Adding upstream version 86.0.1.upstream/86.0.1 upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-28 14:29:10 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-28 14:29:10 +0000
commit: 2aa4a82499d4becd2284cdb482213d541b8804dd (patch)
tree: b80bf8bf13c3766139fbacc530efd0dd9d54394c /toolkit/modules/tests/chrome
parent: Initial commit. (diff)
download: firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.tar.xz
firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.zip
2 files changed, 151 insertions, 0 deletions
diff --git a/toolkit/modules/tests/chrome/chrome.ini b/toolkit/modules/tests/chrome/chrome.ini
new file mode 100644
index 0000000000..f302fbdb81
--- /dev/null
+++ b/toolkit/modules/tests/chrome/chrome.ini
@@ -0,0 +1,4 @@
+[DEFAULT]
+
+[test_bug544442_checkCert.xhtml]
+skip-if = verify
diff --git a/toolkit/modules/tests/chrome/test_bug544442_checkCert.xhtml b/toolkit/modules/tests/chrome/test_bug544442_checkCert.xhtml
new file mode 100644
index 0000000000..73ef31d239
--- /dev/null
+++ b/toolkit/modules/tests/chrome/test_bug544442_checkCert.xhtml
@@ -0,0 +1,147 @@
+<?xml version="1.0"?>
+<!--
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+-->
+
+<?xml-stylesheet href="chrome://global/skin" type="text/css"?>
+<?xml-stylesheet href="chrome://mochikit/content/tests/SimpleTest/test.css" type="text/css"?>
+
+<window title="Test CertUtils.jsm checkCert - bug 340198 and bug 544442"
+        xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
+        onload="testStart();">
+<script src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/>
+
+<script type="application/javascript">
+<![CDATA[
+
+SimpleTest.waitForExplicitFinish();
+
+const {CertUtils} = ChromeUtils.import("resource://gre/modules/CertUtils.jsm");
+
+function testStart() {
+  ok(true, "Entering testStart");
+
+  var request = new XMLHttpRequest();
+  request.open("GET", "https://example.com/", true);
+  request.channel.notificationCallbacks = new CertUtils.BadCertHandler(true);
+  request.onerror = function(event) { testXHRError(event); };
+  request.onload = function(event) { testXHRLoad(event); };
+  request.send(null);
+}
+
+function testXHRError(aEvent) {
+  ok(true, "Entering testXHRError - something went wrong");
+
+  var request = aEvent.target;
+  var status = 0;
+  try {
+    status = request.status;
+  }
+  catch (e) {
+  }
+
+  if (status == 0)
+    status = request.channel.QueryInterface(Ci.nsIRequest).status;
+
+  ok(false, "XHR onerror called: " + status);
+
+  SimpleTest.finish();
+}
+
+function getCheckCertResult(aChannel, aAllowNonBuiltIn, aCerts) {
+  try {
+    CertUtils.checkCert(aChannel, aAllowNonBuiltIn, aCerts);
+  }
+  catch (e) {
+    return e.result;
+  }
+  return Cr.NS_OK;
+}
+
+function testXHRLoad(aEvent) {
+  ok(true, "Entering testXHRLoad");
+
+  var channel = aEvent.target.channel;
+
+  var certs = null;
+  is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT,
+     "checkCert should throw NS_ERROR_ABORT when the certificate attributes " +
+     "array passed to checkCert is null and the certificate is not builtin");
+
+  is(getCheckCertResult(channel, true, certs), Cr.NS_OK,
+     "checkCert should not throw when the certificate attributes array " +
+     "passed to checkCert is null and builtin certificates aren't enforced");
+
+  certs = [ { invalidAttribute: "Invalid attribute" } ];
+  is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ILLEGAL_VALUE,
+     "checkCert should throw NS_ERROR_ILLEGAL_VALUE when the certificate " +
+     "attributes array passed to checkCert has an element that has an " +
+     "attribute that does not exist on the certificate");
+
+  certs = [ { issuerName: "Incorrect issuerName" } ];
+  is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ILLEGAL_VALUE,
+     "checkCert should throw NS_ERROR_ILLEGAL_VALUE when the certificate " +
+     "attributes array passed to checkCert has an element that has an " +
+     "issuerName that is not the same as the certificate's");
+
+  var cert = channel.securityInfo.QueryInterface(Ci.nsITransportSecurityInfo).
+             serverCert;
+
+  certs = [ { issuerName: cert.issuerName,
+              commonName: cert.commonName } ];
+  is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT,
+     "checkCert should throw NS_ERROR_ABORT when the certificate attributes " +
+     "array passed to checkCert has a single element that has the same " +
+     "issuerName and commonName as the certificate's and the certificate is " +
+     "not builtin");
+
+  is(getCheckCertResult(channel, true, certs), Cr.NS_OK,
+     "checkCert should not throw when the certificate attributes array " +
+     "passed to checkCert has a single element that has the same issuerName " +
+     "and commonName as the certificate's and and builtin certificates " +
+     "aren't enforced");
+
+  certs = [ { issuerName: "Incorrect issuerName",
+              invalidAttribute: "Invalid attribute" },
+            { issuerName: cert.issuerName,
+              commonName: "Invalid Common Name" },
+            { issuerName: cert.issuerName,
+              commonName: cert.commonName } ];
+  is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT,
+     "checkCert should throw NS_ERROR_ABORT when the certificate attributes " +
+     "array passed to checkCert has an element that has the same issuerName " +
+     "and commonName as the certificate's and the certificate is not builtin");
+
+  is(getCheckCertResult(channel, true, certs), Cr.NS_OK,
+     "checkCert should not throw when the certificate attributes array " +
+     "passed to checkCert has an element that has the same issuerName and " +
+     "commonName as the certificate's and builtin certificates aren't enforced");
+
+  var mockChannel = { originalURI: SpecialPowers.Services.io.newURI("http://example.com/") };
+
+  certs = [ ];
+  is(getCheckCertResult(mockChannel, false, certs), Cr.NS_ERROR_UNEXPECTED,
+     "checkCert should throw NS_ERROR_UNEXPECTED when the certificate " +
+     "attributes array passed to checkCert is not null and the channel's " +
+     "originalURI is not https");
+
+  certs = null;
+  is(getCheckCertResult(mockChannel, false, certs), Cr.NS_OK,
+     "checkCert should not throw when the certificate attributes object " +
+     "passed to checkCert is null and the the channel's originalURI is not " +
+     "https");
+
+  SimpleTest.finish();
+}
+
+]]>
+</script>
+
+<body xmlns="http://www.w3.org/1999/xhtml">
+  <p id="display"></p>
+  <div id="content" style="display: none"></div>
+  <pre id="test"></pre>
+</body>
+</window>
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-28 14:29:10 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-28 14:29:10 +0000
commit	2aa4a82499d4becd2284cdb482213d541b8804dd (patch)
tree	b80bf8bf13c3766139fbacc530efd0dd9d54394c /toolkit/modules/tests/chrome
parent	Initial commit. (diff)
download	firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.tar.xz firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.zip