browser/base/content/test/general/browser_mixed_content_cert_override.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54

/*
 * Bug 1253771 - check mixed content blocking in combination with overriden certificates
 */

"use strict";

const MIXED_CONTENT_URL = "https://self-signed.example.com/browser/browser/base/content/test/general/test-mixedcontent-securityerrors.html";

function getConnectionState() {
  return document.getElementById("identity-popup").getAttribute("connection");
}

function getPopupContentVerifier() {
  return document.getElementById("identity-popup-content-verifier");
}

function getConnectionIcon() {
  return window.getComputedStyle(document.getElementById("connection-icon")).listStyleImage;
}

function checkIdentityPopup(icon) {
  gIdentityHandler.refreshIdentityPopup();
  is(getConnectionIcon(), `url("chrome://browser/skin/${icon}")`);
  is(getConnectionState(), "secure-cert-user-overridden");
  isnot(getPopupContentVerifier().style.display, "none", "Overridden certificate warning is shown");
  ok(getPopupContentVerifier().textContent.includes("security exception"), "Text shows overridden certificate warning.");
}

add_task(function* () {
  yield BrowserTestUtils.openNewForegroundTab(gBrowser);

  // check that a warning is shown when loading a page with mixed content and an overridden certificate
  yield loadBadCertPage(MIXED_CONTENT_URL);
  checkIdentityPopup("connection-mixed-passive-loaded.svg#icon");

  // check that the crossed out icon is shown when disabling mixed content protection
  gIdentityHandler.disableMixedContentProtection();
  yield BrowserTestUtils.browserLoaded(gBrowser.selectedBrowser);

  checkIdentityPopup("connection-mixed-active-loaded.svg#icon");

  // check that a warning is shown even without mixed content
  yield BrowserTestUtils.loadURI(gBrowser.selectedBrowser, "https://self-signed.example.com");
  yield BrowserTestUtils.browserLoaded(gBrowser.selectedBrowser);
  checkIdentityPopup("connection-mixed-passive-loaded.svg#icon");

  // remove cert exception
  let certOverrideService = Cc["@mozilla.org/security/certoverride;1"]
                              .getService(Ci.nsICertOverrideService);
  certOverrideService.clearValidityOverride("self-signed.example.com", -1);

  yield BrowserTestUtils.removeTab(gBrowser.selectedTab);
});