From 99445148b262249cb2a3edfbddb18424cd1406d8 Mon Sep 17 00:00:00 2001
From: Ivan Alagenchev <ialagenchev@mozilla.com>
Date: Fri, 26 Jul 2013 08:36:50 -0700
Subject: [PATCH] Bug 846918  - Adds new message category to webconsole.js and
 learn more link to security messages .r=msucan

---
 browser/devtools/webconsole/test/Makefile.in  |  3 +++
 ...console_bug_846918_hsts_invalid-headers.js | 27 +++++++++++++++++++
 .../test-bug-846918-hsts-invalid-headers.html | 13 +++++++++
 ...-846918-hsts-invalid-headers.html^headers^ |  1 +
 browser/devtools/webconsole/webconsole.js     |  1 +
 5 files changed, 45 insertions(+)
 create mode 100644 browser/devtools/webconsole/test/browser_webconsole_bug_846918_hsts_invalid-headers.js
 create mode 100644 browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html
 create mode 100644 browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html^headers^

diff --git a/browser/devtools/webconsole/test/Makefile.in b/browser/devtools/webconsole/test/Makefile.in
index 09cfeaa06cef..2e105b0f79f6 100644
--- a/browser/devtools/webconsole/test/Makefile.in
+++ b/browser/devtools/webconsole/test/Makefile.in
@@ -117,6 +117,7 @@ MOCHITEST_BROWSER_FILES = \
 	browser_netpanel_longstring_expand.js \
 	browser_repeated_messages_accuracy.js \
 	browser_webconsole_bug_821877_csp_errors.js \
+	browser_webconsole_bug_846918_hsts_invalid-headers.js \
 	browser_eval_in_debugger_stackframe.js \
 	browser_console_variables_view.js \
 	browser_console_variables_view_while_debugging.js \
@@ -236,6 +237,8 @@ MOCHITEST_BROWSER_FILES += \
 	test-bug-766001-js-errors.js \
 	test-bug-821877-csperrors.html \
 	test-bug-821877-csperrors.html^headers^ \
+	test-bug-846918-hsts-invalid-headers.html \
+	test-bug-846918-hsts-invalid-headers.html^headers^ \
 	test-eval-in-stackframe.html \
 	test-bug-859170-longstring-hang.html \
 	test-bug-837351-security-errors.html \
diff --git a/browser/devtools/webconsole/test/browser_webconsole_bug_846918_hsts_invalid-headers.js b/browser/devtools/webconsole/test/browser_webconsole_bug_846918_hsts_invalid-headers.js
new file mode 100644
index 000000000000..b94853645f18
--- /dev/null
+++ b/browser/devtools/webconsole/test/browser_webconsole_bug_846918_hsts_invalid-headers.js
@@ -0,0 +1,27 @@
+ /* Any copyright is dedicated to the Public Domain.
+  * http://creativecommons.org/publicdomain/zero/1.0/ */
+/* Tests that errors about invalid HSTS security headers are logged
+ *  to the web console */
+const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html";
+const HSTS_INVALID_HEADER_MSG = "The site specified an invalid Strict-Transport-Security header.";
+
+function test()
+{
+  addTab(TEST_URI);
+  browser.addEventListener("load", function onLoad(aEvent) {
+    browser.removeEventListener(aEvent.type, onLoad, true);
+    openConsole(null, function testHSTSErrorLogged (hud) {
+      waitForMessages({
+        webconsole: hud,
+        messages: [
+          {
+          name: "Invalid HSTS header error displayed successfully",
+          text: HSTS_INVALID_HEADER_MSG,
+          category: CATEGORY_SECURITY,
+          severity: SEVERITY_WARNING
+        },
+        ],
+      }).then(finishTest);
+    });
+  }, true);
+}
diff --git a/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html b/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html
new file mode 100644
index 000000000000..a2353354ddeb
--- /dev/null
+++ b/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html
@@ -0,0 +1,13 @@
+<!doctype html>
+ <html>
+   <head>
+     <meta charset="utf8">
+     <title>Bug 846918 - Report invalid strict-transport-security
+       headers to the web console</title>
+     <!-- Any copyright is dedicated to the Public Domain.
+         http://creativecommons.org/publicdomain/zero/1.0/ -->
+   </head>
+   <body>
+     <p>This page is served with an invalid STS header.</p>
+   </body>
+ </html>
diff --git a/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html^headers^ b/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html^headers^
new file mode 100644
index 000000000000..9778993d7bca
--- /dev/null
+++ b/browser/devtools/webconsole/test/test-bug-846918-hsts-invalid-headers.html^headers^
@@ -0,0 +1 @@
+Strict-Transport-Security: max-age444
\ No newline at end of file
diff --git a/browser/devtools/webconsole/webconsole.js b/browser/devtools/webconsole/webconsole.js
index d6a41ba43392..103eccb25e9a 100644
--- a/browser/devtools/webconsole/webconsole.js
+++ b/browser/devtools/webconsole/webconsole.js
@@ -4421,6 +4421,7 @@ var Utils = {
 
       case "Mixed Content Blocker":
       case "CSP":
+      case "Invalid HSTS Headers":
         return CATEGORY_SECURITY;
 
       default: