diff options
author | bhanudev <bhanudev@google.com> | 2015-08-18 15:21:18 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-08-18 22:22:06 +0000 |
commit | 2051ce7a01a4026ec1611c940a3d83a55a6e19ef (patch) | |
tree | 2409169e8a1e7262b718cd16842504dce8bf6d3e /chrome/browser/ssl/ssl_error_handler_unittest.cc | |
parent | 75eee56c732dd56ad5c733db0c4522adc8ce5029 (diff) | |
download | chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.zip chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.tar.gz chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.tar.bz2 |
Common Name Mismatch Handler For WWW Subdomain Mismatch case
This CL displays a modified interstitial for the WWW subdomain
mismatch error. When there is a WWW sub domain mismatch between
the hostname entered in the URL and the dns name present in the
certificate, we ping the www mismatched domain. If a valid response
code is received, we display an interstitial with a link to that domain.
BUG=507454
Review URL: https://codereview.chromium.org/1223233002
Cr-Commit-Position: refs/heads/master@{#344052}
Diffstat (limited to 'chrome/browser/ssl/ssl_error_handler_unittest.cc')
-rw-r--r-- | chrome/browser/ssl/ssl_error_handler_unittest.cc | 142 |
1 files changed, 137 insertions, 5 deletions
diff --git a/chrome/browser/ssl/ssl_error_handler_unittest.cc b/chrome/browser/ssl/ssl_error_handler_unittest.cc index e93908e..10d21e4 100644 --- a/chrome/browser/ssl/ssl_error_handler_unittest.cc +++ b/chrome/browser/ssl/ssl_error_handler_unittest.cc @@ -11,12 +11,17 @@ #include "base/time/time.h" #include "chrome/browser/captive_portal/captive_portal_service.h" #include "chrome/browser/profiles/profile.h" +#include "chrome/browser/ssl/common_name_mismatch_handler.h" #include "chrome/test/base/chrome_render_view_host_test_harness.h" #include "chrome/test/base/testing_profile.h" #include "components/captive_portal/captive_portal_testing_utils.h" #include "content/public/browser/notification_service.h" #include "net/base/net_errors.h" +#include "net/base/test_data_directory.h" +#include "net/cert/x509_certificate.h" #include "net/ssl/ssl_info.h" +#include "net/test/cert_test_util.h" +#include "net/test/test_certificate_data.h" #include "testing/gtest/include/gtest/gtest.h" class TestSSLErrorHandler : public SSLErrorHandler { @@ -33,8 +38,11 @@ class TestSSLErrorHandler : public SSLErrorHandler { base::Callback<void(bool)>()), profile_(profile), captive_portal_checked_(false), + suggested_url_exists_(false), + suggested_url_checked_(false), ssl_interstitial_shown_(false), - captive_portal_interstitial_shown_(false) {} + captive_portal_interstitial_shown_(false), + common_name_mismatch_redirect_(false) {} ~TestSSLErrorHandler() override { } @@ -52,6 +60,12 @@ class TestSSLErrorHandler : public SSLErrorHandler { content::Details<CaptivePortalService::Results>(&results)); } + void SendSuggestedUrlCheckResult( + const CommonNameMismatchHandler::SuggestedUrlCheckResult& result, + const GURL& suggested_url) { + CommonNameMismatchHandlerCallback(result, suggested_url); + } + bool IsTimerRunning() const { return get_timer().IsRunning(); } @@ -68,10 +82,31 @@ class TestSSLErrorHandler : public SSLErrorHandler { return captive_portal_interstitial_shown_; } + void SetSuggestedUrlExists(bool suggested_url_exists) { + suggested_url_exists_ = suggested_url_exists; + } + + bool GetSuggestedUrl(const std::vector<std::string>& dns_names, + GURL* suggested_url) const override { + if (!suggested_url_exists_) + return false; + *suggested_url = GURL("www.example.com"); + return true; + } + + bool suggested_url_checked() const { return suggested_url_checked_; } + + bool common_name_mismatch_redirect() const { + return common_name_mismatch_redirect_; + } + void Reset() { captive_portal_checked_ = false; + suggested_url_exists_ = false; + suggested_url_checked_ = false; ssl_interstitial_shown_ = false; captive_portal_interstitial_shown_ = false; + common_name_mismatch_redirect_ = false; } private: @@ -79,18 +114,27 @@ class TestSSLErrorHandler : public SSLErrorHandler { captive_portal_checked_ = true; } - void ShowSSLInterstitial() override { - ssl_interstitial_shown_ = true; - } + void ShowSSLInterstitial() override { ssl_interstitial_shown_ = true; } void ShowCaptivePortalInterstitial(const GURL& landing_url) override { captive_portal_interstitial_shown_ = true; } + void CheckSuggestedUrl(const GURL& suggested_url) override { + suggested_url_checked_ = true; + } + + void NavigateToSuggestedURL(const GURL& suggested_url) override { + common_name_mismatch_redirect_ = true; + } + Profile* profile_; bool captive_portal_checked_; + bool suggested_url_exists_; + bool suggested_url_checked_; bool ssl_interstitial_shown_; bool captive_portal_interstitial_shown_; + bool common_name_mismatch_redirect_; DISALLOW_COPY_AND_ASSIGN(TestSSLErrorHandler); }; @@ -104,13 +148,16 @@ class SSLErrorHandlerTest : public ChromeRenderViewHostTestHarness { void SetUp() override { ChromeRenderViewHostTestHarness::SetUp(); SSLErrorHandler::SetInterstitialDelayTypeForTest(SSLErrorHandler::NONE); + ssl_info_.cert = + net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem"); + ssl_info_.cert_status = net::CERT_STATUS_COMMON_NAME_INVALID; error_handler_.reset(new TestSSLErrorHandler(profile(), web_contents(), ssl_info_)); // Enable finch experiment for captive portal interstitials. ASSERT_TRUE(base::FieldTrialList::CreateFieldTrial( "CaptivePortalInterstitial", "Enabled")); -} + } void TearDown() override { EXPECT_FALSE(error_handler()->IsTimerRunning()); @@ -191,11 +238,39 @@ TEST_F(SSLErrorHandlerTest, EXPECT_FALSE(error_handler()->captive_portal_interstitial_shown()); } +TEST_F(SSLErrorHandlerTest, ShouldNotCheckSuggestedUrlIfNoSuggestedUrl) { + error_handler()->SetSuggestedUrlExists(false); + error_handler()->StartHandlingError(); + + EXPECT_TRUE(error_handler()->captive_portal_checked()); + EXPECT_TRUE(error_handler()->IsTimerRunning()); + EXPECT_FALSE(error_handler()->suggested_url_checked()); + base::RunLoop().RunUntilIdle(); + + EXPECT_FALSE(error_handler()->IsTimerRunning()); + EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); +} + +TEST_F(SSLErrorHandlerTest, ShouldNotCheckCaptivePortalIfSuggestedUrlExists) { + EXPECT_FALSE(error_handler()->IsTimerRunning()); + error_handler()->SetSuggestedUrlExists(true); + error_handler()->StartHandlingError(); + + EXPECT_TRUE(error_handler()->IsTimerRunning()); + EXPECT_TRUE(error_handler()->suggested_url_checked()); + EXPECT_FALSE(error_handler()->captive_portal_checked()); + base::RunLoop().RunUntilIdle(); + + EXPECT_FALSE(error_handler()->IsTimerRunning()); + EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); +} + #else // #if !defined(ENABLE_CAPTIVE_PORTAL_DETECTION) TEST_F(SSLErrorHandlerTest, ShouldShowSSLInterstitialOnCaptivePortalDetectionDisabled) { EXPECT_FALSE(error_handler()->IsTimerRunning()); + error_handler()->SetSuggestedUrlExists(false); error_handler()->StartHandlingError(); EXPECT_FALSE(error_handler()->IsTimerRunning()); EXPECT_FALSE(error_handler()->captive_portal_checked()); @@ -204,3 +279,60 @@ TEST_F(SSLErrorHandlerTest, } #endif // defined(ENABLE_CAPTIVE_PORTAL_DETECTION) + +TEST_F(SSLErrorHandlerTest, + ShouldShowSSLInterstitialOnTimerExpiredWhenSuggestedUrlExists) { + error_handler()->SetSuggestedUrlExists(true); + error_handler()->StartHandlingError(); + + EXPECT_TRUE(error_handler()->IsTimerRunning()); + EXPECT_TRUE(error_handler()->suggested_url_checked()); + EXPECT_FALSE(error_handler()->ssl_interstitial_shown()); + EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); + + base::RunLoop().RunUntilIdle(); + + EXPECT_FALSE(error_handler()->IsTimerRunning()); + EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); + EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); +} + +TEST_F(SSLErrorHandlerTest, ShouldRedirectOnSuggestedUrlCheckResult) { + error_handler()->SetSuggestedUrlExists(true); + error_handler()->StartHandlingError(); + + EXPECT_TRUE(error_handler()->IsTimerRunning()); + EXPECT_TRUE(error_handler()->suggested_url_checked()); + EXPECT_FALSE(error_handler()->ssl_interstitial_shown()); + EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); + // Fake a valid suggested URL check result. + // The URL returned by |SuggestedUrlCheckResult| can be different from + // |suggested_url|, if there is a redirect. + error_handler()->SendSuggestedUrlCheckResult( + CommonNameMismatchHandler::SuggestedUrlCheckResult:: + SUGGESTED_URL_AVAILABLE, + GURL("https://random.example.com")); + + EXPECT_FALSE(error_handler()->IsTimerRunning()); + EXPECT_FALSE(error_handler()->ssl_interstitial_shown()); + EXPECT_TRUE(error_handler()->common_name_mismatch_redirect()); +} + +TEST_F(SSLErrorHandlerTest, ShouldShowSSLInterstitialOnInvalidUrlCheckResult) { + error_handler()->SetSuggestedUrlExists(true); + error_handler()->StartHandlingError(); + + EXPECT_TRUE(error_handler()->IsTimerRunning()); + EXPECT_TRUE(error_handler()->suggested_url_checked()); + EXPECT_FALSE(error_handler()->ssl_interstitial_shown()); + EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); + // Fake an Invalid Suggested URL Check result. + error_handler()->SendSuggestedUrlCheckResult( + CommonNameMismatchHandler::SuggestedUrlCheckResult:: + SUGGESTED_URL_NOT_AVAILABLE, + GURL()); + + EXPECT_FALSE(error_handler()->IsTimerRunning()); + EXPECT_TRUE(error_handler()->ssl_interstitial_shown()); + EXPECT_FALSE(error_handler()->common_name_mismatch_redirect()); +} |