Quelle browser_badCertDomainFixup.js Sprache: JAVA

/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */

"use strict";

// This test checks if we are correctly fixing https URLs by prefixing
// with www. when we encounter a SSL_ERROR_BAD_CERT_DOMAIN error.
// For example, https://example.com -> https://www.example.com.

async function verifyErrorPage(errorPageURL, feltPrivacy = false) {
  let certErrorLoaded = BrowserTestUtils.waitForErrorPage(
    gBrowser.selectedBrowser
  );
  BrowserTestUtils.startLoadingURIString(gBrowser, errorPageURL);
  await certErrorLoaded;

  await SpecialPowers.spawn(
    gBrowser.selectedBrowser,
    [feltPrivacy],
    async isFeltPrivacy => {
      let ec;
      if (isFeltPrivacy) {
        let netErrorCard =
          content.document.querySelector("net-error-card").wrappedJSObject;
        await netErrorCard.getUpdateComplete();
        netErrorCard.advancedButton.click();
        await ContentTaskUtils.waitForCondition(() => {
          return (ec = netErrorCard.errorCode);
        }, "Error code has been set inside the net-error-card advanced panel");

        is(
          ec.textContent.split(" ").at(-1),
          "SSL_ERROR_BAD_CERT_DOMAIN",
          "Correct error code is shown"
        );
      } else {
        await ContentTaskUtils.waitForCondition(() => {
          ec = content.document.getElementById("errorCode");
          return ec.textContent;
        }, "Error code has been set inside the advanced button panel");
        is(
          ec.textContent,
          "SSL_ERROR_BAD_CERT_DOMAIN",
          "Correct error code is shown"
        );
      }
    }
  );
}

// Turn off the pref and ensure that we show the error page as expected.
add_task(async function testNoFixupDisabledByPref() {
  for (let feltPrivacyEnabled of [true, false]) {
    await SpecialPowers.pushPrefEnv({
      set: [
        ["security.bad_cert_domain_error.url_fix_enabled", false],
        ["security.certerrors.felt-privacy-v1", feltPrivacyEnabled],
      ],
    });
    gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser);

    await verifyErrorPage(
      "https://badcertdomain.example.com",
      feltPrivacyEnabled
    );
    await verifyErrorPage(
      "https://www.badcertdomain2.example.com",
      feltPrivacyEnabled
    );

    BrowserTestUtils.removeTab(gBrowser.selectedTab);
    await SpecialPowers.popPrefEnv();
  }
});

// Test that "www." is prefixed to a https url when we encounter a bad cert domain
// error if the "www." form is included in the certificate's subjectAltNames.
add_task(async function testAddPrefixForBadCertDomain() {
  gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser);
  let loadSuccessful = BrowserTestUtils.browserLoaded(
    gBrowser.selectedBrowser,
    false,
    "https://www.badcertdomain.example.com/"
  );
  BrowserTestUtils.startLoadingURIString(
    gBrowser,
    "https://badcertdomain.example.com"
  );
  await loadSuccessful;

  BrowserTestUtils.removeTab(gBrowser.selectedTab);
});

// Test that we don't prefix "www." to a https url when we encounter a bad cert domain
// error under certain conditions.
add_task(async function testNoFixupCases() {
  for (let feltPrivacyEnabled of [true, false]) {
    await SpecialPowers.pushPrefEnv({
      set: [["security.certerrors.felt-privacy-v1", feltPrivacyEnabled]],
    });
    gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser);

    // Test for when "www." form is not present in the certificate.
    await verifyErrorPage(
      "https://mismatch.badcertdomain.example.com",
      feltPrivacyEnabled
    );

    // Test that urls with IP addresses are not fixed.
    await SpecialPowers.pushPrefEnv({
      set: [["network.proxy.allow_hijacking_localhost", true]],
    });
    await verifyErrorPage("https://127.0.0.3:433", feltPrivacyEnabled);
    await SpecialPowers.popPrefEnv();

    // Test that urls with ports are not fixed.
    await verifyErrorPage(
      "https://badcertdomain.example.com:82",
      feltPrivacyEnabled
    );

    BrowserTestUtils.removeTab(gBrowser.selectedTab);

    await SpecialPowers.popPrefEnv();
  }
});

// Test removing "www." prefix if the "www."-less form is included in the
// certificate's subjectAltNames.
add_task(async function testRemovePrefixForBadCertDomain() {
  gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser);
  let loadSuccessful = BrowserTestUtils.browserLoaded(
    gBrowser.selectedBrowser,
    false,
    "https://badcertdomain2.example.com/"
  );
  BrowserTestUtils.startLoadingURIString(
    gBrowser,
    "https://www.badcertdomain2.example.com"
  );
  await loadSuccessful;

  BrowserTestUtils.removeTab(gBrowser.selectedTab);
});

quality80%

¤ Dauer der Verarbeitung: 0.1 Sekunden (vorverarbeitet) ¤

Wurzel

Suchen

Beweissystem der NASA

Beweissystem Isabelle

NIST Cobol Testsuite

Cephes Mathematical Library

Wiener Entwicklungsmethode

Haftungshinweis

Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.

Bemerkung:

Die farbliche Syntaxdarstellung ist noch experimentell.