1ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Use of this source code is governed by a BSD-style license that can be 3c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// found in the LICENSE file. 4c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 5c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "base/time.h" 6513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch#include "chrome/app/chrome_command_ids.h" 73345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#include "chrome/browser/tabs/tab_strip_model.h" 84a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch#include "chrome/browser/ui/browser.h" 94a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch#include "chrome/browser/ui/browser_navigator.h" 1021d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen#include "chrome/browser/ui/tab_contents/tab_contents_wrapper.h" 11c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "chrome/test/in_process_browser_test.h" 12c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "chrome/test/ui_test_utils.h" 13dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/browser/tab_contents/interstitial_page.h" 14dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/browser/tab_contents/navigation_entry.h" 15dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/browser/tab_contents/tab_contents.h" 163345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#include "net/base/cert_status_flags.h" 173345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#include "net/test/test_server.h" 18c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 193345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickconst FilePath::CharType kDocRoot[] = FILE_PATH_LITERAL("chrome/test/data"); 20c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 21c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochclass SSLUITest : public InProcessBrowserTest { 22513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch typedef net::TestServer::HTTPSOptions HTTPSOptions; 23513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 24c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch public: 253345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick SSLUITest() 26513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch : https_server_( 27513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch HTTPSOptions(HTTPSOptions::CERT_OK), FilePath(kDocRoot)), 28513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch https_server_expired_( 29513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch HTTPSOptions(HTTPSOptions::CERT_EXPIRED), FilePath(kDocRoot)), 303345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_mismatched_( 31513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch HTTPSOptions(HTTPSOptions::CERT_MISMATCHED_NAME), 323345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick FilePath(kDocRoot)) { 33c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EnableDOMAutomation(); 34c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 35c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 36c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch void CheckAuthenticatedState(TabContents* tab, 37c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool displayed_insecure_content) { 38c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry = tab->controller().GetActiveEntry(); 39c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry); 404a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch EXPECT_EQ(NORMAL_PAGE, entry->page_type()); 41c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(SECURITY_STYLE_AUTHENTICATED, entry->ssl().security_style()); 42c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(0, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS); 43c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(displayed_insecure_content, 44c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch entry->ssl().displayed_insecure_content()); 45c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(entry->ssl().ran_insecure_content()); 46c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 47c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 48c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch void CheckUnauthenticatedState(TabContents* tab) { 49c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry = tab->controller().GetActiveEntry(); 50c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry); 514a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch EXPECT_EQ(NORMAL_PAGE, entry->page_type()); 52c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(SECURITY_STYLE_UNAUTHENTICATED, entry->ssl().security_style()); 53c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(0, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS); 54c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(entry->ssl().displayed_insecure_content()); 55c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(entry->ssl().ran_insecure_content()); 56c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 57c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 58c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch void CheckAuthenticationBrokenState(TabContents* tab, 59c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int error, 60c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool ran_insecure_content, 61c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool interstitial) { 62c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry = tab->controller().GetActiveEntry(); 63c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry); 644a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch EXPECT_EQ(interstitial ? INTERSTITIAL_PAGE : NORMAL_PAGE, 65c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch entry->page_type()); 66c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN, 67c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch entry->ssl().security_style()); 68c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // CERT_STATUS_UNABLE_TO_CHECK_REVOCATION doesn't lower the security style 69c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // to SECURITY_STYLE_AUTHENTICATION_BROKEN. 70c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_NE(net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, error); 71c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(error, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS); 72c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(entry->ssl().displayed_insecure_content()); 73c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(ran_insecure_content, entry->ssl().ran_insecure_content()); 74c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 75c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 76c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch void CheckWorkerLoadResult(TabContents* tab, bool expectLoaded) { 77c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Workers are async and we don't have notifications for them passing 78c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // messages since they do it between renderer and worker processes. 79c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // So have a polling loop, check every 200ms, timeout at 30s. 80c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const int timeout_ms = 200; 81c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch base::Time timeToQuit = base::Time::Now() + 82c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch base::TimeDelta::FromMilliseconds(30000); 83c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 84c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch while (base::Time::Now() < timeToQuit) { 85c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool workerFinished = false; 86c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 87c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 88c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(IsWorkerFinished());", 89c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &workerFinished)); 90c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 91c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (workerFinished) 92c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 93c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 94c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Wait a bit. 95c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch MessageLoop::current()->PostDelayedTask( 96c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch FROM_HERE, new MessageLoop::QuitTask, timeout_ms); 97c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::RunMessageLoop(); 98c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 99c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 100c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool actuallyLoadedContent = false; 101c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 102c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 103c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(IsContentLoaded());", 104c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &actuallyLoadedContent)); 105c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(expectLoaded, actuallyLoadedContent); 106c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 107c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 108c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch void ProceedThroughInterstitial(TabContents* tab) { 109c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch InterstitialPage* interstitial_page = tab->interstitial_page(); 110c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(interstitial_page); 111c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch interstitial_page->Proceed(); 112c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Wait for the navigation to be done. 113c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&(tab->controller())); 114c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 115c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1164a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch static bool GetFilePathWithHostAndPortReplacement( 1174a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch const std::string& original_file_path, 1184a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch const net::HostPortPair& host_port_pair, 1194a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string* replacement_path) { 1204a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::vector<net::TestServer::StringPair> replacement_text; 1214a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch replacement_text.push_back( 1224a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString())); 1234a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch return net::TestServer::GetFilePathWithReplacements( 1244a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch original_file_path, replacement_text, replacement_path); 1254a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch } 1264a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch 1274a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch static bool GetTopFramePath(const net::TestServer& http_server, 1284a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch const net::TestServer& good_https_server, 1294a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch const net::TestServer& bad_https_server, 1304a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string* top_frame_path) { 1314a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch // The "frame_left.html" page contained in the top_frame.html page contains 1324a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch // <a href>'s to three different servers. This sets up all of the 1334a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch // replacement text to work with test servers which listen on ephemeral 1344a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch // ports. 1354a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch GURL http_url = http_server.GetURL("files/ssl/google.html"); 1364a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch GURL good_https_url = good_https_server.GetURL("files/ssl/google.html"); 1374a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch GURL bad_https_url = bad_https_server.GetURL( 1384a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch "files/ssl/bad_iframe.html"); 1394a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch 1404a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::vector<net::TestServer::StringPair> replacement_text_frame_left; 1414a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch replacement_text_frame_left.push_back( 1424a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch make_pair("REPLACE_WITH_HTTP_PAGE", http_url.spec())); 1434a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch replacement_text_frame_left.push_back( 1444a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch make_pair("REPLACE_WITH_GOOD_HTTPS_PAGE", good_https_url.spec())); 1454a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch replacement_text_frame_left.push_back( 1464a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch make_pair("REPLACE_WITH_BAD_HTTPS_PAGE", bad_https_url.spec())); 1474a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string frame_left_path; 1484a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch if (!net::TestServer::GetFilePathWithReplacements( 1494a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch "frame_left.html", 1504a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch replacement_text_frame_left, 1514a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &frame_left_path)) 1524a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch return false; 1534a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch 1544a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch // Substitute the generated frame_left URL into the top_frame page. 1554a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::vector<net::TestServer::StringPair> replacement_text_top_frame; 1564a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch replacement_text_top_frame.push_back( 1574a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch make_pair("REPLACE_WITH_FRAME_LEFT_PATH", frame_left_path)); 1584a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch return net::TestServer::GetFilePathWithReplacements( 1594a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch "files/ssl/top_frame.html", 1604a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch replacement_text_top_frame, 1614a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch top_frame_path); 162513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch } 163513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 16421d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen static bool GetPageWithUnsafeWorkerPath( 16521d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen const net::TestServer& expired_https_server, 16621d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen std::string* page_with_unsafe_worker_path) { 16721d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen // Get the "imported.js" URL from the expired https server and 16821d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen // substitute it into the unsafe_worker.js file. 16921d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen GURL imported_js_url = expired_https_server.GetURL("files/ssl/imported.js"); 17021d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen std::vector<net::TestServer::StringPair> replacement_text_for_unsafe_worker; 17121d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen replacement_text_for_unsafe_worker.push_back( 17221d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen make_pair("REPLACE_WITH_IMPORTED_JS_URL", imported_js_url.spec())); 17321d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen std::string unsafe_worker_path; 17421d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen if (!net::TestServer::GetFilePathWithReplacements( 17521d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen "unsafe_worker.js", 17621d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen replacement_text_for_unsafe_worker, 17721d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen &unsafe_worker_path)) 17821d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen return false; 17921d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen 18021d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen // Now, substitute this into the page with unsafe worker. 18121d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen std::vector<net::TestServer::StringPair> 18221d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen replacement_text_for_page_with_unsafe_worker; 18321d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen replacement_text_for_page_with_unsafe_worker.push_back( 18421d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen make_pair("REPLACE_WITH_UNSAFE_WORKER_PATH", unsafe_worker_path)); 18521d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen return net::TestServer::GetFilePathWithReplacements( 18621d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen "files/ssl/page_with_unsafe_worker.html", 18721d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen replacement_text_for_page_with_unsafe_worker, 18821d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen page_with_unsafe_worker_path); 18921d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen } 19021d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen 1913345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick net::TestServer https_server_; 1923345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick net::TestServer https_server_expired_; 1933345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick net::TestServer https_server_mismatched_; 1943345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 195c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch private: 196c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DISALLOW_COPY_AND_ASSIGN(SSLUITest); 197c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch}; 198c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 199c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a regular page over http. 200c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTP) { 2013345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 202c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 203c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 2043345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick test_server()->GetURL("files/ssl/google.html")); 205c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 206c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(browser()->GetSelectedTabContents()); 207c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 208c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 209c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page over http which includes broken https resources (status should 210c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// be OK). 211c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// TODO(jcampan): test that bad HTTPS content is blocked (otherwise we'll give 212c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// the secure cookies away!). 213c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPWithBrokenHTTPSResource) { 2143345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 2153345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 216c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 2174a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 2184a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 219513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_with_unsafe_contents.html", 2204a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_expired_.host_port_pair(), 2214a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 222513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 223513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch ui_test_utils::NavigateToURL( 224513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch browser(), test_server()->GetURL(replacement_path)); 225c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 226c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(browser()->GetSelectedTabContents()); 227c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 228c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 229c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page over OK https: 230c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestOKHTTPS) { 2313345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 232c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 233c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 2343345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_.GetURL("files/ssl/google.html")); 235c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 236c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(browser()->GetSelectedTabContents(), false); 237c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 238c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 239c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with https error and proceed: 2403f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen// Disabled, http://crbug.com/68448. 2413f50c38dc070f4bb515c1b64450dae14f316474eKristian MonsenIN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestHTTPSExpiredCertAndProceed) { 2423345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 243c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 244c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 2453345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/google.html")); 246c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 247c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 248c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 249c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing 250c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 251c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ProceedThroughInterstitial(tab); 252c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 253c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 254c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false); // No interstitial showing 255c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 256c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 257c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with https error and don't proceed (and ensure we can still 258c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// navigate at that point): 259c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#if defined(OS_WIN) 260c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Disabled, flakily exceeds test timeout, http://crbug.com/43575. 261c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#define MAYBE_TestHTTPSExpiredCertAndDontProceed \ 262c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DISABLED_TestHTTPSExpiredCertAndDontProceed 263c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#else 264c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 265c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#define MAYBE_TestHTTPSExpiredCertAndDontProceed \ 266c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch FLAKY_TestHTTPSExpiredCertAndDontProceed 267c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#endif 268c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestHTTPSExpiredCertAndDontProceed) { 2693345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 2703345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 2713345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 272c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 273c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // First navigate to an OK page. 274c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 2753345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_.GetURL("files/ssl/google.html")); 276c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 277c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 278c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry = tab->controller().GetActiveEntry(); 279c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry); 280c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 281c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch GURL cross_site_url = 2823345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/google.html"); 283c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Change the host name from 127.0.0.1 to localhost so it triggers a 284c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // cross-site navigation so we can test http://crbug.com/5800 is gone. 285c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_EQ("127.0.0.1", cross_site_url.host()); 286c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch GURL::Replacements replacements; 287c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch std::string new_host("localhost"); 288c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch replacements.SetHostStr(new_host); 289c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch cross_site_url = cross_site_url.ReplaceComponents(replacements); 290c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 291c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now go to a bad HTTPS page. 292c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), cross_site_url); 293c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 294c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // An interstitial should be showing. 295c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID, 296c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false, true); 297c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 298c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Simulate user clicking "Take me back". 299c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch InterstitialPage* interstitial_page = tab->interstitial_page(); 300c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(interstitial_page); 301c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch interstitial_page->DontProceed(); 302c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 303c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should be back to the original good page. 304c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 305c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 306c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Try to navigate to a new page. (to make sure bug 5800 is fixed). 307c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 3083345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick test_server()->GetURL("files/ssl/google.html")); 309c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 310c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 311c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 312c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with https error and then goes back using Browser::GoBack. 313c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPSExpiredCertAndGoBackViaButton) { 3143345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 3153345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 316c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 317c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // First navigate to an HTTP page. 318c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 3193345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick test_server()->GetURL("files/ssl/google.html")); 320c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 321c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry = tab->controller().GetActiveEntry(); 322c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry); 323c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 324c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now go to a bad HTTPS page that shows an interstitial. 325c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 3263345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/google.html")); 327c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 328c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing 329c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 330c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Simulate user clicking on back button (crbug.com/39248). 331c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch browser()->GoBack(CURRENT_TAB); 332c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 333c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should be back at the original good page. 334c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(browser()->GetSelectedTabContents()->interstitial_page()); 335c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 336c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 337c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 338c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with https error and then goes back using GoToOffset. 339c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 340c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestHTTPSExpiredCertAndGoBackViaMenu) { 3413345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 3423345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 343c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 344c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // First navigate to an HTTP page. 345c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 3463345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick test_server()->GetURL("files/ssl/google.html")); 347c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 348c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry = tab->controller().GetActiveEntry(); 349c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry); 350c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 351c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now go to a bad HTTPS page that shows an interstitial. 352c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 3533345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/google.html")); 354c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 355c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing 356c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 357c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Simulate user clicking and holding on back button (crbug.com/37215). 358c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->controller().GoToOffset(-1); 359c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 360c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should be back at the original good page. 361c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(browser()->GetSelectedTabContents()->interstitial_page()); 362c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 363c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 364c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 365c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with https error and then goes forward using GoToOffset. 366c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 367c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestHTTPSExpiredCertAndGoForward) { 3683345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 3693345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 370c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 371c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // First navigate to two HTTP pages. 372c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 3733345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick test_server()->GetURL("files/ssl/google.html")); 374c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 375c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry1 = tab->controller().GetActiveEntry(); 376c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry1); 377c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 3783345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick test_server()->GetURL("files/ssl/blank_page.html")); 379c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry2 = tab->controller().GetActiveEntry(); 380c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry2); 381c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 382c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now go back so that a page is in the forward history. 383c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->controller().GoBack(); 384c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&(tab->controller())); 385c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(tab->controller().CanGoForward()); 386c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry3 = tab->controller().GetActiveEntry(); 387c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_TRUE(entry1 == entry3); 388c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 389c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now go to a bad HTTPS page that shows an interstitial. 390c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 3913345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/google.html")); 392c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 393c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing 394c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 395c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Simulate user clicking and holding on forward button. 396c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->controller().GoToOffset(1); 397c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&(tab->controller())); 398c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 399c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should be showing the second good page. 400c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(browser()->GetSelectedTabContents()->interstitial_page()); 401c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 402c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(tab->controller().CanGoForward()); 403c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NavigationEntry* entry4 = tab->controller().GetActiveEntry(); 404c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(entry2 == entry4); 405c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 406c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 407c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Open a page with a HTTPS error in a tab with no prior navigation (through a 408c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// link with a blank target). This is to test that the lack of navigation entry 409c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// does not cause any problems (it was causing a crasher, see 410c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// http://crbug.com/19941). 411c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPSErrorWithNoNavEntry) { 4123345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 413c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 4143345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL url = https_server_expired_.GetURL("files/ssl/google.htm"); 415201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch TabContentsWrapper* tab2 = 416731df977c0511bca2206b5f333555b1205ff1f43Iain Merrick browser()->AddSelectedTabWithURL(url, PageTransition::TYPED); 417ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen ui_test_utils::WaitForLoadStop(tab2->tab_contents()); 418c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 4193345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // Verify our assumption that there was no prior navigation. 4203345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick EXPECT_FALSE(browser()->command_updater()->IsCommandEnabled(IDC_BACK)); 421c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 422c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should have an interstitial page showing. 423201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch ASSERT_TRUE(tab2->tab_contents()->interstitial_page()); 424c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 425c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 426c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 427c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Insecure content 428c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 429c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 430c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page that displays insecure content. 431c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInsecureContent) { 4323345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 4333345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 434c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 4354a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 4364a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 437513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_displays_insecure_content.html", 4384a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch test_server()->host_port_pair(), 4394a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 440513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 441c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Load a page that displays insecure content. 442513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch ui_test_utils::NavigateToURL(browser(), 443513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch https_server_.GetURL(replacement_path)); 444c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 445c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(browser()->GetSelectedTabContents(), true); 446c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 447c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 448c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page that runs insecure content and tries to suppress the insecure 449c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// content warnings by randomizing location.hash. 450c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Based on http://crbug.com/8706 451201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsInsecuredContentRandomizeHash) { 4523345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 4533345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 454c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 4553345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( 456c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch "files/ssl/page_runs_insecure_content.html")); 457c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 458c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(browser()->GetSelectedTabContents(), 0, true, 459c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false); 460c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 461c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 462c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with unsafe content and make sure that: 463c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// - frames content is replaced with warning 464c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// - images and scripts are filtered out entirely 465c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 466c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestUnsafeContents) { 4673345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 4683345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 469c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 4704a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 4714a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 472513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_with_unsafe_contents.html", 4734a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_expired_.host_port_pair(), 4744a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 475513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch ui_test_utils::NavigateToURL(browser(), 476513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch https_server_.GetURL(replacement_path)); 477c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 478c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 479c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // When the bad content is filtered, the state is expected to be 480c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // authenticated. 481c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 482c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 483c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Because of cross-frame scripting restrictions, we cannot access the iframe 484c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // content. So to know if the frame was loaded, we just check if a popup was 485c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // opened (the iframe content opens one). 486c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Note: because of bug 1115868, no constrained window is opened right now. 487c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Once the bug is fixed, this will do the real check. 488c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_EQ(0, static_cast<int>(tab->constrained_window_count())); 489c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 490c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int img_width; 491c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractInt( 492c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 493c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(ImageWidth());", &img_width)); 494c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // In order to check that the image was not loaded, we check its width. 495c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The actual image (Google logo) is 114 pixels wide, we assume the broken 496c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // image is less than 100. 497c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_LT(img_width, 100); 498c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 499c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool js_result = false; 500c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 501c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 502c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(IsFooSet());", &js_result)); 503c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(js_result); 504c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 505c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 506c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with insecure content loaded by JS (after the initial page 507c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// load). 508c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInsecureContentLoadedFromJS) { 5093345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 5103345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 511c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 5124a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 5134a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 514513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_with_dynamic_insecure_content.html", 5154a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch test_server()->host_port_pair(), 5164a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 5173345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( 518513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch replacement_path)); 519c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 520c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 521c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 522c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 523c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Load the insecure image. 524c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool js_result = false; 525c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 526c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), L"loadBadImage();", &js_result)); 527c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(js_result); 528c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 529c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should now have insecure content. 530c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, true); 531c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 532c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 533c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits two pages from the same origin: one that displays insecure content and 534c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// one that doesn't. The test checks that we do not propagate the insecure 535c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// content state from one to the other. 536c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInsecureContentTwoTabs) { 5373345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 5383345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 539c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 540c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 5413345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_.GetURL("files/ssl/blank_page.html")); 542c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 543201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch TabContentsWrapper* tab1 = browser()->GetSelectedTabContentsWrapper(); 544c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 545c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // This tab should be fine. 546201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch CheckAuthenticatedState(tab1->tab_contents(), false); 547c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 548c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Create a new tab. 5494a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 5504a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 551513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_displays_insecure_content.html", 5524a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch test_server()->host_port_pair(), 5534a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 554513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 555513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch GURL url = https_server_.GetURL(replacement_path); 556513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch browser::NavigateParams params(browser(), url, PageTransition::TYPED); 557513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch params.disposition = NEW_FOREGROUND_TAB; 558513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch params.tabstrip_index = 0; 559513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch params.source_contents = tab1; 560513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch browser::Navigate(¶ms); 561201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch TabContentsWrapper* tab2 = params.target_contents; 562c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&(tab2->controller())); 563c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 564c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The new tab has insecure content. 565201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch CheckAuthenticatedState(tab2->tab_contents(), true); 566c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 567c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The original tab should not be contaminated. 568201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch CheckAuthenticatedState(tab1->tab_contents(), false); 569c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 570c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 571c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits two pages from the same origin: one that runs insecure content and one 572c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// that doesn't. The test checks that we propagate the insecure content state 573c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// from one to the other. 574c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsInsecureContentTwoTabs) { 5753345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 5763345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 577c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 578c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 5793345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_.GetURL("files/ssl/blank_page.html")); 580c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 581201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch TabContentsWrapper* tab1 = browser()->GetSelectedTabContentsWrapper(); 582c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 583c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // This tab should be fine. 584201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch CheckAuthenticatedState(tab1->tab_contents(), false); 585c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 5864a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 5874a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 588513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_runs_insecure_content.html", 5894a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch test_server()->host_port_pair(), 5904a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 591513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 592c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Create a new tab. 593513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch GURL url = https_server_.GetURL(replacement_path); 594513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch browser::NavigateParams params(browser(), url, PageTransition::TYPED); 595513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch params.disposition = NEW_FOREGROUND_TAB; 596513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch params.source_contents = tab1; 597513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch browser::Navigate(¶ms); 598201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch TabContentsWrapper* tab2 = params.target_contents; 599c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&(tab2->controller())); 600c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 601c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The new tab has insecure content. 602201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch CheckAuthenticationBrokenState(tab2->tab_contents(), 0, true, false); 603c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 604c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Which means the origin for the first tab has also been contaminated with 605c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // insecure content. 606201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch CheckAuthenticationBrokenState(tab1->tab_contents(), 0, true, false); 607c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 608c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 609c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with an image over http. Visits another page over https 610c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// referencing that same image over http (hoping it is coming from the webcore 611c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// memory cache). 612c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysCachedInsecureContent) { 6133345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 6143345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 615c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 6164a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 6174a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 618513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_displays_insecure_content.html", 6194a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch test_server()->host_port_pair(), 6204a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 621513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 622513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch // Load original page over HTTP. 623513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch const GURL url_http = test_server()->GetURL(replacement_path); 624513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch ui_test_utils::NavigateToURL(browser(), url_http); 625c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 626c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 627c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 628c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Load again but over SSL. It should be marked as displaying insecure 629c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // content (even though the image comes from the WebCore memory cache). 630513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch const GURL url_https = https_server_.GetURL(replacement_path); 631513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch ui_test_utils::NavigateToURL(browser(), url_https); 632c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, true); 633c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 634c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 635c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page with script over http. Visits another page over https 636c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// referencing that same script over http (hoping it is coming from the webcore 637c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// memory cache). 638c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsCachedInsecureContent) { 6393345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 6403345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 641c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 6424a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 6434a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 644513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_runs_insecure_content.html", 6454a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch test_server()->host_port_pair(), 6464a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 647513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 648513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch // Load original page over HTTP. 649513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch const GURL url_http = test_server()->GetURL(replacement_path); 650513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch ui_test_utils::NavigateToURL(browser(), url_http); 651c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 652c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 653c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 654c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Load again but over SSL. It should be marked as displaying insecure 655c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // content (even though the image comes from the WebCore memory cache). 656513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch const GURL url_https = https_server_.GetURL(replacement_path); 657513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch ui_test_utils::NavigateToURL(browser(), url_https); 658c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, 0, true, false); 659c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 660c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 661c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// This test ensures the CN invalid status does not 'stick' to a certificate 662c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// (see bug #1044942) and that it depends on the host-name. 66372a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen// Disabled, see http://crbug.com/68448 and http://crbug.com/49377. 66472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian MonsenIN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCNInvalidStickiness) { 6653345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 6663345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_mismatched_.Start()); 667c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 668c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // First we hit the server with hostname, this generates an invalid policy 669c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // error. 670c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 6713345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_mismatched_.GetURL("files/ssl/google.html")); 672c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 673c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We get an interstitial page as a result. 674c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 675c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID, 676c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false, true); // Interstitial showing. 677c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ProceedThroughInterstitial(tab); 678c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID, 679c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false, false); // No interstitial showing. 680c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 681c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now we try again with the right host name this time. 6823345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL url(https_server_.GetURL("files/ssl/google.html")); 6833345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ui_test_utils::NavigateToURL(browser(), url); 684c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 685c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Security state should be OK. 686c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 687c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 688c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now try again the broken one to make sure it is still broken. 689c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 6903345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_mismatched_.GetURL("files/ssl/google.html")); 691c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 692c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Since we OKed the interstitial last time, we get right to the page. 693c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID, 694c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false, false); // No interstitial showing. 695c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 696c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 697c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Test that navigating to a #ref does not change a bad security state. 698c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestRefNavigation) { 6993345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 700c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 701c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 7023345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/page_with_refs.html")); 703c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 704c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 705c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 706c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing. 707c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 708c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ProceedThroughInterstitial(tab); 709c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 710c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 711c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false); // No interstitial showing. 712c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 713c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now navigate to a ref in the page, the security state should not have 714c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // changed. 715c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 7163345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/page_with_refs.html#jp")); 717c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 718c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 719c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false); // No interstitial showing. 720c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 721c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 722c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Tests that closing a page that has a unsafe pop-up does not crash the 723c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// browser (bug #1966). 724c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// TODO(jcampan): http://crbug.com/2136 disabled because the popup is not 725c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// opened as it is not initiated by a user gesture. 726c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCloseTabWithUnsafePopup) { 7273345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 7283345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 729c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 7304a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string replacement_path; 7314a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 732513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch "files/ssl/page_with_unsafe_popup.html", 7334a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_expired_.host_port_pair(), 7344a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &replacement_path)); 735513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 736c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 737513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch test_server()->GetURL(replacement_path)); 738c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 739c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab1 = browser()->GetSelectedTabContents(); 740c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // It is probably overkill to add a notification for a popup-opening, let's 741c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // just poll. 742c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch for (int i = 0; i < 10; i++) { 743c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (static_cast<int>(tab1->constrained_window_count()) > 0) 744c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 745c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch MessageLoop::current()->PostDelayedTask(FROM_HERE, 746c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch new MessageLoop::QuitTask(), 1000); 747c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::RunMessageLoop(); 748c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 749c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ASSERT_EQ(1, static_cast<int>(tab1->constrained_window_count())); 750c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 751c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Let's add another tab to make sure the browser does not exit when we close 752c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // the first tab. 7533345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL url = test_server()->GetURL("files/ssl/google.html"); 754201ade2fbba22bfb27ae029f4d23fca6ded109a0Ben Murdoch TabContentsWrapper* tab2 = 755513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch browser()->AddSelectedTabWithURL(url, PageTransition::TYPED); 756c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&(tab2->controller())); 757c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 758c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Close the first tab. 759c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch browser()->CloseTabContents(tab1); 760c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 761c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 762c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visit a page over bad https that is a redirect to a page with good https. 763ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen// Crashes: http://crbug.com/77374 764ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen// Previously marked as flaky: http://crbug.com/40932 765ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian MonsenIN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestRedirectBadToGoodHTTPS) { 7663345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 7673345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 768c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 7693345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL url1 = https_server_expired_.GetURL("server-redirect?"); 7703345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL url2 = https_server_.GetURL("files/ssl/google.html"); 771c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 772c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), GURL(url1.spec() + url2.spec())); 773c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 774c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 775c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 776c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 777c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing. 778c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 779c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ProceedThroughInterstitial(tab); 780c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 781c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We have been redirected to the good page. 782c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 783c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 784c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 785c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visit a page over good https that is a redirect to a page with bad https. 786c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 787c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestRedirectGoodToBadHTTPS) { 7883345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 7893345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 790c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 7913345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL url1 = https_server_.GetURL("server-redirect?"); 7923345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL url2 = https_server_expired_.GetURL("files/ssl/google.html"); 793c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), GURL(url1.spec() + url2.spec())); 794c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 795c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 796c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 797c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing. 798c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 799c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ProceedThroughInterstitial(tab); 800c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 801c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 802c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false); // No interstitial showing. 803c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 804c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 805c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visit a page over http that is a redirect to a page with good HTTPS. 80672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen// Disabled, http://crbug.com/70216. 80772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian MonsenIN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestRedirectHTTPToGoodHTTPS) { 8083345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 8093345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 810c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 811c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 812c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 813c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // HTTP redirects to good HTTPS. 8143345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL http_url = test_server()->GetURL("server-redirect?"); 815c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch GURL good_https_url = 8163345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_.GetURL("files/ssl/google.html"); 817c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 818c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 819c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch GURL(http_url.spec() + good_https_url.spec())); 820c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 821c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 822c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 823c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visit a page over http that is a redirect to a page with bad HTTPS. 824c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestRedirectHTTPToBadHTTPS) { 8253345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 8263345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 827c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 828c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 829c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 8303345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL http_url = test_server()->GetURL("server-redirect?"); 831c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch GURL bad_https_url = 8323345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/google.html"); 833c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 834c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch GURL(http_url.spec() + bad_https_url.spec())); 835c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 836c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing. 837c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 838c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ProceedThroughInterstitial(tab); 839c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 840c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 841c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false); // No interstitial showing. 842c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 843c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 844c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visit a page over https that is a redirect to a page with http (to make sure 845c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// we don't keep the secure state). 846c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 847c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestRedirectHTTPSToHTTP) { 8483345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 8493345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 850c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 8513345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL https_url = https_server_.GetURL("server-redirect?"); 8523345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick GURL http_url = test_server()->GetURL("files/ssl/google.html"); 853c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 854c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 855c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch GURL(https_url.spec() + http_url.spec())); 856c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(browser()->GetSelectedTabContents()); 857c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 858c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 859c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visits a page to which we could not connect (bad port) over http and https 860c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// and make sure the security style is correct. 861c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestConnectToBadPort) { 862c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), GURL("http://localhost:17")); 863c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(browser()->GetSelectedTabContents()); 864c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 865c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Same thing over HTTPS. 866c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), GURL("https://localhost:17")); 867c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(browser()->GetSelectedTabContents()); 868c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 869c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 870c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 871c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Frame navigation 872c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// 873c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 874c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// From a good HTTPS top frame: 875c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// - navigate to an OK HTTPS frame 876c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// - navigate to a bad HTTPS (expect unsafe content and filtered frame), then 877c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// back 878c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// - navigate to HTTP (expect insecure content), then back 879c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Disabled, http://crbug.com/18626. 880c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestGoodFrameNavigation) { 8813345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 8823345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 8833345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 884c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 8854a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string top_frame_path; 8864a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetTopFramePath(*test_server(), 8874a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_, 8884a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_expired_, 8894a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &top_frame_path)); 8904a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch 891c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 892c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 8934a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_.GetURL(top_frame_path)); 894c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 895c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 896c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 897c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool success = false; 898c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now navigate inside the frame. 899c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 900c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 901c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(clickLink('goodHTTPSLink'));", 902c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &success)); 903c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(success); 904c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&tab->controller()); 905c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 906c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should still be fine. 907c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 908c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 909c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now let's hit a bad page. 910c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 911c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 912c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(clickLink('badHTTPSLink'));", 913c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &success)); 914c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(success); 915c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&tab->controller()); 916c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 917c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The security style should still be secure. 918c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 919c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 920c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // And the frame should be blocked. 921c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool is_content_evil = true; 922c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch std::wstring content_frame_xpath(L"html/frameset/frame[2]"); 923c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch std::wstring is_evil_js(L"window.domAutomationController.send(" 924c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"document.getElementById('evilDiv') != null);"); 925c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 926c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), content_frame_xpath, is_evil_js, 927c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &is_content_evil)); 928c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(is_content_evil); 929c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 930c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now go back, our state should still be OK. 931c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->controller().GoBack(); 932c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&tab->controller()); 933c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 934c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 935c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Navigate to a page served over HTTP. 936c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 937c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 938c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(clickLink('HTTPLink'));", 939c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &success)); 940c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(success); 941c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&tab->controller()); 942c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 943c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Our state should be insecure. 944c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, true); 945c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 946c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Go back, our state should be unchanged. 947c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->controller().GoBack(); 948c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&tab->controller()); 949c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, true); 950c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 951c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 952c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// From a bad HTTPS top frame: 953c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// - navigate to an OK HTTPS frame (expected to be still authentication broken). 954c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 955c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestBadFrameNavigation) { 9563345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 9573345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 958c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 9594a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string top_frame_path; 9604a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetTopFramePath(*test_server(), 9614a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_, 9624a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_expired_, 9634a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &top_frame_path)); 9644a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch 965c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 966c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 9674a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_expired_.GetURL(top_frame_path)); 968c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 969c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing 970c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 971c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ProceedThroughInterstitial(tab); 972c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 973c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Navigate to a good frame. 974c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool success = false; 975c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 976c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 977c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(clickLink('goodHTTPSLink'));", 978c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &success)); 979c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(success); 980c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&tab->controller()); 981c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 982c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should still be authentication broken. 983c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 984c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false); 985c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 986c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 987c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// From an HTTP top frame, navigate to good and bad HTTPS (security state should 988c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// stay unauthenticated). 989513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch#if defined(OS_WIN) || defined(OS_CHROMEOS) || defined(OS_LINUX) 990c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Disabled, flakily exceeds test timeout, http://crbug.com/43437. 991c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#define MAYBE_TestUnauthenticatedFrameNavigation \ 992c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DISABLED_TestUnauthenticatedFrameNavigation 993c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#else 994c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 995c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#define MAYBE_TestUnauthenticatedFrameNavigation \ 996c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch FLAKY_TestUnauthenticatedFrameNavigation 997c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#endif 998c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestUnauthenticatedFrameNavigation) { 9993345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(test_server()->Start()); 10003345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 10013345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 1002c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 10034a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch std::string top_frame_path; 10044a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch ASSERT_TRUE(GetTopFramePath(*test_server(), 10054a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_, 10064a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch https_server_expired_, 10074a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch &top_frame_path)); 10084a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch 1009c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 1010c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 10114a5e2dc747d50c653511c68ccb2cfbfb740bd5a7Ben Murdoch test_server()->GetURL(top_frame_path)); 1012c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 1013c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1014c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now navigate inside the frame to a secure HTTPS frame. 1015c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool success = false; 1016c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 1017c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 1018c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(clickLink('goodHTTPSLink'));", 1019c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &success)); 1020c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(success); 1021c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&tab->controller()); 1022c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1023c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We should still be unauthenticated. 1024c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 1025c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1026c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Now navigate to a bad HTTPS frame. 1027c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 1028c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), std::wstring(), 1029c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"window.domAutomationController.send(clickLink('badHTTPSLink'));", 1030c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &success)); 1031c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(success); 1032c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::WaitForNavigation(&tab->controller()); 1033c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1034c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // State should not have changed. 1035c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckUnauthenticatedState(tab); 1036c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1037c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // And the frame should have been blocked (see bug #2316). 1038c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch bool is_content_evil = true; 1039c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch std::wstring content_frame_xpath(L"html/frameset/frame[2]"); 1040c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch std::wstring is_evil_js(L"window.domAutomationController.send(" 1041c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch L"document.getElementById('evilDiv') != null);"); 1042c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_TRUE(ui_test_utils::ExecuteJavaScriptAndExtractBool( 1043c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch tab->render_view_host(), content_frame_xpath, is_evil_js, 1044c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch &is_content_evil)); 1045c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch EXPECT_FALSE(is_content_evil); 1046c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 1047c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1048c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 1049c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestUnsafeContentsInWorkerFiltered) { 10503345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 10513345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 1052c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1053c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // This page will spawn a Worker which will try to load content from 1054c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // BadCertServer. 105521d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen std::string page_with_unsafe_worker_path; 105621d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen ASSERT_TRUE(GetPageWithUnsafeWorkerPath(https_server_expired_, 105721d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen &page_with_unsafe_worker_path)); 10583345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( 105921d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen page_with_unsafe_worker_path)); 1060c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 1061c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Expect Worker not to load insecure content. 1062c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckWorkerLoadResult(tab, false); 1063c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The bad content is filtered, expect the state to be authenticated. 1064c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticatedState(tab, false); 1065c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 1066c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1067c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Marked as flaky, see bug 40932. 1068c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestUnsafeContentsInWorker) { 10693345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_.Start()); 10703345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ASSERT_TRUE(https_server_expired_.Start()); 1071c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1072c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Navigate to an unsafe site. Proceed with interstitial page to indicate 1073c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // the user approves the bad certificate. 1074c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ui_test_utils::NavigateToURL(browser(), 10753345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick https_server_expired_.GetURL("files/ssl/blank_page.html")); 1076c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch TabContents* tab = browser()->GetSelectedTabContents(); 1077c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 1078c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch true); // Interstitial showing 1079c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch ProceedThroughInterstitial(tab); 1080c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID, false, 1081c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch false); // No Interstitial 1082c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1083c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Navigate to safe page that has Worker loading unsafe content. 1084c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Expect content to load but be marked as auth broken due to running insecure 1085c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // content. 108621d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen std::string page_with_unsafe_worker_path; 108721d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen ASSERT_TRUE(GetPageWithUnsafeWorkerPath(https_server_expired_, 108821d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen &page_with_unsafe_worker_path)); 10893345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( 109021d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen page_with_unsafe_worker_path)); 1091c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckWorkerLoadResult(tab, true); // Worker loads insecure content 1092c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CheckAuthenticationBrokenState(tab, 0, true, false); 1093c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 1094c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1095c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// TODO(jcampan): more tests to do below. 1096c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1097c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Visit a page over https that contains a frame with a redirect. 1098c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1099c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// XMLHttpRequest insecure content in synchronous mode. 1100c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1101c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// XMLHttpRequest insecure content in asynchronous mode. 1102c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1103c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// XMLHttpRequest over bad ssl in synchronous mode. 1104c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 1105c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// XMLHttpRequest over OK ssl in synchronous mode. 1106