diff options
Diffstat (limited to 'toolkit/components/httpsonlyerror/tests/browser/file_upgrade_insecure_server.sjs')
-rw-r--r-- | toolkit/components/httpsonlyerror/tests/browser/file_upgrade_insecure_server.sjs | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/toolkit/components/httpsonlyerror/tests/browser/file_upgrade_insecure_server.sjs b/toolkit/components/httpsonlyerror/tests/browser/file_upgrade_insecure_server.sjs new file mode 100644 index 0000000000..e05ea7b3a3 --- /dev/null +++ b/toolkit/components/httpsonlyerror/tests/browser/file_upgrade_insecure_server.sjs @@ -0,0 +1,108 @@ +// Serverside Javascript for browser_exception.js +// Bug 1625156 - Error page for HTTPS Only Mode + +const expectedQueries = ["content", "img", "iframe", "xhr", "nestedimg"]; +const TOTAL_EXPECTED_REQUESTS = expectedQueries.length; + +const CONTENT = path => ` +<!DOCTYPE HTML> +<html> + <head> + <meta charset='utf-8'> + </head> + <body> + <p>Insecure website</p> + <script type="application/javascript"> + var myXHR = new XMLHttpRequest(); + myXHR.open("GET", "${path}file_upgrade_insecure_server.sjs?xhr"); + myXHR.send(null); + </script> + <img src='${path}file_upgrade_insecure_server.sjs?img'></img> + <iframe src="${path}file_upgrade_insecure_server.sjs?iframe"></iframe> + </body> +</html>`; + +const IFRAME_CONTENT = path => ` +<!DOCTYPE HTML> +<html> + <head> + <meta charset='utf-8'> + </head> + <body> + <p>Nested insecure website</p> + <img src='${path}file_upgrade_insecure_server.sjs?nestedimg'></img> + </body> +</html>`; + +function handleRequest(request, response) { + // avoid confusing cache behaviors + response.setHeader("Cache-Control", "no-cache", false); + var queryString = request.queryString; + + // initialize server variables and save the object state + // of the initial request, which returns async once the + // server has processed all requests. + if (queryString.startsWith("queryresult")) { + response.processAsync(); + setState("totaltests", TOTAL_EXPECTED_REQUESTS.toString()); + setState("receivedQueries", ""); + setState("rootPath", /=(.+)/.exec(queryString)[1]); + setObjectState("queryResult", response); + return; + } + + // just in case error handling for unexpected queries + if (!expectedQueries.includes(queryString)) { + response.write("unexpected-response"); + return; + } + + // make sure all the requested queries are indeed http + const testResult = + queryString + (request.scheme == "http" ? "-ok" : "-error"); + + var receivedQueries = getState("receivedQueries"); + + // images, scripts, etc. get queried twice, do not + // confuse the server by storing the preload as + // well as the actual load. If either the preload + // or the actual load is not https, then we would + // append "-error" in the array and the test would + // fail at the end. + if (receivedQueries.includes(testResult)) { + return; + } + + // append the result to the total query string array + if (receivedQueries != "") { + receivedQueries += ","; + } + receivedQueries += testResult; + setState("receivedQueries", receivedQueries); + + // keep track of how many more requests the server + // is expecting + var totaltests = parseInt(getState("totaltests")); + totaltests -= 1; + setState("totaltests", totaltests.toString()); + + // Respond with html content + if (queryString == "content") { + response.write(CONTENT(getState("rootPath"))); + } else if (queryString == "iframe") { + response.write(IFRAME_CONTENT(getState("rootPath"))); + } + + // if we have received all the requests, we return + // the result back. + if (totaltests == 0) { + getObjectState("queryResult", function (queryResponse) { + if (!queryResponse) { + return; + } + var receivedQueries = getState("receivedQueries"); + queryResponse.write(receivedQueries); + queryResponse.finish(); + }); + } +} |