diff options
author | Nate Fischer <ntfschr@google.com> | 2019-01-17 21:11:26 -0800 |
---|---|---|
committer | Nate Fischer <ntfschr@google.com> | 2019-01-18 13:12:54 -0800 |
commit | 03b395099c1ca796fb6e9fea0f4110d0fd0dfd54 (patch) | |
tree | e0461ea3379020cc19f4a133097f6324bc1408ae | |
parent | b297934c46a3c61d5c0a261dea55b06c9c55b9e3 (diff) | |
download | cts-03b395099c1ca796fb6e9fea0f4110d0fd0dfd54.tar.gz |
WebView: fix broken WebViewSslTest
An SSL-related bug fix in WebView (http://crrev/c/1259123) exposed an
error in this CTS test.
Although the test's original comment still rings true (failing the
client is a non-recoverable error), the behavior change in WebView
correctly triggers a recoverable error first (since we don't trust the
server certificate).
Bug: 123030084
Test: atest CtsWebkitTestCases:WebViewSslTest#testSecureServerRequiringClientCertDoesCancelRequest
Change-Id: I2c32e9d3c6269d6d139ce15f026ceb4b40bb241c
-rw-r--r-- | tests/tests/webkit/src/android/webkit/cts/WebViewSslTest.java | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/tests/tests/webkit/src/android/webkit/cts/WebViewSslTest.java b/tests/tests/webkit/src/android/webkit/cts/WebViewSslTest.java index e07267fc5f5..3c65a862501 100644 --- a/tests/tests/webkit/src/android/webkit/cts/WebViewSslTest.java +++ b/tests/tests/webkit/src/android/webkit/cts/WebViewSslTest.java @@ -730,12 +730,23 @@ public class WebViewSslTest extends ActivityInstrumentationTestCase2<WebViewCtsA mOnUiThread.clearSslPreferences(); mOnUiThread.loadUrlAndWaitForCompletion(url); // Page NOT loaded OK... - // In this case, we must NOT have received the onReceivedSslError callback as that is for - // recoverable (e.g. server auth) errors, whereas failing mandatory client auth is non- - // recoverable and should drop straight through to a load error. - assertFalse(webViewClient.wasOnReceivedSslErrorCalled()); - assertFalse(TestHtmlConstants.HELLO_WORLD_TITLE.equals(mOnUiThread.getTitle())); - assertEquals(WebViewClient.ERROR_FAILED_SSL_HANDSHAKE, webViewClient.onReceivedErrorCode()); + // + // In this test, we expect both a recoverable and non-recoverable error: + // + // 1. WebView does not trust the test server's certificate. This is a recoverable error, so + // WebView invokes #onReceivedSslError (and the WebViewClient calls #proceed). We don't + // specifically intend to test this part of the scenario, but we can't easily mock out + // WebView's certificate roots. + // 2. WebView proceeds with the handshake without providing client authentication. The + // server fails the client. This is non-recoverable, so WebView invokes + // #onReceivedError. + // + // We only assert the second error, since earlier WebView versions had a bug in which + // WebView hit error 2 first, which prevented it from hitting error 1. + assertFalse("Title should not be updated, since page load should have failed", + TestHtmlConstants.HELLO_WORLD_TITLE.equals(mOnUiThread.getTitle())); + assertEquals("Expected ERROR_FAILED_SSL_HANDSHAKE in onReceivedError", + WebViewClient.ERROR_FAILED_SSL_HANDSHAKE, webViewClient.onReceivedErrorCode()); } public void testProceedClientCertRequest() throws Throwable { |