Chromium Code Reviews Chromium Code Reviews
Issue 2604453003:
Show Form-Not-Secure warning on page load (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/autofill/content/renderer/password_autofill_agent.h" | 5 #include "components/autofill/content/renderer/password_autofill_agent.h" |
| 6 | 6 |
| 7 #include "base/macros.h" | 7 #include "base/macros.h" |
| 8 #include "base/run_loop.h" | 8 #include "base/run_loop.h" |
| 9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
| 11 #include "base/test/scoped_feature_list.h" | 11 #include "base/test/scoped_feature_list.h" |
| 12 #include "chrome/renderer/autofill/fake_content_password_manager_driver.h" | 12 #include "chrome/renderer/autofill/fake_content_password_manager_driver.h" |
| 13 #include "chrome/renderer/autofill/fake_password_manager_client.h" | 13 #include "chrome/renderer/autofill/fake_password_manager_client.h" |
| 14 #include "chrome/renderer/autofill/password_generation_test_utils.h" | 14 #include "chrome/renderer/autofill/password_generation_test_utils.h" |
| 15 #include "chrome/test/base/chrome_render_view_test.h" | 15 #include "chrome/test/base/chrome_render_view_test.h" |
| 16 #include "components/autofill/content/renderer/autofill_agent.h" | 16 #include "components/autofill/content/renderer/autofill_agent.h" |
| 17 #include "components/autofill/content/renderer/form_autofill_util.h" | 17 #include "components/autofill/content/renderer/form_autofill_util.h" |
| 18 #include "components/autofill/content/renderer/test_password_autofill_agent.h" | 18 #include "components/autofill/content/renderer/test_password_autofill_agent.h" |
| 19 #include "components/autofill/content/renderer/test_password_generation_agent.h" | 19 #include "components/autofill/content/renderer/test_password_generation_agent.h" |
| 20 #include "components/autofill/core/common/autofill_constants.h" | 20 #include "components/autofill/core/common/autofill_constants.h" |
| 21 #include "components/autofill/core/common/form_data.h" | 21 #include "components/autofill/core/common/form_data.h" |
| 22 #include "components/autofill/core/common/form_field_data.h" | 22 #include "components/autofill/core/common/form_field_data.h" |
| 23 #include "components/autofill/core/common/password_form.h" | 23 #include "components/autofill/core/common/password_form.h" |
| 24 #include "components/autofill/core/common/password_form_field_prediction_map.h" | 24 #include "components/autofill/core/common/password_form_field_prediction_map.h" |
| 25 #include "components/password_manager/core/common/password_manager_features.h" | 25 #include "components/password_manager/core/common/password_manager_features.h" |
| 26 #include "components/security_state/core/security_state.h" | |
| 26 #include "content/public/common/associated_interface_provider.h" | 27 #include "content/public/common/associated_interface_provider.h" |
| 27 #include "content/public/renderer/render_frame.h" | 28 #include "content/public/renderer/render_frame.h" |
| 28 #include "content/public/renderer/render_view.h" | 29 #include "content/public/renderer/render_view.h" |
| 29 #include "services/service_manager/public/cpp/interface_provider.h" | 30 #include "services/service_manager/public/cpp/interface_provider.h" |
| 30 #include "testing/gtest/include/gtest/gtest.h" | 31 #include "testing/gtest/include/gtest/gtest.h" |
| 31 #include "third_party/WebKit/public/platform/WebString.h" | 32 #include "third_party/WebKit/public/platform/WebString.h" |
| 32 #include "third_party/WebKit/public/platform/WebVector.h" | 33 #include "third_party/WebKit/public/platform/WebVector.h" |
| 33 #include "third_party/WebKit/public/web/WebDocument.h" | 34 #include "third_party/WebKit/public/web/WebDocument.h" |
| 34 #include "third_party/WebKit/public/web/WebElement.h" | 35 #include "third_party/WebKit/public/web/WebElement.h" |
| 35 #include "third_party/WebKit/public/web/WebFormControlElement.h" | 36 #include "third_party/WebKit/public/web/WebFormControlElement.h" |
| (...skipping 308 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 344 mojom::PasswordManagerClient::Name_, | 345 mojom::PasswordManagerClient::Name_, |
| 345 base::Bind(&PasswordAutofillAgentTest::BindPasswordManagerClient, | 346 base::Bind(&PasswordAutofillAgentTest::BindPasswordManagerClient, |
| 346 base::Unretained(this))); | 347 base::Unretained(this))); |
| 347 } | 348 } |
| 348 | 349 |
| 349 void SetFillOnAccountSelect() { | 350 void SetFillOnAccountSelect() { |
| 350 scoped_feature_list_.InitAndEnableFeature( | 351 scoped_feature_list_.InitAndEnableFeature( |
| 351 password_manager::features::kFillOnAccountSelect); | 352 password_manager::features::kFillOnAccountSelect); |
| 352 } | 353 } |
| 353 | 354 |
| 355 void SetHttpFormWarning() { | |
| 356 scoped_feature_list_.InitAndEnableFeature( | |
| 357 security_state::kHttpFormWarningFeature); | |
| 358 } | |
| 359 | |
| 354 void UpdateOriginForHTML(const std::string& html) { | 360 void UpdateOriginForHTML(const std::string& html) { |
| 355 std::string origin = "data:text/html;charset=utf-8," + html; | 361 std::string origin = "data:text/html;charset=utf-8," + html; |
| 356 fill_data_.origin = GURL(origin); | 362 fill_data_.origin = GURL(origin); |
| 357 } | 363 } |
| 358 | 364 |
| 359 void UpdateUsernameAndPasswordElements() { | 365 void UpdateUsernameAndPasswordElements() { |
| 360 WebDocument document = GetMainFrame()->document(); | 366 WebDocument document = GetMainFrame()->document(); |
| 361 WebElement element = | 367 WebElement element = |
| 362 document.getElementById(WebString::fromUTF8(kUsernameName)); | 368 document.getElementById(WebString::fromUTF8(kUsernameName)); |
| 363 ASSERT_FALSE(element.isNull()); | 369 ASSERT_FALSE(element.isNull()); |
| (...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 476 autofill::SHOW_ALL)); | 482 autofill::SHOW_ALL)); |
| 477 | 483 |
| 478 fake_driver_.reset_show_pw_suggestions(); | 484 fake_driver_.reset_show_pw_suggestions(); |
| 479 } | 485 } |
| 480 | 486 |
| 481 bool GetCalledShowPasswordSuggestions() { | 487 bool GetCalledShowPasswordSuggestions() { |
| 482 base::RunLoop().RunUntilIdle(); | 488 base::RunLoop().RunUntilIdle(); |
| 483 return fake_driver_.called_show_pw_suggestions(); | 489 return fake_driver_.called_show_pw_suggestions(); |
| 484 } | 490 } |
| 485 | 491 |
| 492 bool GetCalledShowNotSecureWarning() { | |
| 493 base::RunLoop().RunUntilIdle(); | |
| 494 return fake_driver_.called_show_not_secure_warning(); | |
| 495 } | |
| 496 | |
| 486 void ExpectFormSubmittedWithUsernameAndPasswords( | 497 void ExpectFormSubmittedWithUsernameAndPasswords( |
| 487 const std::string& username_value, | 498 const std::string& username_value, |
| 488 const std::string& password_value, | 499 const std::string& password_value, |
| 489 const std::string& new_password_value) { | 500 const std::string& new_password_value) { |
| 490 base::RunLoop().RunUntilIdle(); | 501 base::RunLoop().RunUntilIdle(); |
| 491 ASSERT_TRUE(fake_driver_.called_password_form_submitted()); | 502 ASSERT_TRUE(fake_driver_.called_password_form_submitted()); |
| 492 ASSERT_TRUE(static_cast<bool>(fake_driver_.password_form_submitted())); | 503 ASSERT_TRUE(static_cast<bool>(fake_driver_.password_form_submitted())); |
| 493 const autofill::PasswordForm& form = | 504 const autofill::PasswordForm& form = |
| 494 *(fake_driver_.password_form_submitted()); | 505 *(fake_driver_.password_form_submitted()); |
| 495 EXPECT_EQ(ASCIIToUTF16(username_value), form.username_value); | 506 EXPECT_EQ(ASCIIToUTF16(username_value), form.username_value); |
| (...skipping 853 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1349 // Now simulate a user typing in an unrecognized username and then | 1360 // Now simulate a user typing in an unrecognized username and then |
| 1350 // clicking on the username element. This should also produce a message with | 1361 // clicking on the username element. This should also produce a message with |
| 1351 // all the usernames. | 1362 // all the usernames. |
| 1352 SimulateUsernameChange("baz"); | 1363 SimulateUsernameChange("baz"); |
| 1353 static_cast<PageClickListener*>(autofill_agent_) | 1364 static_cast<PageClickListener*>(autofill_agent_) |
| 1354 ->FormControlElementClicked(username_element_, true); | 1365 ->FormControlElementClicked(username_element_, true); |
| 1355 CheckSuggestions("baz", true); | 1366 CheckSuggestions("baz", true); |
| 1356 ClearUsernameAndPasswordFields(); | 1367 ClearUsernameAndPasswordFields(); |
| 1357 } | 1368 } |
| 1358 | 1369 |
| 1370 // Tests that the Form Not Secure warning appears when a password form | |
| 1371 // is autofilled when the Form Not Secure feature is enabled. | |
| 1372 TEST_F(PasswordAutofillAgentTest, FormNotSecureWarningOnAutofill) { | |
| 1373 SetHttpFormWarning(); | |
|
vabr (Chromium)
2017/01/02 10:15:04
optional: It might be a good idea to also test tha
estark
2017/01/03 16:08:36
Done. Added some additional tests too.
Thanks!
| |
| 1374 | |
| 1375 fill_data_.show_form_not_secure_warning_on_autofill = true; | |
| 1376 | |
| 1377 // Simulate the browser autofilling a password form. | |
| 1378 SimulateOnFillPasswordForm(fill_data_); | |
| 1379 EXPECT_TRUE(GetCalledShowNotSecureWarning()); | |
| 1380 } | |
| 1381 | |
| 1359 // Tests that there is an autosuggestion from the password manager when the | 1382 // Tests that there is an autosuggestion from the password manager when the |
| 1360 // user clicks on the password field when FillOnAccountSelect is enabled. | 1383 // user clicks on the password field when FillOnAccountSelect is enabled. |
| 1361 TEST_F(PasswordAutofillAgentTest, | 1384 TEST_F(PasswordAutofillAgentTest, |
| 1362 FillOnAccountSelectOnlyNoCredentialsOnPasswordClick) { | 1385 FillOnAccountSelectOnlyNoCredentialsOnPasswordClick) { |
| 1363 SetFillOnAccountSelect(); | 1386 SetFillOnAccountSelect(); |
| 1364 | 1387 |
| 1365 // Simulate the browser sending back the login info. | 1388 // Simulate the browser sending back the login info. |
| 1366 SimulateOnShowInitialPasswordAccountSuggestions(fill_data_); | 1389 SimulateOnShowInitialPasswordAccountSuggestions(fill_data_); |
| 1367 | 1390 |
| 1368 // Clear the text fields to start fresh. | 1391 // Clear the text fields to start fresh. |
| (...skipping 1092 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2461 SimulateElementClick("confirmpassword"); | 2484 SimulateElementClick("confirmpassword"); |
| 2462 EXPECT_FALSE(GetCalledShowPasswordSuggestions()); | 2485 EXPECT_FALSE(GetCalledShowPasswordSuggestions()); |
| 2463 | 2486 |
| 2464 // But when the user clicks on the autofilled password field again it should | 2487 // But when the user clicks on the autofilled password field again it should |
| 2465 // still produce a suggestion dropdown. | 2488 // still produce a suggestion dropdown. |
| 2466 SimulateElementClick("password"); | 2489 SimulateElementClick("password"); |
| 2467 CheckSuggestions("", false); | 2490 CheckSuggestions("", false); |
| 2468 } | 2491 } |
| 2469 | 2492 |
| 2470 } // namespace autofill | 2493 } // namespace autofill |
| OLD | NEW |
