browser_csp_block_all_mixedcontent.js (1788B)
1 /* 2 * Description of the Test: 3 * We load an https page which uses a CSP including block-all-mixed-content. 4 * The page tries to load a script over http. We make sure the UI is not 5 * influenced when blocking the mixed content. In particular the page 6 * should still appear fully encrypted with a green lock. 7 */ 8 9 const PRE_PATH = getRootDirectory(gTestPath).replace( 10 "chrome://mochitests/content", 11 "https://example.com" 12 ); 13 var gTestBrowser = null; 14 15 // ------------------------------------------------------ 16 function cleanUpAfterTests() { 17 gBrowser.removeCurrentTab(); 18 window.focus(); 19 finish(); 20 } 21 22 // ------------------------------------------------------ 23 async function verifyUInotDegraded() { 24 // make sure that not mixed content is loaded and also not blocked 25 await assertMixedContentBlockingState(gTestBrowser, { 26 activeLoaded: false, 27 activeBlocked: false, 28 passiveLoaded: false, 29 }); 30 // clean up and finish test 31 cleanUpAfterTests(); 32 } 33 34 // ------------------------------------------------------ 35 function runTests() { 36 var newTab = BrowserTestUtils.addTab(gBrowser); 37 gBrowser.selectedTab = newTab; 38 gTestBrowser = gBrowser.selectedBrowser; 39 newTab.linkedBrowser.stop(); 40 41 // Starting the test 42 var url = PRE_PATH + "file_csp_block_all_mixedcontent.html"; 43 BrowserTestUtils.browserLoaded(gTestBrowser, false, url).then( 44 verifyUInotDegraded 45 ); 46 BrowserTestUtils.startLoadingURIString(gTestBrowser, url); 47 } 48 49 // ------------------------------------------------------ 50 function test() { 51 // Performing async calls, e.g. 'onload', we have to wait till all of them finished 52 waitForExplicitFinish(); 53 54 SpecialPowers.pushPrefEnv( 55 { set: [["security.mixed_content.block_active_content", true]] }, 56 function () { 57 runTests(); 58 } 59 ); 60 }