Bug 1290529 - Clear HSTS and HPKP for subdomains in ForgetAboutSite. r=MattN,mgoodwin draft
authorJonathan Hao <jhao@mozilla.com>
Wed, 18 Jan 2017 16:01:26 +0800
changeset 463424 c38b54c67ccc481232756b316978e1698a922f63
parent 462919 24c57a372151b229c5b5fcd976a86e999cc768e4
child 542669 ace609cba3a2f4f5157437e6ae21a2dfa2406656
push id42056
push userbmo:jhao@mozilla.com
push dateThu, 19 Jan 2017 02:32:02 +0000
reviewersMattN, mgoodwin
bugs1290529
milestone53.0a1
Bug 1290529 - Clear HSTS and HPKP for subdomains in ForgetAboutSite. r=MattN,mgoodwin MozReview-Commit-ID: 1mQUbZNyLgz
security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js
toolkit/forgetaboutsite/ForgetAboutSite.jsm
--- a/security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js
+++ b/security/manager/ssl/tests/unit/test_forget_about_site_security_headers.js
@@ -66,17 +66,16 @@ add_task(function* () {
   Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
                               "a.pinning2.example.com", 0),
             "a.pinning2.example.com should not be HSTS now");
   Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
                               "a.pinning2.example.com", 0),
             "a.pinning2.example.com should not be HPKP now");
 });
 
-// TODO (bug 1290529): the platform does not support this yet.
 // Test the case of processing HSTS and HPKP headers for a.pinning2.example.com,
 // using "Forget About Site" on example.com, and then checking that the platform
 // doesn't consider the subdomain to be HSTS or HPKP any longer.
 add_task(function* () {
   sss.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri, GOOD_MAX_AGE,
                     sslStatus, 0);
   sss.processHeader(Ci.nsISiteSecurityService.HEADER_HPKP, uri,
                     GOOD_MAX_AGE + VALID_PIN + BACKUP_PIN, sslStatus, 0);
@@ -85,16 +84,15 @@ add_task(function* () {
                              "a.pinning2.example.com", 0),
             "a.pinning2.example.com should be HSTS (subdomain case)");
   Assert.ok(sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
                              "a.pinning2.example.com", 0),
             "a.pinning2.example.com should be HPKP (subdomain case)");
 
   yield ForgetAboutSite.removeDataFromDomain("example.com");
 
-  // TODO (bug 1290529):
-  // Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
-  //                             "a.pinning2.example.com", 0),
-  //           "a.pinning2.example.com should not be HSTS now (subdomain case)");
-  // Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
-  //                             "a.pinning2.example.com", 0),
-  //           "a.pinning2.example.com should not be HPKP now (subdomain case)");
+  Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
+                              "a.pinning2.example.com", 0),
+            "a.pinning2.example.com should not be HSTS now (subdomain case)");
+  Assert.ok(!sss.isSecureHost(Ci.nsISiteSecurityService.HEADER_HPKP,
+                              "a.pinning2.example.com", 0),
+            "a.pinning2.example.com should not be HPKP now (subdomain case)");
 });
--- a/toolkit/forgetaboutsite/ForgetAboutSite.jsm
+++ b/toolkit/forgetaboutsite/ForgetAboutSite.jsm
@@ -192,24 +192,35 @@ this.ForgetAboutSite = {
         (Components.isSuccessCode(status) ? resolve : reject)(status);
       });
     }).catch(e => {
       Cu.reportError("Exception thrown while clearing Push notifications: " +
                      e.toString());
     }));
 
     // HSTS and HPKP
-    // TODO (bug 1290529): also remove HSTS/HPKP information for subdomains.
-    // Since we can't enumerate the information in the site security service
-    // (bug 1115712), we can't implement this right now.
     try {
       let sss = Cc["@mozilla.org/ssservice;1"].
                 getService(Ci.nsISiteSecurityService);
-      sss.removeState(Ci.nsISiteSecurityService.HEADER_HSTS, httpsURI, 0);
-      sss.removeState(Ci.nsISiteSecurityService.HEADER_HPKP, httpsURI, 0);
+      for (let type of [Ci.nsISiteSecurityService.HEADER_HSTS,
+                        Ci.nsISiteSecurityService.HEADER_HPKP]) {
+        sss.removeState(type, httpsURI, 0);
+
+        // Also remove HSTS/HPKP information for subdomains by enumerating the
+        // information in the site security service.
+        let enumerator = sss.enumerate(type);
+        while (enumerator.hasMoreElements()) {
+          let entry = enumerator.getNext();
+          let hostname = entry.QueryInterface(Ci.nsISiteSecurityState).hostname;
+          if (hostname.endsWith("." + aDomain)) {
+            let uri = caUtils.makeURI("https://" + hostname);
+            sss.removeState(type, uri, 0);
+          }
+        }
+      }
     } catch (e) {
       Cu.reportError("Exception thrown while clearing HSTS/HPKP: " +
                      e.toString());
     }
 
     return Promise.all(promises);
   }
 };