Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(266)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/security_state_tab_helper_browser_tests.cc

Issue 2448943002: Refactor SecurityStateModel/Clients for simplicity and reusability. (Closed)
Patch Set: sync. Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/ssl/security_state_tab_helper.cc ('k') | chrome/browser/ssl/security_state_tab_helper_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" 5 #include "chrome/browser/ssl/security_state_tab_helper.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "base/macros.h" 9 #include "base/macros.h"
10 #include "base/strings/string_split.h" 10 #include "base/strings/string_split.h"
11 #include "base/strings/utf_string_conversions.h" 11 #include "base/strings/utf_string_conversions.h"
12 #include "chrome/browser/ssl/cert_verifier_browser_test.h" 12 #include "chrome/browser/ssl/cert_verifier_browser_test.h"
13 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
14 #include "chrome/browser/ssl/ssl_blocking_page.h" 13 #include "chrome/browser/ssl/ssl_blocking_page.h"
15 #include "chrome/browser/ui/browser.h" 14 #include "chrome/browser/ui/browser.h"
16 #include "chrome/browser/ui/browser_commands.h" 15 #include "chrome/browser/ui/browser_commands.h"
17 #include "chrome/browser/ui/tabs/tab_strip_model.h" 16 #include "chrome/browser/ui/tabs/tab_strip_model.h"
18 #include "chrome/common/chrome_paths.h" 17 #include "chrome/common/chrome_paths.h"
19 #include "chrome/common/chrome_switches.h" 18 #include "chrome/common/chrome_switches.h"
20 #include "chrome/common/pref_names.h" 19 #include "chrome/common/pref_names.h"
21 #include "chrome/grit/generated_resources.h"
22 #include "chrome/test/base/in_process_browser_test.h" 20 #include "chrome/test/base/in_process_browser_test.h"
23 #include "chrome/test/base/ui_test_utils.h" 21 #include "chrome/test/base/ui_test_utils.h"
24 #include "components/prefs/pref_service.h" 22 #include "components/prefs/pref_service.h"
25 #include "components/security_state/switches.h" 23 #include "components/security_state/core/security_state.h"
24 #include "components/security_state/core/switches.h"
25 #include "components/strings/grit/components_strings.h"
26 #include "content/public/browser/interstitial_page.h" 26 #include "content/public/browser/interstitial_page.h"
27 #include "content/public/browser/navigation_controller.h" 27 #include "content/public/browser/navigation_controller.h"
28 #include "content/public/browser/navigation_entry.h" 28 #include "content/public/browser/navigation_entry.h"
29 #include "content/public/browser/notification_service.h" 29 #include "content/public/browser/notification_service.h"
30 #include "content/public/browser/notification_types.h" 30 #include "content/public/browser/notification_types.h"
31 #include "content/public/browser/security_style_explanation.h" 31 #include "content/public/browser/security_style_explanation.h"
32 #include "content/public/browser/security_style_explanations.h" 32 #include "content/public/browser/security_style_explanations.h"
33 #include "content/public/browser/ssl_status.h" 33 #include "content/public/browser/ssl_status.h"
34 #include "content/public/browser/web_contents.h" 34 #include "content/public/browser/web_contents.h"
35 #include "content/public/common/referrer.h" 35 #include "content/public/common/referrer.h"
(...skipping 13 matching lines...) Expand all
49 #include "net/test/embedded_test_server/embedded_test_server.h" 49 #include "net/test/embedded_test_server/embedded_test_server.h"
50 #include "net/test/embedded_test_server/request_handler_util.h" 50 #include "net/test/embedded_test_server/request_handler_util.h"
51 #include "net/test/test_data_directory.h" 51 #include "net/test/test_data_directory.h"
52 #include "net/test/url_request/url_request_failed_job.h" 52 #include "net/test/url_request/url_request_failed_job.h"
53 #include "net/test/url_request/url_request_mock_http_job.h" 53 #include "net/test/url_request/url_request_mock_http_job.h"
54 #include "net/url_request/url_request_filter.h" 54 #include "net/url_request/url_request_filter.h"
55 #include "net/url_request/url_request_test_util.h" 55 #include "net/url_request/url_request_test_util.h"
56 #include "third_party/boringssl/src/include/openssl/ssl.h" 56 #include "third_party/boringssl/src/include/openssl/ssl.h"
57 #include "ui/base/l10n/l10n_util.h" 57 #include "ui/base/l10n/l10n_util.h"
58 58
59 using security_state::SecurityStateModel;
60
61 namespace { 59 namespace {
62 60
63 enum CertificateStatus { VALID_CERTIFICATE, INVALID_CERTIFICATE }; 61 enum CertificateStatus { VALID_CERTIFICATE, INVALID_CERTIFICATE };
64 62
65 const base::FilePath::CharType kDocRoot[] = 63 const base::FilePath::CharType kDocRoot[] =
66 FILE_PATH_LITERAL("chrome/test/data"); 64 FILE_PATH_LITERAL("chrome/test/data");
67 65
68 // A WebContentsObserver useful for testing the SecurityStyleChanged() 66 // A WebContentsObserver useful for testing the SecurityStyleChanged()
69 // method: it keeps track of the latest security style and explanation 67 // method: it keeps track of the latest security style and explanation
70 // that was fired. 68 // that was fired.
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
123 expired_explanation.broken_explanations[0].summary); 121 expired_explanation.broken_explanations[0].summary);
124 122
125 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error)); 123 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error));
126 EXPECT_EQ(l10n_util::GetStringFUTF8( 124 EXPECT_EQ(l10n_util::GetStringFUTF8(
127 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), 125 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string),
128 expired_explanation.broken_explanations[0].description); 126 expired_explanation.broken_explanations[0].description);
129 127
130 // Check the associated certificate. 128 // Check the associated certificate.
131 net::X509Certificate* cert = browser->tab_strip_model() 129 net::X509Certificate* cert = browser->tab_strip_model()
132 ->GetActiveWebContents() 130 ->GetActiveWebContents()
133 ->GetController() 131 ->GetController()
134 .GetActiveEntry() 132 .GetActiveEntry()
135 ->GetSSL() 133 ->GetSSL()
136 .certificate.get(); 134 .certificate.get();
137 EXPECT_TRUE(cert->Equals(expected_cert)); 135 EXPECT_TRUE(cert->Equals(expected_cert));
138 EXPECT_TRUE(expired_explanation.broken_explanations[0].has_certificate); 136 EXPECT_TRUE(expired_explanation.broken_explanations[0].has_certificate);
139 } 137 }
140 138
141 // Checks that the given |secure_explanations| contains an appropriate 139 // Checks that the given |secure_explanations| contains an appropriate
142 // explanation if the certificate status is valid. 140 // explanation if the certificate status is valid.
143 void CheckSecureExplanations( 141 void CheckSecureExplanations(
(...skipping 17 matching lines...) Expand all
161 .certificate.get(); 159 .certificate.get();
162 EXPECT_TRUE(cert->Equals(expected_cert)); 160 EXPECT_TRUE(cert->Equals(expected_cert));
163 EXPECT_TRUE(secure_explanations[0].has_certificate); 161 EXPECT_TRUE(secure_explanations[0].has_certificate);
164 } 162 }
165 163
166 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), 164 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY),
167 secure_explanations.back().summary); 165 secure_explanations.back().summary);
168 166
169 content::WebContents* web_contents = 167 content::WebContents* web_contents =
170 browser->tab_strip_model()->GetActiveWebContents(); 168 browser->tab_strip_model()->GetActiveWebContents();
171 SecurityStateModel::SecurityInfo security_info; 169 security_state::SecurityInfo security_info;
172 ChromeSecurityStateModelClient::FromWebContents(web_contents) 170 SecurityStateTabHelper::FromWebContents(web_contents)
173 ->GetSecurityInfo(&security_info); 171 ->GetSecurityInfo(&security_info);
174 172
175 const char *protocol, *key_exchange, *cipher, *mac; 173 const char *protocol, *key_exchange, *cipher, *mac;
176 int ssl_version = 174 int ssl_version =
177 net::SSLConnectionStatusToVersion(security_info.connection_status); 175 net::SSLConnectionStatusToVersion(security_info.connection_status);
178 net::SSLVersionToString(&protocol, ssl_version); 176 net::SSLVersionToString(&protocol, ssl_version);
179 bool is_aead, is_tls13; 177 bool is_aead, is_tls13;
180 uint16_t cipher_suite = 178 uint16_t cipher_suite =
181 net::SSLConnectionStatusToCipherSuite(security_info.connection_status); 179 net::SSLConnectionStatusToCipherSuite(security_info.connection_status);
182 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 180 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead,
(...skipping 16 matching lines...) Expand all
199 description_replacements.push_back(base::ASCIIToUTF16(cipher)); 197 description_replacements.push_back(base::ASCIIToUTF16(cipher));
200 base::string16 secure_description = l10n_util::GetStringFUTF16( 198 base::string16 secure_description = l10n_util::GetStringFUTF16(
201 IDS_STRONG_SSL_DESCRIPTION, description_replacements, nullptr); 199 IDS_STRONG_SSL_DESCRIPTION, description_replacements, nullptr);
202 200
203 EXPECT_EQ(secure_description, 201 EXPECT_EQ(secure_description,
204 base::ASCIIToUTF16(secure_explanations.back().description)); 202 base::ASCIIToUTF16(secure_explanations.back().description));
205 } 203 }
206 204
207 void CheckSecurityInfoForSecure( 205 void CheckSecurityInfoForSecure(
208 content::WebContents* contents, 206 content::WebContents* contents,
209 SecurityStateModel::SecurityLevel expect_security_level, 207 security_state::SecurityLevel expect_security_level,
210 SecurityStateModel::SHA1DeprecationStatus expect_sha1_status, 208 security_state::SHA1DeprecationStatus expect_sha1_status,
211 SecurityStateModel::ContentStatus expect_mixed_content_status, 209 security_state::ContentStatus expect_mixed_content_status,
212 bool pkp_bypassed, 210 bool pkp_bypassed,
213 bool expect_cert_error) { 211 bool expect_cert_error) {
214 ASSERT_TRUE(contents); 212 ASSERT_TRUE(contents);
215 213
216 ChromeSecurityStateModelClient* model_client = 214 SecurityStateTabHelper* helper =
217 ChromeSecurityStateModelClient::FromWebContents(contents); 215 SecurityStateTabHelper::FromWebContents(contents);
218 ASSERT_TRUE(model_client); 216 ASSERT_TRUE(helper);
219 SecurityStateModel::SecurityInfo security_info; 217 security_state::SecurityInfo security_info;
220 model_client->GetSecurityInfo(&security_info); 218 helper->GetSecurityInfo(&security_info);
221 EXPECT_EQ(expect_security_level, security_info.security_level); 219 EXPECT_EQ(expect_security_level, security_info.security_level);
222 EXPECT_EQ(expect_sha1_status, security_info.sha1_deprecation_status); 220 EXPECT_EQ(expect_sha1_status, security_info.sha1_deprecation_status);
223 EXPECT_EQ(expect_mixed_content_status, security_info.mixed_content_status); 221 EXPECT_EQ(expect_mixed_content_status, security_info.mixed_content_status);
224 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 222 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
225 EXPECT_TRUE(security_info.scheme_is_cryptographic); 223 EXPECT_TRUE(security_info.scheme_is_cryptographic);
226 EXPECT_EQ(pkp_bypassed, security_info.pkp_bypassed); 224 EXPECT_EQ(pkp_bypassed, security_info.pkp_bypassed);
227 EXPECT_EQ(expect_cert_error, 225 EXPECT_EQ(expect_cert_error,
228 net::IsCertStatusError(security_info.cert_status)); 226 net::IsCertStatusError(security_info.cert_status));
229 EXPECT_GT(security_info.security_bits, 0); 227 EXPECT_GT(security_info.security_bits, 0);
230 EXPECT_TRUE(!!security_info.certificate); 228 EXPECT_TRUE(!!security_info.certificate);
231 } 229 }
232 230
233 void CheckSecurityInfoForNonSecure(content::WebContents* contents) { 231 void CheckSecurityInfoForNonSecure(content::WebContents* contents) {
234 ASSERT_TRUE(contents); 232 ASSERT_TRUE(contents);
235 233
236 ChromeSecurityStateModelClient* model_client = 234 SecurityStateTabHelper* helper =
237 ChromeSecurityStateModelClient::FromWebContents(contents); 235 SecurityStateTabHelper::FromWebContents(contents);
238 ASSERT_TRUE(model_client); 236 ASSERT_TRUE(helper);
239 SecurityStateModel::SecurityInfo security_info; 237 security_state::SecurityInfo security_info;
240 model_client->GetSecurityInfo(&security_info); 238 helper->GetSecurityInfo(&security_info);
241 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 239 EXPECT_EQ(security_state::NONE, security_info.security_level);
242 EXPECT_EQ(SecurityStateModel::NO_DEPRECATED_SHA1, 240 EXPECT_EQ(security_state::NO_DEPRECATED_SHA1,
243 security_info.sha1_deprecation_status); 241 security_info.sha1_deprecation_status);
244 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_NONE, 242 EXPECT_EQ(security_state::CONTENT_STATUS_NONE,
245 security_info.mixed_content_status); 243 security_info.mixed_content_status);
246 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 244 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
247 EXPECT_FALSE(security_info.scheme_is_cryptographic); 245 EXPECT_FALSE(security_info.scheme_is_cryptographic);
248 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 246 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
249 EXPECT_EQ(-1, security_info.security_bits); 247 EXPECT_EQ(-1, security_info.security_bits);
250 EXPECT_FALSE(!!security_info.certificate); 248 EXPECT_FALSE(!!security_info.certificate);
251 } 249 }
252 250
253 void ProceedThroughInterstitial(content::WebContents* tab) { 251 void ProceedThroughInterstitial(content::WebContents* tab) {
254 content::InterstitialPage* interstitial_page = tab->GetInterstitialPage(); 252 content::InterstitialPage* interstitial_page = tab->GetInterstitialPage();
(...skipping 11 matching lines...) Expand all
266 const std::string& original_file_path, 264 const std::string& original_file_path,
267 const net::HostPortPair& host_port_pair, 265 const net::HostPortPair& host_port_pair,
268 std::string* replacement_path) { 266 std::string* replacement_path) {
269 base::StringPairs replacement_text; 267 base::StringPairs replacement_text;
270 replacement_text.push_back( 268 replacement_text.push_back(
271 make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString())); 269 make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString()));
272 net::test_server::GetFilePathWithReplacements( 270 net::test_server::GetFilePathWithReplacements(
273 original_file_path, replacement_text, replacement_path); 271 original_file_path, replacement_text, replacement_path);
274 } 272 }
275 273
276 class ChromeSecurityStateModelClientTest : public CertVerifierBrowserTest { 274 class SecurityStateTabHelperTest : public CertVerifierBrowserTest {
277 public: 275 public:
278 ChromeSecurityStateModelClientTest() 276 SecurityStateTabHelperTest()
279 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { 277 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
280 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot)); 278 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot));
281 } 279 }
282 280
283 void SetUpCommandLine(base::CommandLine* command_line) override { 281 void SetUpCommandLine(base::CommandLine* command_line) override {
284 // Browser will both run and display insecure content. 282 // Browser will both run and display insecure content.
285 command_line->AppendSwitch(switches::kAllowRunningInsecureContent); 283 command_line->AppendSwitch(switches::kAllowRunningInsecureContent);
286 } 284 }
287 285
288 protected: 286 protected:
289 void SetUpMockCertVerifierForHttpsServer(net::CertStatus cert_status, 287 void SetUpMockCertVerifierForHttpsServer(net::CertStatus cert_status,
290 int net_result) { 288 int net_result) {
291 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate()); 289 scoped_refptr<net::X509Certificate> cert(https_server_.GetCertificate());
292 net::CertVerifyResult verify_result; 290 net::CertVerifyResult verify_result;
293 verify_result.is_issued_by_known_root = true; 291 verify_result.is_issued_by_known_root = true;
294 verify_result.verified_cert = cert; 292 verify_result.verified_cert = cert;
295 verify_result.cert_status = cert_status; 293 verify_result.cert_status = cert_status;
296 294
297 mock_cert_verifier()->AddResultForCert(cert, verify_result, net_result); 295 mock_cert_verifier()->AddResultForCert(cert, verify_result, net_result);
298 } 296 }
299 297
300 net::EmbeddedTestServer https_server_; 298 net::EmbeddedTestServer https_server_;
301 299
302 private: 300 private:
303 DISALLOW_COPY_AND_ASSIGN(ChromeSecurityStateModelClientTest); 301 DISALLOW_COPY_AND_ASSIGN(SecurityStateTabHelperTest);
304 }; 302 };
305 303
306 GURL GetURLWithNonLocalHostname(net::EmbeddedTestServer* server, 304 GURL GetURLWithNonLocalHostname(net::EmbeddedTestServer* server,
307 const std::string& path) { 305 const std::string& path) {
308 GURL::Replacements replace_host; 306 GURL::Replacements replace_host;
309 replace_host.SetHostStr("example.test"); 307 replace_host.SetHostStr("example.test");
310 return server->GetURL(path).ReplaceComponents(replace_host); 308 return server->GetURL(path).ReplaceComponents(replace_host);
311 } 309 }
312 310
313 class ChromeSecurityStateModelClientTestWithPasswordCcSwitch 311 class SecurityStateTabHelperTestWithPasswordCcSwitch
314 : public ChromeSecurityStateModelClientTest, 312 : public SecurityStateTabHelperTest,
315 public testing::WithParamInterface<bool> { 313 public testing::WithParamInterface<bool> {
316 public: 314 public:
317 ChromeSecurityStateModelClientTestWithPasswordCcSwitch() 315 SecurityStateTabHelperTestWithPasswordCcSwitch()
318 : ChromeSecurityStateModelClientTest() {} 316 : SecurityStateTabHelperTest() {}
319 317
320 void SetUpOnMainThread() override { 318 void SetUpOnMainThread() override {
321 ASSERT_TRUE(embedded_test_server()->Start()); 319 ASSERT_TRUE(embedded_test_server()->Start());
322 ASSERT_TRUE(https_server_.Start()); 320 ASSERT_TRUE(https_server_.Start());
323 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 321 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
324 SetUpMockCertVerifierForHttpsServer(0, net::OK); 322 SetUpMockCertVerifierForHttpsServer(0, net::OK);
325 } 323 }
326 324
327 void SetUpCommandLine(base::CommandLine* command_line) override { 325 void SetUpCommandLine(base::CommandLine* command_line) override {
328 ChromeSecurityStateModelClientTest::SetUpCommandLine(command_line); 326 SecurityStateTabHelperTest::SetUpCommandLine(command_line);
329 if (GetParam()) { 327 if (GetParam()) {
330 command_line->AppendSwitchASCII( 328 command_line->AppendSwitchASCII(
331 security_state::switches::kMarkHttpAs, 329 security_state::switches::kMarkHttpAs,
332 security_state::switches:: 330 security_state::switches::
333 kMarkHttpWithPasswordsOrCcWithChipAndFormWarning); 331 kMarkHttpWithPasswordsOrCcWithChipAndFormWarning);
334 } else { 332 } else {
335 command_line->AppendSwitchASCII( 333 command_line->AppendSwitchASCII(
336 security_state::switches::kMarkHttpAs, 334 security_state::switches::kMarkHttpAs,
337 security_state::switches::kMarkHttpWithPasswordsOrCcWithChip); 335 security_state::switches::kMarkHttpWithPasswordsOrCcWithChip);
338 } 336 }
339 } 337 }
340 338
341 private: 339 private:
342 DISALLOW_COPY_AND_ASSIGN( 340 DISALLOW_COPY_AND_ASSIGN(SecurityStateTabHelperTestWithPasswordCcSwitch);
343 ChromeSecurityStateModelClientTestWithPasswordCcSwitch);
344 }; 341 };
345 342
346 class SecurityStyleChangedTest : public InProcessBrowserTest { 343 class SecurityStyleChangedTest : public InProcessBrowserTest {
347 public: 344 public:
348 SecurityStyleChangedTest() 345 SecurityStyleChangedTest()
349 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) { 346 : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
350 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot)); 347 https_server_.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot));
351 } 348 }
352 349
353 void SetUpCommandLine(base::CommandLine* command_line) override { 350 void SetUpCommandLine(base::CommandLine* command_line) override {
354 // Browser will both run and display insecure content. 351 // Browser will both run and display insecure content.
355 command_line->AppendSwitch(switches::kAllowRunningInsecureContent); 352 command_line->AppendSwitch(switches::kAllowRunningInsecureContent);
356 } 353 }
357 354
358 protected: 355 protected:
359 net::EmbeddedTestServer https_server_; 356 net::EmbeddedTestServer https_server_;
360 357
361 private: 358 private:
362 DISALLOW_COPY_AND_ASSIGN(SecurityStyleChangedTest); 359 DISALLOW_COPY_AND_ASSIGN(SecurityStyleChangedTest);
363 }; 360 };
364 361
365 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, HttpPage) { 362 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, HttpPage) {
366 ASSERT_TRUE(embedded_test_server()->Start()); 363 ASSERT_TRUE(embedded_test_server()->Start());
367 ui_test_utils::NavigateToURL( 364 ui_test_utils::NavigateToURL(
368 browser(), embedded_test_server()->GetURL("/ssl/google.html")); 365 browser(), embedded_test_server()->GetURL("/ssl/google.html"));
369 content::WebContents* contents = 366 content::WebContents* contents =
370 browser()->tab_strip_model()->GetActiveWebContents(); 367 browser()->tab_strip_model()->GetActiveWebContents();
371 ASSERT_TRUE(contents); 368 ASSERT_TRUE(contents);
372 369
373 ChromeSecurityStateModelClient* model_client = 370 SecurityStateTabHelper* helper =
374 ChromeSecurityStateModelClient::FromWebContents(contents); 371 SecurityStateTabHelper::FromWebContents(contents);
375 ASSERT_TRUE(model_client); 372 ASSERT_TRUE(helper);
376 SecurityStateModel::SecurityInfo security_info; 373 security_state::SecurityInfo security_info;
377 model_client->GetSecurityInfo(&security_info); 374 helper->GetSecurityInfo(&security_info);
378 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 375 EXPECT_EQ(security_state::NONE, security_info.security_level);
379 EXPECT_EQ(SecurityStateModel::NO_DEPRECATED_SHA1, 376 EXPECT_EQ(security_state::NO_DEPRECATED_SHA1,
380 security_info.sha1_deprecation_status); 377 security_info.sha1_deprecation_status);
381 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_NONE, 378 EXPECT_EQ(security_state::CONTENT_STATUS_NONE,
382 security_info.mixed_content_status); 379 security_info.mixed_content_status);
383 EXPECT_TRUE(security_info.sct_verify_statuses.empty()); 380 EXPECT_TRUE(security_info.sct_verify_statuses.empty());
384 EXPECT_FALSE(security_info.scheme_is_cryptographic); 381 EXPECT_FALSE(security_info.scheme_is_cryptographic);
385 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 382 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
386 EXPECT_FALSE(!!security_info.certificate); 383 EXPECT_FALSE(!!security_info.certificate);
387 EXPECT_EQ(-1, security_info.security_bits); 384 EXPECT_EQ(-1, security_info.security_bits);
388 EXPECT_EQ(0, security_info.connection_status); 385 EXPECT_EQ(0, security_info.connection_status);
389 } 386 }
390 387
391 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, HttpsPage) { 388 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, HttpsPage) {
392 ASSERT_TRUE(https_server_.Start()); 389 ASSERT_TRUE(https_server_.Start());
393 SetUpMockCertVerifierForHttpsServer(0, net::OK); 390 SetUpMockCertVerifierForHttpsServer(0, net::OK);
394 391
395 ui_test_utils::NavigateToURL(browser(), 392 ui_test_utils::NavigateToURL(browser(),
396 https_server_.GetURL("/ssl/google.html")); 393 https_server_.GetURL("/ssl/google.html"));
397 CheckSecurityInfoForSecure( 394 CheckSecurityInfoForSecure(
398 browser()->tab_strip_model()->GetActiveWebContents(), 395 browser()->tab_strip_model()->GetActiveWebContents(),
399 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 396 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
400 SecurityStateModel::CONTENT_STATUS_NONE, false, 397 security_state::CONTENT_STATUS_NONE, false,
401 false /* expect cert status error */); 398 false /* expect cert status error */);
402 } 399 }
403 400
404 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, SHA1Broken) { 401 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, SHA1Broken) {
405 ASSERT_TRUE(https_server_.Start()); 402 ASSERT_TRUE(https_server_.Start());
406 // The test server uses a long-lived cert by default, so a SHA1 403 // The test server uses a long-lived cert by default, so a SHA1
407 // signature in it will register as a "broken" condition rather than 404 // signature in it will register as a "broken" condition rather than
408 // "warning". 405 // "warning".
409 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, 406 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT,
410 net::OK); 407 net::OK);
411 408
412 ui_test_utils::NavigateToURL(browser(), 409 ui_test_utils::NavigateToURL(browser(),
413 https_server_.GetURL("/ssl/google.html")); 410 https_server_.GetURL("/ssl/google.html"));
414 CheckSecurityInfoForSecure( 411 CheckSecurityInfoForSecure(
415 browser()->tab_strip_model()->GetActiveWebContents(), 412 browser()->tab_strip_model()->GetActiveWebContents(),
416 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 413 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
417 SecurityStateModel::CONTENT_STATUS_NONE, false, 414 security_state::CONTENT_STATUS_NONE, false,
418 false /* expect cert status error */); 415 false /* expect cert status error */);
419 } 416 }
420 417
421 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, MixedContent) { 418 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContent) {
422 ASSERT_TRUE(embedded_test_server()->Start()); 419 ASSERT_TRUE(embedded_test_server()->Start());
423 ASSERT_TRUE(https_server_.Start()); 420 ASSERT_TRUE(https_server_.Start());
424 SetUpMockCertVerifierForHttpsServer(0, net::OK); 421 SetUpMockCertVerifierForHttpsServer(0, net::OK);
425 host_resolver()->AddRule("example.test", 422 host_resolver()->AddRule("example.test",
426 https_server_.GetURL("/title1.html").host()); 423 https_server_.GetURL("/title1.html").host());
427 424
428 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); 425 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair();
429 replacement_pair.set_host("example.test"); 426 replacement_pair.set_host("example.test");
430 427
431 // Navigate to an HTTPS page that displays mixed content. 428 // Navigate to an HTTPS page that displays mixed content.
432 std::string replacement_path; 429 std::string replacement_path;
433 GetFilePathWithHostAndPortReplacement( 430 GetFilePathWithHostAndPortReplacement(
434 "/ssl/page_displays_insecure_content.html", 431 "/ssl/page_displays_insecure_content.html", replacement_pair,
435 replacement_pair, &replacement_path); 432 &replacement_path);
436 ui_test_utils::NavigateToURL(browser(), 433 ui_test_utils::NavigateToURL(browser(),
437 https_server_.GetURL(replacement_path)); 434 https_server_.GetURL(replacement_path));
438 CheckSecurityInfoForSecure( 435 CheckSecurityInfoForSecure(
439 browser()->tab_strip_model()->GetActiveWebContents(), 436 browser()->tab_strip_model()->GetActiveWebContents(),
440 SecurityStateModel::NONE, SecurityStateModel::NO_DEPRECATED_SHA1, 437 security_state::NONE, security_state::NO_DEPRECATED_SHA1,
441 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 438 security_state::CONTENT_STATUS_DISPLAYED, false,
442 false /* expect cert status error */); 439 false /* expect cert status error */);
443 440
444 // Navigate to an HTTPS page that displays mixed content dynamically. 441 // Navigate to an HTTPS page that displays mixed content dynamically.
445 GetFilePathWithHostAndPortReplacement( 442 GetFilePathWithHostAndPortReplacement(
446 "/ssl/page_with_dynamic_insecure_content.html", 443 "/ssl/page_with_dynamic_insecure_content.html", replacement_pair,
447 replacement_pair, &replacement_path); 444 &replacement_path);
448 ui_test_utils::NavigateToURL(browser(), 445 ui_test_utils::NavigateToURL(browser(),
449 https_server_.GetURL(replacement_path)); 446 https_server_.GetURL(replacement_path));
450 CheckSecurityInfoForSecure( 447 CheckSecurityInfoForSecure(
451 browser()->tab_strip_model()->GetActiveWebContents(), 448 browser()->tab_strip_model()->GetActiveWebContents(),
452 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 449 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
453 SecurityStateModel::CONTENT_STATUS_NONE, false, 450 security_state::CONTENT_STATUS_NONE, false,
454 false /* expect cert status error */); 451 false /* expect cert status error */);
455 // Load the insecure image. 452 // Load the insecure image.
456 bool js_result = false; 453 bool js_result = false;
457 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 454 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
458 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();", 455 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();",
459 &js_result)); 456 &js_result));
460 EXPECT_TRUE(js_result); 457 EXPECT_TRUE(js_result);
461 CheckSecurityInfoForSecure( 458 CheckSecurityInfoForSecure(
462 browser()->tab_strip_model()->GetActiveWebContents(), 459 browser()->tab_strip_model()->GetActiveWebContents(),
463 SecurityStateModel::NONE, SecurityStateModel::NO_DEPRECATED_SHA1, 460 security_state::NONE, security_state::NO_DEPRECATED_SHA1,
464 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 461 security_state::CONTENT_STATUS_DISPLAYED, false,
465 false /* expect cert status error */); 462 false /* expect cert status error */);
466 463
467 // Navigate to an HTTPS page that runs mixed content. 464 // Navigate to an HTTPS page that runs mixed content.
468 GetFilePathWithHostAndPortReplacement( 465 GetFilePathWithHostAndPortReplacement("/ssl/page_runs_insecure_content.html",
469 "/ssl/page_runs_insecure_content.html", 466 replacement_pair, &replacement_path);
470 replacement_pair, &replacement_path);
471 ui_test_utils::NavigateToURL(browser(), 467 ui_test_utils::NavigateToURL(browser(),
472 https_server_.GetURL(replacement_path)); 468 https_server_.GetURL(replacement_path));
473 CheckSecurityInfoForSecure( 469 CheckSecurityInfoForSecure(
474 browser()->tab_strip_model()->GetActiveWebContents(), 470 browser()->tab_strip_model()->GetActiveWebContents(),
475 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 471 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
476 SecurityStateModel::CONTENT_STATUS_RAN, false, 472 security_state::CONTENT_STATUS_RAN, false,
477 false /* expect cert status error */); 473 false /* expect cert status error */);
478 474
479 // Navigate to an HTTPS page that runs and displays mixed content. 475 // Navigate to an HTTPS page that runs and displays mixed content.
480 GetFilePathWithHostAndPortReplacement( 476 GetFilePathWithHostAndPortReplacement(
481 "/ssl/page_runs_and_displays_insecure_content.html", 477 "/ssl/page_runs_and_displays_insecure_content.html", replacement_pair,
482 replacement_pair, &replacement_path); 478 &replacement_path);
483 ui_test_utils::NavigateToURL(browser(), 479 ui_test_utils::NavigateToURL(browser(),
484 https_server_.GetURL(replacement_path)); 480 https_server_.GetURL(replacement_path));
485 CheckSecurityInfoForSecure( 481 CheckSecurityInfoForSecure(
486 browser()->tab_strip_model()->GetActiveWebContents(), 482 browser()->tab_strip_model()->GetActiveWebContents(),
487 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 483 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
488 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, false, 484 security_state::CONTENT_STATUS_DISPLAYED_AND_RAN, false,
489 false /* expect cert status error */); 485 false /* expect cert status error */);
490 486
491 // Navigate to an HTTPS page that runs mixed content in an iframe. 487 // Navigate to an HTTPS page that runs mixed content in an iframe.
492 net::HostPortPair host_port_pair = 488 net::HostPortPair host_port_pair =
493 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html")); 489 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html"));
494 host_port_pair.set_host("different-host.test"); 490 host_port_pair.set_host("different-host.test");
495 host_resolver()->AddRule("different-host.test", 491 host_resolver()->AddRule("different-host.test",
496 https_server_.GetURL("/title1.html").host()); 492 https_server_.GetURL("/title1.html").host());
497 host_resolver()->AddRule( 493 host_resolver()->AddRule(
498 "different-http-host.test", 494 "different-http-host.test",
499 embedded_test_server()->GetURL("/title1.html").host()); 495 embedded_test_server()->GetURL("/title1.html").host());
500 GetFilePathWithHostAndPortReplacement( 496 GetFilePathWithHostAndPortReplacement(
501 "/ssl/page_runs_insecure_content_in_iframe.html", host_port_pair, 497 "/ssl/page_runs_insecure_content_in_iframe.html", host_port_pair,
502 &replacement_path); 498 &replacement_path);
503 ui_test_utils::NavigateToURL(browser(), 499 ui_test_utils::NavigateToURL(browser(),
504 https_server_.GetURL(replacement_path)); 500 https_server_.GetURL(replacement_path));
505 CheckSecurityInfoForSecure( 501 CheckSecurityInfoForSecure(
506 browser()->tab_strip_model()->GetActiveWebContents(), 502 browser()->tab_strip_model()->GetActiveWebContents(),
507 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 503 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
508 SecurityStateModel::CONTENT_STATUS_RAN, false, 504 security_state::CONTENT_STATUS_RAN, false,
509 false /* expect cert status error */); 505 false /* expect cert status error */);
510 } 506 }
511 507
512 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 508 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
513 ActiveContentWithCertErrors) { 509 ActiveContentWithCertErrors) {
514 ASSERT_TRUE(https_server_.Start()); 510 ASSERT_TRUE(https_server_.Start());
515 SetUpMockCertVerifierForHttpsServer(0, net::OK); 511 SetUpMockCertVerifierForHttpsServer(0, net::OK);
516 512
517 // Navigate to an HTTPS page and simulate active content with 513 // Navigate to an HTTPS page and simulate active content with
518 // certificate errors. 514 // certificate errors.
519 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 515 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
520 content::WebContents* web_contents = 516 content::WebContents* web_contents =
521 browser()->tab_strip_model()->GetActiveWebContents(); 517 browser()->tab_strip_model()->GetActiveWebContents();
522 ASSERT_TRUE(web_contents); 518 ASSERT_TRUE(web_contents);
523 content::NavigationEntry* entry = 519 content::NavigationEntry* entry =
524 web_contents->GetController().GetVisibleEntry(); 520 web_contents->GetController().GetVisibleEntry();
525 ASSERT_TRUE(entry); 521 ASSERT_TRUE(entry);
526 entry->GetSSL().content_status |= 522 entry->GetSSL().content_status |=
527 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS; 523 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS;
528 524
529 ChromeSecurityStateModelClient* model_client = 525 SecurityStateTabHelper* helper =
530 ChromeSecurityStateModelClient::FromWebContents(web_contents); 526 SecurityStateTabHelper::FromWebContents(web_contents);
531 ASSERT_TRUE(model_client); 527 ASSERT_TRUE(helper);
532 SecurityStateModel::SecurityInfo security_info; 528 security_state::SecurityInfo security_info;
533 model_client->GetSecurityInfo(&security_info); 529 helper->GetSecurityInfo(&security_info);
534 530
535 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 531 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
536 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level); 532 EXPECT_EQ(security_state::DANGEROUS, security_info.security_level);
537 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_RAN, 533 EXPECT_EQ(security_state::CONTENT_STATUS_RAN,
538 security_info.content_with_cert_errors_status); 534 security_info.content_with_cert_errors_status);
539 } 535 }
540 536
541 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 537 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
542 PassiveContentWithCertErrors) { 538 PassiveContentWithCertErrors) {
543 ASSERT_TRUE(https_server_.Start()); 539 ASSERT_TRUE(https_server_.Start());
544 SetUpMockCertVerifierForHttpsServer(0, net::OK); 540 SetUpMockCertVerifierForHttpsServer(0, net::OK);
545 541
546 // Navigate to an HTTPS page and simulate passive content with 542 // Navigate to an HTTPS page and simulate passive content with
547 // certificate errors. 543 // certificate errors.
548 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 544 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
549 content::WebContents* web_contents = 545 content::WebContents* web_contents =
550 browser()->tab_strip_model()->GetActiveWebContents(); 546 browser()->tab_strip_model()->GetActiveWebContents();
551 ASSERT_TRUE(web_contents); 547 ASSERT_TRUE(web_contents);
552 content::NavigationEntry* entry = 548 content::NavigationEntry* entry =
553 web_contents->GetController().GetVisibleEntry(); 549 web_contents->GetController().GetVisibleEntry();
554 ASSERT_TRUE(entry); 550 ASSERT_TRUE(entry);
555 entry->GetSSL().content_status |= 551 entry->GetSSL().content_status |=
556 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS; 552 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS;
557 553
558 ChromeSecurityStateModelClient* model_client = 554 SecurityStateTabHelper* helper =
559 ChromeSecurityStateModelClient::FromWebContents(web_contents); 555 SecurityStateTabHelper::FromWebContents(web_contents);
560 ASSERT_TRUE(model_client); 556 ASSERT_TRUE(helper);
561 SecurityStateModel::SecurityInfo security_info; 557 security_state::SecurityInfo security_info;
562 model_client->GetSecurityInfo(&security_info); 558 helper->GetSecurityInfo(&security_info);
563 559
564 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 560 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
565 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); 561 EXPECT_EQ(security_state::NONE, security_info.security_level);
566 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED, 562 EXPECT_EQ(security_state::CONTENT_STATUS_DISPLAYED,
567 security_info.content_with_cert_errors_status); 563 security_info.content_with_cert_errors_status);
568 } 564 }
569 565
570 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 566 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
571 ActiveAndPassiveContentWithCertErrors) { 567 ActiveAndPassiveContentWithCertErrors) {
572 ASSERT_TRUE(https_server_.Start()); 568 ASSERT_TRUE(https_server_.Start());
573 SetUpMockCertVerifierForHttpsServer(0, net::OK); 569 SetUpMockCertVerifierForHttpsServer(0, net::OK);
574 570
575 // Navigate to an HTTPS page and simulate active and passive content 571 // Navigate to an HTTPS page and simulate active and passive content
576 // with certificate errors. 572 // with certificate errors.
577 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html")); 573 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL("/title1.html"));
578 content::WebContents* web_contents = 574 content::WebContents* web_contents =
579 browser()->tab_strip_model()->GetActiveWebContents(); 575 browser()->tab_strip_model()->GetActiveWebContents();
580 ASSERT_TRUE(web_contents); 576 ASSERT_TRUE(web_contents);
581 content::NavigationEntry* entry = 577 content::NavigationEntry* entry =
582 web_contents->GetController().GetVisibleEntry(); 578 web_contents->GetController().GetVisibleEntry();
583 ASSERT_TRUE(entry); 579 ASSERT_TRUE(entry);
584 entry->GetSSL().content_status |= 580 entry->GetSSL().content_status |=
585 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS; 581 content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS;
586 entry->GetSSL().content_status |= 582 entry->GetSSL().content_status |=
587 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS; 583 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS;
588 584
589 ChromeSecurityStateModelClient* model_client = 585 SecurityStateTabHelper* helper =
590 ChromeSecurityStateModelClient::FromWebContents(web_contents); 586 SecurityStateTabHelper::FromWebContents(web_contents);
591 ASSERT_TRUE(model_client); 587 ASSERT_TRUE(helper);
592 SecurityStateModel::SecurityInfo security_info; 588 security_state::SecurityInfo security_info;
593 model_client->GetSecurityInfo(&security_info); 589 helper->GetSecurityInfo(&security_info);
594 590
595 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status)); 591 EXPECT_FALSE(net::IsCertStatusError(security_info.cert_status));
596 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level); 592 EXPECT_EQ(security_state::DANGEROUS, security_info.security_level);
597 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, 593 EXPECT_EQ(security_state::CONTENT_STATUS_DISPLAYED_AND_RAN,
598 security_info.content_with_cert_errors_status); 594 security_info.content_with_cert_errors_status);
599 } 595 }
600 596
601 // Same as the test above but with a long-lived SHA1 cert. 597 // Same as the test above but with a long-lived SHA1 cert.
602 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 598 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContentWithBrokenSHA1) {
603 MixedContentWithBrokenSHA1) {
604 ASSERT_TRUE(embedded_test_server()->Start()); 599 ASSERT_TRUE(embedded_test_server()->Start());
605 ASSERT_TRUE(https_server_.Start()); 600 ASSERT_TRUE(https_server_.Start());
606 // The test server uses a long-lived cert by default, so a SHA1 601 // The test server uses a long-lived cert by default, so a SHA1
607 // signature in it will register as a "broken" condition rather than 602 // signature in it will register as a "broken" condition rather than
608 // "warning". 603 // "warning".
609 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, 604 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT,
610 net::OK); 605 net::OK);
611 606
612 host_resolver()->AddRule("example.test", 607 host_resolver()->AddRule("example.test",
613 https_server_.GetURL("/title1.html").host()); 608 https_server_.GetURL("/title1.html").host());
614 609
615 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); 610 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair();
616 replacement_pair.set_host("example.test"); 611 replacement_pair.set_host("example.test");
617 612
618 // Navigate to an HTTPS page that displays mixed content. 613 // Navigate to an HTTPS page that displays mixed content.
619 std::string replacement_path; 614 std::string replacement_path;
620 GetFilePathWithHostAndPortReplacement( 615 GetFilePathWithHostAndPortReplacement(
621 "/ssl/page_displays_insecure_content.html", 616 "/ssl/page_displays_insecure_content.html", replacement_pair,
622 replacement_pair, &replacement_path); 617 &replacement_path);
623 ui_test_utils::NavigateToURL(browser(), 618 ui_test_utils::NavigateToURL(browser(),
624 https_server_.GetURL(replacement_path)); 619 https_server_.GetURL(replacement_path));
625 CheckSecurityInfoForSecure( 620 CheckSecurityInfoForSecure(
626 browser()->tab_strip_model()->GetActiveWebContents(), 621 browser()->tab_strip_model()->GetActiveWebContents(),
627 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 622 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
628 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 623 security_state::CONTENT_STATUS_DISPLAYED, false,
629 false /* expect cert status error */); 624 false /* expect cert status error */);
630 625
631 // Navigate to an HTTPS page that displays mixed content dynamically. 626 // Navigate to an HTTPS page that displays mixed content dynamically.
632 GetFilePathWithHostAndPortReplacement( 627 GetFilePathWithHostAndPortReplacement(
633 "/ssl/page_with_dynamic_insecure_content.html", 628 "/ssl/page_with_dynamic_insecure_content.html", replacement_pair,
634 replacement_pair, &replacement_path); 629 &replacement_path);
635 ui_test_utils::NavigateToURL(browser(), 630 ui_test_utils::NavigateToURL(browser(),
636 https_server_.GetURL(replacement_path)); 631 https_server_.GetURL(replacement_path));
637 CheckSecurityInfoForSecure( 632 CheckSecurityInfoForSecure(
638 browser()->tab_strip_model()->GetActiveWebContents(), 633 browser()->tab_strip_model()->GetActiveWebContents(),
639 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 634 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
640 SecurityStateModel::CONTENT_STATUS_NONE, false, 635 security_state::CONTENT_STATUS_NONE, false,
641 false /* expect cert status error */); 636 false /* expect cert status error */);
642 // Load the insecure image. 637 // Load the insecure image.
643 bool js_result = false; 638 bool js_result = false;
644 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 639 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
645 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();", 640 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();",
646 &js_result)); 641 &js_result));
647 EXPECT_TRUE(js_result); 642 EXPECT_TRUE(js_result);
648 CheckSecurityInfoForSecure( 643 CheckSecurityInfoForSecure(
649 browser()->tab_strip_model()->GetActiveWebContents(), 644 browser()->tab_strip_model()->GetActiveWebContents(),
650 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 645 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
651 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 646 security_state::CONTENT_STATUS_DISPLAYED, false,
652 false /* expect cert status error */); 647 false /* expect cert status error */);
653 648
654 // Navigate to an HTTPS page that runs mixed content. 649 // Navigate to an HTTPS page that runs mixed content.
655 GetFilePathWithHostAndPortReplacement( 650 GetFilePathWithHostAndPortReplacement("/ssl/page_runs_insecure_content.html",
656 "/ssl/page_runs_insecure_content.html", 651 replacement_pair, &replacement_path);
657 replacement_pair, &replacement_path);
658 ui_test_utils::NavigateToURL(browser(), 652 ui_test_utils::NavigateToURL(browser(),
659 https_server_.GetURL(replacement_path)); 653 https_server_.GetURL(replacement_path));
660 CheckSecurityInfoForSecure( 654 CheckSecurityInfoForSecure(
661 browser()->tab_strip_model()->GetActiveWebContents(), 655 browser()->tab_strip_model()->GetActiveWebContents(),
662 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 656 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
663 SecurityStateModel::CONTENT_STATUS_RAN, false, 657 security_state::CONTENT_STATUS_RAN, false,
664 false /* expect cert status error */); 658 false /* expect cert status error */);
665 659
666 // Navigate to an HTTPS page that runs and displays mixed content. 660 // Navigate to an HTTPS page that runs and displays mixed content.
667 GetFilePathWithHostAndPortReplacement( 661 GetFilePathWithHostAndPortReplacement(
668 "/ssl/page_runs_and_displays_insecure_content.html", 662 "/ssl/page_runs_and_displays_insecure_content.html", replacement_pair,
669 replacement_pair, &replacement_path); 663 &replacement_path);
670 ui_test_utils::NavigateToURL(browser(), 664 ui_test_utils::NavigateToURL(browser(),
671 https_server_.GetURL(replacement_path)); 665 https_server_.GetURL(replacement_path));
672 CheckSecurityInfoForSecure( 666 CheckSecurityInfoForSecure(
673 browser()->tab_strip_model()->GetActiveWebContents(), 667 browser()->tab_strip_model()->GetActiveWebContents(),
674 SecurityStateModel::DANGEROUS, SecurityStateModel::DEPRECATED_SHA1_MAJOR, 668 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR,
675 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN, false, 669 security_state::CONTENT_STATUS_DISPLAYED_AND_RAN, false,
676 false /* expect cert status error */); 670 false /* expect cert status error */);
677 } 671 }
678 672
679 // Tests that the Content Security Policy block-all-mixed-content 673 // Tests that the Content Security Policy block-all-mixed-content
680 // directive stops mixed content from running. 674 // directive stops mixed content from running.
681 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 675 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContentStrictBlocking) {
682 MixedContentStrictBlocking) {
683 ASSERT_TRUE(https_server_.Start()); 676 ASSERT_TRUE(https_server_.Start());
684 SetUpMockCertVerifierForHttpsServer(0, net::OK); 677 SetUpMockCertVerifierForHttpsServer(0, net::OK);
685 678
686 // Navigate to an HTTPS page that tries to run mixed content in an 679 // Navigate to an HTTPS page that tries to run mixed content in an
687 // iframe, with strict mixed content blocking. 680 // iframe, with strict mixed content blocking.
688 std::string replacement_path; 681 std::string replacement_path;
689 net::HostPortPair host_port_pair = 682 net::HostPortPair host_port_pair =
690 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html")); 683 net::HostPortPair::FromURL(https_server_.GetURL("/title1.html"));
691 host_port_pair.set_host("different-host.test"); 684 host_port_pair.set_host("different-host.test");
692 host_resolver()->AddRule("different-host.test", 685 host_resolver()->AddRule("different-host.test",
693 https_server_.GetURL("/title1.html").host()); 686 https_server_.GetURL("/title1.html").host());
694 GetFilePathWithHostAndPortReplacement( 687 GetFilePathWithHostAndPortReplacement(
695 "/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html", 688 "/ssl/page_runs_insecure_content_in_iframe_with_strict_blocking.html",
696 host_port_pair, &replacement_path); 689 host_port_pair, &replacement_path);
697 ui_test_utils::NavigateToURL(browser(), 690 ui_test_utils::NavigateToURL(browser(),
698 https_server_.GetURL(replacement_path)); 691 https_server_.GetURL(replacement_path));
699 CheckSecurityInfoForSecure( 692 CheckSecurityInfoForSecure(
700 browser()->tab_strip_model()->GetActiveWebContents(), 693 browser()->tab_strip_model()->GetActiveWebContents(),
701 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 694 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
702 SecurityStateModel::CONTENT_STATUS_NONE, false, 695 security_state::CONTENT_STATUS_NONE, false,
703 false /* expect cert status error */); 696 false /* expect cert status error */);
704 } 697 }
705 698
706 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, BrokenHTTPS) { 699 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, BrokenHTTPS) {
707 ASSERT_TRUE(embedded_test_server()->Start()); 700 ASSERT_TRUE(embedded_test_server()->Start());
708 ASSERT_TRUE(https_server_.Start()); 701 ASSERT_TRUE(https_server_.Start());
709 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_DATE_INVALID, 702 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_DATE_INVALID,
710 net::ERR_CERT_DATE_INVALID); 703 net::ERR_CERT_DATE_INVALID);
711 704
712 ui_test_utils::NavigateToURL(browser(), 705 ui_test_utils::NavigateToURL(browser(),
713 https_server_.GetURL("/ssl/google.html")); 706 https_server_.GetURL("/ssl/google.html"));
714 CheckSecurityInfoForSecure( 707 CheckSecurityInfoForSecure(
715 browser()->tab_strip_model()->GetActiveWebContents(), 708 browser()->tab_strip_model()->GetActiveWebContents(),
716 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 709 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
717 SecurityStateModel::CONTENT_STATUS_NONE, false, 710 security_state::CONTENT_STATUS_NONE, false,
718 true /* expect cert status error */); 711 true /* expect cert status error */);
719 712
720 ProceedThroughInterstitial( 713 ProceedThroughInterstitial(
721 browser()->tab_strip_model()->GetActiveWebContents()); 714 browser()->tab_strip_model()->GetActiveWebContents());
722 715
723 CheckSecurityInfoForSecure( 716 CheckSecurityInfoForSecure(
724 browser()->tab_strip_model()->GetActiveWebContents(), 717 browser()->tab_strip_model()->GetActiveWebContents(),
725 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 718 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
726 SecurityStateModel::CONTENT_STATUS_NONE, false, 719 security_state::CONTENT_STATUS_NONE, false,
727 true /* expect cert status error */); 720 true /* expect cert status error */);
728 721
729 // Navigate to a broken HTTPS page that displays mixed content. 722 // Navigate to a broken HTTPS page that displays mixed content.
730 std::string replacement_path; 723 std::string replacement_path;
731 GetFilePathWithHostAndPortReplacement( 724 GetFilePathWithHostAndPortReplacement(
732 "/ssl/page_displays_insecure_content.html", 725 "/ssl/page_displays_insecure_content.html",
733 embedded_test_server()->host_port_pair(), &replacement_path); 726 embedded_test_server()->host_port_pair(), &replacement_path);
734 ui_test_utils::NavigateToURL(browser(), 727 ui_test_utils::NavigateToURL(browser(),
735 https_server_.GetURL(replacement_path)); 728 https_server_.GetURL(replacement_path));
736 CheckSecurityInfoForSecure( 729 CheckSecurityInfoForSecure(
737 browser()->tab_strip_model()->GetActiveWebContents(), 730 browser()->tab_strip_model()->GetActiveWebContents(),
738 SecurityStateModel::DANGEROUS, SecurityStateModel::NO_DEPRECATED_SHA1, 731 security_state::DANGEROUS, security_state::NO_DEPRECATED_SHA1,
739 SecurityStateModel::CONTENT_STATUS_DISPLAYED, false, 732 security_state::CONTENT_STATUS_DISPLAYED, false,
740 true /* expect cert status error */); 733 true /* expect cert status error */);
741 } 734 }
742 735
743 const char kReportURI[] = "https://report-hpkp.test"; 736 const char kReportURI[] = "https://report-hpkp.test";
744 737
745 class PKPModelClientTest : public ChromeSecurityStateModelClientTest { 738 class PKPModelClientTest : public SecurityStateTabHelperTest {
746 public: 739 public:
747 void SetUpOnMainThread() override { 740 void SetUpOnMainThread() override {
748 ASSERT_TRUE(https_server_.Start()); 741 ASSERT_TRUE(https_server_.Start());
749 url_request_context_getter_ = browser()->profile()->GetRequestContext(); 742 url_request_context_getter_ = browser()->profile()->GetRequestContext();
750 content::BrowserThread::PostTask( 743 content::BrowserThread::PostTask(
751 content::BrowserThread::IO, FROM_HERE, 744 content::BrowserThread::IO, FROM_HERE,
752 base::Bind(&PKPModelClientTest::SetUpOnIOThread, 745 base::Bind(&PKPModelClientTest::SetUpOnIOThread,
753 base::Unretained(this))); 746 base::Unretained(this)));
754 } 747 }
755 748
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
789 memset(hash.data(), 1, hash.size()); 782 memset(hash.data(), 1, hash.size());
790 verify_result.public_key_hashes.push_back(hash); 783 verify_result.public_key_hashes.push_back(hash);
791 784
792 mock_cert_verifier()->AddResultForCert(cert, verify_result, net::OK); 785 mock_cert_verifier()->AddResultForCert(cert, verify_result, net::OK);
793 786
794 ui_test_utils::NavigateToURL(browser(), 787 ui_test_utils::NavigateToURL(browser(),
795 https_server_.GetURL("/ssl/google.html")); 788 https_server_.GetURL("/ssl/google.html"));
796 789
797 CheckSecurityInfoForSecure( 790 CheckSecurityInfoForSecure(
798 browser()->tab_strip_model()->GetActiveWebContents(), 791 browser()->tab_strip_model()->GetActiveWebContents(),
799 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 792 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
800 SecurityStateModel::CONTENT_STATUS_NONE, true, false); 793 security_state::CONTENT_STATUS_NONE, true, false);
801 794
802 const content::SecurityStyleExplanations& explanation = 795 const content::SecurityStyleExplanations& explanation =
803 observer.latest_explanations(); 796 observer.latest_explanations();
804 EXPECT_TRUE(explanation.pkp_bypassed); 797 EXPECT_TRUE(explanation.pkp_bypassed);
805 EXPECT_FALSE(explanation.info_explanations.empty()); 798 EXPECT_FALSE(explanation.info_explanations.empty());
806 } 799 }
807 800
808 IN_PROC_BROWSER_TEST_F(PKPModelClientTest, PKPEnforced) { 801 IN_PROC_BROWSER_TEST_F(PKPModelClientTest, PKPEnforced) {
809 content::WebContents* web_contents = 802 content::WebContents* web_contents =
810 browser()->tab_strip_model()->GetActiveWebContents(); 803 browser()->tab_strip_model()->GetActiveWebContents();
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
846 DISALLOW_COPY_AND_ASSIGN(PendingJobInterceptor); 839 DISALLOW_COPY_AND_ASSIGN(PendingJobInterceptor);
847 }; 840 };
848 841
849 void InstallLoadingInterceptor(const std::string& host) { 842 void InstallLoadingInterceptor(const std::string& host) {
850 net::URLRequestFilter* filter = net::URLRequestFilter::GetInstance(); 843 net::URLRequestFilter* filter = net::URLRequestFilter::GetInstance();
851 filter->AddHostnameInterceptor( 844 filter->AddHostnameInterceptor(
852 "http", host, 845 "http", host,
853 std::unique_ptr<net::URLRequestInterceptor>(new PendingJobInterceptor())); 846 std::unique_ptr<net::URLRequestInterceptor>(new PendingJobInterceptor()));
854 } 847 }
855 848
856 class SecurityStateModelLoadingTest 849 class SecurityStateLoadingTest : public SecurityStateTabHelperTest {
857 : public ChromeSecurityStateModelClientTest {
858 public: 850 public:
859 SecurityStateModelLoadingTest() : ChromeSecurityStateModelClientTest() {} 851 SecurityStateLoadingTest() : SecurityStateTabHelperTest() {}
860 ~SecurityStateModelLoadingTest() override{}; 852 ~SecurityStateLoadingTest() override{};
861 853
862 protected: 854 protected:
863 void SetUpOnMainThread() override { 855 void SetUpOnMainThread() override {
864 ASSERT_TRUE(embedded_test_server()->Start()); 856 ASSERT_TRUE(embedded_test_server()->Start());
865 857
866 content::BrowserThread::PostTask( 858 content::BrowserThread::PostTask(
867 content::BrowserThread::IO, FROM_HERE, 859 content::BrowserThread::IO, FROM_HERE,
868 base::Bind(&InstallLoadingInterceptor, 860 base::Bind(&InstallLoadingInterceptor,
869 embedded_test_server()->GetURL("/title1.html").host())); 861 embedded_test_server()->GetURL("/title1.html").host()));
870 } 862 }
871 863
872 DISALLOW_COPY_AND_ASSIGN(SecurityStateModelLoadingTest); 864 DISALLOW_COPY_AND_ASSIGN(SecurityStateLoadingTest);
873 }; 865 };
874 866
875 // Tests that navigation state changes cause the security state to be 867 // Tests that navigation state changes cause the security state to be
876 // updated. 868 // updated.
877 IN_PROC_BROWSER_TEST_F(SecurityStateModelLoadingTest, NavigationStateChanges) { 869 IN_PROC_BROWSER_TEST_F(SecurityStateLoadingTest, NavigationStateChanges) {
878 ASSERT_TRUE(https_server_.Start()); 870 ASSERT_TRUE(https_server_.Start());
879 SetUpMockCertVerifierForHttpsServer(0, net::OK); 871 SetUpMockCertVerifierForHttpsServer(0, net::OK);
880 872
881 // Navigate to an HTTPS page. 873 // Navigate to an HTTPS page.
882 ui_test_utils::NavigateToURL(browser(), 874 ui_test_utils::NavigateToURL(browser(),
883 https_server_.GetURL("/ssl/google.html")); 875 https_server_.GetURL("/ssl/google.html"));
884 CheckSecurityInfoForSecure( 876 CheckSecurityInfoForSecure(
885 browser()->tab_strip_model()->GetActiveWebContents(), 877 browser()->tab_strip_model()->GetActiveWebContents(),
886 SecurityStateModel::SECURE, SecurityStateModel::NO_DEPRECATED_SHA1, 878 security_state::SECURE, security_state::NO_DEPRECATED_SHA1,
887 SecurityStateModel::CONTENT_STATUS_NONE, false, 879 security_state::CONTENT_STATUS_NONE, false,
888 false /* expect cert status error */); 880 false /* expect cert status error */);
889 881
890 // Navigate to a page that doesn't finish loading. Test that the 882 // Navigate to a page that doesn't finish loading. Test that the
891 // security state is neutral while the page is loading. 883 // security state is neutral while the page is loading.
892 browser()->OpenURL(content::OpenURLParams( 884 browser()->OpenURL(content::OpenURLParams(
893 embedded_test_server()->GetURL("/title1.html"), content::Referrer(), 885 embedded_test_server()->GetURL("/title1.html"), content::Referrer(),
894 WindowOpenDisposition::CURRENT_TAB, ui::PAGE_TRANSITION_TYPED, false)); 886 WindowOpenDisposition::CURRENT_TAB, ui::PAGE_TRANSITION_TYPED, false));
895 CheckSecurityInfoForNonSecure( 887 CheckSecurityInfoForNonSecure(
896 browser()->tab_strip_model()->GetActiveWebContents()); 888 browser()->tab_strip_model()->GetActiveWebContents());
897 } 889 }
898 890
899 // Tests that the NavigationEntry's flags for nonsecure password/credit
900 // card inputs are reflected in the VisibleSecurityState.
901 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest,
902 VisibleSecurityStateNonsecureFormInputs) {
903 ASSERT_TRUE(https_server_.Start());
904 ui_test_utils::NavigateToURL(browser(),
905 https_server_.GetURL("/ssl/google.html"));
906
907 content::WebContents* contents =
908 browser()->tab_strip_model()->GetActiveWebContents();
909 ASSERT_TRUE(contents);
910
911 ChromeSecurityStateModelClient* model_client =
912 ChromeSecurityStateModelClient::FromWebContents(contents);
913 ASSERT_TRUE(model_client);
914
915 // First, test that if the flags aren't set on the NavigationEntry,
916 // then they also aren't set on the VisibleSecurityState.
917 content::SSLStatus& ssl_status =
918 contents->GetController().GetVisibleEntry()->GetSSL();
919 ASSERT_FALSE(ssl_status.content_status &
920 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
921 ASSERT_FALSE(ssl_status.content_status &
922 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP);
923 SecurityStateModel::VisibleSecurityState
924 visible_security_state_no_sensitive_inputs;
925 model_client->GetVisibleSecurityState(
926 &visible_security_state_no_sensitive_inputs);
927 EXPECT_FALSE(visible_security_state_no_sensitive_inputs
928 .displayed_password_field_on_http);
929 EXPECT_FALSE(visible_security_state_no_sensitive_inputs
930 .displayed_credit_card_field_on_http);
931
932 // Now, set the flags on the NavigationEntry and test that they are
933 // reflected in the VisibleSecurityState.
934 ssl_status.content_status |=
935 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP;
936 ssl_status.content_status |=
937 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP;
938 SecurityStateModel::VisibleSecurityState
939 visible_security_state_sensitive_inputs;
940 model_client->GetVisibleSecurityState(
941 &visible_security_state_sensitive_inputs);
942 EXPECT_TRUE(
943 visible_security_state_sensitive_inputs.displayed_password_field_on_http);
944 EXPECT_TRUE(visible_security_state_sensitive_inputs
945 .displayed_credit_card_field_on_http);
946 }
947
948 // Tests that when a visible password field is detected on an HTTP page 891 // Tests that when a visible password field is detected on an HTTP page
949 // load, and when the command-line flag is set, the security level is 892 // load, and when the command-line flag is set, the security level is
950 // downgraded to HTTP_SHOW_WARNING. 893 // downgraded to HTTP_SHOW_WARNING.
951 IN_PROC_BROWSER_TEST_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 894 IN_PROC_BROWSER_TEST_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
952 PasswordSecurityLevelDowngraded) { 895 PasswordSecurityLevelDowngraded) {
953 content::WebContents* contents = 896 content::WebContents* contents =
954 browser()->tab_strip_model()->GetActiveWebContents(); 897 browser()->tab_strip_model()->GetActiveWebContents();
955 ASSERT_TRUE(contents); 898 ASSERT_TRUE(contents);
956 899
957 ChromeSecurityStateModelClient* model_client = 900 SecurityStateTabHelper* helper =
958 ChromeSecurityStateModelClient::FromWebContents(contents); 901 SecurityStateTabHelper::FromWebContents(contents);
959 ASSERT_TRUE(model_client); 902 ASSERT_TRUE(helper);
960 903
961 ui_test_utils::NavigateToURL( 904 ui_test_utils::NavigateToURL(
962 browser(), GetURLWithNonLocalHostname(embedded_test_server(), 905 browser(), GetURLWithNonLocalHostname(embedded_test_server(),
963 "/password/simple_password.html")); 906 "/password/simple_password.html"));
964 security_state::SecurityStateModel::SecurityInfo security_info; 907 security_state::SecurityInfo security_info;
965 model_client->GetSecurityInfo(&security_info); 908 helper->GetSecurityInfo(&security_info);
966 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 909 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
967 security_info.security_level);
968 910
969 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 911 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
970 ASSERT_TRUE(entry); 912 ASSERT_TRUE(entry);
971 EXPECT_TRUE(entry->GetSSL().content_status & 913 EXPECT_TRUE(entry->GetSSL().content_status &
972 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 914 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
973 } 915 }
974 916
975 // Tests that when an invisible password field is present on an HTTP page 917 // Tests that when an invisible password field is present on an HTTP page
976 // load, and when the command-line flag is set, the security level is 918 // load, and when the command-line flag is set, the security level is
977 // *not* downgraded to HTTP_SHOW_WARNING. 919 // *not* downgraded to HTTP_SHOW_WARNING.
978 IN_PROC_BROWSER_TEST_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 920 IN_PROC_BROWSER_TEST_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
979 PasswordSecurityLevelNotDowngradedForInvisibleInput) { 921 PasswordSecurityLevelNotDowngradedForInvisibleInput) {
980 content::WebContents* contents = 922 content::WebContents* contents =
981 browser()->tab_strip_model()->GetActiveWebContents(); 923 browser()->tab_strip_model()->GetActiveWebContents();
982 ASSERT_TRUE(contents); 924 ASSERT_TRUE(contents);
983 925
984 ChromeSecurityStateModelClient* model_client = 926 SecurityStateTabHelper* helper =
985 ChromeSecurityStateModelClient::FromWebContents(contents); 927 SecurityStateTabHelper::FromWebContents(contents);
986 ASSERT_TRUE(model_client); 928 ASSERT_TRUE(helper);
987 929
988 ui_test_utils::NavigateToURL( 930 ui_test_utils::NavigateToURL(
989 browser(), 931 browser(),
990 GetURLWithNonLocalHostname(embedded_test_server(), 932 GetURLWithNonLocalHostname(embedded_test_server(),
991 "/password/invisible_password.html")); 933 "/password/invisible_password.html"));
992 security_state::SecurityStateModel::SecurityInfo security_info; 934 security_state::SecurityInfo security_info;
993 model_client->GetSecurityInfo(&security_info); 935 helper->GetSecurityInfo(&security_info);
994 EXPECT_EQ(security_state::SecurityStateModel::NONE, 936 EXPECT_EQ(security_state::NONE, security_info.security_level);
995 security_info.security_level);
996 937
997 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 938 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
998 ASSERT_TRUE(entry); 939 ASSERT_TRUE(entry);
999 EXPECT_FALSE(entry->GetSSL().content_status & 940 EXPECT_FALSE(entry->GetSSL().content_status &
1000 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 941 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1001 } 942 }
1002 943
1003 // Tests that when a visible password field is detected inside an iframe 944 // Tests that when a visible password field is detected inside an iframe
1004 // on an HTTP page load, and when the command-line flag is set, the 945 // on an HTTP page load, and when the command-line flag is set, the
1005 // security level is downgraded to HTTP_SHOW_WARNING. 946 // security level is downgraded to HTTP_SHOW_WARNING.
1006 IN_PROC_BROWSER_TEST_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 947 IN_PROC_BROWSER_TEST_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
1007 PasswordSecurityLevelDowngradedFromIframe) { 948 PasswordSecurityLevelDowngradedFromIframe) {
1008 content::WebContents* contents = 949 content::WebContents* contents =
1009 browser()->tab_strip_model()->GetActiveWebContents(); 950 browser()->tab_strip_model()->GetActiveWebContents();
1010 ASSERT_TRUE(contents); 951 ASSERT_TRUE(contents);
1011 952
1012 ChromeSecurityStateModelClient* model_client = 953 SecurityStateTabHelper* helper =
1013 ChromeSecurityStateModelClient::FromWebContents(contents); 954 SecurityStateTabHelper::FromWebContents(contents);
1014 ASSERT_TRUE(model_client); 955 ASSERT_TRUE(helper);
1015 956
1016 ui_test_utils::NavigateToURL( 957 ui_test_utils::NavigateToURL(
1017 browser(), 958 browser(),
1018 GetURLWithNonLocalHostname(embedded_test_server(), 959 GetURLWithNonLocalHostname(embedded_test_server(),
1019 "/password/simple_password_in_iframe.html")); 960 "/password/simple_password_in_iframe.html"));
1020 security_state::SecurityStateModel::SecurityInfo security_info; 961 security_state::SecurityInfo security_info;
1021 model_client->GetSecurityInfo(&security_info); 962 helper->GetSecurityInfo(&security_info);
1022 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 963 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1023 security_info.security_level);
1024 964
1025 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 965 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1026 ASSERT_TRUE(entry); 966 ASSERT_TRUE(entry);
1027 EXPECT_TRUE(entry->GetSSL().content_status & 967 EXPECT_TRUE(entry->GetSSL().content_status &
1028 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 968 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1029 } 969 }
1030 970
1031 // Tests that when a visible password field is detected inside an iframe 971 // Tests that when a visible password field is detected inside an iframe
1032 // on an HTTP page load, and when the command-line flag is set, the 972 // on an HTTP page load, and when the command-line flag is set, the
1033 // security level is downgraded to HTTP_SHOW_WARNING, even if the iframe 973 // security level is downgraded to HTTP_SHOW_WARNING, even if the iframe
1034 // itself was loaded over HTTPS. 974 // itself was loaded over HTTPS.
1035 #if defined(OS_LINUX) 975 #if defined(OS_LINUX)
1036 // Flaky on Linux. See https://crbug.com/662485. 976 // Flaky on Linux. See https://crbug.com/662485.
1037 #define MAYBE_PasswordSecurityLevelDowngradedFromHttpsIframe \ 977 #define MAYBE_PasswordSecurityLevelDowngradedFromHttpsIframe \
1038 DISABLED_PasswordSecurityLevelDowngradedFromHttpsIframe 978 DISABLED_PasswordSecurityLevelDowngradedFromHttpsIframe
1039 #else 979 #else
1040 #define MAYBE_PasswordSecurityLevelDowngradedFromHttpsIframe \ 980 #define MAYBE_PasswordSecurityLevelDowngradedFromHttpsIframe \
1041 PasswordSecurityLevelDowngradedFromHttpsIframe 981 PasswordSecurityLevelDowngradedFromHttpsIframe
1042 #endif 982 #endif
1043 IN_PROC_BROWSER_TEST_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 983 IN_PROC_BROWSER_TEST_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
1044 MAYBE_PasswordSecurityLevelDowngradedFromHttpsIframe) { 984 MAYBE_PasswordSecurityLevelDowngradedFromHttpsIframe) {
1045 content::WebContents* contents = 985 content::WebContents* contents =
1046 browser()->tab_strip_model()->GetActiveWebContents(); 986 browser()->tab_strip_model()->GetActiveWebContents();
1047 ASSERT_TRUE(contents); 987 ASSERT_TRUE(contents);
1048 988
1049 ChromeSecurityStateModelClient* model_client = 989 SecurityStateTabHelper* helper =
1050 ChromeSecurityStateModelClient::FromWebContents(contents); 990 SecurityStateTabHelper::FromWebContents(contents);
1051 ASSERT_TRUE(model_client); 991 ASSERT_TRUE(helper);
1052 992
1053 // Navigate to an HTTP URL, which loads an iframe using the host and port of 993 // Navigate to an HTTP URL, which loads an iframe using the host and port of
1054 // |https_server_|. 994 // |https_server_|.
1055 std::string replacement_path; 995 std::string replacement_path;
1056 GetFilePathWithHostAndPortReplacement( 996 GetFilePathWithHostAndPortReplacement(
1057 "/password/simple_password_in_https_iframe.html", 997 "/password/simple_password_in_https_iframe.html",
1058 https_server_.host_port_pair(), &replacement_path); 998 https_server_.host_port_pair(), &replacement_path);
1059 ui_test_utils::NavigateToURL( 999 ui_test_utils::NavigateToURL(
1060 browser(), 1000 browser(),
1061 GetURLWithNonLocalHostname(embedded_test_server(), replacement_path)); 1001 GetURLWithNonLocalHostname(embedded_test_server(), replacement_path));
1062 security_state::SecurityStateModel::SecurityInfo security_info; 1002 security_state::SecurityInfo security_info;
1063 model_client->GetSecurityInfo(&security_info); 1003 helper->GetSecurityInfo(&security_info);
1064 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1004 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1065 security_info.security_level);
1066 1005
1067 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1006 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1068 ASSERT_TRUE(entry); 1007 ASSERT_TRUE(entry);
1069 EXPECT_TRUE(entry->GetSSL().content_status & 1008 EXPECT_TRUE(entry->GetSSL().content_status &
1070 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1009 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1071 } 1010 }
1072 1011
1073 // Tests that when a visible password field is detected on an HTTP page 1012 // Tests that when a visible password field is detected on an HTTP page
1074 // load, and when the command-line flag is *not* set, the security level is 1013 // load, and when the command-line flag is *not* set, the security level is
1075 // *not* downgraded to HTTP_SHOW_WARNING. 1014 // *not* downgraded to HTTP_SHOW_WARNING.
1076 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, 1015 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
1077 PasswordSecurityLevelNotDowngradedWithoutSwitch) { 1016 PasswordSecurityLevelNotDowngradedWithoutSwitch) {
1078 ASSERT_TRUE(embedded_test_server()->Start()); 1017 ASSERT_TRUE(embedded_test_server()->Start());
1079 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 1018 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
1080 1019
1081 content::WebContents* contents = 1020 content::WebContents* contents =
1082 browser()->tab_strip_model()->GetActiveWebContents(); 1021 browser()->tab_strip_model()->GetActiveWebContents();
1083 ASSERT_TRUE(contents); 1022 ASSERT_TRUE(contents);
1084 1023
1085 ChromeSecurityStateModelClient* model_client = 1024 SecurityStateTabHelper* helper =
1086 ChromeSecurityStateModelClient::FromWebContents(contents); 1025 SecurityStateTabHelper::FromWebContents(contents);
1087 ASSERT_TRUE(model_client); 1026 ASSERT_TRUE(helper);
1088 1027
1089 ui_test_utils::NavigateToURL( 1028 ui_test_utils::NavigateToURL(
1090 browser(), GetURLWithNonLocalHostname(embedded_test_server(), 1029 browser(), GetURLWithNonLocalHostname(embedded_test_server(),
1091 "/password/simple_password.html")); 1030 "/password/simple_password.html"));
1092 // The security level should not be HTTP_SHOW_WARNING, because the 1031 // The security level should not be HTTP_SHOW_WARNING, because the
1093 // command-line switch was not set. 1032 // command-line switch was not set.
1094 security_state::SecurityStateModel::SecurityInfo security_info; 1033 security_state::SecurityInfo security_info;
1095 model_client->GetSecurityInfo(&security_info); 1034 helper->GetSecurityInfo(&security_info);
1096 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1035 EXPECT_EQ(security_state::NONE, security_info.security_level);
1097 security_info.security_level);
1098 1036
1099 // The appropriate SSLStatus flags should be set, however. 1037 // The appropriate SSLStatus flags should be set, however.
1100 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1038 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1101 ASSERT_TRUE(entry); 1039 ASSERT_TRUE(entry);
1102 EXPECT_TRUE(entry->GetSSL().content_status & 1040 EXPECT_TRUE(entry->GetSSL().content_status &
1103 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1041 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1104 } 1042 }
1105 1043
1106 // Tests that when a visible password field is detected on an HTTPS page 1044 // Tests that when a visible password field is detected on an HTTPS page
1107 // load, and when the command-line flag is set, the security level is 1045 // load, and when the command-line flag is set, the security level is
1108 // *not* downgraded to HTTP_SHOW_WARNING. 1046 // *not* downgraded to HTTP_SHOW_WARNING.
1109 IN_PROC_BROWSER_TEST_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1047 IN_PROC_BROWSER_TEST_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
1110 PasswordSecurityLevelNotDowngradedOnHttps) { 1048 PasswordSecurityLevelNotDowngradedOnHttps) {
1111 content::WebContents* contents = 1049 content::WebContents* contents =
1112 browser()->tab_strip_model()->GetActiveWebContents(); 1050 browser()->tab_strip_model()->GetActiveWebContents();
1113 ASSERT_TRUE(contents); 1051 ASSERT_TRUE(contents);
1114 1052
1115 ChromeSecurityStateModelClient* model_client = 1053 SecurityStateTabHelper* helper =
1116 ChromeSecurityStateModelClient::FromWebContents(contents); 1054 SecurityStateTabHelper::FromWebContents(contents);
1117 ASSERT_TRUE(model_client); 1055 ASSERT_TRUE(helper);
1118 1056
1119 GURL url = GetURLWithNonLocalHostname(&https_server_, 1057 GURL url = GetURLWithNonLocalHostname(&https_server_,
1120 "/password/simple_password.html"); 1058 "/password/simple_password.html");
1121 ui_test_utils::NavigateToURL(browser(), url); 1059 ui_test_utils::NavigateToURL(browser(), url);
1122 // The security level should not be HTTP_SHOW_WARNING, because the page was 1060 // The security level should not be HTTP_SHOW_WARNING, because the page was
1123 // HTTPS instead of HTTP. 1061 // HTTPS instead of HTTP.
1124 security_state::SecurityStateModel::SecurityInfo security_info; 1062 security_state::SecurityInfo security_info;
1125 model_client->GetSecurityInfo(&security_info); 1063 helper->GetSecurityInfo(&security_info);
1126 EXPECT_EQ(security_state::SecurityStateModel::SECURE, 1064 EXPECT_EQ(security_state::SECURE, security_info.security_level);
1127 security_info.security_level);
1128 1065
1129 // The SSLStatus flags should only be set if the top-level page load was HTTP, 1066 // The SSLStatus flags should only be set if the top-level page load was HTTP,
1130 // which it was not in this case. 1067 // which it was not in this case.
1131 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1068 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1132 ASSERT_TRUE(entry); 1069 ASSERT_TRUE(entry);
1133 EXPECT_FALSE(entry->GetSSL().content_status & 1070 EXPECT_FALSE(entry->GetSSL().content_status &
1134 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1071 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1135 } 1072 }
1136 1073
1137 // A Browser subclass that keeps track of messages that have been 1074 // A Browser subclass that keeps track of messages that have been
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
1195 ConsoleWebContentsDelegate* delegate) { 1132 ConsoleWebContentsDelegate* delegate) {
1196 const std::vector<base::string16>& messages = delegate->console_messages(); 1133 const std::vector<base::string16>& messages = delegate->console_messages();
1197 ASSERT_EQ(1u, messages.size()); 1134 ASSERT_EQ(1u, messages.size());
1198 EXPECT_NE(base::string16::npos, 1135 EXPECT_NE(base::string16::npos,
1199 messages[0].find(base::ASCIIToUTF16("warning will be added"))); 1136 messages[0].find(base::ASCIIToUTF16("warning will be added")));
1200 } 1137 }
1201 1138
1202 // Tests that console messages are printed upon a call to 1139 // Tests that console messages are printed upon a call to
1203 // GetSecurityInfo() on an HTTP_SHOW_WARNING page, exactly once per 1140 // GetSecurityInfo() on an HTTP_SHOW_WARNING page, exactly once per
1204 // main-frame navigation. 1141 // main-frame navigation.
1205 IN_PROC_BROWSER_TEST_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1142 IN_PROC_BROWSER_TEST_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
1206 ConsoleMessage) { 1143 ConsoleMessage) {
1207 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1144 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1208 Browser::CreateParams(browser()->profile())); 1145 Browser::CreateParams(browser()->profile()));
1209 content::WebContents* original_contents = 1146 content::WebContents* original_contents =
1210 browser()->tab_strip_model()->GetActiveWebContents(); 1147 browser()->tab_strip_model()->GetActiveWebContents();
1211 content::WebContents* contents = 1148 content::WebContents* contents =
1212 content::WebContents::Create(content::WebContents::CreateParams( 1149 content::WebContents::Create(content::WebContents::CreateParams(
1213 original_contents->GetBrowserContext())); 1150 original_contents->GetBrowserContext()));
1214 ASSERT_TRUE(contents); 1151 ASSERT_TRUE(contents);
1215 contents->SetDelegate(delegate); 1152 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1228 EXPECT_EQ(http_url, entry->GetURL()); 1165 EXPECT_EQ(http_url, entry->GetURL());
1229 EXPECT_TRUE(delegate->console_messages().empty()); 1166 EXPECT_TRUE(delegate->console_messages().empty());
1230 1167
1231 // Trigger the HTTP_SHOW_WARNING state. 1168 // Trigger the HTTP_SHOW_WARNING state.
1232 base::RunLoop first_message; 1169 base::RunLoop first_message;
1233 delegate->set_console_message_callback(first_message.QuitClosure()); 1170 delegate->set_console_message_callback(first_message.QuitClosure());
1234 contents->OnPasswordInputShownOnHttp(); 1171 contents->OnPasswordInputShownOnHttp();
1235 first_message.Run(); 1172 first_message.Run();
1236 1173
1237 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1174 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1238 ChromeSecurityStateModelClient* client = 1175 SecurityStateTabHelper* helper =
1239 ChromeSecurityStateModelClient::FromWebContents(contents); 1176 SecurityStateTabHelper::FromWebContents(contents);
1240 ASSERT_TRUE(client); 1177 ASSERT_TRUE(helper);
1241 security_state::SecurityStateModel::SecurityInfo security_info; 1178 security_state::SecurityInfo security_info;
1242 client->GetSecurityInfo(&security_info); 1179 helper->GetSecurityInfo(&security_info);
1243 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1180 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1244 security_info.security_level);
1245 1181
1246 // Check that the expected console message is present. 1182 // Check that the expected console message is present.
1247 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1183 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1248 delegate->ClearConsoleMessages(); 1184 delegate->ClearConsoleMessages();
1249 1185
1250 // Two subsequent triggers of VisibleSecurityStateChanged -- one on the 1186 // Two subsequent triggers of VisibleSecurityStateChanged -- one on the
1251 // same navigation and one on another navigation -- should only result 1187 // same navigation and one on another navigation -- should only result
1252 // in one additional console message. 1188 // in one additional console message.
1253 contents->OnCreditCardInputShownOnHttp(); 1189 contents->OnCreditCardInputShownOnHttp();
1254 GURL second_http_url = 1190 GURL second_http_url =
1255 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html"); 1191 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html");
1256 ui_test_utils::NavigateToURL(delegate, second_http_url); 1192 ui_test_utils::NavigateToURL(delegate, second_http_url);
1257 entry = contents->GetController().GetVisibleEntry(); 1193 entry = contents->GetController().GetVisibleEntry();
1258 ASSERT_TRUE(entry); 1194 ASSERT_TRUE(entry);
1259 EXPECT_EQ(second_http_url, entry->GetURL()); 1195 EXPECT_EQ(second_http_url, entry->GetURL());
1260 1196
1261 base::RunLoop second_message; 1197 base::RunLoop second_message;
1262 delegate->set_console_message_callback(second_message.QuitClosure()); 1198 delegate->set_console_message_callback(second_message.QuitClosure());
1263 contents->OnPasswordInputShownOnHttp(); 1199 contents->OnPasswordInputShownOnHttp();
1264 second_message.Run(); 1200 second_message.Run();
1265 1201
1266 client->GetSecurityInfo(&security_info); 1202 helper->GetSecurityInfo(&security_info);
1267 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1203 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1268 security_info.security_level);
1269 1204
1270 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1205 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1271 } 1206 }
1272 1207
1273 // Tests that console messages are printed upon a call to 1208 // Tests that console messages are printed upon a call to
1274 // GetSecurityInfo() on a NONE page that will be marked 1209 // GetSecurityInfo() on a NONE page that will be marked
1275 // HTTP_SHOW_WARNING in future, exactly once per main-frame navigation. 1210 // HTTP_SHOW_WARNING in future, exactly once per main-frame navigation.
1276 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, ConsoleMessage) { 1211 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, ConsoleMessage) {
1277 ASSERT_TRUE(embedded_test_server()->Start()); 1212 ASSERT_TRUE(embedded_test_server()->Start());
1278 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host()); 1213 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
1279 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1214 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1280 Browser::CreateParams(browser()->profile())); 1215 Browser::CreateParams(browser()->profile()));
1281 content::WebContents* original_contents = 1216 content::WebContents* original_contents =
1282 browser()->tab_strip_model()->GetActiveWebContents(); 1217 browser()->tab_strip_model()->GetActiveWebContents();
1283 content::WebContents* contents = 1218 content::WebContents* contents =
1284 content::WebContents::Create(content::WebContents::CreateParams( 1219 content::WebContents::Create(content::WebContents::CreateParams(
1285 original_contents->GetBrowserContext())); 1220 original_contents->GetBrowserContext()));
1286 ASSERT_TRUE(contents); 1221 ASSERT_TRUE(contents);
(...skipping 13 matching lines...) Expand all
1300 EXPECT_EQ(http_url, entry->GetURL()); 1235 EXPECT_EQ(http_url, entry->GetURL());
1301 EXPECT_TRUE(delegate->console_messages().empty()); 1236 EXPECT_TRUE(delegate->console_messages().empty());
1302 1237
1303 // Trigger the a state that will be marked as HTTP_SHOW_WARNING in future. 1238 // Trigger the a state that will be marked as HTTP_SHOW_WARNING in future.
1304 base::RunLoop first_message; 1239 base::RunLoop first_message;
1305 delegate->set_console_message_callback(first_message.QuitClosure()); 1240 delegate->set_console_message_callback(first_message.QuitClosure());
1306 contents->OnPasswordInputShownOnHttp(); 1241 contents->OnPasswordInputShownOnHttp();
1307 first_message.Run(); 1242 first_message.Run();
1308 1243
1309 // Check that the correct state was actually triggered. 1244 // Check that the correct state was actually triggered.
1310 ChromeSecurityStateModelClient* client = 1245 SecurityStateTabHelper* helper =
1311 ChromeSecurityStateModelClient::FromWebContents(contents); 1246 SecurityStateTabHelper::FromWebContents(contents);
1312 ASSERT_TRUE(client); 1247 ASSERT_TRUE(helper);
1313 security_state::SecurityStateModel::SecurityInfo security_info; 1248 security_state::SecurityInfo security_info;
1314 client->GetSecurityInfo(&security_info); 1249 helper->GetSecurityInfo(&security_info);
1315 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1250 EXPECT_EQ(security_state::NONE, security_info.security_level);
1316 security_info.security_level);
1317 EXPECT_TRUE(security_info.displayed_password_field_on_http); 1251 EXPECT_TRUE(security_info.displayed_password_field_on_http);
1318 1252
1319 // Check that the expected console message is present. 1253 // Check that the expected console message is present.
1320 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate)); 1254 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate));
1321 delegate->ClearConsoleMessages(); 1255 delegate->ClearConsoleMessages();
1322 1256
1323 // Two subsequent triggers of VisibleSecurityStateChanged -- one on the 1257 // Two subsequent triggers of VisibleSecurityStateChanged -- one on the
1324 // same navigation and one on another navigation -- should only result 1258 // same navigation and one on another navigation -- should only result
1325 // in one additional console message. 1259 // in one additional console message.
1326 contents->OnCreditCardInputShownOnHttp(); 1260 contents->OnCreditCardInputShownOnHttp();
1327 GURL second_http_url = 1261 GURL second_http_url =
1328 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html"); 1262 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html");
1329 ui_test_utils::NavigateToURL(delegate, second_http_url); 1263 ui_test_utils::NavigateToURL(delegate, second_http_url);
1330 entry = contents->GetController().GetVisibleEntry(); 1264 entry = contents->GetController().GetVisibleEntry();
1331 ASSERT_TRUE(entry); 1265 ASSERT_TRUE(entry);
1332 EXPECT_EQ(second_http_url, entry->GetURL()); 1266 EXPECT_EQ(second_http_url, entry->GetURL());
1333 1267
1334 base::RunLoop second_message; 1268 base::RunLoop second_message;
1335 delegate->set_console_message_callback(second_message.QuitClosure()); 1269 delegate->set_console_message_callback(second_message.QuitClosure());
1336 contents->OnPasswordInputShownOnHttp(); 1270 contents->OnPasswordInputShownOnHttp();
1337 second_message.Run(); 1271 second_message.Run();
1338 1272
1339 client->GetSecurityInfo(&security_info); 1273 helper->GetSecurityInfo(&security_info);
1340 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1274 EXPECT_EQ(security_state::NONE, security_info.security_level);
1341 security_info.security_level);
1342 EXPECT_TRUE(security_info.displayed_password_field_on_http); 1275 EXPECT_TRUE(security_info.displayed_password_field_on_http);
1343 EXPECT_FALSE(security_info.displayed_credit_card_field_on_http); 1276 EXPECT_FALSE(security_info.displayed_credit_card_field_on_http);
1344 1277
1345 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate)); 1278 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate));
1346 delegate->ClearConsoleMessages(); 1279 delegate->ClearConsoleMessages();
1347 1280
1348 // Check that a console message is printed for credit card field shown. 1281 // Check that a console message is printed for credit card field shown.
1349 ui_test_utils::NavigateToURL(delegate, http_url); 1282 ui_test_utils::NavigateToURL(delegate, http_url);
1350 entry = contents->GetController().GetVisibleEntry(); 1283 entry = contents->GetController().GetVisibleEntry();
1351 ASSERT_TRUE(entry); 1284 ASSERT_TRUE(entry);
1352 EXPECT_EQ(http_url, entry->GetURL()); 1285 EXPECT_EQ(http_url, entry->GetURL());
1353 1286
1354 base::RunLoop third_message; 1287 base::RunLoop third_message;
1355 delegate->set_console_message_callback(third_message.QuitClosure()); 1288 delegate->set_console_message_callback(third_message.QuitClosure());
1356 contents->OnCreditCardInputShownOnHttp(); 1289 contents->OnCreditCardInputShownOnHttp();
1357 third_message.Run(); 1290 third_message.Run();
1358 1291
1359 client->GetSecurityInfo(&security_info); 1292 helper->GetSecurityInfo(&security_info);
1360 EXPECT_EQ(security_state::SecurityStateModel::NONE, 1293 EXPECT_EQ(security_state::NONE, security_info.security_level);
1361 security_info.security_level);
1362 EXPECT_TRUE(security_info.displayed_credit_card_field_on_http); 1294 EXPECT_TRUE(security_info.displayed_credit_card_field_on_http);
1363 1295
1364 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate)); 1296 ASSERT_NO_FATAL_FAILURE(CheckForOneFutureHttpWarningConsoleMessage(delegate));
1365 } 1297 }
1366 1298
1367 // Tests that additional HTTP_SHOW_WARNING console messages are not 1299 // Tests that additional HTTP_SHOW_WARNING console messages are not
1368 // printed after subframe navigations. 1300 // printed after subframe navigations.
1369 IN_PROC_BROWSER_TEST_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1301 IN_PROC_BROWSER_TEST_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
1370 ConsoleMessageNotPrintedForFrameNavigation) { 1302 ConsoleMessageNotPrintedForFrameNavigation) {
1371 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1303 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1372 Browser::CreateParams(browser()->profile())); 1304 Browser::CreateParams(browser()->profile()));
1373 content::WebContents* original_contents = 1305 content::WebContents* original_contents =
1374 browser()->tab_strip_model()->GetActiveWebContents(); 1306 browser()->tab_strip_model()->GetActiveWebContents();
1375 content::WebContents* contents = 1307 content::WebContents* contents =
1376 content::WebContents::Create(content::WebContents::CreateParams( 1308 content::WebContents::Create(content::WebContents::CreateParams(
1377 original_contents->GetBrowserContext())); 1309 original_contents->GetBrowserContext()));
1378 ASSERT_TRUE(contents); 1310 ASSERT_TRUE(contents);
1379 contents->SetDelegate(delegate); 1311 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1392 EXPECT_EQ(http_url, entry->GetURL()); 1324 EXPECT_EQ(http_url, entry->GetURL());
1393 EXPECT_TRUE(delegate->console_messages().empty()); 1325 EXPECT_TRUE(delegate->console_messages().empty());
1394 1326
1395 // Trigger the HTTP_SHOW_WARNING state. 1327 // Trigger the HTTP_SHOW_WARNING state.
1396 base::RunLoop first_message; 1328 base::RunLoop first_message;
1397 delegate->set_console_message_callback(first_message.QuitClosure()); 1329 delegate->set_console_message_callback(first_message.QuitClosure());
1398 contents->OnPasswordInputShownOnHttp(); 1330 contents->OnPasswordInputShownOnHttp();
1399 first_message.Run(); 1331 first_message.Run();
1400 1332
1401 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1333 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1402 ChromeSecurityStateModelClient* client = 1334 SecurityStateTabHelper* helper =
1403 ChromeSecurityStateModelClient::FromWebContents(contents); 1335 SecurityStateTabHelper::FromWebContents(contents);
1404 ASSERT_TRUE(client); 1336 ASSERT_TRUE(helper);
1405 security_state::SecurityStateModel::SecurityInfo security_info; 1337 security_state::SecurityInfo security_info;
1406 client->GetSecurityInfo(&security_info); 1338 helper->GetSecurityInfo(&security_info);
1407 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1339 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1408 security_info.security_level);
1409 1340
1410 // Check that the expected console message is present. 1341 // Check that the expected console message is present.
1411 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1342 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1412 delegate->ClearConsoleMessages(); 1343 delegate->ClearConsoleMessages();
1413 1344
1414 // Navigate the subframe and trigger VisibleSecurityStateChanged 1345 // Navigate the subframe and trigger VisibleSecurityStateChanged
1415 // again. While the security level is still HTTP_SHOW_WARNING, an 1346 // again. While the security level is still HTTP_SHOW_WARNING, an
1416 // additional console message should not be logged because there was 1347 // additional console message should not be logged because there was
1417 // already a console message logged for the current main-frame 1348 // already a console message logged for the current main-frame
1418 // navigation. 1349 // navigation.
1419 content::WindowedNotificationObserver subframe_observer( 1350 content::WindowedNotificationObserver subframe_observer(
1420 content::NOTIFICATION_LOAD_STOP, 1351 content::NOTIFICATION_LOAD_STOP,
1421 content::Source<content::NavigationController>( 1352 content::Source<content::NavigationController>(
1422 &contents->GetController())); 1353 &contents->GetController()));
1423 EXPECT_TRUE(content::ExecuteScript( 1354 EXPECT_TRUE(content::ExecuteScript(
1424 contents, "document.getElementById('navFrame').src = '/title2.html';")); 1355 contents, "document.getElementById('navFrame').src = '/title2.html';"));
1425 subframe_observer.Wait(); 1356 subframe_observer.Wait();
1426 contents->OnCreditCardInputShownOnHttp(); 1357 contents->OnCreditCardInputShownOnHttp();
1427 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1358 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1428 security_info.security_level);
1429 1359
1430 // Do a main frame navigation and then trigger HTTP_SHOW_WARNING 1360 // Do a main frame navigation and then trigger HTTP_SHOW_WARNING
1431 // again. From the above subframe navigation and this main-frame 1361 // again. From the above subframe navigation and this main-frame
1432 // navigation, exactly one console message is expected. 1362 // navigation, exactly one console message is expected.
1433 GURL second_http_url = 1363 GURL second_http_url =
1434 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html"); 1364 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html");
1435 ui_test_utils::NavigateToURL(delegate, second_http_url); 1365 ui_test_utils::NavigateToURL(delegate, second_http_url);
1436 entry = contents->GetController().GetVisibleEntry(); 1366 entry = contents->GetController().GetVisibleEntry();
1437 ASSERT_TRUE(entry); 1367 ASSERT_TRUE(entry);
1438 EXPECT_EQ(second_http_url, entry->GetURL()); 1368 EXPECT_EQ(second_http_url, entry->GetURL());
1439 1369
1440 base::RunLoop second_message; 1370 base::RunLoop second_message;
1441 delegate->set_console_message_callback(second_message.QuitClosure()); 1371 delegate->set_console_message_callback(second_message.QuitClosure());
1442 contents->OnPasswordInputShownOnHttp(); 1372 contents->OnPasswordInputShownOnHttp();
1443 second_message.Run(); 1373 second_message.Run();
1444 1374
1445 client->GetSecurityInfo(&security_info); 1375 helper->GetSecurityInfo(&security_info);
1446 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1376 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1447 security_info.security_level);
1448 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1377 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1449 } 1378 }
1450 1379
1451 // Tests that additional HTTP_SHOW_WARNING console messages are not 1380 // Tests that additional HTTP_SHOW_WARNING console messages are not
1452 // printed after pushState navigations. 1381 // printed after pushState navigations.
1453 IN_PROC_BROWSER_TEST_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1382 IN_PROC_BROWSER_TEST_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
1454 ConsoleMessageNotPrintedForPushStateNavigation) { 1383 ConsoleMessageNotPrintedForPushStateNavigation) {
1455 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate( 1384 ConsoleWebContentsDelegate* delegate = new ConsoleWebContentsDelegate(
1456 Browser::CreateParams(browser()->profile())); 1385 Browser::CreateParams(browser()->profile()));
1457 content::WebContents* original_contents = 1386 content::WebContents* original_contents =
1458 browser()->tab_strip_model()->GetActiveWebContents(); 1387 browser()->tab_strip_model()->GetActiveWebContents();
1459 content::WebContents* contents = 1388 content::WebContents* contents =
1460 content::WebContents::Create(content::WebContents::CreateParams( 1389 content::WebContents::Create(content::WebContents::CreateParams(
1461 original_contents->GetBrowserContext())); 1390 original_contents->GetBrowserContext()));
1462 ASSERT_TRUE(contents); 1391 ASSERT_TRUE(contents);
1463 contents->SetDelegate(delegate); 1392 contents->SetDelegate(delegate);
(...skipping 12 matching lines...) Expand all
1476 EXPECT_EQ(http_url, entry->GetURL()); 1405 EXPECT_EQ(http_url, entry->GetURL());
1477 EXPECT_TRUE(delegate->console_messages().empty()); 1406 EXPECT_TRUE(delegate->console_messages().empty());
1478 1407
1479 // Trigger the HTTP_SHOW_WARNING state. 1408 // Trigger the HTTP_SHOW_WARNING state.
1480 base::RunLoop first_message; 1409 base::RunLoop first_message;
1481 delegate->set_console_message_callback(first_message.QuitClosure()); 1410 delegate->set_console_message_callback(first_message.QuitClosure());
1482 contents->OnPasswordInputShownOnHttp(); 1411 contents->OnPasswordInputShownOnHttp();
1483 first_message.Run(); 1412 first_message.Run();
1484 1413
1485 // Check that the HTTP_SHOW_WARNING state was actually triggered. 1414 // Check that the HTTP_SHOW_WARNING state was actually triggered.
1486 ChromeSecurityStateModelClient* client = 1415 SecurityStateTabHelper* helper =
1487 ChromeSecurityStateModelClient::FromWebContents(contents); 1416 SecurityStateTabHelper::FromWebContents(contents);
1488 ASSERT_TRUE(client); 1417 ASSERT_TRUE(helper);
1489 security_state::SecurityStateModel::SecurityInfo security_info; 1418 security_state::SecurityInfo security_info;
1490 client->GetSecurityInfo(&security_info); 1419 helper->GetSecurityInfo(&security_info);
1491 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1420 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1492 security_info.security_level);
1493 1421
1494 // Check that the expected console message is present. 1422 // Check that the expected console message is present.
1495 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1423 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1496 delegate->ClearConsoleMessages(); 1424 delegate->ClearConsoleMessages();
1497 1425
1498 // Navigate with pushState and trigger VisibleSecurityStateChanged 1426 // Navigate with pushState and trigger VisibleSecurityStateChanged
1499 // again. While the security level is still HTTP_SHOW_WARNING, an 1427 // again. While the security level is still HTTP_SHOW_WARNING, an
1500 // additional console message should not be logged because there was 1428 // additional console message should not be logged because there was
1501 // already a console message logged for the current main-frame 1429 // already a console message logged for the current main-frame
1502 // navigation. 1430 // navigation.
1503 EXPECT_TRUE(content::ExecuteScript( 1431 EXPECT_TRUE(content::ExecuteScript(
1504 contents, "history.pushState({ foo: 'bar' }, 'foo', 'bar');")); 1432 contents, "history.pushState({ foo: 'bar' }, 'foo', 'bar');"));
1505 contents->OnCreditCardInputShownOnHttp(); 1433 contents->OnCreditCardInputShownOnHttp();
1506 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1434 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1507 security_info.security_level);
1508 1435
1509 // Do a main frame navigation and then trigger HTTP_SHOW_WARNING 1436 // Do a main frame navigation and then trigger HTTP_SHOW_WARNING
1510 // again. From the above pushState navigation and this main-frame 1437 // again. From the above pushState navigation and this main-frame
1511 // navigation, exactly one console message is expected. 1438 // navigation, exactly one console message is expected.
1512 GURL second_http_url = 1439 GURL second_http_url =
1513 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html"); 1440 GetURLWithNonLocalHostname(embedded_test_server(), "/title2.html");
1514 ui_test_utils::NavigateToURL(delegate, second_http_url); 1441 ui_test_utils::NavigateToURL(delegate, second_http_url);
1515 entry = contents->GetController().GetVisibleEntry(); 1442 entry = contents->GetController().GetVisibleEntry();
1516 ASSERT_TRUE(entry); 1443 ASSERT_TRUE(entry);
1517 EXPECT_EQ(second_http_url, entry->GetURL()); 1444 EXPECT_EQ(second_http_url, entry->GetURL());
1518 1445
1519 base::RunLoop second_message; 1446 base::RunLoop second_message;
1520 delegate->set_console_message_callback(second_message.QuitClosure()); 1447 delegate->set_console_message_callback(second_message.QuitClosure());
1521 contents->OnPasswordInputShownOnHttp(); 1448 contents->OnPasswordInputShownOnHttp();
1522 second_message.Run(); 1449 second_message.Run();
1523 1450
1524 client->GetSecurityInfo(&security_info); 1451 helper->GetSecurityInfo(&security_info);
1525 EXPECT_EQ(security_state::SecurityStateModel::HTTP_SHOW_WARNING, 1452 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1526 security_info.security_level);
1527 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate)); 1453 ASSERT_NO_FATAL_FAILURE(CheckForOneHttpWarningConsoleMessage(delegate));
1528 } 1454 }
1529 1455
1530 INSTANTIATE_TEST_CASE_P(ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1456 INSTANTIATE_TEST_CASE_P(SecurityStateTabHelperTestWithPasswordCcSwitch,
1531 ChromeSecurityStateModelClientTestWithPasswordCcSwitch, 1457 SecurityStateTabHelperTestWithPasswordCcSwitch,
1532 // Here 'true' means that the omnibox warning + form 1458 // Here 'true' means that the omnibox warning + form
1533 // warning are enabled, and 'false' means just the 1459 // warning are enabled, and 'false' means just the
1534 // omnibox warning is enabled. 1460 // omnibox warning is enabled.
1535 testing::Bool()); 1461 testing::Bool());
1536 1462
1537 // Tests that the SecurityStateModel for a WebContents is up to date 1463 // Tests that the security state for a WebContents is up to date when the
1538 // when the WebContents is inserted into a Browser's TabStripModel. 1464 // WebContents is inserted into a Browser's TabStripModel.
1539 IN_PROC_BROWSER_TEST_F(ChromeSecurityStateModelClientTest, AddedTab) { 1465 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, AddedTab) {
1540 ASSERT_TRUE(https_server_.Start()); 1466 ASSERT_TRUE(https_server_.Start());
1541 SetUpMockCertVerifierForHttpsServer(0, net::OK); 1467 SetUpMockCertVerifierForHttpsServer(0, net::OK);
1542 1468
1543 content::WebContents* tab = 1469 content::WebContents* tab =
1544 browser()->tab_strip_model()->GetActiveWebContents(); 1470 browser()->tab_strip_model()->GetActiveWebContents();
1545 ASSERT_TRUE(tab); 1471 ASSERT_TRUE(tab);
1546 1472
1547 content::WebContents* new_contents = content::WebContents::Create( 1473 content::WebContents* new_contents = content::WebContents::Create(
1548 content::WebContents::CreateParams(tab->GetBrowserContext())); 1474 content::WebContents::CreateParams(tab->GetBrowserContext()));
1549 content::NavigationController& controller = new_contents->GetController(); 1475 content::NavigationController& controller = new_contents->GetController();
1550 ChromeSecurityStateModelClient::CreateForWebContents(new_contents); 1476 SecurityStateTabHelper::CreateForWebContents(new_contents);
1551 CheckSecurityInfoForNonSecure(new_contents); 1477 CheckSecurityInfoForNonSecure(new_contents);
1552 controller.LoadURL(https_server_.GetURL("/title1.html"), content::Referrer(), 1478 controller.LoadURL(https_server_.GetURL("/title1.html"), content::Referrer(),
1553 ui::PAGE_TRANSITION_TYPED, std::string()); 1479 ui::PAGE_TRANSITION_TYPED, std::string());
1554 EXPECT_TRUE(content::WaitForLoadStop(new_contents)); 1480 EXPECT_TRUE(content::WaitForLoadStop(new_contents));
1555 CheckSecurityInfoForSecure(new_contents, SecurityStateModel::SECURE, 1481 CheckSecurityInfoForSecure(new_contents, security_state::SECURE,
1556 SecurityStateModel::NO_DEPRECATED_SHA1, 1482 security_state::NO_DEPRECATED_SHA1,
1557 SecurityStateModel::CONTENT_STATUS_NONE, false, 1483 security_state::CONTENT_STATUS_NONE, false,
1558 false /* expect cert status error */); 1484 false /* expect cert status error */);
1559 1485
1560 browser()->tab_strip_model()->InsertWebContentsAt(0, new_contents, 1486 browser()->tab_strip_model()->InsertWebContentsAt(0, new_contents,
1561 TabStripModel::ADD_NONE); 1487 TabStripModel::ADD_NONE);
1562 CheckSecurityInfoForSecure(new_contents, SecurityStateModel::SECURE, 1488 CheckSecurityInfoForSecure(new_contents, security_state::SECURE,
1563 SecurityStateModel::NO_DEPRECATED_SHA1, 1489 security_state::NO_DEPRECATED_SHA1,
1564 SecurityStateModel::CONTENT_STATUS_NONE, false, 1490 security_state::CONTENT_STATUS_NONE, false,
1565 false /* expect cert status error */); 1491 false /* expect cert status error */);
1566 } 1492 }
1567 1493
1568 // Tests that the WebContentsObserver::SecurityStyleChanged event fires 1494 // Tests that the WebContentsObserver::SecurityStyleChanged event fires
1569 // with the current style on HTTP, broken HTTPS, and valid HTTPS pages. 1495 // with the current style on HTTP, broken HTTPS, and valid HTTPS pages.
1570 IN_PROC_BROWSER_TEST_F(SecurityStyleChangedTest, SecurityStyleChangedObserver) { 1496 IN_PROC_BROWSER_TEST_F(SecurityStyleChangedTest, SecurityStyleChangedObserver) {
1571 ASSERT_TRUE(https_server_.Start()); 1497 ASSERT_TRUE(https_server_.Start());
1572 ASSERT_TRUE(embedded_test_server()->Start()); 1498 ASSERT_TRUE(embedded_test_server()->Start());
1573 1499
1574 net::EmbeddedTestServer https_test_server_expired( 1500 net::EmbeddedTestServer https_test_server_expired(
(...skipping 499 matching lines...) Expand 10 before | Expand all | Expand 10 after
2074 // connection, the SCTs verification statuses are exposed on the 2000 // connection, the SCTs verification statuses are exposed on the
2075 // SecurityInfo. 2001 // SecurityInfo.
2076 IN_PROC_BROWSER_TEST_F(BrowserTestURLRequestWithSCTs, 2002 IN_PROC_BROWSER_TEST_F(BrowserTestURLRequestWithSCTs,
2077 SecurityInfoWithSCTsAttached) { 2003 SecurityInfoWithSCTsAttached) {
2078 ui_test_utils::NavigateToURL( 2004 ui_test_utils::NavigateToURL(
2079 browser(), GURL(std::string("https://") + kMockHostnameWithSCTs)); 2005 browser(), GURL(std::string("https://") + kMockHostnameWithSCTs));
2080 2006
2081 content::WebContents* web_contents = 2007 content::WebContents* web_contents =
2082 browser()->tab_strip_model()->GetActiveWebContents(); 2008 browser()->tab_strip_model()->GetActiveWebContents();
2083 ASSERT_TRUE(web_contents); 2009 ASSERT_TRUE(web_contents);
2084 ChromeSecurityStateModelClient* model_client = 2010 SecurityStateTabHelper* helper =
2085 ChromeSecurityStateModelClient::FromWebContents(web_contents); 2011 SecurityStateTabHelper::FromWebContents(web_contents);
2086 ASSERT_TRUE(model_client); 2012 ASSERT_TRUE(helper);
2087 SecurityStateModel::SecurityInfo security_info; 2013 security_state::SecurityInfo security_info;
2088 model_client->GetSecurityInfo(&security_info); 2014 helper->GetSecurityInfo(&security_info);
2089 EXPECT_EQ(SecurityStateModel::SECURE, security_info.security_level); 2015 EXPECT_EQ(security_state::SECURE, security_info.security_level);
2090 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); 2016 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses);
2091 } 2017 }
2092 2018
2093 } // namespace 2019 } // namespace
OLDNEW
« no previous file with comments | « chrome/browser/ssl/security_state_tab_helper.cc ('k') | chrome/browser/ssl/security_state_tab_helper_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698