1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
// Tests that the site identity icon and related machinery reflects the correct
// security state after navigating an iframe in various contexts.
// See bug 1490982.
const ROOT_URI = getRootDirectory(gTestPath).replace(
"chrome://mochitests/content",
"https://example.com"
);
const SECURE_TEST_URI = ROOT_URI + "iframe_navigation.html";
// eslint-disable-next-line @microsoft/sdl/no-insecure-url
const INSECURE_TEST_URI = SECURE_TEST_URI.replace("https://", "http://");
// From a secure URI, navigate the iframe to about:blank (should still be
// secure).
add_task(async function () {
let uri = SECURE_TEST_URI + "#blank";
await BrowserTestUtils.withNewTab(uri, async browser => {
let identityMode = window.document.getElementById("identity-box").className;
is(identityMode, "verifiedDomain", "identity should be secure before");
await SpecialPowers.spawn(browser, [], async () => {
content.postMessage("", "*"); // This kicks off the navigation.
await ContentTaskUtils.waitForCondition(() => {
return !content.document.body.classList.contains("running");
});
});
let newIdentityMode =
window.document.getElementById("identity-box").className;
is(newIdentityMode, "verifiedDomain", "identity should be secure after");
});
});
// From a secure URI, navigate the iframe to an insecure URI (http://...)
// (mixed active content should be blocked, should still be secure).
add_task(async function () {
let uri = SECURE_TEST_URI + "#insecure";
await BrowserTestUtils.withNewTab(uri, async browser => {
let identityMode = window.document.getElementById("identity-box").className;
is(identityMode, "verifiedDomain", "identity should be secure before");
await SpecialPowers.spawn(browser, [], async () => {
content.postMessage("", "*"); // This kicks off the navigation.
await ContentTaskUtils.waitForCondition(() => {
return !content.document.body.classList.contains("running");
});
});
let newIdentityMode =
window.document.getElementById("identity-box").classList;
ok(
newIdentityMode.contains("mixedActiveBlocked"),
"identity should be blocked mixed active content after"
);
ok(
newIdentityMode.contains("verifiedDomain"),
"identity should still contain 'verifiedDomain'"
);
is(newIdentityMode.length, 2, "shouldn't have any other identity states");
});
});
// From an insecure URI (http://..), navigate the iframe to about:blank (should
// still be insecure).
add_task(async function () {
let uri = INSECURE_TEST_URI + "#blank";
await BrowserTestUtils.withNewTab(uri, async browser => {
let identityMode = window.document.getElementById("identity-box").className;
is(identityMode, "notSecure", "identity should be 'not secure' before");
await SpecialPowers.spawn(browser, [], async () => {
content.postMessage("", "*"); // This kicks off the navigation.
await ContentTaskUtils.waitForCondition(() => {
return !content.document.body.classList.contains("running");
});
});
let newIdentityMode =
window.document.getElementById("identity-box").className;
is(newIdentityMode, "notSecure", "identity should be 'not secure' after");
});
});
// From an insecure URI (http://..), navigate the iframe to a secure URI
// (https://...) (should still be insecure).
add_task(async function () {
let uri = INSECURE_TEST_URI + "#secure";
await BrowserTestUtils.withNewTab(uri, async browser => {
let identityMode = window.document.getElementById("identity-box").className;
is(identityMode, "notSecure", "identity should be 'not secure' before");
await SpecialPowers.spawn(browser, [], async () => {
content.postMessage("", "*"); // This kicks off the navigation.
await ContentTaskUtils.waitForCondition(() => {
return !content.document.body.classList.contains("running");
});
});
let newIdentityMode =
window.document.getElementById("identity-box").className;
is(newIdentityMode, "notSecure", "identity should be 'not secure' after");
});
});
|
