The Tor Browser / file revision

security/manager/ssl/tests/mochitest/bugs/test_bug480509.html@141e0f1194b1

security/manager/ssl/tests/mochitest/bugs/test_bug480509.html

Wed, 31 Dec 2014 07:16:47 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 07:16:47 +0100
branch
TOR_BUG_9701
changeset 3
141e0f1194b1
permissions
-rw-r--r--

Revert simplistic fix pending revisit of Mozilla integration attempt.

     1 <html>

     2 <head>

     3   <title>Test bug 483437 and bug 480509</title>

     4   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        

     5   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />

     6 

     7 </head>

     8 <body onload="onWindowLoad()">

     9 

    10 <script class="testbody" type="text/javascript">

    11 

    12 SimpleTest.waitForExplicitFinish();

    13 

    14 function badCertListener() 

    15 {

    16 }

    17 

    18 badCertListener.prototype = {

    19   badCertCaught: false,

    20 

    21   getInterface: function (aIID) {

    22     return this.QueryInterface(aIID);

    23   },

    24 

    25   QueryInterface: function(aIID) {

    26     if (aIID.equals(SpecialPowers.Ci.nsIBadCertListener2) ||

    27         aIID.equals(SpecialPowers.Ci.nsIInterfaceRequestor) ||

    28         aIID.equals(SpecialPowers.Ci.nsISupports))

    29       return this;

    30 

    31     throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE;

    32   },  

    33 

    34   testCert: function(cert1, expected)

    35   {

    36     var certDumpTree1 = SpecialPowers.Cc["@mozilla.org/security/nsASN1Tree;1"]

    37                        .createInstance(SpecialPowers.Ci.nsIASN1Tree);

    38     certDumpTree1.loadASN1Structure(cert1.ASN1Structure);

    39     var value1 = certDumpTree1.getDisplayData(9);

    40     

    41     is(value1, expected, "Incorrect subject recognized");

    42   },

    43   

    44   notifyCertProblem: function(socketInfo, sslStatus, targetHost) {

    45     var cert = sslStatus.QueryInterface(SpecialPowers.Ci.nsISSLStatus)

    46       .serverCert;

    47     this.testCert(cert, "CN = www.bank1.com\\00www.bad-guy.com\n");

    48 

    49     this.badCertCaught = true;

    50     return true;

    51   }

    52 }

    53 

    54 function onFrameLoad()

    55 {

    56   ok(false, "Attackers page failed to load");

    57 }

    58 

    59 function onWindowLoad()

    60 {

    61   var req = new XMLHttpRequest();

    62   var certListener = new badCertListener();

    63   certListener = SpecialPowers.wrapCallbackObject(certListener);

    64   try

    65   {

    66     req.open("GET", "https://www.bank1.com/", false);

    67     SpecialPowers.wrap(req).channel.notificationCallbacks = certListener;

    68     req.send(null);

    69   }

    70   catch(ex)

    71   {

    72     // ignore

    73   }

    74   

    75   ok(certListener.badCertCaught, "We Caught the invalid certificate");

    76   

    77   SimpleTest.finish();

    78 }

    79 

    80 </script>

    81 

    82 <iframe src="https://www.bank1.com/" onload="onFrameLoad()"></iframe>

    83 </body>

    84 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial