1 files changed, 123 insertions, 0 deletions

diff --git a/security/manager/ssl/tests/unit/test_sss_readstate.js b/security/manager/ssl/tests/unit/test_sss_readstate.js
new file mode 100644
index 0000000000..689df13495
--- /dev/null
+++ b/security/manager/ssl/tests/unit/test_sss_readstate.js
@@ -0,0 +1,123 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
+
+// The purpose of this test is to create a site security service state file
+// and see that the site security service reads it properly.
+
+var gSSService = null;
+
+function checkStateRead(aSubject, aTopic, aData) {
+  if (aData == CLIENT_AUTH_FILE_NAME) {
+    return;
+  }
+
+  equal(aData, SSS_STATE_FILE_NAME);
+
+  ok(
+    !gSSService.isSecureURI(Services.io.newURI("https://expired.example.com"))
+  );
+  ok(
+    gSSService.isSecureURI(Services.io.newURI("https://notexpired.example.com"))
+  );
+  ok(
+    gSSService.isSecureURI(
+      Services.io.newURI("https://includesubdomains.preloaded.test")
+    )
+  );
+  ok(
+    !gSSService.isSecureURI(
+      Services.io.newURI("https://sub.includesubdomains.preloaded.test")
+    )
+  );
+  ok(
+    gSSService.isSecureURI(
+      Services.io.newURI("https://incsubdomain.example.com")
+    )
+  );
+  ok(
+    gSSService.isSecureURI(
+      Services.io.newURI("https://sub.incsubdomain.example.com")
+    )
+  );
+  ok(
+    !gSSService.isSecureURI(
+      Services.io.newURI("https://includesubdomains2.preloaded.test")
+    )
+  );
+  ok(
+    !gSSService.isSecureURI(
+      Services.io.newURI("https://sub.includesubdomains2.preloaded.test")
+    )
+  );
+
+  // Clearing the data should make everything go back to default.
+  gSSService.clearAll();
+  ok(
+    !gSSService.isSecureURI(Services.io.newURI("https://expired.example.com"))
+  );
+  ok(
+    !gSSService.isSecureURI(
+      Services.io.newURI("https://notexpired.example.com")
+    )
+  );
+  ok(
+    gSSService.isSecureURI(
+      Services.io.newURI("https://includesubdomains.preloaded.test")
+    )
+  );
+  ok(
+    gSSService.isSecureURI(
+      Services.io.newURI("https://sub.includesubdomains.preloaded.test")
+    )
+  );
+  ok(
+    !gSSService.isSecureURI(
+      Services.io.newURI("https://incsubdomain.example.com")
+    )
+  );
+  ok(
+    !gSSService.isSecureURI(
+      Services.io.newURI("https://sub.incsubdomain.example.com")
+    )
+  );
+  ok(
+    gSSService.isSecureURI(
+      Services.io.newURI("https://includesubdomains2.preloaded.test")
+    )
+  );
+  ok(
+    gSSService.isSecureURI(
+      Services.io.newURI("https://sub.includesubdomains2.preloaded.test")
+    )
+  );
+  do_test_finished();
+}
+
+function run_test() {
+  let profileDir = do_get_profile();
+  let stateFile = profileDir.clone();
+  stateFile.append(SSS_STATE_FILE_NAME);
+  // Assuming we're working with a clean slate, the file shouldn't exist
+  // until we create it.
+  ok(!stateFile.exists());
+  let outputStream = FileUtils.openFileOutputStream(stateFile);
+  let now = Date.now();
+  let lines = [
+    `expired.example.com:HSTS\t0\t0\t${now - 100000},1,0`,
+    `notexpired.example.com:HSTS\t0\t0\t${now + 100000},1,0`,
+    // This overrides an entry on the preload list.
+    `includesubdomains.preloaded.test:HSTS\t0\t0\t${now + 100000},1,0`,
+    `incsubdomain.example.com:HSTS\t0\t0\t${now + 100000},1,1`,
+    // This overrides an entry on the preload list.
+    "includesubdomains2.preloaded.test:HSTS\t0\t0\t0,2,0",
+  ];
+  writeLinesAndClose(lines, outputStream);
+  Services.obs.addObserver(checkStateRead, "data-storage-ready");
+  do_test_pending();
+  gSSService = Cc["@mozilla.org/ssservice;1"].getService(
+    Ci.nsISiteSecurityService
+  );
+  notEqual(gSSService, null);
+}