michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0:  * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0:  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
michael@0:  */
michael@0: "use strict";
michael@0: 
michael@0: // bug 961528: chart.apis.google.com doesn't handle https. Check that
michael@0: // it isn't considered HSTS (other example.apis.google.com hosts should be
michael@0: // HSTS as long as they're on the preload list, however).
michael@0: function run_test() {
michael@0:   let SSService = Cc["@mozilla.org/ssservice;1"]
michael@0:                     .getService(Ci.nsISiteSecurityService);
michael@0:   do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                         "chart.apis.google.com", 0));
michael@0:   do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                         "CHART.APIS.GOOGLE.COM", 0));
michael@0:   do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                         "sub.chart.apis.google.com", 0));
michael@0:   do_check_false(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                         "SUB.CHART.APIS.GOOGLE.COM", 0));
michael@0:   do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                        "example.apis.google.com", 0));
michael@0:   do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                        "EXAMPLE.APIS.GOOGLE.COM", 0));
michael@0:   do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                        "sub.example.apis.google.com", 0));
michael@0:   do_check_true(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                        "SUB.EXAMPLE.APIS.GOOGLE.COM", 0));
michael@0:   // also check isSecureURI
michael@0:   let chartURI = Services.io.newURI("http://chart.apis.google.com", null, null);
michael@0:   do_check_false(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                        chartURI, 0));
michael@0:   let otherURI = Services.io.newURI("http://other.apis.google.com", null, null);
michael@0:   do_check_true(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
michael@0:                                       otherURI, 0));
michael@0: }