diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
| commit | 43a97878ce14b72f0981164f87f2e35e14151312 (patch) | |
| tree | 620249daf56c0258faa40cbdcf9cfba06de2a846 /dom/u2f/tests/frame_appid_facet.html | |
| parent | Initial commit. (diff) | |
| download | firefox-43a97878ce14b72f0981164f87f2e35e14151312.tar.xz firefox-43a97878ce14b72f0981164f87f2e35e14151312.zip | |
Adding upstream version 110.0.1.upstream/110.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/u2f/tests/frame_appid_facet.html')
| -rw-r--r-- | dom/u2f/tests/frame_appid_facet.html | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/dom/u2f/tests/frame_appid_facet.html b/dom/u2f/tests/frame_appid_facet.html new file mode 100644 index 0000000000..4abe888eac --- /dev/null +++ b/dom/u2f/tests/frame_appid_facet.html @@ -0,0 +1,89 @@ +<!DOCTYPE html> +<meta charset=utf-8> +<head> + <script type="text/javascript" src="frame_utils.js"></script> + <script type="text/javascript" src="u2futil.js"></script> +</head> +<body> +<p>AppID / Facet checks</p> +<script class="testbody" type="text/javascript"> +"use strict"; + +async function doTests() { + let version = "U2F_V2"; + let challenge = new Uint8Array(16); + window.crypto.getRandomValues(challenge); + + local_is(window.location.origin, "https://example.com", "Is loaded correctly"); + + // Ensure the SpecialPowers push worked properly + local_isnot(window.u2f, undefined, "U2F API endpoint must exist"); + + await promiseU2FRegister(null, [{ + version, + challenge: bytesToBase64UrlSafe(challenge), + }], [], function(res){ + local_is(res.errorCode, 0, "Null AppID should work."); + }); + + await promiseU2FRegister("", [{ + version, + challenge: bytesToBase64UrlSafe(challenge), + }], [], function(res){ + local_is(res.errorCode, 0, "Empty AppID should work."); + }); + + // Test: Correct TLD, but incorrect scheme + await promiseU2FRegister("http://example.com/appId", [{ + version, + challenge: bytesToBase64UrlSafe(challenge), + }], [], function(res){ + local_isnot(res.errorCode, 0, "HTTP scheme is disallowed"); + }); + + // Test: Correct TLD, and also HTTPS + await promiseU2FRegister("https://example.com/appId", [{ + version, + challenge: bytesToBase64UrlSafe(challenge), + }], [], function(res){ + local_is(res.errorCode, 0, "HTTPS origin for example.com should work"); + }); + + // Test: Sub-domain + await promiseU2FRegister("https://test2.example.com/appId", [{ + version, + challenge: bytesToBase64UrlSafe(challenge), + }], [], function(res){ + local_is(res.errorCode, 0, "HTTPS origin for test2.example.com should work"); + }); + + // Test: Sub-sub-domain + await promiseU2FRegister("https://sub.test2.example.com/appId", [{ + version, + challenge: bytesToBase64UrlSafe(challenge), + }], [], function(res){ + local_is(res.errorCode, 0, "HTTPS origin for sub.test2.example.com should work"); + }); + + // Test: TLD + await promiseU2FRegister("https://com/weirdAppID", [{ + version, + challenge: bytesToBase64UrlSafe(challenge), + }], [], function(res){ + local_is(res.errorCode, 2, "HTTPS origin of the TLD should not work"); + }); + + // Test: Dynamic origin + await promiseU2FRegister(window.location.origin + "/otherAppId", [{ + version, + challenge: bytesToBase64UrlSafe(challenge), + }], [], function(res){ + local_is(res.errorCode, 0, "Direct window origin should work"); + }); + local_finished(); +}; + +doTests(); +</script> +</body> +</html> |