1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 const { TestUtils } = ChromeUtils.importESModule(
8 "resource://testing-common/TestUtils.sys.mjs"
16 const certOverrideService = Cc[
17 "@mozilla.org/security/certoverride;1"
18 ].getService(Ci.nsICertOverrideService);
20 add_setup(async function setup() {
23 h2Port = Services.env.get("MOZHTTP2_PORT");
24 Assert.notEqual(h2Port, null);
25 Assert.notEqual(h2Port, "");
27 h3Port = Services.env.get("MOZHTTP3_PORT");
28 Assert.notEqual(h3Port, null);
29 Assert.notEqual(h3Port, "");
31 h3NoResponsePort = Services.env.get("MOZHTTP3_PORT_NO_RESPONSE");
32 Assert.notEqual(h3NoResponsePort, null);
33 Assert.notEqual(h3NoResponsePort, "");
35 Services.prefs.setBoolPref("network.dns.upgrade_with_https_rr", true);
36 Services.prefs.setBoolPref("network.dns.use_https_rr_as_altsvc", true);
37 Services.prefs.setBoolPref("network.dns.echconfig.enabled", true);
39 registerCleanupFunction(async () => {
41 Services.prefs.clearUserPref("network.dns.upgrade_with_https_rr");
42 Services.prefs.clearUserPref("network.dns.use_https_rr_as_altsvc");
43 Services.prefs.clearUserPref("network.dns.echconfig.enabled");
44 Services.prefs.clearUserPref(
45 "network.dns.echconfig.fallback_to_origin_when_all_failed"
47 Services.prefs.clearUserPref("network.dns.httpssvc.reset_exclustion_list");
48 Services.prefs.clearUserPref("network.http.http3.enable");
49 Services.prefs.clearUserPref(
50 "network.dns.httpssvc.http3_fast_fallback_timeout"
52 Services.prefs.clearUserPref("network.http.speculative-parallel-limit");
53 Services.prefs.clearUserPref("network.dns.localDomains");
54 Services.prefs.clearUserPref("network.dns.http3_echconfig.enabled");
56 await trrServer.stop();
60 if (mozinfo.socketprocess_networking) {
61 Services.dns; // Needed to trigger socket process.
62 await TestUtils.waitForCondition(() => Services.io.socketProcessLaunched);
65 Services.prefs.setIntPref("network.trr.mode", Ci.nsIDNSService.MODE_TRRFIRST);
68 function makeChan(url) {
69 let chan = NetUtil.newChannel({
71 loadUsingSystemPrincipal: true,
72 contentPolicyType: Ci.nsIContentPolicy.TYPE_DOCUMENT,
73 }).QueryInterface(Ci.nsIHttpChannel);
77 function channelOpenPromise(chan, flags) {
78 return new Promise(resolve => {
79 function finish(req, buffer) {
80 resolve([req, buffer]);
81 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(
85 let internal = chan.QueryInterface(Ci.nsIHttpChannelInternal);
86 internal.setWaitForHTTPSSVCRecord();
87 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(
90 chan.asyncOpen(new ChannelListener(finish, null, flags));
94 // Test if we can fallback to the last record sucessfully.
95 add_task(async function testFallbackToTheLastRecord() {
96 trrServer = new TRRServer();
97 await trrServer.start();
99 Services.prefs.setIntPref("network.trr.mode", 3);
100 Services.prefs.setCharPref(
102 `https://foo.example.com:${trrServer.port}/dns-query`
105 // Only the last record is valid to use.
106 await trrServer.registerDoHAnswers("test.fallback.com", "HTTPS", {
109 name: "test.fallback.com",
115 name: "test.fallback1.com",
117 { key: "alpn", value: ["h2", "h3-26"] },
118 { key: "echconfig", value: "123..." },
123 name: "test.fallback.com",
129 name: "foo.example.com",
131 { key: "alpn", value: ["h2", "h3-26"] },
132 { key: "port", value: h2Port },
133 { key: "echconfig", value: "456..." },
138 name: "test.fallback.com",
144 name: "test.fallback3.com",
146 { key: "alpn", value: ["h2", "h3-26"] },
147 { key: "echconfig", value: "456..." },
152 name: "test.fallback.com",
158 name: "test.fallback2.com",
160 { key: "alpn", value: ["h2", "h3-26"] },
161 { key: "echconfig", value: "456..." },
168 await new TRRDNSListener("test.fallback.com", {
169 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
172 let chan = makeChan(`https://test.fallback.com:${h2Port}/server-timing`);
173 let [req] = await channelOpenPromise(chan);
174 // Test if this request is done by h2.
175 Assert.equal(req.getResponseHeader("x-connection-http2"), "yes");
177 await trrServer.stop();
180 add_task(async function testFallbackToTheOrigin() {
181 trrServer = new TRRServer();
182 await trrServer.start();
183 Services.prefs.setIntPref("network.trr.mode", 3);
184 Services.prefs.setBoolPref(
185 "network.dns.echconfig.fallback_to_origin_when_all_failed",
188 Services.prefs.setCharPref(
190 `https://foo.example.com:${trrServer.port}/dns-query`
193 // All records are not able to use to connect, so we fallback to the origin
195 await trrServer.registerDoHAnswers("test.foo.com", "HTTPS", {
198 name: "test.foo.com",
204 name: "test.foo1.com",
206 { key: "alpn", value: ["h2", "h3-26"] },
207 { key: "echconfig", value: "123..." },
212 name: "test.foo.com",
218 name: "test.foo3.com",
220 { key: "alpn", value: ["h2", "h3-26"] },
221 { key: "echconfig", value: "456..." },
226 name: "test.foo.com",
232 name: "test.foo2.com",
234 { key: "alpn", value: ["h2", "h3-26"] },
235 { key: "echconfig", value: "456..." },
242 await trrServer.registerDoHAnswers("test.foo.com", "A", {
245 name: "test.foo.com",
254 await new TRRDNSListener("test.foo.com", {
255 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
258 let chan = makeChan(`https://test.foo.com:${h2Port}/server-timing`);
259 let [req] = await channelOpenPromise(chan);
260 // Test if this request is done by h2.
261 Assert.equal(req.getResponseHeader("x-connection-http2"), "yes");
263 await trrServer.stop();
266 // Test when all records are failed and network.dns.echconfig.fallback_to_origin
267 // is false. In this case, the connection is always failed.
268 add_task(async function testAllRecordsFailed() {
269 trrServer = new TRRServer();
270 await trrServer.start();
271 Services.prefs.setIntPref("network.trr.mode", 3);
272 Services.prefs.setCharPref(
274 `https://foo.example.com:${trrServer.port}/dns-query`
276 Services.prefs.setBoolPref(
277 "network.dns.echconfig.fallback_to_origin_when_all_failed",
281 await trrServer.registerDoHAnswers("test.bar.com", "HTTPS", {
284 name: "test.bar.com",
290 name: "test.bar1.com",
292 { key: "alpn", value: ["h2", "h3-26"] },
293 { key: "echconfig", value: "123..." },
298 name: "test.bar.com",
304 name: "test.bar3.com",
306 { key: "alpn", value: ["h2", "h3-26"] },
307 { key: "echconfig", value: "456..." },
312 name: "test.bar.com",
318 name: "test.bar2.com",
320 { key: "alpn", value: ["h2", "h3-26"] },
321 { key: "echconfig", value: "456..." },
328 await new TRRDNSListener("test.bar.com", {
329 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
332 // This channel should be failed.
333 let chan = makeChan(`https://test.bar.com:${h2Port}/server-timing`);
334 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
336 await trrServer.stop();
339 // Test when all records have no echConfig, we directly fallback to the origin
341 add_task(async function testFallbackToTheOrigin2() {
342 trrServer = new TRRServer();
343 await trrServer.start();
344 Services.prefs.setIntPref("network.trr.mode", 3);
345 Services.prefs.setCharPref(
347 `https://foo.example.com:${trrServer.port}/dns-query`
350 await trrServer.registerDoHAnswers("test.example.com", "HTTPS", {
353 name: "test.example.com",
359 name: "test.example1.com",
360 values: [{ key: "alpn", value: ["h2", "h3-26"] }],
364 name: "test.example.com",
370 name: "test.example3.com",
371 values: [{ key: "alpn", value: ["h2", "h3-26"] }],
377 await new TRRDNSListener("test.example.com", {
378 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
381 let chan = makeChan(`https://test.example.com:${h2Port}/server-timing`);
382 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
384 await trrServer.registerDoHAnswers("test.example.com", "A", {
387 name: "test.example.com",
396 chan = makeChan(`https://test.example.com:${h2Port}/server-timing`);
397 await channelOpenPromise(chan);
399 await trrServer.stop();
402 // Test when some records have echConfig and some not, we directly fallback to
404 add_task(async function testFallbackToTheOrigin3() {
405 Services.dns.clearCache(true);
407 trrServer = new TRRServer();
408 await trrServer.start();
409 Services.prefs.setIntPref("network.trr.mode", 3);
410 Services.prefs.setCharPref(
412 `https://foo.example.com:${trrServer.port}/dns-query`
415 await trrServer.registerDoHAnswers("vulnerable.com", "A", {
418 name: "vulnerable.com",
427 await trrServer.registerDoHAnswers("vulnerable.com", "HTTPS", {
430 name: "vulnerable.com",
436 name: "vulnerable1.com",
438 { key: "alpn", value: ["h2", "h3-26"] },
439 { key: "echconfig", value: "456..." },
444 name: "vulnerable.com",
450 name: "vulnerable2.com",
452 { key: "alpn", value: ["h2", "h3-26"] },
453 { key: "echconfig", value: "456..." },
458 name: "vulnerable.com",
464 name: "vulnerable3.com",
465 values: [{ key: "alpn", value: ["h2", "h3-26"] }],
471 await new TRRDNSListener("vulnerable.com", {
472 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
475 let chan = makeChan(`https://vulnerable.com:${h2Port}/server-timing`);
476 await channelOpenPromise(chan);
478 await trrServer.stop();
481 add_task(async function testResetExclusionList() {
482 trrServer = new TRRServer();
483 await trrServer.start();
484 Services.prefs.setIntPref("network.trr.mode", 3);
485 Services.prefs.setCharPref(
487 `https://foo.example.com:${trrServer.port}/dns-query`
489 Services.prefs.setBoolPref(
490 "network.dns.httpssvc.reset_exclustion_list",
494 await trrServer.registerDoHAnswers("test.reset.com", "HTTPS", {
497 name: "test.reset.com",
503 name: "test.reset1.com",
505 { key: "alpn", value: ["h2", "h3-26"] },
506 { key: "port", value: h2Port },
507 { key: "echconfig", value: "456..." },
512 name: "test.reset.com",
518 name: "test.reset2.com",
520 { key: "alpn", value: ["h2", "h3-26"] },
521 { key: "echconfig", value: "456..." },
528 await new TRRDNSListener("test.reset.com", {
529 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
532 // After this request, test.reset1.com and test.reset2.com should be both in
533 // the exclusion list.
534 let chan = makeChan(`https://test.reset.com:${h2Port}/server-timing`);
535 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
537 // This request should be also failed, because all records are excluded.
538 chan = makeChan(`https://test.reset.com:${h2Port}/server-timing`);
539 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
541 await trrServer.registerDoHAnswers("test.reset1.com", "A", {
544 name: "test.reset1.com",
553 Services.prefs.setBoolPref(
554 "network.dns.httpssvc.reset_exclustion_list",
558 // After enable network.dns.httpssvc.reset_exclustion_list and register
559 // A record for test.reset1.com, this request should be succeeded.
560 chan = makeChan(`https://test.reset.com:${h2Port}/server-timing`);
561 await channelOpenPromise(chan);
563 await trrServer.stop();
566 // Simply test if we can connect to H3 server.
567 add_task(async function testH3Connection() {
568 trrServer = new TRRServer();
569 await trrServer.start();
570 Services.prefs.setIntPref("network.trr.mode", 3);
571 Services.prefs.setCharPref(
573 `https://foo.example.com:${trrServer.port}/dns-query`
575 Services.prefs.setBoolPref("network.http.http3.enable", true);
577 Services.prefs.setIntPref(
578 "network.dns.httpssvc.http3_fast_fallback_timeout",
582 await trrServer.registerDoHAnswers("test.h3.com", "HTTPS", {
593 { key: "alpn", value: "h3-29" },
594 { key: "port", value: h3Port },
595 { key: "echconfig", value: "456..." },
602 await trrServer.registerDoHAnswers("www.h3.com", "A", {
614 await new TRRDNSListener("test.h3.com", {
615 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
618 let chan = makeChan(`https://test.h3.com`);
619 let [req] = await channelOpenPromise(chan);
620 Assert.equal(req.protocolVersion, "h3-29");
621 let internal = req.QueryInterface(Ci.nsIHttpChannelInternal);
622 Assert.equal(internal.remotePort, h3Port);
624 await trrServer.stop();
627 add_task(async function testFastfallbackToH2() {
628 trrServer = new TRRServer();
629 await trrServer.start();
630 Services.prefs.setIntPref("network.trr.mode", 3);
631 Services.prefs.setCharPref(
633 `https://foo.example.com:${trrServer.port}/dns-query`
635 Services.prefs.setBoolPref("network.http.http3.enable", true);
636 // Use a short timeout to make sure the fast fallback timer will be triggered.
637 Services.prefs.setIntPref(
638 "network.dns.httpssvc.http3_fast_fallback_timeout",
641 Services.prefs.setCharPref(
642 "network.dns.localDomains",
643 "test.fastfallback1.com"
646 await trrServer.registerDoHAnswers("test.fastfallback.com", "HTTPS", {
649 name: "test.fastfallback.com",
655 name: "test.fastfallback1.com",
657 { key: "alpn", value: "h3-29" },
658 { key: "port", value: h3NoResponsePort },
659 { key: "echconfig", value: "456..." },
664 name: "test.fastfallback.com",
670 name: "test.fastfallback2.com",
672 { key: "alpn", value: "h2" },
673 { key: "port", value: h2Port },
674 { key: "echconfig", value: "456..." },
681 await trrServer.registerDoHAnswers("test.fastfallback2.com", "A", {
684 name: "test.fastfallback2.com",
693 await new TRRDNSListener("test.fastfallback.com", {
694 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
697 let chan = makeChan(`https://test.fastfallback.com/server-timing`);
698 let [req] = await channelOpenPromise(chan);
699 Assert.equal(req.protocolVersion, "h2");
700 let internal = req.QueryInterface(Ci.nsIHttpChannelInternal);
701 Assert.equal(internal.remotePort, h2Port);
703 // Use a longer timeout to test the case that the timer is canceled.
704 Services.prefs.setIntPref(
705 "network.dns.httpssvc.http3_fast_fallback_timeout",
709 chan = makeChan(`https://test.fastfallback.com/server-timing`);
710 [req] = await channelOpenPromise(chan);
711 Assert.equal(req.protocolVersion, "h2");
712 internal = req.QueryInterface(Ci.nsIHttpChannelInternal);
713 Assert.equal(internal.remotePort, h2Port);
715 await trrServer.stop();
718 // Test when we fail to establish H3 connection.
719 add_task(async function testFailedH3Connection() {
720 trrServer = new TRRServer();
721 await trrServer.start();
722 Services.dns.clearCache(true);
723 Services.prefs.setIntPref("network.trr.mode", 3);
724 Services.prefs.setCharPref(
726 `https://foo.example.com:${trrServer.port}/dns-query`
728 Services.prefs.setBoolPref("network.http.http3.enable", true);
729 Services.prefs.setIntPref(
730 "network.dns.httpssvc.http3_fast_fallback_timeout",
734 await trrServer.registerDoHAnswers("test.h3.org", "HTTPS", {
745 { key: "alpn", value: "h3-29" },
746 { key: "port", value: h3Port },
747 { key: "echconfig", value: "456..." },
754 await new TRRDNSListener("test.h3.org", {
755 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
758 let chan = makeChan(`https://test.h3.org`);
759 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
761 await trrServer.stop();
764 // Test we don't use the service mode record whose domain is in
765 // http3 excluded list.
766 add_task(async function testHttp3ExcludedList() {
767 trrServer = new TRRServer();
768 await trrServer.start();
769 Services.dns.clearCache(true);
770 Services.prefs.setIntPref("network.trr.mode", 3);
771 Services.prefs.setCharPref(
773 `https://foo.example.com:${trrServer.port}/dns-query`
775 Services.prefs.setBoolPref("network.http.http3.enable", true);
776 Services.prefs.setIntPref(
777 "network.dns.httpssvc.http3_fast_fallback_timeout",
781 Services.prefs.setCharPref(
782 "network.http.http3.alt-svc-mapping-for-testing",
783 "www.h3_fail.org;h3-29=:" + h3Port
786 // This will fail because there is no address record for www.h3_fail.org.
787 let chan = makeChan(`https://www.h3_fail.org`);
788 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
790 // Now www.h3_fail.org should be already excluded, so the second record
791 // foo.example.com will be selected.
792 await trrServer.registerDoHAnswers("test.h3_excluded.org", "HTTPS", {
795 name: "test.h3_excluded.org",
801 name: "www.h3_fail.org",
803 { key: "alpn", value: "h3-29" },
804 { key: "port", value: h3Port },
809 name: "test.h3_excluded.org",
815 name: "foo.example.com",
817 { key: "alpn", value: "h3-29" },
818 { key: "port", value: h3Port },
825 await new TRRDNSListener("test.h3_excluded.org", {
826 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
829 chan = makeChan(`https://test.h3_excluded.org`);
830 let [req] = await channelOpenPromise(chan);
831 Assert.equal(req.protocolVersion, "h3-29");
832 let internal = req.QueryInterface(Ci.nsIHttpChannelInternal);
833 Assert.equal(internal.remotePort, h3Port);
835 await trrServer.stop();
838 add_task(async function testAllRecordsInHttp3ExcludedList() {
839 trrServer = new TRRServer();
840 await trrServer.start();
841 Services.dns.clearCache(true);
842 Services.prefs.setIntPref("network.trr.mode", 3);
843 Services.prefs.setBoolPref("network.dns.http3_echconfig.enabled", true);
844 Services.prefs.setCharPref(
846 `https://foo.example.com:${trrServer.port}/dns-query`
848 Services.prefs.setBoolPref("network.http.http3.enable", true);
849 Services.prefs.setIntPref(
850 "network.dns.httpssvc.http3_fast_fallback_timeout",
854 Services.prefs.setCharPref(
855 "network.http.http3.alt-svc-mapping-for-testing",
856 "www.h3_fail1.org;h3-29=:" + h3Port
859 await trrServer.registerDoHAnswers("www.h3_all_excluded.org", "A", {
862 name: "www.h3_all_excluded.org",
871 // Test we can connect to www.h3_all_excluded.org sucessfully.
873 `https://www.h3_all_excluded.org:${h2Port}/server-timing`
876 let [req] = await channelOpenPromise(chan);
878 // Test if this request is done by h2.
879 Assert.equal(req.getResponseHeader("x-connection-http2"), "yes");
881 // This will fail because there is no address record for www.h3_fail1.org.
882 chan = makeChan(`https://www.h3_fail1.org`);
883 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
885 Services.prefs.setCharPref(
886 "network.http.http3.alt-svc-mapping-for-testing",
887 "www.h3_fail2.org;h3-29=:" + h3Port
890 // This will fail because there is no address record for www.h3_fail2.org.
891 chan = makeChan(`https://www.h3_fail2.org`);
892 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
894 await trrServer.registerDoHAnswers("www.h3_all_excluded.org", "HTTPS", {
897 name: "www.h3_all_excluded.org",
903 name: "www.h3_fail1.org",
905 { key: "alpn", value: "h3-29" },
906 { key: "port", value: h3Port },
907 { key: "echconfig", value: "456..." },
912 name: "www.h3_all_excluded.org",
918 name: "www.h3_fail2.org",
920 { key: "alpn", value: "h3-29" },
921 { key: "port", value: h3Port },
922 { key: "echconfig", value: "456..." },
929 await new TRRDNSListener("www.h3_all_excluded.org", {
930 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
933 Services.dns.clearCache(true);
934 Services.prefs.setIntPref("network.http.speculative-parallel-limit", 0);
935 Services.obs.notifyObservers(null, "net:prune-all-connections");
937 // All HTTPS RRs are in http3 excluded list and all records are failed to
938 // connect, so don't fallback to the origin one.
939 chan = makeChan(`https://www.h3_all_excluded.org:${h2Port}/server-timing`);
940 await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
942 await trrServer.registerDoHAnswers("www.h3_fail1.org", "A", {
945 name: "www.h3_fail1.org",
954 // The the case that when all records are in http3 excluded list, we still
955 // give the first record one more shot.
956 chan = makeChan(`https://www.h3_all_excluded.org`);
957 [req] = await channelOpenPromise(chan);
958 Assert.equal(req.protocolVersion, "h3-29");
959 let internal = req.QueryInterface(Ci.nsIHttpChannelInternal);
960 Assert.equal(internal.remotePort, h3Port);
962 await trrServer.stop();
965 WebSocketListener.prototype = {
966 onAcknowledge(aContext, aSize) {},
967 onBinaryMessageAvailable(aContext, aMsg) {},
968 onMessageAvailable(aContext, aMsg) {},
969 onServerClose(aContext, aCode, aReason) {},
973 onStop(aContext, aStatusCode) {},
976 add_task(async function testUpgradeNotUsingHTTPSRR() {
977 trrServer = new TRRServer();
978 await trrServer.start();
979 Services.prefs.setIntPref("network.trr.mode", 3);
980 Services.prefs.setCharPref(
982 `https://foo.example.com:${trrServer.port}/dns-query`
985 await trrServer.registerDoHAnswers("test.ws.com", "HTTPS", {
994 name: "test.ws1.com",
995 values: [{ key: "port", value: ["8888"] }],
1001 await new TRRDNSListener("test.ws.com", {
1002 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
1005 await trrServer.registerDoHAnswers("test.ws.com", "A", {
1008 name: "test.ws.com",
1017 let wssUri = "wss://test.ws.com:" + h2Port + "/websocket";
1018 let chan = Cc["@mozilla.org/network/protocol;1?name=wss"].createInstance(
1019 Ci.nsIWebSocketChannel
1022 null, // aLoadingNode
1023 Services.scriptSecurityManager.getSystemPrincipal(),
1024 null, // aTriggeringPrincipal
1025 Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
1026 Ci.nsIContentPolicy.TYPE_DOCUMENT
1029 var uri = Services.io.newURI(wssUri);
1030 var wsListener = new WebSocketListener();
1031 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(
1034 await new Promise(resolve => {
1035 wsListener.finish = resolve;
1036 chan.asyncOpen(uri, wssUri, {}, 0, wsListener, null);
1037 certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(
1042 await trrServer.stop();
1045 // Test if we fallback to h2 with echConfig.
1046 add_task(async function testFallbackToH2WithEchConfig() {
1047 trrServer = new TRRServer();
1048 await trrServer.start();
1049 Services.dns.clearCache(true);
1050 Services.prefs.setIntPref("network.trr.mode", 3);
1051 Services.prefs.setCharPref(
1053 `https://foo.example.com:${trrServer.port}/dns-query`
1055 Services.prefs.setBoolPref("network.http.http3.enable", true);
1056 Services.prefs.setIntPref(
1057 "network.dns.httpssvc.http3_fast_fallback_timeout",
1061 await trrServer.registerDoHAnswers("test.fallback.org", "HTTPS", {
1064 name: "test.fallback.org",
1070 name: "test.fallback.org",
1072 { key: "alpn", value: ["h2", "h3-29"] },
1073 { key: "port", value: h2Port },
1074 { key: "echconfig", value: "456..." },
1081 await trrServer.registerDoHAnswers("test.fallback.org", "A", {
1084 name: "test.fallback.org",
1093 await new TRRDNSListener("test.fallback.org", {
1094 type: Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC,
1097 await new TRRDNSListener("test.fallback.org", "127.0.0.1");
1099 let chan = makeChan(`https://test.fallback.org/server-timing`);
1100 let [req] = await channelOpenPromise(chan);
1101 // Test if this request is done by h2.
1102 Assert.equal(req.getResponseHeader("x-connection-http2"), "yes");
1104 await trrServer.stop();