diff options
Diffstat (limited to 'toolkit/modules/tests/chrome/test_bug544442_checkCert.xul')
| -rw-r--r-- | toolkit/modules/tests/chrome/test_bug544442_checkCert.xul | 155 |
1 files changed, 155 insertions, 0 deletions
diff --git a/toolkit/modules/tests/chrome/test_bug544442_checkCert.xul b/toolkit/modules/tests/chrome/test_bug544442_checkCert.xul new file mode 100644 index 000000000..dd0ce8fbd --- /dev/null +++ b/toolkit/modules/tests/chrome/test_bug544442_checkCert.xul @@ -0,0 +1,155 @@ +<?xml version="1.0"?> +<!-- +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ + */ +--> + +<?xml-stylesheet href="chrome://global/skin" type="text/css"?> +<?xml-stylesheet href="chrome://mochikit/content/tests/SimpleTest/test.css" type="text/css"?> + +<window title="Test CertUtils.jsm checkCert - bug 340198 and bug 544442" + xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul" + onload="testStart();"> +<script type="application/javascript" + src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/> + +<script type="application/javascript"> +<![CDATA[ + +var Cc = Components.classes; +var Ci = Components.interfaces; +var Cr = Components.results; + +SimpleTest.waitForExplicitFinish(); + +Components.utils.import("resource://gre/modules/CertUtils.jsm"); + +function testStart() { + ok(true, "Entering testStart"); + + var request = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]. + createInstance(Ci.nsIXMLHttpRequest); + request.open("GET", "https://example.com/", true); + request.channel.notificationCallbacks = new BadCertHandler(true); + request.onerror = function(event) { testXHRError(event); }; + request.onload = function(event) { testXHRLoad(event); }; + request.send(null); +} + +function testXHRError(aEvent) { + ok(true, "Entering testXHRError - something went wrong"); + + var request = aEvent.target; + var status = 0; + try { + status = request.status; + } + catch (e) { + } + + if (status == 0) + status = request.channel.QueryInterface(Ci.nsIRequest).status; + + ok(false, "XHR onerror called: " + status); + + SimpleTest.finish(); +} + +function getCheckCertResult(aChannel, aAllowNonBuiltIn, aCerts) { + try { + checkCert(aChannel, aAllowNonBuiltIn, aCerts); + } + catch (e) { + return e.result; + } + return Cr.NS_OK; +} + +function testXHRLoad(aEvent) { + ok(true, "Entering testXHRLoad"); + + var channel = aEvent.target.channel; + + var certs = null; + is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT, + "checkCert should throw NS_ERROR_ABORT when the certificate attributes " + + "array passed to checkCert is null and the certificate is not builtin"); + + is(getCheckCertResult(channel, true, certs), Cr.NS_OK, + "checkCert should not throw when the certificate attributes array " + + "passed to checkCert is null and builtin certificates aren't enforced"); + + certs = [ { invalidAttribute: "Invalid attribute" } ]; + is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ILLEGAL_VALUE, + "checkCert should throw NS_ERROR_ILLEGAL_VALUE when the certificate " + + "attributes array passed to checkCert has an element that has an " + + "attribute that does not exist on the certificate"); + + certs = [ { issuerName: "Incorrect issuerName" } ]; + is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ILLEGAL_VALUE, + "checkCert should throw NS_ERROR_ILLEGAL_VALUE when the certificate " + + "attributes array passed to checkCert has an element that has an " + + "issuerName that is not the same as the certificate's"); + + var cert = channel.securityInfo.QueryInterface(Ci.nsISSLStatusProvider). + SSLStatus.QueryInterface(Ci.nsISSLStatus).serverCert; + + certs = [ { issuerName: cert.issuerName, + commonName: cert.commonName } ]; + is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT, + "checkCert should throw NS_ERROR_ABORT when the certificate attributes " + + "array passed to checkCert has a single element that has the same " + + "issuerName and commonName as the certificate's and the certificate is " + + "not builtin"); + + is(getCheckCertResult(channel, true, certs), Cr.NS_OK, + "checkCert should not throw when the certificate attributes array " + + "passed to checkCert has a single element that has the same issuerName " + + "and commonName as the certificate's and and builtin certificates " + + "aren't enforced"); + + certs = [ { issuerName: "Incorrect issuerName", + invalidAttribute: "Invalid attribute" }, + { issuerName: cert.issuerName, + commonName: "Invalid Common Name" }, + { issuerName: cert.issuerName, + commonName: cert.commonName } ]; + is(getCheckCertResult(channel, false, certs), Cr.NS_ERROR_ABORT, + "checkCert should throw NS_ERROR_ABORT when the certificate attributes " + + "array passed to checkCert has an element that has the same issuerName " + + "and commonName as the certificate's and the certificate is not builtin"); + + is(getCheckCertResult(channel, true, certs), Cr.NS_OK, + "checkCert should not throw when the certificate attributes array " + + "passed to checkCert has an element that has the same issuerName and " + + "commonName as the certificate's and builtin certificates aren't enforced"); + + var mockChannel = { originalURI: Cc["@mozilla.org/network/io-service;1"]. + getService(Ci.nsIIOService). + newURI("http://example.com/", null, null) }; + + certs = [ ]; + is(getCheckCertResult(mockChannel, false, certs), Cr.NS_ERROR_UNEXPECTED, + "checkCert should throw NS_ERROR_UNEXPECTED when the certificate " + + "attributes array passed to checkCert is not null and the channel's " + + "originalURI is not https"); + + certs = null; + is(getCheckCertResult(mockChannel, false, certs), Cr.NS_OK, + "checkCert should not throw when the certificate attributes object " + + "passed to checkCert is null and the the channel's originalURI is not " + + "https"); + + SimpleTest.finish(); +} + +]]> +</script> + +<body xmlns="http://www.w3.org/1999/xhtml"> + <p id="display"></p> + <div id="content" style="display: none"></div> + <pre id="test"></pre> +</body> +</window> |