build/pgo/server-locations.txt

   1 #
   2 # This Source Code Form is subject to the terms of the Mozilla Public
   3 # License, v. 2.0. If a copy of the MPL was not distributed with this
   4 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
   5
   6 #
   7 # This file defines the locations at which this HTTP server may be accessed.
   8 # It is referred to by the following page, so if this file moves, that page must
   9 # be modified accordingly:
  10 #
  11 # https://developer.mozilla.org/en/docs/Mochitest#How_do_I_test_issues_which_only_show_up_when_tests_are_run_across_domains.3F
  12 #
  13 # Empty lines and lines which begin with "#" are ignored and may be used for
  14 # storing comments.  All other lines consist of an origin followed by whitespace
  15 # and a comma-separated list of options (if indeed any options are needed).
  16 #
  17 # The format of an origin is, referring to RFC 2396, a scheme (either "http" or
  18 # "https"), followed by "://", followed by a host, followed by ":", followed by
  19 # a port number.  The colon and port number must be present even if the port
  20 # number is the default for the protocol.
  21 #
  22 # Unrecognized options are ignored.  Recognized options are "primary" and
  23 # "privileged", "nocert", "cert=some_cert_nickname", "redir=hostname" and
  24 # "failHandshake".
  25 #
  26 # "primary" denotes a location which is the canonical location of
  27 # the server; this location is the one assumed for requests which don't
  28 # otherwise identify a particular origin (e.g. HTTP/1.0 requests).
  29 #
  30 # "privileged" denotes a location which should have the ability to request
  31 # elevated privileges; the default is no privileges.
  32 #
  33 # "nocert" makes sense only for https:// hosts and means there is not
  34 # any certificate automatically generated for this host.
  35 #
  36 # "failHandshake" causes the tls handshake to fail (by sending a client hello to
  37 # the client).
  38 #
  39 # "cert=nickname" tells the pgo server to use a particular certificate
  40 # for this host. The certificate is referenced by its nickname that must
  41 # not contain any spaces. The certificate  key files (PKCS12 modules)
  42 # for custom certification are loaded from build/pgo/certs
  43 # directory. When new certificate is added to this dir pgo/ssltunnel
  44 # must be built then. This is only necessary for cases where we really do
  45 # want specific certs.
  46 # You can find instructions on how to add or modify certificates at:
  47 # https://firefox-source-docs.mozilla.org/build/buildsystem/test_certificates.html
  48 #
  49 # "redir=hostname" tells the pgo server is only used for https://
  50 # hosts while processing the CONNECT tunnel request. It responds
  51 # to the CONNECT with a 302 and redirection to the hostname instead
  52 # of connecting to the real back end and replying with a 200. This
  53 # mode exists primarily to ensure we don't allow a proxy to do that.
  54 #
  55
  56 #
  57 # This is the primary location from which tests run.
  58 #
  59 http://mochi.test:8888   primary,privileged
  60
  61 #
  62 # These are a common set of prefixes scattered across one TLD with two ports and
  63 # another TLD on a single port.
  64 #
  65 http://127.0.0.1:80               privileged
  66 http://127.0.0.1:8888             privileged
  67 http://test:80                    privileged
  68 http://mochi.test:8888            privileged
  69 http://test1.mochi.test:8888
  70 http://sub1.test1.mochi.test:8888
  71 http://sub2.xn--lt-uia.mochi.test:8888
  72 http://test2.mochi.test:8888
  73 http://example.org:80                privileged
  74 http://test1.example.org:80          privileged
  75 http://test2.example.org:80          privileged
  76 http://sub1.test1.example.org:80     privileged
  77 http://sub1.test2.example.org:80     privileged
  78 http://sub2.test1.example.org:80     privileged
  79 http://sub2.test2.example.org:80     privileged
  80 http://example.org:8000              privileged
  81 http://test1.example.org:8000        privileged
  82 http://test2.example.org:8000        privileged
  83 http://sub1.test1.example.org:8000   privileged
  84 http://sub1.test2.example.org:8000   privileged
  85 http://sub2.test1.example.org:8000   privileged
  86 http://sub2.test2.example.org:8000   privileged
  87 http://example.com:80                privileged
  88 http://www.example.com:80            privileged
  89 http://test1.example.com:80          privileged
  90 http://test2.example.com:80          privileged
  91 http://sub1.test1.example.com:80     privileged
  92 http://sub1.test2.example.com:80     privileged
  93 http://sub2.test1.example.com:80     privileged
  94 http://sub2.test2.example.com:80     privileged
  95 http://noxul.example.com:80          privileged,noxul
  96 http://example.net:80                privileged
  97 # Used to test that clearing Service Workers for domain example.com, does not clear prefixexample.com
  98 http://prefixexample.com:80
  99
 100 # The first HTTPS location is used to generate the Common Name (CN) value of the
 101 # certificate's Issued To field.
 102 https://example.com:443                privileged
 103 https://test1.example.com:443          privileged
 104 https://test2.example.com:443          privileged
 105 https://example.org:443                privileged
 106 https://test1.example.org:443          privileged
 107 https://test2.example.org:443          privileged
 108 https://sub1.test1.example.com:443     privileged
 109 https://sub1.test2.example.com:443     privileged
 110 https://sub2.test1.example.com:443     privileged
 111 https://sub2.test2.example.com:443     privileged
 112 https://nocert.example.com:443         privileged,nocert
 113 https://self-signed.example.com:443    privileged,cert=selfsigned
 114 https://untrusted.example.com:443      privileged,cert=untrusted
 115 https://expired.example.com:443        privileged,cert=expired
 116 https://requestclientcert.example.com:443         privileged,clientauth=request
 117 https://requireclientcert.example.com:443         privileged,clientauth=require
 118 https://mismatch.expired.example.com:443        privileged,cert=expired
 119 https://mismatch.untrusted.example.com:443      privileged,cert=untrusted
 120 https://untrusted-expired.example.com:443       privileged,cert=untrustedandexpired
 121 https://mismatch.untrusted-expired.example.com:443      privileged,cert=untrustedandexpired
 122 https://no-subject-alt-name.example.com:443   cert=noSubjectAltName
 123
 124 # Prevent safebrowsing tests from hitting the network for its-a-trap.html and
 125 # its-an-attack.html.
 126 http://www.itisatrap.org:80
 127 https://www.itisatrap.org:443
 128
 129 #
 130 # These are subdomains of <ält.example.org>.
 131 #
 132 http://sub1.xn--lt-uia.example.org:8000   privileged
 133 http://sub2.xn--lt-uia.example.org:80     privileged
 134 http://xn--exmple-cua.test:80             privileged
 135 http://sub1.xn--exmple-cua.test:80        privileged
 136 http://xn--exaple-kqf.test:80             privileged
 137 http://sub1.xn--exaple-kqf.test:80        privileged
 138
 139 https://xn--hxajbheg2az3al.xn--jxalpdlp:443        privileged
 140 https://sub1.xn--hxajbheg2az3al.xn--jxalpdlp:443   privileged
 141
 142 #
 143 # These are subdomains of <παράδειγμα.δοκιμή>, the Greek IDN for example.test.
 144 #
 145 http://xn--hxajbheg2az3al.xn--jxalpdlp:80        privileged
 146 http://sub1.xn--hxajbheg2az3al.xn--jxalpdlp:80   privileged
 147
 148 # Bug 413909 test host
 149 https://bug413909.xn--hxajbheg2az3al.xn--jxalpdlp:443   privileged,cert=bug413909cert
 150
 151 #
 152 # These hosts are used in tests which exercise privilege-granting functionality;
 153 # we could reuse some of the names above, but specific names make it easier to
 154 # distinguish one from the other in tests (as well as what functionality is
 155 # being tested).
 156 #
 157 http://sectest1.example.org:80       privileged
 158 http://sub.sectest2.example.org:80   privileged
 159 http://sectest2.example.org:80
 160 http://sub.sectest1.example.org:80
 161
 162 https://sectest1.example.org:443       privileged
 163 https://sub.sectest2.example.org:443   privileged
 164 https://sectest2.example.org:443
 165 https://sub.sectest1.example.org:443
 166
 167 #
 168 # Used while testing the url-classifier
 169 #
 170 http://malware.example.com:80
 171 http://unwanted.example.com:80
 172 http://tracking.example.com:80
 173 http://cryptomining.example.com:80
 174 http://fingerprinting.example.com:80
 175 http://not-tracking.example.com:80
 176 http://tracking.example.org:80
 177 http://another-tracking.example.net:80
 178 http://itisatracker.org:80
 179 https://itisatracker.org:443
 180 http://trackertest.org:80
 181 #
 182 # Used while testing TLS session ticket resumption for third-party trackers (bug 1500533)
 183 # (DO NOT USE THIS HOST IN OTHER TESTS!)
 184 #
 185 https://tlsresumptiontest.example.org:443
 186
 187 https://malware.example.com:443
 188 https://unwanted.example.com:443
 189 https://tracking.example.com:443
 190 https://cryptomining.example.com:443
 191 https://fingerprinting.example.com:443
 192 https://not-tracking.example.com:443
 193 https://tracking.example.org:443
 194 https://another-tracking.example.net:443
 195
 196 #
 197 # Used while testing flash blocking (Bug 1307604)
 198 #
 199 http://flashallow.example.com:80
 200 http://exception.flashallow.example.com:80
 201 http://flashblock.example.com:80
 202 http://exception.flashblock.example.com:80
 203 http://subdocument.example.com:80
 204 https://subdocument.example.com:443
 205 http://exception.subdocument.example.com:80
 206
 207 #
 208 # Used while testing tracking protection (Bug 1580416)
 209 # Not that apps.fbsbx.com is a public suffix
 210 #
 211 http://mochitest.apps.fbsbx.com:80
 212
 213 #
 214 # Flash usage can fail unless this URL exists
 215 #
 216 http://fpdownload2.macromedia.com:80
 217 https://fpdownload2.macromedia.com:443
 218
 219 # Bug 1281083
 220 http://bug1281083.example.com:80
 221
 222 # Bug 483437, 484111
 223 https://www.bank1.com:443           privileged,cert=escapeattack1
 224
 225 #
 226 # CONNECT for redirproxy results in a 302 redirect to
 227 # test1.example.com
 228 #
 229 https://redirproxy.example.com:443          privileged,redir=test1.example.com
 230
 231 # Host used for IndexedDB Quota testing
 232 http://bug704464-1.example.com:80        privileged
 233 http://bug704464-2.example.com:80        privileged
 234 http://bug704464-3.example.com:80        privileged
 235 http://bug702292.example.com:80          privileged
 236
 237 # W3C hosts.
 238 # See http://www.w3.org/wiki/Testing/Requirements#The_Web_test_server_must_be_available_through_different_domain_names
 239 http://w3c-test.org:80
 240 http://w3c-test.org:81
 241 http://w3c-test.org:82
 242 http://w3c-test.org:83
 243 http://www.w3c-test.org:80
 244 http://www.w3c-test.org:81
 245 http://www.w3c-test.org:82
 246 http://www.w3c-test.org:83
 247 http://www1.w3c-test.org:80
 248 http://www1.w3c-test.org:81
 249 http://www1.w3c-test.org:82
 250 http://www1.w3c-test.org:83
 251 http://www2.w3c-test.org:80
 252 http://www2.w3c-test.org:81
 253 http://www2.w3c-test.org:82
 254 http://www2.w3c-test.org:83
 255 # http://天気の良い日.w3c-test.org
 256 http://xn--n8j6ds53lwwkrqhv28a.w3c-test.org:80
 257 http://xn--n8j6ds53lwwkrqhv28a.w3c-test.org:81
 258 http://xn--n8j6ds53lwwkrqhv28a.w3c-test.org:82
 259 http://xn--n8j6ds53lwwkrqhv28a.w3c-test.org:83
 260 # http://élève.w3c-test.org
 261 http://xn--lve-6lad.w3c-test.org:80
 262 http://xn--lve-6lad.w3c-test.org:81
 263 http://xn--lve-6lad.w3c-test.org:82
 264 http://xn--lve-6lad.w3c-test.org:83
 265 # HTTPS versions of the above
 266 https://w3c-test.org:443
 267 https://www.w3c-test.org:443
 268 https://www1.w3c-test.org:443
 269 https://www2.w3c-test.org:443
 270 https://xn--n8j6ds53lwwkrqhv28a.w3c-test.org:443
 271 https://xn--lve-6lad.w3c-test.org:443
 272 http://test.w3.org:80
 273
 274 # Hosts for testing TLD-based fallback encoding
 275 http://example.tw:80                privileged
 276 http://example.cn:80                privileged
 277 http://example.co.jp:80             privileged
 278 http://example.fi:80                privileged
 279
 280 # Host for HPKP
 281 https://include-subdomains.pinning-dynamic.example.com:443        privileged,cert=dynamicPinningGood
 282 https://bad.include-subdomains.pinning-dynamic.example.com:443    privileged,cert=dynamicPinningBad
 283
 284 # Host for static pin tests
 285 https://badchain.include-subdomains.pinning.example.com:443       privileged,cert=staticPinningBad
 286 https://fail-handshake.example.com:443                            privileged,failHandshake
 287
 288 # Hosts for sha1 console warning tests
 289 https://sha1ee.example.com:443                                    privileged,cert=sha1_end_entity
 290 https://sha256ee.example.com:443                                  privileged,cert=sha256_end_entity
 291
 292 # Hosts for imminent distrust warning tests
 293 https://imminently-distrusted.example.com:443                     privileged,cert=imminently_distrusted
 294
 295 # Hosts for ssl3/rc4/tls1 warning tests
 296 https://ssl3.example.com:443         privileged,ssl3
 297 https://rc4.example.com:443          privileged,rc4
 298 https://ssl3rc4.example.com:443      privileged,ssl3,rc4
 299 https://tls1.example.com:443         privileged,tls1
 300 https://tls11.example.com:443        privileged,tls1_1
 301 https://tls12.example.com:443        privileged,tls1_2
 302 https://tls13.example.com:443        privileged,tls1,tls1_3
 303
 304 # Hosts for youtube rewrite tests
 305 https://mochitest.youtube.com:443
 306
 307 # Host for U2F localhost tests
 308 https://localhost:443
 309
 310 # Bug 1402530
 311 http://localhost:80                 privileged
 312
 313 # Host for testing APIs whitelisted for mozilla.org
 314 https://www.mozilla.org:443