Bug 1719309 - HTTPS-First test for bad certifactes. r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D119779
2025-02-17 14:25:49 +00:00 · 2021-07-14 12:34:01 +00:00 · 2021-07-14 12:34:01 +00:00 · 34292f2736
commit 34292f2736
parent a2cfcac615
4 changed files with 112 additions and 0 deletions
--- a/build/pgo/server-locations.txt
+++ b/build/pgo/server-locations.txt
@ -349,6 +349,14 @@ https://suggestion-example.com:443          privileged,cert=badCertDomain
 http://no-suggestion-example.com:80         privileged
 https://no-suggestion-example.com:443       privileged,cert=badCertDomain

+# testing HTTPS-First doesn't show warning page for bad cert
+http://nocert.example.com:80                    privileged
+http://self-signed.example.com:80               privileged
+http://untrusted.example.com:80                 privileged
+http://untrusted-expired.example.com:80         privileged
+http://no-subject-alt-name.example.com:80       privileged
+http://expired.example.com:80                   privileged
+
 # testing HTTPS-First behaviour for redirection (Bug 1706126)
 http://redirect-example.com:80              privileged
 https://redirect-example.com:443            privileged,cert=bug1706126cert
--- a/dom/security/test/https-first/file_bad_cert.sjs
+++ b/dom/security/test/https-first/file_bad_cert.sjs
@ -0,0 +1,34 @@
+const RESPONSE_SUCCESS = `
+  <html>
+    <body>
+      send message, downgraded
+    <script type="application/javascript">
+      let scheme = document.location.protocol;
+      window.opener.postMessage({result: 'downgraded', scheme: scheme}, '*');
+    </script>
+    </body>
+  </html>`;
+
+const RESPONSE_UNEXPECTED = `
+  <html>
+    <body>
+      send message, error
+    <script type="application/javascript">
+      let scheme = document.location.protocol;
+      window.opener.postMessage({result: 'Error', scheme: scheme}, '*');
+    </script>
+    </body>
+  </html>`;
+
+function handleRequest(request, response) {
+  // avoid confusing cache behaviors
+  response.setHeader("Cache-Control", "no-cache", false);
+
+  // if the received request is not http send an error
+  if (request.scheme === "http") {
+    response.write(RESPONSE_SUCCESS);
+    return;
+  }
+  // we should never get here; just in case, return something unexpected
+  response.write(RESPONSE_UNEXPECTED);
+}
--- a/dom/security/test/https-first/mochitest.ini
+++ b/dom/security/test/https-first/mochitest.ini
@ -26,5 +26,8 @@ support-files= file_referrer_policy.sjs
 [test_break_endless_upgrade_downgrade_loop.html]
 support-files =
  file_break_endless_upgrade_downgrade_loop.sjs
+[test_bad_cert.html]
+support-files =
+  file_bad_cert.sjs
 [test_downgrade_request_upgrade_request.html]
 support-files= file_downgrade_request_upgrade_request.sjs
--- a/dom/security/test/https-first/test_bad_cert.html
+++ b/dom/security/test/https-first/test_bad_cert.html
@ -0,0 +1,67 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=1719309
+Test that bad cert sites won't get upgraded by https-first
+-->
+
+<head>
+  <title>HTTPS-FirstMode - Bad Certificates</title>
+  <script src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+
+<body>
+  <h1>HTTPS-First Mode</h1>
+  <p>Test: Downgrade bad certificates without warning page </p>
+  <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1706351">Bug 1719309</a>
+
+  <script class="testbody" type="text/javascript">
+  "use strict";
+  /*
+   * We perform the following tests:
+   * 1. Request nocert.example.com which is a site without a certificate
+   * 2. Request a site with self-signed cert (self-signed.example.com)
+   * 3. Request a site with an untrusted cert (untrusted.example.com)
+   * 4. Request a site with an expired cert
+   * 5. Request a site with an untrusted and expired cert
+   * 6. Request a site with no subject alternative dns name matching
+   *
+   * Expected result: Https-first tries to upgrade each request. Receives for each one an SSL_ERROR_*
+   * and downgrades back to http.
+   */
+  const badCertificates = ["nocert","self-signed", "untrusted","expired","untrusted-expired", "no-subject-alt-name"];
+  let currentTest = 0;
+  let testWin;
+  window.addEventListener("message", receiveMessage);
+
+  // Receive message and verify that it is from an http site.
+  // Verify that we got the correct message and an http scheme
+  async function receiveMessage(event) {
+    let data = event.data;
+    let currentBadCert = badCertificates[currentTest];
+    ok(data.result === "downgraded", "Downgraded request " + currentBadCert);
+    ok(data.scheme === "http:", "Received 'http' for " + currentBadCert);
+    testWin.close();
+    if (++currentTest < badCertificates.length) {
+      startTest();
+      return;
+    }
+    window.removeEventListener("message", receiveMessage);
+    SimpleTest.finish();
+  }
+
+  async function startTest() {
+    const currentCode = badCertificates[currentTest];
+    // make a request to a subdomain of example.com with a bad certificate
+    testWin = window.open(`http://${currentCode}.example.com/tests/dom/security/test/https-first/file_bad_cert.sjs`);
+  }
+
+  // Set preference and start test
+  SpecialPowers.pushPrefEnv({ set: [
+    ["dom.security.https_first", true],
+  ]}, startTest);
+  SimpleTest.waitForExplicitFinish();
+  </script>
+</body>
+</html>