summaryrefslogtreecommitdiffstats
path: root/dom/u2f/tests/frame_appid_facet.html
diff options
context:
space:
mode:
Diffstat (limited to 'dom/u2f/tests/frame_appid_facet.html')
-rw-r--r--dom/u2f/tests/frame_appid_facet.html89
1 files changed, 89 insertions, 0 deletions
diff --git a/dom/u2f/tests/frame_appid_facet.html b/dom/u2f/tests/frame_appid_facet.html
new file mode 100644
index 0000000000..4abe888eac
--- /dev/null
+++ b/dom/u2f/tests/frame_appid_facet.html
@@ -0,0 +1,89 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<head>
+ <script type="text/javascript" src="frame_utils.js"></script>
+ <script type="text/javascript" src="u2futil.js"></script>
+</head>
+<body>
+<p>AppID / Facet checks</p>
+<script class="testbody" type="text/javascript">
+"use strict";
+
+async function doTests() {
+ let version = "U2F_V2";
+ let challenge = new Uint8Array(16);
+ window.crypto.getRandomValues(challenge);
+
+ local_is(window.location.origin, "https://example.com", "Is loaded correctly");
+
+ // Ensure the SpecialPowers push worked properly
+ local_isnot(window.u2f, undefined, "U2F API endpoint must exist");
+
+ await promiseU2FRegister(null, [{
+ version,
+ challenge: bytesToBase64UrlSafe(challenge),
+ }], [], function(res){
+ local_is(res.errorCode, 0, "Null AppID should work.");
+ });
+
+ await promiseU2FRegister("", [{
+ version,
+ challenge: bytesToBase64UrlSafe(challenge),
+ }], [], function(res){
+ local_is(res.errorCode, 0, "Empty AppID should work.");
+ });
+
+ // Test: Correct TLD, but incorrect scheme
+ await promiseU2FRegister("http://example.com/appId", [{
+ version,
+ challenge: bytesToBase64UrlSafe(challenge),
+ }], [], function(res){
+ local_isnot(res.errorCode, 0, "HTTP scheme is disallowed");
+ });
+
+ // Test: Correct TLD, and also HTTPS
+ await promiseU2FRegister("https://example.com/appId", [{
+ version,
+ challenge: bytesToBase64UrlSafe(challenge),
+ }], [], function(res){
+ local_is(res.errorCode, 0, "HTTPS origin for example.com should work");
+ });
+
+ // Test: Sub-domain
+ await promiseU2FRegister("https://test2.example.com/appId", [{
+ version,
+ challenge: bytesToBase64UrlSafe(challenge),
+ }], [], function(res){
+ local_is(res.errorCode, 0, "HTTPS origin for test2.example.com should work");
+ });
+
+ // Test: Sub-sub-domain
+ await promiseU2FRegister("https://sub.test2.example.com/appId", [{
+ version,
+ challenge: bytesToBase64UrlSafe(challenge),
+ }], [], function(res){
+ local_is(res.errorCode, 0, "HTTPS origin for sub.test2.example.com should work");
+ });
+
+ // Test: TLD
+ await promiseU2FRegister("https://com/weirdAppID", [{
+ version,
+ challenge: bytesToBase64UrlSafe(challenge),
+ }], [], function(res){
+ local_is(res.errorCode, 2, "HTTPS origin of the TLD should not work");
+ });
+
+ // Test: Dynamic origin
+ await promiseU2FRegister(window.location.origin + "/otherAppId", [{
+ version,
+ challenge: bytesToBase64UrlSafe(challenge),
+ }], [], function(res){
+ local_is(res.errorCode, 0, "Direct window origin should work");
+ });
+ local_finished();
+};
+
+doTests();
+</script>
+</body>
+</html>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-24 16:05:18 +0000