On first run, start a non-proxy firefox instance for setup, then restart it

This is useful to avoid extra noisy proxy traffic, and also to improve some of the setup UX.

Author: pimterry

src/cert-check-server.ts

@@ -7,29 +7,20 @@ import { HttpsPathOptions } from 'mockttp/dist/util/tls';
 
 const readFile = promisify(fs.readFile);
 
-// Make the types for some of the browser code below happy.
-let targetUrl: string;
-let installingCert: boolean;
-
-// Check if an HTTPS cert to a server using the certificate succeeds
-// If it doesn't, redirect to the certificate itself (the browser will prompt to install)
-// Note that this function is stringified, and run in the browser, not here in node.
-function ensureCertificateIsInstalled() {
-
-}
-
 export class CertCheckServer {
 
     constructor(private config: { https: HttpsPathOptions }) { }
 
     private server: Mockttp | undefined;
 
-    async start(targetUrl: string) {
+    async start(targetUrl?: string) {
         this.server = getLocal({ https: this.config.https, cors: true });
         await this.server.start();
 
         const certificatePem = await readFile(this.config.https.certPath);
 
+        if (!targetUrl) targetUrl = this.server.urlFor('/spinner');
+
         await Promise.all([
             this.server.get('/test-https').thenReply(200),
             this.server.get('/download-cert').thenReply(200, certificatePem, {
@@ -106,7 +97,21 @@ export class CertCheckServer {
                         <p>
                             Select 'Trust this CA to identify web sites' and press 'OK' to continue.
                         </p>
-
+                    </div>
+                    </body>
+                </html>
+            `),
+            this.server.get('/spinner').thenReply(200, `
+                <html>
+                    <title>HTTP Toolkit Certificate Setup</title>
+                    <meta charset="UTF-8" />
+                    <style>
+                        body {
+                            margin: 20px;
+                            background-color: #d8e2e6;
+                        }
+                    </style>
+                    <body>
                         <svg
                             version="1.1"
                             xmlns="http://www.w3.org/2000/svg"
@@ -133,7 +138,7 @@ export class CertCheckServer {
                     </div>
                     </body>
                 </html>
-            `)
+            `),
         ]);
     }
 

src/interceptors/fresh-firefox.ts

@@ -29,6 +29,8 @@ export class FreshFirefox implements Interceptor {
 
     constructor(private config: HtkConfig) { }
 
+    private readonly firefoxProfilePath = path.join(this.config.configPath, 'firefox-profile');
+
     isActive(proxyPort: number | string) {
         return browsers[proxyPort] != null && !!browsers[proxyPort].pid;
     }
@@ -42,91 +44,125 @@ export class FreshFirefox implements Interceptor {
 
     }
 
-    async activate(proxyPort: number) {
-        if (this.isActive(proxyPort)) return;
+    async startFirefox(
+        certCheckServer: CertCheckServer,
+        proxyPort?: number,
+        existingPrefs = {}
+    ) {
+        const browser = await launchBrowser(certCheckServer.checkCertUrl, {
+            browser: 'firefox',
+            profile: this.firefoxProfilePath,
+            proxy: proxyPort ? `127.0.0.1:${proxyPort}` : undefined,
+            // Don't intercept our cert testing requests
+            noProxy: proxyPort ? certCheckServer.host : undefined,
+            prefs: _.assign(
+                existingPrefs,
+                proxyPort ? {
+                    // By default browser-launcher only configures HTTP, so we need to add HTTPS:
+                    'network.proxy.ssl': '"127.0.0.1"',
+                    'network.proxy.ssl_port': proxyPort,
+
+                    // The above browser-launcher proxy/noProxy settings should do this, but don't seem to
+                    // reliably overwrite existing values, so we set them explicitly.
+                    'network.proxy.http': '"127.0.0.1"',
+                    'network.proxy.http_port': proxyPort,
+                    'network.proxy.http.network.proxy.http.no_proxies_on': "\"" + certCheckServer.host + "\"",
+
+                    // Send localhost reqs via the proxy too
+                    'network.proxy.allow_hijacking_localhost': true,
+                } : {},
+                {
+                    // Disable the noisy captive portal check requests
+                    'network.captive-portal-service.enabled': false,
+
+                    // Disable some annoying tip messages
+                    'browser.chrome.toolbar_tips': false,
+
+                    // Ignore available updates:
+                    "app.update.auto": false,
+                    "browser.startup.homepage_override.mstone": "\"ignore\"",
+
+                    // Disable exit warnings:
+                    "browser.showQuitWarning": false,
+                    "browser.tabs.warnOnClose": false,
+                    "browser.tabs.warnOnCloseOtherTabs": false,
+
+                    // Disable various first-run things:
+                    "browser.uitour.enabled": false,
+                    'browser.usedOnWindows10': true,
+                    "browser.usedOnWindows10.introURL": "\"\"",
+                    'datareporting.healthreport.service.firstRun': false,
+                    'toolkit.telemetry.reportingpolicy.firstRun': false,
+                    'browser.reader.detectedFirstArticle': false,
+                    "datareporting.policy.dataSubmissionEnabled": false,
+                    "datareporting.policy.dataSubmissionPolicyAccepted": false,
+                    "datareporting.policy.dataSubmissionPolicyBypassNotification": true,
+                    "trailhead.firstrun.didSeeAboutWelcome": true
+                }
+            )
+        }, this.config.configPath);
 
+        if (browser.process.stdout) browser.process.stdout.pipe(process.stdout);
+        if (browser.process.stderr) browser.process.stderr.pipe(process.stderr);
+
+        return browser;
+    }
+
+    async setupFirefoxProfile() {
         const certCheckServer = new CertCheckServer(this.config);
-        await certCheckServer.start('https://amiusing.httptoolkit.tech');
+        await certCheckServer.start();
+        const certInstalled = certCheckServer.waitForSuccess().catch(reportError);
+
+        const browser = await this.startFirefox(certCheckServer);
+        browser.process.once('exit', () => certCheckServer.stop());
+        await certInstalled;
+        await delay(100); // Tiny delay, so firefox can do initial setup tasks
+        browser.stop();
+    }
+
+    async activate(proxyPort: number) {
+        if (this.isActive(proxyPort)) return;
 
         const firefoxProfile = path.join(this.config.configPath, 'firefox-profile');
         const firefoxPrefsFile = path.join(firefoxProfile, 'prefs.js');
 
         let existingPrefs: _.Dictionary<any> = {};
 
-        if (await canAccess(firefoxPrefsFile)) {
-            // If the profile exists, then we've run this before and not deleted the profile,
-            // so it probably worked. If so, reuse the existing preferences to avoid issues
-            // where on pref setup firefox behaves badly (opening a 2nd window) on OSX.
-            const prefContents = await readFile(firefoxPrefsFile, {
-                encoding: 'utf8'
-            });
-
-            existingPrefs = _(prefContents)
-                .split('\n')
-                .reduce((prefs: _.Dictionary<any>, line) => {
-                    const match = FIREFOX_PREF_REGEX.exec(line);
-                    if (match) {
-                        prefs[match[1]] = match[2];
-                    }
-                    return prefs
-                }, {});
+        if (await canAccess(firefoxPrefsFile) === false) {
+            /*
+            First time, we do a separate pre-usage startup & stop, without the proxy, for certificate setup.
+            This helps avoid initial Firefox profile setup request noise, and tidies up some awkward UX where
+            firefox likes to open extra welcome windows/tabs on first run, especially on OSX.
+            */
+            await this.setupFirefoxProfile();
         }
 
-        const browser = await launchBrowser(certCheckServer.checkCertUrl, {
-            browser: 'firefox',
-            profile: firefoxProfile,
-            proxy: `127.0.0.1:${proxyPort}`,
-            // Don't intercept our cert testing requests
-            noProxy: certCheckServer.host,
-            prefs: _.assign(existingPrefs, {
-                // By default browser-launcher only configures HTTP, so we need to add HTTPS:
-                'network.proxy.ssl': '"127.0.0.1"',
-                'network.proxy.ssl_port': proxyPort,
-
-                // The above browser-launcher proxy/noProxy settings should do this, but don't seem to
-                // reliably overwrite existing values, so we set them explicitly.
-                'network.proxy.http': '"127.0.0.1"',
-                'network.proxy.http_port': proxyPort,
-                'network.proxy.http.network.proxy.http.no_proxies_on': certCheckServer.host,
-
-                // Send localhost reqs via the proxy too
-                'network.proxy.allow_hijacking_localhost': true,
-
-                // Disable the noisy captive portal check requests
-                'network.captive-portal-service.enabled': false,
-
-                // Disable some annoying tip messages
-                'browser.chrome.toolbar_tips': false,
-
-                // Ignore available updates:
-                "app.update.auto": false,
-                "browser.startup.homepage_override.mstone": "ignore",
-
-                // Disable exit warnings:
-                "browser.showQuitWarning": false,
-                "browser.tabs.warnOnClose": false,
-                "browser.tabs.warnOnCloseOtherTabs": false,
-
-                // Disable various first-run things:
-                "browser.uitour.enabled": false,
-                'browser.usedOnWindows10': true,
-                "browser.usedOnWindows10.introURL": "",
-                'datareporting.healthreport.service.firstRun': false,
-                'toolkit.telemetry.reportingpolicy.firstRun': false,
-                'browser.reader.detectedFirstArticle': false,
-                "datareporting.policy.dataSubmissionEnabled": false,
-                "datareporting.policy.dataSubmissionPolicyAccepted": false,
-                "datareporting.policy.dataSubmissionPolicyBypassNotification": true
-            })
-        }, this.config.configPath);
+        const certCheckServer = new CertCheckServer(this.config);
+        await certCheckServer.start('https://amiusing.httptoolkit.tech');
 
-        if (browser.process.stdout) browser.process.stdout.pipe(process.stdout);
-        if (browser.process.stderr) browser.process.stderr.pipe(process.stderr);
+        // At this stage, we've run firefox at least once, at it's working nicely.
+        // We need to preserve & reuse any existing preferences, to avoid issues
+        // where on pref setup firefox behaves badly (opening a 2nd window) on OSX.
+        const prefContents = await readFile(firefoxPrefsFile, {
+            encoding: 'utf8'
+        });
+
+        existingPrefs = _(prefContents)
+            .split('\n')
+            .reduce((prefs: _.Dictionary<any>, line) => {
+                const match = FIREFOX_PREF_REGEX.exec(line);
+                if (match) {
+                    prefs[match[1]] = match[2];
+                }
+                return prefs
+            }, {});
+
+        const browser = await this.startFirefox(certCheckServer, proxyPort, existingPrefs);
 
         let success = false;
         certCheckServer.waitForSuccess().then(() => {
             success = true;
-        }).catch(console.warn);
+        }).catch(reportError);
 
         browsers[proxyPort] = browser;
         browser.process.once('exit', () => {

test/interceptors/fresh-firefox.spec.ts

@@ -1,6 +1,9 @@
 import * as _ from 'lodash';
+import fetch from 'node-fetch';
 import { CompletedRequest } from 'mockttp';
-import { setupInterceptor, itIsAvailable, itCanBeActivated } from './interceptor-test-utils';
+import { setupInterceptor, itIsAvailable } from './interceptor-test-utils';
+import { expect } from 'chai';
+import { delay } from '../../src/util';
 
 const interceptorSetup = setupInterceptor('fresh-firefox');
 
@@ -20,10 +23,42 @@ describe('Firefox interceptor', function () {
     });
 
     itIsAvailable(interceptorSetup);
-    itCanBeActivated(interceptorSetup);
+
+    it('can be activated', async () => {
+        const { interceptor, server } = await interceptorSetup;
+
+        expect(interceptor.isActive(server.port)).to.equal(false);
+
+        const activation = interceptor.activate(server.port);
+        await delay(500);
+        await fetch('http://localhost:8001/report-success');
+        await activation;
+        expect(interceptor.isActive(server.port)).to.equal(true);
+        expect(interceptor.isActive(server.port + 1)).to.equal(false);
+
+        await interceptor.deactivate(server.port);
+        await delay(500); // Wait to ensure the profile is cleaned up
+    });
+
+    it('can deactivate all', async () => {
+        const { interceptor, server } = await interceptorSetup;
+
+        expect(interceptor.isActive(server.port)).to.equal(false);
+
+        const activation = interceptor.activate(server.port);
+        await delay(500);
+        await fetch('http://localhost:8001/report-success');
+        await activation;
+        expect(interceptor.isActive(server.port)).to.equal(true);
+        expect(interceptor.isActive(server.port + 1)).to.equal(false);
+
+        await interceptor.deactivateAll();
+        expect(interceptor.isActive(server.port)).to.equal(false);
+        await delay(500); // Wait to ensure the profile is cleaned up
+    });
 
     // TODO: This doesn't work, as we need to manually accept the cert before
-    // Firefox makes its HTTPS request to amiusing
+    // Firefox will make any requests to any real servers. Might be doable with webdriver?
     it.skip('successfully makes requests', async function () {
         const { server, interceptor: firefoxInterceptor } = await interceptorSetup;