| blob | 4bf6ddcef3093ceda0f0bb43e68a9a49dead4dfa |
1 /* Any copyright is dedicated to the Public Domain.
2 * http://creativecommons.org/publicdomain/zero/1.0/ */
4 "use strict";
6 // This test checks if we are correctly fixing https URLs by prefixing
7 // with www. when we encounter a SSL_ERROR_BAD_CERT_DOMAIN error.
8 // For example, https://example.com -> https://www.example.com.
10 const PREF_BAD_CERT_DOMAIN_FIX_ENABLED =
11 "security.bad_cert_domain_error.url_fix_enabled";
12 const PREF_ALLOW_HIJACKING_LOCALHOST =
13 "network.proxy.allow_hijacking_localhost";
15 const BAD_CERT_DOMAIN_ERROR_URL = "https://badcertdomain.example.com:443";
16 const FIXED_URL = "https://www.badcertdomain.example.com/";
18 const BAD_CERT_DOMAIN_ERROR_URL2 =
19 "https://mismatch.badcertdomain.example.com:443";
20 const IPV4_ADDRESS = "https://127.0.0.3:433";
21 const BAD_CERT_DOMAIN_ERROR_PORT = "https://badcertdomain.example.com:82";
23 async function verifyErrorPage(errorPageURL) {
24 let certErrorLoaded = BrowserTestUtils.waitForErrorPage(
25 gBrowser.selectedBrowser
26 );
27 BrowserTestUtils.startLoadingURIString(gBrowser, errorPageURL);
28 await certErrorLoaded;
30 await SpecialPowers.spawn(gBrowser.selectedBrowser, [], async function () {
31 let ec;
32 await ContentTaskUtils.waitForCondition(() => {
33 ec = content.document.getElementById("errorCode");
34 return ec.textContent;
35 }, "Error code has been set inside the advanced button panel");
36 is(
37 ec.textContent,
38 "SSL_ERROR_BAD_CERT_DOMAIN",
39 "Correct error code is shown"
40 );
41 });
42 }
44 // Test that "www." is prefixed to a https url when we encounter a bad cert domain
45 // error if the "www." form is included in the certificate's subjectAltNames.
46 add_task(async function prefixBadCertDomain() {
47 // Turn off the pref and ensure that we show the error page as expected.
48 Services.prefs.setBoolPref(PREF_BAD_CERT_DOMAIN_FIX_ENABLED, false);
50 gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser);
51 await verifyErrorPage(BAD_CERT_DOMAIN_ERROR_URL);
52 info("Cert error is shown as expected when the fixup pref is disabled");
54 // Turn on the pref and test that we fix the HTTPS URL.
55 Services.prefs.setBoolPref(PREF_BAD_CERT_DOMAIN_FIX_ENABLED, true);
56 gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser);
57 let loadSuccessful = BrowserTestUtils.browserLoaded(
58 gBrowser.selectedBrowser,
59 false,
60 FIXED_URL
61 );
62 BrowserTestUtils.startLoadingURIString(gBrowser, BAD_CERT_DOMAIN_ERROR_URL);
63 await loadSuccessful;
65 info("The URL was fixed as expected");
67 BrowserTestUtils.removeTab(gBrowser.selectedTab);
68 BrowserTestUtils.removeTab(gBrowser.selectedTab);
69 });
71 // Test that we don't prefix "www." to a https url when we encounter a bad cert domain
72 // error under certain conditions.
73 add_task(async function ignoreBadCertDomain() {
74 Services.prefs.setBoolPref(PREF_BAD_CERT_DOMAIN_FIX_ENABLED, true);
75 gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser);
77 // Test for when "www." form is not present in the certificate.
78 await verifyErrorPage(BAD_CERT_DOMAIN_ERROR_URL2);
79 info("Certificate error was shown as expected");
81 // Test that urls with IP addresses are not fixed.
82 Services.prefs.setBoolPref(PREF_ALLOW_HIJACKING_LOCALHOST, true);
83 await verifyErrorPage(IPV4_ADDRESS);
84 Services.prefs.clearUserPref(PREF_ALLOW_HIJACKING_LOCALHOST);
85 info("Certificate error was shown as expected for an IP address");
87 // Test that urls with ports are not fixed.
88 await verifyErrorPage(BAD_CERT_DOMAIN_ERROR_PORT);
89 info("Certificate error was shown as expected for a host with port");
91 BrowserTestUtils.removeTab(gBrowser.selectedTab);
92 });