1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
<!-- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
<!DOCTYPE HTML>
<html>
<head>
<title>opens additional content that should be converted to https</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
<script class="testbody" type="text/javascript">
"use strict";
SimpleTest.waitForExplicitFinish();
const STSPATH = "/tests/security/manager/ssl/tests/mochitest/stricttransportsecurity";
// initialized manually here
var testsleft = {'plain': 4, 'subdom': 4};
var roundsLeft = 2;
var testframes = {
'samedom':
{'url': "http://example.com" + STSPATH + "/verify.sjs",
'expected': {'plain': 'SECURE', 'subdom': 'SECURE'}},
'subdom':
{'url': "http://test1.example.com" + STSPATH + "/verify.sjs",
'expected': {'plain': 'INSECURE', 'subdom': 'SECURE'}},
'otherdom':
{'url': "http://example.org" + STSPATH + "/verify.sjs",
'expected': {'plain': 'INSECURE', 'subdom': 'INSECURE'}},
'alreadysecure':
{'url': "https://test2.example.com" + STSPATH + "/verify.sjs",
'expected': {'plain': 'SECURE', 'subdom': 'SECURE'}},
};
function startRound(round) {
let frame = document.createElement("iframe");
frame.setAttribute('id', 'ifr_bootstrap');
frame.setAttribute('src', "https://example.com" + STSPATH + "/" + round + "_bootstrap.html");
document.body.appendChild(frame);
}
function endRound(round) {
// remove all the iframes in the document
document.body.removeChild(document.getElementById('ifr_bootstrap'));
for (let test in testframes) {
document.body.removeChild(document.getElementById('ifr_' + test));
}
// clean up the STS state
SpecialPowers.cleanUpSTSData("http://example.com");
}
function loadVerifyFrames(round) {
for (let test in testframes) {
let frame = document.createElement("iframe");
frame.setAttribute('id', 'ifr_' + test);
frame.setAttribute('src', testframes[test].url + '?id=' + test);
document.body.appendChild(frame);
}
}
/* Messages received are in this format:
* (BOOTSTRAP|SECURE|INSECURE) testid
* For example: "BOOTSTRAP plain"
* or: "INSECURE otherdom"
*/
function onMessageReceived(event) {
let result = event.data.split(/\s+/);
if (result.length != 2) {
SimpleTest.ok(false, event.data);
return;
}
// figure out which round of tests we're in
let round = (roundsLeft == 2) ? "plain" : "subdom";
if (result[0] === "BOOTSTRAP") {
loadVerifyFrames(round);
return;
}
// check if the result (SECURE/INSECURE) is expected for this round/test combo
SimpleTest.is(result[0], testframes[result[1]].expected[round],
"in ROUND " + round + ", test " + result[1]);
testsleft[round]--;
// check if there are more tests to run.
if (testsleft[round] < 1) {
// if not, advance to next round
endRound(round);
roundsLeft--;
// defer this so it doesn't muck with the stack too much.
if (roundsLeft == 1) {
setTimeout(function () {
startRound("subdom");
}, 0);
}
}
if (roundsLeft < 1) {
SimpleTest.finish();
}
}
// listen for calls back from the sts-setting iframe and then
// the verification frames.
window.addEventListener("message", onMessageReceived, false);
window.addEventListener("load", () => { startRound("plain"); }, false);
</script>
</head>
<body>
This test will load some iframes and do some tests.
</body>
</html>
|
