1627972 - Investigate why dom/security/test/csp/test_upgrade_insecure.html is not working if we do not enforce contentSecurity Checks in the DocumentChannelChild

Status: RESOLVED FIXED

(Core :: DOM: Security, task, P2)

Comment 1

[Christoph Kerschbaumer [:ckerschb]]

Let's investigate why that test is not working when we remove the doContentSecurityCheck call from within https://searchfox.org/mozilla-central/rev/4d2a9d5dc8f0e65807ee66e2b04c64596c643b7a/netwerk/ipc/DocumentChannelChild.cpp#47

See try:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=bba531b8f67ffba38bfbc94a0c374f65e21d826b&selectedJob=295880241

Comment 2

[Christoph Kerschbaumer [:ckerschb]]

I think this one will be fixed by Bug 1638711. Marking the dependency so we can re-evaluate one Bug 1638711 has landed.

Comment 3

[Chris Peterson [:cpeterson]]

(In reply to Christoph Kerschbaumer [:ckerschb] from comment #2)

I think this one will be fixed by Bug 1638711. Marking the dependency so we can re-evaluate one Bug 1638711 has landed.

Christoph, the fix for bug 1638711 landed, so this test is ready to be re-evaluated.

I assume this bug should block enabling Fission in Nightly because it blocks fission-dom-security meta bug 1584991.

Looks like this test is skipped on all platforms except opt Linux (due to SSL issues with the test runner?):

[test_upgrade_insecure.html]
# no ssl support as well as websocket tests do not work (see test_websocket.html)
skip-if = (os != 'linux' && !debug) # Bug 1183300

https://searchfox.org/mozilla-central/rev/46e3b1ce2cc120a188f6940b5c6eab6b24530e4f/dom/security/test/csp/mochitest.ini#302-304

Comment 4

[Christoph Kerschbaumer [:ckerschb]]

Generally we re-enabled test_upgrade_insecure.html for fission within this patch in Bug 1584992. The skip-if = (os != 'linux' && !debug) # Bug 1183300 was pre-existing and I filed this bug to check why it was failing before bug 1638711 got fixed.

Two options:
(a) Try run confirms we can enable the test on all platforms (which could work because similar https-only tests are also enabled on all platforms).
(b) This renders as a WONTFIX, because it's enabled for fission and the skip-if was pre-existing.

https://treeherder.mozilla.org/#/jobs?repo=try&revision=6975cad3598bc5bc02e329989a4dd2fe63a13fa1

Comment 5

[Christoph Kerschbaumer [:ckerschb]]

Attachment: Bug 1627972: Re-enable test_upgrade_insecure.html on all platform. r=cpeterson

Comment 6

[Pulsebot]

Pushed by cbrindusan@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/48cbae48ca79
Re-enable test_upgrade_insecure.html on all platform. r=baku

Comment 7

[Cristian Brindusan [:cbrindusan]]

https://hg.mozilla.org/mozilla-central/rev/48cbae48ca79