Bug 1220781 - Hide the exception button, not advanced section for badStsCert or cert errors in frames;r=MattN, a=ritu
authorBrian Grinstead <bgrinstead@mozilla.com>
Mon, 02 Nov 2015 16:09:16 -0800
changeset 305437 c3eed72d9e20c2744bd15a43d12ae31c23536b60
parent 305436 6a0536d2bc26a85330ec19c862902b862c4c31c0
child 305438 ce9fb5861455d8e43ceb384f9bae4ad17abfc5ed
push id1001
push userraliiev@mozilla.com
push dateMon, 18 Jan 2016 19:06:03 +0000
treeherdermozilla-release@8b89261f3ac4 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersMattN, ritu
bugs1220781
milestone44.0a2
Bug 1220781 - Hide the exception button, not advanced section for badStsCert or cert errors in frames;r=MattN, a=ritu
browser/base/content/aboutcerterror/aboutCertError.xhtml
browser/base/content/test/general/browser_aboutCertError.js
--- a/browser/base/content/aboutcerterror/aboutCertError.xhtml
+++ b/browser/base/content/aboutcerterror/aboutCertError.xhtml
@@ -90,17 +90,17 @@
         if (cssClass == "expertBadCert") {
           toggleVisibility('advancedPanel');
         }
 
         // Disallow overrides if this is a Strict-Transport-Security
         // host and the cert is bad (STS Spec section 7.3) or if the
         // certerror is in a frame (bug 633691).
         if (cssClass == "badStsCert" || window != top) {
-          document.getElementById("advancedPanel").setAttribute("hidden", "true");
+          document.getElementById("exceptionDialogButton").setAttribute("hidden", "true");
         }
         if (cssClass != "badStsCert") {
           document.getElementById("badStsCertExplanation").setAttribute("hidden", "true");
         }
 
         var tech = document.getElementById("technicalContentText");
         if (tech)
           tech.textContent = getDescription();
--- a/browser/base/content/test/general/browser_aboutCertError.js
+++ b/browser/base/content/test/general/browser_aboutCertError.js
@@ -1,16 +1,17 @@
 /* Any copyright is dedicated to the Public Domain.
  * http://creativecommons.org/publicdomain/zero/1.0/ */
 
 // This is testing the aboutCertError page (Bug 1207107).  It's a start,
-// but should be expanded to include cert_domain_link / badStsCert
+// but should be expanded to include cert_domain_link
 
 const GOOD_PAGE = "https://example.com/";
 const BAD_CERT = "https://expired.example.com/";
+const BAD_STS_CERT = "https://badchain.include-subdomains.pinning.example.com:443";
 
 add_task(function* checkReturnToAboutHome() {
   info("Loading a bad cert page directly and making sure 'return to previous page' goes to about:home");
   let browser;
   let certErrorLoaded;
   let tab = yield BrowserTestUtils.openNewForegroundTab(gBrowser, () => {
     gBrowser.selectedTab = gBrowser.addTab(BAD_CERT);
     browser = gBrowser.selectedBrowser;
@@ -63,16 +64,36 @@ add_task(function* checkReturnToPrevious
 
   is(browser.webNavigation.canGoBack, false, "!webNavigation.canGoBack");
   is(browser.webNavigation.canGoForward, true, "webNavigation.canGoForward");
   is(gBrowser.currentURI.spec, GOOD_PAGE, "Went back");
 
   gBrowser.removeCurrentTab();
 });
 
+add_task(function* checkBadStsCert() {
+  info("Loading a badStsCert and making sure exception button doesn't show up");
+  let tab = yield BrowserTestUtils.openNewForegroundTab(gBrowser, GOOD_PAGE);
+  let browser = gBrowser.selectedBrowser;
+
+  info("Loading and waiting for the cert error");
+  let certErrorLoaded = waitForCertErrorLoad(browser);
+  BrowserTestUtils.loadURI(browser, BAD_STS_CERT);
+  yield certErrorLoaded;
+
+  let exceptionButtonHidden = yield ContentTask.spawn(browser, null, function* () {
+    let doc = content.document;
+    let exceptionButton = doc.getElementById("exceptionDialogButton");
+    return exceptionButton.hidden;
+  });
+  ok(exceptionButtonHidden, "Exception button is hidden");
+
+  gBrowser.removeCurrentTab();
+});
+
 function waitForCertErrorLoad(browser) {
   return new Promise(resolve => {
     info("Waiting for DOMContentLoaded event");
     browser.addEventListener("DOMContentLoaded", function load() {
       browser.removeEventListener("DOMContentLoaded", load, false, true);
       resolve();
     }, false, true);
   });