--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@@ -3294,25 +3294,25 @@ function getDetailedCertErrorInfo(locati
let errors = Cc["@mozilla.org/nss_errors_service;1"]
.getService(Ci.nsINSSErrorsService);
certErrorDetails += "\r\n\r\n" + errors.getErrorMessage(errors.getXPCOMFromNSSError(code));
const sss = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
// SiteSecurityService uses different storage if the channel is
- // private. Thus we must give isSecureHost correct flags or we
+ // private. Thus we must give isSecureURI correct flags or we
// might get incorrect results.
let flags = PrivateBrowsingUtils.isWindowPrivate(window) ?
Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
let uri = Services.io.newURI(location);
- let hasHSTS = sss.isSecureHost(sss.HEADER_HSTS, uri.host, flags);
- let hasHPKP = sss.isSecureHost(sss.HEADER_HPKP, uri.host, flags);
+ let hasHSTS = sss.isSecureURI(sss.HEADER_HSTS, uri, flags);
+ let hasHPKP = sss.isSecureURI(sss.HEADER_HPKP, uri, flags);
certErrorDetails += "\r\n\r\n" +
gNavigatorBundle.getFormattedString("certErrorDetailsHSTS.label",
[hasHSTS]);
certErrorDetails += "\r\n" +
gNavigatorBundle.getFormattedString("certErrorDetailsKeyPinning.label",
[hasHPKP]);
let certChain = "";
--- a/devtools/client/debugger/new/debugger.js
+++ b/devtools/client/debugger/new/debugger.js
@@ -8956,25 +8956,29 @@ var Debugger =
// HSTS and HPKP if available.
if (httpActivity.hostname) {
const sss = Cc("@mozilla.org/ssservice;1")
.getService(Ci.nsISiteSecurityService);
// SiteSecurityService uses different storage if the channel is
- // private. Thus we must give isSecureHost correct flags or we
+ // private. Thus we must give isSecureURI correct flags or we
// might get incorrect results.
let flags = (httpActivity.private) ?
Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
- let host = httpActivity.hostname;
-
- info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags);
- info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags);
+ if (!uri) {
+ // isSecureURI only cares about the host, not the scheme.
+ let host = httpActivity.hostname;
+ uri = Services.io.newURI("https://" + host);
+ }
+
+ info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags);
+ info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags);
} else {
DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo",
"Could not get HSTS/HPKP status as hostname is not available.");
info.hsts = false;
info.hpkp = false;
}
} else {
@@ -37647,25 +37651,29 @@ var Debugger =
// HSTS and HPKP if available.
if (httpActivity.hostname) {
const sss = Cc("@mozilla.org/ssservice;1")
.getService(Ci.nsISiteSecurityService);
// SiteSecurityService uses different storage if the channel is
- // private. Thus we must give isSecureHost correct flags or we
+ // private. Thus we must give isSecureURI correct flags or we
// might get incorrect results.
let flags = (httpActivity.private) ?
Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
- let host = httpActivity.hostname;
-
- info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags);
- info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags);
+ if (!uri) {
+ // isSecureURI only cares about the host, not the scheme.
+ let host = httpActivity.hostname;
+ uri = Services.io.newURI("https://" + host);
+ }
+
+ info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags);
+ info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags);
} else {
DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo",
"Could not get HSTS/HPKP status as hostname is not available.");
info.hsts = false;
info.hpkp = false;
}
} else {
--- a/devtools/shared/webconsole/network-helper.js
+++ b/devtools/shared/webconsole/network-helper.js
@@ -628,25 +628,29 @@ var NetworkHelper = {
info.cert = this.parseCertificateInfo(SSLStatus.serverCert);
// HSTS and HPKP if available.
if (httpActivity.hostname) {
const sss = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
// SiteSecurityService uses different storage if the channel is
- // private. Thus we must give isSecureHost correct flags or we
+ // private. Thus we must give isSecureURI correct flags or we
// might get incorrect results.
let flags = (httpActivity.private) ?
Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
- let host = httpActivity.hostname;
+ if (!uri) {
+ // isSecureURI only cares about the host, not the scheme.
+ let host = httpActivity.hostname;
+ uri = Services.io.newURI("https://" + host);
+ }
- info.hsts = sss.isSecureHost(sss.HEADER_HSTS, host, flags);
- info.hpkp = sss.isSecureHost(sss.HEADER_HPKP, host, flags);
+ info.hsts = sss.isSecureURI(sss.HEADER_HSTS, uri, flags);
+ info.hpkp = sss.isSecureURI(sss.HEADER_HPKP, uri, flags);
} else {
DevToolsUtils.reportException("NetworkHelper.parseSecurityInfo",
"Could not get HSTS/HPKP status as hostname is not available.");
info.hsts = false;
info.hpkp = false;
}
} else {
// The connection failed.
--- a/security/manager/ssl/SSLServerCertVerification.cpp
+++ b/security/manager/ssl/SSLServerCertVerification.cpp
@@ -506,32 +506,42 @@ CertErrorRunnable::CheckCertOverrides()
nsCOMPtr<nsISiteSecurityService> sss(do_GetService(NS_SSSERVICE_CONTRACTID));
if (!sss) {
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
("[%p][%p] couldn't get nsISiteSecurityService to check for HSTS/HPKP\n",
mFdForLogging, this));
return new SSLServerCertVerificationResult(mInfoObject,
mDefaultErrorCodeToReport);
}
- nsresult nsrv = sss->IsSecureHost(nsISiteSecurityService::HEADER_HSTS,
- mInfoObject->GetHostName(),
- mProviderFlags,
- nullptr,
- &strictTransportSecurityEnabled);
+ nsCOMPtr<nsIURI> uri;
+ nsresult nsrv = NS_NewURI(getter_AddRefs(uri),
+ NS_LITERAL_CSTRING("https://") +
+ mInfoObject->GetHostName());
+ if (NS_FAILED(nsrv)) {
+ MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
+ ("[%p][%p] Creating new URI failed\n", mFdForLogging, this));
+ return new SSLServerCertVerificationResult(mInfoObject,
+ mDefaultErrorCodeToReport);
+ }
+ nsrv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS,
+ uri,
+ mProviderFlags,
+ nullptr,
+ &strictTransportSecurityEnabled);
if (NS_FAILED(nsrv)) {
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
("[%p][%p] checking for HSTS failed\n", mFdForLogging, this));
return new SSLServerCertVerificationResult(mInfoObject,
mDefaultErrorCodeToReport);
}
- nsrv = sss->IsSecureHost(nsISiteSecurityService::HEADER_HPKP,
- mInfoObject->GetHostName(),
- mProviderFlags,
- nullptr,
- &hasPinningInformation);
+ nsrv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HPKP,
+ uri,
+ mProviderFlags,
+ nullptr,
+ &hasPinningInformation);
if (NS_FAILED(nsrv)) {
MOZ_LOG(gPIPNSSLog, LogLevel::Debug,
("[%p][%p] checking for HPKP failed\n", mFdForLogging, this));
return new SSLServerCertVerificationResult(mInfoObject,
mDefaultErrorCodeToReport);
}
if (!strictTransportSecurityEnabled && !hasPinningInformation) {
--- a/security/manager/ssl/nsISiteSecurityService.idl
+++ b/security/manager/ssl/nsISiteSecurityService.idl
@@ -117,57 +117,30 @@ interface nsISiteSecurityService : nsISu
in ACString aHeader,
in nsISSLStatus aSSLStatus,
in uint32_t aFlags,
[optional] out unsigned long long aMaxAge,
[optional] out boolean aIncludeSubdomains,
[optional] out uint32_t aFailureResult);
/**
- * Same as processHeader but without checking for the security properties
- * of the connection. Use ONLY for testing.
- */
- void unsafeProcessHeader(in uint32_t aType,
- in nsIURI aSourceURI,
- in ACString aHeader,
- in uint32_t aFlags,
- [optional] out unsigned long long aMaxAge,
- [optional] out boolean aIncludeSubdomains,
- [optional] out uint32_t aFailureResult);
-
- /**
* Given a header type, removes state relating to that header of a host,
* including the includeSubdomains state that would affect subdomains.
* This essentially removes the state for the domain tree rooted at this
* host.
* @param aType the type of security state in question
* @param aURI the URI of the target host
* @param aFlags options for this request as defined in nsISocketProvider:
* NO_PERMANENT_STORAGE
*/
void removeState(in uint32_t aType,
in nsIURI aURI,
in uint32_t aFlags);
/**
- * See isSecureURI
- *
- * @param aType the type of security state in question.
- * @param aHost the hostname (punycode) to query for state.
- * @param aFlags options for this request as defined in nsISocketProvider:
- * NO_PERMANENT_STORAGE
- * @param aCached true if we have cached information regarding whether or not
- * the host is HSTS, false otherwise.
- */
- boolean isSecureHost(in uint32_t aType,
- in ACString aHost,
- in uint32_t aFlags,
- [optional] out boolean aCached);
-
- /**
* Checks whether or not the URI's hostname has a given security state set.
* For example, for HSTS:
* The URI is an HSTS URI if either the host has the HSTS state set, or one
* of its super-domains has the HSTS "includeSubdomains" flag set.
* NOTE: this function makes decisions based only on the
* host contained in the URI, and disregards other portions of the URI
* such as path and port.
*
--- a/security/manager/ssl/nsSiteSecurityService.cpp
+++ b/security/manager/ssl/nsSiteSecurityService.cpp
@@ -570,36 +570,16 @@ nsSiteSecurityService::ProcessHeader(uin
NS_ERROR_NOT_IMPLEMENTED);
NS_ENSURE_ARG(aSSLStatus);
return ProcessHeaderInternal(aType, aSourceURI, PromiseFlatCString(aHeader),
aSSLStatus, aFlags, aMaxAge, aIncludeSubdomains,
aFailureResult);
}
-NS_IMETHODIMP
-nsSiteSecurityService::UnsafeProcessHeader(uint32_t aType,
- nsIURI* aSourceURI,
- const nsACString& aHeader,
- uint32_t aFlags,
- uint64_t* aMaxAge,
- bool* aIncludeSubdomains,
- uint32_t* aFailureResult)
-{
- // Child processes are not allowed direct access to this.
- if (!XRE_IsParentProcess()) {
- MOZ_CRASH("Child process: no direct access to "
- "nsISiteSecurityService::UnsafeProcessHeader");
- }
-
- return ProcessHeaderInternal(aType, aSourceURI, PromiseFlatCString(aHeader),
- nullptr, aFlags, aMaxAge, aIncludeSubdomains,
- aFailureResult);
-}
-
nsresult
nsSiteSecurityService::ProcessHeaderInternal(uint32_t aType,
nsIURI* aSourceURI,
const nsCString& aHeader,
nsISSLStatus* aSSLStatus,
uint32_t aFlags,
uint64_t* aMaxAge,
bool* aIncludeSubdomains,
@@ -1212,17 +1192,17 @@ nsSiteSecurityService::HostHasHSTSEntry(
*aCached = true;
}
return true;
}
return false;
}
-NS_IMETHODIMP
+nsresult
nsSiteSecurityService::IsSecureHost(uint32_t aType, const nsACString& aHost,
uint32_t aFlags, bool* aCached,
bool* aResult)
{
// Child processes are not allowed direct access to this.
if (!XRE_IsParentProcess() && aType != nsISiteSecurityService::HEADER_HSTS) {
MOZ_CRASH("Child process: no direct access to "
"nsISiteSecurityService::IsSecureHost for non-HSTS entries");
--- a/security/manager/ssl/nsSiteSecurityService.h
+++ b/security/manager/ssl/nsSiteSecurityService.h
@@ -167,16 +167,18 @@ private:
nsresult SetHPKPState(const char* aHost, SiteHPKPState& entry, uint32_t flags,
bool aIsPreload);
nsresult RemoveStateInternal(uint32_t aType, const nsAutoCString& aHost,
uint32_t aFlags, bool aIsPreload);
bool HostHasHSTSEntry(const nsAutoCString& aHost,
bool aRequireIncludeSubdomains, uint32_t aFlags,
bool* aResult, bool* aCached);
const nsSTSPreload *GetPreloadListEntry(const char *aHost);
+ nsresult IsSecureHost(uint32_t aType, const nsACString& aHost,
+ uint32_t aFlags, bool* aCached, bool* aResult);
uint64_t mMaxMaxAge;
bool mUsePreloadList;
int64_t mPreloadListTimeOffset;
bool mProcessPKPHeadersFromNonBuiltInRoots;
RefPtr<mozilla::DataStorage> mSiteStateStorage;
RefPtr<mozilla::DataStorage> mPreloadStateStorage;
};
--- a/security/manager/ssl/tests/gtest/moz.build
+++ b/security/manager/ssl/tests/gtest/moz.build
@@ -5,17 +5,16 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
SOURCES += [
'CertDBTest.cpp',
'DataStorageTest.cpp',
'DeserializeCertTest.cpp',
'MD4Test.cpp',
'OCSPCacheTest.cpp',
- 'STSParserTest.cpp',
'TLSIntoleranceTest.cpp',
]
LOCAL_INCLUDES += [
'/security/certverifier',
'/security/manager/ssl',
'/security/pkix/include',
'/security/pkix/test/lib',
--- a/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
+++ b/security/manager/ssl/tests/mochitest/browser/browser_bug627234_perwindowpb.js
@@ -49,17 +49,19 @@ function test() {
}
function doTest(aIsPrivateMode, aWindow, aCallback) {
aWindow.gBrowser.selectedBrowser.addEventListener("load", function() {
let sslStatus = new FakeSSLStatus();
uri = aWindow.Services.io.newURI("https://localhost/img.png");
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000", sslStatus, privacyFlags(aIsPrivateMode));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "localhost", privacyFlags(aIsPrivateMode)), "checking sts host");
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
+ privacyFlags(aIsPrivateMode)),
+ "checking sts host");
aCallback();
}, {capture: true, once: true});
aWindow.gBrowser.selectedBrowser.loadURI(testURI);
}
function testOnWindow(aOptions, aCallback) {
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
@@ -26,16 +26,17 @@
"tests/security/manager/ssl/tests/mochitest/stricttransportsecurity";
const NUM_TEST_FRAMES = 4;
const CONTENT_PAGE =
"http://mochi.test:8888/chrome/security/manager/ssl/tests/mochitest/stricttransportsecurity/page_blank.html";
Cu.import("resource://testing-common/BrowserTestUtils.jsm");
Cu.import("resource://testing-common/ContentTask.jsm");
Cu.import("resource://gre/modules/Task.jsm");
+ Cu.import("resource://gre/modules/Services.jsm");
// This is how many sub-tests (testframes) in each round.
// When the round begins, this will be initialized.
var testsleftinround = 0;
var currentround = "";
var mainWindow =
window.QueryInterface(Ci.nsIInterfaceRequestor).
getInterface(Ci.nsIWebNavigation).QueryInterface(Ci.nsIDocShellTreeItem).
@@ -237,17 +238,19 @@
SpecialPowers.cleanUpSTSData("http://example.com", flags);
dump_STSState(isPrivate);
}
function dump_STSState(isPrivate) {
let sss = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
let flags = isPrivate ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
- SimpleTest.info("State of example.com: " + sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "example.com", flags));
+ SimpleTest.info("State of example.com: " +
+ sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example.com"), flags));
}
// These are executed in the order presented.
// 0. test that STS works before entering private browsing mode.
// (load sts-bootstrapped "plain" tests)
// ... clear any STS data ...
// 1. test that STS works in private browsing mode
// (load sts-bootstrapped "subdomain" tests)
--- a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
+++ b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
@@ -1,25 +1,33 @@
/* import-globals-from head_psm.js */
"use strict";
function run_test() {
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "expired.example.com", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "notexpired.example.com", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.bugzilla.mozilla.org", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "incsubdomain.example.com", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.incsubdomain.example.com", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.login.persona.org", 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://expired.example.com"),
+ 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://notexpired.example.com"),
+ 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://bugzilla.mozilla.org"),
+ 0));
+ ok(!SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
+ ok(SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://incsubdomain.example.com"), 0));
+ ok(SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://login.persona.org"),
+ 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.login.persona.org"),
+ 0));
do_test_finished();
}
--- a/security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js
+++ b/security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js
@@ -49,64 +49,55 @@ var sslStatus = new FakeSSLStatus(constr
// and then checking that the platform doesn't consider a.pinning2.example.com
// to be HSTS or HPKP any longer.
add_task(function* () {
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, GOOD_MAX_AGE,
sslStatus, 0);
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HPKP, uri,
GOOD_MAX_AGE + VALID_PIN + BACKUP_PIN, sslStatus, 0);
- Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.pinning2.example.com", 0),
+ Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
"a.pinning2.example.com should be HSTS");
- Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "a.pinning2.example.com", 0),
+ Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0),
"a.pinning2.example.com should be HPKP");
yield ForgetAboutSite.removeDataFromDomain("a.pinning2.example.com");
- Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.pinning2.example.com", 0),
+ Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
"a.pinning2.example.com should not be HSTS now");
- Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "a.pinning2.example.com", 0),
+ Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0),
"a.pinning2.example.com should not be HPKP now");
});
// Test the case of processing HSTS and HPKP headers for a.pinning2.example.com,
// using "Forget About Site" on example.com, and then checking that the platform
// doesn't consider the subdomain to be HSTS or HPKP any longer. Also test that
// unrelated sites don't also get removed.
add_task(function* () {
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, GOOD_MAX_AGE,
sslStatus, 0);
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HPKP, uri,
GOOD_MAX_AGE + VALID_PIN + BACKUP_PIN, sslStatus, 0);
- Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.pinning2.example.com", 0),
+ Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
"a.pinning2.example.com should be HSTS (subdomain case)");
- Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "a.pinning2.example.com", 0),
+ Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0),
"a.pinning2.example.com should be HPKP (subdomain case)");
// Add an unrelated site to HSTS. Not HPKP because we have no valid keys for
// example.org.
let unrelatedURI = Services.io.newURI("https://example.org");
sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, unrelatedURI,
GOOD_MAX_AGE, sslStatus, 0);
- Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.org", 0),
- "example.org should be HSTS");
+ Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ unrelatedURI, 0), "example.org should be HSTS");
yield ForgetAboutSite.removeDataFromDomain("example.com");
- Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.pinning2.example.com", 0),
+ Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
"a.pinning2.example.com should not be HSTS now (subdomain case)");
- Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "a.pinning2.example.com", 0),
+ Assert.ok(!sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP, uri, 0),
"a.pinning2.example.com should not be HPKP now (subdomain case)");
- Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.org", 0),
+ Assert.ok(sss.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ unrelatedURI, 0),
"example.org should still be HSTS");
});
--- a/security/manager/ssl/tests/unit/test_ocsp_no_hsts_upgrade.js
+++ b/security/manager/ssl/tests/unit/test_ocsp_no_hsts_upgrade.js
@@ -40,15 +40,14 @@ function run_test() {
add_test(function () { ocspResponder.stop(run_next_test); });
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
let uri = Services.io.newURI("http://localhost");
let sslStatus = new FakeSSLStatus();
SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=10000", sslStatus, 0);
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "localhost", 0),
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
"Domain for the OCSP AIA URI should be considered a HSTS host, otherwise" +
" we wouldn't be testing what we think we're testing");
run_next_test();
}
--- a/security/manager/ssl/tests/unit/test_pinning_dynamic.js
+++ b/security/manager/ssl/tests/unit/test_pinning_dynamic.js
@@ -70,27 +70,31 @@ function run_test() {
gSSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
notEqual(gSSService, null,
"SiteSecurityService should have initialized successfully using" +
" the generated state file");
}
function checkDefaultSiteHPKPStatus() {
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "a.pinning2.example.com", 0),
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HPKP,
+ Services.io.newURI("https://a.pinning2.example.com"), 0),
"a.pinning2.example.com should have HPKP status");
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "x.a.pinning2.example.com", 0),
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HPKP,
+ Services.io.newURI("https://x.a.pinning2.example.com"), 0),
"x.a.pinning2.example.com should not have HPKP status");
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "b.pinning2.example.com", 0),
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HPKP,
+ Services.io.newURI("https://b.pinning2.example.com"), 0),
"b.pinning2.example.com should have HPKP status");
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "x.b.pinning2.example.com", 0),
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HPKP,
+ Services.io.newURI("https://x.b.pinning2.example.com"), 0),
"x.b.pinning2.example.com should have HPKP status");
}
function checkStateRead(aSubject, aTopic, aData) {
if (aData == SSS_STATE_FILE_NAME) {
gSSSStateSeen = true;
} else if (aData == PRELOAD_STATE_FILE_NAME) {
gPreloadStateSeen = true;
@@ -154,22 +158,24 @@ function checkStateRead(aSubject, aTopic
"b.pinning2.example.com");
checkOK(certFromFile("b.pinning2.example.com-pinningroot"),
"b.pinning2.example.com");
checkFail(certFromFile("x.b.pinning2.example.com-badca"),
"x.b.pinning2.example.com");
checkOK(certFromFile("x.b.pinning2.example.com-pinningroot"),
"x.b.pinning2.example.com");
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "a.pinning2.example.com", 0),
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HPKP,
+ Services.io.newURI("https://a.pinning2.example.com"), 0),
"a.pinning2.example.com should still have HPKP status after adding" +
" includeSubdomains to a.pinning2.example.com");
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "x.a.pinning2.example.com", 0),
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HPKP,
+ Services.io.newURI("https://x.a.pinning2.example.com"), 0),
"x.a.pinning2.example.com should now have HPKP status after adding" +
" includeSubdomains to a.pinning2.example.com");
// Now setpins without subdomains
gSSService.setKeyPins("a.pinning2.example.com", false,
new Date().getTime() + 1000000, 2,
[NON_ISSUED_KEY_HASH, PINNING_ROOT_KEY_HASH]);
checkFail(certFromFile("a.pinning2.example.com-badca"),
@@ -220,21 +226,23 @@ function checkStateRead(aSubject, aTopic
// Incorrect size results in failure
throws(() => {
gSSService.setKeyPins("a.pinning2.example.com", true,
new Date().getTime() + 1000000, 2, ["not a hash"]);
}, /NS_ERROR_XPC_NOT_ENOUGH_ELEMENTS_IN_ARRAY/,
"Attempting to set a pin with an incorrect size should fail");
// Ensure built-in pins work as expected
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "nonexistent.example.com", 0),
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HPKP,
+ Services.io.newURI("https://nonexistent.example.com"), 0),
"Not built-in nonexistent.example.com should not have HPKP status");
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "include-subdomains.pinning.example.com", 0),
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HPKP,
+ Services.io.newURI("https://include-subdomains.pinning.example.com"), 0),
"Built-in include-subdomains.pinning.example.com should have HPKP status");
gSSService.setKeyPins("a.pinning2.example.com", false, new Date().getTime(),
1, [NON_ISSUED_KEY_HASH]);
// Check that a preload pin loaded from file works as expected
checkFail(certFromFile("a.preload.example.com-badca"), "a.preload.example.com");
checkOK(certFromFile("a.preload.example.com-pinningroot"), "a.preload.example.com");
--- a/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
+++ b/security/manager/ssl/tests/unit/test_pinning_header_parsing.js
@@ -58,18 +58,18 @@ function checkPassValidPin(pinValue, set
// check that maxAge was processed correctly
if (settingPin && expectedMaxAge) {
ok(maxAge.value == expectedMaxAge, `max-age value should be ${expectedMaxAge}`);
}
// after processing ensure that the postconditions are true, if setting
// the host must be pinned, if removing the host must not be pinned
- let hostIsPinned = gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
- "a.pinning2.example.com", 0);
+ let hostIsPinned = gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HPKP,
+ uri, 0);
if (settingPin) {
ok(hostIsPinned, "Host should be considered pinned");
} else {
ok(!hostIsPinned, "Host should not be considered pinned");
}
}
function checkPassSettingPin(pinValue, expectedMaxAge) {
--- a/security/manager/ssl/tests/unit/test_sss_eviction.js
+++ b/security/manager/ssl/tests/unit/test_sss_eviction.js
@@ -46,18 +46,19 @@ function do_state_written(aSubject, aTop
function do_state_read(aSubject, aTopic, aData) {
if (aData == PRELOAD_STATE_FILE_NAME) {
return;
}
equal(aData, SSS_STATE_FILE_NAME);
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "frequentlyused.example.com", 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://frequentlyused.example.com"), 0));
let sslStatus = new FakeSSLStatus();
for (let i = 0; i < 2000; i++) {
let uri = Services.io.newURI("http://bad" + i + ".example.com");
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000", sslStatus, 0);
}
do_test_pending();
Services.obs.addObserver(do_state_written, "data-storage-written", false);
--- a/security/manager/ssl/tests/unit/test_sss_readstate.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate.js
@@ -14,51 +14,65 @@ var gSSService = null;
function checkStateRead(aSubject, aTopic, aData) {
if (aData == PRELOAD_STATE_FILE_NAME) {
return;
}
equal(aData, SSS_STATE_FILE_NAME);
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "expired.example.com", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "notexpired.example.com", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.bugzilla.mozilla.org", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "incsubdomain.example.com", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.incsubdomain.example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.login.persona.org", 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://expired.example.com"),
+ 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://notexpired.example.com"),
+ 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://bugzilla.mozilla.org"),
+ 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://incsubdomain.example.com"), 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://login.persona.org"),
+ 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.login.persona.org"), 0));
// Clearing the data should make everything go back to default.
gSSService.clearAll();
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "expired.example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "notexpired.example.com", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.bugzilla.mozilla.org", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "incsubdomain.example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.incsubdomain.example.com", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.login.persona.org", 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://expired.example.com"),
+ 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://notexpired.example.com"), 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://bugzilla.mozilla.org"),
+ 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://incsubdomain.example.com"), 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://login.persona.org"), 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.login.persona.org"),
+ 0));
do_test_finished();
}
function run_test() {
let profileDir = do_get_profile();
let stateFile = profileDir.clone();
stateFile.append(SSS_STATE_FILE_NAME);
// Assuming we're working with a clean slate, the file shouldn't exist
--- a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
@@ -5,25 +5,28 @@
// The purpose of this test is to create an empty site security service state
// file and see that the site security service doesn't fail when reading it.
var gSSService = null;
function checkStateRead(aSubject, aTopic, aData) {
// nonexistent.example.com should never be an HSTS host
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "nonexistent.example.com", 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://nonexistent.example.com"), 0));
// bugzilla.mozilla.org is preloaded
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://bugzilla.mozilla.org"),
+ 0));
// notexpired.example.com is an HSTS host in a different test - we
// want to make sure that test hasn't interfered with this one.
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "notexpired.example.com", 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://notexpired.example.com"), 0));
do_test_finished();
}
function run_test() {
let profileDir = do_get_profile();
let stateFile = profileDir.clone();
stateFile.append(SSS_STATE_FILE_NAME);
// Assuming we're working with a clean slate, the file shouldn't exist
--- a/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_garbage.js
@@ -14,24 +14,27 @@ var gSSService = null;
function checkStateRead(aSubject, aTopic, aData) {
if (aData == PRELOAD_STATE_FILE_NAME) {
return;
}
equal(aData, SSS_STATE_FILE_NAME);
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example1.example.com", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example2.example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example3.example.com", 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example1.example.com"),
+ 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example2.example.com"),
+ 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example.com"), 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example3.example.com"),
+ 0));
do_test_finished();
}
function run_test() {
let profileDir = do_get_profile();
let stateFile = profileDir.clone();
stateFile.append(SSS_STATE_FILE_NAME);
// Assuming we're working with a clean slate, the file shouldn't exist
--- a/security/manager/ssl/tests/unit/test_sss_readstate_huge.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_huge.js
@@ -15,30 +15,37 @@ var gSSService = null;
function checkStateRead(aSubject, aTopic, aData) {
if (aData == PRELOAD_STATE_FILE_NAME) {
return;
}
equal(aData, SSS_STATE_FILE_NAME);
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example0.example.com", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example423.example.com", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example1023.example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example1024.example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example1025.example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example9000.example.com", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example99999.example.com", 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example0.example.com"),
+ 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example423.example.com"), 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example1023.example.com"), 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example1024.example.com"), 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example1025.example.com"), 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example9000.example.com"), 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example99999.example.com"), 0));
do_test_finished();
}
function run_test() {
let profileDir = do_get_profile();
let stateFile = profileDir.clone();
stateFile.append(SSS_STATE_FILE_NAME);
// Assuming we're working with a clean slate, the file shouldn't exist
--- a/security/manager/ssl/tests/unit/test_sts_fqdn.js
+++ b/security/manager/ssl/tests/unit/test_sts_fqdn.js
@@ -2,48 +2,35 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
"use strict";
function run_test() {
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com.", 0));
+ let uri = Services.io.newURI("https://example.com");
+ let uri1 = Services.io.newURI("https://example.com.");
+ let uri2 = Services.io.newURI("https://example.com..");
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0));
// These cases are only relevant as long as bug 1118522 hasn't been fixed.
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com..", 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0));
- let uri = Services.io.newURI("https://example.com");
let sslStatus = new FakeSSLStatus();
SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000;includeSubdomains", sslStatus, 0);
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com.", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com..", 0));
-
ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
- uri = Services.io.newURI("https://example.com.");
- ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
- uri = Services.io.newURI("https://example.com..");
- ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0));
SSService.removeState(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0);
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com.", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.com..", 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri1, 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri2, 0));
// Somehow creating this malformed URI succeeds - we need to handle it
// gracefully.
uri = Services.io.newURI("https://../foo");
equal(uri.host, "..");
throws(() => {
SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0);
}, /NS_ERROR_UNEXPECTED/, "Malformed URI should be rejected");
--- a/security/manager/ssl/tests/unit/test_sts_holepunch.js
+++ b/security/manager/ssl/tests/unit/test_sts_holepunch.js
@@ -5,30 +5,33 @@
"use strict";
// bug 961528: chart.apis.google.com doesn't handle https. Check that
// it isn't considered HSTS (other example.apis.google.com hosts should be
// HSTS as long as they're on the preload list, however).
function run_test() {
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "chart.apis.google.com", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "CHART.APIS.GOOGLE.COM", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.chart.apis.google.com", 0));
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "SUB.CHART.APIS.GOOGLE.COM", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "example.apis.google.com", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "EXAMPLE.APIS.GOOGLE.COM", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.example.apis.google.com", 0));
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "SUB.EXAMPLE.APIS.GOOGLE.COM", 0));
- // also check isSecureURI
- let chartURI = Services.io.newURI("http://chart.apis.google.com");
- ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, chartURI, 0));
- let otherURI = Services.io.newURI("http://other.apis.google.com");
- ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, otherURI, 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://chart.apis.google.com"),
+ 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://CHART.APIS.GOOGLE.COM"),
+ 0));
+ ok(!SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.chart.apis.google.com"), 0));
+ ok(!SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://SUB.CHART.APIS.GOOGLE.COM"), 0));
+ ok(SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://example.apis.google.com"), 0));
+ ok(SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://EXAMPLE.APIS.GOOGLE.COM"), 0));
+ ok(SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sub.example.apis.google.com"), 0));
+ ok(SSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://SUB.EXAMPLE.APIS.GOOGLE.COM"), 0));
}
--- a/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js
+++ b/security/manager/ssl/tests/unit/test_sts_ipv4_ipv6.js
@@ -1,31 +1,33 @@
"use strict";
function check_ip(s, v, ip) {
let sslStatus = new FakeSSLStatus();
- ok(!s.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, ip, 0));
let str = "https://";
if (v == 6) {
str += "[";
}
str += ip;
if (v == 6) {
str += "]";
}
str += "/";
let uri = Services.io.newURI(str);
+ ok(!s.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
let parsedMaxAge = {};
let parsedIncludeSubdomains = {};
s.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000;includeSubdomains", sslStatus, 0,
parsedMaxAge, parsedIncludeSubdomains);
+ ok(!s.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0),
+ "URI should not be secure if it contains an IP address");
/* Test that processHeader will ignore headers for an uri, if the uri
* contains an IP address not a hostname.
* If processHeader indeed ignore the header, then the output parameters will
* remain empty, and we shouldn't see the values passed as the header.
*/
notEqual(parsedMaxAge.value, 1000);
notEqual(parsedIncludeSubdomains.value, true);
--- a/security/manager/ssl/tests/unit/test_sts_parser.js
+++ b/security/manager/ssl/tests/unit/test_sts_parser.js
@@ -1,147 +1,113 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*-
+ * vim: sw=2 ts=2 sts=2
+ * This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-#include <stdio.h>
+"use strict";
-#include "gtest/gtest.h"
-#include "nsDependentString.h"
-#include "nsNetUtil.h"
-#include "nsISiteSecurityService.h"
-#include "nsIURI.h"
+// STS parser tests
+
+let sss = Cc["@mozilla.org/ssservice;1"].getService(Ci.nsISiteSecurityService);
+let sslStatus = new FakeSSLStatus();
-void
-TestSuccess(const char* hdr, bool extraTokens,
- uint64_t expectedMaxAge, bool expectedIncludeSubdomains,
- nsISiteSecurityService* sss)
-{
- nsCOMPtr<nsIURI> dummyUri;
- nsresult rv = NS_NewURI(getter_AddRefs(dummyUri), "https://foo.com/bar.html");
- ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to create URI";
+function testSuccess(header, expectedMaxAge, expectedIncludeSubdomains) {
+ let dummyUri = Services.io.newURI("https://foo.com/bar.html");
+ let maxAge = {};
+ let includeSubdomains = {};
+
+ sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, dummyUri, header,
+ sslStatus, 0, maxAge, includeSubdomains);
- uint64_t maxAge = 0;
- bool includeSubdomains = false;
- rv = sss->UnsafeProcessHeader(nsISiteSecurityService::HEADER_HSTS, dummyUri,
- nsDependentCString(hdr), 0, &maxAge,
- &includeSubdomains, nullptr);
- ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to process valid header: " << hdr;
+ equal(maxAge.value, expectedMaxAge, "Did not correctly parse maxAge");
+ equal(includeSubdomains.value, expectedIncludeSubdomains,
+ "Did not correctly parse presence/absence of includeSubdomains");
+}
- ASSERT_EQ(maxAge, expectedMaxAge) << "Did not correctly parse maxAge";
- EXPECT_EQ(includeSubdomains, expectedIncludeSubdomains) <<
- "Did not correctly parse presence/absence of includeSubdomains";
+function testFailure(header) {
+ let dummyUri = Services.io.newURI("https://foo.com/bar.html");
+ let maxAge = {};
+ let includeSubdomains = {};
- if (extraTokens) {
- EXPECT_EQ(rv, NS_SUCCESS_LOSS_OF_INSIGNIFICANT_DATA) <<
- "Extra tokens were expected when parsing, but were not encountered.";
- } else {
- EXPECT_EQ(rv, NS_OK) << "Unexpected tokens found during parsing.";
- }
-
- printf("%s\n", hdr);
+ throws(() => {
+ sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, dummyUri, header,
+ sslStatus, 0, maxAge, includeSubdomains);
+ }, "Parsed invalid header: " + header);
}
-void TestFailure(const char* hdr,
- nsISiteSecurityService* sss)
-{
- nsCOMPtr<nsIURI> dummyUri;
- nsresult rv = NS_NewURI(getter_AddRefs(dummyUri), "https://foo.com/bar.html");
- ASSERT_TRUE(NS_SUCCEEDED(rv)) << "Failed to create URI";
-
- rv = sss->UnsafeProcessHeader(nsISiteSecurityService::HEADER_HSTS, dummyUri,
- nsDependentCString(hdr), 0, nullptr, nullptr,
- nullptr);
- ASSERT_TRUE(NS_FAILED(rv)) << "Parsed invalid header: " << hdr;
-
- printf("%s\n", hdr);
-}
-
-TEST(psm_STSParser, Test)
-{
- nsresult rv;
-
- // grab handle to the service
- nsCOMPtr<nsISiteSecurityService> sss;
- sss = do_GetService("@mozilla.org/ssservice;1", &rv);
- ASSERT_TRUE(NS_SUCCEEDED(rv));
-
- // *** parsing tests
- printf("*** Attempting to parse valid STS headers ...\n");
-
+function run_test() {
// SHOULD SUCCEED:
- TestSuccess("max-age=100", false, 100, false, sss);
- TestSuccess("max-age =100", false, 100, false, sss);
- TestSuccess(" max-age=100", false, 100, false, sss);
- TestSuccess("max-age = 100 ", false, 100, false, sss);
- TestSuccess(R"(max-age = "100" )", false, 100, false, sss);
- TestSuccess(R"(max-age="100")", false, 100, false, sss);
- TestSuccess(R"( max-age ="100" )", false, 100, false, sss);
- TestSuccess("\tmax-age\t=\t\"100\"\t", false, 100, false, sss);
- TestSuccess("max-age = 100 ", false, 100, false, sss);
+ testSuccess("max-age=100", 100, false);
+ testSuccess("max-age =100", 100, false);
+ testSuccess(" max-age=100", 100, false);
+ testSuccess("max-age = 100 ", 100, false);
+ testSuccess('max-age = "100" ', 100, false);
+ testSuccess('max-age="100"', 100, false);
+ testSuccess(' max-age ="100" ', 100, false);
+ testSuccess("\tmax-age\t=\t\"100\"\t", 100, false);
+ testSuccess("max-age = 100 ", 100, false);
- TestSuccess("maX-aGe=100", false, 100, false, sss);
- TestSuccess("MAX-age =100", false, 100, false, sss);
- TestSuccess("max-AGE=100", false, 100, false, sss);
- TestSuccess("Max-Age = 100 ", false, 100, false, sss);
- TestSuccess("MAX-AGE = 100 ", false, 100, false, sss);
+ testSuccess("maX-aGe=100", 100, false);
+ testSuccess("MAX-age =100", 100, false);
+ testSuccess("max-AGE=100", 100, false);
+ testSuccess("Max-Age = 100 ", 100, false);
+ testSuccess("MAX-AGE = 100 ", 100, false);
- TestSuccess("max-age=100;includeSubdomains", false, 100, true, sss);
- TestSuccess("max-age=100\t; includeSubdomains", false, 100, true, sss);
- TestSuccess(" max-age=100; includeSubdomains", false, 100, true, sss);
- TestSuccess("max-age = 100 ; includeSubdomains", false, 100, true, sss);
- TestSuccess("max-age = 100 ; includeSubdomains",
- false, 100, true, sss);
+ testSuccess("max-age=100;includeSubdomains", 100, true);
+ testSuccess("max-age=100\t; includeSubdomains", 100, true);
+ testSuccess(" max-age=100; includeSubdomains", 100, true);
+ testSuccess("max-age = 100 ; includeSubdomains", 100, true);
+ testSuccess("max-age = 100 ; includeSubdomains", 100,
+ true);
- TestSuccess("maX-aGe=100; includeSUBDOMAINS", false, 100, true, sss);
- TestSuccess("MAX-age =100; includeSubDomains", false, 100, true, sss);
- TestSuccess("max-AGE=100; iNcLuDeSuBdoMaInS", false, 100, true, sss);
- TestSuccess("Max-Age = 100; includesubdomains ", false, 100, true, sss);
- TestSuccess("INCLUDESUBDOMAINS;MaX-AgE = 100 ", false, 100, true, sss);
+ testSuccess("maX-aGe=100; includeSUBDOMAINS", 100, true);
+ testSuccess("MAX-age =100; includeSubDomains", 100, true);
+ testSuccess("max-AGE=100; iNcLuDeSuBdoMaInS", 100, true);
+ testSuccess("Max-Age = 100; includesubdomains ", 100, true);
+ testSuccess("INCLUDESUBDOMAINS;MaX-AgE = 100 ", 100, true);
// Turns out, the actual directive is entirely optional (hence the
// trailing semicolon)
- TestSuccess("max-age=100;includeSubdomains;", true, 100, true, sss);
+ testSuccess("max-age=100;includeSubdomains;", 100, true);
// these are weird tests, but are testing that some extended syntax is
// still allowed (but it is ignored)
- TestSuccess("max-age=100 ; includesubdomainsSomeStuff",
- true, 100, false, sss);
- TestSuccess("\r\n\t\t \tcompletelyUnrelated = foobar; max-age= 34520103"
- "\t \t; alsoUnrelated;asIsThis;\tincludeSubdomains\t\t \t",
- true, 34520103, true, sss);
- TestSuccess(R"(max-age=100; unrelated="quoted \"thingy\"")",
- true, 100, false, sss);
+ testSuccess("max-age=100 ; includesubdomainsSomeStuff", 100, false);
+ testSuccess("\r\n\t\t \tcompletelyUnrelated = foobar; max-age= 34520103"
+ + "\t \t; alsoUnrelated;asIsThis;\tincludeSubdomains\t\t \t",
+ 34520103, true);
+ testSuccess('max-age=100; unrelated="quoted \\"thingy\\""', 100, false);
// SHOULD FAIL:
- printf("* Attempting to parse invalid STS headers (should not parse)...\n");
// invalid max-ages
- TestFailure("max-age", sss);
- TestFailure("max-age ", sss);
- TestFailure("max-age=p", sss);
- TestFailure("max-age=*1p2", sss);
- TestFailure("max-age=.20032", sss);
- TestFailure("max-age=!20032", sss);
- TestFailure("max-age==20032", sss);
+ testFailure("max-age");
+ testFailure("max-age ");
+ testFailure("max-age=p");
+ testFailure("max-age=*1p2");
+ testFailure("max-age=.20032");
+ testFailure("max-age=!20032");
+ testFailure("max-age==20032");
// invalid headers
- TestFailure("foobar", sss);
- TestFailure("maxage=100", sss);
- TestFailure("maxa-ge=100", sss);
- TestFailure("max-ag=100", sss);
- TestFailure("includesubdomains", sss);
- TestFailure(";", sss);
- TestFailure(R"(max-age="100)", sss);
+ testFailure("foobar");
+ testFailure("maxage=100");
+ testFailure("maxa-ge=100");
+ testFailure("max-ag=100");
+ testFailure("includesubdomains");
+ testFailure(";");
+ testFailure('max-age="100');
// The max-age directive here doesn't conform to the spec, so it MUST
// be ignored. Consequently, the REQUIRED max-age directive is not
// present in this header, and so it is invalid.
- TestFailure("max-age=100, max-age=200; includeSubdomains", sss);
- TestFailure("max-age=100 includesubdomains", sss);
- TestFailure("max-age=100 bar foo", sss);
- TestFailure("max-age=100randomstuffhere", sss);
+ testFailure("max-age=100, max-age=200; includeSubdomains");
+ testFailure("max-age=100 includesubdomains");
+ testFailure("max-age=100 bar foo");
+ testFailure("max-age=100randomstuffhere");
// All directives MUST appear only once in an STS header field.
- TestFailure("max-age=100; max-age=200", sss);
- TestFailure("includeSubdomains; max-age=200; includeSubdomains", sss);
- TestFailure("max-age=200; includeSubdomains; includeSubdomains", sss);
+ testFailure("max-age=100; max-age=200");
+ testFailure("includeSubdomains; max-age=200; includeSubdomains");
+ testFailure("max-age=200; includeSubdomains; includeSubdomains");
// The includeSubdomains directive is valueless.
- TestFailure("max-age=100; includeSubdomains=unexpected", sss);
+ testFailure("max-age=100; includeSubdomains=unexpected");
// LWS must have at least one space or horizontal tab
- TestFailure("\r\nmax-age=200", sss);
+ testFailure("\r\nmax-age=200");
}
--- a/security/manager/ssl/tests/unit/test_sts_preload_dynamic.js
+++ b/security/manager/ssl/tests/unit/test_sts_preload_dynamic.js
@@ -11,62 +11,57 @@
// * checks that clearing preloads works correctly
// * checks that clearing a host's HSTS state via a header correctly
// overrides dynamic preload entries
function run_test() {
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
let sslStatus = new FakeSSLStatus();
+ let unlikelyHost = "highlyunlikely.example.com";
+ let uri = Services.io.newURI("https://" + unlikelyHost);
+ let subDomainUri = Services.io.newURI("https://subdomain." + unlikelyHost);
// first check that a host probably not on the preload list is not identified
// as an sts host
- let unlikelyHost = "highlyunlikely.example.com";
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- unlikelyHost, 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
// now add a preload entry for this host
SSService.setHSTSPreload(unlikelyHost, false, Date.now() + 60000);
// check that it's now an STS host
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- unlikelyHost, 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
// check that it's honoring the fact we set includeSubdomains to false
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain." + unlikelyHost, 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri,
+ 0));
// clear the non-preloaded entries
SSService.clearAll();
// check that it's still an STS host
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- unlikelyHost, 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
// clear the preloads
SSService.clearPreloads();
// Check that it's no longer an STS host now that the preloads have been
// cleared
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- unlikelyHost, 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
// Now let's do the same, this time with includeSubdomains on
SSService.setHSTSPreload(unlikelyHost, true, Date.now() + 60000);
// check that it's now an STS host
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- unlikelyHost, 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
// check that it's now including subdomains
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain." + unlikelyHost, 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri,
+ 0));
// Now let's simulate overriding the entry by setting an entry from a header
// with max-age set to 0
- let uri = Services.io.newURI("https://" + unlikelyHost);
SSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, 0);
// this should no longer be an HSTS host
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- unlikelyHost, 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
}
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
@@ -33,190 +33,209 @@ function run_test() {
add_test(test_private_browsing1);
add_test(test_private_browsing2);
run_next_test();
}
function test_part1() {
// check that a host not in the list is not identified as an sts host
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "nonexistent.mozilla.com", 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://nonexistent.mozilla.com"), 0));
// check that an ancestor domain is not identified as an sts host
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "com", 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://com"), 0));
// check that the pref to toggle using the preload list works
Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", false);
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://bugzilla.mozilla.org"),
+ 0));
Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", true);
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://bugzilla.mozilla.org"),
+ 0));
// check that a subdomain is an sts host (includeSubdomains is set)
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
// check that another subdomain is an sts host (includeSubdomains is set)
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.b.c.def.bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://a.b.c.def.bugzilla.mozilla.org"), 0));
// check that a subdomain is not an sts host (includeSubdomains is not set)
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.www.torproject.org", 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://subdomain.www.torproject.org"), 0));
// check that a host with a dot on the end won't break anything
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "notsts.nonexistent.mozilla.com.", 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://notsts.nonexistent.mozilla.com."), 0));
// check that processing a header with max-age: 0 will remove a preloaded
// site from the list
- let uri = Services.io.newURI("http://bugzilla.mozilla.org");
+ let uri = Services.io.newURI("https://bugzilla.mozilla.org");
+ let subDomainUri =
+ Services.io.newURI("https://subdomain.bugzilla.mozilla.org");
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, 0);
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ subDomainUri, 0));
// check that processing another header (with max-age non-zero) will
// re-enable a site's sts status
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000", sslStatus, 0);
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
// but this time include subdomains was not set, so test for that
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ subDomainUri, 0));
gSSService.clearAll();
// check that processing a header with max-age: 0 from a subdomain of a site
// will not remove that (ancestor) site from the list
- uri = Services.io.newURI("http://subdomain.www.torproject.org");
+ uri = Services.io.newURI("https://subdomain.www.torproject.org");
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, 0);
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "www.torproject.org", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.www.torproject.org", 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://www.torproject.org"),
+ 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
- uri = Services.io.newURI("http://subdomain.bugzilla.mozilla.org");
+ uri = Services.io.newURI("https://subdomain.bugzilla.mozilla.org");
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, 0);
// we received a header with "max-age=0", so we have "no information"
// regarding the sts state of subdomain.bugzilla.mozilla.org specifically,
// but it is actually still an STS host, because of the preloaded
// bugzilla.mozilla.org including subdomains.
// Here's a drawing:
// |-- bugzilla.mozilla.org (in preload list, includes subdomains) IS sts host
// |-- subdomain.bugzilla.mozilla.org IS sts host
// | `-- another.subdomain.bugzilla.mozilla.org IS sts host
// `-- sibling.bugzilla.mozilla.org IS sts host
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sibling.bugzilla.mozilla.org", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "another.subdomain.bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://bugzilla.mozilla.org"),
+ 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"),
+ 0));
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000", sslStatus, 0);
// Here's what we have now:
// |-- bugzilla.mozilla.org (in preload list, includes subdomains) IS sts host
// |-- subdomain.bugzilla.mozilla.org (include subdomains is false) IS sts host
// | `-- another.subdomain.bugzilla.mozilla.org IS NOT sts host
// `-- sibling.bugzilla.mozilla.org IS sts host
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sibling.bugzilla.mozilla.org", 0));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "another.subdomain.bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0));
+ ok(!gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"),
+ 0));
// Test that an expired non-private browsing entry results in correctly
// identifying a host that is on the preload list as no longer sts.
// (This happens when we're in regular browsing mode, we get a header from
// a site on the preload list, and that header later expires. We need to
// then treat that host as no longer an sts host.)
// (sanity check first - this should be in the preload list)
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
- uri = Services.io.newURI("http://login.persona.org");
+ uri = Services.io.newURI("https://login.persona.org");
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1", sslStatus, 0);
do_timeout(1250, function() {
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
run_next_test();
});
}
const IS_PRIVATE = Ci.nsISocketProvider.NO_PERMANENT_STORAGE;
function test_private_browsing1() {
gSSService.clearAll();
+ let uri = Services.io.newURI("https://bugzilla.mozilla.org");
+ let subDomainUri =
+ Services.io.newURI("https://a.b.c.subdomain.bugzilla.mozilla.org");
// sanity - bugzilla.mozilla.org is preloaded, includeSubdomains set
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", IS_PRIVATE));
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.b.c.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
+ IS_PRIVATE));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri,
+ IS_PRIVATE));
- let uri = Services.io.newURI("http://bugzilla.mozilla.org");
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, IS_PRIVATE);
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", IS_PRIVATE));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.b.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
+ IS_PRIVATE));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ subDomainUri, IS_PRIVATE));
// check adding it back in
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000", sslStatus, IS_PRIVATE);
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", IS_PRIVATE));
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, IS_PRIVATE));
// but no includeSubdomains this time
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "b.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ subDomainUri, IS_PRIVATE));
// do the hokey-pokey...
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, IS_PRIVATE);
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", IS_PRIVATE));
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", IS_PRIVATE));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
+ IS_PRIVATE));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
+ subDomainUri, IS_PRIVATE));
// Test that an expired private browsing entry results in correctly
// identifying a host that is on the preload list as no longer sts.
// (This happens when we're in private browsing mode, we get a header from
// a site on the preload list, and that header later expires. We need to
// then treat that host as no longer an sts host.)
// (sanity check first - this should be in the preload list)
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", IS_PRIVATE));
- uri = Services.io.newURI("http://login.persona.org");
+ uri = Services.io.newURI("https://login.persona.org");
+ ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
+ IS_PRIVATE));
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1", sslStatus, IS_PRIVATE);
do_timeout(1250, function() {
- ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", IS_PRIVATE));
+ ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
+ IS_PRIVATE));
// Simulate leaving private browsing mode
Services.obs.notifyObservers(null, "last-pb-context-exited", null);
});
}
function test_private_browsing2() {
// if this test gets this far, it means there's a private browsing service
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://bugzilla.mozilla.org"), 0));
// the bugzilla.mozilla.org entry has includeSubdomains set
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
// Now that we're out of private browsing mode, we need to make sure
// we've "forgotten" that we "forgot" this site's sts status.
- ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
+ ok(gSSService.isSecureURI(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ Services.io.newURI("https://login.persona.org"), 0));
run_next_test();
}
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
@@ -1,25 +1,23 @@
// This test uses bugzilla.mozilla.org given that it is likely to remain
// on the preload list for a long time.
"use strict";
function run_test() {
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
+ let uri = Services.io.newURI("https://bugzilla.mozilla.org");
// check that a host on the preload list is identified as an sts host
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
// now simulate that it's 19 weeks later than it actually is
let offsetSeconds = 19 * 7 * 24 * 60 * 60;
Services.prefs.setIntPref("test.currentTimeOffsetSeconds", offsetSeconds);
// check that the preloaded host is no longer considered sts
- ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
// just make sure we can get everything back to normal
Services.prefs.clearUserPref("test.currentTimeOffsetSeconds");
- ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
}
--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -136,16 +136,17 @@ skip-if = toolkit == 'android'
[test_sss_readstate_empty.js]
[test_sss_readstate_garbage.js]
[test_sss_readstate_huge.js]
[test_sss_savestate.js]
[test_startcom_wosign.js]
[test_sts_fqdn.js]
[test_sts_holepunch.js]
[test_sts_ipv4_ipv6.js]
+[test_sts_parser.js]
[test_sts_preload_dynamic.js]
[test_sts_preloadlist_perwindowpb.js]
[test_sts_preloadlist_selfdestruct.js]
[test_validity.js]
run-sequentially = hardcoded ports
[test_x509.js]
# The TLS error reporting functionality lives in /toolkit but needs tlsserver
--- a/services/common/tests/unit/test_blocklist_pinning.js
+++ b/services/common/tests/unit/test_blocklist_pinning.js
@@ -87,52 +87,62 @@ add_task(function* test_something() {
}
server.registerPathHandler(configPath, handleResponse);
server.registerPathHandler(recordsPath, handleResponse);
let sss = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
// ensure our pins are all missing before we start
- ok(!sss.isSecureHost(sss.HEADER_HPKP, "one.example.com", 0));
- ok(!sss.isSecureHost(sss.HEADER_HPKP, "two.example.com", 0));
- ok(!sss.isSecureHost(sss.HEADER_HPKP, "three.example.com", 0));
- ok(!sss.isSecureHost(sss.HEADER_HSTS, "five.example.com", 0));
+ ok(!sss.isSecureURI(sss.HEADER_HPKP,
+ Services.io.newURI("https://one.example.com"), 0));
+ ok(!sss.isSecureURI(sss.HEADER_HPKP,
+ Services.io.newURI("https://two.example.com"), 0));
+ ok(!sss.isSecureURI(sss.HEADER_HPKP,
+ Services.io.newURI("https://three.example.com"), 0));
+ ok(!sss.isSecureURI(sss.HEADER_HSTS,
+ Services.io.newURI("https://four.example.com"), 0));
+ ok(!sss.isSecureURI(sss.HEADER_HSTS,
+ Services.io.newURI("https://five.example.com"), 0));
// Test an empty db populates
yield PinningPreloadClient.maybeSync(2000, Date.now());
let connection = yield FirefoxAdapter.openConnection({path: KINTO_STORAGE_PATH});
// Open the collection, verify it's been populated:
// Our test data has a single record; it should be in the local collection
let collection = do_get_kinto_collection(connection, COLLECTION_NAME);
let list = yield collection.list();
do_check_eq(list.data.length, 1);
// check that a pin exists for one.example.com
- ok(sss.isSecureHost(sss.HEADER_HPKP, "one.example.com", 0));
+ ok(sss.isSecureURI(sss.HEADER_HPKP,
+ Services.io.newURI("https://one.example.com"), 0));
// Test the db is updated when we call again with a later lastModified value
yield PinningPreloadClient.maybeSync(4000, Date.now());
// Open the collection, verify it's been updated:
// Our data now has four new records; all should be in the local collection
collection = do_get_kinto_collection(connection, COLLECTION_NAME);
list = yield collection.list();
do_check_eq(list.data.length, 5);
yield connection.close();
// check that a pin exists for two.example.com and three.example.com
- ok(sss.isSecureHost(sss.HEADER_HPKP, "two.example.com", 0));
- ok(sss.isSecureHost(sss.HEADER_HPKP, "three.example.com", 0));
+ ok(sss.isSecureURI(sss.HEADER_HPKP,
+ Services.io.newURI("https://two.example.com"), 0));
+ ok(sss.isSecureURI(sss.HEADER_HPKP,
+ Services.io.newURI("https://three.example.com"), 0));
// check that a pin does not exist for four.example.com - it's in the
// collection but the version should not match
- ok(!sss.isSecureHost(sss.HEADER_HPKP, "four.example.com", 0));
+ ok(!sss.isSecureURI(sss.HEADER_HPKP,
+ Services.io.newURI("https://four.example.com"), 0));
// Try to maybeSync with the current lastModified value - no connection
// should be attempted.
// Clear the kinto base pref so any connections will cause a test failure
Services.prefs.clearUserPref("services.settings.server");
yield PinningPreloadClient.maybeSync(4000, Date.now());
// Try again with a lastModified value at some point in the past
@@ -141,30 +151,35 @@ add_task(function* test_something() {
// Check the pinning check time pref is modified, even if the collection
// hasn't changed
Services.prefs.setIntPref("services.blocklist.onecrl.checked", 0);
yield PinningPreloadClient.maybeSync(3000, Date.now());
let newValue = Services.prefs.getIntPref("services.blocklist.pinning.checked");
do_check_neq(newValue, 0);
// Check that the HSTS preload added to the collection works...
- ok(sss.isSecureHost(sss.HEADER_HSTS, "five.example.com", 0));
+ ok(sss.isSecureURI(sss.HEADER_HSTS,
+ Services.io.newURI("https://five.example.com"), 0));
// ...and that includeSubdomains is honored
- ok(!sss.isSecureHost(sss.HEADER_HSTS, "subdomain.five.example.com", 0));
+ ok(!sss.isSecureURI(sss.HEADER_HSTS,
+ Services.io.newURI("https://subdomain.five.example.com"),
+ 0));
// Check that a sync completes even when there's bad data in the
// collection. This will throw on fail, so just calling maybeSync is an
// acceptible test (the data below with last_modified of 300 is nonsense).
Services.prefs.setCharPref("services.settings.server",
`http://localhost:${server.identity.primaryPort}/v1`);
yield PinningPreloadClient.maybeSync(5000, Date.now());
// The STS entry for five.example.com now has includeSubdomains set;
// ensure that the new includeSubdomains value is honored.
- ok(sss.isSecureHost(sss.HEADER_HSTS, "subdomain.five.example.com", 0));
+ ok(sss.isSecureURI(sss.HEADER_HSTS,
+ Services.io.newURI("https://subdomain.five.example.com"),
+ 0));
});
function run_test() {
// Ensure that signature verification is disabled to prevent interference
// with basic certificate sync tests
Services.prefs.setBoolPref("services.blocklist.signing.enforced", false);
// Set up an HTTP Server