gecko/security/manager/ssl/tests/mochitest/bugs/test_bug413909.html

<!DOCTYPE HTML>
<html>
<head>
  <title>Test bug 413909</title>
  <script type="text/javascript" src="chrome://mochikit/content/MochiKit/packed.js"></script>
  <script type="text/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>        
  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css" />
</head>
<body onload="onWindowLoad()">

<script class="testbody" type="text/javascript">

var certOverrideService = Components.classes["@mozilla.org/security/certoverride;1"]
  .getService(Components.interfaces.nsICertOverrideService);
var cert = null;
var certListener = null;
var frameLoadTimeout = null;

SimpleTest.waitForExplicitFinish();

function badCertListener() 
{
}

badCertListener.prototype = {
  exceptionAdded: false,

  getInterface: function (aIID) {
    return this.QueryInterface(aIID);
  },

  QueryInterface: function(aIID) {
    if (aIID.equals(Components.interfaces.nsIBadCertListener2) ||
        aIID.equals(Components.interfaces.nsIInterfaceRequestor) ||
        aIID.equals(Components.interfaces.nsISupports))
      return this;

    throw Components.results.NS_ERROR_NO_INTERFACE;
  },  

  notifyCertProblem: function MSR_notifyCertProblem(socketInfo, sslStatus, targetHost) {
    cert = sslStatus.QueryInterface(Components.interfaces.nsISSLStatus)
      .serverCert;
  
    certOverrideService.rememberValidityOverride(
      "bug413909.xn--hxajbheg2az3al.xn--jxalpdlp",
      -1,
      cert,
      certOverrideService.ERROR_UNTRUSTED,
      false);

    this.exceptionAdded = true;
    return true;
  }
}

function apiTest(expected)
{
  var has;
  var bits = {}, temp = {};
  
  has = certOverrideService.hasMatchingOverride(
      "bug413909.xn--hxajbheg2az3al.xn--jxalpdlp", 
      -1, cert, bits, temp);
  is(has, expected, "hasMatchingOverride "+expected+" for default port value");
  
  has = certOverrideService.hasMatchingOverride(
      "bug413909.xn--hxajbheg2az3al.xn--jxalpdlp", 
      443, cert, bits, temp);
  is(has, expected, "hasMatchingOverride "+expected+" for explicit port value");
  
  has = certOverrideService.hasMatchingOverride(
      "bug413909.xn--hxajbheg2az3al.xn--jxalpdlp", 
      563, cert, bits, temp);
  ok(!has, "hasMatchingOverride false for invalid port value");
  
  has = certOverrideService.hasMatchingOverride(
      window.frame1.location.hostname, 
      -1, cert, bits, temp);
  ok(!has, "hasMatchingOverride false for default port value and non-ascii host");
  
  has = certOverrideService.hasMatchingOverride(
      window.frame1.location.hostname, 
      443, cert, bits, temp);
  ok(!has, "hasMatchingOverride false for explicit port value and non-ascii host");
  
  has = certOverrideService.hasMatchingOverride(
      window.frame1.location.hostname, 
      563, cert, bits, temp);
  ok(!has, "hasMatchingOverride false for invalid port value and non-ascii host");
}

function onFrameLoad()
{
  ok(certListener.exceptionAdded, "Secure page loaded after exception was added and not sooner");
  if (!certListener.exceptionAdded)
    return;
  
  apiTest(true);
  certOverrideService.clearValidityOverride(
    "bug413909.xn--hxajbheg2az3al.xn--jxalpdlp", -1);
  apiTest(false);

  clearTimeout(frameLoadTimeout);
  SimpleTest.finish();
}

function onWindowLoad()
{
  var req = new XMLHttpRequest();
  try
  {
    certListener = new badCertListener();
    
    req.open("GET", "https://bug413909.xn--hxajbheg2az3al.xn--jxalpdlp/", false);
    req.channel.notificationCallbacks = certListener;
    req.send(null);
  }
  catch(ex)
  {
    // ignore
  }
  
  // There is no error event indicating frame load error,
  // simulate using timeout.
  frameLoadTimeout = setTimeout(function() 
  {
    ok(false, "Secure page did not load, adding exception failed?");
    SimpleTest.finish();
  }, 5000);

  window.frame1.location.reload();
}

</script>
<iframe name="frame1" src="https://bug413909.xn--hxajbheg2az3al.xn--jxalpdlp/" onload="onFrameLoad()"></iframe>
</body>
</html>