test_resource_upgrade.html (4112B)
1 <!DOCTYPE HTML> 2 <html> 3 4 <head> 5 <meta charset="utf-8"> 6 <title>HTTPS-First Mode - Resource Upgrade</title> 7 <script src="/tests/SimpleTest/SimpleTest.js"></script> 8 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> 9 </head> 10 11 <body> 12 <h1>HTTPS-First Mode</h1> 13 <p>Upgrade Test for various resources</p> 14 <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1704454">Bug 1704454/a> 15 <iframe style="width:100%;" id="testframe"></iframe> 16 17 <script class="testbody" type="text/javascript"> 18 /* Description of the test: 19 * We load resources (img, script, sytle, etc) over *http* and 20 * make sure they do not get upgraded to *https* because 21 * https-first only applies to top-level requests. 22 * 23 * In detail: 24 * We perform an XHR request to the *.sjs file which is processed async on 25 * the server and waits till all the requests were processed by the server. 26 * Once the server received all the different requests, the server responds 27 * to the initial XHR request with an array of results which must match 28 * the expected results from each test, making sure that all requests 29 * received by the server (*.sjs) were actually *http* requests. 30 */ 31 32 const splitRegex = /^(.*)-(.*)$/ 33 const testConfig = { 34 topLevelScheme: "http://", 35 results: [ 36 "iframe", "script", "img", "img-redir", "font", "xhr", "style", 37 "media", "object", "form", "nested-img","top-level" 38 ] 39 } 40 41 42 function runTest() { 43 // sends an xhr request to the server which is processed async, which only 44 // returns after the server has received all the expected requests. 45 var myXHR = new XMLHttpRequest(); 46 myXHR.open("GET", "file_upgrade_insecure_server.sjs?queryresult"); 47 myXHR.onload = function () { 48 var results = myXHR.responseText.split(","); 49 for (var index in results) { 50 checkResult(results[index]); 51 } 52 } 53 myXHR.onerror = function (e) { 54 ok(false, "Could not query results from server (" + e.message + ")"); 55 finishTest(); 56 } 57 myXHR.send(); 58 59 // give it some time and run the testpage 60 SimpleTest.executeSoon(() => { 61 var src = testConfig.topLevelScheme + "example.com/tests/dom/security/test/https-first/file_upgrade_insecure.html"; 62 document.getElementById("testframe").src = src; 63 }); 64 } 65 66 // a postMessage handler that is used by sandboxed iframes without 67 // 'allow-same-origin' to bubble up results back to this main page. 68 window.addEventListener("message", receiveMessage); 69 function receiveMessage(event) { 70 checkResult(event.data.result); 71 } 72 73 function finishTest() { 74 window.removeEventListener("message", receiveMessage); 75 SimpleTest.finish(); 76 } 77 78 function checkResult(response) { 79 // A response looks either like this "iframe-ok" or "[key]-[result]" 80 const [, key, result] = splitRegex.exec(response) 81 // try to find the expected result within the results array 82 var index = testConfig.results.indexOf(key); 83 84 // If the response is not even part of the results array, something is super wrong 85 if (index == -1) { 86 ok(false, `Unexpected response from server (${response})`); 87 finishTest(); 88 } 89 90 // take the element out the array and continue till the results array is empty 91 if (index != -1) { 92 testConfig.results.splice(index, 1); 93 } 94 95 // Check if the result was okay or had an error 96 is(result, 'ok', `Upgrade all requests on toplevel http for '${key}' came back with: '${result}'`) 97 98 // If we're not expecting any more resulsts, finish the test 99 if (!testConfig.results.length) { 100 finishTest(); 101 } 102 } 103 104 SimpleTest.waitForExplicitFinish(); 105 // Set preference and start test 106 SpecialPowers.pushPrefEnv({ set: [ 107 ["dom.security.https_first", true], 108 ["security.mixed_content.block_active_content", false], 109 ["security.mixed_content.block_display_content", false] 110 ] }, runTest); 111 112 </script> 113 </body> 114 115 </html>