1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
// The test loads a web page with mixed active and display content
// on it while the "block mixed content" settings are _on_.
// It then checks that the blocked mixed content warning messages
// are logged to the console and have the correct "Learn More"
// url appended to them. After the first test finishes, it invokes
// a second test that overrides the mixed content blocker settings
// by clicking on the doorhanger shield and validates that the
// appropriate messages are logged to console.
// Bug 875456 - Log mixed content messages from the Mixed Content
// Blocker to the Security Pane in the Web Console.
"use strict";
const TEST_URI =
"https://example.com/browser/devtools/client/webconsole/" +
"test/browser/test-mixedcontent-securityerrors.html";
const LEARN_MORE_URI =
"https://developer.mozilla.org/docs/Web/Security/Mixed_content" +
DOCS_GA_PARAMS;
const blockedActiveContentText =
"Blocked loading mixed active content \u201chttp://example.com/\u201d";
const blockedDisplayContentText =
"Blocked loading mixed display content " +
"\u201chttp://example.com/tests/image/test/mochitest/blue.png\u201d";
const activeContentText =
"Loading mixed (insecure) active content " +
"\u201chttp://example.com/\u201d on a secure page";
const displayContentText =
"Loading mixed (insecure) display content " +
"\u201chttp://example.com/tests/image/test/mochitest/blue.png\u201d on a " +
"secure page";
add_task(async function () {
await pushPrefEnv();
const hud = await openNewTabAndConsole(TEST_URI);
const waitForErrorMessage = text =>
waitFor(() => findErrorMessage(hud, text), undefined, 100);
const onBlockedIframe = waitForErrorMessage(blockedActiveContentText);
const onBlockedImage = waitForErrorMessage(blockedDisplayContentText);
await onBlockedImage;
ok(true, "Blocked mixed display content error message is visible");
const blockedMixedActiveContentMessage = await onBlockedIframe;
ok(true, "Blocked mixed active content error message is visible");
info("Clicking on the Learn More link");
let learnMoreLink =
blockedMixedActiveContentMessage.querySelector(".learn-more-link");
let response = await simulateLinkClick(learnMoreLink);
is(
response.link,
LEARN_MORE_URI,
`Clicking the provided link opens ${response.link}`
);
info("Test disabling mixed content protection");
const { gIdentityHandler } = gBrowser.ownerGlobal;
ok(
gIdentityHandler._identityBox.classList.contains("mixedActiveBlocked"),
"Mixed Active Content state appeared on identity box"
);
// Disabe mixed content protection.
gIdentityHandler.disableMixedContentProtection();
const waitForWarningMessage = text =>
waitFor(() => findWarningMessage(hud, text), undefined, 100);
const onMixedActiveContent = waitForWarningMessage(activeContentText);
const onMixedDisplayContent = waitForWarningMessage(displayContentText);
await onMixedDisplayContent;
ok(true, "Mixed display content warning message is visible");
const mixedActiveContentMessage = await onMixedActiveContent;
ok(true, "Mixed active content warning message is visible");
info("Clicking on the Learn More link");
learnMoreLink = mixedActiveContentMessage.querySelector(".learn-more-link");
response = await simulateLinkClick(learnMoreLink);
is(
response.link,
LEARN_MORE_URI,
`Clicking the provided link opens ${response.link}`
);
gIdentityHandler.enableMixedContentProtectionNoReload();
});
function pushPrefEnv() {
const prefs = [
["security.mixed_content.block_active_content", true],
["security.mixed_content.block_display_content", true],
["security.mixed_content.upgrade_display_content", false],
];
return Promise.all(prefs.map(([pref, value]) => pushPref(pref, value)));
}
|