Visit http://webdbg.com/test/forms/text.html and edit the form fields Expect: "Not secure" warning in Security Chip as outlined in this blog post: https://security.googleblog.com/2017/04/next-steps-toward-more-connection.html
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/d0acf2a7c00a10746b0a091b2f192b38be003b6c commit d0acf2a7c00a10746b0a091b2f192b38be003b6c Author: Eric Lawrence <elawrence@chromium.org> Date: Thu Jul 20 18:02:48 2017 Move SensitiveInputVisibility from password manager to browser Previously, SensitiveInputVisibility events were reported to the password manager. Chrome will soon introduce new states that trigger the "Not Secure" warning in Chrome's omnibox (including edits of any input type), meaning that the events are more naturally handled in \chrome\browser\ssl instead. This CL extracts the handler from the password manager to a new class. Future CLs will extend the mojo interface with new events. Bug: 720094 Change-Id: If7d2678dce2bda050fe488b69da0f754c7bb668b Reviewed-on: https://chromium-review.googlesource.com/574759 Commit-Queue: Eric Lawrence <elawrence@chromium.org> Reviewed-by: Emily Stark <estark@chromium.org> Reviewed-by: John Abd-El-Malek <jam@chromium.org> Reviewed-by: Vaclav Brozek <vabr@chromium.org> Cr-Commit-Position: refs/heads/master@{#488308} [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/BUILD.gn [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/DEPS [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/chrome_content_browser_client.cc [add] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/ssl/insecure_sensitive_input_driver.cc [add] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/ssl/insecure_sensitive_input_driver.h [add] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/ssl/insecure_sensitive_input_driver_factory.cc [add] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/ssl/insecure_sensitive_input_driver_factory.h [add] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/ssl/insecure_sensitive_input_driver_unittest.cc [rename] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/ssl/visible_password_observer.cc [rename] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/browser/ssl/visible_password_observer.h [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/chrome/test/BUILD.gn [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/components/password_manager/content/browser/BUILD.gn [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/components/password_manager/content/browser/DEPS [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/components/password_manager/content/browser/content_password_manager_driver.cc [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/components/password_manager/content/browser/content_password_manager_driver.h [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/components/password_manager/content/browser/content_password_manager_driver_factory.cc [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/components/password_manager/content/browser/content_password_manager_driver_factory.h [modify] https://crrev.com/d0acf2a7c00a10746b0a091b2f192b38be003b6c/components/password_manager/content/browser/content_password_manager_driver_unittest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f3138ab6ea3167e170b5b701699d23c1af9c8b80 commit f3138ab6ea3167e170b5b701699d23c1af9c8b80 Author: Emily Stark <estark@google.com> Date: Tue Aug 01 16:43:07 2017 Add copyable user data to content::SSLStatus This change adds functionality very similar to base::SupportsUserData to content::SSLStatus. We need the ability to attach embedder-specific data for HTTP-Bad; we want to track events like form editing alongside the navigation entry so that we can use them to downgrade the security level. We can't use base::SupportsUserData directly because it doesn't support copying, and SSLStatuses are copied as part of NavigationEntry. So, this approach adds *copyable* UserData objects to SSLStatuses. Bug: 720094 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_site_isolation Change-Id: I44f0e4bc175f7b8c443642af96867b50bf96ea57 Reviewed-on: https://chromium-review.googlesource.com/592073 Commit-Queue: Emily Stark <estark@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Reviewed-by: Avi Drissman <avi@chromium.org> Cr-Commit-Position: refs/heads/master@{#491016} [modify] https://crrev.com/f3138ab6ea3167e170b5b701699d23c1af9c8b80/chrome/browser/ssl/ssl_browser_tests.cc [modify] https://crrev.com/f3138ab6ea3167e170b5b701699d23c1af9c8b80/content/browser/frame_host/navigation_entry_impl_unittest.cc [modify] https://crrev.com/f3138ab6ea3167e170b5b701699d23c1af9c8b80/content/browser/ssl/ssl_manager.cc [modify] https://crrev.com/f3138ab6ea3167e170b5b701699d23c1af9c8b80/content/public/browser/ssl_status.cc [modify] https://crrev.com/f3138ab6ea3167e170b5b701699d23c1af9c8b80/content/public/browser/ssl_status.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/627f10c5015cc62d6286b4f4df0c3812dad1afbb commit 627f10c5015cc62d6286b4f4df0c3812dad1afbb Author: Eric Lawrence <elawrence@chromium.org> Date: Fri Aug 04 04:34:04 2017 Rename SensitiveInputVisibilityService to InsecureInputService Renames the mojo interface to reflect its soon-to-be-broader scope. Followup CLs will add and act upon a FieldEditedInInsecureContext method to change the SecurityLevel of the page when a user edits an input field on a non-secure page. BUG: 720094 Change-Id: Id4299c6cf53ac36a64f2018bcc0dd45a05d4f81a TBR: jam@chromium.org Reviewed-on: https://chromium-review.googlesource.com/599068 Commit-Queue: Eric Lawrence <elawrence@chromium.org> Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Emily Stark <estark@chromium.org> Cr-Commit-Position: refs/heads/master@{#491939} [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/chrome/browser/DEPS [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/chrome/browser/ssl/insecure_sensitive_input_driver.cc [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/chrome/browser/ssl/insecure_sensitive_input_driver.h [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/chrome/browser/ssl/insecure_sensitive_input_driver_factory.cc [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/chrome/browser/ssl/insecure_sensitive_input_driver_factory.h [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/content/public/app/mojo/content_browser_manifest.json [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/third_party/WebKit/Source/core/dom/Document.cpp [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/third_party/WebKit/Source/core/html/forms/PasswordInputTypeTest.cpp [modify] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/third_party/WebKit/public/BUILD.gn [rename] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/third_party/WebKit/public/platform/modules/insecure_input/OWNERS [rename] https://crrev.com/627f10c5015cc62d6286b4f4df0c3812dad1afbb/third_party/WebKit/public/platform/modules/insecure_input/insecure_input_service.mojom
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e07419d20b887e3e037781c021fb0e3629401a83 commit e07419d20b887e3e037781c021fb0e3629401a83 Author: Eric Lawrence <elawrence@chromium.org> Date: Sun Aug 06 12:41:09 2017 Notify embedder when a user edits a text field in a non-secure context Adds a new FieldEditedInInsecureContext method to the existing InsecureInputService Mojo interface. Edits are logged in a new SSLStatusInputEventData object attached to the SSLStatus for the current navigation entry, and propagated to its VisibleSecurityState. A followup CL will change the SecurityLevel of the page based on the new information in the VisibleSecurityState. BUG: 720094 Change-Id: I5ff1b019561a7fee625b9ce93fce7a0e47d3e082 Reviewed-on: https://chromium-review.googlesource.com/602607 Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Emily Stark <estark@chromium.org> Commit-Queue: Eric Lawrence <elawrence@chromium.org> Cr-Commit-Position: refs/heads/master@{#492252} [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/chrome/browser/ssl/insecure_sensitive_input_driver.cc [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/chrome/browser/ssl/insecure_sensitive_input_driver.h [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/content/BUILD.gn [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/content/content_utils.cc [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/content/content_utils_browsertest.cc [add] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/content/ssl_status_input_event_data.cc [add] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/content/ssl_status_input_event_data.h [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/core/BUILD.gn [add] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/core/insecure_input_event_data.h [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/core/security_state.cc [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/core/security_state.h [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/components/security_state/core/security_state_unittest.cc [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/third_party/WebKit/Source/core/dom/Document.cpp [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/third_party/WebKit/Source/core/dom/Document.h [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/third_party/WebKit/Source/core/html/forms/PasswordInputTypeTest.cpp [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/third_party/WebKit/Source/core/page/ChromeClientImpl.cpp [modify] https://crrev.com/e07419d20b887e3e037781c021fb0e3629401a83/third_party/WebKit/public/platform/modules/insecure_input/insecure_input_service.mojom
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6789f8394598093d031c06f1c0ffd7916edda362 commit 6789f8394598093d031c06f1c0ffd7916edda362 Author: Eric Lawrence <elawrence@chromium.org> Date: Tue Aug 08 12:31:14 2017 Degrade to HTTP_SHOW_WARNING security state after insecure_field_edited When the insecure_field_edited flag is set in the VisibleSecurityState's insecure_input_events, degrade the SecurityLevel to HTTP_SHOW_WARNING if one of the appropriate MarkNonSecureAs command line or field trial configurations is enabled. Bug: 720094 Change-Id: I7108c6ad8589533ad9dfda3927e6ada1bf742c6c TBR: alexmos@chromium.org Reviewed-on: https://chromium-review.googlesource.com/604348 Commit-Queue: Eric Lawrence <elawrence@chromium.org> Reviewed-by: Emily Stark <estark@chromium.org> Cr-Commit-Position: refs/heads/master@{#492603} [modify] https://crrev.com/6789f8394598093d031c06f1c0ffd7916edda362/chrome/browser/ssl/security_state_tab_helper_browser_tests.cc [modify] https://crrev.com/6789f8394598093d031c06f1c0ffd7916edda362/components/security_state/core/security_state.cc [modify] https://crrev.com/6789f8394598093d031c06f1c0ffd7916edda362/components/security_state/core/security_state_unittest.cc [modify] https://crrev.com/6789f8394598093d031c06f1c0ffd7916edda362/content/browser/ssl/ssl_manager.cc [modify] https://crrev.com/6789f8394598093d031c06f1c0ffd7916edda362/content/browser/ssl/ssl_manager.h [modify] https://crrev.com/6789f8394598093d031c06f1c0ffd7916edda362/content/public/browser/ssl_status.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/196d96c9c84afb4dfe39aa841951012ca467ea3d commit 196d96c9c84afb4dfe39aa841951012ca467ea3d Author: Eric Lawrence <elawrence@chromium.org> Date: Thu Aug 10 16:41:47 2017 Add an Explanation when security downgraded by non-secure field editing When a non-secure field edit downgrades the page's SecurityLevel to HTTP_SHOW_WARNING, add an explanation to |neutral_explanations|. The explanation is shown in the Developer Tools' Security panel. Bug: 720094 Change-Id: Ibcd29d850fadeee418f2a741a72e17731f8b511e Reviewed-on: https://chromium-review.googlesource.com/607049 Commit-Queue: Eric Lawrence <elawrence@chromium.org> Reviewed-by: Emily Stark <estark@chromium.org> Reviewed-by: Lucas Garron <lgarron@chromium.org> Cr-Commit-Position: refs/heads/master@{#493426} [modify] https://crrev.com/196d96c9c84afb4dfe39aa841951012ca467ea3d/chrome/browser/ssl/security_state_tab_helper_browser_tests.cc [modify] https://crrev.com/196d96c9c84afb4dfe39aa841951012ca467ea3d/components/security_state/content/content_utils.cc [modify] https://crrev.com/196d96c9c84afb4dfe39aa841951012ca467ea3d/components/security_state/content/content_utils_unittest.cc [modify] https://crrev.com/196d96c9c84afb4dfe39aa841951012ca467ea3d/components/security_state/core/security_state.cc [modify] https://crrev.com/196d96c9c84afb4dfe39aa841951012ca467ea3d/components/security_state/core/security_state.h [modify] https://crrev.com/196d96c9c84afb4dfe39aa841951012ca467ea3d/components/security_state_strings.grdp
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/49d3e4e8a3a9d153a3cf144d2787c33f6789d903 commit 49d3e4e8a3a9d153a3cf144d2787c33f6789d903 Author: Eric Lawrence <elawrence@chromium.org> Date: Thu Aug 10 22:59:29 2017 Initialize MarkHttpStatus even when field trial not checked In some cases, SecurityInfoForRequest does not consult the field trial and command-line configuration when making decisions. In such cases, the MarkHttpStatus must be defaulted to avoid use of an uninitialized variable. BUG= 720094 Change-Id: I5d1c487aee3355007ac49f54efdfd5d2ef138c80 Reviewed-on: https://chromium-review.googlesource.com/611148 Reviewed-by: Adrienne Porter Felt <felt@chromium.org> Commit-Queue: Eric Lawrence <elawrence@chromium.org> Cr-Commit-Position: refs/heads/master@{#493583} [modify] https://crrev.com/49d3e4e8a3a9d153a3cf144d2787c33f6789d903/components/security_state/core/security_state.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3 commit e5cdce168c1dd9490d6f4cc4087d0219bd6817f3 Author: Eric Lawrence <elawrence@chromium.org> Date: Thu Nov 09 02:57:25 2017 Implement HTTPBad Phase 2 for iOS This change updates the iOS HTTPBad implementation to more closely match the implementation in /content. Specifically, the legacy bitflags are moved from the ContentStatusFlags to a SSLUserData object attached to the SSLStatus, fixing a layering violation. Updates to the flags are handled at the browser layer (rather than in the /web layer). A WebStateObserver watches for the FormActivityRegistered event and sets the insecure_input_event flag on the SSLUserData if the page is loaded from a non-secure context, implementing HTTPBad Phase 2 for iOS. Bug: 720094 , 689082 Cq-Include-Trybots: master.tryserver.chromium.mac:ios-simulator-cronet Change-Id: I2f54a3aff212f8378a52b809c717a577ca4c8a69 Reviewed-on: https://chromium-review.googlesource.com/755889 Reviewed-by: Emily Stark <estark@chromium.org> Reviewed-by: Moe Ahmadi <mahmadi@chromium.org> Reviewed-by: Eugene But <eugenebut@chromium.org> Commit-Queue: Eric Lawrence <elawrence@chromium.org> Cr-Commit-Position: refs/heads/master@{#515075} [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/components/autofill/ios/browser/autofill_client_ios.h [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/components/autofill/ios/browser/autofill_client_ios.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/components/autofill/ios/browser/autofill_driver_ios.mm [add] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/components/security_state/ios/BUILD.gn [add] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/components/security_state/ios/DEPS [add] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/components/security_state/ios/ssl_status_input_event_data.h [add] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/components/security_state/ios/ssl_status_input_event_data.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/autofill/BUILD.gn [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/autofill/autofill_controller_unittest.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/passwords/BUILD.gn [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/passwords/password_controller.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/passwords/password_controller_unittest.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/ssl/BUILD.gn [add] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/ssl/insecure_input_tab_helper.h [add] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/ssl/insecure_input_tab_helper.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/ssl/ios_security_state_tab_helper.mm [add] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/ssl/ios_security_state_tab_helper_unittest.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/tabs/tab_helper_util.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/ui/autofill/BUILD.gn [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/ui/autofill/chrome_autofill_client_ios.h [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/chrome/browser/ui/autofill/chrome_autofill_client_ios.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/BUILD.gn [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/public/ssl_status.cc [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/public/ssl_status.h [add] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/public/ssl_status_unittest.cc [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/public/test/fakes/test_web_state.h [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/public/web_state/web_state.h [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/web_state/ui/crw_web_controller.h [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/web_state/ui/crw_web_controller.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/web_state/ui/crw_web_controller_unittest.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/web_state/web_state_impl.h [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/web_state/web_state_impl.mm [modify] https://crrev.com/e5cdce168c1dd9490d6f4cc4087d0219bd6817f3/ios/web/web_state/web_state_impl_unittest.mm
Comment 1 by elawrence@chromium.org
, May 10 2017