horok/firefox
1
0
Fork 0
Code Activity
firefox/toolkit/components/cleardata/tests/unit/test_permissions.js
Daniel Baumann 5e9a113729
Adding upstream version 140.0. 
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-25 09:37:52 +02:00

544 lines
13 KiB
JavaScript
Raw Permalink Blame History

/* Any copyright is dedicated to the Public Domain.
http://creativecommons.org/publicdomain/zero/1.0/ */
/**
* Tests for permissions
*/
"use strict";
add_task(async function test_all_permissions() {
const uri = Services.io.newURI("https://example.net");
const principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
Services.perms.addFromPrincipal(
principal,
"cookie",
Services.perms.ALLOW_ACTION
);
Assert.ok(
Services.perms.getPermissionObject(principal, "cookie", true) != null
);
await new Promise(aResolve => {
Services.clearData.deleteData(
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
value => {
Assert.equal(value, 0);
aResolve();
}
);
});
Assert.ok(
Services.perms.getPermissionObject(principal, "cookie", true) == null
);
});
add_task(async function test_principal_permissions() {
const uri = Services.io.newURI("https://example.net");
const principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
const anotherUri = Services.io.newURI("https://example.com");
const anotherPrincipal =
Services.scriptSecurityManager.createContentPrincipal(anotherUri, {});
Services.perms.addFromPrincipal(
principal,
"cookie",
Services.perms.ALLOW_ACTION
);
Services.perms.addFromPrincipal(
anotherPrincipal,
"cookie",
Services.perms.ALLOW_ACTION
);
Assert.ok(
Services.perms.getPermissionObject(principal, "cookie", true) != null
);
Assert.ok(
Services.perms.getPermissionObject(anotherPrincipal, "cookie", true) != null
);
await new Promise(aResolve => {
Services.clearData.deleteDataFromPrincipal(
principal,
true /* user request */,
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
value => {
Assert.equal(value, 0);
aResolve();
}
);
});
Assert.ok(
Services.perms.getPermissionObject(principal, "cookie", true) == null
);
Assert.ok(
Services.perms.getPermissionObject(anotherPrincipal, "cookie", true) != null
);
await new Promise(aResolve => {
Services.clearData.deleteData(
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
() => aResolve()
);
});
});
function addTestPermissions() {
Services.perms.removeAll();
PermissionTestUtils.add(
"https://example.net",
"geo",
Services.perms.ALLOW_ACTION
);
PermissionTestUtils.add(
"http://example.net",
"cookie",
Services.perms.DENY_ACTION
);
PermissionTestUtils.add(
"https://bar.example.net",
"geo",
Services.perms.ALLOW_ACTION
);
PermissionTestUtils.add(
"https://foo.bar.example.net",
"geo",
Services.perms.ALLOW_ACTION
);
PermissionTestUtils.add(
"https://example.com",
"3rdPartyStorage^https://example.net",
Services.perms.ALLOW_ACTION
);
PermissionTestUtils.add(
"https://example.com",
"3rdPartyFrameStorage^https://example.net",
Services.perms.ALLOW_ACTION
);
PermissionTestUtils.add(
"https://example.com",
"cookie",
Services.perms.ALLOW_ACTION
);
PermissionTestUtils.add(
"http://example.com",
"geo",
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject("https://example.net", "geo", true)
.capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"http://example.net",
"cookie",
true
).capability,
Services.perms.DENY_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://bar.example.net",
"geo",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://foo.bar.example.net",
"geo",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://example.com",
"3rdPartyStorage^https://example.net",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://example.com",
"3rdPartyFrameStorage^https://example.net",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://example.com",
"cookie",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject("http://example.com", "geo", true)
.capability,
Services.perms.ALLOW_ACTION
);
}
add_task(async function test_removeBySite() {
addTestPermissions();
await new Promise(aResolve => {
Services.clearData.deleteDataFromSite(
"example.net",
{}, // All OriginAttributes
true /* user request */,
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
value => {
Assert.equal(value, 0);
aResolve();
}
);
});
// Should have cleared all entries associated with the site.
Assert.ok(
!PermissionTestUtils.getPermissionObject("https://example.net", "geo", true)
);
Assert.ok(
!PermissionTestUtils.getPermissionObject(
"http://example.net",
"cookie",
true
)
);
Assert.ok(
!PermissionTestUtils.getPermissionObject(
"https://bar.example.net",
"geo",
true
)
);
Assert.ok(
!PermissionTestUtils.getPermissionObject(
"https://foo.bar.example.net",
"geo",
true
)
);
Assert.ok(
!PermissionTestUtils.getPermissionObject(
"https://example.com",
"3rdPartyStorage^https://example.net",
true
)
);
Assert.ok(
!PermissionTestUtils.getPermissionObject(
"https://example.com",
"3rdPartyFrameStorage^https://example.net",
true
)
);
// Unrelated entries should still exist.
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://example.com",
"cookie",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject("http://example.com", "geo", true)
.capability,
Services.perms.ALLOW_ACTION
);
Services.perms.removeAll();
});
// Test that passing an OriginAttributesPattern into deleteDataFromSite only
// clears permissions matching the pattern.
add_task(async function test_removeBySiteAndOAPattern() {
let principalRegular = Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI("https://example.net"),
{}
);
let principalRegularSub =
Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI("https://sub.example.net"),
{}
);
let principalPrivateBrowsing =
Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI("https://example.net"),
{ privateBrowsingId: 1 }
);
let principalPrivateBrowsingSub =
Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI("https://sub.example.net"),
{ privateBrowsingId: 1 }
);
let principalPrivateBrowsingUnrelated =
Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI("https://example.org"),
{ privateBrowsingId: 1 }
);
[
principalRegular,
principalRegularSub,
principalPrivateBrowsing,
principalPrivateBrowsingSub,
principalPrivateBrowsingUnrelated,
].forEach(principal => {
Services.perms.addFromPrincipal(
principal,
"geo",
Services.perms.ALLOW_ACTION
);
});
info("Clear only private browsing mode permissions for example.net");
await new Promise(aResolve => {
Services.clearData.deleteDataFromSite(
"example.net",
{ privateBrowsingId: 1 },
true,
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
value => {
Assert.equal(value, 0);
aResolve();
}
);
});
info(
"Test that only the private browsing permissions for 'example.net' have been cleared."
);
[principalPrivateBrowsing, principalPrivateBrowsingSub].forEach(principal => {
Assert.equal(
Services.perms.testExactPermissionFromPrincipal(principal, "geo"),
Services.perms.UNKNOWN_ACTION,
"Permission has been removed for " + principal.origin
);
});
[
principalRegular,
principalRegularSub,
principalPrivateBrowsingUnrelated,
].forEach(principal => {
Assert.equal(
Services.perms.testExactPermissionFromPrincipal(principal, "geo"),
Services.perms.ALLOW_ACTION,
"Permission still exists for " + principal.origin
);
});
Services.perms.removeAll();
});
add_task(async function removeByHost() {
addTestPermissions();
await new Promise(aResolve => {
Services.clearData.deleteDataFromHost(
"bar.example.net",
true /* user request */,
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
value => {
Assert.equal(value, 0);
aResolve();
}
);
});
// Should have cleared all entries associated with the host and its
// subdomains.
Assert.ok(
!PermissionTestUtils.getPermissionObject(
"https://bar.example.net",
"geo",
true
)
);
Assert.ok(
!PermissionTestUtils.getPermissionObject(
"https://foo.bar.example.net",
"geo",
true
)
);
// Unrelated entries should still exist.
Assert.equal(
PermissionTestUtils.getPermissionObject("https://example.net", "geo", true)
.capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"http://example.net",
"cookie",
true
).capability,
Services.perms.DENY_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://example.com",
"3rdPartyStorage^https://example.net",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://example.com",
"3rdPartyFrameStorage^https://example.net",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject(
"https://example.com",
"cookie",
true
).capability,
Services.perms.ALLOW_ACTION
);
Assert.equal(
PermissionTestUtils.getPermissionObject("http://example.com", "geo", true)
.capability,
Services.perms.ALLOW_ACTION
);
Services.perms.removeAll();
});
add_task(async function test_3rdpartystorage_permissions() {
const uri = Services.io.newURI("https://example.net");
const principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
Services.perms.addFromPrincipal(
principal,
"cookie",
Services.perms.ALLOW_ACTION
);
const anotherUri = Services.io.newURI("https://example.com");
const anotherPrincipal =
Services.scriptSecurityManager.createContentPrincipal(anotherUri, {});
Services.perms.addFromPrincipal(
anotherPrincipal,
"cookie",
Services.perms.ALLOW_ACTION
);
Services.perms.addFromPrincipal(
anotherPrincipal,
"3rdPartyStorage^https://example.net",
Services.perms.ALLOW_ACTION
);
Services.perms.addFromPrincipal(
anotherPrincipal,
"3rdPartyFrameStorage^https://example.net",
Services.perms.ALLOW_ACTION
);
const oneMoreUri = Services.io.newURI("https://example.org");
const oneMorePrincipal =
Services.scriptSecurityManager.createContentPrincipal(oneMoreUri, {});
Services.perms.addFromPrincipal(
oneMorePrincipal,
"cookie",
Services.perms.ALLOW_ACTION
);
Assert.ok(
Services.perms.getPermissionObject(principal, "cookie", true) != null
);
Assert.ok(
Services.perms.getPermissionObject(anotherPrincipal, "cookie", true) != null
);
Assert.ok(
Services.perms.getPermissionObject(
anotherPrincipal,
"3rdPartyStorage^https://example.net",
true
) != null
);
Assert.ok(
Services.perms.getPermissionObject(
anotherPrincipal,
"3rdPartyFrameStorage^https://example.net",
true
) != null
);
Assert.ok(
Services.perms.getPermissionObject(oneMorePrincipal, "cookie", true) != null
);
await new Promise(aResolve => {
Services.clearData.deleteDataFromPrincipal(
principal,
true /* user request */,
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
value => {
Assert.equal(value, 0);
aResolve();
}
);
});
Assert.ok(
Services.perms.getPermissionObject(principal, "cookie", true) == null
);
Assert.ok(
Services.perms.getPermissionObject(anotherPrincipal, "cookie", true) != null
);
Assert.ok(
Services.perms.getPermissionObject(
anotherPrincipal,
"3rdPartyStorage^https://example.net",
true
) == null
);
Assert.ok(
Services.perms.getPermissionObject(
anotherPrincipal,
"3rdPartyFrameStorage^https://example.net",
true
) == null
);
Assert.ok(
Services.perms.getPermissionObject(oneMorePrincipal, "cookie", true) != null
);
await new Promise(aResolve => {
Services.clearData.deleteData(
Ci.nsIClearDataService.CLEAR_PERMISSIONS,
() => aResolve()
);
});
});
View git blame Copy permalink