зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1525245 - Stabilize cookiePolicy/cookiePermission for live documents - part 10 - Fix existing tests, r=Ehsan
Differential Revision: https://phabricator.services.mozilla.com/D18958 --HG-- extra : moz-landing-system : lando
This commit is contained in:
Родитель
89ed086455
Коммит
cc69a8960f
|
@ -16,8 +16,6 @@ support-files =
|
|||
file.js
|
||||
helpers.js
|
||||
leaving_page_iframe.html
|
||||
third_party_iframe1.html
|
||||
third_party_iframe2.html
|
||||
unit/test_abort_deleted_index.js
|
||||
unit/test_abort_deleted_objectStore.js
|
||||
unit/test_add_put.js
|
||||
|
@ -256,6 +254,10 @@ scheme=https
|
|||
[test_table_locks.html]
|
||||
[test_table_rollback.html]
|
||||
[test_third_party.html]
|
||||
support-files =
|
||||
third_party_window.html
|
||||
third_party_iframe1.html
|
||||
third_party_iframe2.html
|
||||
skip-if = (os == 'android' && debug) # Bug 1311590
|
||||
[test_traffic_jam.html]
|
||||
[test_transaction_abort.html]
|
||||
|
|
|
@ -46,29 +46,25 @@
|
|||
"third_party_iframe2.html");
|
||||
|
||||
let testIndex = 0;
|
||||
let testRunning = false;
|
||||
let openedWindow;
|
||||
|
||||
function iframeLoaded() {
|
||||
let message = { source: "parent", href: iframe2URL };
|
||||
let iframe = document.getElementById("iframe1");
|
||||
iframe.contentWindow.postMessage(message.toSource(), "*");
|
||||
}
|
||||
|
||||
function setiframe() {
|
||||
let iframe = document.getElementById("iframe1");
|
||||
|
||||
if (!testRunning) {
|
||||
testRunning = true;
|
||||
iframe.addEventListener("load", iframeLoaded);
|
||||
}
|
||||
// Cookie preference changes are only applied to top-level tabs/windows
|
||||
// when they are loaded. We need a window-proxy to continue the test.
|
||||
function openWindow() {
|
||||
SpecialPowers.pushPrefEnv({
|
||||
"set": [
|
||||
["network.cookie.cookieBehavior", testData[testIndex].cookieBehavior],
|
||||
],
|
||||
}, () => {
|
||||
iframe.src = testData[testIndex].host + iframe1Path;
|
||||
openedWindow = window.open("third_party_window.html");
|
||||
openedWindow.onload = _ => {
|
||||
openedWindow.postMessage({
|
||||
source: "parent",
|
||||
href: iframe2URL,
|
||||
iframeUrl: testData[testIndex].host + iframe1Path,
|
||||
}, "*");
|
||||
};
|
||||
});
|
||||
// SpecialPowers.setIntPref("network.cookie.cookieBehavior", testData[testIndex].cookieBehavior);
|
||||
}
|
||||
|
||||
function messageListener(event) {
|
||||
|
@ -78,9 +74,11 @@
|
|||
is(message.source, "iframe", "Good source");
|
||||
is(message.result, testData[testIndex].expectedResult, "Good result");
|
||||
|
||||
openedWindow.close();
|
||||
|
||||
if (testIndex < testData.length - 1) {
|
||||
testIndex++;
|
||||
setiframe();
|
||||
openWindow();
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -93,14 +91,13 @@
|
|||
SpecialPowers.addPermission("indexedDB", true, document);
|
||||
|
||||
window.addEventListener("message", messageListener);
|
||||
setiframe();
|
||||
openWindow();
|
||||
}
|
||||
</script>
|
||||
|
||||
</head>
|
||||
|
||||
<body onload="runTest();">
|
||||
<iframe id="iframe1"></iframe>
|
||||
</body>
|
||||
|
||||
</html>
|
||||
|
|
|
@ -0,0 +1,33 @@
|
|||
<!--
|
||||
Any copyright is dedicated to the Public Domain.
|
||||
http://creativecommons.org/publicdomain/zero/1.0/
|
||||
-->
|
||||
<html>
|
||||
<head>
|
||||
<title>Indexed Database Test</title>
|
||||
<script type="text/javascript">
|
||||
let init = false;
|
||||
onmessage = evt => {
|
||||
if (!init) {
|
||||
init = true;
|
||||
|
||||
let iframe = document.getElementById("iframe1");
|
||||
iframe.src = evt.data.iframeUrl;
|
||||
|
||||
iframe.addEventListener("load", e => {
|
||||
iframe.contentWindow.postMessage(evt.data.toSource(), "*");
|
||||
});
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
opener.postMessage(evt.data, "*");
|
||||
};
|
||||
</script>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<iframe id="iframe1"></iframe>
|
||||
</body>
|
||||
|
||||
</html>
|
|
@ -308,6 +308,8 @@ skip-if = serviceworker_e10s
|
|||
[test_skip_waiting.html]
|
||||
[test_strict_mode_warning.html]
|
||||
[test_third_party_iframes.html]
|
||||
support-files =
|
||||
window_party_iframes.html
|
||||
[test_unregister.html]
|
||||
[test_unresolved_fetch_interception.html]
|
||||
skip-if = verify || serviceworker_e10s
|
||||
|
|
|
@ -11,11 +11,6 @@
|
|||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
<iframe></iframe>
|
||||
</div>
|
||||
<pre id="test"></pre>
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
@ -39,6 +34,7 @@ function next() {
|
|||
onload = next;
|
||||
|
||||
let iframe;
|
||||
let proxyWindow;
|
||||
let basePath = "/tests/dom/serviceworkers/test/thirdparty/";
|
||||
let origin = window.location.protocol + "//" + window.location.host;
|
||||
let thirdPartyOrigin = "https://example.com";
|
||||
|
@ -62,22 +58,26 @@ function loadThirdPartyIframe() {
|
|||
}
|
||||
|
||||
function runTest(aExpectedResponses) {
|
||||
iframe = document.querySelector("iframe");
|
||||
iframe.src = thirdPartyOrigin + basePath + "register.html";
|
||||
let responsesIndex = 0;
|
||||
window.onmessage = function(e) {
|
||||
let status = e.data.status;
|
||||
let expected = aExpectedResponses[responsesIndex];
|
||||
if (status == expected.status) {
|
||||
ok(true, "Received expected " + expected.status);
|
||||
if (expected.next) {
|
||||
expected.next();
|
||||
// Let's use a proxy window to have the new cookie policy applied.
|
||||
proxyWindow = window.open("window_party_iframes.html");
|
||||
proxyWindow.onload = _ => {
|
||||
iframe = proxyWindow.document.querySelector("iframe");
|
||||
iframe.src = thirdPartyOrigin + basePath + "register.html";
|
||||
let responsesIndex = 0;
|
||||
window.onmessage = function(e) {
|
||||
let status = e.data.status;
|
||||
let expected = aExpectedResponses[responsesIndex];
|
||||
if (status == expected.status) {
|
||||
ok(true, "Received expected " + expected.status);
|
||||
if (expected.next) {
|
||||
expected.next();
|
||||
}
|
||||
} else {
|
||||
ok(false, "Expected " + expected.status + " got " + status);
|
||||
}
|
||||
} else {
|
||||
ok(false, "Expected " + expected.status + " got " + status);
|
||||
}
|
||||
responsesIndex++;
|
||||
};
|
||||
responsesIndex++;
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
// Verify that we can register and intercept a 3rd party iframe with
|
||||
|
@ -113,6 +113,7 @@ function testShouldIntercept(behavior, lifetime, done) {
|
|||
status: "unregistrationdone",
|
||||
next: function() {
|
||||
window.onmessage = null;
|
||||
proxyWindow.close();
|
||||
ok(true, "Test finished successfully");
|
||||
done();
|
||||
}
|
||||
|
@ -144,6 +145,7 @@ function testShouldNotRegister(behavior, lifetime, done) {
|
|||
status: "worker-networkresponse",
|
||||
next: function() {
|
||||
window.onmessage = null;
|
||||
proxyWindow.close();
|
||||
ok(true, "Test finished successfully");
|
||||
done();
|
||||
}
|
||||
|
@ -164,12 +166,17 @@ function testShouldNotIntercept(behavior, lifetime, done) {
|
|||
}, {
|
||||
status: "registrationdone",
|
||||
next: function() {
|
||||
iframe.addEventListener("load", testIframeLoaded);
|
||||
SpecialPowers.pushPrefEnv({"set": [
|
||||
["network.cookie.cookieBehavior", behavior],
|
||||
["network.cookie.lifetimePolicy", lifetime],
|
||||
]}, function() {
|
||||
iframe.src = origin + basePath + "iframe1.html";
|
||||
proxyWindow.close();
|
||||
proxyWindow = window.open("window_party_iframes.html");
|
||||
proxyWindow.onload = _ => {
|
||||
iframe = proxyWindow.document.querySelector("iframe");
|
||||
iframe.addEventListener("load", testIframeLoaded);
|
||||
iframe.src = origin + basePath + "iframe1.html";
|
||||
}
|
||||
});
|
||||
}
|
||||
}, {
|
||||
|
@ -193,7 +200,13 @@ function testShouldNotIntercept(behavior, lifetime, done) {
|
|||
["network.cookie.cookieBehavior", BEHAVIOR_ACCEPT],
|
||||
["network.cookie.lifetimePolicy", LIFETIME_EXPIRE],
|
||||
]}, function() {
|
||||
iframe.src = thirdPartyOrigin + basePath + "unregister.html";
|
||||
proxyWindow.close();
|
||||
proxyWindow = window.open("window_party_iframes.html");
|
||||
proxyWindow.onload = _ => {
|
||||
iframe = proxyWindow.document.querySelector("iframe");
|
||||
iframe.addEventListener("load", testIframeLoaded);
|
||||
iframe.src = thirdPartyOrigin + basePath + "unregister.html";
|
||||
}
|
||||
});
|
||||
}
|
||||
}, {
|
||||
|
@ -202,6 +215,7 @@ function testShouldNotIntercept(behavior, lifetime, done) {
|
|||
status: "unregistrationdone",
|
||||
next: function() {
|
||||
window.onmessage = null;
|
||||
proxyWindow.close();
|
||||
ok(true, "Test finished successfully");
|
||||
done();
|
||||
}
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
<!--
|
||||
Any copyright is dedicated to the Public Domain.
|
||||
http://creativecommons.org/publicdomain/zero/1.0/
|
||||
-->
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
|
||||
</head>
|
||||
<body>
|
||||
<iframe></iframe>
|
||||
<script>
|
||||
window.onmessage = e => {
|
||||
opener.postMessage(e.data, "*");
|
||||
}
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
|
@ -149,6 +149,7 @@ skip-if = toolkit == 'android'
|
|||
[test_bug1112040.html]
|
||||
[test_bug1160342_marquee.html]
|
||||
[test_bug1171215.html]
|
||||
support-files = window_bug1171215.html
|
||||
[test_bug1530292.html]
|
||||
[test_no_find_showDialog.html]
|
||||
skip-if = toolkit == 'android' # Bug 1358633 - window.find doesn't work for Android
|
||||
|
|
|
@ -9,11 +9,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1022869
|
|||
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script type="application/javascript" src="/tests/SimpleTest/AddTask.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
|
||||
<iframe src="about:blank"></iframe>
|
||||
<script type="text/javascript">
|
||||
|
||||
var f = document.getElementsByTagName("iframe")[0];
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
/** Test for Bug 1022869 **/
|
||||
|
@ -21,69 +18,32 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1022869
|
|||
// Initialize our cookie.
|
||||
document.cookie = "a=b";
|
||||
|
||||
// Set a cookie in example.org so we can test that we can't read it in
|
||||
// third-party cases.
|
||||
f.contentWindow.location =
|
||||
"http://example.org/tests/dom/tests/mochitest/bugs/file_prime_cookie.html";
|
||||
waitForLoad().then(function() {
|
||||
// Cookies are set up, disallow third-party cookies and start the test.
|
||||
SpecialPowers.pushPrefEnv({ set: [
|
||||
["network.cookie.cookieBehavior", 1],
|
||||
]}, () => { continueTest(); });
|
||||
}).catch((e) => { ok(false, `Got exception: ${e}`) });
|
||||
}
|
||||
SpecialPowers.pushPrefEnv({ set: [["network.cookie.cookieBehavior", 1]] }).then(_ => {
|
||||
let w = window.open("window_bug1171215.html");
|
||||
onmessage = e => {
|
||||
if (e.data.type == "finish") {
|
||||
w.close();
|
||||
SimpleTest.finish();
|
||||
return;
|
||||
}
|
||||
|
||||
function waitForLoad() {
|
||||
return new Promise((resolve) => {
|
||||
window.addEventListener("message", function(msg) {
|
||||
info(`got message ${msg.data}`);
|
||||
resolve(msg.data);
|
||||
}, {once: true});
|
||||
if (e.data.type == "info") {
|
||||
info(e.data.msg);
|
||||
return;
|
||||
}
|
||||
|
||||
if (e.data.type == "test") {
|
||||
ok(e.data.test, e.data.msg);
|
||||
return;
|
||||
}
|
||||
|
||||
ok(false, "Unknown message");
|
||||
};
|
||||
});
|
||||
}
|
||||
|
||||
async function continueTest() {
|
||||
var sameOrigin = "http://mochi.test:8888";
|
||||
var thirdParty = "http://example.org";
|
||||
var page = "tests/dom/tests/mochitest/bugs/file_cookieOutputter.html"
|
||||
var redirect = "tests/dom/tests/mochitest/bugs/file_redirector.sjs";
|
||||
|
||||
function createRedirect(firstOrigin, secondOrigin) {
|
||||
return `${firstOrigin}/${redirect}?${secondOrigin}/${page}`;
|
||||
}
|
||||
|
||||
info("starting test");
|
||||
|
||||
// Same origin to same origin.
|
||||
f.contentWindow.location = createRedirect(sameOrigin, sameOrigin);
|
||||
let cookie = await waitForLoad();
|
||||
is(cookie, "a=b", "got the cookie");
|
||||
|
||||
// Cross origin to cross origin.
|
||||
f.contentWindow.location = createRedirect(thirdParty, thirdParty);
|
||||
cookie = await waitForLoad();
|
||||
is(cookie, "", "no third-party cookies");
|
||||
|
||||
// Same origin to cross origin.
|
||||
f.contentWindow.location = createRedirect(sameOrigin, thirdParty);
|
||||
cookie = await waitForLoad();
|
||||
is(cookie, "", "no third-party cookies");
|
||||
|
||||
// Cross origin to same origin
|
||||
f.contentWindow.location = createRedirect(thirdParty, sameOrigin);
|
||||
cookie = await waitForLoad();
|
||||
is(cookie, "a=b", "got the cookie");
|
||||
|
||||
SimpleTest.finish();
|
||||
}
|
||||
</script>
|
||||
</head>
|
||||
<body onload="startTest()">
|
||||
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1022869">Mozilla Bug 1022869</a>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
</div>
|
||||
<pre id="test">
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -0,0 +1,86 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<!--
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=1022869
|
||||
-->
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title>Test for Bug 1022869</title>
|
||||
<iframe src="about:blank"></iframe>
|
||||
<script type="text/javascript">
|
||||
|
||||
function finish() {
|
||||
opener.postMessage({type: "finish" });
|
||||
}
|
||||
|
||||
function info(msg) {
|
||||
opener.postMessage({type: "info", msg });
|
||||
}
|
||||
|
||||
function ok(a, msg) {
|
||||
opener.postMessage({type: "test", test: !!a, msg });
|
||||
}
|
||||
|
||||
function is(a, b, msg) {
|
||||
ok(a === b, msg);
|
||||
}
|
||||
|
||||
var f = document.getElementsByTagName("iframe")[0];
|
||||
|
||||
/** Test for Bug 1022869 **/
|
||||
function startTest() {
|
||||
// Set a cookie in example.org so we can test that we can't read it in
|
||||
// third-party cases.
|
||||
f.contentWindow.location =
|
||||
"http://example.org/tests/dom/tests/mochitest/bugs/file_prime_cookie.html";
|
||||
waitForLoad().then(continueTest).catch((e) => { ok(false, `Got exception: ${e}`) });
|
||||
}
|
||||
|
||||
function waitForLoad() {
|
||||
return new Promise((resolve) => {
|
||||
window.addEventListener("message", function(msg) {
|
||||
info(`got message ${msg.data}`);
|
||||
resolve(msg.data);
|
||||
}, {once: true});
|
||||
});
|
||||
}
|
||||
|
||||
async function continueTest() {
|
||||
var sameOrigin = "http://mochi.test:8888";
|
||||
var thirdParty = "http://example.org";
|
||||
var page = "tests/dom/tests/mochitest/bugs/file_cookieOutputter.html"
|
||||
var redirect = "tests/dom/tests/mochitest/bugs/file_redirector.sjs";
|
||||
|
||||
function createRedirect(firstOrigin, secondOrigin) {
|
||||
return `${firstOrigin}/${redirect}?${secondOrigin}/${page}`;
|
||||
}
|
||||
|
||||
info("starting test");
|
||||
|
||||
// Same origin to same origin.
|
||||
f.contentWindow.location = createRedirect(sameOrigin, sameOrigin);
|
||||
let cookie = await waitForLoad();
|
||||
is(cookie, "a=b", "got the cookie");
|
||||
|
||||
// Cross origin to cross origin.
|
||||
f.contentWindow.location = createRedirect(thirdParty, thirdParty);
|
||||
cookie = await waitForLoad();
|
||||
is(cookie, "", "no third-party cookies");
|
||||
|
||||
// Same origin to cross origin.
|
||||
f.contentWindow.location = createRedirect(sameOrigin, thirdParty);
|
||||
cookie = await waitForLoad();
|
||||
is(cookie, "", "no third-party cookies");
|
||||
|
||||
// Cross origin to same origin
|
||||
f.contentWindow.location = createRedirect(thirdParty, sameOrigin);
|
||||
cookie = await waitForLoad();
|
||||
is(cookie, "a=b", "got the cookie");
|
||||
|
||||
finish();
|
||||
}
|
||||
</script>
|
||||
</head>
|
||||
<body onload="startTest()">
|
||||
</body>
|
||||
</html>
|
|
@ -50,6 +50,7 @@ support-files =
|
|||
workerStorageAllowed.js
|
||||
workerStoragePrevented.js
|
||||
storagePermissionsUtils.js
|
||||
window_storagePermissions.html
|
||||
frameSelectEvents.html
|
||||
!/image/test/mochitest/big.png
|
||||
!/image/test/mochitest/blue.png
|
||||
|
|
|
@ -242,4 +242,33 @@ function task(fn) {
|
|||
}
|
||||
}
|
||||
|
||||
// The test will run on a separate window in order to apply the new cookie settings.
|
||||
async function runTestInWindow(test) {
|
||||
let w = window.open("window_storagePermissions.html");
|
||||
await new Promise(resolve => {
|
||||
w.onload = e => {
|
||||
resolve();
|
||||
}
|
||||
});
|
||||
|
||||
await new Promise(resolve => {
|
||||
onmessage = e => {
|
||||
if (e.data.type == "finish") {
|
||||
w.close();
|
||||
resolve();
|
||||
return;
|
||||
}
|
||||
|
||||
if (e.data.type == "check") {
|
||||
ok(e.data.test, e.data.msg);
|
||||
return;
|
||||
}
|
||||
|
||||
ok(false, "Unknown message");
|
||||
};
|
||||
|
||||
w.postMessage(test.toString(), "*");
|
||||
});
|
||||
}
|
||||
|
||||
var thirdparty = "https://example.com/tests/dom/tests/mochitest/general/";
|
||||
|
|
|
@ -14,27 +14,29 @@
|
|||
task(async function() {
|
||||
await setCookieBehavior(BEHAVIOR_ACCEPT);
|
||||
|
||||
// We should be able to access storage
|
||||
await storageAllowed();
|
||||
await runTestInWindow(async function() {
|
||||
// We should be able to access storage
|
||||
await storageAllowed();
|
||||
|
||||
// Same origin iframes should be allowed, unless they redirect to a URI with the null principal
|
||||
await runIFrame("frameStorageAllowed.html");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
await runIFrame("frameStorageChrome.html?allowed=yes");
|
||||
// Same origin iframes should be allowed, unless they redirect to a URI with the null principal
|
||||
await runIFrame("frameStorageAllowed.html");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
await runIFrame("frameStorageChrome.html?allowed=yes");
|
||||
|
||||
// Sandboxed iframes should have the null principal, and thus can't access storage
|
||||
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
||||
await runIFrame("frameStoragePrevented.html#nullprincipal");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
document.querySelector('iframe').removeAttribute('sandbox');
|
||||
// Sandboxed iframes should have the null principal, and thus can't access storage
|
||||
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
||||
await runIFrame("frameStoragePrevented.html#nullprincipal");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
document.querySelector('iframe').removeAttribute('sandbox');
|
||||
|
||||
// Thirdparty iframes should be allowed, unless they redirect to a URI with the null principal
|
||||
await runIFrame(thirdparty + "frameStorageAllowed.html");
|
||||
await runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
||||
await runIFrame(thirdparty + "frameStorageChrome.html?allowed=yes");
|
||||
// Thirdparty iframes should be allowed, unless they redirect to a URI with the null principal
|
||||
await runIFrame(thirdparty + "frameStorageAllowed.html");
|
||||
await runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
||||
await runIFrame(thirdparty + "frameStorageChrome.html?allowed=yes");
|
||||
|
||||
// Workers should be able to access storage
|
||||
await runWorker("workerStorageAllowed.js");
|
||||
// Workers should be able to access storage
|
||||
await runWorker("workerStorageAllowed.js");
|
||||
});
|
||||
});
|
||||
|
||||
</script>
|
||||
|
|
|
@ -14,29 +14,31 @@
|
|||
task(async function() {
|
||||
await setCookieBehavior(BEHAVIOR_LIMIT_FOREIGN);
|
||||
|
||||
// We should be able to access storage
|
||||
await storageAllowed();
|
||||
await runTestInWindow(async function() {
|
||||
// We should be able to access storage
|
||||
await storageAllowed();
|
||||
|
||||
// Same origin iframes should be allowed.
|
||||
await runIFrame("frameStorageAllowed.html");
|
||||
await runIFrame("frameStorageChrome.html?allowed=yes");
|
||||
// Same origin iframes should be allowed.
|
||||
await runIFrame("frameStorageAllowed.html");
|
||||
await runIFrame("frameStorageChrome.html?allowed=yes");
|
||||
|
||||
// Null principal iframes should not.
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
// Null principal iframes should not.
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
|
||||
// Sandboxed iframes should have the null principal, and thus can't access storage
|
||||
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
||||
await runIFrame("frameStoragePrevented.html#nullprincipal");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
document.querySelector('iframe').removeAttribute('sandbox');
|
||||
// Sandboxed iframes should have the null principal, and thus can't access storage
|
||||
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
||||
await runIFrame("frameStoragePrevented.html#nullprincipal");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
document.querySelector('iframe').removeAttribute('sandbox');
|
||||
|
||||
// Thirdparty iframes should be blocked, even when accessed from chrome over Xrays.
|
||||
await runIFrame(thirdparty + "frameStoragePrevented.html#thirdparty");
|
||||
await runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
||||
await runIFrame(thirdparty + "frameStorageChrome.html?allowed=no");
|
||||
// Thirdparty iframes should be blocked, even when accessed from chrome over Xrays.
|
||||
await runIFrame(thirdparty + "frameStoragePrevented.html#thirdparty");
|
||||
await runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
||||
await runIFrame(thirdparty + "frameStorageChrome.html?allowed=no");
|
||||
|
||||
// Workers should be unable to access storage
|
||||
await runWorker("workerStorageAllowed.js");
|
||||
// Workers should be unable to access storage
|
||||
await runWorker("workerStorageAllowed.js");
|
||||
});
|
||||
});
|
||||
|
||||
</script>
|
||||
|
|
|
@ -14,27 +14,29 @@
|
|||
task(async function() {
|
||||
await setCookieBehavior(BEHAVIOR_REJECT);
|
||||
|
||||
// We should be unable to access storage
|
||||
await storagePrevented();
|
||||
await runTestInWindow(async function() {
|
||||
// We should be unable to access storage
|
||||
await storagePrevented();
|
||||
|
||||
// Same origin iframes should be blocked.
|
||||
await runIFrame("frameStoragePrevented.html");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
await runIFrame("frameStorageChrome.html?allowed=no&blockSessionStorage=yes");
|
||||
// Same origin iframes should be blocked.
|
||||
await runIFrame("frameStoragePrevented.html");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
await runIFrame("frameStorageChrome.html?allowed=no&blockSessionStorage=yes");
|
||||
|
||||
// Sandboxed iframes should have the null principal, and thus can't access storage
|
||||
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
||||
await runIFrame("frameStoragePrevented.html#nullprincipal");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
document.querySelector('iframe').removeAttribute('sandbox');
|
||||
// Sandboxed iframes should have the null principal, and thus can't access storage
|
||||
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
||||
await runIFrame("frameStoragePrevented.html#nullprincipal");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
document.querySelector('iframe').removeAttribute('sandbox');
|
||||
|
||||
// thirdparty iframes should be blocked.
|
||||
await runIFrame(thirdparty + "frameStoragePrevented.html");
|
||||
await runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
||||
await runIFrame(thirdparty + "frameStorageChrome.html?allowed=no&blockSessionStorage=yes");
|
||||
// thirdparty iframes should be blocked.
|
||||
await runIFrame(thirdparty + "frameStoragePrevented.html");
|
||||
await runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
||||
await runIFrame(thirdparty + "frameStorageChrome.html?allowed=no&blockSessionStorage=yes");
|
||||
|
||||
// Workers should be unable to access storage
|
||||
await runWorker("workerStoragePrevented.js");
|
||||
// Workers should be unable to access storage
|
||||
await runWorker("workerStoragePrevented.js");
|
||||
});
|
||||
});
|
||||
|
||||
</script>
|
||||
|
|
|
@ -14,27 +14,29 @@
|
|||
task(async function() {
|
||||
await setCookieBehavior(BEHAVIOR_REJECT_FOREIGN);
|
||||
|
||||
// We should be able to access storage
|
||||
await storageAllowed();
|
||||
await runTestInWindow(async function() {
|
||||
// We should be able to access storage
|
||||
await storageAllowed();
|
||||
|
||||
// Same origin iframes should be allowed, unless they redirect to a URI with the null principal
|
||||
await runIFrame("frameStorageAllowed.html");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
await runIFrame("frameStorageChrome.html?allowed=yes");
|
||||
// Same origin iframes should be allowed, unless they redirect to a URI with the null principal
|
||||
await runIFrame("frameStorageAllowed.html");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
await runIFrame("frameStorageChrome.html?allowed=yes");
|
||||
|
||||
// Sandboxed iframes should have the null principal, and thus can't access storage
|
||||
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
||||
await runIFrame("frameStoragePrevented.html#nullprincipal");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
document.querySelector('iframe').removeAttribute('sandbox');
|
||||
// Sandboxed iframes should have the null principal, and thus can't access storage
|
||||
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
||||
await runIFrame("frameStoragePrevented.html#nullprincipal");
|
||||
await runIFrame("frameStorageNullprincipal.sjs");
|
||||
document.querySelector('iframe').removeAttribute('sandbox');
|
||||
|
||||
// thirdparty iframes should be blocked.
|
||||
await runIFrame(thirdparty + "frameStoragePrevented.html#thirdparty");
|
||||
await runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
||||
await runIFrame(thirdparty + "frameStorageChrome.html?allowed=no");
|
||||
// thirdparty iframes should be blocked.
|
||||
await runIFrame(thirdparty + "frameStoragePrevented.html#thirdparty");
|
||||
await runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
||||
await runIFrame(thirdparty + "frameStorageChrome.html?allowed=no");
|
||||
|
||||
// Workers should be able to access storage
|
||||
await runWorker("workerStorageAllowed.js");
|
||||
// Workers should be able to access storage
|
||||
await runWorker("workerStorageAllowed.js");
|
||||
});
|
||||
});
|
||||
|
||||
</script>
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<title>Storage Permission Restrictions</title>
|
||||
<script type="text/javascript" src="storagePermissionsUtils.js"></script>
|
||||
</head>
|
||||
<body>
|
||||
<iframe></iframe>
|
||||
|
||||
<script type="text/javascript">
|
||||
|
||||
function ok(a, msg) {
|
||||
opener.postMessage({type: "check", test: !!a, msg }, "*");
|
||||
}
|
||||
|
||||
function is(a, b, msg) {
|
||||
ok(a === b , msg);
|
||||
}
|
||||
|
||||
let init = false;
|
||||
onmessage = e => {
|
||||
if (!init) {
|
||||
init = true;
|
||||
|
||||
let runnableStr = `(() => {return (${e.data});})();`;
|
||||
let runnable = eval(runnableStr); // eslint-disable-line no-eval
|
||||
runnable.call(this).then(_ => {
|
||||
opener.postMessage({ type: "finish" }, "*");
|
||||
});
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
parent.postMessage(e.data, "*");
|
||||
}
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
|
@ -2,8 +2,6 @@
|
|||
<head>
|
||||
<title>localStorage cookies settings test</title>
|
||||
|
||||
<script type="text/javascript" src="interOriginFrame.js"></script>
|
||||
|
||||
</head>
|
||||
<body>
|
||||
<script type="text/javascript">
|
||||
|
@ -13,8 +11,6 @@
|
|||
} catch(ex) {
|
||||
is(ex.name, "TypeError");
|
||||
}
|
||||
|
||||
finishTest();
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -17,6 +17,7 @@ support-files =
|
|||
localStorageCommon.js
|
||||
frameLocalStorageSessionOnly.html
|
||||
file_tryAccessSessionStorage.html
|
||||
windowProxy.html
|
||||
|
||||
[test_brokenUTF-16.html]
|
||||
[test_bug600307-DBOps.html]
|
||||
|
@ -48,4 +49,3 @@ skip-if = true # bug 1347690
|
|||
[test_localStorageReplace.html]
|
||||
skip-if = toolkit == 'android'
|
||||
[test_storageConstructor.html]
|
||||
[test_localStorageSessionPrefOverride.html]
|
||||
|
|
|
@ -9,23 +9,28 @@
|
|||
|
||||
function startTest()
|
||||
{
|
||||
try {
|
||||
localStorage.setItem("blocked", "blockedvalue");
|
||||
ok(false, "Exception for localStorage.setItem, ACCESS_DENY");
|
||||
}
|
||||
catch (ex) {
|
||||
ok(true, "Exception for localStorage.setItem, ACCESS_DENY");
|
||||
}
|
||||
// Let's use a new window to have the cookie permission applied.
|
||||
let w = window.open("windowProxy.html");
|
||||
w.onload = _ => {
|
||||
try {
|
||||
w.localStorage.setItem("blocked", "blockedvalue");
|
||||
ok(false, "Exception for localStorage.setItem, ACCESS_DENY");
|
||||
}
|
||||
catch (ex) {
|
||||
ok(true, "Exception for localStorage.setItem, ACCESS_DENY");
|
||||
}
|
||||
|
||||
try {
|
||||
localStorage.getItem("blocked");
|
||||
ok(false, "Exception for localStorage.getItem, ACCESS_DENY");
|
||||
}
|
||||
catch (ex) {
|
||||
ok(true, "Exception for localStorage.getItem, ACCESS_DENY");
|
||||
}
|
||||
try {
|
||||
w.localStorage.getItem("blocked");
|
||||
ok(false, "Exception for localStorage.getItem, ACCESS_DENY");
|
||||
}
|
||||
catch (ex) {
|
||||
ok(true, "Exception for localStorage.getItem, ACCESS_DENY");
|
||||
}
|
||||
|
||||
SimpleTest.finish();
|
||||
w.close();
|
||||
SimpleTest.finish();
|
||||
}
|
||||
}
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
|
|
@ -8,7 +8,6 @@
|
|||
|
||||
</head>
|
||||
<body>
|
||||
<iframe></iframe>
|
||||
|
||||
<script type="text/javascript">
|
||||
|
||||
|
@ -20,39 +19,47 @@ SpecialPowers.pushPrefEnv({"set": [
|
|||
]}, test1);
|
||||
|
||||
function test1() {
|
||||
try {
|
||||
localStorage.setItem("contentkey", "test-value");
|
||||
ok(false, "Setting localStorageItem should throw a type error exception");
|
||||
}
|
||||
catch(ex) {
|
||||
is(ex.name, "TypeError");
|
||||
}
|
||||
let w = window.open("windowProxy.html");
|
||||
w.onload = _ => {
|
||||
try {
|
||||
w.localStorage.setItem("contentkey", "test-value");
|
||||
ok(false, "Setting localStorageItem should throw a security exception");
|
||||
}
|
||||
catch(ex) {
|
||||
is(ex.name, "TypeError");
|
||||
}
|
||||
|
||||
// Set cookies behavior to "reject 3rd party"
|
||||
SpecialPowers.pushPrefEnv({"set": [["network.cookie.cookieBehavior", 1]],
|
||||
"clear": [["network.cookie.lifetimePolicy"]]},
|
||||
test3);
|
||||
w.close();
|
||||
|
||||
// Set cookies behavior to "reject 3rd party"
|
||||
SpecialPowers.pushPrefEnv({"set": [["network.cookie.cookieBehavior", 1]],
|
||||
"clear": [["network.cookie.lifetimePolicy"]]},
|
||||
test2);
|
||||
}
|
||||
}
|
||||
|
||||
function test3() {
|
||||
try {
|
||||
localStorage.setItem("contentkey", "test-value");
|
||||
ok(true, "Setting localStorageItem should not throw a type error exception");
|
||||
function test2() {
|
||||
let w = window.open("windowProxy.html");
|
||||
w.onload = _ => {
|
||||
try {
|
||||
w.localStorage.setItem("contentkey", "test-value");
|
||||
ok(true, "Setting localStorageItem should not throw a security exception");
|
||||
}
|
||||
catch(ex) {
|
||||
ok(false, "Setting localStorageItem should not throw a security exception");
|
||||
}
|
||||
|
||||
var fileTest = (location.protocol + "//example.com" + location.pathname)
|
||||
.replace("test_l", "frameL");
|
||||
|
||||
var myframe = w.document.createElement("iframe");
|
||||
w.document.body.appendChild(myframe);
|
||||
myframe.src = fileTest;
|
||||
myframe.onload = _ => {
|
||||
w.close();
|
||||
SimpleTest.finish();
|
||||
}
|
||||
}
|
||||
catch(ex) {
|
||||
ok(false, "Setting localStorageItem should not throw a type error exception");
|
||||
}
|
||||
|
||||
var fileTest = (location.protocol + "//example.com" + location.pathname)
|
||||
.replace("test_l", "frameL");
|
||||
|
||||
var myframe = document.querySelector("iframe");
|
||||
myframe.src = fileTest;
|
||||
}
|
||||
|
||||
// Called by interOriginTest.js
|
||||
function doNextTest() {
|
||||
SimpleTest.finish();
|
||||
}
|
||||
|
||||
</script>
|
||||
|
|
|
@ -1,56 +0,0 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Local Storage Session Pref Override</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/AddTask.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
<script>
|
||||
const ACCEPT_SESSION = 2;
|
||||
|
||||
add_task(async function() {
|
||||
if (SpecialPowers.Services.lsm.nextGenLocalStorageEnabled) {
|
||||
ok(true, "Test ignored when the next gen local storage is enabled.");
|
||||
return;
|
||||
}
|
||||
|
||||
await SpecialPowers.pushPrefEnv({"set": [["network.cookie.lifetimePolicy",
|
||||
ACCEPT_SESSION]]});
|
||||
|
||||
// Before setting permission
|
||||
await new Promise((resolve) => {
|
||||
var frame = document.createElement('iframe');
|
||||
frame.src = "frameLocalStorageSessionOnly.html";
|
||||
|
||||
var listener = (e) => {
|
||||
is(e.data, true, "Before adding permission should be session only");
|
||||
window.removeEventListener('message', listener);
|
||||
resolve();
|
||||
};
|
||||
window.addEventListener('message', listener);
|
||||
document.body.appendChild(frame);
|
||||
});
|
||||
|
||||
// After setting permission
|
||||
await new Promise((resolve) => {
|
||||
SpecialPowers.pushPermissions([{"type": "cookie", "allow": 1, "context": document}],
|
||||
resolve);
|
||||
});
|
||||
|
||||
await new Promise((resolve) => {
|
||||
var frame = document.createElement('iframe');
|
||||
frame.src = "frameLocalStorageSessionOnly.html";
|
||||
|
||||
var listener = (e) => {
|
||||
is(e.data, false, "After adding permission should not be session only");
|
||||
window.removeEventListener('message', listener);
|
||||
resolve();
|
||||
};
|
||||
window.addEventListener('message', listener);
|
||||
document.body.appendChild(frame);
|
||||
});
|
||||
});
|
||||
</script>
|
||||
</head>
|
||||
<body>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,3 @@
|
|||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<body></body>
|
||||
</html>
|
|
@ -8,7 +8,6 @@ support-files =
|
|||
interOriginSlave.js
|
||||
interOriginTest.js
|
||||
|
||||
[test_cookieSession.html]
|
||||
[test_sessionStorageBase.html]
|
||||
[test_sessionStorageBaseSessionOnly.html]
|
||||
[test_sessionStorageClone.html]
|
||||
|
|
|
@ -1,124 +0,0 @@
|
|||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<title>cookie per-session only test</title>
|
||||
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
|
||||
<script type="text/javascript">
|
||||
|
||||
/*
|
||||
Set cookie access to be just per session and store to the sessionStorage.
|
||||
Content stored must prevail only for session of the browser, so it must
|
||||
be accessible in another window we try to access that key in the same
|
||||
storage.
|
||||
*/
|
||||
|
||||
function pushCookie(aValue, aNext) {
|
||||
SpecialPowers.pushPermissions([{'type': 'cookie', 'allow': aValue, 'context': document}], pushPermissionAndTest);
|
||||
}
|
||||
|
||||
function pushPermissionAndTest() {
|
||||
var test = tests.shift();
|
||||
if (test) {
|
||||
document.getElementById('testframe').onload = test;
|
||||
/* After every permission change, an iframe has to be reloaded,
|
||||
otherwise this test causes failures in b2g (oop) mochitest, because
|
||||
the permission changes don't seem to be always picked up
|
||||
by the code that excercises it */
|
||||
document.getElementById('testframe').contentWindow.location.reload();
|
||||
} else {
|
||||
ok(false, 'should not be reached');
|
||||
SimpleTest.finish();
|
||||
}
|
||||
}
|
||||
|
||||
function startTest() {
|
||||
pushCookie(SpecialPowers.Ci.nsICookiePermission.ACCESS_DEFAULT);
|
||||
}
|
||||
|
||||
var tests = [
|
||||
function test1() {
|
||||
sessionStorage.setItem("persistent1", "persistent value 1");
|
||||
sessionStorage.setItem("persistent2", "persistent value 2");
|
||||
|
||||
pushCookie(SpecialPowers.Ci.nsICookiePermission.ACCESS_SESSION);
|
||||
},
|
||||
|
||||
function test2() {
|
||||
sessionStorage.setItem("session only", "session value");
|
||||
is(sessionStorage.getItem("session only"), "session value", "Value present when cookies in session-only mode");
|
||||
is(sessionStorage.getItem("persistent1"), "persistent value 1", "Persistent value present");
|
||||
is(sessionStorage.getItem("persistent2"), "persistent value 2", "Persistent value present");
|
||||
|
||||
sessionStorage.setItem("persistent1", "changed persistent value 1");
|
||||
sessionStorage.removeItem("persistent2");
|
||||
|
||||
is(sessionStorage.getItem("session only"), "session value", "Value present when cookies in session-only mode");
|
||||
is(sessionStorage.getItem("persistent1"), "changed persistent value 1", "Persistent value present");
|
||||
is(sessionStorage.getItem("persistent2"), null, "Persistent value removed");
|
||||
|
||||
// This clear has to delete only changes made in session only mode
|
||||
sessionStorage.clear();
|
||||
|
||||
is(sessionStorage.getItem("session only"), null, "Value not present when cookies in session-only mode after delete");
|
||||
is(sessionStorage.getItem("persistent1"), null, "Persistent value not present in session only after delete");
|
||||
is(sessionStorage.getItem("persistent2"), null, "Persistent value not present in session only after delete");
|
||||
|
||||
sessionStorage.setItem("session only 2", "must be deleted on drop of session-only cookies permissions");
|
||||
|
||||
pushCookie(SpecialPowers.Ci.nsICookiePermission.ACCESS_DEFAULT);
|
||||
},
|
||||
|
||||
function test3() {
|
||||
is(sessionStorage.getItem("session only"), null, "No value when cookies are in default mode");
|
||||
is(sessionStorage.getItem("session only 2"), null, "No value when cookies are in default mode");
|
||||
is(sessionStorage.getItem("persistent1"), "persistent value 1", "Persistent value present");
|
||||
is(sessionStorage.getItem("persistent2"), "persistent value 2", "Persistent value present");
|
||||
|
||||
pushCookie(SpecialPowers.Ci.nsICookiePermission.ACCESS_SESSION);
|
||||
},
|
||||
|
||||
function test4() {
|
||||
is(sessionStorage.getItem("session only"), null, "Value not present when cookies in session-only mode after delete");
|
||||
is(sessionStorage.getItem("session only 2"), null, "Value not present when cookies in session-only mode after delete");
|
||||
is(sessionStorage.getItem("persistent1"), "persistent value 1", "Persistent value present again");
|
||||
is(sessionStorage.getItem("persistent2"), "persistent value 2", "Persistent value present again");
|
||||
|
||||
pushCookie(SpecialPowers.Ci.nsICookiePermission.ACCESS_DEFAULT);
|
||||
},
|
||||
|
||||
function test5() {
|
||||
sessionStorage.clear();
|
||||
|
||||
is(sessionStorage.getItem("session only"), null, "No value when cookies are in default mode");
|
||||
is(sessionStorage.getItem("persistent1"), null, "Persistent value not present after delete");
|
||||
is(sessionStorage.getItem("persistent2"), null, "Persistent value not present after delete");
|
||||
|
||||
pushCookie(SpecialPowers.Ci.nsICookiePermission.ACCESS_SESSION);
|
||||
},
|
||||
|
||||
function test6() {
|
||||
is(sessionStorage.getItem("session only"), null, "Value not present when cookies in session-only mode after delete");
|
||||
is(sessionStorage.getItem("session only 2"), null, "No value when cookies are in default mode");
|
||||
is(sessionStorage.getItem("persistent1"), null, "Persistent value not present in session only after delete");
|
||||
is(sessionStorage.getItem("persistent2"), null, "Persistent value not present in session only after delete");
|
||||
|
||||
pushCookie(SpecialPowers.Ci.nsICookiePermission.ACCESS_DEFAULT);
|
||||
},
|
||||
|
||||
function test7() {
|
||||
SimpleTest.finish();
|
||||
}
|
||||
];
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
</script>
|
||||
|
||||
</head>
|
||||
|
||||
<body onload="startTest();">
|
||||
<iframe id="testframe" srcdoc="<meta charset=utf-8>"></iframe>
|
||||
</body>
|
||||
</html>
|
|
@ -55,7 +55,6 @@ support-files =
|
|||
redirect_to_foreign.sjs
|
||||
rvals_worker.js
|
||||
sharedWorker_sharedWorker.js
|
||||
sharedWorker_thirdparty_frame.html
|
||||
simpleThread_worker.js
|
||||
suspend_window.html
|
||||
suspend_worker.js
|
||||
|
@ -173,6 +172,9 @@ skip-if = toolkit == 'android'
|
|||
[test_rvals.html]
|
||||
[test_sharedWorker.html]
|
||||
[test_sharedWorker_thirdparty.html]
|
||||
support-files =
|
||||
sharedWorker_thirdparty_frame.html
|
||||
sharedWorker_thirdparty_window.html
|
||||
[test_simpleThread.html]
|
||||
[test_suspend.html]
|
||||
[test_terminate.html]
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
<!--
|
||||
Any copyright is dedicated to the Public Domain.
|
||||
http://creativecommons.org/publicdomain/zero/1.0/
|
||||
-->
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<title>Test for SharedWorker in 3rd Party Iframes</title>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
|
||||
let url = new URL(window.location);
|
||||
|
||||
let frame = document.createElement('iframe');
|
||||
frame.src =
|
||||
'http://example.org/tests/dom/workers/test/sharedWorker_thirdparty_frame.html?name=' + url.searchParams.get('name');
|
||||
document.body.appendChild(frame);
|
||||
window.addEventListener('message', evt => {
|
||||
frame.remove();
|
||||
opener.postMessage(evt.data, "*");
|
||||
}, {once: true});
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
|
@ -11,22 +11,18 @@
|
|||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css">
|
||||
</head>
|
||||
<body>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none"></div>
|
||||
<pre id="test">
|
||||
<script class="testbody">
|
||||
|
||||
function testThirdPartyFrame(name) {
|
||||
return new Promise(resolve => {
|
||||
let frame = document.createElement('iframe');
|
||||
frame.src =
|
||||
'http://example.org/tests/dom/workers/test/sharedWorker_thirdparty_frame.html?name=' + name;
|
||||
document.body.appendChild(frame);
|
||||
// Let's use a window, loading the same origin, in order to have the new
|
||||
// cookie-policy applied.
|
||||
let w = window.open("sharedWorker_thirdparty_window.html?name=" + name);
|
||||
window.addEventListener('message', function messageListener(evt) {
|
||||
if (evt.data.name !== name) {
|
||||
return;
|
||||
}
|
||||
frame.remove();
|
||||
w.close();
|
||||
window.removeEventListener('message', messageListener);
|
||||
resolve(evt.data.result);
|
||||
});
|
||||
|
@ -55,6 +51,5 @@
|
|||
});
|
||||
|
||||
</script>
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
@ -6,57 +6,99 @@
|
|||
// 2) with channel, but with no docshell parent
|
||||
|
||||
function run_test() {
|
||||
Services.prefs.setBoolPref("network.cookieSettings.unblocked_for_testing", true);
|
||||
|
||||
// Create URIs and channels pointing to foo.com and bar.com.
|
||||
// We will use these to put foo.com into first and third party contexts.
|
||||
var spec1 = "http://foo.com/foo.html";
|
||||
var spec2 = "http://bar.com/bar.html";
|
||||
var uri1 = NetUtil.newURI(spec1);
|
||||
var uri2 = NetUtil.newURI(spec2);
|
||||
var channel1 = NetUtil.newChannel({uri: uri1, loadUsingSystemPrincipal: true});
|
||||
var channel2 = NetUtil.newChannel({uri: uri2, loadUsingSystemPrincipal: true});
|
||||
let spec1 = "http://foo.com/foo.html";
|
||||
let spec2 = "http://bar.com/bar.html";
|
||||
let uri1 = NetUtil.newURI(spec1);
|
||||
let uri2 = NetUtil.newURI(spec2);
|
||||
|
||||
// test with cookies enabled
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
|
||||
do_set_cookies(uri1, channel1, true, [1, 2, 3, 4]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [1, 2, 3, 4]);
|
||||
Services.cookies.removeAll();
|
||||
// test with cookies enabled
|
||||
{
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
|
||||
|
||||
let channel1 = NetUtil.newChannel({uri: uri1, loadUsingSystemPrincipal: true});
|
||||
let channel2 = NetUtil.newChannel({uri: uri2, loadUsingSystemPrincipal: true});
|
||||
|
||||
do_set_cookies(uri1, channel1, true, [1, 2, 3, 4]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [1, 2, 3, 4]);
|
||||
Services.cookies.removeAll();
|
||||
}
|
||||
|
||||
// test with third party cookies blocked
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
|
||||
do_set_cookies(uri1, channel1, true, [0, 0, 0, 0]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
|
||||
Services.cookies.removeAll();
|
||||
{
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
|
||||
|
||||
let channel1 = NetUtil.newChannel({uri: uri1, loadUsingSystemPrincipal: true});
|
||||
let channel2 = NetUtil.newChannel({uri: uri2, loadUsingSystemPrincipal: true});
|
||||
|
||||
do_set_cookies(uri1, channel1, true, [0, 0, 0, 0]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
|
||||
Services.cookies.removeAll();
|
||||
}
|
||||
|
||||
// Force the channel URI to be used when determining the originating URI of
|
||||
// the channel.
|
||||
var httpchannel1 = channel1.QueryInterface(Ci.nsIHttpChannelInternal);
|
||||
var httpchannel2 = channel2.QueryInterface(Ci.nsIHttpChannelInternal);
|
||||
httpchannel1.forceAllowThirdPartyCookie = true;
|
||||
httpchannel2.forceAllowThirdPartyCookie = true;
|
||||
// test with third party cookies blocked
|
||||
|
||||
// test with cookies enabled
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
|
||||
do_set_cookies(uri1, channel1, true, [1, 2, 3, 4]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [1, 2, 3, 4]);
|
||||
Services.cookies.removeAll();
|
||||
{
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
|
||||
|
||||
let channel1 = NetUtil.newChannel({uri: uri1, loadUsingSystemPrincipal: true});
|
||||
let httpchannel1 = channel1.QueryInterface(Ci.nsIHttpChannelInternal);
|
||||
httpchannel1.forceAllowThirdPartyCookie = true;
|
||||
|
||||
let channel2 = NetUtil.newChannel({uri: uri2, loadUsingSystemPrincipal: true});
|
||||
let httpchannel2 = channel2.QueryInterface(Ci.nsIHttpChannelInternal);
|
||||
httpchannel2.forceAllowThirdPartyCookie = true;
|
||||
|
||||
do_set_cookies(uri1, channel1, true, [1, 2, 3, 4]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [1, 2, 3, 4]);
|
||||
Services.cookies.removeAll();
|
||||
}
|
||||
|
||||
// test with third party cookies blocked
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
|
||||
do_set_cookies(uri1, channel1, true, [0, 1, 1, 2]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
|
||||
Services.cookies.removeAll();
|
||||
{
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
|
||||
|
||||
let channel1 = NetUtil.newChannel({uri: uri1, loadUsingSystemPrincipal: true});
|
||||
let httpchannel1 = channel1.QueryInterface(Ci.nsIHttpChannelInternal);
|
||||
httpchannel1.forceAllowThirdPartyCookie = true;
|
||||
|
||||
let channel2 = NetUtil.newChannel({uri: uri2, loadUsingSystemPrincipal: true});
|
||||
let httpchannel2 = channel2.QueryInterface(Ci.nsIHttpChannelInternal);
|
||||
httpchannel2.forceAllowThirdPartyCookie = true;
|
||||
|
||||
do_set_cookies(uri1, channel1, true, [0, 1, 1, 2]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
|
||||
Services.cookies.removeAll();
|
||||
}
|
||||
|
||||
// test with third party cookies limited
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 3);
|
||||
do_set_cookies(uri1, channel1, true, [0, 1, 2, 3]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_single_http_cookie(uri1, channel1, 1);
|
||||
do_set_cookies(uri1, channel2, true, [2, 3, 4, 5]);
|
||||
Services.cookies.removeAll();
|
||||
{
|
||||
Services.prefs.setIntPref("network.cookie.cookieBehavior", 3);
|
||||
|
||||
let channel1 = NetUtil.newChannel({uri: uri1, loadUsingSystemPrincipal: true});
|
||||
let httpchannel1 = channel1.QueryInterface(Ci.nsIHttpChannelInternal);
|
||||
httpchannel1.forceAllowThirdPartyCookie = true;
|
||||
|
||||
let channel2 = NetUtil.newChannel({uri: uri2, loadUsingSystemPrincipal: true});
|
||||
let httpchannel2 = channel2.QueryInterface(Ci.nsIHttpChannelInternal);
|
||||
httpchannel2.forceAllowThirdPartyCookie = true;
|
||||
|
||||
do_set_cookies(uri1, channel1, true, [0, 1, 2, 3]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
|
||||
Services.cookies.removeAll();
|
||||
do_set_single_http_cookie(uri1, channel1, 1);
|
||||
do_set_cookies(uri1, channel2, true, [2, 3, 4, 5]);
|
||||
Services.cookies.removeAll();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -267,43 +267,6 @@ add_task(async function testUserInteractionHeuristic() {
|
|||
});
|
||||
});
|
||||
|
||||
info("Now ensure that the storage access is removed if the cookie policy is changed.");
|
||||
await SpecialPowers.pushPrefEnv({"set": [
|
||||
["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT],
|
||||
]});
|
||||
await ContentTask.spawn(browser, {}, async obj => {
|
||||
await new content.Promise(resolve => {
|
||||
let ifr = content.document.querySelectorAll("iframe");
|
||||
ifr = ifr[ifr.length - 1];
|
||||
|
||||
let msg = {};
|
||||
msg.blockingCallback = (async _ => {
|
||||
await noStorageAccessInitially();
|
||||
}).toString();
|
||||
|
||||
content.addEventListener("message", function msg(event) {
|
||||
if (event.data.type == "finish") {
|
||||
content.removeEventListener("message", msg);
|
||||
resolve();
|
||||
return;
|
||||
}
|
||||
|
||||
if (event.data.type == "ok") {
|
||||
ok(event.data.what, event.data.msg);
|
||||
return;
|
||||
}
|
||||
|
||||
if (event.data.type == "info") {
|
||||
info(event.data.msg);
|
||||
return;
|
||||
}
|
||||
|
||||
ok(false, "Unknown message");
|
||||
});
|
||||
ifr.contentWindow.postMessage({ callback: msg.blockingCallback }, "*");
|
||||
});
|
||||
});
|
||||
|
||||
info("Removing the tab");
|
||||
BrowserTestUtils.removeTab(tab);
|
||||
});
|
||||
|
|
Загрузка…
Ссылка в новой задаче