tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

browser_aboutCertError_cca_telemetry.js (3119B)

      1 /* Any copyright is dedicated to the Public Domain.
      2 * http://creativecommons.org/publicdomain/zero/1.0/ */
      3 
      4 "use strict";
      5 
      6 const ISSUED_BY_CCA_SITE = "https://issued-by-cca.example.com";
      7 const UNKNOWN_ISSUER_SITE = "https://untrusted.example.com";
      8 
      9 registerCleanupFunction(async () => {
     10  await resetTelemetry();
     11 });
     12 
     13 async function resetTelemetry() {
     14  Services.telemetry.clearEvents();
     15  await TestUtils.waitForCondition(() => {
     16    let events = Services.telemetry.snapshotEvents(
     17      Ci.nsITelemetry.DATASET_PRERELEASE_CHANNELS,
     18      true
     19    ).content;
     20    return !events || !events.length;
     21  });
     22 }
     23 
     24 async function checkTelemetry(expectedIssuedByCCA) {
     25  let loadEvent = await TestUtils.waitForCondition(() => {
     26    let events = Services.telemetry.snapshotEvents(
     27      Ci.nsITelemetry.DATASET_PRERELEASE_CHANNELS,
     28      true
     29    ).content;
     30    return events?.find(e => e[1] == "security.ui.certerror" && e[2] == "load");
     31  }, "recorded telemetry for the load");
     32  loadEvent.shift();
     33  Assert.deepEqual(loadEvent, [
     34    "security.ui.certerror",
     35    "load",
     36    "aboutcerterror",
     37    "SEC_ERROR_UNKNOWN_ISSUER",
     38    {
     39      is_frame: "false",
     40      has_sts: "false",
     41      channel_status: "2153390067",
     42      issued_by_cca: expectedIssuedByCCA,
     43      hyphen_compat: "false",
     44    },
     45  ]);
     46 }
     47 
     48 async function test_cca_site(useFeltPrivacyV1) {
     49  await SpecialPowers.pushPrefEnv({
     50    set: [["security.certerrors.felt-privacy-v1", useFeltPrivacyV1]],
     51  });
     52  await resetTelemetry();
     53  let browser;
     54  let pageLoaded;
     55  await BrowserTestUtils.openNewForegroundTab(
     56    gBrowser,
     57    () => {
     58      gBrowser.selectedTab = BrowserTestUtils.addTab(
     59        gBrowser,
     60        ISSUED_BY_CCA_SITE
     61      );
     62      browser = gBrowser.selectedBrowser;
     63      pageLoaded = BrowserTestUtils.waitForErrorPage(browser);
     64    },
     65    false
     66  );
     67  info("Loading and waiting for the certificate error page");
     68  await pageLoaded;
     69  // Check that telemetry indicates this was issued by CCA.
     70  await checkTelemetry("true");
     71  BrowserTestUtils.removeTab(gBrowser.selectedTab);
     72 }
     73 
     74 async function test_non_cca_site(useFeltPrivacyV1) {
     75  await SpecialPowers.pushPrefEnv({
     76    set: [["security.certerrors.felt-privacy-v1", useFeltPrivacyV1]],
     77  });
     78  await resetTelemetry();
     79  let browser;
     80  let pageLoaded;
     81  await BrowserTestUtils.openNewForegroundTab(
     82    gBrowser,
     83    () => {
     84      gBrowser.selectedTab = BrowserTestUtils.addTab(
     85        gBrowser,
     86        UNKNOWN_ISSUER_SITE
     87      );
     88      browser = gBrowser.selectedBrowser;
     89      pageLoaded = BrowserTestUtils.waitForErrorPage(browser);
     90    },
     91    false
     92  );
     93  info("Loading and waiting for the certificate error page");
     94  await pageLoaded;
     95  // Check that telemetry indicates this was not issued by CCA.
     96  await checkTelemetry("false");
     97  BrowserTestUtils.removeTab(gBrowser.selectedTab);
     98 }
     99 
    100 add_task(async function test_cca_sites() {
    101  for (const useFeltPrivacyV1 of [true, false]) {
    102    await test_cca_site(useFeltPrivacyV1);
    103  }
    104 });
    105 
    106 add_task(async function test_non_cca_sites() {
    107  for (const useFeltPrivacyV1 of [true, false]) {
    108    await test_non_cca_site(useFeltPrivacyV1);
    109  }
    110 });