security/manager/ssl/tests/unit/test_sts_holepunch.js@6474c204b198 (annotated)
security/manager/ssl/tests/unit/test_sts_holepunch.js
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 2 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. |
| michael@0 | 4 | */ |
| michael@0 | 5 | "use strict"; |
| michael@0 | 6 | |
| michael@0 | 7 | // bug 961528: chart.apis.google.com doesn't handle https. Check that |
| michael@0 | 8 | // it isn't considered HSTS (other example.apis.google.com hosts should be |
| michael@0 | 9 | // HSTS as long as they're on the preload list, however). |
| michael@0 | 10 | function run_test() { |
| michael@0 | 11 | let SSService = Cc["@mozilla.org/ssservice;1"] |
| michael@0 | 12 | .getService(Ci.nsISiteSecurityService); |
| michael@0 | 13 | do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 14 | "chart.apis.google.com", 0)); |
| michael@0 | 15 | do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 16 | "CHART.APIS.GOOGLE.COM", 0)); |
| michael@0 | 17 | do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 18 | "sub.chart.apis.google.com", 0)); |
| michael@0 | 19 | do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 20 | "SUB.CHART.APIS.GOOGLE.COM", 0)); |
| michael@0 | 21 | do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 22 | "example.apis.google.com", 0)); |
| michael@0 | 23 | do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 24 | "EXAMPLE.APIS.GOOGLE.COM", 0)); |
| michael@0 | 25 | do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 26 | "sub.example.apis.google.com", 0)); |
| michael@0 | 27 | do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 28 | "SUB.EXAMPLE.APIS.GOOGLE.COM", 0)); |
| michael@0 | 29 | // also check isSecureURI |
| michael@0 | 30 | let chartURI = Services.io.newURI("http://chart.apis.google.com", null, null); |
| michael@0 | 31 | do_check_false(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 32 | chartURI, 0)); |
| michael@0 | 33 | let otherURI = Services.io.newURI("http://other.apis.google.com", null, null); |
| michael@0 | 34 | do_check_true(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, |
| michael@0 | 35 | otherURI, 0)); |
| michael@0 | 36 | } |
