VR: Verify prompts, warnings, etc. are handled reasonably |
||||||||
Issue descriptionWe should take inventory of the behavior of (at least) the following when browsing in VR. Longer term, we should try to automate these. 1. HTTP page 2. HTTPS page 3. Broken HTTPS (MiTM) page - chrome://interstitials 4. SafeBrowsing flagged site - http://testsafebrowsing.appspot.com/ 5. Network Error - chrome://network-errors + chrome://dino/ 6. Autofill - https://rsolomakhin.github.io/autofill/ 7. Permission prompt - https://permission.site/ 8. JS Alert/Confirm/Prompt dialogs
,
May 4 2017
9. chrome://crash/ 10. All chrome:// URLs (see chrome://chrome-urls/).
,
May 4 2017
,
May 4 2017
11. chrome-native://recent-tabs/ from issue 696566
,
May 12 2017
12. Find or create a page similar to #6 that exercises all form and other input elements. (See https://developer.mozilla.org/en-US/docs/Learn/HTML/Forms/The_native_form_widgets.)
,
May 18 2017
,
May 20 2017
13. Mixed content warnings (a sampling of potential test sites): a. https://mixed-content-test.appspot.com/ b. https://www.bennish.net/mixed-content.html c. https://people-mozilla.org/~mkelly/mixed_test.html
,
May 26 2017
,
May 26 2017
For badssl.com, note that this page has a large set of individual test pages. We'd like to verify that Clank and VR's URL bars display them in an equivalent way. Some cases need special consideration: - Long hostnames should cause VR to bail out (we can't yet elide) - It's okay for us to show the (i) icon, even if clank hides it
,
Jun 8 2017
Would also be good to check IDNs. There's a handy collection of non-ascii URLs listed here: http://www.personal.psu.edu/ejp10/blogs/gotunicode/2011/02/non-ascii-urls-to-test.html We should check that they render correctly.
,
Jun 9 2017
15. Comment 10.
,
Jun 9 2017
,
Jun 15 2017
What is the expected behavior at point 13 (Mixed content warnings)? There are no warnings for mixed content neither in 2D Clank nor in the ChromeVR, mixed active content is just silently blocked.
,
Jun 15 2017
Grey https, I think.
,
Jun 15 2017
,
Jun 15 2017
,
Jun 15 2017
Is the intent of this bug to capture the need for an ongoing testing regimen, or are we saying that we want to ensure that UI security issues are well in hand? If it's the latter, could we log bugs for each issue? We can then mark them verified as they're fixed.
,
Jun 15 2017
I covered all 15 items in this issue with manual test cases and was going to mark it as fixed.
,
Jun 15 2017
I think this bug is used to cover all the concerns from UX review for Chrome VR first launch, the url list in comment #1 are from ainslie@ in UX review. I think most of urls can be handled pretty well in Chrome VR, do you want us to only log bugs for the urls which we can not handle them as expected? Or do you prefer to log one bug for one url category, even they work well now?
,
Jul 20 2017
All items are covered with manual test cases. Issues were found during testing: issue 737826 Some features rejected in VR cannot be used after exiting VR issue 728421 Storage request is suppressed but not declined in Chrome VR issue 728274 "Storage access" permission popup isn't disabled in Chrome VR issue 727955 Chrome crashes if to click into "Email address" input field when in Chrome VR issue 733410 Cast device dialog is not disabled in Chrome VR issue 730850 "USB" permission popup isn't disabled in Chrome VR issue 729664 VR NTP page: Clicking 'More' under the recent bookmarks section triggers exiting VR
,
Jul 20 2017
,
Jul 27 2017
|
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by mthiesse@chromium.org
, May 4 2017