Source code

Revision control

Other Tools

#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This file defines the locations at which this HTTP server may be accessed.
# It is referred to by the following page, so if this file moves, that page must
# be modified accordingly:
#
#
# Empty lines and lines which begin with "#" are ignored and may be used for
# storing comments. All other lines consist of an origin followed by whitespace
# and a comma-separated list of options (if indeed any options are needed).
#
# The format of an origin is, referring to RFC 2396, a scheme (either "http" or
# "https"), followed by "://", followed by a host, followed by ":", followed by
# a port number. The colon and port number must be present even if the port
# number is the default for the protocol.
#
# Unrecognized options are ignored. Recognized options are "primary" and
# "privileged", "nocert", "cert=some_cert_nickname", "redir=hostname" and
# "failHandshake".
#
# "primary" denotes a location which is the canonical location of
# the server; this location is the one assumed for requests which don't
# otherwise identify a particular origin (e.g. HTTP/1.0 requests).
#
# "privileged" denotes a location which should have the ability to request
# elevated privileges; the default is no privileges.
#
# "nocert" makes sense only for https:// hosts and means there is not
# any certificate automatically generated for this host.
#
# "failHandshake" causes the tls handshake to fail (by sending a client hello to
# the client).
#
# "cert=nickname" tells the pgo server to use a particular certificate
# for this host. The certificate is referenced by its nickname that must
# not contain any spaces. The certificate key files (PKCS12 modules)
# for custom certification are loaded from build/pgo/certs
# directory. When new certificate is added to this dir pgo/ssltunnel
# must be built then. This is only necessary for cases where we really do
# want specific certs.
# You can find instructions on how to add or modify certificates at:
#
# "redir=hostname" tells the pgo server is only used for https://
# hosts while processing the CONNECT tunnel request. It responds
# to the CONNECT with a 302 and redirection to the hostname instead
# of connecting to the real back end and replying with a 200. This
# mode exists primarily to ensure we don't allow a proxy to do that.
#
#
# This is the primary location from which tests run.
#
http://mochi.test:8888 primary,privileged
#
# These are a common set of prefixes scattered across one TLD with two ports and
# another TLD on a single port.
#
http://127.0.0.1:80 privileged
http://test:80 privileged
http://noxul.example.com:80 privileged,noxul
# Used to test that clearing Service Workers for domain example.com, does not clear prefixexample.com
# The first HTTPS location is used to generate the Common Name (CN) value of the
# certificate's Issued To field.
https://nocert.example.com:443 privileged,nocert
https://self-signed.example.com:443 privileged,cert=selfsigned
https://untrusted.example.com:443 privileged,cert=untrusted
https://expired.example.com:443 privileged,cert=expired
https://requestclientcert.example.com:443 privileged,clientauth=request
https://requireclientcert.example.com:443 privileged,clientauth=require
https://requireclientcert-2.example.com:443 privileged,clientauth=require
https://mismatch.untrusted.example.com:443 privileged,cert=untrusted
https://untrusted-expired.example.com:443 privileged,cert=untrustedandexpired
https://mismatch.untrusted-expired.example.com:443 privileged,cert=untrustedandexpired
# Used for secure contexts on ip addresses, see bug 1616675. Note that
# 127.0.0.1 prompts ssltunnel.cpp to do special-cases, so we use .2
https://127.0.0.2:443 privileged,ipV4Address
# Prevent safebrowsing tests from hitting the network for its-a-trap.html and
# its-an-attack.html.
#
# These are subdomains of <ält.example.org>.
#
#
# These are subdomains of <παράδειγμα.δοκιμή>, the Greek IDN for example.test.
#
# Bug 413909 test host
https://bug413909.xn--hxajbheg2az3al.xn--jxalpdlp:443 privileged,cert=bug413909cert
#
# These hosts are used in tests which exercise privilege-granting functionality;
# we could reuse some of the names above, but specific names make it easier to
# distinguish one from the other in tests (as well as what functionality is
# being tested).
#
#
# Used while testing the url-classifier
#
#
# Used while testing TLS session ticket resumption for third-party trackers (bug 1500533)
# (DO NOT USE THIS HOST IN OTHER TESTS!)
#
#
# Used while testing flash blocking (Bug 1307604)
#
#
# Used while testing tracking protection (Bug 1580416)
# Not that apps.fbsbx.com is a public suffix
#
#
# Flash usage can fail unless this URL exists
#
http://bug1281083.example.com:80
# Bug 483437, 484111
https://www.bank1.com:443 privileged,cert=escapeattack1
#
# CONNECT for redirproxy results in a 302 redirect to
# test1.example.com
#
https://redirproxy.example.com:443 privileged,redir=test1.example.com
# Host used for IndexedDB Quota testing
http://bug704464-1.example.com:80 privileged
http://bug704464-2.example.com:80 privileged
http://bug704464-3.example.com:80 privileged
http://bug702292.example.com:80 privileged
# W3C hosts.
# HTTPS versions of the above
# Hosts for testing TLD-based fallback encoding
# Host for HPKP
# Host for static pin tests
https://fail-handshake.example.com:443 privileged,failHandshake
# Host for bad cert domain fixup test
https://badcertdomain.example.com:443 privileged,cert=badCertDomain
https://www.badcertdomain.example.com:443 privileged,cert=badCertDomain
https://127.0.0.3:433 privileged,cert=badCertDomain
https://badcertdomain.example.com:82 privileged,cert=badCertDomain
https://mismatch.badcertdomain.example.com:443 privileged,cert=badCertDomain
# Hosts for sha1 console warning tests
https://sha1ee.example.com:443 privileged,cert=sha1_end_entity
https://sha256ee.example.com:443 privileged,cert=sha256_end_entity
# Hosts for imminent distrust warning tests
https://imminently-distrusted.example.com:443 privileged,cert=imminently_distrusted
# Hosts for ssl3/rc4/tls1 warning tests
https://ssl3rc4.example.com:443 privileged,ssl3,rc4
https://tls11.example.com:443 privileged,tls1_1
https://tls12.example.com:443 privileged,tls1_2
https://tls13.example.com:443 privileged,tls1,tls1_3
# Hosts for youtube rewrite tests
# Host for U2F localhost tests
http://localhost:80 privileged
# Host for testing APIs whitelisted for mozilla.org
# local-IP origins for password manager tests (Bug 1582499)
http://10.0.0.0:80 privileged