Bug 1068949 - Some tests to ensure warnings are displayed appropriately. r=past

browser/devtools/webconsole/test/browser.ini

@@ -84,6 +84,7 @@ support-files =
   test-console-output-events.html
   test-console-column.html
   test-consoleiframes.html
+  test-certificate-messages.html
   test-data.json
   test-data.json^headers^
   test-duplicate-error.html
@@ -266,6 +267,7 @@ skip-if = buildapp == 'mulet'
 [browser_webconsole_bug_915141_toggle_response_logging_with_keyboard.js]
 [browser_webconsole_bug_1006027_message_timestamps_incorrect.js]
 [browser_webconsole_bug_1010953_cspro.js]
+[browser_webconsole_certificate_messages.js]
 [browser_webconsole_cached_autocomplete.js]
 [browser_webconsole_change_font_size.js]
 [browser_webconsole_chrome.js]

browser/devtools/webconsole/test/browser_webconsole_certificate_messages.js

@@ -0,0 +1,73 @@
+/* vim:set ts=2 sw=2 sts=2 et: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+// Tests that the Web Console shows SHA-1 Certificate warnings
+
+const TEST_BAD_URI = "https://sha1ee.example.com/browser/browser/devtools/webconsole/test/test-certificate-messages.html";
+const TEST_GOOD_URI = "https://sha256ee.example.com/browser/browser/devtools/webconsole/test/test-certificate-messages.html";
+const TRIGGER_MSG = "If you haven't seen ssl warnings yet, you won't";
+
+let gHud = undefined;
+
+function test() {
+  registerCleanupFunction(function () {
+    gHud = null;
+  });
+
+  addTab("data:text/html;charset=utf8,Web Console SHA-1 warning test");
+  browser.addEventListener("load", function _onLoad() {
+    browser.removeEventListener("load", _onLoad, true);
+    openConsole(null, loadBadDocument);
+  }, true);
+}
+
+function loadBadDocument(theHud) {
+  gHud = theHud;
+  browser.addEventListener("load", onBadLoad, true);
+  content.location = TEST_BAD_URI;
+}
+
+function onBadLoad(aEvent) {
+  browser.removeEventListener("load", onBadLoad, true);
+  testForWarningMessage();
+}
+
+function loadGoodDocument(theHud) {
+  gHud.jsterm.clearOutput()
+  browser.addEventListener("load", onGoodLoad, true);
+  content.location = TEST_GOOD_URI;
+}
+
+function onGoodLoad(aEvent) {
+  browser.removeEventListener("load", onGoodLoad, true);
+  testForNoWarning();
+}
+
+function testForWarningMessage() {
+  let aOutputNode = gHud.outputNode;
+
+  waitForSuccess({
+      name: "SHA1 warning displayed successfully",
+      validatorFn: function() {
+        return gHud.outputNode.textContent.indexOf("SHA-1") > -1;
+      },
+      successFn: loadGoodDocument,
+      failureFn: finishTest,
+    });
+}
+
+function testForNoWarning() {
+  let aOutputNode = gHud.outputNode;
+
+  waitForSuccess({
+      name: "SHA1 warning appropriately missed",
+      validatorFn: function() {
+        if (gHud.outputNode.textContent.indexOf(TRIGGER_MSG) > -1) {
+          return gHud.outputNode.textContent.indexOf("SHA-1") == -1;
+        }
+      },
+      successFn: finishTest,
+      failureFn: finishTest,
+    });
+}

browser/devtools/webconsole/test/test-certificate-messages.html

@@ -0,0 +1,20 @@
+<!--
+  Bug 1068949 - Log crypto warnings to the security pane in the webconsole
+-->
+
+<!DOCTYPE HTML>
+<html dir="ltr" xml:lang="en-US" lang="en-US">
+  <head>
+    <meta charset="utf8">
+    <title>Security warning test - no violations</title>
+    <script>
+      console.log("If you haven't seen ssl warnings yet, you won't");
+    </script>
+    <!--
+      Any copyright is dedicated to the Public Domain.
+      http://creativecommons.org/publicdomain/zero/1.0/
+    -->
+  </head>
+  <body>
+  </body>
+</html>

build/pgo/server-locations.txt

@@ -229,3 +229,7 @@ https://bad.include-subdomains.pinning-dynamic.example.com:443    privileged,cer
 
 # Host for static pin tests
 https://include-subdomains.pinning.example.com:443                privileged,cert=staticPinningBad
+
+# Hosts for sha1 console warning tests
+https://sha1ee.example.com:443                                    privileged,cert=sha1_end_entity
+https://sha256ee.example.com:443                                  privileged,cert=sha256_end_entity