Fixed UNTRUSTED domains accidentally set in "match HTTPS only" mode (issue #126).

author: hackademix 2019-12-29 19:39:35 +0100
committer: hackademix 2019-12-29 19:49:44 +0100
commit: eaf3c8376e6a05bd20919e0f08c356982bc6abf8 (patch)
tree: f0ae4d1b4c8d028ec51bbb30c42dcf20580d2c59 /src/test
parent: 3bf2aab0526f640555904218972c52c09cfd444c (diff)
download: noscript-eaf3c8376e6a05bd20919e0f08c356982bc6abf8.tar.gz
noscript-eaf3c8376e6a05bd20919e0f08c356982bc6abf8.tar.xz
noscript-eaf3c8376e6a05bd20919e0f08c356982bc6abf8.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/src/test/Policy_test.js b/src/test/Policy_test.js
index f12183e..5b2ecbf 100644
--- a/src/test/Policy_test.js
+++ b/src/test/Policy_test.js
@@ -9,7 +9,9 @@
   p1.set("perchè.com", p1.TRUSTED);
   p1.set("10", p1.TRUSTED);
   p1.set("192.168", p1.TRUSTED);
-  p1.set("192.168.69", p1.UNTRUSTED)
+  p1.set("192.168.69", p1.UNTRUSTED);
+  // secureDomainKey should be "downgraded" by UTRUSTED, issue #126
+  p1.set(Sites.secureDomainKey("evil.com"), p1.UNTRUSTED);
   let p2 = new Policy(p1.dry());
   debug("p1", JSON.stringify(p1.dry()));
   debug("p2", JSON.stringify(p2.dry()));
@@ -31,7 +33,8 @@
     () => !p1.can("https://192.168.69.1"),
     () => !p1.can("https://10.0.0.1"),
     () => p1.can("http://192.168.1.2"),
-    () => p1.can("http://some.onion")
+    () => p1.can("http://some.onion"),
+    () => !p1.can("http://evil.com"),
   ]) Test.run(t);
   Sites.onionSecure = onionSecureCurrent;
   Test.report();
author	hackademix	2019-12-29 19:39:35 +0100
committer	hackademix	2019-12-29 19:49:44 +0100
commit	eaf3c8376e6a05bd20919e0f08c356982bc6abf8 (patch)
tree	f0ae4d1b4c8d028ec51bbb30c42dcf20580d2c59 /src/test
parent	3bf2aab0526f640555904218972c52c09cfd444c (diff)
download	noscript-eaf3c8376e6a05bd20919e0f08c356982bc6abf8.tar.gz noscript-eaf3c8376e6a05bd20919e0f08c356982bc6abf8.tar.xz noscript-eaf3c8376e6a05bd20919e0f08c356982bc6abf8.zip