| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/ssl/ssl_manager.h" | 5 #include "content/browser/ssl/ssl_manager.h" |
| 6 | 6 |
| 7 #include "base/macros.h" | 7 #include "base/macros.h" |
| 8 #include "content/browser/site_instance_impl.h" | 8 #include "content/browser/site_instance_impl.h" |
| 9 #include "content/public/browser/ssl_status.h" | 9 #include "content/public/browser/ssl_status.h" |
| 10 #include "content/public/browser/web_contents_delegate.h" | 10 #include "content/public/browser/web_contents_delegate.h" |
| (...skipping 10 matching lines...) Expand all Loading... |
| 21 // A WebContentsDelegate that exposes the visible SSLStatus at the time | 21 // A WebContentsDelegate that exposes the visible SSLStatus at the time |
| 22 // of the last VisibleSSLStateChanged() call. | 22 // of the last VisibleSSLStateChanged() call. |
| 23 class TestWebContentsDelegate : public WebContentsDelegate { | 23 class TestWebContentsDelegate : public WebContentsDelegate { |
| 24 public: | 24 public: |
| 25 TestWebContentsDelegate() : WebContentsDelegate() {} | 25 TestWebContentsDelegate() : WebContentsDelegate() {} |
| 26 ~TestWebContentsDelegate() override {} | 26 ~TestWebContentsDelegate() override {} |
| 27 | 27 |
| 28 const SSLStatus& last_ssl_state() { return last_ssl_state_; } | 28 const SSLStatus& last_ssl_state() { return last_ssl_state_; } |
| 29 | 29 |
| 30 // WebContentsDelegate: | 30 // WebContentsDelegate: |
| 31 void VisibleSSLStateChanged(WebContents* source) override { | 31 void VisibleSecurityStateChanged(WebContents* source) override { |
| 32 NavigationEntry* entry = source->GetController().GetVisibleEntry(); | 32 NavigationEntry* entry = source->GetController().GetVisibleEntry(); |
| 33 EXPECT_TRUE(entry); | 33 EXPECT_TRUE(entry); |
| 34 last_ssl_state_ = entry->GetSSL(); | 34 last_ssl_state_ = entry->GetSSL(); |
| 35 } | 35 } |
| 36 | 36 |
| 37 private: | 37 private: |
| 38 SSLStatus last_ssl_state_; | 38 SSLStatus last_ssl_state_; |
| 39 DISALLOW_COPY_AND_ASSIGN(TestWebContentsDelegate); | 39 DISALLOW_COPY_AND_ASSIGN(TestWebContentsDelegate); |
| 40 }; | 40 }; |
| 41 | 41 |
| 42 class SSLManagerTest : public RenderViewHostTestHarness { | 42 class SSLManagerTest : public RenderViewHostTestHarness { |
| 43 public: | 43 public: |
| 44 SSLManagerTest() : RenderViewHostTestHarness() {} | 44 SSLManagerTest() : RenderViewHostTestHarness() {} |
| 45 ~SSLManagerTest() override {} | 45 ~SSLManagerTest() override {} |
| 46 | 46 |
| 47 private: | 47 private: |
| 48 DISALLOW_COPY_AND_ASSIGN(SSLManagerTest); | 48 DISALLOW_COPY_AND_ASSIGN(SSLManagerTest); |
| 49 }; | 49 }; |
| 50 | 50 |
| 51 // Tests that VisibleSSLStateChanged() is called when a password input | 51 // Tests that VisibleSecurityStateChanged() is called when a password input |
| 52 // is shown on an HTTP page. | 52 // is shown on an HTTP page. |
| 53 TEST_F(SSLManagerTest, NotifyVisibleSSLStateChangeOnHttpPassword) { | 53 TEST_F(SSLManagerTest, NotifyVisibleSSLStateChangeOnHttpPassword) { |
| 54 TestWebContentsDelegate delegate; | 54 TestWebContentsDelegate delegate; |
| 55 web_contents()->SetDelegate(&delegate); | 55 web_contents()->SetDelegate(&delegate); |
| 56 SSLManager manager( | 56 SSLManager manager( |
| 57 static_cast<NavigationControllerImpl*>(&web_contents()->GetController())); | 57 static_cast<NavigationControllerImpl*>(&web_contents()->GetController())); |
| 58 | 58 |
| 59 NavigateAndCommit(GURL("http://example.test")); | 59 NavigateAndCommit(GURL("http://example.test")); |
| 60 EXPECT_FALSE(delegate.last_ssl_state().content_status & | 60 EXPECT_FALSE(delegate.last_ssl_state().content_status & |
| 61 SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); | 61 SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); |
| 62 web_contents()->OnPasswordInputShownOnHttp(); | 62 web_contents()->OnPasswordInputShownOnHttp(); |
| 63 EXPECT_TRUE(delegate.last_ssl_state().content_status & | 63 EXPECT_TRUE(delegate.last_ssl_state().content_status & |
| 64 SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); | 64 SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); |
| 65 } | 65 } |
| 66 | 66 |
| 67 // Tests that VisibleSSLStateChanged() is called when a credit card input | 67 // Tests that VisibleSecurityStateChanged() is called when a credit card input |
| 68 // is shown on an HTTP page. | 68 // is shown on an HTTP page. |
| 69 TEST_F(SSLManagerTest, NotifyVisibleSSLStateChangeOnHttpCreditCard) { | 69 TEST_F(SSLManagerTest, NotifyVisibleSSLStateChangeOnHttpCreditCard) { |
| 70 TestWebContentsDelegate delegate; | 70 TestWebContentsDelegate delegate; |
| 71 web_contents()->SetDelegate(&delegate); | 71 web_contents()->SetDelegate(&delegate); |
| 72 SSLManager manager( | 72 SSLManager manager( |
| 73 static_cast<NavigationControllerImpl*>(&web_contents()->GetController())); | 73 static_cast<NavigationControllerImpl*>(&web_contents()->GetController())); |
| 74 | 74 |
| 75 NavigateAndCommit(GURL("http://example.test")); | 75 NavigateAndCommit(GURL("http://example.test")); |
| 76 EXPECT_FALSE(delegate.last_ssl_state().content_status & | 76 EXPECT_FALSE(delegate.last_ssl_state().content_status & |
| 77 SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); | 77 SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); |
| 78 web_contents()->OnCreditCardInputShownOnHttp(); | 78 web_contents()->OnCreditCardInputShownOnHttp(); |
| 79 EXPECT_TRUE(delegate.last_ssl_state().content_status & | 79 EXPECT_TRUE(delegate.last_ssl_state().content_status & |
| 80 SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); | 80 SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); |
| 81 } | 81 } |
| 82 | 82 |
| 83 // Tests that VisibleSSLStateChanged() is called when password and | 83 // Tests that VisibleSecurityStateChanged() is called when password and |
| 84 // credit card inputs are shown on an HTTP page. | 84 // credit card inputs are shown on an HTTP page. |
| 85 TEST_F(SSLManagerTest, NotifyVisibleSSLStateChangeOnPasswordAndHttpCreditCard) { | 85 TEST_F(SSLManagerTest, NotifyVisibleSSLStateChangeOnPasswordAndHttpCreditCard) { |
| 86 TestWebContentsDelegate delegate; | 86 TestWebContentsDelegate delegate; |
| 87 web_contents()->SetDelegate(&delegate); | 87 web_contents()->SetDelegate(&delegate); |
| 88 SSLManager manager( | 88 SSLManager manager( |
| 89 static_cast<NavigationControllerImpl*>(&web_contents()->GetController())); | 89 static_cast<NavigationControllerImpl*>(&web_contents()->GetController())); |
| 90 | 90 |
| 91 NavigateAndCommit(GURL("http://example.test")); | 91 NavigateAndCommit(GURL("http://example.test")); |
| 92 EXPECT_FALSE(delegate.last_ssl_state().content_status & | 92 EXPECT_FALSE(delegate.last_ssl_state().content_status & |
| 93 SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); | 93 SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); |
| 94 EXPECT_FALSE(delegate.last_ssl_state().content_status & | 94 EXPECT_FALSE(delegate.last_ssl_state().content_status & |
| 95 SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); | 95 SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); |
| 96 web_contents()->OnPasswordInputShownOnHttp(); | 96 web_contents()->OnPasswordInputShownOnHttp(); |
| 97 web_contents()->OnCreditCardInputShownOnHttp(); | 97 web_contents()->OnCreditCardInputShownOnHttp(); |
| 98 EXPECT_TRUE(delegate.last_ssl_state().content_status & | 98 EXPECT_TRUE(delegate.last_ssl_state().content_status & |
| 99 SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); | 99 SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); |
| 100 EXPECT_TRUE(delegate.last_ssl_state().content_status & | 100 EXPECT_TRUE(delegate.last_ssl_state().content_status & |
| 101 SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); | 101 SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); |
| 102 } | 102 } |
| 103 | 103 |
| 104 } // namespace | 104 } // namespace |
| 105 | 105 |
| 106 } // namespace content | 106 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2454393003:
Reland of Trigger Dangerous indicator for unsafe subresources (Closed)
