diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /security/manager/ssl/tests/unit/test_sss_readstate_garbage.js | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/manager/ssl/tests/unit/test_sss_readstate_garbage.js')
-rw-r--r-- | security/manager/ssl/tests/unit/test_sss_readstate_garbage.js | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js new file mode 100644 index 0000000000..794a402702 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js @@ -0,0 +1,77 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +"use strict"; + +// The purpose of this test is to create a mostly bogus old site security +// service state file and see that the site security service migrates it +// to the new format properly, discarding invalid data. + +function run_test() { + let profileDir = do_get_profile(); + let stateFile = profileDir.clone(); + stateFile.append(SSS_STATE_OLD_FILE_NAME); + // Assuming we're working with a clean slate, the file shouldn't exist + // until we create it. + ok(!stateFile.exists()); + let outputStream = FileUtils.openFileOutputStream(stateFile); + let expiryTime = Date.now() + 100000; + let lines = [ + // General state file entry tests. + `example1.example.com\t0\t0\t${expiryTime},1,0`, + "I'm a lumberjack and I'm okay; I work all night and I sleep all day!", + "This is a totally bogus entry\t", + "0\t0\t0\t0\t", + "\t\t\t\t\t\t\t", + "example.com\t\t\t\t\t\t\t", + "example3.example.com\t0\t\t\t\t\t\t", + `example2.example.com\t0\t0\t${expiryTime},1,0`, + // HSTS state string parsing tests + `extra.comma.example.com\t0\t0\t${expiryTime},,1,0`, + "empty.statestring.example.com\t0\t0\t", + "rubbish.statestring.example.com\t0\t0\tfoobar", + `spaces.statestring.example.com\t0\t0\t${expiryTime}, 1,0 `, + `invalid.expirytime.example.com\t0\t0\t${expiryTime}foo123,1,0`, + `text.securitypropertystate.example.com\t0\t0\t${expiryTime},1foo,0`, + `invalid.securitypropertystate.example.com\t0\t0\t${expiryTime},999,0`, + `text.includesubdomains.example.com\t0\t0\t${expiryTime},1,1foo`, + `invalid.includesubdomains.example.com\t0\t0\t${expiryTime},1,0foo`, + ]; + writeLinesAndClose(lines, outputStream); + + let siteSecurityService = Cc["@mozilla.org/ssservice;1"].getService( + Ci.nsISiteSecurityService + ); + notEqual(siteSecurityService, null); + + const HSTS_HOSTS = [ + "https://example1.example.com", + "https://example2.example.com", + ]; + for (let host of HSTS_HOSTS) { + ok( + siteSecurityService.isSecureURI(Services.io.newURI(host)), + `${host} should be HSTS enabled` + ); + } + + const NOT_HSTS_HOSTS = [ + "https://example.com", + "https://example3.example.com", + "https://extra.comma.example.com", + "https://empty.statestring.example.com", + "https://rubbish.statestring.example.com", + "https://spaces.statestring.example.com", + "https://invalid.expirytime.example.com", + "https://text.securitypropertystate.example.com", + "https://invalid.securitypropertystate.example.com", + "https://text.includesubdomains.example.com", + "https://invalid.includesubdomains.example.com", + ]; + for (let host of NOT_HSTS_HOSTS) { + ok( + !siteSecurityService.isSecureURI(Services.io.newURI(host)), + `${host} should not be HSTS enabled` + ); + } +} |