Bug 846918 - Adds new message category to webconsole.js and learn more link to security messages .r=msucan

2024-12-03 18:47:53 +00:00 · 2013-07-26 08:36:50 -07:00 · 2013-07-26 08:36:50 -07:00 · 99445148b2
commit 99445148b2
parent d2297abc43
5 changed files with 45 additions and 0 deletions
--- a/browser/devtools/webconsole/test/Makefile.in
+++ b/browser/devtools/webconsole/test/Makefile.in
@ -117,6 +117,7 @@ MOCHITEST_BROWSER_FILES = \
 	browser_netpanel_longstring_expand.js \
 	browser_repeated_messages_accuracy.js \
 	browser_webconsole_bug_821877_csp_errors.js \
+	browser_webconsole_bug_846918_hsts_invalid-headers.js \
 	browser_eval_in_debugger_stackframe.js \
 	browser_console_variables_view.js \
 	browser_console_variables_view_while_debugging.js \
@ -236,6 +237,8 @@ MOCHITEST_BROWSER_FILES += \
 	test-bug-766001-js-errors.js \
 	test-bug-821877-csperrors.html \
 	test-bug-821877-csperrors.html^headers^ \
+	test-bug-846918-hsts-invalid-headers.html \
+	test-bug-846918-hsts-invalid-headers.html^headers^ \
 	test-eval-in-stackframe.html \
 	test-bug-859170-longstring-hang.html \
 	test-bug-837351-security-errors.html \
--- a/browser/devtools/webconsole/test/browser_webconsole_bug_846918_hsts_invalid-headers.js
+++ b/browser/devtools/webconsole/test/browser_webconsole_bug_846918_hsts_invalid-headers.js
@ -0,0 +1,27 @@
+ /* Any copyright is dedicated to the Public Domain.
+  * http://creativecommons.org/publicdomain/zero/1.0/ */
+/* Tests that errors about invalid HSTS security headers are logged
+ *  to the web console */
+const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html";
+const HSTS_INVALID_HEADER_MSG = "The site specified an invalid Strict-Transport-Security header.";
+
+function test()
+{
+  addTab(TEST_URI);
+  browser.addEventListener("load", function onLoad(aEvent) {
+    browser.removeEventListener(aEvent.type, onLoad, true);
+    openConsole(null, function testHSTSErrorLogged (hud) {
+      waitForMessages({
+        webconsole: hud,
+        messages: [
+          {
+          name: "Invalid HSTS header error displayed successfully",
+          text: HSTS_INVALID_HEADER_MSG,
+          category: CATEGORY_SECURITY,
+          severity: SEVERITY_WARNING
+        },
+        ],
+      }).then(finishTest);
+    });
+  }, true);
+}
--- a/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html
+++ b/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html
@ -0,0 +1,13 @@
+<!doctype html>
+ <html>
+   <head>
+     <meta charset="utf8">
+     <title>Bug 846918 - Report invalid strict-transport-security
+       headers to the web console</title>
+     <!-- Any copyright is dedicated to the Public Domain.
+         http://creativecommons.org/publicdomain/zero/1.0/ -->
+   </head>
+   <body>
+     <p>This page is served with an invalid STS header.</p>
+   </body>
+ </html>
--- a/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html^headers^
+++ b/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html^headers^
@ -0,0 +1 @@
+Strict-Transport-Security: max-age444
--- a/browser/devtools/webconsole/webconsole.js
+++ b/browser/devtools/webconsole/webconsole.js
@ -4421,6 +4421,7 @@ var Utils = {

      case "Mixed Content Blocker":
      case "CSP":
+      case "Invalid HSTS Headers":
        return CATEGORY_SECURITY;

      default: