Bug 1092055 - Test that webconsole messages show up for non-top level security errors. r=past

2015-02-10 00:34:00 -05:00 · 2015-02-10 00:34:00 -05:00 · 38b5ac26d2
--- a/browser/devtools/webconsole/test/browser.ini
+++ b/browser/devtools/webconsole/test/browser.ini
@ -126,6 +126,9 @@ support-files =
  test_bug_1010953_cspro.html
  test_bug1045902_console_csp_ignore_reflected_xss_message.html^headers^
  test_bug1045902_console_csp_ignore_reflected_xss_message.html
+  test_bug1092055_shouldwarn.js^headers^
+  test_bug1092055_shouldwarn.js
+  test_bug1092055_shouldwarn.html

 [browser_bug1045902_console_csp_ignore_reflected_xss_message.js]
 [browser_bug664688_sandbox_update_after_navigation.js]
@ -301,6 +304,8 @@ skip-if = e10s # Bug 1042253 - webconsole e10s tests (Linux debug intermittent)
 [browser_webconsole_bug_1010953_cspro.js]
 [browser_webconsole_certificate_messages.js]
 skip-if = e10s # Bug 1042253 - webconsole tests disabled with e10s
+[browser_webconsole_show_subresource_security_errors.js]
+skip-if = e10s # Bug 1042253 - webconsole tests disabled with e10s
 [browser_webconsole_cached_autocomplete.js]
 [browser_webconsole_change_font_size.js]
 [browser_webconsole_chrome.js]
--- a/browser/devtools/webconsole/test/browser_webconsole_show_subresource_security_errors.js
+++ b/browser/devtools/webconsole/test/browser_webconsole_show_subresource_security_errors.js
@ -0,0 +1,30 @@
+/* vim:set ts=2 sw=2 sts=2 et: */
+/*
+ * Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+// Ensure non-toplevel security errors are displayed
+
+const TEST_URI = "data:text/html;charset=utf8,Web Console subresource STS warning test";
+const TEST_DOC = "https://example.com/browser/browser/devtools/webconsole/test/test_bug1092055_shouldwarn.html";
+const SAMPLE_MSG = 'invalid Strict-Transport-Security header'
+
+let test = asyncTest(function* () {
+  let { browser } = yield loadTab(TEST_URI);
+
+  let hud = yield openConsole();
+
+  hud.jsterm.clearOutput();
+
+  let loaded = loadBrowser(browser);
+  content.location = TEST_DOC;
+  yield loaded;
+
+  yield waitForSuccess({
+    name: "Subresource STS warning displayed successfully",
+    validator: function() {
+      return hud.outputNode.textContent.indexOf(SAMPLE_MSG) > -1;
+    }
+  });
+});
--- a/browser/devtools/webconsole/test/test_bug1092055_shouldwarn.html
+++ b/browser/devtools/webconsole/test/test_bug1092055_shouldwarn.html
@ -0,0 +1,15 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="UTF-8">
+  <title>Bug 1092055 - Log console messages for non-top-level security errors</title>
+  <script src="test_bug1092055_shouldwarn.js"></script>
+  <!--
+    Any copyright is dedicated to the Public Domain.
+    http://creativecommons.org/publicdomain/zero/1.0/
+  -->
+</head>
+<body>
+Bug 1092055 - Log console messages for non-top-level security errors
+</body>
+</html>
--- a/browser/devtools/webconsole/test/test_bug1092055_shouldwarn.js
+++ b/browser/devtools/webconsole/test/test_bug1092055_shouldwarn.js
@ -0,0 +1,2 @@
+// It doesn't matter what this script does, but the broken HSTS header sent
+// with it should result in warnings in the webconsole
--- a/browser/devtools/webconsole/test/test_bug1092055_shouldwarn.js^headers^
+++ b/browser/devtools/webconsole/test/test_bug1092055_shouldwarn.js^headers^
@ -0,0 +1 @@
+Strict-Transport-Security: some complete nonsense
				`@ -0,0 +1 @@`
				`Strict-Transport-Security: some complete nonsense`