15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "base/bind.h" 65f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "base/bind_helpers.h" 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/command_line.h" 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/path_service.h" 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/prefs/pref_service.h" 10868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/string_util.h" 11868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/stringprintf.h" 12868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/utf_string_conversions.h" 13eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "base/time/time.h" 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/app/chrome_command_ids.h" 157dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch#include "chrome/browser/chrome_notification_types.h" 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/content_settings/host_content_settings_map.h" 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/profiles/profile.h" 18f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "chrome/browser/ssl/ssl_blocking_page.h" 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/ui/browser.h" 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/ui/browser_commands.h" 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/ui/browser_navigator.h" 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/ui/browser_tabstrip.h" 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/browser/ui/tabs/tab_strip_model.h" 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/common/chrome_paths.h" 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/common/chrome_switches.h" 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/common/pref_names.h" 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/test/base/in_process_browser_test.h" 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/test/base/ui_test_utils.h" 2990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)#include "components/web_modal/web_contents_modal_dialog_manager.h" 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/browser_context.h" 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/interstitial_page.h" 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/navigation_controller.h" 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/navigation_entry.h" 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/notification_service.h" 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/render_view_host.h" 36f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "content/public/browser/render_widget_host_view.h" 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/web_contents.h" 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/browser/web_contents_observer.h" 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/common/security_style.h" 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/common/ssl_status.h" 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/test/browser_test_utils.h" 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/test/download_test_observer.h" 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "content/public/test/test_renderer_host.h" 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/net_errors.h" 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/test_data_directory.h" 46c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/cert/cert_status_flags.h" 47b2df76ea8fec9e32f6f3718986dba0d95315b29cTorne (Richard Coles)#include "net/test/spawned_test_server/spawned_test_server.h" 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(USE_NSS) 505f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "chrome/browser/net/nss_context.h" 515f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "net/base/crypto_module.h" 52c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/cert/nss_cert_database.h" 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // defined(USE_NSS) 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 555d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)using base::ASCIIToUTF16; 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using content::InterstitialPage; 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using content::NavigationController; 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using content::NavigationEntry; 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using content::SSLStatus; 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)using content::WebContents; 6190dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles)using web_modal::WebContentsModalDialogManager; 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)const base::FilePath::CharType kDocRoot[] = 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) FILE_PATH_LITERAL("chrome/test/data"); 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace { 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class ProvisionalLoadWaiter : public content::WebContentsObserver { 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) explicit ProvisionalLoadWaiter(WebContents* tab) 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) : WebContentsObserver(tab), waiting_(false), seen_(false) {} 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void Wait() { 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (seen_) 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return; 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) waiting_ = true; 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::RunMessageLoop(); 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void DidFailProvisionalLoad( 82116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch content::RenderFrameHost* render_frame_host, 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL& validated_url, 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int error_code, 85116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch const base::string16& error_description) OVERRIDE { 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) seen_ = true; 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) if (waiting_) 8890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) base::MessageLoopForUI::current()->Quit(); 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool waiting_; 935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool seen_; 945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 96effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochnamespace AuthState { 97effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 98effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochenum AuthStateFlags { 99effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch NONE = 0, 100effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch DISPLAYED_INSECURE_CONTENT = 1 << 0, 101effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch RAN_INSECURE_CONTENT = 1 << 1, 1021320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci SHOWING_INTERSTITIAL = 1 << 2, 1031320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci SHOWING_ERROR = 1 << 3 104effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch}; 105effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 106effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochvoid Check(const NavigationEntry& entry, int expected_authentication_state) { 1071320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci if (expected_authentication_state == AuthState::SHOWING_ERROR) { 1081320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ(content::PAGE_TYPE_ERROR, entry.GetPageType()); 1091320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci } else { 1101320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_EQ( 1111320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci !!(expected_authentication_state & AuthState::SHOWING_INTERSTITIAL) 1121320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci ? content::PAGE_TYPE_INTERSTITIAL 1131320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci : content::PAGE_TYPE_NORMAL, 1141320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci entry.GetPageType()); 1151320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci } 116effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 117effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch bool displayed_insecure_content = 118effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch !!(entry.GetSSL().content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT); 119effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch EXPECT_EQ( 120effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch !!(expected_authentication_state & AuthState::DISPLAYED_INSECURE_CONTENT), 121effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch displayed_insecure_content); 122effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 123effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch bool ran_insecure_content = 124effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch !!(entry.GetSSL().content_status & SSLStatus::RAN_INSECURE_CONTENT); 125effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch EXPECT_EQ(!!(expected_authentication_state & AuthState::RAN_INSECURE_CONTENT), 126effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch ran_insecure_content); 127effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch} 128effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 129effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch} // namespace AuthState 130effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 131effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochnamespace SecurityStyle { 132effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 133effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochvoid Check(const NavigationEntry& entry, 134effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch content::SecurityStyle expected_security_style) { 135effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch EXPECT_EQ(expected_security_style, entry.GetSSL().security_style); 136effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch} 137effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 138effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch} // namespace SecurityStyle 139effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 140effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochnamespace CertError { 141effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 142effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochenum CertErrorFlags { 143effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch NONE = 0 144effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch}; 145effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 146effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochvoid Check(const NavigationEntry& entry, net::CertStatus error) { 147effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch if (error) { 148effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch EXPECT_EQ(error, entry.GetSSL().cert_status & error); 149effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch net::CertStatus extra_cert_errors = 150effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch error ^ (entry.GetSSL().cert_status & net::CERT_STATUS_ALL_ERRORS); 151effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch if (extra_cert_errors) 152effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch LOG(WARNING) << "Got unexpected cert error: " << extra_cert_errors; 153effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch } else { 154effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch EXPECT_EQ(0U, entry.GetSSL().cert_status & net::CERT_STATUS_ALL_ERRORS); 155effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch } 156effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch} 157effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 158effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch} // namespace CertError 159effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 160effb81e5f8246d0db0270817048dc992db66e9fbBen Murdochvoid CheckSecurityState(WebContents* tab, 161effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch net::CertStatus error, 162effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch content::SecurityStyle expected_security_style, 163effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch int expected_authentication_state) { 164effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch ASSERT_FALSE(tab->IsCrashed()); 165effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch NavigationEntry* entry = tab->GetController().GetActiveEntry(); 166effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch ASSERT_TRUE(entry); 167effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CertError::Check(*entry, error); 168effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch SecurityStyle::Check(*entry, expected_security_style); 169effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::Check(*entry, expected_authentication_state); 170effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch} 171effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 1725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace 1735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class SSLUITest : public InProcessBrowserTest { 1755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 1765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLUITest() 177c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) : https_server_(net::SpawnedTestServer::TYPE_HTTPS, 1785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLOptions(SSLOptions::CERT_OK), 1792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::FilePath(kDocRoot)), 180c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) https_server_expired_(net::SpawnedTestServer::TYPE_HTTPS, 1815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLOptions(SSLOptions::CERT_EXPIRED), 1822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::FilePath(kDocRoot)), 183c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) https_server_mismatched_(net::SpawnedTestServer::TYPE_HTTPS, 1845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLOptions(SSLOptions::CERT_MISMATCHED_NAME), 1852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::FilePath(kDocRoot)), 186c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) wss_server_expired_(net::SpawnedTestServer::TYPE_WSS, 1875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLOptions(SSLOptions::CERT_EXPIRED), 1885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::GetWebSocketTestDataDirectory()) {} 1895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { 1915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Browser will both run and display insecure content. 1925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) command_line->AppendSwitch(switches::kAllowRunningInsecureContent); 1935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Use process-per-site so that navigating to a same-site page in a 1945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // new tab will use the same process. 1955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) command_line->AppendSwitch(switches::kProcessPerSite); 1965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 198868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) void CheckAuthenticatedState(WebContents* tab, 199effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch int expected_authentication_state) { 200effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckSecurityState(tab, 201effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CertError::NONE, 202effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch content::SECURITY_STYLE_AUTHENTICATED, 203effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch expected_authentication_state); 2045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2061320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci void CheckUnauthenticatedState(WebContents* tab, 2071320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci int expected_authentication_state) { 208effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckSecurityState(tab, 209effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CertError::NONE, 210effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch content::SECURITY_STYLE_UNAUTHENTICATED, 2111320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci expected_authentication_state); 2125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void CheckAuthenticationBrokenState(WebContents* tab, 2155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::CertStatus error, 216effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch int expected_authentication_state) { 217effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckSecurityState(tab, 218effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch error, 219effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch content::SECURITY_STYLE_AUTHENTICATION_BROKEN, 220effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch expected_authentication_state); 2215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // CERT_STATUS_UNABLE_TO_CHECK_REVOCATION doesn't lower the security style 2225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // to SECURITY_STYLE_AUTHENTICATION_BROKEN. 2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_NE(net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, error); 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 226868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) void CheckWorkerLoadResult(WebContents* tab, bool expected_load) { 2275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Workers are async and we don't have notifications for them passing 2285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // messages since they do it between renderer and worker processes. 2295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // So have a polling loop, check every 200ms, timeout at 30s. 230868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) const int kTimeoutMS = 200; 231868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) base::Time time_to_quit = base::Time::Now() + 2325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) base::TimeDelta::FromMilliseconds(30000); 2335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 234868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) while (base::Time::Now() < time_to_quit) { 235868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) bool worker_finished = false; 2362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_TRUE(content::ExecuteScriptAndExtractBool( 2372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 2382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(IsWorkerFinished());", 239868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) &worker_finished)); 2405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 241868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) if (worker_finished) 2425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 2435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Wait a bit. 24590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) base::MessageLoop::current()->PostDelayedTask( 2465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) FROM_HERE, 24790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) base::MessageLoop::QuitClosure(), 248868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) base::TimeDelta::FromMilliseconds(kTimeoutMS)); 2495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::RunMessageLoop(); 2505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 252868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) bool actually_loaded_content = false; 2532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_TRUE(content::ExecuteScriptAndExtractBool( 2542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 2552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(IsContentLoaded());", 256868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) &actually_loaded_content)); 257868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) EXPECT_EQ(expected_load, actually_loaded_content); 2585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void ProceedThroughInterstitial(WebContents* tab) { 2615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) InterstitialPage* interstitial_page = tab->GetInterstitialPage(); 2625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(interstitial_page); 2635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 2645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 2655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 2665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) interstitial_page->Proceed(); 2675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 2685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool IsShowingWebContentsModalDialog() const { 2712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return WebContentsModalDialogManager::FromWebContents( 2722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) browser()->tab_strip_model()->GetActiveWebContents())-> 27358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) IsDialogActive(); 2745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static bool GetFilePathWithHostAndPortReplacement( 2775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const std::string& original_file_path, 2785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const net::HostPortPair& host_port_pair, 2795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string* replacement_path) { 280c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) std::vector<net::SpawnedTestServer::StringPair> replacement_text; 2815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text.push_back( 2825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString())); 283c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return net::SpawnedTestServer::GetFilePathWithReplacements( 2845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) original_file_path, replacement_text, replacement_path); 2855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 2865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 287c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) static bool GetTopFramePath(const net::SpawnedTestServer& http_server, 288c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const net::SpawnedTestServer& good_https_server, 289c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const net::SpawnedTestServer& bad_https_server, 2905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string* top_frame_path) { 2915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The "frame_left.html" page contained in the top_frame.html page contains 2925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // <a href>'s to three different servers. This sets up all of the 2935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // replacement text to work with test servers which listen on ephemeral 2945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ports. 2955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL http_url = http_server.GetURL("files/ssl/google.html"); 2965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL good_https_url = good_https_server.GetURL("files/ssl/google.html"); 2975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL bad_https_url = bad_https_server.GetURL( 2985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/bad_iframe.html"); 2995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 300c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) std::vector<net::SpawnedTestServer::StringPair> replacement_text_frame_left; 3015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_frame_left.push_back( 3025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) make_pair("REPLACE_WITH_HTTP_PAGE", http_url.spec())); 3035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_frame_left.push_back( 3045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) make_pair("REPLACE_WITH_GOOD_HTTPS_PAGE", good_https_url.spec())); 3055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_frame_left.push_back( 3065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) make_pair("REPLACE_WITH_BAD_HTTPS_PAGE", bad_https_url.spec())); 3075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string frame_left_path; 308c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (!net::SpawnedTestServer::GetFilePathWithReplacements( 3095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "frame_left.html", 3105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_frame_left, 3115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &frame_left_path)) 3125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return false; 3135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Substitute the generated frame_left URL into the top_frame page. 315c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) std::vector<net::SpawnedTestServer::StringPair> replacement_text_top_frame; 3165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_top_frame.push_back( 3175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) make_pair("REPLACE_WITH_FRAME_LEFT_PATH", frame_left_path)); 318c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return net::SpawnedTestServer::GetFilePathWithReplacements( 3195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/top_frame.html", 3205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_top_frame, 3215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) top_frame_path); 3225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 3235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) static bool GetPageWithUnsafeWorkerPath( 325c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const net::SpawnedTestServer& expired_https_server, 3265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string* page_with_unsafe_worker_path) { 3275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Get the "imported.js" URL from the expired https server and 3285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // substitute it into the unsafe_worker.js file. 3295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL imported_js_url = expired_https_server.GetURL("files/ssl/imported.js"); 330c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) std::vector<net::SpawnedTestServer::StringPair> 331c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) replacement_text_for_unsafe_worker; 3325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_for_unsafe_worker.push_back( 3335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) make_pair("REPLACE_WITH_IMPORTED_JS_URL", imported_js_url.spec())); 3345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string unsafe_worker_path; 335c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (!net::SpawnedTestServer::GetFilePathWithReplacements( 3365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "unsafe_worker.js", 3375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_for_unsafe_worker, 3385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &unsafe_worker_path)) 3395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) return false; 3405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now, substitute this into the page with unsafe worker. 342c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) std::vector<net::SpawnedTestServer::StringPair> 3435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_for_page_with_unsafe_worker; 3445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_for_page_with_unsafe_worker.push_back( 3455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) make_pair("REPLACE_WITH_UNSAFE_WORKER_PATH", unsafe_worker_path)); 346c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return net::SpawnedTestServer::GetFilePathWithReplacements( 3475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_with_unsafe_worker.html", 3485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_text_for_page_with_unsafe_worker, 3495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) page_with_unsafe_worker_path); 3505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 3515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 352c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) net::SpawnedTestServer https_server_; 353c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) net::SpawnedTestServer https_server_expired_; 354c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) net::SpawnedTestServer https_server_mismatched_; 355c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) net::SpawnedTestServer wss_server_expired_; 3565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) private: 358c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) typedef net::SpawnedTestServer::SSLOptions SSLOptions; 3595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(SSLUITest); 3615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 3625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class SSLUITestBlock : public SSLUITest { 3645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 3655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLUITestBlock() : SSLUITest() {} 3665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Browser will neither run nor display insecure content. 3682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { 3695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) command_line->AppendSwitch(switches::kNoDisplayingInsecureContent); 3705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 3715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 3725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class SSLUITestIgnoreCertErrors : public SSLUITest { 3745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 3755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLUITestIgnoreCertErrors() : SSLUITest() {} 3765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { 3785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Browser will ignore certificate errors. 3795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) command_line->AppendSwitch(switches::kIgnoreCertificateErrors); 3805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 3815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 3825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a regular page over http. 3845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTP) { 3855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 3865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 3885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL("files/ssl/google.html")); 3895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) CheckUnauthenticatedState( 3911320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci browser()->tab_strip_model()->GetActiveWebContents(), AuthState::NONE); 3925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 3935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 3945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page over http which includes broken https resources (status should 3955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// be OK). 3965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// TODO(jcampan): test that bad HTTPS content is blocked (otherwise we'll give 3975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// the secure cookies away!). 3985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPWithBrokenHTTPSResource) { 3995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 4005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 4015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 4035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 4045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_with_unsafe_contents.html", 4055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.host_port_pair(), 4065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 4075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL( 4095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) browser(), test_server()->GetURL(replacement_path)); 4105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) CheckUnauthenticatedState( 4121320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci browser()->tab_strip_model()->GetActiveWebContents(), AuthState::NONE); 4135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 4145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 415effb81e5f8246d0db0270817048dc992db66e9fbBen MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestBrokenHTTPSWithInsecureContent) { 416effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch ASSERT_TRUE(test_server()->Start()); 417effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch ASSERT_TRUE(https_server_expired_.Start()); 418effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 419effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch std::string replacement_path; 420effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 421effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch "files/ssl/page_displays_insecure_content.html", 422effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch test_server()->host_port_pair(), 423effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch &replacement_path)); 424effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 425effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch ui_test_utils::NavigateToURL(browser(), 426effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch https_server_expired_.GetURL(replacement_path)); 427effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 428effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 429effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 430effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 431effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 432effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch ProceedThroughInterstitial(tab); 433effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 434effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState(tab, 435effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch net::CERT_STATUS_DATE_INVALID, 436effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::DISPLAYED_INSECURE_CONTENT); 437effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch} 438effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 4395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// http://crbug.com/91745 4405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(OS_CHROMEOS) 4415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestOKHTTPS DISABLED_TestOKHTTPS 4425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#else 4435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestOKHTTPS TestOKHTTPS 4445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif 4455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page over OK https: 4475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestOKHTTPS) { 4485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 4495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 4515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL("files/ssl/google.html")); 4525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 453effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(), 454effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::NONE); 4555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 4565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with https error and proceed: 4586e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#if defined(OS_LINUX) 4596e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)// flaky http://crbug.com/396462 4606e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#define MAYBE_TestHTTPSExpiredCertAndProceed \ 4616e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) DISABLED_TestHTTPSExpiredCertAndProceed 4626e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#else 4636e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#define MAYBE_TestHTTPSExpiredCertAndProceed TestHTTPSExpiredCertAndProceed 4646e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#endif 4656e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestHTTPSExpiredCertAndProceed) { 4665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 4675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 4695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/google.html")); 4705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 472effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 473effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 4745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 4765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 477effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 478effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); 4795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 4805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 481424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#ifndef NEDBUG 482424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// Flaky on Windows debug (http://crbug.com/280537). 483a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)#define MAYBE_TestHTTPSExpiredCertAndDontProceed \ 484a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) DISABLED_TestHTTPSExpiredCertAndDontProceed 485a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)#else 486a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)#define MAYBE_TestHTTPSExpiredCertAndDontProceed \ 487a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) TestHTTPSExpiredCertAndDontProceed 488a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles)#endif 489a36e5920737c6adbddd3e43b760e5de8431db6e0Torne (Richard Coles) 4905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with https error and don't proceed (and ensure we can still 4915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// navigate at that point): 492424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestHTTPSExpiredCertAndDontProceed) { 4935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 4945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 4955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 4965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 4975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // First navigate to an OK page. 4985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 4995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL("files/ssl/google.html")); 5005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 5025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) NavigationEntry* entry = tab->GetController().GetActiveEntry(); 5035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(entry); 5045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL cross_site_url = 5065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/google.html"); 5075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Change the host name from 127.0.0.1 to localhost so it triggers a 5085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // cross-site navigation so we can test http://crbug.com/5800 is gone. 5095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_EQ("127.0.0.1", cross_site_url.host()); 5105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL::Replacements replacements; 5115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string new_host("localhost"); 5125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacements.SetHostStr(new_host); 5135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) cross_site_url = cross_site_url.ReplaceComponents(replacements); 5145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now go to a bad HTTPS page. 5165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), cross_site_url); 5175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // An interstitial should be showing. 519effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState(tab, 520effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch net::CERT_STATUS_COMMON_NAME_INVALID, 521effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::SHOWING_INTERSTITIAL); 5225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Simulate user clicking "Take me back". 5245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) InterstitialPage* interstitial_page = tab->GetInterstitialPage(); 5255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(interstitial_page); 5265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) interstitial_page->DontProceed(); 5275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should be back to the original good page. 529effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 5305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Try to navigate to a new page. (to make sure bug 5800 is fixed). 5325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 5335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL("files/ssl/google.html")); 5341320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 5355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 5365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with https error and then goes back using Browser::GoBack. 5385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, 5395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) TestHTTPSExpiredCertAndGoBackViaButton) { 5405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 5415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 5425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // First navigate to an HTTP page. 5445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 5455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL("files/ssl/google.html")); 5462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 5475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) NavigationEntry* entry = tab->GetController().GetActiveEntry(); 5485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(entry); 5495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now go to a bad HTTPS page that shows an interstitial. 5515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 5525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/google.html")); 553effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 554effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 5555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProvisionalLoadWaiter load_failed_observer(tab); 5575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Simulate user clicking on back button (crbug.com/39248). 5595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) chrome::GoBack(browser(), CURRENT_TAB); 5605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Wait until we hear the load failure, and make sure we haven't swapped out 5625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the previous page. Prevents regression of http://crbug.com/82667. 5635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) load_failed_observer.Wait(); 5645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(content::RenderViewHostTester::IsRenderViewHostSwappedOut( 5655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab->GetRenderViewHost())); 5665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should be back at the original good page. 5682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_FALSE(browser()->tab_strip_model()->GetActiveWebContents()-> 5692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) GetInterstitialPage()); 5701320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 5715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 5725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with https error and then goes back using GoToOffset. 5745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Disabled because its flaky: http://crbug.com/40932, http://crbug.com/43575. 5755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, 5765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) TestHTTPSExpiredCertAndGoBackViaMenu) { 5775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 5785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 5795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // First navigate to an HTTP page. 5815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 5825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL("files/ssl/google.html")); 5832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 5845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) NavigationEntry* entry = tab->GetController().GetActiveEntry(); 5855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(entry); 5865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now go to a bad HTTPS page that shows an interstitial. 5885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 5895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/google.html")); 590effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 591effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 5925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Simulate user clicking and holding on back button (crbug.com/37215). 5945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab->GetController().GoToOffset(-1); 5955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 5965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should be back at the original good page. 5972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_FALSE(browser()->tab_strip_model()->GetActiveWebContents()-> 5982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) GetInterstitialPage()); 5991320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 6005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 6015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with https error and then goes forward using GoToOffset. 6035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPSExpiredCertAndGoForward) { 6045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 6055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 6065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // First navigate to two HTTP pages. 6085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 6095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL("files/ssl/google.html")); 6102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 6115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) NavigationEntry* entry1 = tab->GetController().GetActiveEntry(); 6125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(entry1); 6135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 6145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL("files/ssl/blank_page.html")); 6155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) NavigationEntry* entry2 = tab->GetController().GetActiveEntry(); 6165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(entry2); 6175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now go back so that a page is in the forward history. 6195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 6205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 6215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 6225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 6235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab->GetController().GoBack(); 6245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 6255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 6265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(tab->GetController().CanGoForward()); 6275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) NavigationEntry* entry3 = tab->GetController().GetActiveEntry(); 6285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(entry1 == entry3); 6295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now go to a bad HTTPS page that shows an interstitial. 6315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 6325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/google.html")); 633effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 634effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 6355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Simulate user clicking and holding on forward button. 6375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 6385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 6395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 6405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 6415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab->GetController().GoToOffset(1); 6425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 6435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 6445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should be showing the second good page. 6462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_FALSE(browser()->tab_strip_model()->GetActiveWebContents()-> 6472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) GetInterstitialPage()); 6481320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 6495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(tab->GetController().CanGoForward()); 6505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) NavigationEntry* entry4 = tab->GetController().GetActiveEntry(); 6515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(entry2 == entry4); 6525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 6535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a HTTP page which request WSS connection to a server providing invalid 6555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// certificate. Close the page while WSS connection waits for SSLManager's 6565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// response from UI thread. 6572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Disabled on Windows because it was flaking on XP Tests (1). crbug.com/165258 6585f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#if defined(OS_WIN) 6592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#define MAYBE_TestWSSInvalidCertAndClose DISABLED_TestWSSInvalidCertAndClose 6602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#else 6612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#define MAYBE_TestWSSInvalidCertAndClose TestWSSInvalidCertAndClose 6622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#endif 6632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestWSSInvalidCertAndClose) { 6645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 6655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(wss_server_expired_.Start()); 6665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Setup page title observer. 6682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 6695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS")); 6705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL")); 6715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Create GURLs to test pages. 673868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) std::string master_url_path = base::StringPrintf("%s?%d", 6745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL("files/ssl/wss_close.html").spec().c_str(), 6755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wss_server_expired_.host_port_pair().port()); 676868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) GURL master_url(master_url_path); 677868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) std::string slave_url_path = base::StringPrintf("%s?%d", 6785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL("files/ssl/wss_close_slave.html").spec().c_str(), 6795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wss_server_expired_.host_port_pair().port()); 680868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) GURL slave_url(slave_url_path); 6815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Create tabs and visit pages which keep on creating wss connections. 6832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tabs[16]; 6845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) for (int i = 0; i < 16; ++i) { 685868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) tabs[i] = chrome::AddSelectedTabWithURL(browser(), slave_url, 6861320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci ui::PAGE_TRANSITION_LINK); 6875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 6885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) chrome::SelectNextTab(browser()); 6895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Visit a page which waits for one TLS handshake failure. 6915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The title will be changed to 'PASS'. 692868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), master_url); 693a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const base::string16 result = watcher.WaitAndGetTitle(); 6945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass")); 6955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 6965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Close tabs which contains the test page. 6975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) for (int i = 0; i < 16; ++i) 6982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chrome::CloseWebContents(browser(), tabs[i], false); 6992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chrome::CloseWebContents(browser(), tab, false); 7005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 7015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a HTTPS page and proceeds despite an invalid certificate. The page 7035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// requests WSS connection to the same origin host to check if WSS connection 7045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// share certificates policy with HTTPS correcly. 7055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestWSSInvalidCertAndGoForward) { 7065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 7075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(wss_server_expired_.Start()); 7085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Setup page title observer. 7102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 7115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS")); 7125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL")); 7135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Visit bad HTTPS page. 7155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string scheme("https"); 7165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL::Replacements replacements; 7175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacements.SetSchemeStr(scheme); 7185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL( 7195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) browser(), 7205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wss_server_expired_.GetURL( 7215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "connect_check.html").ReplaceComponents(replacements)); 722effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 723effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 7245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Proceed anyway. 7265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 7275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Test page run a WebSocket wss connection test. The result will be shown 7295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // as page title. 730a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const base::string16 result = watcher.WaitAndGetTitle(); 7315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass")); 7325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 7335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(USE_NSS) 7355f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)class SSLUITestWithClientCert : public SSLUITest { 7365f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) public: 7375f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) SSLUITestWithClientCert() : cert_db_(NULL) {} 7385f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 7395f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual void SetUpOnMainThread() OVERRIDE { 7405f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) SSLUITest::SetUpOnMainThread(); 7415f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 7425f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) base::RunLoop loop; 7435f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) GetNSSCertDatabaseForProfile( 7445f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) browser()->profile(), 7455f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) base::Bind(&SSLUITestWithClientCert::DidGetCertDatabase, 7465f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) base::Unretained(this), 7475f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) &loop)); 7485f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) loop.Run(); 7495f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) } 7505f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 7515f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) protected: 7525f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) void DidGetCertDatabase(base::RunLoop* loop, net::NSSCertDatabase* cert_db) { 7535f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) cert_db_ = cert_db; 7545f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) loop->Quit(); 7555f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) } 7565f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 7575f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) net::NSSCertDatabase* cert_db_; 7585f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)}; 7595f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 7605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// SSL client certificate tests are only enabled when using NSS for private key 7615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// storage, as only NSS can avoid modifying global machine state when testing. 7625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// See http://crbug.com/51132 7635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a HTTPS page which requires client cert authentication. The client 7655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// cert will be selected automatically, then a test which uses WebSocket runs. 7665f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITestWithClientCert, TestWSSClientCert) { 7675f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) // Import a client cert for test. 7685f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) scoped_refptr<net::CryptoModule> crypt_module = cert_db_->GetPublicModule(); 7695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string pkcs12_data; 7702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::FilePath cert_path = net::GetTestCertsDirectory().Append( 7715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) FILE_PATH_LITERAL("websocket_client_cert.p12")); 77258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) EXPECT_TRUE(base::ReadFileToString(cert_path, &pkcs12_data)); 773868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) EXPECT_EQ(net::OK, 7745f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) cert_db_->ImportFromPKCS12( 775a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) crypt_module.get(), pkcs12_data, base::string16(), true, NULL)); 7765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Start WebSocket test server with TLS and client cert authentication. 778c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) net::SpawnedTestServer::SSLOptions options( 779c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) net::SpawnedTestServer::SSLOptions::CERT_OK); 7805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) options.request_client_certificate = true; 7812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::FilePath ca_path = net::GetTestCertsDirectory().Append( 7825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) FILE_PATH_LITERAL("websocket_cacert.pem")); 7835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) options.client_authorities.push_back(ca_path); 784c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) net::SpawnedTestServer wss_server(net::SpawnedTestServer::TYPE_WSS, 7855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) options, 7865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::GetWebSocketTestDataDirectory()); 7875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(wss_server.Start()); 7885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string scheme("https"); 7895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL::Replacements replacements; 7905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacements.SetSchemeStr(scheme); 7915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url = wss_server.GetURL("connect_check.html").ReplaceComponents( 7925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacements); 7935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Setup page title observer. 7952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 7965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS")); 7975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL")); 7985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 7995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Add an entry into AutoSelectCertificateForUrls policy for automatic client 8005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // cert selection. 8015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); 8025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DCHECK(profile); 8035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) scoped_ptr<base::DictionaryValue> dict(new base::DictionaryValue()); 8045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) dict->SetString("ISSUER.CN", "pywebsocket"); 8055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) profile->GetHostContentSettingsMap()->SetWebsiteSetting( 8065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ContentSettingsPattern::FromURL(url), 8075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ContentSettingsPattern::FromURL(url), 8085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CONTENT_SETTINGS_TYPE_AUTO_SELECT_CERTIFICATE, 8095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string(), 8105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) dict.release()); 8115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Visit a HTTPS page which requires client certs. 8135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), url); 814effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 8155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Test page runs a WebSocket wss connection test. The result will be shown 8175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // as page title. 818a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const base::string16 result = watcher.WaitAndGetTitle(); 8195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass")); 8205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 8215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // defined(USE_NSS) 8225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Flaky on CrOS http://crbug.com/92292 8245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(OS_CHROMEOS) 8255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestHTTPSErrorWithNoNavEntry \ 8265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DISABLED_TestHTTPSErrorWithNoNavEntry 8275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#else 8285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestHTTPSErrorWithNoNavEntry TestHTTPSErrorWithNoNavEntry 8295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // defined(OS_CHROMEOS) 8305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Open a page with a HTTPS error in a tab with no prior navigation (through a 8325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// link with a blank target). This is to test that the lack of navigation entry 8335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// does not cause any problems (it was causing a crasher, see 8345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// http://crbug.com/19941). 8355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestHTTPSErrorWithNoNavEntry) { 8365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 8375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url = https_server_expired_.GetURL("files/ssl/google.htm"); 8392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab2 = chrome::AddSelectedTabWithURL( 8401320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci browser(), url, ui::PAGE_TRANSITION_TYPED); 8412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) content::WaitForLoadStop(tab2); 8425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Verify our assumption that there was no prior navigation. 8445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(chrome::CanGoBack(browser())); 8455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should have an interstitial page showing. 8472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_TRUE(tab2->GetInterstitialPage()); 8485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 8495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestBadHTTPSDownload) { 8515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 8525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 853c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) GURL url_non_dangerous = test_server()->GetURL(std::string()); 854c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) GURL url_dangerous = 855c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) https_server_expired_.GetURL("files/downloads/dangerous/dangerous.exe"); 8562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::ScopedTempDir downloads_directory_; 8575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Need empty temp dir to avoid having Chrome ask us for a new filename 8595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // when we've downloaded dangerous.exe one hundred times. 8605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(downloads_directory_.CreateUniqueTempDir()); 8615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) browser()->profile()->GetPrefs()->SetFilePath( 8635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) prefs::kDownloadDefaultDirectory, 8645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) downloads_directory_.path()); 8655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Visit a non-dangerous page. 8675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), url_non_dangerous); 8685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now, start a transition to dangerous download. 8705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 8715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 8725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 8735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NotificationService::AllSources()); 8745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) chrome::NavigateParams navigate_params(browser(), url_dangerous, 8751320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci ui::PAGE_TRANSITION_TYPED); 8765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) chrome::Navigate(&navigate_params); 8775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 8785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 8795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // To exit the browser cleanly (and this test) we need to complete the 8815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // download after completing this test. 8825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::DownloadTestObserverTerminal dangerous_download_observer( 8835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::BrowserContext::GetDownloadManager(browser()->profile()), 8845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1, 8855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::DownloadTestObserver::ON_DANGEROUS_DOWNLOAD_ACCEPT); 8865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 8875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Proceed through the SSL interstitial. This doesn't use 8885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // |ProceedThroughInterstitial| since no page load will commit. 8892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 8905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(tab != NULL); 8915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(tab->GetInterstitialPage() != NULL); 8925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 8935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 8945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) chrome::NOTIFICATION_DOWNLOAD_INITIATED, 8955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NotificationService::AllSources()); 8965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab->GetInterstitialPage()->Proceed(); 8975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 8985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 8995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // There should still be an interstitial at this point. Press the 9015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // back button on the browser. Note that this doesn't wait for a 9025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // NAV_ENTRY_COMMITTED notification because going back with an 9035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // active interstitial simply hides the interstitial. 9045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(tab->GetInterstitialPage() != NULL); 9055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(chrome::CanGoBack(browser())); 9065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) chrome::GoBack(browser(), CURRENT_TAB); 9075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) dangerous_download_observer.WaitForFinished(); 9095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 9105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 9125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Insecure content 9135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 9145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(OS_WIN) 9165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// http://crbug.com/152940 Flaky on win. 9175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestDisplaysInsecureContent DISABLED_TestDisplaysInsecureContent 9185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#else 9195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestDisplaysInsecureContent TestDisplaysInsecureContent 9205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif 9215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page that displays insecure content. 9235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestDisplaysInsecureContent) { 9245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 9255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 9265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 9285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 9295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_displays_insecure_content.html", 9305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 9315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 9325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Load a page that displays insecure content. 9345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 9355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL(replacement_path)); 9365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 937effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(), 938effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::DISPLAYED_INSECURE_CONTENT); 9395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 9405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page that runs insecure content and tries to suppress the insecure 9425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// content warnings by randomizing location.hash. 9435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Based on http://crbug.com/8706 9445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, 9455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) TestRunsInsecuredContentRandomizeHash) { 9465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 9475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 9485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( 9505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_runs_insecure_content.html")); 9515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) CheckAuthenticationBrokenState( 953effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch browser()->tab_strip_model()->GetActiveWebContents(), 954effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CertError::NONE, 955effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); 9565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 9575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with unsafe content and make sure that: 9595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// - frames content is replaced with warning 9605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// - images and scripts are filtered out entirely 9615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContents) { 9625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 9635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 9645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 9665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 9675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_with_unsafe_contents.html", 9685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.host_port_pair(), 9695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 9705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 9715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL(replacement_path)); 9725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 9745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // When the bad content is filtered, the state is expected to be 9755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // authenticated. 976effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 9775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Because of cross-frame scripting restrictions, we cannot access the iframe 9795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // content. So to know if the frame was loaded, we just check if a popup was 9805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // opened (the iframe content opens one). 9812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Note: because of bug 1115868, no web contents modal dialog is opened right 9822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // now. Once the bug is fixed, this will do the real check. 9832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_FALSE(IsShowingWebContentsModalDialog()); 9845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int img_width; 9862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractInt( 9872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 9882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(ImageWidth());", 9892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &img_width)); 9905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // In order to check that the image was not loaded, we check its width. 9915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The actual image (Google logo) is 114 pixels wide, we assume the broken 9925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // image is less than 100. 9935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_LT(img_width, 100); 9945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 9955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool js_result = false; 9962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 9972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 9982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(IsFooSet());", 9992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) &js_result)); 10005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(js_result); 10015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 10025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with insecure content loaded by JS (after the initial page 10045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// load). 10056e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#if defined(OS_LINUX) 10066e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)// flaky http://crbug.com/396462 10076e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#define MAYBE_TestDisplaysInsecureContentLoadedFromJS \ 10086e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) DISABLED_TestDisplaysInsecureContentLoadedFromJS 10096e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#else 10106e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#define MAYBE_TestDisplaysInsecureContentLoadedFromJS \ 10116e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) TestDisplaysInsecureContentLoadedFromJS 10126e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#endif 10136e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, 10146e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) MAYBE_TestDisplaysInsecureContentLoadedFromJS) { 10155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 10165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 10175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 10195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 10205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_with_dynamic_insecure_content.html", 10215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 10225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 10235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( 10245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacement_path)); 10255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 1027effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 10285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Load the insecure image. 10305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool js_result = false; 10312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 10322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 10332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "loadBadImage();", 10345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &js_result)); 10355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(js_result); 10365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should now have insecure content. 1038effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); 10395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 10405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits two pages from the same origin: one that displays insecure content and 10425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// one that doesn't. The test checks that we do not propagate the insecure 10435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// content state from one to the other. 10445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInsecureContentTwoTabs) { 10455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 10465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 10475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 10495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL("files/ssl/blank_page.html")); 10505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab1 = browser()->tab_strip_model()->GetActiveWebContents(); 10525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // This tab should be fine. 1054effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab1, AuthState::NONE); 10555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Create a new tab. 10575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 10585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 10595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_displays_insecure_content.html", 10605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 10615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 10625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url = https_server_.GetURL(replacement_path); 10641320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci chrome::NavigateParams params(browser(), url, ui::PAGE_TRANSITION_TYPED); 10655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) params.disposition = NEW_FOREGROUND_TAB; 10665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) params.tabstrip_index = 0; 10675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) params.source_contents = tab1; 10685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 10695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 10705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NotificationService::AllSources()); 10715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) chrome::Navigate(¶ms); 10722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab2 = params.target_contents; 10735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 10745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The new tab has insecure content. 1076effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab2, AuthState::DISPLAYED_INSECURE_CONTENT); 10775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The original tab should not be contaminated. 1079effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab1, AuthState::NONE); 10805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 10815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits two pages from the same origin: one that runs insecure content and one 10835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// that doesn't. The test checks that we propagate the insecure content state 10845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// from one to the other. 10855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsInsecureContentTwoTabs) { 10865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 10875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 10885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 10905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL("files/ssl/blank_page.html")); 10915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab1 = browser()->tab_strip_model()->GetActiveWebContents(); 10935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // This tab should be fine. 1095effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab1, AuthState::NONE); 10965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 10975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 10985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 10995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_runs_insecure_content.html", 11005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 11015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 11025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Create a new tab in the same process. Using a NEW_FOREGROUND_TAB 11045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // disposition won't usually stay in the same process, but this works 11055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // because we are using process-per-site in SetUpCommandLine. 11065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url = https_server_.GetURL(replacement_path); 11071320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci chrome::NavigateParams params(browser(), url, ui::PAGE_TRANSITION_TYPED); 11085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) params.disposition = NEW_FOREGROUND_TAB; 11095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) params.source_contents = tab1; 11105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 11115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 11125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NotificationService::AllSources()); 11135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) chrome::Navigate(¶ms); 11142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab2 = params.target_contents; 11155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 11165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Both tabs should have the same process. 1118868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) EXPECT_EQ(tab1->GetRenderProcessHost(), tab2->GetRenderProcessHost()); 11195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The new tab has insecure content. 1121effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1122effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab2, 1123effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CertError::NONE, 1124effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); 11255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Which means the origin for the first tab has also been contaminated with 11275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // insecure content. 1128effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1129effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab1, CertError::NONE, AuthState::RAN_INSECURE_CONTENT); 11305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 11315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with an image over http. Visits another page over https 11335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// referencing that same image over http (hoping it is coming from the webcore 11345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// memory cache). 11355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysCachedInsecureContent) { 11365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 11375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 11385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 11405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 11415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_displays_insecure_content.html", 11425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 11435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 11445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Load original page over HTTP. 11465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL url_http = test_server()->GetURL(replacement_path); 11475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), url_http); 11482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 11491320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 11505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Load again but over SSL. It should be marked as displaying insecure 11525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // content (even though the image comes from the WebCore memory cache). 11535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL url_https = https_server_.GetURL(replacement_path); 11545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), url_https); 1155effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT); 11565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 11575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// http://crbug.com/84729 11595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(OS_CHROMEOS) 11605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestRunsCachedInsecureContent \ 11615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) DISABLED_TestRunsCachedInsecureContent 11625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#else 11635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestRunsCachedInsecureContent TestRunsCachedInsecureContent 11645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // defined(OS_CHROMEOS) 11655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page with script over http. Visits another page over https 11675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// referencing that same script over http (hoping it is coming from the webcore 11685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// memory cache). 11695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRunsCachedInsecureContent) { 11705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 11715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 11725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 11745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 11755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_runs_insecure_content.html", 11765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 11775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 11785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Load original page over HTTP. 11805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL url_http = test_server()->GetURL(replacement_path); 11815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), url_http); 11822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 11831320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 11845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Load again but over SSL. It should be marked as displaying insecure 11865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // content (even though the image comes from the WebCore memory cache). 11875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) const GURL url_https = https_server_.GetURL(replacement_path); 11885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), url_https); 1189effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1190effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, 1191effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CertError::NONE, 1192effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); 11935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 11945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 11955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// This test ensures the CN invalid status does not 'stick' to a certificate 11965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// (see bug #1044942) and that it depends on the host-name. 1197116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch// Test if disabled due to flakiness http://crbug.com/368280 . 1198116680a4aac90f2aa7413d9095a592090648e557Ben MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCNInvalidStickiness) { 11995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 12005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_mismatched_.Start()); 12015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // First we hit the server with hostname, this generates an invalid policy 12035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // error. 12045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 12055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_mismatched_.GetURL("files/ssl/google.html")); 12065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We get an interstitial page as a result. 12082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 1209effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState(tab, 1210effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch net::CERT_STATUS_COMMON_NAME_INVALID, 1211effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::SHOWING_INTERSTITIAL); 12125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 1213effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1214effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE); 12155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now we try again with the right host name this time. 12175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url(https_server_.GetURL("files/ssl/google.html")); 12185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), url); 12195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Security state should be OK. 1221effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 12225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now try again the broken one to make sure it is still broken. 12245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 12255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_mismatched_.GetURL("files/ssl/google.html")); 12265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Since we OKed the interstitial last time, we get right to the page. 1228effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1229effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE); 12305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 12315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(OS_CHROMEOS) 12335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// This test seems to be flaky and hang on chromiumos. 12345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// http://crbug.com/84419 12355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestRefNavigation DISABLED_TestRefNavigation 12365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#else 12375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define MAYBE_TestRefNavigation TestRefNavigation 12385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif 12395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Test that navigating to a #ref does not change a bad security state. 12415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestRefNavigation) { 12425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 12435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 12455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/page_with_refs.html")); 12465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 1248effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1249effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 12505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 12525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1253effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1254effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); 12555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now navigate to a ref in the page, the security state should not have 12565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // changed. 12575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 12585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/page_with_refs.html#jp")); 12595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1260effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1261effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); 12625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 12635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Tests that closing a page that has a unsafe pop-up does not crash the 12655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// browser (bug #1966). 12665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// TODO(jcampan): http://crbug.com/2136 disabled because the popup is not 12675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// opened as it is not initiated by a user gesture. 12685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCloseTabWithUnsafePopup) { 12695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 12705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 12715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 12735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 12745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_with_unsafe_popup.html", 12755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.host_port_pair(), 12765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 12775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 12795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL(replacement_path)); 12805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab1 = browser()->tab_strip_model()->GetActiveWebContents(); 12825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // It is probably overkill to add a notification for a popup-opening, let's 12835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // just poll. 12845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) for (int i = 0; i < 10; i++) { 12852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) if (IsShowingWebContentsModalDialog()) 12865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) break; 128790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) base::MessageLoop::current()->PostDelayedTask( 128890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) FROM_HERE, 128990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) base::MessageLoop::QuitClosure(), 129090dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) base::TimeDelta::FromSeconds(1)); 12915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::RunMessageLoop(); 12925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 12932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ASSERT_TRUE(IsShowingWebContentsModalDialog()); 12945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 12955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Let's add another tab to make sure the browser does not exit when we close 12965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the first tab. 12975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url = test_server()->GetURL("files/ssl/google.html"); 12985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 12995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 13005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NotificationService::AllSources()); 13011320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci chrome::AddSelectedTabWithURL(browser(), url, ui::PAGE_TRANSITION_TYPED); 13025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 13035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Close the first tab. 13052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) chrome::CloseWebContents(browser(), tab1, false); 13065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 13075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a page over bad https that is a redirect to a page with good https. 13095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestRedirectBadToGoodHTTPS) { 13105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 13115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 13125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url1 = https_server_expired_.GetURL("server-redirect?"); 13145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url2 = https_server_.GetURL("files/ssl/google.html"); 13155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), GURL(url1.spec() + url2.spec())); 13175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 13195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1320effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1321effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 13225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 13245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We have been redirected to the good page. 1326effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 13275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 13285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1329116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch// Flaky on Linux. http://crbug.com/368280. 1330116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#if defined(OS_LINUX) 1331116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#define MAYBE_TestRedirectGoodToBadHTTPS DISABLED_TestRedirectGoodToBadHTTPS 1332116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#else 1333116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#define MAYBE_TestRedirectGoodToBadHTTPS TestRedirectGoodToBadHTTPS 1334116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#endif 1335116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 13365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a page over good https that is a redirect to a page with bad https. 1337116680a4aac90f2aa7413d9095a592090648e557Ben MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRedirectGoodToBadHTTPS) { 13385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 13395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 13405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url1 = https_server_.GetURL("server-redirect?"); 13425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL url2 = https_server_expired_.GetURL("files/ssl/google.html"); 13435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), GURL(url1.spec() + url2.spec())); 13445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 1346effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1347effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 13485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 13505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1351effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1352effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); 13535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 13545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a page over http that is a redirect to a page with good HTTPS. 13565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestRedirectHTTPToGoodHTTPS) { 13575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 13585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 13595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 13615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // HTTP redirects to good HTTPS. 13635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL http_url = test_server()->GetURL("server-redirect?"); 13645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL good_https_url = 13655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL("files/ssl/google.html"); 13665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 13685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL(http_url.spec() + good_https_url.spec())); 1369effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 13705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 13715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1372116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch// Flaky on Linux. http://crbug.com/368280. 1373116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#if defined(OS_LINUX) 1374116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#define MAYBE_TestRedirectHTTPToBadHTTPS DISABLED_TestRedirectHTTPToBadHTTPS 1375116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#else 1376116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#define MAYBE_TestRedirectHTTPToBadHTTPS TestRedirectHTTPToBadHTTPS 1377116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#endif 1378116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 13795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a page over http that is a redirect to a page with bad HTTPS. 1380116680a4aac90f2aa7413d9095a592090648e557Ben MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRedirectHTTPToBadHTTPS) { 13815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 13825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 13835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 13855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL http_url = test_server()->GetURL("server-redirect?"); 13875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL bad_https_url = 13885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/google.html"); 13895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 13905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL(http_url.spec() + bad_https_url.spec())); 1391effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1392effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 13935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 13955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1396effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1397effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); 13985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 13995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a page over https that is a redirect to a page with http (to make sure 14015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// we don't keep the secure state). 14025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestRedirectHTTPSToHTTP) { 14035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 14045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 14055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL https_url = https_server_.GetURL("server-redirect?"); 14075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL http_url = test_server()->GetURL("files/ssl/google.html"); 14085821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 14105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL(https_url.spec() + http_url.spec())); 14112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) CheckUnauthenticatedState( 14121320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci browser()->tab_strip_model()->GetActiveWebContents(), AuthState::NONE); 14135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 14145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visits a page to which we could not connect (bad port) over http and https 14165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// and make sure the security style is correct. 14175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestConnectToBadPort) { 14185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), GURL("http://localhost:17")); 14192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) CheckUnauthenticatedState( 14201320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci browser()->tab_strip_model()->GetActiveWebContents(), 14211320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci AuthState::SHOWING_ERROR); 14225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Same thing over HTTPS. 14245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), GURL("https://localhost:17")); 14252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) CheckUnauthenticatedState( 14261320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci browser()->tab_strip_model()->GetActiveWebContents(), 14271320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci AuthState::SHOWING_ERROR); 14285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 14295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 14315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Frame navigation 14325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// 14335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// From a good HTTPS top frame: 14355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// - navigate to an OK HTTPS frame 14365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// - navigate to a bad HTTPS (expect unsafe content and filtered frame), then 14375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// back 14385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// - navigate to HTTP (expect insecure content), then back 1439bbcdd45c55eb7c4641ab97aef9889b0fc828e7d3Ben MurdochIN_PROC_BROWSER_TEST_F(SSLUITest, TestGoodFrameNavigation) { 14405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 14415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 14425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 14435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string top_frame_path; 14455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetTopFramePath(*test_server(), 14465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_, 14475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_, 14485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &top_frame_path)); 14495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 14515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 14525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL(top_frame_path)); 14535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1454effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 14555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool success = false; 14575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now navigate inside the frame. 14585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 14595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 14605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 14615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 14622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 14632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 14642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(clickLink('goodHTTPSLink'));", 14655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &success)); 14665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(success); 14675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 14685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 14695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should still be fine. 1471effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 14725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now let's hit a bad page. 14745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 14755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 14765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 14775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 14782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 14792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 14802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(clickLink('badHTTPSLink'));", 14815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &success)); 14825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(success); 14835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 14845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 14855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The security style should still be secure. 1487effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 14885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 14895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // And the frame should be blocked. 14905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool is_content_evil = true; 149123730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) content::RenderFrameHost* content_frame = content::FrameMatchingPredicate( 149223730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) tab, base::Bind(&content::FrameMatchesName, "contentFrame")); 14932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string is_evil_js("window.domAutomationController.send(" 14942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "document.getElementById('evilDiv') != null);"); 149523730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool(content_frame, 149623730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) is_evil_js, 149723730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) &is_content_evil)); 14985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(is_content_evil); 14995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now go back, our state should still be OK. 15015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 15025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 15035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 15045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 15055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab->GetController().GoBack(); 15065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 15075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1508effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 15095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Navigate to a page served over HTTP. 15115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 15125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 15135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 15145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 15152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 15162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 15172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(clickLink('HTTPLink'));", 15185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &success)); 15195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(success); 15205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 15215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 15225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1523868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) // Our state should be unathenticated (in the ran mixed script sense) 1524effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1525effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, 1526effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CertError::NONE, 1527effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); 15285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Go back, our state should be unchanged. 15305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 15315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 15325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 15335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 15345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) tab->GetController().GoBack(); 15355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 15365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 1537868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) 1538effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1539effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, 1540effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CertError::NONE, 1541effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT); 15425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 15435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// From a bad HTTPS top frame: 15455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// - navigate to an OK HTTPS frame (expected to be still authentication broken). 15465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestBadFrameNavigation) { 15475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 15485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 15495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string top_frame_path; 15515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetTopFramePath(*test_server(), 15525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_, 15535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_, 15545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &top_frame_path)); 15555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 15575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 15585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL(top_frame_path)); 1559effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1560effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 15615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 15635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Navigate to a good frame. 15655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool success = false; 15665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 15675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 15685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 15692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 15702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 15712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(clickLink('goodHTTPSLink'));", 15725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &success)); 15735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(success); 15745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 15755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should still be authentication broken. 1577effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1578effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); 15795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 15805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// From an HTTP top frame, navigate to good and bad HTTPS (security state should 15825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// stay unauthenticated). 15835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Disabled, flakily exceeds test timeout, http://crbug.com/43437. 15845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestUnauthenticatedFrameNavigation) { 15855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 15865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 15875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 15885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string top_frame_path; 15905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetTopFramePath(*test_server(), 15915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_, 15925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_, 15935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &top_frame_path)); 15945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 15952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 15965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 15975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->GetURL(top_frame_path)); 15981320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 15995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now navigate inside the frame to a secure HTTPS frame. 16015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 16025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool success = false; 16035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 16045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 16055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 16062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 16072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 16082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(clickLink('goodHTTPSLink'));", 16095821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &success)); 16105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(success); 16115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 16125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 16135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We should still be unauthenticated. 16151320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 16165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Now navigate to a bad HTTPS frame. 16185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) { 16195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool success = false; 16205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::WindowedNotificationObserver observer( 16215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 16225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 16232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool( 16242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) tab, 16252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "window.domAutomationController.send(clickLink('badHTTPSLink'));", 16265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &success)); 16275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(success); 16285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) observer.Wait(); 16295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) } 16305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // State should not have changed. 16321320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci CheckUnauthenticatedState(tab, AuthState::NONE); 16335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // And the frame should have been blocked (see bug #2316). 16355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool is_content_evil = true; 163623730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) content::RenderFrameHost* content_frame = content::FrameMatchingPredicate( 163723730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) tab, base::Bind(&content::FrameMatchesName, "contentFrame")); 16382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::string is_evil_js("window.domAutomationController.send(" 16392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) "document.getElementById('evilDiv') != null);"); 164023730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) EXPECT_TRUE(content::ExecuteScriptAndExtractBool(content_frame, 164123730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) is_evil_js, 164223730a6e56a168d1879203e4b3819bb36e3d8f1fTorne (Richard Coles) &is_content_evil)); 16435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_FALSE(is_content_evil); 16445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 16455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsInWorkerFiltered) { 16475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 16485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 16495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // This page will spawn a Worker which will try to load content from 16515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // BadCertServer. 16525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string page_with_unsafe_worker_path; 16535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetPageWithUnsafeWorkerPath(https_server_expired_, 16545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &page_with_unsafe_worker_path)); 16555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( 16565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) page_with_unsafe_worker_path)); 16572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 16585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Expect Worker not to load insecure content. 16595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CheckWorkerLoadResult(tab, false); 16605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The bad content is filtered, expect the state to be authenticated. 1661effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(tab, AuthState::NONE); 16625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 16635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsInWorker) { 16655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 16665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 16675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Navigate to an unsafe site. Proceed with interstitial page to indicate 16695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // the user approves the bad certificate. 16705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 16715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/blank_page.html")); 16722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 1673effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1674effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 16755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ProceedThroughInterstitial(tab); 1676effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1677effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); 16785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Navigate to safe page that has Worker loading unsafe content. 16805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Expect content to load but be marked as auth broken due to running insecure 16815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // content. 16825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string page_with_unsafe_worker_path; 16835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetPageWithUnsafeWorkerPath(https_server_expired_, 16845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &page_with_unsafe_worker_path)); 16855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), https_server_.GetURL( 16865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) page_with_unsafe_worker_path)); 16875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CheckWorkerLoadResult(tab, true); // Worker loads insecure content 1688effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1689effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, CertError::NONE, AuthState::RAN_INSECURE_CONTENT); 16905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 16915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Test that when the browser blocks displaying insecure content (images), the 16935821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// indicator shows a secure page, because the blocking made the otherwise 16945821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// unsafe page safe (the notification of this state is handled by other means). 16955821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITestBlock, TestBlockDisplayingInsecureImage) { 16965821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 16975821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 16985821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 16995821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 17005821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 17015821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_displays_insecure_content.html", 17025821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 17035821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 17045821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17055821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 17065821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL(replacement_path)); 17075821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1708effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(), 1709effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::NONE); 17105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 17115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Test that when the browser blocks displaying insecure content (iframes), the 17135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// indicator shows a secure page, because the blocking made the otherwise 17145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// unsafe page safe (the notification of this state is handled by other means) 17155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITestBlock, TestBlockDisplayingInsecureIframe) { 17165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 17175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 17185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 17205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 17215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_displays_insecure_iframe.html", 17225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 17235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 17245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 17265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL(replacement_path)); 17275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1728effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(), 1729effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::NONE); 17305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 17315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Test that when the browser blocks running insecure content, the 17335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// indicator shows a secure page, because the blocking made the otherwise 17345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// unsafe page safe (the notification of this state is handled by other means). 17355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITestBlock, TestBlockRunningInsecureContent) { 17365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 17375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(https_server_.Start()); 17385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string replacement_path; 17405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(GetFilePathWithHostAndPortReplacement( 17415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "files/ssl/page_runs_insecure_content.html", 17425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) test_server()->host_port_pair(), 17435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) &replacement_path)); 17445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 17465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) https_server_.GetURL(replacement_path)); 17475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1748effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(), 1749effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch AuthState::NONE); 17505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 17515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a page and establish a WebSocket connection over bad https with 17535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// --ignore-certificate-errors. The connection should be established without 17545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// interstitial page showing. 17555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITestIgnoreCertErrors, TestWSS) { 17565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(test_server()->Start()); 17575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(wss_server_expired_.Start()); 17585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Setup page title observer. 17602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 17615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS")); 17625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL")); 17635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Visit bad HTTPS page. 17655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) std::string scheme("https"); 17665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) GURL::Replacements replacements; 17675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) replacements.SetSchemeStr(scheme); 17685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ui_test_utils::NavigateToURL( 17695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) browser(), 17705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) wss_server_expired_.GetURL( 17715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "connect_check.html").ReplaceComponents(replacements)); 17725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // We shouldn't have an interstitial page showing here. 17745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 17755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Test page run a WebSocket wss connection test. The result will be shown 17765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // as page title. 1777a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const base::string16 result = watcher.WaitAndGetTitle(); 17785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass")); 17795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 17805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 1781f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// Verifies that the interstitial can proceed, even if JavaScript is disabled. 1782f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// http://crbug.com/322948 17836e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#if defined(OS_LINUX) 17846e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)// flaky http://crbug.com/396458 17856e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#define MAYBE_TestInterstitialJavaScriptProceeds \ 17866e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) DISABLED_TestInterstitialJavaScriptProceeds 17876e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#else 17886e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#define MAYBE_TestInterstitialJavaScriptProceeds \ 17896e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles) TestInterstitialJavaScriptProceeds 17906e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)#endif 17916e8cce623b6e4fe0c9e4af605d675dd9d0338c38Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestInterstitialJavaScriptProceeds) { 1792f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) browser()->profile()->GetHostContentSettingsMap()->SetDefaultContentSetting( 1793f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) CONTENT_SETTINGS_TYPE_JAVASCRIPT, CONTENT_SETTING_BLOCK); 1794f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 1795f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 1796f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 1797f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 1798f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) https_server_expired_.GetURL("files/ssl/google.html")); 1799effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch CheckAuthenticationBrokenState( 1800effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 1801f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 1802f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) content::WindowedNotificationObserver observer( 1803f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) content::NOTIFICATION_LOAD_STOP, 1804f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) content::Source<NavigationController>(&tab->GetController())); 1805f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) InterstitialPage* interstitial_page = tab->GetInterstitialPage(); 1806f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) content::RenderViewHost* interstitial_rvh = 1807f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) interstitial_page->GetRenderViewHostForTesting(); 1808f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) int result = -1; 1809f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) std::string javascript = base::StringPrintf( 1810f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) "window.domAutomationController.send(%d);", 1811f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) SSLBlockingPage::CMD_PROCEED); 1812f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) ASSERT_TRUE(content::ExecuteScriptAndExtractInt( 1813f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) interstitial_rvh, javascript, &result)); 1814f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) // The above will hang without the fix. 1815f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_EQ(1, result); 1816f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) observer.Wait(); 1817f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) CheckAuthenticationBrokenState( 1818f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE); 1819f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 1820f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 1821f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// Verifies that the interstitial can go back, even if JavaScript is disabled. 1822f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// http://crbug.com/322948 1823f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, TestInterstitialJavaScriptGoesBack) { 1824f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) browser()->profile()->GetHostContentSettingsMap()->SetDefaultContentSetting( 1825f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) CONTENT_SETTINGS_TYPE_JAVASCRIPT, CONTENT_SETTING_BLOCK); 1826f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 1827f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 1828f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 1829f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) ui_test_utils::NavigateToURL(browser(), 1830f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) https_server_expired_.GetURL("files/ssl/google.html")); 1831f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) CheckAuthenticationBrokenState( 1832f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 1833f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 1834f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) content::WindowedNotificationObserver observer( 1835f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) content::NOTIFICATION_RENDER_WIDGET_HOST_DESTROYED, 1836f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) content::NotificationService::AllSources()); 1837f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) InterstitialPage* interstitial_page = tab->GetInterstitialPage(); 1838f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) content::RenderViewHost* interstitial_rvh = 1839f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) interstitial_page->GetRenderViewHostForTesting(); 1840f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) int result = -1; 1841f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) std::string javascript = base::StringPrintf( 1842f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) "window.domAutomationController.send(%d);", 1843f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) SSLBlockingPage::CMD_DONT_PROCEED); 1844f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) ASSERT_TRUE(content::ExecuteScriptAndExtractInt( 1845f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) interstitial_rvh, javascript, &result)); 1846f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // The above will hang without the fix. 1847f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_EQ(0, result); 1848f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) observer.Wait(); 1849f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_EQ("about:blank", tab->GetVisibleURL().spec()); 1850f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 1851f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 1852f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// Verifies that switching tabs, while showing interstitial page, will not 1853f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// affect the visibility of the interestitial. 1854f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// https://crbug.com/381439 1855f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)IN_PROC_BROWSER_TEST_F(SSLUITest, InterstitialNotAffectedByHideShow) { 1856f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) ASSERT_TRUE(https_server_expired_.Start()); 1857f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents(); 1858f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_TRUE(tab->GetRenderWidgetHostView()->IsShowing()); 1859f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) ui_test_utils::NavigateToURL( 1860f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) browser(), https_server_expired_.GetURL("files/ssl/google.html")); 1861f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) CheckAuthenticationBrokenState( 1862f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL); 1863f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_TRUE(tab->GetRenderWidgetHostView()->IsShowing()); 1864f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 1865f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) AddTabAtIndex(0, 1866f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) https_server_.GetURL("files/ssl/google.html"), 18671320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci ui::PAGE_TRANSITION_TYPED); 1868f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_EQ(2, browser()->tab_strip_model()->count()); 1869f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_EQ(0, browser()->tab_strip_model()->active_index()); 1870f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_EQ(tab, browser()->tab_strip_model()->GetWebContentsAt(1)); 1871f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_FALSE(tab->GetRenderWidgetHostView()->IsShowing()); 1872f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 1873f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) browser()->tab_strip_model()->ActivateTabAt(1, true); 1874f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) EXPECT_TRUE(tab->GetRenderWidgetHostView()->IsShowing()); 1875f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} 1876f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 18775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// TODO(jcampan): more tests to do below. 18785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 18795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Visit a page over https that contains a frame with a redirect. 18805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 18815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// XMLHttpRequest insecure content in synchronous mode. 18825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 18835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// XMLHttpRequest insecure content in asynchronous mode. 18845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 18855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// XMLHttpRequest over bad ssl in synchronous mode. 18865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 18875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// XMLHttpRequest over OK ssl in synchronous mode. 1888