[mparch] Fix insecure localhost warning for MPArch.

A browser test for prerender is added. TestRenderFrameHost is adjusted to call DocumentOnLoadCompleted for main frames only, consistent with what Blink does for non-test documents: https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/core/dom/document.cc;l=3417-3418;drc=277f6e98aca49d754a569b2cc8f4b06b84f54ea0 Bug: 1220829 Change-Id: I7f2ce3f4f6c93bd8c6e2994401fcf3edcd41fd4a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2966999 Commit-Queue: Jeremy Roman <jbroman@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Reviewed-by: Alexander Timin <altimin@chromium.org> Cr-Commit-Position: refs/heads/master@{#900204}
FairyWorld · Jul 9, 2021 · d597d33 · d597d33
1 parent 438b1a7
commit d597d33
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 12 deletions.
diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
@@ -7338,7 +7338,8 @@ void WebContentsImpl::DocumentOnLoadCompleted(
     RenderFrameHostImpl* render_frame_host) {
   OPTIONAL_TRACE_EVENT1("content", "WebContentsImpl::DocumentOnLoadCompleted",
                         "render_frame_host", render_frame_host);
-  ShowInsecureLocalhostWarningIfNeeded();
+  DCHECK(render_frame_host->is_main_frame());
+  ShowInsecureLocalhostWarningIfNeeded(render_frame_host->GetPage());
 
   observers_.NotifyObservers(
       &WebContentsObserver::DocumentOnLoadCompletedInMainFrame,
@@ -8749,29 +8750,31 @@ void WebContentsImpl::RemoveReceiverSet(const std::string& interface_name) {
     receiver_sets_.erase(it);
 }
 
-void WebContentsImpl::ShowInsecureLocalhostWarningIfNeeded() {
+void WebContentsImpl::ShowInsecureLocalhostWarningIfNeeded(PageImpl& page) {
   OPTIONAL_TRACE_EVENT0(
       "content", "WebContentsImpl::ShowInsecureLocalhostWarningIfNeeded");
+
   bool allow_localhost = base::CommandLine::ForCurrentProcess()->HasSwitch(
       switches::kAllowInsecureLocalhost);
   if (!allow_localhost)
     return;
 
-  content::NavigationEntry* entry = GetController().GetLastCommittedEntry();
+  RenderFrameHostImpl& frame = page.GetMainDocument();
+  NavigationEntry* entry =
+      frame.frame_tree()->controller().GetLastCommittedEntry();
   if (!entry || !net::IsLocalhost(entry->GetURL()))
     return;
 
-  content::SSLStatus ssl_status = entry->GetSSL();
+  SSLStatus ssl_status = entry->GetSSL();
   if (!net::IsCertStatusError(ssl_status.cert_status))
     return;
 
-  GetMainFrame()->AddMessageToConsole(
-      blink::mojom::ConsoleMessageLevel::kWarning,
-      base::StringPrintf("This site does not have a valid SSL "
-                         "certificate! Without SSL, your site's and "
-                         "visitors' data is vulnerable to theft and "
-                         "tampering. Get a valid SSL certificate before"
-                         " releasing your website to the public."));
+  frame.AddMessageToConsole(blink::mojom::ConsoleMessageLevel::kWarning,
+                            "This site does not have a valid SSL "
+                            "certificate! Without SSL, your site's and "
+                            "visitors' data is vulnerable to theft and "
+                            "tampering. Get a valid SSL certificate before "
+                            " releasing your website to the public.");
 }
 
 bool WebContentsImpl::IsShowingContextMenuOnPage() const {

diff --git a/content/browser/web_contents/web_contents_impl.h b/content/browser/web_contents/web_contents_impl.h
@@ -1710,7 +1710,7 @@ class CONTENT_EXPORT WebContentsImpl : public WebContents,
 
   // Prints a console warning when visiting a localhost site with a bad
   // certificate via --allow-insecure-localhost.
-  void ShowInsecureLocalhostWarningIfNeeded();
+  void ShowInsecureLocalhostWarningIfNeeded(PageImpl& page);
 
   // Format of |headers| is a new line separated list of key value pairs:
   // "<key1>: <value1>\r\n<key2>: <value2>".

diff --git a/content/browser/web_contents/web_contents_impl_browsertest.cc b/content/browser/web_contents/web_contents_impl_browsertest.cc
@@ -68,6 +68,7 @@
 #include "content/public/test/content_browser_test.h"
 #include "content/public/test/content_browser_test_utils.h"
 #include "content/public/test/no_renderer_crashes_assertion.h"
+#include "content/public/test/prerender_test_util.h"
 #include "content/public/test/test_navigation_observer.h"
 #include "content/public/test/test_utils.h"
 #include "content/public/test/url_loader_interceptor.h"
@@ -4916,4 +4917,40 @@ IN_PROC_BROWSER_TEST_F(WebContentsImplAllowInsecureLocalhostBrowserTest,
   observer.Wait();
 }
 
+class WebContentsImplAllowInsecureLocalhostPrerenderBrowserTest
+    : public WebContentsImplAllowInsecureLocalhostBrowserTest {
+ protected:
+  test::PrerenderTestHelper& prerender_test_helper() {
+    return prerender_test_helper_;
+  }
+
+ private:
+  test::PrerenderTestHelper prerender_test_helper_{base::BindRepeating(
+      [](decltype(this) test) { return test->shell()->web_contents(); },
+      base::Unretained(this))};
+};
+
+IN_PROC_BROWSER_TEST_F(
+    WebContentsImplAllowInsecureLocalhostPrerenderBrowserTest,
+    WarnsInPrerenderWithSwitch) {
+  ASSERT_TRUE(https_server().Start());
+  ASSERT_TRUE(NavigateToURL(shell(), https_server().GetURL("/title1.html")));
+
+  https_server().ResetSSLConfig(net::EmbeddedTestServer::CERT_EXPIRED,
+                                net::SSLServerConfig());
+  GURL prerender_url = https_server().GetURL("/title2.html");
+
+  WebContentsConsoleObserver observer(shell()->web_contents());
+  observer.SetFilter(base::BindRepeating(
+      [](const GURL& expected_url,
+         const WebContentsConsoleObserver::Message& message) {
+        return message.source_frame->GetLastCommittedURL() == expected_url;
+      },
+      prerender_url));
+  observer.SetPattern("*SSL certificate*");
+
+  prerender_test_helper().AddPrerender(prerender_url);
+  observer.Wait();
+}
+
 }  // namespace content