OLD | NEW |
---|---|
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/security_state/content/content_utils.h" | 5 #include "components/security_state/content/content_utils.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/test/histogram_tester.h" | 8 #include "base/test/histogram_tester.h" |
9 #include "components/security_state/core/security_state.h" | 9 #include "components/security_state/core/security_state.h" |
10 #include "components/security_state/core/switches.h" | 10 #include "components/security_state/core/switches.h" |
11 #include "content/public/browser/security_style_explanation.h" | 11 #include "content/public/browser/security_style_explanation.h" |
12 #include "content/public/browser/security_style_explanations.h" | 12 #include "content/public/browser/security_style_explanations.h" |
13 #include "net/cert/cert_status_flags.h" | 13 #include "net/cert/cert_status_flags.h" |
14 #include "net/ssl/ssl_cipher_suite_names.h" | 14 #include "net/ssl/ssl_cipher_suite_names.h" |
15 #include "net/ssl/ssl_connection_status_flags.h" | 15 #include "net/ssl/ssl_connection_status_flags.h" |
16 #include "net/test/cert_test_util.h" | |
17 #include "net/test/test_data_directory.h" | |
16 #include "testing/gtest/include/gtest/gtest.h" | 18 #include "testing/gtest/include/gtest/gtest.h" |
17 | 19 |
18 namespace { | 20 namespace { |
19 | 21 |
20 using security_state::GetSecurityStyle; | 22 using security_state::GetSecurityStyle; |
21 | 23 |
22 // Tests that SecurityInfo flags for subresources with certificate | 24 // Tests that SecurityInfo flags for subresources with certificate |
23 // errors are reflected in the SecurityStyleExplanations produced by | 25 // errors are reflected in the SecurityStyleExplanations produced by |
24 // GetSecurityStyle. | 26 // GetSecurityStyle. |
25 TEST(SecurityStateContentUtilsTest, GetSecurityStyleForContentWithCertErrors) { | 27 TEST(SecurityStateContentUtilsTest, GetSecurityStyleForContentWithCertErrors) { |
(...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
225 // one explanation is added. | 227 // one explanation is added. |
226 explanations.unauthenticated_explanations.clear(); | 228 explanations.unauthenticated_explanations.clear(); |
227 security_info.displayed_credit_card_field_on_http = true; | 229 security_info.displayed_credit_card_field_on_http = true; |
228 security_info.displayed_password_field_on_http = true; | 230 security_info.displayed_password_field_on_http = true; |
229 security_style = GetSecurityStyle(security_info, &explanations); | 231 security_style = GetSecurityStyle(security_info, &explanations); |
230 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); | 232 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); |
231 // Verify only one explanation was shown when Form Not Secure is triggered. | 233 // Verify only one explanation was shown when Form Not Secure is triggered. |
232 EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); | 234 EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); |
233 } | 235 } |
234 | 236 |
237 // Test that an explanation is provided if a certificate is missing a | |
estark
2017/03/21 23:33:03
nit: Tests
| |
238 // subjectAltName extension containing a domain name or IP address. | |
239 TEST(SecurityStateContentUtilsTest, SubjectAltNameWarning) { | |
240 security_state::SecurityInfo security_info; | |
241 security_info.certificate = net::ImportCertFromFile( | |
242 net::GetTestCertsDirectory(), "salesforce_com_test.pem"); | |
243 ASSERT_TRUE(security_info.certificate); | |
244 | |
245 content::SecurityStyleExplanations explanations; | |
246 security_info.cert_missing_subject_alt_name = true; | |
247 GetSecurityStyle(security_info, &explanations); | |
248 // Verify that an explanation was shown for a missing subjectAltName. | |
249 EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); | |
250 | |
251 explanations.unauthenticated_explanations.clear(); | |
252 security_info.cert_missing_subject_alt_name = false; | |
253 GetSecurityStyle(security_info, &explanations); | |
254 // Verify that no explanation is shown if the subjectAltName is present. | |
255 EXPECT_EQ(0u, explanations.unauthenticated_explanations.size()); | |
256 } | |
257 | |
235 } // namespace | 258 } // namespace |
OLD | NEW |