Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(45)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/security_state_tab_helper_browser_tests.cc

Issue 2635423002: Enable HTTP-bad Phase 1 by default except iOS (Closed)
Patch Set: fixes Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | components/security_state/core/security_state.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/security_state_tab_helper.h" 5 #include "chrome/browser/ssl/security_state_tab_helper.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "base/macros.h" 9 #include "base/macros.h"
10 #include "base/strings/string_split.h" 10 #include "base/strings/string_split.h"
(...skipping 1035 matching lines...) Expand 10 before | Expand all | Expand 10 after
1046 security_state::SecurityInfo security_info; 1046 security_state::SecurityInfo security_info;
1047 helper->GetSecurityInfo(&security_info); 1047 helper->GetSecurityInfo(&security_info);
1048 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level); 1048 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level);
1049 1049
1050 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); 1050 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1051 ASSERT_TRUE(entry); 1051 ASSERT_TRUE(entry);
1052 EXPECT_TRUE(entry->GetSSL().content_status & 1052 EXPECT_TRUE(entry->GetSSL().content_status &
1053 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 1053 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1054 } 1054 }
1055 1055
1056 // Tests that when a visible password field is detected on an HTTP page
1057 // load, and when the command-line flag is *not* set, the security level is
1058 // *not* downgraded to HTTP_SHOW_WARNING.
1059 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest,
1060 PasswordSecurityLevelNotDowngradedWithoutSwitch) {
1061 ASSERT_TRUE(embedded_test_server()->Start());
1062 host_resolver()->AddRule("*", embedded_test_server()->GetURL("/").host());
1063
1064 content::WebContents* contents =
1065 browser()->tab_strip_model()->GetActiveWebContents();
1066 ASSERT_TRUE(contents);
1067
1068 SecurityStateTabHelper* helper =
1069 SecurityStateTabHelper::FromWebContents(contents);
1070 ASSERT_TRUE(helper);
1071
1072 ui_test_utils::NavigateToURL(
1073 browser(), GetURLWithNonLocalHostname(embedded_test_server(),
1074 "/password/simple_password.html"));
1075 InjectScript(contents);
1076 // The security level should not be HTTP_SHOW_WARNING, because the
1077 // command-line switch was not set.
1078 security_state::SecurityInfo security_info;
1079 helper->GetSecurityInfo(&security_info);
1080 EXPECT_EQ(security_state::NONE, security_info.security_level);
1081
1082 // The appropriate SSLStatus flags should be set, however.
1083 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry();
1084 ASSERT_TRUE(entry);
1085 EXPECT_TRUE(entry->GetSSL().content_status &
1086 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
1087 }
1088
1089 // Tests that when a visible password field is detected on an HTTPS page 1056 // Tests that when a visible password field is detected on an HTTPS page
1090 // load, and when the command-line flag is set, the security level is 1057 // load, and when the command-line flag is set, the security level is
1091 // *not* downgraded to HTTP_SHOW_WARNING. 1058 // *not* downgraded to HTTP_SHOW_WARNING.
1092 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch, 1059 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTestWithPasswordCcSwitch,
1093 PasswordSecurityLevelNotDowngradedOnHttps) { 1060 PasswordSecurityLevelNotDowngradedOnHttps) {
1094 content::WebContents* contents = 1061 content::WebContents* contents =
1095 browser()->tab_strip_model()->GetActiveWebContents(); 1062 browser()->tab_strip_model()->GetActiveWebContents();
1096 ASSERT_TRUE(contents); 1063 ASSERT_TRUE(contents);
1097 1064
1098 SecurityStateTabHelper* helper = 1065 SecurityStateTabHelper* helper =
(...skipping 955 matching lines...) Expand 10 before | Expand all | Expand 10 after
2054 SecurityStateTabHelper* helper = 2021 SecurityStateTabHelper* helper =
2055 SecurityStateTabHelper::FromWebContents(web_contents); 2022 SecurityStateTabHelper::FromWebContents(web_contents);
2056 ASSERT_TRUE(helper); 2023 ASSERT_TRUE(helper);
2057 security_state::SecurityInfo security_info; 2024 security_state::SecurityInfo security_info;
2058 helper->GetSecurityInfo(&security_info); 2025 helper->GetSecurityInfo(&security_info);
2059 EXPECT_EQ(security_state::SECURE, security_info.security_level); 2026 EXPECT_EQ(security_state::SECURE, security_info.security_level);
2060 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); 2027 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses);
2061 } 2028 }
2062 2029
2063 } // namespace 2030 } // namespace
OLDNEW
« no previous file with comments | « no previous file | components/security_state/core/security_state.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698