1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // Include test fixture.
6 GEN_INCLUDE(['net_internals_test.js']);
12 * A valid hash that can be set for a domain.
15 var VALID_HASH = 'sha1/Guzek9lMwR3KeIS8wwS9gBvVtIg=';
18 * An invalid hash that can't be set for a domain.
21 var INVALID_HASH = 'invalid';
24 * Possible results of an HSTS query.
27 var QueryResultType = {
34 * A Task that waits for the results of an HSTS query. Once the results are
35 * received, checks them before completing. Does not initiate the query.
36 * @param {string} domain The domain expected in the returned results.
37 * @param {bool} stsSubdomains Whether or not the stsSubdomains flag is expected
38 * to be set in the returned results. Ignored on error and not found
40 * @param {bool} pkpSubdomains Whether or not the pkpSubdomains flag is expected
41 * to be set in the returned results. Ignored on error and not found
43 * @param {number} stsObserved The time the STS policy was observed.
44 * @param {number} pkpObserved The time the PKP policy was observed.
45 * @param {string} publicKeyHashes Expected public key hashes. Ignored on error
46 * error and not found results.
47 * @param {QueryResultType} queryResultType The expected result type of the
48 * results of the query.
49 * @extends {NetInternalsTest.Task}
51 function CheckQueryResultTask(domain, stsSubdomains, pkpSubdomains,
52 stsObserved, pkpObserved, publicKeyHashes,
54 this.domain_ = domain;
55 this.stsSubdomains_ = stsSubdomains;
56 this.pkpSubdomains_ = pkpSubdomains;
57 this.stsObserved_ = stsObserved;
58 this.pkpObserved_ = pkpObserved;
59 this.publicKeyHashes_ = publicKeyHashes;
60 this.queryResultType_ = queryResultType;
61 NetInternalsTest.Task.call(this);
64 CheckQueryResultTask.prototype = {
65 __proto__: NetInternalsTest.Task.prototype,
68 * Starts watching for the query results.
71 g_browser.addHSTSObserver(this);
75 * Callback from the BrowserBridge. Validates |result| and completes the
77 * @param {object} result Results from the query.
79 onHSTSQueryResult: function(result) {
80 // Ignore results after |this| is finished.
82 expectEquals(this.domain_, $(HSTSView.QUERY_INPUT_ID).value);
84 // Each case has its own validation function because of the design of the
85 // test reporting infrastructure.
86 if (result.error != undefined) {
87 this.checkError_(result);
88 } else if (!result.result) {
89 this.checkNotFound_(result);
91 this.checkSuccess_(result);
93 this.running_ = false;
95 // Start the next task asynchronously, so it can add another HSTS observer
96 // without getting the current result.
97 window.setTimeout(this.onTaskDone.bind(this), 1);
102 * On errors, checks the result.
103 * @param {object} result Results from the query.
105 checkError_: function(result) {
106 expectEquals(QueryResultType.ERROR, this.queryResultType_);
107 expectEquals(result.error, $(HSTSView.QUERY_OUTPUT_DIV_ID).innerText);
111 * Checks the result when the entry was not found.
112 * @param {object} result Results from the query.
114 checkNotFound_: function(result) {
115 expectEquals(QueryResultType.NOT_FOUND, this.queryResultType_);
116 expectEquals('Not found', $(HSTSView.QUERY_OUTPUT_DIV_ID).innerText);
120 * Checks successful results.
121 * @param {object} result Results from the query.
123 checkSuccess_: function(result) {
124 expectEquals(QueryResultType.SUCCESS, this.queryResultType_);
125 expectEquals(this.stsSubdomains_, result.dynamic_sts_include_subdomains);
126 expectEquals(this.pkpSubdomains_, result.dynamic_pkp_include_subdomains);
127 expectLE(this.stsObserved_, result.dynamic_sts_observed);
128 expectLE(this.pkpObserved_, result.dynamic_pkp_observed);
130 // |public_key_hashes| is an old synonym for what is now
131 // |preloaded_spki_hashes|, which in turn is a legacy synonym for
132 // |static_spki_hashes|. Look for all three, and also for
133 // |dynamic_spki_hashes|.
134 if (typeof result.public_key_hashes === 'undefined')
135 result.public_key_hashes = '';
136 if (typeof result.preloaded_spki_hashes === 'undefined')
137 result.preloaded_spki_hashes = '';
138 if (typeof result.static_spki_hashes === 'undefined')
139 result.static_spki_hashes = '';
140 if (typeof result.dynamic_spki_hashes === 'undefined')
141 result.dynamic_spki_hashes = '';
144 if (result.public_key_hashes)
145 hashes.push(result.public_key_hashes);
146 if (result.preloaded_spki_hashes)
147 hashes.push(result.preloaded_spki_hashes);
148 if (result.static_spki_hashes)
149 hashes.push(result.static_spki_hashes);
150 if (result.dynamic_spki_hashes)
151 hashes.push(result.dynamic_spki_hashes);
153 expectEquals(this.publicKeyHashes_, hashes.join(','));
155 // Verify that the domain appears somewhere in the displayed text.
156 outputText = $(HSTSView.QUERY_OUTPUT_DIV_ID).innerText;
157 expectLE(0, outputText.search(this.domain_));
162 * A Task to try and add an HSTS domain via the HTML form. The task will wait
163 * until the results from the automatically sent query have been received, and
164 * then checks them against the expected values.
165 * @param {string} domain The domain to send and expected to be returned.
166 * @param {bool} stsSubdomains Whether the HSTS subdomain checkbox should be
167 * selected. Also the corresponding expected return value, in the success
169 * @param {bool} pkpSubdomains Whether the pinning subdomain checkbox should be
170 * selected. Also the corresponding expected return value, in the success
172 * @param {number} stsObserved The time the STS policy was observed.
173 * @param {number} pkpObserved The time the PKP policy was observed.
174 * @param {string} publicKeyHashes Public key hash to send. Also the
175 * corresponding expected return value, on success. When this is the string
176 * INVALID_HASH, an empty string is expected to be received instead.
177 * @param {QueryResultType} queryResultType Expected result type.
178 * @extends {CheckQueryResultTask}
180 function AddTask(domain, stsSubdomains, pkpSubdomains, publicKeyHashes,
181 stsObserved, pkpObserved, queryResultType) {
182 this.requestedPublicKeyHashes_ = publicKeyHashes;
183 if (publicKeyHashes == INVALID_HASH)
184 publicKeyHashes = '';
185 CheckQueryResultTask.call(this, domain, stsSubdomains, pkpSubdomains,
186 stsObserved, pkpObserved, publicKeyHashes,
190 AddTask.prototype = {
191 __proto__: CheckQueryResultTask.prototype,
194 * Fills out the add form, simulates a click to submit it, and starts
195 * listening for the results of the query that is automatically submitted.
198 $(HSTSView.ADD_INPUT_ID).value = this.domain_;
199 $(HSTSView.ADD_STS_CHECK_ID).checked = this.stsSubdomains_;
200 $(HSTSView.ADD_PKP_CHECK_ID).checked = this.pkpSubdomains_;
201 $(HSTSView.ADD_PINS_ID).value = this.requestedPublicKeyHashes_;
202 $(HSTSView.ADD_SUBMIT_ID).click();
203 CheckQueryResultTask.prototype.start.call(this);
208 * A Task to query a domain and wait for the results. Parameters mirror those
209 * of CheckQueryResultTask, except |domain| is also the name of the domain to
211 * @extends {CheckQueryResultTask}
213 function QueryTask(domain, stsSubdomains, pkpSubdomains, stsObserved,
214 pkpObserved, publicKeyHashes, queryResultType) {
215 CheckQueryResultTask.call(this, domain, stsSubdomains, pkpSubdomains,
216 stsObserved, pkpObserved, publicKeyHashes,
220 QueryTask.prototype = {
221 __proto__: CheckQueryResultTask.prototype,
224 * Fills out the query form, simulates a click to submit it, and starts
225 * listening for the results.
228 CheckQueryResultTask.prototype.start.call(this);
229 $(HSTSView.QUERY_INPUT_ID).value = this.domain_;
230 $(HSTSView.QUERY_SUBMIT_ID).click();
235 * Task that deletes a single domain, then queries the deleted domain to make
237 * @param {string} domain The domain to delete.
238 * @param {QueryResultType} queryResultType The result of the query. Can be
239 * QueryResultType.ERROR or QueryResultType.NOT_FOUND.
240 * @extends {QueryTask}
242 function DeleteTask(domain, queryResultType) {
243 expectNotEquals(queryResultType, QueryResultType.SUCCESS);
244 this.domain_ = domain;
245 QueryTask.call(this, domain, false, false, '', 0, 0, queryResultType);
248 DeleteTask.prototype = {
249 __proto__: QueryTask.prototype,
252 * Fills out the delete form and simulates a click to submit it. Then sends
256 $(HSTSView.DELETE_INPUT_ID).value = this.domain_;
257 $(HSTSView.DELETE_SUBMIT_ID).click();
258 QueryTask.prototype.start.call(this);
263 * Checks that querying a domain that was never added fails.
265 TEST_F('NetInternalsTest', 'netInternalsHSTSViewQueryNotFound', function() {
266 NetInternalsTest.switchToView('hsts');
267 taskQueue = new NetInternalsTest.TaskQueue(true);
268 var now = new Date().getTime() / 1000.0;
269 taskQueue.addTask(new QueryTask('somewhere.com', false, false, now, now, '',
270 QueryResultType.NOT_FOUND));
275 * Checks that querying a domain with an invalid name returns an error.
277 TEST_F('NetInternalsTest', 'netInternalsHSTSViewQueryError', function() {
278 NetInternalsTest.switchToView('hsts');
279 taskQueue = new NetInternalsTest.TaskQueue(true);
280 var now = new Date().getTime() / 1000.0;
281 taskQueue.addTask(new QueryTask('\u3024', false, false, now, now, '',
282 QueryResultType.ERROR));
287 * Deletes a domain that was never added.
289 TEST_F('NetInternalsTest', 'netInternalsHSTSViewDeleteNotFound', function() {
290 NetInternalsTest.switchToView('hsts');
291 taskQueue = new NetInternalsTest.TaskQueue(true);
292 taskQueue.addTask(new DeleteTask('somewhere.com', QueryResultType.NOT_FOUND));
297 * Deletes a domain that returns an error on lookup.
299 TEST_F('NetInternalsTest', 'netInternalsHSTSViewDeleteError', function() {
300 NetInternalsTest.switchToView('hsts');
301 taskQueue = new NetInternalsTest.TaskQueue(true);
302 taskQueue.addTask(new DeleteTask('\u3024', QueryResultType.ERROR));
307 * Adds a domain and then deletes it.
309 TEST_F('NetInternalsTest', 'netInternalsHSTSViewAddDelete', function() {
310 NetInternalsTest.switchToView('hsts');
311 taskQueue = new NetInternalsTest.TaskQueue(true);
312 var now = new Date().getTime() / 1000.0;
313 taskQueue.addTask(new AddTask('somewhere.com', false, false, VALID_HASH,
314 now, now, QueryResultType.SUCCESS));
315 taskQueue.addTask(new DeleteTask('somewhere.com', QueryResultType.NOT_FOUND));
320 * Tries to add a domain with an invalid name.
322 TEST_F('NetInternalsTest', 'netInternalsHSTSViewAddFail', function() {
323 NetInternalsTest.switchToView('hsts');
324 taskQueue = new NetInternalsTest.TaskQueue(true);
325 var now = new Date().getTime() / 1000.0;
326 taskQueue.addTask(new AddTask('0123456789012345678901234567890' +
327 '012345678901234567890123456789012345',
328 false, false, '', now, now,
329 QueryResultType.NOT_FOUND));
334 * Tries to add a domain with a name that errors out on lookup due to having
335 * non-ASCII characters in it.
337 TEST_F('NetInternalsTest', 'netInternalsHSTSViewAddError', function() {
338 NetInternalsTest.switchToView('hsts');
339 taskQueue = new NetInternalsTest.TaskQueue(true);
340 var now = new Date().getTime() / 1000.0;
341 taskQueue.addTask(new AddTask('\u3024', false, false, '', now, now,
342 QueryResultType.ERROR));
347 * Adds a domain with an invalid hash.
349 TEST_F('NetInternalsTest', 'netInternalsHSTSViewAddInvalidHash', function() {
350 NetInternalsTest.switchToView('hsts');
351 taskQueue = new NetInternalsTest.TaskQueue(true);
352 var now = new Date().getTime() / 1000.0;
353 taskQueue.addTask(new AddTask('somewhere.com', true, true, INVALID_HASH,
354 now, now, QueryResultType.SUCCESS));
355 taskQueue.addTask(new DeleteTask('somewhere.com', QueryResultType.NOT_FOUND));
360 * Adds the same domain twice in a row, modifying some values the second time.
362 TEST_F('NetInternalsTest', 'netInternalsHSTSViewAddOverwrite', function() {
363 NetInternalsTest.switchToView('hsts');
364 taskQueue = new NetInternalsTest.TaskQueue(true);
365 var now = new Date().getTime() / 1000.0;
366 taskQueue.addTask(new AddTask('somewhere.com', true, true, VALID_HASH,
367 now, now, QueryResultType.SUCCESS));
368 taskQueue.addTask(new AddTask('somewhere.com', false, false, '',
369 now, now, QueryResultType.SUCCESS));
370 taskQueue.addTask(new DeleteTask('somewhere.com', QueryResultType.NOT_FOUND));
375 * Adds two different domains and then deletes them.
377 TEST_F('NetInternalsTest', 'netInternalsHSTSViewAddTwice', function() {
378 NetInternalsTest.switchToView('hsts');
379 taskQueue = new NetInternalsTest.TaskQueue(true);
380 var now = new Date().getTime() / 1000.0;
381 taskQueue.addTask(new AddTask('somewhere.com', false, false, VALID_HASH,
382 now, now, QueryResultType.SUCCESS));
383 taskQueue.addTask(new QueryTask('somewhereelse.com', false, false, now, now,
384 '', QueryResultType.NOT_FOUND));
385 taskQueue.addTask(new AddTask('somewhereelse.com', true, true, '',
386 now, now, QueryResultType.SUCCESS));
387 taskQueue.addTask(new QueryTask('somewhere.com', false, false, now, now,
388 VALID_HASH, QueryResultType.SUCCESS));
389 taskQueue.addTask(new DeleteTask('somewhere.com', QueryResultType.NOT_FOUND));
390 taskQueue.addTask(new QueryTask('somewhereelse.com', true, true, now, now, '',
391 QueryResultType.SUCCESS));
392 taskQueue.addTask(new DeleteTask('somewhereelse.com',
393 QueryResultType.NOT_FOUND));
397 })(); // Anonymous namespace