--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1321,16 +1321,20 @@ pref("sidebar.position_start", true);
pref("security.mixed_content.block_active_content", true);
// Show degraded UI for http pages with password fields.
pref("security.insecure_password.ui.enabled", true);
// Show in-content login form warning UI for insecure login fields
pref("security.insecure_field_warning.contextual.enabled", true);
+// Show degraded UI for http pages; disabled for now
+pref("security.insecure_connection_icon.enabled", false);
+pref("security.insecure_connection_icon.pbmode.enabled", false);
+
// 1 = allow MITM for certificate pinning checks.
pref("security.cert_pinning.enforcement_level", 1);
// Override the Gecko-default value of false for Firefox.
pref("plain_text.wrap_long_lines", true);
// If this turns true, Moz*Gesture events are not called stopPropagation()
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -7110,19 +7110,18 @@ var gIdentityHandler = {
* nsIURI for which the identity UI is displayed. This has been already
* processed by nsIURIFixup.createExposableURI.
*/
_uri: null,
/**
* We only know the connection type if this._uri has a defined "host" part.
*
- * These URIs, like "about:" and "data:" URIs, will usually be treated as a
- * non-secure connection, unless they refer to an internally implemented
- * browser page or resolve to "file:" URIs.
+ * These URIs, like "about:", "file:" and "data:" URIs, will usually be treated as a
+ * an unknown connection.
*/
_uriHasHost: false,
/**
* If this tab belongs to a WebExtension, contains its WebExtensionPolicy.
*/
_pageExtensionPolicy: null,
@@ -7560,28 +7559,43 @@ var gIdentityHandler = {
if (this._isMixedActiveContentBlocked) {
this._identityBox.classList.add("mixedActiveBlocked");
}
if (!this._isCertUserOverridden) {
// It's a normal cert, verifier is the CA Org.
tooltip = gNavigatorBundle.getFormattedString("identity.identified.verifier",
[this.getIdentityData().caOrg]);
}
- } else {
+ } else if (!this._uriHasHost) {
this._identityBox.className = "unknownIdentity";
+ } else if (gBrowser.selectedBrowser.documentURI &&
+ (gBrowser.selectedBrowser.documentURI.scheme == "about" ||
+ gBrowser.selectedBrowser.documentURI.scheme == "chrome")) {
+ // For net errors we should not show notSecure as it's likely confusing
+ this._identityBox.className = "unknownIdentity";
+ } else {
if (this._isBroken) {
+ this._identityBox.className = "unknownIdentity";
+
if (this._isMixedActiveContentLoaded) {
this._identityBox.classList.add("mixedActiveContent");
} else if (this._isMixedActiveContentBlocked) {
this._identityBox.classList.add("mixedDisplayContentLoadedActiveBlocked");
} else if (this._isMixedPassiveContentLoaded) {
this._identityBox.classList.add("mixedDisplayContent");
} else {
this._identityBox.classList.add("weakCipher");
}
+ } else {
+ let warnOnInsecure = Services.prefs.getBoolPref("security.insecure_connection_icon.enabled") ||
+ (Services.prefs.getBoolPref("security.insecure_connection_icon.pbmode.enabled") &&
+ PrivateBrowsingUtils.isWindowPrivate(window));
+ let className = warnOnInsecure ? "notSecure" : "unknownIdentity";
+
+ this._identityBox.className = className;
}
if (this._hasInsecureLoginForms) {
// Insecure login forms can only be present on "unknown identity"
// pages, either already insecure or with mixed active content loaded.
this._identityBox.classList.add("insecureLoginForms");
}
}
@@ -7793,18 +7807,18 @@ var gIdentityHandler = {
// Update per-site permissions section.
this.updateSitePermissions();
},
setURI(uri) {
this._uri = uri;
try {
- this._uri.host;
- this._uriHasHost = true;
+ // Account for file: urls and catch when "" is the value
+ this._uriHasHost = !!this._uri.host;
} catch (ex) {
this._uriHasHost = false;
}
this._isSecureInternalUI = uri.schemeIs("about") &&
this._secureInternalUIWhitelist.test(uri.pathQueryRef);
this._pageExtensionPolicy = WebExtensionPolicy.getByURI(uri);
--- a/browser/base/content/test/general/browser.ini
+++ b/browser/base/content/test/general/browser.ini
@@ -223,18 +223,16 @@ skip-if = toolkit != "cocoa" # Because o
[browser_bug581242.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_bug581253.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_bug585785.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_bug585830.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
-[browser_bug590206.js]
-# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_bug592338.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_bug594131.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_bug596687.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_bug597218.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
--- a/browser/base/content/test/siteIdentity/browser.ini
+++ b/browser/base/content/test/siteIdentity/browser.ini
@@ -1,11 +1,12 @@
[DEFAULT]
support-files =
head.js
+ dummy_page.html
!/image/test/mochitest/blue.png
[browser_bug822367.js]
tags = mcb
support-files =
file_bug822367_1.html
file_bug822367_1.js
file_bug822367_2.html
@@ -91,8 +92,9 @@ support-files =
test_no_mcb_on_http_site_font.css
test_no_mcb_on_http_site_font2.html
test_no_mcb_on_http_site_font2.css
[browser_no_mcb_for_loopback.js]
tags = mcb
support-files =
../general/moz.png
test_no_mcb_for_loopback.html
+[browser_check_identity_state.js]
--- a/browser/base/content/test/siteIdentity/browser_bug1045809.js
+++ b/browser/base/content/test/siteIdentity/browser_bug1045809.js
@@ -1,11 +1,12 @@
// Test that the Mixed Content Doorhanger Action to re-enable protection works
const PREF_ACTIVE = "security.mixed_content.block_active_content";
+const PREF_INSECURE = "security.insecure_connection_icon.enabled";
const TEST_URL = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "https://example.com") + "file_bug1045809_1.html";
var origBlockActive;
add_task(async function() {
registerCleanupFunction(function() {
Services.prefs.setBoolPref(PREF_ACTIVE, origBlockActive);
gBrowser.removeCurrentTab();
@@ -14,28 +15,39 @@ add_task(async function() {
// Store original preferences so we can restore settings after testing
origBlockActive = Services.prefs.getBoolPref(PREF_ACTIVE);
// Make sure mixed content blocking is on
Services.prefs.setBoolPref(PREF_ACTIVE, true);
let tab = gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser);
+ // Check with insecure lock disabled
+ await SpecialPowers.pushPrefEnv({set: [[PREF_INSECURE, false]]});
+ await runTests(tab);
+
+
+ // Check with insecure lock disabled
+ await SpecialPowers.pushPrefEnv({set: [[PREF_INSECURE, true]]});
+ await runTests(tab);
+});
+
+async function runTests(tab) {
// Test 1: mixed content must be blocked
await promiseTabLoadEvent(tab, TEST_URL);
await test1(gBrowser.getBrowserForTab(tab));
await promiseTabLoadEvent(tab);
// Test 2: mixed content must NOT be blocked
await test2(gBrowser.getBrowserForTab(tab));
// Test 3: mixed content must be blocked again
await promiseTabLoadEvent(tab);
await test3(gBrowser.getBrowserForTab(tab));
-});
+}
async function test1(gTestBrowser) {
await assertMixedContentBlockingState(gTestBrowser, {activeLoaded: false, activeBlocked: true, passiveLoaded: false});
await ContentTask.spawn(gTestBrowser, null, function() {
var x = content.document.getElementsByTagName("iframe")[0].contentDocument.getElementById("mixedContentContainer");
is(x, null, "Mixed Content is NOT to be found in Test1");
});
rename from browser/base/content/test/general/browser_bug590206.js
rename to browser/base/content/test/siteIdentity/browser_check_identity_state.js
--- a/browser/base/content/test/general/browser_bug590206.js
+++ b/browser/base/content/test/siteIdentity/browser_check_identity_state.js
@@ -1,163 +1,329 @@
/*
* Test the identity mode UI for a variety of page types
*/
"use strict";
const DUMMY = "browser/browser/base/content/test/general/dummy_page.html";
+const INSECURE_ICON_PREF = "security.insecure_connection_icon.enabled";
+const INSECURE_PBMODE_ICON_PREF = "security.insecure_connection_icon.pbmode.enabled";
function loadNewTab(url) {
- return BrowserTestUtils.openNewForegroundTab(gBrowser, url);
+ return BrowserTestUtils.openNewForegroundTab(gBrowser, url, true);
}
-function getIdentityMode() {
- return document.getElementById("identity-box").className;
+function getIdentityMode(aWindow = window) {
+ return aWindow.document.getElementById("identity-box").className;
}
function getConnectionState() {
+ // Prevents items that are being lazy loaded causing issues
+ document.getElementById("identity-box").click();
gIdentityHandler.refreshIdentityPopup();
return document.getElementById("identity-popup").getAttribute("connection");
}
// This test is slow on Linux debug e10s
requestLongerTimeout(2);
-add_task(async function test_webpage() {
+async function webpageTest(secureCheck) {
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
let oldTab = gBrowser.selectedTab;
let newTab = await loadNewTab("http://example.com/" + DUMMY);
- is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ if (secureCheck) {
+ is(getIdentityMode(), "notSecure", "Identity should be not secure");
+ } else {
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ }
gBrowser.selectedTab = oldTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = newTab;
- is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ if (secureCheck) {
+ is(getIdentityMode(), "notSecure", "Identity should be not secure");
+ } else {
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ }
gBrowser.removeTab(newTab);
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_webpage() {
+ await webpageTest(false);
+ await webpageTest(true);
});
-add_task(async function test_blank() {
+async function blankPageTest(secureCheck) {
let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
let newTab = await loadNewTab("about:blank");
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = oldTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = newTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.removeTab(newTab);
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_blank() {
+ await blankPageTest(true);
+ await blankPageTest(false);
});
-add_task(async function test_chrome() {
+async function secureTest(secureCheck) {
let oldTab = gBrowser.selectedTab;
-
- let newTab = await loadNewTab("chrome://mozapps/content/extensions/extensions.xul");
- is(getConnectionState(), "file", "Connection should be file");
-
- gBrowser.selectedTab = oldTab;
- is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
-
- gBrowser.selectedTab = newTab;
- is(getConnectionState(), "file", "Connection should be file");
-
- gBrowser.removeTab(newTab);
-});
-
-add_task(async function test_https() {
- let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
let newTab = await loadNewTab("https://example.com/" + DUMMY);
is(getIdentityMode(), "verifiedDomain", "Identity should be verified");
gBrowser.selectedTab = oldTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = newTab;
is(getIdentityMode(), "verifiedDomain", "Identity should be verified");
gBrowser.removeTab(newTab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_secure_enabled() {
+ await secureTest(true);
+ await secureTest(false);
});
-add_task(async function test_addons() {
+async function insecureTest(secureCheck) {
let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
+
+ let newTab = await loadNewTab("http://example.com/" + DUMMY);
+ if (secureCheck) {
+ is(getIdentityMode(), "notSecure", "Identity should be not secure");
+ } else {
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ }
+
+ gBrowser.selectedTab = oldTab;
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+
+ gBrowser.selectedTab = newTab;
+ if (secureCheck) {
+ is(getIdentityMode(), "notSecure", "Identity should be not secure");
+ } else {
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ }
+
+ gBrowser.removeTab(newTab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_insecure() {
+ await insecureTest(true);
+ await insecureTest(false);
+});
+
+async function addonsTest(secureCheck) {
+ let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
let newTab = await loadNewTab("about:addons");
is(getIdentityMode(), "chromeUI", "Identity should be chrome");
gBrowser.selectedTab = oldTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = newTab;
is(getIdentityMode(), "chromeUI", "Identity should be chrome");
gBrowser.removeTab(newTab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_addons() {
+ await addonsTest(true);
+ await addonsTest(false);
});
-add_task(async function test_file() {
+async function fileTest(secureCheck) {
let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
let fileURI = getTestFilePath("");
let newTab = await loadNewTab(fileURI);
is(getConnectionState(), "file", "Connection should be file");
gBrowser.selectedTab = oldTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = newTab;
is(getConnectionState(), "file", "Connection should be file");
gBrowser.removeTab(newTab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_file() {
+ await fileTest(true);
+ await fileTest(false);
});
-add_task(async function test_resource_uri() {
+async function resourceUriTest(secureCheck) {
let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
let dataURI = "resource://gre/modules/Services.jsm";
let newTab = await loadNewTab(dataURI);
is(getConnectionState(), "file", "Connection should be file");
gBrowser.selectedTab = oldTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = newTab;
is(getConnectionState(), "file", "Connection should be file");
gBrowser.removeTab(newTab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_resource_uri() {
+ await resourceUriTest(true);
+ await resourceUriTest(false);
});
-add_task(async function test_data_uri() {
+async function noCertErrorTest(secureCheck) {
let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
+ let newTab = BrowserTestUtils.addTab(gBrowser);
+ gBrowser.selectedTab = newTab;
+
+ let promise = BrowserTestUtils.waitForErrorPage(gBrowser.selectedBrowser);
+ gBrowser.loadURI("https://nocert.example.com/");
+ await promise;
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ is(getConnectionState(), "not-secure", "Connection should be file");
+
+ gBrowser.selectedTab = oldTab;
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+
+ gBrowser.selectedTab = newTab;
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ is(getConnectionState(), "not-secure", "Connection should be file");
+
+ gBrowser.removeTab(newTab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_about_net_error_uri() {
+ await noCertErrorTest(true);
+ await noCertErrorTest(false);
+});
+
+async function aboutUriTest(secureCheck) {
+ let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
+ let aboutURI = "about:robots";
+
+ let newTab = await loadNewTab(aboutURI);
+ is(getConnectionState(), "file", "Connection should be file");
+
+ gBrowser.selectedTab = oldTab;
+ is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+
+ gBrowser.selectedTab = newTab;
+ is(getConnectionState(), "file", "Connection should be file");
+
+ gBrowser.removeTab(newTab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_about_uri() {
+ await aboutUriTest(true);
+ await aboutUriTest(false);
+});
+
+async function dataUriTest(secureCheck) {
+ let oldTab = gBrowser.selectedTab;
+ await SpecialPowers.pushPrefEnv({set: [[INSECURE_ICON_PREF, secureCheck]]});
let dataURI = "data:text/html,hi";
let newTab = await loadNewTab(dataURI);
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = oldTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.selectedTab = newTab;
is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
gBrowser.removeTab(newTab);
+
+ await SpecialPowers.popPrefEnv();
+}
+
+add_task(async function test_data_uri() {
+ dataUriTest(true);
+ dataUriTest(false);
});
-add_task(async function test_about_uri() {
- let oldTab = gBrowser.selectedTab;
- let aboutURI = "about:robots";
+async function pbModeTest(prefs, secureCheck) {
+ await SpecialPowers.pushPrefEnv({set: prefs});
+
+ let privateWin = await BrowserTestUtils.openNewBrowserWindow({private: true});
+ let oldTab = privateWin.gBrowser.selectedTab;
+ let newTab = await BrowserTestUtils.openNewForegroundTab(privateWin.gBrowser, "http://example.com/" + DUMMY);
- let newTab = await loadNewTab(aboutURI);
- is(getConnectionState(), "file", "Connection should be file");
+ if (secureCheck) {
+ is(getIdentityMode(privateWin), "notSecure", "Identity should be not secure");
+ } else {
+ is(getIdentityMode(privateWin), "unknownIdentity", "Identity should be unknown");
+ }
+
+ privateWin.gBrowser.selectedTab = oldTab;
+ is(getIdentityMode(privateWin), "unknownIdentity", "Identity should be unknown");
+
+ privateWin.gBrowser.selectedTab = newTab;
+ if (secureCheck) {
+ is(getIdentityMode(privateWin), "notSecure", "Identity should be not secure");
+ } else {
+ is(getIdentityMode(privateWin), "unknownIdentity", "Identity should be unknown");
+ }
- gBrowser.selectedTab = oldTab;
- is(getIdentityMode(), "unknownIdentity", "Identity should be unknown");
+ await BrowserTestUtils.closeWindow(privateWin);
+
+ await SpecialPowers.popPrefEnv();
+}
- gBrowser.selectedTab = newTab;
- is(getConnectionState(), "file", "Connection should be file");
+add_task(async function test_pb_mode() {
+ let prefs = [
+ [INSECURE_ICON_PREF, true],
+ [INSECURE_PBMODE_ICON_PREF, true]
+ ];
+ await pbModeTest(prefs, true);
+ prefs = [
+ [INSECURE_ICON_PREF, false],
+ [INSECURE_PBMODE_ICON_PREF, true]
+ ];
+ await pbModeTest(prefs, true);
+ prefs = [
+ [INSECURE_ICON_PREF, false],
+ [INSECURE_PBMODE_ICON_PREF, false]
+ ];
+ await pbModeTest(prefs, false);
+});
- gBrowser.removeTab(newTab);
-});
--- a/browser/base/content/test/siteIdentity/browser_mcb_redirect.js
+++ b/browser/base/content/test/siteIdentity/browser_mcb_redirect.js
@@ -52,41 +52,54 @@
* but instead we try to use the cached image.
* - the image should not load
*/
const PREF_ACTIVE = "security.mixed_content.block_active_content";
const PREF_DISPLAY = "security.mixed_content.block_display_content";
const HTTPS_TEST_ROOT = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "https://example.com");
const HTTP_TEST_ROOT = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "http://example.com");
+const PREF_INSECURE_ICON = "security.insecure_connection_icon.enabled";
var origBlockActive;
var origBlockDisplay;
+var origInsecurePref;
var gTestBrowser = null;
// ------------------------ Helper Functions ---------------------
registerCleanupFunction(function() {
// Set preferences back to their original values
Services.prefs.setBoolPref(PREF_ACTIVE, origBlockActive);
Services.prefs.setBoolPref(PREF_DISPLAY, origBlockDisplay);
+ Services.prefs.setBoolPref(PREF_INSECURE_ICON, origInsecurePref);
// Make sure we are online again
Services.io.offline = false;
});
function cleanUpAfterTests() {
gBrowser.removeCurrentTab();
window.focus();
finish();
}
// ------------------------ Test 1 ------------------------------
function test1() {
+ Services.prefs.setBoolPref(PREF_INSECURE_ICON, false);
+
+ var url = HTTPS_TEST_ROOT + "test_mcb_redirect.html";
+ BrowserTestUtils.loadURI(gTestBrowser, url);
+ BrowserTestUtils.browserLoaded(gTestBrowser).then(checkUIForTest1);
+}
+
+function testInsecure1() {
+ Services.prefs.setBoolPref(PREF_INSECURE_ICON, true);
+
var url = HTTPS_TEST_ROOT + "test_mcb_redirect.html";
BrowserTestUtils.loadURI(gTestBrowser, url);
BrowserTestUtils.browserLoaded(gTestBrowser).then(checkUIForTest1);
}
async function checkUIForTest1() {
await assertMixedContentBlockingState(gTestBrowser, {activeLoaded: false, activeBlocked: true, passiveLoaded: false});
@@ -280,16 +293,17 @@ function checkLoadEventForTest9() {
function test() {
// Performing async calls, e.g. 'onload', we have to wait till all of them finished
waitForExplicitFinish();
// Store original preferences so we can restore settings after testing
origBlockActive = Services.prefs.getBoolPref(PREF_ACTIVE);
origBlockDisplay = Services.prefs.getBoolPref(PREF_DISPLAY);
+ origInsecurePref = Services.prefs.getBoolPref(PREF_INSECURE_ICON);
Services.prefs.setBoolPref(PREF_ACTIVE, true);
Services.prefs.setBoolPref(PREF_DISPLAY, true);
var newTab = BrowserTestUtils.addTab(gBrowser);
gBrowser.selectedTab = newTab;
gTestBrowser = gBrowser.selectedBrowser;
newTab.linkedBrowser.stop();
new file mode 100644
--- /dev/null
+++ b/browser/base/content/test/siteIdentity/dummy_page.html
@@ -0,0 +1,9 @@
+<html>
+<head>
+<title>Dummy test page</title>
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8"></meta>
+</head>
+<body>
+<p>Dummy test page</p>
+</body>
+</html>
--- a/browser/base/content/test/siteIdentity/head.js
+++ b/browser/base/content/test/siteIdentity/head.js
@@ -152,20 +152,27 @@ async function assertMixedContentBlockin
let stateActiveLoaded = gIdentityHandler._state & Ci.nsIWebProgressListener.STATE_LOADED_MIXED_ACTIVE_CONTENT;
let statePassiveLoaded = gIdentityHandler._state & Ci.nsIWebProgressListener.STATE_LOADED_MIXED_DISPLAY_CONTENT;
is(activeBlocked, !!stateActiveBlocked, "Expected state for activeBlocked matches UI state");
is(activeLoaded, !!stateActiveLoaded, "Expected state for activeLoaded matches UI state");
is(passiveLoaded, !!statePassiveLoaded, "Expected state for passiveLoaded matches UI state");
if (stateInsecure) {
- // HTTP request, there should be no MCB classes for the identity box and the non secure icon
- // should always be visible regardless of MCB state.
- ok(classList.contains("unknownIdentity"), "unknownIdentity on HTTP page");
- ok(is_hidden(connectionIcon), "connection icon should be hidden");
+ const insecureConnectionIcon = Services.prefs.getBoolPref("security.insecure_connection_icon.enabled");
+ if (!insecureConnectionIcon) {
+ // HTTP request, there should be no MCB classes for the identity box and the non secure icon
+ // should always be visible regardless of MCB state.
+ ok(classList.contains("unknownIdentity"), "unknownIdentity on HTTP page");
+ ok(is_hidden(connectionIcon), "connection icon should be hidden");
+ } else {
+ // HTTP request, there should be a broken padlock shown always.
+ ok(classList.contains("notSecure"), "notSecure on HTTP page");
+ ok(!is_hidden(connectionIcon), "connection icon should be visible");
+ }
ok(!classList.contains("mixedActiveContent"), "No MCB icon on HTTP page");
ok(!classList.contains("mixedActiveBlocked"), "No MCB icon on HTTP page");
ok(!classList.contains("mixedDisplayContent"), "No MCB icon on HTTP page");
ok(!classList.contains("mixedDisplayContentLoadedActiveBlocked"), "No MCB icon on HTTP page");
} else {
// Make sure the identity box UI has the correct mixedcontent states and icons
is(classList.contains("mixedActiveContent"), activeLoaded,
--- a/browser/themes/shared/identity-block/identity-block.inc.css
+++ b/browser/themes/shared/identity-block/identity-block.inc.css
@@ -198,16 +198,17 @@
#urlbar[pageproxystate="valid"] > #identity-box.weakCipher > #connection-icon,
#urlbar[pageproxystate="valid"] > #identity-box.mixedDisplayContent > #connection-icon,
#urlbar[pageproxystate="valid"] > #identity-box.mixedDisplayContentLoadedActiveBlocked > #connection-icon,
#urlbar[pageproxystate="valid"] > #identity-box.certUserOverridden > #connection-icon {
list-style-image: url(chrome://browser/skin/connection-mixed-passive-loaded.svg);
visibility: visible;
}
+#urlbar[pageproxystate="valid"] > #identity-box.notSecure > #connection-icon,
#urlbar[pageproxystate="valid"] > #identity-box.insecureLoginForms > #connection-icon,
#urlbar[pageproxystate="valid"] > #identity-box.mixedActiveContent > #connection-icon {
list-style-image: url(chrome://browser/skin/connection-mixed-active-loaded.svg);
visibility: visible;
}
#identity-box.extensionPage > #extension-icon {
list-style-image: url(chrome://browser/skin/controlcenter/extension.svg);