toolkit/mozapps/extensions/test/browser/browser_updatessl.js@6474c204b198
toolkit/mozapps/extensions/test/browser/browser_updatessl.js
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 /* Any copyright is dedicated to the Public Domain.
2 * http://creativecommons.org/publicdomain/zero/1.0/
3 */
5 let tempScope = {};
6 Components.utils.import("resource://gre/modules/addons/AddonUpdateChecker.jsm", tempScope);
7 let AddonUpdateChecker = tempScope.AddonUpdateChecker;
9 const updaterdf = RELATIVE_DIR + "browser_updatessl.rdf";
10 const redirect = RELATIVE_DIR + "redirect.sjs?";
11 const SUCCESS = 0;
12 const DOWNLOAD_ERROR = AddonUpdateChecker.ERROR_DOWNLOAD_ERROR;
14 const HTTP = "http://example.com/";
15 const HTTPS = "https://example.com/";
16 const NOCERT = "https://nocert.example.com/";
17 const SELFSIGNED = "https://self-signed.example.com/";
18 const UNTRUSTED = "https://untrusted.example.com/";
19 const EXPIRED = "https://expired.example.com/";
21 const PREF_UPDATE_REQUIREBUILTINCERTS = "extensions.update.requireBuiltInCerts";
23 var gTests = [];
24 var gStart = 0;
25 var gLast = 0;
27 var HTTPObserver = {
28 observeActivity: function(aChannel, aType, aSubtype, aTimestamp, aSizeData,
29 aStringData) {
30 aChannel.QueryInterface(Ci.nsIChannel);
32 dump("*** HTTP Activity 0x" + aType.toString(16) + " 0x" + aSubtype.toString(16) +
33 " " + aChannel.URI.spec + "\n");
34 }
35 };
37 function test() {
38 gStart = Date.now();
39 requestLongerTimeout(4);
40 waitForExplicitFinish();
42 let observerService = Cc["@mozilla.org/network/http-activity-distributor;1"].
43 getService(Ci.nsIHttpActivityDistributor);
44 observerService.addObserver(HTTPObserver);
46 registerCleanupFunction(function() {
47 observerService.removeObserver(HTTPObserver);
48 });
50 run_next_test();
51 }
53 function end_test() {
54 Services.prefs.clearUserPref(PREF_UPDATE_REQUIREBUILTINCERTS);
56 var cos = Cc["@mozilla.org/security/certoverride;1"].
57 getService(Ci.nsICertOverrideService);
58 cos.clearValidityOverride("nocert.example.com", -1);
59 cos.clearValidityOverride("self-signed.example.com", -1);
60 cos.clearValidityOverride("untrusted.example.com", -1);
61 cos.clearValidityOverride("expired.example.com", -1);
63 info("All tests completed in " + (Date.now() - gStart) + "ms");
64 finish();
65 }
67 function add_update_test(mainURL, redirectURL, expectedStatus) {
68 gTests.push([mainURL, redirectURL, expectedStatus]);
69 }
71 function run_update_tests(callback) {
72 function run_next_update_test() {
73 if (gTests.length == 0) {
74 callback();
75 return;
76 }
77 gLast = Date.now();
79 let [mainURL, redirectURL, expectedStatus] = gTests.shift();
80 if (redirectURL) {
81 var url = mainURL + redirect + redirectURL + updaterdf;
82 var message = "Should have seen the right result for an update check redirected from " +
83 mainURL + " to " + redirectURL;
84 }
85 else {
86 url = mainURL + updaterdf;
87 message = "Should have seen the right result for an update check from " +
88 mainURL;
89 }
91 AddonUpdateChecker.checkForUpdates("addon1@tests.mozilla.org",
92 null, url, {
93 onUpdateCheckComplete: function(updates) {
94 is(updates.length, 1, "Should be the right number of results");
95 is(SUCCESS, expectedStatus, message);
96 info("Update test ran in " + (Date.now() - gLast) + "ms");
97 run_next_update_test();
98 },
100 onUpdateCheckError: function(status) {
101 is(status, expectedStatus, message);
102 info("Update test ran in " + (Date.now() - gLast) + "ms");
103 run_next_update_test();
104 }
105 });
106 }
108 run_next_update_test();
109 }
111 // Add overrides for the bad certificates
112 function addCertOverrides() {
113 addCertOverride("nocert.example.com", Ci.nsICertOverrideService.ERROR_MISMATCH);
114 addCertOverride("self-signed.example.com", Ci.nsICertOverrideService.ERROR_UNTRUSTED);
115 addCertOverride("untrusted.example.com", Ci.nsICertOverrideService.ERROR_UNTRUSTED);
116 addCertOverride("expired.example.com", Ci.nsICertOverrideService.ERROR_TIME);
117 }
119 // Runs tests with built-in certificates required and no certificate exceptions.
120 add_test(function() {
121 // Tests that a simple update.rdf retrieval works as expected.
122 add_update_test(HTTP, null, SUCCESS);
123 add_update_test(HTTPS, null, DOWNLOAD_ERROR);
124 add_update_test(NOCERT, null, DOWNLOAD_ERROR);
125 add_update_test(SELFSIGNED, null, DOWNLOAD_ERROR);
126 add_update_test(UNTRUSTED, null, DOWNLOAD_ERROR);
127 add_update_test(EXPIRED, null, DOWNLOAD_ERROR);
129 // Tests that redirecting from http to other servers works as expected
130 add_update_test(HTTP, HTTP, SUCCESS);
131 add_update_test(HTTP, HTTPS, SUCCESS);
132 add_update_test(HTTP, NOCERT, DOWNLOAD_ERROR);
133 add_update_test(HTTP, SELFSIGNED, DOWNLOAD_ERROR);
134 add_update_test(HTTP, UNTRUSTED, DOWNLOAD_ERROR);
135 add_update_test(HTTP, EXPIRED, DOWNLOAD_ERROR);
137 // Tests that redirecting from valid https to other servers works as expected
138 add_update_test(HTTPS, HTTP, DOWNLOAD_ERROR);
139 add_update_test(HTTPS, HTTPS, DOWNLOAD_ERROR);
140 add_update_test(HTTPS, NOCERT, DOWNLOAD_ERROR);
141 add_update_test(HTTPS, SELFSIGNED, DOWNLOAD_ERROR);
142 add_update_test(HTTPS, UNTRUSTED, DOWNLOAD_ERROR);
143 add_update_test(HTTPS, EXPIRED, DOWNLOAD_ERROR);
145 // Tests that redirecting from nocert https to other servers works as expected
146 add_update_test(NOCERT, HTTP, DOWNLOAD_ERROR);
147 add_update_test(NOCERT, HTTPS, DOWNLOAD_ERROR);
148 add_update_test(NOCERT, NOCERT, DOWNLOAD_ERROR);
149 add_update_test(NOCERT, SELFSIGNED, DOWNLOAD_ERROR);
150 add_update_test(NOCERT, UNTRUSTED, DOWNLOAD_ERROR);
151 add_update_test(NOCERT, EXPIRED, DOWNLOAD_ERROR);
153 // Tests that redirecting from self-signed https to other servers works as expected
154 add_update_test(SELFSIGNED, HTTP, DOWNLOAD_ERROR);
155 add_update_test(SELFSIGNED, HTTPS, DOWNLOAD_ERROR);
156 add_update_test(SELFSIGNED, NOCERT, DOWNLOAD_ERROR);
157 add_update_test(SELFSIGNED, SELFSIGNED, DOWNLOAD_ERROR);
158 add_update_test(SELFSIGNED, UNTRUSTED, DOWNLOAD_ERROR);
159 add_update_test(SELFSIGNED, EXPIRED, DOWNLOAD_ERROR);
161 // Tests that redirecting from untrusted https to other servers works as expected
162 add_update_test(UNTRUSTED, HTTP, DOWNLOAD_ERROR);
163 add_update_test(UNTRUSTED, HTTPS, DOWNLOAD_ERROR);
164 add_update_test(UNTRUSTED, NOCERT, DOWNLOAD_ERROR);
165 add_update_test(UNTRUSTED, SELFSIGNED, DOWNLOAD_ERROR);
166 add_update_test(UNTRUSTED, UNTRUSTED, DOWNLOAD_ERROR);
167 add_update_test(UNTRUSTED, EXPIRED, DOWNLOAD_ERROR);
169 // Tests that redirecting from expired https to other servers works as expected
170 add_update_test(EXPIRED, HTTP, DOWNLOAD_ERROR);
171 add_update_test(EXPIRED, HTTPS, DOWNLOAD_ERROR);
172 add_update_test(EXPIRED, NOCERT, DOWNLOAD_ERROR);
173 add_update_test(EXPIRED, SELFSIGNED, DOWNLOAD_ERROR);
174 add_update_test(EXPIRED, UNTRUSTED, DOWNLOAD_ERROR);
175 add_update_test(EXPIRED, EXPIRED, DOWNLOAD_ERROR);
177 run_update_tests(run_next_test);
178 });
180 // Runs tests without requiring built-in certificates and no certificate
181 // exceptions.
182 add_test(function() {
183 Services.prefs.setBoolPref(PREF_UPDATE_REQUIREBUILTINCERTS, false);
185 // Tests that a simple update.rdf retrieval works as expected.
186 add_update_test(HTTP, null, SUCCESS);
187 add_update_test(HTTPS, null, SUCCESS);
188 add_update_test(NOCERT, null, DOWNLOAD_ERROR);
189 add_update_test(SELFSIGNED, null, DOWNLOAD_ERROR);
190 add_update_test(UNTRUSTED, null, DOWNLOAD_ERROR);
191 add_update_test(EXPIRED, null, DOWNLOAD_ERROR);
193 // Tests that redirecting from http to other servers works as expected
194 add_update_test(HTTP, HTTP, SUCCESS);
195 add_update_test(HTTP, HTTPS, SUCCESS);
196 add_update_test(HTTP, NOCERT, DOWNLOAD_ERROR);
197 add_update_test(HTTP, SELFSIGNED, DOWNLOAD_ERROR);
198 add_update_test(HTTP, UNTRUSTED, DOWNLOAD_ERROR);
199 add_update_test(HTTP, EXPIRED, DOWNLOAD_ERROR);
201 // Tests that redirecting from valid https to other servers works as expected
202 add_update_test(HTTPS, HTTP, DOWNLOAD_ERROR);
203 add_update_test(HTTPS, HTTPS, SUCCESS);
204 add_update_test(HTTPS, NOCERT, DOWNLOAD_ERROR);
205 add_update_test(HTTPS, SELFSIGNED, DOWNLOAD_ERROR);
206 add_update_test(HTTPS, UNTRUSTED, DOWNLOAD_ERROR);
207 add_update_test(HTTPS, EXPIRED, DOWNLOAD_ERROR);
209 // Tests that redirecting from nocert https to other servers works as expected
210 add_update_test(NOCERT, HTTP, DOWNLOAD_ERROR);
211 add_update_test(NOCERT, HTTPS, DOWNLOAD_ERROR);
212 add_update_test(NOCERT, NOCERT, DOWNLOAD_ERROR);
213 add_update_test(NOCERT, SELFSIGNED, DOWNLOAD_ERROR);
214 add_update_test(NOCERT, UNTRUSTED, DOWNLOAD_ERROR);
215 add_update_test(NOCERT, EXPIRED, DOWNLOAD_ERROR);
217 // Tests that redirecting from self-signed https to other servers works as expected
218 add_update_test(SELFSIGNED, HTTP, DOWNLOAD_ERROR);
219 add_update_test(SELFSIGNED, HTTPS, DOWNLOAD_ERROR);
220 add_update_test(SELFSIGNED, NOCERT, DOWNLOAD_ERROR);
221 add_update_test(SELFSIGNED, SELFSIGNED, DOWNLOAD_ERROR);
222 add_update_test(SELFSIGNED, UNTRUSTED, DOWNLOAD_ERROR);
223 add_update_test(SELFSIGNED, EXPIRED, DOWNLOAD_ERROR);
225 // Tests that redirecting from untrusted https to other servers works as expected
226 add_update_test(UNTRUSTED, HTTP, DOWNLOAD_ERROR);
227 add_update_test(UNTRUSTED, HTTPS, DOWNLOAD_ERROR);
228 add_update_test(UNTRUSTED, NOCERT, DOWNLOAD_ERROR);
229 add_update_test(UNTRUSTED, SELFSIGNED, DOWNLOAD_ERROR);
230 add_update_test(UNTRUSTED, UNTRUSTED, DOWNLOAD_ERROR);
231 add_update_test(UNTRUSTED, EXPIRED, DOWNLOAD_ERROR);
233 // Tests that redirecting from expired https to other servers works as expected
234 add_update_test(EXPIRED, HTTP, DOWNLOAD_ERROR);
235 add_update_test(EXPIRED, HTTPS, DOWNLOAD_ERROR);
236 add_update_test(EXPIRED, NOCERT, DOWNLOAD_ERROR);
237 add_update_test(EXPIRED, SELFSIGNED, DOWNLOAD_ERROR);
238 add_update_test(EXPIRED, UNTRUSTED, DOWNLOAD_ERROR);
239 add_update_test(EXPIRED, EXPIRED, DOWNLOAD_ERROR);
241 run_update_tests(run_next_test);
242 });
244 // Runs tests with built-in certificates required and all certificate exceptions.
245 add_test(function() {
246 Services.prefs.clearUserPref(PREF_UPDATE_REQUIREBUILTINCERTS);
247 addCertOverrides();
249 // Tests that a simple update.rdf retrieval works as expected.
250 add_update_test(HTTP, null, SUCCESS);
251 add_update_test(HTTPS, null, DOWNLOAD_ERROR);
252 add_update_test(NOCERT, null, DOWNLOAD_ERROR);
253 add_update_test(SELFSIGNED, null, DOWNLOAD_ERROR);
254 add_update_test(UNTRUSTED, null, DOWNLOAD_ERROR);
255 add_update_test(EXPIRED, null, DOWNLOAD_ERROR);
257 // Tests that redirecting from http to other servers works as expected
258 add_update_test(HTTP, HTTP, SUCCESS);
259 add_update_test(HTTP, HTTPS, SUCCESS);
260 add_update_test(HTTP, NOCERT, SUCCESS);
261 add_update_test(HTTP, SELFSIGNED, SUCCESS);
262 add_update_test(HTTP, UNTRUSTED, SUCCESS);
263 add_update_test(HTTP, EXPIRED, SUCCESS);
265 // Tests that redirecting from valid https to other servers works as expected
266 add_update_test(HTTPS, HTTP, DOWNLOAD_ERROR);
267 add_update_test(HTTPS, HTTPS, DOWNLOAD_ERROR);
268 add_update_test(HTTPS, NOCERT, DOWNLOAD_ERROR);
269 add_update_test(HTTPS, SELFSIGNED, DOWNLOAD_ERROR);
270 add_update_test(HTTPS, UNTRUSTED, DOWNLOAD_ERROR);
271 add_update_test(HTTPS, EXPIRED, DOWNLOAD_ERROR);
273 // Tests that redirecting from nocert https to other servers works as expected
274 add_update_test(NOCERT, HTTP, DOWNLOAD_ERROR);
275 add_update_test(NOCERT, HTTPS, DOWNLOAD_ERROR);
276 add_update_test(NOCERT, NOCERT, DOWNLOAD_ERROR);
277 add_update_test(NOCERT, SELFSIGNED, DOWNLOAD_ERROR);
278 add_update_test(NOCERT, UNTRUSTED, DOWNLOAD_ERROR);
279 add_update_test(NOCERT, EXPIRED, DOWNLOAD_ERROR);
281 // Tests that redirecting from self-signed https to other servers works as expected
282 add_update_test(SELFSIGNED, HTTP, DOWNLOAD_ERROR);
283 add_update_test(SELFSIGNED, HTTPS, DOWNLOAD_ERROR);
284 add_update_test(SELFSIGNED, NOCERT, DOWNLOAD_ERROR);
285 add_update_test(SELFSIGNED, SELFSIGNED, DOWNLOAD_ERROR);
286 add_update_test(SELFSIGNED, UNTRUSTED, DOWNLOAD_ERROR);
287 add_update_test(SELFSIGNED, EXPIRED, DOWNLOAD_ERROR);
289 // Tests that redirecting from untrusted https to other servers works as expected
290 add_update_test(UNTRUSTED, HTTP, DOWNLOAD_ERROR);
291 add_update_test(UNTRUSTED, HTTPS, DOWNLOAD_ERROR);
292 add_update_test(UNTRUSTED, NOCERT, DOWNLOAD_ERROR);
293 add_update_test(UNTRUSTED, SELFSIGNED, DOWNLOAD_ERROR);
294 add_update_test(UNTRUSTED, UNTRUSTED, DOWNLOAD_ERROR);
295 add_update_test(UNTRUSTED, EXPIRED, DOWNLOAD_ERROR);
297 // Tests that redirecting from expired https to other servers works as expected
298 add_update_test(EXPIRED, HTTP, DOWNLOAD_ERROR);
299 add_update_test(EXPIRED, HTTPS, DOWNLOAD_ERROR);
300 add_update_test(EXPIRED, NOCERT, DOWNLOAD_ERROR);
301 add_update_test(EXPIRED, SELFSIGNED, DOWNLOAD_ERROR);
302 add_update_test(EXPIRED, UNTRUSTED, DOWNLOAD_ERROR);
303 add_update_test(EXPIRED, EXPIRED, DOWNLOAD_ERROR);
305 run_update_tests(run_next_test);
306 });
308 // Runs tests without requiring built-in certificates and all certificate
309 // exceptions.
310 add_test(function() {
311 Services.prefs.setBoolPref(PREF_UPDATE_REQUIREBUILTINCERTS, false);
313 // Tests that a simple update.rdf retrieval works as expected.
314 add_update_test(HTTP, null, SUCCESS);
315 add_update_test(HTTPS, null, SUCCESS);
316 add_update_test(NOCERT, null, SUCCESS);
317 add_update_test(SELFSIGNED, null, SUCCESS);
318 add_update_test(UNTRUSTED, null, SUCCESS);
319 add_update_test(EXPIRED, null, SUCCESS);
321 // Tests that redirecting from http to other servers works as expected
322 add_update_test(HTTP, HTTP, SUCCESS);
323 add_update_test(HTTP, HTTPS, SUCCESS);
324 add_update_test(HTTP, NOCERT, SUCCESS);
325 add_update_test(HTTP, SELFSIGNED, SUCCESS);
326 add_update_test(HTTP, UNTRUSTED, SUCCESS);
327 add_update_test(HTTP, EXPIRED, SUCCESS);
329 // Tests that redirecting from valid https to other servers works as expected
330 add_update_test(HTTPS, HTTP, DOWNLOAD_ERROR);
331 add_update_test(HTTPS, HTTPS, SUCCESS);
332 add_update_test(HTTPS, NOCERT, SUCCESS);
333 add_update_test(HTTPS, SELFSIGNED, SUCCESS);
334 add_update_test(HTTPS, UNTRUSTED, SUCCESS);
335 add_update_test(HTTPS, EXPIRED, SUCCESS);
337 // Tests that redirecting from nocert https to other servers works as expected
338 add_update_test(NOCERT, HTTP, DOWNLOAD_ERROR);
339 add_update_test(NOCERT, HTTPS, SUCCESS);
340 add_update_test(NOCERT, NOCERT, SUCCESS);
341 add_update_test(NOCERT, SELFSIGNED, SUCCESS);
342 add_update_test(NOCERT, UNTRUSTED, SUCCESS);
343 add_update_test(NOCERT, EXPIRED, SUCCESS);
345 // Tests that redirecting from self-signed https to other servers works as expected
346 add_update_test(SELFSIGNED, HTTP, DOWNLOAD_ERROR);
347 add_update_test(SELFSIGNED, HTTPS, SUCCESS);
348 add_update_test(SELFSIGNED, NOCERT, SUCCESS);
349 add_update_test(SELFSIGNED, SELFSIGNED, SUCCESS);
350 add_update_test(SELFSIGNED, UNTRUSTED, SUCCESS);
351 add_update_test(SELFSIGNED, EXPIRED, SUCCESS);
353 // Tests that redirecting from untrusted https to other servers works as expected
354 add_update_test(UNTRUSTED, HTTP, DOWNLOAD_ERROR);
355 add_update_test(UNTRUSTED, HTTPS, SUCCESS);
356 add_update_test(UNTRUSTED, NOCERT, SUCCESS);
357 add_update_test(UNTRUSTED, SELFSIGNED, SUCCESS);
358 add_update_test(UNTRUSTED, UNTRUSTED, SUCCESS);
359 add_update_test(UNTRUSTED, EXPIRED, SUCCESS);
361 // Tests that redirecting from expired https to other servers works as expected
362 add_update_test(EXPIRED, HTTP, DOWNLOAD_ERROR);
363 add_update_test(EXPIRED, HTTPS, SUCCESS);
364 add_update_test(EXPIRED, NOCERT, SUCCESS);
365 add_update_test(EXPIRED, SELFSIGNED, SUCCESS);
366 add_update_test(EXPIRED, UNTRUSTED, SUCCESS);
367 add_update_test(EXPIRED, EXPIRED, SUCCESS);
369 run_update_tests(run_next_test);
370 });
