| blob | f5f4a4ace791e539be90eeeb20afcffe5e7d995c |
1 "use strict";
3 var gSSService = Cc["@mozilla.org/ssservice;1"].getService(
4 Ci.nsISiteSecurityService
5 );
7 function Observer() {}
8 Observer.prototype = {
9 observe(subject, topic) {
10 if (topic == "last-pb-context-exited") {
11 run_next_test();
12 }
13 },
14 };
16 var gObserver = new Observer();
18 function cleanup() {
19 Services.obs.removeObserver(gObserver, "last-pb-context-exited");
20 gSSService.clearAll();
21 }
23 function run_test() {
24 do_get_profile();
26 registerCleanupFunction(cleanup);
27 Services.obs.addObserver(gObserver, "last-pb-context-exited");
29 add_test(test_part1);
30 add_test(test_private_browsing1);
31 add_test(test_private_browsing2);
33 run_next_test();
34 }
36 function test_part1() {
37 // check that a host not in the list is not identified as an sts host
38 ok(
39 !gSSService.isSecureURI(
40 Services.io.newURI("https://nonexistent.example.com")
41 )
42 );
44 // check that an ancestor domain is not identified as an sts host
45 ok(!gSSService.isSecureURI(Services.io.newURI("https://com")));
47 // check that the pref to toggle using the preload list works
48 Services.prefs.setBoolPref(
49 "network.stricttransportsecurity.preloadlist",
50 false
51 );
52 ok(
53 !gSSService.isSecureURI(
54 Services.io.newURI("https://includesubdomains.preloaded.test")
55 )
56 );
57 Services.prefs.setBoolPref(
58 "network.stricttransportsecurity.preloadlist",
59 true
60 );
61 ok(
62 gSSService.isSecureURI(
63 Services.io.newURI("https://includesubdomains.preloaded.test")
64 )
65 );
67 // check that a subdomain is an sts host (includeSubdomains is set)
68 ok(
69 gSSService.isSecureURI(
70 Services.io.newURI("https://subdomain.includesubdomains.preloaded.test")
71 )
72 );
74 // check that another subdomain is an sts host (includeSubdomains is set)
75 ok(
76 gSSService.isSecureURI(
77 Services.io.newURI("https://a.b.c.def.includesubdomains.preloaded.test")
78 )
79 );
81 // check that a subdomain is not an sts host (includeSubdomains is not set)
82 ok(
83 !gSSService.isSecureURI(
84 Services.io.newURI("https://subdomain.noincludesubdomains.preloaded.test")
85 )
86 );
88 // check that a host with a dot on the end won't break anything
89 ok(
90 !gSSService.isSecureURI(
91 Services.io.newURI("https://notsts.nonexistent.example.com.")
92 )
93 );
95 // check that processing a header with max-age: 0 will remove a preloaded
96 // site from the list
97 let uri = Services.io.newURI("https://includesubdomains.preloaded.test");
98 let subDomainUri = Services.io.newURI(
99 "https://subdomain.includesubdomains.preloaded.test"
100 );
101 gSSService.processHeader(uri, "max-age=0");
102 ok(!gSSService.isSecureURI(uri));
103 ok(!gSSService.isSecureURI(subDomainUri));
104 // check that processing another header (with max-age non-zero) will
105 // re-enable a site's sts status
106 gSSService.processHeader(uri, "max-age=1000");
107 ok(gSSService.isSecureURI(uri));
108 // but this time include subdomains was not set, so test for that
109 ok(!gSSService.isSecureURI(subDomainUri));
110 gSSService.clearAll();
112 // check that processing a header with max-age: 0 from a subdomain of a site
113 // will not remove that (ancestor) site from the list
114 uri = Services.io.newURI(
115 "https://subdomain.noincludesubdomains.preloaded.test"
116 );
117 gSSService.processHeader(uri, "max-age=0");
118 ok(
119 gSSService.isSecureURI(
120 Services.io.newURI("https://noincludesubdomains.preloaded.test")
121 )
122 );
123 ok(!gSSService.isSecureURI(uri));
125 uri = Services.io.newURI(
126 "https://subdomain.includesubdomains.preloaded.test"
127 );
128 gSSService.processHeader(uri, "max-age=0");
129 // we received a header with "max-age=0", so we have "no information"
130 // regarding the sts state of subdomain.includesubdomains.preloaded.test specifically,
131 // but it is actually still an STS host, because of the preloaded
132 // includesubdomains.preloaded.test including subdomains.
133 // Here's a drawing:
134 // |-- includesubdomains.preloaded.test (in preload list, includes subdomains) IS sts host
135 // |-- subdomain.includesubdomains.preloaded.test IS sts host
136 // | `-- another.subdomain.includesubdomains.preloaded.test IS sts host
137 // `-- sibling.includesubdomains.preloaded.test IS sts host
138 ok(
139 gSSService.isSecureURI(
140 Services.io.newURI("https://includesubdomains.preloaded.test")
141 )
142 );
143 ok(
144 gSSService.isSecureURI(
145 Services.io.newURI("https://subdomain.includesubdomains.preloaded.test")
146 )
147 );
148 ok(
149 gSSService.isSecureURI(
150 Services.io.newURI("https://sibling.includesubdomains.preloaded.test")
151 )
152 );
153 ok(
154 gSSService.isSecureURI(
155 Services.io.newURI(
156 "https://another.subdomain.includesubdomains.preloaded.test"
157 )
158 )
159 );
161 gSSService.processHeader(uri, "max-age=1000");
162 // Here's what we have now:
163 // |-- includesubdomains.preloaded.test (in preload list, includes subdomains) IS sts host
164 // |-- subdomain.includesubdomains.preloaded.test (include subdomains is false) IS sts host
165 // | `-- another.subdomain.includesubdomains.preloaded.test IS sts host
166 // `-- sibling.includesubdomains.preloaded.test IS sts host
167 // Note that another.subdomain.includesubdomains.preloaded.test IS still an sts host, because
168 // there exists a superdomain that is sts and asserts includeSubdomains (namely,
169 // includesubdomains.preloaded.test)
170 ok(
171 gSSService.isSecureURI(
172 Services.io.newURI("https://subdomain.includesubdomains.preloaded.test")
173 )
174 );
175 ok(
176 gSSService.isSecureURI(
177 Services.io.newURI("https://sibling.includesubdomains.preloaded.test")
178 )
179 );
180 ok(
181 gSSService.isSecureURI(
182 Services.io.newURI(
183 "https://another.subdomain.includesubdomains.preloaded.test"
184 )
185 )
186 );
188 // Test that an expired non-private browsing entry results in correctly
189 // identifying a host that is on the preload list as no longer sts.
190 // (This happens when we're in regular browsing mode, we get a header from
191 // a site on the preload list, and that header later expires. We need to
192 // then treat that host as no longer an sts host.)
193 // (sanity check first - this should be in the preload list)
194 uri = Services.io.newURI("https://includesubdomains2.preloaded.test");
195 ok(gSSService.isSecureURI(uri));
196 gSSService.processHeader(uri, "max-age=1");
197 do_timeout(1250, function () {
198 ok(!gSSService.isSecureURI(uri));
199 run_next_test();
200 });
201 }
203 const PRIVATE_ORIGIN_ATTRIBUTES = { privateBrowsingId: 1 };
205 function test_private_browsing1() {
206 gSSService.clearAll();
207 let uri = Services.io.newURI("https://includesubdomains.preloaded.test");
208 let subDomainUri = Services.io.newURI(
209 "https://a.b.c.subdomain.includesubdomains.preloaded.test"
210 );
211 // sanity - includesubdomains.preloaded.test is preloaded, includeSubdomains set
212 ok(gSSService.isSecureURI(uri, PRIVATE_ORIGIN_ATTRIBUTES));
213 ok(gSSService.isSecureURI(subDomainUri, PRIVATE_ORIGIN_ATTRIBUTES));
215 gSSService.processHeader(uri, "max-age=0", PRIVATE_ORIGIN_ATTRIBUTES);
216 ok(!gSSService.isSecureURI(uri, PRIVATE_ORIGIN_ATTRIBUTES));
217 ok(!gSSService.isSecureURI(subDomainUri, PRIVATE_ORIGIN_ATTRIBUTES));
219 // check adding it back in
220 gSSService.processHeader(uri, "max-age=1000", PRIVATE_ORIGIN_ATTRIBUTES);
221 ok(gSSService.isSecureURI(uri, PRIVATE_ORIGIN_ATTRIBUTES));
222 // but no includeSubdomains this time
223 ok(!gSSService.isSecureURI(subDomainUri, PRIVATE_ORIGIN_ATTRIBUTES));
225 // do the hokey-pokey...
226 gSSService.processHeader(uri, "max-age=0", PRIVATE_ORIGIN_ATTRIBUTES);
227 ok(!gSSService.isSecureURI(uri, PRIVATE_ORIGIN_ATTRIBUTES));
228 ok(!gSSService.isSecureURI(subDomainUri, PRIVATE_ORIGIN_ATTRIBUTES));
230 // Test that an expired private browsing entry results in correctly
231 // identifying a host that is on the preload list as no longer sts.
232 // (This happens when we're in private browsing mode, we get a header from
233 // a site on the preload list, and that header later expires. We need to
234 // then treat that host as no longer an sts host.)
235 // (sanity check first - this should be in the preload list)
236 uri = Services.io.newURI("https://includesubdomains2.preloaded.test");
237 ok(gSSService.isSecureURI(uri, PRIVATE_ORIGIN_ATTRIBUTES));
238 gSSService.processHeader(uri, "max-age=1", PRIVATE_ORIGIN_ATTRIBUTES);
239 do_timeout(1250, function () {
240 ok(!gSSService.isSecureURI(uri, PRIVATE_ORIGIN_ATTRIBUTES));
241 // Simulate leaving private browsing mode
242 Services.obs.notifyObservers(null, "last-pb-context-exited");
243 });
244 }
246 function test_private_browsing2() {
247 // if this test gets this far, it means there's a private browsing service
248 ok(
249 gSSService.isSecureURI(
250 Services.io.newURI("https://includesubdomains.preloaded.test")
251 )
252 );
253 // the includesubdomains.preloaded.test entry has includeSubdomains set
254 ok(
255 gSSService.isSecureURI(
256 Services.io.newURI("https://subdomain.includesubdomains.preloaded.test")
257 )
258 );
260 // Now that we're out of private browsing mode, we need to make sure
261 // we've "forgotten" that we "forgot" this site's sts status.
262 ok(
263 gSSService.isSecureURI(
264 Services.io.newURI("https://includesubdomains2.preloaded.test")
265 )
266 );
268 run_next_test();
269 }