| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 #include <utility> | 6 #include <utility> |
| 7 | 7 |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/memory/ptr_util.h" | 10 #include "base/memory/ptr_util.h" |
| (...skipping 1394 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1405 std::unique_ptr<BubbleObserver> prompt_observer( | 1405 std::unique_ptr<BubbleObserver> prompt_observer( |
| 1406 new BubbleObserver(WebContents())); | 1406 new BubbleObserver(WebContents())); |
| 1407 ui_test_utils::NavigateToURL(browser(), https_url); | 1407 ui_test_utils::NavigateToURL(browser(), https_url); |
| 1408 | 1408 |
| 1409 observer.SetPathToWaitFor("/password/done_and_separate_login_form.html"); | 1409 observer.SetPathToWaitFor("/password/done_and_separate_login_form.html"); |
| 1410 observer.Wait(); | 1410 observer.Wait(); |
| 1411 | 1411 |
| 1412 EXPECT_FALSE(prompt_observer->IsShowingSavePrompt()); | 1412 EXPECT_FALSE(prompt_observer->IsShowingSavePrompt()); |
| 1413 } | 1413 } |
| 1414 | 1414 |
| 1415 // Tests whether a attempted submission of a malicious credentials gets blocked. |
| 1416 // This simulates a case which is described in http://crbug.com/571580. |
| 1417 IN_PROC_BROWSER_TEST_F( |
| 1418 PasswordManagerBrowserTestBase, |
| 1419 NoPromptForSeperateLoginFormWhenSwitchingFromHttpsToHttp) { |
| 1420 base::CommandLine::ForCurrentProcess()->AppendSwitch( |
| 1421 ::switches::kAllowRunningInsecureContent); |
| 1422 base::CommandLine::ForCurrentProcess()->AppendSwitch( |
| 1423 ::switches::kIgnoreCertificateErrors); |
| 1424 const base::FilePath::CharType kDocRoot[] = |
| 1425 FILE_PATH_LITERAL("chrome/test/data"); |
| 1426 net::EmbeddedTestServer https_test_server( |
| 1427 net::EmbeddedTestServer::TYPE_HTTPS); |
| 1428 https_test_server.ServeFilesFromSourceDirectory(base::FilePath(kDocRoot)); |
| 1429 ASSERT_TRUE(https_test_server.Start()); |
| 1430 |
| 1431 std::string path = "/password/password_form.html"; |
| 1432 GURL https_url(https_test_server.GetURL(path)); |
| 1433 ASSERT_TRUE(https_url.SchemeIs(url::kHttpsScheme)); |
| 1434 |
| 1435 NavigationObserver form_observer(WebContents()); |
| 1436 ui_test_utils::NavigateToURL(browser(), https_url); |
| 1437 form_observer.Wait(); |
| 1438 |
| 1439 std::string fill_and_submit_redirect = |
| 1440 "document.getElementById('username_redirect').value = 'user';" |
| 1441 "document.getElementById('password_redirect').value = 'password';" |
| 1442 "document.getElementById('submit_redirect').click()"; |
| 1443 ASSERT_TRUE( |
| 1444 content::ExecuteScript(RenderViewHost(), fill_and_submit_redirect)); |
| 1445 |
| 1446 NavigationObserver redirect_observer(WebContents()); |
| 1447 redirect_observer.SetPathToWaitFor("/password/redirect.html"); |
| 1448 redirect_observer.Wait(); |
| 1449 |
| 1450 // Normally the redirect happens to done.html. Here an attack is simulated |
| 1451 // that hijacks the redirect to a attacker controlled page. |
| 1452 GURL http_url( |
| 1453 embedded_test_server()->GetURL("/password/simple_password.html")); |
| 1454 std::string attacker_redirect = |
| 1455 "window.location.href = '" + http_url.spec() + "';"; |
| 1456 ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), attacker_redirect)); |
| 1457 |
| 1458 NavigationObserver attacker_observer(WebContents()); |
| 1459 attacker_observer.SetPathToWaitFor("/password/simple_password.html"); |
| 1460 attacker_observer.Wait(); |
| 1461 |
| 1462 std::string fill_and_submit_attacker_form = |
| 1463 "document.getElementById('username_field').value = 'attacker_username';" |
| 1464 "document.getElementById('password_field').value = 'attacker_password';" |
| 1465 "document.getElementById('input_submit_button').click()"; |
| 1466 ASSERT_TRUE( |
| 1467 content::ExecuteScript(RenderViewHost(), fill_and_submit_attacker_form)); |
| 1468 |
| 1469 NavigationObserver done_observer(WebContents()); |
| 1470 done_observer.SetPathToWaitFor("/password/done.html"); |
| 1471 done_observer.Wait(); |
| 1472 |
| 1473 WaitForPasswordStore(); |
| 1474 BubbleObserver prompt_observer(WebContents()); |
| 1475 EXPECT_TRUE(prompt_observer.IsShowingSavePrompt()); |
| 1476 prompt_observer.AcceptSavePrompt(); |
| 1477 |
| 1478 // Wait for password store and check that credentials are stored. |
| 1479 WaitForPasswordStore(); |
| 1480 scoped_refptr<password_manager::TestPasswordStore> password_store = |
| 1481 static_cast<password_manager::TestPasswordStore*>( |
| 1482 PasswordStoreFactory::GetForProfile( |
| 1483 browser()->profile(), ServiceAccessType::IMPLICIT_ACCESS) |
| 1484 .get()); |
| 1485 EXPECT_FALSE(password_store->IsEmpty()); |
| 1486 CheckThatCredentialsStored(password_store.get(), base::ASCIIToUTF16("user"), |
| 1487 base::ASCIIToUTF16("password")); |
| 1488 } |
| 1489 |
| 1415 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestBase, | 1490 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestBase, |
| 1416 PromptWhenPasswordFormWithoutUsernameFieldSubmitted) { | 1491 PromptWhenPasswordFormWithoutUsernameFieldSubmitted) { |
| 1417 scoped_refptr<password_manager::TestPasswordStore> password_store = | 1492 scoped_refptr<password_manager::TestPasswordStore> password_store = |
| 1418 static_cast<password_manager::TestPasswordStore*>( | 1493 static_cast<password_manager::TestPasswordStore*>( |
| 1419 PasswordStoreFactory::GetForProfile( | 1494 PasswordStoreFactory::GetForProfile( |
| 1420 browser()->profile(), ServiceAccessType::IMPLICIT_ACCESS).get()); | 1495 browser()->profile(), ServiceAccessType::IMPLICIT_ACCESS).get()); |
| 1421 | 1496 |
| 1422 EXPECT_TRUE(password_store->IsEmpty()); | 1497 EXPECT_TRUE(password_store->IsEmpty()); |
| 1423 | 1498 |
| 1424 NavigateToFile("/password/form_with_only_password_field.html"); | 1499 NavigateToFile("/password/form_with_only_password_field.html"); |
| (...skipping 1652 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3077 // about all frames, not just the main one. The factories should receive | 3152 // about all frames, not just the main one. The factories should receive |
| 3078 // messages for non-main frames, in particular | 3153 // messages for non-main frames, in particular |
| 3079 // AutofillHostMsg_PasswordFormsParsed. If that were the first time the | 3154 // AutofillHostMsg_PasswordFormsParsed. If that were the first time the |
| 3080 // factories hear about such frames, this would crash. | 3155 // factories hear about such frames, this would crash. |
| 3081 tab_strip_model->AddWebContents(detached_web_contents.release(), -1, | 3156 tab_strip_model->AddWebContents(detached_web_contents.release(), -1, |
| 3082 ::ui::PAGE_TRANSITION_AUTO_TOPLEVEL, | 3157 ::ui::PAGE_TRANSITION_AUTO_TOPLEVEL, |
| 3083 TabStripModel::ADD_ACTIVE); | 3158 TabStripModel::ADD_ACTIVE); |
| 3084 } | 3159 } |
| 3085 | 3160 |
| 3086 } // namespace password_manager | 3161 } // namespace password_manager |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2607413003:
Add security feature to ProvisionalSavePassword (Closed)
