/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing.html

http://github.com/zpao/v8monkey · HTML · 268 lines · 204 code · 28 blank · 36 comment · 0 complexity · 3d0d2a3d0e3a9c1abb18ce71607948af MD5 · raw file 

    

  1. <!-- ***** BEGIN LICENSE BLOCK *****
    2. 

  2.    - Version: MPL 1.1/GPL 2.0/LGPL 2.1
    3. 

  3.    -
    4. 

  4.    - The contents of this file are subject to the Mozilla Public License Version
    5. 

  5.    - 1.1 (the "License"); you may not use this file except in compliance with
    6. 

  6.    - the License. You may obtain a copy of the License at
    7. 

  7.    - http://www.mozilla.org/MPL/
    8. 

  8.    -
    9. 

  9.    - Software distributed under the License is distributed on an "AS IS" basis,
    10. 

  10.    - WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    11. 

  11.    - for the specific language governing rights and limitations under the
    12. 

  12.    - License.
    13. 

  13.    -
    14. 

  14.    - The Original Code is Strict-Transport-Security.
    15. 

  15.    -
    16. 

  16.    - The Initial Developer of the Original Code is
    17. 

  17.    - Mozilla Foundation.
    18. 

  18.    - Portions created by the Initial Developer are Copyright (C) 2010
    19. 

  19.    - the Initial Developer. All Rights Reserved.
    20. 

  20.    -
    21. 

  21.    - Contributor(s):
    22. 

  22.    -  Sid Stamm <sid@mozilla.com>
    23. 

  23.    -
    24. 

  24.    - Alternatively, the contents of this file may be used under the terms of
    25. 

  25.    - either the GNU General Public License Version 2 or later (the "GPL"), or
    26. 

  26.    - the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
    27. 

  27.    - in which case the provisions of the GPL or the LGPL are applicable instead
    28. 

  28.    - of those above. If you wish to allow use of your version of this file only
    29. 

  29.    - under the terms of either the GPL or the LGPL, and not to allow others to
    30. 

  30.    - use your version of this file under the terms of the MPL, indicate your
    31. 

  31.    - decision by deleting the provisions above and replace them with the notice
    32. 

  32.    - and other provisions required by the LGPL or the GPL. If you do not delete
    33. 

  33.    - the provisions above, a recipient may use your version of this file under
    34. 

  34.    - the terms of any one of the MPL, the GPL or the LGPL.
    35. 

  35.    -
    36. 

  36.    - ***** END LICENSE BLOCK ***** -->
    37. 

  37. 

  38. <!DOCTYPE HTML>
    39. 

  39. <html>
    40. 

  40. <head>
    41. 

  41.   <title>opens additional content that should be converted to https</title>
    42. 

  42.   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
    43. 

  43.   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
    44. 

  44. 

  45.   <script class="testbody" type="text/javascript">
    46. 

  46.   SimpleTest.waitForExplicitFinish();
    47. 

  47. 

  48.   const STSPATH = "/tests/security/ssl/stricttransportsecurity";
    49. 

  49. 

  50.   const NUM_TEST_FRAMES = 4;
    51. 

  51.   var testframes = {
    52. 

  52.     'samedom':
    53. 

  53.       {'url':     "http://example.com" + STSPATH + "/verify.sjs",
    54. 

  54.         'expected': {'plain': 'SECURE',
    55. 

  55.                      'subdom': 'SECURE',
    56. 

  56.                      'nosts': 'INSECURE'}},
    57. 

  57.     'subdom':
    58. 

  58.       {'url':     "http://test1.example.com" + STSPATH + "/verify.sjs",
    59. 

  59.         'expected': {'plain': 'INSECURE',
    60. 

  60.                      'subdom': 'SECURE',
    61. 

  61.                      'nosts': 'INSECURE'}},
    62. 

  62.     'otherdom':
    63. 

  63.       {'url':     "http://example.org" + STSPATH + "/verify.sjs",
    64. 

  64.         'expected': {'plain': 'INSECURE',
    65. 

  65.                      'subdom': 'INSECURE',
    66. 

  66.                      'nosts': 'INSECURE'}},
    67. 

  67.     'alreadysecure':
    68. 

  68.       {'url':     "https://test2.example.com" + STSPATH + "/verify.sjs",
    69. 

  69.         'expected': {'plain': 'SECURE',
    70. 

  70.                      'subdom': 'SECURE',
    71. 

  71.                      'nosts': 'SECURE'}},
    72. 

  72.   };
    73. 

  73. 

  74.   // This is how many sub-tests (testframes) in each round.
    75. 

  75.   // When the round begins, this will be initialized.
    76. 

  76.   var testsleftinround = 0;
    77. 

  77.   var currentround = "";
    78. 

  78. 

  79.   var _PBSvc = null;
    80. 

  80.   var _PrefSvc = null;
    81. 

  81. 

  82.   function _getPBService() {
    83. 

  83.     if (_PBSvc)
    84. 

  84.       return _PBSvc;
    85. 

  85. 

  86.     // not all apps will have the private browsing service.
    87. 

  87.     try {
    88. 

  88.       netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
    89. 

  89.       _PBSvc = Components.classes["@mozilla.org/privatebrowsing;1"]
    90. 

  90.         .getService(Components.interfaces.nsIPrivateBrowsingService);
    91. 

  91.       return _PBSvc;
    92. 

  92.     } catch (e) {}
    93. 

  93.     return null;
    94. 

  94.   }
    95. 

  95.   function _getPrefService() {
    96. 

  96.     if (_PrefSvc)
    97. 

  97.       return _PrefSvc;
    98. 

  98. 

  99.     // not all apps will have the private browsing service.
    100. 

  100.     try {
    101. 

  101.       netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
    102. 

  102.       _PrefSvc = Components.classes["@mozilla.org/preferences-service;1"]
    103. 

  103.         .getService(Components.interfaces.nsIPrefService)
    104. 

  104.         .QueryInterface(Components.interfaces.nsIPrefBranch);
    105. 

  105.       return _PrefSvc;
    106. 

  106.     } catch (e) {}
    107. 

  107.     return null;
    108. 

  108.   }
    109. 

  109. 

  110.   function startRound(round) {
    111. 

  111.     currentround = round;
    112. 

  112.     testsleftinround = NUM_TEST_FRAMES;
    113. 

  113.     dump("TESTS LEFT IN ROUND: " + testsleftinround + "\n");
    114. 

  114.     var frame = document.createElement("iframe");
    115. 

  115.     frame.setAttribute('id', 'ifr_bootstrap');
    116. 

  116.     frame.setAttribute('src', "https://example.com" + STSPATH +
    117. 

  117.                               "/" + round + "_bootstrap.html");
    118. 

  118.     document.body.appendChild(frame);
    119. 

  119.   }
    120. 

  120. 

  121.   function loadVerifyFrames(round) {
    122. 

  122.     for (var test in testframes) {
    123. 

  123.       var frame = document.createElement("iframe");
    124. 

  124.       frame.setAttribute('id', 'ifr_' + test);
    125. 

  125.       frame.setAttribute('src', testframes[test].url + '?id=' + test);
    126. 

  126.       document.body.appendChild(frame);
    127. 

  127.     }
    128. 

  128.   }
    129. 

  129. 

  130.   /* Messages received are in this format:
    131. 

  131.    *  (BOOTSTRAP|SECURE|INSECURE) testid
    132. 

  132.    * For example: "BOOTSTRAP subdom"
    133. 

  133.    *          or: "INSECURE otherdom"
    134. 

  134.    */
    135. 

  135.   function onMessageReceived(event) {
    136. 

  136. 

  137.     // otherwise, it's a test result
    138. 

  138.     var result = event.data.split(/\s+/);
    139. 

  139.     if (result.length != 2) {
    140. 

  140.       SimpleTest.ok(false, event.data);
    141. 

  141.       return;
    142. 

  142.     }
    143. 

  143. 

  144.     if (result[0] === "BOOTSTRAP") {
    145. 

  145.       loadVerifyFrames(currentround);
    146. 

  146.       return;
    147. 

  147.     }
    148. 

  148. 

  149.     // check if the result (SECURE/INSECURE) is expected for this round/test
    150. 

  150.     // combo
    151. 

  151.     dump_STSState();
    152. 

  152.     dump( "*** in ROUND " + currentround +
    153. 

  153.           ", test " + result[1] +
    154. 

  154.           " is " + result[0] + "\n");
    155. 

  155.     SimpleTest.is(result[0], testframes[result[1]].expected[currentround],
    156. 

  156.                              "in ROUND " + currentround +
    157. 

  157.                              ", test " + result[1]);
    158. 

  158.     testsleftinround--;
    159. 

  159. 

  160.     // if this round is complete...
    161. 

  161.     if (testsleftinround < 1) {
    162. 

  162.       dump("DONE WITH ROUND " + currentround + "\n");
    163. 

  163.       // remove all the iframes in the document
    164. 

  164.       document.body.removeChild(document.getElementById('ifr_bootstrap'));
    165. 

  165.       for (var test in testframes)
    166. 

  166.         document.body.removeChild(document.getElementById('ifr_' + test));
    167. 

  167.       currentround = "";
    168. 

  168. 

  169.       // And advance to the next test.
    170. 

  170.       // Defer this so it doesn't muck with the stack too much.
    171. 

  171.       SimpleTest.executeSoon(nextTest);
    172. 

  172.     }
    173. 

  173.   }
    174. 

  174. 

  175.   function test_sts_before_private_mode() {
    176. 

  176.     dump_STSState();
    177. 

  177.     dump("*** not in private browsing mode\n");
    178. 

  178.     startRound('plain');
    179. 

  179.   }
    180. 

  180. 

  181.   function test_sts_in_private_mode() {
    182. 

  182.     dump_STSState();
    183. 

  183.     dump("*** Entering private browsing mode\n");
    184. 

  184.     netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
    185. 

  185.     _getPrefService().setBoolPref("browser.privatebrowsing.keep_current_session",
    186. 

  186.                                true);
    187. 

  187.     _getPBService().privateBrowsingEnabled = true;
    188. 

  188.     dump("*** ... done\n");
    189. 

  189.     dump_STSState();
    190. 

  190.     startRound('subdom');
    191. 

  191.   }
    192. 

  192. 

  193.   function test_sts_after_exiting_private_mode() {
    194. 

  194.     dump_STSState();
    195. 

  195.     dump("*** Exiting private browsing mode\n");
    196. 

  196.     netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
    197. 

  197.     _getPBService().privateBrowsingEnabled = false;
    198. 

  198.     _getPrefService().clearUserPref("browser.privatebrowsing.keep_current_session");
    199. 

  199.     dump("*** ... done\n");
    200. 

  200.     dump_STSState();
    201. 

  201.     startRound('nosts');
    202. 

  202.   }
    203. 

  203. 

  204.   function clean_up_sts_state() {
    205. 

  205.     // erase all signs that this test ran.
    206. 

  206.     dump("*** Cleaning up STS data.\n");
    207. 

  207.     netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
    208. 

  208.     const Cc = Components.classes;
    209. 

  209.     const Ci = Components.interfaces;
    210. 

  210.     var ios = Cc["@mozilla.org/network/io-service;1"]
    211. 

  211.                 .getService(Ci.nsIIOService);
    212. 

  212.     var thehost = ios.newURI("http://example.com", null, null);
    213. 

  213.     var stss = Cc["@mozilla.org/stsservice;1"]
    214. 

  214.                  .getService(Ci.nsIStrictTransportSecurityService);
    215. 

  215.     stss.removeStsState(thehost);
    216. 

  216.     dump_STSState();
    217. 

  217.     SimpleTest.executeSoon(nextTest);
    218. 

  218.   }
    219. 

  219. 

  220. function dump_STSState() {
    221. 

  221.     netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
    222. 

  222.     var stss = Components.classes["@mozilla.org/stsservice;1"]
    223. 

  223.           .getService(Components.interfaces.nsIStrictTransportSecurityService);
    224. 

  224.     dump("*** State of example.com: " + stss.isStsHost("example.com") + "\n");
    225. 

  225. }
    226. 

  226. 

  227.   // these are executed in the order presented.
    228. 

  228.   // 0.  test that STS works before entering private browsing mode.
    229. 

  229.   //     (load sts-bootstrapped "plain" tests)
    230. 

  230.   //  ... clear any STS data ...
    231. 

  231.   // 1.  test that STS works in private browsing mode
    232. 

  232.   //     (load sts-bootstrapped "subdomain" tests)
    233. 

  233.   // 2.  test that after exiting private browsing, STS data is forgotten
    234. 

  234.   //     (verified with non-sts-bootstrapped pages)
    235. 

  235.   var tests = [];
    236. 

  236.   { // skip these tests if there's no private mode support
    237. 

  237.     netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
    238. 

  238.     if ("@mozilla.org/privatebrowsing;1" in Components.classes) {
    239. 

  239.       tests = [
    240. 

  240.         test_sts_before_private_mode,
    241. 

  241.         clean_up_sts_state,
    242. 

  242.         test_sts_in_private_mode,
    243. 

  243.         test_sts_after_exiting_private_mode,
    244. 

  244.         clean_up_sts_state,
    245. 

  245.       ];
    246. 

  246.     }
    247. 

  247.   }
    248. 

  248. 

  249.   function nextTest() {
    250. 

  250.     if (tests.length)
    251. 

  251.       SimpleTest.executeSoon(tests.shift());
    252. 

  252.     else
    253. 

  253.       SimpleTest.executeSoon(SimpleTest.finish);
    254. 

  254.   }
    255. 

  255. 

  256.   // listen for calls back from the sts-setting iframe and then
    257. 

  257.   // the verification frames.
    258. 

  258.   window.addEventListener("message", onMessageReceived, false);
    259. 

  259.   window.addEventListener('load', nextTest, false);
    260. 

  260. 

  261.   </script>
    262. 

  262. </head>
    263. 

  263. 

  264. <body>
    265. 

  265.   This test will load some iframes and do some tests.
    266. 

  266. 

  267. </body>
    268. 

  268. </html>
    269.