| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/security_state_tab_helper.h" | 5 #include "chrome/browser/ssl/security_state_tab_helper.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/strings/string_split.h" | 10 #include "base/strings/string_split.h" |
| (...skipping 385 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 396 | 396 |
| 397 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, SHA1Certificate) { | 397 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, SHA1Certificate) { |
| 398 ASSERT_TRUE(https_server_.Start()); | 398 ASSERT_TRUE(https_server_.Start()); |
| 399 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, | 399 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, |
| 400 net::OK); | 400 net::OK); |
| 401 | 401 |
| 402 ui_test_utils::NavigateToURL(browser(), | 402 ui_test_utils::NavigateToURL(browser(), |
| 403 https_server_.GetURL("/ssl/google.html")); | 403 https_server_.GetURL("/ssl/google.html")); |
| 404 CheckSecurityInfoForSecure( | 404 CheckSecurityInfoForSecure( |
| 405 browser()->tab_strip_model()->GetActiveWebContents(), | 405 browser()->tab_strip_model()->GetActiveWebContents(), |
| 406 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR, | 406 security_state::NONE, security_state::DEPRECATED_SHA1, |
| 407 security_state::CONTENT_STATUS_NONE, false, | 407 security_state::CONTENT_STATUS_NONE, false, |
| 408 false /* expect cert status error */); | 408 false /* expect cert status error */); |
| 409 } | 409 } |
| 410 | 410 |
| 411 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContent) { | 411 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContent) { |
| 412 ASSERT_TRUE(embedded_test_server()->Start()); | 412 ASSERT_TRUE(embedded_test_server()->Start()); |
| 413 ASSERT_TRUE(https_server_.Start()); | 413 ASSERT_TRUE(https_server_.Start()); |
| 414 SetUpMockCertVerifierForHttpsServer(0, net::OK); | 414 SetUpMockCertVerifierForHttpsServer(0, net::OK); |
| 415 host_resolver()->AddRule("example.test", | 415 host_resolver()->AddRule("example.test", |
| 416 https_server_.GetURL("/title1.html").host()); | 416 https_server_.GetURL("/title1.html").host()); |
| (...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 602 | 602 |
| 603 // Navigate to an HTTPS page that displays mixed content. | 603 // Navigate to an HTTPS page that displays mixed content. |
| 604 std::string replacement_path; | 604 std::string replacement_path; |
| 605 GetFilePathWithHostAndPortReplacement( | 605 GetFilePathWithHostAndPortReplacement( |
| 606 "/ssl/page_displays_insecure_content.html", replacement_pair, | 606 "/ssl/page_displays_insecure_content.html", replacement_pair, |
| 607 &replacement_path); | 607 &replacement_path); |
| 608 ui_test_utils::NavigateToURL(browser(), | 608 ui_test_utils::NavigateToURL(browser(), |
| 609 https_server_.GetURL(replacement_path)); | 609 https_server_.GetURL(replacement_path)); |
| 610 CheckSecurityInfoForSecure( | 610 CheckSecurityInfoForSecure( |
| 611 browser()->tab_strip_model()->GetActiveWebContents(), | 611 browser()->tab_strip_model()->GetActiveWebContents(), |
| 612 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR, | 612 security_state::NONE, security_state::DEPRECATED_SHA1, |
| 613 security_state::CONTENT_STATUS_DISPLAYED, false, | 613 security_state::CONTENT_STATUS_DISPLAYED, false, |
| 614 false /* expect cert status error */); | 614 false /* expect cert status error */); |
| 615 | 615 |
| 616 // Navigate to an HTTPS page that displays mixed content dynamically. | 616 // Navigate to an HTTPS page that displays mixed content dynamically. |
| 617 GetFilePathWithHostAndPortReplacement( | 617 GetFilePathWithHostAndPortReplacement( |
| 618 "/ssl/page_with_dynamic_insecure_content.html", replacement_pair, | 618 "/ssl/page_with_dynamic_insecure_content.html", replacement_pair, |
| 619 &replacement_path); | 619 &replacement_path); |
| 620 ui_test_utils::NavigateToURL(browser(), | 620 ui_test_utils::NavigateToURL(browser(), |
| 621 https_server_.GetURL(replacement_path)); | 621 https_server_.GetURL(replacement_path)); |
| 622 CheckSecurityInfoForSecure( | 622 CheckSecurityInfoForSecure( |
| 623 browser()->tab_strip_model()->GetActiveWebContents(), | 623 browser()->tab_strip_model()->GetActiveWebContents(), |
| 624 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR, | 624 security_state::NONE, security_state::DEPRECATED_SHA1, |
| 625 security_state::CONTENT_STATUS_NONE, false, | 625 security_state::CONTENT_STATUS_NONE, false, |
| 626 false /* expect cert status error */); | 626 false /* expect cert status error */); |
| 627 // Load the insecure image. | 627 // Load the insecure image. |
| 628 bool js_result = false; | 628 bool js_result = false; |
| 629 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( | 629 EXPECT_TRUE(content::ExecuteScriptAndExtractBool( |
| 630 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();", | 630 browser()->tab_strip_model()->GetActiveWebContents(), "loadBadImage();", |
| 631 &js_result)); | 631 &js_result)); |
| 632 EXPECT_TRUE(js_result); | 632 EXPECT_TRUE(js_result); |
| 633 CheckSecurityInfoForSecure( | 633 CheckSecurityInfoForSecure( |
| 634 browser()->tab_strip_model()->GetActiveWebContents(), | 634 browser()->tab_strip_model()->GetActiveWebContents(), |
| 635 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR, | 635 security_state::NONE, security_state::DEPRECATED_SHA1, |
| 636 security_state::CONTENT_STATUS_DISPLAYED, false, | 636 security_state::CONTENT_STATUS_DISPLAYED, false, |
| 637 false /* expect cert status error */); | 637 false /* expect cert status error */); |
| 638 | 638 |
| 639 // Navigate to an HTTPS page that runs mixed content. | 639 // Navigate to an HTTPS page that runs mixed content. |
| 640 GetFilePathWithHostAndPortReplacement("/ssl/page_runs_insecure_content.html", | 640 GetFilePathWithHostAndPortReplacement("/ssl/page_runs_insecure_content.html", |
| 641 replacement_pair, &replacement_path); | 641 replacement_pair, &replacement_path); |
| 642 ui_test_utils::NavigateToURL(browser(), | 642 ui_test_utils::NavigateToURL(browser(), |
| 643 https_server_.GetURL(replacement_path)); | 643 https_server_.GetURL(replacement_path)); |
| 644 CheckSecurityInfoForSecure( | 644 CheckSecurityInfoForSecure( |
| 645 browser()->tab_strip_model()->GetActiveWebContents(), | 645 browser()->tab_strip_model()->GetActiveWebContents(), |
| 646 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR, | 646 security_state::DANGEROUS, security_state::DEPRECATED_SHA1, |
| 647 security_state::CONTENT_STATUS_RAN, false, | 647 security_state::CONTENT_STATUS_RAN, false, |
| 648 false /* expect cert status error */); | 648 false /* expect cert status error */); |
| 649 | 649 |
| 650 // Navigate to an HTTPS page that runs and displays mixed content. | 650 // Navigate to an HTTPS page that runs and displays mixed content. |
| 651 GetFilePathWithHostAndPortReplacement( | 651 GetFilePathWithHostAndPortReplacement( |
| 652 "/ssl/page_runs_and_displays_insecure_content.html", replacement_pair, | 652 "/ssl/page_runs_and_displays_insecure_content.html", replacement_pair, |
| 653 &replacement_path); | 653 &replacement_path); |
| 654 ui_test_utils::NavigateToURL(browser(), | 654 ui_test_utils::NavigateToURL(browser(), |
| 655 https_server_.GetURL(replacement_path)); | 655 https_server_.GetURL(replacement_path)); |
| 656 CheckSecurityInfoForSecure( | 656 CheckSecurityInfoForSecure( |
| 657 browser()->tab_strip_model()->GetActiveWebContents(), | 657 browser()->tab_strip_model()->GetActiveWebContents(), |
| 658 security_state::DANGEROUS, security_state::DEPRECATED_SHA1_MAJOR, | 658 security_state::DANGEROUS, security_state::DEPRECATED_SHA1, |
| 659 security_state::CONTENT_STATUS_DISPLAYED_AND_RAN, false, | 659 security_state::CONTENT_STATUS_DISPLAYED_AND_RAN, false, |
| 660 false /* expect cert status error */); | 660 false /* expect cert status error */); |
| 661 } | 661 } |
| 662 | 662 |
| 663 // Tests that the Content Security Policy block-all-mixed-content | 663 // Tests that the Content Security Policy block-all-mixed-content |
| 664 // directive stops mixed content from running. | 664 // directive stops mixed content from running. |
| 665 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContentStrictBlocking) { | 665 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContentStrictBlocking) { |
| 666 ASSERT_TRUE(https_server_.Start()); | 666 ASSERT_TRUE(https_server_.Start()); |
| 667 SetUpMockCertVerifierForHttpsServer(0, net::OK); | 667 SetUpMockCertVerifierForHttpsServer(0, net::OK); |
| 668 | 668 |
| (...skipping 1349 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2018 SecurityStateTabHelper* helper = | 2018 SecurityStateTabHelper* helper = |
| 2019 SecurityStateTabHelper::FromWebContents(web_contents); | 2019 SecurityStateTabHelper::FromWebContents(web_contents); |
| 2020 ASSERT_TRUE(helper); | 2020 ASSERT_TRUE(helper); |
| 2021 security_state::SecurityInfo security_info; | 2021 security_state::SecurityInfo security_info; |
| 2022 helper->GetSecurityInfo(&security_info); | 2022 helper->GetSecurityInfo(&security_info); |
| 2023 EXPECT_EQ(security_state::SECURE, security_info.security_level); | 2023 EXPECT_EQ(security_state::SECURE, security_info.security_level); |
| 2024 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); | 2024 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); |
| 2025 } | 2025 } |
| 2026 | 2026 |
| 2027 } // namespace | 2027 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2616553002:
Remove obsolete SHA-1 UX elements (Closed)
