| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stdint.h> | 5 #include <stdint.h> |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/strings/string_number_conversions.h" | 8 #include "base/strings/string_number_conversions.h" |
| 9 #include "base/test/simple_test_clock.h" | 9 #include "base/test/simple_test_clock.h" |
| 10 #include "chrome/browser/browsing_data/browsing_data_helper.h" | 10 #include "chrome/browser/browsing_data/browsing_data_helper.h" |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 119 state->QueryPolicy(kGoogleHost, | 119 state->QueryPolicy(kGoogleHost, |
| 120 google_cert.get(), | 120 google_cert.get(), |
| 121 net::CERT_STATUS_DATE_INVALID, | 121 net::CERT_STATUS_DATE_INVALID, |
| 122 &unused_value)); | 122 &unused_value)); |
| 123 EXPECT_EQ(net::CertPolicy::ALLOWED, | 123 EXPECT_EQ(net::CertPolicy::ALLOWED, |
| 124 state->QueryPolicy(kExampleHost, | 124 state->QueryPolicy(kExampleHost, |
| 125 google_cert.get(), | 125 google_cert.get(), |
| 126 net::CERT_STATUS_DATE_INVALID, | 126 net::CERT_STATUS_DATE_INVALID, |
| 127 &unused_value)); | 127 &unused_value)); |
| 128 | 128 |
| 129 // Simulate a user decision to deny an invalid certificate for kExampleHost. | 129 // Verify that kWWWGoogleHost is allowed and kGoogleHost still has no |
| 130 state->DenyCert( | 130 // associated decision. |
| 131 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | |
| 132 | |
| 133 // Verify that kWWWGoogleHost is allowed and kExampleHost is denied while | |
| 134 // kGoogleHost still has no associated decision. | |
| 135 EXPECT_EQ(net::CertPolicy::ALLOWED, | 131 EXPECT_EQ(net::CertPolicy::ALLOWED, |
| 136 state->QueryPolicy(kWWWGoogleHost, | 132 state->QueryPolicy(kWWWGoogleHost, |
| 137 google_cert.get(), | 133 google_cert.get(), |
| 138 net::CERT_STATUS_DATE_INVALID, | 134 net::CERT_STATUS_DATE_INVALID, |
| 139 &unused_value)); | 135 &unused_value)); |
| 140 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 136 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
| 141 state->QueryPolicy(kGoogleHost, | 137 state->QueryPolicy(kGoogleHost, |
| 142 google_cert.get(), | 138 google_cert.get(), |
| 143 net::CERT_STATUS_DATE_INVALID, | 139 net::CERT_STATUS_DATE_INVALID, |
| 144 &unused_value)); | 140 &unused_value)); |
| 145 EXPECT_EQ(net::CertPolicy::DENIED, | |
| 146 state->QueryPolicy(kExampleHost, | |
| 147 google_cert.get(), | |
| 148 net::CERT_STATUS_DATE_INVALID, | |
| 149 &unused_value)); | |
| 150 } | 141 } |
| 151 | 142 |
| 152 // HasPolicyAndRevoke unit tests the expected behavior of calling | 143 // HasPolicyAndRevoke unit tests the expected behavior of calling |
| 153 // HasUserDecision before and after calling RevokeUserDecisions on the | 144 // HasAllowed before and after calling RevokeUserDecisions on the |
| 154 // SSLHostStateDelegate class. | 145 // SSLHostStateDelegate class. |
| 155 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) { | 146 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) { |
| 156 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); | 147 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); |
| 157 content::WebContents* tab = | 148 content::WebContents* tab = |
| 158 browser()->tab_strip_model()->GetActiveWebContents(); | 149 browser()->tab_strip_model()->GetActiveWebContents(); |
| 159 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 150 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| 160 ChromeSSLHostStateDelegate* state = | 151 ChromeSSLHostStateDelegate* state = |
| 161 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); | 152 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); |
| 162 bool unused_value; | 153 bool unused_value; |
| 163 | 154 |
| 164 // Simulate a user decision to allow an invalid certificate exception for | 155 // Simulate a user decision to allow an invalid certificate exception for |
| 165 // kWWWGoogleHost and for kExampleHost. | 156 // kWWWGoogleHost and for kExampleHost. |
| 166 state->AllowCert( | 157 state->AllowCert( |
| 167 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 158 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
| 168 state->AllowCert( | 159 state->AllowCert( |
| 169 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 160 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
| 170 | 161 |
| 171 // Verify that HasUserDecision correctly acknowledges that a user decision has | 162 // Verify that HasAllowed correctly acknowledges that a user decision has |
| 172 // been made about kWWWGoogleHost. Then verify that HasUserDecision correctly | 163 // been made about kWWWGoogleHost. Then verify that HasAllowed correctly |
| 173 // identifies that the decision has been revoked. | 164 // identifies that the decision has been revoked. |
| 174 EXPECT_TRUE(state->HasUserDecision(kWWWGoogleHost)); | 165 EXPECT_TRUE(state->HasAllowed(kWWWGoogleHost)); |
| 175 state->RevokeUserDecisions(kWWWGoogleHost); | 166 state->RevokeUserDecisions(kWWWGoogleHost); |
| 176 EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost)); | 167 EXPECT_FALSE(state->HasAllowed(kWWWGoogleHost)); |
| 177 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 168 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
| 178 state->QueryPolicy(kWWWGoogleHost, | 169 state->QueryPolicy(kWWWGoogleHost, |
| 179 google_cert.get(), | 170 google_cert.get(), |
| 180 net::CERT_STATUS_DATE_INVALID, | 171 net::CERT_STATUS_DATE_INVALID, |
| 181 &unused_value)); | 172 &unused_value)); |
| 182 | 173 |
| 183 // Verify that the revocation of the kWWWGoogleHost decision does not affect | 174 // Verify that the revocation of the kWWWGoogleHost decision does not affect |
| 184 // the Allow for kExampleHost. | 175 // the Allow for kExampleHost. |
| 185 EXPECT_TRUE(state->HasUserDecision(kExampleHost)); | 176 EXPECT_TRUE(state->HasAllowed(kExampleHost)); |
| 186 | 177 |
| 187 // Verify the revocation of the kWWWGoogleHost decision does not affect the | 178 // Verify the revocation of the kWWWGoogleHost decision does not affect the |
| 188 // non-decision for kGoogleHost. Then verify that a revocation of a URL with | 179 // non-decision for kGoogleHost. Then verify that a revocation of a URL with |
| 189 // no decision has no effect. | 180 // no decision has no effect. |
| 190 EXPECT_FALSE(state->HasUserDecision(kGoogleHost)); | 181 EXPECT_FALSE(state->HasAllowed(kGoogleHost)); |
| 191 state->RevokeUserDecisions(kGoogleHost); | 182 state->RevokeUserDecisions(kGoogleHost); |
| 192 EXPECT_FALSE(state->HasUserDecision(kGoogleHost)); | 183 EXPECT_FALSE(state->HasAllowed(kGoogleHost)); |
| 193 } | 184 } |
| 194 | 185 |
| 195 // Clear unit tests the expected behavior of calling Clear to forget all cert | 186 // Clear unit tests the expected behavior of calling Clear to forget all cert |
| 196 // decision state on the SSLHostStateDelegate class. | 187 // decision state on the SSLHostStateDelegate class. |
| 197 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, Clear) { | 188 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, Clear) { |
| 198 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); | 189 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); |
| 199 content::WebContents* tab = | 190 content::WebContents* tab = |
| 200 browser()->tab_strip_model()->GetActiveWebContents(); | 191 browser()->tab_strip_model()->GetActiveWebContents(); |
| 201 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 192 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| 202 ChromeSSLHostStateDelegate* state = | 193 ChromeSSLHostStateDelegate* state = |
| 203 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); | 194 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); |
| 204 bool unused_value; | 195 bool unused_value; |
| 205 | 196 |
| 206 // Simulate a user decision to allow an invalid certificate exception for | 197 // Simulate a user decision to allow an invalid certificate exception for |
| 207 // kWWWGoogleHost and for kExampleHost. | 198 // kWWWGoogleHost and for kExampleHost. |
| 208 state->AllowCert( | 199 state->AllowCert( |
| 209 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 200 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
| 210 | 201 |
| 211 // Do a full clear, then make sure that both kWWWGoogleHost, which had a | 202 // Do a full clear, then make sure that both kWWWGoogleHost, which had a |
| 212 // decision made, and kExampleHost, which was untouched, are now in a | 203 // decision made, and kExampleHost, which was untouched, are now in a |
| 213 // non-decision state. | 204 // non-decision state. |
| 214 state->Clear(); | 205 state->Clear(); |
| 215 EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost)); | 206 EXPECT_FALSE(state->HasAllowed(kWWWGoogleHost)); |
| 216 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 207 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
| 217 state->QueryPolicy(kWWWGoogleHost, | 208 state->QueryPolicy(kWWWGoogleHost, |
| 218 google_cert.get(), | 209 google_cert.get(), |
| 219 net::CERT_STATUS_DATE_INVALID, | 210 net::CERT_STATUS_DATE_INVALID, |
| 220 &unused_value)); | 211 &unused_value)); |
| 221 EXPECT_FALSE(state->HasUserDecision(kExampleHost)); | 212 EXPECT_FALSE(state->HasAllowed(kExampleHost)); |
| 222 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 213 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
| 223 state->QueryPolicy(kExampleHost, | 214 state->QueryPolicy(kExampleHost, |
| 224 google_cert.get(), | 215 google_cert.get(), |
| 225 net::CERT_STATUS_DATE_INVALID, | 216 net::CERT_STATUS_DATE_INVALID, |
| 226 &unused_value)); | 217 &unused_value)); |
| 227 } | 218 } |
| 228 | 219 |
| 229 // DidHostRunInsecureContent unit tests the expected behavior of calling | 220 // DidHostRunInsecureContent unit tests the expected behavior of calling |
| 230 // DidHostRunInsecureContent as well as HostRanInsecureContent to check if | 221 // DidHostRunInsecureContent as well as HostRanInsecureContent to check if |
| 231 // insecure content has been run and to mark it as such. | 222 // insecure content has been run and to mark it as such. |
| (...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 575 // worth of browsing history and verify that the exception has been deleted. | 566 // worth of browsing history and verify that the exception has been deleted. |
| 576 state->AllowCert( | 567 state->AllowCert( |
| 577 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 568 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
| 578 RemoveAndWait(profile); | 569 RemoveAndWait(profile); |
| 579 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 570 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
| 580 state->QueryPolicy(kGoogleHost, | 571 state->QueryPolicy(kGoogleHost, |
| 581 google_cert.get(), | 572 google_cert.get(), |
| 582 net::CERT_STATUS_DATE_INVALID, | 573 net::CERT_STATUS_DATE_INVALID, |
| 583 &unused_value)); | 574 &unused_value)); |
| 584 } | 575 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 465133004:
Remove DenyCertForHost from SSLHostStateDelegate API. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src