| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/security_state_tab_helper.h" | 5 #include "chrome/browser/ssl/security_state_tab_helper.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/strings/string_split.h" | 10 #include "base/strings/string_split.h" |
| (...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 116 | 116 |
| 117 DISALLOW_COPY_AND_ASSIGN(SecurityStyleTestObserver); | 117 DISALLOW_COPY_AND_ASSIGN(SecurityStyleTestObserver); |
| 118 }; | 118 }; |
| 119 | 119 |
| 120 // Check that |observer|'s latest event was for an expired certificate | 120 // Check that |observer|'s latest event was for an expired certificate |
| 121 // and that it saw the proper SecurityStyle and explanations. | 121 // and that it saw the proper SecurityStyle and explanations. |
| 122 void CheckBrokenSecurityStyle(const SecurityStyleTestObserver& observer, | 122 void CheckBrokenSecurityStyle(const SecurityStyleTestObserver& observer, |
| 123 int error, | 123 int error, |
| 124 Browser* browser, | 124 Browser* browser, |
| 125 net::X509Certificate* expected_cert) { | 125 net::X509Certificate* expected_cert) { |
| 126 EXPECT_EQ(blink::WebSecurityStyleAuthenticationBroken, | 126 EXPECT_EQ(blink::WebSecurityStyleInsecure, observer.latest_security_style()); |
| 127 observer.latest_security_style()); | |
| 128 | 127 |
| 129 const content::SecurityStyleExplanations& expired_explanation = | 128 const content::SecurityStyleExplanations& expired_explanation = |
| 130 observer.latest_explanations(); | 129 observer.latest_explanations(); |
| 131 EXPECT_EQ(0u, expired_explanation.unauthenticated_explanations.size()); | 130 EXPECT_EQ(0u, expired_explanation.neutral_explanations.size()); |
| 132 ASSERT_EQ(1u, expired_explanation.broken_explanations.size()); | 131 ASSERT_EQ(1u, expired_explanation.insecure_explanations.size()); |
| 133 EXPECT_FALSE(expired_explanation.pkp_bypassed); | 132 EXPECT_FALSE(expired_explanation.pkp_bypassed); |
| 134 EXPECT_TRUE(expired_explanation.info_explanations.empty()); | 133 EXPECT_TRUE(expired_explanation.info_explanations.empty()); |
| 135 | 134 |
| 136 // Check that the summary and description are as expected. | 135 // Check that the summary and description are as expected. |
| 137 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_CERTIFICATE_CHAIN_ERROR), | 136 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_CERTIFICATE_CHAIN_ERROR), |
| 138 expired_explanation.broken_explanations[0].summary); | 137 expired_explanation.insecure_explanations[0].summary); |
| 139 | 138 |
| 140 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error)); | 139 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error)); |
| 141 EXPECT_EQ(l10n_util::GetStringFUTF8( | 140 EXPECT_EQ(l10n_util::GetStringFUTF8( |
| 142 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), | 141 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), |
| 143 expired_explanation.broken_explanations[0].description); | 142 expired_explanation.insecure_explanations[0].description); |
| 144 | 143 |
| 145 // Check the associated certificate. | 144 // Check the associated certificate. |
| 146 net::X509Certificate* cert = browser->tab_strip_model() | 145 net::X509Certificate* cert = browser->tab_strip_model() |
| 147 ->GetActiveWebContents() | 146 ->GetActiveWebContents() |
| 148 ->GetController() | 147 ->GetController() |
| 149 .GetActiveEntry() | 148 .GetActiveEntry() |
| 150 ->GetSSL() | 149 ->GetSSL() |
| 151 .certificate.get(); | 150 .certificate.get(); |
| 152 EXPECT_TRUE(cert->Equals(expected_cert)); | 151 EXPECT_TRUE(cert->Equals(expected_cert)); |
| 153 EXPECT_TRUE(expired_explanation.broken_explanations[0].has_certificate); | 152 EXPECT_TRUE(expired_explanation.insecure_explanations[0].has_certificate); |
| 154 } | 153 } |
| 155 | 154 |
| 156 // Checks that the given |secure_explanations| contains an appropriate | 155 // Checks that the given |secure_explanations| contains an appropriate |
| 157 // explanation if the certificate status is valid. | 156 // explanation if the certificate status is valid. |
| 158 void CheckSecureExplanations( | 157 void CheckSecureExplanations( |
| 159 const std::vector<content::SecurityStyleExplanation>& secure_explanations, | 158 const std::vector<content::SecurityStyleExplanation>& secure_explanations, |
| 160 CertificateStatus cert_status, | 159 CertificateStatus cert_status, |
| 161 Browser* browser, | 160 Browser* browser, |
| 162 net::X509Certificate* expected_cert) { | 161 net::X509Certificate* expected_cert) { |
| 163 ASSERT_EQ(cert_status == VALID_CERTIFICATE ? 2u : 1u, | 162 ASSERT_EQ(cert_status == VALID_CERTIFICATE ? 2u : 1u, |
| (...skipping 278 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 442 SecurityStyleTestObserver observer(web_contents); | 441 SecurityStyleTestObserver observer(web_contents); |
| 443 ui_test_utils::NavigateToURL(browser(), | 442 ui_test_utils::NavigateToURL(browser(), |
| 444 https_server_.GetURL("/ssl/google.html")); | 443 https_server_.GetURL("/ssl/google.html")); |
| 445 CheckSecurityInfoForSecure( | 444 CheckSecurityInfoForSecure( |
| 446 browser()->tab_strip_model()->GetActiveWebContents(), | 445 browser()->tab_strip_model()->GetActiveWebContents(), |
| 447 security_state::DANGEROUS, true, security_state::CONTENT_STATUS_NONE, | 446 security_state::DANGEROUS, true, security_state::CONTENT_STATUS_NONE, |
| 448 false, true /* expect cert status error */); | 447 false, true /* expect cert status error */); |
| 449 | 448 |
| 450 const content::SecurityStyleExplanations& interstitial_explanation = | 449 const content::SecurityStyleExplanations& interstitial_explanation = |
| 451 observer.latest_explanations(); | 450 observer.latest_explanations(); |
| 452 ASSERT_EQ(1u, interstitial_explanation.broken_explanations.size()); | 451 ASSERT_EQ(1u, interstitial_explanation.insecure_explanations.size()); |
| 453 ASSERT_EQ(1u, interstitial_explanation.unauthenticated_explanations.size()); | 452 ASSERT_EQ(1u, interstitial_explanation.neutral_explanations.size()); |
| 454 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), | 453 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), |
| 455 interstitial_explanation.unauthenticated_explanations[0].summary); | 454 interstitial_explanation.neutral_explanations[0].summary); |
| 456 | 455 |
| 457 ProceedThroughInterstitial( | 456 ProceedThroughInterstitial( |
| 458 browser()->tab_strip_model()->GetActiveWebContents()); | 457 browser()->tab_strip_model()->GetActiveWebContents()); |
| 459 | 458 |
| 460 CheckSecurityInfoForSecure( | 459 CheckSecurityInfoForSecure( |
| 461 browser()->tab_strip_model()->GetActiveWebContents(), | 460 browser()->tab_strip_model()->GetActiveWebContents(), |
| 462 security_state::DANGEROUS, true, security_state::CONTENT_STATUS_NONE, | 461 security_state::DANGEROUS, true, security_state::CONTENT_STATUS_NONE, |
| 463 false, true /* expect cert status error */); | 462 false, true /* expect cert status error */); |
| 464 | 463 |
| 465 const content::SecurityStyleExplanations& page_explanation = | 464 const content::SecurityStyleExplanations& page_explanation = |
| 466 observer.latest_explanations(); | 465 observer.latest_explanations(); |
| 467 ASSERT_EQ(1u, page_explanation.broken_explanations.size()); | 466 ASSERT_EQ(1u, page_explanation.insecure_explanations.size()); |
| 468 ASSERT_EQ(1u, page_explanation.unauthenticated_explanations.size()); | 467 ASSERT_EQ(1u, page_explanation.neutral_explanations.size()); |
| 469 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), | 468 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), |
| 470 page_explanation.unauthenticated_explanations[0].summary); | 469 page_explanation.neutral_explanations[0].summary); |
| 471 } | 470 } |
| 472 | 471 |
| 473 // Test security state for a SHA-1 certificate that is allowed by policy. | 472 // Test security state for a SHA-1 certificate that is allowed by policy. |
| 474 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, SHA1CertificateWarning) { | 473 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, SHA1CertificateWarning) { |
| 475 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, | 474 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, |
| 476 net::OK); | 475 net::OK); |
| 477 | 476 |
| 478 content::WebContents* web_contents = | 477 content::WebContents* web_contents = |
| 479 browser()->tab_strip_model()->GetActiveWebContents(); | 478 browser()->tab_strip_model()->GetActiveWebContents(); |
| 480 SecurityStyleTestObserver observer(web_contents); | 479 SecurityStyleTestObserver observer(web_contents); |
| 481 ui_test_utils::NavigateToURL(browser(), | 480 ui_test_utils::NavigateToURL(browser(), |
| 482 https_server_.GetURL("/ssl/google.html")); | 481 https_server_.GetURL("/ssl/google.html")); |
| 483 CheckSecurityInfoForSecure( | 482 CheckSecurityInfoForSecure( |
| 484 browser()->tab_strip_model()->GetActiveWebContents(), | 483 browser()->tab_strip_model()->GetActiveWebContents(), |
| 485 security_state::NONE, true, security_state::CONTENT_STATUS_NONE, false, | 484 security_state::NONE, true, security_state::CONTENT_STATUS_NONE, false, |
| 486 false /* expect cert status error */); | 485 false /* expect cert status error */); |
| 487 | 486 |
| 488 const content::SecurityStyleExplanations& explanation = | 487 const content::SecurityStyleExplanations& explanation = |
| 489 observer.latest_explanations(); | 488 observer.latest_explanations(); |
| 490 | 489 |
| 491 ASSERT_EQ(0u, explanation.broken_explanations.size()); | 490 ASSERT_EQ(0u, explanation.insecure_explanations.size()); |
| 492 ASSERT_EQ(1u, explanation.unauthenticated_explanations.size()); | 491 ASSERT_EQ(1u, explanation.neutral_explanations.size()); |
| 493 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), | 492 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), |
| 494 explanation.unauthenticated_explanations[0].summary); | 493 explanation.neutral_explanations[0].summary); |
| 495 } | 494 } |
| 496 | 495 |
| 497 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContent) { | 496 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContent) { |
| 498 SetUpMockCertVerifierForHttpsServer(0, net::OK); | 497 SetUpMockCertVerifierForHttpsServer(0, net::OK); |
| 499 host_resolver()->AddRule("example.test", | 498 host_resolver()->AddRule("example.test", |
| 500 https_server_.GetURL("/title1.html").host()); | 499 https_server_.GetURL("/title1.html").host()); |
| 501 | 500 |
| 502 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); | 501 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); |
| 503 replacement_pair.set_host("example.test"); | 502 replacement_pair.set_host("example.test"); |
| 504 | 503 |
| (...skipping 297 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 802 SecurityStateTabHelper::FromWebContents(contents); | 801 SecurityStateTabHelper::FromWebContents(contents); |
| 803 ASSERT_TRUE(helper); | 802 ASSERT_TRUE(helper); |
| 804 | 803 |
| 805 ui_test_utils::NavigateToURL(browser(), GURL("data:text/html,<html></html>")); | 804 ui_test_utils::NavigateToURL(browser(), GURL("data:text/html,<html></html>")); |
| 806 security_state::SecurityInfo security_info; | 805 security_state::SecurityInfo security_info; |
| 807 helper->GetSecurityInfo(&security_info); | 806 helper->GetSecurityInfo(&security_info); |
| 808 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level); | 807 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level); |
| 809 | 808 |
| 810 // Ensure that WebContentsObservers don't show an incorrect Form Not Secure | 809 // Ensure that WebContentsObservers don't show an incorrect Form Not Secure |
| 811 // explanation. Regression test for https://crbug.com/691412. | 810 // explanation. Regression test for https://crbug.com/691412. |
| 812 EXPECT_EQ(0u, | 811 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
| 813 observer.latest_explanations().unauthenticated_explanations.size()); | 812 EXPECT_EQ(blink::WebSecurityStyleNeutral, observer.latest_security_style()); |
| 814 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, | |
| 815 observer.latest_security_style()); | |
| 816 | 813 |
| 817 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); | 814 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); |
| 818 ASSERT_TRUE(entry); | 815 ASSERT_TRUE(entry); |
| 819 EXPECT_EQ(content::SSLStatus::NORMAL_CONTENT, entry->GetSSL().content_status); | 816 EXPECT_EQ(content::SSLStatus::NORMAL_CONTENT, entry->GetSSL().content_status); |
| 820 } | 817 } |
| 821 | 818 |
| 822 const char kReportURI[] = "https://report-hpkp.test"; | 819 const char kReportURI[] = "https://report-hpkp.test"; |
| 823 | 820 |
| 824 class PKPModelClientTest : public SecurityStateTabHelperTest { | 821 class PKPModelClientTest : public SecurityStateTabHelperTest { |
| 825 public: | 822 public: |
| (...skipping 680 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1506 base::FilePath(kDocRoot)); | 1503 base::FilePath(kDocRoot)); |
| 1507 ASSERT_TRUE(https_test_server_expired.Start()); | 1504 ASSERT_TRUE(https_test_server_expired.Start()); |
| 1508 | 1505 |
| 1509 content::WebContents* web_contents = | 1506 content::WebContents* web_contents = |
| 1510 browser()->tab_strip_model()->GetActiveWebContents(); | 1507 browser()->tab_strip_model()->GetActiveWebContents(); |
| 1511 SecurityStyleTestObserver observer(web_contents); | 1508 SecurityStyleTestObserver observer(web_contents); |
| 1512 | 1509 |
| 1513 // Visit an HTTP url. | 1510 // Visit an HTTP url. |
| 1514 GURL http_url(embedded_test_server()->GetURL("/title1.html")); | 1511 GURL http_url(embedded_test_server()->GetURL("/title1.html")); |
| 1515 ui_test_utils::NavigateToURL(browser(), http_url); | 1512 ui_test_utils::NavigateToURL(browser(), http_url); |
| 1516 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, | 1513 EXPECT_EQ(blink::WebSecurityStyleNeutral, observer.latest_security_style()); |
| 1517 observer.latest_security_style()); | 1514 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
| 1518 EXPECT_EQ(0u, | 1515 EXPECT_EQ(0u, observer.latest_explanations().insecure_explanations.size()); |
| 1519 observer.latest_explanations().unauthenticated_explanations.size()); | |
| 1520 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | |
| 1521 EXPECT_EQ(0u, observer.latest_explanations().secure_explanations.size()); | 1516 EXPECT_EQ(0u, observer.latest_explanations().secure_explanations.size()); |
| 1522 EXPECT_FALSE(observer.latest_explanations().scheme_is_cryptographic); | 1517 EXPECT_FALSE(observer.latest_explanations().scheme_is_cryptographic); |
| 1523 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1518 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 1524 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1519 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 1525 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1520 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
| 1526 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1521 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
| 1527 EXPECT_TRUE(observer.latest_explanations().summary.empty()); | 1522 EXPECT_TRUE(observer.latest_explanations().summary.empty()); |
| 1528 | 1523 |
| 1529 // Visit an (otherwise valid) HTTPS page that displays mixed content. | 1524 // Visit an (otherwise valid) HTTPS page that displays mixed content. |
| 1530 std::string replacement_path; | 1525 std::string replacement_path; |
| 1531 GetFilePathWithHostAndPortReplacement( | 1526 GetFilePathWithHostAndPortReplacement( |
| 1532 "/ssl/page_displays_insecure_content.html", | 1527 "/ssl/page_displays_insecure_content.html", |
| 1533 embedded_test_server()->host_port_pair(), &replacement_path); | 1528 embedded_test_server()->host_port_pair(), &replacement_path); |
| 1534 | 1529 |
| 1535 GURL mixed_content_url(https_server_.GetURL(replacement_path)); | 1530 GURL mixed_content_url(https_server_.GetURL(replacement_path)); |
| 1536 ui_test_utils::NavigateToURL(browser(), mixed_content_url); | 1531 ui_test_utils::NavigateToURL(browser(), mixed_content_url); |
| 1537 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, | 1532 EXPECT_EQ(blink::WebSecurityStyleNeutral, observer.latest_security_style()); |
| 1538 observer.latest_security_style()); | |
| 1539 | 1533 |
| 1540 const content::SecurityStyleExplanations& mixed_content_explanation = | 1534 const content::SecurityStyleExplanations& mixed_content_explanation = |
| 1541 observer.latest_explanations(); | 1535 observer.latest_explanations(); |
| 1542 ASSERT_EQ(0u, mixed_content_explanation.unauthenticated_explanations.size()); | 1536 ASSERT_EQ(0u, mixed_content_explanation.neutral_explanations.size()); |
| 1543 ASSERT_EQ(0u, mixed_content_explanation.broken_explanations.size()); | 1537 ASSERT_EQ(0u, mixed_content_explanation.insecure_explanations.size()); |
| 1544 CheckSecureExplanations(mixed_content_explanation.secure_explanations, | 1538 CheckSecureExplanations(mixed_content_explanation.secure_explanations, |
| 1545 VALID_CERTIFICATE, browser(), | 1539 VALID_CERTIFICATE, browser(), |
| 1546 https_server_.GetCertificate().get()); | 1540 https_server_.GetCertificate().get()); |
| 1547 EXPECT_TRUE(mixed_content_explanation.scheme_is_cryptographic); | 1541 EXPECT_TRUE(mixed_content_explanation.scheme_is_cryptographic); |
| 1548 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1542 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 1549 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1543 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 1550 EXPECT_TRUE(observer.latest_explanations().summary.empty()); | 1544 EXPECT_TRUE(observer.latest_explanations().summary.empty()); |
| 1551 EXPECT_TRUE(mixed_content_explanation.displayed_mixed_content); | 1545 EXPECT_TRUE(mixed_content_explanation.displayed_mixed_content); |
| 1552 EXPECT_FALSE(mixed_content_explanation.ran_mixed_content); | 1546 EXPECT_FALSE(mixed_content_explanation.ran_mixed_content); |
| 1553 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, | 1547 EXPECT_EQ(blink::WebSecurityStyleNeutral, |
| 1554 mixed_content_explanation.displayed_insecure_content_style); | 1548 mixed_content_explanation.displayed_insecure_content_style); |
| 1555 EXPECT_EQ(blink::WebSecurityStyleAuthenticationBroken, | 1549 EXPECT_EQ(blink::WebSecurityStyleInsecure, |
| 1556 mixed_content_explanation.ran_insecure_content_style); | 1550 mixed_content_explanation.ran_insecure_content_style); |
| 1557 | 1551 |
| 1558 // Visit a broken HTTPS url. | 1552 // Visit a broken HTTPS url. |
| 1559 GURL expired_url(https_test_server_expired.GetURL("/title1.html")); | 1553 GURL expired_url(https_test_server_expired.GetURL("/title1.html")); |
| 1560 ui_test_utils::NavigateToURL(browser(), expired_url); | 1554 ui_test_utils::NavigateToURL(browser(), expired_url); |
| 1561 | 1555 |
| 1562 // An interstitial should show, and an event for the lock icon on the | 1556 // An interstitial should show, and an event for the lock icon on the |
| 1563 // interstitial should fire. | 1557 // interstitial should fire. |
| 1564 content::WaitForInterstitialAttach(web_contents); | 1558 content::WaitForInterstitialAttach(web_contents); |
| 1565 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); | 1559 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); |
| 1566 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser(), | 1560 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser(), |
| 1567 https_test_server_expired.GetCertificate().get()); | 1561 https_test_server_expired.GetCertificate().get()); |
| 1568 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 1562 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 1569 INVALID_CERTIFICATE, browser(), | 1563 INVALID_CERTIFICATE, browser(), |
| 1570 https_test_server_expired.GetCertificate().get()); | 1564 https_test_server_expired.GetCertificate().get()); |
| 1571 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 1565 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 1572 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1566 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 1573 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1567 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 1574 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1568 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
| 1575 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1569 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
| 1576 EXPECT_TRUE(observer.latest_explanations().summary.empty()); | 1570 EXPECT_TRUE(observer.latest_explanations().summary.empty()); |
| 1577 | 1571 |
| 1578 // Before clicking through, navigate to a different page, and then go | 1572 // Before clicking through, navigate to a different page, and then go |
| 1579 // back to the interstitial. | 1573 // back to the interstitial. |
| 1580 GURL valid_https_url(https_server_.GetURL("/title1.html")); | 1574 GURL valid_https_url(https_server_.GetURL("/title1.html")); |
| 1581 ui_test_utils::NavigateToURL(browser(), valid_https_url); | 1575 ui_test_utils::NavigateToURL(browser(), valid_https_url); |
| 1582 EXPECT_EQ(blink::WebSecurityStyleAuthenticated, | 1576 EXPECT_EQ(blink::WebSecurityStyleSecure, observer.latest_security_style()); |
| 1583 observer.latest_security_style()); | 1577 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
| 1584 EXPECT_EQ(0u, | 1578 EXPECT_EQ(0u, observer.latest_explanations().insecure_explanations.size()); |
| 1585 observer.latest_explanations().unauthenticated_explanations.size()); | |
| 1586 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | |
| 1587 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 1579 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 1588 VALID_CERTIFICATE, browser(), | 1580 VALID_CERTIFICATE, browser(), |
| 1589 https_server_.GetCertificate().get()); | 1581 https_server_.GetCertificate().get()); |
| 1590 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 1582 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 1591 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1583 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 1592 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1584 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 1593 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1585 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
| 1594 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1586 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
| 1595 EXPECT_TRUE(observer.latest_explanations().summary.empty()); | 1587 EXPECT_TRUE(observer.latest_explanations().summary.empty()); |
| 1596 | 1588 |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1654 base::FilePath(kDocRoot)); | 1646 base::FilePath(kDocRoot)); |
| 1655 ASSERT_TRUE(https_test_server_expired.Start()); | 1647 ASSERT_TRUE(https_test_server_expired.Start()); |
| 1656 | 1648 |
| 1657 content::WebContents* web_contents = | 1649 content::WebContents* web_contents = |
| 1658 browser()->tab_strip_model()->GetActiveWebContents(); | 1650 browser()->tab_strip_model()->GetActiveWebContents(); |
| 1659 SecurityStyleTestObserver observer(web_contents); | 1651 SecurityStyleTestObserver observer(web_contents); |
| 1660 | 1652 |
| 1661 // Visit a valid HTTPS url. | 1653 // Visit a valid HTTPS url. |
| 1662 GURL valid_https_url(https_server_.GetURL("/title1.html")); | 1654 GURL valid_https_url(https_server_.GetURL("/title1.html")); |
| 1663 ui_test_utils::NavigateToURL(browser(), valid_https_url); | 1655 ui_test_utils::NavigateToURL(browser(), valid_https_url); |
| 1664 EXPECT_EQ(blink::WebSecurityStyleAuthenticated, | 1656 EXPECT_EQ(blink::WebSecurityStyleSecure, observer.latest_security_style()); |
| 1665 observer.latest_security_style()); | 1657 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
| 1666 EXPECT_EQ(0u, | 1658 EXPECT_EQ(0u, observer.latest_explanations().insecure_explanations.size()); |
| 1667 observer.latest_explanations().unauthenticated_explanations.size()); | |
| 1668 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | |
| 1669 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 1659 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 1670 VALID_CERTIFICATE, browser(), | 1660 VALID_CERTIFICATE, browser(), |
| 1671 https_server_.GetCertificate().get()); | 1661 https_server_.GetCertificate().get()); |
| 1672 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 1662 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 1673 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1663 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 1674 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1664 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 1675 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1665 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
| 1676 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1666 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
| 1677 | 1667 |
| 1678 // Navigate to a bad HTTPS page on a different host, and then click | 1668 // Navigate to a bad HTTPS page on a different host, and then click |
| (...skipping 25 matching lines...) Expand all Loading... |
| 1704 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1694 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
| 1705 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1695 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
| 1706 | 1696 |
| 1707 content::WindowedNotificationObserver back_nav_load_observer( | 1697 content::WindowedNotificationObserver back_nav_load_observer( |
| 1708 content::NOTIFICATION_LOAD_STOP, | 1698 content::NOTIFICATION_LOAD_STOP, |
| 1709 content::Source<content::NavigationController>( | 1699 content::Source<content::NavigationController>( |
| 1710 &web_contents->GetController())); | 1700 &web_contents->GetController())); |
| 1711 chrome::GoBack(browser(), WindowOpenDisposition::CURRENT_TAB); | 1701 chrome::GoBack(browser(), WindowOpenDisposition::CURRENT_TAB); |
| 1712 back_nav_load_observer.Wait(); | 1702 back_nav_load_observer.Wait(); |
| 1713 | 1703 |
| 1714 EXPECT_EQ(blink::WebSecurityStyleAuthenticated, | 1704 EXPECT_EQ(blink::WebSecurityStyleSecure, observer.latest_security_style()); |
| 1715 observer.latest_security_style()); | 1705 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
| 1716 EXPECT_EQ(0u, | 1706 EXPECT_EQ(0u, observer.latest_explanations().insecure_explanations.size()); |
| 1717 observer.latest_explanations().unauthenticated_explanations.size()); | |
| 1718 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | |
| 1719 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 1707 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
| 1720 VALID_CERTIFICATE, browser(), | 1708 VALID_CERTIFICATE, browser(), |
| 1721 https_server_.GetCertificate().get()); | 1709 https_server_.GetCertificate().get()); |
| 1722 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 1710 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
| 1723 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1711 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
| 1724 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1712 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
| 1725 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1713 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
| 1726 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1714 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
| 1727 } | 1715 } |
| 1728 | 1716 |
| (...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1845 IN_PROC_BROWSER_TEST_F(BrowserTestNonsecureURLRequest, | 1833 IN_PROC_BROWSER_TEST_F(BrowserTestNonsecureURLRequest, |
| 1846 DidChangeVisibleSecurityStateObserverNonsecureConnection)
{ | 1834 DidChangeVisibleSecurityStateObserverNonsecureConnection)
{ |
| 1847 content::WebContents* web_contents = | 1835 content::WebContents* web_contents = |
| 1848 browser()->tab_strip_model()->GetActiveWebContents(); | 1836 browser()->tab_strip_model()->GetActiveWebContents(); |
| 1849 SecurityStyleTestObserver observer(web_contents); | 1837 SecurityStyleTestObserver observer(web_contents); |
| 1850 | 1838 |
| 1851 ui_test_utils::NavigateToURL( | 1839 ui_test_utils::NavigateToURL( |
| 1852 browser(), GURL(std::string("https://") + kMockNonsecureHostname)); | 1840 browser(), GURL(std::string("https://") + kMockNonsecureHostname)); |
| 1853 | 1841 |
| 1854 // The security style of the page doesn't get downgraded for obsolete | 1842 // The security style of the page doesn't get downgraded for obsolete |
| 1855 // TLS settings, so it should remain at WebSecurityStyleAuthenticated. | 1843 // TLS settings, so it should remain at WebSecurityStyleSecure. |
| 1856 EXPECT_EQ(blink::WebSecurityStyleAuthenticated, | 1844 EXPECT_EQ(blink::WebSecurityStyleSecure, observer.latest_security_style()); |
| 1857 observer.latest_security_style()); | |
| 1858 | 1845 |
| 1859 // The messages explaining the security style do, however, get | 1846 // The messages explaining the security style do, however, get |
| 1860 // downgraded: SECURE_PROTOCOL_AND_CIPHERSUITE should not show up when | 1847 // downgraded: SECURE_PROTOCOL_AND_CIPHERSUITE should not show up when |
| 1861 // the TLS settings are obsolete. | 1848 // the TLS settings are obsolete. |
| 1862 for (const auto& explanation : | 1849 for (const auto& explanation : |
| 1863 observer.latest_explanations().secure_explanations) { | 1850 observer.latest_explanations().secure_explanations) { |
| 1864 EXPECT_NE(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), | 1851 EXPECT_NE(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), |
| 1865 explanation.summary); | 1852 explanation.summary); |
| 1866 } | 1853 } |
| 1867 | 1854 |
| (...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2018 SecurityStateTabHelper* helper = | 2005 SecurityStateTabHelper* helper = |
| 2019 SecurityStateTabHelper::FromWebContents(web_contents); | 2006 SecurityStateTabHelper::FromWebContents(web_contents); |
| 2020 ASSERT_TRUE(helper); | 2007 ASSERT_TRUE(helper); |
| 2021 security_state::SecurityInfo security_info; | 2008 security_state::SecurityInfo security_info; |
| 2022 helper->GetSecurityInfo(&security_info); | 2009 helper->GetSecurityInfo(&security_info); |
| 2023 EXPECT_EQ(security_state::SECURE, security_info.security_level); | 2010 EXPECT_EQ(security_state::SECURE, security_info.security_level); |
| 2024 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); | 2011 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); |
| 2025 } | 2012 } |
| 2026 | 2013 |
| 2027 } // namespace | 2014 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2770703002:
Rename SecurityStyleExplanations and WebSecurityStyle fields (Closed)
