diff options
Diffstat (limited to '')
-rw-r--r-- | dom/security/test/https-first/test_redirect_upgrade.html | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/dom/security/test/https-first/test_redirect_upgrade.html b/dom/security/test/https-first/test_redirect_upgrade.html new file mode 100644 index 0000000000..6cccf6af67 --- /dev/null +++ b/dom/security/test/https-first/test_redirect_upgrade.html @@ -0,0 +1,58 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugzilla.mozilla.org/show_bug.cgi?id=1706351 +Test that 302 redirect requests get upgraded to https:// with HTTPS-First Mode enabled +--> + +<head> + <title>HTTPS-FirstMode - Redirect Upgrade</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> + +<body> + <h1>HTTPS-First Mode</h1> + <p>Upgrade Test for insecure redirects.</p> + <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1706351">Bug 1706351</a> + + <script class="testbody" type="text/javascript"> + "use strict"; + + const redirectCodes = ["301", "302","303","307"]; + let currentTest = 0; + let testWin; + window.addEventListener("message", receiveMessage); + + // Receive message and verify that it is from an https site. + // When the message is 'secure' then it was send by an https site. + async function receiveMessage(event) { + let data = event.data; + let currentRedirectCode = redirectCodes[currentTest]; + ok(data.result === "secure", "Received 'https' for " + currentRedirectCode); + testWin.close(); + if (++currentTest < redirectCodes.length) { + startTest(); + return; + } + window.removeEventListener("message", receiveMessage); + SimpleTest.finish(); + } + + async function startTest() { + const currentCode = redirectCodes[currentTest]; + // Make a request to a site (eg. https://file_redirect.sjs?301), which will redirect to http://file_redirect.sjs?check. + // The response will either be secure-ok, if the request has been upgraded to https:// or secure-error if it didn't. + testWin = window.open(`https://example.com/tests/dom/security/test/https-first/file_redirect.sjs?${currentCode}`); + } + + // Set preference and start test + SpecialPowers.pushPrefEnv({ set: [ + ["dom.security.https_first", true], + ["security.mixed_content.block_active_content", false], + ["security.mixed_content.block_display_content", false], + ]}, startTest); + SimpleTest.waitForExplicitFinish(); + </script> +</body> +</html> |