--- a/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
+++ b/security/manager/ssl/tests/unit/sss_readstate_child_worker.js
@@ -5,21 +5,21 @@ function run_test() {
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"expired.example.com", 0));
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"notexpired.example.com", 0));
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.bugzilla.mozilla.org", 0));
+ "sub.includesubdomains.preloaded.test", 0));
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"incsubdomain.example.com", 0));
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"sub.incsubdomain.example.com", 0));
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
+ "includesubdomains2.preloaded.test", 0));
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.login.persona.org", 0));
+ "sub.includesubdomains2.preloaded.test", 0));
do_test_finished();
}
--- a/security/manager/ssl/tests/unit/test_sss_readstate.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate.js
@@ -19,64 +19,64 @@ function checkStateRead(aSubject, aTopic
equal(aData, SSS_STATE_FILE_NAME);
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"expired.example.com", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"notexpired.example.com", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.bugzilla.mozilla.org", 0));
+ "sub.includesubdomains.preloaded.test", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"incsubdomain.example.com", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"sub.incsubdomain.example.com", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
+ "includesubdomains2.preloaded.test", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.login.persona.org", 0));
+ "sub.includesubdomains2.preloaded.test", 0));
// Clearing the data should make everything go back to default.
gSSService.clearAll();
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"expired.example.com", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"notexpired.example.com", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.bugzilla.mozilla.org", 0));
+ "sub.includesubdomains.preloaded.test", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"incsubdomain.example.com", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"sub.incsubdomain.example.com", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
+ "includesubdomains2.preloaded.test", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sub.login.persona.org", 0));
+ "sub.includesubdomains2.preloaded.test", 0));
do_test_finished();
}
function run_test() {
let profileDir = do_get_profile();
let stateFile = profileDir.clone();
stateFile.append(SSS_STATE_FILE_NAME);
// Assuming we're working with a clean slate, the file shouldn't exist
// until we create it.
ok(!stateFile.exists());
let outputStream = FileUtils.openFileOutputStream(stateFile);
let now = (new Date()).getTime();
writeLine("expired.example.com:HSTS\t0\t0\t" + (now - 100000) + ",1,0\n", outputStream);
writeLine("notexpired.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
// This overrides an entry on the preload list.
- writeLine("bugzilla.mozilla.org:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
+ writeLine("includesubdomains.preloaded.test:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
writeLine("incsubdomain.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,1\n", outputStream);
// This overrides an entry on the preload list.
- writeLine("login.persona.org:HSTS\t0\t0\t0,2,0\n", outputStream);
+ writeLine("includesubdomains2.preloaded.test:HSTS\t0\t0\t0,2,0\n", outputStream);
outputStream.close();
Services.obs.addObserver(checkStateRead, "data-storage-ready", false);
do_test_pending();
gSSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
notEqual(gSSService, null);
}
--- a/security/manager/ssl/tests/unit/test_sss_readstate_child.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_child.js
@@ -23,19 +23,19 @@ function run_test() {
// Assuming we're working with a clean slate, the file shouldn't exist
// until we create it.
ok(!stateFile.exists());
let outputStream = FileUtils.openFileOutputStream(stateFile);
let now = (new Date()).getTime();
writeLine("expired.example.com:HSTS\t0\t0\t" + (now - 100000) + ",1,0\n", outputStream);
writeLine("notexpired.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
// This overrides an entry on the preload list.
- writeLine("bugzilla.mozilla.org:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
+ writeLine("includesubdomains.preloaded.test:HSTS\t0\t0\t" + (now + 100000) + ",1,0\n", outputStream);
writeLine("incsubdomain.example.com:HSTS\t0\t0\t" + (now + 100000) + ",1,1\n", outputStream);
// This overrides an entry on the preload list.
- writeLine("login.persona.org:HSTS\t0\t0\t0,2,0\n", outputStream);
+ writeLine("includesubdomains2.preloaded.test:HSTS\t0\t0\t0,2,0\n", outputStream);
outputStream.close();
Services.obs.addObserver(start_test_in_child, "data-storage-ready", false);
do_test_pending();
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
notEqual(SSService, null);
}
--- a/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
+++ b/security/manager/ssl/tests/unit/test_sss_readstate_empty.js
@@ -7,19 +7,18 @@
// file and see that the site security service doesn't fail when reading it.
var gSSService = null;
function checkStateRead(aSubject, aTopic, aData) {
// nonexistent.example.com should never be an HSTS host
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"nonexistent.example.com", 0));
- // bugzilla.mozilla.org is preloaded
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
// notexpired.example.com is an HSTS host in a different test - we
// want to make sure that test hasn't interfered with this one.
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
"notexpired.example.com", 0));
do_test_finished();
}
function run_test() {
--- a/security/manager/ssl/tests/unit/test_sss_savestate.js
+++ b/security/manager/ssl/tests/unit/test_sss_savestate.js
@@ -49,20 +49,20 @@ function checkStateWritten(aSubject, aTo
// We can receive multiple data-storage-written events. In particular, we
// may receive one where DataStorage wrote out data before we were done
// processing all of our headers. In this case, the data may not be
// as we expect. We only care about the final one being correct, however,
// so we return and wait for the next event if things aren't as we expect.
// sites[url][1] corresponds to SecurityPropertySet (if 1) and
// SecurityPropertyUnset (if 0)
// sites[url][2] corresponds to includeSubdomains
- if (sites["bugzilla.mozilla.org:HSTS"][1] != 1) {
+ if (sites["includesubdomains.preloaded.test:HSTS"][1] != 1) {
return;
}
- if (sites["bugzilla.mozilla.org:HSTS"][2] != 0) {
+ if (sites["includesubdomains.preloaded.test:HSTS"][2] != 0) {
return;
}
if (sites["a.example.com:HSTS"][1] != 1) {
return;
}
if (sites["a.example.com:HSTS"][2] != 1) {
return;
}
@@ -100,17 +100,17 @@ function run_test() {
gProfileDir = do_get_profile();
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
// Put an HPKP entry
SSService.setKeyPins("dynamic-pin.example.com", true,
new Date().getTime() + 1000000, 1,
[NON_ISSUED_KEY_HASH]);
- let uris = [ Services.io.newURI("http://bugzilla.mozilla.org", null, null),
+ let uris = [ Services.io.newURI("http://includesubdomains.preloaded.test", null, null),
Services.io.newURI("http://a.example.com", null, null),
Services.io.newURI("http://b.example.com", null, null),
Services.io.newURI("http://c.c.example.com", null, null),
Services.io.newURI("http://d.example.com", null, null) ];
for (let i = 0; i < 1000; i++) {
let uriIndex = i % uris.length;
// vary max-age
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_perwindowpb.js
@@ -1,13 +1,8 @@
-// This test attempts to use only domains that are likely to remain on the
-// preload list for a long time. Currently this includes bugzilla.mozilla.org
-// and login.persona.org because they are Mozilla properties and we are
-// invested in HSTS. Additionally, www.torproject.org was deemed likely to
-// continue to use HSTS.
"use strict";
var gSSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
function Observer() {}
Observer.prototype = {
observe: function(subject, topic, data) {
@@ -34,189 +29,189 @@ function run_test() {
add_test(test_private_browsing2);
run_next_test();
}
function test_part1() {
// check that a host not in the list is not identified as an sts host
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "nonexistent.mozilla.com", 0));
+ "nonexistent.example.com", 0));
// check that an ancestor domain is not identified as an sts host
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS, "com", 0));
// check that the pref to toggle using the preload list works
Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", false);
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
Services.prefs.setBoolPref("network.stricttransportsecurity.preloadlist", true);
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
// check that a subdomain is an sts host (includeSubdomains is set)
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ "subdomain.includesubdomains.preloaded.test", 0));
// check that another subdomain is an sts host (includeSubdomains is set)
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.b.c.def.bugzilla.mozilla.org", 0));
+ "a.b.c.def.includesubdomains.preloaded.test", 0));
// check that a subdomain is not an sts host (includeSubdomains is not set)
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.www.torproject.org", 0));
+ "subdomain.noincludesubdomains.preloaded.test", 0));
// check that a host with a dot on the end won't break anything
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "notsts.nonexistent.mozilla.com.", 0));
+ "notsts.nonexistent.example.com.", 0));
// check that processing a header with max-age: 0 will remove a preloaded
// site from the list
- let uri = Services.io.newURI("http://bugzilla.mozilla.org", null, null);
+ let uri = Services.io.newURI("http://includesubdomains.preloaded.test", null, null);
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, 0);
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ "subdomain.includesubdomains.preloaded.test", 0));
// check that processing another header (with max-age non-zero) will
// re-enable a site's sts status
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000", sslStatus, 0);
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
// but this time include subdomains was not set, so test for that
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ "subdomain.includesubdomains.preloaded.test", 0));
gSSService.clearAll();
// check that processing a header with max-age: 0 from a subdomain of a site
// will not remove that (ancestor) site from the list
- uri = Services.io.newURI("http://subdomain.www.torproject.org", null, null);
+ uri = Services.io.newURI("http://subdomain.noincludesubdomains.preloaded.test", null, null);
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, 0);
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "www.torproject.org", 0));
+ "noincludesubdomains.preloaded.test", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.www.torproject.org", 0));
+ "subdomain.noincludesubdomains.preloaded.test", 0));
- uri = Services.io.newURI("http://subdomain.bugzilla.mozilla.org", null, null);
+ uri = Services.io.newURI("http://subdomain.includesubdomains.preloaded.test", null, null);
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, 0);
// we received a header with "max-age=0", so we have "no information"
- // regarding the sts state of subdomain.bugzilla.mozilla.org specifically,
+ // regarding the sts state of subdomain.includesubdomains.preloaded.test specifically,
// but it is actually still an STS host, because of the preloaded
- // bugzilla.mozilla.org including subdomains.
+ // includesubdomains.preloaded.test including subdomains.
// Here's a drawing:
- // |-- bugzilla.mozilla.org (in preload list, includes subdomains) IS sts host
- // |-- subdomain.bugzilla.mozilla.org IS sts host
- // | `-- another.subdomain.bugzilla.mozilla.org IS sts host
- // `-- sibling.bugzilla.mozilla.org IS sts host
+ // |-- includesubdomains.preloaded.test (in preload list, includes subdomains) IS sts host
+ // |-- subdomain.includesubdomains.preloaded.test IS sts host
+ // | `-- another.subdomain.includesubdomains.preloaded.test IS sts host
+ // `-- sibling.includesubdomains.preloaded.test IS sts host
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ "subdomain.includesubdomains.preloaded.test", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sibling.bugzilla.mozilla.org", 0));
+ "sibling.includesubdomains.preloaded.test", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "another.subdomain.bugzilla.mozilla.org", 0));
+ "another.subdomain.includesubdomains.preloaded.test", 0));
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000", sslStatus, 0);
// Here's what we have now:
- // |-- bugzilla.mozilla.org (in preload list, includes subdomains) IS sts host
- // |-- subdomain.bugzilla.mozilla.org (include subdomains is false) IS sts host
- // | `-- another.subdomain.bugzilla.mozilla.org IS NOT sts host
- // `-- sibling.bugzilla.mozilla.org IS sts host
+ // |-- includesubdomains.preloaded.test (in preload list, includes subdomains) IS sts host
+ // |-- subdomain.includesubdomains.preloaded.test (include subdomains is false) IS sts host
+ // | `-- another.subdomain.includesubdomains.preloaded.test IS NOT sts host
+ // `-- sibling.includesubdomains.preloaded.test IS sts host
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ "subdomain.includesubdomains.preloaded.test", 0));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "sibling.bugzilla.mozilla.org", 0));
+ "sibling.includesubdomains.preloaded.test", 0));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "another.subdomain.bugzilla.mozilla.org", 0));
+ "another.subdomain.includesubdomains.preloaded.test", 0));
// Test that an expired non-private browsing entry results in correctly
// identifying a host that is on the preload list as no longer sts.
// (This happens when we're in regular browsing mode, we get a header from
// a site on the preload list, and that header later expires. We need to
// then treat that host as no longer an sts host.)
// (sanity check first - this should be in the preload list)
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
- uri = Services.io.newURI("http://login.persona.org", null, null);
+ "includesubdomains2.preloaded.test", 0));
+ uri = Services.io.newURI("http://includesubdomains2.preloaded.test", null, null);
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1", sslStatus, 0);
do_timeout(1250, function() {
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
+ "includesubdomains2.preloaded.test", 0));
run_next_test();
});
}
const IS_PRIVATE = Ci.nsISocketProvider.NO_PERMANENT_STORAGE;
function test_private_browsing1() {
gSSService.clearAll();
- // sanity - bugzilla.mozilla.org is preloaded, includeSubdomains set
+ // sanity - includesubdomains.preloaded.test is preloaded, includeSubdomains set
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", IS_PRIVATE));
+ "includesubdomains.preloaded.test", IS_PRIVATE));
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.b.c.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
+ "a.b.c.subdomain.includesubdomains.preloaded.test", IS_PRIVATE));
- let uri = Services.io.newURI("http://bugzilla.mozilla.org", null, null);
+ let uri = Services.io.newURI("http://includesubdomains.preloaded.test", null, null);
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, IS_PRIVATE);
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", IS_PRIVATE));
+ "includesubdomains.preloaded.test", IS_PRIVATE));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "a.b.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
+ "a.b.subdomain.includesubdomains.preloaded.test", IS_PRIVATE));
// check adding it back in
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1000", sslStatus, IS_PRIVATE);
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", IS_PRIVATE));
+ "includesubdomains.preloaded.test", IS_PRIVATE));
// but no includeSubdomains this time
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "b.subdomain.bugzilla.mozilla.org", IS_PRIVATE));
+ "b.subdomain.includesubdomains.preloaded.test", IS_PRIVATE));
// do the hokey-pokey...
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=0", sslStatus, IS_PRIVATE);
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", IS_PRIVATE));
+ "includesubdomains.preloaded.test", IS_PRIVATE));
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", IS_PRIVATE));
+ "subdomain.includesubdomains.preloaded.test", IS_PRIVATE));
// Test that an expired private browsing entry results in correctly
// identifying a host that is on the preload list as no longer sts.
// (This happens when we're in private browsing mode, we get a header from
// a site on the preload list, and that header later expires. We need to
// then treat that host as no longer an sts host.)
// (sanity check first - this should be in the preload list)
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", IS_PRIVATE));
- uri = Services.io.newURI("http://login.persona.org", null, null);
+ "includesubdomains2.preloaded.test", IS_PRIVATE));
+ uri = Services.io.newURI("http://includesubdomains2.preloaded.test", null, null);
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS, uri,
"max-age=1", sslStatus, IS_PRIVATE);
do_timeout(1250, function() {
ok(!gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", IS_PRIVATE));
+ "includesubdomains2.preloaded.test", IS_PRIVATE));
// Simulate leaving private browsing mode
Services.obs.notifyObservers(null, "last-pb-context-exited", null);
});
}
function test_private_browsing2() {
// if this test gets this far, it means there's a private browsing service
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
- // the bugzilla.mozilla.org entry has includeSubdomains set
+ "includesubdomains.preloaded.test", 0));
+ // the includesubdomains.preloaded.test entry has includeSubdomains set
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "subdomain.bugzilla.mozilla.org", 0));
+ "subdomain.includesubdomains.preloaded.test", 0));
// Now that we're out of private browsing mode, we need to make sure
// we've "forgotten" that we "forgot" this site's sts status.
ok(gSSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "login.persona.org", 0));
+ "includesubdomains2.preloaded.test", 0));
run_next_test();
}
--- a/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
+++ b/security/manager/ssl/tests/unit/test_sts_preloadlist_selfdestruct.js
@@ -1,25 +1,23 @@
-// This test uses bugzilla.mozilla.org given that it is likely to remain
-// on the preload list for a long time.
"use strict";
function run_test() {
let SSService = Cc["@mozilla.org/ssservice;1"]
.getService(Ci.nsISiteSecurityService);
// check that a host on the preload list is identified as an sts host
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
// now simulate that it's 19 weeks later than it actually is
let offsetSeconds = 19 * 7 * 24 * 60 * 60;
Services.prefs.setIntPref("test.currentTimeOffsetSeconds", offsetSeconds);
// check that the preloaded host is no longer considered sts
ok(!SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
// just make sure we can get everything back to normal
Services.prefs.clearUserPref("test.currentTimeOffsetSeconds");
ok(SSService.isSecureHost(Ci.nsISiteSecurityService.HEADER_HSTS,
- "bugzilla.mozilla.org", 0));
+ "includesubdomains.preloaded.test", 0));
}
--- a/security/manager/ssl/tests/unit/xpcshell.ini
+++ b/security/manager/ssl/tests/unit/xpcshell.ini
@@ -122,32 +122,28 @@ requesttimeoutfactor = 2
[test_session_resumption.js]
run-sequentially = hardcoded ports
[test_signed_apps.js]
[test_signed_apps-marketplace.js]
[test_signed_dir.js]
tags = addons psm
[test_sss_eviction.js]
[test_sss_readstate.js]
-skip-if = true # bug 1350599
[test_sss_readstate_child.js]
support-files = sss_readstate_child_worker.js
# bug 1124289 - run_test_in_child violates the sandbox on android
skip-if = toolkit == 'android'
[test_sss_readstate_empty.js]
-skip-if = true # bug 1350599
[test_sss_readstate_garbage.js]
[test_sss_readstate_huge.js]
[test_sss_savestate.js]
[test_startcom_wosign.js]
[test_sts_fqdn.js]
[test_sts_holepunch.js]
[test_sts_ipv4_ipv6.js]
[test_sts_preloadlist_perwindowpb.js]
-skip-if = true # bug 1350599
[test_sts_preloadlist_selfdestruct.js]
-skip-if = true # bug 1350599
[test_validity.js]
run-sequentially = hardcoded ports
[test_x509.js]
# The TLS error reporting functionality lives in /toolkit but needs tlsserver
[test_toolkit_securityreporter.js]
