OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 #include <utility> | 6 #include <utility> |
7 | 7 |
8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
9 #include "base/macros.h" | 9 #include "base/macros.h" |
10 #include "base/memory/ptr_util.h" | 10 #include "base/memory/ptr_util.h" |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
45 #include "content/public/browser/notification_service.h" | 45 #include "content/public/browser/notification_service.h" |
46 #include "content/public/browser/render_frame_host.h" | 46 #include "content/public/browser/render_frame_host.h" |
47 #include "content/public/browser/render_process_host.h" | 47 #include "content/public/browser/render_process_host.h" |
48 #include "content/public/browser/render_view_host.h" | 48 #include "content/public/browser/render_view_host.h" |
49 #include "content/public/browser/web_contents.h" | 49 #include "content/public/browser/web_contents.h" |
50 #include "content/public/browser/web_contents_observer.h" | 50 #include "content/public/browser/web_contents_observer.h" |
51 #include "content/public/common/content_switches.h" | 51 #include "content/public/common/content_switches.h" |
52 #include "content/public/test/browser_test_utils.h" | 52 #include "content/public/test/browser_test_utils.h" |
53 #include "content/public/test/test_utils.h" | 53 #include "content/public/test/test_utils.h" |
54 #include "net/base/filename_util.h" | 54 #include "net/base/filename_util.h" |
55 #include "net/dns/mock_host_resolver.h" | |
56 #include "net/test/embedded_test_server/http_request.h" | 55 #include "net/test/embedded_test_server/http_request.h" |
57 #include "net/test/embedded_test_server/http_response.h" | 56 #include "net/test/embedded_test_server/http_response.h" |
58 #include "net/url_request/test_url_fetcher_factory.h" | 57 #include "net/url_request/test_url_fetcher_factory.h" |
59 #include "testing/gmock/include/gmock/gmock.h" | 58 #include "testing/gmock/include/gmock/gmock.h" |
60 #include "third_party/WebKit/public/platform/WebInputEvent.h" | 59 #include "third_party/WebKit/public/platform/WebInputEvent.h" |
61 #include "ui/events/keycodes/keyboard_codes.h" | 60 #include "ui/events/keycodes/keyboard_codes.h" |
62 #include "ui/gfx/geometry/point.h" | 61 #include "ui/gfx/geometry/point.h" |
63 | 62 |
64 using testing::_; | 63 using testing::_; |
65 | 64 |
(...skipping 1997 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2063 "document.getElementById('password_field').value = 'mypassword';" | 2062 "document.getElementById('password_field').value = 'mypassword';" |
2064 "document.getElementById('submit_button').click();"; | 2063 "document.getElementById('submit_button').click();"; |
2065 VerifyPasswordIsSavedAndFilled("/password/password_xhr_submit.html", | 2064 VerifyPasswordIsSavedAndFilled("/password/password_xhr_submit.html", |
2066 submit, "password_field", "mypassword"); | 2065 submit, "password_field", "mypassword"); |
2067 } | 2066 } |
2068 | 2067 |
2069 // Check that a password form in an iframe of different origin will not be | 2068 // Check that a password form in an iframe of different origin will not be |
2070 // filled in until a user interact with the form. | 2069 // filled in until a user interact with the form. |
2071 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestBase, | 2070 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestBase, |
2072 CrossSiteIframeNotFillTest) { | 2071 CrossSiteIframeNotFillTest) { |
2073 // Setup the mock host resolver | |
2074 host_resolver()->AddRule("*", "127.0.0.1"); | |
2075 | |
2076 // Here we need to dynamically create the iframe because the port | 2072 // Here we need to dynamically create the iframe because the port |
2077 // embedded_test_server ran on was dynamically allocated, so the iframe's src | 2073 // embedded_test_server ran on was dynamically allocated, so the iframe's src |
2078 // attribute can only be determined at run time. | 2074 // attribute can only be determined at run time. |
2079 NavigateToFile("/password/password_form_in_crosssite_iframe.html"); | 2075 NavigateToFile("/password/password_form_in_crosssite_iframe.html"); |
2080 NavigationObserver ifrm_observer(WebContents()); | 2076 NavigationObserver ifrm_observer(WebContents()); |
2081 ifrm_observer.SetPathToWaitFor("/password/crossite_iframe_content.html"); | 2077 ifrm_observer.SetPathToWaitFor("/password/crossite_iframe_content.html"); |
2082 std::string create_iframe = base::StringPrintf( | 2078 std::string create_iframe = base::StringPrintf( |
2083 "create_iframe(" | 2079 "create_iframe(" |
2084 "'http://randomsite.net:%d/password/crossite_iframe_content.html');", | 2080 "'http://randomsite.net:%d/password/crossite_iframe_content.html');", |
2085 embedded_test_server()->port()); | 2081 embedded_test_server()->port()); |
(...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2224 // The password manager driver will kill processes when they try to access | 2220 // The password manager driver will kill processes when they try to access |
2225 // passwords of sites other than the site the process is dedicated to, under | 2221 // passwords of sites other than the site the process is dedicated to, under |
2226 // site isolation. | 2222 // site isolation. |
2227 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestBase, | 2223 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestBase, |
2228 CrossSitePasswordEnforcement) { | 2224 CrossSitePasswordEnforcement) { |
2229 // The code under test is only active under site isolation. | 2225 // The code under test is only active under site isolation. |
2230 if (!content::AreAllSitesIsolatedForTesting()) { | 2226 if (!content::AreAllSitesIsolatedForTesting()) { |
2231 return; | 2227 return; |
2232 } | 2228 } |
2233 | 2229 |
2234 // Setup the mock host resolver | |
2235 host_resolver()->AddRule("*", "127.0.0.1"); | |
2236 | |
2237 // Navigate the main frame. | 2230 // Navigate the main frame. |
2238 GURL main_frame_url = embedded_test_server()->GetURL( | 2231 GURL main_frame_url = embedded_test_server()->GetURL( |
2239 "/password/password_form_in_crosssite_iframe.html"); | 2232 "/password/password_form_in_crosssite_iframe.html"); |
2240 NavigationObserver observer(WebContents()); | 2233 NavigationObserver observer(WebContents()); |
2241 ui_test_utils::NavigateToURL(browser(), main_frame_url); | 2234 ui_test_utils::NavigateToURL(browser(), main_frame_url); |
2242 observer.Wait(); | 2235 observer.Wait(); |
2243 | 2236 |
2244 // Create an iframe and navigate cross-site. | 2237 // Create an iframe and navigate cross-site. |
2245 NavigationObserver iframe_observer(WebContents()); | 2238 NavigationObserver iframe_observer(WebContents()); |
2246 iframe_observer.SetPathToWaitFor("/password/crossite_iframe_content.html"); | 2239 iframe_observer.SetPathToWaitFor("/password/crossite_iframe_content.html"); |
(...skipping 1019 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3266 } | 3259 } |
3267 | 3260 |
3268 // Verify the Form-Not-Secure warning is shown on a non-secure username field. | 3261 // Verify the Form-Not-Secure warning is shown on a non-secure username field. |
3269 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWarning, | 3262 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWarning, |
3270 ShowFormNotSecureOnUsernameField) { | 3263 ShowFormNotSecureOnUsernameField) { |
3271 ASSERT_TRUE( | 3264 ASSERT_TRUE( |
3272 base::FeatureList::IsEnabled(security_state::kHttpFormWarningFeature)); | 3265 base::FeatureList::IsEnabled(security_state::kHttpFormWarningFeature)); |
3273 | 3266 |
3274 // We need to serve from a non-localhost context for the form to be treated as | 3267 // We need to serve from a non-localhost context for the form to be treated as |
3275 // Not Secure. | 3268 // Not Secure. |
3276 host_resolver()->AddRule("example.com", "127.0.0.1"); | |
3277 NavigationObserver observer(WebContents()); | 3269 NavigationObserver observer(WebContents()); |
3278 ui_test_utils::NavigateToURL( | 3270 ui_test_utils::NavigateToURL( |
3279 browser(), embedded_test_server()->GetURL( | 3271 browser(), embedded_test_server()->GetURL( |
3280 "example.com", "/password/password_form.html")); | 3272 "example.com", "/password/password_form.html")); |
3281 observer.Wait(); | 3273 observer.Wait(); |
3282 | 3274 |
3283 // Mock the autofill client. | 3275 // Mock the autofill client. |
3284 password_manager::ContentPasswordManagerDriverFactory* driver_factory = | 3276 password_manager::ContentPasswordManagerDriverFactory* driver_factory = |
3285 password_manager::ContentPasswordManagerDriverFactory::FromWebContents( | 3277 password_manager::ContentPasswordManagerDriverFactory::FromWebContents( |
3286 WebContents()); | 3278 WebContents()); |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3322 } | 3314 } |
3323 | 3315 |
3324 // Verify the Form-Not-Secure warning is not shown on a non-credential field. | 3316 // Verify the Form-Not-Secure warning is not shown on a non-credential field. |
3325 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWarning, | 3317 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWarning, |
3326 DoNotShowFormNotSecureOnUnrelatedField) { | 3318 DoNotShowFormNotSecureOnUnrelatedField) { |
3327 ASSERT_TRUE( | 3319 ASSERT_TRUE( |
3328 base::FeatureList::IsEnabled(security_state::kHttpFormWarningFeature)); | 3320 base::FeatureList::IsEnabled(security_state::kHttpFormWarningFeature)); |
3329 | 3321 |
3330 // We need to serve from a non-localhost context for the form to be treated as | 3322 // We need to serve from a non-localhost context for the form to be treated as |
3331 // Not Secure. | 3323 // Not Secure. |
3332 host_resolver()->AddRule("example.com", "127.0.0.1"); | |
3333 NavigationObserver observer(WebContents()); | 3324 NavigationObserver observer(WebContents()); |
3334 ui_test_utils::NavigateToURL( | 3325 ui_test_utils::NavigateToURL( |
3335 browser(), embedded_test_server()->GetURL( | 3326 browser(), embedded_test_server()->GetURL( |
3336 "example.com", "/password/password_form.html")); | 3327 "example.com", "/password/password_form.html")); |
3337 observer.Wait(); | 3328 observer.Wait(); |
3338 | 3329 |
3339 // Mock the autofill client. | 3330 // Mock the autofill client. |
3340 password_manager::ContentPasswordManagerDriverFactory* driver_factory = | 3331 password_manager::ContentPasswordManagerDriverFactory* driver_factory = |
3341 password_manager::ContentPasswordManagerDriverFactory::FromWebContents( | 3332 password_manager::ContentPasswordManagerDriverFactory::FromWebContents( |
3342 WebContents()); | 3333 WebContents()); |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3374 // Force a round-trip. | 3365 // Force a round-trip. |
3375 ASSERT_TRUE(content::ExecuteScriptWithoutUserGesture(RenderFrameHost(), | 3366 ASSERT_TRUE(content::ExecuteScriptWithoutUserGesture(RenderFrameHost(), |
3376 "var noop = 'noop';")); | 3367 "var noop = 'noop';")); |
3377 // Ensure the warning was not triggered. | 3368 // Ensure the warning was not triggered. |
3378 ASSERT_FALSE(observing_autofill_client->DidPopupAppear()); | 3369 ASSERT_FALSE(observing_autofill_client->DidPopupAppear()); |
3379 // Ensure the histogram remains empty. | 3370 // Ensure the histogram remains empty. |
3380 histograms.ExpectTotalCount(kHistogram, 0); | 3371 histograms.ExpectTotalCount(kHistogram, 0); |
3381 } | 3372 } |
3382 | 3373 |
3383 } // namespace password_manager | 3374 } // namespace password_manager |
OLD | NEW |