| Index: components/security_state/content/content_utils_unittest.cc
|
| diff --git a/chrome/browser/ssl/chrome_security_state_model_client_unittest.cc b/components/security_state/content/content_utils_unittest.cc
|
| similarity index 51%
|
| rename from chrome/browser/ssl/chrome_security_state_model_client_unittest.cc
|
| rename to components/security_state/content/content_utils_unittest.cc
|
| index c8e6e626410f7757283fccde4808a3ff6c237f98..622c4465d2aa95da144bc5be4ded2c438d6b31ac 100644
|
| --- a/chrome/browser/ssl/chrome_security_state_model_client_unittest.cc
|
| +++ b/components/security_state/content/content_utils_unittest.cc
|
| @@ -2,13 +2,12 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "chrome/browser/ssl/chrome_security_state_model_client.h"
|
| +#include "components/security_state/content/content_utils.h"
|
|
|
| #include "base/command_line.h"
|
| #include "base/test/histogram_tester.h"
|
| -#include "chrome/test/base/chrome_render_view_host_test_harness.h"
|
| -#include "components/security_state/security_state_model.h"
|
| -#include "components/security_state/switches.h"
|
| +#include "components/security_state/core/security_state.h"
|
| +#include "components/security_state/core/switches.h"
|
| #include "content/public/browser/security_style_explanation.h"
|
| #include "content/public/browser/security_style_explanations.h"
|
| #include "net/cert/cert_status_flags.h"
|
| @@ -18,41 +17,38 @@
|
|
|
| namespace {
|
|
|
| +using security_state::GetSecurityStyle;
|
| +
|
| // Tests that SecurityInfo flags for subresources with certificate
|
| // errors are reflected in the SecurityStyleExplanations produced by
|
| -// ChromeSecurityStateModelClient.
|
| -TEST(ChromeSecurityStateModelClientTest,
|
| - GetSecurityStyleForContentWithCertErrors) {
|
| +// GetSecurityStyle.
|
| +TEST(SecurityStateContentUtilsTest, GetSecurityStyleForContentWithCertErrors) {
|
| content::SecurityStyleExplanations explanations;
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| + security_state::SecurityInfo security_info;
|
| security_info.cert_status = 0;
|
| security_info.scheme_is_cryptographic = true;
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_TRUE(explanations.ran_content_with_cert_errors);
|
| EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_TRUE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_NONE;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_NONE;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
| }
|
| @@ -61,38 +57,34 @@ TEST(ChromeSecurityStateModelClientTest,
|
| // errors are *not* set when the main resource has major certificate
|
| // errors. If the main resource has certificate errors, it would be
|
| // duplicative/confusing to also report subresources with cert errors.
|
| -TEST(ChromeSecurityStateModelClientTest,
|
| +TEST(SecurityStateContentUtilsTest,
|
| SubresourcesAndMainResourceWithMajorCertErrors) {
|
| content::SecurityStyleExplanations explanations;
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| + security_state::SecurityInfo security_info;
|
| security_info.cert_status = net::CERT_STATUS_DATE_INVALID;
|
| security_info.scheme_is_cryptographic = true;
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_NONE;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_NONE;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
| }
|
| @@ -101,38 +93,34 @@ TEST(ChromeSecurityStateModelClientTest,
|
| // errors are set when the main resource has only minor certificate
|
| // errors. Minor errors on the main resource should not hide major
|
| // errors on subresources.
|
| -TEST(ChromeSecurityStateModelClientTest,
|
| +TEST(SecurityStateContentUtilsTest,
|
| SubresourcesAndMainResourceWithMinorCertErrors) {
|
| content::SecurityStyleExplanations explanations;
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| + security_state::SecurityInfo security_info;
|
| security_info.cert_status = net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION;
|
| security_info.scheme_is_cryptographic = true;
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED_AND_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_TRUE(explanations.ran_content_with_cert_errors);
|
| EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_RAN;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_RAN;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_TRUE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_DISPLAYED;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_TRUE(explanations.displayed_content_with_cert_errors);
|
|
|
| security_info.content_with_cert_errors_status =
|
| - security_state::SecurityStateModel::CONTENT_STATUS_NONE;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + security_state::CONTENT_STATUS_NONE;
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_FALSE(explanations.ran_content_with_cert_errors);
|
| EXPECT_FALSE(explanations.displayed_content_with_cert_errors);
|
| }
|
| @@ -153,9 +141,9 @@ bool FindSecurityStyleExplanation(
|
|
|
| // Test that connection explanations are formated as expected. Note the strings
|
| // are not translated and so will be the same in any locale.
|
| -TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
| +TEST(SecurityStateContentUtilsTest, ConnectionExplanation) {
|
| // Test a modern configuration with a key exchange group.
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| + security_state::SecurityInfo security_info;
|
| security_info.cert_status = net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION;
|
| security_info.scheme_is_cryptographic = true;
|
| net::SSLConnectionStatusSetCipherSuite(
|
| @@ -167,8 +155,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
|
|
| {
|
| content::SecurityStyleExplanations explanations;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| content::SecurityStyleExplanation explanation;
|
| ASSERT_TRUE(FindSecurityStyleExplanation(
|
| explanations.secure_explanations, "Secure Connection", &explanation));
|
| @@ -184,8 +171,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
| security_info.key_exchange_group = 0;
|
| {
|
| content::SecurityStyleExplanations explanations;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| content::SecurityStyleExplanation explanation;
|
| ASSERT_TRUE(FindSecurityStyleExplanation(
|
| explanations.secure_explanations, "Secure Connection", &explanation));
|
| @@ -204,8 +190,7 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
| security_info.key_exchange_group = 29; // X25519
|
| {
|
| content::SecurityStyleExplanations explanations;
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| content::SecurityStyleExplanation explanation;
|
| ASSERT_TRUE(FindSecurityStyleExplanation(
|
| explanations.secure_explanations, "Secure Connection", &explanation));
|
| @@ -219,14 +204,12 @@ TEST(ChromeSecurityStateModelClientTest, ConnectionExplanation) {
|
|
|
| // Tests that a security level of HTTP_SHOW_WARNING produces a
|
| // content::SecurityStyle of UNAUTHENTICATED, with an explanation.
|
| -TEST(ChromeSecurityStateModelClientTest, HTTPWarning) {
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| +TEST(SecurityStateContentUtilsTest, HTTPWarning) {
|
| + security_state::SecurityInfo security_info;
|
| content::SecurityStyleExplanations explanations;
|
| - security_info.security_level =
|
| - security_state::SecurityStateModel::HTTP_SHOW_WARNING;
|
| + security_info.security_level = security_state::HTTP_SHOW_WARNING;
|
| blink::WebSecurityStyle security_style =
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
|
| EXPECT_EQ(1u, explanations.unauthenticated_explanations.size());
|
| }
|
| @@ -234,21 +217,19 @@ TEST(ChromeSecurityStateModelClientTest, HTTPWarning) {
|
| // Tests that a security level of NONE when there is a password or
|
| // credit card field on HTTP produces a content::SecurityStyle of
|
| // UNAUTHENTICATED, with an info explanation for each.
|
| -TEST(ChromeSecurityStateModelClientTest, HTTPWarningInFuture) {
|
| - security_state::SecurityStateModel::SecurityInfo security_info;
|
| +TEST(SecurityStateContentUtilsTest, HTTPWarningInFuture) {
|
| + security_state::SecurityInfo security_info;
|
| content::SecurityStyleExplanations explanations;
|
| - security_info.security_level = security_state::SecurityStateModel::NONE;
|
| + security_info.security_level = security_state::NONE;
|
| security_info.displayed_password_field_on_http = true;
|
| blink::WebSecurityStyle security_style =
|
| - ChromeSecurityStateModelClient::GetSecurityStyle(security_info,
|
| - &explanations);
|
| + GetSecurityStyle(security_info, &explanations);
|
| EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
|
| EXPECT_EQ(1u, explanations.info_explanations.size());
|
|
|
| explanations.info_explanations.clear();
|
| security_info.displayed_credit_card_field_on_http = true;
|
| - security_style = ChromeSecurityStateModelClient::GetSecurityStyle(
|
| - security_info, &explanations);
|
| + security_style = GetSecurityStyle(security_info, &explanations);
|
| EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
|
| EXPECT_EQ(1u, explanations.info_explanations.size());
|
|
|
| @@ -257,107 +238,9 @@ TEST(ChromeSecurityStateModelClientTest, HTTPWarningInFuture) {
|
| explanations.info_explanations.clear();
|
| security_info.displayed_credit_card_field_on_http = true;
|
| security_info.displayed_password_field_on_http = true;
|
| - security_style = ChromeSecurityStateModelClient::GetSecurityStyle(
|
| - security_info, &explanations);
|
| + security_style = GetSecurityStyle(security_info, &explanations);
|
| EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
|
| EXPECT_EQ(1u, explanations.info_explanations.size());
|
| }
|
|
|
| -class ChromeSecurityStateModelClientHistogramTest
|
| - : public ChromeRenderViewHostTestHarness,
|
| - public testing::WithParamInterface<bool> {
|
| - public:
|
| - ChromeSecurityStateModelClientHistogramTest() {}
|
| - ~ChromeSecurityStateModelClientHistogramTest() override {}
|
| -
|
| - void SetUp() override {
|
| - ChromeRenderViewHostTestHarness::SetUp();
|
| -
|
| - ChromeSecurityStateModelClient::CreateForWebContents(web_contents());
|
| - client_ = ChromeSecurityStateModelClient::FromWebContents(web_contents());
|
| - navigate_to_http();
|
| - }
|
| -
|
| - protected:
|
| - ChromeSecurityStateModelClient* client() { return client_; }
|
| -
|
| - void signal_sensitive_input() {
|
| - if (GetParam())
|
| - web_contents()->OnPasswordInputShownOnHttp();
|
| - else
|
| - web_contents()->OnCreditCardInputShownOnHttp();
|
| - client_->VisibleSecurityStateChanged();
|
| - }
|
| -
|
| - const std::string histogram_name() {
|
| - if (GetParam())
|
| - return "Security.HTTPBad.UserWarnedAboutSensitiveInput.Password";
|
| - else
|
| - return "Security.HTTPBad.UserWarnedAboutSensitiveInput.CreditCard";
|
| - }
|
| -
|
| - void navigate_to_http() { NavigateAndCommit(GURL("http://example.test")); }
|
| -
|
| - void navigate_to_different_http_page() {
|
| - NavigateAndCommit(GURL("http://example2.test"));
|
| - }
|
| -
|
| - private:
|
| - ChromeSecurityStateModelClient* client_;
|
| - DISALLOW_COPY_AND_ASSIGN(ChromeSecurityStateModelClientHistogramTest);
|
| -};
|
| -
|
| -// Tests that UMA logs the omnibox warning when security level is
|
| -// HTTP_SHOW_WARNING.
|
| -TEST_P(ChromeSecurityStateModelClientHistogramTest,
|
| - HTTPOmniboxWarningHistogram) {
|
| - // Show Warning Chip.
|
| - base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
|
| - security_state::switches::kMarkHttpAs,
|
| - security_state::switches::kMarkHttpWithPasswordsOrCcWithChip);
|
| -
|
| - base::HistogramTester histograms;
|
| - signal_sensitive_input();
|
| - histograms.ExpectUniqueSample(histogram_name(), true, 1);
|
| -
|
| - // Fire again and ensure no sample is recorded.
|
| - signal_sensitive_input();
|
| - histograms.ExpectUniqueSample(histogram_name(), true, 1);
|
| -
|
| - // Navigate to a new page and ensure a sample is recorded.
|
| - navigate_to_different_http_page();
|
| - histograms.ExpectUniqueSample(histogram_name(), true, 1);
|
| - signal_sensitive_input();
|
| - histograms.ExpectUniqueSample(histogram_name(), true, 2);
|
| -}
|
| -
|
| -// Tests that UMA logs the console warning when security level is NONE.
|
| -TEST_P(ChromeSecurityStateModelClientHistogramTest,
|
| - HTTPConsoleWarningHistogram) {
|
| - // Show Neutral for HTTP
|
| - base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
|
| - security_state::switches::kMarkHttpAs,
|
| - security_state::switches::kMarkHttpAsNeutral);
|
| -
|
| - base::HistogramTester histograms;
|
| - signal_sensitive_input();
|
| - histograms.ExpectUniqueSample(histogram_name(), false, 1);
|
| -
|
| - // Fire again and ensure no sample is recorded.
|
| - signal_sensitive_input();
|
| - histograms.ExpectUniqueSample(histogram_name(), false, 1);
|
| -
|
| - // Navigate to a new page and ensure a sample is recorded.
|
| - navigate_to_different_http_page();
|
| - histograms.ExpectUniqueSample(histogram_name(), false, 1);
|
| - signal_sensitive_input();
|
| - histograms.ExpectUniqueSample(histogram_name(), false, 2);
|
| -}
|
| -
|
| -INSTANTIATE_TEST_CASE_P(ChromeSecurityStateModelClientHistogramTest,
|
| - ChromeSecurityStateModelClientHistogramTest,
|
| - // Here 'true' to test password field triggered
|
| - // histogram and 'false' to test credit card field.
|
| - testing::Bool());
|
| -
|
| } // namespace
|
|
|
Chromium Code Reviews
Issue 2448943002:
Refactor SecurityStateModel/Clients for simplicity and reusability. (Closed)
