Ensure GetSecurityStyle sets correct explanations for HTTP_SHOW_WARNING

components/security_state/content/content_utils_unittest.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/security_state/content/content_utils.h"
 
 #include "base/command_line.h"
 #include "base/test/histogram_tester.h"
 #include "components/security_state/core/security_state.h"
 #include "components/security_state/core/switches.h"
@@ skipping 185 matching lines @@
         explanations.secure_explanations, "Secure Connection", &explanation));
     EXPECT_EQ(
         "The connection to this site is encrypted and authenticated using a "
         "strong protocol (TLS 1.3), a strong key exchange (X25519), and a "
         "strong cipher (AES_128_GCM).",
         explanation.description);
   }
 }
 
 // Tests that a security level of HTTP_SHOW_WARNING produces a
-// content::SecurityStyle of UNAUTHENTICATED, with an explanation.
+// content::SecurityStyle of UNAUTHENTICATED and an explanation if appropriate.

[estark, 2017/03/02 22:53:33]

"content::SecurityStyle" is out of date (sorry) -- can you please update it to
"Tests that a security level of HTTP_SHOW_WARNING produces
blink::WebSecurityStyleUnauthenticated and ..."

[elawrence, 2017/03/02 23:11:43]

Done.

 TEST(SecurityStateContentUtilsTest, HTTPWarning) {
   security_state::SecurityInfo security_info;
   content::SecurityStyleExplanations explanations;
   security_info.security_level = security_state::HTTP_SHOW_WARNING;
   blink::WebSecurityStyle security_style =
       GetSecurityStyle(security_info, &explanations);
   EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
-  EXPECT_EQ(1u, explanations.unauthenticated_explanations.size());
-}
+  // Verify no explanation was shown, because Form Not Secure was not triggered.
+  EXPECT_EQ(0u, explanations.unauthenticated_explanations.size());
 
-// Tests that a security level of NONE when there is a password or
-// credit card field on HTTP produces a content::SecurityStyle of
-// UNAUTHENTICATED, with an info explanation for each.
-TEST(SecurityStateContentUtilsTest, HTTPWarningInFuture) {
-  security_state::SecurityInfo security_info;
-  content::SecurityStyleExplanations explanations;
-  security_info.security_level = security_state::NONE;
-  security_info.displayed_password_field_on_http = true;
-  blink::WebSecurityStyle security_style =
-      GetSecurityStyle(security_info, &explanations);
-  EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
-  EXPECT_EQ(1u, explanations.info_explanations.size());
-
-  explanations.info_explanations.clear();
+  explanations.unauthenticated_explanations.clear();
   security_info.displayed_credit_card_field_on_http = true;
   security_style = GetSecurityStyle(security_info, &explanations);
   EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
-  EXPECT_EQ(1u, explanations.info_explanations.size());
+  // Verify one explanation was shown, because Form Not Secure was triggered.
+  EXPECT_EQ(1u, explanations.unauthenticated_explanations.size());
 
   // Check that when both password and credit card fields get displayed, only
   // one explanation is added.
-  explanations.info_explanations.clear();
+  explanations.unauthenticated_explanations.clear();
   security_info.displayed_credit_card_field_on_http = true;
   security_info.displayed_password_field_on_http = true;
   security_style = GetSecurityStyle(security_info, &explanations);
   EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style);
-  EXPECT_EQ(1u, explanations.info_explanations.size());
+  // Verify only one explanation was shown when Form Not Secure is triggered.
+  EXPECT_EQ(1u, explanations.unauthenticated_explanations.size());
 }
 
 }  // namespace