From 8cd5239bf6aabae84ece37f4139368e91840c3ab Mon Sep 17 00:00:00 2001 From: smayya Date: Mon, 19 Aug 2024 13:31:42 +0000 Subject: [PATCH] Bug 1889130 - add test to verify if we block 0.0.0.0 address. r=necko-reviewers,valentin Depends on D219041 Differential Revision: https://phabricator.services.mozilla.com/D219042 --- netwerk/test/unit/test_bug1889130.js | 80 ++++++++++++++++++++++++++++ netwerk/test/unit/xpcshell.toml | 3 ++ 2 files changed, 83 insertions(+) create mode 100644 netwerk/test/unit/test_bug1889130.js diff --git a/netwerk/test/unit/test_bug1889130.js b/netwerk/test/unit/test_bug1889130.js new file mode 100644 index 000000000000..e6ace827b921 --- /dev/null +++ b/netwerk/test/unit/test_bug1889130.js @@ -0,0 +1,80 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * Test that channels blocks 0.0.0.0 ip address + */ + +"use strict"; + +const { HttpServer } = ChromeUtils.importESModule( + "resource://testing-common/httpd.sys.mjs" +); + +var { setTimeout } = ChromeUtils.importESModule( + "resource://gre/modules/Timer.sys.mjs" +); + +const ip = "0.0.0.0"; +let httpserver = new HttpServer(); + +ChromeUtils.defineLazyGetter(this, "URL", function () { + return `http://${ip}:${httpserver.identity.primaryPort}/`; +}); + +function plainResponse(metadata, response) { + response.setStatusLine(metadata.httpVersion, 200, "Ok"); + response.setHeader("Content-Type", "text/html"); + response.setHeader("Content-Length", "2"); + response.bodyOutputStream.write("Ok", "Ok".length); +} + +add_setup(function () { + httpserver.registerPathHandler("/", plainResponse); + httpserver._start(-1, ip); + httpserver.identity.setPrimary( + "http", + "0.0.0.0", + httpserver.identity.primaryPort + ); + + registerCleanupFunction(async () => { + Services.prefs.setBoolPref("network.socket.ip_addr_any.disabled", true); + await httpserver.stop(() => {}); + }); +}); + +// this test verifies if we allow requests on 0.0.0.0 based on the pref +// network.socket.ip_addr_any.disabled. This is helpful for checking rollback of the bug +add_task(async function test_ipaddrany_allow() { + Services.prefs.setBoolPref("network.socket.ip_addr_any.disabled", false); + + // eslint-disable-next-line mozilla/no-arbitrary-setTimeout + await new Promise(resolve => setTimeout(resolve, 5000)); + var chan = NetUtil.newChannel({ + uri: URL, + loadUsingSystemPrincipal: true, + }); + await new Promise(resolve => { + chan.asyncOpen(new ChannelListener(resolve)); + }); + Assert.equal(chan.status, Cr.NS_OK); +}); + +// this test verifies if we block requests on 0.0.0.0 +add_task(async function test_ipaddrany_deny() { + Services.prefs.setBoolPref("network.socket.ip_addr_any.disabled", true); + + // eslint-disable-next-line mozilla/no-arbitrary-setTimeout + await new Promise(resolve => setTimeout(resolve, 5000)); + + var chan = NetUtil.newChannel({ + uri: URL, + loadUsingSystemPrincipal: true, + }); + await new Promise(resolve => { + chan.asyncOpen(new ChannelListener(resolve, null, CL_EXPECT_FAILURE)); + }); + Assert.equal(chan.status, Cr.NS_ERROR_CONNECTION_REFUSED); +}); diff --git a/netwerk/test/unit/xpcshell.toml b/netwerk/test/unit/xpcshell.toml index 997c0f4ce5b8..ff22e6604508 100644 --- a/netwerk/test/unit/xpcshell.toml +++ b/netwerk/test/unit/xpcshell.toml @@ -317,6 +317,9 @@ skip-if = [ ["test_bug1913022.js"] +["test_bug1889130.js"] +skip-if = ["os == 'win'"] # skip because 0.0.0.0 is invalid in windows platform + ["test_cache-control_request.js"] ["test_cache-entry-id.js"]