| Index: components/security_state/content/content_utils_unittest.cc
|
| diff --git a/chrome/browser/ssl/chrome_security_state_model_client_unittest.cc b/components/security_state/content/content_utils_unittest.cc
|
| similarity index 52%
|
| rename from chrome/browser/ssl/chrome_security_state_model_client_unittest.cc
|
| rename to components/security_state/content/content_utils_unittest.cc
|
| index 711c17cfcf9155fadbad38030854769bb2c2b182..791780b061bb63aecd0efc4020afa38517fe2ca3 100644
|
| --- a/chrome/browser/ssl/chrome_security_state_model_client_unittest.cc
|
| +++ b/components/security_state/content/content_utils_unittest.cc
|
| @@ -2,13 +2,12 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "chrome/browser/ssl/chrome_security_state_model_client.h"
|
| +#include "components/security_state/content/content_utils.h"
|
|
|
| #include "base/command_line.h"
|
| #include "base/test/histogram_tester.h"
|
| -#include "chrome/test/base/chrome_render_view_host_test_harness.h"
|
| -#include "components/security_state/security_state_model.h"
|
| -#include "components/security_state/switches.h"
|
| +#include "components/security_state/core/security_state.h"
|
| +#include "components/security_state/core/switches.h"
|
| #include "content/public/browser/security_style_explanation.h"
|
| #include "content/public/browser/security_style_explanations.h"
|
| #include "net/cert/cert_status_flags.h"
|
| @@ -18,44 +17,38 @@
|
|
|
| namespace {
|
|
|
| -const char kHTTPBadHistogram[] =
|
| - "Security.HTTPBad.UserWarnedAboutSensitiveInput";
|
| +using security_state::GetSecurityStyle;
|
|
|
| // Tests that SecurityInfo flags for subresources with certificate
|
| // errors are reflected in the SecurityStyleExplanations produced by
|
| -// ChromeSecurityStateModelClient.
|
| -TEST(ChromeSecurityStateModelClientTest,
|
| - GetSecurityStyleForContentWithCertErrors) {
|
| +// GetSecurityStyle.
|
| +TEST(SecurityStateContentUtilsTest, GetSecurityStyleForContentWithCertErrors) {
|
| content::SecurityStyleExplanations explanations;
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| + security_state::SecurityInfo security_info;
|
| security_info.cert_status = 0;
|
| security_info.scheme_is_cryptographic = true;
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_TRUE(explanations.ran_content_with_cert_errors);
|
| EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_TRUE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_NONE;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_NONE;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
| }
|
| @@ -64,38 +57,34 @@ TEST(ChromeSecurityStateModelClientTest,
|
| // errors are *not* set when the main resource has major certificate
|
| // errors. If the main resource has certificate errors, it would be
|
| // duplicative/confusing to also report subresources with cert errors.
|
| -TEST(ChromeSecurityStateModelClientTest,
|
| +TEST(SecurityStateContentUtilsTest,
|
| SubresourcesAndMainResourceWithMajorCertErrors) {
|
| content::SecurityStyleExplanations explanations;
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| + security_state::SecurityInfo security_info;
|
| security_info.cert_status = net::CERT_STATUS_DATE_INVALID;
|
| security_info.scheme_is_cryptographic = true;
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_NONE;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_NONE;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
| }
|
| @@ -104,38 +93,34 @@ TEST(ChromeSecurityStateModelClientTest,
|
| // errors are set when the main resource has only minor certificate
|
| // errors. Minor errors on the main resource should not hide major
|
| // errors on subresources.
|
| -TEST(ChromeSecurityStateModelClientTest,
|
| +TEST(SecurityStateContentUtilsTest,
|
| SubresourcesAndMainResourceWithMinorCertErrors) {
|
| content::SecurityStyleExplanations explanations;
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| + security_state::SecurityInfo security_info;
|
| security_info.cert_status = net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION;
|
| security_info.scheme_is_cryptographic = true;
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_TRUE(explanations.ran_content_with_cert_errors);
|
| EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_TRUE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_NONE;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_NONE;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
| }
|
| @@ -156,9 +141,9 @@ bool FindSecurityStyleExplanation(
|
|
|
| // Test that connection explanations are formated as expected. Note the strings
|
| // are not translated and so will be the same in any locale.
|
| -TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
| +TEST(SecurityStateContentUtilsTest, ConnectionExplanation) {
|
| // Test a modern configuration with a key exchange group.
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| + security_state::SecurityInfo security_info;
|
| security_info.cert_status = net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION;
|
| security_info.scheme_is_cryptographic = true;
|
| net::SSLConnectionStatusSetCipherSuite(
|
| @@ -170,8 +155,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
|
|
| {
|
| content::SecurityStyleExplanations explanations;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| content::SecurityStyleExplanation explanation;
|
| ASSERT_TRUE(FindSecurityStyleExplanation(
|
| explanations.secure_explanations, "Secure Connection", &explanation));
|
| @@ -187,8 +171,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
| security_info.key_exchange_group = 0;
|
| {
|
| content::SecurityStyleExplanations explanations;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| content::SecurityStyleExplanation explanation;
|
| ASSERT_TRUE(FindSecurityStyleExplanation(
|
| explanations.secure_explanations, "Secure Connection", &explanation));
|
| @@ -207,8 +190,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
| security_info.key_exchange_group = 29; // X25519
|
| {
|
| content::SecurityStyleExplanations explanations;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| content::SecurityStyleExplanation explanation;
|
| ASSERT_TRUE(FindSecurityStyleExplanation(
|
| explanations.secure_explanations, "Secure Connection", &explanation));
|
| @@ -222,14 +204,12 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
|
|
| // Tests that a security level of HTTP_SHOW_WARNING produces a
|
| // content::SecurityStyle of UNAUTHENTICATED, with an explanation.
|
| -TEST(ChromeSecurityStateModelClientTest, HTTPWarning) {
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| +TEST(SecurityStateContentUtilsTest, HTTPWarning) {
|
| + security_state::SecurityInfo security_info;
|
| content::SecurityStyleExplanations explanations;
|
| - security_info.security_level =
|
| - security_state::SecurityStateModel::HTTP_SHOW_WARNING;
|
| + security_info.security_level = security_state::HTTP_SHOW_WARNING;
|
| blink::WebSecurityStyle security_style =
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
|
| EXPECT_EQ(1u, explanations.unauthenticated_explanations.size());
|
| }
|
| @@ -237,92 +217,15 @@ TEST(ChromeSecurityStateModelClientTest, HTTPWarning) {
|
| // Tests that a security level of NONE when there is a password or
|
| // credit card field on HTTP produces a content::SecurityStyle of
|
| // UNAUTHENTICATED, with an info explanation.
|
| -TEST(ChromeSecurityStateModelClientTest, HTTPWarningInFuture) {
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| +TEST(SecurityStateContentUtilsTest, HTTPWarningInFuture) {
|
| + security_state::SecurityInfo security_info;
|
| content::SecurityStyleExplanations explanations;
|
| - security_info.security_level = security_state::SecurityStateModel::NONE;
|
| + security_info.security_level = security_state::NONE;
|
| security_info.displayed_private_user_data_input_on_http = true;
|
| blink::WebSecurityStyle security_style =
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
|
| EXPECT_EQ(1u, explanations.info_explanations.size());
|
| }
|
|
|
| -class ChromeSecurityStateModelClientHistogramTest
|
| - : public ChromeRenderViewHostTestHarness {
|
| - public:
|
| - ChromeSecurityStateModelClientHistogramTest() {}
|
| - ~ChromeSecurityStateModelClientHistogramTest() override {}
|
| -
|
| - void SetUp() override {
|
| - ChromeRenderViewHostTestHarness::SetUp();
|
| -
|
| - ChromeSecurityStateModelClient::CreateForWebContents(web_contents());
|
| - client_ = ChromeSecurityStateModelClient::FromWebContents(web_contents());
|
| - navigate_to_http();
|
| - }
|
| -
|
| - protected:
|
| - ChromeSecurityStateModelClient* client() { return client_; }
|
| -
|
| - void signal_password() {
|
| - web_contents()->OnPasswordInputShownOnHttp();
|
| - client_->VisibleSecurityStateChanged();
|
| - }
|
| -
|
| - void navigate_to_http() { NavigateAndCommit(GURL("http://example.test")); }
|
| -
|
| - private:
|
| - ChromeSecurityStateModelClient* client_;
|
| - DISALLOW_COPY_AND_ASSIGN(ChromeSecurityStateModelClientHistogramTest);
|
| -};
|
| -
|
| -// Tests that UMA logs the omnibox warning when security level is
|
| -// HTTP_SHOW_WARNING.
|
| -TEST_F(ChromeSecurityStateModelClientHistogramTest,
|
| - HTTPOmniboxWarningHistogram) {
|
| - // Show Warning Chip.
|
| - base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
|
| - security_state::switches::kMarkHttpAs,
|
| - security_state::switches::kMarkHttpWithPasswordsOrCcWithChip);
|
| -
|
| - base::HistogramTester histograms;
|
| - signal_password();
|
| - histograms.ExpectUniqueSample(kHTTPBadHistogram, true, 1);
|
| -
|
| - // Fire again and ensure no sample is recorded.
|
| - signal_password();
|
| - histograms.ExpectUniqueSample(kHTTPBadHistogram, true, 1);
|
| -
|
| - // Navigate to a new page and ensure a sample is recorded.
|
| - navigate_to_http();
|
| - histograms.ExpectUniqueSample(kHTTPBadHistogram, true, 1);
|
| - signal_password();
|
| - histograms.ExpectUniqueSample(kHTTPBadHistogram, true, 2);
|
| -}
|
| -
|
| -// Tests that UMA logs the console warning when security level is NONE.
|
| -TEST_F(ChromeSecurityStateModelClientHistogramTest,
|
| - HTTPConsoleWarningHistogram) {
|
| - // Show Neutral for HTTP
|
| - base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
|
| - security_state::switches::kMarkHttpAs,
|
| - security_state::switches::kMarkHttpAsNeutral);
|
| -
|
| - base::HistogramTester histograms;
|
| - signal_password();
|
| - histograms.ExpectUniqueSample(kHTTPBadHistogram, false, 1);
|
| -
|
| - // Fire again and ensure no sample is recorded.
|
| - signal_password();
|
| - histograms.ExpectUniqueSample(kHTTPBadHistogram, false, 1);
|
| -
|
| - // Navigate to a new page and ensure a sample is recorded.
|
| - navigate_to_http();
|
| - histograms.ExpectUniqueSample(kHTTPBadHistogram, false, 1);
|
| - signal_password();
|
| - histograms.ExpectUniqueSample(kHTTPBadHistogram, false, 2);
|
| -}
|
| -
|
| } // namespace
|
|
|
Chromium Code Reviews
Issue 2448943002:
Refactor SecurityStateModel/Clients for simplicity and reusability. (Closed)
