From 6bf0a5cb5034a7e684dcc3500e841785237ce2dd Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 19:32:43 +0200
Subject: Adding upstream version 1:115.7.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../browser_mixed_content_cert_override.js         | 69 ++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 browser/base/content/test/siteIdentity/browser_mixed_content_cert_override.js

(limited to 'browser/base/content/test/siteIdentity/browser_mixed_content_cert_override.js')

diff --git a/browser/base/content/test/siteIdentity/browser_mixed_content_cert_override.js b/browser/base/content/test/siteIdentity/browser_mixed_content_cert_override.js
new file mode 100644
index 0000000000..6ca9655406
--- /dev/null
+++ b/browser/base/content/test/siteIdentity/browser_mixed_content_cert_override.js
@@ -0,0 +1,69 @@
+/*
+ * Bug 1253771 - check mixed content blocking in combination with overriden certificates
+ */
+
+"use strict";
+
+const MIXED_CONTENT_URL =
+  getRootDirectory(gTestPath).replace(
+    "chrome://mochitests/content",
+    "https://self-signed.example.com"
+  ) + "test-mixedcontent-securityerrors.html";
+
+function getConnectionState() {
+  return document.getElementById("identity-popup").getAttribute("connection");
+}
+
+function getPopupContentVerifier() {
+  return document.getElementById("identity-popup-content-verifier");
+}
+
+function getIdentityIcon() {
+  return window.getComputedStyle(document.getElementById("identity-icon"))
+    .listStyleImage;
+}
+
+function checkIdentityPopup(icon) {
+  gIdentityHandler.refreshIdentityPopup();
+  is(getIdentityIcon(), `url("chrome://global/skin/icons/${icon}")`);
+  is(getConnectionState(), "secure-cert-user-overridden");
+  isnot(
+    getPopupContentVerifier().style.display,
+    "none",
+    "Overridden certificate warning is shown"
+  );
+  ok(
+    getPopupContentVerifier().textContent.includes("security exception"),
+    "Text shows overridden certificate warning."
+  );
+}
+
+add_task(async function () {
+  await BrowserTestUtils.openNewForegroundTab(gBrowser);
+
+  // check that a warning is shown when loading a page with mixed content and an overridden certificate
+  await loadBadCertPage(MIXED_CONTENT_URL);
+  checkIdentityPopup("security-warning.svg");
+
+  // check that the crossed out icon is shown when disabling mixed content protection
+  gIdentityHandler.disableMixedContentProtection();
+  await BrowserTestUtils.browserLoaded(gBrowser.selectedBrowser);
+
+  checkIdentityPopup("security-broken.svg");
+
+  // check that a warning is shown even without mixed content
+  BrowserTestUtils.loadURIString(
+    gBrowser.selectedBrowser,
+    "https://self-signed.example.com"
+  );
+  await BrowserTestUtils.browserLoaded(gBrowser.selectedBrowser);
+  checkIdentityPopup("security-warning.svg");
+
+  // remove cert exception
+  let certOverrideService = Cc[
+    "@mozilla.org/security/certoverride;1"
+  ].getService(Ci.nsICertOverrideService);
+  certOverrideService.clearValidityOverride("self-signed.example.com", -1, {});
+
+  BrowserTestUtils.removeTab(gBrowser.selectedTab);
+});
-- 
cgit v1.2.3