tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_downgrade_500_responses.html (2023B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <head>
      4 <title>Bug 1747673 : HTTPS First fallback to http for non-standard 5xx status code responses</title>
      5 <script src="/tests/SimpleTest/SimpleTest.js"></script>
      6 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
      7 </head>
      8 <body>
      9 
     10 <script class="testbody" type="text/javascript">
     11 "use strict";
     12 /*
     13 * Description of the test:
     14 * Perform five tests where https-first receives an
     15 * 5xx status code (standard and non-standard 5xx status) if request is send to site by https.
     16 * Expected behaviour: https-first fallbacks to http after receiving 5xx error.
     17 * Test 1: 501 Response
     18 * Test 2: 504 Response
     19 * Test 3: 521 Response
     20 * Test 4: 530 Response
     21 * Test 5: 560 Response
     22 */
     23 
     24 SimpleTest.waitForExplicitFinish();
     25 
     26 const REQUEST_URL =
     27  "http://example.com/tests/dom/security/test/https-first/file_downgrade_500_responses.sjs";
     28 
     29 const redirectQueries = ["?test1a", "?test2a","?test3a", "?test4a", "?test5a"];
     30 let currentTest = 0;
     31 let testWin;
     32 let currentQuery;
     33 window.addEventListener("message", receiveMessage);
     34 
     35 // Receive message and verify that it is from an http site.
     36 // When the message is 'downgraded' then it was send by an http site
     37 // and the redirection worked.
     38 async function receiveMessage(event) {
     39  let data = event.data;
     40  currentQuery = redirectQueries[currentTest];
     41  ok(data.result === "downgraded", "Redirected successful to 'http' for " + currentQuery);
     42  is(data.scheme, "http:", "scheme is 'http' for " + currentQuery );
     43  testWin.close();
     44  await SpecialPowers.removePermission(
     45    "https-only-load-insecure",
     46    REQUEST_URL
     47  );
     48  if (++currentTest < redirectQueries.length) {
     49    runTest();
     50    return;
     51  }
     52  window.removeEventListener("message", receiveMessage);
     53  SimpleTest.finish();
     54 }
     55 
     56 async function runTest() {
     57  currentQuery = redirectQueries[currentTest];
     58  testWin = window.open(REQUEST_URL + currentQuery, "_blank");
     59 }
     60 
     61 SpecialPowers.pushPrefEnv({ set: [
     62    ["dom.security.https_first", true]
     63  ]}, runTest);
     64 
     65 </script>
     66 </body>
     67 </html>