nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/browser/base/content/test/about/browser_aboutCertError_exception.js
Johann Hofmann ad87a838f7 Bug 1492498 - Make certificate exceptions on the new cert error pages permanent by default. r=nhnt11,keeler 
This includes a new test for the feature and a bit of test cleanup to factor
out all exception related tests into their own test file.

Differential Revision: https://phabricator.services.mozilla.com/D17109

--HG--
rename : browser/base/content/test/about/browser_aboutCertError.js => browser/base/content/test/about/browser_aboutCertError_exception.js
extra : moz-landing-system : lando
2019-01-23 16:59:12 +00:00

159 lines
7.2 KiB
JavaScript
Raw Blame History

/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
const BAD_CERT = "https://expired.example.com/";
const BAD_STS_CERT = "https://badchain.include-subdomains.pinning.example.com:443";
const PREF_NEW_CERT_ERRORS = "browser.security.newcerterrorpage.enabled";
const PREF_PERMANENT_OVERRIDE = "security.certerrors.permanentOverride";
add_task(async function checkExceptionDialogButton() {
Services.prefs.setBoolPref(PREF_NEW_CERT_ERRORS, true);
info("Loading a bad cert page and making sure the exceptionDialogButton directly adds an exception");
let tab = await openErrorPage(BAD_CERT);
let browser = tab.linkedBrowser;
let loaded = BrowserTestUtils.browserLoaded(browser, false, BAD_CERT);
info("Clicking the exceptionDialogButton in advanced panel");
await ContentTask.spawn(browser, null, async function() {
let doc = content.document;
let exceptionButton = doc.getElementById("exceptionDialogButton");
exceptionButton.click();
});
info("Loading the url after adding exception");
await loaded;
await ContentTask.spawn(browser, null, async function() {
let doc = content.document;
ok(!doc.documentURI.startsWith("about:certerror"), "Exception has been added");
});
let certOverrideService = Cc["@mozilla.org/security/certoverride;1"]
.getService(Ci.nsICertOverrideService);
certOverrideService.clearValidityOverride("expired.example.com", -1);
BrowserTestUtils.removeTab(gBrowser.selectedTab);
Services.prefs.clearUserPref(PREF_NEW_CERT_ERRORS);
});
add_task(async function checkPermanentExceptionPref() {
Services.prefs.setBoolPref(PREF_NEW_CERT_ERRORS, true);
info("Loading a bad cert page and making sure the permanent state of exceptions can be controlled via pref");
for (let permanentOverride of [false, true]) {
Services.prefs.setBoolPref(PREF_PERMANENT_OVERRIDE, permanentOverride);
let tab = await openErrorPage(BAD_CERT);
let browser = tab.linkedBrowser;
let loaded = BrowserTestUtils.browserLoaded(browser, false, BAD_CERT);
info("Clicking the exceptionDialogButton in advanced panel");
let securityInfoAsString = await ContentTask.spawn(browser, null, async function() {
let doc = content.document;
let exceptionButton = doc.getElementById("exceptionDialogButton");
exceptionButton.click();
let serhelper = Cc["@mozilla.org/network/serialization-helper;1"]
.getService(Ci.nsISerializationHelper);
let serializable = content.docShell.failedChannel.securityInfo
.QueryInterface(Ci.nsITransportSecurityInfo)
.QueryInterface(Ci.nsISerializable);
return serhelper.serializeToString(serializable);
});
info("Loading the url after adding exception");
await loaded;
await ContentTask.spawn(browser, null, async function() {
let doc = content.document;
ok(!doc.documentURI.startsWith("about:certerror"), "Exception has been added");
});
let certOverrideService = Cc["@mozilla.org/security/certoverride;1"]
.getService(Ci.nsICertOverrideService);
let isTemporary = {};
let cert = getSecurityInfo(securityInfoAsString).serverCert;
let hasException =
certOverrideService.hasMatchingOverride("expired.example.com", -1, cert, {}, isTemporary);
ok(hasException, "Has stored an exception for the page.");
is(isTemporary.value, !permanentOverride,
`Has stored a ${permanentOverride ? "permanent" : "temporary"} exception for the page.`);
certOverrideService.clearValidityOverride("expired.example.com", -1);
BrowserTestUtils.removeTab(gBrowser.selectedTab);
}
Services.prefs.clearUserPref(PREF_PERMANENT_OVERRIDE);
Services.prefs.clearUserPref(PREF_NEW_CERT_ERRORS);
});
add_task(async function checkBadStsCert() {
info("Loading a badStsCert and making sure exception button doesn't show up");
for (let useFrame of [false, true]) {
let tab = await openErrorPage(BAD_STS_CERT, useFrame);
let browser = tab.linkedBrowser;
await ContentTask.spawn(browser, {frame: useFrame}, async function({frame}) {
let doc = frame ? content.document.querySelector("iframe").contentDocument : content.document;
let exceptionButton = doc.getElementById("exceptionDialogButton");
ok(ContentTaskUtils.is_hidden(exceptionButton), "Exception button is hidden.");
});
let message = await ContentTask.spawn(browser, {frame: useFrame}, async function({frame}) {
let doc = frame ? content.document.querySelector("iframe").contentDocument : content.document;
let advancedButton = doc.getElementById("advancedButton");
advancedButton.click();
return doc.getElementById("badCertTechnicalInfo").textContent;
});
if (Services.prefs.getBoolPref(PREF_NEW_CERT_ERRORS)) {
ok(message.includes("SSL_ERROR_BAD_CERT_DOMAIN"), "Didn't find SSL_ERROR_BAD_CERT_DOMAIN.");
ok(message.includes("The certificate is only valid for"), "Didn't find error message.");
ok(message.includes("a certificate that is not valid for"), "Didn't find error message.");
ok(message.includes("badchain.include-subdomains.pinning.example.com"), "Didn't find domain in error message.");
BrowserTestUtils.removeTab(gBrowser.selectedTab);
return;
}
ok(message.includes("SSL_ERROR_BAD_CERT_DOMAIN"), "Didn't find SSL_ERROR_BAD_CERT_DOMAIN.");
ok(message.includes("The certificate is only valid for"), "Didn't find error message.");
ok(message.includes("uses an invalid security certificate"), "Didn't find error message.");
ok(message.includes("badchain.include-subdomains.pinning.example.com"), "Didn't find domain in error message.");
BrowserTestUtils.removeTab(gBrowser.selectedTab);
}
});
add_task(async function checkhideAddExceptionButtonViaPref() {
info("Loading a bad cert page and verifying the pref security.certerror.hideAddException");
Services.prefs.setBoolPref("security.certerror.hideAddException", true);
for (let useFrame of [false, true]) {
let tab = await openErrorPage(BAD_CERT, useFrame);
let browser = tab.linkedBrowser;
await ContentTask.spawn(browser, {frame: useFrame}, async function({frame}) {
let doc = frame ? content.document.querySelector("iframe").contentDocument : content.document;
let exceptionButton = doc.querySelector(".exceptionDialogButtonContainer");
ok(ContentTaskUtils.is_hidden(exceptionButton), "Exception button is hidden.");
});
BrowserTestUtils.removeTab(gBrowser.selectedTab);
}
Services.prefs.clearUserPref("security.certerror.hideAddException");
});
add_task(async function checkhideAddExceptionButtonInFrames() {
info("Loading a bad cert page in a frame and verifying it's hidden.");
let tab = await openErrorPage(BAD_CERT, true);
let browser = tab.linkedBrowser;
await ContentTask.spawn(browser, null, async function() {
let doc = content.document.querySelector("iframe").contentDocument;
let exceptionButton = doc.getElementById("exceptionDialogButton");
ok(ContentTaskUtils.is_hidden(exceptionButton), "Exception button is hidden.");
});
BrowserTestUtils.removeTab(gBrowser.selectedTab);
});
View git blame Copy permalink