forked from mirrors/gecko-dev
3defbe3b72
Differential Revision: https://phabricator.services.mozilla.com/D51090 --HG-- extra : moz-landing-system : lando
107 lines
3.3 KiB
HTML
107 lines
3.3 KiB
HTML
<!DOCTYPE HTML>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf8">
|
|
<title>Test for the network actor (HPKP detection)</title>
|
|
<script src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
|
|
<script type="text/javascript" src="common.js"></script>
|
|
<!-- Any copyright is dedicated to the Public Domain.
|
|
- http://creativecommons.org/publicdomain/zero/1.0/ -->
|
|
</head>
|
|
<body>
|
|
<p>Test for the network actor (HPKP detection)</p>
|
|
|
|
<iframe src="https://example.com/chrome/devtools/shared/webconsole/test/network_requests_iframe.html"></iframe>
|
|
|
|
<script class="testbody" type="text/javascript">
|
|
"use strict";
|
|
|
|
SimpleTest.waitForExplicitFinish();
|
|
|
|
let gCurrentTestCase = -1;
|
|
const HPKP_ENABLED_PREF = "security.cert_pinning.hpkp.enabled";
|
|
const PROCESS_HPKP_FROM_NON_BUILTIN_ROOTS_PREF = "security.cert_pinning.process_headers_from_non_builtin_roots";
|
|
|
|
// Static pins tested by unit/test_security-info-static-hpkp.js.
|
|
const TEST_CASES = [
|
|
{
|
|
desc: "no Public Key Pinning",
|
|
url: "https://example.com",
|
|
usesPinning: false,
|
|
},
|
|
{
|
|
desc: "dynamic Public Key Pinning with this request",
|
|
url: "https://include-subdomains.pinning-dynamic.example.com/" +
|
|
"browser/browser/base/content/test/general/pinning_headers.sjs",
|
|
usesPinning: true,
|
|
},
|
|
{
|
|
desc: "dynamic Public Key Pinning with previous request",
|
|
url: "https://include-subdomains.pinning-dynamic.example.com/",
|
|
usesPinning: true,
|
|
}
|
|
];
|
|
|
|
function startTest() {
|
|
Services.prefs.setBoolPref(HPKP_ENABLED_PREF, true);
|
|
Services.prefs.setBoolPref(PROCESS_HPKP_FROM_NON_BUILTIN_ROOTS_PREF, true);
|
|
SimpleTest.registerCleanupFunction(() => {
|
|
Services.prefs.setBoolPref(HPKP_ENABLED_PREF, false);
|
|
Services.prefs.setBoolPref(PROCESS_HPKP_FROM_NON_BUILTIN_ROOTS_PREF, false);
|
|
|
|
// Reset pinning state.
|
|
const gSSService = Cc["@mozilla.org/ssservice;1"]
|
|
.getService(Ci.nsISiteSecurityService);
|
|
|
|
const gIOService = Services.io;
|
|
for (const {url} of TEST_CASES) {
|
|
const uri = gIOService.newURI(url);
|
|
gSSService.resetState(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0);
|
|
}
|
|
});
|
|
|
|
info("Test detection of Public Key Pinning.");
|
|
removeEventListener("load", startTest);
|
|
attachConsoleToTab(["NetworkActivity"], onAttach);
|
|
}
|
|
|
|
function onAttach(state, response) {
|
|
onNetworkEventUpdate = onNetworkEventUpdate.bind(null, state);
|
|
state.dbgClient.on("networkEventUpdate", onNetworkEventUpdate);
|
|
|
|
runNextCase(state);
|
|
}
|
|
|
|
function runNextCase(state) {
|
|
gCurrentTestCase++;
|
|
if (gCurrentTestCase === TEST_CASES.length) {
|
|
info("Tests ran. Cleaning up.");
|
|
closeDebugger(state, SimpleTest.finish);
|
|
return;
|
|
}
|
|
|
|
const { desc, url } = TEST_CASES[gCurrentTestCase];
|
|
info("Testing site with " + desc);
|
|
|
|
const iframe = document.querySelector("iframe").contentWindow;
|
|
iframe.wrappedJSObject.makeXhrCallback("GET", url);
|
|
}
|
|
|
|
function onNetworkEventUpdate(state, packet) {
|
|
function onSecurityInfo(received) {
|
|
const data = TEST_CASES[gCurrentTestCase];
|
|
is(received.securityInfo.hpkp, data.usesPinning,
|
|
"Public Key Pinning detected correctly.");
|
|
|
|
runNextCase(state);
|
|
}
|
|
|
|
if (packet.updateType === "securityInfo") {
|
|
state.webConsoleFront.getSecurityInfo(packet.from, onSecurityInfo);
|
|
}
|
|
}
|
|
|
|
addEventListener("load", startTest);
|
|
</script>
|
|
</body>
|
|
</html>
|