1 files changed, 59 insertions, 0 deletions

diff --git a/dom/security/test/https-first/test_redirect_downgrade.html b/dom/security/test/https-first/test_redirect_downgrade.html
new file mode 100644
index 0000000000..07f998c085
--- /dev/null
+++ b/dom/security/test/https-first/test_redirect_downgrade.html
@@ -0,0 +1,59 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+<title>Bug 1707856: Test redirect downgrades with https-first</title>
+<script src="/tests/SimpleTest/SimpleTest.js"></script>
+<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+<script class="testbody" type="text/javascript">
+"use strict";
+/*
+ * Description of the test:
+ * We perform three tests where we expect https-first to detect
+ * that the target site only supports http
+ * Test 1: Meta Refresh
+ * Test 2: JS Redirect
+ * Test 3: 302 redirect
+ */
+
+SimpleTest.waitForExplicitFinish();
+
+const REQUEST_URL =
+  "http://example.com/tests/dom/security/test/https-first/file_redirect_downgrade.sjs";
+
+const redirectQueries = ["?test1a", "?test2a","?test3a"];
+let currentTest = 0;
+let testWin;
+let currentQuery;
+window.addEventListener("message", receiveMessage);
+
+// Receive message and verify that it is from an https site.
+// When the message is 'downgraded' then it was send by an http site
+// and the redirection worked.
+async function receiveMessage(event) {
+  let data = event.data;
+  ok(data.result === "downgraded", "Redirected successful to 'http' for " + currentQuery);
+  ok(data.scheme === "http:", "scheme is 'http' for " + currentQuery );
+  testWin.close();
+  if (++currentTest < redirectQueries.length) {
+    runTest();
+    return;
+  }
+  window.removeEventListener("message", receiveMessage);
+  SimpleTest.finish();
+}
+
+async function runTest() {
+  currentQuery = redirectQueries[currentTest];
+  testWin = window.open(REQUEST_URL + currentQuery, "_blank");
+}
+
+SpecialPowers.pushPrefEnv({ set: [
+    ["dom.security.https_first", true]
+  ]}, runTest);
+
+</script>
+</body>
+</html>