зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1336867 - Remove unsafeProcessHeader and isSecureHost in nsISiteSecurityService r=keeler,mgoodwin,past
--HG-- extra : rebase_source : e4a69e18154adf22e045c820ae2b3fd8a77877a6
This commit is contained in:
Jonathan Hao
Родитель
c449723684
Коммит
ef8f78b212
|
|
@ -3282,15 +3282,15 @@ function getDetailedCertErrorInfo(location, securityInfo) {
|
|||
const sss = Cc["@mozilla.org/ssservice;1"]
|
||||
.getService(Ci.nsISiteSecurityService);
|
||||
// SiteSecurityService uses different storage if the channel is
|
||||
// private. Thus we must give isSecureHost correct flags or we
|
||||
// private. Thus we must give isSecureURI correct flags or we
|
||||
// might get incorrect results.
|
||||
let flags = PrivateBrowsingUtils.isWindowPrivate(window) ?
|
||||
Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
|
||||
|
||||
let uri = Services.io.newURI(location);
|
||||
|
||||
let hasHSTS = sss.isSecureHost(sss.HEADER_HSTS, uri.host, flags);
|
||||
let hasHPKP = sss.isSecureHost(sss.HEADER_HPKP, uri.host, flags);
|
||||
let hasHSTS = sss.isSecureURI(sss.HEADER_HSTS, uri, flags);
|
||||
let hasHPKP = sss.isSecureURI(sss.HEADER_HPKP, uri, flags);
|
||||
certErrorDetails += "\r\n\r\n" +
|
||||
gNavigatorBundle.getFormattedString("certErrorDetailsHSTS.label",
|
||||
[hasHSTS]);
|
||||
|
|
|
|||
|
|
@ -8961,15 +8961,19 @@ var Debugger =
|
|||
|
||||
|
||||
// SiteSecurityService uses different storage if the channel is
|
||||
// private. Thus we must give isSecureHost correct flags or we
|
||||
// private. Thus we must give isSecureURI correct flags or we
|
||||
// might get incorrect results.
|
||||
let flags = (httpActivity.private) ?
|
||||
Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
|
||||
|
||||
let host = httpActivity.hostname;
|
||||
|
||||
info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags);
|
||||
info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags);
|
||||
if (!uri) {
|
||||
// isSecureURI only cares about the host, not the scheme.
|
||||
let host = httpActivity.hostname;
|
||||
uri = Services.io.newURI("https://" + host);
|
||||
}
|
||||
|
||||
info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags);
|
||||
info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags);
|
||||
} else {
|
||||
DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo",
|
||||
"Could not get HSTS/HPKP status as hostname is not available.");
|
||||
|
|
@ -37652,15 +37656,19 @@ var Debugger =
|
|||
|
||||
|
||||
// SiteSecurityService uses different storage if the channel is
|
||||
// private. Thus we must give isSecureHost correct flags or we
|
||||
// private. Thus we must give isSecureURI correct flags or we
|
||||
// might get incorrect results.
|
||||
let flags = (httpActivity.private) ?
|
||||
Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
|
||||
|
||||
let host = httpActivity.hostname;
|
||||
|
||||
info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags);
|
||||
info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags);
|
||||
if (!uri) {
|
||||
// isSecureURI only cares about the host, not the scheme.
|
||||
let host = httpActivity.hostname;
|
||||
uri = Services.io.newURI("https://" + host);
|
||||
}
|
||||
|
||||
info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags);
|
||||
info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags);
|
||||
} else {
|
||||
DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo",
|
||||
"Could not get HSTS/HPKP status as hostname is not available.");
|
||||
|
|
|
|||
|
|
@ -633,15 +633,19 @@ var NetworkHelper = {
|
|||
.getService(Ci.nsISiteSecurityService);
|
||||
|
||||
// SiteSecurityService uses different storage if the channel is
|
||||
// private. Thus we must give isSecureHost correct flags or we
|
||||
// private. Thus we must give isSecureURI correct flags or we
|
||||
// might get incorrect results.
|
||||
let flags = (httpActivity.private) ?
|
||||
Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
|
||||
|
||||
let host = httpActivity.hostname;
|
||||
if (!uri) {
|
||||
// isSecureURI only cares about the host, not the scheme.
|
||||
let host = httpActivity.hostname;
|
||||
uri = Services.io.newURI("https://" + host);
|
||||
}
|
||||
|
||||
info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags);
|
||||
info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags);
|
||||
info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags);
|
||||
info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags);
|
||||
} else {
|
||||
DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo",
|
||||
"Could not get HSTS/HPKP status as hostname is not available.");
|
||||
|
|
|
|||
|
|
@ -511,22 +511,32 @@ CertErrorRunnable::CheckCertOverrides()
|
|||
return new SSLServerCertVerificationResult(mInfoObject,
|
||||
mDefaultErrorCodeToReport);
|
||||
}
|
||||
nsresult nsrv = sss->IsSecureHost(nsISiteSecurityService::HEADER_HSTS,
|
||||
mInfoObject->GetHostName(),
|
||||
mProviderFlags,
|
||||
nullptr,
|
||||
&strictTransportSecurityEnabled);
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
nsresult nsrv = NS_NewURI(getter_AddRefs(uri),
|
||||
NS_LITERAL_CSTRING("https://") +
|
||||
mInfoObject->GetHostName());
|
||||
if (NS_FAILED(nsrv)) {
|
||||
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
|
||||
("[%p][%p] Creating new URI failed\n", mFdForLogging, this));
|
||||
return new SSLServerCertVerificationResult(mInfoObject,
|
||||
mDefaultErrorCodeToReport);
|
||||
}
|
||||
nsrv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS,
|
||||
uri,
|
||||
mProviderFlags,
|
||||
nullptr,
|
||||
&strictTransportSecurityEnabled);
|
||||
if (NS_FAILED(nsrv)) {
|
||||
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
|
||||
("[%p][%p] checking for HSTS failed\n", mFdForLogging, this));
|
||||
return new SSLServerCertVerificationResult(mInfoObject,
|
||||
mDefaultErrorCodeToReport);
|
||||
}
|
||||
nsrv = sss->IsSecureHost(nsISiteSecurityService::HEADER_HPKP,
|
||||
mInfoObject->GetHostName(),
|
||||
mProviderFlags,
|
||||
nullptr,
|
||||
&hasPinningInformation);
|
||||
nsrv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HPKP,
|
||||
uri,
|
||||
mProviderFlags,
|
||||
nullptr,
|
||||
&hasPinningInformation);
|
||||
if (NS_FAILED(nsrv)) {
|
||||
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
|
||||
("[%p][%p] checking for HPKP failed\n", mFdForLogging, this));
|
||||
|
|
|
|||
|
|
@ -121,18 +121,6 @@ interface nsISiteSecurityService : nsISupports
|
|||
[optional] out boolean aIncludeSubdomains,
|
||||
[optional] out uint32_t aFailureResult);
|
||||
|
||||
/**
|
||||
* Same as processHeader but without checking for the security properties
|
||||
* of the connection. Use ONLY for testing.
|
||||
*/
|
||||
void unsafeProcessHeader(in uint32_t aType,
|
||||
in nsIURI aSourceURI,
|
||||
in ACString aHeader,
|
||||
in uint32_t aFlags,
|
||||
[optional] out unsigned long long aMaxAge,
|
||||
[optional] out boolean aIncludeSubdomains,
|
||||
[optional] out uint32_t aFailureResult);
|
||||
|
||||
/**
|
||||
* Given a header type, removes state relating to that header of a host,
|
||||
* including the includeSubdomains state that would affect subdomains.
|
||||
|
|
@ -147,21 +135,6 @@ interface nsISiteSecurityService : nsISupports
|
|||
in nsIURI aURI,
|
||||
in uint32_t aFlags);
|
||||
|
||||
/**
|
||||
* See isSecureURI
|
||||
*
|
||||
* @param aType the type of security state in question.
|
||||
* @param aHost the hostname (punycode) to query for state.
|
||||
* @param aFlags options for this request as defined in nsISocketProvider:
|
||||
* NO_PERMANENT_STORAGE
|
||||
* @param aCached true if we have cached information regarding whether or not
|
||||
* the host is HSTS, false otherwise.
|
||||
*/
|
||||
boolean isSecureHost(in uint32_t aType,
|
||||
in ACString aHost,
|
||||
in uint32_t aFlags,
|
||||
[optional] out boolean aCached);
|
||||
|
||||
/**
|
||||
* Checks whether or not the URI's hostname has a given security state set.
|
||||
* For example, for HSTS:
|
||||
|
|
|
|||
|
|
@ -575,26 +575,6 @@ nsSiteSecurityService::ProcessHeader(uint32_t aType,
|
|||
aFailureResult);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsSiteSecurityService::UnsafeProcessHeader(uint32_t aType,
|
||||
nsIURI* aSourceURI,
|
||||
const nsACString& aHeader,
|
||||
uint32_t aFlags,
|
||||
uint64_t* aMaxAge,
|
||||
bool* aIncludeSubdomains,
|
||||
uint32_t* aFailureResult)
|
||||
{
|
||||
// Child processes are not allowed direct access to this.
|
||||
if (!XRE_IsParentProcess()) {
|
||||
MOZ_CRASH("Child process: no direct access to "
|
||||
"nsISiteSecurityService::UnsafeProcessHeader");
|
||||
}
|
||||
|
||||
return ProcessHeaderInternal(aType, aSourceURI, PromiseFlatCString(aHeader),
|
||||
nullptr, aFlags, aMaxAge, aIncludeSubdomains,
|
||||
aFailureResult);
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsSiteSecurityService::ProcessHeaderInternal(uint32_t aType,
|
||||
nsIURI* aSourceURI,
|
||||
|
|
@ -1217,7 +1197,7 @@ nsSiteSecurityService::HostHasHSTSEntry(const nsAutoCString& aHost,
|
|||
return false;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsresult
|
||||
nsSiteSecurityService::IsSecureHost(uint32_t aType, const nsACString& aHost,
|
||||
uint32_t aFlags, bool* aCached,
|
||||
bool* aResult)
|
||||
|
|
|
|||
|
|
@ -172,6 +172,8 @@ private:
|
|||
bool aRequireIncludeSubdomains, uint32_t aFlags,
|
||||
bool* aResult, bool* aCached);
|
||||
const nsSTSPreload *GetPreloadListEntry(const char *aHost);
|
||||
nsresult IsSecureHost(uint32_t aType, const nsACString& aHost,
|
||||
uint32_t aFlags, bool* aCached, bool* aResult);
|
||||
|
||||
uint64_t mMaxMaxAge;
|
||||
bool mUsePreloadList;
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@ SOURCES += [
|
|||
'DeserializeCertTest.cpp',
|
||||
'MD4Test.cpp',
|
||||
'OCSPCacheTest.cpp',
|
||||
'STSParserTest.cpp',
|
||||
'TLSIntoleranceTest.cpp',
|
||||
]
|
||||
|
||||
|
|
|
|||
|
|
@ -54,7 +54,9 @@ function test() {
|
|||
uri = aWindow.Services.io.newURI("https://localhost/img.png");
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1000", sslStatus, privacyFlags(aIsPrivateMode));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "localhost", privacyFlags(aIsPrivateMode)), "checking sts host");
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
privacyFlags(aIsPrivateMode)),
|
||||
"checking sts host");
|
||||
|
||||
aCallback();
|
||||
}, {capture: true, once: true});
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@
|
|||
Cu.import("resource://testing-common/BrowserTestUtils.jsm");
|
||||
Cu.import("resource://testing-common/ContentTask.jsm");
|
||||
Cu.import("resource://gre/modules/Task.jsm");
|
||||
Cu.import("resource://gre/modules/Services.jsm");
|
||||
|
||||
// This is how many sub-tests (testframes) in each round.
|
||||
// When the round begins, this will be initialized.
|
||||
|
|
@ -242,7 +243,9 @@
|
|||
let sss = Cc["@mozilla.org/ssservice;1"]
|
||||
.getService(Ci.nsISiteSecurityService);
|
||||
let flags = isPrivate ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
|
||||
SimpleTest.info("State of example.com: " + sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "example.com", flags));
|
||||
SimpleTest.info("State of example.com: " +
|
||||
sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example.com"), flags));
|
||||
}
|
||||
|
||||
// These are executed in the order presented.
|
||||
|
|
|
|||
|
|
@ -5,21 +5,29 @@ function run_test() {
|
|||
let SSService = Cc["@mozilla.org/ssservice;1"]
|
||||
.getService(Ci.nsISiteSecurityService);
|
||||
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"expired.example.com", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"notexpired.example.com", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.bugzilla.mozilla.org", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"incsubdomain.example.com", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.incsubdomain.example.com", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"login.persona.org", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.login.persona.org", 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://expired.example.com"),
|
||||
0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://notexpired.example.com"),
|
||||
0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
0));
|
||||
ok(!SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
|
||||
ok(SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://incsubdomain.example.com"), 0));
|
||||
ok(SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://login.persona.org"),
|
||||
0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.login.persona.org"),
|
||||
0));
|
||||
do_test_finished();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -54,20 +54,16 @@ add_task(function* () {
|
|||
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HPKP, uri,
|
||||
GOOD_MAX_AGE + VALID_PIN + BACKUP_PIN, sslStatus, 0);
|
||||
|
||||
Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"a.pinning2.example.com", 0),
|
||||
Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
|
||||
"a.pinning2.example.com should be HSTS");
|
||||
Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"a.pinning2.example.com", 0),
|
||||
Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0),
|
||||
"a.pinning2.example.com should be HPKP");
|
||||
|
||||
yield ForgetAboutSite.removeDataFromDomain("a.pinning2.example.com");
|
||||
|
||||
Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"a.pinning2.example.com", 0),
|
||||
Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
|
||||
"a.pinning2.example.com should not be HSTS now");
|
||||
Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"a.pinning2.example.com", 0),
|
||||
Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0),
|
||||
"a.pinning2.example.com should not be HPKP now");
|
||||
});
|
||||
|
||||
|
|
@ -81,11 +77,9 @@ add_task(function* () {
|
|||
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HPKP, uri,
|
||||
GOOD_MAX_AGE + VALID_PIN + BACKUP_PIN, sslStatus, 0);
|
||||
|
||||
Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"a.pinning2.example.com", 0),
|
||||
Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
|
||||
"a.pinning2.example.com should be HSTS (subdomain case)");
|
||||
Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"a.pinning2.example.com", 0),
|
||||
Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0),
|
||||
"a.pinning2.example.com should be HPKP (subdomain case)");
|
||||
|
||||
// Add an unrelated site to HSTS. Not HPKP because we have no valid keys for
|
||||
|
|
@ -93,20 +87,17 @@ add_task(function* () {
|
|||
let unrelatedURI = Services.io.newURI("https://example.org");
|
||||
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, unrelatedURI,
|
||||
GOOD_MAX_AGE, sslStatus, 0);
|
||||
Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.org", 0),
|
||||
"example.org should be HSTS");
|
||||
Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
unrelatedURI, 0), "example.org should be HSTS");
|
||||
|
||||
yield ForgetAboutSite.removeDataFromDomain("example.com");
|
||||
|
||||
Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"a.pinning2.example.com", 0),
|
||||
Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
|
||||
"a.pinning2.example.com should not be HSTS now (subdomain case)");
|
||||
Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"a.pinning2.example.com", 0),
|
||||
Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0),
|
||||
"a.pinning2.example.com should not be HPKP now (subdomain case)");
|
||||
|
||||
Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.org", 0),
|
||||
Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
unrelatedURI, 0),
|
||||
"example.org should still be HSTS");
|
||||
});
|
||||
|
|
|
|||
|
|
@ -45,8 +45,7 @@ function run_test() {
|
|||
let sslStatus = new FakeSSLStatus();
|
||||
SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=10000", sslStatus, 0);
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"localhost", 0),
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
|
||||
"Domain for the OCSP AIA URI should be considered a HSTS host, otherwise" +
|
||||
" we wouldn't be testing what we think we're testing");
|
||||
|
||||
|
|
|
|||
|
|
@ -75,17 +75,21 @@ function run_test() {
|
|||
}
|
||||
|
||||
function checkDefaultSiteHPKPStatus() {
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"a.pinning2.example.com", 0),
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
Services.io.newURI("https://a.pinning2.example.com"), 0),
|
||||
"a.pinning2.example.com should have HPKP status");
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"x.a.pinning2.example.com", 0),
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
Services.io.newURI("https://x.a.pinning2.example.com"), 0),
|
||||
"x.a.pinning2.example.com should not have HPKP status");
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"b.pinning2.example.com", 0),
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
Services.io.newURI("https://b.pinning2.example.com"), 0),
|
||||
"b.pinning2.example.com should have HPKP status");
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"x.b.pinning2.example.com", 0),
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
Services.io.newURI("https://x.b.pinning2.example.com"), 0),
|
||||
"x.b.pinning2.example.com should have HPKP status");
|
||||
}
|
||||
|
||||
|
|
@ -159,12 +163,14 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
checkOK(certFromFile("x.b.pinning2.example.com-pinningroot"),
|
||||
"x.b.pinning2.example.com");
|
||||
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"a.pinning2.example.com", 0),
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
Services.io.newURI("https://a.pinning2.example.com"), 0),
|
||||
"a.pinning2.example.com should still have HPKP status after adding" +
|
||||
" includeSubdomains to a.pinning2.example.com");
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"x.a.pinning2.example.com", 0),
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
Services.io.newURI("https://x.a.pinning2.example.com"), 0),
|
||||
"x.a.pinning2.example.com should now have HPKP status after adding" +
|
||||
" includeSubdomains to a.pinning2.example.com");
|
||||
|
||||
|
|
@ -225,11 +231,13 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
"Attempting to set a pin with an incorrect size should fail");
|
||||
|
||||
// Ensure built-in pins work as expected
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"nonexistent.example.com", 0),
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
Services.io.newURI("https://nonexistent.example.com"), 0),
|
||||
"Not built-in nonexistent.example.com should not have HPKP status");
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"include-subdomains.pinning.example.com", 0),
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
Services.io.newURI("https://include-subdomains.pinning.example.com"), 0),
|
||||
"Built-in include-subdomains.pinning.example.com should have HPKP status");
|
||||
|
||||
gSSService.setKeyPins("a.pinning2.example.com", false, new Date().getTime(),
|
||||
|
|
|
|||
|
|
@ -63,8 +63,8 @@ function checkPassValidPin(pinValue, settingPin, expectedMaxAge) {
|
|||
|
||||
// after processing ensure that the postconditions are true, if setting
|
||||
// the host must be pinned, if removing the host must not be pinned
|
||||
let hostIsPinned = gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
"a.pinning2.example.com", 0);
|
||||
let hostIsPinned = gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP,
|
||||
uri, 0);
|
||||
if (settingPin) {
|
||||
ok(hostIsPinned, "Host should be considered pinned");
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -51,8 +51,9 @@ function do_state_read(aSubject, aTopic, aData) {
|
|||
|
||||
equal(aData, SSS_STATE_FILE_NAME);
|
||||
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"frequentlyused.example.com", 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://frequentlyused.example.com"), 0));
|
||||
let sslStatus = new FakeSSLStatus();
|
||||
for (let i = 0; i < 2000; i++) {
|
||||
let uri = Services.io.newURI("http://bad" + i + ".example.com");
|
||||
|
|
|
|||
|
|
@ -19,41 +19,55 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
|
||||
equal(aData, SSS_STATE_FILE_NAME);
|
||||
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"expired.example.com", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"notexpired.example.com", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"incsubdomain.example.com", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.incsubdomain.example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"login.persona.org", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.login.persona.org", 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://expired.example.com"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://notexpired.example.com"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://incsubdomain.example.com"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://login.persona.org"),
|
||||
0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.login.persona.org"), 0));
|
||||
|
||||
// Clearing the data should make everything go back to default.
|
||||
gSSService.clearAll();
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"expired.example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"notexpired.example.com", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.bugzilla.mozilla.org", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"incsubdomain.example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.incsubdomain.example.com", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"login.persona.org", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.login.persona.org", 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://expired.example.com"),
|
||||
0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://notexpired.example.com"), 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://incsubdomain.example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://login.persona.org"), 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.login.persona.org"),
|
||||
0));
|
||||
do_test_finished();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -10,15 +10,18 @@ var gSSService = null;
|
|||
|
||||
function checkStateRead(aSubject, aTopic, aData) {
|
||||
// nonexistent.example.com should never be an HSTS host
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"nonexistent.example.com", 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://nonexistent.example.com"), 0));
|
||||
// bugzilla.mozilla.org is preloaded
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
0));
|
||||
// notexpired.example.com is an HSTS host in a different test - we
|
||||
// want to make sure that test hasn't interfered with this one.
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"notexpired.example.com", 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://notexpired.example.com"), 0));
|
||||
do_test_finished();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -19,14 +19,17 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
|
||||
equal(aData, SSS_STATE_FILE_NAME);
|
||||
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example1.example.com", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example2.example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example3.example.com", 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example1.example.com"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example2.example.com"),
|
||||
0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example3.example.com"),
|
||||
0));
|
||||
do_test_finished();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -20,20 +20,27 @@ function checkStateRead(aSubject, aTopic, aData) {
|
|||
|
||||
equal(aData, SSS_STATE_FILE_NAME);
|
||||
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example0.example.com", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example423.example.com", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example1023.example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example1024.example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example1025.example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example9000.example.com", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example99999.example.com", 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example0.example.com"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example423.example.com"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example1023.example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example1024.example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example1025.example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example9000.example.com"), 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example99999.example.com"), 0));
|
||||
do_test_finished();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,38 +7,25 @@
|
|||
function run_test() {
|
||||
let SSService = Cc["@mozilla.org/ssservice;1"]
|
||||
.getService(Ci.nsISiteSecurityService);
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com.", 0));
|
||||
// These cases are only relevant as long as bug 1118522 hasn't been fixed.
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com..", 0));
|
||||
|
||||
let uri = Services.io.newURI("https://example.com");
|
||||
let uri1 = Services.io.newURI("https://example.com.");
|
||||
let uri2 = Services.io.newURI("https://example.com..");
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0));
|
||||
// These cases are only relevant as long as bug 1118522 hasn't been fixed.
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0));
|
||||
|
||||
let sslStatus = new FakeSSLStatus();
|
||||
SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1000;includeSubdomains", sslStatus, 0);
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com.", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com..", 0));
|
||||
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
uri = Services.io.newURI("https://example.com.");
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
uri = Services.io.newURI("https://example.com..");
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0));
|
||||
|
||||
SSService.removeState(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0);
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com.", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.com..", 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0));
|
||||
|
||||
// Somehow creating this malformed URI succeeds - we need to handle it
|
||||
// gracefully.
|
||||
|
|
|
|||
|
|
@ -10,25 +10,28 @@
|
|||
function run_test() {
|
||||
let SSService = Cc["@mozilla.org/ssservice;1"]
|
||||
.getService(Ci.nsISiteSecurityService);
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"chart.apis.google.com", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"CHART.APIS.GOOGLE.COM", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.chart.apis.google.com", 0));
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"SUB.CHART.APIS.GOOGLE.COM", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"example.apis.google.com", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"EXAMPLE.APIS.GOOGLE.COM", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sub.example.apis.google.com", 0));
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"SUB.EXAMPLE.APIS.GOOGLE.COM", 0));
|
||||
// also check isSecureURI
|
||||
let chartURI = Services.io.newURI("http://chart.apis.google.com");
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, chartURI, 0));
|
||||
let otherURI = Services.io.newURI("http://other.apis.google.com");
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, otherURI, 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://chart.apis.google.com"),
|
||||
0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://CHART.APIS.GOOGLE.COM"),
|
||||
0));
|
||||
ok(!SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.chart.apis.google.com"), 0));
|
||||
ok(!SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://SUB.CHART.APIS.GOOGLE.COM"), 0));
|
||||
ok(SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://example.apis.google.com"), 0));
|
||||
ok(SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://EXAMPLE.APIS.GOOGLE.COM"), 0));
|
||||
ok(SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sub.example.apis.google.com"), 0));
|
||||
ok(SSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://SUB.EXAMPLE.APIS.GOOGLE.COM"), 0));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
function check_ip(s, v, ip) {
|
||||
let sslStatus = new FakeSSLStatus();
|
||||
ok(!s.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, ip, 0));
|
||||
|
||||
let str = "https://";
|
||||
if (v == 6) {
|
||||
|
|
@ -15,12 +14,15 @@ function check_ip(s, v, ip) {
|
|||
str += "/";
|
||||
|
||||
let uri = Services.io.newURI(str);
|
||||
ok(!s.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
let parsedMaxAge = {};
|
||||
let parsedIncludeSubdomains = {};
|
||||
s.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1000;includeSubdomains", sslStatus, 0,
|
||||
parsedMaxAge, parsedIncludeSubdomains);
|
||||
ok(!s.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
|
||||
"URI should not be secure if it contains an IP address");
|
||||
|
||||
/* Test that processHeader will ignore headers for an uri, if the uri
|
||||
* contains an IP address not a hostname.
|
||||
|
|
|
|||
|
|
@ -1,147 +1,113 @@
|
|||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
|
||||
* vim: sw=2 ts=2 sts=2
|
||||
* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include <stdio.h>
|
||||
"use strict";
|
||||
|
||||
#include "gtest/gtest.h"
|
||||
#include "nsDependentString.h"
|
||||
#include "nsNetUtil.h"
|
||||
#include "nsISiteSecurityService.h"
|
||||
#include "nsIURI.h"
|
||||
// STS parser tests
|
||||
|
||||
void
|
||||
TestSuccess(const char* hdr, bool extraTokens,
|
||||
uint64_t expectedMaxAge, bool expectedIncludeSubdomains,
|
||||
nsISiteSecurityService* sss)
|
||||
{
|
||||
nsCOMPtr<nsIURI> dummyUri;
|
||||
nsresult rv = NS_NewURI(getter_AddRefs(dummyUri), "https://foo.com/bar.html");
|
||||
ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to create URI";
|
||||
let sss = Cc["@mozilla.org/ssservice;1"].getService(Ci.nsISiteSecurityService);
|
||||
let sslStatus = new FakeSSLStatus();
|
||||
|
||||
uint64_t maxAge = 0;
|
||||
bool includeSubdomains = false;
|
||||
rv = sss->UnsafeProcessHeader(nsISiteSecurityService::HEADER_HSTS, dummyUri,
|
||||
nsDependentCString(hdr), 0, &maxAge,
|
||||
&includeSubdomains, nullptr);
|
||||
ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to process valid header: " << hdr;
|
||||
function testSuccess(header, expectedMaxAge, expectedIncludeSubdomains) {
|
||||
let dummyUri = Services.io.newURI("https://foo.com/bar.html");
|
||||
let maxAge = {};
|
||||
let includeSubdomains = {};
|
||||
|
||||
ASSERT_EQ(maxAge, expectedMaxAge) << "Did not correctly parse maxAge";
|
||||
EXPECT_EQ(includeSubdomains, expectedIncludeSubdomains) <<
|
||||
"Did not correctly parse presence/absence of includeSubdomains";
|
||||
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, dummyUri, header,
|
||||
sslStatus, 0, maxAge, includeSubdomains);
|
||||
|
||||
if (extraTokens) {
|
||||
EXPECT_EQ(rv, NS_SUCCESS_LOSS_OF_INSIGNIFICANT_DATA) <<
|
||||
"Extra tokens were expected when parsing, but were not encountered.";
|
||||
} else {
|
||||
EXPECT_EQ(rv, NS_OK) << "Unexpected tokens found during parsing.";
|
||||
}
|
||||
|
||||
printf("%s\n", hdr);
|
||||
equal(maxAge.value, expectedMaxAge, "Did not correctly parse maxAge");
|
||||
equal(includeSubdomains.value, expectedIncludeSubdomains,
|
||||
"Did not correctly parse presence/absence of includeSubdomains");
|
||||
}
|
||||
|
||||
void TestFailure(const char* hdr,
|
||||
nsISiteSecurityService* sss)
|
||||
{
|
||||
nsCOMPtr<nsIURI> dummyUri;
|
||||
nsresult rv = NS_NewURI(getter_AddRefs(dummyUri), "https://foo.com/bar.html");
|
||||
ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to create URI";
|
||||
function testFailure(header) {
|
||||
let dummyUri = Services.io.newURI("https://foo.com/bar.html");
|
||||
let maxAge = {};
|
||||
let includeSubdomains = {};
|
||||
|
||||
rv = sss->UnsafeProcessHeader(nsISiteSecurityService::HEADER_HSTS, dummyUri,
|
||||
nsDependentCString(hdr), 0, nullptr, nullptr,
|
||||
nullptr);
|
||||
ASSERT_TRUE(NS_FAILED(rv)) << "Parsed invalid header: " << hdr;
|
||||
|
||||
printf("%s\n", hdr);
|
||||
throws(() => {
|
||||
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, dummyUri, header,
|
||||
sslStatus, 0, maxAge, includeSubdomains);
|
||||
}, "Parsed invalid header: " + header);
|
||||
}
|
||||
|
||||
TEST(psm_STSParser, Test)
|
||||
{
|
||||
nsresult rv;
|
||||
|
||||
// grab handle to the service
|
||||
nsCOMPtr<nsISiteSecurityService> sss;
|
||||
sss = do_GetService("@mozilla.org/ssservice;1", &rv);
|
||||
ASSERT_TRUE(NS_SUCCEEDED(rv));
|
||||
|
||||
// *** parsing tests
|
||||
printf("*** Attempting to parse valid STS headers ...\n");
|
||||
|
||||
function run_test() {
|
||||
// SHOULD SUCCEED:
|
||||
TestSuccess("max-age=100", false, 100, false, sss);
|
||||
TestSuccess("max-age =100", false, 100, false, sss);
|
||||
TestSuccess(" max-age=100", false, 100, false, sss);
|
||||
TestSuccess("max-age = 100 ", false, 100, false, sss);
|
||||
TestSuccess(R"(max-age = "100" )", false, 100, false, sss);
|
||||
TestSuccess(R"(max-age="100")", false, 100, false, sss);
|
||||
TestSuccess(R"( max-age ="100" )", false, 100, false, sss);
|
||||
TestSuccess("\tmax-age\t=\t\"100\"\t", false, 100, false, sss);
|
||||
TestSuccess("max-age = 100 ", false, 100, false, sss);
|
||||
testSuccess("max-age=100", 100, false);
|
||||
testSuccess("max-age =100", 100, false);
|
||||
testSuccess(" max-age=100", 100, false);
|
||||
testSuccess("max-age = 100 ", 100, false);
|
||||
testSuccess('max-age = "100" ', 100, false);
|
||||
testSuccess('max-age="100"', 100, false);
|
||||
testSuccess(' max-age ="100" ', 100, false);
|
||||
testSuccess("\tmax-age\t=\t\"100\"\t", 100, false);
|
||||
testSuccess("max-age = 100 ", 100, false);
|
||||
|
||||
TestSuccess("maX-aGe=100", false, 100, false, sss);
|
||||
TestSuccess("MAX-age =100", false, 100, false, sss);
|
||||
TestSuccess("max-AGE=100", false, 100, false, sss);
|
||||
TestSuccess("Max-Age = 100 ", false, 100, false, sss);
|
||||
TestSuccess("MAX-AGE = 100 ", false, 100, false, sss);
|
||||
testSuccess("maX-aGe=100", 100, false);
|
||||
testSuccess("MAX-age =100", 100, false);
|
||||
testSuccess("max-AGE=100", 100, false);
|
||||
testSuccess("Max-Age = 100 ", 100, false);
|
||||
testSuccess("MAX-AGE = 100 ", 100, false);
|
||||
|
||||
TestSuccess("max-age=100;includeSubdomains", false, 100, true, sss);
|
||||
TestSuccess("max-age=100\t; includeSubdomains", false, 100, true, sss);
|
||||
TestSuccess(" max-age=100; includeSubdomains", false, 100, true, sss);
|
||||
TestSuccess("max-age = 100 ; includeSubdomains", false, 100, true, sss);
|
||||
TestSuccess("max-age = 100 ; includeSubdomains",
|
||||
false, 100, true, sss);
|
||||
testSuccess("max-age=100;includeSubdomains", 100, true);
|
||||
testSuccess("max-age=100\t; includeSubdomains", 100, true);
|
||||
testSuccess(" max-age=100; includeSubdomains", 100, true);
|
||||
testSuccess("max-age = 100 ; includeSubdomains", 100, true);
|
||||
testSuccess("max-age = 100 ; includeSubdomains", 100,
|
||||
true);
|
||||
|
||||
TestSuccess("maX-aGe=100; includeSUBDOMAINS", false, 100, true, sss);
|
||||
TestSuccess("MAX-age =100; includeSubDomains", false, 100, true, sss);
|
||||
TestSuccess("max-AGE=100; iNcLuDeSuBdoMaInS", false, 100, true, sss);
|
||||
TestSuccess("Max-Age = 100; includesubdomains ", false, 100, true, sss);
|
||||
TestSuccess("INCLUDESUBDOMAINS;MaX-AgE = 100 ", false, 100, true, sss);
|
||||
testSuccess("maX-aGe=100; includeSUBDOMAINS", 100, true);
|
||||
testSuccess("MAX-age =100; includeSubDomains", 100, true);
|
||||
testSuccess("max-AGE=100; iNcLuDeSuBdoMaInS", 100, true);
|
||||
testSuccess("Max-Age = 100; includesubdomains ", 100, true);
|
||||
testSuccess("INCLUDESUBDOMAINS;MaX-AgE = 100 ", 100, true);
|
||||
// Turns out, the actual directive is entirely optional (hence the
|
||||
// trailing semicolon)
|
||||
TestSuccess("max-age=100;includeSubdomains;", true, 100, true, sss);
|
||||
testSuccess("max-age=100;includeSubdomains;", 100, true);
|
||||
|
||||
// these are weird tests, but are testing that some extended syntax is
|
||||
// still allowed (but it is ignored)
|
||||
TestSuccess("max-age=100 ; includesubdomainsSomeStuff",
|
||||
true, 100, false, sss);
|
||||
TestSuccess("\r\n\t\t \tcompletelyUnrelated = foobar; max-age= 34520103"
|
||||
"\t \t; alsoUnrelated;asIsThis;\tincludeSubdomains\t\t \t",
|
||||
true, 34520103, true, sss);
|
||||
TestSuccess(R"(max-age=100; unrelated="quoted \"thingy\"")",
|
||||
true, 100, false, sss);
|
||||
testSuccess("max-age=100 ; includesubdomainsSomeStuff", 100, false);
|
||||
testSuccess("\r\n\t\t \tcompletelyUnrelated = foobar; max-age= 34520103"
|
||||
+ "\t \t; alsoUnrelated;asIsThis;\tincludeSubdomains\t\t \t",
|
||||
34520103, true);
|
||||
testSuccess('max-age=100; unrelated="quoted \\"thingy\\""', 100, false);
|
||||
|
||||
// SHOULD FAIL:
|
||||
printf("* Attempting to parse invalid STS headers (should not parse)...\n");
|
||||
// invalid max-ages
|
||||
TestFailure("max-age", sss);
|
||||
TestFailure("max-age ", sss);
|
||||
TestFailure("max-age=p", sss);
|
||||
TestFailure("max-age=*1p2", sss);
|
||||
TestFailure("max-age=.20032", sss);
|
||||
TestFailure("max-age=!20032", sss);
|
||||
TestFailure("max-age==20032", sss);
|
||||
testFailure("max-age");
|
||||
testFailure("max-age ");
|
||||
testFailure("max-age=p");
|
||||
testFailure("max-age=*1p2");
|
||||
testFailure("max-age=.20032");
|
||||
testFailure("max-age=!20032");
|
||||
testFailure("max-age==20032");
|
||||
|
||||
// invalid headers
|
||||
TestFailure("foobar", sss);
|
||||
TestFailure("maxage=100", sss);
|
||||
TestFailure("maxa-ge=100", sss);
|
||||
TestFailure("max-ag=100", sss);
|
||||
TestFailure("includesubdomains", sss);
|
||||
TestFailure(";", sss);
|
||||
TestFailure(R"(max-age="100)", sss);
|
||||
testFailure("foobar");
|
||||
testFailure("maxage=100");
|
||||
testFailure("maxa-ge=100");
|
||||
testFailure("max-ag=100");
|
||||
testFailure("includesubdomains");
|
||||
testFailure(";");
|
||||
testFailure('max-age="100');
|
||||
// The max-age directive here doesn't conform to the spec, so it MUST
|
||||
// be ignored. Consequently, the REQUIRED max-age directive is not
|
||||
// present in this header, and so it is invalid.
|
||||
TestFailure("max-age=100, max-age=200; includeSubdomains", sss);
|
||||
TestFailure("max-age=100 includesubdomains", sss);
|
||||
TestFailure("max-age=100 bar foo", sss);
|
||||
TestFailure("max-age=100randomstuffhere", sss);
|
||||
testFailure("max-age=100, max-age=200; includeSubdomains");
|
||||
testFailure("max-age=100 includesubdomains");
|
||||
testFailure("max-age=100 bar foo");
|
||||
testFailure("max-age=100randomstuffhere");
|
||||
// All directives MUST appear only once in an STS header field.
|
||||
TestFailure("max-age=100; max-age=200", sss);
|
||||
TestFailure("includeSubdomains; max-age=200; includeSubdomains", sss);
|
||||
TestFailure("max-age=200; includeSubdomains; includeSubdomains", sss);
|
||||
testFailure("max-age=100; max-age=200");
|
||||
testFailure("includeSubdomains; max-age=200; includeSubdomains");
|
||||
testFailure("max-age=200; includeSubdomains; includeSubdomains");
|
||||
// The includeSubdomains directive is valueless.
|
||||
TestFailure("max-age=100; includeSubdomains=unexpected", sss);
|
||||
testFailure("max-age=100; includeSubdomains=unexpected");
|
||||
// LWS must have at least one space or horizontal tab
|
||||
TestFailure("\r\nmax-age=200", sss);
|
||||
testFailure("\r\nmax-age=200");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,57 +16,52 @@ function run_test() {
|
|||
let SSService = Cc["@mozilla.org/ssservice;1"]
|
||||
.getService(Ci.nsISiteSecurityService);
|
||||
let sslStatus = new FakeSSLStatus();
|
||||
let unlikelyHost = "highlyunlikely.example.com";
|
||||
let uri = Services.io.newURI("https://" + unlikelyHost);
|
||||
let subDomainUri = Services.io.newURI("https://subdomain." + unlikelyHost);
|
||||
|
||||
// first check that a host probably not on the preload list is not identified
|
||||
// as an sts host
|
||||
let unlikelyHost = "highlyunlikely.example.com";
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
unlikelyHost, 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
// now add a preload entry for this host
|
||||
SSService.setHSTSPreload(unlikelyHost, false, Date.now() + 60000);
|
||||
|
||||
// check that it's now an STS host
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
unlikelyHost, 0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
// check that it's honoring the fact we set includeSubdomains to false
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain." + unlikelyHost, 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri,
|
||||
0));
|
||||
|
||||
// clear the non-preloaded entries
|
||||
SSService.clearAll();
|
||||
|
||||
// check that it's still an STS host
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
unlikelyHost, 0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
// clear the preloads
|
||||
SSService.clearPreloads();
|
||||
|
||||
// Check that it's no longer an STS host now that the preloads have been
|
||||
// cleared
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
unlikelyHost, 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
// Now let's do the same, this time with includeSubdomains on
|
||||
SSService.setHSTSPreload(unlikelyHost, true, Date.now() + 60000);
|
||||
|
||||
// check that it's now an STS host
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
unlikelyHost, 0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
// check that it's now including subdomains
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain." + unlikelyHost, 0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri,
|
||||
0));
|
||||
|
||||
// Now let's simulate overriding the entry by setting an entry from a header
|
||||
// with max-age set to 0
|
||||
let uri = Services.io.newURI("https://" + unlikelyHost);
|
||||
SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, 0);
|
||||
|
||||
// this should no longer be an HSTS host
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
unlikelyHost, 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,67 +38,75 @@ function run_test() {
|
|||
|
||||
function test_part1() {
|
||||
// check that a host not in the list is not identified as an sts host
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"nonexistent.mozilla.com", 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://nonexistent.mozilla.com"), 0));
|
||||
|
||||
// check that an ancestor domain is not identified as an sts host
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "com", 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://com"), 0));
|
||||
|
||||
// check that the pref to toggle using the preload list works
|
||||
Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", false);
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
0));
|
||||
Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", true);
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
0));
|
||||
|
||||
// check that a subdomain is an sts host (includeSubdomains is set)
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
|
||||
|
||||
// check that another subdomain is an sts host (includeSubdomains is set)
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"a.b.c.def.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://a.b.c.def.bugzilla.mozilla.org"), 0));
|
||||
|
||||
// check that a subdomain is not an sts host (includeSubdomains is not set)
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.www.torproject.org", 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.www.torproject.org"), 0));
|
||||
|
||||
// check that a host with a dot on the end won't break anything
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"notsts.nonexistent.mozilla.com.", 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://notsts.nonexistent.mozilla.com."), 0));
|
||||
|
||||
// check that processing a header with max-age: 0 will remove a preloaded
|
||||
// site from the list
|
||||
let uri = Services.io.newURI("http://bugzilla.mozilla.org");
|
||||
let uri = Services.io.newURI("https://bugzilla.mozilla.org");
|
||||
let subDomainUri =
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org");
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, 0);
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.bugzilla.mozilla.org", 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
subDomainUri, 0));
|
||||
// check that processing another header (with max-age non-zero) will
|
||||
// re-enable a site's sts status
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1000", sslStatus, 0);
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
// but this time include subdomains was not set, so test for that
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.bugzilla.mozilla.org", 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
subDomainUri, 0));
|
||||
gSSService.clearAll();
|
||||
|
||||
// check that processing a header with max-age: 0 from a subdomain of a site
|
||||
// will not remove that (ancestor) site from the list
|
||||
uri = Services.io.newURI("http://subdomain.www.torproject.org");
|
||||
uri = Services.io.newURI("https://subdomain.www.torproject.org");
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, 0);
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"www.torproject.org", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.www.torproject.org", 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://www.torproject.org"),
|
||||
0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
uri = Services.io.newURI("http://subdomain.bugzilla.mozilla.org");
|
||||
uri = Services.io.newURI("https://subdomain.bugzilla.mozilla.org");
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, 0);
|
||||
// we received a header with "max-age=0", so we have "no information"
|
||||
|
|
@ -110,14 +118,19 @@ function test_part1() {
|
|||
// |-- subdomain.bugzilla.mozilla.org IS sts host
|
||||
// | `-- another.subdomain.bugzilla.mozilla.org IS sts host
|
||||
// `-- sibling.bugzilla.mozilla.org IS sts host
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sibling.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"another.subdomain.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"),
|
||||
0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"),
|
||||
0));
|
||||
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1000", sslStatus, 0);
|
||||
|
|
@ -126,12 +139,16 @@ function test_part1() {
|
|||
// |-- subdomain.bugzilla.mozilla.org (include subdomains is false) IS sts host
|
||||
// | `-- another.subdomain.bugzilla.mozilla.org IS NOT sts host
|
||||
// `-- sibling.bugzilla.mozilla.org IS sts host
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"sibling.bugzilla.mozilla.org", 0));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"another.subdomain.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0));
|
||||
ok(!gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"),
|
||||
0));
|
||||
|
||||
// Test that an expired non-private browsing entry results in correctly
|
||||
// identifying a host that is on the preload list as no longer sts.
|
||||
|
|
@ -139,14 +156,12 @@ function test_part1() {
|
|||
// a site on the preload list, and that header later expires. We need to
|
||||
// then treat that host as no longer an sts host.)
|
||||
// (sanity check first - this should be in the preload list)
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"login.persona.org", 0));
|
||||
uri = Services.io.newURI("http://login.persona.org");
|
||||
uri = Services.io.newURI("https://login.persona.org");
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1", sslStatus, 0);
|
||||
do_timeout(1250, function() {
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"login.persona.org", 0));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
run_next_test();
|
||||
});
|
||||
}
|
||||
|
|
@ -155,36 +170,37 @@ const IS_PRIVATE = Ci.nsISocketProvider.NO_PERMANENT_STORAGE;
|
|||
|
||||
function test_private_browsing1() {
|
||||
gSSService.clearAll();
|
||||
let uri = Services.io.newURI("https://bugzilla.mozilla.org");
|
||||
let subDomainUri =
|
||||
Services.io.newURI("https://a.b.c.subdomain.bugzilla.mozilla.org");
|
||||
// sanity - bugzilla.mozilla.org is preloaded, includeSubdomains set
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", IS_PRIVATE));
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"a.b.c.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
IS_PRIVATE));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri,
|
||||
IS_PRIVATE));
|
||||
|
||||
let uri = Services.io.newURI("http://bugzilla.mozilla.org");
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, IS_PRIVATE);
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", IS_PRIVATE));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"a.b.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
IS_PRIVATE));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
subDomainUri, IS_PRIVATE));
|
||||
|
||||
// check adding it back in
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1000", sslStatus, IS_PRIVATE);
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", IS_PRIVATE));
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, IS_PRIVATE));
|
||||
// but no includeSubdomains this time
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"b.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
subDomainUri, IS_PRIVATE));
|
||||
|
||||
// do the hokey-pokey...
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=0", sslStatus, IS_PRIVATE);
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", IS_PRIVATE));
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.bugzilla.mozilla.org", IS_PRIVATE));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
IS_PRIVATE));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
subDomainUri, IS_PRIVATE));
|
||||
|
||||
// Test that an expired private browsing entry results in correctly
|
||||
// identifying a host that is on the preload list as no longer sts.
|
||||
|
|
@ -192,14 +208,14 @@ function test_private_browsing1() {
|
|||
// a site on the preload list, and that header later expires. We need to
|
||||
// then treat that host as no longer an sts host.)
|
||||
// (sanity check first - this should be in the preload list)
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"login.persona.org", IS_PRIVATE));
|
||||
uri = Services.io.newURI("http://login.persona.org");
|
||||
uri = Services.io.newURI("https://login.persona.org");
|
||||
ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
IS_PRIVATE));
|
||||
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
"max-age=1", sslStatus, IS_PRIVATE);
|
||||
do_timeout(1250, function() {
|
||||
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"login.persona.org", IS_PRIVATE));
|
||||
ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
|
||||
IS_PRIVATE));
|
||||
// Simulate leaving private browsing mode
|
||||
Services.obs.notifyObservers(null, "last-pb-context-exited", null);
|
||||
});
|
||||
|
|
@ -207,16 +223,19 @@ function test_private_browsing1() {
|
|||
|
||||
function test_private_browsing2() {
|
||||
// if this test gets this far, it means there's a private browsing service
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://bugzilla.mozilla.org"), 0));
|
||||
// the bugzilla.mozilla.org entry has includeSubdomains set
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"subdomain.bugzilla.mozilla.org", 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
|
||||
|
||||
// Now that we're out of private browsing mode, we need to make sure
|
||||
// we've "forgotten" that we "forgot" this site's sts status.
|
||||
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"login.persona.org", 0));
|
||||
ok(gSSService.isSecureURI(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
Services.io.newURI("https://login.persona.org"), 0));
|
||||
|
||||
run_next_test();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,21 +5,19 @@
|
|||
function run_test() {
|
||||
let SSService = Cc["@mozilla.org/ssservice;1"]
|
||||
.getService(Ci.nsISiteSecurityService);
|
||||
let uri = Services.io.newURI("https://bugzilla.mozilla.org");
|
||||
|
||||
// check that a host on the preload list is identified as an sts host
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
// now simulate that it's 19 weeks later than it actually is
|
||||
let offsetSeconds = 19 * 7 * 24 * 60 * 60;
|
||||
Services.prefs.setIntPref("test.currentTimeOffsetSeconds", offsetSeconds);
|
||||
|
||||
// check that the preloaded host is no longer considered sts
|
||||
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
|
||||
// just make sure we can get everything back to normal
|
||||
Services.prefs.clearUserPref("test.currentTimeOffsetSeconds");
|
||||
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
"bugzilla.mozilla.org", 0));
|
||||
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -140,6 +140,7 @@ skip-if = toolkit == 'android'
|
|||
[test_sts_fqdn.js]
|
||||
[test_sts_holepunch.js]
|
||||
[test_sts_ipv4_ipv6.js]
|
||||
[test_sts_parser.js]
|
||||
[test_sts_preload_dynamic.js]
|
||||
[test_sts_preloadlist_perwindowpb.js]
|
||||
[test_sts_preloadlist_selfdestruct.js]
|
||||
|
|
|
|||
|
|
@ -92,10 +92,16 @@ add_task(function* test_something() {
|
|||
.getService(Ci.nsISiteSecurityService);
|
||||
|
||||
// ensure our pins are all missing before we start
|
||||
ok(!sss.isSecureHost(sss.HEADER_HPKP, "one.example.com", 0));
|
||||
ok(!sss.isSecureHost(sss.HEADER_HPKP, "two.example.com", 0));
|
||||
ok(!sss.isSecureHost(sss.HEADER_HPKP, "three.example.com", 0));
|
||||
ok(!sss.isSecureHost(sss.HEADER_HSTS, "five.example.com", 0));
|
||||
ok(!sss.isSecureURI(sss.HEADER_HPKP,
|
||||
Services.io.newURI("https://one.example.com"), 0));
|
||||
ok(!sss.isSecureURI(sss.HEADER_HPKP,
|
||||
Services.io.newURI("https://two.example.com"), 0));
|
||||
ok(!sss.isSecureURI(sss.HEADER_HPKP,
|
||||
Services.io.newURI("https://three.example.com"), 0));
|
||||
ok(!sss.isSecureURI(sss.HEADER_HSTS,
|
||||
Services.io.newURI("https://four.example.com"), 0));
|
||||
ok(!sss.isSecureURI(sss.HEADER_HSTS,
|
||||
Services.io.newURI("https://five.example.com"), 0));
|
||||
|
||||
// Test an empty db populates
|
||||
yield PinningPreloadClient.maybeSync(2000, Date.now());
|
||||
|
|
@ -109,7 +115,8 @@ add_task(function* test_something() {
|
|||
do_check_eq(list.data.length, 1);
|
||||
|
||||
// check that a pin exists for one.example.com
|
||||
ok(sss.isSecureHost(sss.HEADER_HPKP, "one.example.com", 0));
|
||||
ok(sss.isSecureURI(sss.HEADER_HPKP,
|
||||
Services.io.newURI("https://one.example.com"), 0));
|
||||
|
||||
// Test the db is updated when we call again with a later lastModified value
|
||||
yield PinningPreloadClient.maybeSync(4000, Date.now());
|
||||
|
|
@ -122,12 +129,15 @@ add_task(function* test_something() {
|
|||
yield connection.close();
|
||||
|
||||
// check that a pin exists for two.example.com and three.example.com
|
||||
ok(sss.isSecureHost(sss.HEADER_HPKP, "two.example.com", 0));
|
||||
ok(sss.isSecureHost(sss.HEADER_HPKP, "three.example.com", 0));
|
||||
ok(sss.isSecureURI(sss.HEADER_HPKP,
|
||||
Services.io.newURI("https://two.example.com"), 0));
|
||||
ok(sss.isSecureURI(sss.HEADER_HPKP,
|
||||
Services.io.newURI("https://three.example.com"), 0));
|
||||
|
||||
// check that a pin does not exist for four.example.com - it's in the
|
||||
// collection but the version should not match
|
||||
ok(!sss.isSecureHost(sss.HEADER_HPKP, "four.example.com", 0));
|
||||
ok(!sss.isSecureURI(sss.HEADER_HPKP,
|
||||
Services.io.newURI("https://four.example.com"), 0));
|
||||
|
||||
// Try to maybeSync with the current lastModified value - no connection
|
||||
// should be attempted.
|
||||
|
|
@ -146,9 +156,12 @@ add_task(function* test_something() {
|
|||
do_check_neq(newValue, 0);
|
||||
|
||||
// Check that the HSTS preload added to the collection works...
|
||||
ok(sss.isSecureHost(sss.HEADER_HSTS, "five.example.com", 0));
|
||||
ok(sss.isSecureURI(sss.HEADER_HSTS,
|
||||
Services.io.newURI("https://five.example.com"), 0));
|
||||
// ...and that includeSubdomains is honored
|
||||
ok(!sss.isSecureHost(sss.HEADER_HSTS, "subdomain.five.example.com", 0));
|
||||
ok(!sss.isSecureURI(sss.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.five.example.com"),
|
||||
0));
|
||||
|
||||
// Check that a sync completes even when there's bad data in the
|
||||
// collection. This will throw on fail, so just calling maybeSync is an
|
||||
|
|
@ -159,7 +172,9 @@ add_task(function* test_something() {
|
|||
|
||||
// The STS entry for five.example.com now has includeSubdomains set;
|
||||
// ensure that the new includeSubdomains value is honored.
|
||||
ok(sss.isSecureHost(sss.HEADER_HSTS, "subdomain.five.example.com", 0));
|
||||
ok(sss.isSecureURI(sss.HEADER_HSTS,
|
||||
Services.io.newURI("https://subdomain.five.example.com"),
|
||||
0));
|
||||
});
|
||||
|
||||
function run_test() {
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче