browser_tlds.js (1360B)
1 /* Any copyright is dedicated to the Public Domain. 2 https://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 /* eslint-disable @microsoft/sdl/no-insecure-url */ 5 "use strict"; 6 7 // Here we test that HTTPS-First only tries to upgrade known TLDs. In detail: 8 // httpsfirst.com -> Should try to upgrade, as .com isn a known TLD 9 // httpsfirst.local -> Should not try to ipgrade, as .local isn't a known TLD 10 // We do that by visiting URLs that are only available via HTTP and detect if a 11 // up- and downgrade happened through the existing Glean temetry. 12 // Also see Bug 1896083 for reference. 13 14 async function runTest(aURL, aExpectUpDowngrade) { 15 const initialDowngradeCount = Glean.httpsfirst.downgraded.testGetValue(); 16 BrowserTestUtils.startLoadingURIString(gBrowser, aURL); 17 await BrowserTestUtils.browserLoaded(gBrowser, false, null, true); 18 is( 19 Glean.httpsfirst.downgraded.testGetValue(), 20 aExpectUpDowngrade ? initialDowngradeCount + 1 : initialDowngradeCount, 21 `${ 22 aExpectUpDowngrade ? "A" : "No" 23 } up- and downgrade should have happened on ${aURL}` 24 ); 25 } 26 27 add_task(async function test_tlds() { 28 await SpecialPowers.pushPrefEnv({ 29 set: [["dom.security.https_first", true]], 30 }); 31 32 await runTest("http://httpsfirst.com", true); 33 await runTest("http://httpsfirst.local", false); 34 await runTest("http://httpsfirst", false); 35 });