OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/bind.h" | 5 #include "base/bind.h" |
6 #include "base/bind_helpers.h" | 6 #include "base/bind_helpers.h" |
7 #include "base/callback.h" | 7 #include "base/callback.h" |
8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
9 #include "base/prefs/pref_service.h" | 9 #include "base/prefs/pref_service.h" |
10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
11 #include "base/strings/stringprintf.h" | 11 #include "base/strings/stringprintf.h" |
12 #include "base/strings/utf_string_conversions.h" | 12 #include "base/strings/utf_string_conversions.h" |
13 #include "base/time/time.h" | 13 #include "base/time/time.h" |
14 #include "chrome/app/chrome_command_ids.h" | 14 #include "chrome/app/chrome_command_ids.h" |
| 15 #include "chrome/browser/browser_process.h" |
15 #include "chrome/browser/chrome_notification_types.h" | 16 #include "chrome/browser/chrome_notification_types.h" |
16 #include "chrome/browser/interstitials/security_interstitial_page_test_utils.h" | 17 #include "chrome/browser/interstitials/security_interstitial_page_test_utils.h" |
| 18 #include "chrome/browser/net/certificate_error_reporter.h" |
17 #include "chrome/browser/profiles/profile.h" | 19 #include "chrome/browser/profiles/profile.h" |
| 20 #include "chrome/browser/safe_browsing/ping_manager.h" |
| 21 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
18 #include "chrome/browser/ssl/ssl_blocking_page.h" | 22 #include "chrome/browser/ssl/ssl_blocking_page.h" |
19 #include "chrome/browser/ui/browser.h" | 23 #include "chrome/browser/ui/browser.h" |
20 #include "chrome/browser/ui/browser_commands.h" | 24 #include "chrome/browser/ui/browser_commands.h" |
21 #include "chrome/browser/ui/browser_navigator.h" | 25 #include "chrome/browser/ui/browser_navigator.h" |
22 #include "chrome/browser/ui/browser_tabstrip.h" | 26 #include "chrome/browser/ui/browser_tabstrip.h" |
23 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 27 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
24 #include "chrome/common/chrome_paths.h" | 28 #include "chrome/common/chrome_paths.h" |
25 #include "chrome/common/chrome_switches.h" | 29 #include "chrome/common/chrome_switches.h" |
26 #include "chrome/common/pref_names.h" | 30 #include "chrome/common/pref_names.h" |
27 #include "chrome/test/base/in_process_browser_test.h" | 31 #include "chrome/test/base/in_process_browser_test.h" |
(...skipping 14 matching lines...) Expand all Loading... |
42 #include "content/public/common/ssl_status.h" | 46 #include "content/public/common/ssl_status.h" |
43 #include "content/public/test/browser_test_utils.h" | 47 #include "content/public/test/browser_test_utils.h" |
44 #include "content/public/test/download_test_observer.h" | 48 #include "content/public/test/download_test_observer.h" |
45 #include "content/public/test/test_renderer_host.h" | 49 #include "content/public/test/test_renderer_host.h" |
46 #include "net/base/net_errors.h" | 50 #include "net/base/net_errors.h" |
47 #include "net/base/test_data_directory.h" | 51 #include "net/base/test_data_directory.h" |
48 #include "net/cert/cert_status_flags.h" | 52 #include "net/cert/cert_status_flags.h" |
49 #include "net/cert/x509_certificate.h" | 53 #include "net/cert/x509_certificate.h" |
50 #include "net/ssl/ssl_info.h" | 54 #include "net/ssl/ssl_info.h" |
51 #include "net/test/spawned_test_server/spawned_test_server.h" | 55 #include "net/test/spawned_test_server/spawned_test_server.h" |
| 56 #include "net/url_request/url_request_context.h" |
52 | 57 |
53 #if defined(USE_NSS) | 58 #if defined(USE_NSS) |
54 #include "chrome/browser/net/nss_context.h" | 59 #include "chrome/browser/net/nss_context.h" |
55 #include "net/base/crypto_module.h" | 60 #include "net/base/crypto_module.h" |
56 #include "net/cert/nss_cert_database.h" | 61 #include "net/cert/nss_cert_database.h" |
57 #endif // defined(USE_NSS) | 62 #endif // defined(USE_NSS) |
58 | 63 |
59 using base::ASCIIToUTF16; | 64 using base::ASCIIToUTF16; |
60 using chrome_browser_interstitials::SecurityInterstitialIDNTest; | 65 using chrome_browser_interstitials::SecurityInterstitialIDNTest; |
| 66 using chrome_browser_net::CertificateErrorReporter; |
61 using content::InterstitialPage; | 67 using content::InterstitialPage; |
62 using content::NavigationController; | 68 using content::NavigationController; |
63 using content::NavigationEntry; | 69 using content::NavigationEntry; |
64 using content::SSLStatus; | 70 using content::SSLStatus; |
65 using content::WebContents; | 71 using content::WebContents; |
66 using web_modal::WebContentsModalDialogManager; | 72 using web_modal::WebContentsModalDialogManager; |
67 | 73 |
68 const base::FilePath::CharType kDocRoot[] = | 74 const base::FilePath::CharType kDocRoot[] = |
69 FILE_PATH_LITERAL("chrome/test/data"); | 75 FILE_PATH_LITERAL("chrome/test/data"); |
70 | 76 |
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
167 content::SecurityStyle expected_security_style, | 173 content::SecurityStyle expected_security_style, |
168 int expected_authentication_state) { | 174 int expected_authentication_state) { |
169 ASSERT_FALSE(tab->IsCrashed()); | 175 ASSERT_FALSE(tab->IsCrashed()); |
170 NavigationEntry* entry = tab->GetController().GetActiveEntry(); | 176 NavigationEntry* entry = tab->GetController().GetActiveEntry(); |
171 ASSERT_TRUE(entry); | 177 ASSERT_TRUE(entry); |
172 CertError::Check(*entry, error); | 178 CertError::Check(*entry, error); |
173 SecurityStyle::Check(*entry, expected_security_style); | 179 SecurityStyle::Check(*entry, expected_security_style); |
174 AuthState::Check(*entry, expected_authentication_state); | 180 AuthState::Check(*entry, expected_authentication_state); |
175 } | 181 } |
176 | 182 |
| 183 namespace CertificateReporting { |
| 184 |
| 185 enum OptIn { EXTENDED_REPORTING_OPT_IN, EXTENDED_REPORTING_DO_NOT_OPT_IN }; |
| 186 |
| 187 enum Proceed { SSL_INTERSTITIAL_PROCEED, SSL_INTERSTITIAL_DO_NOT_PROCEED }; |
| 188 |
| 189 enum ExpectReport { CERT_REPORT_EXPECTED, CERT_REPORT_NOT_EXPECTED }; |
| 190 |
| 191 // This class is used to test invalid certificate chain reporting when |
| 192 // the user opts in to do so on the interstitial. |
| 193 class MockReporter : public CertificateErrorReporter { |
| 194 public: |
| 195 explicit MockReporter(net::URLRequestContext* request_context, |
| 196 const GURL& upload_url, |
| 197 CookiesPreference cookies_preference) |
| 198 : CertificateErrorReporter(request_context, |
| 199 upload_url, |
| 200 cookies_preference) {} |
| 201 |
| 202 void SendReport(CertificateErrorReporter::ReportType type, |
| 203 const std::string& hostname, |
| 204 const net::SSLInfo& ssl_info) override { |
| 205 EXPECT_EQ(CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING, type); |
| 206 latest_hostname_reported_ = hostname; |
| 207 } |
| 208 |
| 209 const std::string& latest_hostname_reported() { |
| 210 return latest_hostname_reported_; |
| 211 } |
| 212 |
| 213 private: |
| 214 std::string latest_hostname_reported_; |
| 215 }; |
| 216 |
| 217 void SetUpMockReporter(SafeBrowsingService* safe_browsing_service, |
| 218 MockReporter* reporter) { |
| 219 safe_browsing_service->ping_manager()->SetCertificateErrorReporterForTesting( |
| 220 scoped_ptr<CertificateErrorReporter>(reporter)); |
| 221 } |
| 222 |
| 223 } // namespace CertificateReporting |
| 224 |
177 } // namespace | 225 } // namespace |
178 | 226 |
179 class SSLUITest : public InProcessBrowserTest { | 227 class SSLUITest : public InProcessBrowserTest { |
180 public: | 228 public: |
181 SSLUITest() | 229 SSLUITest() |
182 : https_server_(net::SpawnedTestServer::TYPE_HTTPS, | 230 : https_server_(net::SpawnedTestServer::TYPE_HTTPS, |
183 SSLOptions(SSLOptions::CERT_OK), | 231 SSLOptions(SSLOptions::CERT_OK), |
184 base::FilePath(kDocRoot)), | 232 base::FilePath(kDocRoot)), |
185 https_server_expired_(net::SpawnedTestServer::TYPE_HTTPS, | 233 https_server_expired_(net::SpawnedTestServer::TYPE_HTTPS, |
186 SSLOptions(SSLOptions::CERT_EXPIRED), | 234 SSLOptions(SSLOptions::CERT_EXPIRED), |
187 base::FilePath(kDocRoot)), | 235 base::FilePath(kDocRoot)), |
188 https_server_mismatched_(net::SpawnedTestServer::TYPE_HTTPS, | 236 https_server_mismatched_(net::SpawnedTestServer::TYPE_HTTPS, |
189 SSLOptions(SSLOptions::CERT_MISMATCHED_NAME), | 237 SSLOptions(SSLOptions::CERT_MISMATCHED_NAME), |
190 base::FilePath(kDocRoot)), | 238 base::FilePath(kDocRoot)), |
191 wss_server_expired_(net::SpawnedTestServer::TYPE_WSS, | 239 wss_server_expired_(net::SpawnedTestServer::TYPE_WSS, |
192 SSLOptions(SSLOptions::CERT_EXPIRED), | 240 SSLOptions(SSLOptions::CERT_EXPIRED), |
193 net::GetWebSocketTestDataDirectory()) {} | 241 net::GetWebSocketTestDataDirectory()) {} |
194 | 242 |
| 243 void SetUpOnMainThread() override { |
| 244 // Set up the mock reporter to track the hostnames that reports get |
| 245 // sent for. The request_context argument is NULL here |
| 246 // because the MockReporter doesn't actually use a |
| 247 // request_context. (In order to pass a real request_context, the |
| 248 // reporter would have to be constructed on the IO thread.) |
| 249 reporter_ = new CertificateReporting::MockReporter( |
| 250 NULL, GURL("http://example.test"), |
| 251 CertificateReporting::MockReporter::DO_NOT_SEND_COOKIES); |
| 252 scoped_refptr<SafeBrowsingService> safe_browsing_service = |
| 253 g_browser_process->safe_browsing_service(); |
| 254 ASSERT_TRUE(safe_browsing_service); |
| 255 content::BrowserThread::PostTask( |
| 256 content::BrowserThread::IO, FROM_HERE, |
| 257 base::Bind(CertificateReporting::SetUpMockReporter, |
| 258 safe_browsing_service, reporter_)); |
| 259 } |
| 260 |
195 void SetUpCommandLine(base::CommandLine* command_line) override { | 261 void SetUpCommandLine(base::CommandLine* command_line) override { |
196 // Browser will both run and display insecure content. | 262 // Browser will both run and display insecure content. |
197 command_line->AppendSwitch(switches::kAllowRunningInsecureContent); | 263 command_line->AppendSwitch(switches::kAllowRunningInsecureContent); |
198 // Use process-per-site so that navigating to a same-site page in a | 264 // Use process-per-site so that navigating to a same-site page in a |
199 // new tab will use the same process. | 265 // new tab will use the same process. |
200 command_line->AppendSwitch(switches::kProcessPerSite); | 266 command_line->AppendSwitch(switches::kProcessPerSite); |
201 } | 267 } |
202 | 268 |
203 void CheckAuthenticatedState(WebContents* tab, | 269 void CheckAuthenticatedState(WebContents* tab, |
204 int expected_authentication_state) { | 270 int expected_authentication_state) { |
(...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
349 std::vector<net::SpawnedTestServer::StringPair> | 415 std::vector<net::SpawnedTestServer::StringPair> |
350 replacement_text_for_page_with_unsafe_worker; | 416 replacement_text_for_page_with_unsafe_worker; |
351 replacement_text_for_page_with_unsafe_worker.push_back( | 417 replacement_text_for_page_with_unsafe_worker.push_back( |
352 make_pair("REPLACE_WITH_UNSAFE_WORKER_PATH", unsafe_worker_path)); | 418 make_pair("REPLACE_WITH_UNSAFE_WORKER_PATH", unsafe_worker_path)); |
353 return net::SpawnedTestServer::GetFilePathWithReplacements( | 419 return net::SpawnedTestServer::GetFilePathWithReplacements( |
354 "files/ssl/page_with_unsafe_worker.html", | 420 "files/ssl/page_with_unsafe_worker.html", |
355 replacement_text_for_page_with_unsafe_worker, | 421 replacement_text_for_page_with_unsafe_worker, |
356 page_with_unsafe_worker_path); | 422 page_with_unsafe_worker_path); |
357 } | 423 } |
358 | 424 |
| 425 // Helper function for testing invalid certificate chain reporting. |
| 426 void TestBrokenHTTPSReporting( |
| 427 CertificateReporting::OptIn opt_in, |
| 428 CertificateReporting::Proceed proceed, |
| 429 CertificateReporting::ExpectReport expect_report, |
| 430 Browser* browser) { |
| 431 ASSERT_TRUE(https_server_expired_.Start()); |
| 432 |
| 433 // Opt in to sending reports for invalid certificate chains. |
| 434 browser->profile()->GetPrefs()->SetBoolean( |
| 435 prefs::kSafeBrowsingExtendedReportingEnabled, |
| 436 opt_in == CertificateReporting::EXTENDED_REPORTING_OPT_IN); |
| 437 |
| 438 ui_test_utils::NavigateToURL(browser, https_server_expired_.GetURL("/")); |
| 439 |
| 440 WebContents* tab = browser->tab_strip_model()->GetActiveWebContents(); |
| 441 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, |
| 442 AuthState::SHOWING_INTERSTITIAL); |
| 443 |
| 444 // Set up a callback so that the test is notified when the report |
| 445 // has been sent on the IO thread (or not sent). |
| 446 base::RunLoop report_run_loop; |
| 447 base::Closure report_callback = report_run_loop.QuitClosure(); |
| 448 SSLBlockingPage* interstitial_page = static_cast<SSLBlockingPage*>( |
| 449 tab->GetInterstitialPage()->GetDelegateForTesting()); |
| 450 interstitial_page->SetCertificateReportCallbackForTesting(report_callback); |
| 451 |
| 452 EXPECT_EQ(std::string(), reporter_->latest_hostname_reported()); |
| 453 |
| 454 // Leave the interstitial (either by proceeding or going back) |
| 455 if (proceed == CertificateReporting::SSL_INTERSTITIAL_PROCEED) { |
| 456 ProceedThroughInterstitial(tab); |
| 457 } else { |
| 458 // Click "Take me back" |
| 459 InterstitialPage* interstitial_page = tab->GetInterstitialPage(); |
| 460 ASSERT_TRUE(interstitial_page); |
| 461 interstitial_page->DontProceed(); |
| 462 } |
| 463 |
| 464 // Wait until the report has been sent on the IO thread. |
| 465 report_run_loop.Run(); |
| 466 |
| 467 if (expect_report == CertificateReporting::CERT_REPORT_EXPECTED) { |
| 468 // Check that the mock reporter received a request to send a report. |
| 469 EXPECT_EQ(https_server_expired_.GetURL("/").host(), |
| 470 reporter_->latest_hostname_reported()); |
| 471 } else { |
| 472 EXPECT_EQ(std::string(), reporter_->latest_hostname_reported()); |
| 473 } |
| 474 } |
| 475 |
359 net::SpawnedTestServer https_server_; | 476 net::SpawnedTestServer https_server_; |
360 net::SpawnedTestServer https_server_expired_; | 477 net::SpawnedTestServer https_server_expired_; |
361 net::SpawnedTestServer https_server_mismatched_; | 478 net::SpawnedTestServer https_server_mismatched_; |
362 net::SpawnedTestServer wss_server_expired_; | 479 net::SpawnedTestServer wss_server_expired_; |
363 | 480 |
364 private: | 481 private: |
365 typedef net::SpawnedTestServer::SSLOptions SSLOptions; | 482 typedef net::SpawnedTestServer::SSLOptions SSLOptions; |
| 483 CertificateReporting::MockReporter* reporter_; |
366 | 484 |
367 DISALLOW_COPY_AND_ASSIGN(SSLUITest); | 485 DISALLOW_COPY_AND_ASSIGN(SSLUITest); |
368 }; | 486 }; |
369 | 487 |
370 class SSLUITestBlock : public SSLUITest { | 488 class SSLUITestBlock : public SSLUITest { |
371 public: | 489 public: |
372 SSLUITestBlock() : SSLUITest() {} | 490 SSLUITestBlock() : SSLUITest() {} |
373 | 491 |
374 // Browser will neither run nor display insecure content. | 492 // Browser will neither run nor display insecure content. |
375 void SetUpCommandLine(base::CommandLine* command_line) override { | 493 void SetUpCommandLine(base::CommandLine* command_line) override { |
(...skipping 14 matching lines...) Expand all Loading... |
390 class SSLUITestIgnoreLocalhostCertErrors : public SSLUITest { | 508 class SSLUITestIgnoreLocalhostCertErrors : public SSLUITest { |
391 public: | 509 public: |
392 SSLUITestIgnoreLocalhostCertErrors() : SSLUITest() {} | 510 SSLUITestIgnoreLocalhostCertErrors() : SSLUITest() {} |
393 | 511 |
394 void SetUpCommandLine(base::CommandLine* command_line) override { | 512 void SetUpCommandLine(base::CommandLine* command_line) override { |
395 // Browser will ignore certificate errors on localhost. | 513 // Browser will ignore certificate errors on localhost. |
396 command_line->AppendSwitch(switches::kAllowInsecureLocalhost); | 514 command_line->AppendSwitch(switches::kAllowInsecureLocalhost); |
397 } | 515 } |
398 }; | 516 }; |
399 | 517 |
| 518 class SSLUITestWithExtendedReporting : public SSLUITest { |
| 519 public: |
| 520 SSLUITestWithExtendedReporting() : SSLUITest() {} |
| 521 |
| 522 void SetUpCommandLine(base::CommandLine* command_line) override { |
| 523 // Enable a checkbox on SSL interstitials that allows users to opt |
| 524 // in to reporting invalid certificate chains. |
| 525 command_line->AppendSwitch(switches::kEnableInvalidCertCollection); |
| 526 } |
| 527 }; |
| 528 |
400 // Visits a regular page over http. | 529 // Visits a regular page over http. |
401 IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTP) { | 530 IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTP) { |
402 ASSERT_TRUE(test_server()->Start()); | 531 ASSERT_TRUE(test_server()->Start()); |
403 | 532 |
404 ui_test_utils::NavigateToURL(browser(), | 533 ui_test_utils::NavigateToURL(browser(), |
405 test_server()->GetURL("files/ssl/google.html")); | 534 test_server()->GetURL("files/ssl/google.html")); |
406 | 535 |
407 CheckUnauthenticatedState( | 536 CheckUnauthenticatedState( |
408 browser()->tab_strip_model()->GetActiveWebContents(), AuthState::NONE); | 537 browser()->tab_strip_model()->GetActiveWebContents(), AuthState::NONE); |
409 } | 538 } |
(...skipping 577 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
987 &replacement_path)); | 1116 &replacement_path)); |
988 | 1117 |
989 // Load a page that displays insecure content. | 1118 // Load a page that displays insecure content. |
990 ui_test_utils::NavigateToURL(browser(), | 1119 ui_test_utils::NavigateToURL(browser(), |
991 https_server_.GetURL(replacement_path)); | 1120 https_server_.GetURL(replacement_path)); |
992 | 1121 |
993 CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(), | 1122 CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(), |
994 AuthState::DISPLAYED_INSECURE_CONTENT); | 1123 AuthState::DISPLAYED_INSECURE_CONTENT); |
995 } | 1124 } |
996 | 1125 |
| 1126 // Test that when the checkbox is checked and the user proceeds through |
| 1127 // the interstitial, the FraudulentCertificateReporter sees a request to |
| 1128 // send a report. |
| 1129 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| 1130 TestBrokenHTTPSProceedWithReporting) { |
| 1131 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN, |
| 1132 CertificateReporting::SSL_INTERSTITIAL_PROCEED, |
| 1133 CertificateReporting::CERT_REPORT_EXPECTED, |
| 1134 browser()); |
| 1135 } |
| 1136 |
| 1137 // Test that when the checkbox is checked and the user goes back (does |
| 1138 // not proceed through the interstitial), the |
| 1139 // FraudulentCertificateReporter sees a request to send a report. |
| 1140 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| 1141 TestBrokenHTTPSGoBackWithReporting) { |
| 1142 TestBrokenHTTPSReporting( |
| 1143 CertificateReporting::EXTENDED_REPORTING_OPT_IN, |
| 1144 CertificateReporting::SSL_INTERSTITIAL_DO_NOT_PROCEED, |
| 1145 CertificateReporting::CERT_REPORT_EXPECTED, browser()); |
| 1146 } |
| 1147 |
| 1148 // Test that when the checkbox is not checked and the user proceeds |
| 1149 // through the interstitial, the FraudulentCertificateReporter does not |
| 1150 // see a request to send a report. |
| 1151 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| 1152 TestBrokenHTTPSProceedWithNoReporting) { |
| 1153 TestBrokenHTTPSReporting( |
| 1154 CertificateReporting::EXTENDED_REPORTING_DO_NOT_OPT_IN, |
| 1155 CertificateReporting::SSL_INTERSTITIAL_PROCEED, |
| 1156 CertificateReporting::CERT_REPORT_NOT_EXPECTED, browser()); |
| 1157 } |
| 1158 |
| 1159 // Test that when the checkbox is not checked and the user does not proceed |
| 1160 // through the interstitial, the FraudulentCertificateReporter does not |
| 1161 // see a request to send a report. |
| 1162 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| 1163 TestBrokenHTTPSGoBackWithNoReporting) { |
| 1164 TestBrokenHTTPSReporting( |
| 1165 CertificateReporting::EXTENDED_REPORTING_DO_NOT_OPT_IN, |
| 1166 CertificateReporting::SSL_INTERSTITIAL_DO_NOT_PROCEED, |
| 1167 CertificateReporting::CERT_REPORT_NOT_EXPECTED, browser()); |
| 1168 } |
| 1169 |
| 1170 // Test that when the command-line switch for reporting invalid cert |
| 1171 // chains is not enabled, reports don't get sent, even if the opt-in |
| 1172 // preference is set. (i.e. if a user enables invalid cert collection in |
| 1173 // chrome://flags, checks the box on an interstitial, and then disables |
| 1174 // the flag in chrome://flags, reports shouldn't be sent on the next |
| 1175 // interstitial). |
| 1176 IN_PROC_BROWSER_TEST_F(SSLUITest, TestBrokenHTTPSNoReportingWithoutSwitch) { |
| 1177 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN, |
| 1178 CertificateReporting::SSL_INTERSTITIAL_PROCEED, |
| 1179 CertificateReporting::CERT_REPORT_NOT_EXPECTED, |
| 1180 browser()); |
| 1181 } |
| 1182 |
| 1183 // Test that reports don't get sent in incognito mode even if the opt-in |
| 1184 // preference is set and the command-line switch is enabled. |
| 1185 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| 1186 TestBrokenHTTPSNoReportingInIncognito) { |
| 1187 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN, |
| 1188 CertificateReporting::SSL_INTERSTITIAL_PROCEED, |
| 1189 CertificateReporting::CERT_REPORT_NOT_EXPECTED, |
| 1190 CreateIncognitoBrowser()); |
| 1191 } |
| 1192 |
997 // Visits a page that runs insecure content and tries to suppress the insecure | 1193 // Visits a page that runs insecure content and tries to suppress the insecure |
998 // content warnings by randomizing location.hash. | 1194 // content warnings by randomizing location.hash. |
999 // Based on http://crbug.com/8706 | 1195 // Based on http://crbug.com/8706 |
1000 IN_PROC_BROWSER_TEST_F(SSLUITest, | 1196 IN_PROC_BROWSER_TEST_F(SSLUITest, |
1001 TestRunsInsecuredContentRandomizeHash) { | 1197 TestRunsInsecuredContentRandomizeHash) { |
1002 ASSERT_TRUE(test_server()->Start()); | 1198 ASSERT_TRUE(test_server()->Start()); |
1003 ASSERT_TRUE(https_server_.Start()); | 1199 ASSERT_TRUE(https_server_.Start()); |
1004 | 1200 |
1005 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( | 1201 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( |
1006 "files/ssl/page_runs_insecure_content.html")); | 1202 "files/ssl/page_runs_insecure_content.html")); |
(...skipping 930 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1937 protected: | 2133 protected: |
1938 // SecurityInterstitialIDNTest implementation | 2134 // SecurityInterstitialIDNTest implementation |
1939 SecurityInterstitialPage* CreateInterstitial( | 2135 SecurityInterstitialPage* CreateInterstitial( |
1940 content::WebContents* contents, | 2136 content::WebContents* contents, |
1941 const GURL& request_url) const override { | 2137 const GURL& request_url) const override { |
1942 net::SSLInfo ssl_info; | 2138 net::SSLInfo ssl_info; |
1943 ssl_info.cert = new net::X509Certificate( | 2139 ssl_info.cert = new net::X509Certificate( |
1944 request_url.host(), "CA", base::Time::Max(), base::Time::Max()); | 2140 request_url.host(), "CA", base::Time::Max(), base::Time::Max()); |
1945 return new SSLBlockingPage( | 2141 return new SSLBlockingPage( |
1946 contents, net::ERR_CERT_CONTAINS_ERRORS, ssl_info, request_url, 0, | 2142 contents, net::ERR_CERT_CONTAINS_ERRORS, ssl_info, request_url, 0, |
1947 base::Time::NowFromSystemTime(), base::Callback<void(bool)>()); | 2143 base::Time::NowFromSystemTime(), nullptr, base::Callback<void(bool)>()); |
1948 } | 2144 } |
1949 }; | 2145 }; |
1950 | 2146 |
1951 IN_PROC_BROWSER_TEST_F(SSLBlockingPageIDNTest, SSLBlockingPageDecodesIDN) { | 2147 IN_PROC_BROWSER_TEST_F(SSLBlockingPageIDNTest, SSLBlockingPageDecodesIDN) { |
1952 EXPECT_TRUE(VerifyIDNDecoded()); | 2148 EXPECT_TRUE(VerifyIDNDecoded()); |
1953 } | 2149 } |
1954 | 2150 |
1955 // TODO(jcampan): more tests to do below. | 2151 // TODO(jcampan): more tests to do below. |
1956 | 2152 |
1957 // Visit a page over https that contains a frame with a redirect. | 2153 // Visit a page over https that contains a frame with a redirect. |
1958 | 2154 |
1959 // XMLHttpRequest insecure content in synchronous mode. | 2155 // XMLHttpRequest insecure content in synchronous mode. |
1960 | 2156 |
1961 // XMLHttpRequest insecure content in asynchronous mode. | 2157 // XMLHttpRequest insecure content in asynchronous mode. |
1962 | 2158 |
1963 // XMLHttpRequest over bad ssl in synchronous mode. | 2159 // XMLHttpRequest over bad ssl in synchronous mode. |
1964 | 2160 |
1965 // XMLHttpRequest over OK ssl in synchronous mode. | 2161 // XMLHttpRequest over OK ssl in synchronous mode. |
OLD | NEW |