From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 21:33:14 +0200 Subject: Adding upstream version 115.7.0esr. Signed-off-by: Daniel Baumann --- .../tests/mochitest/mixedcontent/alloworigin.sjs | 7 + .../ssl/tests/mochitest/mixedcontent/backward.html | 18 ++ .../ssl/tests/mochitest/mixedcontent/bug329869.js | 11 ++ .../mochitest/mixedcontent/bug383369step2.html | 28 +++ .../mochitest/mixedcontent/bug383369step3.html | 29 +++ .../ssl/tests/mochitest/mixedcontent/download.auto | 1 + .../mochitest/mixedcontent/download.auto^headers^ | 2 + .../tests/mochitest/mixedcontent/emptyimage.sjs | 6 + .../ssl/tests/mochitest/mixedcontent/hugebmp.sjs | 17 ++ .../ssl/tests/mochitest/mixedcontent/iframe.html | 14 ++ .../ssl/tests/mochitest/mixedcontent/iframe2.html | 15 ++ .../mochitest/mixedcontent/iframeMetaRedirect.html | 8 + .../mochitest/mixedcontent/iframesecredirect.sjs | 9 + .../mochitest/mixedcontent/iframeunsecredirect.sjs | 9 + .../mochitest/mixedcontent/imgsecredirect.sjs | 9 + .../mochitest/mixedcontent/imgunsecredirect.sjs | 9 + .../mochitest/mixedcontent/mixedContentTest.js | 211 +++++++++++++++++++++ .../ssl/tests/mochitest/mixedcontent/mochitest.ini | 70 +++++++ .../tests/mochitest/mixedcontent/moonsurface.jpg | Bin 0 -> 52159 bytes .../ssl/tests/mochitest/mixedcontent/moz.build | 7 + .../ssl/tests/mochitest/mixedcontent/nocontent.sjs | 5 + .../mixedcontent/redirecttoemptyimage.sjs | 9 + .../ssl/tests/mochitest/mixedcontent/somestyle.css | 4 + .../mochitest/mixedcontent/test_bug329869.html | 36 ++++ .../mochitest/mixedcontent/test_bug383369.html | 89 +++++++++ .../mochitest/mixedcontent/test_bug455367.html | 37 ++++ .../mochitest/mixedcontent/test_bug472986.html | 46 +++++ .../mochitest/mixedcontent/test_bug477118.html | 34 ++++ .../mochitest/mixedcontent/test_bug521461.html | 39 ++++ .../mochitest/mixedcontent/test_cssBefore1.html | 42 ++++ .../mochitest/mixedcontent/test_cssContent1.html | 41 ++++ .../mochitest/mixedcontent/test_cssContent2.html | 46 +++++ .../mixedcontent/test_documentWrite1.html | 38 ++++ .../mixedcontent/test_documentWrite2.html | 40 ++++ .../test_dynDelayedUnsecurePicture.html | 47 +++++ .../mixedcontent/test_dynDelayedUnsecureXHR.html | 48 +++++ .../mixedcontent/test_dynUnsecureBackground.html | 44 +++++ .../test_dynUnsecureIframeRedirect.html | 44 +++++ .../mixedcontent/test_dynUnsecurePicture.html | 46 +++++ .../test_dynUnsecurePicturePreload.html | 36 ++++ .../mixedcontent/test_dynUnsecureRedirect.html | 39 ++++ .../test_innerHtmlDelayedUnsecurePicture.html | 42 ++++ .../test_innerHtmlUnsecurePicture.html | 40 ++++ .../mixedcontent/test_javascriptPicture.html | 34 ++++ .../mochitest/mixedcontent/test_secureAll.html | 42 ++++ .../mochitest/mixedcontent/test_securePicture.html | 36 ++++ .../mixedcontent/test_unsecureBackground.html | 35 ++++ .../mochitest/mixedcontent/test_unsecureCSS.html | 38 ++++ .../mixedcontent/test_unsecureIframe.html | 36 ++++ .../mixedcontent/test_unsecureIframe2.html | 36 ++++ .../test_unsecureIframeMetaRedirect.html | 36 ++++ .../mixedcontent/test_unsecureIframeRedirect.html | 36 ++++ .../mixedcontent/test_unsecurePicture.html | 34 ++++ .../mixedcontent/test_unsecurePictureDup.html | 20 ++ .../mixedcontent/test_unsecurePictureInIframe.html | 36 ++++ .../mixedcontent/test_unsecureRedirect.html | 36 ++++ .../mochitest/mixedcontent/unsecureIframe.html | 9 + .../mochitest/mixedcontent/unsecurePictureDup.html | 34 ++++ 58 files changed, 1870 insertions(+) create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/alloworigin.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/backward.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/download.auto create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/download.auto^headers^ create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/emptyimage.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/hugebmp.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/iframe.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/iframeMetaRedirect.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/iframesecredirect.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/iframeunsecredirect.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/imgsecredirect.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/imgunsecredirect.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/mochitest.ini create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/moz.build create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/nocontent.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/redirecttoemptyimage.sjs create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/somestyle.css create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_securePicture.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureBackground.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureCSS.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/unsecureIframe.html create mode 100644 security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html (limited to 'security/manager/ssl/tests/mochitest/mixedcontent') diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/alloworigin.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/alloworigin.sjs new file mode 100644 index 0000000000..96c14f4e65 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/alloworigin.sjs @@ -0,0 +1,7 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 200, "OK"); + response.setHeader("Access-Control-Allow-Origin", "*"); + response.write("hello!"); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/backward.html b/security/manager/ssl/tests/mochitest/mixedcontent/backward.html new file mode 100644 index 0000000000..8699a07dda --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/backward.html @@ -0,0 +1,18 @@ + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js b/security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js new file mode 100644 index 0000000000..9d67ba1f92 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug329869.js @@ -0,0 +1,11 @@ +/* import-globals-from mixedContentTest.js */ +"use strict"; + +document.open(); +// eslint-disable-next-line no-unsanitized/method +document.write("This is insecure XSS script " + document.cookie); +isSecurityState( + "broken", + "security broken after document write from unsecure script" +); +finish(); diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html b/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html new file mode 100644 index 0000000000..4bbf9bfe8c --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step2.html @@ -0,0 +1,28 @@ + + + + Bug 383369 test, step 2 + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html b/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html new file mode 100644 index 0000000000..276c2343fd --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/bug383369step3.html @@ -0,0 +1,29 @@ + + + + Bug 383369 test, final step + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/download.auto b/security/manager/ssl/tests/mochitest/mixedcontent/download.auto new file mode 100644 index 0000000000..4d2fb7d5ae --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/download.auto @@ -0,0 +1 @@ +Temporary file for security/mixedconent tests \ No newline at end of file diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/download.auto^headers^ b/security/manager/ssl/tests/mochitest/mixedcontent/download.auto^headers^ new file mode 100644 index 0000000000..9c3159e153 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/download.auto^headers^ @@ -0,0 +1,2 @@ +Content-disposition: "attachment" +Content-type: application/x-auto-download diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/emptyimage.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/emptyimage.sjs new file mode 100644 index 0000000000..9e34227f00 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/emptyimage.sjs @@ -0,0 +1,6 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 200, "OK"); + //response.setHeader("Content-type", "image/gif"); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/hugebmp.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/hugebmp.sjs new file mode 100644 index 0000000000..5f78a806b4 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/hugebmp.sjs @@ -0,0 +1,17 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 200, "OK"); + response.setHeader("Content-type", "image/bitmap"); + + let bmpheader = + "\x42\x4D\x36\x10\x0E\x00\x00\x00\x00\x00\x36\x00\x00\x00\x28\x00\x00\x00\x80\x02\x00\x00\xE0\x01\x00\x00\x01\x00\x18\x00\x00\x00\x00\x00\x00\x10\x0E\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + let bmpdatapiece = + "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; + + response.bodyOutputStream.write(bmpheader, 54); + // Fill 640*480*3 nulls + for (let i = 0; i < (640 * 480 * 3) / 64; ++i) { + response.bodyOutputStream.write(bmpdatapiece, 64); + } +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html b/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html new file mode 100644 index 0000000000..064783e0cb --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html @@ -0,0 +1,14 @@ + + + + + + + This is frame 1: + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html b/security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html new file mode 100644 index 0000000000..37fc604ea6 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframe2.html @@ -0,0 +1,15 @@ + + + + + + + This is frame 2: + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/iframeMetaRedirect.html b/security/manager/ssl/tests/mochitest/mixedcontent/iframeMetaRedirect.html new file mode 100644 index 0000000000..6c7a5473cb --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframeMetaRedirect.html @@ -0,0 +1,8 @@ + + + + + Redirecting by meta tag... + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/iframesecredirect.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/iframesecredirect.sjs new file mode 100644 index 0000000000..914391e8f5 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframesecredirect.sjs @@ -0,0 +1,9 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 307, "Moved temporarly"); + response.setHeader( + "Location", + "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html" + ); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/iframeunsecredirect.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/iframeunsecredirect.sjs new file mode 100644 index 0000000000..32afc824ea --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/iframeunsecredirect.sjs @@ -0,0 +1,9 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 307, "Moved temporarly"); + response.setHeader( + "Location", + "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/iframe.html" + ); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/imgsecredirect.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/imgsecredirect.sjs new file mode 100644 index 0000000000..cb966a56d2 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/imgsecredirect.sjs @@ -0,0 +1,9 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 307, "Moved temporarly"); + response.setHeader( + "Location", + "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg" + ); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/imgunsecredirect.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/imgunsecredirect.sjs new file mode 100644 index 0000000000..d128ce2238 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/imgunsecredirect.sjs @@ -0,0 +1,9 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 307, "Moved temporarly"); + response.setHeader( + "Location", + "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg" + ); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js b/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js new file mode 100644 index 0000000000..6c300b7fc3 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js @@ -0,0 +1,211 @@ +"use strict"; + +/** + * Helper script for mixed content testing. It opens a new top-level window + * from a secure origin and '?runtest' query. That tells us to run the test + * body, function runTest(). Then we wait for call of finish(). On its first + * call it loads helper page 'backward.html' that immediately navigates + * back to the test secure test. This checks the bfcache. We got second call + * to onload and this time we call afterNavigationTest() function to let the + * test check security state after re-navigation back. Then we again wait for + * finish() call, that this time finishes completelly the test. + */ + +// Tells the framework if to load the test in an insecure page (http://) +var loadAsInsecure = false; +// Set true to bypass the navigation forward/back test +var bypassNavigationTest = false; +// Set true to do forward/back navigation over an http:// page, test state leaks +var navigateToInsecure = false; +// Open the test in two separate windows, test requests sharing among windows +var openTwoWindows = false; +// Override the name of the test page to load, useful e.g. to prevent load +// of images or other content before the test starts; this is actually +// a 'redirect' to a different test page. +var testPage = ""; +// Assign a function to this variable to have a clean up at the end +var testCleanUp = null; +// Contains mixed active content that needs to load to run the test +var hasMixedActiveContent = false; + +// Internal variables +var _windowCount = 0; + +window.onload = async function onLoad() { + if (location.search == "?runtest") { + try { + if (history.length == 1) { + // Each test that includes this helper file is supposed to define + // runTest(). See the top level comment. + await runTest(); // eslint-disable-line no-undef + } else { + // Each test that includes this helper file is supposed to define + // afterNavigationTest(). See the top level comment. + await afterNavigationTest(); // eslint-disable-line no-undef + } + } catch (ex) { + ok(false, "Exception thrown during test: " + ex); + finish(); + } + } else { + window.addEventListener("message", onMessageReceived); + + let secureTestLocation = loadAsInsecure + ? "http://example.com" + : "https://example.com"; + secureTestLocation += location.pathname; + if (testPage != "") { + let array = secureTestLocation.split("/"); + array.pop(); + array.push(testPage); + secureTestLocation = array.join("/"); + } + secureTestLocation += "?runtest"; + + if (hasMixedActiveContent) { + SpecialPowers.pushPrefEnv( + { set: [["security.mixed_content.block_active_content", false]] }, + null + ); + } + if (openTwoWindows) { + _windowCount = 2; + window.open(secureTestLocation, "_new1", ""); + window.open(secureTestLocation, "_new2", ""); + } else { + _windowCount = 1; + window.open(secureTestLocation); + } + } +}; + +function onMessageReceived(event) { + switch (event.data) { + // Indication of all test parts finish (from any of the frames) + case "done": + if (--_windowCount == 0) { + if (testCleanUp) { + testCleanUp(); + } + if (hasMixedActiveContent) { + SpecialPowers.popPrefEnv(null); + } + + SimpleTest.finish(); + } + break; + + // Any other message is an error or success message of a test. + default: + SimpleTest.ok(!event.data.match(/^FAILURE/), event.data); + break; + } +} + +function postMsg(message) { + opener.postMessage(message, "http://mochi.test:8888"); +} + +function finish() { + if (history.length == 1 && !bypassNavigationTest) { + window.setTimeout(() => { + window.location.assign( + navigateToInsecure + ? "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/backward.html" + : "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/backward.html" + ); + }, 0); + } else { + postMsg("done"); + window.close(); + } +} + +function ok(a, message) { + if (!a) { + postMsg("FAILURE: " + message); + } else { + postMsg(message); + } +} + +function is(a, b, message) { + if (a != b) { + postMsg(`FAILURE: ${message}, expected ${b} got ${a}`); + } else { + postMsg(`${message}, expected ${b} got ${a}`); + } +} + +async function isSecurityState(expectedState, message, test) { + if (!test) { + test = ok; + } + + let state = await SpecialPowers.getSecurityState(window); + + let isInsecure = + state & SpecialPowers.Ci.nsIWebProgressListener.STATE_IS_INSECURE; + let isBroken = + state & SpecialPowers.Ci.nsIWebProgressListener.STATE_IS_BROKEN; + let isEV = + state & SpecialPowers.Ci.nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL; + + let gotState = "secure"; + if (isInsecure) { + gotState = "insecure"; + } else if (isBroken) { + gotState = "broken"; + } else if (isEV) { + gotState = "EV"; + } + + test( + gotState == expectedState, + (message || "") + ", expected " + expectedState + " got " + gotState + ); + + switch (expectedState) { + case "insecure": + test( + isInsecure && !isBroken && !isEV, + "for 'insecure' excpected flags [1,0,0], " + (message || "") + ); + break; + case "broken": + test( + !isInsecure && isBroken && !isEV, + "for 'broken' expected flags [0,1,0], " + (message || "") + ); + break; + case "secure": + test( + !isInsecure && !isBroken && !isEV, + "for 'secure' expected flags [0,0,0], " + (message || "") + ); + break; + case "EV": + test( + !isInsecure && !isBroken && isEV, + "for 'EV' expected flags [0,0,1], " + (message || "") + ); + break; + default: + throw new Error("Invalid isSecurityState state"); + } +} + +function waitForSecurityState(expectedState, callback) { + let roundsLeft = 200; // Wait for 20 seconds (=200*100ms) + let interval = window.setInterval(async () => { + await isSecurityState(expectedState, "", isok => { + if (isok) { + roundsLeft = 0; + } + }); + if (!roundsLeft--) { + window.clearInterval(interval); + callback(); + } + }, 100); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/mochitest.ini b/security/manager/ssl/tests/mochitest/mixedcontent/mochitest.ini new file mode 100644 index 0000000000..ec68371093 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/mochitest.ini @@ -0,0 +1,70 @@ +[DEFAULT] +# Disable for Http/3 since Http/3 tests require to run with https. +skip-if = + http3 +prefs = + security.mixed_content.upgrade_display_content=false + dom.security.https_first=false +support-files = + alloworigin.sjs + backward.html + bug329869.js + bug383369step2.html + bug383369step3.html + download.auto + download.auto^headers^ + emptyimage.sjs + hugebmp.sjs + iframe.html + iframe2.html + iframeMetaRedirect.html + iframesecredirect.sjs + iframeunsecredirect.sjs + imgsecredirect.sjs + imgunsecredirect.sjs + mixedContentTest.js + moonsurface.jpg + nocontent.sjs + redirecttoemptyimage.sjs + somestyle.css + unsecureIframe.html + unsecurePictureDup.html + +[test_bug329869.html] +[test_bug383369.html] +skip-if = toolkit == 'android' +[test_bug455367.html] +[test_bug472986.html] +[test_bug477118.html] +[test_bug521461.html] +[test_cssBefore1.html] +[test_cssContent1.html] +[test_cssContent2.html] +[test_documentWrite1.html] +[test_documentWrite2.html] +[test_dynDelayedUnsecurePicture.html] +[test_dynDelayedUnsecureXHR.html] +[test_dynUnsecureBackground.html] +[test_dynUnsecureIframeRedirect.html] +[test_dynUnsecurePicture.html] +[test_dynUnsecurePicturePreload.html] +[test_dynUnsecureRedirect.html] +disabled=intermitently fails, quite often, bug 487402 +[test_innerHtmlDelayedUnsecurePicture.html] +[test_innerHtmlUnsecurePicture.html] +[test_javascriptPicture.html] +[test_secureAll.html] +[test_securePicture.html] +[test_unsecureBackground.html] +[test_unsecureCSS.html] +[test_unsecureIframe.html] +[test_unsecureIframe2.html] +skip-if = + fission && os == "android" # Bug 1827330 +[test_unsecureIframeMetaRedirect.html] +disabled=intermittently fails, less often, bug 487632 +[test_unsecureIframeRedirect.html] +[test_unsecurePicture.html] +[test_unsecurePictureDup.html] +[test_unsecurePictureInIframe.html] +[test_unsecureRedirect.html] diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg b/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg new file mode 100644 index 0000000000..c0ffca256a Binary files /dev/null and b/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg differ diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/moz.build b/security/manager/ssl/tests/mochitest/mixedcontent/moz.build new file mode 100644 index 0000000000..7c990fbc62 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/moz.build @@ -0,0 +1,7 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +MOCHITEST_MANIFESTS += ["mochitest.ini"] diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/nocontent.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/nocontent.sjs new file mode 100644 index 0000000000..d5d65cf8a4 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/nocontent.sjs @@ -0,0 +1,5 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 204, "No Content"); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/redirecttoemptyimage.sjs b/security/manager/ssl/tests/mochitest/mixedcontent/redirecttoemptyimage.sjs new file mode 100644 index 0000000000..98ed0a2f52 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/redirecttoemptyimage.sjs @@ -0,0 +1,9 @@ +"use strict"; + +function handleRequest(request, response) { + response.setStatusLine(request.httpVersion, 307, "Moved temporarly"); + response.setHeader( + "Location", + "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/emptyimage.sjs" + ); +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/somestyle.css b/security/manager/ssl/tests/mochitest/mixedcontent/somestyle.css new file mode 100644 index 0000000000..9867e3c41e --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/somestyle.css @@ -0,0 +1,4 @@ +body +{ + background-color: lightBlue; +} diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html new file mode 100644 index 0000000000..ccb9a8d9cf --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html @@ -0,0 +1,36 @@ + + + + dymanic script load + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html new file mode 100644 index 0000000000..8341f83744 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html @@ -0,0 +1,89 @@ + + + + Bug 383369 test + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html new file mode 100644 index 0000000000..d2ad64c454 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug455367.html @@ -0,0 +1,37 @@ + + + + No content image doesn't break security + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html new file mode 100644 index 0000000000..bd55a600ca --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html @@ -0,0 +1,46 @@ + + + + img.src replace + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html new file mode 100644 index 0000000000..90932790f0 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug477118.html @@ -0,0 +1,34 @@ + + + + Bug 477118 + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html new file mode 100644 index 0000000000..59085a5ec4 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug521461.html @@ -0,0 +1,39 @@ + + + + Bug 521461 + + + + + + + + + + + +This is an unsecure page! diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html new file mode 100644 index 0000000000..98cee1bb53 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssBefore1.html @@ -0,0 +1,42 @@ + + + + CSS :before styling 1 + + + + + + + + + + + + + +

+ There is a moon surface left to this text +

+ + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html new file mode 100644 index 0000000000..5c5019ca78 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent1.html @@ -0,0 +1,41 @@ + + + + CSS conent styling 1 + + + + + + + + + + + + + + +

+ + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html new file mode 100644 index 0000000000..19e5784334 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_cssContent2.html @@ -0,0 +1,46 @@ + + + + CSS conent styling 2 + + + + + + + + + + + + +

+ + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html new file mode 100644 index 0000000000..90eca5bcdb --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite1.html @@ -0,0 +1,38 @@ + + + + document.write('<img src="http://">') + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html new file mode 100644 index 0000000000..e009fd4f54 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_documentWrite2.html @@ -0,0 +1,40 @@ + + + + document.write('<iframe src="http://">') + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html new file mode 100644 index 0000000000..514902d047 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecurePicture.html @@ -0,0 +1,47 @@ + + + + img.src changes to unsecure test + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html new file mode 100644 index 0000000000..d9a8cc8af7 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html @@ -0,0 +1,48 @@ + + + + unsecure XHR test + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html new file mode 100644 index 0000000000..fd66b21a64 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureBackground.html @@ -0,0 +1,44 @@ + + + + body.background changes to unsecure test + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html new file mode 100644 index 0000000000..8934de4b79 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html @@ -0,0 +1,44 @@ + + + + iframe.src changes to unsecure redirect test + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html new file mode 100644 index 0000000000..5ef5a28b2c --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicture.html @@ -0,0 +1,46 @@ + + + + img.src changes to unsecure test + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html new file mode 100644 index 0000000000..d8506e8cc5 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecurePicturePreload.html @@ -0,0 +1,36 @@ + + + + img.src changes to unsecure test + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html new file mode 100644 index 0000000000..a73c7f8619 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureRedirect.html @@ -0,0 +1,39 @@ + + + + img.src changes to unsecure redirect test + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html new file mode 100644 index 0000000000..45bf140384 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlDelayedUnsecurePicture.html @@ -0,0 +1,42 @@ + + + + innerHTML changes to unsecure test + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html new file mode 100644 index 0000000000..d8b3e5f6e0 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_innerHtmlUnsecurePicture.html @@ -0,0 +1,40 @@ + + + + innerHTML changes to unsecure test + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html new file mode 100644 index 0000000000..66a28ce74e --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_javascriptPicture.html @@ -0,0 +1,34 @@ + + + + Secure img load + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html new file mode 100644 index 0000000000..efd754dd58 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_secureAll.html @@ -0,0 +1,42 @@ + + + + All secure anti-regression check + + + + + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html new file mode 100644 index 0000000000..8f49ecda51 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframe2.html @@ -0,0 +1,36 @@ + + + + Unsecure iframe load + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html new file mode 100644 index 0000000000..4eebbf5b22 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeMetaRedirect.html @@ -0,0 +1,36 @@ + + + + Unsecure redirect iframe load + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html new file mode 100644 index 0000000000..12a4233494 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureIframeRedirect.html @@ -0,0 +1,36 @@ + + + + Unsecure redirect iframe load + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html new file mode 100644 index 0000000000..3c19811db9 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePicture.html @@ -0,0 +1,34 @@ + + + + Unsecure img load + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html new file mode 100644 index 0000000000..81ed58ffde --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureDup.html @@ -0,0 +1,20 @@ + + + + Unsecure img load in two windows + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html new file mode 100644 index 0000000000..21bcf5f810 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecurePictureInIframe.html @@ -0,0 +1,36 @@ + + + + Unsecure img in iframe load + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html new file mode 100644 index 0000000000..82611ff3fe --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_unsecureRedirect.html @@ -0,0 +1,36 @@ + + + + Redirect from secure to unsecure img + + + + + + + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/unsecureIframe.html b/security/manager/ssl/tests/mochitest/mixedcontent/unsecureIframe.html new file mode 100644 index 0000000000..2282677418 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/unsecureIframe.html @@ -0,0 +1,9 @@ + + + + + + + + + diff --git a/security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html b/security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html new file mode 100644 index 0000000000..7ce3701620 --- /dev/null +++ b/security/manager/ssl/tests/mochitest/mixedcontent/unsecurePictureDup.html @@ -0,0 +1,34 @@ + + + + Unsecure img load in two windows + + + + + + + + + + + + + + + -- cgit v1.2.3