Backed out 2 changesets (bug 1635828) for mochitest failures on test_sts_privatebrowsing_perwindowpb.html . CLOSED TREE

Backed out changeset 52be379dbb20 (bug 1635828)
Backed out changeset c410710919ab (bug 1635828)
This commit is contained in:
Narcis Beleuzu 2020-07-10 18:43:37 +03:00
Родитель d27be427c9
Коммит f2ba920b49
4 изменённых файлов: 4 добавлений и 94 удалений

Просмотреть файл

@ -585,8 +585,8 @@ nsresult nsHttpChannel::OnBeforeConnect() {
this, getter_AddRefs(resultPrincipal));
}
OriginAttributes originAttributes;
if (!StoragePrincipalHelper::GetOriginAttributesForNetworkState(
this, originAttributes)) {
if (!StoragePrincipalHelper::GetOriginAttributes(
this, originAttributes, StoragePrincipalHelper::eRegularPrincipal)) {
return NS_ERROR_FAILURE;
}
@ -2183,11 +2183,8 @@ nsresult nsHttpChannel::ProcessSingleSecurityHeader(
// Process header will now discard the headers itself if the channel
// wasn't secure (whereas before it had to be checked manually)
OriginAttributes originAttributes;
if (NS_WARN_IF(!StoragePrincipalHelper::GetOriginAttributesForNetworkState(
this, originAttributes))) {
return NS_ERROR_FAILURE;
}
StoragePrincipalHelper::GetOriginAttributes(
this, originAttributes, StoragePrincipalHelper::eRegularPrincipal);
uint32_t failureResult;
uint32_t headerSource = nsISiteSecurityService::SOURCE_ORGANIC_REQUEST;
rv = sss->ProcessHeader(aType, mURI, securityHeader, aSecInfo, aFlags,

Просмотреть файл

@ -155,5 +155,3 @@ support-files =
!/browser/components/originattributes/test/browser/file_thirdPartyChild.worker.xhr.html
!/browser/components/originattributes/test/browser/file_thirdPartyChild.xhr.html
[browser_staticPartition_network.js]
[browser_staticPartition_HSTS.js]
support-files = browser_staticPartition_HSTS.sjs

Просмотреть файл

@ -1,73 +0,0 @@
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/
*/
var unsecureEmptyURL =
"http://example.org/browser/toolkit/components/antitracking/test/browser/empty.html";
var secureURL =
"https://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs";
var unsecureURL =
"http://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs";
function cleanupHSTS() {
// Ensure to remove example.com from the HSTS list.
let sss = Cc["@mozilla.org/ssservice;1"].getService(
Ci.nsISiteSecurityService
);
sss.resetState(
Ci.nsISiteSecurityService.HEADER_HSTS,
NetUtil.newURI("http://example.com/"),
0
);
}
function promiseTabLoadEvent(aTab, aURL, aFinalURL) {
info("Wait for load tab event");
BrowserTestUtils.loadURI(aTab.linkedBrowser, aURL);
return BrowserTestUtils.browserLoaded(aTab.linkedBrowser, false, aFinalURL);
}
add_task(async function() {
for (let prefValue of [true, false]) {
await SpecialPowers.pushPrefEnv({
set: [["privacy.partition.network_state", prefValue]],
});
let tab = (gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser));
// Let's load the secureURL as first-party in order to activate HSTS.
await promiseTabLoadEvent(tab, secureURL, secureURL);
// Let's test HSTS: unsecure -> secure.
await promiseTabLoadEvent(tab, unsecureURL, secureURL);
ok(true, "unsecure -> secure, first-party works!");
// Let's load a first-party.
await promiseTabLoadEvent(tab, unsecureEmptyURL, unsecureEmptyURL);
let finalURL = await SpecialPowers.spawn(
tab.linkedBrowser,
[unsecureURL],
async url => {
return new content.Promise(resolve => {
let ifr = content.document.createElement("iframe");
ifr.onload = _ => {
resolve(ifr.contentWindow.location.href);
};
content.document.body.appendChild(ifr);
ifr.src = url;
});
}
);
if (prefValue) {
is(finalURL, unsecureURL, "HSTS doesn't work for 3rd parties");
} else {
is(finalURL, secureURL, "HSTS works for 3rd parties");
}
gBrowser.removeCurrentTab();
cleanupHSTS();
}
});

Просмотреть файл

@ -1,12 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */
function handleRequest(request, response) {
let page = "<!DOCTYPE html><html><body><p>HSTS page</p></body></html>";
response.setStatusLine(request.httpVersion, "200", "OK");
response.setHeader("Strict-Transport-Security", "max-age=60");
response.setHeader("Content-Type", "text/html", false);
response.setHeader("Content-Length", page.length + "", false);
response.write(page);
}