From 27309db8bbf88619c73483cf2dac0a63bec5b5d9 Mon Sep 17 00:00:00 2001 From: Andrea Marchesini Date: Wed, 27 Feb 2019 19:56:07 +0000 Subject: [PATCH] Bug 1525245 - Stabilize cookiePolicy/cookiePermission for live documents - part 4 - Storage tests, r=asuth Differential Revision: https://phabricator.services.mozilla.com/D18952 --HG-- extra : moz-landing-system : lando --- netwerk/cookie/test/browser/browser.ini | 2 + .../cookie/test/browser/browser_storage.js | 41 +++++ netwerk/cookie/test/browser/head.js | 147 ++++++++++++++++++ 3 files changed, 190 insertions(+) create mode 100644 netwerk/cookie/test/browser/browser_storage.js create mode 100644 netwerk/cookie/test/browser/head.js diff --git a/netwerk/cookie/test/browser/browser.ini b/netwerk/cookie/test/browser/browser.ini index 342e145789f1..50fb89989f13 100644 --- a/netwerk/cookie/test/browser/browser.ini +++ b/netwerk/cookie/test/browser/browser.ini @@ -1,5 +1,7 @@ [DEFAULT] support-files = file_empty.html + head.js [browser_originattributes.js] +[browser_storage.js] diff --git a/netwerk/cookie/test/browser/browser_storage.js b/netwerk/cookie/test/browser/browser_storage.js new file mode 100644 index 000000000000..8033d56d83c1 --- /dev/null +++ b/netwerk/cookie/test/browser/browser_storage.js @@ -0,0 +1,41 @@ +CookiePolicyHelper.runTest("SessionStorage", { + cookieJarAccessAllowed: async _ => { + try { + content.sessionStorage.foo = 42; + ok(true, "SessionStorage works"); + } catch (e) { + ok(false, "SessionStorage works"); + } + }, + + cookieJarAccessDenied: async _ => { + try { + content.sessionStorage.foo = 42; + ok(false, "SessionStorage doesn't work"); + } catch (e) { + ok(true, "SessionStorage doesn't work"); + is(e.name, "SecurityError", "We want a security error message."); + } + }, +}); + +CookiePolicyHelper.runTest("LocalStorage", { + cookieJarAccessAllowed: async _ => { + try { + content.localStorage.foo = 42; + ok(true, "LocalStorage works"); + } catch (e) { + ok(false, "LocalStorage works"); + } + }, + + cookieJarAccessDenied: async _ => { + try { + content.localStorage.foo = 42; + ok(false, "LocalStorage doesn't work"); + } catch (e) { + ok(true, "LocalStorage doesn't work"); + is(e.name, "SecurityError", "We want a security error message."); + } + }, +}); diff --git a/netwerk/cookie/test/browser/head.js b/netwerk/cookie/test/browser/head.js new file mode 100644 index 000000000000..80270c666121 --- /dev/null +++ b/netwerk/cookie/test/browser/head.js @@ -0,0 +1,147 @@ +const BEHAVIOR_ACCEPT = Ci.nsICookieService.BEHAVIOR_ACCEPT; +const BEHAVIOR_REJECT = Ci.nsICookieService.BEHAVIOR_REJECT; + +const PERM_DEFAULT = Ci.nsICookiePermission.ACCESS_DEFAULT; +const PERM_ALLOW = Ci.nsICookiePermission.ACCESS_ALLOW; +const PERM_DENY = Ci.nsICookiePermission.ACCESS_DENY; + +const TEST_DOMAIN = "http://example.net/"; +const TEST_PATH = "browser/netwerk/cookie/test/browser/"; +const TEST_TOP_PAGE = TEST_DOMAIN + TEST_PATH + "file_empty.html"; + +// Helper to eval() provided cookieJarAccessAllowed and cookieJarAccessDenied +// toString()ed optionally async function in freshly created tabs with +// BEHAVIOR_ACCEPT and BEHAVIOR_REJECT configured, respectively, in a number of +// permutations. This includes verifying that changing the permission while the +// page is open still results in the state of the permission when the +// document/global was created still applying. Code will execute in the +// ContentTask.spawn frame-script context, use content to access the underlying +// page. +this.CookiePolicyHelper = { + runTest(testName, config) { + // Testing allowed to blocked by cookie behavior + this._createTest(testName, + config.cookieJarAccessAllowed, + config.cookieJarAccessDenied, + config.cleanup, + { + fromBehavior: BEHAVIOR_ACCEPT, + toBehavior: BEHAVIOR_REJECT, + fromPermission: PERM_DEFAULT, + toPermission: PERM_DEFAULT, + }); + + // Testing blocked to allowed by cookie behavior + this._createTest(testName, + config.cookieJarAccessDenied, + config.cookieJarAccessAllowed, + config.cleanup, + { + fromBehavior: BEHAVIOR_REJECT, + toBehavior: BEHAVIOR_ACCEPT, + fromPermission: PERM_DEFAULT, + toPermission: PERM_DEFAULT, + }); + + // Testing allowed to blocked by cookie permission + this._createTest(testName, + config.cookieJarAccessAllowed, + config.cookieJarAccessDenied, + config.cleanup, + { + fromBehavior: BEHAVIOR_REJECT, + toBehavior: BEHAVIOR_REJECT, + fromPermission: PERM_ALLOW, + toPermission: PERM_DEFAULT, + }); + + // Testing blocked to allowed by cookie permission + this._createTest(testName, + config.cookieJarAccessDenied, + config.cookieJarAccessAllowed, + config.cleanup, + { + fromBehavior: BEHAVIOR_ACCEPT, + toBehavior: BEHAVIOR_ACCEPT, + fromPermission: PERM_DENY, + toPermission: PERM_DEFAULT, + }); + }, + + _createTest(testName, goodCb, badCb, cleanupCb, config) { + add_task(async _ => { + info("Starting " + testName + ": " + config.toSource()); + + await SpecialPowers.flushPrefEnv(); + + let uri = Services.io.newURI(TEST_DOMAIN); + + // Let's set the first cookie pref. + Services.perms.add(uri, "cookie", config.fromPermission); + await SpecialPowers.pushPrefEnv({"set": [ + ["network.cookie.cookieBehavior", config.fromBehavior], + ]}); + + // Let's open a tab and load content. + let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE); + gBrowser.selectedTab = tab; + + let browser = gBrowser.getBrowserForTab(tab); + await BrowserTestUtils.browserLoaded(browser); + + // Let's exec the "good" callback. + info("Executing the test after setting the cookie behavior to " + config.fromBehavior + " and permission to " + config.fromPermission); + await ContentTask.spawn(browser, + { callback: goodCb.toString() }, + async obj => { + let runnableStr = `(() => {return (${obj.callback});})();`; + let runnable = eval(runnableStr); // eslint-disable-line no-eval + await runnable(); + }); + + // Now, let's change the cookie settings + Services.perms.add(uri, "cookie", config.toPermission); + await SpecialPowers.pushPrefEnv({"set": [ + ["network.cookie.cookieBehavior", config.toBehavior], + ]}); + + // We still want the good callback to succeed. + info("Executing the test after setting the cookie behavior to " + config.toBehavior + " and permission to " + config.toPermission); + await ContentTask.spawn(browser, + { callback: goodCb.toString() }, + async obj => { + let runnableStr = `(() => {return (${obj.callback});})();`; + let runnable = eval(runnableStr); // eslint-disable-line no-eval + await runnable.call(content.window); + }); + + // Let's close the tab. + BrowserTestUtils.removeTab(tab); + + // Let's open a new tab and load content again. + tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE); + gBrowser.selectedTab = tab; + + browser = gBrowser.getBrowserForTab(tab); + await BrowserTestUtils.browserLoaded(browser); + + // Let's exec the "bad" callback. + info("Executing the test in a new tab"); + await ContentTask.spawn(browser, + { callback: badCb.toString() }, + async obj => { + let runnableStr = `(() => {return (${obj.callback});})();`; + let runnable = eval(runnableStr); // eslint-disable-line no-eval + await runnable.call(content.window); + }); + + // Let's close the tab. + BrowserTestUtils.removeTab(tab); + + // Cleanup. + await new Promise(resolve => { + Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve); + }); + }); + }, +};