blob: 99f4efce9c20648db6082bf65b6194e42fbefc4e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
/*
* Bug 1253771 - check mixed content blocking in combination with overriden certificates
*/
"use strict";
const MIXED_CONTENT_URL =
getRootDirectory(gTestPath).replace(
"chrome://mochitests/content",
"https://self-signed.example.com"
) + "test-mixedcontent-securityerrors.html";
function getConnectionState() {
return document.getElementById("identity-popup").getAttribute("connection");
}
function getPopupContentVerifier() {
return document.getElementById("identity-popup-content-verifier");
}
function getIdentityIcon() {
return window.getComputedStyle(document.getElementById("identity-icon"))
.listStyleImage;
}
function checkIdentityPopup(icon) {
gIdentityHandler.refreshIdentityPopup();
is(getIdentityIcon(), `url("chrome://global/skin/icons/${icon}")`);
is(getConnectionState(), "secure-cert-user-overridden");
isnot(
getPopupContentVerifier().style.display,
"none",
"Overridden certificate warning is shown"
);
ok(
getPopupContentVerifier().textContent.includes("security exception"),
"Text shows overridden certificate warning."
);
}
add_task(async function () {
await BrowserTestUtils.openNewForegroundTab(gBrowser);
// check that a warning is shown when loading a page with mixed content and an overridden certificate
await loadBadCertPage(MIXED_CONTENT_URL);
checkIdentityPopup("security-warning.svg");
// check that the crossed out icon is shown when disabling mixed content protection
gIdentityHandler.disableMixedContentProtection();
await BrowserTestUtils.browserLoaded(gBrowser.selectedBrowser);
checkIdentityPopup("security-broken.svg");
// check that a warning is shown even without mixed content
BrowserTestUtils.startLoadingURIString(
gBrowser.selectedBrowser,
"https://self-signed.example.com"
);
await BrowserTestUtils.browserLoaded(gBrowser.selectedBrowser);
checkIdentityPopup("security-warning.svg");
// remove cert exception
let certOverrideService = Cc[
"@mozilla.org/security/certoverride;1"
].getService(Ci.nsICertOverrideService);
certOverrideService.clearValidityOverride("self-signed.example.com", -1, {});
BrowserTestUtils.removeTab(gBrowser.selectedTab);
});
|