diff options
Diffstat (limited to 'testing/firefox-ui/tests/functional/security')
16 files changed, 1187 insertions, 0 deletions
diff --git a/testing/firefox-ui/tests/functional/security/manifest.ini b/testing/firefox-ui/tests/functional/security/manifest.ini new file mode 100644 index 000000000..46aeaf5c3 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/manifest.ini @@ -0,0 +1,22 @@ +[DEFAULT] +tags = remote + +[test_dv_certificate.py] +[test_enable_privilege.py] +tags = local +[test_ev_certificate.py] +skip-if = true # Bug 1407663 +[test_mixed_content_page.py] +[test_mixed_script_content_blocking.py] +[test_no_certificate.py] +tags = local +[test_safe_browsing_initial_download.py] +[test_safe_browsing_notification.py] +[test_safe_browsing_warning_pages.py] +[test_security_notification.py] +[test_ssl_disabled_error_page.py] +[test_ssl_status_after_restart.py] +skip-if = (os == "win" && os_version == "5.1") # Bug 1167179: Fails to open popups after restart +[test_submit_unencrypted_info_warning.py] +[test_unknown_issuer.py] +[test_untrusted_connection_error_page.py] diff --git a/testing/firefox-ui/tests/functional/security/test_dv_certificate.py b/testing/firefox-ui/tests/functional/security/test_dv_certificate.py new file mode 100644 index 000000000..565f64996 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_dv_certificate.py @@ -0,0 +1,85 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import Wait +from marionette_harness import MarionetteTestCase + + +class TestDVCertificate(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestDVCertificate, self).setUp() + + self.locationbar = self.browser.navbar.locationbar + self.identity_popup = self.browser.navbar.locationbar.identity_popup + + self.url = 'https://ssl-dv.mozqa.com' + + def tearDown(self): + try: + self.browser.switch_to() + self.identity_popup.close(force=True) + self.puppeteer.windows.close_all([self.browser]) + finally: + super(TestDVCertificate, self).tearDown() + + def test_dv_cert(self): + with self.marionette.using_context('content'): + self.marionette.navigate(self.url) + + self.assertEqual(self.locationbar.identity_box.get_property('className'), + 'verifiedDomain') + + # Open the identity popup + self.locationbar.open_identity_popup() + + # Check the identity popup doorhanger + self.assertEqual(self.identity_popup.element.get_attribute('connection'), 'secure') + + cert = self.browser.tabbar.selected_tab.certificate + + # The shown host equals to the certificate + self.assertEqual(self.identity_popup.view.main.host.get_property('textContent'), + cert['commonName']) + + # Only the secure label is visible in the main view + secure_label = self.identity_popup.view.main.secure_connection_label + self.assertNotEqual(secure_label.value_of_css_property('display'), 'none') + + insecure_label = self.identity_popup.view.main.insecure_connection_label + self.assertEqual(insecure_label.value_of_css_property('display'), 'none') + + self.identity_popup.view.main.expander.click() + Wait(self.marionette).until( + lambda _: self.identity_popup.view.security.selected, + message='Security view of identity popup has not been selected.') + + # Only the secure label is visible in the security view + secure_label = self.identity_popup.view.security.secure_connection_label + self.assertNotEqual(secure_label.value_of_css_property('display'), 'none') + + insecure_label = self.identity_popup.view.security.insecure_connection_label + self.assertEqual(insecure_label.value_of_css_property('display'), 'none') + + verifier_label = self.browser.localize_property('identity.identified.verifier') + self.assertEqual(self.identity_popup.view.security.verifier.get_property('textContent'), + verifier_label.replace("%S", cert['issuerOrganization'])) + + def opener(mn): + self.identity_popup.view.security.more_info_button.click() + + page_info_window = self.browser.open_page_info_window(opener) + deck = page_info_window.deck + + self.assertEqual(deck.selected_panel, deck.security) + + self.assertEqual(deck.security.domain.get_property('value'), + cert['commonName']) + + self.assertEqual(deck.security.owner.get_property('value'), + page_info_window.localize_property('securityNoOwner')) + + self.assertEqual(deck.security.verifier.get_property('value'), + cert['issuerOrganization']) diff --git a/testing/firefox-ui/tests/functional/security/test_enable_privilege.py b/testing/firefox-ui/tests/functional/security/test_enable_privilege.py new file mode 100644 index 000000000..17e883cc5 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_enable_privilege.py @@ -0,0 +1,17 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +from marionette_driver import By +from marionette_harness import MarionetteTestCase + + +class TestEnablePrivilege(MarionetteTestCase): + + def test_enable_privilege(self): + with self.marionette.using_context('content'): + url = self.marionette.absolute_url('security/enable_privilege.html') + self.marionette.navigate(url) + + result = self.marionette.find_element(By.ID, 'result') + self.assertEqual(result.get_property('textContent'), 'PASS') diff --git a/testing/firefox-ui/tests/functional/security/test_ev_certificate.py b/testing/firefox-ui/tests/functional/security/test_ev_certificate.py new file mode 100644 index 000000000..f5acf5795 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_ev_certificate.py @@ -0,0 +1,112 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import Wait +from marionette_harness import MarionetteTestCase + + +class TestEVCertificate(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestEVCertificate, self).setUp() + + self.locationbar = self.browser.navbar.locationbar + self.identity_popup = self.locationbar.identity_popup + + self.url = 'https://ssl-ev.mozqa.com/' + + def tearDown(self): + try: + self.browser.switch_to() + self.identity_popup.close(force=True) + self.puppeteer.windows.close_all([self.browser]) + finally: + super(TestEVCertificate, self).tearDown() + + def test_ev_certificate(self): + with self.marionette.using_context('content'): + self.marionette.navigate(self.url) + + # Check the identity box + self.assertEqual(self.locationbar.identity_box.get_property('className'), + 'verifiedIdentity') + + # Get the information from the certificate + cert = self.browser.tabbar.selected_tab.certificate + address = self.puppeteer.security.get_address_from_certificate(cert) + + # Check the identity popup label displays + self.assertEqual(self.locationbar.identity_organization_label.get_property('value'), + cert['organization']) + self.assertEqual(self.locationbar.identity_country_label.get_property('value'), + '(' + address['country'] + ')') + + # Open the identity popup + self.locationbar.open_identity_popup() + + # Check the idenity popup doorhanger + self.assertEqual(self.identity_popup.element.get_attribute('connection'), 'secure-ev') + + # For EV certificates no hostname but the organization name is shown + self.assertEqual(self.identity_popup.view.main.host.get_property('textContent'), + cert['organization']) + + # Only the secure label is visible in the main view + secure_label = self.identity_popup.view.main.secure_connection_label + self.assertNotEqual(secure_label.value_of_css_property('display'), 'none') + + insecure_label = self.identity_popup.view.main.insecure_connection_label + self.assertEqual(insecure_label.value_of_css_property('display'), 'none') + + self.identity_popup.view.main.expander.click() + Wait(self.marionette).until(lambda _: self.identity_popup.view.security.selected) + + security_view = self.identity_popup.view.security + + # Only the secure label is visible in the security view + secure_label = security_view.secure_connection_label + self.assertNotEqual(secure_label.value_of_css_property('display'), 'none') + + insecure_label = security_view.insecure_connection_label + self.assertEqual(insecure_label.value_of_css_property('display'), 'none') + + # Check the organization name + self.assertEqual(security_view.owner.get_property('textContent'), cert['organization']) + + # Check the owner location string + # More information: + # hg.mozilla.org/mozilla-central/file/eab4a81e4457/browser/base/content/browser.js#l7012 + location = self.browser.localize_property('identity.identified.state_and_country') + location = location.replace('%S', address['state'], 1).replace('%S', address['country']) + location = address['city'] + '\n' + location + self.assertEqual(security_view.owner_location.get_property('textContent'), location) + + # Check the verifier + l10n_verifier = self.browser.localize_property('identity.identified.verifier') + l10n_verifier = l10n_verifier.replace('%S', cert['issuerOrganization']) + self.assertEqual(security_view.verifier.get_property('textContent'), l10n_verifier) + + # Open the Page Info window by clicking the More Information button + page_info = self.browser.open_page_info_window( + lambda _: self.identity_popup.view.security.more_info_button.click()) + + try: + # Verify that the current panel is the security panel + self.assertEqual(page_info.deck.selected_panel, page_info.deck.security) + + # Verify the domain listed on the security panel + self.assertIn(cert['commonName'], + page_info.deck.security.domain.get_property('value')) + + # Verify the owner listed on the security panel + self.assertEqual(page_info.deck.security.owner.get_property('value'), + cert['organization']) + + # Verify the verifier listed on the security panel + self.assertEqual(page_info.deck.security.verifier.get_property('value'), + cert['issuerOrganization']) + finally: + page_info.close() + self.browser.focus() diff --git a/testing/firefox-ui/tests/functional/security/test_mixed_content_page.py b/testing/firefox-ui/tests/functional/security/test_mixed_content_page.py new file mode 100644 index 000000000..c146b46f4 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_mixed_content_page.py @@ -0,0 +1,55 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +from firefox_puppeteer import PuppeteerMixin +from marionette_harness import MarionetteTestCase + + +class TestMixedContentPage(PuppeteerMixin, MarionetteTestCase): + def setUp(self): + super(TestMixedContentPage, self).setUp() + + self.locationbar = self.browser.navbar.locationbar + self.identity_popup = self.locationbar.identity_popup + + self.url = 'https://mozqa.com/data/firefox/security/mixedcontent.html' + + def tearDown(self): + try: + self.identity_popup.close(force=True) + finally: + super(TestMixedContentPage, self).tearDown() + + def test_mixed_content(self): + with self.marionette.using_context('content'): + self.marionette.navigate(self.url) + + self.assertEqual(self.locationbar.identity_box.get_property('className'), + 'unknownIdentity mixedDisplayContent') + + # Open the identity popup + self.locationbar.open_identity_popup() + + # Only the insecure label is visible in the main view + secure_label = self.identity_popup.view.main.secure_connection_label + self.assertEqual(secure_label.value_of_css_property('display'), 'none') + + insecure_label = self.identity_popup.view.main.insecure_connection_label + self.assertNotEqual(insecure_label.value_of_css_property('display'), 'none') + + # TODO: Bug 1177417 - Needs to open and close the security view, but a second + # click on the expander doesn't hide the security view + # self.identity_popup.view.main.expander.click() + # Wait(self.marionette).until(lambda _: self.identity_popup.view.security.selected) + + # Only the insecure label is visible in the security view + secure_label = self.identity_popup.view.security.secure_connection_label + self.assertEqual(secure_label.value_of_css_property('display'), 'none') + + insecure_label = self.identity_popup.view.security.insecure_connection_label + self.assertNotEqual(insecure_label.value_of_css_property('display'), 'none') + + # owner is not visible + owner = self.identity_popup.view.security.owner + self.assertEqual(owner.value_of_css_property('display'), 'none') diff --git a/testing/firefox-ui/tests/functional/security/test_mixed_script_content_blocking.py b/testing/firefox-ui/tests/functional/security/test_mixed_script_content_blocking.py new file mode 100644 index 000000000..796b1dc29 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_mixed_script_content_blocking.py @@ -0,0 +1,87 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import By, Wait +from marionette_harness import MarionetteTestCase + + +class TestMixedScriptContentBlocking(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestMixedScriptContentBlocking, self).setUp() + + self.url = 'https://mozqa.com/data/firefox/security/mixed_content_blocked/index.html' + + self.test_elements = [ + ('result1', 'Insecure script one'), + ('result2', 'Insecure script from iFrame'), + ('result3', 'Insecure plugin'), + ('result4', 'Insecure stylesheet'), + ] + + self.locationbar = self.browser.navbar.locationbar + self.identity_popup = self.locationbar.identity_popup + + def tearDown(self): + try: + self.identity_popup.close(force=True) + finally: + super(TestMixedScriptContentBlocking, self).tearDown() + + def _expect_protection_status(self, enabled): + if enabled: + color, identity, state = ( + 'rgb(0, 136, 0)', + 'verifiedDomain mixedActiveBlocked', + 'blocked' + ) + else: + color, identity, state = ( + 'rgb(255, 0, 0)', + 'unknownIdentity mixedActiveContent', + 'unblocked' + ) + + # First call to Wait() needs a longer timeout due to the reload of the web page. + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + lambda _: self.locationbar.identity_box.get_property('className') == identity, + message='Expected identity "{}" not found'.format(identity) + ) + + with self.marionette.using_context('content'): + for identifier, description in self.test_elements: + el = self.marionette.find_element(By.ID, identifier) + Wait(self.marionette).until( + lambda mn: el.value_of_css_property('color') == color, + message=("%s has been %s" % (description, state)) + ) + + def expect_protection_enabled(self): + self._expect_protection_status(True) + + def expect_protection_disabled(self): + self._expect_protection_status(False) + + def test_mixed_content_page(self): + with self.marionette.using_context('content'): + self.marionette.navigate(self.url) + + self.expect_protection_enabled() + + # Disable mixed content blocking via identity popup + self.locationbar.open_identity_popup() + self.identity_popup.view.main.expander.click() + Wait(self.marionette).until(lambda _: self.identity_popup.view.security.selected) + + disable_button = self.identity_popup.view.security.disable_mixed_content_blocking_button + disable_button.click() + + self.expect_protection_disabled() + + # A reload keeps blocking disabled + with self.marionette.using_context('content'): + self.marionette.navigate(self.url) + + self.expect_protection_disabled() diff --git a/testing/firefox-ui/tests/functional/security/test_no_certificate.py b/testing/firefox-ui/tests/functional/security/test_no_certificate.py new file mode 100644 index 000000000..a3b7bf98a --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_no_certificate.py @@ -0,0 +1,81 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +from urlparse import urlparse + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import expected, Wait +from marionette_harness import MarionetteTestCase + + +class TestNoCertificate(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestNoCertificate, self).setUp() + + self.locationbar = self.browser.navbar.locationbar + self.identity_popup = self.locationbar.identity_popup + + self.url = self.marionette.absolute_url('layout/mozilla.html') + + def tearDown(self): + try: + self.browser.switch_to() + self.identity_popup.close(force=True) + self.puppeteer.windows.close_all([self.browser]) + finally: + super(TestNoCertificate, self).tearDown() + + def test_no_certificate(self): + with self.marionette.using_context('content'): + self.marionette.navigate(self.url) + + # Check the favicon + # TODO: find a better way to check, e.g., mozmill's isDisplayed + favicon_hidden = self.marionette.execute_script(""" + return arguments[0].hasAttribute("hidden"); + """, script_args=[self.browser.navbar.locationbar.identity_icon]) + self.assertFalse(favicon_hidden, 'The identity icon is visible') + + # Check that the identity box organization label is blank + self.assertEqual(self.locationbar.identity_organization_label.get_property('value'), '', + 'The organization has no label') + + # Open the identity popup + self.locationbar.open_identity_popup() + + # Check the idenity popup doorhanger + self.assertEqual(self.identity_popup.element.get_attribute('connection'), 'not-secure') + + # The expander for the security view does not exist + expected.element_not_present(lambda m: self.identity_popup.main.expander) + + # Only the insecure label is visible + secure_label = self.identity_popup.view.main.secure_connection_label + self.assertEqual(secure_label.value_of_css_property('display'), 'none') + + insecure_label = self.identity_popup.view.main.insecure_connection_label + self.assertNotEqual(insecure_label.value_of_css_property('display'), 'none') + + self.identity_popup.view.main.expander.click() + Wait(self.marionette).until(lambda _: self.identity_popup.view.security.selected) + + # Open the Page Info window by clicking the "More Information" button + page_info = self.browser.open_page_info_window( + lambda _: self.identity_popup.view.security.more_info_button.click()) + + # Verify that the current panel is the security panel + self.assertEqual(page_info.deck.selected_panel, page_info.deck.security) + + # Check the domain listed on the security panel contains the url's host name + self.assertIn(urlparse(self.url).hostname, + page_info.deck.security.domain.get_property('value')) + + # Check the owner label equals localized 'securityNoOwner' + self.assertEqual(page_info.deck.security.owner.get_property('value'), + page_info.localize_property('securityNoOwner')) + + # Check the verifier label equals localized 'notset' + self.assertEqual(page_info.deck.security.verifier.get_property('value'), + page_info.localize_property('notset')) diff --git a/testing/firefox-ui/tests/functional/security/test_safe_browsing_initial_download.py b/testing/firefox-ui/tests/functional/security/test_safe_browsing_initial_download.py new file mode 100644 index 000000000..6f9c50ffb --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_safe_browsing_initial_download.py @@ -0,0 +1,84 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +import os + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import Wait +from marionette_harness import MarionetteTestCase + + +class TestSafeBrowsingInitialDownload(PuppeteerMixin, MarionetteTestCase): + + file_extensions = [ + 'pset', + 'sbstore', + ] + + prefs_download_lists = [ + 'urlclassifier.blockedTable', + 'urlclassifier.downloadAllowTable', + 'urlclassifier.downloadBlockTable', + 'urlclassifier.malwareTable', + 'urlclassifier.phishTable', + 'urlclassifier.trackingTable', + 'urlclassifier.trackingWhitelistTable', + ] + + prefs_provider_update_time = { + # Force an immediate download of the safebrowsing files + 'browser.safebrowsing.provider.google.nextupdatetime': 1, + 'browser.safebrowsing.provider.mozilla.nextupdatetime': 1, + } + + prefs_safebrowsing = { + 'browser.safebrowsing.debug': True, + 'browser.safebrowsing.blockedURIs.enabled': True, + 'browser.safebrowsing.downloads.enabled': True, + 'browser.safebrowsing.phishing.enabled': True, + 'browser.safebrowsing.malware.enabled': True, + 'privacy.trackingprotection.enabled': True, + 'privacy.trackingprotection.pbmode.enabled': True, + } + + def get_safebrowsing_files(self): + files = [] + for pref_name in self.prefs_download_lists: + base_names = self.marionette.get_pref(pref_name).split(',') + for ext in self.file_extensions: + files.extend(['{file}.{ext}'.format(file=f, ext=ext) for f in base_names if f]) + + return set(sorted(files)) + + def setUp(self): + super(TestSafeBrowsingInitialDownload, self).setUp() + + # Force the preferences for the new profile + enforce_prefs = self.prefs_safebrowsing + enforce_prefs.update(self.prefs_provider_update_time) + self.marionette.enforce_gecko_prefs(enforce_prefs) + + self.safebrowsing_path = os.path.join(self.marionette.instance.profile.profile, + 'safebrowsing') + self.safebrowsing_files = self.get_safebrowsing_files() + + def tearDown(self): + try: + # Restart with a fresh profile + self.restart(clean=True) + finally: + super(TestSafeBrowsingInitialDownload, self).tearDown() + + def test_safe_browsing_initial_download(self): + def check_downloaded(_): + return reduce(lambda state, pref: state and int(self.marionette.get_pref(pref)) != 1, + self.prefs_provider_update_time.keys(), True) + + try: + Wait(self.marionette, timeout=60).until( + check_downloaded, message='Not all safebrowsing files have been downloaded') + finally: + files_on_disk_toplevel = os.listdir(self.safebrowsing_path) + for f in self.safebrowsing_files: + self.assertIn(f, files_on_disk_toplevel) diff --git a/testing/firefox-ui/tests/functional/security/test_safe_browsing_notification.py b/testing/firefox-ui/tests/functional/security/test_safe_browsing_notification.py new file mode 100644 index 000000000..5fb3d0389 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_safe_browsing_notification.py @@ -0,0 +1,149 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +import time + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import By, expected, Wait +from marionette_harness import MarionetteTestCase + + +class TestSafeBrowsingNotificationBar(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestSafeBrowsingNotificationBar, self).setUp() + + self.test_data = [ + # Unwanted software URL + { + # First two properties are not needed, + # since these errors are not reported + 'button_property': None, + 'report_page': None, + 'unsafe_page': 'https://www.itisatrap.org/firefox/unwanted.html' + }, + # Phishing URL info + { + 'button_property': 'safebrowsing.notADeceptiveSiteButton.label', + 'report_page': 'google.com/safebrowsing/report_error', + 'unsafe_page': 'https://www.itisatrap.org/firefox/its-a-trap.html' + }, + # Malware URL object + { + 'button_property': 'safebrowsing.notAnAttackButton.label', + 'report_page': 'stopbadware.org', + 'unsafe_page': 'https://www.itisatrap.org/firefox/its-an-attack.html' + } + ] + + self.marionette.set_pref('browser.safebrowsing.phishing.enabled', True) + self.marionette.set_pref('browser.safebrowsing.malware.enabled', True) + + # Give the browser a little time, because SafeBrowsing.jsm takes a while + # between start up and adding the example urls to the db. + # hg.mozilla.org/mozilla-central/file/46aebcd9481e/browser/base/content/browser.js#l1194 + time.sleep(3) + + # TODO: Bug 1139544: While we don't have a reliable way to close the safe browsing + # notification bar when a test fails, run this test in a new tab. + self.browser.tabbar.open_tab() + + def tearDown(self): + try: + self.puppeteer.utils.permissions.remove('https://www.itisatrap.org', 'safe-browsing') + self.browser.tabbar.close_all_tabs([self.browser.tabbar.tabs[0]]) + self.marionette.clear_pref('browser.safebrowsing.phishing.enabled') + self.marionette.clear_pref('browser.safebrowsing.malware.enabled') + finally: + super(TestSafeBrowsingNotificationBar, self).tearDown() + + def test_notification_bar(self): + with self.marionette.using_context('content'): + for item in self.test_data: + button_property = item['button_property'] + report_page, unsafe_page = item['report_page'], item['unsafe_page'] + + # Navigate to the unsafe page + # Check "ignore warning" link then notification bar's "not badware" button + # Only do this if feature supports it + if button_property is not None: + self.marionette.navigate(unsafe_page) + # Wait for the DOM to receive events for about:blocked + time.sleep(1) + self.check_ignore_warning_button(unsafe_page) + self.check_not_badware_button(button_property, report_page) + + # Return to the unsafe page + # Check "ignore warning" link then notification bar's "get me out" button + self.marionette.navigate(unsafe_page) + # Wait for the DOM to receive events for about:blocked + time.sleep(1) + self.check_ignore_warning_button(unsafe_page) + self.check_get_me_out_of_here_button() + + # Return to the unsafe page + # Check "ignore warning" link then notification bar's "X" button + self.marionette.navigate(unsafe_page) + # Wait for the DOM to receive events for about:blocked + time.sleep(1) + self.check_ignore_warning_button(unsafe_page) + self.check_x_button() + + def check_ignore_warning_button(self, unsafe_page): + button = self.marionette.find_element(By.ID, 'ignoreWarningButton') + button.click() + + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + expected.element_present(By.ID, 'main-feature'), + message='Expected target element "#main-feature" has not been found', + ) + self.assertEquals(self.marionette.get_url(), self.browser.get_final_url(unsafe_page)) + + # Clean up here since the permission gets set in this function + self.puppeteer.utils.permissions.remove('https://www.itisatrap.org', 'safe-browsing') + + # Check the not a forgery or attack button in the notification bar + def check_not_badware_button(self, button_property, report_page): + with self.marionette.using_context('chrome'): + # TODO: update to use safe browsing notification bar class when bug 1139544 lands + label = self.browser.localize_property(button_property) + button = (self.marionette.find_element(By.ID, 'content') + .find_element('anon attribute', {'label': label})) + + self.browser.tabbar.open_tab(lambda _: button.click()) + + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + lambda mn: report_page in mn.get_url(), + message='The expected safe-browsing report page has not been opened', + ) + + with self.marionette.using_context('chrome'): + self.browser.tabbar.close_tab() + + def check_get_me_out_of_here_button(self): + with self.marionette.using_context('chrome'): + # TODO: update to use safe browsing notification bar class when bug 1139544 lands + label = self.browser.localize_property('safebrowsing.getMeOutOfHereButton.label') + button = (self.marionette.find_element(By.ID, 'content') + .find_element('anon attribute', {'label': label})) + button.click() + + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + lambda mn: self.browser.default_homepage in mn.get_url(), + message='The default home page has not been loaded', + ) + + def check_x_button(self): + with self.marionette.using_context('chrome'): + # TODO: update to use safe browsing notification bar class when bug 1139544 lands + button = (self.marionette.find_element(By.ID, 'content') + .find_element('anon attribute', {'value': 'blocked-badware-page'}) + .find_element('anon attribute', + {'class': 'messageCloseButton close-icon tabbable'})) + button.click() + + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + expected.element_stale(button), + message='The notification bar has not been closed', + ) diff --git a/testing/firefox-ui/tests/functional/security/test_safe_browsing_warning_pages.py b/testing/firefox-ui/tests/functional/security/test_safe_browsing_warning_pages.py new file mode 100644 index 000000000..968a9464b --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_safe_browsing_warning_pages.py @@ -0,0 +1,115 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +import time + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import By, expected, Wait +from marionette_harness import MarionetteTestCase + + +class TestSafeBrowsingWarningPages(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestSafeBrowsingWarningPages, self).setUp() + + self.urls = [ + # Unwanted software URL + 'https://www.itisatrap.org/firefox/unwanted.html', + # Phishing URL + 'https://www.itisatrap.org/firefox/its-a-trap.html', + # Malware URL + 'https://www.itisatrap.org/firefox/its-an-attack.html' + ] + + self.marionette.set_pref('app.support.baseURL', + self.marionette.absolute_url("support.html?topic=")) + self.marionette.set_pref('browser.safebrowsing.phishing.enabled', True) + self.marionette.set_pref('browser.safebrowsing.malware.enabled', True) + + # Give the browser a little time, because SafeBrowsing.jsm takes a + # while between start up and adding the example urls to the db. + # hg.mozilla.org/mozilla-central/file/46aebcd9481e/browser/base/content/browser.js#l1194 + time.sleep(3) + + # TODO: Bug 1139544: While we don't have a reliable way to close the safe browsing + # notification bar when a test fails, run this test in a new tab. + self.browser.tabbar.open_tab() + + def tearDown(self): + try: + self.puppeteer.utils.permissions.remove('https://www.itisatrap.org', 'safe-browsing') + self.browser.tabbar.close_all_tabs([self.browser.tabbar.tabs[0]]) + self.marionette.clear_pref('app.support.baseURL') + self.marionette.clear_pref('browser.safebrowsing.malware.enabled') + self.marionette.clear_pref('browser.safebrowsing.phishing.enabled') + finally: + super(TestSafeBrowsingWarningPages, self).tearDown() + + def test_warning_pages(self): + with self.marionette.using_context("content"): + for unsafe_page in self.urls: + # Load a test page, then test the get me out button + self.marionette.navigate(unsafe_page) + # Wait for the DOM to receive events for about:blocked + time.sleep(1) + self.check_get_me_out_of_here_button(unsafe_page) + + # Load the test page again, then test the report button + self.marionette.navigate(unsafe_page) + # Wait for the DOM to receive events for about:blocked + time.sleep(1) + self.check_report_button(unsafe_page) + + # Load the test page again, then test the ignore warning button + self.marionette.navigate(unsafe_page) + # Wait for the DOM to receive events for about:blocked + time.sleep(1) + self.check_ignore_warning_button(unsafe_page) + + def check_get_me_out_of_here_button(self, unsafe_page): + button = self.marionette.find_element(By.ID, "getMeOutButton") + button.click() + + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + lambda mn: self.browser.default_homepage in mn.get_url()) + + def check_report_button(self, unsafe_page): + # Get the URL of the support site for phishing and malware. This may result in a redirect. + with self.marionette.using_context('chrome'): + url = self.marionette.execute_script(""" + Components.utils.import("resource://gre/modules/Services.jsm"); + return Services.urlFormatter.formatURLPref("app.support.baseURL") + + "phishing-malware"; + """) + + button = self.marionette.find_element(By.ID, "reportButton") + button.click() + + # Wait for the button to become stale, whereby a longer timeout is needed + # here to not fail in case of slow connections. + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + expected.element_stale(button)) + + # Wait for page load to be completed, so we can verify the URL even if a redirect happens. + # TODO: Bug 1140470: use replacement for mozmill's waitforPageLoad + expected_url = self.browser.get_final_url(url) + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + lambda mn: expected_url == mn.get_url(), + message="The expected URL '{}' has not been loaded".format(expected_url) + ) + + topic = self.marionette.find_element(By.ID, "topic") + self.assertEquals(topic.text, "phishing-malware") + + def check_ignore_warning_button(self, unsafe_page): + button = self.marionette.find_element(By.ID, 'ignoreWarningButton') + button.click() + + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + expected.element_present(By.ID, 'main-feature')) + self.assertEquals(self.marionette.get_url(), self.browser.get_final_url(unsafe_page)) + + # Clean up by removing safe browsing permission for unsafe page + self.puppeteer.utils.permissions.remove('https://www.itisatrap.org', 'safe-browsing') diff --git a/testing/firefox-ui/tests/functional/security/test_security_notification.py b/testing/firefox-ui/tests/functional/security/test_security_notification.py new file mode 100644 index 000000000..5825d0364 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_security_notification.py @@ -0,0 +1,62 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +import time + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import By, Wait +from marionette_driver.errors import MarionetteException +from marionette_harness import MarionetteTestCase + + +class TestSecurityNotification(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestSecurityNotification, self).setUp() + + self.urls = [ + # Invalid cert page + 'https://ssl-expired.mozqa.com', + # Secure page + 'https://ssl-ev.mozqa.com/', + # Insecure page + 'http://no-ssl.mozqa.com' + ] + + self.identity_box = self.browser.navbar.locationbar.identity_box + + def test_invalid_cert(self): + with self.marionette.using_context('content'): + # Go to a site that has an invalid (expired) cert + self.assertRaises(MarionetteException, self.marionette.navigate, self.urls[0]) + + # Wait for the DOM to receive events + time.sleep(1) + + # Verify the text in Technical Content contains the page with invalid cert + text = self.marionette.find_element(By.ID, 'badCertTechnicalInfo') + self.assertIn(self.urls[0][8:], text.get_property('textContent')) + + # Verify the "Go Back" and "Advanced" buttons appear + self.assertIsNotNone(self.marionette.find_element(By.ID, 'returnButton')) + self.assertIsNotNone(self.marionette.find_element(By.ID, 'advancedButton')) + + # Verify the error code is correct + self.assertIn('SEC_ERROR_EXPIRED_CERTIFICATE', text.get_property('textContent')) + + def test_secure_website(self): + with self.marionette.using_context('content'): + self.marionette.navigate(self.urls[1]) + + Wait(self.marionette).until(lambda _: ( + self.identity_box.get_property('className') == 'verifiedIdentity') + ) + + def test_insecure_website(self): + with self.marionette.using_context('content'): + self.marionette.navigate(self.urls[2]) + + Wait(self.marionette).until(lambda _: ( + self.identity_box.get_property('className') == 'unknownIdentity') + ) diff --git a/testing/firefox-ui/tests/functional/security/test_ssl_disabled_error_page.py b/testing/firefox-ui/tests/functional/security/test_ssl_disabled_error_page.py new file mode 100644 index 000000000..d1d9c531f --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_ssl_disabled_error_page.py @@ -0,0 +1,60 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +import time + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import By, expected, Wait +from marionette_driver.errors import MarionetteException +from marionette_harness import MarionetteTestCase + + +class TestSSLDisabledErrorPage(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestSSLDisabledErrorPage, self).setUp() + + self.url = 'https://tlsv1-0.mozqa.com' + + self.puppeteer.utils.sanitize({"sessions": True}) + + # Disable SSL 3.0, TLS 1.0 and TLS 1.1 for secure connections + # by forcing the use of TLS 1.2 + # see: http://kb.mozillazine.org/Security.tls.version.*#Possible_values_and_their_effects + self.marionette.set_pref('security.tls.version.min', 3) + self.marionette.set_pref('security.tls.version.max', 3) + + def tearDown(self): + try: + self.marionette.clear_pref('security.tls.version.min') + self.marionette.clear_pref('security.tls.version.max') + finally: + super(TestSSLDisabledErrorPage, self).tearDown() + + def test_ssl_disabled_error_page(self): + with self.marionette.using_context('content'): + # Open the test page + self.assertRaises(MarionetteException, self.marionette.navigate, self.url) + + # Wait for the DOM to receive events + time.sleep(1) + + # Verify "Secure Connection Failed" error page title + title = self.marionette.find_element(By.CLASS_NAME, 'title-text') + nss_failure2title = self.browser.localize_entity('nssFailure2.title') + self.assertEquals(title.get_property('textContent'), nss_failure2title) + + # Verify the error message is correct + short_description = self.marionette.find_element(By.ID, 'errorShortDescText') + self.assertIn('SSL_ERROR_UNSUPPORTED_VERSION', + short_description.get_property('textContent')) + self.assertIn('mozqa.com', short_description.get_property('textContent')) + + # Verify that the "Restore" button appears and works + reset_button = self.marionette.find_element(By.ID, 'prefResetButton') + reset_button.click() + + # With the preferences reset, the page has to load correctly + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + expected.element_present(By.LINK_TEXT, 'http://quality.mozilla.org')) diff --git a/testing/firefox-ui/tests/functional/security/test_ssl_status_after_restart.py b/testing/firefox-ui/tests/functional/security/test_ssl_status_after_restart.py new file mode 100644 index 000000000..f274d8f2f --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_ssl_status_after_restart.py @@ -0,0 +1,124 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import Wait +from marionette_harness import MarionetteTestCase, skip_if_e10s + + +class TestSSLStatusAfterRestart(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestSSLStatusAfterRestart, self).setUp() + + self.test_data = ( + { + 'url': 'https://ssl-dv.mozqa.com', + 'identity': '', + 'type': 'secure' + }, + { + 'url': 'https://ssl-ev.mozqa.com/', + 'identity': 'Mozilla Corporation', + 'type': 'secure-ev' + }, + { + 'url': 'https://ssl-ov.mozqa.com/', + 'identity': '', + 'type': 'secure' + } + ) + + # Set browser to restore previous session + self.marionette.set_pref('browser.startup.page', 3) + + self.locationbar = self.browser.navbar.locationbar + self.identity_popup = self.locationbar.identity_popup + + def tearDown(self): + try: + self.puppeteer.windows.close_all([self.browser]) + self.browser.tabbar.close_all_tabs([self.browser.tabbar.tabs[0]]) + self.browser.switch_to() + self.identity_popup.close(force=True) + self.marionette.clear_pref('browser.startup.page') + finally: + super(TestSSLStatusAfterRestart, self).tearDown() + + @skip_if_e10s("Bug 1325047") + def test_ssl_status_after_restart(self): + for item in self.test_data: + with self.marionette.using_context('content'): + self.marionette.navigate(item['url']) + self.verify_certificate_status(item) + self.browser.tabbar.open_tab() + + self.restart() + + # Refresh references to elements + self.locationbar = self.browser.navbar.locationbar + self.identity_popup = self.locationbar.identity_popup + + for index, item in enumerate(self.test_data): + self.browser.tabbar.tabs[index].select() + self.verify_certificate_status(item) + + def verify_certificate_status(self, item): + url, identity, cert_type = item['url'], item['identity'], item['type'] + + # Check the favicon + # TODO: find a better way to check, e.g., mozmill's isDisplayed + favicon_hidden = self.marionette.execute_script(""" + return arguments[0].hasAttribute("hidden"); + """, script_args=[self.browser.navbar.locationbar.identity_icon]) + self.assertFalse(favicon_hidden) + + self.locationbar.open_identity_popup() + + # Check the type shown on the identity popup doorhanger + self.assertEqual(self.identity_popup.element.get_attribute('connection'), + cert_type) + + self.identity_popup.view.main.expander.click() + Wait(self.marionette).until(lambda _: self.identity_popup.view.security.selected) + + # Check the identity label + self.assertEqual(self.locationbar.identity_organization_label.get_property('value'), + identity) + + # Get the information from the certificate + cert = self.browser.tabbar.selected_tab.certificate + + # Open the Page Info window by clicking the More Information button + page_info = self.browser.open_page_info_window( + lambda _: self.identity_popup.view.security.more_info_button.click()) + + # Verify that the current panel is the security panel + self.assertEqual(page_info.deck.selected_panel, page_info.deck.security) + + # Verify the domain listed on the security panel + # If this is a wildcard cert, check only the domain + if cert['commonName'].startswith('*'): + self.assertIn(self.puppeteer.security.get_domain_from_common_name(cert['commonName']), + page_info.deck.security.domain.get_property('value'), + 'Expected domain found in certificate for ' + url) + else: + self.assertEqual(page_info.deck.security.domain.get_property('value'), + cert['commonName'], + 'Domain value matches certificate common name.') + + # Verify the owner listed on the security panel + if identity != '': + owner = cert['organization'] + else: + owner = page_info.localize_property('securityNoOwner') + + self.assertEqual(page_info.deck.security.owner.get_property('value'), owner, + 'Expected owner label found for ' + url) + + # Verify the verifier listed on the security panel + self.assertEqual(page_info.deck.security.verifier.get_property('value'), + cert['issuerOrganization'], + 'Verifier matches issuer of certificate for ' + url) + page_info.close() diff --git a/testing/firefox-ui/tests/functional/security/test_submit_unencrypted_info_warning.py b/testing/firefox-ui/tests/functional/security/test_submit_unencrypted_info_warning.py new file mode 100644 index 000000000..a2f431fb5 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_submit_unencrypted_info_warning.py @@ -0,0 +1,65 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import By, expected, Wait +from marionette_driver.errors import NoAlertPresentException +from marionette_driver.marionette import Alert +from marionette_harness import MarionetteTestCase + + +class TestSubmitUnencryptedInfoWarning(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestSubmitUnencryptedInfoWarning, self).setUp() + + self.url = 'https://ssl-dv.mozqa.com/data/firefox/security/unencryptedsearch.html' + self.test_string = 'mozilla' + + self.marionette.set_pref('security.warn_submit_insecure', True) + + def tearDown(self): + try: + self.marionette.clear_pref('security.warn_submit_insecure') + finally: + super(TestSubmitUnencryptedInfoWarning, self).tearDown() + + def test_submit_unencrypted_info_warning(self): + with self.marionette.using_context('content'): + self.marionette.navigate(self.url) + + # Get the page's search box and submit button. + searchbox = self.marionette.find_element(By.ID, 'q') + button = self.marionette.find_element(By.ID, 'submit') + + # Use the page's search box to submit information. + searchbox.send_keys(self.test_string) + button.click() + + # Get the expected warning text and replace its two instances of "##" with "\n\n". + message = self.browser.localize_property('formPostSecureToInsecureWarning.message') + message = message.replace('##', '\n\n') + + # Wait for the warning, verify the expected text matches warning, accept the warning + warning = Alert(self.marionette) + try: + Wait(self.marionette, + ignored_exceptions=NoAlertPresentException, + timeout=self.marionette.timeout.page_load).until( + lambda _: warning.text == message) + finally: + warning.accept() + + # Wait for the search box to become stale, then wait for the page to be reloaded. + Wait(self.marionette).until(expected.element_stale(searchbox)) + + # TODO: Bug 1140470: use replacement for mozmill's waitforPageLoad + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + lambda mn: mn.execute_script('return document.readyState == "DOMContentLoaded" ||' + ' document.readyState == "complete";') + ) + + # Check that search_term contains the test string. + search_term = self.marionette.find_element(By.ID, 'search-term') + self.assertEqual(search_term.get_property('textContent'), self.test_string) diff --git a/testing/firefox-ui/tests/functional/security/test_unknown_issuer.py b/testing/firefox-ui/tests/functional/security/test_unknown_issuer.py new file mode 100644 index 000000000..b329f2500 --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_unknown_issuer.py @@ -0,0 +1,34 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +import time + +from marionette_driver import By +from marionette_driver.errors import MarionetteException +from marionette_harness import MarionetteTestCase + + +class TestUnknownIssuer(MarionetteTestCase): + + def setUp(self): + super(TestUnknownIssuer, self).setUp() + + self.url = 'https://ssl-unknownissuer.mozqa.com' + + def test_unknown_issuer(self): + with self.marionette.using_context('content'): + # Go to a site that has a cert with an unknown issuer + self.assertRaises(MarionetteException, self.marionette.navigate, self.url) + + # Wait for the DOM to receive events + time.sleep(1) + + # Check for the correct error code + error = self.marionette.find_element(By.ID, 'errorCode') + self.assertEquals(error.get_property('textContent'), + 'SEC_ERROR_UNKNOWN_ISSUER') + + # Verify the "Go Back" and "Advanced" buttons appear + self.assertIsNotNone(self.marionette.find_element(By.ID, 'returnButton')) + self.assertIsNotNone(self.marionette.find_element(By.ID, 'advancedButton')) diff --git a/testing/firefox-ui/tests/functional/security/test_untrusted_connection_error_page.py b/testing/firefox-ui/tests/functional/security/test_untrusted_connection_error_page.py new file mode 100644 index 000000000..0dbce1c8f --- /dev/null +++ b/testing/firefox-ui/tests/functional/security/test_untrusted_connection_error_page.py @@ -0,0 +1,35 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +import time + +from firefox_puppeteer import PuppeteerMixin +from marionette_driver import By, Wait +from marionette_driver.errors import MarionetteException +from marionette_harness import MarionetteTestCase + + +class TestUntrustedConnectionErrorPage(PuppeteerMixin, MarionetteTestCase): + + def setUp(self): + super(TestUntrustedConnectionErrorPage, self).setUp() + + self.url = 'https://ssl-selfsigned.mozqa.com' + + def test_untrusted_connection_error_page(self): + self.marionette.set_context('content') + + # In some localized builds, the default page redirects + target_url = self.browser.get_final_url(self.browser.default_homepage) + + self.assertRaises(MarionetteException, self.marionette.navigate, self.url) + + # Wait for the DOM to receive events + time.sleep(1) + + button = self.marionette.find_element(By.ID, "returnButton") + button.click() + + Wait(self.marionette, timeout=self.marionette.timeout.page_load).until( + lambda mn: target_url == self.marionette.get_url()) |