The Tor Browser / annotate

security/manager/ssl/tests/mochitest/bugs/test_bug480509.html@b8a032363ba2 (annotated)

security/manager/ssl/tests/mochitest/bugs/test_bug480509.html

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 <html>
michael@0 2 <head>
michael@0 3 <title>Test bug 483437 and bug 480509</title>
michael@0 4 <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
michael@0 5 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
michael@0 6
michael@0 7 </head>
michael@0 8 <body onload="onWindowLoad()">
michael@0 9
michael@0 10 <script class="testbody" type="text/javascript">
michael@0 11
michael@0 12 SimpleTest.waitForExplicitFinish();
michael@0 13
michael@0 14 function badCertListener()
michael@0 15 {
michael@0 16 }
michael@0 17
michael@0 18 badCertListener.prototype = {
michael@0 19 badCertCaught: false,
michael@0 20
michael@0 21 getInterface: function (aIID) {
michael@0 22 return this.QueryInterface(aIID);
michael@0 23 },
michael@0 24
michael@0 25 QueryInterface: function(aIID) {
michael@0 26 if (aIID.equals(SpecialPowers.Ci.nsIBadCertListener2) ||
michael@0 27 aIID.equals(SpecialPowers.Ci.nsIInterfaceRequestor) ||
michael@0 28 aIID.equals(SpecialPowers.Ci.nsISupports))
michael@0 29 return this;
michael@0 30
michael@0 31 throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE;
michael@0 32 },
michael@0 33
michael@0 34 testCert: function(cert1, expected)
michael@0 35 {
michael@0 36 var certDumpTree1 = SpecialPowers.Cc["@mozilla.org/security/nsASN1Tree;1"]
michael@0 37 .createInstance(SpecialPowers.Ci.nsIASN1Tree);
michael@0 38 certDumpTree1.loadASN1Structure(cert1.ASN1Structure);
michael@0 39 var value1 = certDumpTree1.getDisplayData(9);
michael@0 40
michael@0 41 is(value1, expected, "Incorrect subject recognized");
michael@0 42 },
michael@0 43
michael@0 44 notifyCertProblem: function(socketInfo, sslStatus, targetHost) {
michael@0 45 var cert = sslStatus.QueryInterface(SpecialPowers.Ci.nsISSLStatus)
michael@0 46 .serverCert;
michael@0 47 this.testCert(cert, "CN = www.bank1.com\\00www.bad-guy.com\n");
michael@0 48
michael@0 49 this.badCertCaught = true;
michael@0 50 return true;
michael@0 51 }
michael@0 52 }
michael@0 53
michael@0 54 function onFrameLoad()
michael@0 55 {
michael@0 56 ok(false, "Attackers page failed to load");
michael@0 57 }
michael@0 58
michael@0 59 function onWindowLoad()
michael@0 60 {
michael@0 61 var req = new XMLHttpRequest();
michael@0 62 var certListener = new badCertListener();
michael@0 63 certListener = SpecialPowers.wrapCallbackObject(certListener);
michael@0 64 try
michael@0 65 {
michael@0 66 req.open("GET", "https://www.bank1.com/", false);
michael@0 67 SpecialPowers.wrap(req).channel.notificationCallbacks = certListener;
michael@0 68 req.send(null);
michael@0 69 }
michael@0 70 catch(ex)
michael@0 71 {
michael@0 72 // ignore
michael@0 73 }
michael@0 74
michael@0 75 ok(certListener.badCertCaught, "We Caught the invalid certificate");
michael@0 76
michael@0 77 SimpleTest.finish();
michael@0 78 }
michael@0 79
michael@0 80 </script>
michael@0 81
michael@0 82 <iframe src="https://www.bank1.com/" onload="onFrameLoad()"></iframe>
michael@0 83 </body>
michael@0 84 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial