Bug 1282279 - Tests that make sure user certificates are Origin Attribute aware. r=baku
--- a/browser/components/originattributes/test/browser/browser.ini
+++ b/browser/components/originattributes/test/browser/browser.ini
@@ -56,8 +56,9 @@ support-files =
[browser_favicon_firstParty.js]
[browser_favicon_userContextId.js]
[browser_firstPartyIsolation.js]
[browser_localStorageIsolation.js]
[browser_blobURLIsolation.js]
[browser_imageCacheIsolation.js]
[browser_sharedworker.js]
[browser_httpauth.js]
+[browser_clientAuth.js]
new file mode 100644
--- /dev/null
+++ b/browser/components/originattributes/test/browser/browser_clientAuth.js
@@ -0,0 +1,44 @@
+let certCached = true;
+let secondTabStarted = false;
+
+function onCertDialogLoaded(subject) {
+ certCached = false;
+ // Click OK.
+ subject.acceptDialog();
+}
+
+Services.obs.addObserver(onCertDialogLoaded, "cert-dialog-loaded", false);
+
+registerCleanupFunction(() => {
+ Services.obs.removeObserver(onCertDialogLoaded, "cert-dialog-loaded");
+});
+
+function* setup() {
+ yield SpecialPowers.pushPrefEnv({
+ set: [["security.default_personal_cert", "Ask Every Time"]]
+ });
+}
+
+function getResult() {
+ // The first tab always returns true.
+ if (!secondTabStarted) {
+ certCached = true;
+ secondTabStarted = true;
+ return true;
+ }
+
+ // The second tab returns true if the cert is cached, so it will be different
+ // from the result of the first tab, and considered isolated.
+ let ret = certCached;
+ certCached = true;
+ secondTabStarted = false;
+ return ret;
+}
+
+// aGetResultImmediately must be true because we need to get the result before
+// the next tab is opened.
+IsolationTestTools.runTests("https://requireclientcert.example.com",
+ getResult,
+ null, // aCompareResultFunc
+ setup, // aBeginFunc
+ true); // aGetResultImmediately
--- a/browser/components/originattributes/test/browser/head.js
+++ b/browser/components/originattributes/test/browser/head.js
@@ -270,18 +270,21 @@ this.IsolationTestTools = {
* An optional function which allows modifying the way how does framework
* check results. This function will be provided a boolean to indicate
* the isolation is no or off and two results. This function should return
* a boolean to tell that whether isolation is working. If this function
* is not given, the framework will take case checking by itself.
* @param aBeforeFunc
* An optional function which is called before any tabs are created so
* that the test case can set up/reset local state.
+ * @param aGetResultImmediately
+ * An optional boolean to ensure we get results before the next tab is opened.
*/
- runTests(aURL, aGetResultFuncs, aCompareResultFunc, aBeforeFunc) {
+ runTests(aURL, aGetResultFuncs, aCompareResultFunc, aBeforeFunc,
+ aGetResultImmediately) {
let pageURL;
let firstFrameSetting;
let secondFrameSetting;
// Request a longer timeout since the test will run a test for three times
// with different settings. Thus, one test here represents three tests.
// For this reason, we triple the timeout.
requestLongerTimeout(3);
@@ -312,24 +315,31 @@ this.IsolationTestTools = {
yield aBeforeFunc(aMode);
}
// Create Tabs.
let tabInfoA = yield IsolationTestTools._addTab(aMode,
pageURL,
tabSettings[tabSettingA],
firstFrameSetting);
+ let resultsA = [];
+ if (aGetResultImmediately) {
+ for (let getResultFunc of aGetResultFuncs) {
+ resultsA.push(yield getResultFunc(tabInfoA.browser));
+ }
+ }
let tabInfoB = yield IsolationTestTools._addTab(aMode,
pageURL,
tabSettings[tabSettingB],
secondFrameSetting);
-
+ let i = 0;
for (let getResultFunc of aGetResultFuncs) {
// Fetch results from tabs.
- let resultA = yield getResultFunc(tabInfoA.browser);
+ let resultA = aGetResultImmediately ? resultsA[i++] :
+ yield getResultFunc(tabInfoA.browser);
let resultB = yield getResultFunc(tabInfoB.browser);
// Compare results.
let result = false;
let shouldIsolate = (aMode !== TEST_MODE_NO_ISOLATION) &&
tabSettingA !== tabSettingB;
if (aCompareResultFunc) {
result = yield aCompareResultFunc(shouldIsolate, resultA, resultB);
--- a/security/manager/pki/resources/content/clientauthask.js
+++ b/security/manager/pki/resources/content/clientauthask.js
@@ -94,16 +94,19 @@ function onLoad() {
menuItemNode.setAttribute("label", nickAndSerial); // This is displayed.
selectElement.firstChild.appendChild(menuItemNode);
if (i == 0) {
selectElement.selectedItem = menuItemNode;
}
}
setDetails();
+
+ Services.obs.notifyObservers(document.getElementById("certAuthAsk"),
+ "cert-dialog-loaded", null);
}
/**
* Populates the details section with information concerning the selected cert.
*/
function setDetails() {
let index = parseInt(document.getElementById("nicknames").value);
let cert = certArray.queryElementAt(index, Ci.nsIX509Cert);