTP. 1118 // HTTPS instead of HTTP.
1109 security_state::SecurityStateModel::SecurityInfo security_info; 1119 security_state::SecurityStateModel::SecurityInfo security_info;
1110 model_client->GetSecurityInfo(&security_info); 1120 model->GetSecurityInfo(&security_info);
1111 EXPECT_EQ(security_state::SecurityStateModel::SECURE, 1121 EXPECT_EQ(security_state::SecurityStateModel::SECURE,
1112 security_info.security_level); 1122 security_info.security_level);
1113 1123
1114 // The SSLStatus flags should only be set if the top-level page load was HTTP, 1124 // The SSLStatus flags should only be set if the top-level page load was HTTP,
1115 // which it was not in this case. 1125 // which it was not in this case.
1116 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1126 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1117 ASSERT_TRUE(entry); 1127 ASSERT_TRUE(entry);
1118 EXPECT_FALSE(entry->GetSSL().content_status & 1128 EXPECT_FALSE(entry->GetSSL().content_status &
1119 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1129 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1120 } 1130 }
1121 1131
1132 namespace {
1133
1122 // A Browser subclass that keeps track of messages that have been 1134 // A Browser subclass that keeps track of messages that have been
1123 // added to the console. Messages can be retrieved or cleared with 1135 // added to the console. Messages can be retrieved or cleared with
1124 // console_messages() and ClearConsoleMessages(). The user of this class 1136 // console_messages() and ClearConsoleMessages(). The user of this class
1125 // can set a callback to run when the next console message notification 1137 // can set a callback to run when the next console message notification
1126 // arrives. 1138 // arrives.
1127 class ConsoleWebContentsDelegate : public Browser { 1139 class ConsoleWebContentsDelegate : public Browser {
1128 public: 1140 public:
1129 explicit ConsoleWebContentsDelegate(const Browser::CreateParams& params) 1141 explicit ConsoleWebContentsDelegate(const Browser::CreateParams& params)
1130 : Browser(params) {} 1142 : Browser(params) {}
1131 ~ConsoleWebContentsDelegate() override {} 1143 ~ConsoleWebContentsDelegate() override {}
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
1177 // this just looks for keywords in the string rather than the exact 1189 // this just looks for keywords in the string rather than the exact
1178 // text. 1190 // text.
1179 void CheckForOneFutureHttpWarningConsoleMessage( 1191 void CheckForOneFutureHttpWarningConsoleMessage(
1180 ConsoleWebContentsDelegate* delegate) { 1192 ConsoleWebContentsDelegate* delegate) {
1181 const std::vector<base::string16>& messages = delegate->console_messages(); 1193 const std::vector<base::string16>& messages = delegate->console_messages();
1182 ASSERT_EQ(1u, messages.size()); 1194 ASSERT_EQ(1u, messages.size());
1183 EXPECT_NE(base::string16::npos, 1195 EXPECT_NE(base::string16::npos,
1184 messages[0].find(base::ASCIIToUTF16("warning will be added"))); 1196 messages[0].find(base::ASCIIToUTF16("warning will be added")));
1185 } 1197 }
1186 1198
1199 } // namespace
1200
1187 // Tests that console messages are printed upon a call to 1201 // Tests that console messages are printed upon a call to
1188 // GetSecurityInfo() on an HTTP_SHOW_WARNING page, exactly once per 1202 // GetSecurityInfo() on an HTTP_SHOW_WARNING page, exactly once per
1189 // main-frame navigation. 1203 // main-frame navigation.
1190 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1204 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTestWithPasswordCcSwitch,
1191 ConsoleMessage) { 1205 ConsoleMessage) {
1192 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1206 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1193 Browser::CreateParams(browser()->profile())); 1207 Browser::CreateParams(browser()->profile()));
1194 content::WebContents* original_contents = 1208 content::WebContents* original_contents =
1195 browser()->tab_strip_model()->GetActiveWebContents(); 1209 browser()->tab_strip_model()->GetActiveWebContents();
1196 content::WebContents* contents = 1210 content::WebContents* contents =
1197 content::WebContents::Create(content::WebContents::CreateParams( 1211 content::WebContents::Create(content::WebContents::CreateParams(
1198 original_contents->GetBrowserContext())); 1212 original_contents->GetBrowserContext()));
1199 ASSERT_TRUE(contents); 1213 ASSERT_TRUE(contents);
1200 contents->SetDelegate(delegate); 1214 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1213 EXPECT_EQ(http_url, entry->GetURL()); 1227 EXPECT_EQ(http_url, entry->GetURL());
1214 EXPECT_TRUE(delegate->console_messages().empty()); 1228 EXPECT_TRUE(delegate->console_messages().empty());
1215 1229
1216 // Trigger the HTTP_SHOW_WARNING state. 1230 // Trigger the HTTP_SHOW_WARNING state.
1217 base::RunLoop first_message; 1231 base::RunLoop first_message;
1218 delegate->set_console_message_callback(first_message.QuitClosure()); 1232 delegate->set_console_message_callback(first_message.QuitClosure());
1219 contents->OnPasswordInputShownOnHttp(); 1233 contents->OnPasswordInputShownOnHttp();
1220 first_message.Run(); 1234 first_message.Run();
1221 1235
1222 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1236 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1223 ChromeSecurityStateModelClient* client = 1237 ChromeSecurityStateModel* client =
1224 ChromeSecurityStateModelClient::FromWebContents(contents); 1238 ChromeSecurityStateModel::FromWebContents(contents);
1225 ASSERT_TRUE(client); 1239 ASSERT_TRUE(client);
1226 security_state::SecurityStateModel::SecurityInfo security_info; 1240 security_state::SecurityStateModel::SecurityInfo security_info;
1227 client->GetSecurityInfo(&security_info); 1241 client->GetSecurityInfo(&security_info);
1228 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1242 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
1229 security_info.security_level); 1243 security_info.security_level);
1230 1244
1231 // Check that the expected console message is present. 1245 // Check that the expected console message is present.
1232 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1246 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1233 delegate->ClearConsoleMessages(); 1247 delegate->ClearConsoleMessages();
1234 1248
(...skipping 16 matching lines...) Expand all
1251 client->GetSecurityInfo(&security_info); 1265 client->GetSecurityInfo(&security_info);
1252 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1266 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
1253 security_info.security_level); 1267 security_info.security_level);
1254 1268
1255 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1269 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1256 } 1270 }
1257 1271
1258 // Tests that console messages are printed upon a call to 1272 // Tests that console messages are printed upon a call to
1259 // GetSecurityInfo() on a NONE page that will be marked 1273 // GetSecurityInfo() on a NONE page that will be marked
1260 // HTTP_SHOW_WARNING in future, exactly once per main-frame navigation. 1274 // HTTP_SHOW_WARNING in future, exactly once per main-frame navigation.
1261 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, ConsoleMessage) { 1275 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest, ConsoleMessage) {
1262 ASSERT_TRUE(embedded_test_server()->Start()); 1276 ASSERT_TRUE(embedded_test_server()->Start());
1263 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 1277 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
1264 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1278 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1265 Browser::CreateParams(browser()->profile())); 1279 Browser::CreateParams(browser()->profile()));
1266 content::WebContents* original_contents = 1280 content::WebContents* original_contents =
1267 browser()->tab_strip_model()->GetActiveWebContents(); 1281 browser()->tab_strip_model()->GetActiveWebContents();
1268 content::WebContents* contents = 1282 content::WebContents* contents =
1269 content::WebContents::Create(content::WebContents::CreateParams( 1283 content::WebContents::Create(content::WebContents::CreateParams(
1270 original_contents->GetBrowserContext())); 1284 original_contents->GetBrowserContext()));
1271 ASSERT_TRUE(contents); 1285 ASSERT_TRUE(contents);
(...skipping 13 matching lines...) Expand all
1285 EXPECT_EQ(http_url, entry->GetURL()); 1299 EXPECT_EQ(http_url, entry->GetURL());
1286 EXPECT_TRUE(delegate->console_messages().empty()); 1300 EXPECT_TRUE(delegate->console_messages().empty());
1287 1301
1288 // Trigger the a state that will be marked as HTTP_SHOW_WARNING in future. 1302 // Trigger the a state that will be marked as HTTP_SHOW_WARNING in future.
1289 base::RunLoop first_message; 1303 base::RunLoop first_message;
1290 delegate->set_console_message_callback(first_message.QuitClosure()); 1304 delegate->set_console_message_callback(first_message.QuitClosure());
1291 contents->OnPasswordInputShownOnHttp(); 1305 contents->OnPasswordInputShownOnHttp();
1292 first_message.Run(); 1306 first_message.Run();
1293 1307
1294 // Check that the correct state was actually triggered. 1308 // Check that the correct state was actually triggered.
1295 ChromeSecurityStateModelClient* client = 1309 ChromeSecurityStateModel* client =
1296 ChromeSecurityStateModelClient::FromWebContents(contents); 1310 ChromeSecurityStateModel::FromWebContents(contents);
1297 ASSERT_TRUE(client); 1311 ASSERT_TRUE(client);
1298 security_state::SecurityStateModel::SecurityInfo security_info; 1312 security_state::SecurityStateModel::SecurityInfo security_info;
1299 client->GetSecurityInfo(&security_info); 1313 client->GetSecurityInfo(&security_info);
1300 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1314 EXPECT_EQ(security_state::SecurityStateModel::NONE,
1301 security_info.security_level); 1315 security_info.security_level);
1302 EXPECT_TRUE(security_info.displayed_private_user_data_input_on_http); 1316 EXPECT_TRUE(security_info.displayed_private_user_data_input_on_http);
1303 1317
1304 // Check that the expected console message is present. 1318 // Check that the expected console message is present.
1305 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate)); 1319 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate));
1306 delegate->ClearConsoleMessages(); 1320 delegate->ClearConsoleMessages();
(...skipping 17 matching lines...) Expand all
1324 client->GetSecurityInfo(&security_info); 1338 client->GetSecurityInfo(&security_info);
1325 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1339 EXPECT_EQ(security_state::SecurityStateModel::NONE,
1326 security_info.security_level); 1340 security_info.security_level);
1327 EXPECT_TRUE(security_info.displayed_private_user_data_input_on_http); 1341 EXPECT_TRUE(security_info.displayed_private_user_data_input_on_http);
1328 1342
1329 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate)); 1343 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate));
1330 } 1344 }
1331 1345
1332 // Tests that additional HTTP_SHOW_WARNING console messages are not 1346 // Tests that additional HTTP_SHOW_WARNING console messages are not
1333 // printed after subframe navigations. 1347 // printed after subframe navigations.
1334 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1348 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTestWithPasswordCcSwitch,
1335 ConsoleMessageNotPrintedForFrameNavigation) { 1349 ConsoleMessageNotPrintedForFrameNavigation) {
1336 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1350 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1337 Browser::CreateParams(browser()->profile())); 1351 Browser::CreateParams(browser()->profile()));
1338 content::WebContents* original_contents = 1352 content::WebContents* original_contents =
1339 browser()->tab_strip_model()->GetActiveWebContents(); 1353 browser()->tab_strip_model()->GetActiveWebContents();
1340 content::WebContents* contents = 1354 content::WebContents* contents =
1341 content::WebContents::Create(content::WebContents::CreateParams( 1355 content::WebContents::Create(content::WebContents::CreateParams(
1342 original_contents->GetBrowserContext())); 1356 original_contents->GetBrowserContext()));
1343 ASSERT_TRUE(contents); 1357 ASSERT_TRUE(contents);
1344 contents->SetDelegate(delegate); 1358 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1357 EXPECT_EQ(http_url, entry->GetURL()); 1371 EXPECT_EQ(http_url, entry->GetURL());
1358 EXPECT_TRUE(delegate->console_messages().empty()); 1372 EXPECT_TRUE(delegate->console_messages().empty());
1359 1373
1360 // Trigger the HTTP_SHOW_WARNING state. 1374 // Trigger the HTTP_SHOW_WARNING state.
1361 base::RunLoop first_message; 1375 base::RunLoop first_message;
1362 delegate->set_console_message_callback(first_message.QuitClosure()); 1376 delegate->set_console_message_callback(first_message.QuitClosure());
1363 contents->OnPasswordInputShownOnHttp(); 1377 contents->OnPasswordInputShownOnHttp();
1364 first_message.Run(); 1378 first_message.Run();
1365 1379
1366 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1380 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1367 ChromeSecurityStateModelClient* client = 1381 ChromeSecurityStateModel* client =
1368 ChromeSecurityStateModelClient::FromWebContents(contents); 1382 ChromeSecurityStateModel::FromWebContents(contents);
1369 ASSERT_TRUE(client); 1383 ASSERT_TRUE(client);
1370 security_state::SecurityStateModel::SecurityInfo security_info; 1384 security_state::SecurityStateModel::SecurityInfo security_info;
1371 client->GetSecurityInfo(&security_info); 1385 client->GetSecurityInfo(&security_info);
1372 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1386 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
1373 security_info.security_level); 1387 security_info.security_level);
1374 1388
1375 // Check that the expected console message is present. 1389 // Check that the expected console message is present.
1376 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1390 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1377 delegate->ClearConsoleMessages(); 1391 delegate->ClearConsoleMessages();
1378 1392
(...skipping 29 matching lines...) Expand all
1408 second_message.Run(); 1422 second_message.Run();
1409 1423
1410 client->GetSecurityInfo(&security_info); 1424 client->GetSecurityInfo(&security_info);
1411 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1425 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
1412 security_info.security_level); 1426 security_info.security_level);
1413 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1427 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1414 } 1428 }
1415 1429
1416 // Tests that additional HTTP_SHOW_WARNING console messages are not 1430 // Tests that additional HTTP_SHOW_WARNING console messages are not
1417 // printed after pushState navigations. 1431 // printed after pushState navigations.
1418 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1432 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTestWithPasswordCcSwitch,
1419 ConsoleMessageNotPrintedForPushStateNavigation) { 1433 ConsoleMessageNotPrintedForPushStateNavigation) {
1420 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1434 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1421 Browser::CreateParams(browser()->profile())); 1435 Browser::CreateParams(browser()->profile()));
1422 content::WebContents* original_contents = 1436 content::WebContents* original_contents =
1423 browser()->tab_strip_model()->GetActiveWebContents(); 1437 browser()->tab_strip_model()->GetActiveWebContents();
1424 content::WebContents* contents = 1438 content::WebContents* contents =
1425 content::WebContents::Create(content::WebContents::CreateParams( 1439 content::WebContents::Create(content::WebContents::CreateParams(
1426 original_contents->GetBrowserContext())); 1440 original_contents->GetBrowserContext()));
1427 ASSERT_TRUE(contents); 1441 ASSERT_TRUE(contents);
1428 contents->SetDelegate(delegate); 1442 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1441 EXPECT_EQ(http_url, entry->GetURL()); 1455 EXPECT_EQ(http_url, entry->GetURL());
1442 EXPECT_TRUE(delegate->console_messages().empty()); 1456 EXPECT_TRUE(delegate->console_messages().empty());
1443 1457
1444 // Trigger the HTTP_SHOW_WARNING state. 1458 // Trigger the HTTP_SHOW_WARNING state.
1445 base::RunLoop first_message; 1459 base::RunLoop first_message;
1446 delegate->set_console_message_callback(first_message.QuitClosure()); 1460 delegate->set_console_message_callback(first_message.QuitClosure());
1447 contents->OnPasswordInputShownOnHttp(); 1461 contents->OnPasswordInputShownOnHttp();
1448 first_message.Run(); 1462 first_message.Run();
1449 1463
1450 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1464 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1451 ChromeSecurityStateModelClient* client = 1465 ChromeSecurityStateModel* client =
1452 ChromeSecurityStateModelClient::FromWebContents(contents); 1466 ChromeSecurityStateModel::FromWebContents(contents);
1453 ASSERT_TRUE(client); 1467 ASSERT_TRUE(client);
1454 security_state::SecurityStateModel::SecurityInfo security_info; 1468 security_state::SecurityStateModel::SecurityInfo security_info;
1455 client->GetSecurityInfo(&security_info); 1469 client->GetSecurityInfo(&security_info);
1456 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1470 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
1457 security_info.security_level); 1471 security_info.security_level);
1458 1472
1459 // Check that the expected console message is present. 1473 // Check that the expected console message is present.
1460 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1474 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1461 delegate->ClearConsoleMessages(); 1475 delegate->ClearConsoleMessages();
1462 1476
(...skipping 24 matching lines...) Expand all
1487 second_message.Run(); 1501 second_message.Run();
1488 1502
1489 client->GetSecurityInfo(&security_info); 1503 client->GetSecurityInfo(&security_info);
1490 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1504 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING,
1491 security_info.security_level); 1505 security_info.security_level);
1492 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1506 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1493 } 1507 }
1494 1508
1495 // Tests that the SecurityStateModel for a WebContents is up to date 1509 // Tests that the SecurityStateModel for a WebContents is up to date
1496 // when the WebContents is inserted into a Browser's TabStripModel. 1510 // when the WebContents is inserted into a Browser's TabStripModel.
1497 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, AddedTab) { 1511 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelTest, AddedTab) {
1498 ASSERT_TRUE(https_server_.Start()); 1512 ASSERT_TRUE(https_server_.Start());
1499 SetUpMockCertVerifierForHttpsServer(0, net::OK); 1513 SetUpMockCertVerifierForHttpsServer(0, net::OK);
1500 1514
1501 content::WebContents* tab = 1515 content::WebContents* tab =
1502 browser()->tab_strip_model()->GetActiveWebContents(); 1516 browser()->tab_strip_model()->GetActiveWebContents();
1503 ASSERT_TRUE(tab); 1517 ASSERT_TRUE(tab);
1504 1518
1505 content::WebContents* new_contents = content::WebContents::Create( 1519 content::WebContents* new_contents = content::WebContents::Create(
1506 content::WebContents::CreateParams(tab->GetBrowserContext())); 1520 content::WebContents::CreateParams(tab->GetBrowserContext()));
1507 content::NavigationController& controller = new_contents->GetController(); 1521 content::NavigationController& controller = new_contents->GetController();
1508 ChromeSecurityStateModelClient::CreateForWebContents(new_contents); 1522 ChromeSecurityStateModel::CreateForWebContents(new_contents);
1509 CheckSecurityInfoForNonSecure(new_contents); 1523 CheckSecurityInfoForNonSecure(new_contents);
1510 controller.LoadURL(https_server_.GetURL("/title1.html"), content::Referrer(), 1524 controller.LoadURL(https_server_.GetURL("/title1.html"), content::Referrer(),
1511 ui::PAGE_TRANSITION_TYPED, std::string()); 1525 ui::PAGE_TRANSITION_TYPED, std::string());
1512 EXPECT_TRUE(content::WaitForLoadStop(new_contents)); 1526 EXPECT_TRUE(content::WaitForLoadStop(new_contents));
1513 CheckSecurityInfoForSecure(new_contents, SecurityStateModel::SECURE, 1527 CheckSecurityInfoForSecure(new_contents, SecurityStateModel::SECURE,
1514 SecurityStateModel::NO_DEPRECATED_SHA1, 1528 SecurityStateModel::NO_DEPRECATED_SHA1,
1515 SecurityStateModel::CONTENT_STATUS_NONE, false, 1529 SecurityStateModel::CONTENT_STATUS_NONE, false,
1516 false /* expect cert status error */); 1530 false /* expect cert status error */);
1517 1531
1518 browser()->tab_strip_model()->InsertWebContentsAt(0, new_contents, 1532 browser()->tab_strip_model()->InsertWebContentsAt(0, new_contents,
(...skipping 224 matching lines...) Expand 10 before | Expand all | Expand 10 after
1743 CheckSecureExplanations(observer.latest_explanations().secure_explanations, 1757 CheckSecureExplanations(observer.latest_explanations().secure_explanations,
1744 VALID_CERTIFICATE, browser(), 1758 VALID_CERTIFICATE, browser(),
1745 https_server_.GetCertificate().get()); 1759 https_server_.GetCertificate().get());
1746 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); 1760 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic);
1747 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); 1761 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed);
1748 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); 1762 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty());
1749 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); 1763 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content);
1750 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); 1764 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content);
1751 } 1765 }
1752 1766
1767 namespace {
1768
1753 // After AddNonsecureUrlHandler() is called, requests to this hostname 1769 // After AddNonsecureUrlHandler() is called, requests to this hostname
1754 // will use obsolete TLS settings. 1770 // will use obsolete TLS settings.
1755 const char kMockNonsecureHostname[] = "example-nonsecure.test"; 1771 const char kMockNonsecureHostname[] = "example-nonsecure.test";
1756 const int kObsoleteTLSVersion = net::SSL_CONNECTION_VERSION_TLS1_1; 1772 const int kObsoleteTLSVersion = net::SSL_CONNECTION_VERSION_TLS1_1;
1757 // ECDHE_RSA + AES_128_CBC with HMAC-SHA1 1773 // ECDHE_RSA + AES_128_CBC with HMAC-SHA1
1758 const uint16_t kObsoleteCipherSuite = 0xc013; 1774 const uint16_t kObsoleteCipherSuite = 0xc013;
1759 1775
1760 // A URLRequestMockHTTPJob that mocks a TLS connection with the obsolete 1776 // A URLRequestMockHTTPJob that mocks a TLS connection with the obsolete
1761 // TLS settings specified in kObsoleteTLSVersion and 1777 // TLS settings specified in kObsoleteTLSVersion and
1762 // kObsoleteCipherSuite. 1778 // kObsoleteCipherSuite.
(...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after
1857 &AddNonsecureUrlHandler, serve_file, cert_, 1873 &AddNonsecureUrlHandler, serve_file, cert_,
1858 make_scoped_refptr(content::BrowserThread::GetBlockingPool()))); 1874 make_scoped_refptr(content::BrowserThread::GetBlockingPool())));
1859 } 1875 }
1860 1876
1861 private: 1877 private:
1862 scoped_refptr<net::X509Certificate> cert_; 1878 scoped_refptr<net::X509Certificate> cert_;
1863 1879
1864 DISALLOW_COPY_AND_ASSIGN(BrowserTestNonsecureURLRequest); 1880 DISALLOW_COPY_AND_ASSIGN(BrowserTestNonsecureURLRequest);
1865 }; 1881 };
1866 1882
1883 } // namespace
1884
1867 // Tests that a connection with obsolete TLS settings does not get a 1885 // Tests that a connection with obsolete TLS settings does not get a
1868 // secure connection explanation. 1886 // secure connection explanation.
1869 IN_PROC_BROWSER_TEST_F(BrowserTestNonsecureURLRequest, 1887 IN_PROC_BROWSER_TEST_F(BrowserTestNonsecureURLRequest,
1870 SecurityStyleChangedObserverNonsecureConnection) { 1888 SecurityStyleChangedObserverNonsecureConnection) {
1871 content::WebContents* web_contents = 1889 content::WebContents* web_contents =
1872 browser()->tab_strip_model()->GetActiveWebContents(); 1890 browser()->tab_strip_model()->GetActiveWebContents();
1873 SecurityStyleTestObserver observer(web_contents); 1891 SecurityStyleTestObserver observer(web_contents);
1874 1892
1875 ui_test_utils::NavigateToURL( 1893 ui_test_utils::NavigateToURL(
1876 browser(), GURL(std::string("https://") + kMockNonsecureHostname)); 1894 browser(), GURL(std::string("https://") + kMockNonsecureHostname));
(...skipping 27 matching lines...) Expand all
1904 base::ASCIIToUTF16("AES_128_CBC with HMAC-SHA1")); 1922 base::ASCIIToUTF16("AES_128_CBC with HMAC-SHA1"));
1905 base::string16 obsolete_description = l10n_util::GetStringFUTF16( 1923 base::string16 obsolete_description = l10n_util::GetStringFUTF16(
1906 IDS_OBSOLETE_SSL_DESCRIPTION, description_replacements, nullptr); 1924 IDS_OBSOLETE_SSL_DESCRIPTION, description_replacements, nullptr);
1907 1925
1908 EXPECT_EQ( 1926 EXPECT_EQ(
1909 obsolete_description, 1927 obsolete_description,
1910 base::ASCIIToUTF16( 1928 base::ASCIIToUTF16(
1911 observer.latest_explanations().info_explanations[0].description)); 1929 observer.latest_explanations().info_explanations[0].description));
1912 } 1930 }
1913 1931
1932 namespace {
1933
1914 // After AddSCTUrlHandler() is called, requests to this hostname 1934 // After AddSCTUrlHandler() is called, requests to this hostname
1915 // will be served with Signed Certificate Timestamps. 1935 // will be served with Signed Certificate Timestamps.
1916 const char kMockHostnameWithSCTs[] = "example-scts.test"; 1936 const char kMockHostnameWithSCTs[] = "example-scts.test";
1917 1937
1918 // URLRequestJobWithSCTs mocks a connection that includes a set of dummy 1938 // URLRequestJobWithSCTs mocks a connection that includes a set of dummy
1919 // SCTs with these statuses. 1939 // SCTs with these statuses.
1920 const std::vector<net::ct::SCTVerifyStatus> kTestSCTStatuses{ 1940 const std::vector<net::ct::SCTVerifyStatus> kTestSCTStatuses{
1921 net::ct::SCT_STATUS_OK, net::ct::SCT_STATUS_LOG_UNKNOWN, 1941 net::ct::SCT_STATUS_OK, net::ct::SCT_STATUS_LOG_UNKNOWN,
1922 net::ct::SCT_STATUS_OK}; 1942 net::ct::SCT_STATUS_OK};
1923 1943
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
2021 &AddSCTUrlHandler, serve_file, cert_, 2041 &AddSCTUrlHandler, serve_file, cert_,
2022 make_scoped_refptr(content::BrowserThread::GetBlockingPool()))); 2042 make_scoped_refptr(content::BrowserThread::GetBlockingPool())));
2023 } 2043 }
2024 2044
2025 private: 2045 private:
2026 scoped_refptr<net::X509Certificate> cert_; 2046 scoped_refptr<net::X509Certificate> cert_;
2027 2047
2028 DISALLOW_COPY_AND_ASSIGN(BrowserTestURLRequestWithSCTs); 2048 DISALLOW_COPY_AND_ASSIGN(BrowserTestURLRequestWithSCTs);
2029 }; 2049 };
2030 2050
2051 } // namespace
2052
2031 // Tests that, when Signed Certificate Timestamps (SCTs) are served on a 2053 // Tests that, when Signed Certificate Timestamps (SCTs) are served on a
2032 // connection, the SCTs verification statuses are exposed on the 2054 // connection, the SCTs verification statuses are exposed on the
2033 // SecurityInfo. 2055 // SecurityInfo.
2034 IN_PROC_BROWSER_TEST_F(BrowserTestURLRequestWithSCTs, 2056 IN_PROC_BROWSER_TEST_F(BrowserTestURLRequestWithSCTs,
2035 SecurityInfoWithSCTsAttached) { 2057 SecurityInfoWithSCTsAttached) {
2036 ui_test_utils::NavigateToURL( 2058 ui_test_utils::NavigateToURL(
2037 browser(), GURL(std::string("https://") + kMockHostnameWithSCTs)); 2059 browser(), GURL(std::string("https://") + kMockHostnameWithSCTs));
2038 2060
2039 content::WebContents* web_contents = 2061 content::WebContents* web_contents =
2040 browser()->tab_strip_model()->GetActiveWebContents(); 2062 browser()->tab_strip_model()->GetActiveWebContents();
2041 ASSERT_TRUE(web_contents); 2063 ASSERT_TRUE(web_contents);
2042 ChromeSecurityStateModelClient* model_client = 2064 ChromeSecurityStateModel* model =
2043 ChromeSecurityStateModelClient::FromWebContents(web_contents); 2065 ChromeSecurityStateModel::FromWebContents(web_contents);
2044 ASSERT_TRUE(model_client); 2066 ASSERT_TRUE(model);
2045 SecurityStateModel::SecurityInfo security_info; 2067 SecurityStateModel::SecurityInfo security_info;
2046 model_client->GetSecurityInfo(&security_info); 2068 model->GetSecurityInfo(&security_info);
2047 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level); 2069 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level);
2048 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); 2070 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses);
2049 } 2071 }
2050
2051 } // namespace
OLDNEW
« no previous file with comments | « chrome/browser/ssl/chrome_security_state_model.cc ('k') | chrome/browser/ssl/chrome_security_state_model_client.h » ('j') | components/security_state/content/web_contents_security_state_model.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698