|
| 1 | +# Tests for HTTPS Everywhere |
| 2 | + |
| 3 | +# Running |
| 4 | + bash test.sh |
| 5 | + |
| 6 | +# Requirements |
| 7 | + |
| 8 | +- Python 2.7 |
| 9 | +- Selenium |
| 10 | + - Install Selenium as a python package using ```pip install selenium```, or run install-dev-dependencies.sh and it will do the job |
| 11 | +- GeckoDriver |
| 12 | + - Manually download GeckoDriver from https://github.com/mozilla/geckodriver/releases. Extract the executable to /usr/bin/, so that the pasted executable's full path becomes /usr/bin/geckodriver. |
| 13 | + |
| 14 | +# Manual tests |
| 15 | + |
| 16 | +These are test cases to execute manually before a release, and we should |
| 17 | +implement them as automated tests: |
| 18 | + |
| 19 | +# Firefox |
| 20 | +- Visit a site that triggers a ruleset (e.g., Reddit.com). Verify counter appears on HTTPS |
| 21 | + Everywhere icon. |
| 22 | +- Click HTTPS Everywhere icon menu, click 'show counter'. Verify counter |
| 23 | + disappears. Verify checkmark disappears from menu item. |
| 24 | +- Click HTTPS Everywhere icon, verify ruleset shows up in green. |
| 25 | +- Click ruleset. |
| 26 | +- Reopen HTTPS Everywhere icon menu, verify ruleset shows up in grey. |
| 27 | +- Reload HTTP version of the site, ensure it doesn't get rewritten now that the |
| 28 | + ruleset is disabled. |
| 29 | +- Click HTTP Everywhere icon, click ruleset again. |
| 30 | +- Reopen HTTPS Everywhere icon menu, verify ruleset shows up in green. |
| 31 | +- Right-click on a rule, click 'View XML source.' Verify it opens up a dialog |
| 32 | + box and shows the rule source. |
| 33 | +- Click HTTPS Everywhere icon menu, click 'Block all HTTP requests'. Verify icon |
| 34 | + turns red. |
| 35 | +- Visit an HTTP site known to not have a rewrite rule. http://amazon.com is a |
| 36 | + good example. Verify page does not load. |
| 37 | +- Visit an HTTPS site that contains passive mixed content that is not rewritten |
| 38 | + to HTTPS. https://jacob.hoffman-andrews.com/passive-mixed-content.html is a |
| 39 | + good example. Verify the passive mixed content (e.g., image) does not load. |
| 40 | +- Click icon menu, click 'About HTTPS Everywhere.' Verify dialog opens. |
| 41 | +- Click icon menu, click 'SSL Observatory Preferences.' Verify dialog opens. |
| 42 | +- Click icon menu, click 'Disable HTTPS Everywhere.' Verify icon turns grey. |
| 43 | +- Visit a site that would normally trigger a ruleset. Verify it is not rewritten |
| 44 | + to HTTPS. |
| 45 | +- Click icon menu, click 'Enable HTTPS Everywhere.' Verify icon turns blue. |
| 46 | + Verify page reloads and is rewritten to HTTPS. |
| 47 | +- Look at log output, look for errors. Make sure certificates are being |
| 48 | +submitted to SSL Observatory |
| 49 | +- Tools > Web Developer > Browser Toolbox > Console. Check for errors. |
| 50 | +- TODO: Test translations? |
| 51 | + |
| 52 | +# Chromium |
| 53 | + |
| 54 | +- Visit a site that triggers a ruleset (e.g., Reddit.com). Verify counter appears |
| 55 | + on HTTPS Everywhere icon. |
| 56 | +- Click HTTPS Everywhere icon menu. Verify it contains appropriate ruleset. |
| 57 | +- Disable ruleset. |
| 58 | +- Visit HTTP version of the site again. Verify it does not get redirected to |
| 59 | + HTTPS. |
| 60 | +- Re-enable ruleset. |
| 61 | +- Visit HTTP version of the site again. Verify it does get redirected. |
| 62 | +- Visit site that does not have a ruleset. From icon menu, click 'Add this |
| 63 | + site', and complete site-adding process. |
| 64 | +- Reload the site. Verify it gets redirected to HTTPS. |
0 commit comments