The Tor Browser / file revision

toolkit/modules/tests/chrome/test_bug544442_checkCert.xul@129ffea94266

toolkit/modules/tests/chrome/test_bug544442_checkCert.xul

Sat, 03 Jan 2015 20:18:00 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Sat, 03 Jan 2015 20:18:00 +0100
branch
TOR_BUG_3246
changeset 7
129ffea94266
permissions
-rw-r--r--

Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.

     1 <?xml version="1.0"?>

     2 <!--

     3 /* Any copyright is dedicated to the Public Domain.

     4  * http://creativecommons.org/publicdomain/zero/1.0/

     5  */

     6 -->

     7 

     8 <?xml-stylesheet href="chrome://global/skin" type="text/css"?>

     9 <?xml-stylesheet href="chrome://mochikit/content/tests/SimpleTest/test.css" type="text/css"?>

    10 

    11 <window title="Test CertUtils.jsm checkCert - bug 340198 and bug 544442"

    12         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"

    13         onload="testStart();">

    14 <script type="application/javascript"

    15         src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/>

    16 

    17 <script type="application/javascript">

    18 <![CDATA[

    19 

    20 const Cc = Components.classes;

    21 const Ci = Components.interfaces;

    22 const Cr = Components.results;

    23 

    24 SimpleTest.waitForExplicitFinish();

    25 

    26 Components.utils.import("resource://gre/modules/CertUtils.jsm");

    27 

    28 function testStart() {

    29   ok(true, "Entering testStart");

    30 

    31   var request = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"].

    32                 createInstance(Ci.nsIXMLHttpRequest);

    33   request.open("GET", "https://example.com/", true);

    34   request.channel.notificationCallbacks = new BadCertHandler(true);

    35   request.onerror = function(event) { testXHRError(event); };

    36   request.onload = function(event) { testXHRLoad(event); };

    37   request.send(null);

    38 }

    39 

    40 function testXHRError(aEvent) {

    41   ok(true, "Entering testXHRError - something went wrong");

    42 

    43   var request = aEvent.target;

    44   var status = 0;

    45   try {

    46     status = request.status;

    47   }

    48   catch (e) {

    49   }

    50 

    51   if (status == 0)

    52     status = request.channel.QueryInterface(Ci.nsIRequest).status;

    53 

    54   ok(false, "XHR onerror called: " + status);

    55 

    56   SimpleTest.finish();

    57 }

    58 

    59 function getCheckCertResult(aChannel, aAllowNonBuiltIn, aCerts) {

    60   try {

    61     checkCert(aChannel, aAllowNonBuiltIn, aCerts);

    62   }

    63   catch (e) {

    64     return e.result;

    65   }

    66   return Cr.NS_OK;

    67 }

    68 

    69 function testXHRLoad(aEvent) {

    70   ok(true, "Entering testXHRLoad");

    71 

    72   var channel = aEvent.target.channel;

    73 

    74   var certs = null;

    75   is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT,

    76      "checkCert should throw NS_ERROR_ABORT when the certificate attributes " +

    77      "array passed to checkCert is null and the certificate is not builtin");

    78 

    79   is(getCheckCertResult(channel, true, certs), Cr.NS_OK,

    80      "checkCert should not throw when the certificate attributes array " +

    81      "passed to checkCert is null and builtin certificates aren't enforced");

    82 

    83   certs = [ { invalidAttribute: "Invalid attribute" } ];

    84   is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ILLEGAL_VALUE,

    85      "checkCert should throw NS_ERROR_ILLEGAL_VALUE when the certificate " +

    86      "attributes array passed to checkCert has an element that has an " +

    87      "attribute that does not exist on the certificate");

    88 

    89   certs = [ { issuerName: "Incorrect issuerName" } ];

    90   is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ILLEGAL_VALUE,

    91      "checkCert should throw NS_ERROR_ILLEGAL_VALUE when the certificate " +

    92      "attributes array passed to checkCert has an element that has an " +

    93      "issuerName that is not the same as the certificate's");

    94 

    95   var cert = channel.securityInfo.QueryInterface(Ci.nsISSLStatusProvider).

    96              SSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert;

    97 

    98   certs = [ { issuerName: cert.issuerName,

    99               commonName: cert.commonName } ];

   100   is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT,

   101      "checkCert should throw NS_ERROR_ABORT when the certificate attributes " +

   102      "array passed to checkCert has a single element that has the same " +

   103      "issuerName and commonName as the certificate's and the certificate is " +

   104      "not builtin");

   105 

   106   is(getCheckCertResult(channel, true, certs), Cr.NS_OK,

   107      "checkCert should not throw when the certificate attributes array " +

   108      "passed to checkCert has a single element that has the same issuerName " +

   109      "and commonName as the certificate's and and builtin certificates " +

   110      "aren't enforced");

   111 

   112   certs = [ { issuerName: "Incorrect issuerName",

   113               invalidAttribute: "Invalid attribute" },

   114             { issuerName: cert.issuerName,

   115               commonName: "Invalid Common Name" },

   116             { issuerName: cert.issuerName,

   117               commonName: cert.commonName } ];

   118   is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT,

   119      "checkCert should throw NS_ERROR_ABORT when the certificate attributes " +

   120      "array passed to checkCert has an element that has the same issuerName " +

   121      "and commonName as the certificate's and the certificate is not builtin");

   122 

   123   is(getCheckCertResult(channel, true, certs), Cr.NS_OK,

   124      "checkCert should not throw when the certificate attributes array " +

   125      "passed to checkCert has an element that has the same issuerName and " +

   126      "commonName as the certificate's and builtin certificates aren't enforced");

   127 

   128   var mockChannel = { originalURI: Cc["@mozilla.org/network/io-service;1"].

   129                                    getService(Ci.nsIIOService).

   130                                    newURI("http://example.com/", null, null) };

   131 

   132   certs = [ ];

   133   is(getCheckCertResult(mockChannel, false, certs), Cr.NS_ERROR_UNEXPECTED,

   134      "checkCert should throw NS_ERROR_UNEXPECTED when the certificate " +

   135      "attributes array passed to checkCert is not null and the channel's " +

   136      "originalURI is not https");

   137 

   138   certs = null;

   139   is(getCheckCertResult(mockChannel, false, certs), Cr.NS_OK,

   140      "checkCert should not throw when the certificate attributes object " +

   141      "passed to checkCert is null and the the channel's originalURI is not " +

   142      "https");

   143 

   144   SimpleTest.finish();

   145 }

   146 

   147 ]]>

   148 </script>

   149 

   150 <body xmlns="http://www.w3.org/1999/xhtml">

   151   <p id="display"></p>

   152   <div id="content" style="display: none"></div>

   153   <pre id="test"></pre>

   154 </body>

   155 </window>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial