Source code

Revision control

Copy as Markdown

Other Tools

Test Info:

<!DOCTYPE HTML>
<html>
<!--
Test that 302 redirect requests get upgraded to https:// with HTTPS-First Mode enabled
-->
<head>
<title>HTTPS-FirstMode - Redirect Upgrade</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<h1>HTTPS-First Mode</h1>
<p>Upgrade Test for insecure redirects.</p>
<script class="testbody" type="text/javascript">
"use strict";
const redirectCodes = ["301", "302","303","307"];
let currentTest = 0;
let testWin;
window.addEventListener("message", receiveMessage);
// Receive message and verify that it is from an https site.
// When the message is 'secure' then it was send by an https site.
async function receiveMessage(event) {
let data = event.data;
let currentRedirectCode = redirectCodes[currentTest];
ok(data.result === "secure", "Received 'https' for " + currentRedirectCode);
testWin.close();
if (++currentTest < redirectCodes.length) {
startTest();
return;
}
window.removeEventListener("message", receiveMessage);
SimpleTest.finish();
}
async function startTest() {
const currentCode = redirectCodes[currentTest];
// Make a request to a site (eg. https://file_redirect.sjs?301), which will redirect to http://file_redirect.sjs?check.
// The response will either be secure-ok, if the request has been upgraded to https:// or secure-error if it didn't.
}
// Set preference and start test
SpecialPowers.pushPrefEnv({ set: [
["dom.security.https_first", true],
["security.mixed_content.block_active_content", false],
["security.mixed_content.block_display_content", false],
]}, startTest);
SimpleTest.waitForExplicitFinish();
</script>
</body>
</html>