Bug 1525245 - Stabilize cookiePolicy/cookiePermission for live documents - part 4 - Storage tests, r=asuth

Differential Revision: https://phabricator.services.mozilla.com/D18952 --HG-- extra : moz-landing-system : lando
2019-03-07 10:15:50 +00:00 · 2019-03-07 10:15:50 +00:00 · 012a1b062f
--- a/netwerk/cookie/test/browser/browser.ini
+++ b/netwerk/cookie/test/browser/browser.ini
@ -1,5 +1,7 @@
 [DEFAULT]
 support-files =
  file_empty.html
+  head.js

 [browser_originattributes.js]
+[browser_storage.js]
--- a/netwerk/cookie/test/browser/browser_storage.js
+++ b/netwerk/cookie/test/browser/browser_storage.js
@ -0,0 +1,41 @@
+CookiePolicyHelper.runTest("SessionStorage", {
+  cookieJarAccessAllowed: async _ => {
+    try {
+      content.sessionStorage.foo = 42;
+      ok(true, "SessionStorage works");
+    } catch (e) {
+      ok(false, "SessionStorage works");
+    }
+  },
+
+  cookieJarAccessDenied: async _ => {
+    try {
+      content.sessionStorage.foo = 42;
+      ok(false, "SessionStorage doesn't work");
+    } catch (e) {
+      ok(true, "SessionStorage doesn't work");
+      is(e.name, "SecurityError", "We want a security error message.");
+    }
+  },
+});
+
+CookiePolicyHelper.runTest("LocalStorage", {
+  cookieJarAccessAllowed: async _ => {
+    try {
+      content.localStorage.foo = 42;
+      ok(true, "LocalStorage works");
+    } catch (e) {
+      ok(false, "LocalStorage works");
+    }
+  },
+
+  cookieJarAccessDenied: async _ => {
+    try {
+      content.localStorage.foo = 42;
+      ok(false, "LocalStorage doesn't work");
+    } catch (e) {
+      ok(true, "LocalStorage doesn't work");
+      is(e.name, "SecurityError", "We want a security error message.");
+    }
+  },
+});
--- a/netwerk/cookie/test/browser/head.js
+++ b/netwerk/cookie/test/browser/head.js
@ -0,0 +1,147 @@
+const BEHAVIOR_ACCEPT = Ci.nsICookieService.BEHAVIOR_ACCEPT;
+const BEHAVIOR_REJECT = Ci.nsICookieService.BEHAVIOR_REJECT;
+
+const PERM_DEFAULT = Ci.nsICookiePermission.ACCESS_DEFAULT;
+const PERM_ALLOW = Ci.nsICookiePermission.ACCESS_ALLOW;
+const PERM_DENY = Ci.nsICookiePermission.ACCESS_DENY;
+
+const TEST_DOMAIN = "http://example.net/";
+const TEST_PATH = "browser/netwerk/cookie/test/browser/";
+const TEST_TOP_PAGE = TEST_DOMAIN + TEST_PATH + "file_empty.html";
+
+// Helper to eval() provided cookieJarAccessAllowed and cookieJarAccessDenied
+// toString()ed optionally async function in freshly created tabs with
+// BEHAVIOR_ACCEPT and BEHAVIOR_REJECT configured, respectively, in a number of
+// permutations. This includes verifying that changing the permission while the
+// page is open still results in the state of the permission when the
+// document/global was created still applying. Code will execute in the
+// ContentTask.spawn frame-script context, use content to access the underlying
+// page.
+this.CookiePolicyHelper = {
+  runTest(testName, config) {
+    // Testing allowed to blocked by cookie behavior
+    this._createTest(testName,
+                     config.cookieJarAccessAllowed,
+                     config.cookieJarAccessDenied,
+                     config.cleanup,
+                     {
+                       fromBehavior: BEHAVIOR_ACCEPT,
+                       toBehavior: BEHAVIOR_REJECT,
+                       fromPermission: PERM_DEFAULT,
+                       toPermission: PERM_DEFAULT,
+                     });
+
+    // Testing blocked to allowed by cookie behavior
+    this._createTest(testName,
+                     config.cookieJarAccessDenied,
+                     config.cookieJarAccessAllowed,
+                     config.cleanup,
+                     {
+                       fromBehavior: BEHAVIOR_REJECT,
+                       toBehavior: BEHAVIOR_ACCEPT,
+                       fromPermission: PERM_DEFAULT,
+                       toPermission: PERM_DEFAULT,
+                     });
+
+    // Testing allowed to blocked by cookie permission
+    this._createTest(testName,
+                     config.cookieJarAccessAllowed,
+                     config.cookieJarAccessDenied,
+                     config.cleanup,
+                     {
+                       fromBehavior: BEHAVIOR_REJECT,
+                       toBehavior: BEHAVIOR_REJECT,
+                       fromPermission: PERM_ALLOW,
+                       toPermission: PERM_DEFAULT,
+                     });
+
+    // Testing blocked to allowed by cookie permission
+    this._createTest(testName,
+                     config.cookieJarAccessDenied,
+                     config.cookieJarAccessAllowed,
+                     config.cleanup,
+                     {
+                       fromBehavior: BEHAVIOR_ACCEPT,
+                       toBehavior: BEHAVIOR_ACCEPT,
+                       fromPermission: PERM_DENY,
+                       toPermission: PERM_DEFAULT,
+                     });
+  },
+
+  _createTest(testName, goodCb, badCb, cleanupCb, config) {
+    add_task(async _ => {
+      info("Starting " + testName + ": " + config.toSource());
+
+      await SpecialPowers.flushPrefEnv();
+
+      let uri = Services.io.newURI(TEST_DOMAIN);
+
+      // Let's set the first cookie pref.
+      Services.perms.add(uri, "cookie", config.fromPermission);
+      await SpecialPowers.pushPrefEnv({"set": [
+        ["network.cookie.cookieBehavior", config.fromBehavior],
+      ]});
+
+      // Let's open a tab and load content.
+      let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+      gBrowser.selectedTab = tab;
+
+      let browser = gBrowser.getBrowserForTab(tab);
+      await BrowserTestUtils.browserLoaded(browser);
+
+      // Let's exec the "good" callback.
+      info("Executing the test after setting the cookie behavior to " + config.fromBehavior + " and permission to " + config.fromPermission);
+      await ContentTask.spawn(browser,
+                              { callback: goodCb.toString() },
+                              async obj => {
+        let runnableStr = `(() => {return (${obj.callback});})();`;
+        let runnable = eval(runnableStr); // eslint-disable-line no-eval
+        await runnable();
+      });
+
+      // Now, let's change the cookie settings
+      Services.perms.add(uri, "cookie", config.toPermission);
+      await SpecialPowers.pushPrefEnv({"set": [
+        ["network.cookie.cookieBehavior", config.toBehavior],
+      ]});
+
+      // We still want the good callback to succeed.
+      info("Executing the test after setting the cookie behavior to " + config.toBehavior + " and permission to " + config.toPermission);
+      await ContentTask.spawn(browser,
+                              { callback: goodCb.toString() },
+                              async obj => {
+        let runnableStr = `(() => {return (${obj.callback});})();`;
+        let runnable = eval(runnableStr); // eslint-disable-line no-eval
+        await runnable.call(content.window);
+      });
+
+      // Let's close the tab.
+      BrowserTestUtils.removeTab(tab);
+
+      // Let's open a new tab and load content again.
+      tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+      gBrowser.selectedTab = tab;
+
+      browser = gBrowser.getBrowserForTab(tab);
+      await BrowserTestUtils.browserLoaded(browser);
+
+      // Let's exec the "bad" callback.
+      info("Executing the test in a new tab");
+      await ContentTask.spawn(browser,
+                              { callback: badCb.toString() },
+                              async obj => {
+        let runnableStr = `(() => {return (${obj.callback});})();`;
+        let runnable = eval(runnableStr); // eslint-disable-line no-eval
+        await runnable.call(content.window);
+      });
+
+      // Let's close the tab.
+      BrowserTestUtils.removeTab(tab);
+
+      // Cleanup.
+      await new Promise(resolve => {
+        Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve);
+      });
+    });
+  },
+};