зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1350599 - Use guaranteed preloaded test domains instead of real domains in HSTS tests. r=keeler
Some of our tests currently assume that certain real domains are HSTS preloaded. While most of the time these domains are in fact preloaded, this may change during periods of maintenance or other events. To avoid this, the changes here perform the following renames: bugzilla.mozilla.org -> includesubdomains.preloaded.test login.persona.org -> includesubdomains2.preloaded.test www.torproject.org -> noincludesubdomains.preloaded.test In addition, some tests that refer to mozilla.com (but don't depend on it being preloaded) are made to refer to example.com instead to avoid referring to real domains in tests. MozReview-Commit-ID: 3987moJnKGk --HG-- extra : rebase_source : 0ec49c9a410ba891f11668e7e11c48b7547e1825
This commit is contained in:
Cykesiopka
Родитель
0e63ffc494
Коммит
593e14fdee
|
|
@ -12,11 +12,11 @@ function run_test() {
|
|||
Services.io.newURI("https://notexpired.example.com"),
|
||||
0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://includesubdomains.preloaded.test"),
|
||||
0));
|
||||
ok(!SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://sub.includesubdomains.preloaded.test"), 0));
|
||||
ok(SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://incsubdomain.example.com"), 0));
|
||||
|
|
@ -24,10 +24,10 @@ function run_test() {
|
|||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://login.persona.org"),
|
||||
Services.io.newURI("https://includesubdomains2.preloaded.test"),
|
||||
0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.login.persona.org"),
|
||||
Services.io.newURI("https://sub.includesubdomains2.preloaded.test"),
|
||||
0));
|
||||
do_test_finished();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,11 +26,11 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
Services.io.newURI("https://notexpired.example.com"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://includesubdomains.preloaded.test"),
|
||||
0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://sub.includesubdomains.preloaded.test"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://incsubdomain.example.com"), 0));
|
||||
|
|
@ -38,11 +38,11 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://login.persona.org"),
|
||||
Services.io.newURI("https://includesubdomains2.preloaded.test"),
|
||||
0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.login.persona.org"), 0));
|
||||
Services.io.newURI("https://sub.includesubdomains2.preloaded.test"), 0));
|
||||
|
||||
// Clearing the data should make everything go back to default.
|
||||
gSSService.clearAll();
|
||||
|
|
@ -53,20 +53,20 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://notexpired.example.com"), 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://includesubdomains.preloaded.test"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://sub.includesubdomains.preloaded.test"), 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://incsubdomain.example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://login.persona.org"), 0));
|
||||
Services.io.newURI("https://includesubdomains2.preloaded.test"), 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.login.persona.org"),
|
||||
Services.io.newURI("https://sub.includesubdomains2.preloaded.test"),
|
||||
0));
|
||||
do_test_finished();
|
||||
}
|
||||
|
|
@ -83,10 +83,10 @@ function run_test() {
|
|||
writeLine("expired.example.com:HSTS\t0\t0\t" + (now - 100000) + ",1,0\n", outputStream);
|
||||
writeLine("notexpired.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
|
||||
// This overrides an entry on the preload list.
|
||||
writeLine("bugzilla.mozilla.org:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
|
||||
writeLine("includesubdomains.preloaded.test:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
|
||||
writeLine("incsubdomain.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,1\n", outputStream);
|
||||
// This overrides an entry on the preload list.
|
||||
writeLine("login.persona.org:HSTS\t0\t0\t0,2,0\n", outputStream);
|
||||
writeLine("includesubdomains2.preloaded.test:HSTS\t0\t0\t0,2,0\n", outputStream);
|
||||
outputStream.close();
|
||||
Services.obs.addObserver(checkStateRead, "data-storage-ready", false);
|
||||
do_test_pending();
|
||||
|
|
|
|||
|
|
@ -28,10 +28,10 @@ function run_test() {
|
|||
writeLine("expired.example.com:HSTS\t0\t0\t" + (now - 100000) + ",1,0\n", outputStream);
|
||||
writeLine("notexpired.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
|
||||
// This overrides an entry on the preload list.
|
||||
writeLine("bugzilla.mozilla.org:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
|
||||
writeLine("includesubdomains.preloaded.test:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
|
||||
writeLine("incsubdomain.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,1\n", outputStream);
|
||||
// This overrides an entry on the preload list.
|
||||
writeLine("login.persona.org:HSTS\t0\t0\t0,2,0\n", outputStream);
|
||||
writeLine("includesubdomains2.preloaded.test:HSTS\t0\t0\t0,2,0\n", outputStream);
|
||||
outputStream.close();
|
||||
Services.obs.addObserver(start_test_in_child, "data-storage-ready", false);
|
||||
do_test_pending();
|
||||
|
|
|
|||
|
|
@ -13,9 +13,8 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://nonexistent.example.com"), 0));
|
||||
// bugzilla.mozilla.org is preloaded
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://includesubdomains.preloaded.test"),
|
||||
0));
|
||||
// notexpired.example.com is an HSTS host in a different test - we
|
||||
// want to make sure that test hasn't interfered with this one.
|
||||
|
|
|
|||
|
|
@ -52,10 +52,10 @@ function checkStateWritten(aSubject, aTopic, aData) {
|
|||
// sites[url][1] corresponds to SecurityPropertySet (if 1) and
|
||||
// SecurityPropertyUnset (if 0)
|
||||
// sites[url][2] corresponds to includeSubdomains
|
||||
if (sites["bugzilla.mozilla.org:HSTS"][1] != 1) {
|
||||
if (sites["includesubdomains.preloaded.test:HSTS"][1] != 1) {
|
||||
return;
|
||||
}
|
||||
if (sites["bugzilla.mozilla.org:HSTS"][2] != 0) {
|
||||
if (sites["includesubdomains.preloaded.test:HSTS"][2] != 0) {
|
||||
return;
|
||||
}
|
||||
if (sites["a.example.com:HSTS"][1] != 1) {
|
||||
|
|
@ -103,7 +103,7 @@ function run_test() {
|
|||
new Date().getTime() + 1000000, 1,
|
||||
[NON_ISSUED_KEY_HASH]);
|
||||
|
||||
let uris = [ Services.io.newURI("http://bugzilla.mozilla.org"),
|
||||
let uris = [ Services.io.newURI("http://includesubdomains.preloaded.test"),
|
||||
Services.io.newURI("http://a.example.com"),
|
||||
Services.io.newURI("http://b.example.com"),
|
||||
Services.io.newURI("http://c.c.example.com"),
|
||||
|
|
|
|||
|
|
@ -1,8 +1,3 @@
|
|||
// This test attempts to use only domains that are likely to remain on the
|
||||
// preload list for a long time. Currently this includes bugzilla.mozilla.org
|
||||
// and login.persona.org because they are Mozilla properties and we are
|
||||
// invested in HSTS. Additionally, www.torproject.org was deemed likely to
|
||||
// continue to use HSTS.
|
||||
"use strict";
|
||||
|
||||
var gSSService = Cc["@mozilla.org/ssservice;1"]
|
||||
|
|
@ -40,7 +35,7 @@ function test_part1() {
|
|||
// check that a host not in the list is not identified as an sts host
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://nonexistent.mozilla.com"), 0));
|
||||
Services.io.newURI("https://nonexistent.example.com"), 0));
|
||||
|
||||
// check that an ancestor domain is not identified as an sts host
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
|
|
@ -49,38 +44,38 @@ function test_part1() {
|
|||
// check that the pref to toggle using the preload list works
|
||||
Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", false);
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://includesubdomains.preloaded.test"),
|
||||
0));
|
||||
Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", true);
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://includesubdomains.preloaded.test"),
|
||||
0));
|
||||
|
||||
// check that a subdomain is an sts host (includeSubdomains is set)
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://subdomain.includesubdomains.preloaded.test"), 0));
|
||||
|
||||
// check that another subdomain is an sts host (includeSubdomains is set)
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://a.b.c.def.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://a.b.c.def.includesubdomains.preloaded.test"), 0));
|
||||
|
||||
// check that a subdomain is not an sts host (includeSubdomains is not set)
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.www.torproject.org"), 0));
|
||||
Services.io.newURI("https://subdomain.noincludesubdomains.preloaded.test"), 0));
|
||||
|
||||
// check that a host with a dot on the end won't break anything
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://notsts.nonexistent.mozilla.com."), 0));
|
||||
Services.io.newURI("https://notsts.nonexistent.example.com."), 0));
|
||||
|
||||
// check that processing a header with max-age: 0 will remove a preloaded
|
||||
// site from the list
|
||||
let uri = Services.io.newURI("https://bugzilla.mozilla.org");
|
||||
let uri = Services.io.newURI("https://includesubdomains.preloaded.test");
|
||||
let subDomainUri =
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org");
|
||||
Services.io.newURI("https://subdomain.includesubdomains.preloaded.test");
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, 0);
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
|
@ -98,56 +93,56 @@ function test_part1() {
|
|||
|
||||
// check that processing a header with max-age: 0 from a subdomain of a site
|
||||
// will not remove that (ancestor) site from the list
|
||||
uri = Services.io.newURI("https://subdomain.www.torproject.org");
|
||||
uri = Services.io.newURI("https://subdomain.noincludesubdomains.preloaded.test");
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, 0);
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://www.torproject.org"),
|
||||
Services.io.newURI("https://noincludesubdomains.preloaded.test"),
|
||||
0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
uri = Services.io.newURI("https://subdomain.bugzilla.mozilla.org");
|
||||
uri = Services.io.newURI("https://subdomain.includesubdomains.preloaded.test");
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, 0);
|
||||
// we received a header with "max-age=0", so we have "no information"
|
||||
// regarding the sts state of subdomain.bugzilla.mozilla.org specifically,
|
||||
// regarding the sts state of subdomain.includesubdomains.preloaded.test specifically,
|
||||
// but it is actually still an STS host, because of the preloaded
|
||||
// bugzilla.mozilla.org including subdomains.
|
||||
// includesubdomains.preloaded.test including subdomains.
|
||||
// Here's a drawing:
|
||||
// |-- bugzilla.mozilla.org (in preload list, includes subdomains) IS sts host
|
||||
// |-- subdomain.bugzilla.mozilla.org IS sts host
|
||||
// | `-- another.subdomain.bugzilla.mozilla.org IS sts host
|
||||
// `-- sibling.bugzilla.mozilla.org IS sts host
|
||||
// |-- includesubdomains.preloaded.test (in preload list, includes subdomains) IS sts host
|
||||
// |-- subdomain.includesubdomains.preloaded.test IS sts host
|
||||
// | `-- another.subdomain.includesubdomains.preloaded.test IS sts host
|
||||
// `-- sibling.includesubdomains.preloaded.test IS sts host
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://includesubdomains.preloaded.test"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://subdomain.includesubdomains.preloaded.test"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://sibling.includesubdomains.preloaded.test"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://another.subdomain.includesubdomains.preloaded.test"),
|
||||
0));
|
||||
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1000", sslStatus, 0);
|
||||
// Here's what we have now:
|
||||
// |-- bugzilla.mozilla.org (in preload list, includes subdomains) IS sts host
|
||||
// |-- subdomain.bugzilla.mozilla.org (include subdomains is false) IS sts host
|
||||
// | `-- another.subdomain.bugzilla.mozilla.org IS NOT sts host
|
||||
// `-- sibling.bugzilla.mozilla.org IS sts host
|
||||
// |-- includesubdomains.preloaded.test (in preload list, includes subdomains) IS sts host
|
||||
// |-- subdomain.includesubdomains.preloaded.test (include subdomains is false) IS sts host
|
||||
// | `-- another.subdomain.includesubdomains.preloaded.test IS NOT sts host
|
||||
// `-- sibling.includesubdomains.preloaded.test IS sts host
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://subdomain.includesubdomains.preloaded.test"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://sibling.includesubdomains.preloaded.test"), 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"),
|
||||
Services.io.newURI("https://another.subdomain.includesubdomains.preloaded.test"),
|
||||
0));
|
||||
|
||||
// Test that an expired non-private browsing entry results in correctly
|
||||
|
|
@ -156,7 +151,7 @@ function test_part1() {
|
|||
// a site on the preload list, and that header later expires. We need to
|
||||
// then treat that host as no longer an sts host.)
|
||||
// (sanity check first - this should be in the preload list)
|
||||
uri = Services.io.newURI("https://login.persona.org");
|
||||
uri = Services.io.newURI("https://includesubdomains2.preloaded.test");
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1", sslStatus, 0);
|
||||
|
|
@ -170,10 +165,10 @@ const IS_PRIVATE = Ci.nsISocketProvider.NO_PERMANENT_STORAGE;
|
|||
|
||||
function test_private_browsing1() {
|
||||
gSSService.clearAll();
|
||||
let uri = Services.io.newURI("https://bugzilla.mozilla.org");
|
||||
let uri = Services.io.newURI("https://includesubdomains.preloaded.test");
|
||||
let subDomainUri =
|
||||
Services.io.newURI("https://a.b.c.subdomain.bugzilla.mozilla.org");
|
||||
// sanity - bugzilla.mozilla.org is preloaded, includeSubdomains set
|
||||
Services.io.newURI("https://a.b.c.subdomain.includesubdomains.preloaded.test");
|
||||
// sanity - includesubdomains.preloaded.test is preloaded, includeSubdomains set
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
IS_PRIVATE));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri,
|
||||
|
|
@ -208,7 +203,7 @@ function test_private_browsing1() {
|
|||
// a site on the preload list, and that header later expires. We need to
|
||||
// then treat that host as no longer an sts host.)
|
||||
// (sanity check first - this should be in the preload list)
|
||||
uri = Services.io.newURI("https://login.persona.org");
|
||||
uri = Services.io.newURI("https://includesubdomains2.preloaded.test");
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
IS_PRIVATE));
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
|
|
@ -225,17 +220,17 @@ function test_private_browsing2() {
|
|||
// if this test gets this far, it means there's a private browsing service
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"), 0));
|
||||
// the bugzilla.mozilla.org entry has includeSubdomains set
|
||||
Services.io.newURI("https://includesubdomains.preloaded.test"), 0));
|
||||
// the includesubdomains.preloaded.test entry has includeSubdomains set
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
|
||||
Services.io.newURI("https://subdomain.includesubdomains.preloaded.test"), 0));
|
||||
|
||||
// Now that we're out of private browsing mode, we need to make sure
|
||||
// we've "forgotten" that we "forgot" this site's sts status.
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://login.persona.org"), 0));
|
||||
Services.io.newURI("https://includesubdomains2.preloaded.test"), 0));
|
||||
|
||||
run_next_test();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,11 +1,9 @@
|
|||
// This test uses bugzilla.mozilla.org given that it is likely to remain
|
||||
// on the preload list for a long time.
|
||||
"use strict";
|
||||
|
||||
function run_test() {
|
||||
let SSService = Cc["@mozilla.org/ssservice;1"]
|
||||
.getService(Ci.nsISiteSecurityService);
|
||||
let uri = Services.io.newURI("https://bugzilla.mozilla.org");
|
||||
let uri = Services.io.newURI("https://includesubdomains.preloaded.test");
|
||||
|
||||
// check that a host on the preload list is identified as an sts host
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
|
|
|||
|
|
@ -130,13 +130,11 @@ tags = addons psm
|
|||
[test_sss_eviction.js]
|
||||
[test_sss_originAttributes.js]
|
||||
[test_sss_readstate.js]
|
||||
skip-if = true # bug 1350599
|
||||
[test_sss_readstate_child.js]
|
||||
support-files = sss_readstate_child_worker.js
|
||||
# bug 1124289 - run_test_in_child violates the sandbox on android
|
||||
skip-if = toolkit == 'android'
|
||||
[test_sss_readstate_empty.js]
|
||||
skip-if = true # bug 1350599
|
||||
[test_sss_readstate_garbage.js]
|
||||
[test_sss_readstate_huge.js]
|
||||
[test_sss_savestate.js]
|
||||
|
|
@ -147,9 +145,7 @@ skip-if = true # bug 1350599
|
|||
[test_sts_parser.js]
|
||||
[test_sts_preload_dynamic.js]
|
||||
[test_sts_preloadlist_perwindowpb.js]
|
||||
skip-if = true # bug 1350599
|
||||
[test_sts_preloadlist_selfdestruct.js]
|
||||
skip-if = true # bug 1350599
|
||||
[test_validity.js]
|
||||
run-sequentially = hardcoded ports
|
||||
[test_x509.js]
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче