browser_setDisableAllSecurityChecksAndLetAttackersInterceptMyData.js (7390B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 "use strict"; 5 6 const { ContextualIdentityListener } = ChromeUtils.importESModule( 7 "chrome://remote/content/shared/listeners/ContextualIdentityListener.sys.mjs" 8 ); 9 10 const PAGE_URL = "https://example.com/"; 11 const PAGE_WITH_EXPIRED_CERT = "https://expired.example.com/"; 12 13 add_task(async function test_disable_all_security_checks_globally() { 14 const certOverrideService = Cc[ 15 "@mozilla.org/security/certoverride;1" 16 ].getService(Ci.nsICertOverrideService); 17 18 const tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, PAGE_URL); 19 const browser = gBrowser.selectedBrowser; 20 21 info("Loading and waiting for the cert error"); 22 let errorPageLoaded = BrowserTestUtils.waitForErrorPage(browser); 23 BrowserTestUtils.startLoadingURIString(browser, PAGE_WITH_EXPIRED_CERT); 24 await errorPageLoaded; 25 26 Assert.ok(true, "Error page is loaded"); 27 28 info("Disable security checks"); 29 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData( 30 true 31 ); 32 33 const loadedPromise = BrowserTestUtils.browserLoaded(browser); 34 BrowserTestUtils.startLoadingURIString(browser, PAGE_WITH_EXPIRED_CERT); 35 await loadedPromise; 36 Assert.ok(true, "Normal page is loaded"); 37 38 info("Enable security checks"); 39 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData( 40 false 41 ); 42 43 errorPageLoaded = BrowserTestUtils.waitForErrorPage(browser); 44 BrowserTestUtils.startLoadingURIString(browser, PAGE_WITH_EXPIRED_CERT); 45 await errorPageLoaded; 46 Assert.ok(true, "Error page is loaded"); 47 48 BrowserTestUtils.removeTab(tab); 49 }); 50 51 add_task(async function test_disable_all_security_checks_for_user_context() { 52 const certOverrideService = Cc[ 53 "@mozilla.org/security/certoverride;1" 54 ].getService(Ci.nsICertOverrideService); 55 56 const userContext = ContextualIdentityService.create("test_name"); 57 const { userContextId } = userContext; 58 59 const tabInUserContext = BrowserTestUtils.addTab(gBrowser, PAGE_URL, { 60 userContextId, 61 }); 62 const browserInUserContext = tabInUserContext.linkedBrowser; 63 64 info("Loading and waiting for the cert error in user context"); 65 let errorPageLoaded = BrowserTestUtils.waitForErrorPage(browserInUserContext); 66 BrowserTestUtils.startLoadingURIString( 67 browserInUserContext, 68 PAGE_WITH_EXPIRED_CERT 69 ); 70 await errorPageLoaded; 71 72 Assert.ok(true, "Error page is loaded"); 73 74 info("Disable security checks for user context"); 75 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyDataForUserContext( 76 userContextId, 77 true 78 ); 79 80 let loadedPromise = BrowserTestUtils.browserLoaded(browserInUserContext); 81 BrowserTestUtils.startLoadingURIString( 82 browserInUserContext, 83 PAGE_WITH_EXPIRED_CERT 84 ); 85 await loadedPromise; 86 Assert.ok(true, "Normal page is loaded in user context"); 87 88 const tabInDefaultUserContext = BrowserTestUtils.addTab(gBrowser, PAGE_URL); 89 const browserInDefaultUserContext = tabInDefaultUserContext.linkedBrowser; 90 91 info("Loading and waiting for the cert error in default user context"); 92 errorPageLoaded = BrowserTestUtils.waitForErrorPage( 93 browserInDefaultUserContext 94 ); 95 BrowserTestUtils.startLoadingURIString( 96 browserInDefaultUserContext, 97 PAGE_WITH_EXPIRED_CERT 98 ); 99 await errorPageLoaded; 100 Assert.ok(true, "Error page is loaded"); 101 102 BrowserTestUtils.removeTab(tabInUserContext); 103 BrowserTestUtils.removeTab(tabInDefaultUserContext); 104 ContextualIdentityService.remove(userContextId); 105 }); 106 107 add_task( 108 async function test_disable_all_security_checks_globally_enable_for_user_context() { 109 const certOverrideService = Cc[ 110 "@mozilla.org/security/certoverride;1" 111 ].getService(Ci.nsICertOverrideService); 112 113 const tabInDefaultUserContext = await BrowserTestUtils.openNewForegroundTab( 114 gBrowser, 115 PAGE_URL 116 ); 117 const browser = gBrowser.selectedBrowser; 118 119 info("Disable security checks"); 120 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData( 121 true 122 ); 123 124 let loadedPromise = BrowserTestUtils.browserLoaded(browser); 125 BrowserTestUtils.startLoadingURIString(browser, PAGE_WITH_EXPIRED_CERT); 126 await loadedPromise; 127 Assert.ok(true, "Normal page is loaded"); 128 129 const userContext = ContextualIdentityService.create("test_name"); 130 const { userContextId } = userContext; 131 132 const tabInUserContext = BrowserTestUtils.addTab(gBrowser, PAGE_URL, { 133 userContextId, 134 }); 135 const browserInUserContext = tabInUserContext.linkedBrowser; 136 137 info("Enable security checks for user context"); 138 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyDataForUserContext( 139 userContextId, 140 false 141 ); 142 143 info("Loading and waiting for the cert error in user context"); 144 const errorPageLoaded = 145 BrowserTestUtils.waitForErrorPage(browserInUserContext); 146 BrowserTestUtils.startLoadingURIString( 147 browserInUserContext, 148 PAGE_WITH_EXPIRED_CERT 149 ); 150 await errorPageLoaded; 151 152 Assert.ok(true, "Error page is loaded"); 153 154 BrowserTestUtils.removeTab(tabInDefaultUserContext); 155 BrowserTestUtils.removeTab(tabInUserContext); 156 ContextualIdentityService.remove(userContextId); 157 158 info("Reenable security checks"); 159 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData( 160 false 161 ); 162 } 163 ); 164 165 add_task( 166 async function test_reset_disable_all_security_checks_for_user_context() { 167 const certOverrideService = Cc[ 168 "@mozilla.org/security/certoverride;1" 169 ].getService(Ci.nsICertOverrideService); 170 171 const userContext = ContextualIdentityService.create("test_name"); 172 const { userContextId } = userContext; 173 174 const tabInUserContext = BrowserTestUtils.addTab(gBrowser, PAGE_URL, { 175 userContextId, 176 }); 177 const browserInUserContext = tabInUserContext.linkedBrowser; 178 179 info("Loading and waiting for the cert error in user context"); 180 let errorPageLoaded = 181 BrowserTestUtils.waitForErrorPage(browserInUserContext); 182 BrowserTestUtils.startLoadingURIString( 183 browserInUserContext, 184 PAGE_WITH_EXPIRED_CERT 185 ); 186 await errorPageLoaded; 187 188 Assert.ok(true, "Error page is loaded"); 189 190 info("Disable security checks for user context"); 191 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyDataForUserContext( 192 userContextId, 193 true 194 ); 195 196 let loadedPromise = BrowserTestUtils.browserLoaded(browserInUserContext); 197 BrowserTestUtils.startLoadingURIString( 198 browserInUserContext, 199 PAGE_WITH_EXPIRED_CERT 200 ); 201 await loadedPromise; 202 Assert.ok(true, "Normal page is loaded in user context"); 203 204 info("Reset disable security checks for user context"); 205 certOverrideService.resetDisableAllSecurityChecksAndLetAttackersInterceptMyDataForUserContext( 206 userContextId 207 ); 208 209 errorPageLoaded = BrowserTestUtils.waitForErrorPage(browserInUserContext); 210 BrowserTestUtils.startLoadingURIString( 211 browserInUserContext, 212 PAGE_WITH_EXPIRED_CERT 213 ); 214 await errorPageLoaded; 215 216 Assert.ok(true, "Error page is loaded"); 217 218 BrowserTestUtils.removeTab(tabInUserContext); 219 ContextualIdentityService.remove(userContextId); 220 } 221 );