Mercurial > mozreview > gecko / changeset / 515fb7c1015a558d91b32937e9c8f0aea85baab6
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1265207 - Enable ESLint "var-only-at-top-level" rule for PSM tests. draft
authorCykesiopka <cykesiopka.bmo@gmail.com>
Mon, 09 May 2016 18:04:14 -0700
changeset 365083 515fb7c1015a558d91b32937e9c8f0aea85baab6
parent 365006 a07fa49c4b0f7e92b1a832655414fe4581479e82
child 520448 57f4f3a21dfa8be403070f2912cc844f41524f12
push id17627
push usercykesiopka.bmo@gmail.com
push dateTue, 10 May 2016 01:04:40 +0000
bugs1265207
milestone49.0a1
Bug 1265207 - Enable ESLint "var-only-at-top-level" rule for PSM tests. |let| is generally preferred over |var| in PSM JS. MozReview-Commit-ID: 7SJWQSKFxI4
security/manager/ssl/tests/.eslintrc.json file | annotate | diff | comparison | revisions
security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html file | annotate | diff | comparison | revisions
security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html file | annotate | diff | comparison | revisions
security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html file | annotate | diff | comparison | revisions
security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html file | annotate | diff | comparison | revisions
security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html file | annotate | diff | comparison | revisions
security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html file | annotate | diff | comparison | revisions
security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/sss_readstate_child_worker.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/test_add_preexisting_cert.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/test_cert_blocklist.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/test_datasignatureverifier.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/test_ev_certs.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/test_hash_algorithms.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/test_signed_apps.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/test_sss_readstate_child.js file | annotate | diff | comparison | revisions
security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js file | annotate | diff | comparison | revisions 
new file mode 100644
--- /dev/null
+++ b/security/manager/ssl/tests/.eslintrc.json
@@ -0,0 +1,6 @@
+{
+  "rules": {
+    // Disallow non-top level |var| declarations.
+    "mozilla/var-only-at-top-level": 2
+  }
+}
--- a/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/mixedContentTest.js
@@ -140,39 +140,36 @@ function is(a, b, message)
 }
 
 function isSecurityState(expectedState, message, test)
 {
   if (!test) {
     test = ok;
   }
 
-  // Quit nasty but working :)
-  var ui = SpecialPowers.wrap(window)
+  let ui = SpecialPowers.wrap(window)
     .QueryInterface(SpecialPowers.Ci.nsIInterfaceRequestor)
     .getInterface(SpecialPowers.Ci.nsIWebNavigation)
     .QueryInterface(SpecialPowers.Ci.nsIDocShell)
     .securityUI;
 
-  var isInsecure = !ui ||
+  let isInsecure = !ui ||
     (ui.state & SpecialPowers.Ci.nsIWebProgressListener.STATE_IS_INSECURE);
-  var isBroken = ui &&
+  let isBroken = ui &&
     (ui.state & SpecialPowers.Ci.nsIWebProgressListener.STATE_IS_BROKEN);
-  var isEV = ui &&
+  let isEV = ui &&
     (ui.state & SpecialPowers.Ci.nsIWebProgressListener.STATE_IDENTITY_EV_TOPLEVEL);
 
-  var gotState;
+  let gotState = "secure";
   if (isInsecure) {
     gotState = "insecure";
   } else if (isBroken) {
     gotState = "broken";
   } else if (isEV) {
     gotState = "EV";
-  } else {
-    gotState = "secure";
   }
 
   test(gotState == expectedState, (message || "") + ", " + "expected " + expectedState + " got " + gotState);
 
   switch (expectedState) {
     case "insecure":
       test(isInsecure && !isBroken && !isEV, "for 'insecure' excpected flags [1,0,0], " + (message || ""));
       break;
@@ -187,19 +184,18 @@ function isSecurityState(expectedState, 
       break;
     default:
       throw new Error("Invalid isSecurityState state");
   }
 }
 
 function waitForSecurityState(expectedState, callback)
 {
-  var roundsLeft = 200; // Wait for 20 seconds (=200*100ms)
-  var interval =
-  window.setInterval(function() {
+  let roundsLeft = 200; // Wait for 20 seconds (=200*100ms)
+  let interval = window.setInterval(() => {
     isSecurityState(expectedState, "", isok => {
       if (isok) {
         roundsLeft = 0;
       }
     });
     if (!roundsLeft--) {
       window.clearInterval(interval);
       callback();
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug329869.html
@@ -11,17 +11,17 @@
   "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
     window.setTimeout(function () {
-      var newElement = document.createElement("script");
+      let newElement = document.createElement("script");
       newElement.src = "http://example.org/tests/security/manager/ssl/tests/" +
                        "mochitest/mixedcontent/bug329869.js";
       document.body.appendChild(newElement);
     }, 0);
   }
 
   function afterNavigationTest()
   {
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug383369.html
@@ -13,45 +13,47 @@
   "use strict";
 
   // We want to start this test from an insecure context
   loadAsInsecure = true;
   // We don't want to go through the navigation back/forward test
   bypassNavigationTest = true;
 
   function runTest() {
-    var script = SpecialPowers.loadChromeScript(function() {
+    let script = SpecialPowers.loadChromeScript(function() {
       const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
       // Force download to be w/o user assistance for our testing mime type
       const mimeSvc = Cc["@mozilla.org/mime;1"].getService(Ci.nsIMIMEService);
-      var handlerInfo = mimeSvc.getFromTypeAndExtension("application/x-auto-download", "auto");
+      let handlerInfo =
+        mimeSvc.getFromTypeAndExtension("application/x-auto-download", "auto");
       handlerInfo.preferredAction = Ci.nsIHandlerInfo.saveToDisk;
       handlerInfo.alwaysAskBeforeHandling = false;
       handlerInfo.preferredApplicationHandler = null;
 
       const handlerSvc = Cc["@mozilla.org/uriloader/handler-service;1"]
                            .getService(Ci.nsIHandlerService);
       handlerSvc.store(handlerInfo);
 
-      var dirProvider = Cc["@mozilla.org/file/directory_service;1"]
+      let dirProvider = Cc["@mozilla.org/file/directory_service;1"]
                           .getService(Ci.nsIProperties);
-      var profileDir = dirProvider.get("ProfDS", Ci.nsIFile);
+      let profileDir = dirProvider.get("ProfDS", Ci.nsIFile);
       profileDir.append("downloads");
 
-      var prefs = Cc["@mozilla.org/preferences-service;1"]
+      let prefs = Cc["@mozilla.org/preferences-service;1"]
                     .getService(Ci.nsIPrefService);
-      prefs = prefs.getBranch("browser.download.");
+      let prefBranch = prefs.getBranch("browser.download.");
 
-      prefs.setCharPref("dir", profileDir.path);
-      prefs.setBoolPref("useDownloadDir", true);
-      prefs.setIntPref("folderList", 2);
-      prefs.setBoolPref("manager.closeWhenDone", true);
-      prefs.setBoolPref("manager.showWhenStarting", false);
+      prefBranch.setCharPref("dir", profileDir.path);
+      prefBranch.setBoolPref("useDownloadDir", true);
+      prefBranch.setIntPref("folderList", 2);
+      prefBranch.setBoolPref("manager.closeWhenDone", true);
+      prefBranch.setBoolPref("manager.showWhenStarting", false);
 
-      var Downloads = Cu.import("resource://gre/modules/Downloads.jsm").Downloads;
+      const { Downloads } =
+        Cu.import("resource://gre/modules/Downloads.jsm", {});
       Downloads.getList(Downloads.PUBLIC).then(list => {
         list.addView({
           onDownloadAdded: function (aDownload) {
             list.removeView(this);
             aDownload.whenSucceeded().then(() => {
               list.removeFinished();
               sendAsyncMessage("navigate", "bug383369step2.html");
             });
@@ -66,31 +68,32 @@
   }
 
   function afterNavigationTest() {}
 
   testCleanUp = function cleanup() {
     SpecialPowers.loadChromeScript(function() {
       const { classes: Cc, interfaces: Ci } = Components;
       const mimeSvc = Cc["@mozilla.org/mime;1"].getService(Ci.nsIMIMEService);
-      var handlerInfo = mimeSvc.getFromTypeAndExtension("application/x-auto-download", "auto");
+      let handlerInfo =
+        mimeSvc.getFromTypeAndExtension("application/x-auto-download", "auto");
 
       const handlerSvc = Cc["@mozilla.org/uriloader/handler-service;1"]
                            .getService(Ci.nsIHandlerService);
       handlerSvc.remove(handlerInfo);
 
-      var prefs = Cc["@mozilla.org/preferences-service;1"]
+      let prefs = Cc["@mozilla.org/preferences-service;1"]
                     .getService(Ci.nsIPrefService);
-      prefs = prefs.getBranch("browser.download.");
+      let prefBranch = prefs.getBranch("browser.download.");
 
-      var prefKeys = ["dir", "useDownloadDir", "folderList",
-                      "manager.closeWhenDone", "manager.showWhenStarting"];
+      const prefKeys = ["dir", "useDownloadDir", "folderList",
+                        "manager.closeWhenDone", "manager.showWhenStarting"];
       for (let prefKey of prefKeys) {
-        if (prefs.prefHasUserValue(prefKey)) {
-          prefs.clearUserPref(prefKey);
+        if (prefBranch.prefHasUserValue(prefKey)) {
+          prefBranch.clearUserPref(prefKey);
         }
       }
     });
   };
 
   </script>
 </head>
 
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_bug472986.html
@@ -16,17 +16,17 @@
 
   SimpleTest.expectAssertions(0, 4);
 
   // Clear the default onload assigned to test start because we must
   // wait for replaced image to load and only after that test the security state
   var onLoadFunction = window.onload;
   window.onload = function()
   {
-    var img1 = document.getElementById("img1");
+    let img1 = document.getElementById("img1");
     img1.addEventListener("load", onLoadFunction, false);
     img1.src = "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/moonsurface.jpg";
   };
 
   function runTest()
   {
     isSecurityState("secure", "secure");
     finish();
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynDelayedUnsecureXHR.html
@@ -16,17 +16,17 @@
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
     window.setTimeout(() => {
       try {
-        var req = new XMLHttpRequest();
+        let req = new XMLHttpRequest();
         req.open("GET", "http://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/alloworigin.sjs", false);
         req.send(null);
 
         // Change should be immediate, the request was sent synchronously
         isSecurityState("broken", "security broken after insecure XHR");
       } catch (ex) {
         ok(false, ex);
       }
--- a/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html
+++ b/security/manager/ssl/tests/mochitest/mixedcontent/test_dynUnsecureIframeRedirect.html
@@ -14,18 +14,18 @@
   /* import-globals-from mixedContentTest.js */
   "use strict";
 
   hasMixedActiveContent = true;
 
   function runTest()
   {
     isSecurityState("secure");
-    var self = window;
-    var iframe = document.getElementById("iframe1");
+    let self = window;
+    let iframe = document.getElementById("iframe1");
     iframe.onload = function() {
       self.isSecurityState("broken", "src='redirect to unsecure' changed to broken");
       self.finish();
     };
 
     iframe.src =
       "https://example.com/tests/security/manager/ssl/tests/mochitest/mixedcontent/iframeunsecredirect.sjs";
   }
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_stricttransportsecurity.html
@@ -31,17 +31,17 @@
       {'url':     "http://example.org" + STSPATH + "/verify.sjs",
         'expected': {'plain': 'INSECURE', 'subdom': 'INSECURE'}},
     'alreadysecure':
       {'url':     "https://test2.example.com" + STSPATH + "/verify.sjs",
         'expected': {'plain': 'SECURE', 'subdom': 'SECURE'}},
   };
 
   function startRound(round) {
-    var frame = document.createElement("iframe");
+    let frame = document.createElement("iframe");
     frame.setAttribute('id', 'ifr_bootstrap');
     frame.setAttribute('src', "https://example.com" + STSPATH + "/" + round + "_bootstrap.html");
     document.body.appendChild(frame);
   }
 
   function endRound(round) {
     // remove all the iframes in the document
     document.body.removeChild(document.getElementById('ifr_bootstrap'));
@@ -49,40 +49,38 @@
       document.body.removeChild(document.getElementById('ifr_' + test));
     }
 
     // clean up the STS state
     SpecialPowers.cleanUpSTSData("http://example.com");
   }
 
   function loadVerifyFrames(round) {
-    for (var test in testframes) {
-      var frame = document.createElement("iframe");
+    for (let test in testframes) {
+      let frame = document.createElement("iframe");
       frame.setAttribute('id', 'ifr_' + test);
       frame.setAttribute('src', testframes[test].url + '?id=' + test);
       document.body.appendChild(frame);
     }
   }
 
   /* Messages received are in this format:
    *  (BOOTSTRAP|SECURE|INSECURE) testid
    * For example: "BOOTSTRAP plain"
    *          or: "INSECURE otherdom"
    */
   function onMessageReceived(event) {
-
-    // otherwise, it's a test result
-    var result = event.data.split(/\s+/);
+    let result = event.data.split(/\s+/);
     if (result.length != 2) {
       SimpleTest.ok(false, event.data);
       return;
     }
 
     // figure out which round of tests we're in
-    var round = (roundsLeft == 2) ? 'plain' : 'subdom';
+    let round = (roundsLeft == 2) ? "plain" : "subdom";
 
     if (result[0] === "BOOTSTRAP") {
       loadVerifyFrames(round);
       return;
     }
 
     // check if the result (SECURE/INSECURE) is expected for this round/test combo
     SimpleTest.is(result[0], testframes[result[1]].expected[round],
--- a/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
+++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/test_sts_privatebrowsing_perwindowpb.html
@@ -8,16 +8,18 @@
   <title>opens additional content that should be converted to https</title>
   <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
   <link rel="stylesheet" type="text/css"
         href="chrome://mochikit/content/tests/SimpleTest/test.css"/>
 
   <script class="testbody" type="text/javascript">
   "use strict";
 
+  // We define |content| as a global as a hack to prevent use of |content|
+  // inside a ContentTask tripping ESLint no-undef checks.
   /* global content */
 
   SimpleTest.waitForExplicitFinish();
 
   const Cc = Components.classes;
   const Ci = Components.interfaces;
   const Cu = Components.utils;
   const STSPATH = "/tests/security/manager/ssl/tests/mochitest/stricttransportsecurity";
@@ -69,17 +71,17 @@
       if (aWindow == aSubject) {
         SpecialPowers.Services.obs.removeObserver(observer, aTopic);
         SimpleTest.executeSoon(aCallback);
       }
     }, "browser-delayed-startup-finished", false);
   }
 
   function testOnWindow(aIsPrivate, aCallback) {
-    var win = mainWindow.OpenBrowserWindow({private: aIsPrivate});
+    let win = mainWindow.OpenBrowserWindow({private: aIsPrivate});
 
     Task.spawn(function* () {
       yield new Promise(resolve => whenDelayedStartupFinished(win, resolve));
 
       let browser = win.gBrowser.selectedBrowser;
       yield BrowserTestUtils.loadURI(browser, CONTENT_PAGE);
       yield BrowserTestUtils.browserLoaded(browser);
 
@@ -151,18 +153,17 @@
 
   /**
    * Messages received are in this format:
    *  (BOOTSTRAP|SECURE|INSECURE) testid
    * For example: "BOOTSTRAP subdom"
    *          or: "INSECURE otherdom"
    */
   function onMessageReceived(win, isPrivate, data) {
-    // otherwise, it's a test result
-    var result = data.split(/\s+/);
+    let result = data.split(/\s+/);
     if (result.length != 2) {
       SimpleTest.ok(false, data);
       return;
     }
 
     if (result[0] === "BOOTSTRAP") {
       loadVerifyFrames(win, isPrivate, currentround);
       return;
@@ -231,19 +232,18 @@
     // erase all signs that this test ran.
     SimpleTest.info("Cleaning up STS data");
     let flags = isPrivate ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
     SpecialPowers.cleanUpSTSData("http://example.com", flags);
     dump_STSState(isPrivate);
   }
 
   function dump_STSState(isPrivate) {
-    var sss =
-      Cc["@mozilla.org/ssservice;1"].
-        getService(Ci.nsISiteSecurityService);
+    let sss = Cc["@mozilla.org/ssservice;1"]
+                .getService(Ci.nsISiteSecurityService);
     let flags = isPrivate ? Ci.nsISocketProvider.NO_PERMANENT_STORAGE : 0;
     SimpleTest.info("State of example.com: " + sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "example.com", flags));
   }
 
   // These are executed in the order presented.
   // 0.  test that STS works before entering private browsing mode.
   //     (load sts-bootstrapped "plain" tests)
   //  ... clear any STS data ...
--- a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
+++ b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
@@ -1,13 +1,13 @@
 /* import-globals-from head_psm.js */
 "use strict";
 
 function run_test() {
-  var SSService = Cc["@mozilla.org/ssservice;1"]
+  let SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
 
   ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                              "expired.example.com", 0));
   ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                             "notexpired.example.com", 0));
   ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                             "bugzilla.mozilla.org", 0));
--- a/security/manager/ssl/tests/unit/test_add_preexisting_cert.js
+++ b/security/manager/ssl/tests/unit/test_add_preexisting_cert.js
@@ -12,25 +12,22 @@ do_get_profile();
 var certDB = Cc["@mozilla.org/security/x509certdb;1"]
                .getService(Ci.nsIX509CertDB);
 
 function load_cert(cert, trust) {
   let file = "test_intermediate_basic_usage_constraints/" + cert + ".pem";
   addCertFromFile(certDB, file, trust);
 }
 
-function getDERString(cert)
-{
-  var length = {};
-  var cert_der = cert.getRawDER(length);
-  var cert_der_string = '';
-  for (var i = 0; i < cert_der.length; i++) {
-    cert_der_string += String.fromCharCode(cert_der[i]);
+function getDERString(cert) {
+  let derString = "";
+  for (let rawByte of cert.getRawDER({})) {
+    derString += String.fromCharCode(rawByte);
   }
-  return cert_der_string;
+  return derString;
 }
 
 function run_test() {
   load_cert("ca", "CTu,CTu,CTu");
   load_cert("int-limited-depth", "CTu,CTu,CTu");
   let file = "test_intermediate_basic_usage_constraints/ee-int-limited-depth.pem";
   let cert_pem = readFile(do_get_file(file));
   let ee = certDB.constructX509FromBase64(pemToBase64(cert_pem));
--- a/security/manager/ssl/tests/unit/test_cert_blocklist.js
+++ b/security/manager/ssl/tests/unit/test_cert_blocklist.js
@@ -192,19 +192,19 @@ function check_revocations_txt_contents(
   ok(revocations.exists(), "the revocations file should exist");
   let inputStream = Cc["@mozilla.org/network/file-input-stream;1"]
                       .createInstance(Ci.nsIFileInputStream);
   inputStream.init(revocations, -1, -1, 0);
   inputStream.QueryInterface(Ci.nsILineInputStream);
   let contents = "";
   let hasmore = false;
   do {
-    var line = {};
+    let line = {};
     hasmore = inputStream.readLine(line);
-    contents = contents + (contents.length == 0 ? "" : "\n") + line.value;
+    contents += (contents.length == 0 ? "" : "\n") + line.value;
   } while (hasmore);
   equal(contents, expected, "revocations.txt should be as expected");
 }
 
 function run_test() {
   // import the certificates we need
   load_cert("test-ca", "CTu,CTu,CTu");
   load_cert("test-int", ",,");
--- a/security/manager/ssl/tests/unit/test_datasignatureverifier.js
+++ b/security/manager/ssl/tests/unit/test_datasignatureverifier.js
@@ -1,33 +1,33 @@
 "use strict";
 
-var keys = [
+const keys = [
 // RSA key
 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDK426erD/H3XtsjvaB5+PJqbhj" +
 "Zc9EDI5OCJS8R3FIObJ9ZHJK1TXeaE7JWqt9WUmBWTEFvwS+FI9vWu8058N9CHhD" +
 "NyeP6i4LuUYjTURnn7Yw/IgzyIJ2oKsYa32RuxAyteqAWqPT/J63wBixIeCxmysf" +
 "awB/zH4KaPiY3vnrzQIDAQAB",
 
 // RSA key
 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHe69VsjNCwnGF9YGZLgnobp3D" +
 "c1KgWzpbT+f12vVKkV3YBpA9KMVMy6wpxlDjvLJjfp/0HvaH7aaz/7kgxZw70Y60" +
 "LaJtkAcl1ZVAxS2lQKRTAzZ0RhoTSI1xVqGTjiQakgVdUeghtnqqwp5o1inZv3Qh" +
 "nUOMNPyAV8zGt+ZQHQIDAQAB",
 
 // Invalid key data ("foobar" base 64 encoded)
 "Zm9vYmFy"
 ];
 
-var data = [
+const data = [
 "Test data for data signature verifier",
 "The quick brown fox jumps over the lazy dog..."
 ];
 
-var signatures = [
+const signatures = [
 // Key 0, Data 0, MD2 hash algorithm
 "MIGTMA0GCSqGSIb3DQEBAgUAA4GBALe3hO76UCpI8b1/oJUCIPmC6AbnMAMlAqo7" +
 "pc3TaWmU9wISWmXSrwNmr/QQNjWDn4nzQn8/K/Ac+tszaXib6fVLKA1a6e+/E0qE" +
 "OIKFwUiDWCkGDgxM8aYiTgoSZub/5rokgse+ivuCRSVTv9mSxRzKwj+Cvp1EjKCT" +
 "iIl3nnTh",
 
 // Key 0, Data 0, MD5 hash algorithm
 "MIGTMA0GCSqGSIb3DQEBBAUAA4GBAGGb2QkA8LcA+QZj1SoVFmMpVTd9P5Ac0Rjb" +
@@ -118,17 +118,17 @@ var signatures = [
 "OMM7P2d/jgOP+ICKIpxqaSE0CbkLiegUiidIOWvFqDxQJWlAAukDUWISGFfJMFxX" +
 "3jzJ0bBfeNY/1Qo8jMQopcNco/NlNgoSKAUOBtk31aFgNoVC3kWUk6pO97KEiJ+e" +
 "bQp9Z2/M",
 
 // Invalid signature data ("foobar" base 64 encoded)
 "Zm9vYmFy"
 ];
 
-var tests = [
+const tests = [
 // Data   Signature  Key   Expected   Throws
 // Pass cases
   [0,     0,         0,    true,      false], //0
   [0,     1,         0,    true,      false], //1
   [0,     2,         0,    true,      false], //2
   [0,     3,         0,    true,      false], //3
   [0,     4,         0,    true,      false], //4
   [0,     5,         0,    true,      false], //5
@@ -167,27 +167,27 @@ var tests = [
 // Invalid data cases
   [0,     0,         2,    false,     true],  //36
   [0,     1,         2,    false,     true],  //37
   [0,     16,        0,    false,     true],  //38
   [1,     16,        0,    false,     true],  //39
 ];
 
 function run_test() {
-  var verifier = Cc["@mozilla.org/security/datasignatureverifier;1"].
-                 createInstance(Ci.nsIDataSignatureVerifier);
+  let verifier = Cc["@mozilla.org/security/datasignatureverifier;1"]
+                   .createInstance(Ci.nsIDataSignatureVerifier);
 
-  for (var t = 0; t < tests.length; t++) {
-    let testShouldThrow = tests[t][4];
-    try {
-      var result = verifier.verifyData(data[tests[t][0]],
-                                       signatures[tests[t][1]],
-                                       keys[tests[t][2]]);
-      ok(!testShouldThrow,
-         `Test ${t} should reach here only if not expected to throw`);
-      equal(result, tests[t][3],
-            `Actual and expected result should match for test ${t}`);
-    }
-    catch (e) {
-      ok(testShouldThrow, `Test ${t} should throw only if expected to: ${e}`);
+  for (let testCase of tests) {
+    let testShouldThrow = testCase[4];
+    if (testShouldThrow) {
+      throws(() => {
+        verifier.verifyData(data[testCase[0]], signatures[testCase[1]],
+                            keys[testCase[2]]);
+      }, /NS_ERROR_FAILURE/, `Test "${testCase}" should throw`);
+    } else {
+      let result = verifier.verifyData(data[testCase[0]],
+                                       signatures[testCase[1]],
+                                       keys[testCase[2]]);
+      equal(result, testCase[3],
+            `Actual and expected result should match for test "${testCase}"`);
     }
   }
 }
--- a/security/manager/ssl/tests/unit/test_ev_certs.js
+++ b/security/manager/ssl/tests/unit/test_ev_certs.js
@@ -23,18 +23,17 @@ var certList = [
                       // but that contains a valid CRLDP.
 
   // Testing a root that looks like EV but is not EV enabled
   'int-non-ev-root',
   'non-ev-root',
 ];
 
 function load_ca(ca_name) {
-  var ca_filename = ca_name + ".pem";
-  addCertFromFile(certdb, "test_ev_certs/" + ca_filename, 'CTu,CTu,CTu');
+  addCertFromFile(certdb, `test_ev_certs/${ca_name}.pem`, "CTu,CTu,CTu");
 }
 
 const SERVER_PORT = 8888;
 
 function failingOCSPResponder() {
   return getFailingHttpServer(SERVER_PORT,
                               ["www.example.com", "crl.example.com"]);
 }
--- a/security/manager/ssl/tests/unit/test_hash_algorithms.js
+++ b/security/manager/ssl/tests/unit/test_hash_algorithms.js
@@ -1,23 +1,15 @@
 "use strict";
 
-var ScriptableUnicodeConverter =
-  Components.Constructor("@mozilla.org/intl/scriptableunicodeconverter",
-                         "nsIScriptableUnicodeConverter");
-var CryptoHash =
-  Components.Constructor("@mozilla.org/security/hash;1",
-                         "nsICryptoHash",
-                         "initWithString");
-
-var messages = [
+const messages = [
   "The quick brown fox jumps over the lazy dog",
   ""
 ];
-var hashes = {
+const hashes = {
   md2: [
     "03d85a0d629d2c442e987525319fc471",
     "8350e5a3e24c153df2275c9f80692773"
   ],
   md5: [
     "9e107d9d372bb6826bd81d3542a419d6",
     "d41d8cd98f00b204e9800998ecf8427e"
   ],
@@ -44,42 +36,43 @@ function hexdigest(data) {
   //
   // Therefore, if the Unicode value is < 10, we have a single-character hex
   // string when we want one that's two characters, and unconditionally
   // prepending a "0" solves the problem.
   return Array.from(data, (c, i) => ("0" + data.charCodeAt(i).toString(16)).slice(-2)).join("");
 }
 
 function doHash(algo, value, cmp) {
-  var converter = new ScriptableUnicodeConverter();
-  var hash = new CryptoHash(algo);
+  let hash = Cc["@mozilla.org/security/hash;1"].createInstance(Ci.nsICryptoHash);
+  hash.initWithString(algo);
 
+  let converter = Cc["@mozilla.org/intl/scriptableunicodeconverter"]
+                    .createInstance(Ci.nsIScriptableUnicodeConverter);
   converter.charset = 'utf8';
   value = converter.convertToByteArray(value);
   hash.update(value, value.length);
-  var hash1 = hexdigest(hash.finish(false));
-  equal(hash1, cmp,
+  equal(hexdigest(hash.finish(false)), cmp,
         `Actual and expected hash for ${algo} should match`);
 
   hash.initWithString(algo);
   hash.update(value, value.length);
-  var hash2 = hexdigest(hash.finish(false));
-  equal(hash2, cmp,
+  equal(hexdigest(hash.finish(false)), cmp,
         `Actual and expected hash for ${algo} should match after re-init`);
 }
 
 function doHashStream(algo, value, cmp) {
-  var converter = new ScriptableUnicodeConverter();
-  var hash = new CryptoHash(algo);
+  let hash = Cc["@mozilla.org/security/hash;1"].createInstance(Ci.nsICryptoHash);
+  hash.initWithString(algo);
 
+  let converter = Cc["@mozilla.org/intl/scriptableunicodeconverter"]
+                    .createInstance(Ci.nsIScriptableUnicodeConverter);
   converter.charset = 'utf8';
-  var stream = converter.convertToInputStream(value);
+  let stream = converter.convertToInputStream(value);
   hash.updateFromStream(stream, stream.available());
-  hash = hexdigest(hash.finish(false));
-  equal(hash, cmp,
+  equal(hexdigest(hash.finish(false)), cmp,
         `Actual and expected hash for ${algo} should match updating from stream`);
 }
 
 function run_test() {
   for (let algo in hashes) {
     hashes[algo].forEach(
       function(e, i) {
         doHash(algo, messages[i], e);
--- a/security/manager/ssl/tests/unit/test_signed_apps.js
+++ b/security/manager/ssl/tests/unit/test_signed_apps.js
@@ -22,30 +22,31 @@ const PR_TRUNCATE    = 0x20;
 
 do_get_profile(); // must be called before getting nsIX509CertDB
 const certdb = Cc["@mozilla.org/security/x509certdb;1"].getService(Ci.nsIX509CertDB);
 
 // Creates a new app package based in the inFilePath package, with a set of
 // modifications (including possibly deletions) applied to the existing entries,
 // and/or a set of new entries to be included.
 function tamper(inFilePath, outFilePath, modifications, newEntries) {
-  var writer = Cc["@mozilla.org/zipwriter;1"].createInstance(Ci.nsIZipWriter);
+  let writer = Cc["@mozilla.org/zipwriter;1"].createInstance(Ci.nsIZipWriter);
   writer.open(outFilePath, PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE);
   try {
-    var reader = Cc["@mozilla.org/libjar/zip-reader;1"].createInstance(Ci.nsIZipReader);
+    let reader = Cc["@mozilla.org/libjar/zip-reader;1"]
+                   .createInstance(Ci.nsIZipReader);
     reader.open(inFilePath);
     try {
-      var entries = reader.findEntries("");
+      let entries = reader.findEntries("");
       while (entries.hasMore()) {
-        var entryName = entries.getNext();
-        var inEntry = reader.getEntry(entryName);
-        var entryInput = reader.getInputStream(entryName);
+        let entryName = entries.getNext();
+        let inEntry = reader.getEntry(entryName);
+        let entryInput = reader.getInputStream(entryName);
         try {
-          var f = modifications[entryName];
-          var outEntry, outEntryInput;
+          let f = modifications[entryName];
+          let outEntry, outEntryInput;
           if (f) {
             [outEntry, outEntryInput] = f(inEntry, entryInput);
             delete modifications[entryName];
           } else {
             [outEntry, outEntryInput] = [inEntry, entryInput];
           }
           // if f does not want the input entry to be copied to the output entry
           // at all (i.e. it wants it to be deleted), it will return null.
@@ -75,17 +76,17 @@ function tamper(inFilePath, outFilePath,
     for (let name in modifications) {
       if (modifications.hasOwnProperty(name)) {
         throw new Error("input file was missing expected entries: " + name);
       }
     }
 
     // Now, append any new entries to the end
     newEntries.forEach(function(newEntry) {
-      var sis = Cc["@mozilla.org/io/string-input-stream;1"]
+      let sis = Cc["@mozilla.org/io/string-input-stream;1"]
                   .createInstance(Ci.nsIStringInputStream);
       try {
         sis.setData(newEntry.content, newEntry.content.length);
         writer.addEntryStream(newEntry.name,
                               new Date(),
                               Ci.nsIZipWriter.COMPRESSION_BEST,
                               sis,
                               false);
@@ -101,17 +102,17 @@ function tamper(inFilePath, outFilePath,
 function removeEntry(entry, entryInput) { return [null, null]; }
 
 function truncateEntry(entry, entryInput) {
   if (entryInput.available() == 0) {
     throw new Error("Truncating already-zero length entry will result in " +
                     "identical entry.");
   }
 
-  var content = Cc["@mozilla.org/io/string-input-stream;1"]
+  let content = Cc["@mozilla.org/io/string-input-stream;1"]
                   .createInstance(Ci.nsIStringInputStream);
   content.data = "";
 
   return [entry, content];
 }
 
 function run_test() {
   run_next_test();
@@ -153,75 +154,75 @@ add_test(function () {
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("unknown_issuer_app_1"),
     check_open_result("unknown_issuer",
                       getXPCOMStatusFromNSS(SEC_ERROR_UNKNOWN_ISSUER)));
 });
 
 // Sanity check to ensure a no-op tampering gives a valid result
 add_test(function () {
-  var tampered = tampered_app_path("identity_tampering");
+  let tampered = tampered_app_path("identity_tampering");
   tamper(original_app_path("valid_app_1"), tampered, { }, []);
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, original_app_path("valid_app_1"),
     check_open_result("identity_tampering", Cr.NS_OK));
 });
 
 add_test(function () {
-  var tampered = tampered_app_path("missing_rsa");
+  let tampered = tampered_app_path("missing_rsa");
   tamper(original_app_path("valid_app_1"), tampered, { "META-INF/A.RSA": removeEntry }, []);
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, tampered,
     check_open_result("missing_rsa", Cr.NS_ERROR_SIGNED_JAR_NOT_SIGNED));
 });
 
 add_test(function () {
-  var tampered = tampered_app_path("missing_sf");
+  let tampered = tampered_app_path("missing_sf");
   tamper(original_app_path("valid_app_1"), tampered, { "META-INF/A.SF": removeEntry }, []);
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, tampered,
     check_open_result("missing_sf", Cr.NS_ERROR_SIGNED_JAR_MANIFEST_INVALID));
 });
 
 add_test(function () {
-  var tampered = tampered_app_path("missing_manifest_mf");
+  let tampered = tampered_app_path("missing_manifest_mf");
   tamper(original_app_path("valid_app_1"), tampered, { "META-INF/MANIFEST.MF": removeEntry }, []);
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, tampered,
     check_open_result("missing_manifest_mf",
                       Cr.NS_ERROR_SIGNED_JAR_MANIFEST_INVALID));
 });
 
 add_test(function () {
-  var tampered = tampered_app_path("missing_entry");
+  let tampered = tampered_app_path("missing_entry");
   tamper(original_app_path("valid_app_1"), tampered, { "manifest.webapp": removeEntry }, []);
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, tampered,
     check_open_result("missing_entry", Cr.NS_ERROR_SIGNED_JAR_ENTRY_MISSING));
 });
 
 add_test(function () {
-  var tampered = tampered_app_path("truncated_entry");
+  let tampered = tampered_app_path("truncated_entry");
   tamper(original_app_path("valid_app_1"), tampered, { "manifest.webapp": truncateEntry }, []);
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, tampered,
     check_open_result("truncated_entry", Cr.NS_ERROR_SIGNED_JAR_MODIFIED_ENTRY));
 });
 
 add_test(function () {
-  var tampered = tampered_app_path("unsigned_entry");
+  let tampered = tampered_app_path("unsigned_entry");
   tamper(original_app_path("valid_app_1"), tampered, {},
     [ { "name": "unsigned.txt", "content": "unsigned content!" } ]);
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, tampered,
     check_open_result("unsigned_entry", Cr.NS_ERROR_SIGNED_JAR_UNSIGNED_ENTRY));
 });
 
 add_test(function () {
-  var tampered = tampered_app_path("unsigned_metainf_entry");
+  let tampered = tampered_app_path("unsigned_metainf_entry");
   tamper(original_app_path("valid_app_1"), tampered, {},
     [ { name: "META-INF/unsigned.txt", content: "unsigned content!" } ]);
   certdb.openSignedAppFileAsync(
     Ci.nsIX509CertDB.AppXPCShellRoot, tampered,
     check_open_result("unsigned_metainf_entry",
                       Cr.NS_ERROR_SIGNED_JAR_UNSIGNED_ENTRY));
 });
 
--- a/security/manager/ssl/tests/unit/test_sss_readstate_child.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_child.js
@@ -30,12 +30,12 @@ function run_test() {
   // This overrides an entry on the preload list.
   writeLine("bugzilla.mozilla.org:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
   writeLine("incsubdomain.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,1\n", outputStream);
   // This overrides an entry on the preload list.
   writeLine("login.persona.org:HSTS\t0\t0\t0,2,0\n", outputStream);
   outputStream.close();
   Services.obs.addObserver(start_test_in_child, "data-storage-ready", false);
   do_test_pending();
-  var SSService = Cc["@mozilla.org/ssservice;1"]
+  let SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
   notEqual(SSService, null);
 }
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
@@ -65,17 +65,17 @@ function test_part1() {
                               "subdomain.www.torproject.org", 0));
 
   // check that a host with a dot on the end won't break anything
   ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                               "notsts.nonexistent.mozilla.com.", 0));
 
   // check that processing a header with max-age: 0 will remove a preloaded
   // site from the list
-  var uri = Services.io.newURI("http://bugzilla.mozilla.org", null, null);
+  let uri = Services.io.newURI("http://bugzilla.mozilla.org", null, null);
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=0", sslStatus, 0);
   ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                               "bugzilla.mozilla.org", 0));
   ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                               "subdomain.bugzilla.mozilla.org", 0));
   // check that processing another header (with max-age non-zero) will
   // re-enable a site's sts status
@@ -156,17 +156,17 @@ const IS_PRIVATE = Ci.nsISocketProvider.
 function test_private_browsing1() {
   gSSService.clearAll();
   // sanity - bugzilla.mozilla.org is preloaded, includeSubdomains set
   ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                              "bugzilla.mozilla.org", IS_PRIVATE));
   ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                              "a.b.c.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
 
-  var uri = Services.io.newURI("http://bugzilla.mozilla.org", null, null);
+  let uri = Services.io.newURI("http://bugzilla.mozilla.org", null, null);
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=0", sslStatus, IS_PRIVATE);
   ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                               "bugzilla.mozilla.org", IS_PRIVATE));
   ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                               "a.b.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
 
   // check adding it back in
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:58Z.