1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
<!--
Any copyright is dedicated to the Public Domain.
http://creativecommons.org/publicdomain/zero/1.0/
-->
<!DOCTYPE HTML>
<html>
<head>
<title>Test that an HSTS upgraded request can be intercepted by a service worker</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<p id="display"></p>
<div id="content">
<iframe></iframe>
</div>
<pre id="test"></pre>
<script class="testbody" type="text/javascript">
var iframe;
var framesLoaded = 0;
function runTest() {
iframe = document.querySelector("iframe");
iframe.src = "https://example.com/tests/dom/workers/test/serviceworkers/fetch/hsts/register.html";
window.onmessage = function(e) {
if (e.data.status == "ok") {
ok(e.data.result, e.data.message);
} else if (e.data.status == "registrationdone") {
iframe.src = "http://example.com/tests/dom/workers/test/serviceworkers/fetch/hsts/index.html";
} else if (e.data.status == "protocol") {
is(e.data.data, "https:", "Correct protocol expected");
ok(e.data.securityInfoPresent, "Security info present on intercepted value");
switch (++framesLoaded) {
case 1:
iframe.src = "https://example.com/tests/dom/workers/test/serviceworkers/fetch/hsts/embedder.html";
break;
case 2:
iframe.src = "https://example.com/tests/dom/workers/test/serviceworkers/fetch/hsts/image.html";
break;
}
} else if (e.data.status == "image") {
is(e.data.data, 40, "The image request was upgraded before interception");
iframe.src = "https://example.com/tests/dom/workers/test/serviceworkers/fetch/hsts/unregister.html";
} else if (e.data.status == "unregistrationdone") {
window.onmessage = null;
SpecialPowers.cleanUpSTSData("http://example.com");
SimpleTest.finish();
}
};
}
SimpleTest.waitForExplicitFinish();
onload = function() {
SpecialPowers.pushPrefEnv({"set": [
["dom.serviceWorkers.exemptFromPerDomainMax", true],
["dom.serviceWorkers.enabled", true],
["dom.serviceWorkers.testing.enabled", true],
// This is needed so that we can test upgrading a non-secure load inside an https iframe.
["security.mixed_content.block_active_content", false],
["security.mixed_content.block_display_content", false],
]}, runTest);
};
</script>
</pre>
</body>
</html>
|