browser_pageinfo_security.js (13207B)
1 ChromeUtils.defineESModuleGetters(this, { 2 DownloadUtils: "resource://gre/modules/DownloadUtils.sys.mjs", 3 SiteDataTestUtils: "resource://testing-common/SiteDataTestUtils.sys.mjs", 4 }); 5 6 const TEST_ORIGIN = "https://example.com"; 7 // eslint-disable-next-line @microsoft/sdl/no-insecure-url 8 const TEST_HTTP_ORIGIN = "http://example.com"; 9 const TEST_SUB_ORIGIN = "https://test1.example.com"; 10 const REMOVE_DIALOG_URL = 11 "chrome://browser/content/preferences/dialogs/siteDataRemoveSelected.xhtml"; 12 const TEST_ORIGIN_CERT_ERROR = "https://expired.example.com"; 13 14 const TEST_PATH = getRootDirectory(gTestPath).replace( 15 "chrome://mochitests/content", 16 "https://example.com" 17 ); 18 19 // Test opening the correct certificate information when clicking "Show certificate". 20 add_task(async function test_ShowCertificate() { 21 let tab1 = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_ORIGIN); 22 let tab2 = await BrowserTestUtils.openNewForegroundTab( 23 gBrowser, 24 TEST_SUB_ORIGIN 25 ); 26 27 let pageInfo = BrowserCommands.pageInfo(TEST_SUB_ORIGIN, "securityTab"); 28 await BrowserTestUtils.waitForEvent(pageInfo, "load"); 29 let pageInfoDoc = pageInfo.document; 30 let securityTab = pageInfoDoc.getElementById("securityTab"); 31 await TestUtils.waitForCondition( 32 () => BrowserTestUtils.isVisible(securityTab), 33 "Security tab should be visible." 34 ); 35 36 async function openAboutCertificate(newWindow = false) { 37 let loadedBrowser = newWindow 38 ? BrowserTestUtils.waitForNewWindow({ waitForAnyURLLoaded: true }).then( 39 w => w.gBrowser.selectedBrowser 40 ) 41 : BrowserTestUtils.waitForNewTab(gBrowser, null, true).then( 42 t => t.linkedBrowser 43 ); 44 let viewCertButton = pageInfoDoc.getElementById("security-view-cert"); 45 await TestUtils.waitForCondition( 46 () => BrowserTestUtils.isVisible(viewCertButton), 47 "view cert button should be visible." 48 ); 49 viewCertButton.click(); 50 let browser = await loadedBrowser; 51 52 await SpecialPowers.spawn(browser, [], async function () { 53 let certificateSection = await ContentTaskUtils.waitForCondition(() => { 54 return content.document.querySelector("certificate-section"); 55 }, "Certificate section found"); 56 57 let commonName = certificateSection.shadowRoot 58 .querySelector(".subject-name") 59 .shadowRoot.querySelector(".common-name") 60 .shadowRoot.querySelector(".info").textContent; 61 is(commonName, "example.com", "Should have the same common name."); 62 }); 63 64 if (newWindow) { 65 await BrowserTestUtils.closeWindow(browser.ownerGlobal); 66 } else { 67 browser.ownerGlobal.gBrowser.removeCurrentTab(); // closes about:certificate 68 } 69 } 70 71 await openAboutCertificate(); 72 73 gBrowser.selectedTab = tab1; 74 75 await openAboutCertificate(); 76 77 // Now try opening the cert as if we have no open windows. 78 BrowserWindowTracker.untrackForTestsOnly(window); 79 await openAboutCertificate(true /* use a window */); 80 BrowserWindowTracker.track(window); 81 82 pageInfo.close(); 83 BrowserTestUtils.removeTab(tab1); 84 BrowserTestUtils.removeTab(tab2); 85 }); 86 87 // Test displaying website identity information when loading images. 88 add_task(async function test_image() { 89 let url = TEST_PATH + "moz.png"; 90 await BrowserTestUtils.openNewForegroundTab(gBrowser, url); 91 92 let pageInfo = BrowserCommands.pageInfo(url, "securityTab"); 93 await BrowserTestUtils.waitForEvent(pageInfo, "load"); 94 let pageInfoDoc = pageInfo.document; 95 let securityTab = pageInfoDoc.getElementById("securityTab"); 96 97 await TestUtils.waitForCondition( 98 () => BrowserTestUtils.isVisible(securityTab), 99 "Security tab should be visible." 100 ); 101 102 let owner = pageInfoDoc.getElementById("security-identity-owner-value"); 103 let verifier = pageInfoDoc.getElementById("security-identity-verifier-value"); 104 let domain = pageInfoDoc.getElementById("security-identity-domain-value"); 105 106 await TestUtils.waitForCondition( 107 () => owner.value === "This website does not supply ownership information.", 108 `Value of owner should be should be "This website does not supply ownership information." instead got "${owner.value}".` 109 ); 110 111 await TestUtils.waitForCondition( 112 () => verifier.value === "Mozilla Testing", 113 `Value of verifier should be "Mozilla Testing", instead got "${verifier.value}".` 114 ); 115 116 let browser = gBrowser.selectedBrowser; 117 118 await TestUtils.waitForCondition( 119 () => domain.value === browser.currentURI.displayHost, 120 `Value of domain should be ${browser.currentURI.displayHost}, instead got "${domain.value}".` 121 ); 122 123 pageInfo.close(); 124 BrowserTestUtils.removeTab(gBrowser.selectedTab); 125 }); 126 127 // Test displaying website identity information on certificate error pages. 128 add_task(async function test_CertificateError() { 129 let browser; 130 let pageLoaded; 131 await BrowserTestUtils.openNewForegroundTab( 132 gBrowser, 133 () => { 134 gBrowser.selectedTab = BrowserTestUtils.addTab( 135 gBrowser, 136 TEST_ORIGIN_CERT_ERROR 137 ); 138 browser = gBrowser.selectedBrowser; 139 pageLoaded = BrowserTestUtils.waitForErrorPage(browser); 140 }, 141 false 142 ); 143 144 await pageLoaded; 145 146 let pageInfo = BrowserCommands.pageInfo( 147 TEST_ORIGIN_CERT_ERROR, 148 "securityTab" 149 ); 150 await BrowserTestUtils.waitForEvent(pageInfo, "load"); 151 let pageInfoDoc = pageInfo.document; 152 let securityTab = pageInfoDoc.getElementById("securityTab"); 153 154 await TestUtils.waitForCondition( 155 () => BrowserTestUtils.isVisible(securityTab), 156 "Security tab should be visible." 157 ); 158 159 let owner = pageInfoDoc.getElementById("security-identity-owner-value"); 160 let verifier = pageInfoDoc.getElementById("security-identity-verifier-value"); 161 let domain = pageInfoDoc.getElementById("security-identity-domain-value"); 162 163 await TestUtils.waitForCondition( 164 () => owner.value === "This website does not supply ownership information.", 165 `Value of owner should be should be "This website does not supply ownership information." instead got "${owner.value}".` 166 ); 167 168 await TestUtils.waitForCondition( 169 () => verifier.value === "Not specified", 170 `Value of verifier should be "Not specified", instead got "${verifier.value}".` 171 ); 172 173 await TestUtils.waitForCondition( 174 () => domain.value === browser.currentURI.displayHost, 175 `Value of domain should be ${browser.currentURI.displayHost}, instead got "${domain.value}".` 176 ); 177 178 pageInfo.close(); 179 BrowserTestUtils.removeTab(gBrowser.selectedTab); 180 }); 181 182 // Test displaying website identity information on http pages. 183 add_task(async function test_SecurityHTTP() { 184 await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_HTTP_ORIGIN); 185 186 let pageInfo = BrowserCommands.pageInfo(TEST_HTTP_ORIGIN, "securityTab"); 187 await BrowserTestUtils.waitForEvent(pageInfo, "load"); 188 let pageInfoDoc = pageInfo.document; 189 let securityTab = pageInfoDoc.getElementById("securityTab"); 190 await TestUtils.waitForCondition( 191 () => BrowserTestUtils.isVisible(securityTab), 192 "Security tab should be visible." 193 ); 194 195 let owner = pageInfoDoc.getElementById("security-identity-owner-value"); 196 let verifier = pageInfoDoc.getElementById("security-identity-verifier-value"); 197 let domain = pageInfoDoc.getElementById("security-identity-domain-value"); 198 199 await TestUtils.waitForCondition( 200 () => owner.value === "This website does not supply ownership information.", 201 `Value of owner should be should be "This website does not supply ownership information." instead got "${owner.value}".` 202 ); 203 204 await TestUtils.waitForCondition( 205 () => verifier.value === "Not specified", 206 `Value of verifier should be "Not specified", instead got "${verifier.value}".` 207 ); 208 209 await TestUtils.waitForCondition( 210 () => domain.value === gBrowser.selectedBrowser.currentURI.displayHost, 211 `Value of domain should be ${gBrowser.selectedBrowser.currentURI.displayHost}, instead got "${domain.value}".` 212 ); 213 214 pageInfo.close(); 215 BrowserTestUtils.removeTab(gBrowser.selectedTab); 216 }); 217 218 // Test displaying valid certificate information in page info. 219 add_task(async function test_ValidCert() { 220 await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_ORIGIN); 221 222 let pageInfo = BrowserCommands.pageInfo(TEST_ORIGIN, "securityTab"); 223 await BrowserTestUtils.waitForEvent(pageInfo, "load"); 224 let pageInfoDoc = pageInfo.document; 225 let securityTab = pageInfoDoc.getElementById("securityTab"); 226 await TestUtils.waitForCondition( 227 () => BrowserTestUtils.isVisible(securityTab), 228 "Security tab should be visible." 229 ); 230 231 let owner = pageInfoDoc.getElementById("security-identity-owner-value"); 232 let verifier = pageInfoDoc.getElementById("security-identity-verifier-value"); 233 let domain = pageInfoDoc.getElementById("security-identity-domain-value"); 234 235 await TestUtils.waitForCondition( 236 () => owner.value === "This website does not supply ownership information.", 237 `Value of owner should be "This website does not supply ownership information.", got "${owner.value}".` 238 ); 239 240 await TestUtils.waitForCondition( 241 () => verifier.value === "Mozilla Testing", 242 `Value of verifier should be "Mozilla Testing", got "${verifier.value}".` 243 ); 244 245 await TestUtils.waitForCondition( 246 () => domain.value === gBrowser.selectedBrowser.currentURI.displayHost, 247 `Value of domain should be ${gBrowser.selectedBrowser.currentURI.displayHost}, instead got "${domain.value}".` 248 ); 249 250 pageInfo.close(); 251 BrowserTestUtils.removeTab(gBrowser.selectedTab); 252 }); 253 254 // Test displaying and removing quota managed data. 255 add_task(async function test_SiteData() { 256 await SiteDataTestUtils.addToIndexedDB(TEST_ORIGIN); 257 258 await BrowserTestUtils.withNewTab(TEST_ORIGIN, async function () { 259 let totalUsage = await SiteDataTestUtils.getQuotaUsage(TEST_ORIGIN); 260 Assert.greater(totalUsage, 0, "The total usage should not be 0"); 261 262 let pageInfo = BrowserCommands.pageInfo(TEST_ORIGIN, "securityTab"); 263 await BrowserTestUtils.waitForEvent(pageInfo, "load"); 264 let pageInfoDoc = pageInfo.document; 265 266 let label = pageInfoDoc.getElementById("security-privacy-sitedata-value"); 267 let clearButton = pageInfoDoc.getElementById("security-clear-sitedata"); 268 269 let size = DownloadUtils.convertByteUnits(totalUsage); 270 271 // The usage details are filled asynchronously, so we assert that they're present by 272 // waiting for them to be filled in. 273 // We only wait for the right unit to appear, since this number is intermittently 274 // varying by slight amounts on infra machines. 275 await TestUtils.waitForCondition( 276 () => label.textContent.includes(size[1]), 277 "Should show site data usage in the security section." 278 ); 279 let siteDataUpdated = TestUtils.topicObserved( 280 "sitedatamanager:sites-updated" 281 ); 282 283 let removeDialogPromise = BrowserTestUtils.promiseAlertDialogOpen( 284 "accept", 285 REMOVE_DIALOG_URL 286 ); 287 clearButton.click(); 288 await removeDialogPromise; 289 290 await siteDataUpdated; 291 292 totalUsage = await SiteDataTestUtils.getQuotaUsage(TEST_ORIGIN); 293 is(totalUsage, 0, "The total usage should be 0"); 294 295 await TestUtils.waitForCondition( 296 () => label.textContent == "No", 297 "Should show no site data usage in the security section." 298 ); 299 300 pageInfo.close(); 301 }); 302 }); 303 304 // Test displaying and removing cookies. 305 add_task(async function test_Cookies() { 306 // Add some test cookies. 307 SiteDataTestUtils.addToCookies({ 308 origin: TEST_ORIGIN, 309 name: "test1", 310 value: "1", 311 }); 312 SiteDataTestUtils.addToCookies({ 313 origin: TEST_ORIGIN, 314 name: "test2", 315 value: "2", 316 }); 317 SiteDataTestUtils.addToCookies({ 318 origin: TEST_SUB_ORIGIN, 319 name: "test1", 320 value: "1", 321 }); 322 323 await BrowserTestUtils.withNewTab(TEST_ORIGIN, async function () { 324 let pageInfo = BrowserCommands.pageInfo(TEST_ORIGIN, "securityTab"); 325 await BrowserTestUtils.waitForEvent(pageInfo, "load"); 326 327 let pageInfoDoc = pageInfo.document; 328 329 let label = pageInfoDoc.getElementById("security-privacy-sitedata-value"); 330 let clearButton = pageInfoDoc.getElementById("security-clear-sitedata"); 331 332 // The usage details are filled asynchronously, so we assert that they're present by 333 // waiting for them to be filled in. 334 await TestUtils.waitForCondition( 335 () => label.textContent.includes("cookies"), 336 "Should show cookies in the security section." 337 ); 338 339 let cookiesCleared = TestUtils.topicObserved( 340 "cookie-changed", 341 subj => 342 subj.QueryInterface(Ci.nsICookieNotification).action == 343 Ci.nsICookieNotification.COOKIE_DELETED 344 ); 345 346 let removeDialogPromise = BrowserTestUtils.promiseAlertDialogOpen( 347 "accept", 348 REMOVE_DIALOG_URL 349 ); 350 clearButton.click(); 351 await removeDialogPromise; 352 353 await cookiesCleared; 354 355 let uri = Services.io.newURI(TEST_ORIGIN); 356 is( 357 Services.cookies.countCookiesFromHost(uri.host), 358 0, 359 "Cookies from the base domain should be cleared" 360 ); 361 362 await TestUtils.waitForCondition( 363 () => label.textContent == "No", 364 "Should show no cookies in the security section." 365 ); 366 367 pageInfo.close(); 368 }); 369 }); 370 371 // Clean up in case we missed anything... 372 add_task(async function cleanup() { 373 await SiteDataTestUtils.clear(); 374 });