Chromium Code Reviews Chromium Code Reviews
Issue 935663004:
Add checkbox for reporting invalid TLS/SSL cert chains (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/ssl/ssl_browser_tests.cc |
| diff --git a/chrome/browser/ssl/ssl_browser_tests.cc b/chrome/browser/ssl/ssl_browser_tests.cc |
| index 32b4d43abc944208fec11558033aabe4e21608b9..fb07e9f1a57b927e6a943154c496b15c7320d926 100644 |
| --- a/chrome/browser/ssl/ssl_browser_tests.cc |
| +++ b/chrome/browser/ssl/ssl_browser_tests.cc |
| @@ -12,6 +12,7 @@ |
| #include "base/time/time.h" |
| #include "chrome/app/chrome_command_ids.h" |
| #include "chrome/browser/chrome_notification_types.h" |
| +#include "chrome/browser/net/certificate_error_reporter.h" |
| #include "chrome/browser/profiles/profile.h" |
| #include "chrome/browser/ssl/ssl_blocking_page.h" |
| #include "chrome/browser/ui/browser.h" |
| @@ -45,6 +46,7 @@ |
| #include "net/base/test_data_directory.h" |
| #include "net/cert/cert_status_flags.h" |
| #include "net/test/spawned_test_server/spawned_test_server.h" |
| +#include "net/url_request/url_request_context.h" |
| #if defined(USE_NSS) |
| #include "chrome/browser/net/nss_context.h" |
| @@ -53,6 +55,7 @@ |
| #endif // defined(USE_NSS) |
| using base::ASCIIToUTF16; |
| +using chrome_browser_net::CertificateErrorReporter; |
| using content::InterstitialPage; |
| using content::NavigationController; |
| using content::NavigationEntry; |
| @@ -169,6 +172,29 @@ void CheckSecurityState(WebContents* tab, |
| AuthState::Check(*entry, expected_authentication_state); |
| } |
| +// This class is used to test invalid certificate chain reporting when |
| +// the user opts in to do so on the interstitial. |
| +class MockReporter : public CertificateErrorReporter { |
| + public: |
| + explicit MockReporter(const GURL& upload_url) |
| + : CertificateErrorReporter(upload_url) {} |
| + |
| + void SendReport(CertificateErrorReporter::ReportType type, |
| + net::URLRequestContext* request_context, |
| + const std::string& hostname, |
| + const net::SSLInfo& ssl_info) override { |
| + EXPECT_EQ(CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING, type); |
| + latest_hostname_reported_ = hostname; |
| + } |
| + |
| + const std::string& latest_hostname_reported() { |
| + return latest_hostname_reported_; |
| + } |
| + |
| + private: |
| + ~MockReporter() override {} |
| + std::string latest_hostname_reported_; |
| +}; |
| } // namespace |
| class SSLUITest : public InProcessBrowserTest { |
| @@ -351,6 +377,64 @@ class SSLUITest : public InProcessBrowserTest { |
| page_with_unsafe_worker_path); |
| } |
| + // Helper function for testing invalid certificate chain reporting. |
| + void TestBrokenHTTPSReporting(bool opt_in, |
| + bool proceed, |
| + bool switch_enabled, |
| + bool expect_report, |
| + Browser* browser) { |
| + ASSERT_TRUE(https_server_expired_.Start()); |
| + |
| + // Opt in to sending reports for invalid certificate chains. |
| + browser->profile()->GetPrefs()->SetBoolean( |
| + prefs::kSafeBrowsingExtendedReportingEnabled, opt_in); |
| + |
| + ui_test_utils::NavigateToURL(browser, https_server_expired_.GetURL("/")); |
| + |
| + WebContents* tab = browser->tab_strip_model()->GetActiveWebContents(); |
| + CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, |
| + AuthState::SHOWING_INTERSTITIAL); |
| + |
| + // Set up a callback so that the test is notified when the report |
| + // has been sent on the IO thread (or not sent). |
| + base::RunLoop report_run_loop; |
| + base::Callback<void()> report_callback = report_run_loop.QuitClosure(); |
|
Bernhard Bauer
2015/03/13 13:48:48
This is typedef'd as base::Closure.
estark
2015/03/13 16:21:17
Done.
|
| + SSLBlockingPage* interstitial_page = static_cast<SSLBlockingPage*>( |
| + tab->GetInterstitialPage()->GetDelegateForTesting()); |
| + interstitial_page->SetCertificateReportCallbackForTesting(report_callback); |
| + // Set up the mock reporter to track the hostnames that reports get |
| + // sent for. The request_context argument is not present here |
| + // because the MockReporter doesn't actually use a |
| + // request_context. (In order to pass a real request_context, the |
| + // reporter would have to be constructed on the IO thread.) |
| + scoped_refptr<MockReporter> reporter = |
| + new MockReporter(GURL("http://example.test")); |
| + interstitial_page->SetCertificateErrorReporterForTesting(reporter); |
| + |
| + EXPECT_EQ(std::string(), reporter->latest_hostname_reported()); |
| + |
| + // Leave the interstitial (either by proceeding or going back) |
| + if (proceed) { |
| + ProceedThroughInterstitial(tab); |
| + } else { |
| + // Click "Take me back" |
| + InterstitialPage* interstitial_page = tab->GetInterstitialPage(); |
| + ASSERT_TRUE(interstitial_page); |
| + interstitial_page->DontProceed(); |
| + } |
| + |
| + // Wait until the report has been sent on the IO thread. |
| + report_run_loop.Run(); |
| + |
| + if (expect_report) { |
| + // Check that the mock reporter received a request to send a report. |
| + EXPECT_EQ(https_server_expired_.GetURL("/").host(), |
| + reporter->latest_hostname_reported()); |
| + } else { |
| + EXPECT_EQ(std::string(), reporter->latest_hostname_reported()); |
| + } |
| + } |
| + |
| net::SpawnedTestServer https_server_; |
| net::SpawnedTestServer https_server_expired_; |
| net::SpawnedTestServer https_server_mismatched_; |
| @@ -392,6 +476,17 @@ class SSLUITestIgnoreLocalhostCertErrors : public SSLUITest { |
| } |
| }; |
| +class SSLUITestWithExtendedReporting : public SSLUITest { |
| + public: |
| + SSLUITestWithExtendedReporting() : SSLUITest() {} |
| + |
| + void SetUpCommandLine(base::CommandLine* command_line) override { |
| + // Enable a checkbox on SSL interstitials that allows users to opt |
| + // in to reporting invalid certificate chains. |
| + command_line->AppendSwitch(switches::kEnableInvalidCertCollection); |
| + } |
| +}; |
| + |
| // Visits a regular page over http. |
| IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTP) { |
| ASSERT_TRUE(test_server()->Start()); |
| @@ -448,6 +543,55 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, TestBrokenHTTPSWithInsecureContent) { |
| AuthState::DISPLAYED_INSECURE_CONTENT); |
| } |
| +// Test that when the checkbox is checked and the user proceeds through |
| +// the interstitial, the FraudulentCertificateReporter sees a request to |
| +// send a report. |
| +IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| + TestBrokenHTTPSProceedWithReporting) { |
| + TestBrokenHTTPSReporting(true, true, true, true, browser()); |
| +} |
| + |
| +// Test that when the checkbox is checked and the user goes back (does |
| +// not proceed through the interstitial), the |
| +// FraudulentCertificateReporter sees a request to send a report. |
| +IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| + TestBrokenHTTPSGoBackWithReporting) { |
| + TestBrokenHTTPSReporting(true, false, true, true, browser()); |
| +} |
| + |
| +// Test that when the checkbox is not checked and the user proceeds |
| +// through the interstitial, the FraudulentCertificateReporter does not |
| +// see a request to send a report. |
| +IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| + TestBrokenHTTPSProceedWithNoReporting) { |
| + TestBrokenHTTPSReporting(false, true, true, false, browser()); |
| +} |
| + |
| +// Test that when the checkbox is not checked and the user does not proceed |
| +// through the interstitial, the FraudulentCertificateReporter does not |
| +// see a request to send a report. |
| +IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| + TestBrokenHTTPSGoBackWithNoReporting) { |
| + TestBrokenHTTPSReporting(false, false, true, false, browser()); |
| +} |
| + |
| +// Test that when the command-line switch for reporting invalid cert |
| +// chains is not enabled, reports don't get sent, even if the opt-in |
| +// preference is set. (i.e. if a user enables invalid cert collection in |
| +// chrome://flags, checks the box on an interstitial, and then disables |
| +// the flag in chrome://flags, reports shouldn't be sent on the next |
| +// interstitial). |
| +IN_PROC_BROWSER_TEST_F(SSLUITest, TestBrokenHTTPSNoReportingWithoutSwitch) { |
| + TestBrokenHTTPSReporting(true, true, false, false, browser()); |
| +} |
| + |
| +// Test that reports don't get sent in incognito mode even if the opt-in |
| +// preference is set and the command-line switch is enabled. |
| +IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting, |
| + TestBrokenHTTPSNoReportingInIncognito) { |
| + TestBrokenHTTPSReporting(true, true, true, false, CreateIncognitoBrowser()); |
| +} |
| + |
| // http://crbug.com/91745 |
| #if defined(OS_CHROMEOS) |
| #define MAYBE_TestOKHTTPS DISABLED_TestOKHTTPS |
