summaryrefslogtreecommitdiffstats
path: root/browser/base/content/test/general/browser_mixedContentFromOnunload.js
diff options
context:
space:
mode:
authorMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
committerMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
commit5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree10027f336435511475e392454359edea8e25895d /browser/base/content/test/general/browser_mixedContentFromOnunload.js
parent49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
downloadUXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip
Add m-esr52 at 52.6.0
Diffstat (limited to 'browser/base/content/test/general/browser_mixedContentFromOnunload.js')
-rw-r--r--browser/base/content/test/general/browser_mixedContentFromOnunload.js49
1 files changed, 49 insertions, 0 deletions
diff --git a/browser/base/content/test/general/browser_mixedContentFromOnunload.js b/browser/base/content/test/general/browser_mixedContentFromOnunload.js
new file mode 100644
index 000000000..9b39776f4
--- /dev/null
+++ b/browser/base/content/test/general/browser_mixedContentFromOnunload.js
@@ -0,0 +1,49 @@
+/*
+ * Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ *
+ * Tests for Bug 947079 - Fix bug in nsSecureBrowserUIImpl that sets the wrong
+ * security state on a page because of a subresource load that is not on the
+ * same page.
+ */
+
+// We use different domains for each test and for navigation within each test
+const gHttpTestRoot1 = "http://example.com/browser/browser/base/content/test/general/";
+const gHttpsTestRoot1 = "https://test1.example.com/browser/browser/base/content/test/general/";
+const gHttpTestRoot2 = "http://example.net/browser/browser/base/content/test/general/";
+const gHttpsTestRoot2 = "https://test2.example.com/browser/browser/base/content/test/general/";
+
+var gTestBrowser = null;
+add_task(function *() {
+ let url = gHttpTestRoot1 + "file_mixedContentFromOnunload.html";
+ yield BrowserTestUtils.withNewTab({gBrowser, url}, function*() {
+ yield new Promise(resolve => {
+ SpecialPowers.pushPrefEnv({
+ "set": [
+ ["security.mixed_content.block_active_content", true],
+ ["security.mixed_content.block_display_content", false]
+ ]
+ }, resolve);
+ });
+ gTestBrowser = gBrowser.selectedBrowser;
+ // Navigation from an http page to a https page with no mixed content
+ // The http page loads an http image on unload
+ url = gHttpsTestRoot1 + "file_mixedContentFromOnunload_test1.html";
+ yield BrowserTestUtils.loadURI(gTestBrowser, url);
+ yield BrowserTestUtils.browserLoaded(gTestBrowser);
+ // check security state. Since current url is https and doesn't have any
+ // mixed content resources, we expect it to be secure.
+ isSecurityState("secure");
+ assertMixedContentBlockingState(gTestBrowser, {activeLoaded: false, activeBlocked: false, passiveLoaded: false});
+ // Navigation from an http page to a https page that has mixed display content
+ // The https page loads an http image on unload
+ url = gHttpTestRoot2 + "file_mixedContentFromOnunload.html";
+ yield BrowserTestUtils.loadURI(gTestBrowser, url);
+ yield BrowserTestUtils.browserLoaded(gTestBrowser);
+ url = gHttpsTestRoot2 + "file_mixedContentFromOnunload_test2.html";
+ yield BrowserTestUtils.loadURI(gTestBrowser, url);
+ yield BrowserTestUtils.browserLoaded(gTestBrowser);
+ isSecurityState("broken");
+ assertMixedContentBlockingState(gTestBrowser, {activeLoaded: false, activeBlocked: false, passiveLoaded: true});
+ });
+});