summaryrefslogtreecommitdiffstats
path: root/netwerk/test/unit/test_bug1177909.js
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
commit26a029d407be480d791972afb5975cf62c9360a6 (patch)
treef435a8308119effd964b339f76abb83a57c29483 /netwerk/test/unit/test_bug1177909.js
parentInitial commit. (diff)
downloadfirefox-upstream/124.0.1.tar.xz
firefox-upstream/124.0.1.zip
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'netwerk/test/unit/test_bug1177909.js')
-rw-r--r--netwerk/test/unit/test_bug1177909.js251
1 files changed, 251 insertions, 0 deletions
diff --git a/netwerk/test/unit/test_bug1177909.js b/netwerk/test/unit/test_bug1177909.js
new file mode 100644
index 0000000000..0fc94f8a2c
--- /dev/null
+++ b/netwerk/test/unit/test_bug1177909.js
@@ -0,0 +1,251 @@
+"use strict";
+
+const { MockRegistrar } = ChromeUtils.importESModule(
+ "resource://testing-common/MockRegistrar.sys.mjs"
+);
+
+XPCOMUtils.defineLazyServiceGetter(
+ this,
+ "gProxyService",
+ "@mozilla.org/network/protocol-proxy-service;1",
+ "nsIProtocolProxyService"
+);
+
+ChromeUtils.defineLazyGetter(this, "systemSettings", function () {
+ return {
+ QueryInterface: ChromeUtils.generateQI(["nsISystemProxySettings"]),
+
+ mainThreadOnly: true,
+ PACURI: null,
+
+ getProxyForURI(aSpec, aScheme, aHost, aPort) {
+ if (aPort != -1) {
+ return "SOCKS5 http://localhost:9050";
+ }
+ if (aScheme == "http") {
+ return "PROXY http://localhost:8080";
+ }
+ if (aScheme == "https") {
+ return "HTTPS https://localhost:8080";
+ }
+ return "DIRECT";
+ },
+ };
+});
+
+let gMockProxy = MockRegistrar.register(
+ "@mozilla.org/system-proxy-settings;1",
+ systemSettings
+);
+
+registerCleanupFunction(() => {
+ MockRegistrar.unregister(gMockProxy);
+});
+
+function makeChannel(uri) {
+ return NetUtil.newChannel({
+ uri,
+ loadUsingSystemPrincipal: true,
+ });
+}
+
+async function TestProxyType(chan, flags) {
+ Services.prefs.setIntPref(
+ "network.proxy.type",
+ Ci.nsIProtocolProxyService.PROXYCONFIG_SYSTEM
+ );
+
+ return new Promise((resolve, reject) => {
+ gProxyService.asyncResolve(chan, flags, {
+ onProxyAvailable(req, uri, pi, status) {
+ resolve(pi);
+ },
+ });
+ });
+}
+
+async function TestProxyTypeByURI(uri) {
+ return TestProxyType(makeChannel(uri), 0);
+}
+
+add_task(async function testHttpProxy() {
+ let pi = await TestProxyTypeByURI("http://www.mozilla.org/");
+ equal(pi.host, "localhost", "Expected proxy host to be localhost");
+ equal(pi.port, 8080, "Expected proxy port to be 8080");
+ equal(pi.type, "http", "Expected proxy type to be http");
+});
+
+add_task(async function testHttpsProxy() {
+ let pi = await TestProxyTypeByURI("https://www.mozilla.org/");
+ equal(pi.host, "localhost", "Expected proxy host to be localhost");
+ equal(pi.port, 8080, "Expected proxy port to be 8080");
+ equal(pi.type, "https", "Expected proxy type to be https");
+});
+
+add_task(async function testSocksProxy() {
+ let pi = await TestProxyTypeByURI("http://www.mozilla.org:1234/");
+ equal(pi.host, "localhost", "Expected proxy host to be localhost");
+ equal(pi.port, 9050, "Expected proxy port to be 8080");
+ equal(pi.type, "socks", "Expected proxy type to be http");
+});
+
+add_task(async function testDirectProxy() {
+ // Do what |WebSocketChannel::AsyncOpen| do, but do not prefer https proxy.
+ let proxyURI = Cc["@mozilla.org/network/standard-url-mutator;1"]
+ .createInstance(Ci.nsIURIMutator)
+ .setSpec("wss://ws.mozilla.org/")
+ .finalize();
+ let uri = proxyURI.mutate().setScheme("https").finalize();
+
+ let chan = Services.io.newChannelFromURIWithProxyFlags(
+ uri,
+ proxyURI,
+ 0,
+ null,
+ Services.scriptSecurityManager.getSystemPrincipal(),
+ null,
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+ Ci.nsIContentPolicy.TYPE_OTHER
+ );
+
+ let pi = await TestProxyType(chan, 0);
+ equal(pi, null, "Expected proxy host to be null");
+});
+
+add_task(async function testWebSocketProxy() {
+ // Do what |WebSocketChannel::AsyncOpen| do
+ let proxyURI = Cc["@mozilla.org/network/standard-url-mutator;1"]
+ .createInstance(Ci.nsIURIMutator)
+ .setSpec("wss://ws.mozilla.org/")
+ .finalize();
+ let uri = proxyURI.mutate().setScheme("https").finalize();
+
+ let proxyFlags =
+ Ci.nsIProtocolProxyService.RESOLVE_PREFER_SOCKS_PROXY |
+ Ci.nsIProtocolProxyService.RESOLVE_PREFER_HTTPS_PROXY |
+ Ci.nsIProtocolProxyService.RESOLVE_ALWAYS_TUNNEL;
+
+ let chan = Services.io.newChannelFromURIWithProxyFlags(
+ uri,
+ proxyURI,
+ proxyFlags,
+ null,
+ Services.scriptSecurityManager.getSystemPrincipal(),
+ null,
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+ Ci.nsIContentPolicy.TYPE_OTHER
+ );
+
+ let pi = await TestProxyType(chan, proxyFlags);
+ equal(pi.host, "localhost", "Expected proxy host to be localhost");
+ equal(pi.port, 8080, "Expected proxy port to be 8080");
+ equal(pi.type, "https", "Expected proxy type to be https");
+});
+
+add_task(async function testPreferHttpsProxy() {
+ let uri = Cc["@mozilla.org/network/standard-url-mutator;1"]
+ .createInstance(Ci.nsIURIMutator)
+ .setSpec("http://mozilla.org/")
+ .finalize();
+ let proxyFlags = Ci.nsIProtocolProxyService.RESOLVE_PREFER_HTTPS_PROXY;
+
+ let chan = Services.io.newChannelFromURIWithProxyFlags(
+ uri,
+ null,
+ proxyFlags,
+ null,
+ Services.scriptSecurityManager.getSystemPrincipal(),
+ null,
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+ Ci.nsIContentPolicy.TYPE_OTHER
+ );
+
+ let pi = await TestProxyType(chan, proxyFlags);
+ equal(pi.host, "localhost", "Expected proxy host to be localhost");
+ equal(pi.port, 8080, "Expected proxy port to be 8080");
+ equal(pi.type, "https", "Expected proxy type to be https");
+});
+
+add_task(async function testProxyHttpsToHttpIsBlocked() {
+ // Ensure that regressions of bug 1702417 will be detected by the next test
+ const turnUri = Services.io.newURI("http://turn.example.com/");
+ const proxyFlags =
+ Ci.nsIProtocolProxyService.RESOLVE_PREFER_HTTPS_PROXY |
+ Ci.nsIProtocolProxyService.RESOLVE_ALWAYS_TUNNEL;
+
+ const fakeContentPrincipal =
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "https://example.com"
+ );
+
+ const chan = Services.io.newChannelFromURIWithProxyFlags(
+ turnUri,
+ null,
+ proxyFlags,
+ null,
+ fakeContentPrincipal,
+ fakeContentPrincipal,
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+ Ci.nsIContentPolicy.TYPE_OTHER
+ );
+
+ const pi = await TestProxyType(chan, proxyFlags);
+ equal(pi.host, "localhost", "Expected proxy host to be localhost");
+ equal(pi.port, 8080, "Expected proxy port to be 8080");
+ equal(pi.type, "https", "Expected proxy type to be https");
+
+ const csm = Cc["@mozilla.org/contentsecuritymanager;1"].getService(
+ Ci.nsIContentSecurityManager
+ );
+
+ try {
+ csm.performSecurityCheck(chan, null);
+ Assert.ok(
+ false,
+ "performSecurityCheck should fail (due to mixed content blocking)"
+ );
+ } catch (e) {
+ Assert.equal(
+ e.result,
+ Cr.NS_ERROR_CONTENT_BLOCKED,
+ "performSecurityCheck should throw NS_ERROR_CONTENT_BLOCKED"
+ );
+ }
+});
+
+add_task(async function testProxyHttpsToTurnTcpWorks() {
+ // Test for bug 1702417
+ const turnUri = Services.io.newURI("http://turn.example.com/");
+ const proxyFlags =
+ Ci.nsIProtocolProxyService.RESOLVE_PREFER_HTTPS_PROXY |
+ Ci.nsIProtocolProxyService.RESOLVE_ALWAYS_TUNNEL;
+
+ const fakeContentPrincipal =
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "https://example.com"
+ );
+
+ const chan = Services.io.newChannelFromURIWithProxyFlags(
+ turnUri,
+ null,
+ proxyFlags,
+ null,
+ fakeContentPrincipal,
+ fakeContentPrincipal,
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+ // This is what allows this to avoid mixed content blocking
+ Ci.nsIContentPolicy.TYPE_PROXIED_WEBRTC_MEDIA
+ );
+
+ const pi = await TestProxyType(chan, proxyFlags);
+ equal(pi.host, "localhost", "Expected proxy host to be localhost");
+ equal(pi.port, 8080, "Expected proxy port to be 8080");
+ equal(pi.type, "https", "Expected proxy type to be https");
+
+ const csm = Cc["@mozilla.org/contentsecuritymanager;1"].getService(
+ Ci.nsIContentSecurityManager
+ );
+
+ csm.performSecurityCheck(chan, null);
+ Assert.ok(true, "performSecurityCheck should succeed");
+});