tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

browser_aboutCertError_noSubjectAltName.js (4109B)

      1 /* Any copyright is dedicated to the Public Domain.
      2 * http://creativecommons.org/publicdomain/zero/1.0/ */
      3 
      4 "use strict";
      5 
      6 const BROWSER_NAME = document
      7  .getElementById("bundle_brand")
      8  .getString("brandShortName");
      9 const UNKNOWN_ISSUER = "https://no-subject-alt-name.example.com:443";
     10 
     11 const checkAdvancedAndGetTechnicalInfoText = async useFelt => {
     12  let doc = content.document;
     13  let badCertTechnicalInfo;
     14  const netErrorCard = doc.querySelector("net-error-card")?.wrappedJSObject;
     15 
     16  let advancedButton = useFelt
     17    ? netErrorCard.advancedButton
     18    : doc.getElementById("advancedButton");
     19  ok(advancedButton, "advancedButton found");
     20  is(
     21    advancedButton.hasAttribute("disabled"),
     22    false,
     23    "advancedButton should be clickable"
     24  );
     25 
     26  if (useFelt) {
     27    advancedButton.scrollIntoView(true);
     28    EventUtils.synthesizeMouseAtCenter(advancedButton, {}, content);
     29 
     30    await ContentTaskUtils.waitForCondition(
     31      () => netErrorCard.advancedContainer,
     32      "Advanced section should be rendered for revoked certificate"
     33    );
     34    ok(netErrorCard.advancedContainer, "advancedContainer found");
     35  } else {
     36    advancedButton.click();
     37    let badCertAdvancedPanel = doc.getElementById("badCertAdvancedPanel");
     38    ok(badCertAdvancedPanel, "badCertAdvancedPanel found");
     39 
     40    badCertTechnicalInfo = doc.getElementById("badCertTechnicalInfo");
     41    ok(badCertTechnicalInfo, "badCertTechnicalInfo found");
     42  }
     43 
     44  // Wait until fluent sets the errorCode inner text.
     45  await ContentTaskUtils.waitForCondition(() => {
     46    let errorCode = useFelt
     47      ? netErrorCard.errorCode
     48      : doc.getElementById("errorCode");
     49    return errorCode.textContent.includes("SSL_ERROR_BAD_CERT_DOMAIN");
     50  }, "correct error code has been set inside the advanced button panel");
     51 
     52  let viewCertificate = useFelt
     53    ? netErrorCard.viewCertificate
     54    : doc.getElementById("viewCertificate");
     55  ok(viewCertificate, "viewCertificate found");
     56 
     57  return useFelt
     58    ? netErrorCard.advancedContainer.innerHTML
     59    : badCertTechnicalInfo.innerHTML;
     60 };
     61 
     62 const checkCorrectMessages = message => {
     63  let isCorrectMessage = message.includes(
     64    "Websites prove their identity via certificates. " +
     65      BROWSER_NAME +
     66      " does not trust this site because it uses a certificate that is" +
     67      " not valid for no-subject-alt-name.example.com"
     68  );
     69  is(isCorrectMessage, true, "That message should appear");
     70  let isWrongMessage = message.includes("The certificate is only valid for ");
     71  is(isWrongMessage, false, "That message shouldn't appear");
     72 };
     73 
     74 const checkFeltCopy = () => {
     75  const netErrorCard =
     76    content.document.querySelector("net-error-card")?.wrappedJSObject;
     77  Assert.equal(
     78    netErrorCard.whyDangerous.dataset.l10nId,
     79    "fp-certerror-bad-domain-why-dangerous-body",
     80    "Using the 'bad domain' variant of the 'Why Dangerous' copy."
     81  );
     82  Assert.equal(
     83    netErrorCard.whatCanYouDo.dataset.l10nId,
     84    "fp-certerror-bad-domain-what-can-you-do-body",
     85    "Using the 'bad domain' variant of the 'What can you do' copy."
     86  );
     87  Assert.equal(
     88    netErrorCard.learnMoreLink.getAttribute("support-page"),
     89    "connection-not-secure",
     90    "'Learn more' link points to the standard support page."
     91  );
     92 };
     93 
     94 async function checkUntrustedCertError(useFelt) {
     95  await SpecialPowers.pushPrefEnv({
     96    set: [["security.certerrors.felt-privacy-v1", useFelt]],
     97  });
     98  info(
     99    `Loading ${UNKNOWN_ISSUER} which does not have a subject specified in the certificate`
    100  );
    101  let tab = await openErrorPage(UNKNOWN_ISSUER);
    102  let browser = tab.linkedBrowser;
    103  info("Clicking the exceptionDialogButton in advanced panel");
    104  let badCertTechnicalInfoText = await SpecialPowers.spawn(
    105    browser,
    106    [useFelt],
    107    checkAdvancedAndGetTechnicalInfoText
    108  );
    109  if (useFelt) {
    110    await SpecialPowers.spawn(browser, [], checkFeltCopy);
    111  } else {
    112    checkCorrectMessages(badCertTechnicalInfoText, browser);
    113  }
    114  BrowserTestUtils.removeTab(gBrowser.selectedTab);
    115 }
    116 
    117 add_task(async function runCheckUntrustedCertError() {
    118  for (const useFelt of [true, false]) {
    119    await checkUntrustedCertError(useFelt);
    120  }
    121 });