forked from mirrors/gecko-dev
42028efc71
This method only is async in order to allow callers to wait for a process switch triggered by the call to `loadURI` to be finished before resolving. With DocumentChannel, we should never trigger a process switch eagerly like this again, so we don't need any of the async behaviour here anymore. This part is largely mechanical changes to tests, removing the `await` calls on `loadURI`, and a follow-up part will remove the actual async logic from `BrowserTestUtils.loadURI`. Differential Revision: https://phabricator.services.mozilla.com/D94641
94 lines
3 KiB
JavaScript
94 lines
3 KiB
JavaScript
/*
|
|
* Any copyright is dedicated to the Public Domain.
|
|
* http://creativecommons.org/publicdomain/zero/1.0/
|
|
*
|
|
* Tests for Bug 1535210 - Set SSL STATE_IS_BROKEN flag for TLS1.0 and TLS 1.1 connections
|
|
*/
|
|
|
|
const HTTPS_TLS1_0 = "https://tls1.example.com";
|
|
const HTTPS_TLS1_1 = "https://tls11.example.com";
|
|
const HTTPS_TLS1_2 = "https://tls12.example.com";
|
|
const HTTPS_TLS1_3 = "https://tls13.example.com";
|
|
|
|
function getIdentityMode(aWindow = window) {
|
|
return aWindow.document.getElementById("identity-box").className;
|
|
}
|
|
|
|
function closeIdentityPopup() {
|
|
let promise = BrowserTestUtils.waitForEvent(
|
|
gIdentityHandler._identityPopup,
|
|
"popuphidden"
|
|
);
|
|
gIdentityHandler._identityPopup.hidePopup();
|
|
return promise;
|
|
}
|
|
|
|
async function checkConnectionState(state) {
|
|
await openIdentityPopup();
|
|
is(getConnectionState(), state, "connectionState should be " + state);
|
|
await closeIdentityPopup();
|
|
}
|
|
|
|
function getConnectionState() {
|
|
return document.getElementById("identity-popup").getAttribute("connection");
|
|
}
|
|
|
|
registerCleanupFunction(function() {
|
|
// Set preferences back to their original values
|
|
Services.prefs.clearUserPref("security.tls.version.min");
|
|
Services.prefs.clearUserPref("security.tls.version.max");
|
|
});
|
|
|
|
add_task(async function() {
|
|
// Run with all versions enabled for this test.
|
|
Services.prefs.setIntPref("security.tls.version.min", 1);
|
|
Services.prefs.setIntPref("security.tls.version.max", 4);
|
|
|
|
await BrowserTestUtils.withNewTab("about:blank", async function(browser) {
|
|
// Try deprecated versions
|
|
BrowserTestUtils.loadURI(browser, HTTPS_TLS1_0);
|
|
await BrowserTestUtils.browserLoaded(browser);
|
|
isSecurityState(browser, "broken");
|
|
is(
|
|
getIdentityMode(),
|
|
"unknownIdentity weakCipher",
|
|
"Identity should be unknownIdentity"
|
|
);
|
|
await checkConnectionState("not-secure");
|
|
|
|
BrowserTestUtils.loadURI(browser, HTTPS_TLS1_1);
|
|
await BrowserTestUtils.browserLoaded(browser);
|
|
isSecurityState(browser, "broken");
|
|
is(
|
|
getIdentityMode(),
|
|
"unknownIdentity weakCipher",
|
|
"Identity should be unknownIdentity"
|
|
);
|
|
await checkConnectionState("not-secure");
|
|
|
|
// Transition to secure
|
|
BrowserTestUtils.loadURI(browser, HTTPS_TLS1_2);
|
|
await BrowserTestUtils.browserLoaded(browser);
|
|
isSecurityState(browser, "secure");
|
|
is(getIdentityMode(), "verifiedDomain", "Identity should be verified");
|
|
await checkConnectionState("secure");
|
|
|
|
// Transition back to broken
|
|
BrowserTestUtils.loadURI(browser, HTTPS_TLS1_1);
|
|
await BrowserTestUtils.browserLoaded(browser);
|
|
isSecurityState(browser, "broken");
|
|
is(
|
|
getIdentityMode(),
|
|
"unknownIdentity weakCipher",
|
|
"Identity should be unknownIdentity"
|
|
);
|
|
await checkConnectionState("not-secure");
|
|
|
|
// TLS1.3 for completeness
|
|
BrowserTestUtils.loadURI(browser, HTTPS_TLS1_3);
|
|
await BrowserTestUtils.browserLoaded(browser);
|
|
isSecurityState(browser, "secure");
|
|
is(getIdentityMode(), "verifiedDomain", "Identity should be verified");
|
|
await checkConnectionState("secure");
|
|
});
|
|
});
|