gecko-dev/content/base/test/test_websocket_hello.html
Patrick McManus 481603e323 Bug 616733: Disable websockets by default. r=peterv,jst a=beta8
Can be turned on by setting preference
network.websocket.override-security-block.  Websockets can only be used if
override-security-block and network.websocket.enabled are both set to true.

At a future time, with a more secure websocket protocol, the
override-security-block preference can be removed.

This action is based on the security concern over an HTTP cache
poisoning attack as described in
http://www.adambarth.com/experimental/websocket.pdf
2010-12-08 14:12:51 -08:00

67 lines
1.7 KiB
HTML

<!DOCTYPE HTML>
<html>
<!--
-->
<head>
<title>Basic websocket test</title>
<script type="text/javascript" src="/MochiKit/packed.js"></script>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body onload="testWebSocket()">
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=472529">Mozilla Bug </a>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<pre id="test">
<script class="testbody" type="text/javascript">
var ws;
var oldPrefVal;
var domBranch;
function finishWSTest() {
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
domBranch.setBoolPref("override-security-block", oldPrefVal);
SimpleTest.finish();
}
function testWebSocket () {
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
var prefService =
Components.classes["@mozilla.org/preferences-service;1"]
.getService(Components.interfaces.nsIPrefService);
domBranch = prefService.getBranch("network.websocket.");
oldPrefVal = domBranch.getBoolPref("override-security-block");
domBranch.setBoolPref("override-security-block", true);
ws = new WebSocket("ws://mochi.test:8888/tests/content/base/test/file_websocket_hello");
ws.onopen = function(e) {
ws.send("data");
}
ws.onclose = function(e) {
}
ws.onerror = function(e) {
ok(false, "onerror called!");
finishWSTest();
}
ws.onmessage = function(e) {
is(e.data, "Hello world!", "Wrong data");
ws.close();
finishWSTest();
}
}
SimpleTest.waitForExplicitFinish();
</script>
</pre>
<div>
</div>
</body>
</html>