Bug 1328824 - Test if about:blocked can be loaded in a secure context.
MozReview-Commit-ID: GQAfd4xuRJT
--- a/browser/base/content/blockedSite.xhtml
+++ b/browser/base/content/blockedSite.xhtml
@@ -130,17 +130,17 @@
if (!getOverride()) {
var btn = document.getElementById("ignoreWarningButton");
if (btn) {
btn.parentNode.removeChild(btn);
}
}
// Inform the test harness that we're done loading the page
- var event = new CustomEvent("AboutBlockedLoaded");
+ var event = new CustomEvent("AboutBlockedLoaded", {bubbles:true});
document.dispatchEvent(event);
}
]]></script>
</head>
<body dir="&locale.dir;">
<div id="errorPageContainer" class="container">
--- a/browser/components/safebrowsing/content/test/browser.ini
+++ b/browser/components/safebrowsing/content/test/browser.ini
@@ -1,8 +1,11 @@
[DEFAULT]
-support-files = head.js
+support-files =
+ head.js
+ empty_file.html
[browser_bug400731.js]
[browser_bug415846.js]
# Disabled on Mac because of its bizarre special-and-unique snowflake of a help menu.
skip-if = os == "mac" || e10s # e10s: Bug 1248632
[browser_whitelisted.js]
+[browser_mixedcontent_aboutblocked.js]
new file mode 100644
--- /dev/null
+++ b/browser/components/safebrowsing/content/test/browser_mixedcontent_aboutblocked.js
@@ -0,0 +1,74 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+const { classes: Cc, interfaces: Ci, results: Cr } = Components;
+
+// This url must sync with the table, url in SafeBrowsing.jsm addMozEntries
+const PHISH_TABLE = "test-phish-simple";
+const PHISH_URL = "https://www.itisatrap.org/firefox/its-a-trap.html";
+
+const SECURE_CONTAINER_URL = "https://example.com/browser/browser/components/safebrowsing/content/test/empty_file.html";
+
+// This function is mostly ported from classifierCommon.js
+// under toolkit/components/url-classifier/tests/mochitest.
+function waitForDBInit(callback) {
+ // Since there are two cases that may trigger the callback,
+ // we have to carefully avoid multiple callbacks and observer
+ // leaking.
+ let didCallback = false;
+ function callbackOnce() {
+ Services.obs.removeObserver(obsFunc, "mozentries-update-finished");
+ if (!didCallback) {
+ callback();
+ }
+ didCallback = true;
+ }
+
+ // The first part: listen to internal event.
+ function obsFunc() {
+ ok(true, "Received internal event!");
+ callbackOnce();
+ }
+ Services.obs.addObserver(obsFunc, "mozentries-update-finished", false);
+
+ // The second part: we might have missed the event. Just do
+ // an internal database lookup to confirm if the url has been
+ // added.
+ let principal = Services.scriptSecurityManager
+ .createCodebasePrincipal(Services.io.newURI(PHISH_URL), {});
+
+ let dbService = Cc["@mozilla.org/url-classifier/dbservice;1"]
+ .getService(Ci.nsIUrlClassifierDBService);
+ dbService.lookup(principal, PHISH_TABLE, value => {
+ if (value === PHISH_TABLE) {
+ ok(true, "DB lookup success!");
+ callbackOnce();
+ }
+ });
+}
+
+add_task(function* testNormalBrowsing() {
+ yield BrowserTestUtils.withNewTab(SECURE_CONTAINER_URL, function* (browser) {
+ // Before we load the phish url, we have to make sure the hard-coded
+ // black list has been added to the database.
+ yield new Promise(resolve => waitForDBInit(resolve));
+
+ yield ContentTask.spawn(browser, PHISH_URL, function* (aPhishUrl) {
+ return new Promise(resolve => {
+ // Register listener before loading phish URL.
+ let listener = e => {
+ removeEventListener('AboutBlockedLoaded', listener, false, true);
+ resolve();
+ };
+ addEventListener('AboutBlockedLoaded', listener, false, true);
+
+ // Create an iframe which is going to load a phish url.
+ let iframe = content.document.createElement("iframe");
+ iframe.src = aPhishUrl;
+ content.document.body.appendChild(iframe);
+ });
+ });
+
+ ok(true, "about:blocked is successfully loaded!");
+ });
+});
new file mode 100644
--- /dev/null
+++ b/browser/components/safebrowsing/content/test/empty_file.html
@@ -0,0 +1,1 @@
+<html><body></body></html>
\ No newline at end of file
--- a/build/pgo/server-locations.txt
+++ b/build/pgo/server-locations.txt
@@ -20,19 +20,19 @@
# number is the default for the protocol.
#
# Unrecognized options are ignored. Recognized options are "primary" and
# "privileged", "nocert", "cert=some_cert_nickname", "redir=hostname" and
# "failHandshake".
#
# "primary" denotes a location which is the canonical location of
# the server; this location is the one assumed for requests which don't
-# otherwise identify a particular origin (e.g. HTTP/1.0 requests).
+# otherwise identify a particular origin (e.g. HTTP/1.0 requests).
#
-# "privileged" denotes a location which should have the ability to request
+# "privileged" denotes a location which should have the ability to request
# elevated privileges; the default is no privileges.
#
# "nocert" makes sense only for https:// hosts and means there is not
# any certificate automatically generated for this host.
#
# "failHandshake" causes the tls handshake to fail (by sending a client hello to
# the client).
#
@@ -120,16 +120,17 @@ https://mismatch.untrusted-expired.examp
# This is here so that we don't load the default live bookmark over
# the network in every test suite.
http://fxfeeds.mozilla.com:80
# Prevent safebrowsing tests from hitting the network for its-a-trap.html and
# its-an-attack.html.
http://www.itisatrap.org:80
+https://www.itisatrap.org:443
#
# These are subdomains of <ält.example.org>.
#
http://sub1.xn--lt-uia.example.org:8000 privileged
http://sub2.xn--lt-uia.example.org:80 privileged
http://xn--exmple-cua.test:80 privileged
http://sub1.xn--exmple-cua.test:80 privileged