1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153
|
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>browser.webRequest.getSecurityInfo()</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<script src="/tests/SimpleTest/ExtensionTestUtils.js"></script>
<link rel="stylesheet" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<script>
"use strict";
add_task(async function test_getSecurityInfo() {
const extension = ExtensionTestUtils.loadExtension({
manifest: {
permissions: [
"webRequest",
"webRequestBlocking",
"*://example.org/*"
],
},
async background() {
const url = "https://example.org/tests/toolkit/components/extensions/test/mochitest/file_sample.html";
let tab;
browser.webRequest.onHeadersReceived.addListener(async details => {
const securityInfo = await browser.webRequest.getSecurityInfo(
details.requestId,
{}
);
// Some properties have dynamic values so let's take them out of the
// `securityInfo` object before asserting all the other props with deep
// equality.
const {
cipherSuite,
secretKeyLength,
keaGroupName,
signatureSchemeName,
protocolVersion,
certificates,
...otherProps
} = securityInfo;
browser.test.assertTrue(cipherSuite.length, "expected cipher suite");
browser.test.assertTrue(
Number.isInteger(secretKeyLength),
"expected secret key length"
);
browser.test.assertTrue(
keaGroupName.length,
"expected kea group name"
);
browser.test.assertTrue(
signatureSchemeName.length,
"expected signature scheme name"
);
browser.test.assertTrue(
protocolVersion.length,
"expected protocol version"
);
browser.test.assertTrue(
Array.isArray(certificates),
"expected an array of certificates"
);
browser.test.assertDeepEq({
state: "secure",
isExtendedValidation: false,
certificateTransparencyStatus: "not_applicable",
hsts: false,
hpkp: false,
usedEch: false,
usedDelegatedCredentials: false,
usedOcsp: false,
usedPrivateDns: false,
}, otherProps, "expected security info");
await browser.tabs.remove(tab.id);
browser.test.notifyPass("success");
}, { urls: [url] } , ["blocking"]);
tab = await browser.tabs.create({ url });
},
});
await extension.startup();
await extension.awaitFinish("success");
await extension.unload();
});
add_task(async function test_getSecurityInfo_without_permission() {
const extension = ExtensionTestUtils.loadExtension({
manifest: {
manifest_version: 3,
granted_host_permissions: true,
permissions: [ "webRequest", "webRequestBlocking"],
host_permissions: ["*://example.org/*"],
},
async background() {
let requestCount = 0;
browser.webRequest.onHeadersReceived.addListener(
async ({ requestId }) => {
++requestCount;
try {
let info = await browser.webRequest.getSecurityInfo(requestId, {});
browser.test.assertEq("secure", info?.state, "Got SecurityInfo");
await browser.permissions.remove({ origins: ["*://example.org/*"] });
browser.test.assertDeepEq(
undefined,
await browser.webRequest.getSecurityInfo(requestId, {}),
"getSecurityInfo() should not return info without permission"
);
} catch (e) {
browser.test.fail(`Unexpected error in onHeadersReceived: ${e}`);
}
},
{ urls: ["*://example.org/*/file_image_good.png?permcheck*"] },
["blocking"]
);
// Main purpose of this is to ensure that the webRequest listener has
// registered when the request is triggered (work around bug 1300234).
browser.webRequest.getSecurityInfo("").then(securityInfo => {
browser.test.assertEq(
undefined,
securityInfo,
"getSecurityInfo() with invalid requestId resolves to undefined"
);
const img = new Image();
img.src = "https://example.org/tests/toolkit/components/extensions/test/mochitest/file_image_good.png?permcheck&_=" + Date.now();
img.decode().then(() => {
browser.test.assertEq(1, requestCount, "Seen request");
browser.test.sendMessage("done");
});
});
},
});
await extension.startup();
await extension.awaitMessage("done");
await extension.unload();
});
</script>
</body>
</html>
|