browser_setDisableAllSecurityChecksAndLetAttackersInterceptMyData.js

Enable keyboard shortcuts

/* This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

"use strict";

const { ContextualIdentityListener } = ChromeUtils.importESModule(

  "chrome://remote/content/shared/listeners/ContextualIdentityListener.sys.mjs"

);

const PAGE_URL = "https://example.com/";

const PAGE_WITH_EXPIRED_CERT = "https://expired.example.com/";

add_task(async function test_disable_all_security_checks_globally() {

  const certOverrideService = Cc[

    "@mozilla.org/security/certoverride;1"

  ].getService(Ci.nsICertOverrideService);

  const tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, PAGE_URL);

  const browser = gBrowser.selectedBrowser;

  info("Loading and waiting for the cert error");

  let errorPageLoaded = BrowserTestUtils.waitForErrorPage(browser);

  BrowserTestUtils.startLoadingURIString(browser, PAGE_WITH_EXPIRED_CERT);

  await errorPageLoaded;

  Assert.ok(true, "Error page is loaded");

  info("Disable security checks");

  certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(

    true

);

  const loadedPromise = BrowserTestUtils.browserLoaded(browser);

  BrowserTestUtils.startLoadingURIString(browser, PAGE_WITH_EXPIRED_CERT);

  await loadedPromise;

  Assert.ok(true, "Normal page is loaded");

  info("Enable security checks");

  certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(

    false

);

  errorPageLoaded = BrowserTestUtils.waitForErrorPage(browser);

  BrowserTestUtils.startLoadingURIString(browser, PAGE_WITH_EXPIRED_CERT);

  await errorPageLoaded;

  Assert.ok(true, "Error page is loaded");

  BrowserTestUtils.removeTab(tab);

});

add_task(async function test_disable_all_security_checks_for_user_context() {

  const certOverrideService = Cc[

    "@mozilla.org/security/certoverride;1"

  ].getService(Ci.nsICertOverrideService);

  const userContext = ContextualIdentityService.create("test_name");

  const { userContextId } = userContext;

  const tabInUserContext = BrowserTestUtils.addTab(gBrowser, PAGE_URL, {

    userContextId,

});

  const browserInUserContext = tabInUserContext.linkedBrowser;

  info("Loading and waiting for the cert error in user context");

  let errorPageLoaded = BrowserTestUtils.waitForErrorPage(browserInUserContext);

  BrowserTestUtils.startLoadingURIString(

    browserInUserContext,

    PAGE_WITH_EXPIRED_CERT

);

  await errorPageLoaded;

  Assert.ok(true, "Error page is loaded");

  info("Disable security checks for user context");

  certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyDataForUserContext(

    userContextId,

    true

);

  let loadedPromise = BrowserTestUtils.browserLoaded(browserInUserContext);

  BrowserTestUtils.startLoadingURIString(

    browserInUserContext,

    PAGE_WITH_EXPIRED_CERT

);

  await loadedPromise;

  Assert.ok(true, "Normal page is loaded in user context");

  const tabInDefaultUserContext = BrowserTestUtils.addTab(gBrowser, PAGE_URL);

  const browserInDefaultUserContext = tabInDefaultUserContext.linkedBrowser;

  info("Loading and waiting for the cert error in default user context");

  errorPageLoaded = BrowserTestUtils.waitForErrorPage(

    browserInDefaultUserContext

);

  BrowserTestUtils.startLoadingURIString(

    browserInDefaultUserContext,

    PAGE_WITH_EXPIRED_CERT

);

  await errorPageLoaded;

  Assert.ok(true, "Error page is loaded");

  BrowserTestUtils.removeTab(tabInUserContext);

  BrowserTestUtils.removeTab(tabInDefaultUserContext);

  ContextualIdentityService.remove(userContextId);

});

add_task(

  async function test_disable_all_security_checks_globally_enable_for_user_context() {

    const certOverrideService = Cc[

      "@mozilla.org/security/certoverride;1"

    ].getService(Ci.nsICertOverrideService);

    const tabInDefaultUserContext = await BrowserTestUtils.openNewForegroundTab(

      gBrowser,

      PAGE_URL

);

    const browser = gBrowser.selectedBrowser;

    info("Disable security checks");

    certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(

      true

);

    let loadedPromise = BrowserTestUtils.browserLoaded(browser);

    BrowserTestUtils.startLoadingURIString(browser, PAGE_WITH_EXPIRED_CERT);

    await loadedPromise;

    Assert.ok(true, "Normal page is loaded");

    const userContext = ContextualIdentityService.create("test_name");

    const { userContextId } = userContext;

    const tabInUserContext = BrowserTestUtils.addTab(gBrowser, PAGE_URL, {

      userContextId,

});

    const browserInUserContext = tabInUserContext.linkedBrowser;

    info("Enable security checks for user context");

    certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyDataForUserContext(

      userContextId,

      false

);

    info("Loading and waiting for the cert error in user context");

    const errorPageLoaded =

      BrowserTestUtils.waitForErrorPage(browserInUserContext);

    BrowserTestUtils.startLoadingURIString(

      browserInUserContext,

      PAGE_WITH_EXPIRED_CERT

);

    await errorPageLoaded;

    Assert.ok(true, "Error page is loaded");

    BrowserTestUtils.removeTab(tabInDefaultUserContext);

    BrowserTestUtils.removeTab(tabInUserContext);

    ContextualIdentityService.remove(userContextId);

    info("Reenable security checks");

    certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyData(

      false

);

);

add_task(

  async function test_reset_disable_all_security_checks_for_user_context() {

    const certOverrideService = Cc[

      "@mozilla.org/security/certoverride;1"

    ].getService(Ci.nsICertOverrideService);

    const userContext = ContextualIdentityService.create("test_name");

    const { userContextId } = userContext;

    const tabInUserContext = BrowserTestUtils.addTab(gBrowser, PAGE_URL, {

      userContextId,

});

    const browserInUserContext = tabInUserContext.linkedBrowser;

    info("Loading and waiting for the cert error in user context");

    let errorPageLoaded =

      BrowserTestUtils.waitForErrorPage(browserInUserContext);

    BrowserTestUtils.startLoadingURIString(

      browserInUserContext,

      PAGE_WITH_EXPIRED_CERT

);

    await errorPageLoaded;

    Assert.ok(true, "Error page is loaded");

    info("Disable security checks for user context");

    certOverrideService.setDisableAllSecurityChecksAndLetAttackersInterceptMyDataForUserContext(

      userContextId,

      true

);

    let loadedPromise = BrowserTestUtils.browserLoaded(browserInUserContext);

    BrowserTestUtils.startLoadingURIString(

      browserInUserContext,

      PAGE_WITH_EXPIRED_CERT

);

    await loadedPromise;

    Assert.ok(true, "Normal page is loaded in user context");

    info("Reset disable security checks for user context");

    certOverrideService.resetDisableAllSecurityChecksAndLetAttackersInterceptMyDataForUserContext(

      userContextId

);

    errorPageLoaded = BrowserTestUtils.waitForErrorPage(browserInUserContext);

    BrowserTestUtils.startLoadingURIString(

      browserInUserContext,

      PAGE_WITH_EXPIRED_CERT

);

    await errorPageLoaded;

    Assert.ok(true, "Error page is loaded");

    BrowserTestUtils.removeTab(tabInUserContext);

    ContextualIdentityService.remove(userContextId);

);