Bug 1282279 - Tests that make sure user certificates are Origin Attribute aware. r=baku draft
authorJonathan Hao <jhao@mozilla.com>
Tue, 29 Nov 2016 14:21:09 +0800
changeset 445784 eba6b8e947df0fb20bd505877e2d27af46c2d835
parent 445783 ba6ee6a2c91178f260ef84a5b557671fea9e96b1
child 538611 604c5653cdf9ae8b5ac1b6d5b9b0cf3fea5d7492
push id37608
push userbmo:jhao@mozilla.com
push dateWed, 30 Nov 2016 08:00:53 +0000
reviewersbaku
bugs1282279
milestone52.0a1
Bug 1282279 - Tests that make sure user certificates are Origin Attribute aware. r=baku
browser/components/originattributes/test/browser/browser.ini
browser/components/originattributes/test/browser/browser_clientAuth.js
browser/components/originattributes/test/browser/head.js
security/manager/pki/resources/content/clientauthask.js
--- a/browser/components/originattributes/test/browser/browser.ini
+++ b/browser/components/originattributes/test/browser/browser.ini
@@ -56,8 +56,9 @@ support-files =
 [browser_favicon_firstParty.js]
 [browser_favicon_userContextId.js]
 [browser_firstPartyIsolation.js]
 [browser_localStorageIsolation.js]
 [browser_blobURLIsolation.js]
 [browser_imageCacheIsolation.js]
 [browser_sharedworker.js]
 [browser_httpauth.js]
+[browser_clientAuth.js]
new file mode 100644
--- /dev/null
+++ b/browser/components/originattributes/test/browser/browser_clientAuth.js
@@ -0,0 +1,44 @@
+let certCached = true;
+let secondTabStarted = false;
+
+function onCertDialogLoaded(subject) {
+  certCached = false;
+  // Click OK.
+  subject.acceptDialog();
+}
+
+Services.obs.addObserver(onCertDialogLoaded, "cert-dialog-loaded", false);
+
+registerCleanupFunction(() => {
+  Services.obs.removeObserver(onCertDialogLoaded, "cert-dialog-loaded");
+});
+
+function* setup() {
+  yield SpecialPowers.pushPrefEnv({
+    set: [["security.default_personal_cert", "Ask Every Time"]]
+  });
+}
+
+function getResult() {
+  // The first tab always returns true.
+  if (!secondTabStarted) {
+    certCached = true;
+    secondTabStarted = true;
+    return true;
+  }
+
+  // The second tab returns true if the cert is cached, so it will be different
+  // from the result of the first tab, and considered isolated.
+  let ret = certCached;
+  certCached = true;
+  secondTabStarted = false;
+  return ret;
+}
+
+// aGetResultImmediately must be true because we need to get the result before
+// the next tab is opened.
+IsolationTestTools.runTests("https://requireclientcert.example.com",
+                            getResult,
+                            null, // aCompareResultFunc
+                            setup, // aBeginFunc
+                            true); // aGetResultImmediately
--- a/browser/components/originattributes/test/browser/head.js
+++ b/browser/components/originattributes/test/browser/head.js
@@ -270,18 +270,21 @@ this.IsolationTestTools = {
    *    An optional function which allows modifying the way how does framework
    *    check results. This function will be provided a boolean to indicate
    *    the isolation is no or off and two results. This function should return
    *    a boolean to tell that whether isolation is working. If this function
    *    is not given, the framework will take case checking by itself.
    * @param aBeforeFunc
    *    An optional function which is called before any tabs are created so
    *    that the test case can set up/reset local state.
+   * @param aGetResultImmediately
+   *    An optional boolean to ensure we get results before the next tab is opened.
    */
-  runTests(aURL, aGetResultFuncs, aCompareResultFunc, aBeforeFunc) {
+  runTests(aURL, aGetResultFuncs, aCompareResultFunc, aBeforeFunc,
+           aGetResultImmediately) {
     let pageURL;
     let firstFrameSetting;
     let secondFrameSetting;
 
     // Request a longer timeout since the test will run a test for three times
     // with different settings. Thus, one test here represents three tests.
     // For this reason, we triple the timeout.
     requestLongerTimeout(3);
@@ -312,24 +315,31 @@ this.IsolationTestTools = {
           yield aBeforeFunc(aMode);
         }
 
         // Create Tabs.
         let tabInfoA = yield IsolationTestTools._addTab(aMode,
                                                         pageURL,
                                                         tabSettings[tabSettingA],
                                                         firstFrameSetting);
+        let resultsA = [];
+        if (aGetResultImmediately) {
+          for (let getResultFunc of aGetResultFuncs) {
+            resultsA.push(yield getResultFunc(tabInfoA.browser));
+          }
+        }
         let tabInfoB = yield IsolationTestTools._addTab(aMode,
                                                         pageURL,
                                                         tabSettings[tabSettingB],
                                                         secondFrameSetting);
-
+        let i = 0;
         for (let getResultFunc of aGetResultFuncs) {
           // Fetch results from tabs.
-          let resultA = yield getResultFunc(tabInfoA.browser);
+          let resultA = aGetResultImmediately ? resultsA[i++] :
+                        yield getResultFunc(tabInfoA.browser);
           let resultB = yield getResultFunc(tabInfoB.browser);
 
           // Compare results.
           let result = false;
           let shouldIsolate = (aMode !== TEST_MODE_NO_ISOLATION) &&
                               tabSettingA !== tabSettingB;
           if (aCompareResultFunc) {
             result = yield aCompareResultFunc(shouldIsolate, resultA, resultB);
--- a/security/manager/pki/resources/content/clientauthask.js
+++ b/security/manager/pki/resources/content/clientauthask.js
@@ -94,16 +94,19 @@ function onLoad() {
     menuItemNode.setAttribute("label", nickAndSerial); // This is displayed.
     selectElement.firstChild.appendChild(menuItemNode);
     if (i == 0) {
       selectElement.selectedItem = menuItemNode;
     }
   }
 
   setDetails();
+
+  Services.obs.notifyObservers(document.getElementById("certAuthAsk"),
+                               "cert-dialog-loaded", null);
 }
 
 /**
  * Populates the details section with information concerning the selected cert.
  */
 function setDetails() {
   let index = parseInt(document.getElementById("nicknames").value);
   let cert = certArray.queryElementAt(index, Ci.nsIX509Cert);