OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <algorithm> | 5 #include <algorithm> |
6 #include <list> | 6 #include <list> |
7 #include <map> | 7 #include <map> |
8 | 8 |
9 #include "base/metrics/field_trial.h" | 9 #include "base/metrics/field_trial.h" |
10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
43 : bad_password_("incorrect"), | 43 : bad_password_("incorrect"), |
44 bad_username_("nouser"), | 44 bad_username_("nouser"), |
45 password_("secret"), | 45 password_("secret"), |
46 username_basic_("basicuser"), | 46 username_basic_("basicuser"), |
47 username_digest_("digestuser") { | 47 username_digest_("digestuser") { |
48 auth_map_["foo"] = AuthInfo("testuser", "foopassword"); | 48 auth_map_["foo"] = AuthInfo("testuser", "foopassword"); |
49 auth_map_["bar"] = AuthInfo("testuser", "barpassword"); | 49 auth_map_["bar"] = AuthInfo("testuser", "barpassword"); |
50 auth_map_["testrealm"] = AuthInfo(username_basic_, password_); | 50 auth_map_["testrealm"] = AuthInfo(username_basic_, password_); |
51 } | 51 } |
52 | 52 |
| 53 void SetUpOnMainThread() override { |
| 54 host_resolver()->AddRule("*", "127.0.0.1"); |
| 55 } |
| 56 |
53 protected: | 57 protected: |
54 struct AuthInfo { | 58 struct AuthInfo { |
55 std::string username_; | 59 std::string username_; |
56 std::string password_; | 60 std::string password_; |
57 | 61 |
58 AuthInfo() {} | 62 AuthInfo() {} |
59 | 63 |
60 AuthInfo(const std::string& username, | 64 AuthInfo(const std::string& username, |
61 const std::string& password) | 65 const std::string& password) |
62 : username_(username), password_(password) {} | 66 : username_(username), password_(password) {} |
(...skipping 619 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
682 EXPECT_EQ(0, observer.auth_supplied_count()); | 686 EXPECT_EQ(0, observer.auth_supplied_count()); |
683 EXPECT_EQ(1, observer.auth_needed_count()); | 687 EXPECT_EQ(1, observer.auth_needed_count()); |
684 EXPECT_EQ(1, observer.auth_cancelled_count()); | 688 EXPECT_EQ(1, observer.auth_cancelled_count()); |
685 } | 689 } |
686 | 690 |
687 // Block crossdomain image login prompting as a phishing defense. | 691 // Block crossdomain image login prompting as a phishing defense. |
688 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, | 692 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
689 BlockCrossdomainPromptForSubresources) { | 693 BlockCrossdomainPromptForSubresources) { |
690 const char kTestPage[] = "/login/load_img_from_b.html"; | 694 const char kTestPage[] = "/login/load_img_from_b.html"; |
691 | 695 |
692 host_resolver()->AddRule("www.a.com", "127.0.0.1"); | |
693 host_resolver()->AddRule("www.b.com", "127.0.0.1"); | |
694 ASSERT_TRUE(embedded_test_server()->Start()); | 696 ASSERT_TRUE(embedded_test_server()->Start()); |
695 | 697 |
696 content::WebContents* contents = | 698 content::WebContents* contents = |
697 browser()->tab_strip_model()->GetActiveWebContents(); | 699 browser()->tab_strip_model()->GetActiveWebContents(); |
698 NavigationController* controller = &contents->GetController(); | 700 NavigationController* controller = &contents->GetController(); |
699 LoginPromptBrowserTestObserver observer; | 701 LoginPromptBrowserTestObserver observer; |
700 observer.Register(content::Source<NavigationController>(controller)); | 702 observer.Register(content::Source<NavigationController>(controller)); |
701 | 703 |
702 // Load a page that has a cross-domain sub-resource authentication. | 704 // Load a page that has a cross-domain sub-resource authentication. |
703 // There should be no login prompt. | 705 // There should be no login prompt. |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
750 } | 752 } |
751 | 753 |
752 EXPECT_EQ(1, observer.auth_needed_count()); | 754 EXPECT_EQ(1, observer.auth_needed_count()); |
753 } | 755 } |
754 | 756 |
755 // Allow crossdomain iframe login prompting despite the above. | 757 // Allow crossdomain iframe login prompting despite the above. |
756 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, | 758 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
757 AllowCrossdomainPromptForSubframes) { | 759 AllowCrossdomainPromptForSubframes) { |
758 const char kTestPage[] = "/login/load_iframe_from_b.html"; | 760 const char kTestPage[] = "/login/load_iframe_from_b.html"; |
759 | 761 |
760 host_resolver()->AddRule("www.a.com", "127.0.0.1"); | |
761 host_resolver()->AddRule("www.b.com", "127.0.0.1"); | |
762 ASSERT_TRUE(embedded_test_server()->Start()); | 762 ASSERT_TRUE(embedded_test_server()->Start()); |
763 | 763 |
764 content::WebContents* contents = | 764 content::WebContents* contents = |
765 browser()->tab_strip_model()->GetActiveWebContents(); | 765 browser()->tab_strip_model()->GetActiveWebContents(); |
766 NavigationController* controller = &contents->GetController(); | 766 NavigationController* controller = &contents->GetController(); |
767 LoginPromptBrowserTestObserver observer; | 767 LoginPromptBrowserTestObserver observer; |
768 observer.Register(content::Source<NavigationController>(controller)); | 768 observer.Register(content::Source<NavigationController>(controller)); |
769 | 769 |
770 // Load a page that has a cross-domain iframe authentication. | 770 // Load a page that has a cross-domain iframe authentication. |
771 { | 771 { |
(...skipping 440 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1212 GURL test_page = embedded_test_server()->GetURL(kAuthBasicPage); | 1212 GURL test_page = embedded_test_server()->GetURL(kAuthBasicPage); |
1213 ASSERT_EQ("127.0.0.1", test_page.host()); | 1213 ASSERT_EQ("127.0.0.1", test_page.host()); |
1214 std::string auth_host("127.0.0.1"); | 1214 std::string auth_host("127.0.0.1"); |
1215 TestCrossOriginPrompt(test_page, auth_host, true); | 1215 TestCrossOriginPrompt(test_page, auth_host, true); |
1216 } | 1216 } |
1217 | 1217 |
1218 // If a cross origin redirect triggers a login prompt, the destination URL | 1218 // If a cross origin redirect triggers a login prompt, the destination URL |
1219 // should be shown in the omnibox when the auth dialog is displayed. | 1219 // should be shown in the omnibox when the auth dialog is displayed. |
1220 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, | 1220 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
1221 ShowCorrectUrlForCrossOriginMainFrameRedirects) { | 1221 ShowCorrectUrlForCrossOriginMainFrameRedirects) { |
1222 host_resolver()->AddRule("www.a.com", "127.0.0.1"); | |
1223 ASSERT_TRUE(embedded_test_server()->Start()); | 1222 ASSERT_TRUE(embedded_test_server()->Start()); |
1224 | 1223 |
1225 const char kTestPage[] = "/login/cross_origin.html"; | 1224 const char kTestPage[] = "/login/cross_origin.html"; |
1226 GURL test_page = embedded_test_server()->GetURL(kTestPage); | 1225 GURL test_page = embedded_test_server()->GetURL(kTestPage); |
1227 ASSERT_EQ("127.0.0.1", test_page.host()); | 1226 ASSERT_EQ("127.0.0.1", test_page.host()); |
1228 std::string auth_host("www.a.com"); | 1227 std::string auth_host("www.a.com"); |
1229 TestCrossOriginPrompt(test_page, auth_host, true); | 1228 TestCrossOriginPrompt(test_page, auth_host, true); |
1230 } | 1229 } |
1231 | 1230 |
1232 // Same as above, but instead of cancelling the prompt for www.a.com at the end, | 1231 // Same as above, but instead of cancelling the prompt for www.a.com at the end, |
1233 // the page redirects to another page (www.b.com) that triggers an auth dialog. | 1232 // the page redirects to another page (www.b.com) that triggers an auth dialog. |
1234 // This should cancel the login interstitial for the first page (www.a.com), | 1233 // This should cancel the login interstitial for the first page (www.a.com), |
1235 // create a blank interstitial for second page (www.b.com) and show its URL in | 1234 // create a blank interstitial for second page (www.b.com) and show its URL in |
1236 // the omnibox. | 1235 // the omnibox. |
1237 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, | 1236 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
1238 CancelLoginInterstitialOnRedirect) { | 1237 CancelLoginInterstitialOnRedirect) { |
1239 host_resolver()->AddRule("www.a.com", "127.0.0.1"); | |
1240 host_resolver()->AddRule("www.b.com", "127.0.0.1"); | |
1241 ASSERT_TRUE(embedded_test_server()->Start()); | 1238 ASSERT_TRUE(embedded_test_server()->Start()); |
1242 | 1239 |
1243 // The test page redirects to www.a.com which triggers an auth dialog. | 1240 // The test page redirects to www.a.com which triggers an auth dialog. |
1244 const char kTestPage[] = "/login/cross_origin.html"; | 1241 const char kTestPage[] = "/login/cross_origin.html"; |
1245 GURL test_page = embedded_test_server()->GetURL(kTestPage); | 1242 GURL test_page = embedded_test_server()->GetURL(kTestPage); |
1246 ASSERT_EQ("127.0.0.1", test_page.host()); | 1243 ASSERT_EQ("127.0.0.1", test_page.host()); |
1247 | 1244 |
1248 // The page at b.com simply displays an auth dialog. | 1245 // The page at b.com simply displays an auth dialog. |
1249 GURL::Replacements replace_host2; | 1246 GURL::Replacements replace_host2; |
1250 replace_host2.SetHostStr("www.b.com"); | 1247 replace_host2.SetHostStr("www.b.com"); |
(...skipping 206 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1457 // prevents the tested scenario from happening got broken, rather than the test | 1454 // prevents the tested scenario from happening got broken, rather than the test |
1458 // itself. | 1455 // itself. |
1459 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, | 1456 IN_PROC_BROWSER_TEST_F(LoginPromptBrowserTest, |
1460 ShouldNotProceedExistingInterstitial) { | 1457 ShouldNotProceedExistingInterstitial) { |
1461 net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS); | 1458 net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS); |
1462 https_server.SetSSLConfig(net::EmbeddedTestServer::CERT_EXPIRED); | 1459 https_server.SetSSLConfig(net::EmbeddedTestServer::CERT_EXPIRED); |
1463 ASSERT_TRUE(https_server.Start()); | 1460 ASSERT_TRUE(https_server.Start()); |
1464 | 1461 |
1465 const char* kTestPage = "/login/load_iframe_from_b.html"; | 1462 const char* kTestPage = "/login/load_iframe_from_b.html"; |
1466 | 1463 |
1467 host_resolver()->AddRule("www.b.com", "127.0.0.1"); | |
1468 ASSERT_TRUE(embedded_test_server()->Start()); | 1464 ASSERT_TRUE(embedded_test_server()->Start()); |
1469 | 1465 |
1470 content::WebContents* contents = | 1466 content::WebContents* contents = |
1471 browser()->tab_strip_model()->GetActiveWebContents(); | 1467 browser()->tab_strip_model()->GetActiveWebContents(); |
1472 NavigationController* controller = &contents->GetController(); | 1468 NavigationController* controller = &contents->GetController(); |
1473 LoginPromptBrowserTestObserver observer; | 1469 LoginPromptBrowserTestObserver observer; |
1474 observer.Register(content::Source<NavigationController>(controller)); | 1470 observer.Register(content::Source<NavigationController>(controller)); |
1475 | 1471 |
1476 // Load a page that has a cross-domain iframe authentication. This should | 1472 // Load a page that has a cross-domain iframe authentication. This should |
1477 // trigger a login prompt but no login interstitial. | 1473 // trigger a login prompt but no login interstitial. |
(...skipping 21 matching lines...) Expand all Loading... |
1499 // out. | 1495 // out. |
1500 EXPECT_TRUE( | 1496 EXPECT_TRUE( |
1501 WaitForRenderFrameReady(contents->GetInterstitialPage()->GetMainFrame())); | 1497 WaitForRenderFrameReady(contents->GetInterstitialPage()->GetMainFrame())); |
1502 EXPECT_TRUE(contents->ShowingInterstitialPage()); | 1498 EXPECT_TRUE(contents->ShowingInterstitialPage()); |
1503 EXPECT_EQ(SSLBlockingPage::kTypeForTesting, contents->GetInterstitialPage() | 1499 EXPECT_EQ(SSLBlockingPage::kTypeForTesting, contents->GetInterstitialPage() |
1504 ->GetDelegateForTesting() | 1500 ->GetDelegateForTesting() |
1505 ->GetTypeForTesting()); | 1501 ->GetTypeForTesting()); |
1506 } | 1502 } |
1507 | 1503 |
1508 } // namespace | 1504 } // namespace |
OLD | NEW |