Bug 1452496: Test for diiscarding same-site cookie in cross site context. r=mgoodwin

2018-04-10 17:18:04 +02:00 · 2018-04-10 17:18:04 +02:00 · 818bd556c8
--- a/dom/security/test/general/file_same_site_cookies_cross_origin_context.sjs
+++ b/dom/security/test/general/file_same_site_cookies_cross_origin_context.sjs
@ -0,0 +1,47 @@
+// Custom *.sjs file specifically for the needs of Bug 1452496
+
+// small red image
+const IMG_BYTES = atob(
+  "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" +
+  "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==");
+
+const FRAME = `
+  <!DOCTYPE html>
+  <html>
+  <head>
+    <title>Bug 1452496 - Do not allow same-site cookies in cross site context</title>
+  </head>
+  <body>
+    <script type="application/javascript">
+      window.parent.postMessage({result: document.cookie}, 'http://mochi.test:8888');
+    </script>
+  </body>
+  </html>`;
+
+function handleRequest(request, response)
+{
+  // avoid confusing cache behaviors
+  response.setHeader("Cache-Control", "no-cache", false);
+
+  if (request.queryString === "setSameSiteCookie") {
+    response.setHeader("Set-Cookie", "myKey=strictSameSiteCookie; samesite=strict", true);
+    response.setHeader("Content-Type", "image/png");
+    response.write(IMG_BYTES);
+    return;
+  }
+
+  if (request.queryString === "setRegularCookie") {
+    response.setHeader("Set-Cookie", "myRegularKey=regularCookie;", true);
+    response.setHeader("Content-Type", "image/png");
+    response.write(IMG_BYTES);
+    return;
+  }
+
+  if (request.queryString === "loadFrame") {
+    response.write(FRAME);
+    return;
+  }
+
+  // we should never get here, but just in case return something unexpected
+  response.write("D'oh");
+}
--- a/dom/security/test/general/mochitest.ini
+++ b/dom/security/test/general/mochitest.ini
@ -10,6 +10,7 @@ support-files =
  file_block_subresource_redir_to_data.sjs
  file_same_site_cookies_subrequest.sjs
  file_same_site_cookies_toplevel_nav.sjs
+  file_same_site_cookies_cross_origin_context.sjs

 [test_contentpolicytype_targeted_link_iframe.html]
 [test_nosniff.html]
@ -25,3 +26,4 @@ skip-if = toolkit == 'android'
 [test_block_subresource_redir_to_data.html]
 [test_same_site_cookies_subrequest.html]
 [test_same_site_cookies_toplevel_nav.html]
+[test_same_site_cookies_cross_origin_context.html]
--- a/dom/security/test/general/test_same_site_cookies_cross_origin_context.html
+++ b/dom/security/test/general/test_same_site_cookies_cross_origin_context.html
@ -0,0 +1,87 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Bug 1452496 - Do not allow same-site cookies in cross site context</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<img id="cookieImage">
+<iframe id="testframe"></iframe>
+
+<script class="testbody" type="text/javascript">
+
+/*
+ * Description of the test:
+ * 1) We load an image from http://example.com which tries to 
+ *    a) a same site cookie
+ *    b) a regular cookie
+ *    in the context of http://mochi.test
+ * 2) We load an iframe from http://example.com and check if the cookie
+ *    is available.
+ * 3) We observe that:
+ *    (a) same site cookie has been discarded in a cross origin context.
+ *    (b) the regular cookie is available.
+ */
+
+SimpleTest.waitForExplicitFinish();
+
+const CROSS_ORIGIN = "http://example.com/";
+const PATH = "tests/dom/security/test/general/file_same_site_cookies_cross_origin_context.sjs";
+
+let curTest = 0;
+
+var tests = [
+  {
+    description: "same-site cookie in cross origin context",
+    imgSRC: CROSS_ORIGIN + PATH + "?setSameSiteCookie",
+    frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
+    result: "", // no cookie should be set
+  },
+  {
+    description: "regular cookie in cross origin context",
+    imgSRC: CROSS_ORIGIN + PATH + "?setRegularCookie",
+    frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
+    result: "myRegularKey=regularCookie",
+  },
+];
+
+
+window.addEventListener("message", receiveMessage);
+function receiveMessage(event) {
+  is(event.data.result, tests[curTest].result, tests[curTest].description);
+  curTest += 1;
+
+  // // lets see if we ran all the tests
+  if (curTest == tests.length) {
+    window.removeEventListener("message", receiveMessage);
+    SimpleTest.finish();
+    return;
+  }
+  // otherwise it's time to run the next test
+  setCookieAndInitTest();
+}
+
+function setupQueryResultAndRunTest() {
+  let testframe = document.getElementById("testframe");
+  testframe.src = tests[curTest].frameSRC;
+}
+
+function setCookieAndInitTest() {
+  var cookieImage = document.getElementById("cookieImage");
+  cookieImage.onload = function() {
+    ok(true, "trying to set cookie for test (" + tests[curTest].description + ")");
+    setupQueryResultAndRunTest();
+  }
+  cookieImage.onerror = function() {
+    ok(false, "could not load image for test (" + tests[curTest].description + ")");
+  }
+  cookieImage.src =  tests[curTest].imgSRC;
+}
+
+// fire up the test
+setCookieAndInitTest();
+
+</script>
+</body>
+</html>