Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Warnings
- This test gets skipped with pattern: http3 OR http2
- Manifest: toolkit/components/extensions/test/mochitest/mochitest-remote.toml includes toolkit/components/extensions/test/mochitest/mochitest-common.toml
- Manifest: toolkit/components/extensions/test/mochitest/mochitest.toml includes toolkit/components/extensions/test/mochitest/mochitest-common.toml
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>browser.webRequest.getSecurityInfo()</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<script src="/tests/SimpleTest/ExtensionTestUtils.js"></script>
<link rel="stylesheet" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<script>
"use strict";
add_task(async function test_getSecurityInfo() {
const extension = ExtensionTestUtils.loadExtension({
manifest: {
permissions: [
"webRequest",
"webRequestBlocking",
"*://example.org/*"
],
},
async background() {
const url = "https://example.org/tests/toolkit/components/extensions/test/mochitest/file_sample.html";
let tab;
browser.webRequest.onHeadersReceived.addListener(async details => {
const securityInfo = await browser.webRequest.getSecurityInfo(
details.requestId
);
// Some properties have dynamic values so let's take them out of the
// `securityInfo` object before asserting all the other props with deep
// equality.
const {
cipherSuite,
secretKeyLength,
keaGroupName,
signatureSchemeName,
protocolVersion,
certificates,
...otherProps
} = securityInfo;
browser.test.assertTrue(cipherSuite.length, "expected cipher suite");
browser.test.assertTrue(
Number.isInteger(secretKeyLength),
"expected secret key length"
);
browser.test.assertTrue(
keaGroupName.length,
"expected kea group name"
);
browser.test.assertTrue(
signatureSchemeName.length,
"expected signature scheme name"
);
browser.test.assertTrue(
protocolVersion.length,
"expected protocol version"
);
browser.test.assertTrue(
Array.isArray(certificates),
"expected an array of certificates"
);
browser.test.assertDeepEq({
state: "secure",
isExtendedValidation: false,
certificateTransparencyStatus: "not_applicable",
hsts: false,
hpkp: false,
usedEch: false,
usedDelegatedCredentials: false,
usedOcsp: false,
usedPrivateDns: false,
}, otherProps, "expected security info");
await browser.tabs.remove(tab.id);
browser.test.notifyPass("success");
}, { urls: [url] } , ["blocking"]);
tab = await browser.tabs.create({ url });
},
});
await extension.startup();
await extension.awaitFinish("success");
await extension.unload();
});
add_task(async function test_getSecurityInfo_without_permission() {
const extension = ExtensionTestUtils.loadExtension({
manifest: {
manifest_version: 3,
granted_host_permissions: true,
permissions: [ "webRequest", "webRequestBlocking"],
host_permissions: ["*://example.org/*"],
},
async background() {
let requestCount = 0;
browser.webRequest.onHeadersReceived.addListener(
async ({ requestId }) => {
++requestCount;
try {
let info = await browser.webRequest.getSecurityInfo(requestId, {});
browser.test.assertEq("secure", info?.state, "Got SecurityInfo");
await browser.permissions.remove({ origins: ["*://example.org/*"] });
browser.test.assertDeepEq(
undefined,
await browser.webRequest.getSecurityInfo(requestId, {}),
"getSecurityInfo() should not return info without permission"
);
} catch (e) {
browser.test.fail(`Unexpected error in onHeadersReceived: ${e}`);
}
},
{ urls: ["*://example.org/*/file_image_good.png?permcheck*"] },
["blocking"]
);
// Main purpose of this is to ensure that the webRequest listener has
browser.webRequest.getSecurityInfo("").then(securityInfo => {
browser.test.assertEq(
undefined,
securityInfo,
"getSecurityInfo() with invalid requestId resolves to undefined"
);
const img = new Image();
img.src = "https://example.org/tests/toolkit/components/extensions/test/mochitest/file_image_good.png?permcheck&_=" + Date.now();
img.decode().then(() => {
browser.test.assertEq(1, requestCount, "Seen request");
browser.test.sendMessage("done");
});
});
},
});
await extension.startup();
await extension.awaitMessage("done");
await extension.unload();
});
</script>
</body>
</html>