search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Don't show supervised user as "already on this device" while they're being imported.
[chromium-blink-merge.git] / chrome / browser / ssl / ssl_browser_tests.cc
blobbbdd3005d1bb849d6bf015095f88680d7daeb4bb
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/bind.h"
6 #include "base/bind_helpers.h"
7 #include "base/callback.h"
8 #include "base/command_line.h"
9 #include "base/metrics/field_trial.h"
10 #include "base/prefs/pref_service.h"
11 #include "base/strings/string_util.h"
12 #include "base/strings/stringprintf.h"
13 #include "base/strings/utf_string_conversions.h"
14 #include "base/time/time.h"
15 #include "chrome/app/chrome_command_ids.h"
16 #include "chrome/browser/browser_process.h"
17 #include "chrome/browser/chrome_notification_types.h"
18 #include "chrome/browser/interstitials/security_interstitial_page_test_utils.h"
19 #include "chrome/browser/net/certificate_error_reporter.h"
20 #include "chrome/browser/profiles/profile.h"
21 #include "chrome/browser/safe_browsing/ping_manager.h"
22 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
23 #include "chrome/browser/safe_browsing/ui_manager.h"
24 #include "chrome/browser/ssl/cert_logger.pb.h"
25 #include "chrome/browser/ssl/certificate_error_report.h"
26 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h"
27 #include "chrome/browser/ssl/ssl_blocking_page.h"
28 #include "chrome/browser/ui/browser.h"
29 #include "chrome/browser/ui/browser_commands.h"
30 #include "chrome/browser/ui/browser_navigator.h"
31 #include "chrome/browser/ui/browser_tabstrip.h"
32 #include "chrome/browser/ui/tabs/tab_strip_model.h"
33 #include "chrome/common/chrome_paths.h"
34 #include "chrome/common/chrome_switches.h"
35 #include "chrome/common/pref_names.h"
36 #include "chrome/test/base/in_process_browser_test.h"
37 #include "chrome/test/base/ui_test_utils.h"
38 #include "components/content_settings/core/browser/host_content_settings_map.h"
39 #include "components/variations/variations_associated_data.h"
40 #include "components/web_modal/web_contents_modal_dialog_manager.h"
41 #include "content/public/browser/browser_context.h"
42 #include "content/public/browser/interstitial_page.h"
43 #include "content/public/browser/navigation_controller.h"
44 #include "content/public/browser/navigation_entry.h"
45 #include "content/public/browser/notification_service.h"
46 #include "content/public/browser/render_frame_host.h"
47 #include "content/public/browser/render_view_host.h"
48 #include "content/public/browser/render_widget_host_view.h"
49 #include "content/public/browser/web_contents.h"
50 #include "content/public/browser/web_contents_observer.h"
51 #include "content/public/common/security_style.h"
52 #include "content/public/common/ssl_status.h"
53 #include "content/public/test/browser_test_utils.h"
54 #include "content/public/test/download_test_observer.h"
55 #include "content/public/test/test_renderer_host.h"
56 #include "net/base/host_port_pair.h"
57 #include "net/base/net_errors.h"
58 #include "net/base/test_data_directory.h"
59 #include "net/cert/cert_status_flags.h"
60 #include "net/cert/x509_certificate.h"
61 #include "net/ssl/ssl_info.h"
62 #include "net/test/spawned_test_server/spawned_test_server.h"
63 #include "net/url_request/url_request_context.h"
64
65 #if defined(USE_NSS_CERTS)
66 #include "chrome/browser/net/nss_context.h"
67 #include "net/base/crypto_module.h"
68 #include "net/cert/nss_cert_database.h"
69 #endif // defined(USE_NSS_CERTS)
70
71 using base::ASCIIToUTF16;
72 using chrome_browser_interstitials::SecurityInterstitialIDNTest;
73 using chrome_browser_net::CertificateErrorReporter;
74 using content::InterstitialPage;
75 using content::NavigationController;
76 using content::NavigationEntry;
77 using content::SSLStatus;
78 using content::WebContents;
79 using web_modal::WebContentsModalDialogManager;
80
81 const base::FilePath::CharType kDocRoot[] =
82 FILE_PATH_LITERAL("chrome/test/data");
83
84 // Const for the Finch group DontShowDontSend
85 const char kHTTPSErrorReporterFinchGroupDontShowDontSend[] =
86 "DontShowAndDontSend";
87
88 namespace {
89
90 class ProvisionalLoadWaiter : public content::WebContentsObserver {
91 public:
92 explicit ProvisionalLoadWaiter(WebContents* tab)
93 : WebContentsObserver(tab), waiting_(false), seen_(false) {}
94
95 void Wait() {
96 if (seen_)
97 return;
98
99 waiting_ = true;
100 content::RunMessageLoop();
101 }
102
103 void DidFailProvisionalLoad(
104 content::RenderFrameHost* render_frame_host,
105 const GURL& validated_url,
106 int error_code,
107 const base::string16& error_description) override {
108 seen_ = true;
109 if (waiting_)
110 base::MessageLoopForUI::current()->Quit();
111 }
112
113 private:
114 bool waiting_;
115 bool seen_;
116 };
117
118 namespace AuthState {
119
120 enum AuthStateFlags {
121 NONE = 0,
122 DISPLAYED_INSECURE_CONTENT = 1 << 0,
123 RAN_INSECURE_CONTENT = 1 << 1,
124 SHOWING_INTERSTITIAL = 1 << 2,
125 SHOWING_ERROR = 1 << 3
126 };
127
128 void Check(const NavigationEntry& entry, int expected_authentication_state) {
129 if (expected_authentication_state == AuthState::SHOWING_ERROR) {
130 EXPECT_EQ(content::PAGE_TYPE_ERROR, entry.GetPageType());
131 } else {
132 EXPECT_EQ(
133 !!(expected_authentication_state & AuthState::SHOWING_INTERSTITIAL)
134 ? content::PAGE_TYPE_INTERSTITIAL
135 : content::PAGE_TYPE_NORMAL,
136 entry.GetPageType());
137 }
138
139 bool displayed_insecure_content =
140 !!(entry.GetSSL().content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT);
141 EXPECT_EQ(
142 !!(expected_authentication_state & AuthState::DISPLAYED_INSECURE_CONTENT),
143 displayed_insecure_content);
144
145 bool ran_insecure_content =
146 !!(entry.GetSSL().content_status & SSLStatus::RAN_INSECURE_CONTENT);
147 EXPECT_EQ(!!(expected_authentication_state & AuthState::RAN_INSECURE_CONTENT),
148 ran_insecure_content);
149 }
150
151 } // namespace AuthState
152
153 namespace SecurityStyle {
154
155 void Check(const NavigationEntry& entry,
156 content::SecurityStyle expected_security_style) {
157 EXPECT_EQ(expected_security_style, entry.GetSSL().security_style);
158 }
159
160 } // namespace SecurityStyle
161
162 namespace CertError {
163
164 enum CertErrorFlags {
165 NONE = 0
166 };
167
168 void Check(const NavigationEntry& entry, net::CertStatus error) {
169 if (error) {
170 EXPECT_EQ(error, entry.GetSSL().cert_status & error);
171 net::CertStatus extra_cert_errors =
172 error ^ (entry.GetSSL().cert_status & net::CERT_STATUS_ALL_ERRORS);
173 if (extra_cert_errors)
174 LOG(WARNING) << "Got unexpected cert error: " << extra_cert_errors;
175 } else {
176 EXPECT_EQ(0U, entry.GetSSL().cert_status & net::CERT_STATUS_ALL_ERRORS);
177 }
178 }
179
180 } // namespace CertError
181
182 void CheckSecurityState(WebContents* tab,
183 net::CertStatus error,
184 content::SecurityStyle expected_security_style,
185 int expected_authentication_state) {
186 ASSERT_FALSE(tab->IsCrashed());
187 NavigationEntry* entry = tab->GetController().GetActiveEntry();
188 ASSERT_TRUE(entry);
189 CertError::Check(*entry, error);
190 SecurityStyle::Check(*entry, expected_security_style);
191 AuthState::Check(*entry, expected_authentication_state);
192 }
193
194 namespace CertificateReporting {
195
196 enum OptIn { EXTENDED_REPORTING_OPT_IN, EXTENDED_REPORTING_DO_NOT_OPT_IN };
197
198 enum Proceed { SSL_INTERSTITIAL_PROCEED, SSL_INTERSTITIAL_DO_NOT_PROCEED };
199
200 enum ExpectReport { CERT_REPORT_EXPECTED, CERT_REPORT_NOT_EXPECTED };
201
202 // This class is used to test invalid certificate chain reporting when
203 // the user opts in to do so on the interstitial. It keeps track of the
204 // most recent hostname for which a report would have been sent over the
205 // network.
206 class MockReporter : public CertificateErrorReporter {
207 public:
208 explicit MockReporter(net::URLRequestContext* request_context,
209 const GURL& upload_url,
210 CookiesPreference cookies_preference)
211 : CertificateErrorReporter(request_context,
212 upload_url,
213 cookies_preference) {}
214
215 void SendReport(CertificateErrorReporter::ReportType type,
216 const std::string& serialized_report) override {
217 CertificateErrorReport report;
218 ASSERT_TRUE(report.InitializeFromString(serialized_report));
219 EXPECT_EQ(CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING, type);
220 latest_hostname_reported_ = report.hostname();
221 }
222
223 const std::string& latest_hostname_reported() {
224 return latest_hostname_reported_;
225 }
226
227 private:
228 std::string latest_hostname_reported_;
229 };
230
231 void SetUpMockReporter(SafeBrowsingService* safe_browsing_service,
232 MockReporter* reporter) {
233 safe_browsing_service->ping_manager()->SetCertificateErrorReporterForTesting(
234 scoped_ptr<CertificateErrorReporter>(reporter));
235 }
236
237 // This is a test implementation of the interface that blocking pages
238 // use to send certificate reports. It checks that the blocking page
239 // calls the report method when a report should be sent.
240 class MockSSLCertReporter : public SSLCertReporter {
241 public:
242 MockSSLCertReporter(
243 const scoped_refptr<SafeBrowsingUIManager>& safe_browsing_ui_manager,
244 const base::Closure& report_sent_callback)
245 : safe_browsing_ui_manager_(safe_browsing_ui_manager),
246 reported_(false),
247 expect_report_(false),
248 report_sent_callback_(report_sent_callback) {}
249
250 ~MockSSLCertReporter() override { EXPECT_EQ(expect_report_, reported_); }
251
252 // SSLCertReporter implementation
253 void ReportInvalidCertificateChain(
254 const std::string& serialized_report) override {
255 reported_ = true;
256 if (expect_report_) {
257 safe_browsing_ui_manager_->ReportInvalidCertificateChain(
258 serialized_report, report_sent_callback_);
259 }
260 }
261
262 void set_expect_report(bool expect_report) { expect_report_ = expect_report; }
263
264 private:
265 const scoped_refptr<SafeBrowsingUIManager> safe_browsing_ui_manager_;
266 bool reported_;
267 bool expect_report_;
268 base::Closure report_sent_callback_;
269 };
270
271 } // namespace CertificateReporting
272
273 } // namespace
274
275 class SSLUITest : public InProcessBrowserTest {
276 public:
277 SSLUITest()
278 : https_server_(net::SpawnedTestServer::TYPE_HTTPS,
279 SSLOptions(SSLOptions::CERT_OK),
280 base::FilePath(kDocRoot)),
281 https_server_expired_(net::SpawnedTestServer::TYPE_HTTPS,
282 SSLOptions(SSLOptions::CERT_EXPIRED),
283 base::FilePath(kDocRoot)),
284 https_server_mismatched_(net::SpawnedTestServer::TYPE_HTTPS,
285 SSLOptions(SSLOptions::CERT_MISMATCHED_NAME),
286 base::FilePath(kDocRoot)),
287 wss_server_expired_(net::SpawnedTestServer::TYPE_WSS,
288 SSLOptions(SSLOptions::CERT_EXPIRED),
289 net::GetWebSocketTestDataDirectory()) {}
290
291 void SetUpOnMainThread() override {
292 // Set up the mock reporter to track the hostnames that reports get
293 // sent for. The request_context argument is NULL here
294 // because the MockReporter doesn't actually use a
295 // request_context. (In order to pass a real request_context, the
296 // reporter would have to be constructed on the IO thread.)
297 reporter_ = new CertificateReporting::MockReporter(
298 NULL, GURL("http://example.test"),
299 CertificateReporting::MockReporter::DO_NOT_SEND_COOKIES);
300 scoped_refptr<SafeBrowsingService> safe_browsing_service =
301 g_browser_process->safe_browsing_service();
302 ASSERT_TRUE(safe_browsing_service);
303 content::BrowserThread::PostTask(
304 content::BrowserThread::IO, FROM_HERE,
305 base::Bind(CertificateReporting::SetUpMockReporter,
306 safe_browsing_service, reporter_));
307 }
308
309 void SetUpCommandLine(base::CommandLine* command_line) override {
310 // Browser will both run and display insecure content.
311 command_line->AppendSwitch(switches::kAllowRunningInsecureContent);
312 // Use process-per-site so that navigating to a same-site page in a
313 // new tab will use the same process.
314 command_line->AppendSwitch(switches::kProcessPerSite);
315 }
316
317 void CheckAuthenticatedState(WebContents* tab,
318 int expected_authentication_state) {
319 CheckSecurityState(tab,
320 CertError::NONE,
321 content::SECURITY_STYLE_AUTHENTICATED,
322 expected_authentication_state);
323 }
324
325 void CheckUnauthenticatedState(WebContents* tab,
326 int expected_authentication_state) {
327 CheckSecurityState(tab,
328 CertError::NONE,
329 content::SECURITY_STYLE_UNAUTHENTICATED,
330 expected_authentication_state);
331 }
332
333 void CheckAuthenticationBrokenState(WebContents* tab,
334 net::CertStatus error,
335 int expected_authentication_state) {
336 CheckSecurityState(tab,
337 error,
338 content::SECURITY_STYLE_AUTHENTICATION_BROKEN,
339 expected_authentication_state);
340 // CERT_STATUS_UNABLE_TO_CHECK_REVOCATION doesn't lower the security style
341 // to SECURITY_STYLE_AUTHENTICATION_BROKEN.
342 ASSERT_NE(net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, error);
343 }
344
345 void CheckWorkerLoadResult(WebContents* tab, bool expected_load) {
346 // Workers are async and we don't have notifications for them passing
347 // messages since they do it between renderer and worker processes.
348 // So have a polling loop, check every 200ms, timeout at 30s.
349 const int kTimeoutMS = 200;
350 base::Time time_to_quit = base::Time::Now() +
351 base::TimeDelta::FromMilliseconds(30000);
352
353 while (base::Time::Now() < time_to_quit) {
354 bool worker_finished = false;
355 ASSERT_TRUE(content::ExecuteScriptAndExtractBool(
356 tab,
357 "window.domAutomationController.send(IsWorkerFinished());",
358 &worker_finished));
359
360 if (worker_finished)
361 break;
362
363 // Wait a bit.
364 base::MessageLoop::current()->PostDelayedTask(
365 FROM_HERE,
366 base::MessageLoop::QuitClosure(),
367 base::TimeDelta::FromMilliseconds(kTimeoutMS));
368 content::RunMessageLoop();
369 }
370
371 bool actually_loaded_content = false;
372 ASSERT_TRUE(content::ExecuteScriptAndExtractBool(
373 tab,
374 "window.domAutomationController.send(IsContentLoaded());",
375 &actually_loaded_content));
376 EXPECT_EQ(expected_load, actually_loaded_content);
377 }
378
379 void ProceedThroughInterstitial(WebContents* tab) {
380 InterstitialPage* interstitial_page = tab->GetInterstitialPage();
381 ASSERT_TRUE(interstitial_page);
382 ASSERT_EQ(SSLBlockingPage::kTypeForTesting,
383 interstitial_page->GetDelegateForTesting()->GetTypeForTesting());
384 content::WindowedNotificationObserver observer(
385 content::NOTIFICATION_LOAD_STOP,
386 content::Source<NavigationController>(&tab->GetController()));
387 interstitial_page->Proceed();
388 observer.Wait();
389 }
390
391 bool IsShowingWebContentsModalDialog() const {
392 return WebContentsModalDialogManager::FromWebContents(
393 browser()->tab_strip_model()->GetActiveWebContents())->
394 IsDialogActive();
395 }
396
397 static bool GetFilePathWithHostAndPortReplacement(
398 const std::string& original_file_path,
399 const net::HostPortPair& host_port_pair,
400 std::string* replacement_path) {
401 std::vector<net::SpawnedTestServer::StringPair> replacement_text;
402 replacement_text.push_back(
403 make_pair("REPLACE_WITH_HOST_AND_PORT", host_port_pair.ToString()));
404 return net::SpawnedTestServer::GetFilePathWithReplacements(
405 original_file_path, replacement_text, replacement_path);
406 }
407
408 static bool GetTopFramePath(const net::SpawnedTestServer& http_server,
409 const net::SpawnedTestServer& good_https_server,
410 const net::SpawnedTestServer& bad_https_server,
411 std::string* top_frame_path) {
412 // The "frame_left.html" page contained in the top_frame.html page contains
413 // <a href>'s to three different servers. This sets up all of the
414 // replacement text to work with test servers which listen on ephemeral
415 // ports.
416 GURL http_url = http_server.GetURL("files/ssl/google.html");
417 GURL good_https_url = good_https_server.GetURL("files/ssl/google.html");
418 GURL bad_https_url = bad_https_server.GetURL(
419 "files/ssl/bad_iframe.html");
420
421 std::vector<net::SpawnedTestServer::StringPair> replacement_text_frame_left;
422 replacement_text_frame_left.push_back(
423 make_pair("REPLACE_WITH_HTTP_PAGE", http_url.spec()));
424 replacement_text_frame_left.push_back(
425 make_pair("REPLACE_WITH_GOOD_HTTPS_PAGE", good_https_url.spec()));
426 replacement_text_frame_left.push_back(
427 make_pair("REPLACE_WITH_BAD_HTTPS_PAGE", bad_https_url.spec()));
428 std::string frame_left_path;
429 if (!net::SpawnedTestServer::GetFilePathWithReplacements(
430 "frame_left.html",
431 replacement_text_frame_left,
432 &frame_left_path))
433 return false;
434
435 // Substitute the generated frame_left URL into the top_frame page.
436 std::vector<net::SpawnedTestServer::StringPair> replacement_text_top_frame;
437 replacement_text_top_frame.push_back(
438 make_pair("REPLACE_WITH_FRAME_LEFT_PATH", frame_left_path));
439 return net::SpawnedTestServer::GetFilePathWithReplacements(
440 "files/ssl/top_frame.html",
441 replacement_text_top_frame,
442 top_frame_path);
443 }
444
445 static bool GetPageWithUnsafeWorkerPath(
446 const net::SpawnedTestServer& https_server,
447 std::string* page_with_unsafe_worker_path) {
448 // Get the "imported.js" URL from the expired https server and
449 // substitute it into the unsafe_worker.js file.
450 GURL imported_js_url = https_server.GetURL("files/ssl/imported.js");
451 std::vector<net::SpawnedTestServer::StringPair>
452 replacement_text_for_unsafe_worker;
453 replacement_text_for_unsafe_worker.push_back(
454 make_pair("REPLACE_WITH_IMPORTED_JS_URL", imported_js_url.spec()));
455 std::string unsafe_worker_path;
456 if (!net::SpawnedTestServer::GetFilePathWithReplacements(
457 "unsafe_worker.js",
458 replacement_text_for_unsafe_worker,
459 &unsafe_worker_path))
460 return false;
461
462 // Now, substitute this into the page with unsafe worker.
463 std::vector<net::SpawnedTestServer::StringPair>
464 replacement_text_for_page_with_unsafe_worker;
465 replacement_text_for_page_with_unsafe_worker.push_back(
466 make_pair("REPLACE_WITH_UNSAFE_WORKER_PATH", unsafe_worker_path));
467 return net::SpawnedTestServer::GetFilePathWithReplacements(
468 "files/ssl/page_with_unsafe_worker.html",
469 replacement_text_for_page_with_unsafe_worker,
470 page_with_unsafe_worker_path);
471 }
472
473 // Helper function for testing invalid certificate chain reporting.
474 void TestBrokenHTTPSReporting(
475 CertificateReporting::OptIn opt_in,
476 CertificateReporting::Proceed proceed,
477 CertificateReporting::ExpectReport expect_report,
478 Browser* browser) {
479 base::RunLoop run_loop;
480 bool report_expected =
481 expect_report == CertificateReporting::CERT_REPORT_EXPECTED;
482 ASSERT_TRUE(https_server_expired_.Start());
483
484 // Opt in to sending reports for invalid certificate chains.
485 browser->profile()->GetPrefs()->SetBoolean(
486 prefs::kSafeBrowsingExtendedReportingEnabled,
487 opt_in == CertificateReporting::EXTENDED_REPORTING_OPT_IN);
488
489 ui_test_utils::NavigateToURL(browser, https_server_expired_.GetURL("/"));
490
491 WebContents* tab = browser->tab_strip_model()->GetActiveWebContents();
492 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_DATE_INVALID,
493 AuthState::SHOWING_INTERSTITIAL);
494
495 // Set up a MockSSLCertReporter to keep track of when the blocking
496 // page invokes the cert reporter.
497 SafeBrowsingService* sb_service =
498 g_browser_process->safe_browsing_service();
499 ASSERT_TRUE(sb_service);
500 scoped_ptr<CertificateReporting::MockSSLCertReporter> ssl_cert_reporter(
501 new CertificateReporting::MockSSLCertReporter(
502 sb_service->ui_manager(), report_expected
503 ? run_loop.QuitClosure()
504 : base::Bind(&base::DoNothing)));
505 ssl_cert_reporter->set_expect_report(report_expected);
506
507 SSLBlockingPage* interstitial_page = static_cast<SSLBlockingPage*>(
508 tab->GetInterstitialPage()->GetDelegateForTesting());
509 interstitial_page->SetSSLCertReporterForTesting(ssl_cert_reporter.Pass());
510
511 EXPECT_EQ(std::string(), reporter_->latest_hostname_reported());
512
513 // Leave the interstitial (either by proceeding or going back)
514 if (proceed == CertificateReporting::SSL_INTERSTITIAL_PROCEED) {
515 ProceedThroughInterstitial(tab);
516 } else {
517 // Click "Take me back"
518 InterstitialPage* interstitial_page = tab->GetInterstitialPage();
519 ASSERT_TRUE(interstitial_page);
520 interstitial_page->DontProceed();
521 }
522
523 if (expect_report == CertificateReporting::CERT_REPORT_EXPECTED) {
524 // Check that the mock reporter received a request to send a report.
525 run_loop.Run();
526 EXPECT_EQ(https_server_expired_.GetURL("/").host(),
527 reporter_->latest_hostname_reported());
528 } else {
529 EXPECT_EQ(std::string(), reporter_->latest_hostname_reported());
530 }
531 }
532
533 // Helper function to set the Finch options
534 void SetCertReportingFinchConfig(const std::string& group_name,
535 const std::string& param_value) {
536 base::FieldTrialList::CreateFieldTrial(
537 kHTTPSErrorReporterFinchExperimentName, group_name);
538 if (!param_value.empty()) {
539 std::map<std::string, std::string> params;
540 params[kHTTPSErrorReporterFinchParamName] = param_value;
541 variations::AssociateVariationParams(
542 kHTTPSErrorReporterFinchExperimentName, group_name, params);
543 }
544 }
545
546 // Helper function to set the Finch options in case we have no parameter
547 void SetCertReportingFinchConfig(const std::string& group_name) {
548 SetCertReportingFinchConfig(group_name, std::string());
549 }
550
551 net::SpawnedTestServer https_server_;
552 net::SpawnedTestServer https_server_expired_;
553 net::SpawnedTestServer https_server_mismatched_;
554 net::SpawnedTestServer wss_server_expired_;
555
556 private:
557 typedef net::SpawnedTestServer::SSLOptions SSLOptions;
558 CertificateReporting::MockReporter* reporter_;
559
560 DISALLOW_COPY_AND_ASSIGN(SSLUITest);
561 };
562
563 class SSLUITestBlock : public SSLUITest {
564 public:
565 SSLUITestBlock() : SSLUITest() {}
566
567 // Browser will neither run nor display insecure content.
568 void SetUpCommandLine(base::CommandLine* command_line) override {
569 command_line->AppendSwitch(switches::kNoDisplayingInsecureContent);
570 }
571 };
572
573 class SSLUITestIgnoreCertErrors : public SSLUITest {
574 public:
575 SSLUITestIgnoreCertErrors() : SSLUITest() {}
576
577 void SetUpCommandLine(base::CommandLine* command_line) override {
578 // Browser will ignore certificate errors.
579 command_line->AppendSwitch(switches::kIgnoreCertificateErrors);
580 }
581 };
582
583 class SSLUITestIgnoreLocalhostCertErrors : public SSLUITest {
584 public:
585 SSLUITestIgnoreLocalhostCertErrors() : SSLUITest() {}
586
587 void SetUpCommandLine(base::CommandLine* command_line) override {
588 // Browser will ignore certificate errors on localhost.
589 command_line->AppendSwitch(switches::kAllowInsecureLocalhost);
590 }
591 };
592
593 class SSLUITestWithExtendedReporting : public SSLUITest {
594 public:
595 SSLUITestWithExtendedReporting() : SSLUITest() {}
596 };
597
598 // Visits a regular page over http.
599 IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTP) {
600 ASSERT_TRUE(test_server()->Start());
601
602 ui_test_utils::NavigateToURL(browser(),
603 test_server()->GetURL("files/ssl/google.html"));
604
605 CheckUnauthenticatedState(
606 browser()->tab_strip_model()->GetActiveWebContents(), AuthState::NONE);
607 }
608
609 // Visits a page over http which includes broken https resources (status should
610 // be OK).
611 // TODO(jcampan): test that bad HTTPS content is blocked (otherwise we'll give
612 // the secure cookies away!).
613 IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPWithBrokenHTTPSResource) {
614 ASSERT_TRUE(test_server()->Start());
615 ASSERT_TRUE(https_server_expired_.Start());
616
617 std::string replacement_path;
618 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
619 "files/ssl/page_with_unsafe_contents.html",
620 https_server_expired_.host_port_pair(),
621 &replacement_path));
622
623 ui_test_utils::NavigateToURL(
624 browser(), test_server()->GetURL(replacement_path));
625
626 CheckUnauthenticatedState(
627 browser()->tab_strip_model()->GetActiveWebContents(), AuthState::NONE);
628 }
629
630 IN_PROC_BROWSER_TEST_F(SSLUITest, TestBrokenHTTPSWithInsecureContent) {
631 ASSERT_TRUE(test_server()->Start());
632 ASSERT_TRUE(https_server_expired_.Start());
633
634 std::string replacement_path;
635 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
636 "files/ssl/page_displays_insecure_content.html",
637 test_server()->host_port_pair(),
638 &replacement_path));
639
640 ui_test_utils::NavigateToURL(browser(),
641 https_server_expired_.GetURL(replacement_path));
642
643 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
644 CheckAuthenticationBrokenState(
645 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
646
647 ProceedThroughInterstitial(tab);
648
649 CheckAuthenticationBrokenState(tab,
650 net::CERT_STATUS_DATE_INVALID,
651 AuthState::DISPLAYED_INSECURE_CONTENT);
652 }
653
654 // http://crbug.com/91745
655 #if defined(OS_CHROMEOS)
656 #define MAYBE_TestOKHTTPS DISABLED_TestOKHTTPS
657 #else
658 #define MAYBE_TestOKHTTPS TestOKHTTPS
659 #endif
660
661 // Visits a page over OK https:
662 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestOKHTTPS) {
663 ASSERT_TRUE(https_server_.Start());
664
665 ui_test_utils::NavigateToURL(browser(),
666 https_server_.GetURL("files/ssl/google.html"));
667
668 CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(),
669 AuthState::NONE);
670 }
671
672 // Visits a page with https error and proceed:
673 #if defined(OS_LINUX)
674 // flaky http://crbug.com/396462
675 #define MAYBE_TestHTTPSExpiredCertAndProceed \
676 DISABLED_TestHTTPSExpiredCertAndProceed
677 #else
678 #define MAYBE_TestHTTPSExpiredCertAndProceed TestHTTPSExpiredCertAndProceed
679 #endif
680 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestHTTPSExpiredCertAndProceed) {
681 ASSERT_TRUE(https_server_expired_.Start());
682
683 ui_test_utils::NavigateToURL(browser(),
684 https_server_expired_.GetURL("files/ssl/google.html"));
685
686 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
687 CheckAuthenticationBrokenState(
688 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
689
690 ProceedThroughInterstitial(tab);
691
692 CheckAuthenticationBrokenState(
693 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
694 }
695
696 #ifndef NEDBUG
697 // Flaky on Windows debug (http://crbug.com/280537).
698 #define MAYBE_TestHTTPSExpiredCertAndDontProceed \
699 DISABLED_TestHTTPSExpiredCertAndDontProceed
700 #else
701 #define MAYBE_TestHTTPSExpiredCertAndDontProceed \
702 TestHTTPSExpiredCertAndDontProceed
703 #endif
704
705 // Visits a page with https error and don't proceed (and ensure we can still
706 // navigate at that point):
707 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestHTTPSExpiredCertAndDontProceed) {
708 ASSERT_TRUE(test_server()->Start());
709 ASSERT_TRUE(https_server_.Start());
710 ASSERT_TRUE(https_server_expired_.Start());
711
712 // First navigate to an OK page.
713 ui_test_utils::NavigateToURL(browser(),
714 https_server_.GetURL("files/ssl/google.html"));
715
716 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
717 NavigationEntry* entry = tab->GetController().GetActiveEntry();
718 ASSERT_TRUE(entry);
719
720 GURL cross_site_url =
721 https_server_expired_.GetURL("files/ssl/google.html");
722 // Change the host name from 127.0.0.1 to localhost so it triggers a
723 // cross-site navigation so we can test http://crbug.com/5800 is gone.
724 ASSERT_EQ("127.0.0.1", cross_site_url.host());
725 GURL::Replacements replacements;
726 replacements.SetHostStr("localhost");
727 cross_site_url = cross_site_url.ReplaceComponents(replacements);
728
729 // Now go to a bad HTTPS page.
730 ui_test_utils::NavigateToURL(browser(), cross_site_url);
731
732 // An interstitial should be showing.
733 CheckAuthenticationBrokenState(tab,
734 net::CERT_STATUS_COMMON_NAME_INVALID,
735 AuthState::SHOWING_INTERSTITIAL);
736
737 // Simulate user clicking "Take me back".
738 InterstitialPage* interstitial_page = tab->GetInterstitialPage();
739 ASSERT_TRUE(interstitial_page);
740 ASSERT_EQ(SSLBlockingPage::kTypeForTesting,
741 interstitial_page->GetDelegateForTesting()->GetTypeForTesting());
742 interstitial_page->DontProceed();
743
744 // We should be back to the original good page.
745 CheckAuthenticatedState(tab, AuthState::NONE);
746
747 // Try to navigate to a new page. (to make sure bug 5800 is fixed).
748 ui_test_utils::NavigateToURL(browser(),
749 test_server()->GetURL("files/ssl/google.html"));
750 CheckUnauthenticatedState(tab, AuthState::NONE);
751 }
752
753 // Test that localhost pages don't show an interstitial.
754 IN_PROC_BROWSER_TEST_F(SSLUITestIgnoreLocalhostCertErrors,
755 TestNoInterstitialOnLocalhost) {
756 ASSERT_TRUE(https_server_.Start());
757
758 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
759
760 // Navigate to a localhost page.
761 GURL url = https_server_.GetURL("files/ssl/page_with_subresource.html");
762 GURL::Replacements replacements;
763 std::string new_host("localhost");
764 replacements.SetHostStr(new_host);
765 url = url.ReplaceComponents(replacements);
766
767 ui_test_utils::NavigateToURL(browser(), url);
768
769 // We should see no interstitial, but we should have an error
770 // (red-crossed-out-https) in the URL bar.
771 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
772 AuthState::NONE);
773
774 // We should see that the script tag in the page loaded and ran (and
775 // wasn't blocked by the certificate error).
776 base::string16 title;
777 base::string16 expected_title = base::ASCIIToUTF16("This script has loaded");
778 ui_test_utils::GetCurrentTabTitle(browser(), &title);
779 EXPECT_EQ(title, expected_title);
780 }
781
782 // Visits a page with https error and then goes back using Browser::GoBack.
783 IN_PROC_BROWSER_TEST_F(SSLUITest,
784 TestHTTPSExpiredCertAndGoBackViaButton) {
785 ASSERT_TRUE(test_server()->Start());
786 ASSERT_TRUE(https_server_expired_.Start());
787
788 // First navigate to an HTTP page.
789 ui_test_utils::NavigateToURL(browser(),
790 test_server()->GetURL("files/ssl/google.html"));
791 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
792 NavigationEntry* entry = tab->GetController().GetActiveEntry();
793 ASSERT_TRUE(entry);
794
795 // Now go to a bad HTTPS page that shows an interstitial.
796 ui_test_utils::NavigateToURL(browser(),
797 https_server_expired_.GetURL("files/ssl/google.html"));
798 CheckAuthenticationBrokenState(
799 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
800
801 ProvisionalLoadWaiter load_failed_observer(tab);
802
803 // Simulate user clicking on back button (crbug.com/39248).
804 chrome::GoBack(browser(), CURRENT_TAB);
805
806 // Wait until we hear the load failure, and make sure we haven't swapped out
807 // the previous page. Prevents regression of http://crbug.com/82667.
808 // TODO(creis/nick): Move the swapped-out part of this test into content
809 // and remove IsRenderViewHostSwappedOut from the public API.
810 load_failed_observer.Wait();
811 EXPECT_FALSE(content::RenderFrameHostTester::IsRenderFrameHostSwappedOut(
812 tab->GetMainFrame()));
813
814 // We should be back at the original good page.
815 EXPECT_FALSE(browser()->tab_strip_model()->GetActiveWebContents()->
816 GetInterstitialPage());
817 CheckUnauthenticatedState(tab, AuthState::NONE);
818 }
819
820 // Visits a page with https error and then goes back using GoToOffset.
821 // Disabled because its flaky: http://crbug.com/40932, http://crbug.com/43575.
822 IN_PROC_BROWSER_TEST_F(SSLUITest,
823 TestHTTPSExpiredCertAndGoBackViaMenu) {
824 ASSERT_TRUE(test_server()->Start());
825 ASSERT_TRUE(https_server_expired_.Start());
826
827 // First navigate to an HTTP page.
828 ui_test_utils::NavigateToURL(browser(),
829 test_server()->GetURL("files/ssl/google.html"));
830 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
831 NavigationEntry* entry = tab->GetController().GetActiveEntry();
832 ASSERT_TRUE(entry);
833
834 // Now go to a bad HTTPS page that shows an interstitial.
835 ui_test_utils::NavigateToURL(browser(),
836 https_server_expired_.GetURL("files/ssl/google.html"));
837 CheckAuthenticationBrokenState(
838 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
839
840 // Simulate user clicking and holding on back button (crbug.com/37215).
841 tab->GetController().GoToOffset(-1);
842
843 // We should be back at the original good page.
844 EXPECT_FALSE(browser()->tab_strip_model()->GetActiveWebContents()->
845 GetInterstitialPage());
846 CheckUnauthenticatedState(tab, AuthState::NONE);
847 }
848
849 // Visits a page with https error and then goes forward using GoToOffset.
850 IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPSExpiredCertAndGoForward) {
851 ASSERT_TRUE(test_server()->Start());
852 ASSERT_TRUE(https_server_expired_.Start());
853
854 // First navigate to two HTTP pages.
855 ui_test_utils::NavigateToURL(browser(),
856 test_server()->GetURL("files/ssl/google.html"));
857 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
858 NavigationEntry* entry1 = tab->GetController().GetActiveEntry();
859 ASSERT_TRUE(entry1);
860 ui_test_utils::NavigateToURL(browser(),
861 test_server()->GetURL("files/ssl/blank_page.html"));
862 NavigationEntry* entry2 = tab->GetController().GetActiveEntry();
863 ASSERT_TRUE(entry2);
864
865 // Now go back so that a page is in the forward history.
866 {
867 content::WindowedNotificationObserver observer(
868 content::NOTIFICATION_LOAD_STOP,
869 content::Source<NavigationController>(&tab->GetController()));
870 tab->GetController().GoBack();
871 observer.Wait();
872 }
873 ASSERT_TRUE(tab->GetController().CanGoForward());
874 NavigationEntry* entry3 = tab->GetController().GetActiveEntry();
875 ASSERT_TRUE(entry1 == entry3);
876
877 // Now go to a bad HTTPS page that shows an interstitial.
878 ui_test_utils::NavigateToURL(browser(),
879 https_server_expired_.GetURL("files/ssl/google.html"));
880 CheckAuthenticationBrokenState(
881 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
882
883 // Simulate user clicking and holding on forward button.
884 {
885 content::WindowedNotificationObserver observer(
886 content::NOTIFICATION_LOAD_STOP,
887 content::Source<NavigationController>(&tab->GetController()));
888 tab->GetController().GoToOffset(1);
889 observer.Wait();
890 }
891
892 // We should be showing the second good page.
893 EXPECT_FALSE(browser()->tab_strip_model()->GetActiveWebContents()->
894 GetInterstitialPage());
895 CheckUnauthenticatedState(tab, AuthState::NONE);
896 EXPECT_FALSE(tab->GetController().CanGoForward());
897 NavigationEntry* entry4 = tab->GetController().GetActiveEntry();
898 EXPECT_TRUE(entry2 == entry4);
899 }
900
901 // Visit a HTTP page which request WSS connection to a server providing invalid
902 // certificate. Close the page while WSS connection waits for SSLManager's
903 // response from UI thread.
904 // Disabled on Windows because it was flaking on XP Tests (1). crbug.com/165258
905 #if defined(OS_WIN)
906 #define MAYBE_TestWSSInvalidCertAndClose DISABLED_TestWSSInvalidCertAndClose
907 #else
908 #define MAYBE_TestWSSInvalidCertAndClose TestWSSInvalidCertAndClose
909 #endif
910 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestWSSInvalidCertAndClose) {
911 ASSERT_TRUE(test_server()->Start());
912 ASSERT_TRUE(wss_server_expired_.Start());
913
914 // Setup page title observer.
915 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
916 content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS"));
917 watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL"));
918
919 // Create GURLs to test pages.
920 std::string master_url_path = base::StringPrintf("%s?%d",
921 test_server()->GetURL("files/ssl/wss_close.html").spec().c_str(),
922 wss_server_expired_.host_port_pair().port());
923 GURL master_url(master_url_path);
924 std::string slave_url_path = base::StringPrintf("%s?%d",
925 test_server()->GetURL("files/ssl/wss_close_slave.html").spec().c_str(),
926 wss_server_expired_.host_port_pair().port());
927 GURL slave_url(slave_url_path);
928
929 // Create tabs and visit pages which keep on creating wss connections.
930 WebContents* tabs[16];
931 for (int i = 0; i < 16; ++i) {
932 tabs[i] = chrome::AddSelectedTabWithURL(browser(), slave_url,
933 ui::PAGE_TRANSITION_LINK);
934 }
935 chrome::SelectNextTab(browser());
936
937 // Visit a page which waits for one TLS handshake failure.
938 // The title will be changed to 'PASS'.
939 ui_test_utils::NavigateToURL(browser(), master_url);
940 const base::string16 result = watcher.WaitAndGetTitle();
941 EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass"));
942
943 // Close tabs which contains the test page.
944 for (int i = 0; i < 16; ++i)
945 chrome::CloseWebContents(browser(), tabs[i], false);
946 chrome::CloseWebContents(browser(), tab, false);
947 }
948
949 // Visit a HTTPS page and proceeds despite an invalid certificate. The page
950 // requests WSS connection to the same origin host to check if WSS connection
951 // share certificates policy with HTTPS correcly.
952 IN_PROC_BROWSER_TEST_F(SSLUITest, TestWSSInvalidCertAndGoForward) {
953 ASSERT_TRUE(test_server()->Start());
954 ASSERT_TRUE(wss_server_expired_.Start());
955
956 // Setup page title observer.
957 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
958 content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS"));
959 watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL"));
960
961 // Visit bad HTTPS page.
962 GURL::Replacements replacements;
963 replacements.SetSchemeStr("https");
964 ui_test_utils::NavigateToURL(
965 browser(),
966 wss_server_expired_.GetURL(
967 "connect_check.html").ReplaceComponents(replacements));
968 CheckAuthenticationBrokenState(
969 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
970
971 // Proceed anyway.
972 ProceedThroughInterstitial(tab);
973
974 // Test page run a WebSocket wss connection test. The result will be shown
975 // as page title.
976 const base::string16 result = watcher.WaitAndGetTitle();
977 EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass"));
978 }
979
980 #if defined(USE_NSS_CERTS)
981 class SSLUITestWithClientCert : public SSLUITest {
982 public:
983 SSLUITestWithClientCert() : cert_db_(NULL) {}
984
985 void SetUpOnMainThread() override {
986 SSLUITest::SetUpOnMainThread();
987
988 base::RunLoop loop;
989 GetNSSCertDatabaseForProfile(
990 browser()->profile(),
991 base::Bind(&SSLUITestWithClientCert::DidGetCertDatabase,
992 base::Unretained(this),
993 &loop));
994 loop.Run();
995 }
996
997 protected:
998 void DidGetCertDatabase(base::RunLoop* loop, net::NSSCertDatabase* cert_db) {
999 cert_db_ = cert_db;
1000 loop->Quit();
1001 }
1002
1003 net::NSSCertDatabase* cert_db_;
1004 };
1005
1006 // SSL client certificate tests are only enabled when using NSS for private key
1007 // storage, as only NSS can avoid modifying global machine state when testing.
1008 // See http://crbug.com/51132
1009
1010 // Visit a HTTPS page which requires client cert authentication. The client
1011 // cert will be selected automatically, then a test which uses WebSocket runs.
1012 IN_PROC_BROWSER_TEST_F(SSLUITestWithClientCert, TestWSSClientCert) {
1013 // Import a client cert for test.
1014 scoped_refptr<net::CryptoModule> crypt_module = cert_db_->GetPublicModule();
1015 std::string pkcs12_data;
1016 base::FilePath cert_path = net::GetTestCertsDirectory().Append(
1017 FILE_PATH_LITERAL("websocket_client_cert.p12"));
1018 EXPECT_TRUE(base::ReadFileToString(cert_path, &pkcs12_data));
1019 EXPECT_EQ(net::OK,
1020 cert_db_->ImportFromPKCS12(
1021 crypt_module.get(), pkcs12_data, base::string16(), true, NULL));
1022
1023 // Start WebSocket test server with TLS and client cert authentication.
1024 net::SpawnedTestServer::SSLOptions options(
1025 net::SpawnedTestServer::SSLOptions::CERT_OK);
1026 options.request_client_certificate = true;
1027 base::FilePath ca_path = net::GetTestCertsDirectory().Append(
1028 FILE_PATH_LITERAL("websocket_cacert.pem"));
1029 options.client_authorities.push_back(ca_path);
1030 net::SpawnedTestServer wss_server(net::SpawnedTestServer::TYPE_WSS,
1031 options,
1032 net::GetWebSocketTestDataDirectory());
1033 ASSERT_TRUE(wss_server.Start());
1034 GURL::Replacements replacements;
1035 replacements.SetSchemeStr("https");
1036 GURL url = wss_server.GetURL("connect_check.html").ReplaceComponents(
1037 replacements);
1038
1039 // Setup page title observer.
1040 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1041 content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS"));
1042 watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL"));
1043
1044 // Add an entry into AutoSelectCertificateForUrls policy for automatic client
1045 // cert selection.
1046 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext());
1047 DCHECK(profile);
1048 scoped_ptr<base::DictionaryValue> dict(new base::DictionaryValue());
1049 dict->SetString("ISSUER.CN", "pywebsocket");
1050 profile->GetHostContentSettingsMap()->SetWebsiteSetting(
1051 ContentSettingsPattern::FromURL(url),
1052 ContentSettingsPattern::FromURL(url),
1053 CONTENT_SETTINGS_TYPE_AUTO_SELECT_CERTIFICATE,
1054 std::string(),
1055 dict.release());
1056
1057 // Visit a HTTPS page which requires client certs.
1058 ui_test_utils::NavigateToURL(browser(), url);
1059 CheckAuthenticatedState(tab, AuthState::NONE);
1060
1061 // Test page runs a WebSocket wss connection test. The result will be shown
1062 // as page title.
1063 const base::string16 result = watcher.WaitAndGetTitle();
1064 EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass"));
1065 }
1066 #endif // defined(USE_NSS_CERTS)
1067
1068 // Flaky on CrOS http://crbug.com/92292
1069 #if defined(OS_CHROMEOS)
1070 #define MAYBE_TestHTTPSErrorWithNoNavEntry \
1071 DISABLED_TestHTTPSErrorWithNoNavEntry
1072 #else
1073 #define MAYBE_TestHTTPSErrorWithNoNavEntry TestHTTPSErrorWithNoNavEntry
1074 #endif // defined(OS_CHROMEOS)
1075
1076 // Open a page with a HTTPS error in a tab with no prior navigation (through a
1077 // link with a blank target). This is to test that the lack of navigation entry
1078 // does not cause any problems (it was causing a crasher, see
1079 // http://crbug.com/19941).
1080 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestHTTPSErrorWithNoNavEntry) {
1081 ASSERT_TRUE(https_server_expired_.Start());
1082
1083 GURL url = https_server_expired_.GetURL("files/ssl/google.htm");
1084 WebContents* tab2 = chrome::AddSelectedTabWithURL(
1085 browser(), url, ui::PAGE_TRANSITION_TYPED);
1086 content::WaitForLoadStop(tab2);
1087
1088 // Verify our assumption that there was no prior navigation.
1089 EXPECT_FALSE(chrome::CanGoBack(browser()));
1090
1091 // We should have an interstitial page showing.
1092 ASSERT_TRUE(tab2->GetInterstitialPage());
1093 ASSERT_EQ(SSLBlockingPage::kTypeForTesting, tab2->GetInterstitialPage()
1094 ->GetDelegateForTesting()
1095 ->GetTypeForTesting());
1096 }
1097
1098 IN_PROC_BROWSER_TEST_F(SSLUITest, TestBadHTTPSDownload) {
1099 ASSERT_TRUE(test_server()->Start());
1100 ASSERT_TRUE(https_server_expired_.Start());
1101 GURL url_non_dangerous = test_server()->GetURL(std::string());
1102 GURL url_dangerous =
1103 https_server_expired_.GetURL("files/downloads/dangerous/dangerous.exe");
1104 base::ScopedTempDir downloads_directory_;
1105
1106 // Need empty temp dir to avoid having Chrome ask us for a new filename
1107 // when we've downloaded dangerous.exe one hundred times.
1108 ASSERT_TRUE(downloads_directory_.CreateUniqueTempDir());
1109
1110 browser()->profile()->GetPrefs()->SetFilePath(
1111 prefs::kDownloadDefaultDirectory,
1112 downloads_directory_.path());
1113
1114 // Visit a non-dangerous page.
1115 ui_test_utils::NavigateToURL(browser(), url_non_dangerous);
1116
1117 // Now, start a transition to dangerous download.
1118 {
1119 content::WindowedNotificationObserver observer(
1120 content::NOTIFICATION_LOAD_STOP,
1121 content::NotificationService::AllSources());
1122 chrome::NavigateParams navigate_params(browser(), url_dangerous,
1123 ui::PAGE_TRANSITION_TYPED);
1124 chrome::Navigate(&navigate_params);
1125 observer.Wait();
1126 }
1127
1128 // To exit the browser cleanly (and this test) we need to complete the
1129 // download after completing this test.
1130 content::DownloadTestObserverTerminal dangerous_download_observer(
1131 content::BrowserContext::GetDownloadManager(browser()->profile()),
1132 1,
1133 content::DownloadTestObserver::ON_DANGEROUS_DOWNLOAD_ACCEPT);
1134
1135 // Proceed through the SSL interstitial. This doesn't use
1136 // |ProceedThroughInterstitial| since no page load will commit.
1137 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1138 ASSERT_TRUE(tab != NULL);
1139 ASSERT_TRUE(tab->GetInterstitialPage() != NULL);
1140 ASSERT_EQ(
1141 SSLBlockingPage::kTypeForTesting,
1142 tab->GetInterstitialPage()->GetDelegateForTesting()->GetTypeForTesting());
1143 {
1144 content::WindowedNotificationObserver observer(
1145 chrome::NOTIFICATION_DOWNLOAD_INITIATED,
1146 content::NotificationService::AllSources());
1147 tab->GetInterstitialPage()->Proceed();
1148 observer.Wait();
1149 }
1150
1151 // There should still be an interstitial at this point. Press the
1152 // back button on the browser. Note that this doesn't wait for a
1153 // NAV_ENTRY_COMMITTED notification because going back with an
1154 // active interstitial simply hides the interstitial.
1155 ASSERT_TRUE(tab->GetInterstitialPage() != NULL);
1156 ASSERT_EQ(
1157 SSLBlockingPage::kTypeForTesting,
1158 tab->GetInterstitialPage()->GetDelegateForTesting()->GetTypeForTesting());
1159 EXPECT_TRUE(chrome::CanGoBack(browser()));
1160 chrome::GoBack(browser(), CURRENT_TAB);
1161
1162 dangerous_download_observer.WaitForFinished();
1163 }
1164
1165 //
1166 // Insecure content
1167 //
1168
1169 #if defined(OS_WIN)
1170 // http://crbug.com/152940 Flaky on win.
1171 #define MAYBE_TestDisplaysInsecureContent DISABLED_TestDisplaysInsecureContent
1172 #else
1173 #define MAYBE_TestDisplaysInsecureContent TestDisplaysInsecureContent
1174 #endif
1175
1176 // Visits a page that displays insecure content.
1177 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestDisplaysInsecureContent) {
1178 ASSERT_TRUE(test_server()->Start());
1179 ASSERT_TRUE(https_server_.Start());
1180
1181 std::string replacement_path;
1182 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
1183 "files/ssl/page_displays_insecure_content.html",
1184 test_server()->host_port_pair(),
1185 &replacement_path));
1186
1187 // Load a page that displays insecure content.
1188 ui_test_utils::NavigateToURL(browser(),
1189 https_server_.GetURL(replacement_path));
1190
1191 CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(),
1192 AuthState::DISPLAYED_INSECURE_CONTENT);
1193 }
1194
1195 // User proceeds, checkbox is shown and checked, Finch parameter is set
1196 // -> we expect a report.
1197 IN_PROC_BROWSER_TEST_F(
1198 SSLUITestWithExtendedReporting,
1199 TestBrokenHTTPSProceedWithShowYesCheckYesParamYesReportYes) {
1200 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupShowPossiblySend,
1201 "1.0");
1202 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN,
1203 CertificateReporting::SSL_INTERSTITIAL_PROCEED,
1204 CertificateReporting::CERT_REPORT_EXPECTED,
1205 browser());
1206 }
1207
1208 // User goes back, checkbox is shown and checked, Finch parameter is set
1209 // -> we expect a report.
1210 IN_PROC_BROWSER_TEST_F(
1211 SSLUITestWithExtendedReporting,
1212 TestBrokenHTTPSGoBackWithShowYesCheckYesParamYesReportYes) {
1213 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupShowPossiblySend,
1214 "1.0");
1215 TestBrokenHTTPSReporting(
1216 CertificateReporting::EXTENDED_REPORTING_OPT_IN,
1217 CertificateReporting::SSL_INTERSTITIAL_DO_NOT_PROCEED,
1218 CertificateReporting::CERT_REPORT_EXPECTED, browser());
1219 }
1220
1221 // User proceeds, checkbox is shown but unchecked, Finch parameter is set
1222 // -> we expect no report.
1223 IN_PROC_BROWSER_TEST_F(
1224 SSLUITestWithExtendedReporting,
1225 TestBrokenHTTPSProceedWithShowYesCheckNoParamYesReportNo) {
1226 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupShowPossiblySend,
1227 "1.0");
1228 TestBrokenHTTPSReporting(
1229 CertificateReporting::EXTENDED_REPORTING_DO_NOT_OPT_IN,
1230 CertificateReporting::SSL_INTERSTITIAL_PROCEED,
1231 CertificateReporting::CERT_REPORT_NOT_EXPECTED, browser());
1232 }
1233
1234 // User goes back, checkbox is shown but unchecked, Finch parameter is set
1235 // -> we expect no report.
1236 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting,
1237 TestBrokenHTTPSGoBackShowYesCheckNoParamYesReportNo) {
1238 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupShowPossiblySend,
1239 "1.0");
1240 TestBrokenHTTPSReporting(
1241 CertificateReporting::EXTENDED_REPORTING_DO_NOT_OPT_IN,
1242 CertificateReporting::SSL_INTERSTITIAL_DO_NOT_PROCEED,
1243 CertificateReporting::CERT_REPORT_NOT_EXPECTED, browser());
1244 }
1245
1246 // User proceeds, checkbox is shown and checked, Finch parameter is not
1247 // set -> we expect no report.
1248 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting,
1249 TestBrokenHTTPSProceedShowYesCheckYesParamNoReportNo) {
1250 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupShowPossiblySend,
1251 "-1.0");
1252 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN,
1253 CertificateReporting::SSL_INTERSTITIAL_PROCEED,
1254 CertificateReporting::CERT_REPORT_NOT_EXPECTED,
1255 browser());
1256 }
1257
1258 // User goes back, checkbox is shown and checked, Finch parameter is not set
1259 // -> we expect no report.
1260 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting,
1261 TestBrokenHTTPSGoBackShowYesCheckYesParamNoReportNo) {
1262 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupShowPossiblySend,
1263 "-1.0");
1264 TestBrokenHTTPSReporting(
1265 CertificateReporting::EXTENDED_REPORTING_OPT_IN,
1266 CertificateReporting::SSL_INTERSTITIAL_DO_NOT_PROCEED,
1267 CertificateReporting::CERT_REPORT_NOT_EXPECTED, browser());
1268 }
1269
1270 // User proceeds, checkbox is not shown but checked -> we expect no report
1271 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting,
1272 TestBrokenHTTPSProceedShowNoCheckYesReportNo) {
1273 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupDontShowDontSend);
1274 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN,
1275 CertificateReporting::SSL_INTERSTITIAL_PROCEED,
1276 CertificateReporting::CERT_REPORT_NOT_EXPECTED,
1277 browser());
1278 }
1279
1280 // Browser is incognito, user proceeds, checkbox is shown and checked, Finch
1281 // parameter is set -> we expect no report
1282 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting,
1283 TestBrokenHTTPSInIncognitoReportNo) {
1284 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupShowPossiblySend,
1285 "1.0");
1286 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN,
1287 CertificateReporting::SSL_INTERSTITIAL_PROCEED,
1288 CertificateReporting::CERT_REPORT_NOT_EXPECTED,
1289 CreateIncognitoBrowser());
1290 }
1291
1292 // User proceeds, checkbox is shown and checked, Finch parameter is invalid
1293 // -> we expect no report.
1294 IN_PROC_BROWSER_TEST_F(
1295 SSLUITestWithExtendedReporting,
1296 TestBrokenHTTPSProceedWithShowYesCheckYesParamInvalidReportNo) {
1297 SetCertReportingFinchConfig(kHTTPSErrorReporterFinchGroupShowPossiblySend,
1298 "abcdef");
1299 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN,
1300 CertificateReporting::SSL_INTERSTITIAL_PROCEED,
1301 CertificateReporting::CERT_REPORT_NOT_EXPECTED,
1302 browser());
1303 }
1304
1305 // Test that reports don't get sent when extended reporting opt-in is
1306 // disabled by policy.
1307 IN_PROC_BROWSER_TEST_F(SSLUITestWithExtendedReporting,
1308 TestBrokenHTTPSNoReportingWhenDisallowed) {
1309 browser()->profile()->GetPrefs()->SetBoolean(
1310 prefs::kSafeBrowsingExtendedReportingOptInAllowed, false);
1311 TestBrokenHTTPSReporting(CertificateReporting::EXTENDED_REPORTING_OPT_IN,
1312 CertificateReporting::SSL_INTERSTITIAL_PROCEED,
1313 CertificateReporting::CERT_REPORT_NOT_EXPECTED,
1314 browser());
1315 }
1316
1317 // Visits a page that runs insecure content and tries to suppress the insecure
1318 // content warnings by randomizing location.hash.
1319 // Based on http://crbug.com/8706
1320 IN_PROC_BROWSER_TEST_F(SSLUITest,
1321 TestRunsInsecuredContentRandomizeHash) {
1322 ASSERT_TRUE(test_server()->Start());
1323 ASSERT_TRUE(https_server_.Start());
1324
1325 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL(
1326 "files/ssl/page_runs_insecure_content.html"));
1327
1328 CheckAuthenticationBrokenState(
1329 browser()->tab_strip_model()->GetActiveWebContents(),
1330 CertError::NONE,
1331 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT);
1332 }
1333
1334 // Visits a page with unsafe content and make sure that:
1335 // - frames content is replaced with warning
1336 // - images and scripts are filtered out entirely
1337 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContents) {
1338 ASSERT_TRUE(https_server_.Start());
1339 ASSERT_TRUE(https_server_expired_.Start());
1340
1341 std::string replacement_path;
1342 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
1343 "files/ssl/page_with_unsafe_contents.html",
1344 https_server_expired_.host_port_pair(),
1345 &replacement_path));
1346 ui_test_utils::NavigateToURL(browser(),
1347 https_server_.GetURL(replacement_path));
1348
1349 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1350 // When the bad content is filtered, the state is expected to be
1351 // authenticated.
1352 CheckAuthenticatedState(tab, AuthState::NONE);
1353
1354 // Because of cross-frame scripting restrictions, we cannot access the iframe
1355 // content. So to know if the frame was loaded, we just check if a popup was
1356 // opened (the iframe content opens one).
1357 // Note: because of bug 1115868, no web contents modal dialog is opened right
1358 // now. Once the bug is fixed, this will do the real check.
1359 EXPECT_FALSE(IsShowingWebContentsModalDialog());
1360
1361 int img_width;
1362 EXPECT_TRUE(content::ExecuteScriptAndExtractInt(
1363 tab,
1364 "window.domAutomationController.send(ImageWidth());",
1365 &img_width));
1366 // In order to check that the image was not loaded, we check its width.
1367 // The actual image (Google logo) is 114 pixels wide, we assume the broken
1368 // image is less than 100.
1369 EXPECT_LT(img_width, 100);
1370
1371 bool js_result = false;
1372 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
1373 tab,
1374 "window.domAutomationController.send(IsFooSet());",
1375 &js_result));
1376 EXPECT_FALSE(js_result);
1377 }
1378
1379 // Visits a page with insecure content loaded by JS (after the initial page
1380 // load).
1381 #if defined(OS_LINUX)
1382 // flaky http://crbug.com/396462
1383 #define MAYBE_TestDisplaysInsecureContentLoadedFromJS \
1384 DISABLED_TestDisplaysInsecureContentLoadedFromJS
1385 #else
1386 #define MAYBE_TestDisplaysInsecureContentLoadedFromJS \
1387 TestDisplaysInsecureContentLoadedFromJS
1388 #endif
1389 IN_PROC_BROWSER_TEST_F(SSLUITest,
1390 MAYBE_TestDisplaysInsecureContentLoadedFromJS) {
1391 ASSERT_TRUE(test_server()->Start());
1392 ASSERT_TRUE(https_server_.Start());
1393
1394 std::string replacement_path;
1395 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
1396 "files/ssl/page_with_dynamic_insecure_content.html",
1397 test_server()->host_port_pair(),
1398 &replacement_path));
1399 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL(
1400 replacement_path));
1401
1402 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1403 CheckAuthenticatedState(tab, AuthState::NONE);
1404
1405 // Load the insecure image.
1406 bool js_result = false;
1407 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
1408 tab,
1409 "loadBadImage();",
1410 &js_result));
1411 EXPECT_TRUE(js_result);
1412
1413 // We should now have insecure content.
1414 CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT);
1415 }
1416
1417 // Visits two pages from the same origin: one that displays insecure content and
1418 // one that doesn't. The test checks that we do not propagate the insecure
1419 // content state from one to the other.
1420 IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInsecureContentTwoTabs) {
1421 ASSERT_TRUE(test_server()->Start());
1422 ASSERT_TRUE(https_server_.Start());
1423
1424 ui_test_utils::NavigateToURL(browser(),
1425 https_server_.GetURL("files/ssl/blank_page.html"));
1426
1427 WebContents* tab1 = browser()->tab_strip_model()->GetActiveWebContents();
1428
1429 // This tab should be fine.
1430 CheckAuthenticatedState(tab1, AuthState::NONE);
1431
1432 // Create a new tab.
1433 std::string replacement_path;
1434 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
1435 "files/ssl/page_displays_insecure_content.html",
1436 test_server()->host_port_pair(),
1437 &replacement_path));
1438
1439 GURL url = https_server_.GetURL(replacement_path);
1440 chrome::NavigateParams params(browser(), url, ui::PAGE_TRANSITION_TYPED);
1441 params.disposition = NEW_FOREGROUND_TAB;
1442 params.tabstrip_index = 0;
1443 params.source_contents = tab1;
1444 content::WindowedNotificationObserver observer(
1445 content::NOTIFICATION_LOAD_STOP,
1446 content::NotificationService::AllSources());
1447 chrome::Navigate(&params);
1448 WebContents* tab2 = params.target_contents;
1449 observer.Wait();
1450
1451 // The new tab has insecure content.
1452 CheckAuthenticatedState(tab2, AuthState::DISPLAYED_INSECURE_CONTENT);
1453
1454 // The original tab should not be contaminated.
1455 CheckAuthenticatedState(tab1, AuthState::NONE);
1456 }
1457
1458 // Visits two pages from the same origin: one that runs insecure content and one
1459 // that doesn't. The test checks that we propagate the insecure content state
1460 // from one to the other.
1461 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsInsecureContentTwoTabs) {
1462 ASSERT_TRUE(test_server()->Start());
1463 ASSERT_TRUE(https_server_.Start());
1464
1465 ui_test_utils::NavigateToURL(browser(),
1466 https_server_.GetURL("files/ssl/blank_page.html"));
1467
1468 WebContents* tab1 = browser()->tab_strip_model()->GetActiveWebContents();
1469
1470 // This tab should be fine.
1471 CheckAuthenticatedState(tab1, AuthState::NONE);
1472
1473 std::string replacement_path;
1474 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
1475 "files/ssl/page_runs_insecure_content.html",
1476 test_server()->host_port_pair(),
1477 &replacement_path));
1478
1479 // Create a new tab in the same process. Using a NEW_FOREGROUND_TAB
1480 // disposition won't usually stay in the same process, but this works
1481 // because we are using process-per-site in SetUpCommandLine.
1482 GURL url = https_server_.GetURL(replacement_path);
1483 chrome::NavigateParams params(browser(), url, ui::PAGE_TRANSITION_TYPED);
1484 params.disposition = NEW_FOREGROUND_TAB;
1485 params.source_contents = tab1;
1486 content::WindowedNotificationObserver observer(
1487 content::NOTIFICATION_LOAD_STOP,
1488 content::NotificationService::AllSources());
1489 chrome::Navigate(&params);
1490 WebContents* tab2 = params.target_contents;
1491 observer.Wait();
1492
1493 // Both tabs should have the same process.
1494 EXPECT_EQ(tab1->GetRenderProcessHost(), tab2->GetRenderProcessHost());
1495
1496 // The new tab has insecure content.
1497 CheckAuthenticationBrokenState(
1498 tab2,
1499 CertError::NONE,
1500 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT);
1501
1502 // Which means the origin for the first tab has also been contaminated with
1503 // insecure content.
1504 CheckAuthenticationBrokenState(
1505 tab1, CertError::NONE, AuthState::RAN_INSECURE_CONTENT);
1506 }
1507
1508 // Visits a page with an image over http. Visits another page over https
1509 // referencing that same image over http (hoping it is coming from the webcore
1510 // memory cache).
1511 IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysCachedInsecureContent) {
1512 ASSERT_TRUE(test_server()->Start());
1513 ASSERT_TRUE(https_server_.Start());
1514
1515 std::string replacement_path;
1516 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
1517 "files/ssl/page_displays_insecure_content.html",
1518 test_server()->host_port_pair(),
1519 &replacement_path));
1520
1521 // Load original page over HTTP.
1522 const GURL url_http = test_server()->GetURL(replacement_path);
1523 ui_test_utils::NavigateToURL(browser(), url_http);
1524 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1525 CheckUnauthenticatedState(tab, AuthState::NONE);
1526
1527 // Load again but over SSL. It should be marked as displaying insecure
1528 // content (even though the image comes from the WebCore memory cache).
1529 const GURL url_https = https_server_.GetURL(replacement_path);
1530 ui_test_utils::NavigateToURL(browser(), url_https);
1531 CheckAuthenticatedState(tab, AuthState::DISPLAYED_INSECURE_CONTENT);
1532 }
1533
1534 // http://crbug.com/84729
1535 #if defined(OS_CHROMEOS)
1536 #define MAYBE_TestRunsCachedInsecureContent \
1537 DISABLED_TestRunsCachedInsecureContent
1538 #else
1539 #define MAYBE_TestRunsCachedInsecureContent TestRunsCachedInsecureContent
1540 #endif // defined(OS_CHROMEOS)
1541
1542 // Visits a page with script over http. Visits another page over https
1543 // referencing that same script over http (hoping it is coming from the webcore
1544 // memory cache).
1545 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRunsCachedInsecureContent) {
1546 ASSERT_TRUE(test_server()->Start());
1547 ASSERT_TRUE(https_server_.Start());
1548
1549 std::string replacement_path;
1550 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
1551 "files/ssl/page_runs_insecure_content.html",
1552 test_server()->host_port_pair(),
1553 &replacement_path));
1554
1555 // Load original page over HTTP.
1556 const GURL url_http = test_server()->GetURL(replacement_path);
1557 ui_test_utils::NavigateToURL(browser(), url_http);
1558 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1559 CheckUnauthenticatedState(tab, AuthState::NONE);
1560
1561 // Load again but over SSL. It should be marked as displaying insecure
1562 // content (even though the image comes from the WebCore memory cache).
1563 const GURL url_https = https_server_.GetURL(replacement_path);
1564 ui_test_utils::NavigateToURL(browser(), url_https);
1565 CheckAuthenticationBrokenState(
1566 tab,
1567 CertError::NONE,
1568 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT);
1569 }
1570
1571 // This test ensures the CN invalid status does not 'stick' to a certificate
1572 // (see bug #1044942) and that it depends on the host-name.
1573 // Test if disabled due to flakiness http://crbug.com/368280 .
1574 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCNInvalidStickiness) {
1575 ASSERT_TRUE(https_server_.Start());
1576 ASSERT_TRUE(https_server_mismatched_.Start());
1577
1578 // First we hit the server with hostname, this generates an invalid policy
1579 // error.
1580 ui_test_utils::NavigateToURL(browser(),
1581 https_server_mismatched_.GetURL("files/ssl/google.html"));
1582
1583 // We get an interstitial page as a result.
1584 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1585 CheckAuthenticationBrokenState(tab,
1586 net::CERT_STATUS_COMMON_NAME_INVALID,
1587 AuthState::SHOWING_INTERSTITIAL);
1588 ProceedThroughInterstitial(tab);
1589 CheckAuthenticationBrokenState(
1590 tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE);
1591
1592 // Now we try again with the right host name this time.
1593 GURL url(https_server_.GetURL("files/ssl/google.html"));
1594 ui_test_utils::NavigateToURL(browser(), url);
1595
1596 // Security state should be OK.
1597 CheckAuthenticatedState(tab, AuthState::NONE);
1598
1599 // Now try again the broken one to make sure it is still broken.
1600 ui_test_utils::NavigateToURL(browser(),
1601 https_server_mismatched_.GetURL("files/ssl/google.html"));
1602
1603 // Since we OKed the interstitial last time, we get right to the page.
1604 CheckAuthenticationBrokenState(
1605 tab, net::CERT_STATUS_COMMON_NAME_INVALID, AuthState::NONE);
1606 }
1607
1608 #if defined(OS_CHROMEOS)
1609 // This test seems to be flaky and hang on chromiumos.
1610 // http://crbug.com/84419
1611 #define MAYBE_TestRefNavigation DISABLED_TestRefNavigation
1612 #else
1613 #define MAYBE_TestRefNavigation TestRefNavigation
1614 #endif
1615
1616 // Test that navigating to a #ref does not change a bad security state.
1617 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRefNavigation) {
1618 ASSERT_TRUE(https_server_expired_.Start());
1619
1620 ui_test_utils::NavigateToURL(browser(),
1621 https_server_expired_.GetURL("files/ssl/page_with_refs.html"));
1622
1623 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1624 CheckAuthenticationBrokenState(
1625 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
1626
1627 ProceedThroughInterstitial(tab);
1628
1629 CheckAuthenticationBrokenState(
1630 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
1631 // Now navigate to a ref in the page, the security state should not have
1632 // changed.
1633 ui_test_utils::NavigateToURL(browser(),
1634 https_server_expired_.GetURL("files/ssl/page_with_refs.html#jp"));
1635
1636 CheckAuthenticationBrokenState(
1637 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
1638 }
1639
1640 // Tests that closing a page that has a unsafe pop-up does not crash the
1641 // browser (bug #1966).
1642 // TODO(jcampan): http://crbug.com/2136 disabled because the popup is not
1643 // opened as it is not initiated by a user gesture.
1644 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestCloseTabWithUnsafePopup) {
1645 ASSERT_TRUE(test_server()->Start());
1646 ASSERT_TRUE(https_server_expired_.Start());
1647
1648 std::string replacement_path;
1649 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
1650 "files/ssl/page_with_unsafe_popup.html",
1651 https_server_expired_.host_port_pair(),
1652 &replacement_path));
1653
1654 ui_test_utils::NavigateToURL(browser(),
1655 test_server()->GetURL(replacement_path));
1656
1657 WebContents* tab1 = browser()->tab_strip_model()->GetActiveWebContents();
1658 // It is probably overkill to add a notification for a popup-opening, let's
1659 // just poll.
1660 for (int i = 0; i < 10; i++) {
1661 if (IsShowingWebContentsModalDialog())
1662 break;
1663 base::MessageLoop::current()->PostDelayedTask(
1664 FROM_HERE,
1665 base::MessageLoop::QuitClosure(),
1666 base::TimeDelta::FromSeconds(1));
1667 content::RunMessageLoop();
1668 }
1669 ASSERT_TRUE(IsShowingWebContentsModalDialog());
1670
1671 // Let's add another tab to make sure the browser does not exit when we close
1672 // the first tab.
1673 GURL url = test_server()->GetURL("files/ssl/google.html");
1674 content::WindowedNotificationObserver observer(
1675 content::NOTIFICATION_LOAD_STOP,
1676 content::NotificationService::AllSources());
1677 chrome::AddSelectedTabWithURL(browser(), url, ui::PAGE_TRANSITION_TYPED);
1678 observer.Wait();
1679
1680 // Close the first tab.
1681 chrome::CloseWebContents(browser(), tab1, false);
1682 }
1683
1684 // Visit a page over bad https that is a redirect to a page with good https.
1685 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRedirectBadToGoodHTTPS) {
1686 ASSERT_TRUE(https_server_.Start());
1687 ASSERT_TRUE(https_server_expired_.Start());
1688
1689 GURL url1 = https_server_expired_.GetURL("server-redirect?");
1690 GURL url2 = https_server_.GetURL("files/ssl/google.html");
1691
1692 ui_test_utils::NavigateToURL(browser(), GURL(url1.spec() + url2.spec()));
1693
1694 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1695
1696 CheckAuthenticationBrokenState(
1697 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
1698
1699 ProceedThroughInterstitial(tab);
1700
1701 // We have been redirected to the good page.
1702 CheckAuthenticatedState(tab, AuthState::NONE);
1703 }
1704
1705 // Flaky on Linux. http://crbug.com/368280.
1706 #if defined(OS_LINUX)
1707 #define MAYBE_TestRedirectGoodToBadHTTPS DISABLED_TestRedirectGoodToBadHTTPS
1708 #else
1709 #define MAYBE_TestRedirectGoodToBadHTTPS TestRedirectGoodToBadHTTPS
1710 #endif
1711
1712 // Visit a page over good https that is a redirect to a page with bad https.
1713 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRedirectGoodToBadHTTPS) {
1714 ASSERT_TRUE(https_server_.Start());
1715 ASSERT_TRUE(https_server_expired_.Start());
1716
1717 GURL url1 = https_server_.GetURL("server-redirect?");
1718 GURL url2 = https_server_expired_.GetURL("files/ssl/google.html");
1719 ui_test_utils::NavigateToURL(browser(), GURL(url1.spec() + url2.spec()));
1720
1721 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1722 CheckAuthenticationBrokenState(
1723 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
1724
1725 ProceedThroughInterstitial(tab);
1726
1727 CheckAuthenticationBrokenState(
1728 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
1729 }
1730
1731 // Visit a page over http that is a redirect to a page with good HTTPS.
1732 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRedirectHTTPToGoodHTTPS) {
1733 ASSERT_TRUE(test_server()->Start());
1734 ASSERT_TRUE(https_server_.Start());
1735
1736 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1737
1738 // HTTP redirects to good HTTPS.
1739 GURL http_url = test_server()->GetURL("server-redirect?");
1740 GURL good_https_url =
1741 https_server_.GetURL("files/ssl/google.html");
1742
1743 ui_test_utils::NavigateToURL(browser(),
1744 GURL(http_url.spec() + good_https_url.spec()));
1745 CheckAuthenticatedState(tab, AuthState::NONE);
1746 }
1747
1748 // Flaky on Linux. http://crbug.com/368280.
1749 #if defined(OS_LINUX)
1750 #define MAYBE_TestRedirectHTTPToBadHTTPS DISABLED_TestRedirectHTTPToBadHTTPS
1751 #else
1752 #define MAYBE_TestRedirectHTTPToBadHTTPS TestRedirectHTTPToBadHTTPS
1753 #endif
1754
1755 // Visit a page over http that is a redirect to a page with bad HTTPS.
1756 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestRedirectHTTPToBadHTTPS) {
1757 ASSERT_TRUE(test_server()->Start());
1758 ASSERT_TRUE(https_server_expired_.Start());
1759
1760 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1761
1762 GURL http_url = test_server()->GetURL("server-redirect?");
1763 GURL bad_https_url =
1764 https_server_expired_.GetURL("files/ssl/google.html");
1765 ui_test_utils::NavigateToURL(browser(),
1766 GURL(http_url.spec() + bad_https_url.spec()));
1767 CheckAuthenticationBrokenState(
1768 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
1769
1770 ProceedThroughInterstitial(tab);
1771
1772 CheckAuthenticationBrokenState(
1773 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
1774 }
1775
1776 // Visit a page over https that is a redirect to a page with http (to make sure
1777 // we don't keep the secure state).
1778 IN_PROC_BROWSER_TEST_F(SSLUITest, TestRedirectHTTPSToHTTP) {
1779 ASSERT_TRUE(test_server()->Start());
1780 ASSERT_TRUE(https_server_.Start());
1781
1782 GURL https_url = https_server_.GetURL("server-redirect?");
1783 GURL http_url = test_server()->GetURL("files/ssl/google.html");
1784
1785 ui_test_utils::NavigateToURL(browser(),
1786 GURL(https_url.spec() + http_url.spec()));
1787 CheckUnauthenticatedState(
1788 browser()->tab_strip_model()->GetActiveWebContents(), AuthState::NONE);
1789 }
1790
1791 // Visits a page to which we could not connect (bad port) over http and https
1792 // and make sure the security style is correct.
1793 IN_PROC_BROWSER_TEST_F(SSLUITest, TestConnectToBadPort) {
1794 ui_test_utils::NavigateToURL(browser(), GURL("http://localhost:17"));
1795 CheckUnauthenticatedState(
1796 browser()->tab_strip_model()->GetActiveWebContents(),
1797 AuthState::SHOWING_ERROR);
1798
1799 // Same thing over HTTPS.
1800 ui_test_utils::NavigateToURL(browser(), GURL("https://localhost:17"));
1801 CheckUnauthenticatedState(
1802 browser()->tab_strip_model()->GetActiveWebContents(),
1803 AuthState::SHOWING_ERROR);
1804 }
1805
1806 //
1807 // Frame navigation
1808 //
1809
1810 // From a good HTTPS top frame:
1811 // - navigate to an OK HTTPS frame
1812 // - navigate to a bad HTTPS (expect unsafe content and filtered frame), then
1813 // back
1814 // - navigate to HTTP (expect insecure content), then back
1815 IN_PROC_BROWSER_TEST_F(SSLUITest, TestGoodFrameNavigation) {
1816 ASSERT_TRUE(test_server()->Start());
1817 ASSERT_TRUE(https_server_.Start());
1818 ASSERT_TRUE(https_server_expired_.Start());
1819
1820 std::string top_frame_path;
1821 ASSERT_TRUE(GetTopFramePath(*test_server(),
1822 https_server_,
1823 https_server_expired_,
1824 &top_frame_path));
1825
1826 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1827 ui_test_utils::NavigateToURL(browser(),
1828 https_server_.GetURL(top_frame_path));
1829
1830 CheckAuthenticatedState(tab, AuthState::NONE);
1831
1832 bool success = false;
1833 // Now navigate inside the frame.
1834 {
1835 content::WindowedNotificationObserver observer(
1836 content::NOTIFICATION_LOAD_STOP,
1837 content::Source<NavigationController>(&tab->GetController()));
1838 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
1839 tab,
1840 "window.domAutomationController.send(clickLink('goodHTTPSLink'));",
1841 &success));
1842 ASSERT_TRUE(success);
1843 observer.Wait();
1844 }
1845
1846 // We should still be fine.
1847 CheckAuthenticatedState(tab, AuthState::NONE);
1848
1849 // Now let's hit a bad page.
1850 {
1851 content::WindowedNotificationObserver observer(
1852 content::NOTIFICATION_LOAD_STOP,
1853 content::Source<NavigationController>(&tab->GetController()));
1854 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
1855 tab,
1856 "window.domAutomationController.send(clickLink('badHTTPSLink'));",
1857 &success));
1858 ASSERT_TRUE(success);
1859 observer.Wait();
1860 }
1861
1862 // The security style should still be secure.
1863 CheckAuthenticatedState(tab, AuthState::NONE);
1864
1865 // And the frame should be blocked.
1866 bool is_content_evil = true;
1867 content::RenderFrameHost* content_frame = content::FrameMatchingPredicate(
1868 tab, base::Bind(&content::FrameMatchesName, "contentFrame"));
1869 std::string is_evil_js("window.domAutomationController.send("
1870 "document.getElementById('evilDiv') != null);");
1871 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(content_frame,
1872 is_evil_js,
1873 &is_content_evil));
1874 EXPECT_FALSE(is_content_evil);
1875
1876 // Now go back, our state should still be OK.
1877 {
1878 content::WindowedNotificationObserver observer(
1879 content::NOTIFICATION_LOAD_STOP,
1880 content::Source<NavigationController>(&tab->GetController()));
1881 tab->GetController().GoBack();
1882 observer.Wait();
1883 }
1884 CheckAuthenticatedState(tab, AuthState::NONE);
1885
1886 // Navigate to a page served over HTTP.
1887 {
1888 content::WindowedNotificationObserver observer(
1889 content::NOTIFICATION_LOAD_STOP,
1890 content::Source<NavigationController>(&tab->GetController()));
1891 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
1892 tab,
1893 "window.domAutomationController.send(clickLink('HTTPLink'));",
1894 &success));
1895 ASSERT_TRUE(success);
1896 observer.Wait();
1897 }
1898
1899 // Our state should be unathenticated (in the ran mixed script sense)
1900 CheckAuthenticationBrokenState(
1901 tab,
1902 CertError::NONE,
1903 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT);
1904
1905 // Go back, our state should be unchanged.
1906 {
1907 content::WindowedNotificationObserver observer(
1908 content::NOTIFICATION_LOAD_STOP,
1909 content::Source<NavigationController>(&tab->GetController()));
1910 tab->GetController().GoBack();
1911 observer.Wait();
1912 }
1913
1914 CheckAuthenticationBrokenState(
1915 tab,
1916 CertError::NONE,
1917 AuthState::DISPLAYED_INSECURE_CONTENT | AuthState::RAN_INSECURE_CONTENT);
1918 }
1919
1920 // From a bad HTTPS top frame:
1921 // - navigate to an OK HTTPS frame (expected to be still authentication broken).
1922 IN_PROC_BROWSER_TEST_F(SSLUITest, TestBadFrameNavigation) {
1923 ASSERT_TRUE(https_server_.Start());
1924 ASSERT_TRUE(https_server_expired_.Start());
1925
1926 std::string top_frame_path;
1927 ASSERT_TRUE(GetTopFramePath(*test_server(),
1928 https_server_,
1929 https_server_expired_,
1930 &top_frame_path));
1931
1932 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1933 ui_test_utils::NavigateToURL(browser(),
1934 https_server_expired_.GetURL(top_frame_path));
1935 CheckAuthenticationBrokenState(
1936 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
1937
1938 ProceedThroughInterstitial(tab);
1939
1940 // Navigate to a good frame.
1941 bool success = false;
1942 content::WindowedNotificationObserver observer(
1943 content::NOTIFICATION_LOAD_STOP,
1944 content::Source<NavigationController>(&tab->GetController()));
1945 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
1946 tab,
1947 "window.domAutomationController.send(clickLink('goodHTTPSLink'));",
1948 &success));
1949 ASSERT_TRUE(success);
1950 observer.Wait();
1951
1952 // We should still be authentication broken.
1953 CheckAuthenticationBrokenState(
1954 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
1955 }
1956
1957 // From an HTTP top frame, navigate to good and bad HTTPS (security state should
1958 // stay unauthenticated).
1959 // Disabled, flakily exceeds test timeout, http://crbug.com/43437.
1960 IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestUnauthenticatedFrameNavigation) {
1961 ASSERT_TRUE(test_server()->Start());
1962 ASSERT_TRUE(https_server_.Start());
1963 ASSERT_TRUE(https_server_expired_.Start());
1964
1965 std::string top_frame_path;
1966 ASSERT_TRUE(GetTopFramePath(*test_server(),
1967 https_server_,
1968 https_server_expired_,
1969 &top_frame_path));
1970
1971 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
1972 ui_test_utils::NavigateToURL(browser(),
1973 test_server()->GetURL(top_frame_path));
1974 CheckUnauthenticatedState(tab, AuthState::NONE);
1975
1976 // Now navigate inside the frame to a secure HTTPS frame.
1977 {
1978 bool success = false;
1979 content::WindowedNotificationObserver observer(
1980 content::NOTIFICATION_LOAD_STOP,
1981 content::Source<NavigationController>(&tab->GetController()));
1982 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
1983 tab,
1984 "window.domAutomationController.send(clickLink('goodHTTPSLink'));",
1985 &success));
1986 ASSERT_TRUE(success);
1987 observer.Wait();
1988 }
1989
1990 // We should still be unauthenticated.
1991 CheckUnauthenticatedState(tab, AuthState::NONE);
1992
1993 // Now navigate to a bad HTTPS frame.
1994 {
1995 bool success = false;
1996 content::WindowedNotificationObserver observer(
1997 content::NOTIFICATION_LOAD_STOP,
1998 content::Source<NavigationController>(&tab->GetController()));
1999 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
2000 tab,
2001 "window.domAutomationController.send(clickLink('badHTTPSLink'));",
2002 &success));
2003 ASSERT_TRUE(success);
2004 observer.Wait();
2005 }
2006
2007 // State should not have changed.
2008 CheckUnauthenticatedState(tab, AuthState::NONE);
2009
2010 // And the frame should have been blocked (see bug #2316).
2011 bool is_content_evil = true;
2012 content::RenderFrameHost* content_frame = content::FrameMatchingPredicate(
2013 tab, base::Bind(&content::FrameMatchesName, "contentFrame"));
2014 std::string is_evil_js("window.domAutomationController.send("
2015 "document.getElementById('evilDiv') != null);");
2016 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(content_frame,
2017 is_evil_js,
2018 &is_content_evil));
2019 EXPECT_FALSE(is_content_evil);
2020 }
2021
2022 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsInWorkerFiltered) {
2023 ASSERT_TRUE(https_server_.Start());
2024 ASSERT_TRUE(https_server_expired_.Start());
2025
2026 // This page will spawn a Worker which will try to load content from
2027 // BadCertServer.
2028 std::string page_with_unsafe_worker_path;
2029 ASSERT_TRUE(GetPageWithUnsafeWorkerPath(https_server_expired_,
2030 &page_with_unsafe_worker_path));
2031 ui_test_utils::NavigateToURL(browser(), https_server_.GetURL(
2032 page_with_unsafe_worker_path));
2033 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
2034 // Expect Worker not to load insecure content.
2035 CheckWorkerLoadResult(tab, false);
2036 // The bad content is filtered, expect the state to be authenticated.
2037 CheckAuthenticatedState(tab, AuthState::NONE);
2038 }
2039
2040 // This test, and the related test TestUnsafeContentsWithUserException, verify
2041 // that if unsafe content is loaded but the host of that unsafe content has a
2042 // user exception, the content runs and the security style remains
2043 // authenticated. This is not necessarily the behavior that should exist, but it
2044 // is verification that it does behave that way. See https://crbug.com/477868
2045 // for more inforamtion on this.
2046 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsInWorkerWithUserException) {
2047 ASSERT_TRUE(https_server_.Start());
2048 // Note that it is necessary to user https_server_mismatched_ here over the
2049 // other invalid cert servers. This is because the test relies on the two
2050 // servers having different hosts since SSL exceptions are per-host, not per
2051 // origin, and https_server_mismatched_ uses 'localhost' rather than
2052 // '127.0.0.1'.
2053 ASSERT_TRUE(https_server_mismatched_.Start());
2054
2055 // Navigate to an unsafe site. Proceed with interstitial page to indicate
2056 // the user approves the bad certificate.
2057 ui_test_utils::NavigateToURL(
2058 browser(), https_server_mismatched_.GetURL("files/ssl/blank_page.html"));
2059 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
2060 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
2061 AuthState::SHOWING_INTERSTITIAL);
2062 ProceedThroughInterstitial(tab);
2063 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
2064 AuthState::NONE);
2065
2066 // Navigate to safe page that has Worker loading unsafe content.
2067 // Expect content to load but be marked as auth broken due to running insecure
2068 // content.
2069 std::string page_with_unsafe_worker_path;
2070 ASSERT_TRUE(GetPageWithUnsafeWorkerPath(https_server_mismatched_,
2071 &page_with_unsafe_worker_path));
2072 ui_test_utils::NavigateToURL(
2073 browser(), https_server_.GetURL(page_with_unsafe_worker_path));
2074 CheckWorkerLoadResult(tab, true); // Worker loads insecure content
2075 CheckAuthenticatedState(tab, CertError::NONE);
2076 }
2077
2078 // Visits a page with unsafe content and makes sure that if a user exception to
2079 // the certificate error is present, the image is loaded and script executes.
2080 //
2081 // See the comment above SSLUITest.TestUnsafeContentsInWorkerWithUserException
2082 // for a discussion about the desired behavior.
2083 IN_PROC_BROWSER_TEST_F(SSLUITest, TestUnsafeContentsWithUserException) {
2084 ASSERT_TRUE(https_server_.Start());
2085 // Note that it is necessary to user https_server_mismatched_ here over the
2086 // other invalid cert servers. This is because the test relies on the two
2087 // servers having different hosts since SSL exceptions are per-host, not per
2088 // origin, and https_server_mismatched_ uses 'localhost' rather than
2089 // '127.0.0.1'.
2090 ASSERT_TRUE(https_server_mismatched_.Start());
2091
2092 // Navigate to an unsafe site. Proceed with interstitial page to indicate
2093 // the user approves the bad certificate.
2094 ui_test_utils::NavigateToURL(
2095 browser(), https_server_mismatched_.GetURL("files/ssl/blank_page.html"));
2096 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
2097 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
2098 AuthState::SHOWING_INTERSTITIAL);
2099 ProceedThroughInterstitial(tab);
2100 CheckAuthenticationBrokenState(tab, net::CERT_STATUS_COMMON_NAME_INVALID,
2101 AuthState::NONE);
2102
2103 std::string replacement_path;
2104 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
2105 "files/ssl/page_with_unsafe_contents.html",
2106 https_server_mismatched_.host_port_pair(), &replacement_path));
2107 ui_test_utils::NavigateToURL(browser(),
2108 https_server_.GetURL(replacement_path));
2109
2110 // When the bad content is filtered, the state is expected to be
2111 // authenticated.
2112 CheckAuthenticatedState(tab, AuthState::NONE);
2113
2114 int img_width;
2115 EXPECT_TRUE(content::ExecuteScriptAndExtractInt(
2116 tab, "window.domAutomationController.send(ImageWidth());", &img_width));
2117 // In order to check that the image was loaded, we check its width.
2118 // The actual image (Google logo) is 114 pixels wide, so we assume a good
2119 // image is greater than 100.
2120 EXPECT_GT(img_width, 100);
2121
2122 bool js_result = false;
2123 EXPECT_TRUE(content::ExecuteScriptAndExtractBool(
2124 tab, "window.domAutomationController.send(IsFooSet());", &js_result));
2125 EXPECT_TRUE(js_result);
2126 CheckAuthenticatedState(tab, CertError::NONE);
2127 }
2128
2129 // Test that when the browser blocks displaying insecure content (images), the
2130 // indicator shows a secure page, because the blocking made the otherwise
2131 // unsafe page safe (the notification of this state is handled by other means).
2132 IN_PROC_BROWSER_TEST_F(SSLUITestBlock, TestBlockDisplayingInsecureImage) {
2133 ASSERT_TRUE(test_server()->Start());
2134 ASSERT_TRUE(https_server_.Start());
2135
2136 std::string replacement_path;
2137 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
2138 "files/ssl/page_displays_insecure_content.html",
2139 test_server()->host_port_pair(),
2140 &replacement_path));
2141
2142 ui_test_utils::NavigateToURL(browser(),
2143 https_server_.GetURL(replacement_path));
2144
2145 CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(),
2146 AuthState::NONE);
2147 }
2148
2149 // Test that when the browser blocks displaying insecure content (iframes), the
2150 // indicator shows a secure page, because the blocking made the otherwise
2151 // unsafe page safe (the notification of this state is handled by other means)
2152 IN_PROC_BROWSER_TEST_F(SSLUITestBlock, TestBlockDisplayingInsecureIframe) {
2153 ASSERT_TRUE(test_server()->Start());
2154 ASSERT_TRUE(https_server_.Start());
2155
2156 std::string replacement_path;
2157 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
2158 "files/ssl/page_displays_insecure_iframe.html",
2159 test_server()->host_port_pair(),
2160 &replacement_path));
2161
2162 ui_test_utils::NavigateToURL(browser(),
2163 https_server_.GetURL(replacement_path));
2164
2165 CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(),
2166 AuthState::NONE);
2167 }
2168
2169 // Test that when the browser blocks running insecure content, the
2170 // indicator shows a secure page, because the blocking made the otherwise
2171 // unsafe page safe (the notification of this state is handled by other means).
2172 IN_PROC_BROWSER_TEST_F(SSLUITestBlock, TestBlockRunningInsecureContent) {
2173 ASSERT_TRUE(test_server()->Start());
2174 ASSERT_TRUE(https_server_.Start());
2175
2176 std::string replacement_path;
2177 ASSERT_TRUE(GetFilePathWithHostAndPortReplacement(
2178 "files/ssl/page_runs_insecure_content.html",
2179 test_server()->host_port_pair(),
2180 &replacement_path));
2181
2182 ui_test_utils::NavigateToURL(browser(),
2183 https_server_.GetURL(replacement_path));
2184
2185 CheckAuthenticatedState(browser()->tab_strip_model()->GetActiveWebContents(),
2186 AuthState::NONE);
2187 }
2188
2189 // Visit a page and establish a WebSocket connection over bad https with
2190 // --ignore-certificate-errors. The connection should be established without
2191 // interstitial page showing.
2192 IN_PROC_BROWSER_TEST_F(SSLUITestIgnoreCertErrors, TestWSS) {
2193 ASSERT_TRUE(test_server()->Start());
2194 ASSERT_TRUE(wss_server_expired_.Start());
2195
2196 // Setup page title observer.
2197 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
2198 content::TitleWatcher watcher(tab, ASCIIToUTF16("PASS"));
2199 watcher.AlsoWaitForTitle(ASCIIToUTF16("FAIL"));
2200
2201 // Visit bad HTTPS page.
2202 GURL::Replacements replacements;
2203 replacements.SetSchemeStr("https");
2204 ui_test_utils::NavigateToURL(
2205 browser(),
2206 wss_server_expired_.GetURL(
2207 "connect_check.html").ReplaceComponents(replacements));
2208
2209 // We shouldn't have an interstitial page showing here.
2210
2211 // Test page run a WebSocket wss connection test. The result will be shown
2212 // as page title.
2213 const base::string16 result = watcher.WaitAndGetTitle();
2214 EXPECT_TRUE(LowerCaseEqualsASCII(result, "pass"));
2215 }
2216
2217 // Verifies that the interstitial can proceed, even if JavaScript is disabled.
2218 // http://crbug.com/322948
2219 #if defined(OS_LINUX)
2220 // flaky http://crbug.com/396458
2221 #define MAYBE_TestInterstitialJavaScriptProceeds \
2222 DISABLED_TestInterstitialJavaScriptProceeds
2223 #else
2224 #define MAYBE_TestInterstitialJavaScriptProceeds \
2225 TestInterstitialJavaScriptProceeds
2226 #endif
2227 IN_PROC_BROWSER_TEST_F(SSLUITest, MAYBE_TestInterstitialJavaScriptProceeds) {
2228 browser()->profile()->GetHostContentSettingsMap()->SetDefaultContentSetting(
2229 CONTENT_SETTINGS_TYPE_JAVASCRIPT, CONTENT_SETTING_BLOCK);
2230
2231 ASSERT_TRUE(https_server_expired_.Start());
2232 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
2233 ui_test_utils::NavigateToURL(browser(),
2234 https_server_expired_.GetURL("files/ssl/google.html"));
2235 CheckAuthenticationBrokenState(
2236 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
2237
2238 content::WindowedNotificationObserver observer(
2239 content::NOTIFICATION_LOAD_STOP,
2240 content::Source<NavigationController>(&tab->GetController()));
2241 InterstitialPage* interstitial_page = tab->GetInterstitialPage();
2242 ASSERT_EQ(SSLBlockingPage::kTypeForTesting,
2243 interstitial_page->GetDelegateForTesting()->GetTypeForTesting());
2244 content::RenderViewHost* interstitial_rvh =
2245 interstitial_page->GetMainFrame()->GetRenderViewHost();
2246 int result = -1;
2247 std::string javascript = base::StringPrintf(
2248 "window.domAutomationController.send(%d);",
2249 SecurityInterstitialPage::CMD_PROCEED);
2250 ASSERT_TRUE(content::ExecuteScriptAndExtractInt(
2251 interstitial_rvh, javascript, &result));
2252 // The above will hang without the fix.
2253 EXPECT_EQ(1, result);
2254 observer.Wait();
2255 CheckAuthenticationBrokenState(
2256 tab, net::CERT_STATUS_DATE_INVALID, AuthState::NONE);
2257 }
2258
2259 // Verifies that the interstitial can go back, even if JavaScript is disabled.
2260 // http://crbug.com/322948
2261 IN_PROC_BROWSER_TEST_F(SSLUITest, TestInterstitialJavaScriptGoesBack) {
2262 browser()->profile()->GetHostContentSettingsMap()->SetDefaultContentSetting(
2263 CONTENT_SETTINGS_TYPE_JAVASCRIPT, CONTENT_SETTING_BLOCK);
2264
2265 ASSERT_TRUE(https_server_expired_.Start());
2266 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
2267 ui_test_utils::NavigateToURL(browser(),
2268 https_server_expired_.GetURL("files/ssl/google.html"));
2269 CheckAuthenticationBrokenState(
2270 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
2271
2272 content::WindowedNotificationObserver observer(
2273 content::NOTIFICATION_RENDER_WIDGET_HOST_DESTROYED,
2274 content::NotificationService::AllSources());
2275 InterstitialPage* interstitial_page = tab->GetInterstitialPage();
2276 ASSERT_EQ(SSLBlockingPage::kTypeForTesting,
2277 interstitial_page->GetDelegateForTesting()->GetTypeForTesting());
2278 content::RenderViewHost* interstitial_rvh =
2279 interstitial_page->GetMainFrame()->GetRenderViewHost();
2280 int result = -1;
2281 std::string javascript = base::StringPrintf(
2282 "window.domAutomationController.send(%d);",
2283 SecurityInterstitialPage::CMD_DONT_PROCEED);
2284 ASSERT_TRUE(content::ExecuteScriptAndExtractInt(
2285 interstitial_rvh, javascript, &result));
2286 // The above will hang without the fix.
2287 EXPECT_EQ(0, result);
2288 observer.Wait();
2289 EXPECT_EQ("about:blank", tab->GetVisibleURL().spec());
2290 }
2291
2292 // Verifies that switching tabs, while showing interstitial page, will not
2293 // affect the visibility of the interestitial.
2294 // https://crbug.com/381439
2295 IN_PROC_BROWSER_TEST_F(SSLUITest, InterstitialNotAffectedByHideShow) {
2296 ASSERT_TRUE(https_server_expired_.Start());
2297 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
2298 EXPECT_TRUE(tab->GetRenderWidgetHostView()->IsShowing());
2299 ui_test_utils::NavigateToURL(
2300 browser(), https_server_expired_.GetURL("files/ssl/google.html"));
2301 CheckAuthenticationBrokenState(
2302 tab, net::CERT_STATUS_DATE_INVALID, AuthState::SHOWING_INTERSTITIAL);
2303 EXPECT_TRUE(tab->GetRenderWidgetHostView()->IsShowing());
2304
2305 AddTabAtIndex(0,
2306 https_server_.GetURL("files/ssl/google.html"),
2307 ui::PAGE_TRANSITION_TYPED);
2308 EXPECT_EQ(2, browser()->tab_strip_model()->count());
2309 EXPECT_EQ(0, browser()->tab_strip_model()->active_index());
2310 EXPECT_EQ(tab, browser()->tab_strip_model()->GetWebContentsAt(1));
2311 EXPECT_FALSE(tab->GetRenderWidgetHostView()->IsShowing());
2312
2313 browser()->tab_strip_model()->ActivateTabAt(1, true);
2314 EXPECT_TRUE(tab->GetRenderWidgetHostView()->IsShowing());
2315 }
2316
2317 // Verifies that if a bad certificate is seen for a host and the user proceeds
2318 // through the interstitial, the decision to proceed is initially remembered.
2319 // However, if this is followed by another visit, and a good certificate
2320 // is seen for the same host, the original exception is forgotten.
2321 IN_PROC_BROWSER_TEST_F(SSLUITest, BadCertFollowedByGoodCert) {
2322 // It is necessary to use |https_server_expired_| rather than
2323 // |https_server_mismatched| because the former shares a host with
2324 // |https_server_| and cert exceptions are per host.
2325 ASSERT_TRUE(https_server_expired_.Start());
2326 ASSERT_TRUE(https_server_.Start());
2327
2328 std::string https_server_expired_host =
2329 https_server_.GetURL("files/ssl/google.html").host();
2330 std::string https_server_host =
2331 https_server_.GetURL("files/ssl/google.html").host();
2332 ASSERT_EQ(https_server_expired_host, https_server_host);
2333
2334 WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
2335
2336 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext());
2337 ChromeSSLHostStateDelegate* state =
2338 reinterpret_cast<ChromeSSLHostStateDelegate*>(
2339 profile->GetSSLHostStateDelegate());
2340
2341 ui_test_utils::NavigateToURL(
2342 browser(), https_server_expired_.GetURL("files/ssl/google.html"));
2343
2344 ProceedThroughInterstitial(tab);
2345 EXPECT_TRUE(state->HasAllowException(https_server_host));
2346
2347 ui_test_utils::NavigateToURL(browser(),
2348 https_server_.GetURL("files/ssl/google.html"));
2349 ASSERT_FALSE(tab->GetInterstitialPage());
2350 EXPECT_FALSE(state->HasAllowException(https_server_host));
2351 }
2352
2353 class SSLBlockingPageIDNTest : public SecurityInterstitialIDNTest {
2354 protected:
2355 // SecurityInterstitialIDNTest implementation
2356 SecurityInterstitialPage* CreateInterstitial(
2357 content::WebContents* contents,
2358 const GURL& request_url) const override {
2359 net::SSLInfo ssl_info;
2360 ssl_info.cert = new net::X509Certificate(
2361 request_url.host(), "CA", base::Time::Max(), base::Time::Max());
2362 return new SSLBlockingPage(
2363 contents, net::ERR_CERT_CONTAINS_ERRORS, ssl_info, request_url, 0,
2364 base::Time::NowFromSystemTime(), nullptr, base::Callback<void(bool)>());
2365 }
2366 };
2367
2368 IN_PROC_BROWSER_TEST_F(SSLBlockingPageIDNTest, SSLBlockingPageDecodesIDN) {
2369 EXPECT_TRUE(VerifyIDNDecoded());
2370 }
2371
2372 // TODO(jcampan): more tests to do below.
2373
2374 // Visit a page over https that contains a frame with a redirect.
2375
2376 // XMLHttpRequest insecure content in synchronous mode.
2377
2378 // XMLHttpRequest insecure content in asynchronous mode.
2379
2380 // XMLHttpRequest over bad ssl in synchronous mode.
2381
2382 // XMLHttpRequest over OK ssl in synchronous mode.