iOS: Mark HTTP pages with password fields with an omnibox icon.

ios/chrome/browser/passwords/password_controller_unittest.mm

 // Copyright 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #import "ios/chrome/browser/passwords/password_controller.h"
 
 #import <Foundation/Foundation.h>
 
 #include <memory>
 #include <utility>
@@ skipping 11 matching lines @@
 #include "components/password_manager/core/browser/log_manager.h"
 #include "components/password_manager/core/browser/mock_password_store.h"
 #include "components/password_manager/core/browser/stub_password_manager_client.h"
 #include "components/password_manager/core/common/password_manager_pref_names.h"
 #include "components/prefs/pref_registry_simple.h"
 #include "components/prefs/testing_pref_service.h"
 #import "ios/chrome/browser/autofill/form_input_accessory_view_controller.h"
 #import "ios/chrome/browser/autofill/form_suggestion_controller.h"
 #include "ios/chrome/browser/browser_state/test_chrome_browser_state.h"
 #import "ios/chrome/browser/passwords/js_password_manager.h"
+#include "ios/web/public/navigation_item.h"

[Eugene But (OOO till 7-30), 2016/12/08 01:48:43]

s/include/import

[lgarron, 2016/12/15 03:04:31]

I originally had import, but all these three imports have C++ classes, and at
least one is accompanied by a .cc file.
How do I tell which do use? (I can't find any documentation on it.)

[Eugene But (OOO till 7-30), 2016/12/15 03:45:36]

Style Guide sais "#import Objective-C/Objective-C++ headers, and #include C/C++
headers":
https://google.github.io/styleguide/objcguide.xml#_import_and__include

So if you see #import or @ in the header, it is an Objective-C header for sure
and it can not be compiled by C++ compiler. This rule will work for 99% of
cases.

+#include "ios/web/public/navigation_manager.h"

[Eugene But (OOO till 7-30), 2016/12/08 01:48:43]

ditto

 #import "ios/web/public/web_state/web_state.h"
+#include "ios/web/public/ssl_status.h"
 #import "ios/web/public/test/web_test_with_web_state.h"
 #import "ios/web/public/test/test_web_state.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "testing/gtest_mac.h"
 #import "third_party/ocmock/OCMock/OCMock.h"
 #import "third_party/ocmock/OCMock/OCPartialMockObject.h"
 #include "url/gurl.h"
 
 using autofill::PasswordForm;
@@ skipping 937 matching lines @@
        "<input id='pw0' type='password' name='p0'>"
        "</form>"));
   // Form fill should fail with 'readonly' attribute on password.
   EXPECT_FALSE(BasicFormFill(
       @"<form>"
        "<input id='un0' type='text' name='u0'>"
        "<input id='pw0' type='password' name='p0' readonly='readonly'>"
        "</form>"));
 }
 
+// An HTML page without a password form.
+static NSString* kHtmlWithoutPasswordForm =
+    @"<h2>The rain in Spain stays <i>mainly</i> in the plain.</h2>";
+
 // An HTML page containing one password form.  The username input field
 // also has custom event handlers.  We need to verify that those event
 // handlers are still triggered even though we override them with our own.
 static NSString* kHtmlWithPasswordForm =
     @"<form>"
      "<input id='un' type='text' name=\"u'\""
      "  onkeyup='window.onKeyUpCalled_=true'"
      "  onchange='window.onChangeCalled_=true'>"
      "<input id='pw' type='password' name=\"p'\">"
      "</form>";
@@ skipping 285 matching lines @@
               LogSavePasswordProgress(testing::Ne(
                   "Message: \"PasswordManager::OnPasswordFormsRendered\"\n")))
       .Times(testing::AnyNumber());
   EXPECT_CALL(*weak_client, GetLogManager())
       .WillRepeatedly(Return(&log_manager));
 
   web_state.SetContentIsHTML(false);
   web_state.SetCurrentURL(GURL("https://example.com"));
   [passwordController webStateDidLoadPage:&web_state];
 }
+
+TEST_F(PasswordControllerTest, HTTPNoPassword) {

[Eugene But (OOO till 7-30), 2016/12/08 01:48:43]

s/HTTPNoPassword/HttpNoPassword

[Eugene But (OOO till 7-30), 2016/12/08 01:48:43]

Please add comments for test methods

[lgarron, 2016/12/15 03:04:31]

Comments added.

This file also has a test called SaveOnNonHTMLLandingPage, so I followed that
convention.
If CamelCase is the correct choice, should I rename the other to
SaveOnNonHtmlLandingPage?

[Eugene But (OOO till 7-30), 2016/12/15 03:45:36]

Camel case is correct choice per C++ Style Guide, but Chromium code is extremely
inconsistent with it so if surrounding code uses all caps, then it's perfectly
fine to keep all caps.

+  LoadHtml(kHtmlWithoutPasswordForm, GURL("http://chromium.test"));
+
+  web::SSLStatus ssl_status =
+      web_state()->GetNavigationManager()->GetLastCommittedItem()->GetSSL();
+  EXPECT_FALSE(ssl_status.content_status &
+               web::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
+}
+
+TEST_F(PasswordControllerTest, HTTPPassword) {
+  LoadHtml(kHtmlWithPasswordForm, GURL("http://chromium.test"));
+
+  web::SSLStatus ssl_status =
+      web_state()->GetNavigationManager()->GetLastCommittedItem()->GetSSL();
+  EXPECT_TRUE(ssl_status.content_status &
+              web::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
+}
+
+TEST_F(PasswordControllerTest, HTTPSNoPassword) {
+  LoadHtml(kHtmlWithoutPasswordForm, GURL("https://chromium.test"));
+
+  web::SSLStatus ssl_status =
+      web_state()->GetNavigationManager()->GetLastCommittedItem()->GetSSL();
+  EXPECT_FALSE(ssl_status.content_status &
+               web::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
+}
+
+TEST_F(PasswordControllerTest, HTTPSPassword) {
+  LoadHtml(kHtmlWithPasswordForm, GURL("https://chromium.test"));
+
+  web::SSLStatus ssl_status =
+      web_state()->GetNavigationManager()->GetLastCommittedItem()->GetSSL();
+  EXPECT_FALSE(ssl_status.content_status &
+               web::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
+}