tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

browser_no_mcb_for_loopback.js (3105B)

      1 /* Any copyright is dedicated to the Public Domain.
      2 * http://creativecommons.org/publicdomain/zero/1.0/ */
      3 
      4 // The test loads a HTTPS web page with active content from HTTP loopback URLs
      5 // and makes sure that the mixed content flags on the docshell are not set.
      6 //
      7 // Note that the URLs referenced within the test page intentionally use the
      8 // unassigned port 8 because we don't want to actually load anything, we just
      9 // want to check that the URLs are not blocked.
     10 
     11 // The following rejections should not be left uncaught. This test has been
     12 // whitelisted until the issue is fixed.
     13 if (!gMultiProcessBrowser) {
     14  const { PromiseTestUtils } = ChromeUtils.importESModule(
     15    "resource://testing-common/PromiseTestUtils.sys.mjs"
     16  );
     17  PromiseTestUtils.expectUncaughtRejection(/NetworkError/);
     18  PromiseTestUtils.expectUncaughtRejection(/NetworkError/);
     19 }
     20 
     21 const TEST_URL =
     22  getRootDirectory(gTestPath).replace(
     23    "chrome://mochitests/content",
     24    "https://example.com"
     25  ) + "test_no_mcb_for_loopback.html";
     26 
     27 const LOOPBACK_PNG_URL =
     28  getRootDirectory(gTestPath).replace(
     29    "chrome://mochitests/content",
     30    "http://127.0.0.1:8888"
     31  ) + "moz.png";
     32 
     33 const PREF_BLOCK_DISPLAY = "security.mixed_content.block_display_content";
     34 const PREF_UPGRADE_DISPLAY = "security.mixed_content.upgrade_display_content";
     35 const PREF_BLOCK_ACTIVE = "security.mixed_content.block_active_content";
     36 
     37 function clearAllImageCaches() {
     38  let tools = Cc["@mozilla.org/image/tools;1"].getService(Ci.imgITools);
     39  let imageCache = tools.getImgCacheForDocument(window.document);
     40  imageCache.clearCache(true); // true=chrome
     41  imageCache.clearCache(false); // false=content
     42 }
     43 
     44 registerCleanupFunction(function () {
     45  clearAllImageCaches();
     46  Services.prefs.clearUserPref(PREF_BLOCK_DISPLAY);
     47  Services.prefs.clearUserPref(PREF_UPGRADE_DISPLAY);
     48  Services.prefs.clearUserPref(PREF_BLOCK_ACTIVE);
     49  gBrowser.removeCurrentTab();
     50 });
     51 
     52 add_task(async function allowLoopbackMixedContent() {
     53  Services.prefs.setBoolPref(PREF_BLOCK_DISPLAY, true);
     54  Services.prefs.setBoolPref(PREF_UPGRADE_DISPLAY, false);
     55  Services.prefs.setBoolPref(PREF_BLOCK_ACTIVE, true);
     56 
     57  const tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
     58  const browser = gBrowser.getBrowserForTab(tab);
     59 
     60  // Check that loopback content served from the cache is not blocked.
     61  await SpecialPowers.spawn(
     62    browser,
     63    [LOOPBACK_PNG_URL],
     64    async function (loopbackPNGUrl) {
     65      const doc = content.document;
     66      const img = doc.createElement("img");
     67      const promiseImgLoaded = ContentTaskUtils.waitForEvent(
     68        img,
     69        "load",
     70        false
     71      );
     72      img.src = loopbackPNGUrl;
     73      Assert.ok(!img.complete, "loopback image not yet loaded");
     74      doc.body.appendChild(img);
     75      await promiseImgLoaded;
     76 
     77      const cachedImg = doc.createElement("img");
     78      cachedImg.src = img.src;
     79      Assert.ok(cachedImg.complete, "loopback image loaded from cache");
     80    }
     81  );
     82 
     83  await assertMixedContentBlockingState(browser, {
     84    activeBlocked: false,
     85    activeLoaded: false,
     86    passiveLoaded: false,
     87  });
     88 });