tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_main.html (8191B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <!--
      4 Tests for Mixed Content Blocker
      5 https://bugzilla.mozilla.org/show_bug.cgi?id=62178
      6 -->
      7 <head>
      8  <meta charset="utf-8">
      9  <title>Tests for Bug 62178</title>
     10  <script src="/tests/SimpleTest/SimpleTest.js"></script>
     11  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
     12 
     13  <script>
     14  let counter = 0;
     15  // blockDisplay blockActive upgradeDisplay
     16  const settings = [
     17    [true, true, true],
     18    [true, false, true],
     19    [false, true, true],
     20    [false, false, true],
     21    [true, true, false],
     22    [true, false, false],
     23    [false, true, false],
     24    [false, false, false],
     25  ];
     26 
     27  let blockActive;
     28  let blockDisplay;
     29  let upgradeDisplay;
     30 
     31  //Cycle through 8 different preference settings.
     32  function changePrefs(otherPrefs, callback) {
     33    let basePrefs = [["security.mixed_content.block_display_content", settings[counter][0]],
     34                     ["security.mixed_content.block_active_content", settings[counter][1]],
     35                     ["security.mixed_content.upgrade_display_content", settings[counter][2]]];
     36    let newPrefs = basePrefs.concat(otherPrefs);
     37 
     38    SpecialPowers.pushPrefEnv({"set": newPrefs}, function () {
     39      blockDisplay = SpecialPowers.getBoolPref("security.mixed_content.block_display_content");
     40      blockActive = SpecialPowers.getBoolPref("security.mixed_content.block_active_content");
     41      upgradeDisplay = SpecialPowers.getBoolPref("security.mixed_content.upgrade_display_content");
     42      counter++;
     43      callback();
     44    });
     45  }
     46 
     47  let testsToRun = {
     48    iframe: false,
     49    image: false,
     50    imageSrcset: false,
     51    imageSrcsetFallback: false,
     52    imagePicture: false,
     53    imageJoinPicture: false,
     54    imageLeavePicture: false,
     55    script: false,
     56    stylesheet: false,
     57    object: false,
     58    media: false,
     59    xhr: false,
     60  };
     61 
     62  function log(msg) {
     63    document.getElementById("log").textContent += "\n" + msg;
     64  }
     65 
     66  function reloadFrame() {
     67    document.getElementById('framediv').innerHTML = '<iframe id="testHarness" src="https://example.com/tests/dom/security/test/mixedcontentblocker/file_main.html"></iframe>';
     68  }
     69 
     70  function checkTestsCompleted() {
     71    for (var prop in testsToRun) {
     72      // some test hasn't run yet so we're not done
     73      if (!testsToRun[prop])
     74        return;
     75    }
     76    //if the testsToRun are all completed, chnage the pref and run the tests again until we have cycled through all the prefs.
     77    if(counter < 8) {
     78       for (var prop in testsToRun) {
     79         testsToRun[prop] = false;
     80       }
     81      //call to change the preferences
     82      changePrefs([], function() {
     83        log(`\nblockDisplay set to ${blockDisplay}, blockActive set to ${blockActive}, upgradeDisplay set to ${upgradeDisplay}`);
     84        reloadFrame();
     85      });
     86    }
     87    else {
     88      SimpleTest.finish();
     89    }
     90  }
     91 
     92  var firstTest = true;
     93 
     94  function receiveMessage(event) {
     95    if(firstTest) {
     96      log(`blockActive set to ${blockActive}, blockDisplay set to ${blockDisplay}, upgradeDisplay set to ${upgradeDisplay}.`);
     97      firstTest = false;
     98    }
     99 
    100    // Simple check from the iframe.
    101    if (event.data.check) {
    102      ok(event.data.status, event.data.msg);
    103      return;
    104    }
    105 
    106    log("test: "+event.data.test+", msg: "+event.data.msg + " logging message.");
    107    // test that the load type matches the pref for this type of content
    108    // (i.e. active vs. display)
    109 
    110    switch(event.data.test) {
    111 
    112      /* Mixed Script tests */
    113      case "iframe":
    114        ok(blockActive == (event.data.msg == "insecure iframe blocked"), "iframe did not follow block_active_content pref");
    115        testsToRun.iframe = true;
    116        break;
    117 
    118      case "object":
    119        ok(blockActive == (event.data.msg == "insecure object blocked"), "object did not follow block_active_content pref");
    120        testsToRun.object = true;
    121        break;
    122 
    123      case "script":
    124        ok(blockActive == (event.data.msg == "insecure script blocked"), "script did not follow block_active_content pref");
    125        testsToRun.script = true;
    126        break;
    127 
    128      case "stylesheet":
    129        ok(blockActive == (event.data.msg == "insecure stylesheet blocked"), "stylesheet did not follow block_active_content pref");
    130        testsToRun.stylesheet = true;
    131        break;
    132 
    133      case "xhr":
    134        ok(blockActive == (event.data.msg == "insecure xhr blocked"), "xhr did not follow block_active_content pref");
    135        testsToRun.xhr = true;
    136        break;
    137 
    138      /* Mixed Display tests */
    139      case "image":
    140        //test that the image load matches the pref for display content
    141        if (upgradeDisplay) {
    142          ok(event.data.msg == "secure image loaded after upgrade", "image did not follow upgrade_display_content pref");
    143        } else {
    144          ok(blockDisplay == (event.data.msg == "insecure image blocked"), "image did not follow block_display_content pref");
    145        }
    146        testsToRun.image = true;
    147        break;
    148 
    149      case "media":
    150        if (upgradeDisplay) {
    151          ok(event.data.msg == "secure media loaded after upgrade", "media did not follow upgrade_display_content pref");
    152        } else {
    153          ok(blockDisplay == (event.data.msg == "insecure media blocked"), "media did not follow block_display_content pref");
    154        }
    155        testsToRun.media = true;
    156        break;
    157 
    158      /* Images using the "imageset" policy, from <img srcset> and <picture>, do not get the mixed display exception */
    159      case "imageSrcset":
    160        // When blockDisplay && blockActive && upgradeDisplay are all true the request is blocked
    161        // This appears to be a side effect of blockDisplay taking precedence here.
    162        if (event.data.msg == "secure image loaded after upgrade") {
    163          ok(upgradeDisplay, "imageSrcset did not follow upgrade_display_content pref");
    164        } else {
    165          ok(blockActive == (event.data.msg == "insecure image blocked"), "imageSrcset did not follow block_active_content pref");
    166        }
    167        testsToRun.imageSrcset = true;
    168        break;
    169 
    170      case "imageSrcsetFallback":
    171        if (event.data.msg == "secure image loaded after upgrade") {
    172          ok(upgradeDisplay, "imageSrcsetFallback did not follow upgrade_display_content pref");
    173        } else {
    174          ok(blockActive == (event.data.msg == "insecure image blocked"), "imageSrcsetFallback did not follow block_active_content pref");
    175        }
    176        testsToRun.imageSrcsetFallback = true;
    177        break;
    178 
    179      case "imagePicture":
    180        if (event.data.msg == "secure image loaded after upgrade") {
    181          ok(upgradeDisplay, "imagePicture did not follow upgrade_display_content pref");
    182        } else {
    183          ok(blockActive == (event.data.msg == "insecure image blocked"), "imagePicture did not follow block_active_content pref");
    184        }
    185        testsToRun.imagePicture = true;
    186        break;
    187 
    188      case "imageJoinPicture":
    189        if (event.data.msg == "secure image loaded after upgrade") {
    190          ok(upgradeDisplay, "imageJoinPicture did not follow upgrade_display_content pref");
    191        } else {
    192          ok(blockActive == (event.data.msg == "insecure image blocked"), "imageJoinPicture did not follow block_active_content pref");
    193        }
    194        testsToRun.imageJoinPicture = true;
    195        break;
    196 
    197      // Should return to mixed display mode
    198      case "imageLeavePicture":
    199        if (event.data.msg == "secure image loaded after upgrade") {
    200          ok(upgradeDisplay, "imageLeavePicture did not follow upgrade_display_content pref");
    201        } else {
    202          ok(blockDisplay == (event.data.msg == "insecure image blocked"), "imageLeavePicture did not follow block_display_content pref");
    203        }
    204        testsToRun.imageLeavePicture = true;
    205        break;
    206 
    207    }
    208    checkTestsCompleted();
    209  }
    210 
    211  function startTest() {
    212    //Set the first set of mixed content settings and increment the counter.
    213    changePrefs([], function() {
    214      //listen for a messages from the mixed content test harness
    215      window.addEventListener("message", receiveMessage);
    216 
    217      //Kick off test
    218      reloadFrame();
    219    });
    220  }
    221 
    222  SimpleTest.waitForExplicitFinish();
    223 
    224  </script>
    225 </head>
    226 
    227 <body onload='startTest()'>
    228  <div id="framediv"></div>
    229  <pre id="log"></pre>
    230 </body>
    231 </html>