Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(58)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/security_state_tab_helper_browser_tests.cc

Issue 2448943002: Refactor SecurityStateModel/Clients for simplicity and reusability. (Closed)
Patch Set: fix DEPS. Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/ssl/security_state_tab_helper.cc ('k') | chrome/browser/ssl/security_state_tab_helper_unittest.cc » ('j') | components/security_state/content/DEPS » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" 5 #include "chrome/browser/ssl/security_state_tab_helper.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "base/macros.h" 9 #include "base/macros.h"
10 #include "base/strings/string_split.h" 10 #include "base/strings/string_split.h"
11 #include "base/strings/utf_string_conversions.h" 11 #include "base/strings/utf_string_conversions.h"
12 #include "chrome/browser/ssl/cert_verifier_browser_test.h" 12 #include "chrome/browser/ssl/cert_verifier_browser_test.h"
13 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
14 #include "chrome/browser/ssl/ssl_blocking_page.h" 13 #include "chrome/browser/ssl/ssl_blocking_page.h"
15 #include "chrome/browser/ui/browser.h" 14 #include "chrome/browser/ui/browser.h"
16 #include "chrome/browser/ui/browser_commands.h" 15 #include "chrome/browser/ui/browser_commands.h"
17 #include "chrome/browser/ui/tabs/tab_strip_model.h" 16 #include "chrome/browser/ui/tabs/tab_strip_model.h"
18 #include "chrome/common/chrome_paths.h" 17 #include "chrome/common/chrome_paths.h"
19 #include "chrome/common/chrome_switches.h" 18 #include "chrome/common/chrome_switches.h"
20 #include "chrome/common/pref_names.h" 19 #include "chrome/common/pref_names.h"
21 #include "chrome/grit/generated_resources.h"
22 #include "chrome/test/base/in_process_browser_test.h" 20 #include "chrome/test/base/in_process_browser_test.h"
23 #include "chrome/test/base/ui_test_utils.h" 21 #include "chrome/test/base/ui_test_utils.h"
24 #include "components/prefs/pref_service.h" 22 #include "components/prefs/pref_service.h"
25 #include "components/security_state/switches.h" 23 #include "components/security_state/core/security_state.h"
24 #include "components/security_state/core/switches.h"
25 #include "components/strings/grit/components_strings.h"
26 #include "content/public/browser/interstitial_page.h" 26 #include "content/public/browser/interstitial_page.h"
27 #include "content/public/browser/navigation_controller.h" 27 #include "content/public/browser/navigation_controller.h"
28 #include "content/public/browser/navigation_entry.h" 28 #include "content/public/browser/navigation_entry.h"
29 #include "content/public/browser/notification_service.h" 29 #include "content/public/browser/notification_service.h"
30 #include "content/public/browser/notification_types.h" 30 #include "content/public/browser/notification_types.h"
31 #include "content/public/browser/security_style_explanation.h" 31 #include "content/public/browser/security_style_explanation.h"
32 #include "content/public/browser/security_style_explanations.h" 32 #include "content/public/browser/security_style_explanations.h"
33 #include "content/public/browser/ssl_status.h" 33 #include "content/public/browser/ssl_status.h"
34 #include "content/public/browser/web_contents.h" 34 #include "content/public/browser/web_contents.h"
35 #include "content/public/common/referrer.h" 35 #include "content/public/common/referrer.h"
(...skipping 13 matching lines...) Expand all
49 #include "net/test/embedded_test_server/embedded_test_server.h" 49 #include "net/test/embedded_test_server/embedded_test_server.h"
50 #include "net/test/embedded_test_server/request_handler_util.h" 50 #include "net/test/embedded_test_server/request_handler_util.h"
51 #include "net/test/test_data_directory.h" 51 #include "net/test/test_data_directory.h"
52 #include "net/test/url_request/url_request_failed_job.h" 52 #include "net/test/url_request/url_request_failed_job.h"
53 #include "net/test/url_request/url_request_mock_http_job.h" 53 #include "net/test/url_request/url_request_mock_http_job.h"
54 #include "net/url_request/url_request_filter.h" 54 #include "net/url_request/url_request_filter.h"
55 #include "net/url_request/url_request_test_util.h" 55 #include "net/url_request/url_request_test_util.h"
56 #include "third_party/boringssl/src/include/openssl/ssl.h" 56 #include "third_party/boringssl/src/include/openssl/ssl.h"
57 #include "ui/base/l10n/l10n_util.h" 57 #include "ui/base/l10n/l10n_util.h"
58 58
59 using security_state::SecurityStateModel;
60
61 namespace { 59 namespace {
62 60
63 enum CertificateStatus { VALID_CERTIFICATE, INVALID_CERTIFICATE }; 61 enum CertificateStatus { VALID_CERTIFICATE, INVALID_CERTIFICATE };
64 62
65 const base::FilePath::CharType kDocRoot[] = 63 const base::FilePath::CharType kDocRoot[] =
66 FILE_PATH_LITERAL("chrome/test/data"); 64 FILE_PATH_LITERAL("chrome/test/data");
67 65
68 // A WebContentsObserver useful for testing the SecurityStyleChanged() 66 // A WebContentsObserver useful for testing the SecurityStyleChanged()
69 // method: it keeps track of the latest security style and explanation 67 // method: it keeps track of the latest security style and explanation
70 // that was fired. 68 // that was fired.
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
123 expired_explanation.broken_explanations[0].summary); 121 expired_explanation.broken_explanations[0].summary);
124 122
125 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error)); 123 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error));
126 EXPECT_EQ(l10n_util::GetStringFUTF8( 124 EXPECT_EQ(l10n_util::GetStringFUTF8(
127 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), 125 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string),
128 expired_explanation.broken_explanations[0].description); 126 expired_explanation.broken_explanations[0].description);
129 127
130 // Check the associated certificate. 128 // Check the associated certificate.
131 net::X509Certificate* cert = browser->tab_strip_model() 129 net::X509Certificate* cert = browser->tab_strip_model()
132 ->GetActiveWebContents() 130 ->GetActiveWebContents()
133 ->GetController() 131 ->GetController()
134 .GetActiveEntry() 132 .GetActiveEntry()
135 ->GetSSL() 133 ->GetSSL()
136 .certificate.get(); 134 .certificate.get();
137 EXPECT_TRUE(cert->Equals(expected_cert)); 135 EXPECT_TRUE(cert->Equals(expected_cert));
138 EXPECT_TRUE(expired_explanation.broken_explanations[0].has_certificate); 136 EXPECT_TRUE(expired_explanation.broken_explanations[0].has_certificate);
139 } 137 }
140 138
141 // Checks that the given |secure_explanations| contains an appropriate 139 // Checks that the given |secure_explanations| contains an appropriate
142 // explanation if the certificate status is valid. 140 // explanation if the certificate status is valid.
143 void CheckSecureExplanations( 141 void CheckSecureExplanations(
(...skipping 17 matching lines...) Expand all
161 .certificate.get(); 159 .certificate.get();
162 EXPECT_TRUE(cert->Equals(expected_cert)); 160 EXPECT_TRUE(cert->Equals(expected_cert));
163 EXPECT_TRUE(secure_explanations[0].has_certificate); 161 EXPECT_TRUE(secure_explanations[0].has_certificate);
164 } 162 }
165 163
166 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), 164 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY),
167 secure_explanations.back().summary); 165 secure_explanations.back().summary);
168 166
169 content::WebContents* web_contents = 167 content::WebContents* web_contents =
170 browser->tab_strip_model()->GetActiveWebContents(); 168 browser->tab_strip_model()->GetActiveWebContents();
171 SecurityStateModel::SecurityInfo security_info; 169 security_state::SecurityInfo security_info;
172 ChromeSecurityStateModelClient::FromWebContents(web_contents) 170 SecurityStateTabHelper::FromWebContents(web_contents)
173 ->GetSecurityInfo(&security_info); 171 ->GetSecurityInfo(&security_info);
174 172
175 const char *protocol, *key_exchange, *cipher, *mac; 173 const char *protocol, *key_exchange, *cipher, *mac;
176 int ssl_version = 174 int ssl_version =
177 net::SSLConnectionStatusToVersion(security_info.connection_status); 175 net::SSLConnectionStatusToVersion(security_info.connection_status);
178 net::SSLVersionToString(&protocol, ssl_version); 176 net::SSLVersionToString(&protocol, ssl_version);
179 bool is_aead, is_tls13; 177 bool is_aead, is_tls13;
180 uint16_t cipher_suite = 178 uint16_t cipher_suite =
181 net::SSLConnectionStatusToCipherSuite(security_info.connection_status); 179 net::SSLConnectionStatusToCipherSuite(security_info.connection_status);
182 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 180 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead,
(...skipping 16 matching lines...) Expand all
199 description_replacements.push_back(base::ASCIIToUTF16(cipher)); 197 description_replacements.push_back(base::ASCIIToUTF16(cipher));
200 base::string16 secure_description = l10n_util::GetStringFUTF16( 198 base::string16 secure_description = l10n_util::GetStringFUTF16(
201 IDS_STRONG_SSL_DESCRIPTION, description_replacements, nullptr); 199 IDS_STRONG_SSL_DESCRIPTION, description_replacements, nullptr);
202 200
203 EXPECT_EQ(secure_description, 201 EXPECT_EQ(secure_description,
204 base::ASCIIToUTF16(secure_explanations.back().description)); 202 base::ASCIIToUTF16(secure_explanations.back().description));
205 } 203 }
206 204
207 void CheckSecurityInfoForSecure( 205 void CheckSecurityInfoForSecure(
208 content::WebContents* contents, 206 content::WebContents* contents,
209 SecurityStateModel::SecurityLevel expect_security_level, 207 security_state::SecurityLevel expect_security_level,
210 SecurityStateModel::SHA1DeprecationStatus expect_sha1_status, 208 security_state::SHA1DeprecationStatus expect_sha1_status,
211 SecurityStateModel::ContentStatus expect_mixed_content_status, 209 security_state::ContentStatus expect_mixed_content_status,
212 bool pkp_bypassed, 210 bool pkp_bypassed,
213 bool expect_cert_error) { 211 bool expect_cert_error) {
214 ASSERT_TRUE(contents); 212 ASSERT_TRUE(contents);
215 213
216 ChromeSecurityStateModelClient* model_client = 214 SecurityStateTabHelper* helper =
217 ChromeSecurityStateModelClient::FromWebContents(contents); 215 SecurityStateTabHelper::FromWebContents(contents);
218 ASSERT_TRUE(model_client); 216 ASSERT_TRUE(helper);
219 SecurityStateModel::SecurityInfo security_info; 217 security_state::SecurityInfo security_info;
220 model_client->GetSecurityInfo(&security_info); 218 helper->GetSecurityInfo(&security_info);
221 EXPECT_EQ(expect_security_level, security_info.security_level); 219 EXPECT_EQ(expect_security_level, security_info.security_level);
222 EXPECT_EQ(expect_sha1_status, security_info.sha1_deprecation_status); 220 EXPECT_EQ(expect_sha1_status, security_info.sha1_deprecation_status);
223 EXPECT_EQ(expect_mixed_content_status, security_info.mixed_content_status); 221 EXPECT_EQ(expect_mixed_content_status, security_info.mixed_content_status);
224 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 222 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
225 EXPECT_TRUE(security_info.scheme_is_cryptographic); 223 EXPECT_TRUE(security_info.scheme_is_cryptographic);
226 EXPECT_EQ(pkp_bypassed, security_info.pkp_bypassed); 224 EXPECT_EQ(pkp_bypassed, security_info.pkp_bypassed);
227 EXPECT_EQ(expect_cert_error, 225 EXPECT_EQ(expect_cert_error,
228 net::IsCertStatusError(security_info.cert_status)); 226 net::IsCertStatusError(security_info.cert_status));
229 EXPECT_GT(security_info.security_bits, 0); 227 EXPECT_GT(security_info.security_bits, 0);
230 EXPECT_TRUE(!!security_info.certificate); 228 EXPECT_TRUE(!!security_info.certificate);
231 } 229 }
232 230
233 void CheckSecurityInfoForNonSecure(content::WebContents* contents) { 231 void CheckSecurityInfoForNonSecure(content::WebContents* contents) {
234 ASSERT_TRUE(contents); 232 ASSERT_TRUE(contents);
235 233
236 ChromeSecurityStateModelClient* model_client = 234 SecurityStateTabHelper* helper =
237 ChromeSecurityStateModelClient::FromWebContents(contents); 235 SecurityStateTabHelper::FromWebContents(contents);
238 ASSERT_TRUE(model_client); 236 ASSERT_TRUE(helper);
239 SecurityStateModel::SecurityInfo security_info; 237 security_state::SecurityInfo security_info;
240 model_client->GetSecurityInfo(&security_info); 238 helper->GetSecurityInfo(&security_info);
241 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 239 EXPECT_EQ(security_state::NONE, security_info.security_level);
242 EXPECT_EQ(SecurityStateModel::NO_DEPRECATED_SHA1, 240 EXPECT_EQ(security_state::NO_DEPRECATED_SHA1,
243 security_info.sha1_deprecation_status); 241 security_info.sha1_deprecation_status);
244 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_NONE, 242 EXPECT_EQ(security_state::CONTENT_STATUS_NONE,
245 security_info.mixed_content_status); 243 security_info.mixed_content_status);
246 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 244 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
247 EXPECT_FALSE(security_info.scheme_is_cryptographic); 245 EXPECT_FALSE(security_info.scheme_is_cryptographic);
248 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 246 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
249 EXPECT_EQ(-1, security_info.security_bits); 247 EXPECT_EQ(-1, security_info.security_bits);
250 EXPECT_FALSE(!!security_info.certificate); 248 EXPECT_FALSE(!!security_info.certificate);
251 } 249 }
252 250
253 void ProceedThroughInterstitial(content::WebContents* tab) { 251 void ProceedThroughInterstitial(content::WebContents* tab) {
254 content::InterstitialPage* interstitial_page = tab->GetInterstitialPage(); 252 content::InterstitialPage* interstitial_page = tab->GetInterstitialPage();
(...skipping 11 matching lines...) Expand all
266 const std::string& original_file_path, 264 const std::string& original_file_path,
267 const net::HostPortPair& host_port_pair, 265 const net::HostPortPair& host_port_pair,
268 std::string* replacement_path) { 266 std::string* replacement_path) {
269 base::StringPairs replacement_text; 267 base::StringPairs replacement_text;
270 replacement_text.push_back( 268 replacement_text.push_back(
271 make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString())); 269 make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString()));
272 net::test_server::GetFilePathWithReplacements( 270 net::test_server::GetFilePathWithReplacements(
273 original_file_path, replacement_text, replacement_path); 271 original_file_path, replacement_text, replacement_path);
274 } 272 }
275 273
276 class ChromeSecurityStateModelClientTest : public CertVerifierBrowserTest { 274 class SecurityStateTabHelperTest : public CertVerifierBrowserTest {
277 public: 275 public:
278 ChromeSecurityStateModelClientTest() 276 SecurityStateTabHelperTest()
279 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { 277 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
280 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot)); 278 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot));
281 } 279 }
282 280
283 void SetUpCommandLine(base::CommandLine* command_line) override { 281 void SetUpCommandLine(base::CommandLine* command_line) override {
284 // Browser will both run and display insecure content. 282 // Browser will both run and display insecure content.
285 command_line->AppendSwitch(switches::kAllowRunningInsecureContent); 283 command_line->AppendSwitch(switches::kAllowRunningInsecureContent);
286 } 284 }
287 285
288 protected: 286 protected:
289 void SetUpMockCertVerifierForHttpsServer(net::CertStatus cert_status, 287 void SetUpMockCertVerifierForHttpsServer(net::CertStatus cert_status,
290 int net_result) { 288 int net_result) {
291 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate()); 289 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate());
292 net::CertVerifyResult verify_result; 290 net::CertVerifyResult verify_result;
293 verify_result.is_issued_by_known_root = true; 291 verify_result.is_issued_by_known_root = true;
294 verify_result.verified_cert = cert; 292 verify_result.verified_cert = cert;
295 verify_result.cert_status = cert_status; 293 verify_result.cert_status = cert_status;
296 294
297 mock_cert_verifier()->AddResultForCert(cert, verify_result, net_result); 295 mock_cert_verifier()->AddResultForCert(cert, verify_result, net_result);
298 } 296 }
299 297
300 net::EmbeddedTestServer https_server_; 298 net::EmbeddedTestServer https_server_;
301 299
302 private: 300 private:
303 DISALLOW_COPY_AND_ASSIGN(ChromeSecurityStateModelClientTest); 301 DISALLOW_COPY_AND_ASSIGN(SecurityStateTabHelperTest);
304 }; 302 };
305 303
306 GURL GetURLWithNonLocalHostname(net::EmbeddedTestServer* server, 304 GURL GetURLWithNonLocalHostname(net::EmbeddedTestServer* server,
307 const std::string& path) { 305 const std::string& path) {
308 GURL::Replacements replace_host; 306 GURL::Replacements replace_host;
309 replace_host.SetHostStr("example.test"); 307 replace_host.SetHostStr("example.test");
310 return server->GetURL(path).ReplaceComponents(replace_host); 308 return server->GetURL(path).ReplaceComponents(replace_host);
311 } 309 }
312 310
313 class ChromeSecurityStateModelClientTestWithPasswordCcSwitch 311 class SecurityStateTabHelperTestWithPasswordCcSwitch
314 : public ChromeSecurityStateModelClientTest { 312 : public SecurityStateTabHelperTest {
315 public: 313 public:
316 ChromeSecurityStateModelClientTestWithPasswordCcSwitch() 314 SecurityStateTabHelperTestWithPasswordCcSwitch()
317 : ChromeSecurityStateModelClientTest() {} 315 : SecurityStateTabHelperTest() {}
318 316
319 void SetUpOnMainThread() override { 317 void SetUpOnMainThread() override {
320 ASSERT_TRUE(embedded_test_server()->Start()); 318 ASSERT_TRUE(embedded_test_server()->Start());
321 ASSERT_TRUE(https_server_.Start()); 319 ASSERT_TRUE(https_server_.Start());
322 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 320 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
323 SetUpMockCertVerifierForHttpsServer(0, net::OK); 321 SetUpMockCertVerifierForHttpsServer(0, net::OK);
324 } 322 }
325 323
326 void SetUpCommandLine(base::CommandLine* command_line) override { 324 void SetUpCommandLine(base::CommandLine* command_line) override {
327 ChromeSecurityStateModelClientTest::SetUpCommandLine(command_line); 325 SecurityStateTabHelperTest::SetUpCommandLine(command_line);
328 command_line->AppendSwitchASCII( 326 command_line->AppendSwitchASCII(
329 security_state::switches::kMarkHttpAs, 327 security_state::switches::kMarkHttpAs,
330 security_state::switches::kMarkHttpWithPasswordsOrCcWithChip); 328 security_state::switches::kMarkHttpWithPasswordsOrCcWithChip);
331 } 329 }
332 330
333 private: 331 private:
334 DISALLOW_COPY_AND_ASSIGN( 332 DISALLOW_COPY_AND_ASSIGN(SecurityStateTabHelperTestWithPasswordCcSwitch);
335 ChromeSecurityStateModelClientTestWithPasswordCcSwitch);
336 }; 333 };
337 334
338 class SecurityStyleChangedTest : public InProcessBrowserTest { 335 class SecurityStyleChangedTest : public InProcessBrowserTest {
339 public: 336 public:
340 SecurityStyleChangedTest() 337 SecurityStyleChangedTest()
341 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { 338 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
342 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot)); 339 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot));
343 } 340 }
344 341
345 void SetUpCommandLine(base::CommandLine* command_line) override { 342 void SetUpCommandLine(base::CommandLine* command_line) override {
346 // Browser will both run and display insecure content. 343 // Browser will both run and display insecure content.
347 command_line->AppendSwitch(switches::kAllowRunningInsecureContent); 344 command_line->AppendSwitch(switches::kAllowRunningInsecureContent);
348 } 345 }
349 346
350 protected: 347 protected:
351 net::EmbeddedTestServer https_server_; 348 net::EmbeddedTestServer https_server_;
352 349
353 private: 350 private:
354 DISALLOW_COPY_AND_ASSIGN(SecurityStyleChangedTest); 351 DISALLOW_COPY_AND_ASSIGN(SecurityStyleChangedTest);
355 }; 352 };
356 353
357 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, HttpPage) { 354 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, HttpPage) {
358 ASSERT_TRUE(embedded_test_server()->Start()); 355 ASSERT_TRUE(embedded_test_server()->Start());
359 ui_test_utils::NavigateToURL( 356 ui_test_utils::NavigateToURL(
360 browser(), embedded_test_server()->GetURL("/ssl/google.html")); 357 browser(), embedded_test_server()->GetURL("/ssl/google.html"));
361 content::WebContents* contents = 358 content::WebContents* contents =
362 browser()->tab_strip_model()->GetActiveWebContents(); 359 browser()->tab_strip_model()->GetActiveWebContents();
363 ASSERT_TRUE(contents); 360 ASSERT_TRUE(contents);
364 361
365 ChromeSecurityStateModelClient* model_client = 362 SecurityStateTabHelper* helper =
366 ChromeSecurityStateModelClient::FromWebContents(contents); 363 SecurityStateTabHelper::FromWebContents(contents);
367 ASSERT_TRUE(model_client); 364 ASSERT_TRUE(helper);
368 SecurityStateModel::SecurityInfo security_info; 365 security_state::SecurityInfo security_info;
369 model_client->GetSecurityInfo(&security_info); 366 helper->GetSecurityInfo(&security_info);
370 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 367 EXPECT_EQ(security_state::NONE, security_info.security_level);
371 EXPECT_EQ(SecurityStateModel::NO_DEPRECATED_SHA1, 368 EXPECT_EQ(security_state::NO_DEPRECATED_SHA1,
372 security_info.sha1_deprecation_status); 369 security_info.sha1_deprecation_status);
373 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_NONE, 370 EXPECT_EQ(security_state::CONTENT_STATUS_NONE,
374 security_info.mixed_content_status); 371 security_info.mixed_content_status);
375 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 372 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
376 EXPECT_FALSE(security_info.scheme_is_cryptographic); 373 EXPECT_FALSE(security_info.scheme_is_cryptographic);
377 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 374 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
378 EXPECT_FALSE(!!security_info.certificate); 375 EXPECT_FALSE(!!security_info.certificate);
379 EXPECT_EQ(-1, security_info.security_bits); 376 EXPECT_EQ(-1, security_info.security_bits);
380 EXPECT_EQ(0, security_info.connection_status); 377 EXPECT_EQ(0, security_info.connection_status);
381 } 378 }
382 379
383 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, HttpsPage) { 380 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, HttpsPage) {
384 ASSERT_TRUE(https_server_.Start()); 381 ASSERT_TRUE(https_server_.Start());
385 SetUpMockCertVerifierForHttpsServer(0, net::OK); 382 SetUpMockCertVerifierForHttpsServer(0, net::OK);
386 383
387 ui_test_utils::NavigateToURL(browser(), 384 ui_test_utils::NavigateToURL(browser(),
388 https_server_.GetURL("/ssl/google.html")); 385 https_server_.GetURL("/ssl/google.html"));
389 CheckSecurityInfoForSecure( 386 CheckSecurityInfoForSecure(
390 browser()->tab_strip_model()->GetActiveWebContents(), 387 browser()->tab_strip_model()->GetActiveWebContents(),
391 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 388 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
392 SecurityStateModel::CONTENT_STATUS_NONE, false, 389 security_state::CONTENT_STATUS_NONE, false,
393 false /* expect cert status error */); 390 false /* expect cert status error */);
394 } 391 }
395 392
396 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, SHA1Broken) { 393 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, SHA1Broken) {
397 ASSERT_TRUE(https_server_.Start()); 394 ASSERT_TRUE(https_server_.Start());
398 // The test server uses a long-lived cert by default, so a SHA1 395 // The test server uses a long-lived cert by default, so a SHA1
399 // signature in it will register as a "broken" condition rather than 396 // signature in it will register as a "broken" condition rather than
400 // "warning". 397 // "warning".
401 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, 398 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT,
402 net::OK); 399 net::OK);
403 400
404 ui_test_utils::NavigateToURL(browser(), 401 ui_test_utils::NavigateToURL(browser(),
405 https_server_.GetURL("/ssl/google.html")); 402 https_server_.GetURL("/ssl/google.html"));
406 CheckSecurityInfoForSecure( 403 CheckSecurityInfoForSecure(
407 browser()->tab_strip_model()->GetActiveWebContents(), 404 browser()->tab_strip_model()->GetActiveWebContents(),
408 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 405 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
409 SecurityStateModel::CONTENT_STATUS_NONE, false, 406 security_state::CONTENT_STATUS_NONE, false,
410 false /* expect cert status error */); 407 false /* expect cert status error */);
411 } 408 }
412 409
413 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, MixedContent) { 410 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContent) {
414 ASSERT_TRUE(embedded_test_server()->Start()); 411 ASSERT_TRUE(embedded_test_server()->Start());
415 ASSERT_TRUE(https_server_.Start()); 412 ASSERT_TRUE(https_server_.Start());
416 SetUpMockCertVerifierForHttpsServer(0, net::OK); 413 SetUpMockCertVerifierForHttpsServer(0, net::OK);
417 host_resolver()->AddRule("example.test", 414 host_resolver()->AddRule("example.test",
418 https_server_.GetURL("/title1.html").host()); 415 https_server_.GetURL("/title1.html").host());
419 416
420 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); 417 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair();
421 replacement_pair.set_host("example.test"); 418 replacement_pair.set_host("example.test");
422 419
423 // Navigate to an HTTPS page that displays mixed content. 420 // Navigate to an HTTPS page that displays mixed content.
424 std::string replacement_path; 421 std::string replacement_path;
425 GetFilePathWithHostAndPortReplacement( 422 GetFilePathWithHostAndPortReplacement(
426 "/ssl/page_displays_insecure_content.html", 423 "/ssl/page_displays_insecure_content.html", replacement_pair,
427 replacement_pair, &replacement_path); 424 &replacement_path);
428 ui_test_utils::NavigateToURL(browser(), 425 ui_test_utils::NavigateToURL(browser(),
429 https_server_.GetURL(replacement_path)); 426 https_server_.GetURL(replacement_path));
430 CheckSecurityInfoForSecure( 427 CheckSecurityInfoForSecure(
431 browser()->tab_strip_model()->GetActiveWebContents(), 428 browser()->tab_strip_model()->GetActiveWebContents(),
432 SecurityStateModel::NONE, SecurityStateModel::NO_DEPRECATED_SHA1, 429 security_state::NONE, security_state::NO_DEPRECATED_SHA1,
433 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 430 security_state::CONTENT_STATUS_DISPLAYED, false,
434 false /* expect cert status error */); 431 false /* expect cert status error */);
435 432
436 // Navigate to an HTTPS page that displays mixed content dynamically. 433 // Navigate to an HTTPS page that displays mixed content dynamically.
437 GetFilePathWithHostAndPortReplacement( 434 GetFilePathWithHostAndPortReplacement(
438 "/ssl/page_with_dynamic_insecure_content.html", 435 "/ssl/page_with_dynamic_insecure_content.html", replacement_pair,
439 replacement_pair, &replacement_path); 436 &replacement_path);
440 ui_test_utils::NavigateToURL(browser(), 437 ui_test_utils::NavigateToURL(browser(),
441 https_server_.GetURL(replacement_path)); 438 https_server_.GetURL(replacement_path));
442 CheckSecurityInfoForSecure( 439 CheckSecurityInfoForSecure(
443 browser()->tab_strip_model()->GetActiveWebContents(), 440 browser()->tab_strip_model()->GetActiveWebContents(),
444 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 441 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
445 SecurityStateModel::CONTENT_STATUS_NONE, false, 442 security_state::CONTENT_STATUS_NONE, false,
446 false /* expect cert status error */); 443 false /* expect cert status error */);
447 // Load the insecure image. 444 // Load the insecure image.
448 bool js_result = false; 445 bool js_result = false;
449 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 446 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
450 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();", 447 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();",
451 &js_result)); 448 &js_result));
452 EXPECT_TRUE(js_result); 449 EXPECT_TRUE(js_result);
453 CheckSecurityInfoForSecure( 450 CheckSecurityInfoForSecure(
454 browser()->tab_strip_model()->GetActiveWebContents(), 451 browser()->tab_strip_model()->GetActiveWebContents(),
455 SecurityStateModel::NONE, SecurityStateModel::NO_DEPRECATED_SHA1, 452 security_state::NONE, security_state::NO_DEPRECATED_SHA1,
456 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 453 security_state::CONTENT_STATUS_DISPLAYED, false,
457 false /* expect cert status error */); 454 false /* expect cert status error */);
458 455
459 // Navigate to an HTTPS page that runs mixed content. 456 // Navigate to an HTTPS page that runs mixed content.
460 GetFilePathWithHostAndPortReplacement( 457 GetFilePathWithHostAndPortReplacement("/ssl/page_runs_insecure_content.html",
461 "/ssl/page_runs_insecure_content.html", 458 replacement_pair, &replacement_path);
462 replacement_pair, &replacement_path);
463 ui_test_utils::NavigateToURL(browser(), 459 ui_test_utils::NavigateToURL(browser(),
464 https_server_.GetURL(replacement_path)); 460 https_server_.GetURL(replacement_path));
465 CheckSecurityInfoForSecure( 461 CheckSecurityInfoForSecure(
466 browser()->tab_strip_model()->GetActiveWebContents(), 462 browser()->tab_strip_model()->GetActiveWebContents(),
467 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 463 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
468 SecurityStateModel::CONTENT_STATUS_RAN, false, 464 security_state::CONTENT_STATUS_RAN, false,
469 false /* expect cert status error */); 465 false /* expect cert status error */);
470 466
471 // Navigate to an HTTPS page that runs and displays mixed content. 467 // Navigate to an HTTPS page that runs and displays mixed content.
472 GetFilePathWithHostAndPortReplacement( 468 GetFilePathWithHostAndPortReplacement(
473 "/ssl/page_runs_and_displays_insecure_content.html", 469 "/ssl/page_runs_and_displays_insecure_content.html", replacement_pair,
474 replacement_pair, &replacement_path); 470 &replacement_path);
475 ui_test_utils::NavigateToURL(browser(), 471 ui_test_utils::NavigateToURL(browser(),
476 https_server_.GetURL(replacement_path)); 472 https_server_.GetURL(replacement_path));
477 CheckSecurityInfoForSecure( 473 CheckSecurityInfoForSecure(
478 browser()->tab_strip_model()->GetActiveWebContents(), 474 browser()->tab_strip_model()->GetActiveWebContents(),
479 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 475 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
480 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, false, 476 security_state::CONTENT_STATUS_DISPLAYED_AND_RAN, false,
481 false /* expect cert status error */); 477 false /* expect cert status error */);
482 478
483 // Navigate to an HTTPS page that runs mixed content in an iframe. 479 // Navigate to an HTTPS page that runs mixed content in an iframe.
484 net::HostPortPair host_port_pair = 480 net::HostPortPair host_port_pair =
485 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html")); 481 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html"));
486 host_port_pair.set_host("different-host.test"); 482 host_port_pair.set_host("different-host.test");
487 host_resolver()->AddRule("different-host.test", 483 host_resolver()->AddRule("different-host.test",
488 https_server_.GetURL("/title1.html").host()); 484 https_server_.GetURL("/title1.html").host());
489 host_resolver()->AddRule( 485 host_resolver()->AddRule(
490 "different-http-host.test", 486 "different-http-host.test",
491 embedded_test_server()->GetURL("/title1.html").host()); 487 embedded_test_server()->GetURL("/title1.html").host());
492 GetFilePathWithHostAndPortReplacement( 488 GetFilePathWithHostAndPortReplacement(
493 "/ssl/page_runs_insecure_content_in_iframe.html", host_port_pair, 489 "/ssl/page_runs_insecure_content_in_iframe.html", host_port_pair,
494 &replacement_path); 490 &replacement_path);
495 ui_test_utils::NavigateToURL(browser(), 491 ui_test_utils::NavigateToURL(browser(),
496 https_server_.GetURL(replacement_path)); 492 https_server_.GetURL(replacement_path));
497 CheckSecurityInfoForSecure( 493 CheckSecurityInfoForSecure(
498 browser()->tab_strip_model()->GetActiveWebContents(), 494 browser()->tab_strip_model()->GetActiveWebContents(),
499 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 495 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
500 SecurityStateModel::CONTENT_STATUS_RAN, false, 496 security_state::CONTENT_STATUS_RAN, false,
501 false /* expect cert status error */); 497 false /* expect cert status error */);
502 } 498 }
503 499
504 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 500 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
505 ActiveContentWithCertErrors) { 501 ActiveContentWithCertErrors) {
506 ASSERT_TRUE(https_server_.Start()); 502 ASSERT_TRUE(https_server_.Start());
507 SetUpMockCertVerifierForHttpsServer(0, net::OK); 503 SetUpMockCertVerifierForHttpsServer(0, net::OK);
508 504
509 // Navigate to an HTTPS page and simulate active content with 505 // Navigate to an HTTPS page and simulate active content with
510 // certificate errors. 506 // certificate errors.
511 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 507 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
512 content::WebContents* web_contents = 508 content::WebContents* web_contents =
513 browser()->tab_strip_model()->GetActiveWebContents(); 509 browser()->tab_strip_model()->GetActiveWebContents();
514 ASSERT_TRUE(web_contents); 510 ASSERT_TRUE(web_contents);
515 content::NavigationEntry* entry = 511 content::NavigationEntry* entry =
516 web_contents->GetController().GetVisibleEntry(); 512 web_contents->GetController().GetVisibleEntry();
517 ASSERT_TRUE(entry); 513 ASSERT_TRUE(entry);
518 entry->GetSSL().content_status |= 514 entry->GetSSL().content_status |=
519 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS; 515 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS;
520 516
521 ChromeSecurityStateModelClient* model_client = 517 SecurityStateTabHelper* helper =
522 ChromeSecurityStateModelClient::FromWebContents(web_contents); 518 SecurityStateTabHelper::FromWebContents(web_contents);
523 ASSERT_TRUE(model_client); 519 ASSERT_TRUE(helper);
524 SecurityStateModel::SecurityInfo security_info; 520 security_state::SecurityInfo security_info;
525 model_client->GetSecurityInfo(&security_info); 521 helper->GetSecurityInfo(&security_info);
526 522
527 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 523 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
528 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level); 524 EXPECT_EQ(security_state::DANGEROUS, security_info.security_level);
529 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_RAN, 525 EXPECT_EQ(security_state::CONTENT_STATUS_RAN,
530 security_info.content_with_cert_errors_status); 526 security_info.content_with_cert_errors_status);
531 } 527 }
532 528
533 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 529 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
534 PassiveContentWithCertErrors) { 530 PassiveContentWithCertErrors) {
535 ASSERT_TRUE(https_server_.Start()); 531 ASSERT_TRUE(https_server_.Start());
536 SetUpMockCertVerifierForHttpsServer(0, net::OK); 532 SetUpMockCertVerifierForHttpsServer(0, net::OK);
537 533
538 // Navigate to an HTTPS page and simulate passive content with 534 // Navigate to an HTTPS page and simulate passive content with
539 // certificate errors. 535 // certificate errors.
540 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 536 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
541 content::WebContents* web_contents = 537 content::WebContents* web_contents =
542 browser()->tab_strip_model()->GetActiveWebContents(); 538 browser()->tab_strip_model()->GetActiveWebContents();
543 ASSERT_TRUE(web_contents); 539 ASSERT_TRUE(web_contents);
544 content::NavigationEntry* entry = 540 content::NavigationEntry* entry =
545 web_contents->GetController().GetVisibleEntry(); 541 web_contents->GetController().GetVisibleEntry();
546 ASSERT_TRUE(entry); 542 ASSERT_TRUE(entry);
547 entry->GetSSL().content_status |= 543 entry->GetSSL().content_status |=
548 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS; 544 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS;
549 545
550 ChromeSecurityStateModelClient* model_client = 546 SecurityStateTabHelper* helper =
551 ChromeSecurityStateModelClient::FromWebContents(web_contents); 547 SecurityStateTabHelper::FromWebContents(web_contents);
552 ASSERT_TRUE(model_client); 548 ASSERT_TRUE(helper);
553 SecurityStateModel::SecurityInfo security_info; 549 security_state::SecurityInfo security_info;
554 model_client->GetSecurityInfo(&security_info); 550 helper->GetSecurityInfo(&security_info);
555 551
556 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 552 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
557 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 553 EXPECT_EQ(security_state::NONE, security_info.security_level);
558 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED, 554 EXPECT_EQ(security_state::CONTENT_STATUS_DISPLAYED,
559 security_info.content_with_cert_errors_status); 555 security_info.content_with_cert_errors_status);
560 } 556 }
561 557
562 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 558 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
563 ActiveAndPassiveContentWithCertErrors) { 559 ActiveAndPassiveContentWithCertErrors) {
564 ASSERT_TRUE(https_server_.Start()); 560 ASSERT_TRUE(https_server_.Start());
565 SetUpMockCertVerifierForHttpsServer(0, net::OK); 561 SetUpMockCertVerifierForHttpsServer(0, net::OK);
566 562
567 // Navigate to an HTTPS page and simulate active and passive content 563 // Navigate to an HTTPS page and simulate active and passive content
568 // with certificate errors. 564 // with certificate errors.
569 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 565 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
570 content::WebContents* web_contents = 566 content::WebContents* web_contents =
571 browser()->tab_strip_model()->GetActiveWebContents(); 567 browser()->tab_strip_model()->GetActiveWebContents();
572 ASSERT_TRUE(web_contents); 568 ASSERT_TRUE(web_contents);
573 content::NavigationEntry* entry = 569 content::NavigationEntry* entry =
574 web_contents->GetController().GetVisibleEntry(); 570 web_contents->GetController().GetVisibleEntry();
575 ASSERT_TRUE(entry); 571 ASSERT_TRUE(entry);
576 entry->GetSSL().content_status |= 572 entry->GetSSL().content_status |=
577 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS; 573 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS;
578 entry->GetSSL().content_status |= 574 entry->GetSSL().content_status |=
579 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS; 575 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS;
580 576
581 ChromeSecurityStateModelClient* model_client = 577 SecurityStateTabHelper* helper =
582 ChromeSecurityStateModelClient::FromWebContents(web_contents); 578 SecurityStateTabHelper::FromWebContents(web_contents);
583 ASSERT_TRUE(model_client); 579 ASSERT_TRUE(helper);
584 SecurityStateModel::SecurityInfo security_info; 580 security_state::SecurityInfo security_info;
585 model_client->GetSecurityInfo(&security_info); 581 helper->GetSecurityInfo(&security_info);
586 582
587 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 583 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
588 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level); 584 EXPECT_EQ(security_state::DANGEROUS, security_info.security_level);
589 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, 585 EXPECT_EQ(security_state::CONTENT_STATUS_DISPLAYED_AND_RAN,
590 security_info.content_with_cert_errors_status); 586 security_info.content_with_cert_errors_status);
591 } 587 }
592 588
593 // Same as the test above but with a long-lived SHA1 cert. 589 // Same as the test above but with a long-lived SHA1 cert.
594 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 590 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContentWithBrokenSHA1) {
595 MixedContentWithBrokenSHA1) {
596 ASSERT_TRUE(embedded_test_server()->Start()); 591 ASSERT_TRUE(embedded_test_server()->Start());
597 ASSERT_TRUE(https_server_.Start()); 592 ASSERT_TRUE(https_server_.Start());
598 // The test server uses a long-lived cert by default, so a SHA1 593 // The test server uses a long-lived cert by default, so a SHA1
599 // signature in it will register as a "broken" condition rather than 594 // signature in it will register as a "broken" condition rather than
600 // "warning". 595 // "warning".
601 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, 596 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT,
602 net::OK); 597 net::OK);
603 598
604 host_resolver()->AddRule("example.test", 599 host_resolver()->AddRule("example.test",
605 https_server_.GetURL("/title1.html").host()); 600 https_server_.GetURL("/title1.html").host());
606 601
607 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); 602 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair();
608 replacement_pair.set_host("example.test"); 603 replacement_pair.set_host("example.test");
609 604
610 // Navigate to an HTTPS page that displays mixed content. 605 // Navigate to an HTTPS page that displays mixed content.
611 std::string replacement_path; 606 std::string replacement_path;
612 GetFilePathWithHostAndPortReplacement( 607 GetFilePathWithHostAndPortReplacement(
613 "/ssl/page_displays_insecure_content.html", 608 "/ssl/page_displays_insecure_content.html", replacement_pair,
614 replacement_pair, &replacement_path); 609 &replacement_path);
615 ui_test_utils::NavigateToURL(browser(), 610 ui_test_utils::NavigateToURL(browser(),
616 https_server_.GetURL(replacement_path)); 611 https_server_.GetURL(replacement_path));
617 CheckSecurityInfoForSecure( 612 CheckSecurityInfoForSecure(
618 browser()->tab_strip_model()->GetActiveWebContents(), 613 browser()->tab_strip_model()->GetActiveWebContents(),
619 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 614 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
620 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 615 security_state::CONTENT_STATUS_DISPLAYED, false,
621 false /* expect cert status error */); 616 false /* expect cert status error */);
622 617
623 // Navigate to an HTTPS page that displays mixed content dynamically. 618 // Navigate to an HTTPS page that displays mixed content dynamically.
624 GetFilePathWithHostAndPortReplacement( 619 GetFilePathWithHostAndPortReplacement(
625 "/ssl/page_with_dynamic_insecure_content.html", 620 "/ssl/page_with_dynamic_insecure_content.html", replacement_pair,
626 replacement_pair, &replacement_path); 621 &replacement_path);
627 ui_test_utils::NavigateToURL(browser(), 622 ui_test_utils::NavigateToURL(browser(),
628 https_server_.GetURL(replacement_path)); 623 https_server_.GetURL(replacement_path));
629 CheckSecurityInfoForSecure( 624 CheckSecurityInfoForSecure(
630 browser()->tab_strip_model()->GetActiveWebContents(), 625 browser()->tab_strip_model()->GetActiveWebContents(),
631 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 626 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
632 SecurityStateModel::CONTENT_STATUS_NONE, false, 627 security_state::CONTENT_STATUS_NONE, false,
633 false /* expect cert status error */); 628 false /* expect cert status error */);
634 // Load the insecure image. 629 // Load the insecure image.
635 bool js_result = false; 630 bool js_result = false;
636 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 631 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
637 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();", 632 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();",
638 &js_result)); 633 &js_result));
639 EXPECT_TRUE(js_result); 634 EXPECT_TRUE(js_result);
640 CheckSecurityInfoForSecure( 635 CheckSecurityInfoForSecure(
641 browser()->tab_strip_model()->GetActiveWebContents(), 636 browser()->tab_strip_model()->GetActiveWebContents(),
642 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 637 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
643 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 638 security_state::CONTENT_STATUS_DISPLAYED, false,
644 false /* expect cert status error */); 639 false /* expect cert status error */);
645 640
646 // Navigate to an HTTPS page that runs mixed content. 641 // Navigate to an HTTPS page that runs mixed content.
647 GetFilePathWithHostAndPortReplacement( 642 GetFilePathWithHostAndPortReplacement("/ssl/page_runs_insecure_content.html",
648 "/ssl/page_runs_insecure_content.html", 643 replacement_pair, &replacement_path);
649 replacement_pair, &replacement_path);
650 ui_test_utils::NavigateToURL(browser(), 644 ui_test_utils::NavigateToURL(browser(),
651 https_server_.GetURL(replacement_path)); 645 https_server_.GetURL(replacement_path));
652 CheckSecurityInfoForSecure( 646 CheckSecurityInfoForSecure(
653 browser()->tab_strip_model()->GetActiveWebContents(), 647 browser()->tab_strip_model()->GetActiveWebContents(),
654 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 648 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
655 SecurityStateModel::CONTENT_STATUS_RAN, false, 649 security_state::CONTENT_STATUS_RAN, false,
656 false /* expect cert status error */); 650 false /* expect cert status error */);
657 651
658 // Navigate to an HTTPS page that runs and displays mixed content. 652 // Navigate to an HTTPS page that runs and displays mixed content.
659 GetFilePathWithHostAndPortReplacement( 653 GetFilePathWithHostAndPortReplacement(
660 "/ssl/page_runs_and_displays_insecure_content.html", 654 "/ssl/page_runs_and_displays_insecure_content.html", replacement_pair,
661 replacement_pair, &replacement_path); 655 &replacement_path);
662 ui_test_utils::NavigateToURL(browser(), 656 ui_test_utils::NavigateToURL(browser(),
663 https_server_.GetURL(replacement_path)); 657 https_server_.GetURL(replacement_path));
664 CheckSecurityInfoForSecure( 658 CheckSecurityInfoForSecure(
665 browser()->tab_strip_model()->GetActiveWebContents(), 659 browser()->tab_strip_model()->GetActiveWebContents(),
666 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 660 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
667 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, false, 661 security_state::CONTENT_STATUS_DISPLAYED_AND_RAN, false,
668 false /* expect cert status error */); 662 false /* expect cert status error */);
669 } 663 }
670 664
671 // Tests that the Content Security Policy block-all-mixed-content 665 // Tests that the Content Security Policy block-all-mixed-content
672 // directive stops mixed content from running. 666 // directive stops mixed content from running.
673 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 667 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContentStrictBlocking) {
674 MixedContentStrictBlocking) {
675 ASSERT_TRUE(https_server_.Start()); 668 ASSERT_TRUE(https_server_.Start());
676 SetUpMockCertVerifierForHttpsServer(0, net::OK); 669 SetUpMockCertVerifierForHttpsServer(0, net::OK);
677 670
678 // Navigate to an HTTPS page that tries to run mixed content in an 671 // Navigate to an HTTPS page that tries to run mixed content in an
679 // iframe, with strict mixed content blocking. 672 // iframe, with strict mixed content blocking.
680 std::string replacement_path; 673 std::string replacement_path;
681 net::HostPortPair host_port_pair = 674 net::HostPortPair host_port_pair =
682 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html")); 675 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html"));
683 host_port_pair.set_host("different-host.test"); 676 host_port_pair.set_host("different-host.test");
684 host_resolver()->AddRule("different-host.test", 677 host_resolver()->AddRule("different-host.test",
685 https_server_.GetURL("/title1.html").host()); 678 https_server_.GetURL("/title1.html").host());
686 GetFilePathWithHostAndPortReplacement( 679 GetFilePathWithHostAndPortReplacement(
687 "/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html", 680 "/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html",
688 host_port_pair, &replacement_path); 681 host_port_pair, &replacement_path);
689 ui_test_utils::NavigateToURL(browser(), 682 ui_test_utils::NavigateToURL(browser(),
690 https_server_.GetURL(replacement_path)); 683 https_server_.GetURL(replacement_path));
691 CheckSecurityInfoForSecure( 684 CheckSecurityInfoForSecure(
692 browser()->tab_strip_model()->GetActiveWebContents(), 685 browser()->tab_strip_model()->GetActiveWebContents(),
693 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 686 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
694 SecurityStateModel::CONTENT_STATUS_NONE, false, 687 security_state::CONTENT_STATUS_NONE, false,
695 false /* expect cert status error */); 688 false /* expect cert status error */);
696 } 689 }
697 690
698 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, BrokenHTTPS) { 691 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, BrokenHTTPS) {
699 ASSERT_TRUE(embedded_test_server()->Start()); 692 ASSERT_TRUE(embedded_test_server()->Start());
700 ASSERT_TRUE(https_server_.Start()); 693 ASSERT_TRUE(https_server_.Start());
701 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_DATE_INVALID, 694 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_DATE_INVALID,
702 net::ERR_CERT_DATE_INVALID); 695 net::ERR_CERT_DATE_INVALID);
703 696
704 ui_test_utils::NavigateToURL(browser(), 697 ui_test_utils::NavigateToURL(browser(),
705 https_server_.GetURL("/ssl/google.html")); 698 https_server_.GetURL("/ssl/google.html"));
706 CheckSecurityInfoForSecure( 699 CheckSecurityInfoForSecure(
707 browser()->tab_strip_model()->GetActiveWebContents(), 700 browser()->tab_strip_model()->GetActiveWebContents(),
708 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 701 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
709 SecurityStateModel::CONTENT_STATUS_NONE, false, 702 security_state::CONTENT_STATUS_NONE, false,
710 true /* expect cert status error */); 703 true /* expect cert status error */);
711 704
712 ProceedThroughInterstitial( 705 ProceedThroughInterstitial(
713 browser()->tab_strip_model()->GetActiveWebContents()); 706 browser()->tab_strip_model()->GetActiveWebContents());
714 707
715 CheckSecurityInfoForSecure( 708 CheckSecurityInfoForSecure(
716 browser()->tab_strip_model()->GetActiveWebContents(), 709 browser()->tab_strip_model()->GetActiveWebContents(),
717 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 710 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
718 SecurityStateModel::CONTENT_STATUS_NONE, false, 711 security_state::CONTENT_STATUS_NONE, false,
719 true /* expect cert status error */); 712 true /* expect cert status error */);
720 713
721 // Navigate to a broken HTTPS page that displays mixed content. 714 // Navigate to a broken HTTPS page that displays mixed content.
722 std::string replacement_path; 715 std::string replacement_path;
723 GetFilePathWithHostAndPortReplacement( 716 GetFilePathWithHostAndPortReplacement(
724 "/ssl/page_displays_insecure_content.html", 717 "/ssl/page_displays_insecure_content.html",
725 embedded_test_server()->host_port_pair(), &replacement_path); 718 embedded_test_server()->host_port_pair(), &replacement_path);
726 ui_test_utils::NavigateToURL(browser(), 719 ui_test_utils::NavigateToURL(browser(),
727 https_server_.GetURL(replacement_path)); 720 https_server_.GetURL(replacement_path));
728 CheckSecurityInfoForSecure( 721 CheckSecurityInfoForSecure(
729 browser()->tab_strip_model()->GetActiveWebContents(), 722 browser()->tab_strip_model()->GetActiveWebContents(),
730 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 723 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
731 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 724 security_state::CONTENT_STATUS_DISPLAYED, false,
732 true /* expect cert status error */); 725 true /* expect cert status error */);
733 } 726 }
734 727
735 const char kReportURI[] = "https://report-hpkp.test"; 728 const char kReportURI[] = "https://report-hpkp.test";
736 729
737 class PKPModelClientTest : public ChromeSecurityStateModelClientTest { 730 class PKPModelClientTest : public SecurityStateTabHelperTest {
738 public: 731 public:
739 void SetUpOnMainThread() override { 732 void SetUpOnMainThread() override {
740 ASSERT_TRUE(https_server_.Start()); 733 ASSERT_TRUE(https_server_.Start());
741 url_request_context_getter_ = browser()->profile()->GetRequestContext(); 734 url_request_context_getter_ = browser()->profile()->GetRequestContext();
742 content::BrowserThread::PostTask( 735 content::BrowserThread::PostTask(
743 content::BrowserThread::IO, FROM_HERE, 736 content::BrowserThread::IO, FROM_HERE,
744 base::Bind(&PKPModelClientTest::SetUpOnIOThread, 737 base::Bind(&PKPModelClientTest::SetUpOnIOThread,
745 base::Unretained(this))); 738 base::Unretained(this)));
746 } 739 }
747 740
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
781 memset(hash.data(), 1, hash.size()); 774 memset(hash.data(), 1, hash.size());
782 verify_result.public_key_hashes.push_back(hash); 775 verify_result.public_key_hashes.push_back(hash);
783 776
784 mock_cert_verifier()->AddResultForCert(cert, verify_result, net::OK); 777 mock_cert_verifier()->AddResultForCert(cert, verify_result, net::OK);
785 778
786 ui_test_utils::NavigateToURL(browser(), 779 ui_test_utils::NavigateToURL(browser(),
787 https_server_.GetURL("/ssl/google.html")); 780 https_server_.GetURL("/ssl/google.html"));
788 781
789 CheckSecurityInfoForSecure( 782 CheckSecurityInfoForSecure(
790 browser()->tab_strip_model()->GetActiveWebContents(), 783 browser()->tab_strip_model()->GetActiveWebContents(),
791 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 784 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
792 SecurityStateModel::CONTENT_STATUS_NONE, true, false); 785 security_state::CONTENT_STATUS_NONE, true, false);
793 786
794 const content::SecurityStyleExplanations& explanation = 787 const content::SecurityStyleExplanations& explanation =
795 observer.latest_explanations(); 788 observer.latest_explanations();
796 EXPECT_TRUE(explanation.pkp_bypassed); 789 EXPECT_TRUE(explanation.pkp_bypassed);
797 EXPECT_FALSE(explanation.info_explanations.empty()); 790 EXPECT_FALSE(explanation.info_explanations.empty());
798 } 791 }
799 792
800 IN_PROC_BROWSER_TEST_F(PKPModelClientTest, PKPEnforced) { 793 IN_PROC_BROWSER_TEST_F(PKPModelClientTest, PKPEnforced) {
801 content::WebContents* web_contents = 794 content::WebContents* web_contents =
802 browser()->tab_strip_model()->GetActiveWebContents(); 795 browser()->tab_strip_model()->GetActiveWebContents();
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
838 DISALLOW_COPY_AND_ASSIGN(PendingJobInterceptor); 831 DISALLOW_COPY_AND_ASSIGN(PendingJobInterceptor);
839 }; 832 };
840 833
841 void InstallLoadingInterceptor(const std::string& host) { 834 void InstallLoadingInterceptor(const std::string& host) {
842 net::URLRequestFilter* filter = net::URLRequestFilter::GetInstance(); 835 net::URLRequestFilter* filter = net::URLRequestFilter::GetInstance();
843 filter->AddHostnameInterceptor( 836 filter->AddHostnameInterceptor(
844 "http", host, 837 "http", host,
845 std::unique_ptr<net::URLRequestInterceptor>(new PendingJobInterceptor())); 838 std::unique_ptr<net::URLRequestInterceptor>(new PendingJobInterceptor()));
846 } 839 }
847 840
848 class SecurityStateModelLoadingTest 841 class SecurityStateLoadingTest : public SecurityStateTabHelperTest {
849 : public ChromeSecurityStateModelClientTest {
850 public: 842 public:
851 SecurityStateModelLoadingTest() : ChromeSecurityStateModelClientTest() {} 843 SecurityStateLoadingTest() : SecurityStateTabHelperTest() {}
852 ~SecurityStateModelLoadingTest() override{}; 844 ~SecurityStateLoadingTest() override{};
853 845
854 protected: 846 protected:
855 void SetUpOnMainThread() override { 847 void SetUpOnMainThread() override {
856 ASSERT_TRUE(embedded_test_server()->Start()); 848 ASSERT_TRUE(embedded_test_server()->Start());
857 849
858 content::BrowserThread::PostTask( 850 content::BrowserThread::PostTask(
859 content::BrowserThread::IO, FROM_HERE, 851 content::BrowserThread::IO, FROM_HERE,
860 base::Bind(&InstallLoadingInterceptor, 852 base::Bind(&InstallLoadingInterceptor,
861 embedded_test_server()->GetURL("/title1.html").host())); 853 embedded_test_server()->GetURL("/title1.html").host()));
862 } 854 }
863 855
864 DISALLOW_COPY_AND_ASSIGN(SecurityStateModelLoadingTest); 856 DISALLOW_COPY_AND_ASSIGN(SecurityStateLoadingTest);
865 }; 857 };
866 858
867 // Tests that navigation state changes cause the security state to be 859 // Tests that navigation state changes cause the security state to be
868 // updated. 860 // updated.
869 IN_PROC_BROWSER_TEST_F(SecurityStateModelLoadingTest, NavigationStateChanges) { 861 IN_PROC_BROWSER_TEST_F(SecurityStateLoadingTest, NavigationStateChanges) {
870 ASSERT_TRUE(https_server_.Start()); 862 ASSERT_TRUE(https_server_.Start());
871 SetUpMockCertVerifierForHttpsServer(0, net::OK); 863 SetUpMockCertVerifierForHttpsServer(0, net::OK);
872 864
873 // Navigate to an HTTPS page. 865 // Navigate to an HTTPS page.
874 ui_test_utils::NavigateToURL(browser(), 866 ui_test_utils::NavigateToURL(browser(),
875 https_server_.GetURL("/ssl/google.html")); 867 https_server_.GetURL("/ssl/google.html"));
876 CheckSecurityInfoForSecure( 868 CheckSecurityInfoForSecure(
877 browser()->tab_strip_model()->GetActiveWebContents(), 869 browser()->tab_strip_model()->GetActiveWebContents(),
878 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 870 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
879 SecurityStateModel::CONTENT_STATUS_NONE, false, 871 security_state::CONTENT_STATUS_NONE, false,
880 false /* expect cert status error */); 872 false /* expect cert status error */);
881 873
882 // Navigate to a page that doesn't finish loading. Test that the 874 // Navigate to a page that doesn't finish loading. Test that the
883 // security state is neutral while the page is loading. 875 // security state is neutral while the page is loading.
884 browser()->OpenURL(content::OpenURLParams( 876 browser()->OpenURL(content::OpenURLParams(
885 embedded_test_server()->GetURL("/title1.html"), content::Referrer(), 877 embedded_test_server()->GetURL("/title1.html"), content::Referrer(),
886 WindowOpenDisposition::CURRENT_TAB, ui::PAGE_TRANSITION_TYPED, false)); 878 WindowOpenDisposition::CURRENT_TAB, ui::PAGE_TRANSITION_TYPED, false));
887 CheckSecurityInfoForNonSecure( 879 CheckSecurityInfoForNonSecure(
888 browser()->tab_strip_model()->GetActiveWebContents()); 880 browser()->tab_strip_model()->GetActiveWebContents());
889 } 881 }
890 882
891 // Tests that the NavigationEntry's flags for nonsecure password/credit
892 // card inputs are reflected in the VisibleSecurityState.
893 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest,
894 VisibleSecurityStateNonsecureFormInputs) {
895 ASSERT_TRUE(https_server_.Start());
896 ui_test_utils::NavigateToURL(browser(),
897 https_server_.GetURL("/ssl/google.html"));
898
899 content::WebContents* contents =
900 browser()->tab_strip_model()->GetActiveWebContents();
901 ASSERT_TRUE(contents);
902
903 ChromeSecurityStateModelClient* model_client =
904 ChromeSecurityStateModelClient::FromWebContents(contents);
905 ASSERT_TRUE(model_client);
906
907 // First, test that if the flags aren't set on the NavigationEntry,
908 // then they also aren't set on the VisibleSecurityState.
909 content::SSLStatus& ssl_status =
910 contents->GetController().GetVisibleEntry()->GetSSL();
911 ASSERT_FALSE(ssl_status.content_status &
912 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
913 ASSERT_FALSE(ssl_status.content_status &
914 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP);
915 SecurityStateModel::VisibleSecurityState
916 visible_security_state_no_sensitive_inputs;
917 model_client->GetVisibleSecurityState(
918 &visible_security_state_no_sensitive_inputs);
919 EXPECT_FALSE(visible_security_state_no_sensitive_inputs
920 .displayed_password_field_on_http);
921 EXPECT_FALSE(visible_security_state_no_sensitive_inputs
922 .displayed_credit_card_field_on_http);
923
924 // Now, set the flags on the NavigationEntry and test that they are
925 // reflected in the VisibleSecurityState.
926 ssl_status.content_status |=
927 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP;
928 ssl_status.content_status |=
929 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP;
930 SecurityStateModel::VisibleSecurityState
931 visible_security_state_sensitive_inputs;
932 model_client->GetVisibleSecurityState(
933 &visible_security_state_sensitive_inputs);
934 EXPECT_TRUE(
935 visible_security_state_sensitive_inputs.displayed_password_field_on_http);
936 EXPECT_TRUE(visible_security_state_sensitive_inputs
937 .displayed_credit_card_field_on_http);
938 }
939
940 // Tests that when a visible password field is detected on an HTTP page 883 // Tests that when a visible password field is detected on an HTTP page
941 // load, and when the command-line flag is set, the security level is 884 // load, and when the command-line flag is set, the security level is
942 // downgraded to HTTP_SHOW_WARNING. 885 // downgraded to HTTP_SHOW_WARNING.
943 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 886 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
944 PasswordSecurityLevelDowngraded) { 887 PasswordSecurityLevelDowngraded) {
945 content::WebContents* contents = 888 content::WebContents* contents =
946 browser()->tab_strip_model()->GetActiveWebContents(); 889 browser()->tab_strip_model()->GetActiveWebContents();
947 ASSERT_TRUE(contents); 890 ASSERT_TRUE(contents);
948 891
949 ChromeSecurityStateModelClient* model_client = 892 SecurityStateTabHelper* helper =
950 ChromeSecurityStateModelClient::FromWebContents(contents); 893 SecurityStateTabHelper::FromWebContents(contents);
951 ASSERT_TRUE(model_client); 894 ASSERT_TRUE(helper);
952 895
953 ui_test_utils::NavigateToURL( 896 ui_test_utils::NavigateToURL(
954 browser(), GetURLWithNonLocalHostname(embedded_test_server(), 897 browser(), GetURLWithNonLocalHostname(embedded_test_server(),
955 "/password/simple_password.html")); 898 "/password/simple_password.html"));
956 security_state::SecurityStateModel::SecurityInfo security_info; 899 security_state::SecurityInfo security_info;
957 model_client->GetSecurityInfo(&security_info); 900 helper->GetSecurityInfo(&security_info);
958 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 901 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
959 security_info.security_level);
960 902
961 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 903 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
962 ASSERT_TRUE(entry); 904 ASSERT_TRUE(entry);
963 EXPECT_TRUE(entry->GetSSL().content_status & 905 EXPECT_TRUE(entry->GetSSL().content_status &
964 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 906 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
965 } 907 }
966 908
967 // Tests that when an invisible password field is present on an HTTP page 909 // Tests that when an invisible password field is present on an HTTP page
968 // load, and when the command-line flag is set, the security level is 910 // load, and when the command-line flag is set, the security level is
969 // *not* downgraded to HTTP_SHOW_WARNING. 911 // *not* downgraded to HTTP_SHOW_WARNING.
970 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 912 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
971 PasswordSecurityLevelNotDowngradedForInvisibleInput) { 913 PasswordSecurityLevelNotDowngradedForInvisibleInput) {
972 content::WebContents* contents = 914 content::WebContents* contents =
973 browser()->tab_strip_model()->GetActiveWebContents(); 915 browser()->tab_strip_model()->GetActiveWebContents();
974 ASSERT_TRUE(contents); 916 ASSERT_TRUE(contents);
975 917
976 ChromeSecurityStateModelClient* model_client = 918 SecurityStateTabHelper* helper =
977 ChromeSecurityStateModelClient::FromWebContents(contents); 919 SecurityStateTabHelper::FromWebContents(contents);
978 ASSERT_TRUE(model_client); 920 ASSERT_TRUE(helper);
979 921
980 ui_test_utils::NavigateToURL( 922 ui_test_utils::NavigateToURL(
981 browser(), 923 browser(),
982 GetURLWithNonLocalHostname(embedded_test_server(), 924 GetURLWithNonLocalHostname(embedded_test_server(),
983 "/password/invisible_password.html")); 925 "/password/invisible_password.html"));
984 security_state::SecurityStateModel::SecurityInfo security_info; 926 security_state::SecurityInfo security_info;
985 model_client->GetSecurityInfo(&security_info); 927 helper->GetSecurityInfo(&security_info);
986 EXPECT_EQ(security_state::SecurityStateModel::NONE, 928 EXPECT_EQ(security_state::NONE, security_info.security_level);
987 security_info.security_level);
988 929
989 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 930 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
990 ASSERT_TRUE(entry); 931 ASSERT_TRUE(entry);
991 EXPECT_FALSE(entry->GetSSL().content_status & 932 EXPECT_FALSE(entry->GetSSL().content_status &
992 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 933 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
993 } 934 }
994 935
995 // Tests that when a visible password field is detected inside an iframe 936 // Tests that when a visible password field is detected inside an iframe
996 // on an HTTP page load, and when the command-line flag is set, the 937 // on an HTTP page load, and when the command-line flag is set, the
997 // security level is downgraded to HTTP_SHOW_WARNING. 938 // security level is downgraded to HTTP_SHOW_WARNING.
998 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 939 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
999 PasswordSecurityLevelDowngradedFromIframe) { 940 PasswordSecurityLevelDowngradedFromIframe) {
1000 content::WebContents* contents = 941 content::WebContents* contents =
1001 browser()->tab_strip_model()->GetActiveWebContents(); 942 browser()->tab_strip_model()->GetActiveWebContents();
1002 ASSERT_TRUE(contents); 943 ASSERT_TRUE(contents);
1003 944
1004 ChromeSecurityStateModelClient* model_client = 945 SecurityStateTabHelper* helper =
1005 ChromeSecurityStateModelClient::FromWebContents(contents); 946 SecurityStateTabHelper::FromWebContents(contents);
1006 ASSERT_TRUE(model_client); 947 ASSERT_TRUE(helper);
1007 948
1008 ui_test_utils::NavigateToURL( 949 ui_test_utils::NavigateToURL(
1009 browser(), 950 browser(),
1010 GetURLWithNonLocalHostname(embedded_test_server(), 951 GetURLWithNonLocalHostname(embedded_test_server(),
1011 "/password/simple_password_in_iframe.html")); 952 "/password/simple_password_in_iframe.html"));
1012 security_state::SecurityStateModel::SecurityInfo security_info; 953 security_state::SecurityInfo security_info;
1013 model_client->GetSecurityInfo(&security_info); 954 helper->GetSecurityInfo(&security_info);
1014 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 955 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1015 security_info.security_level);
1016 956
1017 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 957 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1018 ASSERT_TRUE(entry); 958 ASSERT_TRUE(entry);
1019 EXPECT_TRUE(entry->GetSSL().content_status & 959 EXPECT_TRUE(entry->GetSSL().content_status &
1020 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 960 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1021 } 961 }
1022 962
1023 // Tests that when a visible password field is detected inside an iframe 963 // Tests that when a visible password field is detected inside an iframe
1024 // on an HTTP page load, and when the command-line flag is set, the 964 // on an HTTP page load, and when the command-line flag is set, the
1025 // security level is downgraded to HTTP_SHOW_WARNING, even if the iframe 965 // security level is downgraded to HTTP_SHOW_WARNING, even if the iframe
1026 // itself was loaded over HTTPS. 966 // itself was loaded over HTTPS.
1027 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 967 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
1028 PasswordSecurityLevelDowngradedFromHttpsIframe) { 968 PasswordSecurityLevelDowngradedFromHttpsIframe) {
1029 content::WebContents* contents = 969 content::WebContents* contents =
1030 browser()->tab_strip_model()->GetActiveWebContents(); 970 browser()->tab_strip_model()->GetActiveWebContents();
1031 ASSERT_TRUE(contents); 971 ASSERT_TRUE(contents);
1032 972
1033 ChromeSecurityStateModelClient* model_client = 973 SecurityStateTabHelper* helper =
1034 ChromeSecurityStateModelClient::FromWebContents(contents); 974 SecurityStateTabHelper::FromWebContents(contents);
1035 ASSERT_TRUE(model_client); 975 ASSERT_TRUE(helper);
1036 976
1037 // Navigate to an HTTP URL, which loads an iframe using the host and port of 977 // Navigate to an HTTP URL, which loads an iframe using the host and port of
1038 // |https_server_|. 978 // |https_server_|.
1039 std::string replacement_path; 979 std::string replacement_path;
1040 GetFilePathWithHostAndPortReplacement( 980 GetFilePathWithHostAndPortReplacement(
1041 "/password/simple_password_in_https_iframe.html", 981 "/password/simple_password_in_https_iframe.html",
1042 https_server_.host_port_pair(), &replacement_path); 982 https_server_.host_port_pair(), &replacement_path);
1043 ui_test_utils::NavigateToURL( 983 ui_test_utils::NavigateToURL(
1044 browser(), 984 browser(),
1045 GetURLWithNonLocalHostname(embedded_test_server(), replacement_path)); 985 GetURLWithNonLocalHostname(embedded_test_server(), replacement_path));
1046 security_state::SecurityStateModel::SecurityInfo security_info; 986 security_state::SecurityInfo security_info;
1047 model_client->GetSecurityInfo(&security_info); 987 helper->GetSecurityInfo(&security_info);
1048 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 988 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1049 security_info.security_level);
1050 989
1051 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 990 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1052 ASSERT_TRUE(entry); 991 ASSERT_TRUE(entry);
1053 EXPECT_TRUE(entry->GetSSL().content_status & 992 EXPECT_TRUE(entry->GetSSL().content_status &
1054 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 993 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1055 } 994 }
1056 995
1057 // Tests that when a visible password field is detected on an HTTP page 996 // Tests that when a visible password field is detected on an HTTP page
1058 // load, and when the command-line flag is *not* set, the security level is 997 // load, and when the command-line flag is *not* set, the security level is
1059 // *not* downgraded to HTTP_SHOW_WARNING. 998 // *not* downgraded to HTTP_SHOW_WARNING.
1060 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 999 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
1061 PasswordSecurityLevelNotDowngradedWithoutSwitch) { 1000 PasswordSecurityLevelNotDowngradedWithoutSwitch) {
1062 ASSERT_TRUE(embedded_test_server()->Start()); 1001 ASSERT_TRUE(embedded_test_server()->Start());
1063 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 1002 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
1064 1003
1065 content::WebContents* contents = 1004 content::WebContents* contents =
1066 browser()->tab_strip_model()->GetActiveWebContents(); 1005 browser()->tab_strip_model()->GetActiveWebContents();
1067 ASSERT_TRUE(contents); 1006 ASSERT_TRUE(contents);
1068 1007
1069 ChromeSecurityStateModelClient* model_client = 1008 SecurityStateTabHelper* helper =
1070 ChromeSecurityStateModelClient::FromWebContents(contents); 1009 SecurityStateTabHelper::FromWebContents(contents);
1071 ASSERT_TRUE(model_client); 1010 ASSERT_TRUE(helper);
1072 1011
1073 ui_test_utils::NavigateToURL( 1012 ui_test_utils::NavigateToURL(
1074 browser(), GetURLWithNonLocalHostname(embedded_test_server(), 1013 browser(), GetURLWithNonLocalHostname(embedded_test_server(),
1075 "/password/simple_password.html")); 1014 "/password/simple_password.html"));
1076 // The security level should not be HTTP_SHOW_WARNING, because the 1015 // The security level should not be HTTP_SHOW_WARNING, because the
1077 // command-line switch was not set. 1016 // command-line switch was not set.
1078 security_state::SecurityStateModel::SecurityInfo security_info; 1017 security_state::SecurityInfo security_info;
1079 model_client->GetSecurityInfo(&security_info); 1018 helper->GetSecurityInfo(&security_info);
1080 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1019 EXPECT_EQ(security_state::NONE, security_info.security_level);
1081 security_info.security_level);
1082 1020
1083 // The appropriate SSLStatus flags should be set, however. 1021 // The appropriate SSLStatus flags should be set, however.
1084 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1022 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1085 ASSERT_TRUE(entry); 1023 ASSERT_TRUE(entry);
1086 EXPECT_TRUE(entry->GetSSL().content_status & 1024 EXPECT_TRUE(entry->GetSSL().content_status &
1087 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1025 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1088 } 1026 }
1089 1027
1090 // Tests that when a visible password field is detected on an HTTPS page 1028 // Tests that when a visible password field is detected on an HTTPS page
1091 // load, and when the command-line flag is set, the security level is 1029 // load, and when the command-line flag is set, the security level is
1092 // *not* downgraded to HTTP_SHOW_WARNING. 1030 // *not* downgraded to HTTP_SHOW_WARNING.
1093 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1031 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
1094 PasswordSecurityLevelNotDowngradedOnHttps) { 1032 PasswordSecurityLevelNotDowngradedOnHttps) {
1095 content::WebContents* contents = 1033 content::WebContents* contents =
1096 browser()->tab_strip_model()->GetActiveWebContents(); 1034 browser()->tab_strip_model()->GetActiveWebContents();
1097 ASSERT_TRUE(contents); 1035 ASSERT_TRUE(contents);
1098 1036
1099 ChromeSecurityStateModelClient* model_client = 1037 SecurityStateTabHelper* helper =
1100 ChromeSecurityStateModelClient::FromWebContents(contents); 1038 SecurityStateTabHelper::FromWebContents(contents);
1101 ASSERT_TRUE(model_client); 1039 ASSERT_TRUE(helper);
1102 1040
1103 GURL url = GetURLWithNonLocalHostname(&https_server_, 1041 GURL url = GetURLWithNonLocalHostname(&https_server_,
1104 "/password/simple_password.html"); 1042 "/password/simple_password.html");
1105 ui_test_utils::NavigateToURL(browser(), url); 1043 ui_test_utils::NavigateToURL(browser(), url);
1106 // The security level should not be HTTP_SHOW_WARNING, because the page was 1044 // The security level should not be HTTP_SHOW_WARNING, because the page was
1107 // HTTPS instead of HTTP. 1045 // HTTPS instead of HTTP.
1108 security_state::SecurityStateModel::SecurityInfo security_info; 1046 security_state::SecurityInfo security_info;
1109 model_client->GetSecurityInfo(&security_info); 1047 helper->GetSecurityInfo(&security_info);
1110 EXPECT_EQ(security_state::SecurityStateModel::SECURE, 1048 EXPECT_EQ(security_state::SECURE, security_info.security_level);
1111 security_info.security_level);
1112 1049
1113 // The SSLStatus flags should only be set if the top-level page load was HTTP, 1050 // The SSLStatus flags should only be set if the top-level page load was HTTP,
1114 // which it was not in this case. 1051 // which it was not in this case.
1115 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1052 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1116 ASSERT_TRUE(entry); 1053 ASSERT_TRUE(entry);
1117 EXPECT_FALSE(entry->GetSSL().content_status & 1054 EXPECT_FALSE(entry->GetSSL().content_status &
1118 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1055 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1119 } 1056 }
1120 1057
1121 // A Browser subclass that keeps track of messages that have been 1058 // A Browser subclass that keeps track of messages that have been
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
1179 ConsoleWebContentsDelegate* delegate) { 1116 ConsoleWebContentsDelegate* delegate) {
1180 const std::vector<base::string16>& messages = delegate->console_messages(); 1117 const std::vector<base::string16>& messages = delegate->console_messages();
1181 ASSERT_EQ(1u, messages.size()); 1118 ASSERT_EQ(1u, messages.size());
1182 EXPECT_NE(base::string16::npos, 1119 EXPECT_NE(base::string16::npos,
1183 messages[0].find(base::ASCIIToUTF16("warning will be added"))); 1120 messages[0].find(base::ASCIIToUTF16("warning will be added")));
1184 } 1121 }
1185 1122
1186 // Tests that console messages are printed upon a call to 1123 // Tests that console messages are printed upon a call to
1187 // GetSecurityInfo() on an HTTP_SHOW_WARNING page, exactly once per 1124 // GetSecurityInfo() on an HTTP_SHOW_WARNING page, exactly once per
1188 // main-frame navigation. 1125 // main-frame navigation.
1189 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1126 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
1190 ConsoleMessage) { 1127 ConsoleMessage) {
1191 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1128 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1192 Browser::CreateParams(browser()->profile())); 1129 Browser::CreateParams(browser()->profile()));
1193 content::WebContents* original_contents = 1130 content::WebContents* original_contents =
1194 browser()->tab_strip_model()->GetActiveWebContents(); 1131 browser()->tab_strip_model()->GetActiveWebContents();
1195 content::WebContents* contents = 1132 content::WebContents* contents =
1196 content::WebContents::Create(content::WebContents::CreateParams( 1133 content::WebContents::Create(content::WebContents::CreateParams(
1197 original_contents->GetBrowserContext())); 1134 original_contents->GetBrowserContext()));
1198 ASSERT_TRUE(contents); 1135 ASSERT_TRUE(contents);
1199 contents->SetDelegate(delegate); 1136 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1212 EXPECT_EQ(http_url, entry->GetURL()); 1149 EXPECT_EQ(http_url, entry->GetURL());
1213 EXPECT_TRUE(delegate->console_messages().empty()); 1150 EXPECT_TRUE(delegate->console_messages().empty());
1214 1151
1215 // Trigger the HTTP_SHOW_WARNING state. 1152 // Trigger the HTTP_SHOW_WARNING state.
1216 base::RunLoop first_message; 1153 base::RunLoop first_message;
1217 delegate->set_console_message_callback(first_message.QuitClosure()); 1154 delegate->set_console_message_callback(first_message.QuitClosure());
1218 contents->OnPasswordInputShownOnHttp(); 1155 contents->OnPasswordInputShownOnHttp();
1219 first_message.Run(); 1156 first_message.Run();
1220 1157
1221 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1158 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1222 ChromeSecurityStateModelClient* client = 1159 SecurityStateTabHelper* helper =
1223 ChromeSecurityStateModelClient::FromWebContents(contents); 1160 SecurityStateTabHelper::FromWebContents(contents);
1224 ASSERT_TRUE(client); 1161 ASSERT_TRUE(helper);
1225 security_state::SecurityStateModel::SecurityInfo security_info; 1162 security_state::SecurityInfo security_info;
1226 client->GetSecurityInfo(&security_info); 1163 helper->GetSecurityInfo(&security_info);
1227 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1164 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1228 security_info.security_level);
1229 1165
1230 // Check that the expected console message is present. 1166 // Check that the expected console message is present.
1231 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1167 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1232 delegate->ClearConsoleMessages(); 1168 delegate->ClearConsoleMessages();
1233 1169
1234 // Two subsequent triggers of VisibleSecurityStateChanged -- one on the 1170 // Two subsequent triggers of VisibleSecurityStateChanged -- one on the
1235 // same navigation and one on another navigation -- should only result 1171 // same navigation and one on another navigation -- should only result
1236 // in one additional console message. 1172 // in one additional console message.
1237 contents->OnCreditCardInputShownOnHttp(); 1173 contents->OnCreditCardInputShownOnHttp();
1238 GURL second_http_url = 1174 GURL second_http_url =
1239 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html"); 1175 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html");
1240 ui_test_utils::NavigateToURL(delegate, second_http_url); 1176 ui_test_utils::NavigateToURL(delegate, second_http_url);
1241 entry = contents->GetController().GetVisibleEntry(); 1177 entry = contents->GetController().GetVisibleEntry();
1242 ASSERT_TRUE(entry); 1178 ASSERT_TRUE(entry);
1243 EXPECT_EQ(second_http_url, entry->GetURL()); 1179 EXPECT_EQ(second_http_url, entry->GetURL());
1244 1180
1245 base::RunLoop second_message; 1181 base::RunLoop second_message;
1246 delegate->set_console_message_callback(second_message.QuitClosure()); 1182 delegate->set_console_message_callback(second_message.QuitClosure());
1247 contents->OnPasswordInputShownOnHttp(); 1183 contents->OnPasswordInputShownOnHttp();
1248 second_message.Run(); 1184 second_message.Run();
1249 1185
1250 client->GetSecurityInfo(&security_info); 1186 helper->GetSecurityInfo(&security_info);
1251 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1187 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1252 security_info.security_level);
1253 1188
1254 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1189 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1255 } 1190 }
1256 1191
1257 // Tests that console messages are printed upon a call to 1192 // Tests that console messages are printed upon a call to
1258 // GetSecurityInfo() on a NONE page that will be marked 1193 // GetSecurityInfo() on a NONE page that will be marked
1259 // HTTP_SHOW_WARNING in future, exactly once per main-frame navigation. 1194 // HTTP_SHOW_WARNING in future, exactly once per main-frame navigation.
1260 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, ConsoleMessage) { 1195 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, ConsoleMessage) {
1261 ASSERT_TRUE(embedded_test_server()->Start()); 1196 ASSERT_TRUE(embedded_test_server()->Start());
1262 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 1197 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
1263 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1198 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1264 Browser::CreateParams(browser()->profile())); 1199 Browser::CreateParams(browser()->profile()));
1265 content::WebContents* original_contents = 1200 content::WebContents* original_contents =
1266 browser()->tab_strip_model()->GetActiveWebContents(); 1201 browser()->tab_strip_model()->GetActiveWebContents();
1267 content::WebContents* contents = 1202 content::WebContents* contents =
1268 content::WebContents::Create(content::WebContents::CreateParams( 1203 content::WebContents::Create(content::WebContents::CreateParams(
1269 original_contents->GetBrowserContext())); 1204 original_contents->GetBrowserContext()));
1270 ASSERT_TRUE(contents); 1205 ASSERT_TRUE(contents);
(...skipping 13 matching lines...) Expand all
1284 EXPECT_EQ(http_url, entry->GetURL()); 1219 EXPECT_EQ(http_url, entry->GetURL());
1285 EXPECT_TRUE(delegate->console_messages().empty()); 1220 EXPECT_TRUE(delegate->console_messages().empty());
1286 1221
1287 // Trigger the a state that will be marked as HTTP_SHOW_WARNING in future. 1222 // Trigger the a state that will be marked as HTTP_SHOW_WARNING in future.
1288 base::RunLoop first_message; 1223 base::RunLoop first_message;
1289 delegate->set_console_message_callback(first_message.QuitClosure()); 1224 delegate->set_console_message_callback(first_message.QuitClosure());
1290 contents->OnPasswordInputShownOnHttp(); 1225 contents->OnPasswordInputShownOnHttp();
1291 first_message.Run(); 1226 first_message.Run();
1292 1227
1293 // Check that the correct state was actually triggered. 1228 // Check that the correct state was actually triggered.
1294 ChromeSecurityStateModelClient* client = 1229 SecurityStateTabHelper* helper =
1295 ChromeSecurityStateModelClient::FromWebContents(contents); 1230 SecurityStateTabHelper::FromWebContents(contents);
1296 ASSERT_TRUE(client); 1231 ASSERT_TRUE(helper);
1297 security_state::SecurityStateModel::SecurityInfo security_info; 1232 security_state::SecurityInfo security_info;
1298 client->GetSecurityInfo(&security_info); 1233 helper->GetSecurityInfo(&security_info);
1299 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1234 EXPECT_EQ(security_state::NONE, security_info.security_level);
1300 security_info.security_level);
1301 EXPECT_TRUE(security_info.displayed_private_user_data_input_on_http); 1235 EXPECT_TRUE(security_info.displayed_private_user_data_input_on_http);
1302 1236
1303 // Check that the expected console message is present. 1237 // Check that the expected console message is present.
1304 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate)); 1238 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate));
1305 delegate->ClearConsoleMessages(); 1239 delegate->ClearConsoleMessages();
1306 1240
1307 // Two subsequent triggers of VisibleSecurityStateChanged -- one on the 1241 // Two subsequent triggers of VisibleSecurityStateChanged -- one on the
1308 // same navigation and one on another navigation -- should only result 1242 // same navigation and one on another navigation -- should only result
1309 // in one additional console message. 1243 // in one additional console message.
1310 contents->OnCreditCardInputShownOnHttp(); 1244 contents->OnCreditCardInputShownOnHttp();
1311 GURL second_http_url = 1245 GURL second_http_url =
1312 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html"); 1246 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html");
1313 ui_test_utils::NavigateToURL(delegate, second_http_url); 1247 ui_test_utils::NavigateToURL(delegate, second_http_url);
1314 entry = contents->GetController().GetVisibleEntry(); 1248 entry = contents->GetController().GetVisibleEntry();
1315 ASSERT_TRUE(entry); 1249 ASSERT_TRUE(entry);
1316 EXPECT_EQ(second_http_url, entry->GetURL()); 1250 EXPECT_EQ(second_http_url, entry->GetURL());
1317 1251
1318 base::RunLoop second_message; 1252 base::RunLoop second_message;
1319 delegate->set_console_message_callback(second_message.QuitClosure()); 1253 delegate->set_console_message_callback(second_message.QuitClosure());
1320 contents->OnPasswordInputShownOnHttp(); 1254 contents->OnPasswordInputShownOnHttp();
1321 second_message.Run(); 1255 second_message.Run();
1322 1256
1323 client->GetSecurityInfo(&security_info); 1257 helper->GetSecurityInfo(&security_info);
1324 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1258 EXPECT_EQ(security_state::NONE, security_info.security_level);
1325 security_info.security_level);
1326 EXPECT_TRUE(security_info.displayed_private_user_data_input_on_http); 1259 EXPECT_TRUE(security_info.displayed_private_user_data_input_on_http);
1327 1260
1328 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate)); 1261 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate));
1329 } 1262 }
1330 1263
1331 // Tests that additional HTTP_SHOW_WARNING console messages are not 1264 // Tests that additional HTTP_SHOW_WARNING console messages are not
1332 // printed after subframe navigations. 1265 // printed after subframe navigations.
1333 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1266 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
1334 ConsoleMessageNotPrintedForFrameNavigation) { 1267 ConsoleMessageNotPrintedForFrameNavigation) {
1335 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1268 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1336 Browser::CreateParams(browser()->profile())); 1269 Browser::CreateParams(browser()->profile()));
1337 content::WebContents* original_contents = 1270 content::WebContents* original_contents =
1338 browser()->tab_strip_model()->GetActiveWebContents(); 1271 browser()->tab_strip_model()->GetActiveWebContents();
1339 content::WebContents* contents = 1272 content::WebContents* contents =
1340 content::WebContents::Create(content::WebContents::CreateParams( 1273 content::WebContents::Create(content::WebContents::CreateParams(
1341 original_contents->GetBrowserContext())); 1274 original_contents->GetBrowserContext()));
1342 ASSERT_TRUE(contents); 1275 ASSERT_TRUE(contents);
1343 contents->SetDelegate(delegate); 1276 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1356 EXPECT_EQ(http_url, entry->GetURL()); 1289 EXPECT_EQ(http_url, entry->GetURL());
1357 EXPECT_TRUE(delegate->console_messages().empty()); 1290 EXPECT_TRUE(delegate->console_messages().empty());
1358 1291
1359 // Trigger the HTTP_SHOW_WARNING state. 1292 // Trigger the HTTP_SHOW_WARNING state.
1360 base::RunLoop first_message; 1293 base::RunLoop first_message;
1361 delegate->set_console_message_callback(first_message.QuitClosure()); 1294 delegate->set_console_message_callback(first_message.QuitClosure());
1362 contents->OnPasswordInputShownOnHttp(); 1295 contents->OnPasswordInputShownOnHttp();
1363 first_message.Run(); 1296 first_message.Run();
1364 1297
1365 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1298 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1366 ChromeSecurityStateModelClient* client = 1299 SecurityStateTabHelper* helper =
1367 ChromeSecurityStateModelClient::FromWebContents(contents); 1300 SecurityStateTabHelper::FromWebContents(contents);
1368 ASSERT_TRUE(client); 1301 ASSERT_TRUE(helper);
1369 security_state::SecurityStateModel::SecurityInfo security_info; 1302 security_state::SecurityInfo security_info;
1370 client->GetSecurityInfo(&security_info); 1303 helper->GetSecurityInfo(&security_info);
1371 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1304 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1372 security_info.security_level);
1373 1305
1374 // Check that the expected console message is present. 1306 // Check that the expected console message is present.
1375 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1307 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1376 delegate->ClearConsoleMessages(); 1308 delegate->ClearConsoleMessages();
1377 1309
1378 // Navigate the subframe and trigger VisibleSecurityStateChanged 1310 // Navigate the subframe and trigger VisibleSecurityStateChanged
1379 // again. While the security level is still HTTP_SHOW_WARNING, an 1311 // again. While the security level is still HTTP_SHOW_WARNING, an
1380 // additional console message should not be logged because there was 1312 // additional console message should not be logged because there was
1381 // already a console message logged for the current main-frame 1313 // already a console message logged for the current main-frame
1382 // navigation. 1314 // navigation.
1383 content::WindowedNotificationObserver subframe_observer( 1315 content::WindowedNotificationObserver subframe_observer(
1384 content::NOTIFICATION_LOAD_STOP, 1316 content::NOTIFICATION_LOAD_STOP,
1385 content::Source<content::NavigationController>( 1317 content::Source<content::NavigationController>(
1386 &contents->GetController())); 1318 &contents->GetController()));
1387 EXPECT_TRUE(content::ExecuteScript( 1319 EXPECT_TRUE(content::ExecuteScript(
1388 contents, "document.getElementById('navFrame').src = '/title2.html';")); 1320 contents, "document.getElementById('navFrame').src = '/title2.html';"));
1389 subframe_observer.Wait(); 1321 subframe_observer.Wait();
1390 contents->OnCreditCardInputShownOnHttp(); 1322 contents->OnCreditCardInputShownOnHttp();
1391 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1323 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1392 security_info.security_level);
1393 1324
1394 // Do a main frame navigation and then trigger HTTP_SHOW_WARNING 1325 // Do a main frame navigation and then trigger HTTP_SHOW_WARNING
1395 // again. From the above subframe navigation and this main-frame 1326 // again. From the above subframe navigation and this main-frame
1396 // navigation, exactly one console message is expected. 1327 // navigation, exactly one console message is expected.
1397 GURL second_http_url = 1328 GURL second_http_url =
1398 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html"); 1329 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html");
1399 ui_test_utils::NavigateToURL(delegate, second_http_url); 1330 ui_test_utils::NavigateToURL(delegate, second_http_url);
1400 entry = contents->GetController().GetVisibleEntry(); 1331 entry = contents->GetController().GetVisibleEntry();
1401 ASSERT_TRUE(entry); 1332 ASSERT_TRUE(entry);
1402 EXPECT_EQ(second_http_url, entry->GetURL()); 1333 EXPECT_EQ(second_http_url, entry->GetURL());
1403 1334
1404 base::RunLoop second_message; 1335 base::RunLoop second_message;
1405 delegate->set_console_message_callback(second_message.QuitClosure()); 1336 delegate->set_console_message_callback(second_message.QuitClosure());
1406 contents->OnPasswordInputShownOnHttp(); 1337 contents->OnPasswordInputShownOnHttp();
1407 second_message.Run(); 1338 second_message.Run();
1408 1339
1409 client->GetSecurityInfo(&security_info); 1340 helper->GetSecurityInfo(&security_info);
1410 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1341 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1411 security_info.security_level);
1412 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1342 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1413 } 1343 }
1414 1344
1415 // Tests that additional HTTP_SHOW_WARNING console messages are not 1345 // Tests that additional HTTP_SHOW_WARNING console messages are not
1416 // printed after pushState navigations. 1346 // printed after pushState navigations.
1417 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1347 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
1418 ConsoleMessageNotPrintedForPushStateNavigation) { 1348 ConsoleMessageNotPrintedForPushStateNavigation) {
1419 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1349 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1420 Browser::CreateParams(browser()->profile())); 1350 Browser::CreateParams(browser()->profile()));
1421 content::WebContents* original_contents = 1351 content::WebContents* original_contents =
1422 browser()->tab_strip_model()->GetActiveWebContents(); 1352 browser()->tab_strip_model()->GetActiveWebContents();
1423 content::WebContents* contents = 1353 content::WebContents* contents =
1424 content::WebContents::Create(content::WebContents::CreateParams( 1354 content::WebContents::Create(content::WebContents::CreateParams(
1425 original_contents->GetBrowserContext())); 1355 original_contents->GetBrowserContext()));
1426 ASSERT_TRUE(contents); 1356 ASSERT_TRUE(contents);
1427 contents->SetDelegate(delegate); 1357 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1440 EXPECT_EQ(http_url, entry->GetURL()); 1370 EXPECT_EQ(http_url, entry->GetURL());
1441 EXPECT_TRUE(delegate->console_messages().empty()); 1371 EXPECT_TRUE(delegate->console_messages().empty());
1442 1372
1443 // Trigger the HTTP_SHOW_WARNING state. 1373 // Trigger the HTTP_SHOW_WARNING state.
1444 base::RunLoop first_message; 1374 base::RunLoop first_message;
1445 delegate->set_console_message_callback(first_message.QuitClosure()); 1375 delegate->set_console_message_callback(first_message.QuitClosure());
1446 contents->OnPasswordInputShownOnHttp(); 1376 contents->OnPasswordInputShownOnHttp();
1447 first_message.Run(); 1377 first_message.Run();
1448 1378
1449 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1379 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1450 ChromeSecurityStateModelClient* client = 1380 SecurityStateTabHelper* helper =
1451 ChromeSecurityStateModelClient::FromWebContents(contents); 1381 SecurityStateTabHelper::FromWebContents(contents);
1452 ASSERT_TRUE(client); 1382 ASSERT_TRUE(helper);
1453 security_state::SecurityStateModel::SecurityInfo security_info; 1383 security_state::SecurityInfo security_info;
1454 client->GetSecurityInfo(&security_info); 1384 helper->GetSecurityInfo(&security_info);
1455 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1385 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1456 security_info.security_level);
1457 1386
1458 // Check that the expected console message is present. 1387 // Check that the expected console message is present.
1459 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1388 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1460 delegate->ClearConsoleMessages(); 1389 delegate->ClearConsoleMessages();
1461 1390
1462 // Navigate with pushState and trigger VisibleSecurityStateChanged 1391 // Navigate with pushState and trigger VisibleSecurityStateChanged
1463 // again. While the security level is still HTTP_SHOW_WARNING, an 1392 // again. While the security level is still HTTP_SHOW_WARNING, an
1464 // additional console message should not be logged because there was 1393 // additional console message should not be logged because there was
1465 // already a console message logged for the current main-frame 1394 // already a console message logged for the current main-frame
1466 // navigation. 1395 // navigation.
1467 EXPECT_TRUE(content::ExecuteScript( 1396 EXPECT_TRUE(content::ExecuteScript(
1468 contents, "history.pushState({ foo: 'bar' }, 'foo', 'bar');")); 1397 contents, "history.pushState({ foo: 'bar' }, 'foo', 'bar');"));
1469 contents->OnCreditCardInputShownOnHttp(); 1398 contents->OnCreditCardInputShownOnHttp();
1470 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1399 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1471 security_info.security_level);
1472 1400
1473 // Do a main frame navigation and then trigger HTTP_SHOW_WARNING 1401 // Do a main frame navigation and then trigger HTTP_SHOW_WARNING
1474 // again. From the above pushState navigation and this main-frame 1402 // again. From the above pushState navigation and this main-frame
1475 // navigation, exactly one console message is expected. 1403 // navigation, exactly one console message is expected.
1476 GURL second_http_url = 1404 GURL second_http_url =
1477 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html"); 1405 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html");
1478 ui_test_utils::NavigateToURL(delegate, second_http_url); 1406 ui_test_utils::NavigateToURL(delegate, second_http_url);
1479 entry = contents->GetController().GetVisibleEntry(); 1407 entry = contents->GetController().GetVisibleEntry();
1480 ASSERT_TRUE(entry); 1408 ASSERT_TRUE(entry);
1481 EXPECT_EQ(second_http_url, entry->GetURL()); 1409 EXPECT_EQ(second_http_url, entry->GetURL());
1482 1410
1483 base::RunLoop second_message; 1411 base::RunLoop second_message;
1484 delegate->set_console_message_callback(second_message.QuitClosure()); 1412 delegate->set_console_message_callback(second_message.QuitClosure());
1485 contents->OnPasswordInputShownOnHttp(); 1413 contents->OnPasswordInputShownOnHttp();
1486 second_message.Run(); 1414 second_message.Run();
1487 1415
1488 client->GetSecurityInfo(&security_info); 1416 helper->GetSecurityInfo(&security_info);
1489 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1417 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1490 security_info.security_level);
1491 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1418 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1492 } 1419 }
1493 1420
1494 // Tests that the SecurityStateModel for a WebContents is up to date 1421 // Tests that the security state for a WebContents is up to date
1495 // when the WebContents is inserted into a Browser's TabStripModel. 1422 // when the WebContents is inserted into a Browser's TabStripModel.
1496 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, AddedTab) { 1423 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, AddedTab) {
1497 ASSERT_TRUE(https_server_.Start()); 1424 ASSERT_TRUE(https_server_.Start());
1498 SetUpMockCertVerifierForHttpsServer(0, net::OK); 1425 SetUpMockCertVerifierForHttpsServer(0, net::OK);
1499 1426
1500 content::WebContents* tab = 1427 content::WebContents* tab =
1501 browser()->tab_strip_model()->GetActiveWebContents(); 1428 browser()->tab_strip_model()->GetActiveWebContents();
1502 ASSERT_TRUE(tab); 1429 ASSERT_TRUE(tab);
1503 1430
1504 content::WebContents* new_contents = content::WebContents::Create( 1431 content::WebContents* new_contents = content::WebContents::Create(
1505 content::WebContents::CreateParams(tab->GetBrowserContext())); 1432 content::WebContents::CreateParams(tab->GetBrowserContext()));
1506 content::NavigationController& controller = new_contents->GetController(); 1433 content::NavigationController& controller = new_contents->GetController();
1507 ChromeSecurityStateModelClient::CreateForWebContents(new_contents); 1434 SecurityStateTabHelper::CreateForWebContents(new_contents);
1508 CheckSecurityInfoForNonSecure(new_contents); 1435 CheckSecurityInfoForNonSecure(new_contents);
1509 controller.LoadURL(https_server_.GetURL("/title1.html"), content::Referrer(), 1436 controller.LoadURL(https_server_.GetURL("/title1.html"), content::Referrer(),
1510 ui::PAGE_TRANSITION_TYPED, std::string()); 1437 ui::PAGE_TRANSITION_TYPED, std::string());
1511 EXPECT_TRUE(content::WaitForLoadStop(new_contents)); 1438 EXPECT_TRUE(content::WaitForLoadStop(new_contents));
1512 CheckSecurityInfoForSecure(new_contents, SecurityStateModel::SECURE, 1439 CheckSecurityInfoForSecure(new_contents, security_state::SECURE,
1513 SecurityStateModel::NO_DEPRECATED_SHA1, 1440 security_state::NO_DEPRECATED_SHA1,
1514 SecurityStateModel::CONTENT_STATUS_NONE, false, 1441 security_state::CONTENT_STATUS_NONE, false,
1515 false /* expect cert status error */); 1442 false /* expect cert status error */);
1516 1443
1517 browser()->tab_strip_model()->InsertWebContentsAt(0, new_contents, 1444 browser()->tab_strip_model()->InsertWebContentsAt(0, new_contents,
1518 TabStripModel::ADD_NONE); 1445 TabStripModel::ADD_NONE);
1519 CheckSecurityInfoForSecure(new_contents, SecurityStateModel::SECURE, 1446 CheckSecurityInfoForSecure(new_contents, security_state::SECURE,
1520 SecurityStateModel::NO_DEPRECATED_SHA1, 1447 security_state::NO_DEPRECATED_SHA1,
1521 SecurityStateModel::CONTENT_STATUS_NONE, false, 1448 security_state::CONTENT_STATUS_NONE, false,
1522 false /* expect cert status error */); 1449 false /* expect cert status error */);
1523 } 1450 }
1524 1451
1525 // Tests that the WebContentsObserver::SecurityStyleChanged event fires 1452 // Tests that the WebContentsObserver::SecurityStyleChanged event fires
1526 // with the current style on HTTP, broken HTTPS, and valid HTTPS pages. 1453 // with the current style on HTTP, broken HTTPS, and valid HTTPS pages.
1527 IN_PROC_BROWSER_TEST_F(SecurityStyleChangedTest, SecurityStyleChangedObserver) { 1454 IN_PROC_BROWSER_TEST_F(SecurityStyleChangedTest, SecurityStyleChangedObserver) {
1528 ASSERT_TRUE(https_server_.Start()); 1455 ASSERT_TRUE(https_server_.Start());
1529 ASSERT_TRUE(embedded_test_server()->Start()); 1456 ASSERT_TRUE(embedded_test_server()->Start());
1530 1457
1531 net::EmbeddedTestServer https_test_server_expired( 1458 net::EmbeddedTestServer https_test_server_expired(
(...skipping 499 matching lines...) Expand 10 before | Expand all | Expand 10 after
2031 // connection, the SCTs verification statuses are exposed on the 1958 // connection, the SCTs verification statuses are exposed on the
2032 // SecurityInfo. 1959 // SecurityInfo.
2033 IN_PROC_BROWSER_TEST_F(BrowserTestURLRequestWithSCTs, 1960 IN_PROC_BROWSER_TEST_F(BrowserTestURLRequestWithSCTs,
2034 SecurityInfoWithSCTsAttached) { 1961 SecurityInfoWithSCTsAttached) {
2035 ui_test_utils::NavigateToURL( 1962 ui_test_utils::NavigateToURL(
2036 browser(), GURL(std::string("https://") + kMockHostnameWithSCTs)); 1963 browser(), GURL(std::string("https://") + kMockHostnameWithSCTs));
2037 1964
2038 content::WebContents* web_contents = 1965 content::WebContents* web_contents =
2039 browser()->tab_strip_model()->GetActiveWebContents(); 1966 browser()->tab_strip_model()->GetActiveWebContents();
2040 ASSERT_TRUE(web_contents); 1967 ASSERT_TRUE(web_contents);
2041 ChromeSecurityStateModelClient* model_client = 1968 SecurityStateTabHelper* helper =
2042 ChromeSecurityStateModelClient::FromWebContents(web_contents); 1969 SecurityStateTabHelper::FromWebContents(web_contents);
2043 ASSERT_TRUE(model_client); 1970 ASSERT_TRUE(helper);
2044 SecurityStateModel::SecurityInfo security_info; 1971 security_state::SecurityInfo security_info;
2045 model_client->GetSecurityInfo(&security_info); 1972 helper->GetSecurityInfo(&security_info);
2046 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level); 1973 EXPECT_EQ(security_state::SECURE, security_info.security_level);
2047 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); 1974 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses);
2048 } 1975 }
2049 1976
2050 } // namespace 1977 } // namespace
OLDNEW
« no previous file with comments | « chrome/browser/ssl/security_state_tab_helper.cc ('k') | chrome/browser/ssl/security_state_tab_helper_unittest.cc » ('j') | components/security_state/content/DEPS » ('J')

Powered by Google App Engine
This is Rietveld 408576698