OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/security_state_tab_helper.h" | 5 #include "chrome/browser/ssl/security_state_tab_helper.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "base/macros.h" | 9 #include "base/macros.h" |
10 #include "base/strings/string_split.h" | 10 #include "base/strings/string_split.h" |
(...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
116 | 116 |
117 DISALLOW_COPY_AND_ASSIGN(SecurityStyleTestObserver); | 117 DISALLOW_COPY_AND_ASSIGN(SecurityStyleTestObserver); |
118 }; | 118 }; |
119 | 119 |
120 // Check that |observer|'s latest event was for an expired certificate | 120 // Check that |observer|'s latest event was for an expired certificate |
121 // and that it saw the proper SecurityStyle and explanations. | 121 // and that it saw the proper SecurityStyle and explanations. |
122 void CheckBrokenSecurityStyle(const SecurityStyleTestObserver& observer, | 122 void CheckBrokenSecurityStyle(const SecurityStyleTestObserver& observer, |
123 int error, | 123 int error, |
124 Browser* browser, | 124 Browser* browser, |
125 net::X509Certificate* expected_cert) { | 125 net::X509Certificate* expected_cert) { |
126 EXPECT_EQ(blink::WebSecurityStyleAuthenticationBroken, | 126 EXPECT_EQ(blink::WebSecurityStyleInsecure, observer.latest_security_style()); |
127 observer.latest_security_style()); | |
128 | 127 |
129 const content::SecurityStyleExplanations& expired_explanation = | 128 const content::SecurityStyleExplanations& expired_explanation = |
130 observer.latest_explanations(); | 129 observer.latest_explanations(); |
131 EXPECT_EQ(0u, expired_explanation.unauthenticated_explanations.size()); | 130 EXPECT_EQ(0u, expired_explanation.neutral_explanations.size()); |
132 ASSERT_EQ(1u, expired_explanation.broken_explanations.size()); | 131 ASSERT_EQ(1u, expired_explanation.insecure_explanations.size()); |
133 EXPECT_FALSE(expired_explanation.pkp_bypassed); | 132 EXPECT_FALSE(expired_explanation.pkp_bypassed); |
134 EXPECT_TRUE(expired_explanation.info_explanations.empty()); | 133 EXPECT_TRUE(expired_explanation.info_explanations.empty()); |
135 | 134 |
136 // Check that the summary and description are as expected. | 135 // Check that the summary and description are as expected. |
137 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_CERTIFICATE_CHAIN_ERROR), | 136 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_CERTIFICATE_CHAIN_ERROR), |
138 expired_explanation.broken_explanations[0].summary); | 137 expired_explanation.insecure_explanations[0].summary); |
139 | 138 |
140 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error)); | 139 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString(error)); |
141 EXPECT_EQ(l10n_util::GetStringFUTF8( | 140 EXPECT_EQ(l10n_util::GetStringFUTF8( |
142 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), | 141 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), |
143 expired_explanation.broken_explanations[0].description); | 142 expired_explanation.insecure_explanations[0].description); |
144 | 143 |
145 // Check the associated certificate. | 144 // Check the associated certificate. |
146 net::X509Certificate* cert = browser->tab_strip_model() | 145 net::X509Certificate* cert = browser->tab_strip_model() |
147 ->GetActiveWebContents() | 146 ->GetActiveWebContents() |
148 ->GetController() | 147 ->GetController() |
149 .GetActiveEntry() | 148 .GetActiveEntry() |
150 ->GetSSL() | 149 ->GetSSL() |
151 .certificate.get(); | 150 .certificate.get(); |
152 EXPECT_TRUE(cert->Equals(expected_cert)); | 151 EXPECT_TRUE(cert->Equals(expected_cert)); |
153 EXPECT_TRUE(expired_explanation.broken_explanations[0].has_certificate); | 152 EXPECT_TRUE(expired_explanation.insecure_explanations[0].has_certificate); |
154 } | 153 } |
155 | 154 |
156 // Checks that the given |secure_explanations| contains an appropriate | 155 // Checks that the given |secure_explanations| contains an appropriate |
157 // explanation if the certificate status is valid. | 156 // explanation if the certificate status is valid. |
158 void CheckSecureExplanations( | 157 void CheckSecureExplanations( |
159 const std::vector<content::SecurityStyleExplanation>& secure_explanations, | 158 const std::vector<content::SecurityStyleExplanation>& secure_explanations, |
160 CertificateStatus cert_status, | 159 CertificateStatus cert_status, |
161 Browser* browser, | 160 Browser* browser, |
162 net::X509Certificate* expected_cert) { | 161 net::X509Certificate* expected_cert) { |
163 ASSERT_EQ(cert_status == VALID_CERTIFICATE ? 2u : 1u, | 162 ASSERT_EQ(cert_status == VALID_CERTIFICATE ? 2u : 1u, |
(...skipping 278 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
442 SecurityStyleTestObserver observer(web_contents); | 441 SecurityStyleTestObserver observer(web_contents); |
443 ui_test_utils::NavigateToURL(browser(), | 442 ui_test_utils::NavigateToURL(browser(), |
444 https_server_.GetURL("/ssl/google.html")); | 443 https_server_.GetURL("/ssl/google.html")); |
445 CheckSecurityInfoForSecure( | 444 CheckSecurityInfoForSecure( |
446 browser()->tab_strip_model()->GetActiveWebContents(), | 445 browser()->tab_strip_model()->GetActiveWebContents(), |
447 security_state::DANGEROUS, true, security_state::CONTENT_STATUS_NONE, | 446 security_state::DANGEROUS, true, security_state::CONTENT_STATUS_NONE, |
448 false, true /* expect cert status error */); | 447 false, true /* expect cert status error */); |
449 | 448 |
450 const content::SecurityStyleExplanations& interstitial_explanation = | 449 const content::SecurityStyleExplanations& interstitial_explanation = |
451 observer.latest_explanations(); | 450 observer.latest_explanations(); |
452 ASSERT_EQ(1u, interstitial_explanation.broken_explanations.size()); | 451 ASSERT_EQ(1u, interstitial_explanation.insecure_explanations.size()); |
453 ASSERT_EQ(1u, interstitial_explanation.unauthenticated_explanations.size()); | 452 ASSERT_EQ(1u, interstitial_explanation.neutral_explanations.size()); |
454 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), | 453 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), |
455 interstitial_explanation.unauthenticated_explanations[0].summary); | 454 interstitial_explanation.neutral_explanations[0].summary); |
456 | 455 |
457 ProceedThroughInterstitial( | 456 ProceedThroughInterstitial( |
458 browser()->tab_strip_model()->GetActiveWebContents()); | 457 browser()->tab_strip_model()->GetActiveWebContents()); |
459 | 458 |
460 CheckSecurityInfoForSecure( | 459 CheckSecurityInfoForSecure( |
461 browser()->tab_strip_model()->GetActiveWebContents(), | 460 browser()->tab_strip_model()->GetActiveWebContents(), |
462 security_state::DANGEROUS, true, security_state::CONTENT_STATUS_NONE, | 461 security_state::DANGEROUS, true, security_state::CONTENT_STATUS_NONE, |
463 false, true /* expect cert status error */); | 462 false, true /* expect cert status error */); |
464 | 463 |
465 const content::SecurityStyleExplanations& page_explanation = | 464 const content::SecurityStyleExplanations& page_explanation = |
466 observer.latest_explanations(); | 465 observer.latest_explanations(); |
467 ASSERT_EQ(1u, page_explanation.broken_explanations.size()); | 466 ASSERT_EQ(1u, page_explanation.insecure_explanations.size()); |
468 ASSERT_EQ(1u, page_explanation.unauthenticated_explanations.size()); | 467 ASSERT_EQ(1u, page_explanation.neutral_explanations.size()); |
469 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), | 468 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), |
470 page_explanation.unauthenticated_explanations[0].summary); | 469 page_explanation.neutral_explanations[0].summary); |
471 } | 470 } |
472 | 471 |
473 // Test security state for a SHA-1 certificate that is allowed by policy. | 472 // Test security state for a SHA-1 certificate that is allowed by policy. |
474 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, SHA1CertificateWarning) { | 473 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, SHA1CertificateWarning) { |
475 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, | 474 SetUpMockCertVerifierForHttpsServer(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT, |
476 net::OK); | 475 net::OK); |
477 | 476 |
478 content::WebContents* web_contents = | 477 content::WebContents* web_contents = |
479 browser()->tab_strip_model()->GetActiveWebContents(); | 478 browser()->tab_strip_model()->GetActiveWebContents(); |
480 SecurityStyleTestObserver observer(web_contents); | 479 SecurityStyleTestObserver observer(web_contents); |
481 ui_test_utils::NavigateToURL(browser(), | 480 ui_test_utils::NavigateToURL(browser(), |
482 https_server_.GetURL("/ssl/google.html")); | 481 https_server_.GetURL("/ssl/google.html")); |
483 CheckSecurityInfoForSecure( | 482 CheckSecurityInfoForSecure( |
484 browser()->tab_strip_model()->GetActiveWebContents(), | 483 browser()->tab_strip_model()->GetActiveWebContents(), |
485 security_state::NONE, true, security_state::CONTENT_STATUS_NONE, false, | 484 security_state::NONE, true, security_state::CONTENT_STATUS_NONE, false, |
486 false /* expect cert status error */); | 485 false /* expect cert status error */); |
487 | 486 |
488 const content::SecurityStyleExplanations& explanation = | 487 const content::SecurityStyleExplanations& explanation = |
489 observer.latest_explanations(); | 488 observer.latest_explanations(); |
490 | 489 |
491 ASSERT_EQ(0u, explanation.broken_explanations.size()); | 490 ASSERT_EQ(0u, explanation.insecure_explanations.size()); |
492 ASSERT_EQ(1u, explanation.unauthenticated_explanations.size()); | 491 ASSERT_EQ(1u, explanation.neutral_explanations.size()); |
493 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), | 492 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_SHA1), |
494 explanation.unauthenticated_explanations[0].summary); | 493 explanation.neutral_explanations[0].summary); |
495 } | 494 } |
496 | 495 |
497 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContent) { | 496 IN_PROC_BROWSER_TEST_F(SecurityStateTabHelperTest, MixedContent) { |
498 SetUpMockCertVerifierForHttpsServer(0, net::OK); | 497 SetUpMockCertVerifierForHttpsServer(0, net::OK); |
499 host_resolver()->AddRule("example.test", | 498 host_resolver()->AddRule("example.test", |
500 https_server_.GetURL("/title1.html").host()); | 499 https_server_.GetURL("/title1.html").host()); |
501 | 500 |
502 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); | 501 net::HostPortPair replacement_pair = embedded_test_server()->host_port_pair(); |
503 replacement_pair.set_host("example.test"); | 502 replacement_pair.set_host("example.test"); |
504 | 503 |
(...skipping 297 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
802 SecurityStateTabHelper::FromWebContents(contents); | 801 SecurityStateTabHelper::FromWebContents(contents); |
803 ASSERT_TRUE(helper); | 802 ASSERT_TRUE(helper); |
804 | 803 |
805 ui_test_utils::NavigateToURL(browser(), GURL("data:text/html,<html></html>")); | 804 ui_test_utils::NavigateToURL(browser(), GURL("data:text/html,<html></html>")); |
806 security_state::SecurityInfo security_info; | 805 security_state::SecurityInfo security_info; |
807 helper->GetSecurityInfo(&security_info); | 806 helper->GetSecurityInfo(&security_info); |
808 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level); | 807 EXPECT_EQ(security_state::HTTP_SHOW_WARNING, security_info.security_level); |
809 | 808 |
810 // Ensure that WebContentsObservers don't show an incorrect Form Not Secure | 809 // Ensure that WebContentsObservers don't show an incorrect Form Not Secure |
811 // explanation. Regression test for https://crbug.com/691412. | 810 // explanation. Regression test for https://crbug.com/691412. |
812 EXPECT_EQ(0u, | 811 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
813 observer.latest_explanations().unauthenticated_explanations.size()); | 812 EXPECT_EQ(blink::WebSecurityStyleNeutral, observer.latest_security_style()); |
814 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, | |
815 observer.latest_security_style()); | |
816 | 813 |
817 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); | 814 content::NavigationEntry* entry = contents->GetController().GetVisibleEntry(); |
818 ASSERT_TRUE(entry); | 815 ASSERT_TRUE(entry); |
819 EXPECT_EQ(content::SSLStatus::NORMAL_CONTENT, entry->GetSSL().content_status); | 816 EXPECT_EQ(content::SSLStatus::NORMAL_CONTENT, entry->GetSSL().content_status); |
820 } | 817 } |
821 | 818 |
822 const char kReportURI[] = "https://report-hpkp.test"; | 819 const char kReportURI[] = "https://report-hpkp.test"; |
823 | 820 |
824 class PKPModelClientTest : public SecurityStateTabHelperTest { | 821 class PKPModelClientTest : public SecurityStateTabHelperTest { |
825 public: | 822 public: |
(...skipping 680 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1506 base::FilePath(kDocRoot)); | 1503 base::FilePath(kDocRoot)); |
1507 ASSERT_TRUE(https_test_server_expired.Start()); | 1504 ASSERT_TRUE(https_test_server_expired.Start()); |
1508 | 1505 |
1509 content::WebContents* web_contents = | 1506 content::WebContents* web_contents = |
1510 browser()->tab_strip_model()->GetActiveWebContents(); | 1507 browser()->tab_strip_model()->GetActiveWebContents(); |
1511 SecurityStyleTestObserver observer(web_contents); | 1508 SecurityStyleTestObserver observer(web_contents); |
1512 | 1509 |
1513 // Visit an HTTP url. | 1510 // Visit an HTTP url. |
1514 GURL http_url(embedded_test_server()->GetURL("/title1.html")); | 1511 GURL http_url(embedded_test_server()->GetURL("/title1.html")); |
1515 ui_test_utils::NavigateToURL(browser(), http_url); | 1512 ui_test_utils::NavigateToURL(browser(), http_url); |
1516 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, | 1513 EXPECT_EQ(blink::WebSecurityStyleNeutral, observer.latest_security_style()); |
1517 observer.latest_security_style()); | 1514 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
1518 EXPECT_EQ(0u, | 1515 EXPECT_EQ(0u, observer.latest_explanations().insecure_explanations.size()); |
1519 observer.latest_explanations().unauthenticated_explanations.size()); | |
1520 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | |
1521 EXPECT_EQ(0u, observer.latest_explanations().secure_explanations.size()); | 1516 EXPECT_EQ(0u, observer.latest_explanations().secure_explanations.size()); |
1522 EXPECT_FALSE(observer.latest_explanations().scheme_is_cryptographic); | 1517 EXPECT_FALSE(observer.latest_explanations().scheme_is_cryptographic); |
1523 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1518 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
1524 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1519 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
1525 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1520 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
1526 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1521 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
1527 EXPECT_TRUE(observer.latest_explanations().summary.empty()); | 1522 EXPECT_TRUE(observer.latest_explanations().summary.empty()); |
1528 | 1523 |
1529 // Visit an (otherwise valid) HTTPS page that displays mixed content. | 1524 // Visit an (otherwise valid) HTTPS page that displays mixed content. |
1530 std::string replacement_path; | 1525 std::string replacement_path; |
1531 GetFilePathWithHostAndPortReplacement( | 1526 GetFilePathWithHostAndPortReplacement( |
1532 "/ssl/page_displays_insecure_content.html", | 1527 "/ssl/page_displays_insecure_content.html", |
1533 embedded_test_server()->host_port_pair(), &replacement_path); | 1528 embedded_test_server()->host_port_pair(), &replacement_path); |
1534 | 1529 |
1535 GURL mixed_content_url(https_server_.GetURL(replacement_path)); | 1530 GURL mixed_content_url(https_server_.GetURL(replacement_path)); |
1536 ui_test_utils::NavigateToURL(browser(), mixed_content_url); | 1531 ui_test_utils::NavigateToURL(browser(), mixed_content_url); |
1537 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, | 1532 EXPECT_EQ(blink::WebSecurityStyleNeutral, observer.latest_security_style()); |
1538 observer.latest_security_style()); | |
1539 | 1533 |
1540 const content::SecurityStyleExplanations& mixed_content_explanation = | 1534 const content::SecurityStyleExplanations& mixed_content_explanation = |
1541 observer.latest_explanations(); | 1535 observer.latest_explanations(); |
1542 ASSERT_EQ(0u, mixed_content_explanation.unauthenticated_explanations.size()); | 1536 ASSERT_EQ(0u, mixed_content_explanation.neutral_explanations.size()); |
1543 ASSERT_EQ(0u, mixed_content_explanation.broken_explanations.size()); | 1537 ASSERT_EQ(0u, mixed_content_explanation.insecure_explanations.size()); |
1544 CheckSecureExplanations(mixed_content_explanation.secure_explanations, | 1538 CheckSecureExplanations(mixed_content_explanation.secure_explanations, |
1545 VALID_CERTIFICATE, browser(), | 1539 VALID_CERTIFICATE, browser(), |
1546 https_server_.GetCertificate().get()); | 1540 https_server_.GetCertificate().get()); |
1547 EXPECT_TRUE(mixed_content_explanation.scheme_is_cryptographic); | 1541 EXPECT_TRUE(mixed_content_explanation.scheme_is_cryptographic); |
1548 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1542 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
1549 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1543 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
1550 EXPECT_TRUE(observer.latest_explanations().summary.empty()); | 1544 EXPECT_TRUE(observer.latest_explanations().summary.empty()); |
1551 EXPECT_TRUE(mixed_content_explanation.displayed_mixed_content); | 1545 EXPECT_TRUE(mixed_content_explanation.displayed_mixed_content); |
1552 EXPECT_FALSE(mixed_content_explanation.ran_mixed_content); | 1546 EXPECT_FALSE(mixed_content_explanation.ran_mixed_content); |
1553 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, | 1547 EXPECT_EQ(blink::WebSecurityStyleNeutral, |
1554 mixed_content_explanation.displayed_insecure_content_style); | 1548 mixed_content_explanation.displayed_insecure_content_style); |
1555 EXPECT_EQ(blink::WebSecurityStyleAuthenticationBroken, | 1549 EXPECT_EQ(blink::WebSecurityStyleInsecure, |
1556 mixed_content_explanation.ran_insecure_content_style); | 1550 mixed_content_explanation.ran_insecure_content_style); |
1557 | 1551 |
1558 // Visit a broken HTTPS url. | 1552 // Visit a broken HTTPS url. |
1559 GURL expired_url(https_test_server_expired.GetURL("/title1.html")); | 1553 GURL expired_url(https_test_server_expired.GetURL("/title1.html")); |
1560 ui_test_utils::NavigateToURL(browser(), expired_url); | 1554 ui_test_utils::NavigateToURL(browser(), expired_url); |
1561 | 1555 |
1562 // An interstitial should show, and an event for the lock icon on the | 1556 // An interstitial should show, and an event for the lock icon on the |
1563 // interstitial should fire. | 1557 // interstitial should fire. |
1564 content::WaitForInterstitialAttach(web_contents); | 1558 content::WaitForInterstitialAttach(web_contents); |
1565 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); | 1559 EXPECT_TRUE(web_contents->ShowingInterstitialPage()); |
1566 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser(), | 1560 CheckBrokenSecurityStyle(observer, net::ERR_CERT_DATE_INVALID, browser(), |
1567 https_test_server_expired.GetCertificate().get()); | 1561 https_test_server_expired.GetCertificate().get()); |
1568 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 1562 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
1569 INVALID_CERTIFICATE, browser(), | 1563 INVALID_CERTIFICATE, browser(), |
1570 https_test_server_expired.GetCertificate().get()); | 1564 https_test_server_expired.GetCertificate().get()); |
1571 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 1565 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
1572 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1566 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
1573 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1567 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
1574 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1568 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
1575 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1569 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
1576 EXPECT_TRUE(observer.latest_explanations().summary.empty()); | 1570 EXPECT_TRUE(observer.latest_explanations().summary.empty()); |
1577 | 1571 |
1578 // Before clicking through, navigate to a different page, and then go | 1572 // Before clicking through, navigate to a different page, and then go |
1579 // back to the interstitial. | 1573 // back to the interstitial. |
1580 GURL valid_https_url(https_server_.GetURL("/title1.html")); | 1574 GURL valid_https_url(https_server_.GetURL("/title1.html")); |
1581 ui_test_utils::NavigateToURL(browser(), valid_https_url); | 1575 ui_test_utils::NavigateToURL(browser(), valid_https_url); |
1582 EXPECT_EQ(blink::WebSecurityStyleAuthenticated, | 1576 EXPECT_EQ(blink::WebSecurityStyleSecure, observer.latest_security_style()); |
1583 observer.latest_security_style()); | 1577 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
1584 EXPECT_EQ(0u, | 1578 EXPECT_EQ(0u, observer.latest_explanations().insecure_explanations.size()); |
1585 observer.latest_explanations().unauthenticated_explanations.size()); | |
1586 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | |
1587 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 1579 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
1588 VALID_CERTIFICATE, browser(), | 1580 VALID_CERTIFICATE, browser(), |
1589 https_server_.GetCertificate().get()); | 1581 https_server_.GetCertificate().get()); |
1590 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 1582 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
1591 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1583 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
1592 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1584 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
1593 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1585 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
1594 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1586 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
1595 EXPECT_TRUE(observer.latest_explanations().summary.empty()); | 1587 EXPECT_TRUE(observer.latest_explanations().summary.empty()); |
1596 | 1588 |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1654 base::FilePath(kDocRoot)); | 1646 base::FilePath(kDocRoot)); |
1655 ASSERT_TRUE(https_test_server_expired.Start()); | 1647 ASSERT_TRUE(https_test_server_expired.Start()); |
1656 | 1648 |
1657 content::WebContents* web_contents = | 1649 content::WebContents* web_contents = |
1658 browser()->tab_strip_model()->GetActiveWebContents(); | 1650 browser()->tab_strip_model()->GetActiveWebContents(); |
1659 SecurityStyleTestObserver observer(web_contents); | 1651 SecurityStyleTestObserver observer(web_contents); |
1660 | 1652 |
1661 // Visit a valid HTTPS url. | 1653 // Visit a valid HTTPS url. |
1662 GURL valid_https_url(https_server_.GetURL("/title1.html")); | 1654 GURL valid_https_url(https_server_.GetURL("/title1.html")); |
1663 ui_test_utils::NavigateToURL(browser(), valid_https_url); | 1655 ui_test_utils::NavigateToURL(browser(), valid_https_url); |
1664 EXPECT_EQ(blink::WebSecurityStyleAuthenticated, | 1656 EXPECT_EQ(blink::WebSecurityStyleSecure, observer.latest_security_style()); |
1665 observer.latest_security_style()); | 1657 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
1666 EXPECT_EQ(0u, | 1658 EXPECT_EQ(0u, observer.latest_explanations().insecure_explanations.size()); |
1667 observer.latest_explanations().unauthenticated_explanations.size()); | |
1668 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | |
1669 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 1659 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
1670 VALID_CERTIFICATE, browser(), | 1660 VALID_CERTIFICATE, browser(), |
1671 https_server_.GetCertificate().get()); | 1661 https_server_.GetCertificate().get()); |
1672 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 1662 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
1673 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1663 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
1674 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1664 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
1675 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1665 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
1676 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1666 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
1677 | 1667 |
1678 // Navigate to a bad HTTPS page on a different host, and then click | 1668 // Navigate to a bad HTTPS page on a different host, and then click |
(...skipping 25 matching lines...) Expand all Loading... | |
1704 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1694 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
1705 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1695 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
1706 | 1696 |
1707 content::WindowedNotificationObserver back_nav_load_observer( | 1697 content::WindowedNotificationObserver back_nav_load_observer( |
1708 content::NOTIFICATION_LOAD_STOP, | 1698 content::NOTIFICATION_LOAD_STOP, |
1709 content::Source<content::NavigationController>( | 1699 content::Source<content::NavigationController>( |
1710 &web_contents->GetController())); | 1700 &web_contents->GetController())); |
1711 chrome::GoBack(browser(), WindowOpenDisposition::CURRENT_TAB); | 1701 chrome::GoBack(browser(), WindowOpenDisposition::CURRENT_TAB); |
1712 back_nav_load_observer.Wait(); | 1702 back_nav_load_observer.Wait(); |
1713 | 1703 |
1714 EXPECT_EQ(blink::WebSecurityStyleAuthenticated, | 1704 EXPECT_EQ(blink::WebSecurityStyleSecure, observer.latest_security_style()); |
1715 observer.latest_security_style()); | 1705 EXPECT_EQ(0u, observer.latest_explanations().neutral_explanations.size()); |
1716 EXPECT_EQ(0u, | 1706 EXPECT_EQ(0u, observer.latest_explanations().insecure_explanations.size()); |
1717 observer.latest_explanations().unauthenticated_explanations.size()); | |
1718 EXPECT_EQ(0u, observer.latest_explanations().broken_explanations.size()); | |
1719 CheckSecureExplanations(observer.latest_explanations().secure_explanations, | 1707 CheckSecureExplanations(observer.latest_explanations().secure_explanations, |
1720 VALID_CERTIFICATE, browser(), | 1708 VALID_CERTIFICATE, browser(), |
1721 https_server_.GetCertificate().get()); | 1709 https_server_.GetCertificate().get()); |
1722 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); | 1710 EXPECT_TRUE(observer.latest_explanations().scheme_is_cryptographic); |
1723 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); | 1711 EXPECT_FALSE(observer.latest_explanations().pkp_bypassed); |
1724 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); | 1712 EXPECT_TRUE(observer.latest_explanations().info_explanations.empty()); |
1725 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); | 1713 EXPECT_FALSE(observer.latest_explanations().displayed_mixed_content); |
1726 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); | 1714 EXPECT_FALSE(observer.latest_explanations().ran_mixed_content); |
1727 } | 1715 } |
1728 | 1716 |
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1836 | 1824 |
1837 private: | 1825 private: |
1838 scoped_refptr<net::X509Certificate> cert_; | 1826 scoped_refptr<net::X509Certificate> cert_; |
1839 | 1827 |
1840 DISALLOW_COPY_AND_ASSIGN(BrowserTestNonsecureURLRequest); | 1828 DISALLOW_COPY_AND_ASSIGN(BrowserTestNonsecureURLRequest); |
1841 }; | 1829 }; |
1842 | 1830 |
1843 // Tests that a connection with obsolete TLS settings does not get a | 1831 // Tests that a connection with obsolete TLS settings does not get a |
1844 // secure connection explanation. | 1832 // secure connection explanation. |
1845 IN_PROC_BROWSER_TEST_F(BrowserTestNonsecureURLRequest, | 1833 IN_PROC_BROWSER_TEST_F(BrowserTestNonsecureURLRequest, |
1846 DidChangeVisibleSecurityStateObserverNonsecureConnection) { | 1834 DidChangeVisibleSecurityStateObserverNonsecureConnection) { |
elawrence
2017/03/22 19:43:07
The name of this test seems a bit misleading, espe
estark
2017/03/22 20:41:29
Done.
| |
1847 content::WebContents* web_contents = | 1835 content::WebContents* web_contents = |
1848 browser()->tab_strip_model()->GetActiveWebContents(); | 1836 browser()->tab_strip_model()->GetActiveWebContents(); |
1849 SecurityStyleTestObserver observer(web_contents); | 1837 SecurityStyleTestObserver observer(web_contents); |
1850 | 1838 |
1851 ui_test_utils::NavigateToURL( | 1839 ui_test_utils::NavigateToURL( |
1852 browser(), GURL(std::string("https://") + kMockNonsecureHostname)); | 1840 browser(), GURL(std::string("https://") + kMockNonsecureHostname)); |
1853 | 1841 |
1854 // The security style of the page doesn't get downgraded for obsolete | 1842 // The security style of the page doesn't get downgraded for obsolete |
1855 // TLS settings, so it should remain at WebSecurityStyleAuthenticated. | 1843 // TLS settings, so it should remain at WebSecurityStyleSecure. |
1856 EXPECT_EQ(blink::WebSecurityStyleAuthenticated, | 1844 EXPECT_EQ(blink::WebSecurityStyleSecure, observer.latest_security_style()); |
1857 observer.latest_security_style()); | |
1858 | 1845 |
1859 // The messages explaining the security style do, however, get | 1846 // The messages explaining the security style do, however, get |
1860 // downgraded: SECURE_PROTOCOL_AND_CIPHERSUITE should not show up when | 1847 // downgraded: SECURE_PROTOCOL_AND_CIPHERSUITE should not show up when |
1861 // the TLS settings are obsolete. | 1848 // the TLS settings are obsolete. |
1862 for (const auto& explanation : | 1849 for (const auto& explanation : |
1863 observer.latest_explanations().secure_explanations) { | 1850 observer.latest_explanations().secure_explanations) { |
1864 EXPECT_NE(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), | 1851 EXPECT_NE(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), |
1865 explanation.summary); | 1852 explanation.summary); |
1866 } | 1853 } |
1867 | 1854 |
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2018 SecurityStateTabHelper* helper = | 2005 SecurityStateTabHelper* helper = |
2019 SecurityStateTabHelper::FromWebContents(web_contents); | 2006 SecurityStateTabHelper::FromWebContents(web_contents); |
2020 ASSERT_TRUE(helper); | 2007 ASSERT_TRUE(helper); |
2021 security_state::SecurityInfo security_info; | 2008 security_state::SecurityInfo security_info; |
2022 helper->GetSecurityInfo(&security_info); | 2009 helper->GetSecurityInfo(&security_info); |
2023 EXPECT_EQ(security_state::SECURE, security_info.security_level); | 2010 EXPECT_EQ(security_state::SECURE, security_info.security_level); |
2024 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); | 2011 EXPECT_EQ(kTestSCTStatuses, security_info.sct_verify_statuses); |
2025 } | 2012 } |
2026 | 2013 |
2027 } // namespace | 2014 } // namespace |
OLD | NEW |