diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 420ab5386a97..51fea4358d5c 100755 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -3276,15 +3276,15 @@ function getDetailedCertErrorInfo(location, securityInfo) { const sss = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); // SiteSecurityService uses different storage if the channel is - // private. Thus we must give isSecureURI correct flags or we + // private. Thus we must give isSecureHost correct flags or we // might get incorrect results. let flags = PrivateBrowsingUtils.isWindowPrivate(window) ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0; let uri = Services.io.newURI(location); - let hasHSTS = sss.isSecureURI(sss.HEADER_HSTS, uri, flags); - let hasHPKP = sss.isSecureURI(sss.HEADER_HPKP, uri, flags); + let hasHSTS = sss.isSecureHost(sss.HEADER_HSTS, uri.host, flags); + let hasHPKP = sss.isSecureHost(sss.HEADER_HPKP, uri.host, flags); certErrorDetails += "\r\n\r\n" + gNavigatorBundle.getFormattedString("certErrorDetailsHSTS.label", [hasHSTS]); diff --git a/devtools/client/debugger/new/debugger.js b/devtools/client/debugger/new/debugger.js index 483d9f3adfa5..a5630bda9fb1 100644 --- a/devtools/client/debugger/new/debugger.js +++ b/devtools/client/debugger/new/debugger.js @@ -8961,19 +8961,15 @@ var Debugger = // SiteSecurityService uses different storage if the channel is - // private. Thus we must give isSecureURI correct flags or we + // private. Thus we must give isSecureHost correct flags or we // might get incorrect results. let flags = (httpActivity.private) ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0; - if (!uri) { - // isSecureURI only cares about the host, not the scheme. - let host = httpActivity.hostname; - uri = Services.io.newURI("https://" + host); - } - - info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags); - info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags); + let host = httpActivity.hostname; + + info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags); + info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags); } else { DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo", "Could not get HSTS/HPKP status as hostname is not available."); @@ -37656,19 +37652,15 @@ var Debugger = // SiteSecurityService uses different storage if the channel is - // private. Thus we must give isSecureURI correct flags or we + // private. Thus we must give isSecureHost correct flags or we // might get incorrect results. let flags = (httpActivity.private) ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0; - if (!uri) { - // isSecureURI only cares about the host, not the scheme. - let host = httpActivity.hostname; - uri = Services.io.newURI("https://" + host); - } - - info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags); - info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags); + let host = httpActivity.hostname; + + info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags); + info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags); } else { DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo", "Could not get HSTS/HPKP status as hostname is not available."); diff --git a/devtools/shared/webconsole/network-helper.js b/devtools/shared/webconsole/network-helper.js index b7804010c05c..23f9762ec929 100644 --- a/devtools/shared/webconsole/network-helper.js +++ b/devtools/shared/webconsole/network-helper.js @@ -633,19 +633,15 @@ var NetworkHelper = { .getService(Ci.nsISiteSecurityService); // SiteSecurityService uses different storage if the channel is - // private. Thus we must give isSecureURI correct flags or we + // private. Thus we must give isSecureHost correct flags or we // might get incorrect results. let flags = (httpActivity.private) ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0; - if (!uri) { - // isSecureURI only cares about the host, not the scheme. - let host = httpActivity.hostname; - uri = Services.io.newURI("https://" + host); - } + let host = httpActivity.hostname; - info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags); - info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags); + info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags); + info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags); } else { DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo", "Could not get HSTS/HPKP status as hostname is not available."); diff --git a/security/manager/ssl/SSLServerCertVerification.cpp b/security/manager/ssl/SSLServerCertVerification.cpp index 0ffc71fc0ae3..1452f775b458 100644 --- a/security/manager/ssl/SSLServerCertVerification.cpp +++ b/security/manager/ssl/SSLServerCertVerification.cpp @@ -511,32 +511,22 @@ CertErrorRunnable::CheckCertOverrides() return new SSLServerCertVerificationResult(mInfoObject, mDefaultErrorCodeToReport); } - nsCOMPtr uri; - nsresult nsrv = NS_NewURI(getter_AddRefs(uri), - NS_LITERAL_CSTRING("https://") + - mInfoObject->GetHostName()); - if (NS_FAILED(nsrv)) { - MOZ_LOG(gPIPNSSLog, LogLevel::Debug, - ("[%p][%p] Creating new URI failed\n", mFdForLogging, this)); - return new SSLServerCertVerificationResult(mInfoObject, - mDefaultErrorCodeToReport); - } - nsrv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, - uri, - mProviderFlags, - nullptr, - &strictTransportSecurityEnabled); + nsresult nsrv = sss->IsSecureHost(nsISiteSecurityService::HEADER_HSTS, + mInfoObject->GetHostName(), + mProviderFlags, + nullptr, + &strictTransportSecurityEnabled); if (NS_FAILED(nsrv)) { MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("[%p][%p] checking for HSTS failed\n", mFdForLogging, this)); return new SSLServerCertVerificationResult(mInfoObject, mDefaultErrorCodeToReport); } - nsrv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HPKP, - uri, - mProviderFlags, - nullptr, - &hasPinningInformation); + nsrv = sss->IsSecureHost(nsISiteSecurityService::HEADER_HPKP, + mInfoObject->GetHostName(), + mProviderFlags, + nullptr, + &hasPinningInformation); if (NS_FAILED(nsrv)) { MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("[%p][%p] checking for HPKP failed\n", mFdForLogging, this)); diff --git a/security/manager/ssl/nsISiteSecurityService.idl b/security/manager/ssl/nsISiteSecurityService.idl index 5f9decc4eca4..22921970b85c 100644 --- a/security/manager/ssl/nsISiteSecurityService.idl +++ b/security/manager/ssl/nsISiteSecurityService.idl @@ -121,6 +121,18 @@ interface nsISiteSecurityService : nsISupports [optional] out boolean aIncludeSubdomains, [optional] out uint32_t aFailureResult); + /** + * Same as processHeader but without checking for the security properties + * of the connection. Use ONLY for testing. + */ + void unsafeProcessHeader(in uint32_t aType, + in nsIURI aSourceURI, + in ACString aHeader, + in uint32_t aFlags, + [optional] out unsigned long long aMaxAge, + [optional] out boolean aIncludeSubdomains, + [optional] out uint32_t aFailureResult); + /** * Given a header type, removes state relating to that header of a host, * including the includeSubdomains state that would affect subdomains. @@ -135,6 +147,21 @@ interface nsISiteSecurityService : nsISupports in nsIURI aURI, in uint32_t aFlags); + /** + * See isSecureURI + * + * @param aType the type of security state in question. + * @param aHost the hostname (punycode) to query for state. + * @param aFlags options for this request as defined in nsISocketProvider: + * NO_PERMANENT_STORAGE + * @param aCached true if we have cached information regarding whether or not + * the host is HSTS, false otherwise. + */ + boolean isSecureHost(in uint32_t aType, + in ACString aHost, + in uint32_t aFlags, + [optional] out boolean aCached); + /** * Checks whether or not the URI's hostname has a given security state set. * For example, for HSTS: diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp index e11fd86cc977..8859151decd7 100644 --- a/security/manager/ssl/nsSiteSecurityService.cpp +++ b/security/manager/ssl/nsSiteSecurityService.cpp @@ -575,6 +575,26 @@ nsSiteSecurityService::ProcessHeader(uint32_t aType, aFailureResult); } +NS_IMETHODIMP +nsSiteSecurityService::UnsafeProcessHeader(uint32_t aType, + nsIURI* aSourceURI, + const nsACString& aHeader, + uint32_t aFlags, + uint64_t* aMaxAge, + bool* aIncludeSubdomains, + uint32_t* aFailureResult) +{ + // Child processes are not allowed direct access to this. + if (!XRE_IsParentProcess()) { + MOZ_CRASH("Child process: no direct access to " + "nsISiteSecurityService::UnsafeProcessHeader"); + } + + return ProcessHeaderInternal(aType, aSourceURI, PromiseFlatCString(aHeader), + nullptr, aFlags, aMaxAge, aIncludeSubdomains, + aFailureResult); +} + nsresult nsSiteSecurityService::ProcessHeaderInternal(uint32_t aType, nsIURI* aSourceURI, @@ -1197,7 +1217,7 @@ nsSiteSecurityService::HostHasHSTSEntry(const nsAutoCString& aHost, return false; } -nsresult +NS_IMETHODIMP nsSiteSecurityService::IsSecureHost(uint32_t aType, const nsACString& aHost, uint32_t aFlags, bool* aCached, bool* aResult) diff --git a/security/manager/ssl/nsSiteSecurityService.h b/security/manager/ssl/nsSiteSecurityService.h index 17c4c6f6563d..dc2167091024 100644 --- a/security/manager/ssl/nsSiteSecurityService.h +++ b/security/manager/ssl/nsSiteSecurityService.h @@ -172,8 +172,6 @@ private: bool aRequireIncludeSubdomains, uint32_t aFlags, bool* aResult, bool* aCached); const nsSTSPreload *GetPreloadListEntry(const char *aHost); - nsresult IsSecureHost(uint32_t aType, const nsACString& aHost, - uint32_t aFlags, bool* aCached, bool* aResult); uint64_t mMaxMaxAge; bool mUsePreloadList; diff --git a/security/manager/ssl/tests/gtest/STSParserTest.cpp b/security/manager/ssl/tests/gtest/STSParserTest.cpp new file mode 100644 index 000000000000..70b5901f2dd7 --- /dev/null +++ b/security/manager/ssl/tests/gtest/STSParserTest.cpp @@ -0,0 +1,147 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include + +#include "gtest/gtest.h" +#include "nsDependentString.h" +#include "nsNetUtil.h" +#include "nsISiteSecurityService.h" +#include "nsIURI.h" + +void +TestSuccess(const char* hdr, bool extraTokens, + uint64_t expectedMaxAge, bool expectedIncludeSubdomains, + nsISiteSecurityService* sss) +{ + nsCOMPtr dummyUri; + nsresult rv = NS_NewURI(getter_AddRefs(dummyUri), "https://foo.com/bar.html"); + ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to create URI"; + + uint64_t maxAge = 0; + bool includeSubdomains = false; + rv = sss->UnsafeProcessHeader(nsISiteSecurityService::HEADER_HSTS, dummyUri, + nsDependentCString(hdr), 0, &maxAge, + &includeSubdomains, nullptr); + ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to process valid header: " << hdr; + + ASSERT_EQ(maxAge, expectedMaxAge) << "Did not correctly parse maxAge"; + EXPECT_EQ(includeSubdomains, expectedIncludeSubdomains) << + "Did not correctly parse presence/absence of includeSubdomains"; + + if (extraTokens) { + EXPECT_EQ(rv, NS_SUCCESS_LOSS_OF_INSIGNIFICANT_DATA) << + "Extra tokens were expected when parsing, but were not encountered."; + } else { + EXPECT_EQ(rv, NS_OK) << "Unexpected tokens found during parsing."; + } + + printf("%s\n", hdr); +} + +void TestFailure(const char* hdr, + nsISiteSecurityService* sss) +{ + nsCOMPtr dummyUri; + nsresult rv = NS_NewURI(getter_AddRefs(dummyUri), "https://foo.com/bar.html"); + ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to create URI"; + + rv = sss->UnsafeProcessHeader(nsISiteSecurityService::HEADER_HSTS, dummyUri, + nsDependentCString(hdr), 0, nullptr, nullptr, + nullptr); + ASSERT_TRUE(NS_FAILED(rv)) << "Parsed invalid header: " << hdr; + + printf("%s\n", hdr); +} + +TEST(psm_STSParser, Test) +{ + nsresult rv; + + // grab handle to the service + nsCOMPtr sss; + sss = do_GetService("@mozilla.org/ssservice;1", &rv); + ASSERT_TRUE(NS_SUCCEEDED(rv)); + + // *** parsing tests + printf("*** Attempting to parse valid STS headers ...\n"); + + // SHOULD SUCCEED: + TestSuccess("max-age=100", false, 100, false, sss); + TestSuccess("max-age =100", false, 100, false, sss); + TestSuccess(" max-age=100", false, 100, false, sss); + TestSuccess("max-age = 100 ", false, 100, false, sss); + TestSuccess(R"(max-age = "100" )", false, 100, false, sss); + TestSuccess(R"(max-age="100")", false, 100, false, sss); + TestSuccess(R"( max-age ="100" )", false, 100, false, sss); + TestSuccess("\tmax-age\t=\t\"100\"\t", false, 100, false, sss); + TestSuccess("max-age = 100 ", false, 100, false, sss); + + TestSuccess("maX-aGe=100", false, 100, false, sss); + TestSuccess("MAX-age =100", false, 100, false, sss); + TestSuccess("max-AGE=100", false, 100, false, sss); + TestSuccess("Max-Age = 100 ", false, 100, false, sss); + TestSuccess("MAX-AGE = 100 ", false, 100, false, sss); + + TestSuccess("max-age=100;includeSubdomains", false, 100, true, sss); + TestSuccess("max-age=100\t; includeSubdomains", false, 100, true, sss); + TestSuccess(" max-age=100; includeSubdomains", false, 100, true, sss); + TestSuccess("max-age = 100 ; includeSubdomains", false, 100, true, sss); + TestSuccess("max-age = 100 ; includeSubdomains", + false, 100, true, sss); + + TestSuccess("maX-aGe=100; includeSUBDOMAINS", false, 100, true, sss); + TestSuccess("MAX-age =100; includeSubDomains", false, 100, true, sss); + TestSuccess("max-AGE=100; iNcLuDeSuBdoMaInS", false, 100, true, sss); + TestSuccess("Max-Age = 100; includesubdomains ", false, 100, true, sss); + TestSuccess("INCLUDESUBDOMAINS;MaX-AgE = 100 ", false, 100, true, sss); + // Turns out, the actual directive is entirely optional (hence the + // trailing semicolon) + TestSuccess("max-age=100;includeSubdomains;", true, 100, true, sss); + + // these are weird tests, but are testing that some extended syntax is + // still allowed (but it is ignored) + TestSuccess("max-age=100 ; includesubdomainsSomeStuff", + true, 100, false, sss); + TestSuccess("\r\n\t\t \tcompletelyUnrelated = foobar; max-age= 34520103" + "\t \t; alsoUnrelated;asIsThis;\tincludeSubdomains\t\t \t", + true, 34520103, true, sss); + TestSuccess(R"(max-age=100; unrelated="quoted \"thingy\"")", + true, 100, false, sss); + + // SHOULD FAIL: + printf("* Attempting to parse invalid STS headers (should not parse)...\n"); + // invalid max-ages + TestFailure("max-age", sss); + TestFailure("max-age ", sss); + TestFailure("max-age=p", sss); + TestFailure("max-age=*1p2", sss); + TestFailure("max-age=.20032", sss); + TestFailure("max-age=!20032", sss); + TestFailure("max-age==20032", sss); + + // invalid headers + TestFailure("foobar", sss); + TestFailure("maxage=100", sss); + TestFailure("maxa-ge=100", sss); + TestFailure("max-ag=100", sss); + TestFailure("includesubdomains", sss); + TestFailure(";", sss); + TestFailure(R"(max-age="100)", sss); + // The max-age directive here doesn't conform to the spec, so it MUST + // be ignored. Consequently, the REQUIRED max-age directive is not + // present in this header, and so it is invalid. + TestFailure("max-age=100, max-age=200; includeSubdomains", sss); + TestFailure("max-age=100 includesubdomains", sss); + TestFailure("max-age=100 bar foo", sss); + TestFailure("max-age=100randomstuffhere", sss); + // All directives MUST appear only once in an STS header field. + TestFailure("max-age=100; max-age=200", sss); + TestFailure("includeSubdomains; max-age=200; includeSubdomains", sss); + TestFailure("max-age=200; includeSubdomains; includeSubdomains", sss); + // The includeSubdomains directive is valueless. + TestFailure("max-age=100; includeSubdomains=unexpected", sss); + // LWS must have at least one space or horizontal tab + TestFailure("\r\nmax-age=200", sss); +} diff --git a/security/manager/ssl/tests/gtest/moz.build b/security/manager/ssl/tests/gtest/moz.build index 35ee6866cb37..735ab297116c 100644 --- a/security/manager/ssl/tests/gtest/moz.build +++ b/security/manager/ssl/tests/gtest/moz.build @@ -10,6 +10,7 @@ SOURCES += [ 'DeserializeCertTest.cpp', 'MD4Test.cpp', 'OCSPCacheTest.cpp', + 'STSParserTest.cpp', 'TLSIntoleranceTest.cpp', ] diff --git a/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js b/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js index 1400f1336e33..d3001b26963e 100644 --- a/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js +++ b/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js @@ -54,9 +54,7 @@ function test() { uri = aWindow.Services.io.newURI("https://localhost/img.png"); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000", sslStatus, privacyFlags(aIsPrivateMode)); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, - privacyFlags(aIsPrivateMode)), - "checking sts host"); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "localhost", privacyFlags(aIsPrivateMode)), "checking sts host"); aCallback(); }, {capture: true, once: true}); diff --git a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html index 972e016fece6..5293f3d58bb1 100644 --- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html +++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html @@ -31,7 +31,6 @@ Cu.import("resource://testing-common/BrowserTestUtils.jsm"); Cu.import("resource://testing-common/ContentTask.jsm"); Cu.import("resource://gre/modules/Task.jsm"); - Cu.import("resource://gre/modules/Services.jsm"); // This is how many sub-tests (testframes) in each round. // When the round begins, this will be initialized. @@ -243,9 +242,7 @@ let sss = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); let flags = isPrivate ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0; - SimpleTest.info("State of example.com: " + - sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example.com"), flags)); + SimpleTest.info("State of example.com: " + sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "example.com", flags)); } // These are executed in the order presented. diff --git a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js index 61f53e349492..13869416b8b2 100644 --- a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js +++ b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js @@ -5,29 +5,21 @@ function run_test() { let SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://expired.example.com"), - 0)); - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://notexpired.example.com"), - 0)); - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://bugzilla.mozilla.org"), - 0)); - ok(!SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0)); - ok(SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://incsubdomain.example.com"), 0)); - ok(SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.incsubdomain.example.com"), 0)); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://login.persona.org"), - 0)); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.login.persona.org"), - 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "expired.example.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notexpired.example.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.bugzilla.mozilla.org", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "incsubdomain.example.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.incsubdomain.example.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.login.persona.org", 0)); do_test_finished(); } diff --git a/security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js b/security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js index e82b53943b26..e473a6d31998 100644 --- a/security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js +++ b/security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js @@ -54,16 +54,20 @@ add_task(function* () { sss.processHeader(Ci.nsISiteSecurityService.HEADER_HPKP, uri, GOOD_MAX_AGE + VALID_PIN + BACKUP_PIN, sslStatus, 0); - Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0), + Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.pinning2.example.com", 0), "a.pinning2.example.com should be HSTS"); - Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0), + Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "a.pinning2.example.com", 0), "a.pinning2.example.com should be HPKP"); yield ForgetAboutSite.removeDataFromDomain("a.pinning2.example.com"); - Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0), + Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.pinning2.example.com", 0), "a.pinning2.example.com should not be HSTS now"); - Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0), + Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "a.pinning2.example.com", 0), "a.pinning2.example.com should not be HPKP now"); }); @@ -77,9 +81,11 @@ add_task(function* () { sss.processHeader(Ci.nsISiteSecurityService.HEADER_HPKP, uri, GOOD_MAX_AGE + VALID_PIN + BACKUP_PIN, sslStatus, 0); - Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0), + Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.pinning2.example.com", 0), "a.pinning2.example.com should be HSTS (subdomain case)"); - Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0), + Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "a.pinning2.example.com", 0), "a.pinning2.example.com should be HPKP (subdomain case)"); // Add an unrelated site to HSTS. Not HPKP because we have no valid keys for @@ -87,17 +93,20 @@ add_task(function* () { let unrelatedURI = Services.io.newURI("https://example.org"); sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, unrelatedURI, GOOD_MAX_AGE, sslStatus, 0); - Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - unrelatedURI, 0), "example.org should be HSTS"); + Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.org", 0), + "example.org should be HSTS"); yield ForgetAboutSite.removeDataFromDomain("example.com"); - Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0), + Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.pinning2.example.com", 0), "a.pinning2.example.com should not be HSTS now (subdomain case)"); - Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0), + Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "a.pinning2.example.com", 0), "a.pinning2.example.com should not be HPKP now (subdomain case)"); - Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - unrelatedURI, 0), + Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.org", 0), "example.org should still be HSTS"); }); diff --git a/security/manager/ssl/tests/unit/test_ocsp_no_hsts_upgrade.js b/security/manager/ssl/tests/unit/test_ocsp_no_hsts_upgrade.js index 9f9d421bb835..c4233854aff2 100644 --- a/security/manager/ssl/tests/unit/test_ocsp_no_hsts_upgrade.js +++ b/security/manager/ssl/tests/unit/test_ocsp_no_hsts_upgrade.js @@ -45,7 +45,8 @@ function run_test() { let sslStatus = new FakeSSLStatus(); SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=10000", sslStatus, 0); - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0), + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "localhost", 0), "Domain for the OCSP AIA URI should be considered a HSTS host, otherwise" + " we wouldn't be testing what we think we're testing"); diff --git a/security/manager/ssl/tests/unit/test_pinning_dynamic.js b/security/manager/ssl/tests/unit/test_pinning_dynamic.js index 640c85163299..61d70049acd8 100644 --- a/security/manager/ssl/tests/unit/test_pinning_dynamic.js +++ b/security/manager/ssl/tests/unit/test_pinning_dynamic.js @@ -75,21 +75,17 @@ function run_test() { } function checkDefaultSiteHPKPStatus() { - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HPKP, - Services.io.newURI("https://a.pinning2.example.com"), 0), + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "a.pinning2.example.com", 0), "a.pinning2.example.com should have HPKP status"); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HPKP, - Services.io.newURI("https://x.a.pinning2.example.com"), 0), + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "x.a.pinning2.example.com", 0), "x.a.pinning2.example.com should not have HPKP status"); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HPKP, - Services.io.newURI("https://b.pinning2.example.com"), 0), + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "b.pinning2.example.com", 0), "b.pinning2.example.com should have HPKP status"); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HPKP, - Services.io.newURI("https://x.b.pinning2.example.com"), 0), + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "x.b.pinning2.example.com", 0), "x.b.pinning2.example.com should have HPKP status"); } @@ -163,14 +159,12 @@ function checkStateRead(aSubject, aTopic, aData) { checkOK(certFromFile("x.b.pinning2.example.com-pinningroot"), "x.b.pinning2.example.com"); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HPKP, - Services.io.newURI("https://a.pinning2.example.com"), 0), + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "a.pinning2.example.com", 0), "a.pinning2.example.com should still have HPKP status after adding" + " includeSubdomains to a.pinning2.example.com"); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HPKP, - Services.io.newURI("https://x.a.pinning2.example.com"), 0), + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "x.a.pinning2.example.com", 0), "x.a.pinning2.example.com should now have HPKP status after adding" + " includeSubdomains to a.pinning2.example.com"); @@ -231,13 +225,11 @@ function checkStateRead(aSubject, aTopic, aData) { "Attempting to set a pin with an incorrect size should fail"); // Ensure built-in pins work as expected - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HPKP, - Services.io.newURI("https://nonexistent.example.com"), 0), + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "nonexistent.example.com", 0), "Not built-in nonexistent.example.com should not have HPKP status"); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HPKP, - Services.io.newURI("https://include-subdomains.pinning.example.com"), 0), + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "include-subdomains.pinning.example.com", 0), "Built-in include-subdomains.pinning.example.com should have HPKP status"); gSSService.setKeyPins("a.pinning2.example.com", false, new Date().getTime(), diff --git a/security/manager/ssl/tests/unit/test_pinning_header_parsing.js b/security/manager/ssl/tests/unit/test_pinning_header_parsing.js index d8c9a1a4b114..01947c5ecb62 100644 --- a/security/manager/ssl/tests/unit/test_pinning_header_parsing.js +++ b/security/manager/ssl/tests/unit/test_pinning_header_parsing.js @@ -63,8 +63,8 @@ function checkPassValidPin(pinValue, settingPin, expectedMaxAge) { // after processing ensure that the postconditions are true, if setting // the host must be pinned, if removing the host must not be pinned - let hostIsPinned = gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, - uri, 0); + let hostIsPinned = gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP, + "a.pinning2.example.com", 0); if (settingPin) { ok(hostIsPinned, "Host should be considered pinned"); } else { diff --git a/security/manager/ssl/tests/unit/test_sss_eviction.js b/security/manager/ssl/tests/unit/test_sss_eviction.js index ddf581032256..0f133cc2241c 100644 --- a/security/manager/ssl/tests/unit/test_sss_eviction.js +++ b/security/manager/ssl/tests/unit/test_sss_eviction.js @@ -51,9 +51,8 @@ function do_state_read(aSubject, aTopic, aData) { equal(aData, SSS_STATE_FILE_NAME); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://frequentlyused.example.com"), 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "frequentlyused.example.com", 0)); let sslStatus = new FakeSSLStatus(); for (let i = 0; i < 2000; i++) { let uri = Services.io.newURI("http://bad" + i + ".example.com"); diff --git a/security/manager/ssl/tests/unit/test_sss_readstate.js b/security/manager/ssl/tests/unit/test_sss_readstate.js index ec2484b7c66c..da96e61290ed 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate.js @@ -19,55 +19,41 @@ function checkStateRead(aSubject, aTopic, aData) { equal(aData, SSS_STATE_FILE_NAME); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://expired.example.com"), - 0)); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://notexpired.example.com"), - 0)); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://bugzilla.mozilla.org"), - 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://incsubdomain.example.com"), 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.incsubdomain.example.com"), 0)); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://login.persona.org"), - 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.login.persona.org"), 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "expired.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notexpired.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "incsubdomain.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.incsubdomain.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.login.persona.org", 0)); // Clearing the data should make everything go back to default. gSSService.clearAll(); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://expired.example.com"), - 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://notexpired.example.com"), 0)); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://bugzilla.mozilla.org"), - 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://incsubdomain.example.com"), 0)); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.incsubdomain.example.com"), 0)); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://login.persona.org"), 0)); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.login.persona.org"), - 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "expired.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notexpired.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "incsubdomain.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.incsubdomain.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.login.persona.org", 0)); do_test_finished(); } diff --git a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js index 686b4ad61b31..96146ca7f444 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js @@ -10,18 +10,15 @@ var gSSService = null; function checkStateRead(aSubject, aTopic, aData) { // nonexistent.example.com should never be an HSTS host - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://nonexistent.example.com"), 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "nonexistent.example.com", 0)); // bugzilla.mozilla.org is preloaded - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://bugzilla.mozilla.org"), - 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // notexpired.example.com is an HSTS host in a different test - we // want to make sure that test hasn't interfered with this one. - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://notexpired.example.com"), 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notexpired.example.com", 0)); do_test_finished(); } diff --git a/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js index 281cc7932b4b..d4165f7f4ccb 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js @@ -19,17 +19,14 @@ function checkStateRead(aSubject, aTopic, aData) { equal(aData, SSS_STATE_FILE_NAME); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example1.example.com"), - 0)); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example2.example.com"), - 0)); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example.com"), 0)); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example3.example.com"), - 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example1.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example2.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example3.example.com", 0)); do_test_finished(); } diff --git a/security/manager/ssl/tests/unit/test_sss_readstate_huge.js b/security/manager/ssl/tests/unit/test_sss_readstate_huge.js index cb76e66f26a9..eec93b6f488b 100644 --- a/security/manager/ssl/tests/unit/test_sss_readstate_huge.js +++ b/security/manager/ssl/tests/unit/test_sss_readstate_huge.js @@ -20,27 +20,20 @@ function checkStateRead(aSubject, aTopic, aData) { equal(aData, SSS_STATE_FILE_NAME); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example0.example.com"), - 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example423.example.com"), 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example1023.example.com"), 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example1024.example.com"), 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example1025.example.com"), 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example9000.example.com"), 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example99999.example.com"), 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example0.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example423.example.com", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example1023.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example1024.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example1025.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example9000.example.com", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example99999.example.com", 0)); do_test_finished(); } diff --git a/security/manager/ssl/tests/unit/test_sts_fqdn.js b/security/manager/ssl/tests/unit/test_sts_fqdn.js index 56df883bf402..33810ad79b32 100644 --- a/security/manager/ssl/tests/unit/test_sts_fqdn.js +++ b/security/manager/ssl/tests/unit/test_sts_fqdn.js @@ -7,25 +7,38 @@ function run_test() { let SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - let uri = Services.io.newURI("https://example.com"); - let uri1 = Services.io.newURI("https://example.com."); - let uri2 = Services.io.newURI("https://example.com.."); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com.", 0)); // These cases are only relevant as long as bug 1118522 hasn't been fixed. - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com..", 0)); + let uri = Services.io.newURI("https://example.com"); let sslStatus = new FakeSSLStatus(); SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000;includeSubdomains", sslStatus, 0); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com.", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com..", 0)); + + ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + uri = Services.io.newURI("https://example.com."); + ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + uri = Services.io.newURI("https://example.com.."); ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0)); - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0)); SSService.removeState(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0)); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com.", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.com..", 0)); // Somehow creating this malformed URI succeeds - we need to handle it // gracefully. diff --git a/security/manager/ssl/tests/unit/test_sts_holepunch.js b/security/manager/ssl/tests/unit/test_sts_holepunch.js index 66326b2e62a4..ab3ae6058407 100644 --- a/security/manager/ssl/tests/unit/test_sts_holepunch.js +++ b/security/manager/ssl/tests/unit/test_sts_holepunch.js @@ -10,28 +10,25 @@ function run_test() { let SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://chart.apis.google.com"), - 0)); - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://CHART.APIS.GOOGLE.COM"), - 0)); - ok(!SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.chart.apis.google.com"), 0)); - ok(!SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://SUB.CHART.APIS.GOOGLE.COM"), 0)); - ok(SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://example.apis.google.com"), 0)); - ok(SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://EXAMPLE.APIS.GOOGLE.COM"), 0)); - ok(SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sub.example.apis.google.com"), 0)); - ok(SSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://SUB.EXAMPLE.APIS.GOOGLE.COM"), 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "chart.apis.google.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "CHART.APIS.GOOGLE.COM", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.chart.apis.google.com", 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "SUB.CHART.APIS.GOOGLE.COM", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "example.apis.google.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "EXAMPLE.APIS.GOOGLE.COM", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sub.example.apis.google.com", 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "SUB.EXAMPLE.APIS.GOOGLE.COM", 0)); + // also check isSecureURI + let chartURI = Services.io.newURI("http://chart.apis.google.com"); + ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, chartURI, 0)); + let otherURI = Services.io.newURI("http://other.apis.google.com"); + ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, otherURI, 0)); } diff --git a/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js b/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js index 6cd0fb19abcb..a1f39a512c9f 100644 --- a/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js +++ b/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js @@ -2,6 +2,7 @@ function check_ip(s, v, ip) { let sslStatus = new FakeSSLStatus(); + ok(!s.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, ip, 0)); let str = "https://"; if (v == 6) { @@ -14,15 +15,12 @@ function check_ip(s, v, ip) { str += "/"; let uri = Services.io.newURI(str); - ok(!s.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); let parsedMaxAge = {}; let parsedIncludeSubdomains = {}; s.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000;includeSubdomains", sslStatus, 0, parsedMaxAge, parsedIncludeSubdomains); - ok(!s.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0), - "URI should not be secure if it contains an IP address"); /* Test that processHeader will ignore headers for an uri, if the uri * contains an IP address not a hostname. diff --git a/security/manager/ssl/tests/unit/test_sts_parser.js b/security/manager/ssl/tests/unit/test_sts_parser.js deleted file mode 100644 index 9bc1b8db5e8f..000000000000 --- a/security/manager/ssl/tests/unit/test_sts_parser.js +++ /dev/null @@ -1,110 +0,0 @@ -/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- - * vim: sw=2 ts=2 sts=2 - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -"use strict"; - -// STS parser tests - -let sss = Cc["@mozilla.org/ssservice;1"].getService(Ci.nsISiteSecurityService); -let sslStatus = new FakeSSLStatus(); - -function testSuccess(header, expectedMaxAge, expectedIncludeSubdomains) { - let dummyUri = Services.io.newURI("https://foo.com/bar.html"); - let maxAge = {}; - let includeSubdomains = {}; - - sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, dummyUri, header, - sslStatus, 0, maxAge, includeSubdomains); - - equal(maxAge.value, expectedMaxAge, "Did not correctly parse maxAge"); - equal(includeSubdomains.value, expectedIncludeSubdomains, - "Did not correctly parse presence/absence of includeSubdomains"); -} - -function testFailure(header) { - let dummyUri = Services.io.newURI("https://foo.com/bar.html"); - throws(() => { - sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, dummyUri, header, - sslStatus, 0, maxAge, includeSubdomains); - }, "Parsed invalid header: " + header); -} - -function run_test() { - // SHOULD SUCCEED: - testSuccess("max-age=100", 100, false); - testSuccess("max-age =100", 100, false); - testSuccess(" max-age=100", 100, false); - testSuccess("max-age = 100 ", 100, false); - testSuccess('max-age = "100" ', 100, false); - testSuccess('max-age="100"', 100, false); - testSuccess(' max-age ="100" ', 100, false); - testSuccess("\tmax-age\t=\t\"100\"\t", 100, false); - testSuccess("max-age = 100 ", 100, false); - - testSuccess("maX-aGe=100", 100, false); - testSuccess("MAX-age =100", 100, false); - testSuccess("max-AGE=100", 100, false); - testSuccess("Max-Age = 100 ", 100, false); - testSuccess("MAX-AGE = 100 ", 100, false); - - testSuccess("max-age=100;includeSubdomains", 100, true); - testSuccess("max-age=100\t; includeSubdomains", 100, true); - testSuccess(" max-age=100; includeSubdomains", 100, true); - testSuccess("max-age = 100 ; includeSubdomains", 100, true); - testSuccess("max-age = 100 ; includeSubdomains", 100, - true); - - testSuccess("maX-aGe=100; includeSUBDOMAINS", 100, true); - testSuccess("MAX-age =100; includeSubDomains", 100, true); - testSuccess("max-AGE=100; iNcLuDeSuBdoMaInS", 100, true); - testSuccess("Max-Age = 100; includesubdomains ", 100, true); - testSuccess("INCLUDESUBDOMAINS;MaX-AgE = 100 ", 100, true); - // Turns out, the actual directive is entirely optional (hence the - // trailing semicolon) - testSuccess("max-age=100;includeSubdomains;", 100, true); - - // these are weird tests, but are testing that some extended syntax is - // still allowed (but it is ignored) - testSuccess("max-age=100 ; includesubdomainsSomeStuff", 100, false); - testSuccess("\r\n\t\t \tcompletelyUnrelated = foobar; max-age= 34520103" - + "\t \t; alsoUnrelated;asIsThis;\tincludeSubdomains\t\t \t", - 34520103, true); - testSuccess('max-age=100; unrelated="quoted \\"thingy\\""', 100, false); - - // SHOULD FAIL: - // invalid max-ages - testFailure("max-age"); - testFailure("max-age "); - testFailure("max-age=p"); - testFailure("max-age=*1p2"); - testFailure("max-age=.20032"); - testFailure("max-age=!20032"); - testFailure("max-age==20032"); - - // invalid headers - testFailure("foobar"); - testFailure("maxage=100"); - testFailure("maxa-ge=100"); - testFailure("max-ag=100"); - testFailure("includesubdomains"); - testFailure(";"); - testFailure('max-age="100'); - // The max-age directive here doesn't conform to the spec, so it MUST - // be ignored. Consequently, the REQUIRED max-age directive is not - // present in this header, and so it is invalid. - testFailure("max-age=100, max-age=200; includeSubdomains"); - testFailure("max-age=100 includesubdomains"); - testFailure("max-age=100 bar foo"); - testFailure("max-age=100randomstuffhere"); - // All directives MUST appear only once in an STS header field. - testFailure("max-age=100; max-age=200"); - testFailure("includeSubdomains; max-age=200; includeSubdomains"); - testFailure("max-age=200; includeSubdomains; includeSubdomains"); - // The includeSubdomains directive is valueless. - testFailure("max-age=100; includeSubdomains=unexpected"); - // LWS must have at least one space or horizontal tab - testFailure("\r\nmax-age=200"); -} diff --git a/security/manager/ssl/tests/unit/test_sts_preload_dynamic.js b/security/manager/ssl/tests/unit/test_sts_preload_dynamic.js index 650a74bb1a0f..c686991ef717 100644 --- a/security/manager/ssl/tests/unit/test_sts_preload_dynamic.js +++ b/security/manager/ssl/tests/unit/test_sts_preload_dynamic.js @@ -16,52 +16,57 @@ function run_test() { let SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); let sslStatus = new FakeSSLStatus(); - let unlikelyHost = "highlyunlikely.example.com"; - let uri = Services.io.newURI("https://" + unlikelyHost); - let subDomainUri = Services.io.newURI("https://subdomain." + unlikelyHost); // first check that a host probably not on the preload list is not identified // as an sts host - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + let unlikelyHost = "highlyunlikely.example.com"; + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + unlikelyHost, 0)); // now add a preload entry for this host SSService.setHSTSPreload(unlikelyHost, false, Date.now() + 60000); // check that it's now an STS host - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + unlikelyHost, 0)); // check that it's honoring the fact we set includeSubdomains to false - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri, - 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain." + unlikelyHost, 0)); // clear the non-preloaded entries SSService.clearAll(); // check that it's still an STS host - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + unlikelyHost, 0)); // clear the preloads SSService.clearPreloads(); // Check that it's no longer an STS host now that the preloads have been // cleared - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + unlikelyHost, 0)); // Now let's do the same, this time with includeSubdomains on SSService.setHSTSPreload(unlikelyHost, true, Date.now() + 60000); // check that it's now an STS host - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + unlikelyHost, 0)); // check that it's now including subdomains - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri, - 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain." + unlikelyHost, 0)); // Now let's simulate overriding the entry by setting an entry from a header // with max-age set to 0 + let uri = Services.io.newURI("https://" + unlikelyHost); SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, 0); // this should no longer be an HSTS host - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + unlikelyHost, 0)); } diff --git a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js index 400fdc7c3b6b..cb5614e39c42 100644 --- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js +++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js @@ -38,75 +38,67 @@ function run_test() { function test_part1() { // check that a host not in the list is not identified as an sts host - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://nonexistent.mozilla.com"), 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "nonexistent.mozilla.com", 0)); // check that an ancestor domain is not identified as an sts host - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://com"), 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "com", 0)); // check that the pref to toggle using the preload list works Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", false); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://bugzilla.mozilla.org"), - 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", true); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://bugzilla.mozilla.org"), - 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // check that a subdomain is an sts host (includeSubdomains is set) - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); // check that another subdomain is an sts host (includeSubdomains is set) - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://a.b.c.def.bugzilla.mozilla.org"), 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.b.c.def.bugzilla.mozilla.org", 0)); // check that a subdomain is not an sts host (includeSubdomains is not set) - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://subdomain.www.torproject.org"), 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.www.torproject.org", 0)); // check that a host with a dot on the end won't break anything - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://notsts.nonexistent.mozilla.com."), 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "notsts.nonexistent.mozilla.com.", 0)); // check that processing a header with max-age: 0 will remove a preloaded // site from the list - let uri = Services.io.newURI("https://bugzilla.mozilla.org"); - let subDomainUri = - Services.io.newURI("https://subdomain.bugzilla.mozilla.org"); + let uri = Services.io.newURI("http://bugzilla.mozilla.org"); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, 0); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - subDomainUri, 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); // check that processing another header (with max-age non-zero) will // re-enable a site's sts status gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000", sslStatus, 0); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // but this time include subdomains was not set, so test for that - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - subDomainUri, 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); gSSService.clearAll(); // check that processing a header with max-age: 0 from a subdomain of a site // will not remove that (ancestor) site from the list - uri = Services.io.newURI("https://subdomain.www.torproject.org"); + uri = Services.io.newURI("http://subdomain.www.torproject.org"); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, 0); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://www.torproject.org"), - 0)); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "www.torproject.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.www.torproject.org", 0)); - uri = Services.io.newURI("https://subdomain.bugzilla.mozilla.org"); + uri = Services.io.newURI("http://subdomain.bugzilla.mozilla.org"); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, 0); // we received a header with "max-age=0", so we have "no information" @@ -118,19 +110,14 @@ function test_part1() { // |-- subdomain.bugzilla.mozilla.org IS sts host // | `-- another.subdomain.bugzilla.mozilla.org IS sts host // `-- sibling.bugzilla.mozilla.org IS sts host - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://bugzilla.mozilla.org"), - 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"), - 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sibling.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "another.subdomain.bugzilla.mozilla.org", 0)); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000", sslStatus, 0); @@ -139,16 +126,12 @@ function test_part1() { // |-- subdomain.bugzilla.mozilla.org (include subdomains is false) IS sts host // | `-- another.subdomain.bugzilla.mozilla.org IS NOT sts host // `-- sibling.bugzilla.mozilla.org IS sts host - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0)); - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0)); - ok(!gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"), - 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "sibling.bugzilla.mozilla.org", 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "another.subdomain.bugzilla.mozilla.org", 0)); // Test that an expired non-private browsing entry results in correctly // identifying a host that is on the preload list as no longer sts. @@ -156,12 +139,14 @@ function test_part1() { // a site on the preload list, and that header later expires. We need to // then treat that host as no longer an sts host.) // (sanity check first - this should be in the preload list) - uri = Services.io.newURI("https://login.persona.org"); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); + uri = Services.io.newURI("http://login.persona.org"); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1", sslStatus, 0); do_timeout(1250, function() { - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); run_next_test(); }); } @@ -170,37 +155,36 @@ const IS_PRIVATE = Ci.nsISocketProvider.NO_PERMANENT_STORAGE; function test_private_browsing1() { gSSService.clearAll(); - let uri = Services.io.newURI("https://bugzilla.mozilla.org"); - let subDomainUri = - Services.io.newURI("https://a.b.c.subdomain.bugzilla.mozilla.org"); // sanity - bugzilla.mozilla.org is preloaded, includeSubdomains set - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, - IS_PRIVATE)); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri, - IS_PRIVATE)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", IS_PRIVATE)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.b.c.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); + let uri = Services.io.newURI("http://bugzilla.mozilla.org"); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, IS_PRIVATE); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, - IS_PRIVATE)); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - subDomainUri, IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "a.b.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); // check adding it back in gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1000", sslStatus, IS_PRIVATE); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, IS_PRIVATE)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", IS_PRIVATE)); // but no includeSubdomains this time - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - subDomainUri, IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "b.subdomain.bugzilla.mozilla.org", IS_PRIVATE)); // do the hokey-pokey... gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=0", sslStatus, IS_PRIVATE); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, - IS_PRIVATE)); - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, - subDomainUri, IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", IS_PRIVATE)); // Test that an expired private browsing entry results in correctly // identifying a host that is on the preload list as no longer sts. @@ -208,14 +192,14 @@ function test_private_browsing1() { // a site on the preload list, and that header later expires. We need to // then treat that host as no longer an sts host.) // (sanity check first - this should be in the preload list) - uri = Services.io.newURI("https://login.persona.org"); - ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, - IS_PRIVATE)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", IS_PRIVATE)); + uri = Services.io.newURI("http://login.persona.org"); gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, "max-age=1", sslStatus, IS_PRIVATE); do_timeout(1250, function() { - ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, - IS_PRIVATE)); + ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", IS_PRIVATE)); // Simulate leaving private browsing mode Services.obs.notifyObservers(null, "last-pb-context-exited", null); }); @@ -223,19 +207,16 @@ function test_private_browsing1() { function test_private_browsing2() { // if this test gets this far, it means there's a private browsing service - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://bugzilla.mozilla.org"), 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // the bugzilla.mozilla.org entry has includeSubdomains set - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "subdomain.bugzilla.mozilla.org", 0)); // Now that we're out of private browsing mode, we need to make sure // we've "forgotten" that we "forgot" this site's sts status. - ok(gSSService.isSecureURI( - Ci.nsISiteSecurityService.HEADER_HSTS, - Services.io.newURI("https://login.persona.org"), 0)); + ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "login.persona.org", 0)); run_next_test(); } diff --git a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js index dc2e76d4bf7e..f213877a3a12 100644 --- a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js +++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js @@ -5,19 +5,21 @@ function run_test() { let SSService = Cc["@mozilla.org/ssservice;1"] .getService(Ci.nsISiteSecurityService); - let uri = Services.io.newURI("https://bugzilla.mozilla.org"); // check that a host on the preload list is identified as an sts host - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // now simulate that it's 19 weeks later than it actually is let offsetSeconds = 19 * 7 * 24 * 60 * 60; Services.prefs.setIntPref("test.currentTimeOffsetSeconds", offsetSeconds); // check that the preloaded host is no longer considered sts - ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); // just make sure we can get everything back to normal Services.prefs.clearUserPref("test.currentTimeOffsetSeconds"); - ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0)); + ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, + "bugzilla.mozilla.org", 0)); } diff --git a/security/manager/ssl/tests/unit/xpcshell.ini b/security/manager/ssl/tests/unit/xpcshell.ini index bed493bb3f41..7f8d0e4eb4de 100644 --- a/security/manager/ssl/tests/unit/xpcshell.ini +++ b/security/manager/ssl/tests/unit/xpcshell.ini @@ -140,7 +140,6 @@ skip-if = toolkit == 'android' [test_sts_fqdn.js] [test_sts_holepunch.js] [test_sts_ipv4_ipv6.js] -[test_sts_parser.js] [test_sts_preload_dynamic.js] [test_sts_preloadlist_perwindowpb.js] [test_sts_preloadlist_selfdestruct.js] diff --git a/services/common/tests/unit/test_blocklist_pinning.js b/services/common/tests/unit/test_blocklist_pinning.js index 214bf2d484cb..58874ee2145c 100644 --- a/services/common/tests/unit/test_blocklist_pinning.js +++ b/services/common/tests/unit/test_blocklist_pinning.js @@ -92,16 +92,10 @@ add_task(function* test_something() { .getService(Ci.nsISiteSecurityService); // ensure our pins are all missing before we start - ok(!sss.isSecureURI(sss.HEADER_HPKP, - Services.io.newURI("https://one.example.com"), 0)); - ok(!sss.isSecureURI(sss.HEADER_HPKP, - Services.io.newURI("https://two.example.com"), 0)); - ok(!sss.isSecureURI(sss.HEADER_HPKP, - Services.io.newURI("https://three.example.com"), 0)); - ok(!sss.isSecureURI(sss.HEADER_HSTS, - Services.io.newURI("https://four.example.com"), 0)); - ok(!sss.isSecureURI(sss.HEADER_HSTS, - Services.io.newURI("https://five.example.com"), 0)); + ok(!sss.isSecureHost(sss.HEADER_HPKP, "one.example.com", 0)); + ok(!sss.isSecureHost(sss.HEADER_HPKP, "two.example.com", 0)); + ok(!sss.isSecureHost(sss.HEADER_HPKP, "three.example.com", 0)); + ok(!sss.isSecureHost(sss.HEADER_HSTS, "five.example.com", 0)); // Test an empty db populates yield PinningPreloadClient.maybeSync(2000, Date.now()); @@ -115,8 +109,7 @@ add_task(function* test_something() { do_check_eq(list.data.length, 1); // check that a pin exists for one.example.com - ok(sss.isSecureURI(sss.HEADER_HPKP, - Services.io.newURI("https://one.example.com"), 0)); + ok(sss.isSecureHost(sss.HEADER_HPKP, "one.example.com", 0)); // Test the db is updated when we call again with a later lastModified value yield PinningPreloadClient.maybeSync(4000, Date.now()); @@ -129,15 +122,12 @@ add_task(function* test_something() { yield connection.close(); // check that a pin exists for two.example.com and three.example.com - ok(sss.isSecureURI(sss.HEADER_HPKP, - Services.io.newURI("https://two.example.com"), 0)); - ok(sss.isSecureURI(sss.HEADER_HPKP, - Services.io.newURI("https://three.example.com"), 0)); + ok(sss.isSecureHost(sss.HEADER_HPKP, "two.example.com", 0)); + ok(sss.isSecureHost(sss.HEADER_HPKP, "three.example.com", 0)); // check that a pin does not exist for four.example.com - it's in the // collection but the version should not match - ok(!sss.isSecureURI(sss.HEADER_HPKP, - Services.io.newURI("https://four.example.com"), 0)); + ok(!sss.isSecureHost(sss.HEADER_HPKP, "four.example.com", 0)); // Try to maybeSync with the current lastModified value - no connection // should be attempted. @@ -156,12 +146,9 @@ add_task(function* test_something() { do_check_neq(newValue, 0); // Check that the HSTS preload added to the collection works... - ok(sss.isSecureURI(sss.HEADER_HSTS, - Services.io.newURI("https://five.example.com"), 0)); + ok(sss.isSecureHost(sss.HEADER_HSTS, "five.example.com", 0)); // ...and that includeSubdomains is honored - ok(!sss.isSecureURI(sss.HEADER_HSTS, - Services.io.newURI("https://subdomain.five.example.com"), - 0)); + ok(!sss.isSecureHost(sss.HEADER_HSTS, "subdomain.five.example.com", 0)); // Check that a sync completes even when there's bad data in the // collection. This will throw on fail, so just calling maybeSync is an @@ -172,9 +159,7 @@ add_task(function* test_something() { // The STS entry for five.example.com now has includeSubdomains set; // ensure that the new includeSubdomains value is honored. - ok(sss.isSecureURI(sss.HEADER_HSTS, - Services.io.newURI("https://subdomain.five.example.com"), - 0)); + ok(sss.isSecureHost(sss.HEADER_HSTS, "subdomain.five.example.com", 0)); }); function run_test() {