diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 17:32:43 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 17:32:43 +0000 |
commit | 6bf0a5cb5034a7e684dcc3500e841785237ce2dd (patch) | |
tree | a68f146d7fa01f0134297619fbe7e33db084e0aa /dom/security/test/https-only/test_break_endless_upgrade_downgrade_loop.html | |
parent | Initial commit. (diff) | |
download | thunderbird-upstream.tar.xz thunderbird-upstream.zip |
Adding upstream version 1:115.7.0.upstream/1%115.7.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | dom/security/test/https-only/test_break_endless_upgrade_downgrade_loop.html | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/dom/security/test/https-only/test_break_endless_upgrade_downgrade_loop.html b/dom/security/test/https-only/test_break_endless_upgrade_downgrade_loop.html new file mode 100644 index 0000000000..847a71f378 --- /dev/null +++ b/dom/security/test/https-only/test_break_endless_upgrade_downgrade_loop.html @@ -0,0 +1,89 @@ +<!DOCTYPE HTML> +<html> +<head> +<title>Bug 1691888: Break endless upgrade downgrade loops when using https-only</title> +<script src="/tests/SimpleTest/SimpleTest.js"></script> +<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> + +<script class="testbody" type="text/javascript"> +"use strict"; +/* + * Description of the test: + * We perform three tests where our upgrade/downgrade redirect loop detector should break the + * endless loop: + * Test 1: Meta Refresh + * Test 2: JS Redirect + * Test 3: 302 redirect + */ + +SimpleTest.requestFlakyTimeout("We need to wait for the HTTPS-Only error page to appear"); +SimpleTest.requestLongerTimeout(10); +SimpleTest.waitForExplicitFinish(); + +const REQUEST_URL = + "http://example.com/tests/dom/security/test/https-only/file_break_endless_upgrade_downgrade_loop.sjs"; + +function resolveAfter6Seconds() { + return new Promise(resolve => { + setTimeout(() => { + resolve(); + }, 6000); + }); +} + +async function verifyResult(aTestName) { + let errorPageL10nId = "about-httpsonly-title-alert"; + let innerHTML = content.document.body.innerHTML; + ok(innerHTML.includes(errorPageL10nId), "the error page should be shown for " + aTestName); +} + +async function verifyTest4Result() { + let pathname = content.document.location.pathname; + ok( + pathname === "/tests/dom/security/test/https-only/file_user_gesture.html", + "the http:// page should be loaded" + ); +} + +async function runTests() { + await SpecialPowers.pushPrefEnv({ set: [ + ["dom.security.https_only_mode", true], + ["dom.security.https_only_mode_break_upgrade_downgrade_endless_loop", true], + ["dom.security.https_only_check_path_upgrade_downgrade_endless_loop", true], + ]}); + + // Test 1: Meta Refresh Redirect + let winTest1 = window.open(REQUEST_URL + "?test1a", "_blank"); + // Test 2: JS win.location Redirect + let winTest2 = window.open(REQUEST_URL + "?test2a", "_blank"); + // Test 3: 302 Redirect + let winTest3 = window.open(REQUEST_URL + "?test3a", "_blank"); + // Test 4: 302 Redirect with a different path + let winTest4 = window.open(REQUEST_URL + "?test4a", "_blank"); + + // provide enough time for: + // the redirects to occur, and the error page to be displayed + await resolveAfter6Seconds(); + + await SpecialPowers.spawn(winTest1, ["test1"], verifyResult); + winTest1.close(); + + await SpecialPowers.spawn(winTest2, ["test2"], verifyResult); + winTest2.close(); + + await SpecialPowers.spawn(winTest3, ["test3"], verifyResult); + winTest3.close(); + + await SpecialPowers.spawn(winTest4, ["test4"], verifyTest4Result); + winTest4.close(); + + SimpleTest.finish(); +} + +runTests(); + +</script> +</body> +</html> |