| OLD | NEW |
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/website_settings.h" | |
| 6 | |
| 7 #include "base/at_exit.h" | |
| 8 #include "base/message_loop.h" | |
| 9 #include "base/string16.h" | |
| 10 #include "base/utf_string_conversions.h" | |
| 11 #include "chrome/browser/content_settings/host_content_settings_map.h" | |
| 12 #include "chrome/browser/content_settings/tab_specific_content_settings.h" | |
| 13 #include "chrome/browser/ui/website_settings_ui.h" | |
| 14 #include "chrome/common/content_settings.h" | |
| 15 #include "chrome/common/content_settings_types.h" | |
| 16 #include "chrome/test/base/chrome_render_view_host_test_harness.h" | |
| 17 #include "chrome/test/base/testing_profile.h" | |
| 18 #include "content/public/browser/cert_store.h" | |
| 19 #include "content/public/common/ssl_status.h" | |
| 20 #include "content/public/test/test_browser_thread.h" | |
| 21 #include "net/base/cert_status_flags.h" | |
| 22 #include "net/base/ssl_connection_status_flags.h" | |
| 23 #include "net/base/test_certificate_data.h" | |
| 24 #include "net/base/x509_certificate.h" | |
| 25 #include "testing/gmock/include/gmock/gmock.h" | |
| 26 #include "testing/gtest/include/gtest/gtest.h" | |
| 27 | |
| 28 using content::SSLStatus; | |
| 29 using namespace testing; | |
| 30 | |
| 31 namespace { | |
| 32 | |
| 33 // SSL cipher suite like specified in RFC5246 Appendix A.5. "The Cipher Suite". | |
| 34 static int TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3D; | |
| 35 | |
| 36 int SetSSLVersion(int connection_status, int version) { | |
| 37 // Clear SSL version bits (Bits 20, 21 and 22). | |
| 38 connection_status &= | |
| 39 ~(net::SSL_CONNECTION_VERSION_MASK << net::SSL_CONNECTION_VERSION_SHIFT); | |
| 40 int bitmask = version << net::SSL_CONNECTION_VERSION_SHIFT; | |
| 41 return bitmask | connection_status; | |
| 42 } | |
| 43 | |
| 44 int SetSSLCipherSuite(int connection_status, int cipher_suite) { | |
| 45 // Clear cipher suite bits (the 16 lowest bits). | |
| 46 connection_status &= ~net::SSL_CONNECTION_CIPHERSUITE_MASK; | |
| 47 return cipher_suite | connection_status; | |
| 48 } | |
| 49 | |
| 50 class MockCertStore : public content::CertStore { | |
| 51 public: | |
| 52 virtual ~MockCertStore() {} | |
| 53 MOCK_METHOD2(StoreCert, int(net::X509Certificate*, int)); | |
| 54 MOCK_METHOD2(RetrieveCert, bool(int, scoped_refptr<net::X509Certificate>*)); | |
| 55 }; | |
| 56 | |
| 57 class MockWebsiteSettingsUI : public WebsiteSettingsUI { | |
| 58 public: | |
| 59 virtual ~MockWebsiteSettingsUI() {} | |
| 60 MOCK_METHOD1(SetPresenter, void(WebsiteSettings* presenter)); | |
| 61 MOCK_METHOD1(SetCookieInfo, void(const CookieInfoList& cookie_info_list)); | |
| 62 MOCK_METHOD1(SetPermissionInfo, | |
| 63 void(const PermissionInfoList& permission_info_list)); | |
| 64 MOCK_METHOD1(SetIdentityInfo, void(const IdentityInfo& identity_info)); | |
| 65 MOCK_METHOD1(SetFirstVisit, void(const string16& first_visit)); | |
| 66 }; | |
| 67 | |
| 68 class WebsiteSettingsTest : public ChromeRenderViewHostTestHarness { | |
| 69 public: | |
| 70 WebsiteSettingsTest() | |
| 71 : website_settings_(NULL), | |
| 72 mock_ui_(NULL), | |
| 73 cert_id_(0), | |
| 74 browser_thread_(content::BrowserThread::UI, &message_loop_), | |
| 75 tab_specific_content_settings_(NULL), | |
| 76 url_("http://www.example.com") { | |
| 77 } | |
| 78 | |
| 79 virtual ~WebsiteSettingsTest() { | |
| 80 } | |
| 81 | |
| 82 virtual void SetUp() { | |
| 83 ChromeRenderViewHostTestHarness::SetUp(); | |
| 84 // Setup stub SSLStatus. | |
| 85 ssl_.security_style = content::SECURITY_STYLE_UNAUTHENTICATED; | |
| 86 | |
| 87 // Create the certificate. | |
| 88 cert_id_ = 1; | |
| 89 base::Time start_date = base::Time::Now(); | |
| 90 base::Time expiration_date = base::Time::FromInternalValue( | |
| 91 start_date.ToInternalValue() + base::Time::kMicrosecondsPerWeek); | |
| 92 cert_ = new net::X509Certificate("subject", | |
| 93 "issuer", | |
| 94 start_date, | |
| 95 expiration_date); | |
| 96 | |
| 97 tab_specific_content_settings_.reset( | |
| 98 new TabSpecificContentSettings(contents())); | |
| 99 | |
| 100 // Setup the mock cert store. | |
| 101 EXPECT_CALL(cert_store_, RetrieveCert(cert_id_, _) ) | |
| 102 .Times(AnyNumber()) | |
| 103 .WillRepeatedly(DoAll(SetArgPointee<1>(cert_), Return(true))); | |
| 104 | |
| 105 // Setup mock ui. | |
| 106 mock_ui_ = new MockWebsiteSettingsUI(); | |
| 107 } | |
| 108 | |
| 109 virtual void TearDown() { | |
| 110 ASSERT_TRUE(website_settings_) << "No WebsiteSettings instance created."; | |
| 111 // Call OnUIClosing to destroy the |website_settings| object. | |
| 112 EXPECT_CALL(*mock_ui_, SetPresenter(NULL)); | |
| 113 website_settings_->OnUIClosing(); | |
| 114 RenderViewHostTestHarness::TearDown(); | |
| 115 } | |
| 116 | |
| 117 void SetDefaultUIExpectations(MockWebsiteSettingsUI* mock_ui) { | |
| 118 // During creation |WebsiteSettings| makes the following calls to the ui. | |
| 119 EXPECT_CALL(*mock_ui, SetPermissionInfo(_)); | |
| 120 EXPECT_CALL(*mock_ui, SetIdentityInfo(_)); | |
| 121 EXPECT_CALL(*mock_ui, SetPresenter(_)); | |
| 122 EXPECT_CALL(*mock_ui, SetCookieInfo(_)); | |
| 123 EXPECT_CALL(*mock_ui, SetFirstVisit(string16())); | |
| 124 } | |
| 125 | |
| 126 const GURL& url() const { return url_; } | |
| 127 MockCertStore* cert_store() { return &cert_store_; } | |
| 128 int cert_id() { return cert_id_; } | |
| 129 MockWebsiteSettingsUI* mock_ui() { return mock_ui_; } | |
| 130 const SSLStatus& ssl() { return ssl_; } | |
| 131 TabSpecificContentSettings* tab_specific_content_settings() { | |
| 132 return tab_specific_content_settings_.get(); | |
| 133 } | |
| 134 | |
| 135 WebsiteSettings* website_settings() { | |
| 136 if (!website_settings_) { | |
| 137 website_settings_ = new WebsiteSettings( | |
| 138 mock_ui(), profile(), tab_specific_content_settings_.get(), url(), | |
| 139 ssl(), cert_store()); | |
| 140 } | |
| 141 return website_settings_; | |
| 142 } | |
| 143 | |
| 144 SSLStatus ssl_; | |
| 145 | |
| 146 private: | |
| 147 // The |Website_settings| object deletes itself after the OnUIClosing() | |
| 148 // method is called. | |
| 149 WebsiteSettings* website_settings_; // Weak pointer. | |
| 150 // The UI is owned by |web_site_settings_|. | |
| 151 MockWebsiteSettingsUI* mock_ui_; // Weak pointer. | |
| 152 int cert_id_; | |
| 153 scoped_refptr<net::X509Certificate> cert_; | |
| 154 content::TestBrowserThread browser_thread_; | |
| 155 scoped_ptr<TabSpecificContentSettings> tab_specific_content_settings_; | |
| 156 MockCertStore cert_store_; | |
| 157 GURL url_; | |
| 158 }; | |
| 159 | |
| 160 } // namespace | |
| 161 | |
| 162 TEST_F(WebsiteSettingsTest, OnPermissionsChanged) { | |
| 163 // Setup site permissions. | |
| 164 HostContentSettingsMap* content_settings = | |
| 165 profile()->GetHostContentSettingsMap(); | |
| 166 ContentSetting setting = content_settings->GetContentSetting( | |
| 167 url(), url(), CONTENT_SETTINGS_TYPE_POPUPS, ""); | |
| 168 EXPECT_EQ(setting, CONTENT_SETTING_BLOCK); | |
| 169 setting = content_settings->GetContentSetting( | |
| 170 url(), url(), CONTENT_SETTINGS_TYPE_PLUGINS, ""); | |
| 171 EXPECT_EQ(setting, CONTENT_SETTING_ALLOW); | |
| 172 setting = content_settings->GetContentSetting( | |
| 173 url(), url(), CONTENT_SETTINGS_TYPE_GEOLOCATION, ""); | |
| 174 EXPECT_EQ(setting, CONTENT_SETTING_ASK); | |
| 175 setting = content_settings->GetContentSetting( | |
| 176 url(), url(), CONTENT_SETTINGS_TYPE_NOTIFICATIONS, ""); | |
| 177 EXPECT_EQ(setting, CONTENT_SETTING_ASK); | |
| 178 | |
| 179 SetDefaultUIExpectations(mock_ui()); | |
| 180 | |
| 181 // Execute code under tests. | |
| 182 website_settings()->OnSitePermissionChanged(CONTENT_SETTINGS_TYPE_POPUPS, | |
| 183 CONTENT_SETTING_ALLOW); | |
| 184 website_settings()->OnSitePermissionChanged(CONTENT_SETTINGS_TYPE_PLUGINS, | |
| 185 CONTENT_SETTING_BLOCK); | |
| 186 website_settings()->OnSitePermissionChanged(CONTENT_SETTINGS_TYPE_GEOLOCATION, | |
| 187 CONTENT_SETTING_ALLOW); | |
| 188 website_settings()->OnSitePermissionChanged( | |
| 189 CONTENT_SETTINGS_TYPE_NOTIFICATIONS, CONTENT_SETTING_ALLOW); | |
| 190 | |
| 191 // Verify that the site permissions were changed correctly. | |
| 192 setting = content_settings->GetContentSetting( | |
| 193 url(), url(), CONTENT_SETTINGS_TYPE_POPUPS, ""); | |
| 194 EXPECT_EQ(setting, CONTENT_SETTING_ALLOW); | |
| 195 setting = content_settings->GetContentSetting( | |
| 196 url(), url(), CONTENT_SETTINGS_TYPE_PLUGINS, ""); | |
| 197 EXPECT_EQ(setting, CONTENT_SETTING_BLOCK); | |
| 198 setting = content_settings->GetContentSetting( | |
| 199 url(), url(), CONTENT_SETTINGS_TYPE_GEOLOCATION, ""); | |
| 200 EXPECT_EQ(setting, CONTENT_SETTING_ALLOW); | |
| 201 setting = content_settings->GetContentSetting( | |
| 202 url(), url(), CONTENT_SETTINGS_TYPE_NOTIFICATIONS, ""); | |
| 203 EXPECT_EQ(setting, CONTENT_SETTING_ALLOW); | |
| 204 } | |
| 205 | |
| 206 TEST_F(WebsiteSettingsTest, OnSiteDataAccessed) { | |
| 207 EXPECT_CALL(*mock_ui(), SetPermissionInfo(_)); | |
| 208 EXPECT_CALL(*mock_ui(), SetIdentityInfo(_)); | |
| 209 EXPECT_CALL(*mock_ui(), SetPresenter(_)); | |
| 210 EXPECT_CALL(*mock_ui(), SetFirstVisit(string16())); | |
| 211 EXPECT_CALL(*mock_ui(), SetCookieInfo(_)).Times(2); | |
| 212 | |
| 213 website_settings()->OnSiteDataAccessed(); | |
| 214 } | |
| 215 | |
| 216 TEST_F(WebsiteSettingsTest, HTTPConnection) { | |
| 217 SetDefaultUIExpectations(mock_ui()); | |
| 218 EXPECT_EQ(WebsiteSettings::SITE_CONNECTION_STATUS_UNENCRYPTED, | |
| 219 website_settings()->site_connection_status()); | |
| 220 EXPECT_EQ(WebsiteSettings::SITE_IDENTITY_STATUS_NO_CERT, | |
| 221 website_settings()->site_identity_status()); | |
| 222 EXPECT_EQ(string16(), website_settings()->organization_name()); | |
| 223 } | |
| 224 | |
| 225 TEST_F(WebsiteSettingsTest, HTTPSConnection) { | |
| 226 ssl_.security_style = content::SECURITY_STYLE_AUTHENTICATED; | |
| 227 ssl_.cert_id = cert_id(); | |
| 228 ssl_.cert_status = 0; | |
| 229 ssl_.security_bits = 81; // No error if > 80. | |
| 230 int status = 0; | |
| 231 status = SetSSLVersion(status, net::SSL_CONNECTION_VERSION_TLS1); | |
| 232 status = SetSSLCipherSuite(status, TLS_RSA_WITH_AES_256_CBC_SHA256); | |
| 233 ssl_.connection_status = status; | |
| 234 | |
| 235 SetDefaultUIExpectations(mock_ui()); | |
| 236 | |
| 237 EXPECT_EQ(WebsiteSettings::SITE_CONNECTION_STATUS_ENCRYPTED, | |
| 238 website_settings()->site_connection_status()); | |
| 239 EXPECT_EQ(WebsiteSettings::SITE_IDENTITY_STATUS_CERT, | |
| 240 website_settings()->site_identity_status()); | |
| 241 EXPECT_EQ(string16(), website_settings()->organization_name()); | |
| 242 } | |
| 243 | |
| 244 TEST_F(WebsiteSettingsTest, HTTPSMixedContent) { | |
| 245 ssl_.security_style = content::SECURITY_STYLE_AUTHENTICATED; | |
| 246 ssl_.cert_id = cert_id(); | |
| 247 ssl_.cert_status = 0; | |
| 248 ssl_.security_bits = 81; // No error if > 80. | |
| 249 ssl_.content_status = SSLStatus::DISPLAYED_INSECURE_CONTENT; | |
| 250 int status = 0; | |
| 251 status = SetSSLVersion(status, net::SSL_CONNECTION_VERSION_TLS1); | |
| 252 status = SetSSLCipherSuite(status, TLS_RSA_WITH_AES_256_CBC_SHA256); | |
| 253 ssl_.connection_status = status; | |
| 254 | |
| 255 SetDefaultUIExpectations(mock_ui()); | |
| 256 | |
| 257 EXPECT_EQ(WebsiteSettings::SITE_CONNECTION_STATUS_MIXED_CONTENT, | |
| 258 website_settings()->site_connection_status()); | |
| 259 EXPECT_EQ(WebsiteSettings::SITE_IDENTITY_STATUS_CERT, | |
| 260 website_settings()->site_identity_status()); | |
| 261 EXPECT_EQ(string16(), website_settings()->organization_name()); | |
| 262 } | |
| 263 | |
| 264 TEST_F(WebsiteSettingsTest, HTTPSEVCert) { | |
| 265 scoped_refptr<net::X509Certificate> ev_cert = | |
| 266 net::X509Certificate::CreateFromBytes( | |
| 267 reinterpret_cast<const char*>(google_der), | |
| 268 sizeof(google_der)); | |
| 269 int ev_cert_id = 1; | |
| 270 EXPECT_CALL(*cert_store(), RetrieveCert(ev_cert_id, _)).WillRepeatedly( | |
| 271 DoAll(SetArgPointee<1>(ev_cert), Return(true))); | |
| 272 | |
| 273 ssl_.security_style = content::SECURITY_STYLE_AUTHENTICATED; | |
| 274 ssl_.cert_id = ev_cert_id; | |
| 275 ssl_.cert_status = net::CERT_STATUS_IS_EV; | |
| 276 ssl_.security_bits = 81; // No error if > 80. | |
| 277 ssl_.content_status = SSLStatus::DISPLAYED_INSECURE_CONTENT; | |
| 278 int status = 0; | |
| 279 status = SetSSLVersion(status, net::SSL_CONNECTION_VERSION_TLS1); | |
| 280 status = SetSSLCipherSuite(status, TLS_RSA_WITH_AES_256_CBC_SHA256); | |
| 281 ssl_.connection_status = status; | |
| 282 | |
| 283 SetDefaultUIExpectations(mock_ui()); | |
| 284 | |
| 285 EXPECT_EQ(WebsiteSettings::SITE_CONNECTION_STATUS_MIXED_CONTENT, | |
| 286 website_settings()->site_connection_status()); | |
| 287 EXPECT_EQ(WebsiteSettings::SITE_IDENTITY_STATUS_EV_CERT, | |
| 288 website_settings()->site_identity_status()); | |
| 289 EXPECT_EQ(UTF8ToUTF16("Google Inc"), website_settings()->organization_name()); | |
| 290 } | |
| 291 | |
| 292 TEST_F(WebsiteSettingsTest, HTTPSRevocationError) { | |
| 293 ssl_.security_style = content::SECURITY_STYLE_AUTHENTICATED; | |
| 294 ssl_.cert_id = cert_id(); | |
| 295 ssl_.cert_status = net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION; | |
| 296 ssl_.security_bits = 81; // No error if > 80. | |
| 297 int status = 0; | |
| 298 status = SetSSLVersion(status, net::SSL_CONNECTION_VERSION_TLS1); | |
| 299 status = SetSSLCipherSuite(status, TLS_RSA_WITH_AES_256_CBC_SHA256); | |
| 300 ssl_.connection_status = status; | |
| 301 | |
| 302 SetDefaultUIExpectations(mock_ui()); | |
| 303 | |
| 304 EXPECT_EQ(WebsiteSettings::SITE_CONNECTION_STATUS_ENCRYPTED, | |
| 305 website_settings()->site_connection_status()); | |
| 306 EXPECT_EQ(WebsiteSettings::SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN, | |
| 307 website_settings()->site_identity_status()); | |
| 308 EXPECT_EQ(string16(), website_settings()->organization_name()); | |
| 309 } | |
| 310 | |
| 311 TEST_F(WebsiteSettingsTest, HTTPSConnectionError) { | |
| 312 ssl_.security_style = content::SECURITY_STYLE_AUTHENTICATED; | |
| 313 ssl_.cert_id = cert_id(); | |
| 314 ssl_.cert_status = 0; | |
| 315 ssl_.security_bits = 1; | |
| 316 int status = 0; | |
| 317 status = SetSSLVersion(status, net::SSL_CONNECTION_VERSION_TLS1); | |
| 318 status = SetSSLCipherSuite(status, TLS_RSA_WITH_AES_256_CBC_SHA256); | |
| 319 ssl_.connection_status = status; | |
| 320 | |
| 321 SetDefaultUIExpectations(mock_ui()); | |
| 322 | |
| 323 EXPECT_EQ(WebsiteSettings::SITE_CONNECTION_STATUS_ENCRYPTED_ERROR, | |
| 324 website_settings()->site_connection_status()); | |
| 325 EXPECT_EQ(WebsiteSettings::SITE_IDENTITY_STATUS_CERT, | |
| 326 website_settings()->site_identity_status()); | |
| 327 EXPECT_EQ(string16(), website_settings()->organization_name()); | |
| 328 } | |
| OLD | NEW |