From 8a3422c9488ce79e305973d29a01811762e35465 Mon Sep 17 00:00:00 2001
From: "jcampan@chromium.org"
 <jcampan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Wed, 24 Sep 2008 17:42:42 +0000
Subject: This CL adds new UI tests for the SSL UI. Some more info:

SSL UI Tests:
Added new tests for redirects and frames.
Also improved the mixed-content test to exercise the "block mixed-contents" preference and the show info-bar.

Automation:
For the new UI tests, added methods to tab_proxy and browser_proxy. The ones of most interest are GetLastNavigatinTime and WaitForNavigation that ensures we wait for a navigation to occur or have occured when taking actions that asynchronously trigger navigations.

Resource loading:
Added a flag to the response we get when loading a resource that indicates whether that resource was filtered (blocked or altered) by the security peer. We use this flag to notify back the browser when we report a load has been committed.
This is so the SSL manager knows a frame has been filtered (in which case we have no cert info but should not consider that as unsafe).

BUG=2004
Review URL: http://codereview.chromium.org/3165

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@2553 0039d316-1c4b-4281-b951-d872f2087c98
---
 chrome/browser/ssl_manager.cc | 68 ++++++++++++++++++-------------------------
 1 file changed, 28 insertions(+), 40 deletions(-)

(limited to 'chrome/browser/ssl_manager.cc')

diff --git a/chrome/browser/ssl_manager.cc b/chrome/browser/ssl_manager.cc
index 0d03c3e..94bc42e 100644
--- a/chrome/browser/ssl_manager.cc
+++ b/chrome/browser/ssl_manager.cc
@@ -35,40 +35,10 @@
 #include "webkit/glue/resource_type.h"
 #include "generated_resources.h"
 
-////////////////////////////////////////////////////////////////////////////////
-// SSLInfoBar
-//
-// An info bar with a message and an optional link that runs a task when
-// clicked.
-
-class SSLInfoBar : public InfoBarItemView,
-                   public ChromeViews::LinkController {
- public:
-  SSLInfoBar::SSLInfoBar(SSLManager* manager,
-                         const std::wstring& message,
-                         const std::wstring& link_text,
-                         Task* task);
-
-  virtual SSLInfoBar::~SSLInfoBar();
-
-  const std::wstring GetMessageText() const;
-
-  // ChromeViews::LinkController method.
-  virtual void LinkActivated(ChromeViews::Link* source, int event_flags);
-
- private:
-  ChromeViews::Label* label_;
-  ChromeViews::Link* link_;
-  SSLManager* manager_;
-  scoped_ptr<Task> task_;
-
-  DISALLOW_COPY_AND_ASSIGN(SSLInfoBar);
-};
-
-SSLInfoBar::SSLInfoBar(SSLManager* manager,
-                       const std::wstring& message,
-                       const std::wstring& link_text,
-                       Task* task)
+SSLManager::SSLInfoBar::SSLInfoBar(SSLManager* manager,
+                                   const std::wstring& message,
+                                   const std::wstring& link_text,
+                                   Task* task)
     : label_(NULL),
       link_(NULL),
       manager_(manager),
@@ -94,19 +64,20 @@ SSLInfoBar::SSLInfoBar(SSLManager* manager,
   DCHECK(manager);
 }
 
-SSLInfoBar::~SSLInfoBar() {
+SSLManager::SSLInfoBar::~SSLInfoBar() {
   // Notify our manager that we no longer exist.
   manager_->OnInfoBarClose(this);
 }
 
-const std::wstring SSLInfoBar::GetMessageText() const {
+const std::wstring SSLManager::SSLInfoBar::GetMessageText() const {
   if (!label_)
     return std::wstring();
 
   return label_->GetText();
 }
 
-void SSLInfoBar::LinkActivated(ChromeViews::Link* source, int event_flags) {
+void SSLManager::SSLInfoBar::LinkActivated(ChromeViews::Link* source,
+                                           int event_flags) {
   if (task_.get()) {
     task_->Run();
     task_.reset();  // Ensures we won't run the task again.
@@ -643,10 +614,27 @@ void SSLManager::DidCommitProvisionalLoad(
   // An HTTPS response may not have a certificate for some reason.  When that
   // happens, use the unauthenticated (HTTP) rather than the authentication
   // broken security style so that we can detect this error condition.
-  if (net::IsCertStatusError(ssl_cert_status))
+  if (net::IsCertStatusError(ssl_cert_status)) {
     changed |= SetMaxSecurityStyle(SECURITY_STYLE_AUTHENTICATION_BROKEN);
-  else if (details->entry->url().SchemeIsSecure() && !ssl_cert_id)
-    changed |= SetMaxSecurityStyle(SECURITY_STYLE_UNAUTHENTICATED);
+    if (!details->is_main_frame &&
+        !details->entry->ssl().has_unsafe_content()) {
+      details->entry->ssl().set_has_unsafe_content();
+      changed = true;
+    }
+  } else if (details->entry->url().SchemeIsSecure() && !ssl_cert_id) {
+    if (details->is_main_frame) {
+      changed |= SetMaxSecurityStyle(SECURITY_STYLE_UNAUTHENTICATED);
+    } else {
+      // If the frame has been blocked we keep our security style as
+      // authenticated in that case as nothing insecure is actually showing or
+      // loaded.
+      if (!details->is_content_filtered && 
+          !details->entry->ssl().has_mixed_content()) {
+        details->entry->ssl().set_has_mixed_content();
+        changed = true;
+      }
+    }
+  }
 
   if (changed) {
     // Only send the notification when something actually changed.
-- 
cgit v1.1