diff options
Diffstat (limited to 'browser/base/content/test/general/browser_insecureLoginForms.js')
-rw-r--r-- | browser/base/content/test/general/browser_insecureLoginForms.js | 162 |
1 files changed, 0 insertions, 162 deletions
diff --git a/browser/base/content/test/general/browser_insecureLoginForms.js b/browser/base/content/test/general/browser_insecureLoginForms.js deleted file mode 100644 index 72db7dbe6..000000000 --- a/browser/base/content/test/general/browser_insecureLoginForms.js +++ /dev/null @@ -1,162 +0,0 @@ -/* Any copyright is dedicated to the Public Domain. - * http://creativecommons.org/publicdomain/zero/1.0/ */ - -// Load directly from the browser-chrome support files of login tests. -const TEST_URL_PATH = "/browser/toolkit/components/passwordmgr/test/browser/"; - -/** - * Waits for the given number of occurrences of InsecureLoginFormsStateChange - * on the given browser element. - */ -function waitForInsecureLoginFormsStateChange(browser, count) { - return BrowserTestUtils.waitForEvent(browser, "InsecureLoginFormsStateChange", - false, () => --count == 0); -} - -/** - * Checks the insecure login forms logic for the identity block. - */ -add_task(function* test_simple() { - yield new Promise(resolve => SpecialPowers.pushPrefEnv({ - "set": [["security.insecure_password.ui.enabled", true]], - }, resolve)); - - for (let [origin, expectWarning] of [ - ["http://example.com", true], - ["http://127.0.0.1", false], - ["https://example.com", false], - ]) { - let testUrlPath = origin + TEST_URL_PATH; - let tab = gBrowser.addTab(testUrlPath + "form_basic.html"); - let browser = tab.linkedBrowser; - yield Promise.all([ - BrowserTestUtils.switchTab(gBrowser, tab), - BrowserTestUtils.browserLoaded(browser), - // One event is triggered by pageshow and one by DOMFormHasPassword. - waitForInsecureLoginFormsStateChange(browser, 2), - ]); - - let { gIdentityHandler } = gBrowser.ownerGlobal; - gIdentityHandler._identityBox.click(); - document.getElementById("identity-popup-security-expander").click(); - - if (expectWarning) { - is_element_visible(document.getElementById("connection-icon")); - let connectionIconImage = gBrowser.ownerGlobal - .getComputedStyle(document.getElementById("connection-icon"), "") - .getPropertyValue("list-style-image"); - let securityViewBG = gBrowser.ownerGlobal - .getComputedStyle(document.getElementById("identity-popup-securityView"), "") - .getPropertyValue("background-image"); - let securityContentBG = gBrowser.ownerGlobal - .getComputedStyle(document.getElementById("identity-popup-security-content"), "") - .getPropertyValue("background-image"); - is(connectionIconImage, - "url(\"chrome://browser/skin/connection-mixed-active-loaded.svg#icon\")", - "Using expected icon image in the identity block"); - is(securityViewBG, - "url(\"chrome://browser/skin/controlcenter/mcb-disabled.svg\")", - "Using expected icon image in the Control Center main view"); - is(securityContentBG, - "url(\"chrome://browser/skin/controlcenter/mcb-disabled.svg\")", - "Using expected icon image in the Control Center subview"); - is(Array.filter(document.querySelectorAll("[observes=identity-popup-insecure-login-forms-learn-more]"), - element => !is_hidden(element)).length, 1, - "The 'Learn more' link should be visible once."); - } - - // Messages should be visible when the scheme is HTTP, and invisible when - // the scheme is HTTPS. - is(Array.every(document.querySelectorAll("[when-loginforms=insecure]"), - element => !is_hidden(element)), - expectWarning, - "The relevant messages should be visible or hidden."); - - gIdentityHandler._identityPopup.hidden = true; - gBrowser.removeTab(tab); - } -}); - -/** - * Checks that the insecure login forms logic does not regress mixed content - * blocking messages when mixed active content is loaded. - */ -add_task(function* test_mixedcontent() { - yield new Promise(resolve => SpecialPowers.pushPrefEnv({ - "set": [["security.mixed_content.block_active_content", false]], - }, resolve)); - - // Load the page with the subframe in a new tab. - let testUrlPath = "://example.com" + TEST_URL_PATH; - let tab = gBrowser.addTab("https" + testUrlPath + "insecure_test.html"); - let browser = tab.linkedBrowser; - yield Promise.all([ - BrowserTestUtils.switchTab(gBrowser, tab), - BrowserTestUtils.browserLoaded(browser), - // Two events are triggered by pageshow and one by DOMFormHasPassword. - waitForInsecureLoginFormsStateChange(browser, 3), - ]); - - assertMixedContentBlockingState(browser, { activeLoaded: true, - activeBlocked: false, - passiveLoaded: false }); - - gBrowser.removeTab(tab); -}); - -/** - * Checks that insecure window.opener does not trigger a warning. - */ -add_task(function* test_ignoring_window_opener() { - let newTabURL = "https://example.com" + TEST_URL_PATH + "form_basic.html"; - let path = getRootDirectory(gTestPath) - .replace("chrome://mochitests/content", "http://example.com"); - let url = path + "insecure_opener.html"; - - yield BrowserTestUtils.withNewTab(url, function*(browser) { - // Clicking the link will spawn a new tab. - let loaded = BrowserTestUtils.waitForNewTab(gBrowser, newTabURL); - yield ContentTask.spawn(browser, {}, function() { - content.document.getElementById("link").click(); - }); - let tab = yield loaded; - browser = tab.linkedBrowser; - yield waitForInsecureLoginFormsStateChange(browser, 2); - - // Open the identity popup. - let { gIdentityHandler } = gBrowser.ownerGlobal; - gIdentityHandler._identityBox.click(); - document.getElementById("identity-popup-security-expander").click(); - - ok(is_visible(document.getElementById("connection-icon")), - "Connection icon is visible"); - - // Assert that the identity indicators are still "secure". - let connectionIconImage = gBrowser.ownerGlobal - .getComputedStyle(document.getElementById("connection-icon")) - .getPropertyValue("list-style-image"); - let securityViewBG = gBrowser.ownerGlobal - .getComputedStyle(document.getElementById("identity-popup-securityView")) - .getPropertyValue("background-image"); - let securityContentBG = gBrowser.ownerGlobal - .getComputedStyle(document.getElementById("identity-popup-security-content")) - .getPropertyValue("background-image"); - is(connectionIconImage, - "url(\"chrome://browser/skin/connection-secure.svg\")", - "Using expected icon image in the identity block"); - is(securityViewBG, - "url(\"chrome://browser/skin/controlcenter/connection.svg#connection-secure\")", - "Using expected icon image in the Control Center main view"); - is(securityContentBG, - "url(\"chrome://browser/skin/controlcenter/connection.svg#connection-secure\")", - "Using expected icon image in the Control Center subview"); - - ok(Array.every(document.querySelectorAll("[when-loginforms=insecure]"), - element => is_hidden(element)), - "All messages should be hidden."); - - gIdentityHandler._identityPopup.hidden = true; - - yield BrowserTestUtils.removeTab(tab); - }); -}); |