OLD | NEW |
---|---|
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/security_state/content/content_utils.h" | 5 #include "components/security_state/content/content_utils.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/test/histogram_tester.h" | 8 #include "base/test/histogram_tester.h" |
9 #include "components/security_state/core/security_state.h" | 9 #include "components/security_state/core/security_state.h" |
10 #include "components/security_state/core/switches.h" | 10 #include "components/security_state/core/switches.h" |
(...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
196 explanations.secure_explanations, "Secure Connection", &explanation)); | 196 explanations.secure_explanations, "Secure Connection", &explanation)); |
197 EXPECT_EQ( | 197 EXPECT_EQ( |
198 "The connection to this site is encrypted and authenticated using a " | 198 "The connection to this site is encrypted and authenticated using a " |
199 "strong protocol (TLS 1.3), a strong key exchange (X25519), and a " | 199 "strong protocol (TLS 1.3), a strong key exchange (X25519), and a " |
200 "strong cipher (AES_128_GCM).", | 200 "strong cipher (AES_128_GCM).", |
201 explanation.description); | 201 explanation.description); |
202 } | 202 } |
203 } | 203 } |
204 | 204 |
205 // Tests that a security level of HTTP_SHOW_WARNING produces a | 205 // Tests that a security level of HTTP_SHOW_WARNING produces a |
206 // content::SecurityStyle of UNAUTHENTICATED, with an explanation. | 206 // content::SecurityStyle of UNAUTHENTICATED and an explanation if appropriate. |
estark
2017/03/02 22:53:33
"content::SecurityStyle" is out of date (sorry) --
elawrence
2017/03/02 23:11:43
Done.
| |
207 TEST(SecurityStateContentUtilsTest, HTTPWarning) { | 207 TEST(SecurityStateContentUtilsTest, HTTPWarning) { |
208 security_state::SecurityInfo security_info; | 208 security_state::SecurityInfo security_info; |
209 content::SecurityStyleExplanations explanations; | 209 content::SecurityStyleExplanations explanations; |
210 security_info.security_level = security_state::HTTP_SHOW_WARNING; | 210 security_info.security_level = security_state::HTTP_SHOW_WARNING; |
211 blink::WebSecurityStyle security_style = | 211 blink::WebSecurityStyle security_style = |
212 GetSecurityStyle(security_info, &explanations); | 212 GetSecurityStyle(security_info, &explanations); |
213 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); | 213 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); |
214 EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); | 214 // Verify no explanation was shown, because Form Not Secure was not triggered. |
215 } | 215 EXPECT_EQ(0u, explanations.unauthenticated_explanations.size()); |
216 | 216 |
217 // Tests that a security level of NONE when there is a password or | 217 explanations.unauthenticated_explanations.clear(); |
218 // credit card field on HTTP produces a content::SecurityStyle of | |
219 // UNAUTHENTICATED, with an info explanation for each. | |
220 TEST(SecurityStateContentUtilsTest, HTTPWarningInFuture) { | |
221 security_state::SecurityInfo security_info; | |
222 content::SecurityStyleExplanations explanations; | |
223 security_info.security_level = security_state::NONE; | |
224 security_info.displayed_password_field_on_http = true; | |
225 blink::WebSecurityStyle security_style = | |
226 GetSecurityStyle(security_info, &explanations); | |
227 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); | |
228 EXPECT_EQ(1u, explanations.info_explanations.size()); | |
229 | |
230 explanations.info_explanations.clear(); | |
231 security_info.displayed_credit_card_field_on_http = true; | 218 security_info.displayed_credit_card_field_on_http = true; |
232 security_style = GetSecurityStyle(security_info, &explanations); | 219 security_style = GetSecurityStyle(security_info, &explanations); |
233 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); | 220 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); |
234 EXPECT_EQ(1u, explanations.info_explanations.size()); | 221 // Verify one explanation was shown, because Form Not Secure was triggered. |
222 EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); | |
235 | 223 |
236 // Check that when both password and credit card fields get displayed, only | 224 // Check that when both password and credit card fields get displayed, only |
237 // one explanation is added. | 225 // one explanation is added. |
238 explanations.info_explanations.clear(); | 226 explanations.unauthenticated_explanations.clear(); |
239 security_info.displayed_credit_card_field_on_http = true; | 227 security_info.displayed_credit_card_field_on_http = true; |
240 security_info.displayed_password_field_on_http = true; | 228 security_info.displayed_password_field_on_http = true; |
241 security_style = GetSecurityStyle(security_info, &explanations); | 229 security_style = GetSecurityStyle(security_info, &explanations); |
242 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); | 230 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); |
243 EXPECT_EQ(1u, explanations.info_explanations.size()); | 231 // Verify only one explanation was shown when Form Not Secure is triggered. |
232 EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); | |
244 } | 233 } |
245 | 234 |
246 } // namespace | 235 } // namespace |
OLD | NEW |