| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/security_state/content/content_utils.h" | 5 #include "components/security_state/content/content_utils.h" |
| 6 | 6 |
| 7 #include <vector> |
| 8 |
| 7 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 8 #include "base/test/histogram_tester.h" | 10 #include "base/test/histogram_tester.h" |
| 9 #include "components/security_state/core/security_state.h" | 11 #include "components/security_state/core/security_state.h" |
| 10 #include "components/security_state/core/switches.h" | 12 #include "components/security_state/core/switches.h" |
| 11 #include "content/public/browser/security_style_explanation.h" | 13 #include "content/public/browser/security_style_explanation.h" |
| 12 #include "content/public/browser/security_style_explanations.h" | 14 #include "content/public/browser/security_style_explanations.h" |
| 13 #include "net/cert/cert_status_flags.h" | 15 #include "net/cert/cert_status_flags.h" |
| 14 #include "net/ssl/ssl_cipher_suite_names.h" | 16 #include "net/ssl/ssl_cipher_suite_names.h" |
| 15 #include "net/ssl/ssl_connection_status_flags.h" | 17 #include "net/ssl/ssl_connection_status_flags.h" |
| 16 #include "net/test/cert_test_util.h" | 18 #include "net/test/cert_test_util.h" |
| (...skipping 229 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 246 | 248 |
| 247 // Check that when both password and credit card fields get displayed, only | 249 // Check that when both password and credit card fields get displayed, only |
| 248 // one explanation is added. | 250 // one explanation is added. |
| 249 explanations.neutral_explanations.clear(); | 251 explanations.neutral_explanations.clear(); |
| 250 security_info.displayed_credit_card_field_on_http = true; | 252 security_info.displayed_credit_card_field_on_http = true; |
| 251 security_info.displayed_password_field_on_http = true; | 253 security_info.displayed_password_field_on_http = true; |
| 252 security_style = GetSecurityStyle(security_info, &explanations); | 254 security_style = GetSecurityStyle(security_info, &explanations); |
| 253 EXPECT_EQ(blink::kWebSecurityStyleNeutral, security_style); | 255 EXPECT_EQ(blink::kWebSecurityStyleNeutral, security_style); |
| 254 // Verify only one explanation was shown when Form Not Secure is triggered. | 256 // Verify only one explanation was shown when Form Not Secure is triggered. |
| 255 EXPECT_EQ(1u, explanations.neutral_explanations.size()); | 257 EXPECT_EQ(1u, explanations.neutral_explanations.size()); |
| 258 |
| 259 // Verify that two explanations are shown when the Incognito and |
| 260 // FormNotSecure flags are both set. |
| 261 explanations.neutral_explanations.clear(); |
| 262 security_info.displayed_credit_card_field_on_http = true; |
| 263 security_info.incognito_downgraded_security_level = true; |
| 264 security_style = GetSecurityStyle(security_info, &explanations); |
| 265 EXPECT_EQ(blink::kWebSecurityStyleNeutral, security_style); |
| 266 EXPECT_EQ(2u, explanations.neutral_explanations.size()); |
| 256 } | 267 } |
| 257 | 268 |
| 258 // Tests that an explanation is provided if a certificate is missing a | 269 // Tests that an explanation is provided if a certificate is missing a |
| 259 // subjectAltName extension containing a domain name or IP address. | 270 // subjectAltName extension containing a domain name or IP address. |
| 260 TEST(SecurityStateContentUtilsTest, SubjectAltNameWarning) { | 271 TEST(SecurityStateContentUtilsTest, SubjectAltNameWarning) { |
| 261 security_state::SecurityInfo security_info; | 272 security_state::SecurityInfo security_info; |
| 262 security_info.cert_status = 0; | 273 security_info.cert_status = 0; |
| 263 security_info.scheme_is_cryptographic = true; | 274 security_info.scheme_is_cryptographic = true; |
| 264 | 275 |
| 265 security_info.certificate = net::ImportCertFromFile( | 276 security_info.certificate = net::ImportCertFromFile( |
| 266 net::GetTestCertsDirectory(), "salesforce_com_test.pem"); | 277 net::GetTestCertsDirectory(), "salesforce_com_test.pem"); |
| 267 ASSERT_TRUE(security_info.certificate); | 278 ASSERT_TRUE(security_info.certificate); |
| 268 | 279 |
| 269 content::SecurityStyleExplanations explanations; | 280 content::SecurityStyleExplanations explanations; |
| 270 security_info.cert_missing_subject_alt_name = true; | 281 security_info.cert_missing_subject_alt_name = true; |
| 271 GetSecurityStyle(security_info, &explanations); | 282 GetSecurityStyle(security_info, &explanations); |
| 272 // Verify that an explanation was shown for a missing subjectAltName. | 283 // Verify that an explanation was shown for a missing subjectAltName. |
| 273 EXPECT_EQ(1u, explanations.insecure_explanations.size()); | 284 EXPECT_EQ(1u, explanations.insecure_explanations.size()); |
| 274 | 285 |
| 275 explanations.insecure_explanations.clear(); | 286 explanations.insecure_explanations.clear(); |
| 276 security_info.cert_missing_subject_alt_name = false; | 287 security_info.cert_missing_subject_alt_name = false; |
| 277 GetSecurityStyle(security_info, &explanations); | 288 GetSecurityStyle(security_info, &explanations); |
| 278 // Verify that no explanation is shown if the subjectAltName is present. | 289 // Verify that no explanation is shown if the subjectAltName is present. |
| 279 EXPECT_EQ(0u, explanations.insecure_explanations.size()); | 290 EXPECT_EQ(0u, explanations.insecure_explanations.size()); |
| 280 } | 291 } |
| 281 | 292 |
| 282 } // namespace | 293 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2917873004:
Implement 'Not secure' warning for non-secure pages in Incognito mode (Closed)
