зеркало из https://github.com/mozilla/gecko-dev.git
Backed out 2 changesets (bug 1635828) for mochitest failures on test_sts_privatebrowsing_perwindowpb.html . CLOSED TREE
Backed out changeset 52be379dbb20 (bug 1635828) Backed out changeset c410710919ab (bug 1635828)
This commit is contained in:
Родитель
d27be427c9
Коммит
f2ba920b49
|
@ -585,8 +585,8 @@ nsresult nsHttpChannel::OnBeforeConnect() {
|
|||
this, getter_AddRefs(resultPrincipal));
|
||||
}
|
||||
OriginAttributes originAttributes;
|
||||
if (!StoragePrincipalHelper::GetOriginAttributesForNetworkState(
|
||||
this, originAttributes)) {
|
||||
if (!StoragePrincipalHelper::GetOriginAttributes(
|
||||
this, originAttributes, StoragePrincipalHelper::eRegularPrincipal)) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
|
@ -2183,11 +2183,8 @@ nsresult nsHttpChannel::ProcessSingleSecurityHeader(
|
|||
// Process header will now discard the headers itself if the channel
|
||||
// wasn't secure (whereas before it had to be checked manually)
|
||||
OriginAttributes originAttributes;
|
||||
if (NS_WARN_IF(!StoragePrincipalHelper::GetOriginAttributesForNetworkState(
|
||||
this, originAttributes))) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
StoragePrincipalHelper::GetOriginAttributes(
|
||||
this, originAttributes, StoragePrincipalHelper::eRegularPrincipal);
|
||||
uint32_t failureResult;
|
||||
uint32_t headerSource = nsISiteSecurityService::SOURCE_ORGANIC_REQUEST;
|
||||
rv = sss->ProcessHeader(aType, mURI, securityHeader, aSecInfo, aFlags,
|
||||
|
|
|
@ -155,5 +155,3 @@ support-files =
|
|||
!/browser/components/originattributes/test/browser/file_thirdPartyChild.worker.xhr.html
|
||||
!/browser/components/originattributes/test/browser/file_thirdPartyChild.xhr.html
|
||||
[browser_staticPartition_network.js]
|
||||
[browser_staticPartition_HSTS.js]
|
||||
support-files = browser_staticPartition_HSTS.sjs
|
||||
|
|
|
@ -1,73 +0,0 @@
|
|||
/* Any copyright is dedicated to the Public Domain.
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
|
||||
var unsecureEmptyURL =
|
||||
"http://example.org/browser/toolkit/components/antitracking/test/browser/empty.html";
|
||||
var secureURL =
|
||||
"https://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs";
|
||||
var unsecureURL =
|
||||
"http://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs";
|
||||
|
||||
function cleanupHSTS() {
|
||||
// Ensure to remove example.com from the HSTS list.
|
||||
let sss = Cc["@mozilla.org/ssservice;1"].getService(
|
||||
Ci.nsISiteSecurityService
|
||||
);
|
||||
sss.resetState(
|
||||
Ci.nsISiteSecurityService.HEADER_HSTS,
|
||||
NetUtil.newURI("http://example.com/"),
|
||||
0
|
||||
);
|
||||
}
|
||||
|
||||
function promiseTabLoadEvent(aTab, aURL, aFinalURL) {
|
||||
info("Wait for load tab event");
|
||||
BrowserTestUtils.loadURI(aTab.linkedBrowser, aURL);
|
||||
return BrowserTestUtils.browserLoaded(aTab.linkedBrowser, false, aFinalURL);
|
||||
}
|
||||
|
||||
add_task(async function() {
|
||||
for (let prefValue of [true, false]) {
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["privacy.partition.network_state", prefValue]],
|
||||
});
|
||||
|
||||
let tab = (gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser));
|
||||
|
||||
// Let's load the secureURL as first-party in order to activate HSTS.
|
||||
await promiseTabLoadEvent(tab, secureURL, secureURL);
|
||||
|
||||
// Let's test HSTS: unsecure -> secure.
|
||||
await promiseTabLoadEvent(tab, unsecureURL, secureURL);
|
||||
ok(true, "unsecure -> secure, first-party works!");
|
||||
|
||||
// Let's load a first-party.
|
||||
await promiseTabLoadEvent(tab, unsecureEmptyURL, unsecureEmptyURL);
|
||||
|
||||
let finalURL = await SpecialPowers.spawn(
|
||||
tab.linkedBrowser,
|
||||
[unsecureURL],
|
||||
async url => {
|
||||
return new content.Promise(resolve => {
|
||||
let ifr = content.document.createElement("iframe");
|
||||
ifr.onload = _ => {
|
||||
resolve(ifr.contentWindow.location.href);
|
||||
};
|
||||
|
||||
content.document.body.appendChild(ifr);
|
||||
ifr.src = url;
|
||||
});
|
||||
}
|
||||
);
|
||||
|
||||
if (prefValue) {
|
||||
is(finalURL, unsecureURL, "HSTS doesn't work for 3rd parties");
|
||||
} else {
|
||||
is(finalURL, secureURL, "HSTS works for 3rd parties");
|
||||
}
|
||||
|
||||
gBrowser.removeCurrentTab();
|
||||
cleanupHSTS();
|
||||
}
|
||||
});
|
|
@ -1,12 +0,0 @@
|
|||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
function handleRequest(request, response) {
|
||||
let page = "<!DOCTYPE html><html><body><p>HSTS page</p></body></html>";
|
||||
response.setStatusLine(request.httpVersion, "200", "OK");
|
||||
response.setHeader("Strict-Transport-Security", "max-age=60");
|
||||
response.setHeader("Content-Type", "text/html", false);
|
||||
response.setHeader("Content-Length", page.length + "", false);
|
||||
response.write(page);
|
||||
}
|
Загрузка…
Ссылка в новой задаче