Bug 1453818 - Add test for same-site cookies in reader mode. r=ckerschb,Gijs

MozReview-Commit-ID: 58j7geRM6KW --HG-- extra : rebase_source : 8e8faf01d1d7a1afe12ca69604b47b267c95bd39
2018-04-17 13:40:18 -07:00 · 2018-04-17 13:40:18 -07:00 · 1ab2ebf84b
--- a/toolkit/components/reader/test/browser.ini
+++ b/toolkit/components/reader/test/browser.ini
@ -15,6 +15,12 @@ uses-unsafe-cpows = true
 [browser_bug1124271_readerModePinnedTab.js]
 support-files =
  readerModeArticle.html
+[browser_bug1453818_samesite_cookie.js]
+support-files =
+  getCookies.html
+  linkToGetCookies.html
+  setSameSiteCookie.html
+  setSameSiteCookie.html^headers^
 [browser_readerMode_readingTime.js]
 support-files =
  readerModeArticle.html
--- a/toolkit/components/reader/test/browser_bug1453818_samesite_cookie.js
+++ b/toolkit/components/reader/test/browser_bug1453818_samesite_cookie.js
@ -0,0 +1,97 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const TEST_ORIGIN1 = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "http://example.com");
+const TEST_ORIGIN2 = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "http://example.org");
+
+async function clickLink(browser) {
+  info("Waiting for the page to load after clicking the link...");
+  let pageLoaded = BrowserTestUtils.waitForContentEvent(browser, "DOMContentLoaded");
+  await ContentTask.spawn(browser, null, async function() {
+    let link = content.document.getElementById("link");
+    ok(link, "The link element was found.");
+    link.click();
+  });
+  await pageLoaded;
+}
+
+async function checkCookiePresent(browser) {
+  await ContentTask.spawn(browser, null, async function() {
+    let cookieSpan = content.document.getElementById("cookieSpan");
+    ok(cookieSpan, "cookieSpan element should be in document");
+    is(cookieSpan.textContent, "foo=bar", "The SameSite cookie was sent correctly.");
+  });
+}
+
+async function checkCookie(sameSiteEnabled, browser) {
+  if (sameSiteEnabled) {
+    info("Check that the SameSite cookie was not sent.");
+    await ContentTask.spawn(browser, null, async function() {
+      let cookieSpan = content.document.getElementById("cookieSpan");
+      ok(cookieSpan, "cookieSpan element should be in document");
+      is(cookieSpan.textContent, "", "The SameSite cookie was blocked correctly.");
+    });
+  } else {
+    info("Check that the SameSite cookie was sent.");
+    await checkCookiePresent(browser);
+  }
+}
+
+async function runTest(sameSiteEnabled) {
+  await SpecialPowers.pushPrefEnv({
+    set: [["network.cookie.same-site.enabled", sameSiteEnabled],
+          ["reader.parse-on-load.enabled", true]],
+  });
+
+  info("Set a SameSite=strict cookie.");
+  await BrowserTestUtils.withNewTab(TEST_ORIGIN1 + "setSameSiteCookie.html", () => {});
+
+  info("Check that the cookie has been correctly set.");
+  await BrowserTestUtils.withNewTab(TEST_ORIGIN1 + "getCookies.html", async function(browser) {
+    await checkCookiePresent(browser);
+  });
+
+  info("Open a cross-origin page with a link to the domain that set the cookie.");
+  {
+    let browser;
+    let pageLoaded;
+    let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, () => {
+      let t = BrowserTestUtils.addTab(gBrowser, TEST_ORIGIN2 + "linkToGetCookies.html");
+      gBrowser.selectedTab = t;
+      browser = gBrowser.selectedBrowser;
+      pageLoaded = BrowserTestUtils.waitForContentEvent(browser, "DOMContentLoaded");
+      return t;
+    }, false);
+
+    info("Waiting for the page to load in normal mode...");
+    await pageLoaded;
+
+    await clickLink(browser);
+    await checkCookie(sameSiteEnabled, browser);
+    await BrowserTestUtils.removeTab(tab);
+  }
+
+  info("Open the cross-origin page again.");
+  await BrowserTestUtils.withNewTab(TEST_ORIGIN2 + "linkToGetCookies.html", async function(browser) {
+    let pageShown = BrowserTestUtils.waitForContentEvent(browser, "AboutReaderContentReady");
+    let readerButton = document.getElementById("reader-mode-button");
+    ok(readerButton, "readerButton should be available");
+    readerButton.click();
+
+    info("Waiting for the page to be displayed in reader mode...");
+    await pageShown;
+
+    await clickLink(browser);
+    await checkCookie(sameSiteEnabled, browser);
+  });
+}
+
+add_task(async function() {
+  await runTest(true);
+});
+
+add_task(async function() {
+  await runTest(false);
+});
--- a/toolkit/components/reader/test/getCookies.html
+++ b/toolkit/components/reader/test/getCookies.html
@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+    </head>
+    <body>
+        <p>Cookie: <span id="cookieSpan">(none yet)</span></p>
+        <br>
+        <script>
+        let cookieSpan = document.getElementById("cookieSpan");
+        cookieSpan.textContent = document.cookie;
+        </script>
+    </body>
+</html>
--- a/toolkit/components/reader/test/linkToGetCookies.html
+++ b/toolkit/components/reader/test/linkToGetCookies.html
@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+    </head>
+    <body>
+        <article>
+            <p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec a diam lectus. Sed sit amet ipsum mauris. Maecenas congue ligula ac quam viverra nec consectetur ante hendrerit. Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean ut gravida lorem. Ut turpis felis, pulvinar a semper sed, adipiscing id dolor. Pellentesque auctor nisi id magna consequat sagittis. Curabitur dapibus enim sit amet elit pharetra tincidunt feugiat nisl imperdiet. Ut convallis libero in urna ultrices accumsan. Donec sed odio eros. Donec viverra mi quis quam pulvinar at malesuada arcu rhoncus. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. In rutrum accumsan ultricies. Mauris vitae nisi at sem facilisis semper ac in est.</p>
+
+            <p><a href="http://example.com/browser/toolkit/components/reader/test/getCookies.html" id="link">Cross-origin link to getCookies.html</a></p>
+        </article>
+    </body>
+</html>
--- a/toolkit/components/reader/test/setSameSiteCookie.html
+++ b/toolkit/components/reader/test/setSameSiteCookie.html
@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <meta charset="utf-8">
+    </head>
+    <body>
+        <p>This page just set a cookie with the <code>SameSite</code> attribute.</p>
+    </body>
+</html>
--- a/toolkit/components/reader/test/setSameSiteCookie.html^headers^
+++ b/toolkit/components/reader/test/setSameSiteCookie.html^headers^
@ -0,0 +1 @@
+Set-Cookie: foo=bar; Path='/' ; SameSite=strict
				`@ -0,0 +1 @@`
				`Set-Cookie: foo=bar; Path='/' ; SameSite=strict`