autoland: changeset 350185:9cd5529dcc38c97971c37b3fa483d16187917792

--- a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
+++ b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
@@ -7,27 +7,27 @@ function run_test() {
 
   ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
                             Services.io.newURI("https://expired.example.com"),
                             0));
   ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
                            Services.io.newURI("https://notexpired.example.com"),
                            0));
   ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                           Services.io.newURI("https://bugzilla.mozilla.org"),
+                           Services.io.newURI("https://includesubdomains.preloaded.test"),
                            0));
   ok(!SSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://sub.includesubdomains.preloaded.test"), 0));
   ok(SSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://incsubdomain.example.com"), 0));
   ok(SSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
   ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://login.persona.org"),
+                            Services.io.newURI("https://includesubdomains2.preloaded.test"),
                             0));
   ok(!SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://sub.login.persona.org"),
+                            Services.io.newURI("https://sub.includesubdomains2.preloaded.test"),
                             0));
   do_test_finished();
 }

--- a/security/manager/ssl/tests/unit/test_sss_readstate.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate.js
@@ -21,76 +21,76 @@ function checkStateRead(aSubject, aTopic
 
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
                              Services.io.newURI("https://expired.example.com"),
                              0));
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
                             Services.io.newURI("https://notexpired.example.com"),
                             0));
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://bugzilla.mozilla.org"),
+                            Services.io.newURI("https://includesubdomains.preloaded.test"),
                             0));
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://sub.includesubdomains.preloaded.test"), 0));
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://incsubdomain.example.com"), 0));
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                             Services.io.newURI("https://login.persona.org"),
+                             Services.io.newURI("https://includesubdomains2.preloaded.test"),
                              0));
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://sub.login.persona.org"), 0));
+       Services.io.newURI("https://sub.includesubdomains2.preloaded.test"), 0));
 
   // Clearing the data should make everything go back to default.
   gSSService.clearAll();
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
                              Services.io.newURI("https://expired.example.com"),
                              0));
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://notexpired.example.com"), 0));
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://bugzilla.mozilla.org"),
+                            Services.io.newURI("https://includesubdomains.preloaded.test"),
                             0));
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://sub.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://sub.includesubdomains.preloaded.test"), 0));
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://incsubdomain.example.com"), 0));
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://sub.incsubdomain.example.com"), 0));
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://login.persona.org"), 0));
+                            Services.io.newURI("https://includesubdomains2.preloaded.test"), 0));
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://sub.login.persona.org"),
+                            Services.io.newURI("https://sub.includesubdomains2.preloaded.test"),
                             0));
   do_test_finished();
 }
 
 function run_test() {
   let profileDir = do_get_profile();
   let stateFile = profileDir.clone();
   stateFile.append(SSS_STATE_FILE_NAME);
   // Assuming we're working with a clean slate, the file shouldn't exist
   // until we create it.
   ok(!stateFile.exists());
   let outputStream = FileUtils.openFileOutputStream(stateFile);
   let now = (new Date()).getTime();
   writeLine("expired.example.com:HSTS\t0\t0\t" + (now - 100000) + ",1,0\n", outputStream);
   writeLine("notexpired.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
   // This overrides an entry on the preload list.
-  writeLine("bugzilla.mozilla.org:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
+  writeLine("includesubdomains.preloaded.test:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
   writeLine("incsubdomain.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,1\n", outputStream);
   // This overrides an entry on the preload list.
-  writeLine("login.persona.org:HSTS\t0\t0\t0,2,0\n", outputStream);
+  writeLine("includesubdomains2.preloaded.test:HSTS\t0\t0\t0,2,0\n", outputStream);
   outputStream.close();
   Services.obs.addObserver(checkStateRead, "data-storage-ready", false);
   do_test_pending();
   gSSService = Cc["@mozilla.org/ssservice;1"]
                  .getService(Ci.nsISiteSecurityService);
   notEqual(gSSService, null);
 }

--- a/security/manager/ssl/tests/unit/test_sss_readstate_child.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_child.js
@@ -23,19 +23,19 @@ function run_test() {
   // Assuming we're working with a clean slate, the file shouldn't exist
   // until we create it.
   ok(!stateFile.exists());
   let outputStream = FileUtils.openFileOutputStream(stateFile);
   let now = (new Date()).getTime();
   writeLine("expired.example.com:HSTS\t0\t0\t" + (now - 100000) + ",1,0\n", outputStream);
   writeLine("notexpired.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
   // This overrides an entry on the preload list.
-  writeLine("bugzilla.mozilla.org:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
+  writeLine("includesubdomains.preloaded.test:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
   writeLine("incsubdomain.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,1\n", outputStream);
   // This overrides an entry on the preload list.
-  writeLine("login.persona.org:HSTS\t0\t0\t0,2,0\n", outputStream);
+  writeLine("includesubdomains2.preloaded.test:HSTS\t0\t0\t0,2,0\n", outputStream);
   outputStream.close();
   Services.obs.addObserver(start_test_in_child, "data-storage-ready", false);
   do_test_pending();
   let SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
   notEqual(SSService, null);
 }

--- a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
@@ -8,19 +8,18 @@
 
 var gSSService = null;
 
 function checkStateRead(aSubject, aTopic, aData) {
   // nonexistent.example.com should never be an HSTS host
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://nonexistent.example.com"), 0));
-  // bugzilla.mozilla.org is preloaded
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://bugzilla.mozilla.org"),
+                            Services.io.newURI("https://includesubdomains.preloaded.test"),
                             0));
   // notexpired.example.com is an HSTS host in a different test - we
   // want to make sure that test hasn't interfered with this one.
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
        Services.io.newURI("https://notexpired.example.com"), 0));
   do_test_finished();
 }

--- a/security/manager/ssl/tests/unit/test_sss_savestate.js
+++ b/security/manager/ssl/tests/unit/test_sss_savestate.js
@@ -47,20 +47,20 @@ function checkStateWritten(aSubject, aTo
   // We can receive multiple data-storage-written events. In particular, we
   // may receive one where DataStorage wrote out data before we were done
   // processing all of our headers. In this case, the data may not be
   // as we expect. We only care about the final one being correct, however,
   // so we return and wait for the next event if things aren't as we expect.
   // sites[url][1] corresponds to SecurityPropertySet (if 1) and
   //                              SecurityPropertyUnset (if 0)
   // sites[url][2] corresponds to includeSubdomains
-  if (sites["bugzilla.mozilla.org:HSTS"][1] != 1) {
+  if (sites["includesubdomains.preloaded.test:HSTS"][1] != 1) {
     return;
   }
-  if (sites["bugzilla.mozilla.org:HSTS"][2] != 0) {
+  if (sites["includesubdomains.preloaded.test:HSTS"][2] != 0) {
     return;
   }
   if (sites["a.example.com:HSTS"][1] != 1) {
     return;
   }
   if (sites["a.example.com:HSTS"][2] != 1) {
     return;
   }
@@ -98,17 +98,17 @@ function run_test() {
   gProfileDir = do_get_profile();
   let SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
   // Put an HPKP entry
   SSService.setKeyPins("dynamic-pin.example.com", true,
                        new Date().getTime() + 1000000, 1,
                        [NON_ISSUED_KEY_HASH]);
 
-  let uris = [ Services.io.newURI("http://bugzilla.mozilla.org"),
+  let uris = [ Services.io.newURI("http://includesubdomains.preloaded.test"),
                Services.io.newURI("http://a.example.com"),
                Services.io.newURI("http://b.example.com"),
                Services.io.newURI("http://c.c.example.com"),
                Services.io.newURI("http://d.example.com") ];
 
   for (let i = 0; i < 1000; i++) {
     let uriIndex = i % uris.length;
     // vary max-age

--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
@@ -1,13 +1,8 @@
-// This test attempts to use only domains that are likely to remain on the
-// preload list for a long time. Currently this includes bugzilla.mozilla.org
-// and login.persona.org because they are Mozilla properties and we are
-// invested in HSTS. Additionally, www.torproject.org was deemed likely to
-// continue to use HSTS.
 "use strict";
 
 var gSSService = Cc["@mozilla.org/ssservice;1"]
                    .getService(Ci.nsISiteSecurityService);
 
 function Observer() {}
 Observer.prototype = {
   observe(subject, topic, data) {
@@ -35,57 +30,57 @@ function run_test() {
 
   run_next_test();
 }
 
 function test_part1() {
   // check that a host not in the list is not identified as an sts host
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://nonexistent.mozilla.com"), 0));
+       Services.io.newURI("https://nonexistent.example.com"), 0));
 
   // check that an ancestor domain is not identified as an sts host
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
                              Services.io.newURI("https://com"), 0));
 
   // check that the pref to toggle using the preload list works
   Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", false);
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                             Services.io.newURI("https://bugzilla.mozilla.org"),
+                             Services.io.newURI("https://includesubdomains.preloaded.test"),
                              0));
   Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", true);
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://bugzilla.mozilla.org"),
+                            Services.io.newURI("https://includesubdomains.preloaded.test"),
                             0));
 
   // check that a subdomain is an sts host (includeSubdomains is set)
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://subdomain.includesubdomains.preloaded.test"), 0));
 
   // check that another subdomain is an sts host (includeSubdomains is set)
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://a.b.c.def.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://a.b.c.def.includesubdomains.preloaded.test"), 0));
 
   // check that a subdomain is not an sts host (includeSubdomains is not set)
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://subdomain.www.torproject.org"), 0));
+       Services.io.newURI("https://subdomain.noincludesubdomains.preloaded.test"), 0));
 
   // check that a host with a dot on the end won't break anything
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://notsts.nonexistent.mozilla.com."), 0));
+       Services.io.newURI("https://notsts.nonexistent.example.com."), 0));
 
   // check that processing a header with max-age: 0 will remove a preloaded
   // site from the list
-  let uri = Services.io.newURI("https://bugzilla.mozilla.org");
+  let uri = Services.io.newURI("https://includesubdomains.preloaded.test");
   let subDomainUri =
-    Services.io.newURI("https://subdomain.bugzilla.mozilla.org");
+    Services.io.newURI("https://subdomain.includesubdomains.preloaded.test");
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=0", sslStatus, 0);
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
                              subDomainUri, 0));
   // check that processing another header (with max-age non-zero) will
   // re-enable a site's sts status
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
@@ -93,92 +88,92 @@ function test_part1() {
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
   // but this time include subdomains was not set, so test for that
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
                              subDomainUri, 0));
   gSSService.clearAll();
 
   // check that processing a header with max-age: 0 from a subdomain of a site
   // will not remove that (ancestor) site from the list
-  uri = Services.io.newURI("https://subdomain.www.torproject.org");
+  uri = Services.io.newURI("https://subdomain.noincludesubdomains.preloaded.test");
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=0", sslStatus, 0);
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://www.torproject.org"),
+                            Services.io.newURI("https://noincludesubdomains.preloaded.test"),
                             0));
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
 
-  uri = Services.io.newURI("https://subdomain.bugzilla.mozilla.org");
+  uri = Services.io.newURI("https://subdomain.includesubdomains.preloaded.test");
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=0", sslStatus, 0);
   // we received a header with "max-age=0", so we have "no information"
-  // regarding the sts state of subdomain.bugzilla.mozilla.org specifically,
+  // regarding the sts state of subdomain.includesubdomains.preloaded.test specifically,
   // but it is actually still an STS host, because of the preloaded
-  // bugzilla.mozilla.org including subdomains.
+  // includesubdomains.preloaded.test including subdomains.
   // Here's a drawing:
-  // |-- bugzilla.mozilla.org (in preload list, includes subdomains) IS sts host
-  //     |-- subdomain.bugzilla.mozilla.org                          IS sts host
-  //     |   `-- another.subdomain.bugzilla.mozilla.org              IS sts host
-  //     `-- sibling.bugzilla.mozilla.org                            IS sts host
+  // |-- includesubdomains.preloaded.test (in preload list, includes subdomains) IS sts host
+  //     |-- subdomain.includesubdomains.preloaded.test                          IS sts host
+  //     |   `-- another.subdomain.includesubdomains.preloaded.test              IS sts host
+  //     `-- sibling.includesubdomains.preloaded.test                            IS sts host
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS,
-                            Services.io.newURI("https://bugzilla.mozilla.org"),
+                            Services.io.newURI("https://includesubdomains.preloaded.test"),
                             0));
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://subdomain.includesubdomains.preloaded.test"), 0));
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://sibling.includesubdomains.preloaded.test"), 0));
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"),
+       Services.io.newURI("https://another.subdomain.includesubdomains.preloaded.test"),
        0));
 
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=1000", sslStatus, 0);
   // Here's what we have now:
-  // |-- bugzilla.mozilla.org (in preload list, includes subdomains) IS sts host
-  //     |-- subdomain.bugzilla.mozilla.org (include subdomains is false) IS sts host
-  //     |   `-- another.subdomain.bugzilla.mozilla.org              IS NOT sts host
-  //     `-- sibling.bugzilla.mozilla.org                            IS sts host
+  // |-- includesubdomains.preloaded.test (in preload list, includes subdomains) IS sts host
+  //     |-- subdomain.includesubdomains.preloaded.test (include subdomains is false) IS sts host
+  //     |   `-- another.subdomain.includesubdomains.preloaded.test              IS NOT sts host
+  //     `-- sibling.includesubdomains.preloaded.test                            IS sts host
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://subdomain.includesubdomains.preloaded.test"), 0));
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://sibling.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://sibling.includesubdomains.preloaded.test"), 0));
   ok(!gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://another.subdomain.bugzilla.mozilla.org"),
+       Services.io.newURI("https://another.subdomain.includesubdomains.preloaded.test"),
        0));
 
   // Test that an expired non-private browsing entry results in correctly
   // identifying a host that is on the preload list as no longer sts.
   // (This happens when we're in regular browsing mode, we get a header from
   // a site on the preload list, and that header later expires. We need to
   // then treat that host as no longer an sts host.)
   // (sanity check first - this should be in the preload list)
-  uri = Services.io.newURI("https://login.persona.org");
+  uri = Services.io.newURI("https://includesubdomains2.preloaded.test");
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=1", sslStatus, 0);
   do_timeout(1250, function() {
     ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
     run_next_test();
   });
 }
 
 const IS_PRIVATE = Ci.nsISocketProvider.NO_PERMANENT_STORAGE;
 
 function test_private_browsing1() {
   gSSService.clearAll();
-  let uri = Services.io.newURI("https://bugzilla.mozilla.org");
+  let uri = Services.io.newURI("https://includesubdomains.preloaded.test");
   let subDomainUri =
-    Services.io.newURI("https://a.b.c.subdomain.bugzilla.mozilla.org");
-  // sanity - bugzilla.mozilla.org is preloaded, includeSubdomains set
+    Services.io.newURI("https://a.b.c.subdomain.includesubdomains.preloaded.test");
+  // sanity - includesubdomains.preloaded.test is preloaded, includeSubdomains set
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                             IS_PRIVATE));
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, subDomainUri,
                             IS_PRIVATE));
 
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=0", sslStatus, IS_PRIVATE);
   ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
@@ -203,39 +198,39 @@ function test_private_browsing1() {
                              subDomainUri, IS_PRIVATE));
 
   // Test that an expired private browsing entry results in correctly
   // identifying a host that is on the preload list as no longer sts.
   // (This happens when we're in private browsing mode, we get a header from
   // a site on the preload list, and that header later expires. We need to
   // then treat that host as no longer an sts host.)
   // (sanity check first - this should be in the preload list)
-  uri = Services.io.newURI("https://login.persona.org");
+  uri = Services.io.newURI("https://includesubdomains2.preloaded.test");
   ok(gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                             IS_PRIVATE));
   gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                            "max-age=1", sslStatus, IS_PRIVATE);
   do_timeout(1250, function() {
     ok(!gSSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
                                IS_PRIVATE));
     // Simulate leaving private browsing mode
     Services.obs.notifyObservers(null, "last-pb-context-exited", null);
   });
 }
 
 function test_private_browsing2() {
   // if this test gets this far, it means there's a private browsing service
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://bugzilla.mozilla.org"), 0));
-  // the bugzilla.mozilla.org entry has includeSubdomains set
+       Services.io.newURI("https://includesubdomains.preloaded.test"), 0));
+  // the includesubdomains.preloaded.test entry has includeSubdomains set
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://subdomain.bugzilla.mozilla.org"), 0));
+       Services.io.newURI("https://subdomain.includesubdomains.preloaded.test"), 0));
 
   // Now that we're out of private browsing mode, we need to make sure
   // we've "forgotten" that we "forgot" this site's sts status.
   ok(gSSService.isSecureURI(
        Ci.nsISiteSecurityService.HEADER_HSTS,
-       Services.io.newURI("https://login.persona.org"), 0));
+       Services.io.newURI("https://includesubdomains2.preloaded.test"), 0));
 
   run_next_test();
 }

--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
@@ -1,16 +1,14 @@
-// This test uses bugzilla.mozilla.org given that it is likely to remain
-// on the preload list for a long time.
 "use strict";
 
 function run_test() {
   let SSService = Cc["@mozilla.org/ssservice;1"]
                     .getService(Ci.nsISiteSecurityService);
-  let uri = Services.io.newURI("https://bugzilla.mozilla.org");
+  let uri = Services.io.newURI("https://includesubdomains.preloaded.test");
 
   // check that a host on the preload list is identified as an sts host
   ok(SSService.isSecureURI(Ci.nsISiteSecurityService.HEADER_HSTS, uri, 0));
 
   // now simulate that it's 19 weeks later than it actually is
   let offsetSeconds = 19 * 7 * 24 * 60 * 60;
   Services.prefs.setIntPref("test.currentTimeOffsetSeconds", offsetSeconds);

--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -125,34 +125,30 @@ requesttimeoutfactor = 2
 run-sequentially = hardcoded ports
 [test_signed_apps.js]
 [test_signed_dir.js]
 tags = addons psm
 [test_sss_enumerate.js]
 [test_sss_eviction.js]
 [test_sss_originAttributes.js]
 [test_sss_readstate.js]
-skip-if = true # bug 1350599
 [test_sss_readstate_child.js]
 support-files = sss_readstate_child_worker.js
 # bug 1124289 - run_test_in_child violates the sandbox on android
 skip-if = toolkit == 'android'
 [test_sss_readstate_empty.js]
-skip-if = true # bug 1350599
 [test_sss_readstate_garbage.js]
 [test_sss_readstate_huge.js]
 [test_sss_savestate.js]
 [test_startcom_wosign.js]
 [test_sts_fqdn.js]
 [test_sts_holepunch.js]
 [test_sts_ipv4_ipv6.js]
 [test_sts_parser.js]
 [test_sts_preload_dynamic.js]
 [test_sts_preloadlist_perwindowpb.js]
-skip-if = true # bug 1350599
 [test_sts_preloadlist_selfdestruct.js]
-skip-if = true # bug 1350599
 [test_validity.js]
 run-sequentially = hardcoded ports
 [test_x509.js]
 
 # The TLS error reporting functionality lives in /toolkit but needs tlsserver
 [test_toolkit_securityreporter.js]

author	Cykesiopka <cykesiopka.bmo@gmail.com>
	Mon, 27 Mar 2017 22:56:38 +0800
changeset 350185	9cd5529dcc38c97971c37b3fa483d16187917792
parent 350184	f2fc9e7b66db6733edcc85fb08a21e6933e1888b
child 350186	35caf320cf701444d573442d25c7426c1c60b993
push id	39705
push user	philringnalda@gmail.com
push date	Wed, 29 Mar 2017 01:59:30 +0000
treeherder	autoland@9cd5529dcc38 [default view] [failures only]
perfherder	[talos] [build metrics] [platform microbench] (compared to previous push)
reviewers	keeler
bugs	1350599
milestone	55.0a1
first release with	nightly linux32 6ea713ccc9ab / 55.0a1 / 20170329142008 / files nightly linux64 6ea713ccc9ab / 55.0a1 / 20170329142008 / files nightly mac 6ea713ccc9ab / 55.0a1 / 20170329071901 / files nightly win32 6ea713ccc9ab / 55.0a1 / 20170329071901 / files nightly win64 6ea713ccc9ab / 55.0a1 / 20170329071901 / files
last release without	nightly linux32 272ce6c25721 / 55.0a1 / 20170329100319 / files nightly linux64 272ce6c25721 / 55.0a1 / 20170329100319 / files nightly mac 272ce6c25721 / 55.0a1 / 20170329030240 / files nightly win32 272ce6c25721 / 55.0a1 / 20170329030240 / files nightly win64 272ce6c25721 / 55.0a1 / 20170329030240 / files

security/manager/ssl/tests/unit/sss_readstate_child_worker.js		file \| annotate \| diff \| comparison \| revisions
security/manager/ssl/tests/unit/test_sss_readstate.js		file \| annotate \| diff \| comparison \| revisions
security/manager/ssl/tests/unit/test_sss_readstate_child.js		file \| annotate \| diff \| comparison \| revisions
security/manager/ssl/tests/unit/test_sss_readstate_empty.js		file \| annotate \| diff \| comparison \| revisions
security/manager/ssl/tests/unit/test_sss_savestate.js		file \| annotate \| diff \| comparison \| revisions
security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js		file \| annotate \| diff \| comparison \| revisions
security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js		file \| annotate \| diff \| comparison \| revisions
security/manager/ssl/tests/unit/xpcshell.ini		file \| annotate \| diff \| comparison \| revisions