The Tor Browser / file revision

security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html@141e0f1194b1

security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html

Wed, 31 Dec 2014 07:16:47 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 07:16:47 +0100
branch
TOR_BUG_9701
changeset 3
141e0f1194b1
permissions
-rw-r--r--

Revert simplistic fix pending revisit of Mozilla integration attempt.

     1 <!-- This Source Code Form is subject to the terms of the Mozilla Public

     2    - License, v. 2.0. If a copy of the MPL was not distributed with this

     3    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->

     4 

     5 <!DOCTYPE HTML>

     6 <html>

     7 <head>

     8   <title>opens additional content that should be converted to https</title>

     9   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>

    10   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />

    11 

    12   <script class="testbody" type="text/javascript">

    13   SimpleTest.waitForExplicitFinish();

    14 

    15   const STSPATH = "/tests/security/manager/ssl/tests/mochitest/stricttransportsecurity";

    16 

    17   // initialized manually here

    18   var testsleft = {'plain': 4, 'subdom': 4};

    19   var roundsLeft = 2;

    20 

    21   var testframes = {

    22     'samedom':

    23       {'url':     "http://example.com" + STSPATH + "/verify.sjs",

    24         'expected': {'plain': 'SECURE', 'subdom': 'SECURE'}},

    25     'subdom':

    26       {'url':     "http://test1.example.com" + STSPATH + "/verify.sjs",

    27         'expected': {'plain': 'INSECURE', 'subdom': 'SECURE'}},

    28     'otherdom':

    29       {'url':     "http://example.org" + STSPATH + "/verify.sjs",

    30         'expected': {'plain': 'INSECURE', 'subdom': 'INSECURE'}},

    31     'alreadysecure':

    32       {'url':     "https://test2.example.com" + STSPATH + "/verify.sjs",

    33         'expected': {'plain': 'SECURE', 'subdom': 'SECURE'}},

    34   };

    35 

    36   function startRound(round) {

    37     var frame = document.createElement("iframe");

    38     frame.setAttribute('id', 'ifr_bootstrap');

    39     frame.setAttribute('src', "https://example.com" + STSPATH + "/" + round + "_bootstrap.html");

    40     document.body.appendChild(frame);

    41   }

    42 

    43   function endRound(round) {

    44     // remove all the iframes in the document

    45     document.body.removeChild(document.getElementById('ifr_bootstrap'));

    46     for (var test in testframes)

    47       document.body.removeChild(document.getElementById('ifr_' + test));

    48 

    49     // clean up the STS state

    50     const Cc = SpecialPowers.Cc;

    51     const Ci = SpecialPowers.Ci;

    52     var ios = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService);

    53     var thehost = ios.newURI("http://example.com", null, null);

    54 

    55     var sss = Cc["@mozilla.org/ssservice;1"].getService(Ci.nsISiteSecurityService);

    56     sss.removeState(Ci.nsISiteSecurityService.HEADER_HSTS, thehost, 0);

    57   }

    58 

    59   function loadVerifyFrames(round) {

    60     for (var test in testframes) {

    61       var frame = document.createElement("iframe");

    62       frame.setAttribute('id', 'ifr_' + test);

    63       frame.setAttribute('src', testframes[test].url + '?id=' + test);

    64       document.body.appendChild(frame);

    65     }

    66   }

    67 

    68   /* Messages received are in this format:

    69    *  (BOOTSTRAP|SECURE|INSECURE) testid

    70    * For example: "BOOTSTRAP plain"

    71    *          or: "INSECURE otherdom"

    72    */

    73   function onMessageReceived(event) {

    74 

    75     // otherwise, it's a test result

    76     var result = event.data.split(/\s+/);

    77     if (result.length != 2) {

    78       SimpleTest.ok(false, event.data);

    79       return;

    80     }

    81 

    82     // figure out which round of tests we're in

    83     var round = (roundsLeft == 2) ? 'plain' : 'subdom';

    84 

    85     if (result[0] === "BOOTSTRAP") {

    86       loadVerifyFrames(round);

    87       return;

    88     }

    89 

    90     // check if the result (SECURE/INSECURE) is expected for this round/test combo

    91     SimpleTest.is(result[0], testframes[result[1]].expected[round], 

    92                   "in ROUND " + round + ", test " + result[1]);

    93     testsleft[round]--;

    94 

    95     // check if there are more tests to run.

    96     if (testsleft[round] < 1) {

    97       // if not, advance to next round

    98       endRound(round);

    99       roundsLeft--;

   100 

   101       // defer this so it doesn't muck with the stack too much.

   102       if (roundsLeft == 1)

   103         setTimeout(function () {

   104             startRound('subdom'); 

   105           }, 0);

   106     }

   107 

   108     if (roundsLeft < 1) {

   109       SimpleTest.finish();

   110     }

   111   }

   112 

   113   // listen for calls back from the sts-setting iframe and then

   114   // the verification frames.

   115   window.addEventListener("message", onMessageReceived, false);

   116   window.addEventListener('load', function() {startRound('plain');}, false);

   117   </script>

   118 </head>

   119 

   120 <body>

   121   This test will load some iframes and do some tests.

   122 

   123 </body>

   124 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial