| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stdint.h> | 5 #include <stdint.h> |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/strings/string_number_conversions.h" | 8 #include "base/strings/string_number_conversions.h" |
| 9 #include "base/test/simple_test_clock.h" | 9 #include "base/test/simple_test_clock.h" |
| 10 #include "chrome/browser/browsing_data/browsing_data_helper.h" | 10 #include "chrome/browser/browsing_data/browsing_data_helper.h" |
| 11 #include "chrome/browser/browsing_data/browsing_data_remover.h" | 11 #include "chrome/browser/browsing_data/browsing_data_remover.h" |
| 12 #include "chrome/browser/browsing_data/browsing_data_remover_test_util.h" | 12 #include "chrome/browser/browsing_data/browsing_data_remover_test_util.h" |
| 13 #include "chrome/browser/profiles/profile.h" | 13 #include "chrome/browser/profiles/profile.h" |
| 14 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h" | 14 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h" |
| 15 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate_factory.h" |
| 15 #include "chrome/browser/ui/browser.h" | 16 #include "chrome/browser/ui/browser.h" |
| 16 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 17 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
| 17 #include "chrome/common/chrome_switches.h" | 18 #include "chrome/common/chrome_switches.h" |
| 18 #include "chrome/test/base/in_process_browser_test.h" | 19 #include "chrome/test/base/in_process_browser_test.h" |
| 19 #include "content/public/browser/ssl_host_state_delegate.h" | 20 #include "content/public/browser/ssl_host_state_delegate.h" |
| 20 #include "content/public/browser/web_contents.h" | 21 #include "content/public/browser/web_contents.h" |
| 21 #include "content/public/test/browser_test_utils.h" | 22 #include "content/public/test/browser_test_utils.h" |
| 22 #include "net/base/test_data_directory.h" | 23 #include "net/base/test_data_directory.h" |
| 23 #include "net/test/cert_test_util.h" | 24 #include "net/test/cert_test_util.h" |
| 24 #include "testing/gtest/include/gtest/gtest.h" | 25 #include "testing/gtest/include/gtest/gtest.h" |
| (...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 125 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 126 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
| 126 state->QueryPolicy( | 127 state->QueryPolicy( |
| 127 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 128 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
| 128 EXPECT_EQ( | 129 EXPECT_EQ( |
| 129 net::CertPolicy::DENIED, | 130 net::CertPolicy::DENIED, |
| 130 state->QueryPolicy( | 131 state->QueryPolicy( |
| 131 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 132 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
| 132 } | 133 } |
| 133 | 134 |
| 134 // HasPolicyAndRevoke unit tests the expected behavior of calling | 135 // HasPolicyAndRevoke unit tests the expected behavior of calling |
| 135 // HasAllowedOrDeniedCert before and after calling RevokeAllowAndDenyPreferences | 136 // HasUserDecision before and after calling RevokeUserDecisions on the |
| 136 // on the SSLHostStateDelegate class. | 137 // SSLHostStateDelegate class. |
| 137 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) { | 138 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, HasPolicyAndRevoke) { |
| 138 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); | 139 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); |
| 139 content::WebContents* tab = | 140 content::WebContents* tab = |
| 140 browser()->tab_strip_model()->GetActiveWebContents(); | 141 browser()->tab_strip_model()->GetActiveWebContents(); |
| 141 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 142 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| 142 content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate(); | 143 ChromeSSLHostStateDelegate* state = |
| 144 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); |
| 143 | 145 |
| 144 // Simulate a user decision to allow an invalid certificate exception for | 146 // Simulate a user decision to allow an invalid certificate exception for |
| 145 // kWWWGoogleHost and for kExampleHost. | 147 // kWWWGoogleHost and for kExampleHost. |
| 146 state->AllowCert( | 148 state->AllowCert( |
| 147 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 149 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
| 148 state->AllowCert( | 150 state->AllowCert( |
| 149 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 151 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
| 150 | 152 |
| 151 // Verify that HasAllowedOrDeniedCert correctly acknowledges that a user | 153 // Verify that HasUserDecision correctly acknowledges that a user decision has |
| 152 // decision has been made about kWWWGoogleHost. Then verify that | 154 // been made about kWWWGoogleHost. Then verify that HasUserDecision correctly |
| 153 // HasAllowedOrDeniedCert correctly identifies that the decision has been | 155 // identifies that the decision has been revoked. |
| 154 // revoked. | 156 EXPECT_TRUE(state->HasUserDecision(kWWWGoogleHost)); |
| 155 EXPECT_TRUE(state->HasAllowedOrDeniedCert(kWWWGoogleHost)); | 157 state->RevokeUserDecisions(kWWWGoogleHost); |
| 156 state->RevokeAllowAndDenyPreferences(kWWWGoogleHost); | 158 EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost)); |
| 157 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kWWWGoogleHost)); | |
| 158 EXPECT_EQ( | 159 EXPECT_EQ( |
| 159 net::CertPolicy::UNKNOWN, | 160 net::CertPolicy::UNKNOWN, |
| 160 state->QueryPolicy( | 161 state->QueryPolicy( |
| 161 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 162 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
| 162 | 163 |
| 163 // Verify that the revocation of the kWWWGoogleHost decision does not affect | 164 // Verify that the revocation of the kWWWGoogleHost decision does not affect |
| 164 // the Allow for kExampleHost. | 165 // the Allow for kExampleHost. |
| 165 EXPECT_TRUE(state->HasAllowedOrDeniedCert(kExampleHost)); | 166 EXPECT_TRUE(state->HasUserDecision(kExampleHost)); |
| 166 | 167 |
| 167 // Verify the revocation of the kWWWGoogleHost decision does not affect the | 168 // Verify the revocation of the kWWWGoogleHost decision does not affect the |
| 168 // non-decision for kGoogleHost. Then verify that a revocation of a URL with | 169 // non-decision for kGoogleHost. Then verify that a revocation of a URL with |
| 169 // no decision has no effect. | 170 // no decision has no effect. |
| 170 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kGoogleHost)); | 171 EXPECT_FALSE(state->HasUserDecision(kGoogleHost)); |
| 171 state->RevokeAllowAndDenyPreferences(kGoogleHost); | 172 state->RevokeUserDecisions(kGoogleHost); |
| 172 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kGoogleHost)); | 173 EXPECT_FALSE(state->HasUserDecision(kGoogleHost)); |
| 173 } | 174 } |
| 174 | 175 |
| 175 // Clear unit tests the expected behavior of calling Clear to forget all cert | 176 // Clear unit tests the expected behavior of calling Clear to forget all cert |
| 176 // decision state on the SSLHostStateDelegate class. | 177 // decision state on the SSLHostStateDelegate class. |
| 177 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, Clear) { | 178 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, Clear) { |
| 178 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); | 179 scoped_refptr<net::X509Certificate> google_cert = GetGoogleCert(); |
| 179 content::WebContents* tab = | 180 content::WebContents* tab = |
| 180 browser()->tab_strip_model()->GetActiveWebContents(); | 181 browser()->tab_strip_model()->GetActiveWebContents(); |
| 181 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 182 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| 182 content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate(); | 183 ChromeSSLHostStateDelegate* state = |
| 184 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); |
| 183 | 185 |
| 184 // Simulate a user decision to allow an invalid certificate exception for | 186 // Simulate a user decision to allow an invalid certificate exception for |
| 185 // kWWWGoogleHost and for kExampleHost. | 187 // kWWWGoogleHost and for kExampleHost. |
| 186 state->AllowCert( | 188 state->AllowCert( |
| 187 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 189 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
| 188 | 190 |
| 189 // Do a full clear, then make sure that both kWWWGoogleHost, which had a | 191 // Do a full clear, then make sure that both kWWWGoogleHost, which had a |
| 190 // decision made, and kExampleHost, which was untouched, are now in a | 192 // decision made, and kExampleHost, which was untouched, are now in a |
| 191 // non-decision state. | 193 // non-decision state. |
| 192 state->Clear(); | 194 state->Clear(); |
| 193 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kWWWGoogleHost)); | 195 EXPECT_FALSE(state->HasUserDecision(kWWWGoogleHost)); |
| 194 EXPECT_EQ( | 196 EXPECT_EQ( |
| 195 net::CertPolicy::UNKNOWN, | 197 net::CertPolicy::UNKNOWN, |
| 196 state->QueryPolicy( | 198 state->QueryPolicy( |
| 197 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 199 kWWWGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
| 198 EXPECT_FALSE(state->HasAllowedOrDeniedCert(kExampleHost)); | 200 EXPECT_FALSE(state->HasUserDecision(kExampleHost)); |
| 199 EXPECT_EQ( | 201 EXPECT_EQ( |
| 200 net::CertPolicy::UNKNOWN, | 202 net::CertPolicy::UNKNOWN, |
| 201 state->QueryPolicy( | 203 state->QueryPolicy( |
| 202 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 204 kExampleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
| 203 } | 205 } |
| 204 | 206 |
| 207 // DidHostRunInsecureContent unit tests the expected behavior of calling |
| 208 // DidHostRunInsecureContent as well as HostRanInsecureContent to check if |
| 209 // insecure content has been run and to mark it as such. |
| 210 IN_PROC_BROWSER_TEST_F(ChromeSSLHostStateDelegateTest, |
| 211 DidHostRunInsecureContent) { |
| 212 content::WebContents* tab = |
| 213 browser()->tab_strip_model()->GetActiveWebContents(); |
| 214 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); |
| 215 content::SSLHostStateDelegate* state = profile->GetSSLHostStateDelegate(); |
| 216 |
| 217 EXPECT_FALSE(state->DidHostRunInsecureContent("www.google.com", 42)); |
| 218 EXPECT_FALSE(state->DidHostRunInsecureContent("www.google.com", 191)); |
| 219 EXPECT_FALSE(state->DidHostRunInsecureContent("example.com", 42)); |
| 220 |
| 221 state->HostRanInsecureContent("www.google.com", 42); |
| 222 |
| 223 EXPECT_TRUE(state->DidHostRunInsecureContent("www.google.com", 42)); |
| 224 EXPECT_FALSE(state->DidHostRunInsecureContent("www.google.com", 191)); |
| 225 EXPECT_FALSE(state->DidHostRunInsecureContent("example.com", 42)); |
| 226 |
| 227 state->HostRanInsecureContent("example.com", 42); |
| 228 |
| 229 EXPECT_TRUE(state->DidHostRunInsecureContent("www.google.com", 42)); |
| 230 EXPECT_FALSE(state->DidHostRunInsecureContent("www.google.com", 191)); |
| 231 EXPECT_TRUE(state->DidHostRunInsecureContent("example.com", 42)); |
| 232 } |
| 233 |
| 205 // Tests the basic behavior of cert memory in incognito. | 234 // Tests the basic behavior of cert memory in incognito. |
| 206 class IncognitoSSLHostStateDelegateTest | 235 class IncognitoSSLHostStateDelegateTest |
| 207 : public ChromeSSLHostStateDelegateTest { | 236 : public ChromeSSLHostStateDelegateTest { |
| 208 protected: | 237 protected: |
| 209 virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { | 238 virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { |
| 210 ChromeSSLHostStateDelegateTest::SetUpCommandLine(command_line); | 239 ChromeSSLHostStateDelegateTest::SetUpCommandLine(command_line); |
| 211 command_line->AppendSwitchASCII(switches::kRememberCertErrorDecisions, | 240 command_line->AppendSwitchASCII(switches::kRememberCertErrorDecisions, |
| 212 kDeltaSecondsString); | 241 kDeltaSecondsString); |
| 213 } | 242 } |
| 214 }; | 243 }; |
| (...skipping 226 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 441 | 470 |
| 442 // Add an exception for an invalid certificate. Then remove the last hour's | 471 // Add an exception for an invalid certificate. Then remove the last hour's |
| 443 // worth of browsing history and verify that the exception has been deleted. | 472 // worth of browsing history and verify that the exception has been deleted. |
| 444 state->AllowCert( | 473 state->AllowCert( |
| 445 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); | 474 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID); |
| 446 RemoveAndWait(profile); | 475 RemoveAndWait(profile); |
| 447 EXPECT_EQ(net::CertPolicy::UNKNOWN, | 476 EXPECT_EQ(net::CertPolicy::UNKNOWN, |
| 448 state->QueryPolicy( | 477 state->QueryPolicy( |
| 449 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); | 478 kGoogleHost, google_cert.get(), net::CERT_STATUS_DATE_INVALID)); |
| 450 } | 479 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 473643002:
Add button to page info to revoke user certificate decisions. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src