OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stdint.h> | 5 #include <stdint.h> |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/strings/string_number_conversions.h" | 8 #include "base/strings/string_number_conversions.h" |
9 #include "base/test/simple_test_clock.h" | 9 #include "base/test/simple_test_clock.h" |
10 #include "chrome/browser/browsing_data/browsing_data_helper.h" | 10 #include "chrome/browser/browsing_data/browsing_data_helper.h" |
11 #include "chrome/browser/browsing_data/browsing_data_remover.h" | 11 #include "chrome/browser/browsing_data/browsing_data_remover.h" |
12 #include "chrome/browser/browsing_data/browsing_data_remover_test_util.h" | 12 #include "chrome/browser/browsing_data/browsing_data_remover_test_util.h" |
13 #include "chrome/browser/profiles/profile.h" | 13 #include "chrome/browser/profiles/profile.h" |
14 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h" | 14 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h" |
| 15 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate_factory.h" |
15 #include "chrome/browser/ui/browser.h" | 16 #include "chrome/browser/ui/browser.h" |
16 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 17 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
17 #include "chrome/common/chrome_switches.h" | 18 #include "chrome/common/chrome_switches.h" |
18 #include "chrome/test/base/in_process_browser_test.h" | 19 #include "chrome/test/base/in_process_browser_test.h" |
19 #include "content/public/browser/ssl_host_state_delegate.h" | 20 #include "content/public/browser/ssl_host_state_delegate.h" |
20 #include "content/public/browser/web_contents.h" | 21 #include "content/public/browser/web_contents.h" |
21 #include "content/public/test/browser_test_utils.h" | 22 #include "content/public/test/browser_test_utils.h" |
22 #include "net/base/test_data_directory.h" | 23 #include "net/base/test_data_directory.h" |
23 #include "net/test/cert_test_util.h" | 24 #include "net/test/cert_test_util.h" |
24 #include "testing/gtest/include/gtest/gtest.h" | 25 #include "testing/gtest/include/gtest/gtest.h" |
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
125 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 126 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
126 state->QueryPolicy( | 127 state->QueryPolicy( |
127 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 128 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
128 EXPECT_EQ( | 129 EXPECT_EQ( |
129 net::CertPolicy::DENIED, | 130 net::CertPolicy::DENIED, |
130 state->QueryPolicy( | 131 state->QueryPolicy( |
131 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 132 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
132 } | 133 } |
133 | 134 |
134 // HasPolicyAndRevoke unit tests the expected behavior of calling | 135 // HasPolicyAndRevoke unit tests the expected behavior of calling |
135 // HasAllowedOrDeniedCert before and after calling RevokeAllowAndDenyPreferences | 136 // HasUserDecision before and after calling RevokeUserDecisions on the |
136 // on the SSLHostStateDelegate class. | 137 // SSLHostStateDelegate class. |
137 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) { | 138 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) { |
138 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); | 139 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); |
139 content::WebContents* tab = | 140 content::WebContents* tab = |
140 browser()->tab_strip_model()->GetActiveWebContents(); | 141 browser()->tab_strip_model()->GetActiveWebContents(); |
141 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 142 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
142 content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate(); | 143 ChromeSSLHostStateDelegate* state = |
| 144 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); |
143 | 145 |
144 // Simulate a user decision to allow an invalid certificate exception for | 146 // Simulate a user decision to allow an invalid certificate exception for |
145 // kWWWGoogleHost and for kExampleHost. | 147 // kWWWGoogleHost and for kExampleHost. |
146 state->AllowCert( | 148 state->AllowCert( |
147 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 149 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
148 state->AllowCert( | 150 state->AllowCert( |
149 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 151 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
150 | 152 |
151 // Verify that HasAllowedOrDeniedCert correctly acknowledges that a user | 153 // Verify that HasUserDecision correctly acknowledges that a user decision has |
152 // decision has been made about kWWWGoogleHost. Then verify that | 154 // been made about kWWWGoogleHost. Then verify that HasUserDecision correctly |
153 // HasAllowedOrDeniedCert correctly identifies that the decision has been | 155 // identifies that the decision has been revoked. |
154 // revoked. | 156 EXPECT_TRUE(state->HasUserDecision(kWWWGoogleHost)); |
155 EXPECT_TRUE(state->HasAllowedOrDeniedCert(kWWWGoogleHost)); | 157 state->RevokeUserDecisions(kWWWGoogleHost); |
156 state->RevokeAllowAndDenyPreferences(kWWWGoogleHost); | 158 EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost)); |
157 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kWWWGoogleHost)); | |
158 EXPECT_EQ( | 159 EXPECT_EQ( |
159 net::CertPolicy::UNKNOWN, | 160 net::CertPolicy::UNKNOWN, |
160 state->QueryPolicy( | 161 state->QueryPolicy( |
161 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 162 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
162 | 163 |
163 // Verify that the revocation of the kWWWGoogleHost decision does not affect | 164 // Verify that the revocation of the kWWWGoogleHost decision does not affect |
164 // the Allow for kExampleHost. | 165 // the Allow for kExampleHost. |
165 EXPECT_TRUE(state->HasAllowedOrDeniedCert(kExampleHost)); | 166 EXPECT_TRUE(state->HasUserDecision(kExampleHost)); |
166 | 167 |
167 // Verify the revocation of the kWWWGoogleHost decision does not affect the | 168 // Verify the revocation of the kWWWGoogleHost decision does not affect the |
168 // non-decision for kGoogleHost. Then verify that a revocation of a URL with | 169 // non-decision for kGoogleHost. Then verify that a revocation of a URL with |
169 // no decision has no effect. | 170 // no decision has no effect. |
170 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kGoogleHost)); | 171 EXPECT_FALSE(state->HasUserDecision(kGoogleHost)); |
171 state->RevokeAllowAndDenyPreferences(kGoogleHost); | 172 state->RevokeUserDecisions(kGoogleHost); |
172 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kGoogleHost)); | 173 EXPECT_FALSE(state->HasUserDecision(kGoogleHost)); |
173 } | 174 } |
174 | 175 |
175 // Clear unit tests the expected behavior of calling Clear to forget all cert | 176 // Clear unit tests the expected behavior of calling Clear to forget all cert |
176 // decision state on the SSLHostStateDelegate class. | 177 // decision state on the SSLHostStateDelegate class. |
177 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, Clear) { | 178 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, Clear) { |
178 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); | 179 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); |
179 content::WebContents* tab = | 180 content::WebContents* tab = |
180 browser()->tab_strip_model()->GetActiveWebContents(); | 181 browser()->tab_strip_model()->GetActiveWebContents(); |
181 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 182 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
182 content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate(); | 183 ChromeSSLHostStateDelegate* state = |
| 184 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); |
183 | 185 |
184 // Simulate a user decision to allow an invalid certificate exception for | 186 // Simulate a user decision to allow an invalid certificate exception for |
185 // kWWWGoogleHost and for kExampleHost. | 187 // kWWWGoogleHost and for kExampleHost. |
186 state->AllowCert( | 188 state->AllowCert( |
187 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 189 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
188 | 190 |
189 // Do a full clear, then make sure that both kWWWGoogleHost, which had a | 191 // Do a full clear, then make sure that both kWWWGoogleHost, which had a |
190 // decision made, and kExampleHost, which was untouched, are now in a | 192 // decision made, and kExampleHost, which was untouched, are now in a |
191 // non-decision state. | 193 // non-decision state. |
192 state->Clear(); | 194 state->Clear(); |
193 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kWWWGoogleHost)); | 195 EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost)); |
194 EXPECT_EQ( | 196 EXPECT_EQ( |
195 net::CertPolicy::UNKNOWN, | 197 net::CertPolicy::UNKNOWN, |
196 state->QueryPolicy( | 198 state->QueryPolicy( |
197 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 199 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
198 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kExampleHost)); | 200 EXPECT_FALSE(state->HasUserDecision(kExampleHost)); |
199 EXPECT_EQ( | 201 EXPECT_EQ( |
200 net::CertPolicy::UNKNOWN, | 202 net::CertPolicy::UNKNOWN, |
201 state->QueryPolicy( | 203 state->QueryPolicy( |
202 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 204 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
203 } | 205 } |
204 | 206 |
| 207 // DidHostRunInsecureContent unit tests the expected behavior of calling |
| 208 // DidHostRunInsecureContent as well as HostRanInsecureContent to check if |
| 209 // insecure content has been run and to mark it as such. |
| 210 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, |
| 211 DidHostRunInsecureContent) { |
| 212 content::WebContents* tab = |
| 213 browser()->tab_strip_model()->GetActiveWebContents(); |
| 214 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| 215 content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate(); |
| 216 |
| 217 EXPECT_FALSE(state->DidHostRunInsecureContent("www.google.com", 42)); |
| 218 EXPECT_FALSE(state->DidHostRunInsecureContent("www.google.com", 191)); |
| 219 EXPECT_FALSE(state->DidHostRunInsecureContent("example.com", 42)); |
| 220 |
| 221 state->HostRanInsecureContent("www.google.com", 42); |
| 222 |
| 223 EXPECT_TRUE(state->DidHostRunInsecureContent("www.google.com", 42)); |
| 224 EXPECT_FALSE(state->DidHostRunInsecureContent("www.google.com", 191)); |
| 225 EXPECT_FALSE(state->DidHostRunInsecureContent("example.com", 42)); |
| 226 |
| 227 state->HostRanInsecureContent("example.com", 42); |
| 228 |
| 229 EXPECT_TRUE(state->DidHostRunInsecureContent("www.google.com", 42)); |
| 230 EXPECT_FALSE(state->DidHostRunInsecureContent("www.google.com", 191)); |
| 231 EXPECT_TRUE(state->DidHostRunInsecureContent("example.com", 42)); |
| 232 } |
| 233 |
205 // Tests the basic behavior of cert memory in incognito. | 234 // Tests the basic behavior of cert memory in incognito. |
206 class IncognitoSSLHostStateDelegateTest | 235 class IncognitoSSLHostStateDelegateTest |
207 : public ChromeSSLHostStateDelegateTest { | 236 : public ChromeSSLHostStateDelegateTest { |
208 protected: | 237 protected: |
209 virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { | 238 virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { |
210 ChromeSSLHostStateDelegateTest::SetUpCommandLine(command_line); | 239 ChromeSSLHostStateDelegateTest::SetUpCommandLine(command_line); |
211 command_line->AppendSwitchASCII(switches::kRememberCertErrorDecisions, | 240 command_line->AppendSwitchASCII(switches::kRememberCertErrorDecisions, |
212 kDeltaSecondsString); | 241 kDeltaSecondsString); |
213 } | 242 } |
214 }; | 243 }; |
(...skipping 226 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
441 | 470 |
442 // Add an exception for an invalid certificate. Then remove the last hour's | 471 // Add an exception for an invalid certificate. Then remove the last hour's |
443 // worth of browsing history and verify that the exception has been deleted. | 472 // worth of browsing history and verify that the exception has been deleted. |
444 state->AllowCert( | 473 state->AllowCert( |
445 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 474 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
446 RemoveAndWait(profile); | 475 RemoveAndWait(profile); |
447 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 476 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
448 state->QueryPolicy( | 477 state->QueryPolicy( |
449 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 478 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
450 } | 479 } |
OLD | NEW |