Bug 1729640 - P7. Add test cases for isolating sites by login related heuristics r=farre

Differential Revision: https://phabricator.services.mozilla.com/D127108

dom/ipc/LoginDetectionService.cpp

@@ -46,6 +46,7 @@ already_AddRefed<LoginDetectionService> LoginDetectionService::GetSingleton() {
   return do_AddRef(gLoginDetectionService);
 }
 
+LoginDetectionService::LoginDetectionService() : mIsLoginsLoaded(false) {}
 LoginDetectionService::~LoginDetectionService() { UnregisterObserver(); }
 
 void LoginDetectionService::MaybeStartMonitoring() {
@@ -111,6 +112,17 @@ NS_IMETHODIMP LoginDetectionService::Init() {
   return NS_OK;
 }
 
+NS_IMETHODIMP LoginDetectionService::IsLoginsLoaded(bool* aResult) {
+  if (IsIsolateHighValueSiteEnabled()) {
+    *aResult = mIsLoginsLoaded;
+  } else {
+    // When the feature is disabled, just returns true so testcases don't
+    // block on waiting for us to load logins.
+    *aResult = true;
+  }
+  return NS_OK;
+}
+
 ///////////////////////////////////////////////////////////////////////////////
 // nsILoginSearchObserver implementation
 NS_IMETHODIMP
@@ -125,6 +137,7 @@ LoginDetectionService::OnSearchComplete(
                            mozilla::dom::kHighValueHasSavedLoginPermission);
   }
 
+  mIsLoginsLoaded = true;
   return NS_OK;
 }
 

dom/ipc/LoginDetectionService.h

@@ -40,7 +40,7 @@ class LoginDetectionService final : public nsILoginDetectionService,
   void MaybeStartMonitoring();
 
  private:
-  LoginDetectionService() = default;
+  LoginDetectionService();
   virtual ~LoginDetectionService();
 
   // Fetch saved logins from the password manager.
@@ -50,6 +50,9 @@ class LoginDetectionService final : public nsILoginDetectionService,
   void UnregisterObserver();
 
   nsCOMPtr<nsIObserverService> mObs;
+
+  // Used by testcase to make sure logins are fetched.
+  bool mIsLoginsLoaded;
 };
 
 }  // namespace mozilla::dom

dom/ipc/nsILoginDetectionService.idl

@@ -13,4 +13,10 @@ interface nsILoginDetectionService : nsISupports
    * called to initialize the login detection service.
    */
   void init();
+
+  /**
+   * Returns true if we have loaded logins from the password manager.
+   * This is now used by testcase only.
+   */
+  bool isLoginsLoaded();
 };

dom/ipc/tests/browser_web_process_isolation.js

@@ -142,86 +142,164 @@ function mkTestPage({
   };
 }
 
+const heuristics = [
+  {
+    name: "coop",
+    setup_com: async expected => {
+      // Set the COOP header, and load
+      await testTreeRemoteTypes(
+        "com_set_coop",
+        mkTestPage({
+          topOrigin: COM_ORIGIN,
+          topHeaders: { "Cross-Origin-Opener-Policy": "same-origin" },
+          comRemoteType: expected.com_high,
+          orgRemoteType: expected.org_normal,
+          mozRemoteType: expected.moz_normal,
+        })
+      );
+    },
+    run_extra_test: async expected => {
+      // Load with both the COOP and COEP headers set.
+      await testTreeRemoteTypes(
+        "com_coop_coep",
+        mkTestPage({
+          topOrigin: COM_ORIGIN,
+          topHeaders: {
+            "Cross-Origin-Opener-Policy": "same-origin",
+            "Cross-Origin-Embedder-Policy": "require-corp",
+          },
+          frameHeaders: {
+            "Cross-Origin-Embedder-Policy": "require-corp",
+            "Cross-Origin-Resource-Policy": "cross-origin",
+          },
+          comRemoteType: expected.com_coop_coep,
+          orgRemoteType: expected.org_coop_coep,
+          mozRemoteType: expected.moz_coop_coep,
+        })
+      );
+    },
+  },
+  {
+    name: "hasSavedLogin",
+    setup_com: async expected => {
+      // add .com to the password manager
+      let LoginInfo = new Components.Constructor(
+        "@mozilla.org/login-manager/loginInfo;1",
+        Ci.nsILoginInfo,
+        "init"
+      );
+      Services.logins.addLogin(
+        new LoginInfo(COM_ORIGIN, "", null, "username", "password", "", "")
+      );
+
+      // Init login detection service to trigger fetching logins
+      let loginDetection = Cc[
+        "@mozilla.org/login-detection-service;1"
+      ].createInstance(Ci.nsILoginDetectionService);
+      loginDetection.init();
+
+      await TestUtils.waitForCondition(() => {
+        let x = loginDetection.isLoginsLoaded();
+        return x;
+      }, "waiting for loading logins from the password manager");
+    },
+  },
+  {
+    name: "isLoggedIn",
+    setup_com: async expected => {
+      let p = new Promise(resolve => {
+        Services.obs.addObserver(function obs() {
+          Services.obs.removeObserver(
+            obs,
+            "passwordmgr-form-submission-detected"
+          );
+          resolve();
+        }, "passwordmgr-form-submission-detected");
+      });
+
+      const TEST_URL = documentURL(
+        COM_ORIGIN,
+        {},
+        `<form>
+          <input value="username">
+          <input type="password" value="password">
+          <input type="submit">
+        </form>`
+      );
+
+      // submit the form to simulate the login behavior
+      await BrowserTestUtils.withNewTab(TEST_URL, async browser => {
+        await SpecialPowers.spawn(browser, [], async () => {
+          content.document.querySelector("form").submit();
+        });
+      });
+      await p;
+    },
+  },
+];
+
 async function do_tests(expected) {
-  // Clear all site-specific data, as we don't want to have any high-value site
+  for (let heuristic of heuristics) {
-  // permissions from any previous iterations.
+    info(`Starting ${heuristic.name} test`);
-  await new Promise(resolve =>
+    // Clear all site-specific data, as we don't want to have any high-value site
-    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve)
+    // permissions from any previous iterations.
-  );
+    await new Promise(resolve =>
+      Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve)
+    );
 
-  // Loads for basic URLs with no special headers set.
+    // Loads for basic URLs with no special headers set.
-  await testTreeRemoteTypes(
+    await testTreeRemoteTypes(
-    "basic_com",
+      "basic_com",
-    mkTestPage({
+      mkTestPage({
-      topOrigin: COM_ORIGIN,
+        topOrigin: COM_ORIGIN,
-      comRemoteType: expected.com_normal,
+        comRemoteType: expected.com_normal,
-      orgRemoteType: expected.org_normal,
+        orgRemoteType: expected.org_normal,
-      mozRemoteType: expected.moz_normal,
+        mozRemoteType: expected.moz_normal,
-    })
+      })
-  );
+    );
 
-  await testTreeRemoteTypes(
+    await testTreeRemoteTypes(
-    "basic_org",
+      "basic_org",
-    mkTestPage({
+      mkTestPage({
-      topOrigin: ORG_ORIGIN,
+        topOrigin: ORG_ORIGIN,
-      comRemoteType: expected.com_normal,
+        comRemoteType: expected.com_normal,
-      orgRemoteType: expected.org_normal,
+        orgRemoteType: expected.org_normal,
-      mozRemoteType: expected.moz_normal,
+        mozRemoteType: expected.moz_normal,
-    })
+      })
-  );
+    );
 
-  // Set the COOP header, and load
+    info(`Setting up ${heuristic.name} test`);
-  await testTreeRemoteTypes(
+    await heuristic.setup_com(expected);
-    "com_set_coop",
-    mkTestPage({
-      topOrigin: COM_ORIGIN,
-      topHeaders: { "Cross-Origin-Opener-Policy": "same-origin" },
-      comRemoteType: expected.com_high,
-      orgRemoteType: expected.org_normal,
-      mozRemoteType: expected.moz_normal,
-    })
-  );
 
-  // Load again after setting the COOP header
+    // Load again after the heuristic is triggered
-  await testTreeRemoteTypes(
+    info(`Running ${heuristic.name} tests after setup`);
-    "com_after_coop",
+    await testTreeRemoteTypes(
-    mkTestPage({
+      `com_after_${heuristic.name}`,
-      topOrigin: COM_ORIGIN,
+      mkTestPage({
-      comRemoteType: expected.com_high,
+        topOrigin: COM_ORIGIN,
-      orgRemoteType: expected.org_normal,
+        comRemoteType: expected.com_high,
-      mozRemoteType: expected.moz_normal,
+        orgRemoteType: expected.org_normal,
-    })
+        mozRemoteType: expected.moz_normal,
-  );
+      })
+    );
 
-  // Load again after setting the COOP header, with a .org toplevel
+    // Load again with a .org toplevel
-  await testTreeRemoteTypes(
+    await testTreeRemoteTypes(
-    "org_after_coop",
+      `org_after_${heuristic.name}`,
-    mkTestPage({
+      mkTestPage({
-      topOrigin: ORG_ORIGIN,
+        topOrigin: ORG_ORIGIN,
-      comRemoteType: expected.com_high,
+        comRemoteType: expected.com_high,
-      orgRemoteType: expected.org_normal,
+        orgRemoteType: expected.org_normal,
-      mozRemoteType: expected.moz_normal,
+        mozRemoteType: expected.moz_normal,
-    })
+      })
-  );
+    );
 
-  // Load with both the COOP and COEP headers set.
+    // Run heuristic dependent tests
-  await testTreeRemoteTypes(
+    if (heuristic.run_extra_test) {
-    "com_coop_coep",
+      info(`Running extra tests for ${heuristic.name}`);
-    mkTestPage({
+      await heuristic.run_extra_test(expected);
-      topOrigin: COM_ORIGIN,
+    }
-      topHeaders: {
+  }
-        "Cross-Origin-Opener-Policy": "same-origin",
-        "Cross-Origin-Embedder-Policy": "require-corp",
-      },
-      frameHeaders: {
-        "Cross-Origin-Embedder-Policy": "require-corp",
-        "Cross-Origin-Resource-Policy": "cross-origin",
-      },
-      comRemoteType: expected.com_coop_coep,
-      orgRemoteType: expected.org_coop_coep,
-      mozRemoteType: expected.moz_coop_coep,
-    })
-  );
 }
 
 add_task(async function test_isolate_nothing() {