tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

browser_mixed_content_cert_override.js (2355B)

      1 /*
      2 * Bug 1253771 - check mixed content blocking in combination with overriden certificates
      3 */
      4 
      5 "use strict";
      6 
      7 const MIXED_CONTENT_URL =
      8  getRootDirectory(gTestPath).replace(
      9    "chrome://mochitests/content",
     10    "https://self-signed.example.com"
     11  ) + "test-mixedcontent-securityerrors.html";
     12 
     13 function getConnectionState() {
     14  return document.getElementById("identity-popup").getAttribute("connection");
     15 }
     16 
     17 function getPopupContentVerifier() {
     18  return document.getElementById("identity-popup-content-verifier");
     19 }
     20 
     21 function getIdentityIcon() {
     22  return window.getComputedStyle(document.getElementById("identity-icon"))
     23    .listStyleImage;
     24 }
     25 
     26 async function checkIdentityPopup(icon) {
     27  await openIdentityPopup();
     28  gIdentityHandler.refreshIdentityPopup();
     29  is(getIdentityIcon(), `url("chrome://global/skin/icons/${icon}")`);
     30  is(getConnectionState(), "secure-cert-user-overridden");
     31  isnot(
     32    getPopupContentVerifier().style.display,
     33    "none",
     34    "Overridden certificate warning is shown"
     35  );
     36  ok(
     37    getPopupContentVerifier().textContent.includes("security exception"),
     38    "Text shows overridden certificate warning."
     39  );
     40 }
     41 
     42 async function checkMixedContentCertOverride(feltPrivacyV1) {
     43  await BrowserTestUtils.openNewForegroundTab(gBrowser);
     44  Services.prefs.setBoolPref(
     45    "security.certerrors.felt-privacy-v1",
     46    feltPrivacyV1
     47  );
     48  // check that a warning is shown when loading a page with mixed content and an overridden certificate
     49  await loadBadCertPage(MIXED_CONTENT_URL, feltPrivacyV1);
     50  await checkIdentityPopup("security-warning.svg");
     51 
     52  // check that a warning is shown even without mixed content
     53  BrowserTestUtils.startLoadingURIString(
     54    gBrowser.selectedBrowser,
     55    "https://self-signed.example.com"
     56  );
     57  await BrowserTestUtils.browserLoaded(gBrowser.selectedBrowser);
     58  await checkIdentityPopup("security-warning.svg");
     59 
     60  // remove cert exception
     61  let certOverrideService = Cc[
     62    "@mozilla.org/security/certoverride;1"
     63  ].getService(Ci.nsICertOverrideService);
     64  certOverrideService.clearValidityOverride("self-signed.example.com", -1, {});
     65  BrowserTestUtils.removeTab(gBrowser.selectedTab);
     66  Services.prefs.clearUserPref("security.certerrors.felt-privacy-v1");
     67 }
     68 
     69 add_task(async () => await checkMixedContentCertOverride(true));
     70 add_task(async () => await checkMixedContentCertOverride(false));