horok/firefox
1
0
Fork 0
Code Activity
firefox/dom/security/test/https-first/browser_https_telemetry2.js
Daniel Baumann 5e9a113729
Adding upstream version 140.0. 
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-25 09:37:52 +02:00

201 lines
5.8 KiB
JavaScript
Raw Blame History

/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
// We explicitly need HTTP URLs in this test
/* eslint-disable @microsoft/sdl/no-insecure-url */
requestLongerTimeout(2);
const TEST_PATH_HTTP = getRootDirectory(gTestPath).replace(
"chrome://mochitests/content",
"http://example.com"
);
async function setPrefsAndResetFog(
aHTTPSOnlyPref,
aHTTPSFirstPref,
aSchemeLessPref
) {
Services.fog.testResetFOG();
await SpecialPowers.pushPrefEnv({
set: [
["dom.security.https_only_mode", aHTTPSOnlyPref],
["dom.security.https_first", aHTTPSFirstPref],
["dom.security.https_first_schemeless", aSchemeLessPref],
],
});
}
function verifyGleanValues(aDescription, aExpected) {
info(aDescription);
let notInitialized = aExpected.notInitialized || null;
let noUpgrade = aExpected.noUpgrade || null;
let alreadyHTTPS = aExpected.alreadyHTTPS || null;
let hsts = aExpected.hsts || null;
let httpsOnlyUpgrade = aExpected.httpsOnlyUpgrade || null;
let httpsOnlyUpgradeDowngrade = aExpected.httpsOnlyUpgradeDowngrade || null;
let httpsFirstUpgrade = aExpected.httpsFirstUpgrade || null;
let httpsFirstUpgradeDowngrade = aExpected.httpsFirstUpgradeDowngrade || null;
let httpsFirstSchemelessUpgrade =
aExpected.httpsFirstSchemelessUpgrade || null;
let httpsFirstSchemelessUpgradeDowngrade =
aExpected.httpsFirstSchemelessUpgradeDowngrade || null;
let cspUpgradeInsecureRequests = aExpected.cspUpgradeInsecureRequests || null;
let httpsRR = aExpected.httpsRR || null;
let webExtensionUpgrade = aExpected.webExtensionUpgrade || null;
let upgradeException = aExpected.upgradeException || null;
let glean = Glean.networking.httpToHttpsUpgradeReason;
is(
glean.not_initialized.testGetValue(),
notInitialized,
"verify not_initialized"
);
is(glean.no_upgrade.testGetValue(), noUpgrade, "verify no_upgrade");
is(glean.already_https.testGetValue(), alreadyHTTPS, "verify already_https");
is(glean.hsts.testGetValue(), hsts, "verify hsts");
is(
glean.https_only_upgrade.testGetValue(),
httpsOnlyUpgrade,
"verify https_only_upgrade"
);
is(
glean.https_only_upgrade_downgrade.testGetValue(),
httpsOnlyUpgradeDowngrade,
"verify https_only_upgrade_downgrade"
);
is(
glean.https_first_upgrade.testGetValue(),
httpsFirstUpgrade,
"verify https_first_upgrade"
);
is(
glean.https_first_upgrade_downgrade.testGetValue(),
httpsFirstUpgradeDowngrade,
"verify https_first_upgrade_downgrade"
);
is(
glean.https_first_schemeless_upgrade.testGetValue(),
httpsFirstSchemelessUpgrade,
"verify https_first_schemeless_upgrade"
);
is(
glean.https_first_schemeless_upgrade_downgrade.testGetValue(),
httpsFirstSchemelessUpgradeDowngrade,
"verify https_first_schemeless_upgrade_downgrade"
);
is(
glean.csp_uir.testGetValue(),
cspUpgradeInsecureRequests,
"verify csp_uir"
);
is(glean.https_rr.testGetValue(), httpsRR, "verify https_rr");
is(
glean.web_extension_upgrade.testGetValue(),
webExtensionUpgrade,
"verify web_extension_upgrade"
);
is(
glean.upgrade_exception.testGetValue(),
upgradeException,
"verify upgrade_exception"
);
}
async function runUpgradeTest(aURI, aDesc, aAssertURLStartsWith) {
await BrowserTestUtils.withNewTab("about:blank", async function (browser) {
const loaded = BrowserTestUtils.browserLoaded(browser, false, null, true);
BrowserTestUtils.startLoadingURIString(browser, aURI);
await loaded;
await SpecialPowers.spawn(
browser,
[aDesc, aAssertURLStartsWith],
async function (aDesc, aAssertURLStartsWith) {
ok(
content.document.location.href.startsWith(aAssertURLStartsWith),
aDesc
);
}
);
await SpecialPowers.removePermission("https-only-load-insecure", aURI);
});
}
add_task(async function () {
info("(1) verify view-source");
await setPrefsAndResetFog(
false /* aHTTPSOnlyPref */,
false /* aHTTPSFirstPref */,
false /* aSchemeLessPref */
);
let random = Math.random();
await runUpgradeTest(
"view-source:https://example.com?" + random,
"(1) verify view-source",
"view-source"
);
verifyGleanValues("(1) verify view-source", { alreadyHTTPS: 1 });
});
add_task(async function () {
info("(2) verify about: pages");
await setPrefsAndResetFog(
false /* aHTTPSOnlyPref */,
false /* aHTTPSFirstPref */,
false /* aSchemeLessPref */
);
// about:credits resolves to https://www.mozilla.org/credits/
await runUpgradeTest("about:credits", "(2) verify about: pages", "https:");
verifyGleanValues("(2) verify about: pages", { alreadyHTTPS: 1 });
});
add_task(async function () {
info("(3) verify top-level csp upgrade-insecure-requests");
await setPrefsAndResetFog(
false /* aHTTPSOnlyPref */,
false /* aHTTPSFirstPref */,
false /* aSchemeLessPref */
);
let random = Math.random();
await BrowserTestUtils.withNewTab(
TEST_PATH_HTTP + "file_https_telemetry_csp_uir.html?" + random,
async function (browser) {
let newTabPromise = BrowserTestUtils.waitForNewTab(gBrowser, null, true);
BrowserTestUtils.synthesizeMouse(
"#mylink",
2,
2,
{ accelKey: true },
browser
);
let tab = await newTabPromise;
is(
tab.linkedBrowser.currentURI.scheme,
"https",
"Should have opened https page."
);
BrowserTestUtils.removeTab(tab);
}
);
// we record 2 loads:
// * the load for TEST_PATH_HTTP which results in "no_upgrade"
// * the link click where CSP UIR upgrades the load to https
verifyGleanValues("(3) verify top-level csp upgrade-insecure-requests", {
noUpgrade: 1,
cspUpgradeInsecureRequests: 1,
});
});
View git blame Copy permalink