summaryrefslogtreecommitdiffstats
path: root/dom/security/test
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:13:33 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:13:33 +0000
commit086c044dc34dfc0f74fbe41f4ecb402b2cd34884 (patch)
treea4f824bd33cb075dd5aa3eb5a0a94af221bbe83a /dom/security/test
parentAdding debian version 124.0.1-1. (diff)
downloadfirefox-086c044dc34dfc0f74fbe41f4ecb402b2cd34884.tar.xz
firefox-086c044dc34dfc0f74fbe41f4ecb402b2cd34884.zip
Merging upstream version 125.0.1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/security/test')
-rw-r--r--dom/security/test/csp/file_csp_error_messages.html33
-rw-r--r--dom/security/test/csp/mochitest.toml3
-rw-r--r--dom/security/test/csp/test_csp_error_messages.html75
-rw-r--r--dom/security/test/general/browser.toml10
-rw-r--r--dom/security/test/general/browser_restrict_privileged_about_script.js2
-rw-r--r--dom/security/test/general/browser_test_data_download.js4
-rw-r--r--dom/security/test/general/browser_test_data_text_csv.js4
-rw-r--r--dom/security/test/general/browser_test_http_download.js275
-rw-r--r--dom/security/test/general/browser_test_report_blocking.js2
-rw-r--r--dom/security/test/general/browser_test_toplevel_data_navigations.js2
-rw-r--r--dom/security/test/general/browser_test_view_image_data_navigation.js4
-rw-r--r--dom/security/test/general/http_download_page.html23
-rw-r--r--dom/security/test/general/http_download_server.sjs20
-rw-r--r--dom/security/test/general/test_block_script_wrong_mime.html6
-rw-r--r--dom/security/test/general/test_block_toplevel_data_navigation.html2
-rw-r--r--dom/security/test/general/test_bug1277803.xhtml2
-rw-r--r--dom/security/test/general/test_contentpolicytype_targeted_link_iframe.html2
-rw-r--r--dom/security/test/general/test_meta_referrer.html2
-rw-r--r--dom/security/test/general/test_same_site_cookies_subrequest.html2
-rw-r--r--dom/security/test/general/test_same_site_cookies_toplevel_nav.html2
-rw-r--r--dom/security/test/https-first/browser_download_attribute.js2
-rw-r--r--dom/security/test/https-first/browser_httpsfirst.js35
-rw-r--r--dom/security/test/https-first/browser_mixed_content_download.js2
-rw-r--r--dom/security/test/https-first/browser_schemeless.js28
-rw-r--r--dom/security/test/https-first/file_data_uri.html2
-rw-r--r--dom/security/test/https-first/test_resource_upgrade.html2
-rw-r--r--dom/security/test/https-only/browser_hsts_host.js2
-rw-r--r--dom/security/test/https-only/browser_save_as.js14
-rw-r--r--dom/security/test/https-only/browser_user_gesture.js2
-rw-r--r--dom/security/test/https-only/file_upgrade_insecure.html2
-rw-r--r--dom/security/test/https-only/file_websocket_exceptions_iframe.html6
-rw-r--r--dom/security/test/https-only/test_redirect_upgrade.html4
-rw-r--r--dom/security/test/https-only/test_resource_upgrade.html2
-rw-r--r--dom/security/test/mixedcontentblocker/browser_test_mixed_content_download.js2
-rw-r--r--dom/security/test/referrer-policy/browser.toml4
-rw-r--r--dom/security/test/referrer-policy/browser_session_history.js (renamed from dom/security/test/referrer-policy/browser_fragment_navigation.js)17
-rw-r--r--dom/security/test/referrer-policy/file_session_history.sjs (renamed from dom/security/test/referrer-policy/file_fragment_navigation.sjs)14
-rw-r--r--dom/security/test/referrer-policy/referrer_helper.js4
-rw-r--r--dom/security/test/referrer-policy/test_img_referrer.html4
-rw-r--r--dom/security/test/sec-fetch/browser_external_loads.js4
-rw-r--r--dom/security/test/sec-fetch/browser_navigation.js2
-rw-r--r--dom/security/test/sec-fetch/test_iframe_history_manipulation.html2
-rw-r--r--dom/security/test/sec-fetch/test_iframe_src_metaRedirect.html2
-rw-r--r--dom/security/test/sec-fetch/test_iframe_srcdoc_metaRedirect.html2
-rw-r--r--dom/security/test/sec-fetch/test_iframe_window_open_metaRedirect.html2
-rw-r--r--dom/security/test/sec-fetch/test_trustworthy_loopback.html2
-rw-r--r--dom/security/test/sec-fetch/test_websocket.html6
-rw-r--r--dom/security/test/unit/test_csp_reports.js2
-rw-r--r--dom/security/test/unit/test_csp_upgrade_insecure_request_header.js8
-rw-r--r--dom/security/test/unit/test_https_only_https_first_default_port.js8
-rw-r--r--dom/security/test/unit/test_https_only_https_first_prefs.js6
51 files changed, 598 insertions, 71 deletions
diff --git a/dom/security/test/csp/file_csp_error_messages.html b/dom/security/test/csp/file_csp_error_messages.html
new file mode 100644
index 0000000000..65d26ac57e
--- /dev/null
+++ b/dom/security/test/csp/file_csp_error_messages.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <meta http-equiv="Content-Security-Policy" content="default-src 'nonce-abc';">
+ <title></title>
+</head>
+
+<!-- event handler -->
+<body onload="alert('onload');">
+
+ <!-- img-src -->
+ <img src="image.png">
+
+ <!-- external script -->
+ <script src=script.js></script>
+
+ <!-- inline script -->
+ <script>
+ alert("failure");
+ </script>
+
+ <script nonce="abc">
+ /* worker-src */
+ new Worker("/worker.js")
+ </script>
+
+ <script nonce="abc">
+ // eslint-disable-next-line no-eval
+ eval("hello world");
+ </script>
+</body>
+</html> \ No newline at end of file
diff --git a/dom/security/test/csp/mochitest.toml b/dom/security/test/csp/mochitest.toml
index 8d8c6c31f5..5dd9a14222 100644
--- a/dom/security/test/csp/mochitest.toml
+++ b/dom/security/test/csp/mochitest.toml
@@ -433,6 +433,9 @@ skip-if = [
["test_connect-src.html"]
+["test_csp_error_messages.html"]
+support-files = ["file_csp_error_messages.html"]
+
["test_csp_frame_ancestors_about_blank.html"]
support-files = [
"file_csp_frame_ancestors_about_blank.html",
diff --git a/dom/security/test/csp/test_csp_error_messages.html b/dom/security/test/csp/test_csp_error_messages.html
new file mode 100644
index 0000000000..51be37e7c0
--- /dev/null
+++ b/dom/security/test/csp/test_csp_error_messages.html
@@ -0,0 +1,75 @@
+<!doctype html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test some specialized CSP errors</title>
+ <script src="/tests/SimpleTest/SimpleTest.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+</head>
+<body>
+
+<iframe id="cspframe"></iframe>
+
+<script class="testbody" type="text/javascript">
+SimpleTest.waitForExplicitFinish();
+
+function cleanup() {
+ SpecialPowers.postConsoleSentinel();
+ SimpleTest.finish();
+};
+
+let errors = [];
+function add(name) {
+ ok(!errors.includes(name), `duplicate error for ${name}`);
+ errors.push(name);
+}
+
+SpecialPowers.registerConsoleListener(msg => {
+ if (!msg.errorMessage) {
+ return;
+ }
+
+ let {errorMessage} = msg;
+ function contains(str) {
+ ok(errorMessage.includes(str), `error message contains "${str}"`);
+ }
+
+ if (errorMessage.includes("(script-src-attr)")) {
+ contains("blocked an event handler");
+ contains("from being executed");
+ contains("Source: alert('onload');");
+ add("event handler");
+ } else if (errorMessage.includes("(img-src)")) {
+ contains("blocked the loading of a resource");
+ contains("/image.png");
+ add("image");
+ } else if (errorMessage.includes("an inline script")) {
+ contains("(script-src-elem)");
+ contains("from being executed");
+ add("inline script");
+ } else if (errorMessage.includes("a script")) {
+ contains("(script-src-elem)");
+ contains("from being executed");
+ contains("/script.js");
+ add("script");
+ } else if (errorMessage.includes("(worker-src)")) {
+ contains("(worker-src)");
+ contains("from being executed");
+ contains("/worker.js");
+ add("worker");
+ } else if (errorMessage.includes("a JavaScript eval")) {
+ contains("(script-src)");
+ contains("from being executed");
+ contains("Missing 'unsafe-eval'")
+ add("eval");
+ }
+
+ if (errors.length == 6) {
+ SimpleTest.executeSoon(cleanup);
+ }
+});
+
+document.getElementById('cspframe').src = 'file_csp_error_messages.html';
+</script>
+</body>
+</html>
diff --git a/dom/security/test/general/browser.toml b/dom/security/test/general/browser.toml
index 0f4ec5b224..c6d6b4bf79 100644
--- a/dom/security/test/general/browser.toml
+++ b/dom/security/test/general/browser.toml
@@ -48,6 +48,16 @@ support-files = [
"file_gpc_server.sjs",
]
+["browser_test_http_download.js"]
+skip-if = [
+ "win11_2009", # Bug 1784764
+ "os == 'linux' && !debug",
+]
+support-files = [
+ "http_download_page.html",
+ "http_download_server.sjs"
+]
+
["browser_test_referrer_loadInOtherProcess.js"]
["browser_test_report_blocking.js"]
diff --git a/dom/security/test/general/browser_restrict_privileged_about_script.js b/dom/security/test/general/browser_restrict_privileged_about_script.js
index 0baa6e3d4d..7dfb6d691a 100644
--- a/dom/security/test/general/browser_restrict_privileged_about_script.js
+++ b/dom/security/test/general/browser_restrict_privileged_about_script.js
@@ -20,7 +20,7 @@ add_task(async function test_principal_click() {
});
await BrowserTestUtils.withNewTab(
"about:test-about-privileged-with-scripts",
- async function (browser) {
+ async function () {
// Wait for page to fully load
info("Waiting for tab to be loaded..");
// let's look into the fully loaded about page
diff --git a/dom/security/test/general/browser_test_data_download.js b/dom/security/test/general/browser_test_data_download.js
index df5a8aeac4..9cebb97b30 100644
--- a/dom/security/test/general/browser_test_data_download.js
+++ b/dom/security/test/general/browser_test_data_download.js
@@ -22,13 +22,13 @@ function addWindowListener(aURL) {
resolve(domwindow);
}, domwindow);
},
- onCloseWindow(aXULWindow) {},
+ onCloseWindow() {},
});
});
}
function waitDelay(delay) {
- return new Promise((resolve, reject) => {
+ return new Promise(resolve => {
/* eslint-disable mozilla/no-arbitrary-setTimeout */
window.setTimeout(resolve, delay);
});
diff --git a/dom/security/test/general/browser_test_data_text_csv.js b/dom/security/test/general/browser_test_data_text_csv.js
index 9855ddce46..b6c9f46336 100644
--- a/dom/security/test/general/browser_test_data_text_csv.js
+++ b/dom/security/test/general/browser_test_data_text_csv.js
@@ -6,7 +6,7 @@ const kTestPath = getRootDirectory(gTestPath).replace(
);
const kTestURI = kTestPath + "file_data_text_csv.html";
-function addWindowListener(aURL, aCallback) {
+function addWindowListener(aURL) {
return new Promise(resolve => {
Services.wm.addListener({
onOpenWindow(aXULWindow) {
@@ -22,7 +22,7 @@ function addWindowListener(aURL, aCallback) {
resolve(domwindow);
}, domwindow);
},
- onCloseWindow(aXULWindow) {},
+ onCloseWindow() {},
});
});
}
diff --git a/dom/security/test/general/browser_test_http_download.js b/dom/security/test/general/browser_test_http_download.js
new file mode 100644
index 0000000000..35e3fdfc4b
--- /dev/null
+++ b/dom/security/test/general/browser_test_http_download.js
@@ -0,0 +1,275 @@
+/* Any copyright is dedicated to the Public Domain.
+ * https://creativecommons.org/publicdomain/zero/1.0/ */
+
+ChromeUtils.defineESModuleGetters(this, {
+ Downloads: "resource://gre/modules/Downloads.sys.mjs",
+ DownloadsCommon: "resource:///modules/DownloadsCommon.sys.mjs",
+});
+
+const HandlerService = Cc[
+ "@mozilla.org/uriloader/handler-service;1"
+].getService(Ci.nsIHandlerService);
+
+const MIMEService = Cc["@mozilla.org/mime;1"].getService(Ci.nsIMIMEService);
+
+// Using insecure HTTP URL for a test cases around HTTP downloads
+let INSECURE_BASE_URL =
+ getRootDirectory(gTestPath).replace(
+ "chrome://mochitests/content/",
+ // eslint-disable-next-line @microsoft/sdl/no-insecure-url
+ "http://example.com/"
+ ) + "http_download_page.html";
+
+function promiseFocus() {
+ return new Promise(resolve => {
+ waitForFocus(resolve);
+ });
+}
+
+async function task_openPanel() {
+ await promiseFocus();
+
+ let promise = BrowserTestUtils.waitForPopupEvent(
+ DownloadsPanel.panel,
+ "shown"
+ );
+ DownloadsPanel.showPanel();
+ await promise;
+}
+
+const downloadMonitoringView = {
+ _listeners: [],
+ onDownloadAdded(download) {
+ for (let listener of this._listeners) {
+ listener(download);
+ }
+ this._listeners = [];
+ },
+ waitForDownload(listener) {
+ this._listeners.push(listener);
+ },
+};
+
+/**
+ * Waits until a download is triggered.
+ * Unless the always_ask_before_handling_new_types pref is true, the download
+ * will simply be saved, so resolve when the view is notified of the new
+ * download. Otherwise, it waits until a prompt is shown, selects the choosen
+ * <action>, then accepts the dialog
+ * @param [action] Which action to select, either:
+ * "handleInternally", "save" or "open".
+ * @returns {Promise} Resolved once done.
+ */
+
+function shouldTriggerDownload(action = "save") {
+ if (
+ Services.prefs.getBoolPref(
+ "browser.download.always_ask_before_handling_new_types"
+ )
+ ) {
+ return new Promise((resolve, reject) => {
+ Services.wm.addListener({
+ onOpenWindow(xulWin) {
+ Services.wm.removeListener(this);
+ let win = xulWin.docShell.domWindow;
+ waitForFocus(() => {
+ if (
+ win.location ==
+ "chrome://mozapps/content/downloads/unknownContentType.xhtml"
+ ) {
+ let dialog = win.document.getElementById("unknownContentType");
+ let button = dialog.getButton("accept");
+ let actionRadio = win.document.getElementById(action);
+ actionRadio.click();
+ button.disabled = false;
+ dialog.acceptDialog();
+ resolve();
+ } else {
+ reject();
+ }
+ }, win);
+ },
+ });
+ });
+ }
+ return new Promise(res => {
+ downloadMonitoringView.waitForDownload(res);
+ });
+}
+
+const CONSOLE_ERROR_MESSAGE = "We blocked a download that’s not secure";
+
+function shouldConsoleError() {
+ // Waits until CONSOLE_ERROR_MESSAGE was logged
+ return new Promise((resolve, reject) => {
+ function listener(msgObj) {
+ let text = msgObj.message;
+ if (text.includes(CONSOLE_ERROR_MESSAGE)) {
+ Services.console.unregisterListener(listener);
+ resolve();
+ }
+ }
+ Services.console.registerListener(listener);
+ });
+}
+
+async function resetDownloads() {
+ // Removes all downloads from the download List
+ const types = new Set();
+ let publicList = await Downloads.getList(Downloads.PUBLIC);
+ let downloads = await publicList.getAll();
+ for (let download of downloads) {
+ if (download.contentType) {
+ types.add(download.contentType);
+ }
+ publicList.remove(download);
+ await download.finalize(true);
+ }
+
+ if (types.size) {
+ // reset handlers for the contentTypes of any files previously downloaded
+ for (let type of types) {
+ const mimeInfo = MIMEService.getFromTypeAndExtension(type, "");
+ info("resetting handler for type: " + type);
+ HandlerService.remove(mimeInfo);
+ }
+ }
+}
+
+function shouldNotifyDownloadUI() {
+ return new Promise(res => {
+ downloadMonitoringView.waitForDownload(async aDownload => {
+ let { error } = aDownload;
+ if (
+ error.becauseBlockedByReputationCheck &&
+ error.reputationCheckVerdict == Downloads.Error.BLOCK_VERDICT_INSECURE
+ ) {
+ // It's an insecure Download, now Check that it has been cleaned up properly
+ if ((await IOUtils.stat(aDownload.target.path)).size != 0) {
+ throw new Error(`Download target is not empty!`);
+ }
+ if ((await IOUtils.stat(aDownload.target.path)).size != 0) {
+ throw new Error(`Download partFile was not cleaned up properly`);
+ }
+ // Assert that the Referrer is presnt
+ if (!aDownload.source.referrerInfo) {
+ throw new Error("The Blocked download is missing the ReferrerInfo");
+ }
+
+ res(aDownload);
+ } else {
+ ok(false, "No error for download that was expected to error!");
+ }
+ });
+ });
+}
+
+async function runTest(url, link, checkFunction, description) {
+ await SpecialPowers.pushPrefEnv({
+ set: [["dom.block_download_insecure", true]],
+ });
+ await resetDownloads();
+
+ let tab = BrowserTestUtils.addTab(gBrowser, url);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Checking: " + description);
+
+ let checkPromise = checkFunction();
+ // Click the Link to trigger the download
+ SpecialPowers.spawn(gBrowser.selectedBrowser, [link], contentLink => {
+ content.document.getElementById(contentLink).click();
+ });
+
+ await checkPromise;
+
+ ok(true, description);
+ BrowserTestUtils.removeTab(tab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_setup(async () => {
+ let list = await Downloads.getList(Downloads.ALL);
+ list.addView(downloadMonitoringView);
+ registerCleanupFunction(() => list.removeView(downloadMonitoringView));
+});
+
+// Test Blocking
+add_task(async function test_blocking() {
+ for (let prefVal of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [["browser.download.always_ask_before_handling_new_types", prefVal]],
+ });
+ await runTest(
+ INSECURE_BASE_URL,
+ "http-link",
+ () =>
+ Promise.all([
+ shouldTriggerDownload(),
+ shouldNotifyDownloadUI(),
+ shouldConsoleError(),
+ ]),
+ "Insecure (HTTP) toplevel -> Insecure (HTTP) download should Error"
+ );
+ await SpecialPowers.popPrefEnv();
+ }
+});
+
+// Test Manual Unblocking
+add_task(async function test_manual_unblocking() {
+ for (let prefVal of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [["browser.download.always_ask_before_handling_new_types", prefVal]],
+ });
+ await runTest(
+ INSECURE_BASE_URL,
+ "http-link",
+ async () => {
+ let [, download] = await Promise.all([
+ shouldTriggerDownload(),
+ shouldNotifyDownloadUI(),
+ ]);
+ await download.unblock();
+ Assert.equal(
+ download.error,
+ null,
+ "There should be no error after unblocking"
+ );
+ },
+ "A blocked download should succeed to download after a manual unblock"
+ );
+ await SpecialPowers.popPrefEnv();
+ }
+});
+
+// Test Unblock Download Visible
+add_task(async function test_unblock_download_visible() {
+ for (let prefVal of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [["browser.download.always_ask_before_handling_new_types", prefVal]],
+ });
+ await promiseFocus();
+ await runTest(
+ INSECURE_BASE_URL,
+ "http-link",
+ async () => {
+ let panelHasOpened = BrowserTestUtils.waitForPopupEvent(
+ DownloadsPanel.panel,
+ "shown"
+ );
+ info("awaiting that the download is triggered and added to the list");
+ await Promise.all([shouldTriggerDownload(), shouldNotifyDownloadUI()]);
+ info("awaiting that the Download list shows itself");
+ await panelHasOpened;
+ DownloadsPanel.hidePanel();
+ ok(true, "The Download Panel should have opened on blocked download");
+ },
+ "A blocked download should open the download panel"
+ );
+ await SpecialPowers.popPrefEnv();
+ }
+});
diff --git a/dom/security/test/general/browser_test_report_blocking.js b/dom/security/test/general/browser_test_report_blocking.js
index ebd7514097..ab66f1d836 100644
--- a/dom/security/test/general/browser_test_report_blocking.js
+++ b/dom/security/test/general/browser_test_report_blocking.js
@@ -108,7 +108,7 @@ async function testReporting(test) {
return iframe.browsingContext;
});
- await SpecialPowers.spawn(frameBC, [type], async obj => {
+ await SpecialPowers.spawn(frameBC, [type], async () => {
// Wait until the reporting UI is visible.
await ContentTaskUtils.waitForCondition(() => {
let reportUI = content.document.getElementById("blockingErrorReporting");
diff --git a/dom/security/test/general/browser_test_toplevel_data_navigations.js b/dom/security/test/general/browser_test_toplevel_data_navigations.js
index 0e006f1fd2..cf7c116eba 100644
--- a/dom/security/test/general/browser_test_toplevel_data_navigations.js
+++ b/dom/security/test/general/browser_test_toplevel_data_navigations.js
@@ -15,7 +15,7 @@ add_task(async function test_nav_data_uri() {
await SpecialPowers.pushPrefEnv({
set: [["security.data_uri.block_toplevel_data_uri_navigations", true]],
});
- await BrowserTestUtils.withNewTab(kDataURI, async function (browser) {
+ await BrowserTestUtils.withNewTab(kDataURI, async function () {
await SpecialPowers.spawn(
gBrowser.selectedBrowser,
[{ kDataBody }],
diff --git a/dom/security/test/general/browser_test_view_image_data_navigation.js b/dom/security/test/general/browser_test_view_image_data_navigation.js
index 90aace1e3e..6e4173e343 100644
--- a/dom/security/test/general/browser_test_view_image_data_navigation.js
+++ b/dom/security/test/general/browser_test_view_image_data_navigation.js
@@ -8,7 +8,7 @@ add_task(async function test_principal_right_click_open_link_in_new_tab() {
const TEST_PAGE =
getRootDirectory(gTestPath) + "file_view_image_data_navigation.html";
- await BrowserTestUtils.withNewTab(TEST_PAGE, async function (browser) {
+ await BrowserTestUtils.withNewTab(TEST_PAGE, async function () {
let loadPromise = BrowserTestUtils.waitForNewTab(gBrowser, null, true);
// simulate right-click->view-image
@@ -43,7 +43,7 @@ add_task(async function test_right_click_open_bg_image() {
const TEST_PAGE =
getRootDirectory(gTestPath) + "file_view_bg_image_data_navigation.html";
- await BrowserTestUtils.withNewTab(TEST_PAGE, async function (browser) {
+ await BrowserTestUtils.withNewTab(TEST_PAGE, async function () {
let loadPromise = BrowserTestUtils.waitForNewTab(gBrowser, null, true);
// simulate right-click->view-image
diff --git a/dom/security/test/general/http_download_page.html b/dom/security/test/general/http_download_page.html
new file mode 100644
index 0000000000..c5461eaed3
--- /dev/null
+++ b/dom/security/test/general/http_download_page.html
@@ -0,0 +1,23 @@
+<!DOCTYPE HTML>
+<html>
+ <head>
+ <title>Test for the download attribute</title>
+ </head>
+ <body>
+ hi
+
+ <script>
+ const host = window.location.host;
+ const path = location.pathname.replace("http_download_page.html","http_download_server.sjs");
+
+ const insecureLink = document.createElement("a");
+ // eslint-disable-next-line @microsoft/sdl/no-insecure-url
+ insecureLink.href=`http://${host}/${path}`;
+ insecureLink.download="true";
+ insecureLink.id="http-link";
+ insecureLink.textContent="Not secure Link";
+
+ document.body.append(insecureLink);
+ </script>
+ </body>
+</html>
diff --git a/dom/security/test/general/http_download_server.sjs b/dom/security/test/general/http_download_server.sjs
new file mode 100644
index 0000000000..e659df2f40
--- /dev/null
+++ b/dom/security/test/general/http_download_server.sjs
@@ -0,0 +1,20 @@
+// force the Browser to Show a Download Prompt
+
+function handleRequest(request, response) {
+ let type = "image/png";
+ let filename = "hello.png";
+ request.queryString.split("&").forEach(val => {
+ var [key, value] = val.split("=");
+ if (key == "type") {
+ type = value;
+ }
+ if (key == "name") {
+ filename = value;
+ }
+ });
+
+ response.setHeader("Cache-Control", "no-cache", false);
+ response.setHeader("Content-Disposition", `attachment; filename=${filename}`);
+ response.setHeader("Content-Type", type);
+ response.write("🙈🙊🐵🙊");
+}
diff --git a/dom/security/test/general/test_block_script_wrong_mime.html b/dom/security/test/general/test_block_script_wrong_mime.html
index 93a4b9d220..7122363dfc 100644
--- a/dom/security/test/general/test_block_script_wrong_mime.html
+++ b/dom/security/test/general/test_block_script_wrong_mime.html
@@ -25,7 +25,7 @@ const MIMETypes = [
// <script src="">
function testScript([mime, shouldLoad]) {
- return new Promise((resolve, reject) => {
+ return new Promise((resolve) => {
let script = document.createElement("script");
script.onload = () => {
document.body.removeChild(script);
@@ -44,7 +44,7 @@ function testScript([mime, shouldLoad]) {
// new Worker()
function testWorker([mime, shouldLoad]) {
- return new Promise((resolve, reject) => {
+ return new Promise((resolve) => {
let worker = new Worker("file_block_script_wrong_mime_server.sjs?type=worker&mime="+mime);
worker.onmessage = (event) => {
ok(shouldLoad, `worker with mime '${mime}' should load`)
@@ -62,7 +62,7 @@ function testWorker([mime, shouldLoad]) {
// new Worker() with importScripts()
function testWorkerImportScripts([mime, shouldLoad]) {
- return new Promise((resolve, reject) => {
+ return new Promise((resolve) => {
let worker = new Worker("file_block_script_wrong_mime_server.sjs?type=worker-import&mime="+mime);
worker.onmessage = (event) => {
ok(shouldLoad, `worker/importScripts with mime '${mime}' should load`)
diff --git a/dom/security/test/general/test_block_toplevel_data_navigation.html b/dom/security/test/general/test_block_toplevel_data_navigation.html
index bbadacb218..1a1e6e8f8a 100644
--- a/dom/security/test/general/test_block_toplevel_data_navigation.html
+++ b/dom/security/test/general/test_block_toplevel_data_navigation.html
@@ -45,7 +45,7 @@ async function expectBlockedToplevelData() {
}
};
- function observer(subject, topic) {
+ function observer(subject) {
if (!bcs.includes(subject.webProgress)) {
bcs.push(subject.webProgress);
subject.webProgress.addProgressListener(progressListener, Ci.nsIWebProgress.NOTIFY_ALL);
diff --git a/dom/security/test/general/test_bug1277803.xhtml b/dom/security/test/general/test_bug1277803.xhtml
index 30cc82310b..8987219ed1 100644
--- a/dom/security/test/general/test_bug1277803.xhtml
+++ b/dom/security/test/general/test_bug1277803.xhtml
@@ -27,7 +27,7 @@
function runTest() {
// Register our observer to intercept favicon requests.
- function observer(aSubject, aTopic, aData) {
+ function observer(aSubject, aTopic) {
// Make sure this is a favicon request.
let httpChannel = aSubject.QueryInterface(Ci.nsIHttpChannel);
if (FAVICON_URI != httpChannel.URI.spec) {
diff --git a/dom/security/test/general/test_contentpolicytype_targeted_link_iframe.html b/dom/security/test/general/test_contentpolicytype_targeted_link_iframe.html
index 24ec5dbdd9..d0d702d606 100644
--- a/dom/security/test/general/test_contentpolicytype_targeted_link_iframe.html
+++ b/dom/security/test/general/test_contentpolicytype_targeted_link_iframe.html
@@ -51,7 +51,7 @@ function createChromeScript() {
return Ci.nsIContentPolicy.ACCEPT;
},
- shouldProcess(contentLocation, loadInfo) {
+ shouldProcess() {
return Ci.nsIContentPolicy.ACCEPT;
}
};
diff --git a/dom/security/test/general/test_meta_referrer.html b/dom/security/test/general/test_meta_referrer.html
index f5e8b649f4..2871028869 100644
--- a/dom/security/test/general/test_meta_referrer.html
+++ b/dom/security/test/general/test_meta_referrer.html
@@ -24,7 +24,7 @@ function checkTestsDone() {
var script = SpecialPowers.loadChromeScript(() => {
/* eslint-env mozilla/chrome-script */
let counter = 0;
- Services.obs.addObserver(function onExamResp(subject, topic, data) {
+ Services.obs.addObserver(function onExamResp(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
if (!channel.URI.spec.startsWith("https://example.com") || counter >= 2) {
return;
diff --git a/dom/security/test/general/test_same_site_cookies_subrequest.html b/dom/security/test/general/test_same_site_cookies_subrequest.html
index 304dbafa9a..0975e49663 100644
--- a/dom/security/test/general/test_same_site_cookies_subrequest.html
+++ b/dom/security/test/general/test_same_site_cookies_subrequest.html
@@ -78,7 +78,7 @@ function checkResult(aCookieVal) {
function setupQueryResultAndRunTest() {
var myXHR = new XMLHttpRequest();
myXHR.open("GET", "file_same_site_cookies_subrequest.sjs?queryresult" + curTest);
- myXHR.onload = function(e) {
+ myXHR.onload = function() {
checkResult(myXHR.responseText);
}
myXHR.onerror = function(e) {
diff --git a/dom/security/test/general/test_same_site_cookies_toplevel_nav.html b/dom/security/test/general/test_same_site_cookies_toplevel_nav.html
index aba825916b..9ba625e4a3 100644
--- a/dom/security/test/general/test_same_site_cookies_toplevel_nav.html
+++ b/dom/security/test/general/test_same_site_cookies_toplevel_nav.html
@@ -83,7 +83,7 @@ function checkResult(aCookieVal) {
function setupQueryResultAndRunTest() {
var myXHR = new XMLHttpRequest();
myXHR.open("GET", "file_same_site_cookies_toplevel_nav.sjs?queryresult" + curTest);
- myXHR.onload = function(e) {
+ myXHR.onload = function() {
checkResult( myXHR.responseText);
}
myXHR.onerror = function(e) {
diff --git a/dom/security/test/https-first/browser_download_attribute.js b/dom/security/test/https-first/browser_download_attribute.js
index 8165add998..ea4558cc84 100644
--- a/dom/security/test/https-first/browser_download_attribute.js
+++ b/dom/security/test/https-first/browser_download_attribute.js
@@ -31,7 +31,7 @@ let msgCounter = 0;
function shouldConsoleTryUpgradeAndError() {
// Waits until CONSOLE_ERROR_MESSAGE was logged.
// Checks if download was tried via http://
- return new Promise((resolve, reject) => {
+ return new Promise(resolve => {
function listener(msgObj) {
let text = msgObj.message;
// Verify upgrade messages
diff --git a/dom/security/test/https-first/browser_httpsfirst.js b/dom/security/test/https-first/browser_httpsfirst.js
index 733474dcc1..c4437f6051 100644
--- a/dom/security/test/https-first/browser_httpsfirst.js
+++ b/dom/security/test/https-first/browser_httpsfirst.js
@@ -31,6 +31,7 @@ add_task(async function () {
await SpecialPowers.pushPrefEnv({
set: [["dom.security.https_first", false]],
});
+ Services.fog.testResetFOG();
await runPrefTest(
"http://example.com",
@@ -42,6 +43,23 @@ add_task(async function () {
set: [["dom.security.https_first", true]],
});
+ for (const key of [
+ "upgraded",
+ "upgradedSchemeless",
+ "downgraded",
+ "downgradedSchemeless",
+ "downgradedOnTimer",
+ "downgradedOnTimerSchemeless",
+ "downgradeTime",
+ "downgradeTimeSchemeless",
+ ]) {
+ is(
+ Glean.httpsfirst[key].testGetValue(),
+ null,
+ `No telemetry should have been recorded yet for ${key}`
+ );
+ }
+
await runPrefTest(
"http://example.com",
"Should upgrade upgradeable website",
@@ -71,4 +89,21 @@ add_task(async function () {
"Should downgrade after timeout.",
"http://"
);
+
+ info("Checking expected telemetry");
+ is(Glean.httpsfirst.upgraded.testGetValue(), 5);
+ is(Glean.httpsfirst.upgradedSchemeless.testGetValue(), null);
+ is(Glean.httpsfirst.downgraded.testGetValue(), 3);
+ is(Glean.httpsfirst.downgradedSchemeless.testGetValue(), null);
+ is(Glean.httpsfirst.downgradedOnTimer.testGetValue().numerator, 1);
+ is(Glean.httpsfirst.downgradedOnTimerSchemeless.testGetValue(), null);
+ const downgradeSeconds =
+ Glean.httpsfirst.downgradeTime.testGetValue().sum / 1_000_000_000;
+ ok(
+ downgradeSeconds > 2 && downgradeSeconds < 30,
+ `Summed downgrade time should be above 2 and below 30 seconds (is ${downgradeSeconds.toFixed(
+ 2
+ )}s)`
+ );
+ is(null, Glean.httpsfirst.downgradeTimeSchemeless.testGetValue());
});
diff --git a/dom/security/test/https-first/browser_mixed_content_download.js b/dom/security/test/https-first/browser_mixed_content_download.js
index 09ea64cea8..919470a78e 100644
--- a/dom/security/test/https-first/browser_mixed_content_download.js
+++ b/dom/security/test/https-first/browser_mixed_content_download.js
@@ -57,7 +57,7 @@ const DOWNLOAD_URL =
// falls back since download is not available via https
let msgCounter = 0;
function shouldConsoleError() {
- return new Promise((resolve, reject) => {
+ return new Promise(resolve => {
function listener(msgObj) {
let text = msgObj.message;
if (text.includes(CONSOLE_UPGRADE_MESSAGE) && msgCounter == 0) {
diff --git a/dom/security/test/https-first/browser_schemeless.js b/dom/security/test/https-first/browser_schemeless.js
index 9687f15072..64b078983d 100644
--- a/dom/security/test/https-first/browser_schemeless.js
+++ b/dom/security/test/https-first/browser_schemeless.js
@@ -153,6 +153,7 @@ async function runTest(aInput, aDesc, aExpectedScheme) {
add_task(async function () {
requestLongerTimeout(10);
+ Services.fog.testResetFOG();
await SpecialPowers.pushPrefEnv({
set: [
@@ -183,9 +184,36 @@ add_task(async function () {
"http"
);
+ for (const key of [
+ "upgraded",
+ "upgradedSchemeless",
+ "downgraded",
+ "downgradedSchemeless",
+ "downgradedOnTimer",
+ "downgradedOnTimerSchemeless",
+ "downgradeTime",
+ "downgradeTimeSchemeless",
+ ]) {
+ is(
+ Glean.httpsfirst[key].testGetValue(),
+ null,
+ `No telemetry should have been recorded yet for ${key}`
+ );
+ }
+
await runTest(
"example.com",
"Should upgrade upgradeable website without explicit scheme",
"https"
);
+
+ info("Checking expected telemetry");
+ is(Glean.httpsfirst.upgraded.testGetValue(), null);
+ is(Glean.httpsfirst.upgradedSchemeless.testGetValue(), 5);
+ is(Glean.httpsfirst.downgraded.testGetValue(), null);
+ is(Glean.httpsfirst.downgradedSchemeless.testGetValue(), null);
+ is(Glean.httpsfirst.downgradedOnTimer.testGetValue(), null);
+ is(Glean.httpsfirst.downgradedOnTimerSchemeless.testGetValue(), null);
+ is(Glean.httpsfirst.downgradeTime.testGetValue(), null);
+ is(Glean.httpsfirst.downgradeTimeSchemeless.testGetValue(), null);
});
diff --git a/dom/security/test/https-first/file_data_uri.html b/dom/security/test/https-first/file_data_uri.html
index 69133e5079..e6d5744802 100644
--- a/dom/security/test/https-first/file_data_uri.html
+++ b/dom/security/test/https-first/file_data_uri.html
@@ -6,7 +6,7 @@
</head>
<body>
<script class="testbody" type="text/javascript">
- window.onload = (event) => {
+ window.onload = () => {
let myLoc = window.location.href;
window.opener.parent.postMessage({location: myLoc}, "*");
window.close();
diff --git a/dom/security/test/https-first/test_resource_upgrade.html b/dom/security/test/https-first/test_resource_upgrade.html
index 66f65d9a04..275a6a23af 100644
--- a/dom/security/test/https-first/test_resource_upgrade.html
+++ b/dom/security/test/https-first/test_resource_upgrade.html
@@ -44,7 +44,7 @@
// returns after the server has received all the expected requests.
var myXHR = new XMLHttpRequest();
myXHR.open("GET", "file_upgrade_insecure_server.sjs?queryresult");
- myXHR.onload = function (e) {
+ myXHR.onload = function () {
var results = myXHR.responseText.split(",");
for (var index in results) {
checkResult(results[index]);
diff --git a/dom/security/test/https-only/browser_hsts_host.js b/dom/security/test/https-only/browser_hsts_host.js
index 858c19865c..c612606f72 100644
--- a/dom/security/test/https-only/browser_hsts_host.js
+++ b/dom/security/test/https-only/browser_hsts_host.js
@@ -146,7 +146,7 @@ add_task(async function () {
Services.obs.removeObserver(observer, "http-on-examine-response");
});
-function observer(subject, topic, state) {
+function observer(subject, topic) {
info("observer called with " + topic);
if (topic == "http-on-examine-response") {
onExamineResponse(subject);
diff --git a/dom/security/test/https-only/browser_save_as.js b/dom/security/test/https-only/browser_save_as.js
index 309dd69c79..fbfdf276a8 100644
--- a/dom/security/test/https-only/browser_save_as.js
+++ b/dom/security/test/https-only/browser_save_as.js
@@ -14,7 +14,7 @@ const TEST_PATH =
"http://example.com/browser/dom/security/test/https-only/file_save_as.html";
let MockFilePicker = SpecialPowers.MockFilePicker;
-MockFilePicker.init(window);
+MockFilePicker.init(window.browsingContext);
const tempDir = createTemporarySaveDirectory();
MockFilePicker.displayDirectory = tempDir;
@@ -78,7 +78,7 @@ function createPromiseForTransferComplete() {
}
function createPromiseForConsoleError(message) {
- return new Promise((resolve, reject) => {
+ return new Promise(resolve => {
function listener(msgObj) {
let text = msgObj.message;
if (text.includes(message)) {
@@ -155,7 +155,11 @@ async function setHttpsFirstAndOnlyPrefs(httpsFirst, httpsOnly) {
add_task(async function testBaseline() {
// Run with HTTPS-First and HTTPS-Only disabled
await setHttpsFirstAndOnlyPrefs(false, false);
- await runTest("#insecure-link", HTTP_LINK, undefined);
+ await runTest(
+ "#insecure-link",
+ HTTP_LINK,
+ "We blocked a download that’s not secure: “http://example.org/”."
+ );
await runTest("#secure-link", HTTPS_LINK, undefined);
});
@@ -169,7 +173,7 @@ add_task(async function testHttpsFirst() {
await runTest(
"#insecure-link",
HTTP_LINK,
- "Blocked downloading insecure content “http://example.org/”."
+ "We blocked a download that’s not secure: “http://example.org/”."
);
await runTest("#secure-link", HTTPS_LINK, undefined);
});
@@ -181,7 +185,7 @@ add_task(async function testHttpsOnly() {
await runTest(
"#insecure-link",
HTTP_LINK,
- "Blocked downloading insecure content “http://example.org/”."
+ "We blocked a download that’s not secure: “http://example.org/”."
);
await runTest("#secure-link", HTTPS_LINK, undefined);
});
diff --git a/dom/security/test/https-only/browser_user_gesture.js b/dom/security/test/https-only/browser_user_gesture.js
index e7d6a20318..9eec10bd88 100644
--- a/dom/security/test/https-only/browser_user_gesture.js
+++ b/dom/security/test/https-only/browser_user_gesture.js
@@ -23,7 +23,7 @@ add_task(async function () {
// 1. Upgrade a page to https://
BrowserTestUtils.startLoadingURIString(browser, kTestURI);
await loaded;
- await ContentTask.spawn(browser, {}, async args => {
+ await ContentTask.spawn(browser, {}, async () => {
ok(
content.document.location.href.startsWith("https://"),
"Should be https"
diff --git a/dom/security/test/https-only/file_upgrade_insecure.html b/dom/security/test/https-only/file_upgrade_insecure.html
index 346cfbeb9c..b2d3b89e3d 100644
--- a/dom/security/test/https-only/file_upgrade_insecure.html
+++ b/dom/security/test/https-only/file_upgrade_insecure.html
@@ -55,7 +55,7 @@
);
if (AppConstants.platform !== "android") {
var mySocket = new WebSocket("ws://example.com/tests/dom/security/test/https-only/file_upgrade_insecure");
- mySocket.onopen = function(e) {
+ mySocket.onopen = function() {
if (mySocket.url.includes("wss://")) {
window.parent.postMessage({result: "websocket-ok"}, "*");
}
diff --git a/dom/security/test/https-only/file_websocket_exceptions_iframe.html b/dom/security/test/https-only/file_websocket_exceptions_iframe.html
index 23c6af2d45..d8d0046119 100644
--- a/dom/security/test/https-only/file_websocket_exceptions_iframe.html
+++ b/dom/security/test/https-only/file_websocket_exceptions_iframe.html
@@ -5,17 +5,17 @@
<script>
window.addEventListener("message", receiveMessage);
-function receiveMessage(event) {
+function receiveMessage() {
window.removeEventListener("message", receiveMessage);
var mySocket = new WebSocket("ws://example.com/tests/dom/security/test/https-only/file_upgrade_insecure");
- mySocket.onopen = function(e) {
+ mySocket.onopen = function() {
parent.dispatchEvent(new CustomEvent("WebSocketEnded", {
detail: { url: mySocket.url, state: "onopen" }
}));
mySocket.close();
};
- mySocket.onerror = function(e) {
+ mySocket.onerror = function() {
parent.dispatchEvent(new CustomEvent("WebSocketEnded", {
detail: { url: mySocket.url, state: "onerror" }
}));
diff --git a/dom/security/test/https-only/test_redirect_upgrade.html b/dom/security/test/https-only/test_redirect_upgrade.html
index 59f02f96d0..6cf96bd494 100644
--- a/dom/security/test/https-only/test_redirect_upgrade.html
+++ b/dom/security/test/https-only/test_redirect_upgrade.html
@@ -28,12 +28,12 @@ Test that 302 redirect requests get upgraded to https:// with HTTPS-Only Mode en
// Make a request to a site (eg. https://file_redirect.sjs?301), which will redirect to http://file_redirect.sjs?check.
// The response will either be secure-ok, if the request has been upgraded to https:// or secure-error if it didn't.
myXHR.open("GET", `https://example.com/tests/dom/security/test/https-only/file_redirect.sjs?${currentCode}`);
- myXHR.onload = (e) => {
+ myXHR.onload = () => {
is(myXHR.responseText, "secure-ok", `a ${currentCode} redirect when posting violation report should be blocked`)
testDone();
}
// This should not happen
- myXHR.onerror = (e) => {
+ myXHR.onerror = () => {
ok(false, `Could not query results from server for ${currentCode}-redirect test (" + e.message + ")`);
testDone();
}
diff --git a/dom/security/test/https-only/test_resource_upgrade.html b/dom/security/test/https-only/test_resource_upgrade.html
index 6584bad020..1be7fcc3dd 100644
--- a/dom/security/test/https-only/test_resource_upgrade.html
+++ b/dom/security/test/https-only/test_resource_upgrade.html
@@ -54,7 +54,7 @@
// returns after the server has received all the expected requests.
var myXHR = new XMLHttpRequest();
myXHR.open("GET", "file_upgrade_insecure_server.sjs?queryresult");
- myXHR.onload = function (e) {
+ myXHR.onload = function () {
var results = myXHR.responseText.split(",");
for (var index in results) {
checkResult(results[index]);
diff --git a/dom/security/test/mixedcontentblocker/browser_test_mixed_content_download.js b/dom/security/test/mixedcontentblocker/browser_test_mixed_content_download.js
index ee350008aa..b103d83cd7 100644
--- a/dom/security/test/mixedcontentblocker/browser_test_mixed_content_download.js
+++ b/dom/security/test/mixedcontentblocker/browser_test_mixed_content_download.js
@@ -101,7 +101,7 @@ function shouldTriggerDownload(action = "save") {
});
}
-const CONSOLE_ERROR_MESSAGE = "Blocked downloading insecure content";
+const CONSOLE_ERROR_MESSAGE = "We blocked a download that’s not secure";
function shouldConsoleError() {
// Waits until CONSOLE_ERROR_MESSAGE was logged
diff --git a/dom/security/test/referrer-policy/browser.toml b/dom/security/test/referrer-policy/browser.toml
index 325b6a3f49..a77046c85b 100644
--- a/dom/security/test/referrer-policy/browser.toml
+++ b/dom/security/test/referrer-policy/browser.toml
@@ -1,8 +1,8 @@
[DEFAULT]
support-files = ["referrer_page.sjs"]
-["browser_fragment_navigation.js"]
-support-files = ["file_fragment_navigation.sjs"]
+["browser_session_history.js"]
+support-files = ["file_session_history.sjs"]
["browser_referrer_disallow_cross_site_relaxing.js"]
diff --git a/dom/security/test/referrer-policy/browser_fragment_navigation.js b/dom/security/test/referrer-policy/browser_session_history.js
index c3d5e62854..b480ce4ff0 100644
--- a/dom/security/test/referrer-policy/browser_fragment_navigation.js
+++ b/dom/security/test/referrer-policy/browser_session_history.js
@@ -4,7 +4,7 @@
"use strict";
const TEST_FILE =
- "https://example.com/browser/dom/security/test/referrer-policy/file_fragment_navigation.sjs";
+ "https://example.com/browser/dom/security/test/referrer-policy/file_session_history.sjs";
add_task(async function test_browser_navigation() {
await BrowserTestUtils.withNewTab(TEST_FILE, async browser => {
@@ -37,6 +37,21 @@ add_task(async function test_browser_navigation() {
content.document.getElementById("ok"),
"Page should load when checking referrer after fragment navigation and reload"
);
+
+ info("Clicking on push_state button");
+ content.document.getElementById("push_state").click();
+ });
+
+ info("Reloading tab");
+ loadPromise = BrowserTestUtils.browserLoaded(browser);
+ await BrowserTestUtils.reloadTab(gBrowser.selectedTab);
+ await loadPromise;
+
+ await SpecialPowers.spawn(browser, [], () => {
+ ok(
+ content.document.getElementById("ok"),
+ "Page should load when checking referrer after history.pushState and reload"
+ );
});
});
});
diff --git a/dom/security/test/referrer-policy/file_fragment_navigation.sjs b/dom/security/test/referrer-policy/file_session_history.sjs
index 5fb6f0d826..3d5f06b026 100644
--- a/dom/security/test/referrer-policy/file_fragment_navigation.sjs
+++ b/dom/security/test/referrer-policy/file_session_history.sjs
@@ -6,16 +6,22 @@ function handleRequest(request, response) {
request.queryString === "check_referrer" &&
(!request.hasHeader("referer") ||
request.getHeader("referer") !==
- "https://example.com/browser/dom/security/test/referrer-policy/file_fragment_navigation.sjs")
+ "https://example.com/browser/dom/security/test/referrer-policy/file_session_history.sjs")
) {
response.setStatusLine(request.httpVersion, 400, "Bad Request");
response.write("Did not receive referrer");
} else {
response.setHeader("Content-Type", "text/html");
response.write(
- `<span id="ok">OK</span>
-<a id="check_referrer" href="?check_referrer">check_referrer</a>
-<a id="fragment" href="#fragment">fragment</a>`
+ `<span id="ok">OK</span>
+ <a id="check_referrer" href="?check_referrer">check_referrer</a>
+ <a id="fragment" href="#fragment">fragment</a>
+ <script>
+ function pushState(){
+ history.pushState({}, "", location);
+ }
+ </script>
+ <button id="push_state" onclick="pushState();" >push_state</button>`
);
}
}
diff --git a/dom/security/test/referrer-policy/referrer_helper.js b/dom/security/test/referrer-policy/referrer_helper.js
index b892017eef..92593fa907 100644
--- a/dom/security/test/referrer-policy/referrer_helper.js
+++ b/dom/security/test/referrer-policy/referrer_helper.js
@@ -61,7 +61,7 @@ function checkIndividualResults(aTestname, aExpectedReferrer, aName) {
);
advance();
};
- var onerror = xhr => {
+ var onerror = () => {
ok(false, "Can't get results from the counter server.");
SimpleTest.finish();
};
@@ -69,7 +69,7 @@ function checkIndividualResults(aTestname, aExpectedReferrer, aName) {
}
function resetState() {
- doXHR(RESET_STATE, advance, function (xhr) {
+ doXHR(RESET_STATE, advance, function () {
ok(false, "error in reset state");
SimpleTest.finish();
});
diff --git a/dom/security/test/referrer-policy/test_img_referrer.html b/dom/security/test/referrer-policy/test_img_referrer.html
index fcc80929d2..5e3a2e6ddf 100644
--- a/dom/security/test/referrer-policy/test_img_referrer.html
+++ b/dom/security/test/referrer-policy/test_img_referrer.html
@@ -64,7 +64,7 @@ function checkIndividualResults(aTestname, aExpectedImg, aName) {
advance();
},
- function(xhr) {
+ function() {
ok(false, "Can't get results from the counter server.");
SimpleTest.finish();
});
@@ -73,7 +73,7 @@ function checkIndividualResults(aTestname, aExpectedImg, aName) {
function resetState() {
doXHR('/tests/dom/security/test/referrer-policy/img_referrer_testserver.sjs?action=resetState',
advance,
- function(xhr) {
+ function() {
ok(false, "error in reset state");
SimpleTest.finish();
});
diff --git a/dom/security/test/sec-fetch/browser_external_loads.js b/dom/security/test/sec-fetch/browser_external_loads.js
index 0340b46899..070342e800 100644
--- a/dom/security/test/sec-fetch/browser_external_loads.js
+++ b/dom/security/test/sec-fetch/browser_external_loads.js
@@ -7,7 +7,7 @@ const TEST_PATH = getRootDirectory(gTestPath).replace(
var gExpectedHeader = {};
-function checkSecFetchUser(subject, topic, data) {
+function checkSecFetchUser(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
if (!channel.URI.spec.startsWith("https://example.com")) {
return;
@@ -45,7 +45,7 @@ add_task(async function external_load() {
Services.obs.addObserver(checkSecFetchUser, "http-on-stop-request");
let headersChecked = new Promise(resolve => {
- let reqStopped = async (subject, topic, data) => {
+ let reqStopped = async () => {
Services.obs.removeObserver(reqStopped, "http-on-stop-request");
resolve();
};
diff --git a/dom/security/test/sec-fetch/browser_navigation.js b/dom/security/test/sec-fetch/browser_navigation.js
index d203391356..2d51a7d1f5 100644
--- a/dom/security/test/sec-fetch/browser_navigation.js
+++ b/dom/security/test/sec-fetch/browser_navigation.js
@@ -10,7 +10,7 @@ async function setup() {
waitForExplicitFinish();
}
-function checkSecFetchUser(subject, topic, data) {
+function checkSecFetchUser(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
if (!channel.URI.spec.startsWith("https://example.com/")) {
return;
diff --git a/dom/security/test/sec-fetch/test_iframe_history_manipulation.html b/dom/security/test/sec-fetch/test_iframe_history_manipulation.html
index 5ec749bf4d..65d79fa530 100644
--- a/dom/security/test/sec-fetch/test_iframe_history_manipulation.html
+++ b/dom/security/test/sec-fetch/test_iframe_history_manipulation.html
@@ -18,7 +18,7 @@ let testFrame;
var script = SpecialPowers.loadChromeScript(() => {
/* eslint-env mozilla/chrome-script */
- Services.obs.addObserver(function onExamResp(subject, topic, data) {
+ Services.obs.addObserver(function onExamResp(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
info("request observed: " + channel.URI.spec);
if (!channel.URI.spec.startsWith("https://example.org")) {
diff --git a/dom/security/test/sec-fetch/test_iframe_src_metaRedirect.html b/dom/security/test/sec-fetch/test_iframe_src_metaRedirect.html
index 28eae80226..d05ae4df70 100644
--- a/dom/security/test/sec-fetch/test_iframe_src_metaRedirect.html
+++ b/dom/security/test/sec-fetch/test_iframe_src_metaRedirect.html
@@ -25,7 +25,7 @@ let testPassCounter = 0;
var script = SpecialPowers.loadChromeScript(() => {
/* eslint-env mozilla/chrome-script */
- Services.obs.addObserver(function onExamResp(subject, topic, data) {
+ Services.obs.addObserver(function onExamResp(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
if (!channel.URI.spec.startsWith("https://example.com/tests/dom/security/test/sec-fetch/file_redirect.sjs")) {
return;
diff --git a/dom/security/test/sec-fetch/test_iframe_srcdoc_metaRedirect.html b/dom/security/test/sec-fetch/test_iframe_srcdoc_metaRedirect.html
index adee5afe84..1a3fa85603 100644
--- a/dom/security/test/sec-fetch/test_iframe_srcdoc_metaRedirect.html
+++ b/dom/security/test/sec-fetch/test_iframe_srcdoc_metaRedirect.html
@@ -25,7 +25,7 @@ let testPassCounter = 0;
var script = SpecialPowers.loadChromeScript(() => {
/* eslint-env mozilla/chrome-script */
- Services.obs.addObserver(function onExamResp(subject, topic, data) {
+ Services.obs.addObserver(function onExamResp(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
if (!channel.URI.spec.startsWith("https://example.com/tests/dom/security/test/sec-fetch/file_redirect.sjs")) {
return;
diff --git a/dom/security/test/sec-fetch/test_iframe_window_open_metaRedirect.html b/dom/security/test/sec-fetch/test_iframe_window_open_metaRedirect.html
index b532baeb5e..1dd7f8864e 100644
--- a/dom/security/test/sec-fetch/test_iframe_window_open_metaRedirect.html
+++ b/dom/security/test/sec-fetch/test_iframe_window_open_metaRedirect.html
@@ -26,7 +26,7 @@ let testWindow;
var script = SpecialPowers.loadChromeScript(() => {
/* eslint-env mozilla/chrome-script */
- Services.obs.addObserver(function onExamResp(subject, topic, data) {
+ Services.obs.addObserver(function onExamResp(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
if (!channel.URI.spec.startsWith("https://example.com/tests/dom/security/test/sec-fetch/file_redirect.sjs")) {
return;
diff --git a/dom/security/test/sec-fetch/test_trustworthy_loopback.html b/dom/security/test/sec-fetch/test_trustworthy_loopback.html
index 95ecac17ed..3b44895e77 100644
--- a/dom/security/test/sec-fetch/test_trustworthy_loopback.html
+++ b/dom/security/test/sec-fetch/test_trustworthy_loopback.html
@@ -23,7 +23,7 @@ function checkTestsDone() {
var script = SpecialPowers.loadChromeScript(() => {
/* eslint-env mozilla/chrome-script */
- Services.obs.addObserver(function onExamResp(subject, topic, data) {
+ Services.obs.addObserver(function onExamResp(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
if (!channel.URI.spec.includes("localhost") ||
channel.URI.spec.startsWith("http://localhost:9898/tests/dom/security/test/sec-fetch/file_trustworthy_loopback.html")) {
diff --git a/dom/security/test/sec-fetch/test_websocket.html b/dom/security/test/sec-fetch/test_websocket.html
index 5df0553a4f..4613419040 100644
--- a/dom/security/test/sec-fetch/test_websocket.html
+++ b/dom/security/test/sec-fetch/test_websocket.html
@@ -21,7 +21,7 @@ function checkTestsDone() {
var script = SpecialPowers.loadChromeScript(() => {
/* eslint-env mozilla/chrome-script */
- Services.obs.addObserver(function onExamResp(subject, topic, data) {
+ Services.obs.addObserver(function onExamResp(subject) {
let channel = subject.QueryInterface(Ci.nsIHttpChannel);
if (!channel.URI.spec.startsWith("https://example.com/tests/dom/security/test/sec-fetch/file_websocket")) {
return;
@@ -61,11 +61,11 @@ script.addMessageListener("test-end", () => {
});
var wssSocket = new WebSocket("wss://example.com/tests/dom/security/test/sec-fetch/file_websocket");
-wssSocket.onopen = function(e) {
+wssSocket.onopen = function() {
ok(true, "sanity: wssSocket onopen");
checkTestsDone();
};
-wssSocket.onerror = function(e) {
+wssSocket.onerror = function() {
ok(false, "sanity: wssSocket onerror");
};
diff --git a/dom/security/test/unit/test_csp_reports.js b/dom/security/test/unit/test_csp_reports.js
index 36da1a13e5..3d5a00b0f6 100644
--- a/dom/security/test/unit/test_csp_reports.js
+++ b/dom/security/test/unit/test_csp_reports.js
@@ -23,7 +23,7 @@ const REPORT_SERVER_URI = "http://localhost";
* or fails a test based on what it gets.
*/
function makeReportHandler(testpath, message, expectedJSON) {
- return function (request, response) {
+ return function (request) {
// we only like "POST" submissions for reports!
if (request.method !== "POST") {
do_throw("violation report should be a POST request");
diff --git a/dom/security/test/unit/test_csp_upgrade_insecure_request_header.js b/dom/security/test/unit/test_csp_upgrade_insecure_request_header.js
index 26758d261d..1c5fdabf31 100644
--- a/dom/security/test/unit/test_csp_upgrade_insecure_request_header.js
+++ b/dom/security/test/unit/test_csp_upgrade_insecure_request_header.js
@@ -45,11 +45,11 @@ var tests = [
function ChannelListener() {}
ChannelListener.prototype = {
- onStartRequest(request) {},
- onDataAvailable(request, stream, offset, count) {
+ onStartRequest() {},
+ onDataAvailable() {
do_throw("Should not get any data!");
},
- onStopRequest(request, status) {
+ onStopRequest(request) {
var upgrade_insecure_header = false;
try {
if (request.getRequestHeader("Upgrade-Insecure-Requests")) {
@@ -76,7 +76,7 @@ function setupChannel(aContentType) {
return chan;
}
-function serverHandler(metadata, response) {
+function serverHandler() {
// no need to perform anything here
}
diff --git a/dom/security/test/unit/test_https_only_https_first_default_port.js b/dom/security/test/unit/test_https_only_https_first_default_port.js
index bd4d6717eb..06ffb80eee 100644
--- a/dom/security/test/unit/test_https_only_https_first_default_port.js
+++ b/dom/security/test/unit/test_https_only_https_first_default_port.js
@@ -41,13 +41,13 @@ const TESTS = [
function ChannelListener() {}
ChannelListener.prototype = {
- onStartRequest(request) {
+ onStartRequest() {
// dummy implementation
},
- onDataAvailable(request, stream, offset, count) {
+ onDataAvailable() {
do_throw("Should not get any data!");
},
- onStopRequest(request, status) {
+ onStopRequest(request) {
var chan = request.QueryInterface(Ci.nsIChannel);
let requestURL = chan.URI;
Assert.equal(
@@ -79,7 +79,7 @@ function setUpChannel() {
return chan;
}
-function serverHandler(metadata, response) {
+function serverHandler() {
// dummy implementation
}
diff --git a/dom/security/test/unit/test_https_only_https_first_prefs.js b/dom/security/test/unit/test_https_only_https_first_prefs.js
index 9c6ced1fcb..6c7e112d9b 100644
--- a/dom/security/test/unit/test_https_only_https_first_prefs.js
+++ b/dom/security/test/unit/test_https_only_https_first_prefs.js
@@ -272,10 +272,10 @@ ChannelListener.prototype = {
var authHeader = httpChan.getRequestHeader("Authorization");
Assert.equal(authHeader, "Basic user:pass", curTest.description);
},
- onDataAvailable(request, stream, offset, count) {
+ onDataAvailable() {
do_throw("Should not get any data!");
},
- onStopRequest(request, status) {
+ onStopRequest(request) {
var chan = request.QueryInterface(Ci.nsIChannel);
let requestURL = chan.URI;
Assert.equal(
@@ -331,7 +331,7 @@ function setUpChannel() {
return chan;
}
-function serverHandler(metadata, response) {
+function serverHandler() {
// dummy implementation
}