Bug 1483626 - Checks if subjectAltNames has elements that are not empty string, and if it has them, they will be remove, preventing incomplete r=johannh

messages to show to the user. r=johannh

Differential Revision: https://phabricator.services.mozilla.com/D21796

--HG--
extra : moz-landing-system : lando

browser/actors/NetErrorChild.jsm

@@ -184,6 +184,10 @@ class NetErrorChild extends ActorChild {
     if (input.data.isDomainMismatch) {
       let subjectAltNames = input.data.certSubjectAltNames.split(",");
       let numSubjectAltNames = subjectAltNames.length;
+
+      subjectAltNames = subjectAltNames.filter(name => name.length > 0);
+      numSubjectAltNames = subjectAltNames.length;
+
       let msgPrefix = "";
       if (numSubjectAltNames != 0) {
         if (numSubjectAltNames == 1) {

browser/base/content/test/about/browser.ini

@@ -13,6 +13,7 @@ prefs =
 [browser_aboutCertError_clockSkew.js]
 [browser_aboutCertError_exception.js]
 [browser_aboutCertError_mitm.js]
+[browser_aboutCertError_noSubjectAltName.js]
 [browser_aboutCertError_telemetry.js]
 [browser_aboutHome_search_POST.js]
 [browser_aboutHome_search_composing.js]

browser/base/content/test/about/browser_aboutCertError_noSubjectAltName.js

@@ -0,0 +1,51 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const UNKNOWN_ISSUER = "https://no-subject-alt-name.example.com:443";
+
+const checkAdvancedAndGetTechnicalInfoText = async () => {
+  let doc = content.document;
+
+  let advancedButton = doc.getElementById("advancedButton");
+  ok(advancedButton, "advancedButton found");
+  is(advancedButton.hasAttribute("disabled"), false, "advancedButton should be clickable");
+  advancedButton.click();
+
+  let badCertAdvancedPanel = doc.getElementById("badCertAdvancedPanel");
+  ok(badCertAdvancedPanel, "badCertAdvancedPanel found");
+
+  let badCertTechnicalInfo = doc.getElementById("badCertTechnicalInfo");
+  ok(badCertTechnicalInfo, "badCertTechnicalInfo found");
+
+  let errorCode = doc.getElementById("errorCode").innerHTML;
+  is(errorCode, "SSL_ERROR_BAD_CERT_DOMAIN");
+
+  let viewCertificate = doc.getElementById("viewCertificate");
+  ok(viewCertificate, "viewCertificate found");
+
+  return badCertTechnicalInfo.innerHTML;
+};
+
+const checkCorrectMessages = (message) => {
+  let isCorrectMessage =
+    message.includes("Websites prove their identity via certificates."
+      + " Nightly does not trust this site because it uses a certificate that is"
+      + " not valid for no-subject-alt-name.example.com");
+  is(isCorrectMessage, true, "That message should appear");
+  let isWrongMessage =
+    message.includes("The certificate is only valid for ");
+  is(isWrongMessage, false, "That message shouldn't appear");
+};
+
+add_task(async function checkUntrustedCertError() {
+  info(`Loading ${UNKNOWN_ISSUER} which does not have a subject specified in the certificate`);
+  let tab = await openErrorPage(UNKNOWN_ISSUER);
+  let browser = tab.linkedBrowser;
+  info("Clicking the exceptionDialogButton in advanced panel");
+  let badCertTechnicalInfoText =
+    await ContentTask.spawn(browser, null, checkAdvancedAndGetTechnicalInfoText);
+  checkCorrectMessages(badCertTechnicalInfoText, browser);
+  BrowserTestUtils.removeTab(gBrowser.selectedTab);
+});

build/pgo/certs/noSubjectAltName.certspec

@@ -0,0 +1,2 @@
+issuer:printableString/CN=Temporary Certificate Authority/O=Mozilla Testing/OU=Profile Guided Optimization
+subject:certificate without subjectAlternativeNames

build/pgo/server-locations.txt

@@ -119,6 +119,7 @@ https://mismatch.expired.example.com:443	privileged,cert=expired
 https://mismatch.untrusted.example.com:443	privileged,cert=untrusted
 https://untrusted-expired.example.com:443	privileged,cert=untrustedandexpired
 https://mismatch.untrusted-expired.example.com:443	privileged,cert=untrustedandexpired
+https://no-subject-alt-name.example.com:443   cert=noSubjectAltName
 
 # Prevent safebrowsing tests from hitting the network for its-a-trap.html and
 # its-an-attack.html.