summaryrefslogtreecommitdiffstats
path: root/toolkit/components/antitracking/test
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 14:29:10 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 14:29:10 +0000
commit2aa4a82499d4becd2284cdb482213d541b8804dd (patch)
treeb80bf8bf13c3766139fbacc530efd0dd9d54394c /toolkit/components/antitracking/test
parentInitial commit. (diff)
downloadfirefox-upstream.tar.xz
firefox-upstream.zip
Adding upstream version 86.0.1.upstream/86.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--toolkit/components/antitracking/test/browser/.eslintrc.js7
-rw-r--r--toolkit/components/antitracking/test/browser/3rdParty.html52
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyOpen.html16
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html17
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyPartitioned.html29
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyRelay.html41
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartySVG.html20
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyStorage.html44
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyStorageWO.html8
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyUI.html32
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyWO.html80
-rw-r--r--toolkit/components/antitracking/test/browser/3rdPartyWorker.html55
-rw-r--r--toolkit/components/antitracking/test/browser/antitracking_head.js1400
-rw-r--r--toolkit/components/antitracking/test/browser/browser.ini172
-rw-r--r--toolkit/components/antitracking/test/browser/browser_aboutblank.js40
-rw-r--r--toolkit/components/antitracking/test/browser/browser_addonHostPermissionIgnoredInTP.js48
-rw-r--r--toolkit/components/antitracking/test/browser/browser_allowListNotifications.js133
-rw-r--r--toolkit/components/antitracking/test/browser/browser_allowListSeparationInPrivateAndNormalWindows.js54
-rw-r--r--toolkit/components/antitracking/test/browser/browser_allowPermissionForTracker.js66
-rw-r--r--toolkit/components/antitracking/test/browser/browser_backgroundImageAssertion.js65
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingCookies.js173
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingDOMCache.js107
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingIndexedDb.js97
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingIndexedDbInWorkers.js74
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingIndexedDbInWorkers2.js146
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingLocalStorage.js90
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingMessaging.js312
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingNoOpener.js43
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingServiceWorkers.js32
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingServiceWorkersStorageAccessAPI.js127
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingSessionStorage.js116
-rw-r--r--toolkit/components/antitracking/test/browser/browser_blockingSharedWorkers.js90
-rw-r--r--toolkit/components/antitracking/test/browser/browser_contentBlockingAllowListPrincipal.js236
-rw-r--r--toolkit/components/antitracking/test/browser/browser_contentBlockingTelemetry.js381
-rw-r--r--toolkit/components/antitracking/test/browser/browser_cookieBetweenTabs.js58
-rw-r--r--toolkit/components/antitracking/test/browser/browser_denyPermissionForTracker.js67
-rw-r--r--toolkit/components/antitracking/test/browser/browser_doublyNestedTracker.js123
-rw-r--r--toolkit/components/antitracking/test/browser/browser_existingCookiesForSubresources.js231
-rw-r--r--toolkit/components/antitracking/test/browser/browser_fileUrl.js38
-rw-r--r--toolkit/components/antitracking/test/browser/browser_firstPartyCookieRejectionHonoursAllowList.js73
-rw-r--r--toolkit/components/antitracking/test/browser/browser_hasStorageAccess.js183
-rw-r--r--toolkit/components/antitracking/test/browser/browser_imageCache4.js13
-rw-r--r--toolkit/components/antitracking/test/browser/browser_imageCache8.js13
-rw-r--r--toolkit/components/antitracking/test/browser/browser_localStorageEvents.js182
-rw-r--r--toolkit/components/antitracking/test/browser/browser_networkIsolation.js204
-rw-r--r--toolkit/components/antitracking/test/browser/browser_onBeforeRequestNotificationForTrackingResources.js96
-rw-r--r--toolkit/components/antitracking/test/browser/browser_onModifyRequestNotificationForTrackingResources.js96
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedClearSiteDataHeader.js590
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedCookies.js137
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedDOMCache.js35
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedIndexedDB.js102
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage.js112
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js1055
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedMessaging.js22
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedServiceWorkers.js89
-rw-r--r--toolkit/components/antitracking/test/browser/browser_partitionedSharedWorkers.js80
-rw-r--r--toolkit/components/antitracking/test/browser/browser_permissionInNormalWindows.js107
-rw-r--r--toolkit/components/antitracking/test/browser/browser_permissionInPrivateWindows.js47
-rw-r--r--toolkit/components/antitracking/test/browser/browser_permissionPropagation.js416
-rw-r--r--toolkit/components/antitracking/test/browser/browser_referrerDefaultPolicy.js571
-rw-r--r--toolkit/components/antitracking/test/browser/browser_script.js222
-rw-r--r--toolkit/components/antitracking/test/browser/browser_serviceWorkersWithStorageAccessGranted.js154
-rw-r--r--toolkit/components/antitracking/test/browser/browser_siteSpecificWorkArounds.js111
-rw-r--r--toolkit/components/antitracking/test/browser/browser_socialtracking.js144
-rw-r--r--toolkit/components/antitracking/test/browser/browser_socialtracking_save_image.js115
-rw-r--r--toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.js151
-rw-r--r--toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.sjs39
-rw-r--r--toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.js203
-rw-r--r--toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs25
-rw-r--r--toolkit/components/antitracking/test/browser/browser_staticPartition_cache.js190
-rw-r--r--toolkit/components/antitracking/test/browser/browser_staticPartition_network.js108
-rw-r--r--toolkit/components/antitracking/test/browser/browser_staticPartition_saveAs.js537
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js325
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessPromiseRejectHandlerUserInteraction.js33
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessPromiseResolveHandlerUserInteraction.js46
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateSubframe.js43
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateTopframe.js41
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessSandboxed.js155
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessThirdPartyChecks.js63
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessWithDynamicFpi.js531
-rw-r--r--toolkit/components/antitracking/test/browser/browser_storageAccessWithHeuristics.js829
-rw-r--r--toolkit/components/antitracking/test/browser/browser_subResources.js270
-rw-r--r--toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js297
-rw-r--r--toolkit/components/antitracking/test/browser/browser_thirdPartyStorageRejectionForCORS.js98
-rw-r--r--toolkit/components/antitracking/test/browser/browser_urlDecorationStripping.js245
-rw-r--r--toolkit/components/antitracking/test/browser/browser_userInteraction.js120
-rw-r--r--toolkit/components/antitracking/test/browser/browser_workerPropagation.js83
-rw-r--r--toolkit/components/antitracking/test/browser/clearSiteData.sjs6
-rw-r--r--toolkit/components/antitracking/test/browser/container.html6
-rw-r--r--toolkit/components/antitracking/test/browser/container2.html11
-rw-r--r--toolkit/components/antitracking/test/browser/cookies.sjs12
-rw-r--r--toolkit/components/antitracking/test/browser/cookiesCORS.sjs9
-rw-r--r--toolkit/components/antitracking/test/browser/dynamicfpi_head.js150
-rw-r--r--toolkit/components/antitracking/test/browser/embedder.html4
-rw-r--r--toolkit/components/antitracking/test/browser/embedder2.html9
-rw-r--r--toolkit/components/antitracking/test/browser/empty-altsvc.js1
-rw-r--r--toolkit/components/antitracking/test/browser/empty-altsvc.js^headers^1
-rw-r--r--toolkit/components/antitracking/test/browser/empty.html1
-rw-r--r--toolkit/components/antitracking/test/browser/empty.js1
-rw-r--r--toolkit/components/antitracking/test/browser/file_localStorage.html21
-rw-r--r--toolkit/components/antitracking/test/browser/file_saveAsImage.sjs19
-rw-r--r--toolkit/components/antitracking/test/browser/file_saveAsPageInfo.html6
-rw-r--r--toolkit/components/antitracking/test/browser/file_saveAsVideo.sjs36
-rw-r--r--toolkit/components/antitracking/test/browser/file_video.ogvbin0 -> 16049 bytes
-rw-r--r--toolkit/components/antitracking/test/browser/head.js99
-rw-r--r--toolkit/components/antitracking/test/browser/iframe.html8
-rw-r--r--toolkit/components/antitracking/test/browser/image.sjs20
-rw-r--r--toolkit/components/antitracking/test/browser/imageCacheWorker.js78
-rw-r--r--toolkit/components/antitracking/test/browser/localStorage.html68
-rw-r--r--toolkit/components/antitracking/test/browser/localStorageEvents.html30
-rw-r--r--toolkit/components/antitracking/test/browser/matchAll.js16
-rw-r--r--toolkit/components/antitracking/test/browser/page.html8
-rw-r--r--toolkit/components/antitracking/test/browser/partitionedSharedWorker.js17
-rw-r--r--toolkit/components/antitracking/test/browser/partitionedstorage_head.js397
-rw-r--r--toolkit/components/antitracking/test/browser/popup.html11
-rw-r--r--toolkit/components/antitracking/test/browser/raptor.jpgbin0 -> 49629 bytes
-rw-r--r--toolkit/components/antitracking/test/browser/redirect.sjs4
-rw-r--r--toolkit/components/antitracking/test/browser/referrer.sjs40
-rw-r--r--toolkit/components/antitracking/test/browser/sandboxed.html12
-rw-r--r--toolkit/components/antitracking/test/browser/sandboxed.html^headers^1
-rw-r--r--toolkit/components/antitracking/test/browser/server.sjs20
-rw-r--r--toolkit/components/antitracking/test/browser/sharedWorker.js18
-rw-r--r--toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js197
-rw-r--r--toolkit/components/antitracking/test/browser/storageprincipal_head.js153
-rw-r--r--toolkit/components/antitracking/test/browser/subResources.sjs31
-rw-r--r--toolkit/components/antitracking/test/browser/tracker.js7
-rw-r--r--toolkit/components/antitracking/test/browser/workerIframe.html71
-rw-r--r--toolkit/components/antitracking/test/xpcshell/data/font.woffbin0 -> 1112 bytes
-rw-r--r--toolkit/components/antitracking/test/xpcshell/head.js11
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_ExceptionListService.js109
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_cookie_behavior.js40
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_purge_trackers.js519
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_purge_trackers_telemetry.js175
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_rejectForeignAllowList.js128
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_staticPartition_authhttp.js140
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_staticPartition_font.js112
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_staticPartition_image.js85
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_staticPartition_prefetch.js175
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_staticPartition_preload.js189
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_tracking_db_service.js476
-rw-r--r--toolkit/components/antitracking/test/xpcshell/test_view_source.js61
-rw-r--r--toolkit/components/antitracking/test/xpcshell/xpcshell.ini23
142 files changed, 18163 insertions, 0 deletions
diff --git a/toolkit/components/antitracking/test/browser/.eslintrc.js b/toolkit/components/antitracking/test/browser/.eslintrc.js
new file mode 100644
index 0000000000..e57058ecb1
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/.eslintrc.js
@@ -0,0 +1,7 @@
+"use strict";
+
+module.exports = {
+ env: {
+ webextensions: true,
+ },
+};
diff --git a/toolkit/components/antitracking/test/browser/3rdParty.html b/toolkit/components/antitracking/test/browser/3rdParty.html
new file mode 100644
index 0000000000..38aa117c55
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdParty.html
@@ -0,0 +1,52 @@
+<html>
+<head>
+ <title>3rd party content!</title>
+ <script type="text/javascript" src="https://example.com/browser/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js"></script>
+</head>
+<body>
+<h1>Here the 3rd party content!</h1>
+<script>
+
+function info(msg) {
+ parent.postMessage({ type: "info", msg }, "*");
+}
+
+function ok(what, msg) {
+ parent.postMessage({ type: "ok", what: !!what, msg }, "*");
+}
+
+function is(a, b, msg) {
+ ok(a === b, msg);
+}
+
+onmessage = function(e) {
+ let data = e.data;
+ if (data.includes("!!!")) {
+ // The data argument may be packed with information about whether we are on
+ // the allow list. In that case, extract that information and prepare it
+ // for our callbacks to access it.
+ let parts = data.split("!!!");
+ // Only consider ourselves allow-listed when the cookie policy is set to
+ // 'block third-party trackers or 'block third-party trackers and partition
+ // third-party cookies', since otherwise we won't obtain storage access by
+ // default, which is what this data is used for in tests.
+ let cookieBehavior =
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior");
+ window.allowListed =
+ parts[0] === "true" &&
+ (cookieBehavior == SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER ||
+ cookieBehavior == SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN ||
+ (cookieBehavior == SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN &&
+ SpecialPowers.Services.prefs.getBoolPref("network.cookie.rejectForeignWithExceptions.enabled")));
+ data = parts[1];
+ }
+ let runnableStr = `(() => {return (${data});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ runnable.call(this, /* Phase */ 1).then(_ => {
+ parent.postMessage({ type: "finish" }, "*");
+ });
+};
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyOpen.html b/toolkit/components/antitracking/test/browser/3rdPartyOpen.html
new file mode 100644
index 0000000000..1110834c0e
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyOpen.html
@@ -0,0 +1,16 @@
+<html>
+<head>
+ <title>A popup!</title>
+</head>
+<body>
+<h1>hi!</h1>
+<script>
+
+if (opener) {
+ opener.postMessage("hello!", "*");
+}
+window.close();
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html b/toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html
new file mode 100644
index 0000000000..5afbb5d89b
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html
@@ -0,0 +1,17 @@
+<html>
+<head>
+ <title>A popup!</title>
+</head>
+<body>
+<h1>hi!</h1>
+<script>
+
+SpecialPowers.wrap(document).userInteractionForTesting();
+if (window.location.search == "?messageme") {
+ window.opener.postMessage("done", "*");
+}
+window.close();
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyPartitioned.html b/toolkit/components/antitracking/test/browser/3rdPartyPartitioned.html
new file mode 100644
index 0000000000..f97ed4791f
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyPartitioned.html
@@ -0,0 +1,29 @@
+<html>
+<head>
+ <title>3rd party content!</title>
+</head>
+<body>
+<h1>Here the 3rd party content!</h1>
+<script>
+
+onmessage = async function(e) {
+ let cb = e.data.cb;
+ let runnableStr = `(() => {return (${cb});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ let variant = (new URL(location.href)).searchParams.get("variant");
+ let win = this;
+ if (variant == "initial-aboutblank") {
+ let i = win.document.createElement("iframe");
+ i.src = "about:blank";
+ win.document.body.appendChild(i);
+ // override win to make it point to the initial about:blank window
+ win = i.contentWindow;
+ }
+
+ let result = await runnable.call(this, win, e.data.value);
+ parent.postMessage(result, "*");
+};
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyRelay.html b/toolkit/components/antitracking/test/browser/3rdPartyRelay.html
new file mode 100644
index 0000000000..64e713913b
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyRelay.html
@@ -0,0 +1,41 @@
+<html>
+<head>
+ <title>Tracker</title>
+ <script type="text/javascript" src="https://example.com/browser/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js"></script>
+</head>
+<body>
+<h1>Relay</h1>
+<iframe></iframe>
+<script>
+
+function info(msg) {
+ parent.postMessage({ type: "info", msg }, "*");
+}
+
+function ok(what, msg) {
+ parent.postMessage({ type: "ok", what: !!what, msg }, "*");
+}
+
+function is(a, b, msg) {
+ ok(a === b, msg);
+}
+
+onmessage = function(e) {
+ switch (e.data.type || "") {
+ case "finish":
+ case "ok":
+ case "info":
+ parent.postMessage(e.data, "*");
+ break;
+ default:
+ let iframe = document.querySelector("iframe");
+ iframe.contentWindow.postMessage(e.data, "*");
+ break;
+ }
+};
+
+document.querySelector("iframe").src = location.search.substr(1);
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartySVG.html b/toolkit/components/antitracking/test/browser/3rdPartySVG.html
new file mode 100644
index 0000000000..df791f355f
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartySVG.html
@@ -0,0 +1,20 @@
+<html>
+<head>
+ <title>3rd party content!</title>
+ <style>
+ body {
+ background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 32 32"><path fill="context-fill" d="M28.5,8.1c0-1.1-1-1.9-2.1-2.4V3.7c-0.2-0.2-0.3-0.3-0.6-0.3c-0.6,0-1.1,0.8-1.3,2.1c-0.2,0-0.3,0-0.5,0l0,0c0-0.2,0-0.3-0.2-0.5c-0.3-1.1-0.8-1.9-1.3-2.6C22,2.6,21.7,3.2,21.7,4L22,6.3c-0.3,0.2-0.6,0.3-1,0.6l-3.5,3.7l0,0c0,0-6.3-0.8-10.9,0.2c-0.6,0-1,0.2-1.1,0.3c-0.5,0.2-0.8,0.3-1.1,0.6c-1.1-0.8-2.2-2.1-3.2-4c0-0.3-0.5-0.5-0.8-0.5s-0.5,0.6-0.3,1c0.8,2.1,2.1,3.5,3.4,4.5c-0.5,0.5-0.8,1-1,1.6c0,0-0.3,2.2-0.3,5.5l1.4,8c0,1,0.8,1.8,1.9,1.8c1,0,1.9-0.8,1.9-1.8V23l0.5-1.3h8.8l0.8,1.3v4.7c0,1,0.8,1.8,1.9,1.8c1,0,1.6-0.6,1.8-1.4l0,0l1.9-9l0,0l2.1-6.4h3c3.4,0,3.7-2.9,3.7-2.9L28.5,8.1z"/></svg>');
+ }
+ </style>
+</head>
+<body>
+<h1>3rd party content with an SVG image background</h1>
+<script>
+
+onload = function(e) {
+ parent.postMessage({ type: "finish" }, "*");
+};
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyStorage.html b/toolkit/components/antitracking/test/browser/3rdPartyStorage.html
new file mode 100644
index 0000000000..749ead7c20
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyStorage.html
@@ -0,0 +1,44 @@
+<html>
+<head>
+ <title>3rd party content!</title>
+ <script type="text/javascript" src="https://example.com/browser/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js"></script>
+</head>
+<body>
+<h1>Here the 3rd party content!</h1>
+<script>
+
+function info(msg) {
+ parent.postMessage({ type: "info", msg }, "*");
+}
+
+function ok(what, msg) {
+ parent.postMessage({ type: "ok", what: !!what, msg }, "*");
+}
+
+function is(a, b, msg) {
+ ok(a === b, msg);
+}
+
+onmessage = function(e) {
+ let data = e.data;
+ let runnableStr = `(() => {return (${data});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+
+ let win = window.open("3rdPartyStorageWO.html");
+ win.onload = async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ await runnable.call(this, this, win, false /* allowed */);
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+ await runnable.call(this, this, win, true /* allowed */);
+
+ win.close();
+ parent.postMessage({ type: "finish" }, "*");
+ };
+};
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyStorageWO.html b/toolkit/components/antitracking/test/browser/3rdPartyStorageWO.html
new file mode 100644
index 0000000000..b04916103d
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyStorageWO.html
@@ -0,0 +1,8 @@
+<html>
+<head>
+ <title>1st party content!</title>
+</head>
+<body>
+<h1>Here the 1st party content!</h1>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyUI.html b/toolkit/components/antitracking/test/browser/3rdPartyUI.html
new file mode 100644
index 0000000000..57693fbcbd
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyUI.html
@@ -0,0 +1,32 @@
+<html>
+<head>
+ <title>Tracker</title>
+ <script type="text/javascript" src="https://example.com/browser/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js"></script>
+</head>
+<body>
+<h1>Tracker</h1>
+<script>
+
+function info(msg) {
+ parent.postMessage({ type: "info", msg }, "*");
+}
+
+function ok(what, msg) {
+ parent.postMessage({ type: "ok", what: !!what, msg }, "*");
+}
+
+function is(a, b, msg) {
+ ok(a === b, msg);
+}
+
+onmessage = function(e) {
+ let runnableStr = `(() => {return (${e.data.callback});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ runnable.call(this, e.data.arg || /* Phase */ 3).then(_ => {
+ parent.postMessage({ type: "finish" }, "*");
+ });
+};
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyWO.html b/toolkit/components/antitracking/test/browser/3rdPartyWO.html
new file mode 100644
index 0000000000..7986b31063
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyWO.html
@@ -0,0 +1,80 @@
+<html>
+<head>
+ <title>Interact with me!</title>
+ <script type="text/javascript" src="https://example.com/browser/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js"></script>
+</head>
+<body>
+<h1>Interact with me!</h1>
+<script>
+
+function info(msg) {
+ parent.postMessage({ type: "info", msg }, "*");
+}
+
+function ok(what, msg) {
+ parent.postMessage({ type: "ok", what: !!what, msg }, "*");
+}
+
+function is(a, b, msg) {
+ ok(a === b, msg);
+}
+
+onmessage = function(e) {
+ let runnableStr = `(() => {return (${e.data.blockingCallback});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ runnable.call(this, /* Phase */ 2).then(_ => {
+ info("Let's do a window.open()");
+ return new Promise(resolve => {
+ if (location.search == "?noopener") {
+ let features = "noopener";
+
+ window.open("3rdPartyOpen.html", undefined, features);
+ setTimeout(resolve, 1000);
+ } else {
+ onmessage = resolve;
+
+ window.open("3rdPartyOpen.html");
+ }
+ });
+ }).then(_ => {
+ info("The popup has been dismissed!");
+ // First time storage access should not be granted because the tracker has
+ // not had user interaction yet.
+ let runnableStr = `(() => {return (${e.data.blockingCallback});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ return runnable.call(this, /* Phase */ 2);
+ }).then(_ => {
+ info("Let's interact with the tracker");
+ return new Promise(resolve => {
+ onmessage = resolve;
+
+ window.open("3rdPartyOpenUI.html?messageme");
+ });
+ }).then(_ => {
+ info("Let's do another window.open()");
+ return new Promise(resolve => {
+ if (location.search == "?noopener") {
+ let features = "noopener";
+
+ window.open("3rdPartyOpen.html", undefined, features);
+ setTimeout(resolve, 1000);
+ } else {
+ onmessage = resolve;
+
+ window.open("3rdPartyOpen.html");
+ }
+ });
+ }).then(_ => {
+ // This time the tracker must have been able to obtain first-party storage
+ // access because it has had user interaction before.
+ let runnableStr = `(() => {return (${e.data.nonBlockingCallback});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ return runnable.call(this, /* Phase */ 2);
+ }).then(_ => {
+ parent.postMessage({ type: "finish" }, "*");
+ });
+};
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/3rdPartyWorker.html b/toolkit/components/antitracking/test/browser/3rdPartyWorker.html
new file mode 100644
index 0000000000..e79a992660
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/3rdPartyWorker.html
@@ -0,0 +1,55 @@
+<html>
+<head>
+ <title>Tracker</title>
+ <script type="text/javascript" src="https://example.com/browser/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js"></script>
+</head>
+<body>
+<h1>Tracker</h1>
+<script>
+
+function info(msg) {
+ parent.postMessage({ type: "info", msg }, "*");
+}
+
+function ok(what, msg) {
+ parent.postMessage({ type: "ok", what: !!what, msg }, "*");
+}
+
+function is(a, b, msg) {
+ ok(a === b, msg);
+}
+
+function workerCode() {
+ onmessage = e => {
+ try {
+ indexedDB.open("test", "1");
+ postMessage(true);
+ } catch (e) {
+ postMessage(false);
+ }
+ };
+}
+
+var worker;
+function createWorker() {
+ let blob = new Blob([workerCode.toString() + "; workerCode();"]);
+ let blobURL = URL.createObjectURL(blob);
+ info("Blob created");
+
+ worker = new Worker(blobURL);
+ info("Worker created");
+}
+
+onmessage = function(e) {
+ let runnableStr = `(() => {return (${e.data.callback});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ runnable.call(this, e.data.arg || /* Phase */ 3).then(_ => {
+ parent.postMessage({ type: "finish" }, "*");
+ });
+};
+
+createWorker();
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/antitracking_head.js b/toolkit/components/antitracking/test/browser/antitracking_head.js
new file mode 100644
index 0000000000..bb987742df
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/antitracking_head.js
@@ -0,0 +1,1400 @@
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* import-globals-from head.js */
+
+"use strict";
+
+var gFeatures = undefined;
+var gTestTrackersCleanedUp = false;
+var gTestTrackersCleanupRegistered = false;
+
+/**
+ * Force garbage collection.
+ */
+function forceGC() {
+ SpecialPowers.gc();
+ SpecialPowers.forceShrinkingGC();
+ SpecialPowers.forceCC();
+ SpecialPowers.gc();
+ SpecialPowers.forceShrinkingGC();
+ SpecialPowers.forceCC();
+}
+
+this.AntiTracking = {
+ runTestInNormalAndPrivateMode(
+ name,
+ callbackTracking,
+ callbackNonTracking,
+ cleanupFunction,
+ extraPrefs,
+ windowOpenTest = true,
+ userInteractionTest = true,
+ expectedBlockingNotifications = Ci.nsIWebProgressListener
+ .STATE_COOKIES_BLOCKED_TRACKER,
+ iframeSandbox = null,
+ accessRemoval = null,
+ callbackAfterRemoval = null
+ ) {
+ // Normal mode
+ this.runTest(
+ name,
+ callbackTracking,
+ callbackNonTracking,
+ cleanupFunction,
+ extraPrefs,
+ windowOpenTest,
+ userInteractionTest,
+ expectedBlockingNotifications,
+ false,
+ iframeSandbox,
+ accessRemoval,
+ callbackAfterRemoval
+ );
+
+ // Private mode
+ this.runTest(
+ name,
+ callbackTracking,
+ callbackNonTracking,
+ cleanupFunction,
+ extraPrefs,
+ windowOpenTest,
+ userInteractionTest,
+ expectedBlockingNotifications,
+ true,
+ iframeSandbox,
+ accessRemoval,
+ callbackAfterRemoval
+ );
+ },
+
+ runTest(
+ name,
+ callbackTracking,
+ callbackNonTracking,
+ cleanupFunction,
+ extraPrefs,
+ windowOpenTest = true,
+ userInteractionTest = true,
+ expectedBlockingNotifications = Ci.nsIWebProgressListener
+ .STATE_COOKIES_BLOCKED_TRACKER,
+ runInPrivateWindow = false,
+ iframeSandbox = null,
+ accessRemoval = null,
+ callbackAfterRemoval = null
+ ) {
+ let runExtraTests = true;
+ let options = {};
+ if (typeof callbackNonTracking == "object" && !!callbackNonTracking) {
+ options.callback = callbackNonTracking.callback;
+ runExtraTests = callbackNonTracking.runExtraTests;
+ if ("cookieBehavior" in callbackNonTracking) {
+ options.cookieBehavior = callbackNonTracking.cookieBehavior;
+ } else {
+ options.cookieBehavior = BEHAVIOR_ACCEPT;
+ }
+ if ("expectedBlockingNotifications" in callbackNonTracking) {
+ options.expectedBlockingNotifications =
+ callbackNonTracking.expectedBlockingNotifications;
+ } else {
+ options.expectedBlockingNotifications = 0;
+ }
+ if ("blockingByAllowList" in callbackNonTracking) {
+ options.blockingByAllowList = callbackNonTracking.blockingByAllowList;
+ if (options.blockingByAllowList) {
+ // If we're on the allow list, there won't be any blocking!
+ options.expectedBlockingNotifications = 0;
+ }
+ } else {
+ options.blockingByAllowList = false;
+ }
+ callbackNonTracking = options.callback;
+ options.accessRemoval = null;
+ options.callbackAfterRemoval = null;
+ }
+
+ // Here we want to test that a 3rd party context is simply blocked.
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ allowList: false,
+ callback: callbackTracking,
+ extraPrefs,
+ expectedBlockingNotifications,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval,
+ callbackAfterRemoval,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ if (callbackNonTracking) {
+ // Phase 1: Here we want to test that a 3rd party context is not blocked if pref is off.
+ if (runExtraTests) {
+ // There are five ways in which the third-party context may not be blocked:
+ // * If the cookieBehavior pref causes it to not be blocked.
+ // * If the contentBlocking pref causes it to not be blocked.
+ // * If both of these prefs cause it to not be blocked.
+ // * If the top-level page is on the content blocking allow list.
+ // * If the contentBlocking third-party cookies UI pref is off, the allow list will be ignored.
+ // All of these cases are tested here.
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_ACCEPT,
+ allowList: false,
+ callback: callbackNonTracking,
+ extraPrefs,
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval: null, // only passed with non-blocking callback
+ callbackAfterRemoval: null,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_ACCEPT,
+ allowList: true,
+ callback: callbackNonTracking,
+ extraPrefs,
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval: null, // only passed with non-blocking callback
+ callbackAfterRemoval: null,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_REJECT,
+ allowList: false,
+ callback: callbackTracking,
+ extraPrefs,
+ expectedBlockingNotifications: expectedBlockingNotifications
+ ? Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL
+ : 0,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval: null, // only passed with non-blocking callback
+ callbackAfterRemoval: null,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_LIMIT_FOREIGN,
+ allowList: true,
+ callback: callbackNonTracking,
+ extraPrefs,
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval: null, // only passed with non-blocking callback
+ callbackAfterRemoval: null,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name: name + " reject foreign without exception",
+ cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
+ allowList: true,
+ callback: callbackNonTracking,
+ extraPrefs: [
+ ["network.cookie.rejectForeignWithExceptions.enabled", false],
+ ...(extraPrefs || []),
+ ],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval: null, // only passed with non-blocking callback
+ callbackAfterRemoval: null,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name: name + " reject foreign with exception",
+ cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
+ allowList: true,
+ callback: callbackNonTracking,
+ extraPrefs: [
+ ["network.cookie.rejectForeignWithExceptions.enabled", true],
+ ...(extraPrefs || []),
+ ],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval,
+ callbackAfterRemoval,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
+ allowList: false,
+ callback: callbackTracking,
+ extraPrefs: [
+ ["network.cookie.rejectForeignWithExceptions.enabled", false],
+ ...(extraPrefs || []),
+ ],
+ expectedBlockingNotifications: expectedBlockingNotifications
+ ? Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN
+ : 0,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval,
+ callbackAfterRemoval,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
+ allowList: false,
+ callback: callbackNonTracking,
+ extraPrefs: [
+ ["network.cookie.rejectForeignWithExceptions.enabled", true],
+ ...(extraPrefs || []),
+ ],
+ expectedBlockingNotifications: false,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval: null, // only passed with non-blocking callback
+ callbackAfterRemoval: null,
+ thirdPartyPage: TEST_ANOTHER_3RD_PARTY_PAGE,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ allowList: true,
+ callback: callbackNonTracking,
+ extraPrefs,
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval,
+ callbackAfterRemoval,
+ });
+ this._createCleanupTask(cleanupFunction);
+
+ this._createTask({
+ name,
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ allowList: false,
+ callback: callbackNonTracking,
+ extraPrefs,
+ expectedBlockingNotifications: false,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval: null, // only passed with non-blocking callback
+ callbackAfterRemoval: null,
+ thirdPartyPage: TEST_ANOTHER_3RD_PARTY_PAGE,
+ });
+ this._createCleanupTask(cleanupFunction);
+ } else {
+ // This is only used for imageCacheWorker.js tests
+ this._createTask({
+ name,
+ cookieBehavior: options.cookieBehavior,
+ allowList: options.blockingByAllowList,
+ callback: options.callback,
+ extraPrefs,
+ expectedBlockingNotifications: options.expectedBlockingNotifications,
+ runInPrivateWindow,
+ iframeSandbox,
+ accessRemoval: options.accessRemoval,
+ callbackAfterRemoval: options.callbackAfterRemoval,
+ });
+ this._createCleanupTask(cleanupFunction);
+ }
+
+ // Phase 2: Here we want to test that a third-party context doesn't
+ // get blocked with when the same origin is opened through window.open().
+ if (windowOpenTest) {
+ this._createWindowOpenTask(
+ name,
+ BEHAVIOR_REJECT_TRACKER,
+ callbackTracking,
+ callbackNonTracking,
+ runInPrivateWindow,
+ iframeSandbox,
+ false,
+ extraPrefs
+ );
+ this._createCleanupTask(cleanupFunction);
+
+ this._createWindowOpenTask(
+ name,
+ BEHAVIOR_REJECT_FOREIGN,
+ callbackTracking,
+ callbackNonTracking,
+ runInPrivateWindow,
+ iframeSandbox,
+ false,
+ [
+ ["network.cookie.rejectForeignWithExceptions.enabled", true],
+ ...(extraPrefs || []),
+ ]
+ );
+ this._createCleanupTask(cleanupFunction);
+
+ // Now, check if it works for nested iframes.
+ this._createWindowOpenTask(
+ name,
+ BEHAVIOR_REJECT_TRACKER,
+ callbackTracking,
+ callbackNonTracking,
+ runInPrivateWindow,
+ iframeSandbox,
+ true,
+ extraPrefs
+ );
+ this._createCleanupTask(cleanupFunction);
+
+ this._createWindowOpenTask(
+ name,
+ BEHAVIOR_REJECT_FOREIGN,
+ callbackTracking,
+ callbackNonTracking,
+ runInPrivateWindow,
+ iframeSandbox,
+ true,
+ [
+ ["network.cookie.rejectForeignWithExceptions.enabled", true],
+ ...(extraPrefs || []),
+ ]
+ );
+ this._createCleanupTask(cleanupFunction);
+ }
+
+ // Phase 3: Here we want to test that a third-party context doesn't
+ // get blocked with user interaction present
+ if (userInteractionTest) {
+ this._createUserInteractionTask(
+ name,
+ BEHAVIOR_REJECT_TRACKER,
+ callbackTracking,
+ callbackNonTracking,
+ runInPrivateWindow,
+ iframeSandbox,
+ false,
+ extraPrefs
+ );
+ this._createCleanupTask(cleanupFunction);
+
+ this._createUserInteractionTask(
+ name,
+ BEHAVIOR_REJECT_FOREIGN,
+ callbackTracking,
+ callbackNonTracking,
+ runInPrivateWindow,
+ iframeSandbox,
+ false,
+ [
+ ["network.cookie.rejectForeignWithExceptions.enabled", true],
+ ...(extraPrefs || []),
+ ]
+ );
+ this._createCleanupTask(cleanupFunction);
+
+ // Now, check if it works for nested iframes.
+ this._createUserInteractionTask(
+ name,
+ BEHAVIOR_REJECT_TRACKER,
+ callbackTracking,
+ callbackNonTracking,
+ runInPrivateWindow,
+ iframeSandbox,
+ true,
+ extraPrefs
+ );
+ this._createCleanupTask(cleanupFunction);
+
+ this._createUserInteractionTask(
+ name,
+ BEHAVIOR_REJECT_FOREIGN,
+ callbackTracking,
+ callbackNonTracking,
+ runInPrivateWindow,
+ iframeSandbox,
+ true,
+ [
+ ["network.cookie.rejectForeignWithExceptions.enabled", true],
+ ...(extraPrefs || []),
+ ]
+ );
+ this._createCleanupTask(cleanupFunction);
+ }
+ }
+ },
+
+ _waitObserver(targetTopic, expectedCount) {
+ let cnt = 0;
+
+ return new Promise(resolve => {
+ Services.obs.addObserver(function observer(subject, topic, data) {
+ if (topic != targetTopic) {
+ return;
+ }
+ cnt++;
+
+ if (cnt != expectedCount) {
+ return;
+ }
+
+ Services.obs.removeObserver(observer, targetTopic);
+ resolve();
+ }, targetTopic);
+ });
+ },
+
+ _waitUserInteractionPerm() {
+ return this._waitObserver(
+ "antitracking-test-user-interaction-perm-added",
+ 1
+ );
+ },
+
+ _waitStorageAccessPerm(expectedCount) {
+ return this._waitObserver(
+ "antitracking-test-storage-access-perm-added",
+ expectedCount
+ );
+ },
+
+ async interactWithTracker() {
+ let win = await BrowserTestUtils.openNewBrowserWindow();
+ await BrowserTestUtils.withNewTab(
+ { gBrowser: win.gBrowser, url: TEST_3RD_PARTY_PAGE },
+ async function(browser) {
+ info("Let's interact with the tracker");
+
+ await SpecialPowers.spawn(browser, [], async function() {
+ SpecialPowers.wrap(content.document).userInteractionForTesting();
+ });
+ }
+ );
+ await BrowserTestUtils.closeWindow(win);
+ },
+
+ async _setupTest(win, cookieBehavior, extraPrefs) {
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ ["network.cookie.cookieBehavior", cookieBehavior],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ [
+ "privacy.trackingprotection.annotate_channels",
+ cookieBehavior != BEHAVIOR_ACCEPT,
+ ],
+ ["privacy.restrict3rdpartystorage.console.lazy", false],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ["privacy.antitracking.testing", true],
+ ],
+ });
+
+ if (extraPrefs && Array.isArray(extraPrefs) && extraPrefs.length) {
+ await SpecialPowers.pushPrefEnv({ set: extraPrefs });
+
+ for (let item of extraPrefs) {
+ // When setting up exception URLs, we need to wait to ensure our prefs
+ // actually take effect. In order to do this, we set up a exception
+ // list observer and wait until it calls us back.
+ if (item[0] == "urlclassifier.trackingAnnotationSkipURLs") {
+ info("Waiting for the exception list service to initialize...");
+ let classifier = Cc[
+ "@mozilla.org/url-classifier/dbservice;1"
+ ].getService(Ci.nsIURIClassifier);
+ let feature = classifier.getFeatureByName("tracking-annotation");
+ await TestUtils.waitForCondition(() => {
+ for (let x of item[1].toLowerCase().split(",")) {
+ if (feature.exceptionHostList.split(",").includes(x)) {
+ return true;
+ }
+ }
+ return false;
+ }, "Exception list service initialized");
+ break;
+ }
+ }
+ }
+
+ await UrlClassifierTestUtils.addTestTrackers();
+ if (!gTestTrackersCleanupRegistered) {
+ registerCleanupFunction(_ => {
+ if (gTestTrackersCleanedUp) {
+ return;
+ }
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ gTestTrackersCleanedUp = true;
+ });
+ gTestTrackersCleanupRegistered = true;
+ }
+ },
+
+ _createTask(options) {
+ add_task(async function() {
+ info(
+ "Starting " +
+ (options.cookieBehavior != BEHAVIOR_ACCEPT
+ ? "blocking"
+ : "non-blocking") +
+ " cookieBehavior (" +
+ options.cookieBehavior +
+ ") with" +
+ (options.allowList ? "" : "out") +
+ " allow list test " +
+ options.name +
+ " running in a " +
+ (options.runInPrivateWindow ? "private" : "normal") +
+ " window " +
+ " with iframe sandbox set to " +
+ options.iframeSandbox +
+ " and access removal set to " +
+ options.accessRemoval +
+ (typeof options.thirdPartyPage == "string"
+ ? " and third party page set to " + options.thirdPartyPage
+ : "") +
+ (typeof options.topPage == "string"
+ ? " and top page set to " + options.topPage
+ : "")
+ );
+
+ is(
+ !!options.callbackAfterRemoval,
+ !!options.accessRemoval,
+ "callbackAfterRemoval must be passed when accessRemoval is non-null"
+ );
+
+ let win = window;
+ if (options.runInPrivateWindow) {
+ win = OpenBrowserWindow({ private: true });
+ await TestUtils.topicObserved("browser-delayed-startup-finished");
+ }
+
+ await AntiTracking._setupTest(
+ win,
+ options.cookieBehavior,
+ options.extraPrefs
+ );
+
+ let topPage;
+ if (typeof options.topPage == "string") {
+ topPage = options.topPage;
+ } else {
+ topPage = TEST_TOP_PAGE;
+ }
+
+ let thirdPartyPage, thirdPartyDomainURI;
+ if (typeof options.thirdPartyPage == "string") {
+ thirdPartyPage = options.thirdPartyPage;
+ let url = new URL(thirdPartyPage);
+ thirdPartyDomainURI = Services.io.newURI(url.origin);
+ } else {
+ thirdPartyPage = TEST_3RD_PARTY_PAGE;
+ thirdPartyDomainURI = Services.io.newURI(TEST_3RD_PARTY_DOMAIN);
+ }
+
+ // It's possible that the third-party domain has been exceptionlisted
+ // through extraPrefs, so let's try annotating it here and adjust our
+ // blocking expectations as necessary.
+ if (
+ options.expectedBlockingNotifications ==
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER
+ ) {
+ if (
+ !(await AntiTracking._isThirdPartyPageClassifiedAsTracker(
+ topPage,
+ thirdPartyDomainURI
+ ))
+ ) {
+ options.expectedBlockingNotifications = 0;
+ }
+ }
+
+ let cookieBlocked = 0;
+ let listener = {
+ onContentBlockingEvent(webProgress, request, event) {
+ if (event & options.expectedBlockingNotifications) {
+ ++cookieBlocked;
+ }
+ },
+ };
+ function prepareTestEnvironmentOnPage() {
+ win.gBrowser.addProgressListener(listener);
+
+ Services.console.reset();
+ }
+
+ if (!options.allowList) {
+ prepareTestEnvironmentOnPage();
+ }
+
+ let consoleWarningPromise;
+
+ if (options.expectedBlockingNotifications) {
+ consoleWarningPromise = new Promise(resolve => {
+ let consoleListener = {
+ observe(msg) {
+ if (
+ msg
+ .QueryInterface(Ci.nsIScriptError)
+ .category.startsWith("cookieBlocked")
+ ) {
+ Services.console.unregisterListener(consoleListener);
+ resolve();
+ }
+ },
+ };
+
+ Services.console.registerListener(consoleListener);
+ });
+ } else {
+ consoleWarningPromise = Promise.resolve();
+ }
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(win.gBrowser, topPage);
+ win.gBrowser.selectedTab = tab;
+
+ let browser = win.gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Check the cookieJarSettings of the browser object");
+ ok(
+ browser.cookieJarSettings,
+ "The browser object has the cookieJarSettings."
+ );
+ is(
+ browser.cookieJarSettings.cookieBehavior,
+ options.cookieBehavior,
+ "The cookieJarSettings has the correct cookieBehavior"
+ );
+
+ if (options.allowList) {
+ info("Disabling content blocking for this page");
+ win.gProtectionsHandler.disableForCurrentPage();
+
+ prepareTestEnvironmentOnPage();
+
+ // The previous function reloads the browser, so wait for it to load again!
+ await BrowserTestUtils.browserLoaded(browser);
+ }
+
+ info("Creating a 3rd party content");
+ let doAccessRemovalChecks =
+ typeof options.accessRemoval == "string" &&
+ options.cookieBehavior == BEHAVIOR_REJECT_TRACKER &&
+ !options.allowList;
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: thirdPartyPage,
+ nextPage: TEST_4TH_PARTY_PAGE,
+ callback: options.callback.toString(),
+ callbackAfterRemoval: options.callbackAfterRemoval
+ ? options.callbackAfterRemoval.toString()
+ : null,
+ accessRemoval: options.accessRemoval,
+ iframeSandbox: options.iframeSandbox,
+ allowList: options.allowList,
+ doAccessRemovalChecks,
+ },
+ ],
+ async function(obj) {
+ let id = "id" + Math.random();
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.id = id;
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ let callback = obj.allowList + "!!!" + obj.callback;
+ ifr.contentWindow.postMessage(callback, "*");
+ };
+ if (typeof obj.iframeSandbox == "string") {
+ ifr.setAttribute("sandbox", obj.iframeSandbox);
+ }
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+
+ if (obj.doAccessRemovalChecks) {
+ info(`Running after removal checks (${obj.accessRemoval})`);
+ switch (obj.accessRemoval) {
+ case "navigate-subframe":
+ await new content.Promise(resolve => {
+ let ifr = content.document.getElementById(id);
+ let oldWindow = ifr.contentWindow;
+ ifr.onload = function() {
+ info("Sending code to the old 3rd party content");
+ oldWindow.postMessage(obj.callbackAfterRemoval, "*");
+ };
+ if (typeof obj.iframeSandbox == "string") {
+ ifr.setAttribute("sandbox", obj.iframeSandbox);
+ }
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ ifr.src = obj.nextPage;
+ });
+ break;
+ case "navigate-topframe":
+ // pass-through
+ break;
+ default:
+ ok(
+ false,
+ "Unexpected accessRemoval code passed: " + obj.accessRemoval
+ );
+ break;
+ }
+ }
+ }
+ );
+
+ if (
+ doAccessRemovalChecks &&
+ options.accessRemoval == "navigate-topframe"
+ ) {
+ BrowserTestUtils.loadURI(browser, TEST_4TH_PARTY_PAGE);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ let pageshow = BrowserTestUtils.waitForContentEvent(
+ tab.linkedBrowser,
+ "pageshow"
+ );
+ gBrowser.goBack();
+ await pageshow;
+
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: thirdPartyPage,
+ callbackAfterRemoval: options.callbackAfterRemoval
+ ? options.callbackAfterRemoval.toString()
+ : null,
+ iframeSandbox: options.iframeSandbox,
+ },
+ ],
+ async function(obj) {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info(
+ "Sending code to the 3rd party content to verify accessRemoval"
+ );
+ ifr.contentWindow.postMessage(obj.callbackAfterRemoval, "*");
+ };
+ if (typeof obj.iframeSandbox == "string") {
+ ifr.setAttribute("sandbox", obj.iframeSandbox);
+ }
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ }
+ );
+ }
+
+ // Wait until the message appears on the console.
+ await consoleWarningPromise;
+
+ let allMessages = Services.console.getMessageArray().filter(msg => {
+ try {
+ // Select all messages that the anti-tracking backend could generate.
+ return msg
+ .QueryInterface(Ci.nsIScriptError)
+ .category.startsWith("cookieBlocked");
+ } catch (e) {
+ return false;
+ }
+ });
+ let expectedCategory = "";
+ // When changing this list, please make sure to update the corresponding
+ // code in ReportBlockingToConsole().
+ switch (options.expectedBlockingNotifications) {
+ case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_BY_PERMISSION:
+ expectedCategory = "cookieBlockedPermission";
+ break;
+ case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER:
+ expectedCategory = "cookieBlockedTracker";
+ break;
+ case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL:
+ expectedCategory = "cookieBlockedAll";
+ break;
+ case Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN:
+ expectedCategory = "cookieBlockedForeign";
+ break;
+ }
+
+ if (expectedCategory == "") {
+ is(allMessages.length, 0, "No console messages should be generated");
+ } else {
+ ok(!!allMessages.length, "Some console message should be generated");
+ if (options.errorMessageDomains) {
+ is(
+ allMessages.length,
+ options.errorMessageDomains.length,
+ "Enough items provided in errorMessageDomains"
+ );
+ }
+ }
+ let index = 0;
+ for (let msg of allMessages) {
+ is(
+ msg.category,
+ expectedCategory,
+ "Message should be of expected category"
+ );
+
+ if (options.errorMessageDomains) {
+ ok(
+ msg.errorMessage.includes(options.errorMessageDomains[index]),
+ `Error message domain ${options.errorMessageDomains[index]} (${index}) found in "${msg.errorMessage}"`
+ );
+ index++;
+ }
+ }
+
+ if (options.allowList) {
+ info("Enabling content blocking for this page");
+ win.gProtectionsHandler.enableForCurrentPage();
+
+ // The previous function reloads the browser, so wait for it to load again!
+ await BrowserTestUtils.browserLoaded(browser);
+ }
+
+ win.gBrowser.removeProgressListener(listener);
+
+ is(
+ !!cookieBlocked,
+ !!options.expectedBlockingNotifications,
+ "Checking cookie blocking notifications"
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ if (options.runInPrivateWindow) {
+ win.close();
+ }
+ });
+ },
+
+ _createCleanupTask(cleanupFunction) {
+ add_task(async function() {
+ info("Cleaning up.");
+ if (cleanupFunction) {
+ await cleanupFunction();
+ }
+
+ // While running these tests we typically do not have enough idle time to do
+ // GC reliably, so force it here.
+ forceGC();
+ });
+ },
+
+ _createWindowOpenTask(
+ name,
+ cookieBehavior,
+ blockingCallback,
+ nonBlockingCallback,
+ runInPrivateWindow,
+ iframeSandbox,
+ testInSubIFrame,
+ extraPrefs
+ ) {
+ add_task(async function() {
+ info(
+ `Starting window-open${
+ testInSubIFrame ? " sub iframe" : ""
+ } test ${name}`
+ );
+
+ let win = window;
+ if (runInPrivateWindow) {
+ win = OpenBrowserWindow({ private: true });
+ await TestUtils.topicObserved("browser-delayed-startup-finished");
+ }
+
+ await AntiTracking._setupTest(win, cookieBehavior, extraPrefs);
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(win.gBrowser, TEST_TOP_PAGE);
+ win.gBrowser.selectedTab = tab;
+
+ let browser = win.gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Create a first-level iframe to test sub iframes.");
+ if (testInSubIFrame) {
+ let iframeBrowsingContext = await SpecialPowers.spawn(
+ browser,
+ [{ page: TEST_IFRAME_PAGE }],
+ async function(obj) {
+ // Add an iframe.
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ return ifr.browsingContext;
+ }
+ );
+
+ browser = iframeBrowsingContext;
+ }
+
+ let pageURL = TEST_3RD_PARTY_PAGE_WO;
+ if (gFeatures == "noopener") {
+ pageURL += "?noopener";
+ }
+
+ info("Creating a 3rd party content");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: pageURL,
+ blockingCallback: blockingCallback.toString(),
+ nonBlockingCallback: nonBlockingCallback.toString(),
+ iframeSandbox,
+ },
+ ],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj, "*");
+ };
+ if (typeof obj.iframeSandbox == "string") {
+ ifr.setAttribute("sandbox", obj.iframeSandbox);
+ }
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ if (runInPrivateWindow) {
+ win.close();
+ }
+ });
+ },
+
+ _createUserInteractionTask(
+ name,
+ cookieBehavior,
+ blockingCallback,
+ nonBlockingCallback,
+ runInPrivateWindow,
+ iframeSandbox,
+ testInSubIFrame,
+ extraPrefs
+ ) {
+ add_task(async function() {
+ info(
+ `Starting user-interaction${
+ testInSubIFrame ? " sub iframe" : ""
+ } test ${name}`
+ );
+
+ let win = window;
+ if (runInPrivateWindow) {
+ win = OpenBrowserWindow({ private: true });
+ await TestUtils.topicObserved("browser-delayed-startup-finished");
+ }
+
+ await AntiTracking._setupTest(win, cookieBehavior, extraPrefs);
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(win.gBrowser, TEST_TOP_PAGE);
+ win.gBrowser.selectedTab = tab;
+
+ let browser = win.gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ if (testInSubIFrame) {
+ info("Create a first-level iframe to test sub iframes.");
+ let iframeBrowsingContext = await SpecialPowers.spawn(
+ browser,
+ [{ page: TEST_IFRAME_PAGE }],
+ async function(obj) {
+ // Add an iframe.
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ return ifr.browsingContext;
+ }
+ );
+
+ browser = iframeBrowsingContext;
+ }
+
+ // The following test will open an popup which interacts with the tracker
+ // page. So there will be an user-interaction permission added. We wait
+ // it explicitly.
+ let promiseUIPerm = AntiTracking._waitUserInteractionPerm();
+
+ info("Creating a 3rd party content");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_UI,
+ popup: TEST_POPUP_PAGE,
+ blockingCallback: blockingCallback.toString(),
+ iframeSandbox,
+ },
+ ],
+ async function(obj) {
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ if (typeof obj.iframeSandbox == "string") {
+ ifr.setAttribute("sandbox", obj.iframeSandbox);
+ }
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ info(
+ "The 3rd party content should not have access to first party storage."
+ );
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage(
+ { callback: obj.blockingCallback },
+ "*"
+ );
+ });
+
+ let windowClosed = new content.Promise(resolve => {
+ Services.ww.registerNotification(function notification(
+ aSubject,
+ aTopic,
+ aData
+ ) {
+ if (aTopic == "domwindowclosed") {
+ Services.ww.unregisterNotification(notification);
+ resolve();
+ }
+ });
+ });
+
+ info("Opening a window from the iframe.");
+ SpecialPowers.spawn(ifr, [{ popup: obj.popup }], async function(obj) {
+ content.open(obj.popup);
+ });
+
+ info("Let's wait for the window to be closed");
+ await windowClosed;
+
+ info(
+ "First time, the 3rd party content should not have access to first party storage " +
+ "because the tracker did not have user interaction"
+ );
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage(
+ { callback: obj.blockingCallback },
+ "*"
+ );
+ });
+ }
+ );
+
+ // We wait until the user-interaction permission is added.
+ await promiseUIPerm;
+
+ // We also need to wait the user-interaction permission here.
+ promiseUIPerm = AntiTracking._waitUserInteractionPerm();
+ await AntiTracking.interactWithTracker();
+ await promiseUIPerm;
+
+ // Following test will also open an popup to interact with the page. We
+ // need to explicitly wait it. Without waiting it, it could be added after
+ // we clear up the test and interfere the next test.
+ promiseUIPerm = AntiTracking._waitUserInteractionPerm();
+
+ // We have to wait until the storage access permission is added. This has
+ // the same reason as above user-interaction permission. Note that there
+ // will be two storage access permission added due to the way how we
+ // trigger the heuristic. The first permission is added due to 'Opener'
+ // heuristic and the second one is due to 'Opener after user interaction'.
+ // The page we use to trigger the heuristic will trigger both heuristic,
+ // so we have to wait 2 permissions.
+ let promiseStorageAccessPerm = AntiTracking._waitStorageAccessPerm(2);
+
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_UI,
+ popup: TEST_POPUP_PAGE,
+ nonBlockingCallback: nonBlockingCallback.toString(),
+ iframeSandbox,
+ },
+ ],
+ async function(obj) {
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ if (typeof obj.iframeSandbox == "string") {
+ ifr.setAttribute("sandbox", obj.iframeSandbox);
+ }
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ let windowClosed = new content.Promise(resolve => {
+ Services.ww.registerNotification(function notification(
+ aSubject,
+ aTopic,
+ aData
+ ) {
+ if (aTopic == "domwindowclosed") {
+ Services.ww.unregisterNotification(notification);
+ resolve();
+ }
+ });
+ });
+
+ info("Opening a window from the iframe.");
+ SpecialPowers.spawn(ifr, [{ popup: obj.popup }], async function(obj) {
+ content.open(obj.popup);
+ });
+
+ info("Let's wait for the window to be closed");
+ await windowClosed;
+
+ info(
+ "The 3rd party content should now have access to first party storage."
+ );
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage(
+ { callback: obj.nonBlockingCallback },
+ "*"
+ );
+ });
+ }
+ );
+
+ // Explicitly wait the user-interaction and storage access permission
+ // before we do the cleanup.
+ await promiseUIPerm;
+ await promiseStorageAccessPerm;
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ if (runInPrivateWindow) {
+ win.close();
+ }
+ });
+ },
+
+ async _isThirdPartyPageClassifiedAsTracker(topPage, thirdPartyDomainURI) {
+ let channel;
+ await new Promise((resolve, reject) => {
+ channel = NetUtil.newChannel({
+ uri: thirdPartyDomainURI,
+ loadingPrincipal: Services.scriptSecurityManager.createContentPrincipal(
+ thirdPartyDomainURI,
+ {}
+ ),
+ securityFlags:
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+ contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
+ });
+
+ channel
+ .QueryInterface(Ci.nsIHttpChannelInternal)
+ .setTopWindowURIIfUnknown(Services.io.newURI(topPage));
+
+ function Listener() {}
+ Listener.prototype = {
+ onStartRequest(request) {},
+ onDataAvailable(request, stream, off, cnt) {
+ // Consume the data to prevent hitting the assertion.
+ NetUtil.readInputStreamToString(stream, cnt);
+ },
+ onStopRequest(request, st) {
+ let status = request.QueryInterface(Ci.nsIHttpChannel).responseStatus;
+ if (status == 200) {
+ resolve();
+ } else {
+ reject();
+ }
+ },
+ };
+ let listener = new Listener();
+ channel.asyncOpen(listener);
+ });
+
+ return !!(
+ channel.QueryInterface(Ci.nsIClassifiedChannel).classificationFlags &
+ Ci.nsIClassifiedChannel.CLASSIFIED_ANY_BASIC_TRACKING
+ );
+ },
+};
diff --git a/toolkit/components/antitracking/test/browser/browser.ini b/toolkit/components/antitracking/test/browser/browser.ini
new file mode 100644
index 0000000000..6daf1f4737
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser.ini
@@ -0,0 +1,172 @@
+[DEFAULT]
+skip-if = os == "linux" && (asan || tsan) # bug 1662229 - task exception
+prefs =
+ # Disable the Storage Access API prompts for all of the tests in this directory
+ dom.storage_access.prompt.testing=true
+ dom.storage_access.prompt.testing.allow=true
+ dom.testing.sync-content-blocking-notifications=true
+ # Enable the window.open() heuristics globally in this directory
+ privacy.restrict3rdpartystorage.heuristic.window_open=true
+ privacy.restrict3rdpartystorage.heuristic.opened_window_after_interaction=true
+
+support-files =
+ container.html
+ container2.html
+ embedder.html
+ embedder2.html
+ head.js
+ antitracking_head.js
+ dynamicfpi_head.js
+ partitionedstorage_head.js
+ storageprincipal_head.js
+ cookiesCORS.sjs
+ iframe.html
+ image.sjs
+ imageCacheWorker.js
+ page.html
+ 3rdParty.html
+ 3rdPartyRelay.html
+ 3rdPartySVG.html
+ 3rdPartyUI.html
+ 3rdPartyWO.html
+ 3rdPartyWorker.html
+ 3rdPartyOpen.html
+ 3rdPartyOpenUI.html
+ empty.js
+ empty-altsvc.js
+ empty-altsvc.js^headers^
+ empty.html
+ file_localStorage.html
+ popup.html
+ redirect.sjs
+ server.sjs
+ storageAccessAPIHelpers.js
+ 3rdPartyStorage.html
+ 3rdPartyStorageWO.html
+ 3rdPartyPartitioned.html
+ localStorage.html
+ raptor.jpg
+ !/browser/modules/test/browser/head.js
+ !/browser/base/content/test/general/head.js
+ !/browser/base/content/test/protectionsUI/cookieServer.sjs
+ !/browser/base/content/test/protectionsUI/trackingPage.html
+ !/browser/base/content/test/protectionsUI/trackingAPI.js
+ !/toolkit/content/tests/browser/common/mockTransfer.js
+
+[browser_aboutblank.js]
+[browser_allowListNotifications.js]
+support-files = subResources.sjs
+[browser_addonHostPermissionIgnoredInTP.js]
+[browser_allowListSeparationInPrivateAndNormalWindows.js]
+skip-if = os == "mac" && !debug # Bug 1503778, 1577362
+[browser_backgroundImageAssertion.js]
+[browser_blockingCookies.js]
+[browser_blockingDOMCache.js]
+[browser_blockingIndexedDb.js]
+[browser_blockingIndexedDbInWorkers.js]
+[browser_blockingIndexedDbInWorkers2.js]
+[browser_blockingLocalStorage.js]
+[browser_blockingSessionStorage.js]
+[browser_blockingServiceWorkers.js]
+[browser_blockingServiceWorkersStorageAccessAPI.js]
+[browser_blockingSharedWorkers.js]
+[browser_blockingMessaging.js]
+skip-if = os == "linux" && debug #bug 1627094
+[browser_blockingNoOpener.js]
+[browser_contentBlockingAllowListPrincipal.js]
+support-files =
+ sandboxed.html
+ sandboxed.html^headers^
+[browser_contentBlockingTelemetry.js]
+[browser_doublyNestedTracker.js]
+[browser_existingCookiesForSubresources.js]
+[browser_fileUrl.js]
+[browser_firstPartyCookieRejectionHonoursAllowList.js]
+[browser_hasStorageAccess.js]
+[browser_imageCache4.js]
+[browser_imageCache8.js]
+[browser_onBeforeRequestNotificationForTrackingResources.js]
+[browser_onModifyRequestNotificationForTrackingResources.js]
+[browser_permissionInNormalWindows.js]
+[browser_permissionInPrivateWindows.js]
+[browser_permissionPropagation.js]
+[browser_referrerDefaultPolicy.js]
+support-files = referrer.sjs
+[browser_siteSpecificWorkArounds.js]
+[browser_subResources.js]
+support-files = subResources.sjs
+[browser_subResourcesPartitioned.js]
+support-files = subResources.sjs
+[browser_script.js]
+support-files = tracker.js
+[browser_userInteraction.js]
+[browser_serviceWorkersWithStorageAccessGranted.js]
+[browser_storageAccessDoorHanger.js]
+[browser_storageAccessPromiseRejectHandlerUserInteraction.js]
+[browser_storageAccessPromiseResolveHandlerUserInteraction.js]
+[browser_storageAccessRemovalNavigateSubframe.js]
+[browser_storageAccessRemovalNavigateTopframe.js]
+[browser_storageAccessSandboxed.js]
+[browser_storageAccessThirdPartyChecks.js]
+[browser_storageAccessWithDynamicFpi.js]
+[browser_storageAccessWithHeuristics.js]
+[browser_networkIsolation.js]
+[browser_allowPermissionForTracker.js]
+[browser_denyPermissionForTracker.js]
+[browser_localStorageEvents.js]
+[browser_partitionedLocalStorage.js]
+[browser_partitionedLocalStorage_events.js]
+support-files = localStorageEvents.html
+[browser_workerPropagation.js]
+support-files = workerIframe.html
+[browser_cookieBetweenTabs.js]
+[browser_partitionedMessaging.js]
+skip-if = true #Bug 1588241
+[browser_partitionedIndexedDB.js]
+[browser_partitionedCookies.js]
+support-files = cookies.sjs
+[browser_partitionedDOMCache.js]
+[browser_partitionedServiceWorkers.js]
+support-files = matchAll.js
+[browser_partitionedSharedWorkers.js]
+support-files = sharedWorker.js partitionedSharedWorker.js
+[browser_socialtracking.js]
+[browser_socialtracking_save_image.js]
+[browser_thirdPartyStorageRejectionForCORS.js]
+[browser_urlDecorationStripping.js]
+tags = remote-settings
+[browser_staticPartition_cache.js]
+support-files =
+ !/browser/components/originattributes/test/browser/file_cache.html
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.audio.ogg
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.embed.png
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.fetch.html
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.iframe.html
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.img.png
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.favicon.png
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.import.js
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.link.css
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.object.png
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.request.html
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.script.js
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.sharedworker.js
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.video.ogv
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.worker.fetch.html
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.worker.js
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.worker.request.html
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.worker.xhr.html
+ !/browser/components/originattributes/test/browser/file_thirdPartyChild.xhr.html
+[browser_staticPartition_network.js]
+[browser_staticPartition_CORS_preflight.js]
+support-files = browser_staticPartition_CORS_preflight.sjs
+[browser_staticPartition_HSTS.js]
+support-files = browser_staticPartition_HSTS.sjs
+[browser_staticPartition_saveAs.js]
+support-files =
+ file_saveAsImage.sjs
+ file_saveAsVideo.sjs
+ file_saveAsPageInfo.html
+ file_video.ogv
+[browser_partitionedClearSiteDataHeader.js]
+support-files =
+ clearSiteData.sjs
diff --git a/toolkit/components/antitracking/test/browser/browser_aboutblank.js b/toolkit/components/antitracking/test/browser/browser_aboutblank.js
new file mode 100644
index 0000000000..683b380c3f
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_aboutblank.js
@@ -0,0 +1,40 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+add_task(async function test_aboutblankInIframe() {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ ],
+ ],
+ });
+
+ let tab = await BrowserTestUtils.openNewForegroundTab(
+ gBrowser,
+ TEST_TOP_PAGE
+ );
+ let browser = tab.linkedBrowser;
+
+ await SpecialPowers.spawn(browser, [], async function(obj) {
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ ifr.src = "about:blank";
+ content.document.body.appendChild(ifr);
+ await loading;
+
+ await SpecialPowers.spawn(ifr, [], async function(obj) {
+ ok(
+ content.navigator.cookieEnabled,
+ "Cookie should be enabled in about blank"
+ );
+ });
+ });
+
+ BrowserTestUtils.removeTab(tab);
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_addonHostPermissionIgnoredInTP.js b/toolkit/components/antitracking/test/browser/browser_addonHostPermissionIgnoredInTP.js
new file mode 100644
index 0000000000..979a00429f
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_addonHostPermissionIgnoredInTP.js
@@ -0,0 +1,48 @@
+ChromeUtils.import("resource://gre/modules/Services.jsm");
+
+add_task(async function() {
+ info("Starting test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [["privacy.trackingprotection.enabled", true]],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let extension = ExtensionTestUtils.loadExtension({
+ manifest: { permissions: ["https://tracking.example.com/"] },
+ files: {
+ "page.html":
+ '<html><head></head><body><script src="script.js"></script><iframe src="https://tracking.example.com/browser/toolkit/components/antitracking/test/browser/container2.html"></iframe></body></html>',
+ "script.js":
+ 'window.count=0;window.p=new Promise(resolve=>{onmessage=e=>{count=e.data.data;resolve();};});p.then(()=>{document.documentElement.setAttribute("count",count);});',
+ },
+ async background() {
+ browser.test.sendMessage("ready", browser.runtime.getURL("page.html"));
+ },
+ });
+ await extension.startup();
+ let url = await extension.awaitMessage("ready");
+
+ info("Creating a new tab");
+ let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, url);
+ let browser = tab.linkedBrowser;
+
+ info("Verify the number of script nodes found");
+ await ContentTask.spawn(browser, [], async function(obj) {
+ // Need to wait a bit for cross-process postMessage...
+ await ContentTaskUtils.waitForCondition(
+ () => content.document.documentElement.getAttribute("count") !== null,
+ "waiting for 'count' attribute"
+ );
+ let count = content.document.documentElement.getAttribute("count");
+ is(count, 3, "Expected script nodes found");
+ });
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ await extension.unload();
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_allowListNotifications.js b/toolkit/components/antitracking/test/browser/browser_allowListNotifications.js
new file mode 100644
index 0000000000..d4802f2d7f
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_allowListNotifications.js
@@ -0,0 +1,133 @@
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ gProtectionsHandler.disableForCurrentPage();
+
+ // The previous function reloads the browser, so wait for it to load again!
+ await BrowserTestUtils.browserLoaded(browser);
+
+ // Now load subresources from a few third-party origins.
+ // We should expect to see none of these origins in the content blocking log at the end.
+ await fetch(
+ "https://test1.example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "0", "Cookies received for images");
+ });
+
+ await fetch(
+ "https://test2.example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "0", "Cookies received for images");
+ });
+
+ info("Creating a 3rd party content");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE,
+ blockingCallback: (async _ => {}).toString(),
+ nonBlockingCallback: (async _ => {}).toString(),
+ },
+ ],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj.blockingCallback, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ let expectTrackerFound = item => {
+ is(
+ item[0],
+ Ci.nsIWebProgressListener.STATE_LOADED_LEVEL_1_TRACKING_CONTENT,
+ "Correct blocking type reported"
+ );
+ is(item[1], true, "Correct blocking status reported");
+ ok(item[2] >= 1, "Correct repeat count reported");
+ };
+
+ let log = JSON.parse(await browser.getContentBlockingLog());
+ for (let trackerOrigin in log) {
+ is(
+ trackerOrigin + "/",
+ TEST_3RD_PARTY_DOMAIN,
+ "Correct tracker origin must be reported"
+ );
+ let originLog = log[trackerOrigin];
+ is(originLog.length, 1, "We should have 1 entry in the compressed log");
+ expectTrackerFound(originLog[0]);
+ }
+
+ gProtectionsHandler.enableForCurrentPage();
+
+ // The previous function reloads the browser, so wait for it to load again!
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_allowListSeparationInPrivateAndNormalWindows.js b/toolkit/components/antitracking/test/browser/browser_allowListSeparationInPrivateAndNormalWindows.js
new file mode 100644
index 0000000000..343feb8019
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_allowListSeparationInPrivateAndNormalWindows.js
@@ -0,0 +1,54 @@
+// This test works by setting up an exception for the private window allow list
+// manually, and it then expects to see some blocking notifications (note the
+// document.cookie setter in the blocking callback.)
+// If the exception lists aren't handled separately, we'd get confused and put
+// the pages loaded under this test in the allow list, which would result in
+// the test not passing because no blocking notifications would be observed.
+
+// Testing the reverse case would also be interesting, but unfortunately there
+// isn't a super easy way to do that with our antitracking test framework since
+// private windows wouldn't send any blocking notifications as they don't have
+// storage access in the first place.
+
+/* import-globals-from antitracking_head.js */
+
+"use strict";
+add_task(async _ => {
+ let uri = Services.io.newURI("https://example.net");
+ PermissionTestUtils.add(
+ uri,
+ "trackingprotection-pb",
+ Services.perms.ALLOW_ACTION
+ );
+
+ registerCleanupFunction(_ => {
+ Services.perms.removeAll();
+ });
+});
+
+AntiTracking.runTest(
+ "Test that we don't honour a private allow list exception in a normal window",
+ // Blocking callback
+ async _ => {
+ document.cookie = "name=value";
+ },
+
+ // Non blocking callback
+ async _ => {
+ // Nothing to do here.
+ },
+
+ // Cleanup callback
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null, // no extra prefs
+ false, // run the window.open() test
+ false, // run the user interaction test
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
+ false
+); // run in a normal window
diff --git a/toolkit/components/antitracking/test/browser/browser_allowPermissionForTracker.js b/toolkit/components/antitracking/test/browser/browser_allowPermissionForTracker.js
new file mode 100644
index 0000000000..fb56c3d477
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_allowPermissionForTracker.js
@@ -0,0 +1,66 @@
+// This test works by setting up an exception for the tracker domain, which
+// disables all the anti-tracking tests.
+
+/* import-globals-from antitracking_head.js */
+
+add_task(async _ => {
+ PermissionTestUtils.add(
+ "https://tracking.example.org",
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://tracking.example.com",
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+ // Grant interaction permission so we can directly call
+ // requestStorageAccess from the tracker.
+ PermissionTestUtils.add(
+ "https://tracking.example.org",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ registerCleanupFunction(_ => {
+ Services.perms.removeAll();
+ });
+});
+
+AntiTracking._createTask({
+ name: "Test that we do honour a cookie permission for nested windows",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ blockingByContentBlockingRTUI: false,
+ allowList: false,
+ callback: async _ => {
+ document.cookie = "name=value";
+ ok(document.cookie != "", "Nothing is blocked");
+
+ // requestStorageAccess should resolve
+ let dwu = SpecialPowers.getDOMWindowUtils(window);
+ let helper = dwu.setHandlingUserInput(true);
+ await document
+ .requestStorageAccess()
+ .then(() => {
+ ok(true, "Should grant storage access");
+ })
+ .catch(() => {
+ ok(false, "Should grant storage access");
+ });
+ helper.destruct();
+ },
+ extraPrefs: null,
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+});
+
+add_task(async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_backgroundImageAssertion.js b/toolkit/components/antitracking/test/browser/browser_backgroundImageAssertion.js
new file mode 100644
index 0000000000..35712f27c4
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_backgroundImageAssertion.js
@@ -0,0 +1,65 @@
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ await SpecialPowers.spawn(
+ browser,
+ [{ page: TEST_3RD_PARTY_PAGE_WITH_SVG }],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ ok(true, "No crash, hopefully!");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingCookies.js b/toolkit/components/antitracking/test/browser/browser_blockingCookies.js
new file mode 100644
index 0000000000..fef2c3db04
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingCookies.js
@@ -0,0 +1,173 @@
+/* import-globals-from antitracking_head.js */
+
+requestLongerTimeout(4);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "Set/Get Cookies",
+ // Blocking callback
+ async _ => {
+ is(document.cookie, "", "No cookies for me");
+ document.cookie = "name=value";
+ is(document.cookie, "", "No cookies for me");
+
+ for (let arg of ["?checkonly", "?redirect-checkonly"]) {
+ info(`checking with arg=${arg}`);
+ await fetch("server.sjs" + arg)
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+ // Let's do it twice.
+ await fetch("server.sjs" + arg)
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+ }
+
+ is(document.cookie, "", "Still no cookies for me");
+ },
+
+ // Non blocking callback
+ async _ => {
+ is(document.cookie, "", "No cookies for me");
+
+ // Note: The ?redirect test is _not_ using checkonly, so it will actually
+ // set our foopy=1 cookie.
+ for (let arg of ["?checkonly", "?redirect"]) {
+ info(`checking with arg=${arg}`);
+ await fetch("server.sjs" + arg)
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+ }
+
+ document.cookie = "name=value";
+ ok(document.cookie.includes("name=value"), "Some cookies for me");
+ ok(document.cookie.includes("foopy=1"), "Some cookies for me");
+
+ for (let arg of ["", "?redirect"]) {
+ info(`checking with arg=${arg}`);
+ await fetch("server.sjs" + arg)
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-present", "We should have cookies");
+ });
+ }
+
+ ok(document.cookie.length, "Some Cookies for me");
+ },
+
+ // Cleanup callback
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "Cookies and Storage Access API",
+ // Blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ is(document.cookie, "", "No cookies for me");
+ document.cookie = "name=value";
+ is(document.cookie, "", "No cookies for me");
+
+ for (let arg of ["", "?redirect"]) {
+ info(`checking with arg=${arg}`);
+ await fetch("server.sjs" + arg)
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+ // Let's do it twice.
+ await fetch("server.sjs" + arg)
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+ }
+
+ is(document.cookie, "", "Still no cookies for me");
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ is(document.cookie, "", "No cookies for me");
+ document.cookie = "name=value";
+
+ if (
+ [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ )
+ ) {
+ is(document.cookie, "", "No cookies for me");
+ } else {
+ is(document.cookie, "name=value", "I have the cookies!");
+ }
+ },
+
+ // Non blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ is(document.cookie, "", "No cookies for me");
+
+ // Note: The ?redirect test is _not_ using checkonly, so it will actually
+ // set our foopy=1 cookie.
+ for (let arg of ["?checkonly", "?redirect"]) {
+ info(`checking with arg=${arg}`);
+ await fetch("server.sjs" + arg)
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+ }
+
+ document.cookie = "name=value";
+ ok(document.cookie.includes("name=value"), "Some cookies for me");
+ ok(document.cookie.includes("foopy=1"), "Some cookies for me");
+
+ for (let arg of ["", "?redirect"]) {
+ info(`checking with arg=${arg}`);
+ await fetch("server.sjs" + arg)
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-present", "We should have cookies");
+ });
+ }
+
+ ok(document.cookie.length, "Some Cookies for me");
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+ ok(document.cookie.length, "Still some Cookies for me");
+ ok(document.cookie.includes("name=value"), "Some cookies for me");
+ ok(document.cookie.includes("foopy=1"), "Some cookies for me");
+ },
+
+ // Cleanup callback
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingDOMCache.js b/toolkit/components/antitracking/test/browser/browser_blockingDOMCache.js
new file mode 100644
index 0000000000..dedb3ebb1f
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingDOMCache.js
@@ -0,0 +1,107 @@
+/* import-globals-from antitracking_head.js */
+
+requestLongerTimeout(2);
+
+AntiTracking.runTest(
+ "DOM Cache",
+ async _ => {
+ await caches.open("wow").then(
+ _ => {
+ ok(false, "DOM Cache cannot be used!");
+ },
+ _ => {
+ ok(true, "DOM Cache cannot be used!");
+ }
+ );
+ },
+ async _ => {
+ await caches.open("wow").then(
+ _ => {
+ ok(true, "DOM Cache can be used!");
+ },
+ _ => {
+ ok(false, "DOM Cache can be used!");
+ }
+ );
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [["dom.caches.testing.enabled", true]]
+);
+
+AntiTracking.runTest(
+ "DOM Cache and Storage Access API",
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ await caches.open("wow").then(
+ _ => {
+ ok(false, "DOM Cache cannot be used!");
+ },
+ _ => {
+ ok(true, "DOM Cache cannot be used!");
+ }
+ );
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ let shouldThrow = [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ );
+
+ await caches.open("wow").then(
+ _ => {
+ ok(!shouldThrow, "DOM Cache can be used!");
+ },
+ _ => {
+ ok(shouldThrow, "DOM Cache can be used!");
+ }
+ );
+ },
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ await caches.open("wow").then(
+ _ => {
+ ok(true, "DOM Cache can be used!");
+ },
+ _ => {
+ ok(false, "DOM Cache can be used!");
+ }
+ );
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+ await caches.open("wow").then(
+ _ => {
+ ok(true, "DOM Cache can be used!");
+ },
+ _ => {
+ ok(false, "DOM Cache can be used!");
+ }
+ );
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [["dom.caches.testing.enabled", true]],
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingIndexedDb.js b/toolkit/components/antitracking/test/browser/browser_blockingIndexedDb.js
new file mode 100644
index 0000000000..60873e8693
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingIndexedDb.js
@@ -0,0 +1,97 @@
+/* import-globals-from antitracking_head.js */
+
+requestLongerTimeout(4);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "IndexedDB",
+ // blocking callback
+ async _ => {
+ try {
+ indexedDB.open("test", "1");
+ ok(false, "IDB should be blocked");
+ } catch (e) {
+ ok(true, "IDB should be blocked");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ },
+ // non-blocking callback
+ async _ => {
+ indexedDB.open("test", "1");
+ ok(true, "IDB should be allowed");
+ },
+ // Cleanup callback
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "IndexedDB and Storage Access API",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ try {
+ indexedDB.open("test", "1");
+ ok(false, "IDB should be blocked");
+ } catch (e) {
+ ok(true, "IDB should be blocked");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ let shouldThrow = [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ );
+
+ let hasThrown;
+ try {
+ indexedDB.open("test", "1");
+ hasThrown = false;
+ } catch (e) {
+ hasThrown = true;
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+
+ is(
+ hasThrown,
+ shouldThrow,
+ "IDB should be allowed if not in cookieBehavior pref value BEHAVIOR_REJECT/BEHAVIOR_REJECT_FOREIGN"
+ );
+ },
+ // non-blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ indexedDB.open("test", "1");
+ ok(true, "IDB should be allowed");
+
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+ indexedDB.open("test", "1");
+ ok(true, "IDB should be allowed");
+ },
+ // Cleanup callback
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingIndexedDbInWorkers.js b/toolkit/components/antitracking/test/browser/browser_blockingIndexedDbInWorkers.js
new file mode 100644
index 0000000000..c9ae0d1654
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingIndexedDbInWorkers.js
@@ -0,0 +1,74 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "IndexedDB in workers",
+ async _ => {
+ function blockCode() {
+ try {
+ indexedDB.open("test", "1");
+ postMessage(false);
+ } catch (e) {
+ postMessage(e.name == "SecurityError");
+ }
+ }
+
+ let blob = new Blob([blockCode.toString() + "; blockCode();"]);
+ ok(blob, "Blob has been created");
+
+ let blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ let worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+ },
+ async _ => {
+ function nonBlockCode() {
+ indexedDB.open("test", "1");
+ postMessage(true);
+ }
+
+ let blob = new Blob([nonBlockCode.toString() + "; nonBlockCode();"]);
+ ok(blob, "Blob has been created");
+
+ let blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ let worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingIndexedDbInWorkers2.js b/toolkit/components/antitracking/test/browser/browser_blockingIndexedDbInWorkers2.js
new file mode 100644
index 0000000000..2c465c4673
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingIndexedDbInWorkers2.js
@@ -0,0 +1,146 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "IndexedDB in workers and Storage Access API",
+ async _ => {
+ function blockCode() {
+ try {
+ indexedDB.open("test", "1");
+ postMessage(false);
+ } catch (e) {
+ postMessage(e.name == "SecurityError");
+ }
+ }
+ function nonBlockCode() {
+ indexedDB.open("test", "1");
+ postMessage(true);
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ let blob = new Blob([blockCode.toString() + "; blockCode();"]);
+ ok(blob, "Blob has been created");
+
+ let blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ let worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ if (
+ [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ )
+ ) {
+ blob = new Blob([blockCode.toString() + "; blockCode();"]);
+ } else {
+ blob = new Blob([nonBlockCode.toString() + "; nonBlockCode();"]);
+ }
+ ok(blob, "Blob has been created");
+
+ blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+ },
+ async _ => {
+ function nonBlockCode() {
+ indexedDB.open("test", "1");
+ postMessage(true);
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ let blob = new Blob([nonBlockCode.toString() + "; nonBlockCode();"]);
+ ok(blob, "Blob has been created");
+
+ let blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ let worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+
+ worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingLocalStorage.js b/toolkit/components/antitracking/test/browser/browser_blockingLocalStorage.js
new file mode 100644
index 0000000000..b3aef3df3b
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingLocalStorage.js
@@ -0,0 +1,90 @@
+/* import-globals-from antitracking_head.js */
+
+requestLongerTimeout(4);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "localStorage",
+ async _ => {
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ },
+ async _ => {
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "localStorage and Storage Access API",
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ if (
+ [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ )
+ ) {
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ } else {
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ }
+ },
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingMessaging.js b/toolkit/components/antitracking/test/browser/browser_blockingMessaging.js
new file mode 100644
index 0000000000..435c95dfa4
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingMessaging.js
@@ -0,0 +1,312 @@
+/* import-globals-from antitracking_head.js */
+
+if (AppConstants.MOZ_CODE_COVERAGE) {
+ requestLongerTimeout(12);
+} else {
+ requestLongerTimeout(12);
+}
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "BroadcastChannel",
+ async _ => {
+ try {
+ new BroadcastChannel("hello");
+ ok(false, "BroadcastChannel cannot be used!");
+ } catch (e) {
+ ok(true, "BroadcastChannel cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ },
+ async _ => {
+ new BroadcastChannel("hello");
+ ok(true, "BroadcastChannel be used");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "BroadcastChannel in workers",
+ async _ => {
+ function blockingCode() {
+ try {
+ new BroadcastChannel("hello");
+ postMessage(false);
+ } catch (e) {
+ postMessage(e.name == "SecurityError");
+ }
+ }
+
+ let blob = new Blob([blockingCode.toString() + "; blockingCode();"]);
+ ok(blob, "Blob has been created");
+
+ let blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ let worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+ },
+ async _ => {
+ function nonBlockingCode() {
+ new BroadcastChannel("hello");
+ postMessage(true);
+ }
+
+ let blob = new Blob([nonBlockingCode.toString() + "; nonBlockingCode();"]);
+ ok(blob, "Blob has been created");
+
+ let blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ let worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "BroadcastChannel and Storage Access API",
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ try {
+ new BroadcastChannel("hello");
+ ok(false, "BroadcastChannel cannot be used!");
+ } catch (e) {
+ ok(true, "BroadcastChannel cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ if (
+ [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ )
+ ) {
+ try {
+ new BroadcastChannel("hello");
+ ok(false, "BroadcastChannel cannot be used!");
+ } catch (e) {
+ ok(true, "BroadcastChannel cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ } else {
+ new BroadcastChannel("hello");
+ ok(true, "BroadcastChannel can be used");
+ }
+ },
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ new BroadcastChannel("hello");
+ ok(true, "BroadcastChanneli can be used");
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ new BroadcastChannel("hello");
+ ok(true, "BroadcastChannel can be used");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ false,
+ false
+);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "BroadcastChannel in workers and Storage Access API",
+ async _ => {
+ function blockingCode() {
+ try {
+ new BroadcastChannel("hello");
+ postMessage(false);
+ } catch (e) {
+ postMessage(e.name == "SecurityError");
+ }
+ }
+ function nonBlockingCode() {
+ new BroadcastChannel("hello");
+ postMessage(true);
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ let blob = new Blob([blockingCode.toString() + "; blockingCode();"]);
+ ok(blob, "Blob has been created");
+
+ let blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ let worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ if (
+ [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ )
+ ) {
+ blob = new Blob([blockingCode.toString() + "; blockingCode();"]);
+ } else {
+ blob = new Blob([nonBlockingCode.toString() + "; nonBlockingCode();"]);
+ }
+
+ ok(blob, "Blob has been created");
+
+ blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+ },
+ async _ => {
+ function nonBlockingCode() {
+ new BroadcastChannel("hello");
+ postMessage(true);
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ let blob = new Blob([nonBlockingCode.toString() + "; nonBlockingCode();"]);
+ ok(blob, "Blob has been created");
+
+ let blobURL = URL.createObjectURL(blob);
+ ok(blobURL, "Blob URL has been created");
+
+ let worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+
+ worker = new Worker(blobURL);
+ ok(worker, "Worker has been created");
+
+ await new Promise((resolve, reject) => {
+ worker.onmessage = function(e) {
+ if (e.data) {
+ resolve();
+ } else {
+ reject();
+ }
+ };
+
+ worker.onerror = function(e) {
+ reject();
+ };
+ });
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingNoOpener.js b/toolkit/components/antitracking/test/browser/browser_blockingNoOpener.js
new file mode 100644
index 0000000000..99c7d2bcdd
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingNoOpener.js
@@ -0,0 +1,43 @@
+/* import-globals-from antitracking_head.js */
+
+gFeatures = "noopener";
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "Blocking in the case of noopener windows",
+ async _ => {
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ },
+ async phase => {
+ switch (phase) {
+ case 1:
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ break;
+ case 2:
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ break;
+ }
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ true,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingServiceWorkers.js b/toolkit/components/antitracking/test/browser/browser_blockingServiceWorkers.js
new file mode 100644
index 0000000000..edaa107fea
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingServiceWorkers.js
@@ -0,0 +1,32 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "ServiceWorkers",
+ async _ => {
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ _ => {
+ ok(false, "ServiceWorker cannot be used!");
+ },
+ _ => {
+ ok(true, "ServiceWorker cannot be used!");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+ },
+ null,
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.ipc.processCount", 1],
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ]
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingServiceWorkersStorageAccessAPI.js b/toolkit/components/antitracking/test/browser/browser_blockingServiceWorkersStorageAccessAPI.js
new file mode 100644
index 0000000000..92dbfa6fd2
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingServiceWorkersStorageAccessAPI.js
@@ -0,0 +1,127 @@
+/* import-globals-from antitracking_head.js */
+
+requestLongerTimeout(2);
+
+AntiTracking.runTest(
+ "ServiceWorkers and Storage Access API",
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ _ => {
+ ok(false, "ServiceWorker cannot be used!");
+ },
+ _ => {
+ ok(true, "ServiceWorker cannot be used!");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ if (
+ [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ )
+ ) {
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ _ => {
+ ok(false, "ServiceWorker cannot be used!");
+ },
+ _ => {
+ ok(true, "ServiceWorker cannot be used!");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+ } else {
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ reg => {
+ ok(true, "ServiceWorker can be used!");
+ return reg;
+ },
+ _ => {
+ ok(false, "ServiceWorker cannot be used! " + _);
+ }
+ )
+ .then(
+ reg => reg.unregister(),
+ _ => {
+ ok(false, "unregister failed");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+ }
+ },
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ reg => {
+ ok(true, "ServiceWorker can be used!");
+ return reg;
+ },
+ _ => {
+ ok(false, "ServiceWorker cannot be used!");
+ }
+ )
+ .then(
+ reg => reg.unregister(),
+ _ => {
+ ok(false, "unregister failed");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ reg => {
+ ok(true, "ServiceWorker can be used!");
+ return reg;
+ },
+ _ => {
+ ok(false, "ServiceWorker cannot be used!");
+ }
+ )
+ .then(
+ reg => reg.unregister(),
+ _ => {
+ ok(false, "unregister failed");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.ipc.processCount", 1],
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ],
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingSessionStorage.js b/toolkit/components/antitracking/test/browser/browser_blockingSessionStorage.js
new file mode 100644
index 0000000000..a06527bf33
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingSessionStorage.js
@@ -0,0 +1,116 @@
+/* import-globals-from antitracking_head.js */
+
+requestLongerTimeout(4);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "sessionStorage",
+ async _ => {
+ let shouldThrow = [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ );
+
+ let hasThrown;
+ try {
+ sessionStorage.foo = 42;
+ hasThrown = false;
+ } catch (e) {
+ hasThrown = true;
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+
+ is(
+ hasThrown,
+ shouldThrow,
+ "SessionStorage show thrown only if cookieBehavior is REJECT"
+ );
+ },
+ async _ => {
+ sessionStorage.foo = 42;
+ ok(true, "SessionStorage is always allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [],
+ true,
+ true
+);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "sessionStorage and Storage Access API",
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ let shouldThrow = [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ );
+
+ let hasThrown;
+ try {
+ sessionStorage.foo = 42;
+ hasThrown = false;
+ } catch (e) {
+ hasThrown = true;
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+
+ is(
+ hasThrown,
+ shouldThrow,
+ "SessionStorage show thrown only if cookieBehavior is REJECT"
+ );
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ try {
+ sessionStorage.foo = 42;
+ hasThrown = false;
+ } catch (e) {
+ hasThrown = true;
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+
+ is(
+ hasThrown,
+ shouldThrow,
+ "SessionStorage show thrown only if cookieBehavior is REJECT"
+ );
+ },
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ sessionStorage.foo = 42;
+ ok(true, "SessionStorage is always allowed");
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+ sessionStorage.foo = 42;
+ ok(
+ true,
+ "SessionStorage is allowed after calling the storage access API too"
+ );
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_blockingSharedWorkers.js b/toolkit/components/antitracking/test/browser/browser_blockingSharedWorkers.js
new file mode 100644
index 0000000000..bb405b8701
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_blockingSharedWorkers.js
@@ -0,0 +1,90 @@
+/* import-globals-from antitracking_head.js */
+
+requestLongerTimeout(4);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "SharedWorkers",
+ async _ => {
+ try {
+ new SharedWorker("a.js", "foo");
+ ok(false, "SharedWorker cannot be used!");
+ } catch (e) {
+ ok(true, "SharedWorker cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ },
+ async _ => {
+ new SharedWorker("a.js", "foo");
+ ok(true, "SharedWorker is allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "SharedWorkers and Storage Access API",
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ try {
+ new SharedWorker("a.js", "foo");
+ ok(false, "SharedWorker cannot be used!");
+ } catch (e) {
+ ok(true, "SharedWorker cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ if (
+ [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ )
+ ) {
+ try {
+ new SharedWorker("a.js", "foo");
+ ok(false, "SharedWorker cannot be used!");
+ } catch (e) {
+ ok(true, "SharedWorker cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ } else {
+ new SharedWorker("a.js", "foo");
+ ok(true, "SharedWorker is allowed");
+ }
+ },
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ new SharedWorker("a.js", "foo");
+ ok(true, "SharedWorker is allowed");
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+ new SharedWorker("a.js", "bar");
+ ok(true, "SharedWorker is allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null,
+ false,
+ false
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_contentBlockingAllowListPrincipal.js b/toolkit/components/antitracking/test/browser/browser_contentBlockingAllowListPrincipal.js
new file mode 100644
index 0000000000..82cf23af44
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_contentBlockingAllowListPrincipal.js
@@ -0,0 +1,236 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const TEST_SANDBOX_URL =
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/sandboxed.html";
+
+/**
+ * Tests the contentBlockingAllowListPrincipal.
+ * @param {Browser} browser - Browser to test.
+ * @param {("content"|"system")} type - Expected principal type.
+ * @param {String} [origin] - Expected origin of principal. Defaults to the
+ * origin of the browsers content principal.
+ */
+function checkAllowListPrincipal(
+ browser,
+ type,
+ origin = browser.contentPrincipal.origin
+) {
+ let principal =
+ browser.browsingContext.currentWindowGlobal
+ .contentBlockingAllowListPrincipal;
+ ok(principal, "Principal is set");
+
+ if (type == "content") {
+ ok(principal.isContentPrincipal, "Is content principal");
+
+ ok(
+ principal.schemeIs("https"),
+ "allowlist content principal must have https scheme"
+ );
+ } else if (type == "system") {
+ ok(principal.isSystemPrincipal, "Is system principal");
+ } else {
+ throw new Error("Unexpected principal type");
+ }
+
+ is(principal.origin, origin, "Correct origin");
+}
+
+/**
+ * Runs a given test in a normal window and in a private browsing window.
+ * @param {String} initialUrl - URL to load in the initial test tab.
+ * @param {Function} testCallback - Test function to run in both windows.
+ */
+async function runTestInNormalAndPrivateMode(initialUrl, testCallback) {
+ for (let i = 0; i < 2; i++) {
+ let isPrivateBrowsing = !!i;
+ info("Running test. Private browsing: " + !!i);
+ let win = await BrowserTestUtils.openNewBrowserWindow({
+ private: isPrivateBrowsing,
+ });
+ let tab = BrowserTestUtils.addTab(win.gBrowser, initialUrl);
+ let browser = tab.linkedBrowser;
+
+ await BrowserTestUtils.browserLoaded(browser);
+
+ await testCallback(browser, isPrivateBrowsing);
+
+ await BrowserTestUtils.closeWindow(win);
+ }
+}
+
+/**
+ * Creates an iframe in the passed browser and waits for it to load.
+ * @param {Browser} browser - Browser to create the frame in.
+ * @param {String} src - Frame source url.
+ * @param {String} id - Frame id.
+ * @param {String} [sandboxAttr] - Optional list of sandbox attributes to set
+ * for the iframe. Defaults to no sandbox.
+ * @returns {Promise} - Resolves once the frame has loaded.
+ */
+function createFrame(browser, src, id, sandboxAttr) {
+ return SpecialPowers.spawn(
+ browser,
+ [{ page: src, frameId: id, sandboxAttr }],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let frame = content.document.createElement("iframe");
+ frame.src = obj.page;
+ frame.id = obj.frameId;
+ if (obj.sandboxAttr) {
+ frame.setAttribute("sandbox", obj.sandboxAttr);
+ }
+ frame.addEventListener("load", resolve, { once: true });
+ content.document.body.appendChild(frame);
+ });
+ }
+ );
+}
+
+add_task(async setup => {
+ // Disable heuristics. We don't need them and if enabled the resulting
+ // telemetry can race with the telemetry in the next test.
+ // See Bug 1686836, Bug 1686894.
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.restrict3rdpartystorage.heuristic.redirect", false],
+ ["privacy.restrict3rdpartystorage.heuristic.recently_visited", false],
+ ["privacy.restrict3rdpartystorage.heuristic.window_open", false],
+ ],
+ });
+});
+
+/**
+ * Test that we get the correct allow list principal which matches the content
+ * principal for an https site.
+ */
+add_task(async test_contentPrincipalHTTPS => {
+ await runTestInNormalAndPrivateMode("https://example.com", browser => {
+ checkAllowListPrincipal(browser, "content");
+ });
+});
+
+/**
+ * Tests that the scheme of the allowlist principal is HTTPS, even though the
+ * site is loaded via HTTP.
+ */
+add_task(async test_contentPrincipalHTTP => {
+ await runTestInNormalAndPrivateMode(
+ "http://example.net",
+ (browser, isPrivateBrowsing) => {
+ checkAllowListPrincipal(
+ browser,
+ "content",
+ "https://example.net" +
+ (isPrivateBrowsing ? "^privateBrowsingId=1" : "")
+ );
+ }
+ );
+});
+
+/**
+ * Tests that the allow list principal is a system principal for the preferences
+ * about site.
+ */
+add_task(async test_systemPrincipal => {
+ await runTestInNormalAndPrivateMode("about:preferences", browser => {
+ checkAllowListPrincipal(browser, "system");
+ });
+});
+
+/**
+ * Tests that we get a valid content principal for top level sandboxed pages,
+ * and not the document principal which is a null principal.
+ */
+add_task(async test_TopLevelSandbox => {
+ await runTestInNormalAndPrivateMode(
+ TEST_SANDBOX_URL,
+ (browser, isPrivateBrowsing) => {
+ ok(
+ browser.contentPrincipal.isNullPrincipal,
+ "Top level sandboxed page should have null principal"
+ );
+ checkAllowListPrincipal(
+ browser,
+ "content",
+ "https://example.com" +
+ (isPrivateBrowsing ? "^privateBrowsingId=1" : "")
+ );
+ }
+ );
+});
+
+/**
+ * Tests that we get a valid content principal for a new tab opened via
+ * window.open.
+ */
+add_task(async test_windowOpen => {
+ await runTestInNormalAndPrivateMode("https://example.com", async browser => {
+ checkAllowListPrincipal(browser, "content");
+
+ let promiseTabOpened = BrowserTestUtils.waitForNewTab(
+ browser.ownerGlobal.gBrowser,
+ "https://example.org/",
+ true
+ );
+
+ // Call window.open from iframe.
+ await SpecialPowers.spawn(browser, [], async function() {
+ content.open("https://example.org/");
+ });
+
+ let tab = await promiseTabOpened;
+
+ checkAllowListPrincipal(tab.linkedBrowser, "content");
+
+ BrowserTestUtils.removeTab(tab);
+ });
+});
+
+/**
+ * Tests that we get a valid content principal for a new tab opened via
+ * window.open from a sandboxed iframe.
+ */
+add_task(async test_windowOpenFromSandboxedFrame => {
+ await runTestInNormalAndPrivateMode(
+ "https://example.com",
+ async (browser, isPrivateBrowsing) => {
+ checkAllowListPrincipal(browser, "content");
+
+ // Create sandboxed iframe, allow popups.
+ await createFrame(
+ browser,
+ "https://example.com",
+ "sandboxedIframe",
+ "allow-popups"
+ );
+ // Iframe BC is the only child of the test browser.
+ let [frameBrowsingContext] = browser.browsingContext.children;
+
+ let promiseTabOpened = BrowserTestUtils.waitForNewTab(
+ browser.ownerGlobal.gBrowser,
+ "https://example.org/",
+ true
+ );
+
+ // Call window.open from iframe.
+ await SpecialPowers.spawn(frameBrowsingContext, [], async function() {
+ content.open("https://example.org/");
+ });
+
+ let tab = await promiseTabOpened;
+
+ checkAllowListPrincipal(
+ tab.linkedBrowser,
+ "content",
+ "https://example.org" +
+ (isPrivateBrowsing ? "^privateBrowsingId=1" : "")
+ );
+
+ BrowserTestUtils.removeTab(tab);
+ }
+ );
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_contentBlockingTelemetry.js b/toolkit/components/antitracking/test/browser/browser_contentBlockingTelemetry.js
new file mode 100644
index 0000000000..3432f40b4a
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_contentBlockingTelemetry.js
@@ -0,0 +1,381 @@
+/**
+ * Bug 1668199 - Testing the content blocking telemetry.
+ */
+
+"use strict";
+
+/* import-globals-from antitracking_head.js */
+
+const { TelemetryTestUtils } = ChromeUtils.import(
+ "resource://testing-common/TelemetryTestUtils.jsm"
+);
+
+const LABEL_STORAGE_GRANTED = 0;
+const LABEL_STORAGE_ACCESS_API = 1;
+const LABEL_OPENER_AFTER_UI = 2;
+const LABEL_OPENER = 3;
+const LABEL_REDIRECT = 4;
+
+function clearTelemetry() {
+ Services.telemetry.getSnapshotForHistograms("main", true /* clear */);
+ Services.telemetry.getHistogramById("STORAGE_ACCESS_REMAINING_DAYS").clear();
+}
+
+async function testTelemetry(
+ aProbeInParent,
+ aExpectedCnt,
+ aLabel,
+ aExpectedIdx
+) {
+ info("Trigger the 'idle-daily' to trigger the telemetry probe.");
+ // Synthesis a fake 'idle-daily' notification to the content blocking
+ // telemetry service.
+ let cbts = Cc["@mozilla.org/content-blocking-telemetry-service;1"].getService(
+ Ci.nsIObserver
+ );
+ cbts.observe(null, "idle-daily", null);
+
+ let storageAccessGrantedHistogram;
+
+ // Wait until the telemetry probe appears.
+ await BrowserTestUtils.waitForCondition(() => {
+ let histograms;
+ if (aProbeInParent) {
+ histograms = Services.telemetry.getSnapshotForHistograms(
+ "main",
+ false /* clear */
+ ).parent;
+ } else {
+ histograms = Services.telemetry.getSnapshotForHistograms(
+ "main",
+ false /* clear */
+ ).content;
+ }
+ storageAccessGrantedHistogram = histograms.STORAGE_ACCESS_GRANTED_COUNT;
+
+ return (
+ !!storageAccessGrantedHistogram &&
+ storageAccessGrantedHistogram.values[LABEL_STORAGE_GRANTED] ==
+ aExpectedCnt
+ );
+ });
+
+ is(
+ storageAccessGrantedHistogram.values[LABEL_STORAGE_GRANTED],
+ aExpectedCnt,
+ "There should be expected storage access granted count in telemetry."
+ );
+ is(
+ storageAccessGrantedHistogram.values[aLabel],
+ 1,
+ "There should be one reason count in telemetry."
+ );
+
+ let storageAccessRemainingDaysHistogram = Services.telemetry.getHistogramById(
+ "STORAGE_ACCESS_REMAINING_DAYS"
+ );
+
+ TelemetryTestUtils.assertHistogram(
+ storageAccessRemainingDaysHistogram,
+ aExpectedIdx,
+ 1
+ );
+
+ // Clear telemetry probes
+ clearTelemetry();
+}
+
+add_task(async function setup() {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["network.cookie.cookieBehavior", BEHAVIOR_REJECT_TRACKER],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ["privacy.restrict3rdpartystorage.heuristic.redirect", true],
+ ["toolkit.telemetry.ipcBatchTimeout", 0],
+ ],
+ });
+
+ // Clear Telemetry probes before testing.
+ // There can be telemetry race conditions if the previous test generates
+ // content blocking telemetry.
+ // See Bug 1686836, Bug 1686894.
+ clearTelemetry();
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ registerCleanupFunction(_ => {
+ Services.perms.removeAll();
+ });
+});
+
+add_task(async function testTelemetryForStorageAccessAPI() {
+ info("Starting testing if storage access API send telemetry probe ...");
+
+ // First, clear all permissions.
+ Services.perms.removeAll();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading the tracking iframe and call the RequestStorageAccess.");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_UI,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.callback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+ }).toString();
+
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(msg, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ // The storage access permission will be expired in 29 days, so the expected
+ // index in the telemetry probe would be 29.
+ await testTelemetry(false, 1, LABEL_STORAGE_ACCESS_API, 29);
+});
+
+add_task(async function testTelemetryForWindowOpenHeuristic() {
+ info("Starting testing if window open heuristic send telemetry probe ...");
+
+ // First, clear all permissions.
+ Services.perms.removeAll();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading the tracking iframe and trigger the heuristic");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_WO,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ }).toString();
+
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+ }).toString();
+
+ info("Checking if storage access is denied");
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(msg, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ // The storage access permission will be expired in 29 days, so the expected
+ // index in the telemetry probe would be 29.
+ await testTelemetry(false, 1, LABEL_OPENER, 29);
+});
+
+add_task(async function testTelemetryForUserInteractionHeuristic() {
+ info(
+ "Starting testing if UserInteraction heuristic send telemetry probe ..."
+ );
+
+ // First, clear all permissions.
+ Services.perms.removeAll();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Interact with the tracker in top-level.");
+ await AntiTracking.interactWithTracker();
+
+ info("Loading the tracking iframe and trigger the heuristic");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_UI,
+ popup: TEST_POPUP_PAGE,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ await noStorageAccessInitially();
+ }).toString();
+
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+ }).toString();
+
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ info("Opening a window from the iframe.");
+ await SpecialPowers.spawn(ifr, [obj.popup], async popup => {
+ let windowClosed = new content.Promise(resolve => {
+ Services.ww.registerNotification(function notification(
+ aSubject,
+ aTopic,
+ aData
+ ) {
+ // We need to check the document URI here as well for the same
+ // reason above.
+ if (
+ aTopic == "domwindowclosed" &&
+ aSubject.document.documentURI ==
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html"
+ ) {
+ Services.ww.unregisterNotification(notification);
+ resolve();
+ }
+ });
+ });
+
+ content.open(popup);
+
+ info("Let's wait for the window to be closed");
+ await windowClosed;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ // The storage access permission will be expired in 29 days, so the expected
+ // index in the telemetry probe would be 29.
+ //
+ // Note that the expected count here is 2. It's because the opener heuristic
+ // will also be triggered when triggered UserInteraction Heuristic.
+ await testTelemetry(false, 2, LABEL_OPENER_AFTER_UI, 29);
+});
+
+add_task(async function testTelemetryForRedirectHeuristic() {
+ info("Starting testing if redirect heuristic send telemetry probe ...");
+
+ const TEST_TRACKING_PAGE = TEST_3RD_PARTY_DOMAIN + TEST_PATH + "page.html";
+ const TEST_REDIRECT_PAGE =
+ TEST_3RD_PARTY_DOMAIN + TEST_PATH + "redirect.sjs?" + TEST_TOP_PAGE;
+
+ // First, clear all permissions.
+ Services.perms.removeAll();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TRACKING_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading the tracking page and trigger the redirect.");
+ SpecialPowers.spawn(browser, [TEST_REDIRECT_PAGE], async url => {
+ content.document.userInteractionForTesting();
+
+ let link = content.document.createElement("a");
+ link.appendChild(content.document.createTextNode("click me!"));
+ link.href = url;
+ content.document.body.appendChild(link);
+ link.click();
+ });
+
+ await BrowserTestUtils.browserLoaded(browser, false, TEST_TOP_PAGE);
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ // We would only grant the storage permission for 15 mins for the redirect
+ // heuristic, so the expected index in the telemetry probe would be 0.
+ await testTelemetry(true, 1, LABEL_REDIRECT, 0);
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_cookieBetweenTabs.js b/toolkit/components/antitracking/test/browser/browser_cookieBetweenTabs.js
new file mode 100644
index 0000000000..323bc83b58
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_cookieBetweenTabs.js
@@ -0,0 +1,58 @@
+add_task(async function() {
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ ["network.cookie.cookieBehavior", BEHAVIOR_REJECT],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ["dom.ipc.processCount", 4],
+ ],
+ });
+
+ info("First tab opened");
+ let tab = BrowserTestUtils.addTab(
+ gBrowser,
+ TEST_DOMAIN + TEST_PATH + "empty.html"
+ );
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Disabling content blocking for this page");
+ gProtectionsHandler.disableForCurrentPage();
+
+ await BrowserTestUtils.browserLoaded(browser);
+
+ await SpecialPowers.spawn(browser, [], async _ => {
+ is(content.document.cookie, "", "No cookie set");
+ content.document.cookie = "a=b";
+ is(content.document.cookie, "a=b", "Cookie set");
+ });
+
+ info("Second tab opened");
+ let tab2 = BrowserTestUtils.addTab(
+ gBrowser,
+ TEST_DOMAIN + TEST_PATH + "empty.html"
+ );
+ gBrowser.selectedTab = tab2;
+
+ let browser2 = gBrowser.getBrowserForTab(tab2);
+ await BrowserTestUtils.browserLoaded(browser2);
+
+ await SpecialPowers.spawn(browser2, [], async _ => {
+ is(content.document.cookie, "a=b", "Cookie set");
+ });
+
+ info("Removing tabs");
+ BrowserTestUtils.removeTab(tab);
+ BrowserTestUtils.removeTab(tab2);
+
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_denyPermissionForTracker.js b/toolkit/components/antitracking/test/browser/browser_denyPermissionForTracker.js
new file mode 100644
index 0000000000..9856529f94
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_denyPermissionForTracker.js
@@ -0,0 +1,67 @@
+// This test works by setting up an exception for the tracker domain, which
+// disables all the anti-tracking tests.
+
+/* import-globals-from antitracking_head.js */
+
+add_task(async _ => {
+ PermissionTestUtils.add(
+ "https://tracking.example.org",
+ "cookie",
+ Services.perms.DENY_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://tracking.example.com",
+ "cookie",
+ Services.perms.DENY_ACTION
+ );
+ // Grant interaction permission so we can directly call
+ // requestStorageAccess from the tracker.
+ PermissionTestUtils.add(
+ "https://tracking.example.org",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ registerCleanupFunction(_ => {
+ Services.perms.removeAll();
+ });
+});
+
+AntiTracking._createTask({
+ name: "Test that we do honour a cookie permission for nested windows",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ blockingByContentBlockingRTUI: true,
+ allowList: false,
+ callback: async _ => {
+ document.cookie = "name=value";
+ ok(document.cookie == "", "All is blocked");
+
+ // requestStorageAccess should reject
+ let dwu = SpecialPowers.getDOMWindowUtils(window);
+ let helper = dwu.setHandlingUserInput(true);
+ await document
+ .requestStorageAccess()
+ .then(() => {
+ ok(false, "Should not grant storage access");
+ })
+ .catch(() => {
+ ok(true, "Should not grant storage access");
+ });
+ helper.destruct();
+ },
+ extraPrefs: null,
+ expectedBlockingNotifications:
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_BY_PERMISSION,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+});
+
+add_task(async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_doublyNestedTracker.js b/toolkit/components/antitracking/test/browser/browser_doublyNestedTracker.js
new file mode 100644
index 0000000000..b2ff316588
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_doublyNestedTracker.js
@@ -0,0 +1,123 @@
+add_task(async function() {
+ info("Starting doubly nested tracker test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_3RD_PARTY_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ async function loadSubpage() {
+ async function runChecks() {
+ is(document.cookie, "", "No cookies for me");
+ document.cookie = "name=value";
+ is(document.cookie, "name=value", "I have the cookies!");
+ }
+
+ await new Promise(resolve => {
+ let ifr = document.createElement("iframe");
+ ifr.onload = _ => {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(runChecks.toString(), "*");
+ };
+
+ addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ document.body.appendChild(ifr);
+ ifr.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdParty.html";
+ });
+ }
+
+ // We need to use the same scheme in Fission test.
+ let testAnotherThirdPartyPage = SpecialPowers.useRemoteSubframes
+ ? TEST_ANOTHER_3RD_PARTY_PAGE_HTTPS
+ : TEST_ANOTHER_3RD_PARTY_PAGE;
+
+ await SpecialPowers.spawn(
+ browser,
+ [{ page: testAnotherThirdPartyPage, callback: loadSubpage.toString() }],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = _ => {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj.callback, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_existingCookiesForSubresources.js b/toolkit/components/antitracking/test/browser/browser_existingCookiesForSubresources.js
new file mode 100644
index 0000000000..cf335269b1
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_existingCookiesForSubresources.js
@@ -0,0 +1,231 @@
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_3RD_PARTY_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info(
+ "Loading tracking scripts and tracking images before restricting 3rd party cookies"
+ );
+ await SpecialPowers.spawn(browser, [], async function() {
+ // Let's load the script twice here.
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+
+ // Let's load an image twice here.
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "1", "Cookies received for images");
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "1", "Cookies received for scripts");
+ });
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ Services.perms.removeAll();
+
+ // Now set up our prefs
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ info("Creating a new tab");
+ tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Creating a 3rd party content");
+ await SpecialPowers.spawn(
+ browser,
+ [{ page: TEST_3RD_PARTY_PAGE, callback: (async _ => {}).toString() }],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj.callback, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Loading tracking scripts and tracking images again");
+ await SpecialPowers.spawn(browser, [], async function() {
+ // Let's load the script twice here.
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+
+ // Let's load an image twice here.
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "0", "No cookie received for images.");
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "0", "No cookie received received for scripts.");
+ });
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_fileUrl.js b/toolkit/components/antitracking/test/browser/browser_fileUrl.js
new file mode 100644
index 0000000000..d4bc3a63c3
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_fileUrl.js
@@ -0,0 +1,38 @@
+/**
+ * Bug 1663192 - Testing for ensuring the top-level window in a fire url is
+ * treated as first-party.
+ */
+
+"use strict";
+
+add_task(async function setup() {
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.cookie.cookieBehavior", 1]],
+ });
+});
+
+add_task(async function() {
+ let dir = getChromeDir(getResolvedURI(gTestPath));
+ dir.append("file_localStorage.html");
+ const uriString = Services.io.newFileURI(dir).spec;
+ let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, uriString);
+
+ await SpecialPowers.spawn(tab.linkedBrowser, [], function() {
+ let result = content.document.getElementById("result");
+
+ is(
+ result.textContent,
+ "PASS",
+ "The localStorage is accessible in top-level window"
+ );
+
+ let loadInfo = content.docShell.currentDocumentChannel.loadInfo;
+
+ ok(
+ !loadInfo.isThirdPartyContextToTopWindow,
+ "The top-level window shouldn't be third-party"
+ );
+ });
+
+ BrowserTestUtils.removeTab(tab);
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_firstPartyCookieRejectionHonoursAllowList.js b/toolkit/components/antitracking/test/browser/browser_firstPartyCookieRejectionHonoursAllowList.js
new file mode 100644
index 0000000000..031eb261bb
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_firstPartyCookieRejectionHonoursAllowList.js
@@ -0,0 +1,73 @@
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_REJECT],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ],
+ });
+
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Disabling content blocking for this page");
+ gProtectionsHandler.disableForCurrentPage();
+
+ // The previous function reloads the browser, so wait for it to load again!
+ await BrowserTestUtils.browserLoaded(browser);
+
+ await SpecialPowers.spawn(browser, [], async function(obj) {
+ await new content.Promise(async resolve => {
+ let document = content.document;
+ let window = document.defaultView;
+
+ is(document.cookie, "", "No cookies for me");
+
+ await window
+ .fetch("server.sjs")
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+
+ document.cookie = "name=value";
+ ok(document.cookie.includes("name=value"), "Some cookies for me");
+ ok(document.cookie.includes("foopy=1"), "Some cookies for me");
+
+ await window
+ .fetch("server.sjs")
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-present", "We should have cookies");
+ });
+
+ ok(document.cookie.length, "Some Cookies for me");
+
+ resolve();
+ });
+ });
+
+ info("Enabling content blocking for this page");
+ gProtectionsHandler.enableForCurrentPage();
+
+ // The previous function reloads the browser, so wait for it to load again!
+ await BrowserTestUtils.browserLoaded(browser);
+
+ BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_hasStorageAccess.js b/toolkit/components/antitracking/test/browser/browser_hasStorageAccess.js
new file mode 100644
index 0000000000..13a484eb57
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_hasStorageAccess.js
@@ -0,0 +1,183 @@
+// This test ensures HasStorageAccess API returns the right value under different
+// scenarios.
+
+/* import-globals-from antitracking_head.js */
+
+var settings = [
+ // 3rd-party no-tracker
+ {
+ name: "Test whether 3rd-party non-tracker frame has storage access",
+ topPage: TEST_TOP_PAGE,
+ thirdPartyPage: TEST_4TH_PARTY_PAGE,
+ },
+ // 3rd-party no-tracker with permission
+ {
+ name:
+ "Test whether 3rd-party non-tracker frame has storage access when storage permission is granted before",
+ topPage: TEST_TOP_PAGE,
+ thirdPartyPage: TEST_4TH_PARTY_PAGE,
+ setup: () => {
+ let type = "3rdPartyStorage^http://not-tracking.example.com";
+ let permission = Services.perms.ALLOW_ACTION;
+ let expireType = Services.perms.EXPIRE_SESSION;
+ PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
+
+ registerCleanupFunction(_ => {
+ Services.perms.removeAll();
+ });
+ },
+ },
+ // 3rd-party tracker
+ {
+ name: "Test whether 3rd-party tracker frame has storage access",
+ topPage: TEST_TOP_PAGE,
+ thirdPartyPage: TEST_3RD_PARTY_PAGE,
+ },
+ // 3rd-party tracker with permission
+ {
+ name:
+ "Test whether 3rd-party tracker frame has storage access when storage access permission is granted before",
+ topPage: TEST_TOP_PAGE,
+ thirdPartyPage: TEST_3RD_PARTY_PAGE,
+ setup: () => {
+ let type = "3rdPartyStorage^https://tracking.example.org";
+ let permission = Services.perms.ALLOW_ACTION;
+ let expireType = Services.perms.EXPIRE_SESSION;
+ PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
+
+ registerCleanupFunction(_ => {
+ Services.perms.removeAll();
+ });
+ },
+ },
+ // same-site 3rd-party tracker
+ {
+ name: "Test whether same-site 3rd-party tracker frame has storage access",
+ topPage: TEST_TOP_PAGE,
+ thirdPartyPage: TEST_ANOTHER_3RD_PARTY_PAGE,
+ },
+ // same-origin 3rd-party tracker
+ {
+ name: "Test whether same-origin 3rd-party tracker frame has storage access",
+ topPage: TEST_ANOTHER_3RD_PARTY_DOMAIN + TEST_PATH + "page.html",
+ thirdPartyPage: TEST_ANOTHER_3RD_PARTY_PAGE,
+ },
+];
+
+var testCases = [
+ {
+ behavior: BEHAVIOR_ACCEPT, // 0
+ hasStorageAccess: [
+ true /* 3rd-party non-tracker */,
+ true /* 3rd-party non-tracker with permission */,
+ true /* 3rd-party tracker */,
+ true /* 3rd-party tracker with permission */,
+ true /* same-site tracker */,
+ true /* same-origin tracker */,
+ ],
+ },
+ {
+ behavior: BEHAVIOR_REJECT_FOREIGN, // 1
+ hasStorageAccess: [
+ false /* 3rd-party non-tracker */,
+ SpecialPowers.Services.prefs.getBoolPref(
+ "network.cookie.rejectForeignWithExceptions.enabled"
+ ) /* 3rd-party tracker with permission */,
+ false /* 3rd-party tracker */,
+ SpecialPowers.Services.prefs.getBoolPref(
+ "network.cookie.rejectForeignWithExceptions.enabled"
+ ) /* 3rd-party non-tracker with permission */,
+ true /* same-site tracker */,
+ true /* same-origin tracker */,
+ ],
+ },
+ {
+ behavior: BEHAVIOR_REJECT, // 2
+ hasStorageAccess: [
+ false /* 3rd-party non-tracker */,
+ false /* 3rd-party non-tracker with permission */,
+ false /* 3rd-party tracker */,
+ false /* 3rd-party tracker with permission */,
+ false /* same-site tracker */,
+ true /* same-origin tracker */,
+ ],
+ },
+ {
+ behavior: BEHAVIOR_LIMIT_FOREIGN, // 3
+ hasStorageAccess: [
+ false /* 3rd-party non-tracker */,
+ false /* 3rd-party non-tracker with permission */,
+ false /* 3rd-party tracker */,
+ false /* 3rd-party tracker with permission */,
+ true /* same-site tracker */,
+ true /* same-origin tracker */,
+ ],
+ },
+ {
+ behavior: BEHAVIOR_REJECT_TRACKER, // 4
+ hasStorageAccess: [
+ true /* 3rd-party non-tracker */,
+ true /* 3rd-party non-tracker with permission */,
+ false /* 3rd-party tracker */,
+ true /* 3rd-party tracker with permission */,
+ true /* same-site tracker */,
+ true /* same-origin tracker */,
+ ],
+ },
+ {
+ behavior: BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN, // 5
+ hasStorageAccess: [
+ false /* 3rd-party non-tracker */,
+ true /* 3rd-party non-tracker with permission */,
+ false /* 3rd-party tracker */,
+ true /* 3rd-party tracker with permission */,
+ true /* same-site tracker */,
+ true /* same-origin tracker */,
+ ],
+ },
+];
+
+(function() {
+ settings.forEach(setting => {
+ if (setting.setup) {
+ add_task(async _ => {
+ setting.setup();
+ });
+ }
+
+ testCases.forEach(test => {
+ let callback = test.hasStorageAccess[settings.indexOf(setting)]
+ ? async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+ }
+ : async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ };
+
+ AntiTracking._createTask({
+ name: setting.name,
+ cookieBehavior: test.behavior,
+ allowList: false,
+ callback,
+ extraPrefs: null,
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ topPage: setting.topPage,
+ thirdPartyPage: setting.thirdPartyPage,
+ });
+ });
+
+ add_task(async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ });
+ });
+})();
diff --git a/toolkit/components/antitracking/test/browser/browser_imageCache4.js b/toolkit/components/antitracking/test/browser/browser_imageCache4.js
new file mode 100644
index 0000000000..8fcc298cf0
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_imageCache4.js
@@ -0,0 +1,13 @@
+let cookieBehavior = BEHAVIOR_REJECT_TRACKER;
+let blockingByAllowList = false;
+let expectedBlockingNotifications =
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER;
+
+let rootDir = getRootDirectory(gTestPath);
+let jar = getJar(rootDir);
+if (jar) {
+ let tmpdir = extractJarToTmp(jar);
+ rootDir = "file://" + tmpdir.path + "/";
+}
+/* import-globals-from imageCacheWorker.js */
+Services.scriptloader.loadSubScript(rootDir + "imageCacheWorker.js", this);
diff --git a/toolkit/components/antitracking/test/browser/browser_imageCache8.js b/toolkit/components/antitracking/test/browser/browser_imageCache8.js
new file mode 100644
index 0000000000..b57bf1dca5
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_imageCache8.js
@@ -0,0 +1,13 @@
+let cookieBehavior = BEHAVIOR_REJECT_TRACKER;
+let blockingByAllowList = true;
+let expectedBlockingNotifications =
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER;
+
+let rootDir = getRootDirectory(gTestPath);
+let jar = getJar(rootDir);
+if (jar) {
+ let tmpdir = extractJarToTmp(jar);
+ rootDir = "file://" + tmpdir.path + "/";
+}
+/* import-globals-from imageCacheWorker.js */
+Services.scriptloader.loadSubScript(rootDir + "imageCacheWorker.js", this);
diff --git a/toolkit/components/antitracking/test/browser/browser_localStorageEvents.js b/toolkit/components/antitracking/test/browser/browser_localStorageEvents.js
new file mode 100644
index 0000000000..c77465114f
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_localStorageEvents.js
@@ -0,0 +1,182 @@
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+});
+
+add_task(async function testLocalStorageEventPropagation() {
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_DOMAIN + TEST_PATH + "localStorage.html",
+ },
+ ],
+ async obj => {
+ info("Creating tracker iframe");
+
+ let ifr = content.document.createElement("iframe");
+ ifr.src = obj.page;
+
+ await new content.Promise(resolve => {
+ ifr.onload = function() {
+ resolve();
+ };
+ content.document.body.appendChild(ifr);
+ });
+
+ info("LocalStorage should be blocked.");
+ await new content.Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ if (e.data.type == "test") {
+ is(e.data.status, false, "LocalStorage blocked");
+ } else {
+ ok(false, "Unknown message");
+ }
+ resolve();
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("test", "*");
+ });
+
+ info("Let's open the popup");
+ await new content.Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ if (e.data.type == "test") {
+ is(e.data.status, true, "LocalStorage unblocked");
+ } else {
+ ok(false, "Unknown message");
+ }
+ resolve();
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("open", "*");
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
+
+add_task(async function testBlockedLocalStorageEventPropagation() {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_DOMAIN + TEST_PATH + "localStorage.html",
+ },
+ ],
+ async obj => {
+ info("Creating tracker iframe");
+
+ let ifr = content.document.createElement("iframe");
+ ifr.src = obj.page;
+
+ await new content.Promise(resolve => {
+ ifr.onload = function() {
+ resolve();
+ };
+ content.document.body.appendChild(ifr);
+ });
+
+ info("LocalStorage should be blocked.");
+ await new content.Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ if (e.data.type == "test") {
+ is(e.data.status, false, "LocalStorage blocked");
+ } else {
+ ok(false, "Unknown message");
+ }
+ resolve();
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("test", "*");
+ });
+
+ info("Let's open the popup");
+ await new content.Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ if (e.data.type == "test") {
+ is(e.data.status, false, "LocalStorage still blocked");
+ } else {
+ ok(false, "Unknown message");
+ }
+ resolve();
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("open and test", "*");
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_networkIsolation.js b/toolkit/components/antitracking/test/browser/browser_networkIsolation.js
new file mode 100644
index 0000000000..6a4b4f7653
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_networkIsolation.js
@@ -0,0 +1,204 @@
+function isIsolated(key) {
+ return key.charAt(7) == "i";
+}
+
+function hasTopWindowOrigin(key, origin) {
+ let tokenAtEnd = `{{${origin}}}`;
+ let endPart = key.slice(-tokenAtEnd.length);
+ return endPart == tokenAtEnd;
+}
+
+function hasAnyTopWindowOrigin(key) {
+ return !!key.match(/{{[^}]+}}/);
+}
+
+function altSvcCacheKeyIsolated(parsed) {
+ return parsed.length > 5 && parsed[5] == "I";
+}
+
+function altSvcTopWindowOrigin(key) {
+ let index = -1;
+ for (let i = 0; i < 6; ++i) {
+ index = key.indexOf(":", index + 1);
+ }
+ let indexEnd = key.indexOf("|", index + 1);
+ return key.substring(index + 1, indexEnd);
+}
+
+const gHttpHandler = Cc["@mozilla.org/network/protocol;1?name=http"].getService(
+ Ci.nsIHttpProtocolHandler
+);
+
+add_task(async function() {
+ info("Starting tlsSessionTickets test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["browser.cache.disk.enable", false],
+ ["browser.cache.memory.enable", false],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["network.http.altsvc.proxy_checks", false],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ["privacy.partition.network_state", false],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ const trackingURL =
+ "https://tlsresumptiontest.example.org/browser/toolkit/components/antitracking/test/browser/empty-altsvc.js";
+ const topWindowOrigin = TEST_DOMAIN.replace(/\/$/, "");
+ const kTopic = "http-on-examine-response";
+
+ let resumedState = [];
+ let hashKeys = [];
+
+ function observer(subject, topic, data) {
+ if (topic != kTopic) {
+ return;
+ }
+
+ subject.QueryInterface(Ci.nsIChannel);
+ if (subject.URI.spec != trackingURL) {
+ return;
+ }
+
+ resumedState.push(
+ subject.securityInfo.QueryInterface(Ci.nsITransportSecurityInfo).resumed
+ );
+ hashKeys.push(
+ subject.QueryInterface(Ci.nsIHttpChannelInternal).connectionInfoHashKey
+ );
+ }
+
+ Services.obs.addObserver(observer, kTopic);
+ registerCleanupFunction(() => Services.obs.removeObserver(observer, kTopic));
+
+ function checkAltSvcCache(expectedCount, expectedIsolated) {
+ let arr = gHttpHandler.altSvcCacheKeys;
+ is(
+ arr.length,
+ expectedCount,
+ "Found the expected number of items in the cache"
+ );
+ for (let i = 0; i < arr.length; ++i) {
+ let key = arr[i];
+ let parsed = key.split(":");
+ if (altSvcCacheKeyIsolated(parsed)) {
+ ok(expectedIsolated[i], "We expected to find an isolated item");
+ is(
+ altSvcTopWindowOrigin(key),
+ topWindowOrigin,
+ "Expected top window origin found in the Alt-Svc cache key"
+ );
+ } else {
+ ok(!expectedIsolated[i], "We expected to find a non-isolated item");
+ }
+ }
+ }
+
+ checkAltSvcCache(0, []);
+
+ info("Loading tracking scripts and tracking images");
+ await SpecialPowers.spawn(browser, [{ trackingURL }], async function(obj) {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src = obj.trackingURL;
+ await p;
+ });
+
+ checkAltSvcCache(1, [true]);
+
+ // Load our tracking URL two more times, but this time in the first-party context.
+ // The TLS session should be resumed the second time here.
+ await fetch(trackingURL);
+ // Wait a little bit before issuing the second load to ensure both don't happen
+ // at the same time.
+ // eslint-disable-next-line mozilla/no-arbitrary-setTimeout
+ await new Promise(resolve => setTimeout(resolve, 10));
+
+ checkAltSvcCache(2, [false, true]);
+ await fetch(trackingURL).then(() => {
+ checkAltSvcCache(2, [false, true]);
+
+ is(
+ resumedState.length,
+ 3,
+ "We should have observed 3 loads for " + trackingURL
+ );
+ ok(!resumedState[0], "The first load should NOT have been resumed");
+ ok(!resumedState[1], "The second load should NOT have been resumed");
+ ok(resumedState[2], "The third load SHOULD have been resumed");
+
+ // We also verify that the hashKey of the first connection is different to
+ // both the second and third connections, and that the hashKey of the
+ // second and third connections are the same. The reason why this check is
+ // done is that the private bit on the connection info object is used to
+ // construct the hash key, so when the connection is isolated because it
+ // comes from a third-party tracker context, its hash key must be
+ // different.
+ is(
+ hashKeys.length,
+ 3,
+ "We should have observed 3 loads for " + trackingURL
+ );
+ is(hashKeys[1], hashKeys[2], "The second and third hash keys should match");
+ isnot(
+ hashKeys[0],
+ hashKeys[1],
+ "The first and second hash keys should not match"
+ );
+
+ ok(isIsolated(hashKeys[0]), "The first connection must have been isolated");
+ ok(
+ !isIsolated(hashKeys[1]),
+ "The second connection must not have been isolated"
+ );
+ ok(
+ !isIsolated(hashKeys[2]),
+ "The third connection must not have been isolated"
+ );
+ ok(
+ hasTopWindowOrigin(hashKeys[0], topWindowOrigin),
+ "The first connection must be bound to its top-level window"
+ );
+ ok(
+ !hasAnyTopWindowOrigin(hashKeys[1]),
+ "The second connection must not be bound to a top-level window"
+ );
+ ok(
+ !hasAnyTopWindowOrigin(hashKeys[2]),
+ "The third connection must not be bound to a top-level window"
+ );
+ });
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_onBeforeRequestNotificationForTrackingResources.js b/toolkit/components/antitracking/test/browser/browser_onBeforeRequestNotificationForTrackingResources.js
new file mode 100644
index 0000000000..2243921d47
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_onBeforeRequestNotificationForTrackingResources.js
@@ -0,0 +1,96 @@
+/**
+ * This test ensures that onBeforeRequest is dispatched for webRequest loads that
+ * are blocked by tracking protection. It sets up a page with a third-party script
+ * resource on it that is blocked by TP, and sets up an onBeforeRequest listener
+ * which waits to be notified about that resource. The test would time out if the
+ * onBeforeRequest listener isn't called dispatched before the load is canceled.
+ */
+
+let extension;
+add_task(async function() {
+ extension = ExtensionTestUtils.loadExtension({
+ manifest: { permissions: ["webRequest", "webRequestBlocking", "*://*/*"] },
+ async background() {
+ let gExpectedResourcesSeen = 0;
+ function onBeforeRequest(details) {
+ let spec = details.url;
+ browser.test.log("Observed channel for " + spec);
+ // We would use TEST_3RD_PARTY_DOMAIN_TP here, but the variable is inaccessible
+ // since it is defined in head.js!
+ if (!spec.startsWith("https://tracking.example.com/")) {
+ return undefined;
+ }
+ if (spec.endsWith("empty.js")) {
+ browser.test.succeed("Correct resource observed");
+ ++gExpectedResourcesSeen;
+ } else if (spec.endsWith("empty.js?redirect")) {
+ return { redirectUrl: spec.replace("empty.js?redirect", "head.js") };
+ } else if (spec.endsWith("head.js")) {
+ ++gExpectedResourcesSeen;
+ }
+ if (gExpectedResourcesSeen == 2) {
+ browser.webRequest.onBeforeRequest.removeListener(onBeforeRequest);
+ browser.test.sendMessage("finish");
+ }
+ return undefined;
+ }
+
+ browser.webRequest.onBeforeRequest.addListener(
+ onBeforeRequest,
+ { urls: ["*://*/*"] },
+ ["blocking"]
+ );
+ browser.test.sendMessage("ready");
+ },
+ });
+ await extension.startup();
+ await extension.awaitMessage("ready");
+});
+
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.trackingprotection.enabled", true],
+ // the test doesn't open a private window, so we don't care about this pref's value
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ // tracking annotations aren't needed in this test, only TP is needed
+ ["privacy.trackingprotection.annotate_channels", false],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ["privacy.trackingprotection.testing.report_blocked_node", true],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let promise = extension.awaitMessage("finish");
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_EMBEDDER_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ await promise;
+
+ info("Verify the number of tracking nodes found");
+ await SpecialPowers.spawn(browser, [{ expected: 3 }], async function(obj) {
+ is(
+ content.document.blockedNodeByClassifierCount,
+ obj.expected,
+ "Expected tracking nodes found"
+ );
+ });
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ await extension.unload();
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_onModifyRequestNotificationForTrackingResources.js b/toolkit/components/antitracking/test/browser/browser_onModifyRequestNotificationForTrackingResources.js
new file mode 100644
index 0000000000..da458097d0
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_onModifyRequestNotificationForTrackingResources.js
@@ -0,0 +1,96 @@
+/* eslint-disable mozilla/no-arbitrary-setTimeout */
+/**
+ * This test ensures that http-on-modify-request is dispatched for channels that
+ * are blocked by tracking protection. It sets up a page with a third-party script
+ * resource on it that is blocked by TP, and sets up an http-on-modify-request
+ * observer which waits to be notified about that resource. The test would time out
+ * if the http-on-modify-request notification isn't dispatched before the channel is
+ * canceled.
+ */
+
+let gExpectedResourcesSeen = 0;
+async function onModifyRequest() {
+ return new Promise((resolve, reject) => {
+ Services.obs.addObserver(function observer(subject, topic, data) {
+ let httpChannel = subject.QueryInterface(Ci.nsIHttpChannel);
+ let spec = httpChannel.URI.spec;
+ info("Observed channel for " + spec);
+ if (httpChannel.URI.prePath + "/" != TEST_3RD_PARTY_DOMAIN_TP) {
+ return;
+ }
+ if (spec.endsWith("empty.js")) {
+ ok(true, "Correct resource observed");
+ ++gExpectedResourcesSeen;
+ } else if (spec.endsWith("empty.js?redirect")) {
+ httpChannel.redirectTo(
+ Services.io.newURI(spec.replace("empty.js?redirect", "head.js"))
+ );
+ } else if (spec.endsWith("empty.js?redirect2")) {
+ httpChannel.suspend();
+ setTimeout(() => {
+ httpChannel.redirectTo(
+ Services.io.newURI(spec.replace("empty.js?redirect2", "head.js"))
+ );
+ httpChannel.resume();
+ }, 100);
+ } else if (spec.endsWith("head.js")) {
+ ++gExpectedResourcesSeen;
+ }
+ if (gExpectedResourcesSeen == 3) {
+ Services.obs.removeObserver(observer, "http-on-modify-request");
+ resolve();
+ }
+ }, "http-on-modify-request");
+ });
+}
+
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.trackingprotection.enabled", true],
+ // the test doesn't open a private window, so we don't care about this pref's value
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ // tracking annotations aren't needed in this test, only TP is needed
+ ["privacy.trackingprotection.annotate_channels", false],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ["privacy.trackingprotection.testing.report_blocked_node", true],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let promise = onModifyRequest();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_EMBEDDER_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ await promise;
+
+ info("Verify the number of tracking nodes found");
+ await SpecialPowers.spawn(
+ browser,
+ [{ expected: gExpectedResourcesSeen }],
+ async function(obj) {
+ is(
+ content.document.blockedNodeByClassifierCount,
+ obj.expected,
+ "Expected tracking nodes found"
+ );
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedClearSiteDataHeader.js b/toolkit/components/antitracking/test/browser/browser_partitionedClearSiteDataHeader.js
new file mode 100644
index 0000000000..7561450ae5
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedClearSiteDataHeader.js
@@ -0,0 +1,590 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+"use-strict";
+
+/**
+ * Tests that when receiving the "clear-site-data" header - with dFPI enabled -
+ * we clear storage under the correct partition.
+ */
+
+const { SiteDataTestUtils } = ChromeUtils.import(
+ "resource://testing-common/SiteDataTestUtils.jsm"
+);
+
+const HOST_A = "example.com";
+const HOST_B = "example.org";
+const ORIGIN_A = `https://${HOST_A}`;
+const ORIGIN_B = `https://${HOST_B}`;
+const CLEAR_SITE_DATA_PATH = `/${TEST_PATH}clearSiteData.sjs`;
+const CLEAR_SITE_DATA_URL_ORIGIN_B = ORIGIN_B + CLEAR_SITE_DATA_PATH;
+const CLEAR_SITE_DATA_URL_ORIGIN_A = ORIGIN_A + CLEAR_SITE_DATA_PATH;
+const THIRD_PARTY_FRAME_ID_ORIGIN_B = "thirdPartyFrame";
+const THIRD_PARTY_FRAME_ID_ORIGIN_A = "thirdPartyFrame2";
+const STORAGE_KEY = "testKey";
+
+// Skip localStorage tests when using legacy localStorage. The legacy
+// localStorage implementation does not support clearing data by principal. See
+// Bug 1688221, Bug 1688665.
+let skipLocalStorageTests = !Services.prefs.getBoolPref("dom.storage.next_gen");
+
+/**
+ * Creates an iframe in the passed browser and waits for it to load.
+ * @param {Browser} browser - Browser to create the frame in.
+ * @param {String} src - Frame source url.
+ * @param {String} id - Frame id.
+ * @param {boolean} sandbox - Whether the frame should be sandboxed.
+ * @returns {Promise} - Resolves once the frame has loaded.
+ */
+function createFrame(browser, src, id, sandbox) {
+ return SpecialPowers.spawn(
+ browser,
+ [{ page: src, frameId: id, sandbox }],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let frame = content.document.createElement("iframe");
+ if (obj.sandbox) {
+ frame.setAttribute("sandbox", "allow-scripts");
+ }
+ frame.src = obj.page;
+ frame.id = obj.frameId;
+ frame.addEventListener("load", resolve, { once: true });
+ content.document.body.appendChild(frame);
+ });
+ }
+ );
+}
+
+/**
+ * Creates a new tab, loads a url and creates an iframe.
+ * Callers need to clean up the tab before the test ends.
+ * @param {String} firstPartyUrl - Url to load in tab.
+ * @param {String} thirdPartyUrl - Url to load in frame.
+ * @param {String} frameId - Id of iframe element.
+ * @param {boolean} sandbox - Whether the frame should be sandboxed.
+ * @returns {Promise} - Resolves with the tab and the frame BrowsingContext once
+ * the tab and the frame have loaded.
+ */
+async function createTabWithFrame(
+ firstPartyUrl,
+ thirdPartyUrl,
+ frameId,
+ sandbox
+) {
+ // Create tab and wait for it to be loaded.
+ let tab = BrowserTestUtils.addTab(gBrowser, firstPartyUrl);
+ await BrowserTestUtils.browserLoaded(tab.linkedBrowser);
+
+ // Create cross origin iframe.
+ await createFrame(tab.linkedBrowser, thirdPartyUrl, frameId, sandbox);
+
+ // Return BrowsingContext of created iframe.
+ return { tab, frameBC: tab.linkedBrowser.browsingContext.children[0] };
+}
+
+/**
+ * Test wrapper for the ClearSiteData tests.
+ * Loads ORIGIN_A and ORIGIN_B in two tabs and inserts a cross origin pointing
+ * to the other iframe each.
+ * Both frames ORIGIN_B under ORIGIN_A and ORIGIN_A under ORIGIN_B will be
+ * storage partitioned.
+ * Depending on the clearDataContext variable we then either navigate ORIGIN_A
+ * (as top level) or ORIGIN_B (as third party frame) to the clear-site-data
+ * endpoint.
+ * @param {function} cbPreClear - Called after initial setup, once top levels
+ * and frames have been loaded.
+ * @param {function} cbPostClear - Called after data has been cleared via the
+ * "Clear-Site-Data" header.
+ * @param {("firstParty"|"thirdPartyPartitioned")} clearDataContext - Whether to
+ * navigate to the path that sets the "Clear-Site-Data" header with the first or
+ * third party.
+ * @param {boolean} [sandboxFrame] - Whether the frames should be sandboxed. No
+ * sandbox by default.
+ */
+async function runClearSiteDataTest(
+ cbPreClear,
+ cbPostClear,
+ clearDataContext,
+ sandboxFrame = false
+) {
+ // Create a tabs for origin A and B with cross origins frames B and A
+ let [
+ { frameBC: frameContextB, tab: tabA },
+ { frameBC: frameContextA, tab: tabB },
+ ] = await Promise.all([
+ createTabWithFrame(
+ ORIGIN_A,
+ ORIGIN_B,
+ THIRD_PARTY_FRAME_ID_ORIGIN_B,
+ sandboxFrame
+ ),
+ createTabWithFrame(
+ ORIGIN_B,
+ ORIGIN_A,
+ THIRD_PARTY_FRAME_ID_ORIGIN_A,
+ sandboxFrame
+ ),
+ ]);
+
+ let browserA = tabA.linkedBrowser;
+ let contextA = browserA.browsingContext;
+ let browserB = tabB.linkedBrowser;
+ let contextB = browserB.browsingContext;
+
+ // Run test callback before clear-site-data
+ if (cbPreClear) {
+ await cbPreClear(contextA, contextB, frameContextB, frameContextA);
+ }
+
+ // Navigate to path with clear-site-data header
+ // Depending on the clearDataContext variable we either do this with the
+ // top browser or the third party storage partitioned frame (B embedded in A).
+ info(`Opening path with clear-site-data-header for ${clearDataContext}`);
+ if (clearDataContext == "firstParty") {
+ // Open in new tab so we keep our current test tab intact. The
+ // post-clear-callback might need it.
+ await BrowserTestUtils.withNewTab(
+ (browserA, CLEAR_SITE_DATA_URL_ORIGIN_A),
+ () => {}
+ );
+ } else if (clearDataContext == "thirdPartyPartitioned") {
+ // Navigate frame to path with clear-site-data header
+ await SpecialPowers.spawn(
+ browserA,
+ [
+ {
+ page: CLEAR_SITE_DATA_URL_ORIGIN_B,
+ frameId: THIRD_PARTY_FRAME_ID_ORIGIN_B,
+ },
+ ],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let frame = content.document.getElementById(obj.frameId);
+ frame.addEventListener("load", resolve, { once: true });
+ frame.src = obj.page;
+ });
+ }
+ );
+ } else {
+ ok(false, "Invalid context requested for clear-site-data");
+ }
+
+ if (cbPostClear) {
+ await cbPostClear(contextA, contextB, frameContextB, frameContextA);
+ }
+
+ info("Cleaning up.");
+ BrowserTestUtils.removeTab(tabA);
+ BrowserTestUtils.removeTab(tabB);
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve);
+ });
+}
+
+/**
+ * Create an origin with partitionKey.
+ * @param {String} originNoSuffix - Origin without origin attributes.
+ * @param {String} [firstParty] - First party to create partitionKey.
+ * @returns {String} Origin with suffix. If not passed this will return the
+ * umodified origin.
+ */
+function getOrigin(originNoSuffix, firstParty) {
+ let origin = originNoSuffix;
+ if (firstParty) {
+ let [scheme, host] = firstParty.split("://");
+ origin += `^partitionKey=(${scheme},${host})`;
+ }
+ return origin;
+}
+
+/**
+ * Sets a storage item for an origin.
+ * @param {("cookie"|"localStorage")} storageType - Which storage type to use.
+ * @param {String} originNoSuffix - Context to set storage item in.
+ * @param {String} [firstParty] - Optional first party domain to partition
+ * under.
+ * @param {String} key - Key of the entry.
+ * @param {String} value - Value of the entry.
+ */
+function setStorageEntry(storageType, originNoSuffix, firstParty, key, value) {
+ if (storageType != "cookie" && storageType != "localStorage") {
+ ok(false, "Invalid storageType passed");
+ return;
+ }
+
+ let origin = getOrigin(originNoSuffix, firstParty);
+
+ if (storageType == "cookie") {
+ SiteDataTestUtils.addToCookies(origin, key, value);
+ return;
+ }
+ // localStorage
+ SiteDataTestUtils.addToLocalStorage(origin, key, value);
+}
+
+/**
+ * Tests whether a host sets a cookie.
+ * For the purpose of this test we assume that there is either one or no cookie
+ * set.
+ * This performs cookie lookups directly via the cookie service.
+ * @param {boolean} hasCookie - Whether we expect to see a cookie.
+ * @param {String} originNoSuffix - Origin the cookie is stored for.
+ * @param {String|null} firstParty - Whether to test for a partitioned cookie.
+ * If set this will be used to construct the partitionKey.
+ * @param {String} [key] - Expected key / name of the cookie.
+ * @param {String} [value] - Expected value of the cookie.
+ */
+function testHasCookie(hasCookie, originNoSuffix, firstParty, key, value) {
+ let origin = getOrigin(originNoSuffix, firstParty);
+
+ let label = `${originNoSuffix}${
+ firstParty ? ` (partitioned under ${firstParty})` : ""
+ }`;
+
+ if (!hasCookie) {
+ ok(
+ !SiteDataTestUtils.hasCookies(origin),
+ `Cookie for ${label} is not set for key ${key}`
+ );
+ return;
+ }
+
+ ok(
+ SiteDataTestUtils.hasCookies(origin, [{ key, value }]),
+ `Cookie for ${label} is set ${key}=${value}`
+ );
+}
+
+/**
+ * Tests whether a context has a localStorage entry.
+ * @param {boolean} hasEntry - Whether we expect to see an entry.
+ * @param {String} originNoSuffix - Origin to test localStorage for.
+ * @param {String} [firstParty] - First party context to test under.
+ * @param {String} key - key of the localStorage item.
+ * @param {String} [expectedValue] - Expected value of the item.
+ */
+function testHasLocalStorageEntry(
+ hasEntry,
+ originNoSuffix,
+ firstParty,
+ key,
+ expectedValue
+) {
+ if (key == null) {
+ ok(false, "localStorage key is mandatory");
+ return;
+ }
+ let label = `${originNoSuffix}${
+ firstParty ? ` (partitioned under ${firstParty})` : ""
+ }`;
+ let origin = getOrigin(originNoSuffix, firstParty);
+ if (hasEntry) {
+ let hasEntry = SiteDataTestUtils.hasLocalStorage(origin, [
+ { key, value: expectedValue },
+ ]);
+ ok(
+ hasEntry,
+ `localStorage for ${label} has expected value ${key}=${expectedValue}`
+ );
+ } else {
+ let hasEntry = SiteDataTestUtils.hasLocalStorage(origin);
+ ok(!hasEntry, `localStorage for ${label} is not set for key ${key}`);
+ }
+}
+
+/**
+ * Sets the initial storage entries used by the storage tests in this file.
+ * 1. first party ( A )
+ * 2. first party ( B )
+ * 3. third party partitioned ( B under A)
+ * 4. third party partitioned ( A under B)
+ * The entry values reflect which context they are set for.
+ * @param {("cookie"|"localStorage")} storageType - Storage type to initialize.
+ */
+async function setupInitialStorageState(storageType) {
+ if (storageType != "cookie" && storageType != "localStorage") {
+ ok(false, "Invalid storageType passed");
+ return;
+ }
+
+ // Set a first party entry
+ setStorageEntry(storageType, ORIGIN_A, null, STORAGE_KEY, "firstParty");
+
+ // Set a storage entry in the storage partitioned third party frame
+ setStorageEntry(
+ storageType,
+ ORIGIN_B,
+ ORIGIN_A,
+ STORAGE_KEY,
+ "thirdPartyPartitioned"
+ );
+
+ // Set a storage entry in the non storage partitioned third party page
+ setStorageEntry(storageType, ORIGIN_B, null, STORAGE_KEY, "thirdParty");
+
+ // Set a storage entry in the second storage partitioned third party frame.
+ setStorageEntry(
+ storageType,
+ ORIGIN_A,
+ ORIGIN_B,
+ STORAGE_KEY,
+ "thirdPartyPartitioned2"
+ );
+
+ info("Test that storage entries are set for all contexts");
+
+ if (storageType == "cookie") {
+ testHasCookie(true, ORIGIN_A, null, STORAGE_KEY, "firstParty");
+ testHasCookie(true, ORIGIN_B, null, STORAGE_KEY, "thirdParty");
+ testHasCookie(
+ true,
+ ORIGIN_B,
+ ORIGIN_A,
+ STORAGE_KEY,
+ "thirdPartyPartitioned"
+ );
+ testHasCookie(
+ true,
+ ORIGIN_A,
+ ORIGIN_B,
+ STORAGE_KEY,
+ "thirdPartyPartitioned2"
+ );
+ return;
+ }
+
+ testHasLocalStorageEntry(true, ORIGIN_A, null, STORAGE_KEY, "firstParty");
+ testHasLocalStorageEntry(true, ORIGIN_B, null, STORAGE_KEY, "thirdParty");
+ testHasLocalStorageEntry(
+ true,
+ ORIGIN_B,
+ ORIGIN_A,
+ STORAGE_KEY,
+ "thirdPartyPartitioned"
+ );
+ testHasLocalStorageEntry(
+ true,
+ ORIGIN_A,
+ ORIGIN_B,
+ STORAGE_KEY,
+ "thirdPartyPartitioned2"
+ );
+}
+
+add_task(async function setup() {
+ info("Starting ClearSiteData test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ // Needed for SiteDataTestUtils#hasLocalStorage
+ ["dom.storage.client_validation", false],
+ ],
+ });
+});
+
+/**
+ * Test clearing partitioned cookies via clear-site-data header
+ * (Cleared via the cookie service).
+ */
+
+/**
+ * Tests that when a storage partitioned third party frame loads a site with
+ * "Clear-Site-Data", the cookies are cleared for only that partitioned frame.
+ */
+add_task(async function cookieClearThirdParty() {
+ await runClearSiteDataTest(
+ // Pre Clear-Site-Data
+ () => setupInitialStorageState("cookie"),
+ // Post Clear-Site-Data
+ () => {
+ info("Testing: First party cookie has not changed");
+ testHasCookie(true, ORIGIN_A, null, STORAGE_KEY, "firstParty");
+ info("Testing: Unpartitioned cookie has not changed");
+ testHasCookie(true, ORIGIN_B, null, STORAGE_KEY, "thirdParty");
+ info("Testing: Partitioned cookie for HOST_B (HOST_A) has been cleared");
+ testHasCookie(false, ORIGIN_B, ORIGIN_A);
+ info("Testing: Partitioned cookie for HOST_A (HOST_B) has not changed");
+ testHasCookie(
+ true,
+ ORIGIN_A,
+ ORIGIN_B,
+ STORAGE_KEY,
+ "thirdPartyPartitioned2"
+ );
+ },
+ // Send clear-site-data header in partitioned third party context.
+ "thirdPartyPartitioned"
+ );
+});
+
+/**
+ * Tests that when a sandboxed storage partitioned third party frame loads a
+ * site with "Clear-Site-Data", no cookies are cleared and we don't crash.
+ * Crash details in Bug 1686938.
+ */
+add_task(async function cookieClearThirdPartySandbox() {
+ await runClearSiteDataTest(
+ // Pre Clear-Site-Data
+ () => setupInitialStorageState("cookie"),
+ // Post Clear-Site-Data
+ () => {
+ info("Testing: First party cookie has not changed");
+ testHasCookie(true, ORIGIN_A, null, STORAGE_KEY, "firstParty");
+ info("Testing: Unpartitioned cookie has not changed");
+ testHasCookie(true, ORIGIN_B, null, STORAGE_KEY, "thirdParty");
+ info("Testing: Partitioned cookie for HOST_B (HOST_A) has not changed");
+ testHasCookie(
+ true,
+ ORIGIN_B,
+ ORIGIN_A,
+ STORAGE_KEY,
+ "thirdPartyPartitioned"
+ );
+ info("Testing: Partitioned cookie for HOST_A (HOST_B) has not changed");
+ testHasCookie(
+ true,
+ ORIGIN_A,
+ ORIGIN_B,
+ STORAGE_KEY,
+ "thirdPartyPartitioned2"
+ );
+ },
+ // Send clear-site-data header in partitioned third party context.
+ "thirdPartyPartitioned",
+ true
+ );
+});
+
+/**
+ * Tests that when the we load a path with "Clear-Site-Data" at top level, the
+ * cookies are cleared only in the first party context.
+ */
+add_task(async function cookieClearFirstParty() {
+ await runClearSiteDataTest(
+ // Pre Clear-Site-Data
+ () => setupInitialStorageState("cookie"),
+ // Post Clear-Site-Data
+ () => {
+ info("Testing: First party cookie has been cleared");
+ testHasCookie(false, ORIGIN_A, null);
+ info("Testing: Unpartitioned cookie has not changed");
+ testHasCookie(true, ORIGIN_B, null, STORAGE_KEY, "thirdParty");
+ info("Testing: Partitioned cookie for HOST_B (HOST_A) has not changed");
+ testHasCookie(
+ true,
+ ORIGIN_B,
+ ORIGIN_A,
+ STORAGE_KEY,
+ "thirdPartyPartitioned"
+ );
+ info("Testing: Partitioned cookie for HOST_A (HOST_B) has not changed");
+ testHasCookie(
+ true,
+ ORIGIN_A,
+ ORIGIN_B,
+ STORAGE_KEY,
+ "thirdPartyPartitioned2"
+ );
+ },
+ // Send clear-site-data header in first party context.
+ "firstParty"
+ );
+});
+
+/**
+ * Test clearing partitioned localStorage via clear-site-data header
+ * (Cleared via the quota manager).
+ */
+
+/**
+ * Tests that when a storage partitioned third party frame loads a site with
+ * "Clear-Site-Data", localStorage is cleared for only that partitioned frame.
+ */
+add_task(async function localStorageClearThirdParty() {
+ // Bug 1688221, Bug 1688665.
+ if (skipLocalStorageTests) {
+ info("Skipping test");
+ return;
+ }
+ await runClearSiteDataTest(
+ // Pre Clear-Site-Data
+ () => setupInitialStorageState("localStorage"),
+ // Post Clear-Site-Data
+ async () => {
+ info("Testing: First party localStorage has not changed");
+ testHasLocalStorageEntry(true, ORIGIN_A, null, STORAGE_KEY, "firstParty");
+ info("Testing: Unpartitioned localStorage has not changed");
+ testHasLocalStorageEntry(true, ORIGIN_B, null, STORAGE_KEY, "thirdParty");
+ info(
+ "Testing: Partitioned localStorage for HOST_B (HOST_A) has been cleared"
+ );
+ testHasLocalStorageEntry(false, ORIGIN_B, ORIGIN_A, STORAGE_KEY);
+ info(
+ "Testing: Partitioned localStorage for HOST_A (HOST_B) has not changed"
+ );
+ testHasLocalStorageEntry(
+ true,
+ ORIGIN_A,
+ ORIGIN_B,
+ STORAGE_KEY,
+ "thirdPartyPartitioned2"
+ );
+ },
+ // Send clear-site-data header in partitioned third party context.
+ "thirdPartyPartitioned"
+ );
+});
+
+/**
+ * Tests that when the we load a path with "Clear-Site-Data" at top level,
+ * localStorage is cleared only in the first party context.
+ */
+add_task(async function localStorageClearFirstParty() {
+ // Bug 1688221, Bug 1688665.
+ if (skipLocalStorageTests) {
+ info("Skipping test");
+ return;
+ }
+ await runClearSiteDataTest(
+ // Pre Clear-Site-Data
+ () => setupInitialStorageState("localStorage"),
+ // Post Clear-Site-Data
+ () => {
+ info("Testing: First party localStorage has been cleared");
+ testHasLocalStorageEntry(false, ORIGIN_A, null, STORAGE_KEY);
+ info("Testing: Unpartitioned thirdParty localStorage has not changed");
+ testHasLocalStorageEntry(true, ORIGIN_B, null, STORAGE_KEY, "thirdParty");
+ info(
+ "Testing: Partitioned localStorage for HOST_B (HOST_A) has not changed"
+ );
+ testHasLocalStorageEntry(
+ true,
+ ORIGIN_B,
+ ORIGIN_A,
+ STORAGE_KEY,
+ "thirdPartyPartitioned"
+ );
+ info(
+ "Testing: Partitioned localStorage for HOST_A (HOST_B) has not changed"
+ );
+ testHasLocalStorageEntry(
+ true,
+ ORIGIN_A,
+ ORIGIN_B,
+ STORAGE_KEY,
+ "thirdPartyPartitioned2"
+ );
+ },
+ // Send clear-site-data header in first party context.
+ "firstParty"
+ );
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedCookies.js b/toolkit/components/antitracking/test/browser/browser_partitionedCookies.js
new file mode 100644
index 0000000000..e938b198c3
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedCookies.js
@@ -0,0 +1,137 @@
+/* import-globals-from partitionedstorage_head.js */
+
+PartitionedStorageHelper.runTestInNormalAndPrivateMode(
+ "HTTP Cookies",
+ async (win3rdParty, win1stParty, allowed) => {
+ await win3rdParty.fetch("cookies.sjs?3rd").then(r => r.text());
+ await win3rdParty
+ .fetch("cookies.sjs")
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie:foopy=3rd", "3rd party cookie set");
+ });
+
+ await win1stParty.fetch("cookies.sjs?first").then(r => r.text());
+ await win1stParty
+ .fetch("cookies.sjs")
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie:foopy=first", "First party cookie set");
+ });
+
+ await win3rdParty
+ .fetch("cookies.sjs")
+ .then(r => r.text())
+ .then(text => {
+ if (allowed) {
+ is(
+ text,
+ "cookie:foopy=first",
+ "3rd party has the first party cookie set"
+ );
+ } else {
+ is(
+ text,
+ "cookie:foopy=3rd",
+ "3rd party has not the first party cookie set"
+ );
+ }
+ });
+ },
+
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+PartitionedStorageHelper.runTestInNormalAndPrivateMode(
+ "DOM Cookies",
+ async (win3rdParty, win1stParty, allowed) => {
+ win3rdParty.document.cookie = "foo=3rd";
+ is(win3rdParty.document.cookie, "foo=3rd", "3rd party cookie set");
+
+ win1stParty.document.cookie = "foo=first";
+ is(win1stParty.document.cookie, "foo=first", "First party cookie set");
+
+ if (allowed) {
+ is(
+ win3rdParty.document.cookie,
+ "foo=first",
+ "3rd party has the first party cookie set"
+ );
+ } else {
+ is(
+ win3rdParty.document.cookie,
+ "foo=3rd",
+ "3rd party has not the first party cookie set"
+ );
+ }
+ },
+
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+PartitionedStorageHelper.runPartitioningTestInNormalAndPrivateMode(
+ "Partitioned tabs - DOM Cookies",
+ "cookies",
+
+ // getDataCallback
+ async win => {
+ return win.document.cookie;
+ },
+
+ // addDataCallback
+ async (win, value) => {
+ win.document.cookie = value;
+ return true;
+ },
+
+ // cleanup
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+PartitionedStorageHelper.runPartitioningTestInNormalAndPrivateMode(
+ "Partitioned tabs - Network Cookies",
+ "cookies",
+
+ // getDataCallback
+ async win => {
+ return win
+ .fetch("cookies.sjs")
+ .then(r => r.text())
+ .then(text => {
+ return text.substring("cookie:foopy=".length);
+ });
+ },
+
+ // addDataCallback
+ async (win, value) => {
+ await win.fetch("cookies.sjs?" + value).then(r => r.text());
+ return true;
+ },
+
+ // cleanup
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedDOMCache.js b/toolkit/components/antitracking/test/browser/browser_partitionedDOMCache.js
new file mode 100644
index 0000000000..ff6c8b9b75
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedDOMCache.js
@@ -0,0 +1,35 @@
+/* import-globals-from partitionedstorage_head.js */
+
+PartitionedStorageHelper.runTest(
+ "DOMCache",
+ async (win3rdParty, win1stParty, allowed) => {
+ // DOM Cache is not supported. Always blocked.
+ await win3rdParty.caches.open("wow").then(
+ _ => {
+ ok(allowed, "DOM Cache cannot be used!");
+ },
+ _ => {
+ ok(!allowed, "DOM Cache cannot be used!");
+ }
+ );
+
+ await win1stParty.caches.open("wow").then(
+ _ => {
+ ok(true, "DOM Cache should be available");
+ },
+ _ => {
+ ok(false, "DOM Cache should be available");
+ }
+ );
+ },
+
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+
+ [["dom.caches.testing.enabled", true]]
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedIndexedDB.js b/toolkit/components/antitracking/test/browser/browser_partitionedIndexedDB.js
new file mode 100644
index 0000000000..cfec4c3dbe
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedIndexedDB.js
@@ -0,0 +1,102 @@
+/* import-globals-from partitionedstorage_head.js */
+
+PartitionedStorageHelper.runTest(
+ "IndexedDB",
+ async (win3rdParty, win1stParty, allowed) => {
+ await new Promise(resolve => {
+ let a = win1stParty.indexedDB.open("test", 1);
+ ok(!!a, "IDB should not be blocked in 1st party contexts");
+
+ a.onsuccess = e => {
+ let db = e.target.result;
+ is(db.objectStoreNames.length, 1, "We have 1 objectStore");
+ is(db.objectStoreNames[0], "foobar", "We have 'foobar' objectStore");
+ resolve();
+ };
+
+ a.onupgradeneeded = e => {
+ let db = e.target.result;
+ is(db.objectStoreNames.length, 0, "We have 0 objectStores");
+ db.createObjectStore("foobar", { keyPath: "test" });
+ };
+ });
+
+ await new Promise(resolve => {
+ let a = win3rdParty.indexedDB.open("test", 1);
+ ok(!!a, "IDB should not be blocked in 3rd party contexts");
+
+ a.onsuccess = e => {
+ let db = e.target.result;
+
+ if (allowed) {
+ is(db.objectStoreNames.length, 1, "We have 1 objectStore");
+ is(db.objectStoreNames[0], "foobar", "We have 'foobar' objectStore");
+ } else {
+ is(db.objectStoreNames.length, 0, "We have 0 objectStore");
+ }
+ resolve();
+ };
+ });
+ },
+
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+PartitionedStorageHelper.runPartitioningTest(
+ "Partitioned tabs - IndexedDB",
+ "indexeddb",
+
+ // getDataCallback
+ async win => {
+ return new Promise(resolve => {
+ let a = win.indexedDB.open("test", 1);
+
+ a.onupgradeneeded = e => {
+ let db = e.target.result;
+ db.createObjectStore("foobar", { keyPath: "id" });
+ };
+
+ a.onsuccess = e => {
+ let db = e.target.result;
+ db
+ .transaction("foobar")
+ .objectStore("foobar")
+ .get(1).onsuccess = ee => {
+ resolve(ee.target.result === undefined ? "" : ee.target.result.value);
+ };
+ };
+ });
+ },
+
+ // addDataCallback
+ async (win, value) => {
+ return new Promise(resolve => {
+ let a = win.indexedDB.open("test", 1);
+
+ a.onsuccess = e => {
+ let db = e.target.result;
+ db
+ .transaction("foobar", "readwrite")
+ .objectStore("foobar")
+ .put({ id: 1, value }).onsuccess = _ => {
+ resolve(true);
+ };
+ };
+ });
+ },
+
+ // cleanup
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage.js b/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage.js
new file mode 100644
index 0000000000..76b28c8edb
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage.js
@@ -0,0 +1,112 @@
+/* import-globals-from antitracking_head.js */
+/* import-globals-from partitionedstorage_head.js */
+
+AntiTracking.runTestInNormalAndPrivateMode(
+ "localStorage and Storage Access API",
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ let shouldThrow = [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ );
+
+ let hasThrown;
+ try {
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ is(localStorage.foo, "42", "The value matches");
+ hasThrown = false;
+ } catch (e) {
+ is(e.name, "SecurityError", "We want a security error message.");
+ hasThrown = true;
+ }
+
+ is(hasThrown, shouldThrow, "LocalStorage has been exposed correctly");
+
+ let prevLocalStorage;
+ if (!shouldThrow) {
+ prevLocalStorage = localStorage;
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ if (shouldThrow) {
+ try {
+ is(localStorage.foo, undefined, "Undefined value after.");
+ ok(false, "localStorage should not be available");
+ } catch (e) {
+ ok(true, "localStorage should not be available");
+ }
+ } else {
+ ok(localStorage != prevLocalStorage, "We have a new localStorage");
+ is(localStorage.foo, undefined, "Undefined value after.");
+
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is still allowed");
+ is(localStorage.foo, "42", "The value matches");
+ }
+ },
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ is(localStorage.foo, "42", "The value matches");
+
+ var prevLocalStorage = localStorage;
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ // For non-tracking windows, calling the API is a no-op
+ ok(localStorage == prevLocalStorage, "We have a new localStorage");
+ is(localStorage.foo, "42", "The value matches");
+ ok(true, "LocalStorage is allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,tracking.example.com",
+ ],
+ ],
+ false,
+ false
+);
+
+PartitionedStorageHelper.runPartitioningTestInNormalAndPrivateMode(
+ "Partitioned tabs - localStorage",
+ "localstorage",
+
+ // getDataCallback
+ async win => {
+ return "foo" in win.localStorage ? win.localStorage.foo : "";
+ },
+
+ // addDataCallback
+ async (win, value) => {
+ win.localStorage.foo = value;
+ return true;
+ },
+
+ // cleanup
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js b/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js
new file mode 100644
index 0000000000..dda2b9dade
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedLocalStorage_events.js
@@ -0,0 +1,1055 @@
+function log(test) {
+ if ("iteration" in test) {
+ info(
+ `Running test ${
+ test.withStoragePrincipalEnabled
+ ? "with storage principal enabled"
+ : "without storage principal"
+ } with prefValue: ${test.prefValue} (Test #${test.iteration + 1})`
+ );
+ test.iteration++;
+ } else {
+ test.iteration = 0;
+ log(test);
+ }
+}
+
+function runAllTests(withStoragePrincipalEnabled, prefValue) {
+ const storagePrincipalTest =
+ prefValue == Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER;
+ const dynamicFPITest =
+ prefValue ==
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN;
+
+ if (dynamicFPITest && withStoragePrincipalEnabled) {
+ // This isn't a meaningful configuration, ignore it.
+ return;
+ }
+
+ const test = { withStoragePrincipalEnabled, dynamicFPITest, prefValue };
+
+ // For dynamic FPI tests, we want to test the conditions as if
+ // storage principal was enabled, so from now on we set this variable to
+ // true.
+ if (dynamicFPITest) {
+ withStoragePrincipalEnabled = true;
+ }
+
+ let thirdPartyDomain;
+ if (storagePrincipalTest) {
+ thirdPartyDomain = TEST_3RD_PARTY_DOMAIN;
+ }
+ if (dynamicFPITest) {
+ thirdPartyDomain = TEST_4TH_PARTY_DOMAIN;
+ }
+ ok(thirdPartyDomain, "Sanity check");
+
+ let storagePrincipalPrefValue;
+ if (storagePrincipalTest) {
+ storagePrincipalPrefValue = withStoragePrincipalEnabled;
+ }
+ if (dynamicFPITest) {
+ storagePrincipalPrefValue = false;
+ }
+
+ // A same origin (and same-process via setting "dom.ipc.processCount" to 1)
+ // top-level window with access to real localStorage does not share storage
+ // with an ePartitionOrDeny iframe that should have PartitionedLocalStorage and
+ // no storage events are received in either direction. (Same-process in order
+ // to avoid having to worry about any e10s propagation issues.)
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", prefValue],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("Creating a tracker top-level context");
+ let trackerTab = BrowserTestUtils.addTab(
+ gBrowser,
+ thirdPartyDomain + TEST_PATH + "page.html"
+ );
+ let trackerBrowser = gBrowser.getBrowserForTab(trackerTab);
+ await BrowserTestUtils.browserLoaded(trackerBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Setting localStorage value...");
+ ifr.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(
+ value.startsWith("tracker-"),
+ "The value is correctly set by the tracker"
+ );
+ }
+ );
+
+ info("The tracker page should not have received events");
+ await SpecialPowers.spawn(trackerBrowser, [], async _ => {
+ is(content.localStorage.foo, undefined, "Undefined value!");
+ content.localStorage.foo = "normal-" + Math.random();
+ });
+
+ info("Let's see if non-tracker page has received events");
+ await SpecialPowers.spawn(normalBrowser, [], async _ => {
+ let ifr = content.document.getElementById("ifr");
+
+ info("Getting the value...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(
+ value.startsWith("tracker-"),
+ "The value is correctly set by the tracker"
+ );
+
+ info("Getting the events...");
+ let events = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getEvents", "*");
+ });
+
+ is(events, 0, "No events");
+ });
+
+ BrowserTestUtils.removeTab(trackerTab);
+ BrowserTestUtils.removeTab(normalTab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // Two ePartitionOrDeny iframes in the same tab in the same origin see
+ // the same localStorage values but no storage events are received from each
+ // other if storage principal and dFPI are disbled.
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", prefValue],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ withStoragePrincipalEnabled: test.withStoragePrincipalEnabled,
+ dynamicFPITest: test.dynamicFPITest,
+ },
+ ],
+ async obj => {
+ let ifr1 = content.document.createElement("iframe");
+ ifr1.setAttribute("id", "ifr1");
+ ifr1.setAttribute("src", obj.page);
+
+ info("Iframe 1 loading...");
+ await new content.Promise(resolve => {
+ ifr1.onload = resolve;
+ content.document.body.appendChild(ifr1);
+ });
+
+ let ifr2 = content.document.createElement("iframe");
+ ifr2.setAttribute("id", "ifr2");
+ ifr2.setAttribute("src", obj.page);
+
+ info("Iframe 2 loading...");
+ await new content.Promise(resolve => {
+ ifr2.onload = resolve;
+ content.document.body.appendChild(ifr2);
+ });
+
+ info("Setting localStorage value in ifr1...");
+ ifr1.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value from ifr1...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr1.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(value.startsWith("tracker-"), "The value is correctly set in ifr1");
+
+ info("Getting the value from ifr2...");
+ value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr2.contentWindow.postMessage("getValue", "*");
+ });
+
+ if (obj.withStoragePrincipalEnabled || obj.dynamicFPITest) {
+ ok(
+ value.startsWith("tracker-"),
+ "The value is correctly set in ifr2"
+ );
+ } else {
+ is(value, null, "The value is not set in ifr2");
+ }
+
+ info("Getting the events received by ifr2...");
+ let events = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr2.contentWindow.postMessage("getEvents", "*");
+ });
+
+ if (obj.withStoragePrincipalEnabled || obj.dynamicFPITest) {
+ is(events, 1, "one event");
+ } else {
+ is(events, 0, "No events");
+ }
+ }
+ );
+
+ BrowserTestUtils.removeTab(normalTab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // Same as the previous test but with a cookie behavior of BEHAVIOR_ACCEPT
+ // instead of BEHAVIOR_REJECT_TRACKER so the iframes get real, persistent
+ // localStorage instead of partitioned localStorage.
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_ACCEPT],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ },
+ ],
+ async obj => {
+ let ifr1 = content.document.createElement("iframe");
+ ifr1.setAttribute("id", "ifr1");
+ ifr1.setAttribute("src", obj.page);
+
+ info("Iframe 1 loading...");
+ await new content.Promise(resolve => {
+ ifr1.onload = resolve;
+ content.document.body.appendChild(ifr1);
+ });
+
+ let ifr2 = content.document.createElement("iframe");
+ ifr2.setAttribute("id", "ifr2");
+ ifr2.setAttribute("src", obj.page);
+
+ info("Iframe 2 loading...");
+ await new content.Promise(resolve => {
+ ifr2.onload = resolve;
+ content.document.body.appendChild(ifr2);
+ });
+
+ info("Setting localStorage value in ifr1...");
+ ifr1.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value from ifr1...");
+ let value1 = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr1.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(value1.startsWith("tracker-"), "The value is correctly set in ifr1");
+
+ info("Getting the value from ifr2...");
+ let value2 = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr2.contentWindow.postMessage("getValue", "*");
+ });
+
+ is(value2, value1, "The values match");
+
+ info("Getting the events received by ifr2...");
+ let events = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr2.contentWindow.postMessage("getEvents", "*");
+ });
+
+ is(events, 1, "One event");
+ }
+ );
+
+ BrowserTestUtils.removeTab(normalTab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // An ePartitionOrDeny iframe navigated between two distinct pages on the same
+ // origin does not see the values stored by the previous iframe.
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", prefValue],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ withStoragePrincipalEnabled: test.withStoragePrincipalEnabled,
+ dynamicFPITest: test.dynamicFPITest,
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Setting localStorage value in ifr...");
+ ifr.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value from ifr...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(value.startsWith("tracker-"), "The value is correctly set in ifr");
+
+ info("Navigate...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ ifr.setAttribute("src", obj.page + "?" + Math.random());
+ });
+
+ info("Getting the value from ifr...");
+ let value2 = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ if (obj.withStoragePrincipalEnabled || obj.dynamicFPITest) {
+ is(value, value2, "The value is received");
+ } else {
+ is(value2, null, "The value is undefined");
+ }
+ }
+ );
+
+ BrowserTestUtils.removeTab(normalTab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // Like the previous test, but accepting trackers
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_ACCEPT],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Setting localStorage value in ifr...");
+ ifr.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value from ifr...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(value.startsWith("tracker-"), "The value is correctly set in ifr");
+
+ info("Navigate...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ ifr.setAttribute("src", obj.page + "?" + Math.random());
+ });
+
+ info("Getting the value from ifr...");
+ let value2 = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ is(value, value2, "The value is received");
+ }
+ );
+
+ BrowserTestUtils.removeTab(normalTab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // An ePartitionOrDeny iframe on the same origin that is navigated to itself
+ // via window.location.reload() or equivalent does not see the values stored
+ // by its previous self.
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", prefValue],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ withStoragePrincipalEnabled: test.withStoragePrincipalEnabled,
+ dynamicFPITest: test.dynamicFPITest,
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Setting localStorage value in ifr...");
+ ifr.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value from ifr...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(value.startsWith("tracker-"), "The value is correctly set in ifr");
+
+ info("Reload...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ ifr.contentWindow.postMessage("reload", "*");
+ });
+
+ info("Getting the value from ifr...");
+ let value2 = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ if (obj.withStoragePrincipalEnabled || obj.dynamicFPITest) {
+ is(value, value2, "The value is equal");
+ } else {
+ is(value2, null, "The value is undefined");
+ }
+ }
+ );
+
+ BrowserTestUtils.removeTab(normalTab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // Like the previous test, but accepting trackers
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_ACCEPT],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Setting localStorage value in ifr...");
+ ifr.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value from ifr...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(value.startsWith("tracker-"), "The value is correctly set in ifr");
+
+ info("Reload...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ ifr.contentWindow.postMessage("reload", "*");
+ });
+
+ info("Getting the value from ifr...");
+ let value2 = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ is(value, value2, "The value is equal");
+ }
+ );
+
+ BrowserTestUtils.removeTab(normalTab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // An ePartitionOrDeny iframe on different top-level domain tabs
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", prefValue],
+ ["privacy.firstparty.isolate", false],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ let result1 = await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Setting localStorage value in ifr...");
+ ifr.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value from ifr...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(value.startsWith("tracker-"), "The value is correctly set in ifr");
+ return value;
+ }
+ );
+ ok(result1.startsWith("tracker-"), "The value is correctly set in tab1");
+
+ info("Creating a non-tracker top-level context");
+ let normalTab2 = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE_2);
+ let normalBrowser2 = gBrowser.getBrowserForTab(normalTab2);
+ await BrowserTestUtils.browserLoaded(normalBrowser2);
+
+ info("The non-tracker page opens a tracker iframe");
+ let result2 = await SpecialPowers.spawn(
+ normalBrowser2,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Getting the value from ifr...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+ return value;
+ }
+ );
+
+ ok(!result2, "The value is null");
+
+ BrowserTestUtils.removeTab(normalTab);
+ BrowserTestUtils.removeTab(normalTab2);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // Like the previous test, but accepting trackers
+ add_task(async _ => {
+ log(test);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_ACCEPT],
+ ["privacy.firstparty.isolate", false],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.partitionedHosts",
+ "tracking.example.org,not-tracking.example.com",
+ ],
+ [
+ "privacy.storagePrincipal.enabledForTrackers",
+ storagePrincipalPrefValue,
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let normalTab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let normalBrowser = gBrowser.getBrowserForTab(normalTab);
+ await BrowserTestUtils.browserLoaded(normalBrowser);
+
+ info("The non-tracker page opens a tracker iframe");
+ let result1 = await SpecialPowers.spawn(
+ normalBrowser,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Setting localStorage value in ifr...");
+ ifr.contentWindow.postMessage("setValue", "*");
+
+ info("Getting the value from ifr...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+
+ ok(value.startsWith("tracker-"), "The value is correctly set in ifr");
+ return value;
+ }
+ );
+ ok(result1.startsWith("tracker-"), "The value is correctly set in tab1");
+
+ info("Creating a non-tracker top-level context");
+ let normalTab2 = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE_2);
+ let normalBrowser2 = gBrowser.getBrowserForTab(normalTab2);
+ await BrowserTestUtils.browserLoaded(normalBrowser2);
+
+ info("The non-tracker page opens a tracker iframe");
+ let result2 = await SpecialPowers.spawn(
+ normalBrowser2,
+ [
+ {
+ page: thirdPartyDomain + TEST_PATH + "localStorageEvents.html",
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ info("Getting the value from ifr...");
+ let value = await new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ ifr.contentWindow.postMessage("getValue", "*");
+ });
+ return value;
+ }
+ );
+
+ is(result1, result2, "The value is undefined");
+
+ BrowserTestUtils.removeTab(normalTab);
+ BrowserTestUtils.removeTab(normalTab2);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+
+ // Cleanup data.
+ add_task(async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ });
+}
+
+for (let pref of [
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+]) {
+ runAllTests(false, pref);
+ runAllTests(true, pref);
+}
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedMessaging.js b/toolkit/components/antitracking/test/browser/browser_partitionedMessaging.js
new file mode 100644
index 0000000000..7e706f220a
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedMessaging.js
@@ -0,0 +1,22 @@
+/* import-globals-from partitionedstorage_head.js */
+
+PartitionedStorageHelper.runTestInNormalAndPrivateMode(
+ "BroadcastChannel",
+ async (win3rdParty, win1stParty, allowed) => {
+ let a = new win3rdParty.BroadcastChannel("hello");
+ ok(!!a, "BroadcastChannel should be created by 3rd party iframe");
+
+ let b = new win1stParty.BroadcastChannel("hello");
+ ok(!!b, "BroadcastChannel should be created by 1st party iframe");
+
+ // BroadcastChannel uses the incument global, this means that its CTOR will
+ // always use the 3rd party iframe's window as global.
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedServiceWorkers.js b/toolkit/components/antitracking/test/browser/browser_partitionedServiceWorkers.js
new file mode 100644
index 0000000000..48b2e0f961
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedServiceWorkers.js
@@ -0,0 +1,89 @@
+/* import-globals-from partitionedstorage_head.js */
+
+PartitionedStorageHelper.runTest(
+ "ServiceWorkers",
+ async (win3rdParty, win1stParty, allowed) => {
+ // ServiceWorkers are not supported. Always blocked.
+ await win3rdParty.navigator.serviceWorker.register("empty.js").then(
+ _ => {
+ ok(allowed, "Success: ServiceWorker cannot be used!");
+ },
+ _ => {
+ ok(!allowed, "Failed: ServiceWorker cannot be used!");
+ }
+ );
+
+ await win1stParty.navigator.serviceWorker.register("empty.js").then(
+ _ => {
+ ok(true, "Success: ServiceWorker should be available!");
+ },
+ _ => {
+ ok(false, "Failed: ServiceWorker should be available!");
+ }
+ );
+ },
+
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+
+ [
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.ipc.processCount", 1],
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ]
+);
+
+PartitionedStorageHelper.runTest(
+ "ServiceWorkers - MatchAll",
+ async (win3rdParty, win1stParty, allowed) => {
+ if (!win1stParty.sw) {
+ let reg = await win1stParty.navigator.serviceWorker.register(
+ "matchAll.js"
+ );
+ if (reg.installing.state !== "activated") {
+ await new Promise(resolve => {
+ let w = reg.installing;
+ w.addEventListener("statechange", function onStateChange() {
+ if (w.state === "activated") {
+ w.removeEventListener("statechange", onStateChange);
+ win1stParty.sw = reg.active;
+ resolve();
+ }
+ });
+ });
+ }
+ }
+
+ let msgPromise = new Promise(resolve => {
+ win1stParty.navigator.serviceWorker.addEventListener("message", msg => {
+ resolve(msg.data);
+ });
+ });
+
+ win1stParty.sw.postMessage(win3rdParty.location.href);
+ let msg = await msgPromise;
+
+ is(allowed, msg, "We want to have the 3rd party window controlled.");
+ },
+
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+
+ [
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.ipc.processCount", 1],
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ]
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedSharedWorkers.js b/toolkit/components/antitracking/test/browser/browser_partitionedSharedWorkers.js
new file mode 100644
index 0000000000..eba56d6936
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedSharedWorkers.js
@@ -0,0 +1,80 @@
+/* import-globals-from partitionedstorage_head.js */
+
+PartitionedStorageHelper.runTestInNormalAndPrivateMode(
+ "SharedWorkers",
+ async (win3rdParty, win1stParty, allowed) => {
+ // This test fails if run with an HTTPS 3rd-party URL because the shared worker
+ // which would start from the window opened from 3rdPartyStorage.html will become
+ // secure context and per step 11.4.3 of
+ // https://html.spec.whatwg.org/multipage/workers.html#dom-sharedworker attempting
+ // to run the SharedWorker constructor would emit an error event.
+ is(
+ win3rdParty.location.protocol,
+ "http:",
+ "Our 3rd party URL shouldn't be HTTPS"
+ );
+
+ let sh1 = new win1stParty.SharedWorker("sharedWorker.js");
+ await new Promise(resolve => {
+ sh1.port.onmessage = e => {
+ is(e.data, 1, "We expected 1 connection");
+ resolve();
+ };
+ sh1.port.postMessage("count");
+ });
+
+ let sh3 = new win3rdParty.SharedWorker("sharedWorker.js");
+ await new Promise(resolve => {
+ sh3.port.onmessage = e => {
+ is(
+ e.data,
+ allowed ? 2 : 1,
+ `We expected ${allowed ? 2 : 1} connection for 3rd party SharedWorker`
+ );
+ resolve();
+ };
+ sh3.onerror = _ => {
+ ok(false, "We should not be here");
+ resolve();
+ };
+ sh3.port.postMessage("count");
+ });
+
+ sh1.port.postMessage("close");
+ sh3.port.postMessage("close");
+ },
+
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+);
+
+PartitionedStorageHelper.runPartitioningTestInNormalAndPrivateMode(
+ "Partitioned tabs - SharedWorker",
+ "sharedworker",
+
+ // getDataCallback
+ async win => {
+ win.sh = new win.SharedWorker("partitionedSharedWorker.js");
+ return new Promise(resolve => {
+ win.sh.port.onmessage = e => {
+ resolve(e.data);
+ };
+ win.sh.port.postMessage({ what: "get" });
+ });
+ },
+
+ // addDataCallback
+ async (win, value) => {
+ win.sh = new win.SharedWorker("partitionedSharedWorker.js");
+ win.sh.port.postMessage({ what: "put", value });
+ return true;
+ },
+
+ // cleanup
+ async _ => {}
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_permissionInNormalWindows.js b/toolkit/components/antitracking/test/browser/browser_permissionInNormalWindows.js
new file mode 100644
index 0000000000..9b953daac5
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_permissionInNormalWindows.js
@@ -0,0 +1,107 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "Test whether we receive any persistent permissions in normal windows",
+ // Blocking callback
+ async _ => {
+ // Nothing to do here!
+ },
+
+ // Non blocking callback
+ async _ => {
+ try {
+ // We load the test script in the parent process to check permissions.
+ let chromeScript = SpecialPowers.loadChromeScript(_ => {
+ // eslint-disable-next-line no-undef
+ addMessageListener("go", _ => {
+ const { Services } = ChromeUtils.import(
+ "resource://gre/modules/Services.jsm"
+ );
+
+ function ok(what, msg) {
+ // eslint-disable-next-line no-undef
+ sendAsyncMessage("ok", { what: !!what, msg });
+ }
+
+ function is(a, b, msg) {
+ ok(a === b, msg);
+ }
+
+ // We should use the principal of the TEST_DOMAIN since the storage
+ // permission is saved under it.
+ let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "http://example.net/"
+ );
+
+ for (let perm of Services.perms.getAllForPrincipal(principal)) {
+ // Ignore permissions other than storage access
+ if (!perm.type.startsWith("3rdPartyStorage^")) {
+ continue;
+ }
+ is(
+ perm.expireType,
+ Services.perms.EXPIRE_TIME,
+ "Permission must expire at a specific time"
+ );
+ ok(perm.expireTime > 0, "Permission must have a expiry time");
+ }
+
+ // eslint-disable-next-line no-undef
+ sendAsyncMessage("done");
+ });
+ });
+
+ chromeScript.addMessageListener("ok", obj => {
+ ok(obj.what, obj.msg);
+ });
+
+ await new Promise(resolve => {
+ chromeScript.addMessageListener("done", _ => {
+ chromeScript.destroy();
+ resolve();
+ });
+
+ chromeScript.sendAsyncMessage("go");
+ });
+
+ // We check the permission in tracking processes for non-Fission mode. In
+ // Fission mode, the permission won't be synced to the tracking process,
+ // so we don't check it.
+ if (!SpecialPowers.useRemoteSubframes) {
+ let Services = SpecialPowers.Services;
+ let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "http://example.net/"
+ );
+
+ for (let perm of Services.perms.getAllForPrincipal(principal)) {
+ // Ignore permissions other than storage access
+ if (!perm.type.startsWith("3rdPartyStorage^")) {
+ continue;
+ }
+ is(
+ perm.expireType,
+ Services.perms.EXPIRE_TIME,
+ "Permission must expire at a specific time"
+ );
+ ok(perm.expireTime > 0, "Permission must have a expiry time");
+ }
+ }
+ } catch (e) {
+ alert(e);
+ }
+ },
+
+ // Cleanup callback
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null, // no extra prefs
+ true, // run the window.open() test
+ true, // run the user interaction test
+ 0, // don't expect blocking notifications
+ false
+); // run in normal windows
diff --git a/toolkit/components/antitracking/test/browser/browser_permissionInPrivateWindows.js b/toolkit/components/antitracking/test/browser/browser_permissionInPrivateWindows.js
new file mode 100644
index 0000000000..9c31984456
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_permissionInPrivateWindows.js
@@ -0,0 +1,47 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "Test whether we receive any persistent permissions in private windows",
+ // Blocking callback
+ async _ => {
+ // Nothing to do here!
+ },
+
+ // Non blocking callback
+ async _ => {
+ try {
+ let Services = SpecialPowers.Services;
+ // We would use TEST_3RD_PARTY_DOMAIN here, except that the variable isn't
+ // accessible in the context of the web page...
+ let principal = SpecialPowers.wrap(document).nodePrincipal;
+ for (let perm of Services.perms.getAllForPrincipal(principal)) {
+ // Ignore permissions other than storage access
+ if (!perm.type.startsWith("3rdPartyStorage^")) {
+ continue;
+ }
+ is(
+ perm.expireType,
+ Services.perms.EXPIRE_SESSION,
+ "Permission must expire at the end of session"
+ );
+ is(perm.expireTime, 0, "Permission must have no expiry time");
+ }
+ } catch (e) {
+ alert(e);
+ }
+ },
+
+ // Cleanup callback
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null, // no extra prefs
+ true, // run the window.open() test
+ true, // run the user interaction test
+ 0, // don't expect blocking notifications
+ true
+); // run in private windows
diff --git a/toolkit/components/antitracking/test/browser/browser_permissionPropagation.js b/toolkit/components/antitracking/test/browser/browser_permissionPropagation.js
new file mode 100644
index 0000000000..ede63f8306
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_permissionPropagation.js
@@ -0,0 +1,416 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/* eslint-disable mozilla/no-arbitrary-setTimeout */
+
+/**
+ * This test makes sure the when we grant the storage permission, the
+ * permission is also propagated to iframes within the same agent cluster,
+ * but not to iframes in the other tabs.
+ */
+
+async function createTab(topUrl, iframeCount, opener, params) {
+ let newTab;
+ let browser;
+ if (opener) {
+ let promise = BrowserTestUtils.waitForNewTab(gBrowser, topUrl);
+ await SpecialPowers.spawn(opener, [topUrl], function(url) {
+ content.window.open(url, "_blank");
+ });
+ newTab = await promise;
+ browser = gBrowser.getBrowserForTab(newTab);
+ } else {
+ newTab = BrowserTestUtils.addTab(gBrowser, topUrl);
+
+ browser = gBrowser.getBrowserForTab(newTab);
+ await BrowserTestUtils.browserLoaded(browser);
+ }
+
+ await SpecialPowers.spawn(
+ browser,
+ [params, iframeCount, createTrackerFrame.toString()],
+ async function(params, count, fn) {
+ // eslint-disable-next-line no-eval
+ let fnCreateTrackerFrame = eval(`(() => (${fn}))()`);
+ await fnCreateTrackerFrame(params, count, ifr => {
+ ifr.contentWindow.postMessage(
+ { callback: params.msg.blockingCallback },
+ "*"
+ );
+ });
+ }
+ );
+
+ return Promise.resolve(newTab);
+}
+
+async function createTrackerFrame(params, count, callback) {
+ let iframes = [];
+ for (var i = 0; i < count; i++) {
+ iframes[i] = content.document.createElement("iframe");
+ await new content.Promise(resolve => {
+ iframes[i].id = "ifr" + i;
+ iframes[i].src = params.page;
+ iframes[i].onload = resolve;
+ content.document.body.appendChild(iframes[i]);
+ });
+
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ callback(iframes[i]);
+ });
+ }
+}
+
+async function testPermission(browser, block, params) {
+ await SpecialPowers.spawn(browser, [block, params], async function(
+ block,
+ params
+ ) {
+ for (let i = 0; ; i++) {
+ let ifr = content.document.getElementById("ifr" + i);
+ if (!ifr) {
+ break;
+ }
+
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ if (block) {
+ ifr.contentWindow.postMessage(
+ { callback: params.msg.blockingCallback },
+ "*"
+ );
+ } else {
+ ifr.contentWindow.postMessage(
+ { callback: params.msg.nonBlockingCallback },
+ "*"
+ );
+ }
+ });
+ }
+ });
+}
+
+add_task(async function testPermissionGrantedOn3rdParty() {
+ info("Starting permission propagation test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ await new Promise(resolve => {
+ // eslint-disable-next-line no-undef
+ let w = worker;
+ w.addEventListener(
+ "message",
+ e => {
+ ok(!e.data, "IDB is disabled");
+ resolve();
+ },
+ { once: true }
+ );
+ w.postMessage("go");
+ });
+ }).toString();
+
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ console.log("test hasStorageAccessInitially\n");
+ await hasStorageAccessInitially();
+
+ await new Promise(resolve => {
+ // eslint-disable-next-line no-undef
+ let w = worker;
+ w.addEventListener(
+ "message",
+ e => {
+ ok(e.data, "IDB is enabled");
+ resolve();
+ },
+ { once: true }
+ );
+ w.postMessage("go");
+ });
+ }).toString();
+
+ let top = TEST_TOP_PAGE;
+ let page = TEST_3RD_PARTY_PAGE_WORKER;
+ let pageOther =
+ TEST_ANOTHER_3RD_PARTY_DOMAIN + TEST_PATH + "3rdPartyWorker.html";
+ let params = { page, msg, pageOther };
+ // Create 4 tabs:
+ // 1. The first tab has two tracker iframes, said A & B.
+ // 2. The second tab is opened by the first tab, and it has one tracker iframe, said C.
+ // 3. The third tab has one tracker iframe, said D.
+ // 4. The fourth tab is opened by the first tab but with a different top-level url).
+ // The tab has one tracker iframe, said E.
+ //
+ // This test grants permission on iframe A, which then should propagate storage
+ // permission to iframe B & C, but not D, E
+
+ info("Creating the first tab");
+ let tab1 = await createTab(top, 2, null, params);
+ let browser1 = gBrowser.getBrowserForTab(tab1);
+
+ info("Creating the second tab");
+ let tab2 = await createTab(top, 1, browser1 /* opener */, params);
+ let browser2 = gBrowser.getBrowserForTab(tab2);
+
+ info("Creating the third tab");
+ let tab3 = await createTab(top, 1, null, params);
+ let browser3 = gBrowser.getBrowserForTab(tab3);
+
+ info("Creating the fourth tab");
+ let tab4 = await createTab(TEST_TOP_PAGE_2, 1, browser1, params);
+ let browser4 = gBrowser.getBrowserForTab(tab4);
+
+ info("Grant storage permission to the first iframe in the first tab");
+ await SpecialPowers.spawn(browser1, [page, msg], async function(page, msg) {
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ let ifr = content.document.getElementById("ifr0");
+ ifr.contentWindow.postMessage(
+ {
+ callback: (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+ }).toString(),
+ },
+ "*"
+ );
+ });
+ });
+
+ info("Both iframs of the first tab should have stroage permission");
+ await testPermission(browser1, false /* block */, params);
+
+ info("The iframe of the second tab should have storage permission");
+ await testPermission(browser2, false /* block */, params);
+
+ info("The iframe of the third tab should not have storage permission");
+ await testPermission(browser3, true /* block */, params);
+
+ info("The iframe of the fourth tab should not have storage permission");
+ await testPermission(browser4, true /* block */, params);
+
+ info("Removing the tabs");
+ BrowserTestUtils.removeTab(tab1);
+ BrowserTestUtils.removeTab(tab2);
+ BrowserTestUtils.removeTab(tab3);
+ BrowserTestUtils.removeTab(tab4);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
+
+add_task(async function testPermissionGrantedOnFirstParty() {
+ info("Starting permission propagation test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ await new Promise(resolve => {
+ // eslint-disable-next-line no-undef
+ let w = worker;
+ w.addEventListener(
+ "message",
+ e => {
+ ok(!e.data, "IDB is disabled");
+ resolve();
+ },
+ { once: true }
+ );
+ w.postMessage("go");
+ });
+ }).toString();
+
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ console.log("test hasStorageAccessInitially\n");
+ await hasStorageAccessInitially();
+
+ await new Promise(resolve => {
+ // eslint-disable-next-line no-undef
+ let w = worker;
+ w.addEventListener(
+ "message",
+ e => {
+ ok(e.data, "IDB is enabled");
+ resolve();
+ },
+ { once: true }
+ );
+ w.postMessage("go");
+ });
+ }).toString();
+
+ let top = TEST_TOP_PAGE;
+ let page = TEST_3RD_PARTY_PAGE_WORKER;
+ let params = { page, msg };
+ // Create 4 tabs:
+ // 1. The first tab has two tracker iframes, said A & B.
+ // 2. The second tab is opened by the first tab, and it has one tracker iframe, said C.
+ // 3. The third tab has one tracker iframe, said D.
+ // 4. The fourth tab is opened by the first tab but with a different top-level url).
+ // The tab has one tracker iframe, said E.
+ //
+ // This test grants permission on iframe A, which then should propagate storage
+ // permission to iframe B & C, but not D, E
+
+ info("Creating the first tab");
+ let tab1 = await createTab(top, 2, null, params);
+ let browser1 = gBrowser.getBrowserForTab(tab1);
+
+ info("Creating the second tab");
+ let tab2 = await createTab(top, 1, browser1 /* opener */, params);
+ let browser2 = gBrowser.getBrowserForTab(tab2);
+
+ info("Creating the third tab");
+ let tab3 = await createTab(top, 1, null, params);
+ let browser3 = gBrowser.getBrowserForTab(tab3);
+
+ info("Creating the fourth tab");
+ let tab4 = await createTab(TEST_TOP_PAGE_2, 1, browser1, params);
+ let browser4 = gBrowser.getBrowserForTab(tab4);
+
+ info("Grant storage permission to the first iframe in the first tab");
+ let promise = BrowserTestUtils.waitForNewTab(gBrowser, page);
+ await SpecialPowers.spawn(browser1, [page], async function(page) {
+ content.window.open(page, "_blank");
+ });
+ let tab = await promise;
+ BrowserTestUtils.removeTab(tab);
+
+ info("Both iframs of the first tab should have stroage permission");
+ await testPermission(browser1, false /* block */, params);
+
+ info("The iframe of the second tab should have storage permission");
+ await testPermission(browser2, false /* block */, params);
+
+ info("The iframe of the third tab should not have storage permission");
+ await testPermission(browser3, true /* block */, params);
+
+ info("The iframe of the fourth tab should not have storage permission");
+ await testPermission(browser4, true /* block */, params);
+
+ info("Removing the tabs");
+ BrowserTestUtils.removeTab(tab1);
+ BrowserTestUtils.removeTab(tab2);
+ BrowserTestUtils.removeTab(tab3);
+ BrowserTestUtils.removeTab(tab4);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_referrerDefaultPolicy.js b/toolkit/components/antitracking/test/browser/browser_referrerDefaultPolicy.js
new file mode 100644
index 0000000000..46465d9b8a
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_referrerDefaultPolicy.js
@@ -0,0 +1,571 @@
+requestLongerTimeout(8);
+
+const CHROME_BASE =
+ "chrome://mochitests/content/browser/browser/base/content/test/general/";
+Services.scriptloader.loadSubScript(CHROME_BASE + "head.js", this);
+/* import-globals-from ../../../../../browser/base/content/test/general/head.js */
+
+async function openAWindow(private) {
+ info("Creating a new " + (private ? "private" : "normal") + " window");
+ let win = OpenBrowserWindow({ private });
+ await TestUtils.topicObserved(
+ "browser-delayed-startup-finished",
+ subject => subject == win
+ ).then(() => win);
+ await BrowserTestUtils.firstBrowserLoaded(win);
+ return win;
+}
+
+async function testOnWindowBody(win, expectedReferrer, rp) {
+ let browser = win.gBrowser;
+ let tab = browser.selectedTab;
+ let b = browser.getBrowserForTab(tab);
+ await promiseTabLoadEvent(tab, TEST_TOP_PAGE);
+
+ info("Loading tracking scripts and tracking images");
+ let referrer = await SpecialPowers.spawn(b, [{ rp }], async function({ rp }) {
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ if (rp) {
+ src.referrerPolicy = rp;
+ }
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/referrer.sjs?what=script";
+ await p;
+ }
+
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ if (rp) {
+ img.referrerPolicy = rp;
+ }
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/referrer.sjs?what=image";
+ await p;
+ }
+
+ {
+ let iframe = content.document.createElement("iframe");
+ let p = new content.Promise(resolve => {
+ iframe.onload = resolve;
+ });
+ content.document.body.appendChild(iframe);
+ if (rp) {
+ iframe.referrerPolicy = rp;
+ }
+ iframe.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/referrer.sjs?what=iframe";
+ await p;
+
+ p = new content.Promise(resolve => {
+ content.onmessage = event => {
+ resolve(event.data);
+ };
+ });
+ iframe.contentWindow.postMessage("ping", "*");
+ return p;
+ }
+ });
+
+ is(referrer, expectedReferrer, "The correct referrer must be read from DOM");
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/referrer.sjs?result&what=script"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, expectedReferrer, "We sent the correct Referer header");
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/referrer.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, expectedReferrer, "We sent the correct Referer header");
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/referrer.sjs?result&what=iframe"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, expectedReferrer, "We sent the correct Referer header");
+ });
+}
+
+async function closeAWindow(win) {
+ await BrowserTestUtils.closeWindow(win);
+}
+
+let gRecording = true;
+let gScenarios = [];
+let gRPs = [];
+let gTests = { private: [], nonPrivate: [] };
+const kPBPref = "network.http.referer.defaultPolicy.trackers.pbmode";
+const kNonPBPref = "network.http.referer.defaultPolicy.trackers";
+
+function recordScenario(private, expectedReferrer, rp) {
+ if (!gRPs.includes(rp)) {
+ gRPs.push(rp);
+ }
+ gScenarios.push({
+ private,
+ expectedReferrer,
+ rp,
+ pbPref: Services.prefs.getIntPref(kPBPref),
+ nonPBPref: Services.prefs.getIntPref(kNonPBPref),
+ });
+}
+
+async function testOnWindow(private, expectedReferrer, rp) {
+ if (gRecording) {
+ recordScenario(private, expectedReferrer, rp);
+ }
+}
+
+function compileScenarios() {
+ let keys = { false: [], true: [] };
+ for (let s of gScenarios) {
+ let key = {
+ rp: s.rp,
+ pbPref: s.pbPref,
+ nonPBPref: s.nonPBPref,
+ };
+ let skip = false;
+ for (let k of keys[s.private]) {
+ if (
+ key.rp == k.rp &&
+ key.pbPref == k.pbPref &&
+ key.nonPBPref == k.nonPBPref
+ ) {
+ skip = true;
+ break;
+ }
+ }
+ if (!skip) {
+ keys[s.private].push(key);
+ gTests[s.private ? "private" : "nonPrivate"].push({
+ rp: s.rp,
+ pbPref: s.pbPref,
+ nonPBPref: s.nonPBPref,
+ expectedReferrer: s.expectedReferrer,
+ });
+ }
+ }
+
+ // Verify that all scenarios are checked
+ let counter = 1;
+ for (let s of gScenarios) {
+ let checked = false;
+ for (let tt in gTests) {
+ let private = tt == "private";
+ for (let t of gTests[tt]) {
+ if (
+ private == s.private &&
+ t.rp == s.rp &&
+ t.pbPref == s.pbPref &&
+ t.nonPBPref == s.nonPBPref &&
+ t.expectedReferrer == s.expectedReferrer
+ ) {
+ checked = true;
+ break;
+ }
+ }
+ }
+ ok(checked, `Scenario number ${counter++} checked`);
+ }
+}
+
+async function executeTests() {
+ compileScenarios();
+
+ gRecording = false;
+ for (let mode in gTests) {
+ info(`Open a ${mode} window`);
+ while (gTests[mode].length) {
+ let test = gTests[mode].shift();
+ info(`Running test ${test.toSource()}`);
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["network.http.referer.defaultPolicy.trackers", test.nonPBPref],
+ ["network.http.referer.defaultPolicy.trackers.pbmode", test.pbPref],
+ ],
+ });
+
+ let win = await openAWindow(mode == "private");
+
+ await testOnWindowBody(win, test.expectedReferrer, test.rp);
+
+ await closeAWindow(win);
+ }
+ }
+
+ Services.prefs.clearUserPref(kPBPref);
+ Services.prefs.clearUserPref(kNonPBPref);
+}
+
+function pn(name, private) {
+ return private ? name + ".pbmode" : name;
+}
+
+async function testOnNoReferrer(private) {
+ // no-referrer pref when no-referrer is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 3]],
+ });
+ await testOnWindow(private, "", "no-referrer");
+
+ // strict-origin-when-cross-origin pref when no-referrer is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 2]],
+ });
+ await testOnWindow(private, "", "no-referrer");
+
+ // same-origin pref when no-referrer is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 1]],
+ });
+ await testOnWindow(private, "", "no-referrer");
+
+ // no-referrer pref when no-referrer is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 0]],
+ });
+ await testOnWindow(private, "", "no-referrer");
+}
+
+async function testOnSameOrigin(private) {
+ // same-origin pref when same-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 3]],
+ });
+ await testOnWindow(private, "", "same-origin");
+
+ // strict-origin-when-cross-origin pref when same-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 2]],
+ });
+ await testOnWindow(private, "", "same-origin");
+
+ // same-origin pref when same-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 1]],
+ });
+ await testOnWindow(private, "", "same-origin");
+
+ // same-origin pref when same-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 0]],
+ });
+ await testOnWindow(private, "", "same-origin");
+}
+
+async function testOnNoReferrerWhenDowngrade(private) {
+ // no-referrer-when-downgrade pref when no-referrer-when-downgrade is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 3]],
+ });
+ await testOnWindow(private, TEST_TOP_PAGE, "no-referrer-when-downgrade");
+
+ // strict-origin-when-cross-origin pref when no-referrer-when-downgrade is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 2]],
+ });
+ await testOnWindow(private, TEST_TOP_PAGE, "no-referrer-when-downgrade");
+
+ // same-origin pref when no-referrer-when-downgrade is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 1]],
+ });
+ await testOnWindow(private, TEST_TOP_PAGE, "no-referrer-when-downgrade");
+
+ // no-referrer pref when no-referrer-when-downgrade is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 0]],
+ });
+ await testOnWindow(private, TEST_TOP_PAGE, "no-referrer-when-downgrade");
+}
+
+async function testOnOrigin(private) {
+ // origin pref when origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 3]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "origin");
+
+ // strict-origin pref when origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 2]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "origin");
+
+ // same-origin pref when origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 1]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "origin");
+
+ // no-referrer pref when origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 0]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "origin");
+}
+
+async function testOnStrictOrigin(private) {
+ // strict-origin pref when strict-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 3]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "strict-origin");
+
+ // strict-origin pref when strict-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 2]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "strict-origin");
+
+ // same-origin pref when strict-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 1]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "strict-origin");
+
+ // no-referrer pref when strict-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 0]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "strict-origin");
+}
+
+async function testOnOriginWhenCrossOrigin(private) {
+ // origin-when-cross-origin pref when origin-when-cross-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 3]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "origin-when-cross-origin");
+
+ // strict-origin-when-cross-origin pref when origin-when-cross-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 2]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "origin-when-cross-origin");
+
+ // same-origin pref when origin-when-cross-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 1]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "origin-when-cross-origin");
+
+ // no-referrer pref when origin-when-cross-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 0]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "origin-when-cross-origin");
+}
+
+async function testOnStrictOriginWhenCrossOrigin(private) {
+ // origin-when-cross-origin pref when strict-origin-when-cross-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 3]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "strict-origin-when-cross-origin");
+
+ // strict-origin-when-cross-origin pref when strict-origin-when-cross-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 2]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "strict-origin-when-cross-origin");
+
+ // same-origin pref when strict-origin-when-cross-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 1]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "strict-origin-when-cross-origin");
+
+ // no-referrer pref when strict-origin-when-cross-origin is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 0]],
+ });
+ await testOnWindow(private, TEST_DOMAIN, "strict-origin-when-cross-origin");
+}
+
+async function testOnUnsafeUrl(private) {
+ // no-referrer-when-downgrade pref when unsafe-url is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 3]],
+ });
+ await testOnWindow(private, TEST_TOP_PAGE, "unsafe-url");
+
+ // strict-origin-when-cross-origin pref when unsafe-url is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 2]],
+ });
+ await testOnWindow(private, TEST_TOP_PAGE, "unsafe-url");
+
+ // same-origin pref when unsafe-url is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 1]],
+ });
+ await testOnWindow(private, TEST_TOP_PAGE, "unsafe-url");
+
+ // no-referrer pref when unsafe-url is forced
+ await SpecialPowers.pushPrefEnv({
+ set: [[pn("network.http.referer.defaultPolicy.trackers", private), 0]],
+ });
+ await testOnWindow(private, TEST_TOP_PAGE, "unsafe-url");
+}
+
+add_task(async function() {
+ info("Starting referrer default policy test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["network.http.referer.defaultPolicy", 3],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ],
+ });
+
+ // no-referrer-when-downgrade
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.http.referer.defaultPolicy.trackers", 3]],
+ });
+ await testOnWindow(false, TEST_TOP_PAGE, null);
+
+ // strict-origin-when-cross-origin
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.http.referer.defaultPolicy.trackers", 2]],
+ });
+ await testOnWindow(false, TEST_DOMAIN, null);
+
+ // same-origin
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.http.referer.defaultPolicy.trackers", 1]],
+ });
+ await testOnWindow(false, "", null);
+
+ // no-referrer
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.http.referer.defaultPolicy.trackers", 0]],
+ });
+ await testOnWindow(false, "", null);
+
+ // override with no-referrer
+ await testOnNoReferrer(false);
+
+ // override with same-origin
+ await testOnSameOrigin(false);
+
+ // override with no-referrer-when-downgrade
+ await testOnNoReferrerWhenDowngrade(false);
+
+ // override with origin
+ await testOnOrigin(false);
+
+ // override with strict-origin
+ await testOnStrictOrigin(false);
+
+ // override with origin-when-cross-origin
+ await testOnOriginWhenCrossOrigin(false);
+
+ // override with strict-origin-when-cross-origin
+ await testOnStrictOriginWhenCrossOrigin(false);
+
+ // override with unsafe-url
+ await testOnUnsafeUrl(false);
+
+ // Reset the pref.
+ Services.prefs.clearUserPref("network.http.referer.defaultPolicy.trackers");
+
+ // no-referrer-when-downgrade
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ // Set both prefs, because if we only set the trackers pref, then the PB
+ // mode default policy pref (2) would apply!
+ ["network.http.referer.defaultPolicy.pbmode", 3],
+ ["network.http.referer.defaultPolicy.trackers.pbmode", 3],
+ ],
+ });
+ await testOnWindow(true, TEST_TOP_PAGE, null);
+
+ // strict-origin-when-cross-origin
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.http.referer.defaultPolicy.trackers.pbmode", 2]],
+ });
+ await testOnWindow(true, TEST_DOMAIN, null);
+
+ // same-origin
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.http.referer.defaultPolicy.trackers.pbmode", 1]],
+ });
+ await testOnWindow(true, "", null);
+
+ // no-referrer
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.http.referer.defaultPolicy.trackers.pbmode", 0]],
+ });
+ await testOnWindow(true, "", null);
+
+ // override with no-referrer
+ await testOnNoReferrer(true);
+
+ // override with same-origin
+ await testOnSameOrigin(true);
+
+ // override with no-referrer-when-downgrade
+ await testOnNoReferrerWhenDowngrade(true);
+
+ // override with origin
+ await testOnOrigin(true);
+
+ // override with strict-origin
+ await testOnStrictOrigin(true);
+
+ // override with origin-when-cross-origin
+ await testOnOriginWhenCrossOrigin(true);
+
+ // override with strict-origin-when-cross-origin
+ await testOnStrictOriginWhenCrossOrigin(true);
+
+ // override with unsafe-url
+ await testOnUnsafeUrl(true);
+
+ // Reset the pref.
+ Services.prefs.clearUserPref(
+ "network.http.referer.defaultPolicy.trackers.pbmode"
+ );
+});
+
+add_task(async function() {
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ await executeTests();
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_script.js b/toolkit/components/antitracking/test/browser/browser_script.js
new file mode 100644
index 0000000000..b1dcb246e1
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_script.js
@@ -0,0 +1,222 @@
+/* import-globals-from antitracking_head.js */
+
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ scriptURL: TEST_DOMAIN + TEST_PATH + "tracker.js",
+ page: TEST_3RD_PARTY_PAGE,
+ },
+ ],
+ async obj => {
+ info("Checking if permission is denied");
+ let callbackBlocked = async _ => {
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ };
+
+ let assertBlocked = () =>
+ new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(callbackBlocked.toString(), "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+
+ await assertBlocked();
+
+ info("Triggering a 3rd party script...");
+ let p = new content.Promise(resolve => {
+ let bc = new content.BroadcastChannel("a");
+ bc.onmessage = resolve;
+ });
+
+ let src = content.document.createElement("script");
+ content.document.body.appendChild(src);
+ src.src = obj.scriptURL;
+
+ await p;
+
+ info("Checking if permission is denied before interacting with tracker");
+ await assertBlocked();
+ }
+ );
+
+ await AntiTracking.interactWithTracker();
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ scriptURL: TEST_DOMAIN + TEST_PATH + "tracker.js",
+ page: TEST_3RD_PARTY_PAGE,
+ },
+ ],
+ async obj => {
+ info("Checking if permission is denied");
+ let callbackBlocked = async _ => {
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ };
+
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(callbackBlocked.toString(), "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+
+ info("Triggering a 3rd party script...");
+ let p = new content.Promise(resolve => {
+ let bc = new content.BroadcastChannel("a");
+ bc.onmessage = resolve;
+ });
+
+ let src = content.document.createElement("script");
+ content.document.body.appendChild(src);
+ src.src = obj.scriptURL;
+
+ await p;
+
+ info("Checking if permission is granted");
+ let callbackAllowed = async _ => {
+ localStorage.foo = 42;
+ ok(true, "LocalStorage can be used!");
+ };
+
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(callbackAllowed.toString(), "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_serviceWorkersWithStorageAccessGranted.js b/toolkit/components/antitracking/test/browser/browser_serviceWorkersWithStorageAccessGranted.js
new file mode 100644
index 0000000000..973e47590e
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_serviceWorkersWithStorageAccessGranted.js
@@ -0,0 +1,154 @@
+/** This tests that the service worker can be used if we have storage access
+ * permission. We manually write the storage access permission into the
+ * permission manager to simulate the storage access has been granted. We would
+ * test the service worker three times. The fist time is to check the service
+ * work is allowed. The second time is to load again and check it won't hit
+ * assertion, this assertion would only be hit if we have registered a service
+ * worker, see Bug 1631234.
+ *
+ * The third time is to load again but in a sandbox iframe to check it won't
+ * hit the assertion. See Bug 1637226 for details.
+ *
+ * The fourth time is to load again in a nested iframe to check it won't hit
+ * the assertion. See Bug 1641153 for details.
+ * */
+
+/* import-globals-from antitracking_head.js */
+
+add_task(async _ => {
+ // Manually add the storage permission.
+ PermissionTestUtils.add(
+ TEST_DOMAIN,
+ "3rdPartyStorage^https://tracking.example.org",
+ Services.perms.ALLOW_ACTION
+ );
+
+ registerCleanupFunction(_ => {
+ Services.perms.removeAll();
+ });
+
+ AntiTracking._createTask({
+ name:
+ "Test that we can use service worker if we have the storage access permission",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ allowList: false,
+ callback: async _ => {
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ _ => {
+ ok(true, "ServiceWorker can be used!");
+ },
+ _ => {
+ ok(false, "ServiceWorker can be used!");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+ },
+ extraPrefs: [
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ });
+
+ AntiTracking._createTask({
+ name:
+ "Test again to check if we can still use service worker without hit the assertion.",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ allowList: false,
+ callback: async _ => {
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ _ => {
+ ok(true, "ServiceWorker can be used!");
+ },
+ _ => {
+ ok(false, "ServiceWorker can be used!");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+ },
+ extraPrefs: [
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ });
+
+ AntiTracking._createTask({
+ name:
+ "Test again to check if we cannot use service worker in a sandbox iframe without hit the assertion.",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ allowList: false,
+ callback: async _ => {
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ _ => {
+ ok(false, "ServiceWorker cannot be used in sandbox iframe!");
+ },
+ _ => {
+ ok(true, "ServiceWorker cannot be used in sandbox iframe!");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+ },
+ extraPrefs: [
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ],
+ expectedBlockingNotifications:
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications,
+ runInPrivateWindow: false,
+ iframeSandbox: "allow-scripts allow-same-origin",
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ });
+
+ const NESTED_THIRD_PARTY_PAGE =
+ TEST_DOMAIN + TEST_PATH + "3rdPartyRelay.html?" + TEST_3RD_PARTY_PAGE;
+
+ AntiTracking._createTask({
+ name:
+ "Test again to check if we can use service worker in a nested iframe without hit the assertion.",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ allowList: false,
+ callback: async _ => {
+ await navigator.serviceWorker
+ .register("empty.js")
+ .then(
+ _ => {
+ ok(true, "ServiceWorker can be used in nested iframe!");
+ },
+ _ => {
+ ok(false, "ServiceWorker can be used in nested iframe!");
+ }
+ )
+ .catch(e => ok(false, "Promise rejected: " + e));
+ },
+ extraPrefs: [
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ thirdPartyPage: NESTED_THIRD_PARTY_PAGE,
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_siteSpecificWorkArounds.js b/toolkit/components/antitracking/test/browser/browser_siteSpecificWorkArounds.js
new file mode 100644
index 0000000000..6272cddb18
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_siteSpecificWorkArounds.js
@@ -0,0 +1,111 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "localStorage with a tracker that is entitylisted via a pref",
+ async _ => {
+ let shouldThrow = [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ );
+
+ let hasThrown;
+ try {
+ localStorage.foo = 42;
+ hasThrown = false;
+ } catch (e) {
+ hasThrown = true;
+ }
+
+ is(hasThrown, shouldThrow, "LocalStorage is allowed");
+ },
+ async _ => {
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [["urlclassifier.trackingAnnotationSkipURLs", "TRACKING.EXAMPLE.ORG"]],
+ false, // run the window.open() test
+ false, // run the user interaction test
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
+ false
+); // run in a normal window
+
+AntiTracking.runTest(
+ "localStorage with a tracker that is entitylisted via a fancy pref",
+ async _ => {
+ let shouldThrow = [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT,
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ );
+
+ let hasThrown;
+ try {
+ localStorage.foo = 42;
+ hasThrown = false;
+ } catch (e) {
+ hasThrown = true;
+ }
+
+ is(hasThrown, shouldThrow, "LocalStorage is allowed");
+ },
+ async _ => {
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [
+ [
+ "urlclassifier.trackingAnnotationSkipURLs",
+ "foobar.example,*.example.org,baz.example",
+ ],
+ ],
+ false, // run the window.open() test
+ false, // run the user interaction test
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
+ false
+); // run in a normal window
+
+AntiTracking.runTest(
+ "localStorage with a tracker that is entitylisted via a misconfigured pref",
+ async _ => {
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ },
+ async _ => {
+ localStorage.foo = 42;
+ ok(true, "LocalStorage is allowed");
+ },
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [["urlclassifier.trackingAnnotationSkipURLs", "*.tracking.example.org"]],
+ false, // run the window.open() test
+ false, // run the user interaction test
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
+ false
+); // run in a normal window
diff --git a/toolkit/components/antitracking/test/browser/browser_socialtracking.js b/toolkit/components/antitracking/test/browser/browser_socialtracking.js
new file mode 100644
index 0000000000..ae0a42f5ef
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_socialtracking.js
@@ -0,0 +1,144 @@
+/* eslint-disable prettier/prettier */
+
+function runTest(obj) {
+ add_task(async _ => {
+ info("Test: " + obj.testName);
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.ipc.processCount", 1],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ["privacy.storagePrincipal.enabledForTrackers", false],
+ [
+ "privacy.trackingprotection.socialtracking.enabled",
+ obj.protectionEnabled,
+ ],
+ ["privacy.socialtracking.block_cookies.enabled", obj.cookieBlocking],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a non-tracker top-level context");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("The non-tracker page opens a tracker iframe");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_DOMAIN_STP + TEST_PATH + "localStorage.html",
+ image: TEST_3RD_PARTY_DOMAIN_STP + TEST_PATH + "raptor.jpg",
+ loading: obj.loading,
+ result: obj.result,
+ },
+ ],
+ async obj => {
+ let loading = await new content.Promise(resolve => {
+ let image = new content.Image();
+ image.src = obj.image + "?" + Math.random();
+ image.onload = _ => resolve(true);
+ image.onerror = _ => resolve(false);
+ });
+
+ is(loading, obj.loading, "Loading expected");
+
+ if (obj.loading) {
+ let ifr = content.document.createElement("iframe");
+ ifr.setAttribute("id", "ifr");
+ ifr.setAttribute("src", obj.page);
+
+ info("Iframe loading...");
+ await new content.Promise(resolve => {
+ ifr.onload = resolve;
+ content.document.body.appendChild(ifr);
+ });
+
+ let p = new Promise(resolve => {
+ content.addEventListener(
+ "message",
+ e => {
+ resolve(e.data);
+ },
+ { once: true }
+ );
+ });
+
+ info("Setting localStorage value...");
+ ifr.contentWindow.postMessage("test", "*");
+
+ info("Getting the value...");
+ let value = await p;
+ is(value.status, obj.result, "We expect to succeed");
+ }
+ }
+ );
+
+ info("Checking content blocking log.");
+ let contentBlockingLog = JSON.parse(await browser.getContentBlockingLog());
+ let origins = Object.keys(contentBlockingLog);
+ is(origins.length, 1, "There should be one origin entry in the log.");
+ for (let origin of origins) {
+ is(
+ origin + "/",
+ TEST_3RD_PARTY_DOMAIN_STP,
+ "Correct tracker origin must be reported"
+ );
+ Assert.deepEqual(
+ contentBlockingLog[origin],
+ obj.expectedLogItems,
+ "Content blocking log should be as expected"
+ );
+ }
+
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+ });
+}
+
+runTest({
+ testName:
+ "Socialtracking-annotation feature enabled but not considered for tracking detection.",
+ protectionEnabled: false,
+ loading: true,
+ cookieBlocking: false,
+ result: true,
+ expectedLogItems: [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_LOADED, true, 1],
+ [Ci.nsIWebProgressListener.STATE_COOKIES_LOADED_SOCIALTRACKER, true, 1],
+ ],
+});
+
+runTest({
+ testName:
+ "Socialtracking-annotation feature enabled and considered for tracking detection.",
+ protectionEnabled: false,
+ loading: true,
+ cookieBlocking: true,
+ result: false,
+ expectedLogItems: [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_LOADED, true, 1],
+ [Ci.nsIWebProgressListener.STATE_COOKIES_LOADED_SOCIALTRACKER, true, 1],
+ [Ci.nsIWebProgressListener.STATE_LOADED_SOCIALTRACKING_CONTENT, true, 2],
+ [Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_SOCIALTRACKER, true, 2],
+ ],
+});
+
+runTest({
+ testName: "Socialtracking-protection feature enabled.",
+ protectionEnabled: true,
+ loading: false,
+ cookieBlocking: true,
+ result: false,
+ expectedLogItems: [
+ [Ci.nsIWebProgressListener.STATE_BLOCKED_SOCIALTRACKING_CONTENT, true, 1],
+ ],
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_socialtracking_save_image.js b/toolkit/components/antitracking/test/browser/browser_socialtracking_save_image.js
new file mode 100644
index 0000000000..75885722cb
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_socialtracking_save_image.js
@@ -0,0 +1,115 @@
+/**
+ * Bug 1663992 - Testing the 'Save Image As' works in an image document if the
+ * image is blocked by social tracker.
+ */
+"use strict";
+
+/* import-globals-from ../../../../content/tests/browser/common/mockTransfer.js */
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/toolkit/content/tests/browser/common/mockTransfer.js",
+ this
+);
+
+const TEST_IMAGE_URL =
+ "http://social-tracking.example.org/browser/toolkit/components/antitracking/test/browser/raptor.jpg";
+
+let MockFilePicker = SpecialPowers.MockFilePicker;
+MockFilePicker.init(window);
+
+const tempDir = createTemporarySaveDirectory();
+MockFilePicker.displayDirectory = tempDir;
+
+function createTemporarySaveDirectory() {
+ let saveDir = Services.dirsvc.get("TmpD", Ci.nsIFile);
+ saveDir.append("testsavedir");
+ saveDir.createUnique(Ci.nsIFile.DIRECTORY_TYPE, 0o755);
+ return saveDir;
+}
+
+function createPromiseForTransferComplete() {
+ return new Promise(resolve => {
+ MockFilePicker.showCallback = fp => {
+ info("MockFilePicker showCallback");
+
+ let fileName = fp.defaultString;
+ let destFile = tempDir.clone();
+ destFile.append(fileName);
+
+ MockFilePicker.setFiles([destFile]);
+ MockFilePicker.filterIndex = 0; // kSaveAsType_Complete
+
+ MockFilePicker.showCallback = null;
+ mockTransferCallback = function(downloadSuccess) {
+ ok(downloadSuccess, "Image should have been downloaded successfully");
+ mockTransferCallback = () => {};
+ resolve();
+ };
+ };
+ });
+}
+
+add_task(async function setup() {
+ info("Setting up the prefs.");
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.trackingprotection.socialtracking.enabled", true],
+ [
+ "urlclassifier.features.socialtracking.blacklistHosts",
+ "social-tracking.example.org",
+ ],
+ ],
+ });
+
+ info("Setting MockFilePicker.");
+ mockTransferRegisterer.register();
+
+ registerCleanupFunction(function() {
+ mockTransferRegisterer.unregister();
+ MockFilePicker.cleanup();
+ tempDir.remove(true);
+ });
+});
+
+add_task(async function() {
+ info("Open a new tab for testing");
+ let tab = await BrowserTestUtils.openNewForegroundTab(
+ gBrowser,
+ TEST_IMAGE_URL
+ );
+
+ let popupShownPromise = BrowserTestUtils.waitForEvent(document, "popupshown");
+
+ let browser = gBrowser.selectedBrowser;
+
+ info("Open the context menu.");
+ await BrowserTestUtils.synthesizeMouseAtCenter(
+ "img",
+ {
+ type: "contextmenu",
+ button: 2,
+ },
+ browser
+ );
+
+ await popupShownPromise;
+
+ let transferCompletePromise = createPromiseForTransferComplete();
+ let saveElement = document.getElementById(`context-saveimage`);
+ info("Triggering the save process.");
+ saveElement.doCommand();
+
+ info("Wait until the save is finished.");
+ await transferCompletePromise;
+
+ info("Close the context menu.");
+ let contextMenu = document.getElementById("contentAreaContextMenu");
+ let popupHiddenPromise = BrowserTestUtils.waitForEvent(
+ contextMenu,
+ "popuphidden"
+ );
+ contextMenu.hidePopup();
+ await popupHiddenPromise;
+
+ BrowserTestUtils.removeTab(tab);
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.js b/toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.js
new file mode 100644
index 0000000000..b6b46be03d
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.js
@@ -0,0 +1,151 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+const TEST_PAGE =
+ "http://example.org/browser/toolkit/components/antitracking/test/browser/empty.html";
+const TEST_ANOTHER_PAGE =
+ "http://example.com/browser/toolkit/components/antitracking/test/browser/empty.html";
+const TEST_PREFLIGHT_IFRAME_PAGE =
+ "http://mochi.test:8888/browser/toolkit/components/antitracking/test/browser/empty.html";
+const TEST_PREFLIGHT_PAGE =
+ "http://example.net/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.sjs";
+
+add_task(async function() {
+ let uuidGenerator = Cc["@mozilla.org/uuid-generator;1"].getService(
+ Ci.nsIUUIDGenerator
+ );
+
+ for (let networkIsolation of [true, false]) {
+ for (let partitionPerSite of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.partition.network_state", networkIsolation],
+ ["privacy.dynamic_firstparty.use_site", partitionPerSite],
+ ],
+ });
+
+ // First, create one tab under one first party.
+ let tab = await BrowserTestUtils.openNewForegroundTab(
+ gBrowser,
+ TEST_PAGE
+ );
+ let token = uuidGenerator.generateUUID().toString();
+
+ // Use fetch to verify that preflight cache is working. The preflight
+ // cache is keyed by the loading principal and the url. So, we load an
+ // iframe with one origin and use fetch in there to ensure we will have
+ // the same loading principal.
+ await SpecialPowers.spawn(
+ tab.linkedBrowser,
+ [TEST_PREFLIGHT_PAGE, TEST_PREFLIGHT_IFRAME_PAGE, token],
+ async (url, iframe_url, token) => {
+ let iframe = content.document.createElement("iframe");
+
+ await new Promise(resolve => {
+ iframe.onload = () => {
+ resolve();
+ };
+ content.document.body.appendChild(iframe);
+ iframe.src = iframe_url;
+ });
+
+ await SpecialPowers.spawn(
+ iframe,
+ [url, token],
+ async (url, token) => {
+ const test_url = `${url}?token=${token}`;
+ let response = await content.fetch(
+ new content.Request(test_url, {
+ mode: "cors",
+ method: "GET",
+ headers: [["x-test-header", "check"]],
+ })
+ );
+
+ is(
+ await response.text(),
+ "1",
+ "The preflight should be sent at first time"
+ );
+
+ response = await content.fetch(
+ new content.Request(test_url, {
+ mode: "cors",
+ method: "GET",
+ headers: [["x-test-header", "check"]],
+ })
+ );
+
+ is(
+ await response.text(),
+ "0",
+ "The preflight shouldn't be sent due to the preflight cache"
+ );
+ }
+ );
+ }
+ );
+
+ // Load the tab with a different first party. And use fetch to check if
+ // the preflight cache is partitioned. The fetch will also be performed in
+ // the iframe with the same origin as above to ensure we use the same
+ // loading principal.
+ BrowserTestUtils.loadURI(tab.linkedBrowser, TEST_ANOTHER_PAGE);
+ await BrowserTestUtils.browserLoaded(tab.linkedBrowser);
+
+ await SpecialPowers.spawn(
+ tab.linkedBrowser,
+ [
+ TEST_PREFLIGHT_PAGE,
+ TEST_PREFLIGHT_IFRAME_PAGE,
+ token,
+ networkIsolation,
+ ],
+ async (url, iframe_url, token, partitioned) => {
+ let iframe = content.document.createElement("iframe");
+
+ await new Promise(resolve => {
+ iframe.onload = () => {
+ resolve();
+ };
+ content.document.body.appendChild(iframe);
+ iframe.src = iframe_url;
+ });
+
+ await SpecialPowers.spawn(
+ iframe,
+ [url, token, partitioned],
+ async (url, token, partitioned) => {
+ const test_url = `${url}?token=${token}`;
+
+ let response = await content.fetch(
+ new content.Request(test_url, {
+ mode: "cors",
+ method: "GET",
+ headers: [["x-test-header", "check"]],
+ })
+ );
+
+ if (partitioned) {
+ is(
+ await response.text(),
+ "1",
+ "The preflight cache should be partitioned"
+ );
+ } else {
+ is(
+ await response.text(),
+ "0",
+ "The preflight cache shouldn't be partitioned"
+ );
+ }
+ }
+ );
+ }
+ );
+
+ BrowserTestUtils.removeTab(tab);
+ }
+ }
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.sjs b/toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.sjs
new file mode 100644
index 0000000000..f0665ea43c
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_staticPartition_CORS_preflight.sjs
@@ -0,0 +1,39 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+'use strict';
+
+Components.utils.importGlobalProperties(["URLSearchParams"]);
+
+function handleRequest(request, response) {
+ let query = new URLSearchParams(request.queryString);
+ let token = query.get("token");
+
+ response.setHeader("Content-Type", "text/plain", false);
+ response.setHeader("Access-Control-Allow-Origin", "*", false);
+ response.setHeader("Access-Control-Allow-Headers", "x-test-header", false);
+
+ if (request.method == "OPTIONS") {
+ response.setHeader(
+ "Access-Control-Allow-Methods",
+ request.getHeader("Access-Control-Request-Method"),
+ false);
+ response.setHeader("Access-Control-Max-Age", "20", false);
+
+ setState(token, token);
+ } else {
+ let test_op = request.getHeader("x-test-header");
+
+ if (test_op == "check") {
+ let value = getState(token);
+
+ if (value) {
+ response.write("1");
+ setState(token, "");
+ } else {
+ response.write("0");
+ }
+ }
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.js b/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.js
new file mode 100644
index 0000000000..fad656f8d5
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.js
@@ -0,0 +1,203 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+var unsecureEmptyURL =
+ "http://example.org/browser/toolkit/components/antitracking/test/browser/empty.html";
+var secureEmptyURL =
+ "https://example.org/browser/toolkit/components/antitracking/test/browser/empty.html";
+var secureAnotherEmptyURL =
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/empty.html";
+var secureURL =
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs";
+var unsecureURL =
+ "http://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs";
+var secureImgURL =
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs?image";
+var unsecureImgURL =
+ "http://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs?image";
+
+function cleanupHSTS(aPartitionEnabled, aUseSite) {
+ // Ensure to remove example.com from the HSTS list.
+ let sss = Cc["@mozilla.org/ssservice;1"].getService(
+ Ci.nsISiteSecurityService
+ );
+
+ for (let origin of ["example.com", "example.org"]) {
+ let originAttributes = {};
+
+ if (aPartitionEnabled) {
+ if (aUseSite) {
+ originAttributes = { partitionKey: `(http,${origin})` };
+ } else {
+ originAttributes = { partitionKey: origin };
+ }
+ }
+
+ sss.resetState(
+ Ci.nsISiteSecurityService.HEADER_HSTS,
+ NetUtil.newURI("http://example.com/"),
+ 0,
+ originAttributes
+ );
+ }
+}
+
+function promiseTabLoadEvent(aTab, aURL, aFinalURL) {
+ info("Wait for load tab event");
+ BrowserTestUtils.loadURI(aTab.linkedBrowser, aURL);
+ return BrowserTestUtils.browserLoaded(aTab.linkedBrowser, false, aFinalURL);
+}
+
+function waitFor(host, type) {
+ return new Promise(resolve => {
+ const observer = channel => {
+ if (
+ channel instanceof Ci.nsIHttpChannel &&
+ channel.URI.host === host &&
+ channel.loadInfo.internalContentPolicyType === type
+ ) {
+ Services.obs.removeObserver(observer, "http-on-stop-request");
+ resolve(channel.URI.spec);
+ }
+ };
+ Services.obs.addObserver(observer, "http-on-stop-request");
+ });
+}
+
+add_task(async function() {
+ for (let networkIsolation of [true, false]) {
+ for (let partitionPerSite of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.partition.network_state", networkIsolation],
+ ["privacy.dynamic_firstparty.use_site", partitionPerSite],
+ ["security.mixed_content.upgrade_display_content", false],
+ ],
+ });
+
+ let tab = (gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser));
+
+ // Let's load the secureURL as first-party in order to activate HSTS.
+ await promiseTabLoadEvent(tab, secureURL, secureURL);
+
+ // Let's test HSTS: unsecure -> secure.
+ await promiseTabLoadEvent(tab, unsecureURL, secureURL);
+ ok(true, "unsecure -> secure, first-party works!");
+
+ // Let's load a first-party.
+ await promiseTabLoadEvent(tab, unsecureEmptyURL, unsecureEmptyURL);
+
+ let finalURL = waitFor(
+ "example.com",
+ Ci.nsIContentPolicy.TYPE_INTERNAL_IFRAME
+ );
+
+ await SpecialPowers.spawn(tab.linkedBrowser, [unsecureURL], async url => {
+ let ifr = content.document.createElement("iframe");
+ content.document.body.appendChild(ifr);
+ ifr.src = url;
+ });
+
+ if (networkIsolation) {
+ is(await finalURL, unsecureURL, "HSTS doesn't work for 3rd parties");
+ } else {
+ is(await finalURL, secureURL, "HSTS works for 3rd parties");
+ }
+
+ gBrowser.removeCurrentTab();
+ cleanupHSTS(networkIsolation, partitionPerSite);
+ }
+ }
+});
+
+add_task(async function test_subresource() {
+ for (let networkIsolation of [true, false]) {
+ for (let partitionPerSite of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.partition.network_state", networkIsolation],
+ ["privacy.dynamic_firstparty.use_site", partitionPerSite],
+ ["security.mixed_content.upgrade_display_content", false],
+ ],
+ });
+
+ let tab = (gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser));
+
+ // Load a secure page as first party.
+ await promiseTabLoadEvent(tab, secureEmptyURL, secureEmptyURL);
+
+ let loadPromise = waitFor(
+ "example.com",
+ Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE
+ );
+
+ // Load a secure subresource to activate HSTS.
+ await SpecialPowers.spawn(
+ tab.linkedBrowser,
+ [secureImgURL],
+ async url => {
+ let ifr = content.document.createElement("img");
+ content.document.body.appendChild(ifr);
+ ifr.src = url;
+ }
+ );
+
+ // Ensure the subresource is loaded.
+ await loadPromise;
+
+ // Reload the secure page as first party.
+ await promiseTabLoadEvent(tab, secureEmptyURL, secureEmptyURL);
+
+ let finalURL = waitFor(
+ "example.com",
+ Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE
+ );
+
+ // Load a unsecure subresource, this should be upgraded to https.
+ await SpecialPowers.spawn(
+ tab.linkedBrowser,
+ [unsecureImgURL],
+ async url => {
+ let ifr = content.document.createElement("img");
+ content.document.body.appendChild(ifr);
+ ifr.src = url;
+ }
+ );
+
+ is(await finalURL, secureImgURL, "HSTS works for 3rd parties");
+
+ // Load the secure page with a different origin as first party.
+ await promiseTabLoadEvent(
+ tab,
+ secureAnotherEmptyURL,
+ secureAnotherEmptyURL
+ );
+
+ finalURL = waitFor(
+ "example.com",
+ Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE
+ );
+
+ // Load a unsecure subresource
+ await SpecialPowers.spawn(
+ tab.linkedBrowser,
+ [unsecureImgURL],
+ async url => {
+ let ifr = content.document.createElement("img");
+ content.document.body.appendChild(ifr);
+ ifr.src = url;
+ }
+ );
+
+ if (networkIsolation) {
+ is(await finalURL, unsecureImgURL, "HSTS doesn't work for 3rd parties");
+ } else {
+ is(await finalURL, secureImgURL, "HSTS works for 3rd parties");
+ }
+
+ gBrowser.removeCurrentTab();
+ cleanupHSTS(networkIsolation, partitionPerSite);
+ }
+ }
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs b/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs
new file mode 100644
index 0000000000..0644cfa773
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs
@@ -0,0 +1,25 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+const IMG_BYTES = atob(
+ "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAA" +
+ "DUlEQVQImWNgY2P7DwABOgESJhRQtgAAAABJRU5ErkJggg==");
+
+const PAGE = "<!DOCTYPE html><html><body><p>HSTS page</p></body></html>";
+
+function handleRequest(request, response) {
+ response.setStatusLine(request.httpVersion, "200", "OK");
+ response.setHeader("Strict-Transport-Security", "max-age=60");
+
+ if (request.queryString == "image") {
+ response.setHeader("Content-Type", "image/png", false);
+ response.setHeader("Content-Length", IMG_BYTES.length + "", false);
+ response.write(IMG_BYTES);
+ return;
+ }
+
+ response.setHeader("Content-Type", "text/html", false);
+ response.setHeader("Content-Length", PAGE.length + "", false);
+ response.write(PAGE);
+}
diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_cache.js b/toolkit/components/antitracking/test/browser/browser_staticPartition_cache.js
new file mode 100644
index 0000000000..cd777f3ffa
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_staticPartition_cache.js
@@ -0,0 +1,190 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+const cacheURL =
+ "http://example.org/browser/browser/components/originattributes/test/browser/file_cache.html";
+
+function countMatchingCacheEntries(cacheEntries, domain, fileSuffix) {
+ return cacheEntries
+ .map(entry => entry.uri.asciiSpec)
+ .filter(spec => spec.includes(domain))
+ .filter(spec => spec.includes("file_thirdPartyChild." + fileSuffix)).length;
+}
+
+async function checkCache(suffixes, originAttributes) {
+ const loadContextInfo = Services.loadContextInfo.custom(
+ false,
+ originAttributes
+ );
+
+ const data = await new Promise(resolve => {
+ let cacheEntries = [];
+ let cacheVisitor = {
+ onCacheStorageInfo(num, consumption) {},
+ onCacheEntryInfo(uri, idEnhance) {
+ cacheEntries.push({ uri, idEnhance });
+ },
+ onCacheEntryVisitCompleted() {
+ resolve(cacheEntries);
+ },
+ QueryInterface: ChromeUtils.generateQI(["nsICacheStorageVisitor"]),
+ };
+ // Visiting the disk cache also visits memory storage so we do not
+ // need to use Services.cache2.memoryCacheStorage() here.
+ let storage = Services.cache2.diskCacheStorage(loadContextInfo, false);
+ storage.asyncVisitStorage(cacheVisitor, true);
+ });
+
+ for (let suffix of suffixes) {
+ let foundEntryCount = countMatchingCacheEntries(
+ data,
+ "example.net",
+ suffix
+ );
+ ok(
+ foundEntryCount > 0,
+ `Cache entries expected for ${suffix} and OA=${JSON.stringify(
+ originAttributes
+ )}`
+ );
+ }
+}
+
+add_task(async function() {
+ info("Disable predictor and accept all");
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["network.predictor.enabled", false],
+ ["network.predictor.enable-prefetch", false],
+ ["network.cookie.cookieBehavior", 0],
+ ],
+ });
+
+ const tests = [
+ {
+ prefValue: true,
+ originAttributes: { partitionKey: "(http,example.org)" },
+ },
+ {
+ prefValue: false,
+ originAttributes: {},
+ },
+ ];
+
+ for (let test of tests) {
+ info("Clear image and network caches");
+ let tools = SpecialPowers.Cc["@mozilla.org/image/tools;1"].getService(
+ SpecialPowers.Ci.imgITools
+ );
+ let imageCache = tools.getImgCacheForDocument(window.document);
+ imageCache.clearCache(true); // true=chrome
+ imageCache.clearCache(false); // false=content
+ Services.cache2.clear();
+
+ info("Enabling network state partitioning");
+ await SpecialPowers.pushPrefEnv({
+ set: [["privacy.partition.network_state", test.prefValue]],
+ });
+
+ info("Let's load a page to populate some entries");
+ let tab = (gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser));
+ BrowserTestUtils.loadURI(tab.linkedBrowser, cacheURL);
+ await BrowserTestUtils.browserLoaded(tab.linkedBrowser, false, cacheURL);
+
+ let argObj = {
+ randomSuffix: Math.random(),
+ urlPrefix:
+ "http://example.net/browser/browser/components/originattributes/test/browser/",
+ };
+
+ await SpecialPowers.spawn(tab.linkedBrowser, [argObj], async function(arg) {
+ // The CSS cache needs to be cleared in-process.
+ content.windowUtils.clearSharedStyleSheetCache();
+
+ let videoURL = arg.urlPrefix + "file_thirdPartyChild.video.ogv";
+ let audioURL = arg.urlPrefix + "file_thirdPartyChild.audio.ogg";
+ let URLSuffix = "?r=" + arg.randomSuffix;
+
+ // Create the audio and video elements.
+ let audio = content.document.createElement("audio");
+ let video = content.document.createElement("video");
+ let audioSource = content.document.createElement("source");
+
+ // Append the audio element into the body, and wait until they're finished.
+ await new content.Promise(resolve => {
+ let audioLoaded = false;
+
+ let audioListener = () => {
+ Assert.ok(true, `Audio suspended: ${audioURL + URLSuffix}`);
+ audio.removeEventListener("suspend", audioListener);
+
+ audioLoaded = true;
+ if (audioLoaded) {
+ resolve();
+ }
+ };
+
+ Assert.ok(true, `Loading audio: ${audioURL + URLSuffix}`);
+
+ // Add the event listeners before everything in case we lose events.
+ audio.addEventListener("suspend", audioListener);
+
+ // Assign attributes for the audio element.
+ audioSource.setAttribute("src", audioURL + URLSuffix);
+ audioSource.setAttribute("type", "audio/ogg");
+
+ audio.appendChild(audioSource);
+ audio.autoplay = true;
+
+ content.document.body.appendChild(audio);
+ });
+
+ // Append the video element into the body, and wait until it's finished.
+ await new content.Promise(resolve => {
+ let listener = () => {
+ Assert.ok(true, `Video suspended: ${videoURL + URLSuffix}`);
+ video.removeEventListener("suspend", listener);
+ resolve();
+ };
+
+ Assert.ok(true, `Loading video: ${videoURL + URLSuffix}`);
+
+ // Add the event listener before everything in case we lose the event.
+ video.addEventListener("suspend", listener);
+
+ // Assign attributes for the video element.
+ video.setAttribute("src", videoURL + URLSuffix);
+ video.setAttribute("type", "video/ogg");
+
+ content.document.body.appendChild(video);
+ });
+ });
+
+ let maybePartitionedSuffixes = [
+ "iframe.html",
+ "link.css",
+ "script.js",
+ "img.png",
+ "favicon.png",
+ "object.png",
+ "embed.png",
+ "xhr.html",
+ "worker.xhr.html",
+ "audio.ogg",
+ "video.ogv",
+ "fetch.html",
+ "worker.fetch.html",
+ "request.html",
+ "worker.request.html",
+ "import.js",
+ "worker.js",
+ "sharedworker.js",
+ ];
+
+ info("Query the cache (maybe) partitioned cache");
+ await checkCache(maybePartitionedSuffixes, test.originAttributes);
+
+ gBrowser.removeCurrentTab();
+ }
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_network.js b/toolkit/components/antitracking/test/browser/browser_staticPartition_network.js
new file mode 100644
index 0000000000..e2570a804a
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_staticPartition_network.js
@@ -0,0 +1,108 @@
+function altSvcCacheKeyIsolated(parsed) {
+ return parsed.length > 5 && parsed[5] == "I";
+}
+
+function altSvcPartitionKey(key) {
+ let parts = key.split(":");
+ return parts[parts.length - 2];
+}
+
+const gHttpHandler = Cc["@mozilla.org/network/protocol;1?name=http"].getService(
+ Ci.nsIHttpProtocolHandler
+);
+
+add_task(async function() {
+ info("Starting tlsSessionTickets test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["browser.cache.disk.enable", false],
+ ["browser.cache.memory.enable", false],
+ ["network.cookie.cookieBehavior", Ci.nsICookieService.BEHAVIOR_ACCEPT],
+ ["network.http.altsvc.proxy_checks", false],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", false],
+ ["privacy.partition.network_state", true],
+ ["privacy.partition.network_state.connection_with_proxy", true],
+ ],
+ });
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ const thirdPartyURL =
+ "https://tlsresumptiontest.example.org/browser/toolkit/components/antitracking/test/browser/empty-altsvc.js";
+ const partitionKey1 = "^partitionKey=%28http%2Cexample.net%29";
+ const partitionKey2 = "^partitionKey=%28http%2Cmochi.test%29";
+
+ function checkAltSvcCache(keys) {
+ let arr = gHttpHandler.altSvcCacheKeys;
+ is(
+ arr.length,
+ keys.length,
+ "Found the expected number of items in the cache"
+ );
+ for (let i = 0; i < arr.length; ++i) {
+ is(
+ altSvcPartitionKey(arr[i]),
+ keys[i],
+ "Expected top window origin found in the Alt-Svc cache key"
+ );
+ }
+ }
+
+ checkAltSvcCache([]);
+
+ info("Loading something in the tab");
+ await SpecialPowers.spawn(browser, [{ thirdPartyURL }], async function(obj) {
+ dump("AAA: " + content.window.location.href + "\n");
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src = obj.thirdPartyURL;
+ await p;
+ });
+
+ checkAltSvcCache([partitionKey1]);
+
+ info("Creating a second tab");
+ let tab2 = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE_6);
+ gBrowser.selectedTab = tab2;
+
+ let browser2 = gBrowser.getBrowserForTab(tab2);
+ await BrowserTestUtils.browserLoaded(browser2);
+
+ info("Loading something in the second tab");
+ await SpecialPowers.spawn(browser2, [{ thirdPartyURL }], async function(obj) {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src = obj.thirdPartyURL;
+ await p;
+ });
+
+ checkAltSvcCache([partitionKey1, partitionKey2]);
+
+ info("Removing the tabs");
+ BrowserTestUtils.removeTab(tab);
+ BrowserTestUtils.removeTab(tab2);
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_saveAs.js b/toolkit/components/antitracking/test/browser/browser_staticPartition_saveAs.js
new file mode 100644
index 0000000000..cceccc247e
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_staticPartition_saveAs.js
@@ -0,0 +1,537 @@
+/**
+ * Bug 1641270 - A test case for ensuring the save channel will use the correct
+ * cookieJarSettings when doing the saving and the cache would
+ * work as expected.
+ */
+
+"use strict";
+
+/* import-globals-from ../../../../content/tests/browser/common/mockTransfer.js */
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/toolkit/content/tests/browser/common/mockTransfer.js",
+ this
+);
+
+const TEST_IMAGE_URL = TEST_DOMAIN + TEST_PATH + "file_saveAsImage.sjs";
+const TEST_VIDEO_URL = TEST_DOMAIN + TEST_PATH + "file_saveAsVideo.sjs";
+const TEST_PAGEINFO_URL = TEST_DOMAIN + TEST_PATH + "file_saveAsPageInfo.html";
+
+let MockFilePicker = SpecialPowers.MockFilePicker;
+MockFilePicker.init(window);
+
+const tempDir = createTemporarySaveDirectory();
+MockFilePicker.displayDirectory = tempDir;
+
+function createTemporarySaveDirectory() {
+ let saveDir = Services.dirsvc.get("TmpD", Ci.nsIFile);
+ saveDir.append("testsavedir");
+ saveDir.createUnique(Ci.nsIFile.DIRECTORY_TYPE, 0o755);
+ return saveDir;
+}
+
+function createPromiseForTransferComplete(aDesirableFileName) {
+ return new Promise(resolve => {
+ MockFilePicker.showCallback = fp => {
+ info("MockFilePicker showCallback");
+
+ let fileName = fp.defaultString;
+ let destFile = tempDir.clone();
+ destFile.append(fileName);
+
+ if (aDesirableFileName) {
+ is(fileName, aDesirableFileName, "The default file name is correct.");
+ }
+
+ MockFilePicker.setFiles([destFile]);
+ MockFilePicker.filterIndex = 0; // kSaveAsType_Complete
+
+ MockFilePicker.showCallback = null;
+ mockTransferCallback = function(downloadSuccess) {
+ ok(downloadSuccess, "File should have been downloaded successfully");
+ mockTransferCallback = () => {};
+ resolve();
+ };
+ };
+ });
+}
+
+function createPromiseForObservingChannel(aURL, aPartitionKey) {
+ return new Promise(resolve => {
+ let observer = (aSubject, aTopic) => {
+ if (aTopic === "http-on-modify-request") {
+ let httpChannel = aSubject.QueryInterface(Ci.nsIHttpChannel);
+ let reqLoadInfo = httpChannel.loadInfo;
+
+ // Make sure this is the request which we want to check.
+ if (!httpChannel.URI.spec.endsWith(aURL)) {
+ return;
+ }
+
+ info(`Checking loadInfo for URI: ${httpChannel.URI.spec}\n`);
+ is(
+ reqLoadInfo.cookieJarSettings.partitionKey,
+ aPartitionKey,
+ "The loadInfo has the correct partition key"
+ );
+
+ Services.obs.removeObserver(observer, "http-on-modify-request");
+ resolve();
+ }
+ };
+
+ Services.obs.addObserver(observer, "http-on-modify-request");
+ });
+}
+
+add_task(async function setup() {
+ info("Setting MockFilePicker.");
+ mockTransferRegisterer.register();
+
+ registerCleanupFunction(function() {
+ mockTransferRegisterer.unregister();
+ MockFilePicker.cleanup();
+ tempDir.remove(true);
+ });
+});
+
+add_task(async function testContextMenuSaveImage() {
+ let uuidGenerator = Cc["@mozilla.org/uuid-generator;1"].getService(
+ Ci.nsIUUIDGenerator
+ );
+
+ for (let networkIsolation of [true, false]) {
+ for (let partitionPerSite of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.partition.network_state", networkIsolation],
+ ["privacy.dynamic_firstparty.use_site", partitionPerSite],
+ ],
+ });
+
+ // We use token to separate the caches.
+ let token = uuidGenerator.generateUUID().toString();
+ const testImageURL = `${TEST_IMAGE_URL}?token=${token}`;
+
+ info(`Open a new tab for testing "Save image as" in context menu.`);
+ let tab = await BrowserTestUtils.openNewForegroundTab(
+ gBrowser,
+ TEST_TOP_PAGE
+ );
+
+ info(`Insert the testing image into the tab.`);
+ await SpecialPowers.spawn(
+ tab.linkedBrowser,
+ [testImageURL],
+ async url => {
+ let img = content.document.createElement("img");
+ let loaded = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.setAttribute("id", "image1");
+ img.src = url;
+ await loaded;
+ }
+ );
+
+ info("Open the context menu.");
+ let popupShownPromise = BrowserTestUtils.waitForEvent(
+ document,
+ "popupshown"
+ );
+
+ await BrowserTestUtils.synthesizeMouseAtCenter(
+ "#image1",
+ {
+ type: "contextmenu",
+ button: 2,
+ },
+ tab.linkedBrowser
+ );
+
+ await popupShownPromise;
+
+ let partitionKey = partitionPerSite
+ ? "(http,example.net)"
+ : "example.net";
+
+ let transferCompletePromise = createPromiseForTransferComplete();
+ let observerPromise = createPromiseForObservingChannel(
+ testImageURL,
+ partitionKey
+ );
+
+ let saveElement = document.getElementById("context-saveimage");
+ info("Triggering the save process.");
+ saveElement.doCommand();
+
+ info("Waiting for the channel.");
+ await observerPromise;
+
+ info("Wait until the save is finished.");
+ await transferCompletePromise;
+
+ info("Close the context menu.");
+ let contextMenu = document.getElementById("contentAreaContextMenu");
+ let popupHiddenPromise = BrowserTestUtils.waitForEvent(
+ contextMenu,
+ "popuphidden"
+ );
+ contextMenu.hidePopup();
+ await popupHiddenPromise;
+
+ // Check if there will be only one network request. The another one should
+ // be from cache.
+ let res = await fetch(`${TEST_IMAGE_URL}?token=${token}&result`);
+ let res_text = await res.text();
+ is(res_text, "1", "The image should be loaded only once.");
+
+ BrowserTestUtils.removeTab(tab);
+ }
+ }
+});
+
+add_task(async function testContextMenuSaveVideo() {
+ let uuidGenerator = Cc["@mozilla.org/uuid-generator;1"].getService(
+ Ci.nsIUUIDGenerator
+ );
+
+ for (let networkIsolation of [true, false]) {
+ for (let partitionPerSite of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.partition.network_state", networkIsolation],
+ ["privacy.dynamic_firstparty.use_site", partitionPerSite],
+ ],
+ });
+
+ // We use token to separate the caches.
+ let token = uuidGenerator.generateUUID().toString();
+ const testVideoURL = `${TEST_VIDEO_URL}?token=${token}`;
+
+ info(`Open a new tab for testing "Save Video as" in context menu.`);
+ let tab = await BrowserTestUtils.openNewForegroundTab(
+ gBrowser,
+ TEST_TOP_PAGE
+ );
+
+ info(`Insert the testing video into the tab.`);
+ await SpecialPowers.spawn(
+ tab.linkedBrowser,
+ [testVideoURL],
+ async url => {
+ let video = content.document.createElement("video");
+ let loaded = new content.Promise(resolve => {
+ video.onloadeddata = resolve;
+ });
+ content.document.body.appendChild(video);
+ video.setAttribute("id", "video1");
+ video.src = url;
+ await loaded;
+ }
+ );
+
+ info("Open the context menu.");
+ let popupShownPromise = BrowserTestUtils.waitForEvent(
+ document,
+ "popupshown"
+ );
+
+ await BrowserTestUtils.synthesizeMouseAtCenter(
+ "#video1",
+ {
+ type: "contextmenu",
+ button: 2,
+ },
+ tab.linkedBrowser
+ );
+
+ await popupShownPromise;
+
+ let partitionKey = partitionPerSite
+ ? "(http,example.net)"
+ : "example.net";
+
+ // We also check the default file name, see Bug 1679325.
+ let transferCompletePromise = createPromiseForTransferComplete(
+ "file_saveAsVideo.webm"
+ );
+ let observerPromise = createPromiseForObservingChannel(
+ testVideoURL,
+ partitionKey
+ );
+
+ let saveElement = document.getElementById("context-savevideo");
+ info("Triggering the save process.");
+ saveElement.doCommand();
+
+ info("Waiting for the channel.");
+ await observerPromise;
+
+ info("Wait until the save is finished.");
+ await transferCompletePromise;
+
+ info("Close the context menu.");
+ let contextMenu = document.getElementById("contentAreaContextMenu");
+ let popupHiddenPromise = BrowserTestUtils.waitForEvent(
+ contextMenu,
+ "popuphidden"
+ );
+ contextMenu.hidePopup();
+ await popupHiddenPromise;
+
+ // Check if there will be only one network request. The another one should
+ // be from cache.
+ let res = await fetch(`${TEST_VIDEO_URL}?token=${token}&result`);
+ let res_text = await res.text();
+ is(res_text, "1", "The video should be loaded only once.");
+
+ BrowserTestUtils.removeTab(tab);
+ }
+ }
+});
+
+add_task(async function testSavePageInOfflineMode() {
+ for (let networkIsolation of [true, false]) {
+ for (let partitionPerSite of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.partition.network_state", networkIsolation],
+ ["privacy.dynamic_firstparty.use_site", partitionPerSite],
+ ],
+ });
+
+ let partitionKey = partitionPerSite
+ ? "(http,example.net)"
+ : "example.net";
+
+ info(`Open a new tab which loads an image`);
+ let tab = await BrowserTestUtils.openNewForegroundTab(
+ gBrowser,
+ TEST_IMAGE_URL
+ );
+
+ info("Toggle on the offline mode");
+ BrowserOffline.toggleOfflineStatus();
+
+ info("Open file menu and trigger 'Save Page As'");
+ let menubar = document.getElementById("main-menubar");
+ let filePopup = document.getElementById("menu_FilePopup");
+
+ // We only use the shortcut keys to open the file menu in Windows and Linux.
+ // Mac doesn't have a shortcut to only open the file menu. Instead, we directly
+ // trigger the save in MAC without any UI interactions.
+ if (Services.appinfo.OS !== "Darwin") {
+ let menubarActive = BrowserTestUtils.waitForEvent(
+ menubar,
+ "DOMMenuBarActive"
+ );
+ EventUtils.synthesizeKey("KEY_F10");
+ await menubarActive;
+
+ let popupShownPromise = BrowserTestUtils.waitForEvent(
+ filePopup,
+ "popupshown"
+ );
+ // In window, it still needs one extra down key to open the file menu.
+ if (Services.appinfo.OS === "WINNT") {
+ EventUtils.synthesizeKey("KEY_ArrowDown");
+ }
+ await popupShownPromise;
+ }
+
+ let transferCompletePromise = createPromiseForTransferComplete();
+ let observerPromise = createPromiseForObservingChannel(
+ TEST_IMAGE_URL,
+ partitionKey
+ );
+
+ info("Triggering the save process.");
+ let fileSavePageAsElement = document.getElementById("menu_savePage");
+ fileSavePageAsElement.doCommand();
+
+ info("Waiting for the channel.");
+ await observerPromise;
+
+ info("Wait until the save is finished.");
+ await transferCompletePromise;
+
+ // Close the file menu.
+ if (Services.appinfo.OS !== "Darwin") {
+ let popupHiddenPromise = BrowserTestUtils.waitForEvent(
+ filePopup,
+ "popuphidden"
+ );
+ filePopup.hidePopup();
+ await popupHiddenPromise;
+ }
+
+ info("Toggle off the offline mode");
+ BrowserOffline.toggleOfflineStatus();
+
+ // Clean up
+ BrowserTestUtils.removeTab(tab);
+
+ // Clean up the cache count on the server side.
+ await fetch(`${TEST_IMAGE_URL}?result`);
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ }
+ }
+});
+
+add_task(async function testPageInfoMediaSaveAs() {
+ for (let networkIsolation of [true, false]) {
+ for (let partitionPerSite of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.partition.network_state", networkIsolation],
+ ["privacy.dynamic_firstparty.use_site", partitionPerSite],
+ ],
+ });
+
+ let partitionKey = partitionPerSite
+ ? "(http,example.net)"
+ : "example.net";
+
+ info(
+ `Open a new tab for testing "Save AS" in the media panel of the page info.`
+ );
+ let tab = await BrowserTestUtils.openNewForegroundTab(
+ gBrowser,
+ TEST_PAGEINFO_URL
+ );
+
+ info("Open the media panel of the pageinfo.");
+ let pageInfo = BrowserPageInfo(
+ gBrowser.selectedBrowser.currentURI.spec,
+ "mediaTab"
+ );
+
+ await BrowserTestUtils.waitForEvent(pageInfo, "page-info-init");
+
+ let imageTree = pageInfo.document.getElementById("imagetree");
+ let imageRowsNum = imageTree.view.rowCount;
+
+ is(imageRowsNum, 2, "There should be two media items here.");
+
+ for (let i = 0; i < imageRowsNum; i++) {
+ imageTree.view.selection.select(i);
+ imageTree.ensureRowIsVisible(i);
+ imageTree.focus();
+
+ // Wait until the preview is loaded.
+ let preview = pageInfo.document.getElementById("thepreviewimage");
+ let mediaType = pageInfo.gImageView.data[i][1]; // COL_IMAGE_TYPE
+ if (mediaType == "Image") {
+ await BrowserTestUtils.waitForEvent(preview, "loadend");
+ } else if (mediaType == "Video") {
+ await BrowserTestUtils.waitForEvent(preview, "canplaythrough");
+ }
+
+ let url = pageInfo.gImageView.data[i][0]; // COL_IMAGE_ADDRESS
+ info(`Start to save the media item with URL: ${url}`);
+
+ let transferCompletePromise = createPromiseForTransferComplete();
+
+ // Observe the channel and check if it has the correct partitionKey.
+ let observerPromise = createPromiseForObservingChannel(
+ url,
+ partitionKey
+ );
+
+ info("Triggering the save process.");
+ let saveElement = pageInfo.document.getElementById("imagesaveasbutton");
+ saveElement.doCommand();
+
+ info("Waiting for the channel.");
+ await observerPromise;
+
+ info("Wait until the save is finished.");
+ await transferCompletePromise;
+ }
+
+ pageInfo.close();
+ BrowserTestUtils.removeTab(tab);
+ }
+ }
+});
+
+add_task(async function testPageInfoMediaMultipleSelectedSaveAs() {
+ for (let networkIsolation of [true, false]) {
+ for (let partitionPerSite of [true, false]) {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.partition.network_state", networkIsolation],
+ ["privacy.dynamic_firstparty.use_site", partitionPerSite],
+ ],
+ });
+
+ let partitionKey = partitionPerSite
+ ? "(http,example.net)"
+ : "example.net";
+
+ info(
+ `Open a new tab for testing "Save AS" in the media panel of the page info.`
+ );
+ let tab = await BrowserTestUtils.openNewForegroundTab(
+ gBrowser,
+ TEST_PAGEINFO_URL
+ );
+
+ info("Open the media panel of the pageinfo.");
+ let pageInfo = BrowserPageInfo(
+ gBrowser.selectedBrowser.currentURI.spec,
+ "mediaTab"
+ );
+
+ await BrowserTestUtils.waitForEvent(pageInfo, "page-info-init");
+
+ // Make sure the preview image is loaded in order to avoid interfering
+ // following tests.
+ let preview = pageInfo.document.getElementById("thepreviewimage");
+ await BrowserTestUtils.waitForCondition(() => {
+ return preview.complete;
+ });
+
+ let imageTree = pageInfo.document.getElementById("imagetree");
+ let imageRowsNum = imageTree.view.rowCount;
+
+ is(imageRowsNum, 2, "There should be two media items here.");
+
+ imageTree.view.selection.selectAll();
+ imageTree.focus();
+
+ let url = pageInfo.gImageView.data[0][0]; // COL_IMAGE_ADDRESS
+ info(`Start to save the media item with URL: ${url}`);
+
+ let transferCompletePromise = createPromiseForTransferComplete();
+ let observerPromises = [];
+
+ // Observe all channels and check if they have the correct partitionKey.
+ for (let i = 0; i < imageRowsNum; ++i) {
+ let observerPromise = createPromiseForObservingChannel(
+ url,
+ partitionKey
+ );
+ observerPromises.push(observerPromise);
+ }
+
+ info("Triggering the save process.");
+ let saveElement = pageInfo.document.getElementById("imagesaveasbutton");
+ saveElement.doCommand();
+
+ info("Waiting for the all channels.");
+ await Promise.all(observerPromises);
+
+ info("Wait until the save is finished.");
+ await transferCompletePromise;
+
+ pageInfo.close();
+ BrowserTestUtils.removeTab(tab);
+ }
+ }
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js b/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js
new file mode 100644
index 0000000000..d0385eb76b
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessDoorHanger.js
@@ -0,0 +1,325 @@
+/* eslint-disable mozilla/no-arbitrary-setTimeout */
+const CHROME_BASE =
+ "chrome://mochitests/content/browser/browser/modules/test/browser/";
+Services.scriptloader.loadSubScript(CHROME_BASE + "head.js", this);
+/* import-globals-from ../../../../../browser/modules/test/browser/head.js */
+
+const BLOCK = 0;
+const ALLOW = 1;
+
+async function testDoorHanger(
+ choice,
+ showPrompt,
+ useEscape,
+ topPage,
+ maxConcurrent
+) {
+ info(
+ `Running doorhanger test with choice #${choice}, showPrompt: ${showPrompt} and ` +
+ `useEscape: ${useEscape}, topPage: ${topPage}, maxConcurrent: ${maxConcurrent}`
+ );
+
+ if (!showPrompt) {
+ is(choice, ALLOW, "When not showing a prompt, we can only auto-grant");
+ ok(
+ !useEscape,
+ "When not showing a prompt, we should not be trying to use the Esc key"
+ );
+ }
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.auto_grants", true],
+ ["dom.storage_access.auto_grants.delayed", false],
+ ["dom.storage_access.enabled", true],
+ ["dom.storage_access.max_concurrent_auto_grants", maxConcurrent],
+ ["dom.storage_access.prompt.testing", false],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ["browser.contentblocking.state-partitioning.mvp.ui.enabled", true],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let tab = BrowserTestUtils.addTab(gBrowser, topPage);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ async function runChecks() {
+ // We need to repeat this constant here since runChecks is stringified
+ // and sent to the content process.
+ const BLOCK = 0;
+
+ await new Promise(resolve => {
+ addEventListener(
+ "message",
+ function onMessage(e) {
+ if (e.data.startsWith("choice:")) {
+ window.choice = e.data.split(":")[1];
+ window.useEscape = e.data.split(":")[3];
+ removeEventListener("message", onMessage);
+ resolve();
+ }
+ },
+ false
+ );
+ parent.postMessage("getchoice", "*");
+ });
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ is(document.cookie, "", "No cookies for me");
+ document.cookie = "name=value";
+ is(document.cookie, "", "No cookies for me");
+
+ await fetch("server.sjs")
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+ // Let's do it twice.
+ await fetch("server.sjs")
+ .then(r => r.text())
+ .then(text => {
+ is(text, "cookie-not-present", "We should not have cookies");
+ });
+
+ is(document.cookie, "", "Still no cookies for me");
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ if (choice == BLOCK) {
+ // We've said no, so cookies are still blocked
+ is(document.cookie, "", "Still no cookies for me");
+ document.cookie = "name=value";
+ is(document.cookie, "", "No cookies for me");
+ } else {
+ // We've said yes, so cookies are allowed now
+ is(document.cookie, "", "No cookies for me");
+ document.cookie = "name=value";
+ is(document.cookie, "name=value", "I have the cookies!");
+ }
+ }
+
+ let permChanged;
+ // Only create the promise when we're going to click one of the allow buttons.
+ if (choice != BLOCK) {
+ permChanged = TestUtils.topicObserved("perm-changed", (subject, data) => {
+ let result;
+ if (choice == ALLOW) {
+ result =
+ subject &&
+ subject
+ .QueryInterface(Ci.nsIPermission)
+ .type.startsWith("3rdPartyStorage^") &&
+ subject.principal.origin == new URL(topPage).origin &&
+ data == "added";
+ }
+ return result;
+ });
+ }
+ let shownPromise = BrowserTestUtils.waitForEvent(
+ PopupNotifications.panel,
+ "popupshown"
+ );
+ shownPromise.then(async _ => {
+ if (topPage != gBrowser.currentURI.spec) {
+ return;
+ }
+ ok(showPrompt, "We shouldn't show the prompt when we don't intend to");
+ let notification = await new Promise(function poll(resolve) {
+ let notification = PopupNotifications.getNotification(
+ "storage-access",
+ browser
+ );
+ if (notification) {
+ resolve(notification);
+ return;
+ }
+ setTimeout(poll, 10);
+ });
+ Assert.ok(notification, "Should have gotten the notification");
+
+ if (choice == BLOCK) {
+ if (useEscape) {
+ EventUtils.synthesizeKey("KEY_Escape", {}, window);
+ } else {
+ await clickSecondaryAction();
+ }
+ } else if (choice == ALLOW) {
+ await clickMainAction();
+ }
+ if (choice != BLOCK) {
+ await permChanged;
+ }
+ });
+
+ let url = TEST_3RD_PARTY_PAGE + "?disableWaitUntilPermission";
+ let ct = SpecialPowers.spawn(
+ browser,
+ [{ page: url, callback: runChecks.toString(), choice, useEscape }],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj.callback, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ if (event.data == "getchoice") {
+ ifr.contentWindow.postMessage(
+ "choice:" + obj.choice + ":useEscape:" + obj.useEscape,
+ "*"
+ );
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+ if (showPrompt) {
+ await Promise.all([ct, shownPromise]);
+ } else {
+ await Promise.all([ct, permChanged]);
+ }
+ if (choice != BLOCK) {
+ let identityPopupPromise = BrowserTestUtils.waitForEvent(
+ window,
+ "popupshown",
+ true,
+ event => event.target == gIdentityHandler._identityPopup
+ );
+ gIdentityHandler._identityBox.click();
+ await identityPopupPromise;
+ let permissionItem = document.getElementById(
+ `identity-popup-permission-label-3rdPartyStorage^https://tracking.example.org`
+ );
+ ok(permissionItem, "Permission item exists");
+ ok(
+ BrowserTestUtils.is_visible(permissionItem),
+ "Permission item visible in the identity panel"
+ );
+ identityPopupPromise = BrowserTestUtils.waitForEvent(
+ gIdentityHandler._identityPopup,
+ "popuphidden"
+ );
+ gIdentityHandler._identityPopup.hidePopup();
+ await identityPopupPromise;
+ }
+
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+}
+
+async function preparePermissionsFromOtherSites(topPage) {
+ info("Faking permissions from other sites");
+ let type = "3rdPartyStorage^https://tracking.example.org";
+ let permission = Services.perms.ALLOW_ACTION;
+ let expireType = Services.perms.EXPIRE_SESSION;
+ if (topPage == TEST_TOP_PAGE) {
+ // For the first page, don't do anything
+ } else if (topPage == TEST_TOP_PAGE_2) {
+ // For the second page, only add the permission from the first page
+ PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
+ } else if (topPage == TEST_TOP_PAGE_3) {
+ // For the third page, add the permissions from the first two pages
+ PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_2, type, permission, expireType, 0);
+ } else if (topPage == TEST_TOP_PAGE_4) {
+ // For the fourth page, add the permissions from the first three pages
+ PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_2, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_3, type, permission, expireType, 0);
+ } else if (topPage == TEST_TOP_PAGE_5) {
+ // For the fifth page, add the permissions from the first four pages
+ PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_2, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_3, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_4, type, permission, expireType, 0);
+ } else if (topPage == TEST_TOP_PAGE_6) {
+ // For the sixth page, add the permissions from the first five pages
+ PermissionTestUtils.add(TEST_DOMAIN, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_2, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_3, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_4, type, permission, expireType, 0);
+ PermissionTestUtils.add(TEST_DOMAIN_5, type, permission, expireType, 0);
+ } else {
+ ok(false, "Unexpected top page: " + topPage);
+ }
+}
+
+async function cleanUp() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+}
+
+async function runRound(topPage, showPrompt, maxConcurrent) {
+ if (showPrompt) {
+ await preparePermissionsFromOtherSites(topPage);
+ await testDoorHanger(BLOCK, showPrompt, true, topPage, maxConcurrent);
+ await cleanUp();
+ await preparePermissionsFromOtherSites(topPage);
+ await testDoorHanger(BLOCK, showPrompt, false, topPage, maxConcurrent);
+ await cleanUp();
+ await preparePermissionsFromOtherSites(topPage);
+ await testDoorHanger(ALLOW, showPrompt, false, topPage, maxConcurrent);
+ await cleanUp();
+ } else {
+ await preparePermissionsFromOtherSites(topPage);
+ await testDoorHanger(ALLOW, showPrompt, false, topPage, maxConcurrent);
+ }
+ await cleanUp();
+}
+
+add_task(async function() {
+ await runRound(TEST_TOP_PAGE, false, 1);
+ await runRound(TEST_TOP_PAGE_2, true, 1);
+ await runRound(TEST_TOP_PAGE, false, 5);
+ await runRound(TEST_TOP_PAGE_2, false, 5);
+ await runRound(TEST_TOP_PAGE_3, false, 5);
+ await runRound(TEST_TOP_PAGE_4, false, 5);
+ await runRound(TEST_TOP_PAGE_5, false, 5);
+ await runRound(TEST_TOP_PAGE_6, true, 5);
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessPromiseRejectHandlerUserInteraction.js b/toolkit/components/antitracking/test/browser/browser_storageAccessPromiseRejectHandlerUserInteraction.js
new file mode 100644
index 0000000000..1146f79515
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessPromiseRejectHandlerUserInteraction.js
@@ -0,0 +1,33 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "Storage Access API returns promises that maintain user activation for calling its reject handler",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ let [threw, rejected] = await callRequestStorageAccess(dwu => {
+ ok(
+ dwu.isHandlingUserInput,
+ "Promise reject handler must run as if we're handling user input"
+ );
+ }, true);
+ ok(!threw, "requestStorageAccess should not throw");
+ ok(rejected, "requestStorageAccess should not be available");
+ },
+
+ null, // non-blocking callback
+ // cleanup function
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null, // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ 0, // expected blocking notifications
+ false, // private window
+ "allow-scripts allow-same-origin allow-popups" // iframe sandbox
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessPromiseResolveHandlerUserInteraction.js b/toolkit/components/antitracking/test/browser/browser_storageAccessPromiseResolveHandlerUserInteraction.js
new file mode 100644
index 0000000000..09d00fd121
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessPromiseResolveHandlerUserInteraction.js
@@ -0,0 +1,46 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "Storage Access API returns promises that maintain user activation",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ let [threw, rejected] = await callRequestStorageAccess(dwu => {
+ ok(
+ dwu.isHandlingUserInput,
+ "Promise handler must run as if we're handling user input"
+ );
+ });
+ ok(!threw, "requestStorageAccess should not throw");
+ ok(!rejected, "requestStorageAccess should be available");
+
+ let dwu = SpecialPowers.getDOMWindowUtils(window);
+ let helper = dwu.setHandlingUserInput(true);
+
+ let promise;
+ try {
+ promise = document.hasStorageAccess();
+ } finally {
+ helper.destruct();
+ }
+ await promise.then(_ => {
+ ok(
+ dwu.isHandlingUserInput,
+ "Promise handler must run as if we're handling user input"
+ );
+ });
+ },
+
+ null, // non-blocking callback
+ // cleanup function
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null, // extra prefs
+ false, // no window open test
+ false // no user-interaction test
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateSubframe.js b/toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateSubframe.js
new file mode 100644
index 0000000000..91606b68ef
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateSubframe.js
@@ -0,0 +1,43 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "Storage Access is removed when subframe navigates",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ },
+
+ // non-blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ let [threw, rejected] = await callRequestStorageAccess();
+ ok(!threw, "requestStorageAccess should not throw");
+ ok(!rejected, "requestStorageAccess should be available");
+ },
+ // cleanup function
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null, // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ 0, // no blocking notifications
+ false, // run in normal window
+ null, // no iframe sandbox
+ "navigate-subframe", // access removal type
+ // after-removal callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ // TODO: this is just a temporarily fixed, we should update the testcase
+ // in Bug 1649399
+ await hasStorageAccessInitially();
+ }
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateTopframe.js b/toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateTopframe.js
new file mode 100644
index 0000000000..22ec99ad07
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessRemovalNavigateTopframe.js
@@ -0,0 +1,41 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "Storage Access is removed when topframe navigates",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ },
+
+ // non-blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ let [threw, rejected] = await callRequestStorageAccess();
+ ok(!threw, "requestStorageAccess should not throw");
+ ok(!rejected, "requestStorageAccess should be available");
+ },
+ // cleanup function
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ null, // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ 0, // no blocking notifications
+ false, // run in normal window
+ null, // no iframe sandbox
+ "navigate-topframe", // access removal type
+ // after-removal callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ }
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessSandboxed.js b/toolkit/components/antitracking/test/browser/browser_storageAccessSandboxed.js
new file mode 100644
index 0000000000..2c9b7e3df8
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessSandboxed.js
@@ -0,0 +1,155 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking.runTest(
+ "Storage Access API called in a sandboxed iframe",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ let [threw, rejected] = await callRequestStorageAccess();
+ ok(!threw, "requestStorageAccess should not throw");
+ ok(rejected, "requestStorageAccess shouldn't be available");
+ },
+
+ null, // non-blocking callback
+ // cleanup function
+ async _ => {
+ // Only clear the user-interaction permissions for the tracker here so that
+ // the next test has a clean slate.
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromHost(
+ Services.io.newURI(TEST_3RD_PARTY_DOMAIN).host,
+ true,
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => resolve()
+ );
+ });
+ },
+ [["dom.storage_access.enabled", true]], // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ 0, // no blocking notifications
+ false, // run in normal window
+ "allow-scripts allow-same-origin allow-popups"
+);
+
+AntiTracking.runTest(
+ "Storage Access API called in a sandboxed iframe with" +
+ " allow-storage-access-by-user-activation",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ let [threw, rejected] = await callRequestStorageAccess();
+ ok(!threw, "requestStorageAccess should not throw");
+ ok(!rejected, "requestStorageAccess should be available");
+ },
+
+ null, // non-blocking callback
+ null, // cleanup function
+ [["dom.storage_access.enabled", true]], // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
+ false, // run in normal window
+ "allow-scripts allow-same-origin allow-popups allow-storage-access-by-user-activation"
+);
+
+AntiTracking.runTest(
+ "Verify that sandboxed contexts don't get the saved permission",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ },
+
+ null, // non-blocking callback
+ null, // cleanup function
+ [["dom.storage_access.enabled", true]], // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
+ false, // run in normal window
+ "allow-scripts allow-same-origin allow-popups"
+);
+
+AntiTracking.runTest(
+ "Verify that sandboxed contexts with" +
+ " allow-storage-access-by-user-activation get the" +
+ " saved permission",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ localStorage.foo = 42;
+ ok(true, "LocalStorage can be used!");
+ },
+
+ null, // non-blocking callback
+ null, // cleanup function
+ [["dom.storage_access.enabled", true]], // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ 0, // no blocking notifications
+ false, // run in normal window
+ "allow-scripts allow-same-origin allow-popups allow-storage-access-by-user-activation"
+);
+
+AntiTracking.runTest(
+ "Verify that private browsing contexts don't get the saved permission",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ try {
+ localStorage.foo = 42;
+ ok(false, "LocalStorage cannot be used!");
+ } catch (e) {
+ ok(true, "LocalStorage cannot be used!");
+ is(e.name, "SecurityError", "We want a security error message.");
+ }
+ },
+
+ null, // non-blocking callback
+ null, // cleanup function
+ [["dom.storage_access.enabled", true]], // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, // expect blocking notifications
+ true, // run in private window
+ null // iframe sandbox
+);
+
+AntiTracking.runTest(
+ "Verify that non-sandboxed contexts get the saved permission",
+ // blocking callback
+ async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+
+ localStorage.foo = 42;
+ ok(true, "LocalStorage can be used!");
+ },
+
+ null, // non-blocking callback
+ // cleanup function
+ async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+ },
+ [["dom.storage_access.enabled", true]], // extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ 0 // no blocking notifications
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessThirdPartyChecks.js b/toolkit/components/antitracking/test/browser/browser_storageAccessThirdPartyChecks.js
new file mode 100644
index 0000000000..a7849d74c9
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessThirdPartyChecks.js
@@ -0,0 +1,63 @@
+/* import-globals-from antitracking_head.js */
+
+AntiTracking._createTask({
+ name:
+ "Test that after a storage access grant we have full first-party access",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ blockingByContentBlockingRTUI: true,
+ allowList: false,
+ callback: async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+
+ await callRequestStorageAccess();
+
+ const TRACKING_PAGE =
+ "http://another-tracking.example.net/browser/browser/base/content/test/protectionsUI/trackingPage.html";
+ async function runChecks(name) {
+ let iframe = document.createElement("iframe");
+ iframe.src = TRACKING_PAGE;
+ document.body.appendChild(iframe);
+ await new Promise(resolve => {
+ iframe.onload = resolve;
+ });
+
+ await SpecialPowers.spawn(iframe, [name], name => {
+ content.postMessage(name, "*");
+ });
+
+ await new Promise(resolve => {
+ onmessage = e => {
+ if (e.data == "done") {
+ resolve();
+ }
+ };
+ });
+ }
+
+ await runChecks("image");
+ },
+ extraPrefs: null,
+ expectedBlockingNotifications:
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
+ errorMessageDomains: [
+ "http://tracking.example.org",
+ "http://tracking.example.org",
+ "http://tracking.example.org",
+ "http://tracking.example.org",
+ "http://tracking.example.org",
+ ],
+});
+
+add_task(async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessWithDynamicFpi.js b/toolkit/components/antitracking/test/browser/browser_storageAccessWithDynamicFpi.js
new file mode 100644
index 0000000000..8928bb7f16
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessWithDynamicFpi.js
@@ -0,0 +1,531 @@
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* import-globals-from head.js */
+
+"use strict";
+
+const { RemoteSettings } = ChromeUtils.import(
+ "resource://services-settings/remote-settings.js"
+);
+
+XPCOMUtils.defineLazyServiceGetter(
+ this,
+ "peuService",
+ "@mozilla.org/partitioning/exception-list-service;1",
+ "nsIPartitioningExceptionListService"
+);
+
+const TEST_REDIRECT_TOP_PAGE =
+ TEST_3RD_PARTY_DOMAIN + TEST_PATH + "redirect.sjs?" + TEST_TOP_PAGE;
+const TEST_REDIRECT_3RD_PARTY_PAGE =
+ TEST_DOMAIN + TEST_PATH + "redirect.sjs?" + TEST_3RD_PARTY_PARTITIONED_PAGE;
+
+const COLLECTION_NAME = "partitioning-exempt-urls";
+const EXCEPTION_LIST_PREF_NAME = "privacy.restrict3rdpartystorage.skip_list";
+
+async function cleanup() {
+ Services.prefs.clearUserPref(EXCEPTION_LIST_PREF_NAME);
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+}
+
+add_task(async function setup() {
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ ],
+ ["privacy.restrict3rdpartystorage.heuristic.redirect", false],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ],
+ });
+ registerCleanupFunction(cleanup);
+});
+
+function executeContentScript(browser, callback, options = {}) {
+ return SpecialPowers.spawn(
+ browser,
+ [
+ {
+ callback: callback.toString(),
+ ...options,
+ },
+ ],
+ obj => {
+ return new content.Promise(async resolve => {
+ if (obj.page) {
+ // third-party
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = async () => {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(
+ { cb: obj.callback, value: obj.value },
+ "*"
+ );
+ };
+
+ content.addEventListener("message", event => resolve(event.data), {
+ once: true,
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ } else {
+ // first-party
+ let runnableStr = `(() => {return (${obj.callback});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ resolve(await runnable.call(content, content, obj.value));
+ }
+ });
+ }
+ );
+}
+
+function readNetworkCookie(win) {
+ return win
+ .fetch("cookies.sjs")
+ .then(r => r.text())
+ .then(text => {
+ return text.substring("cookie:foopy=".length);
+ });
+}
+
+async function writeNetworkCookie(win, value) {
+ await win.fetch("cookies.sjs?" + value).then(r => r.text());
+ return true;
+}
+
+function createDataInFirstParty(browser, value) {
+ return executeContentScript(browser, writeNetworkCookie, { value });
+}
+function getDataFromFirstParty(browser) {
+ return executeContentScript(browser, readNetworkCookie, {});
+}
+function createDataInThirdParty(browser, value) {
+ return executeContentScript(browser, writeNetworkCookie, {
+ page: TEST_3RD_PARTY_PARTITIONED_PAGE,
+ value,
+ });
+}
+function getDataFromThirdParty(browser) {
+ return executeContentScript(browser, readNetworkCookie, {
+ page: TEST_3RD_PARTY_PARTITIONED_PAGE,
+ });
+}
+
+async function redirectWithUserInteraction(browser, url, wait = null) {
+ await executeContentScript(
+ browser,
+ (content, value) => {
+ content.document.userInteractionForTesting();
+
+ let link = content.document.createElement("a");
+ link.appendChild(content.document.createTextNode("click me!"));
+ link.href = value;
+ content.document.body.appendChild(link);
+ link.click();
+ },
+ {
+ value: url,
+ }
+ );
+ await BrowserTestUtils.browserLoaded(browser, false, wait || url);
+}
+
+async function checkData(browser, options) {
+ if ("firstParty" in options) {
+ is(
+ await getDataFromFirstParty(browser),
+ options.firstParty,
+ "correct first-party data"
+ );
+ }
+ if ("thirdParty" in options) {
+ is(
+ await getDataFromThirdParty(browser),
+ options.thirdParty,
+ "correct third-party data"
+ );
+ }
+}
+
+add_task(async function testRedirectHeuristic() {
+ info("Starting Dynamic FPI Redirect Heuristic test...");
+
+ await SpecialPowers.pushPrefEnv({
+ set: [["privacy.restrict3rdpartystorage.heuristic.recently_visited", true]],
+ });
+
+ // mark third-party as tracker
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("initializing...");
+ await checkData(browser, { firstParty: "", thirdParty: "" });
+
+ await Promise.all([
+ createDataInFirstParty(browser, "firstParty"),
+ createDataInThirdParty(browser, "thirdParty"),
+ ]);
+
+ await checkData(browser, {
+ firstParty: "firstParty",
+ thirdParty: "",
+ });
+
+ info("load third-party content as first-party");
+ await redirectWithUserInteraction(
+ browser,
+ TEST_REDIRECT_3RD_PARTY_PAGE,
+ TEST_3RD_PARTY_PARTITIONED_PAGE
+ );
+
+ await checkData(browser, { firstParty: "" });
+ await createDataInFirstParty(browser, "heuristicFirstParty");
+ await checkData(browser, { firstParty: "heuristicFirstParty" });
+
+ info("redirect back to first-party page");
+ await redirectWithUserInteraction(
+ browser,
+ TEST_REDIRECT_TOP_PAGE,
+ TEST_TOP_PAGE
+ );
+
+ info("third-party tracker should NOT able to access first-party data");
+ await checkData(browser, {
+ firstParty: "firstParty",
+ thirdParty: "",
+ });
+
+ // remove third-party from tracker
+ await UrlClassifierTestUtils.cleanupTestTrackers();
+
+ info("load third-party content as first-party");
+ await redirectWithUserInteraction(
+ browser,
+ TEST_REDIRECT_3RD_PARTY_PAGE,
+ TEST_3RD_PARTY_PARTITIONED_PAGE
+ );
+
+ await checkData(browser, {
+ firstParty: "heuristicFirstParty",
+ });
+
+ info("redirect back to first-party page");
+ await redirectWithUserInteraction(
+ browser,
+ TEST_REDIRECT_TOP_PAGE,
+ TEST_TOP_PAGE
+ );
+
+ info("third-party page should able to access first-party data");
+ await checkData(browser, {
+ firstParty: "firstParty",
+ thirdParty: "heuristicFirstParty",
+ });
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ await cleanup();
+});
+
+class UpdateEvent extends EventTarget {}
+function waitForEvent(element, eventName) {
+ return new Promise(function(resolve) {
+ element.addEventListener(eventName, e => resolve(e.detail), { once: true });
+ });
+}
+
+add_task(async function testExceptionListPref() {
+ info("Starting Dynamic FPI exception list test pref");
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.restrict3rdpartystorage.heuristic.recently_visited", false],
+ ],
+ });
+
+ info("Creating new tabs");
+ let tabThirdParty = BrowserTestUtils.addTab(
+ gBrowser,
+ TEST_3RD_PARTY_PARTITIONED_PAGE
+ );
+ gBrowser.selectedTab = tabThirdParty;
+
+ let browserThirdParty = gBrowser.getBrowserForTab(tabThirdParty);
+ await BrowserTestUtils.browserLoaded(browserThirdParty);
+
+ let tabFirstParty = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tabFirstParty;
+
+ let browserFirstParty = gBrowser.getBrowserForTab(tabFirstParty);
+ await BrowserTestUtils.browserLoaded(browserFirstParty);
+
+ info("initializing...");
+ await Promise.all([
+ checkData(browserFirstParty, { firstParty: "", thirdParty: "" }),
+ checkData(browserThirdParty, { firstParty: "" }),
+ ]);
+
+ info("fill default data");
+ await Promise.all([
+ createDataInFirstParty(browserFirstParty, "firstParty"),
+ createDataInThirdParty(browserFirstParty, "thirdParty"),
+ createDataInFirstParty(browserThirdParty, "ExceptionListFirstParty"),
+ ]);
+
+ info("check data");
+ await Promise.all([
+ checkData(browserFirstParty, {
+ firstParty: "firstParty",
+ thirdParty: "thirdParty",
+ }),
+ checkData(browserThirdParty, { firstParty: "ExceptionListFirstParty" }),
+ ]);
+
+ info("set exception list pref");
+ Services.prefs.setStringPref(
+ EXCEPTION_LIST_PREF_NAME,
+ `${TEST_DOMAIN},${TEST_3RD_PARTY_DOMAIN}`
+ );
+
+ info("check data");
+ await Promise.all([
+ checkData(browserFirstParty, {
+ firstParty: "firstParty",
+ thirdParty: "ExceptionListFirstParty",
+ }),
+ checkData(browserThirdParty, { firstParty: "ExceptionListFirstParty" }),
+ ]);
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tabFirstParty);
+ BrowserTestUtils.removeTab(tabThirdParty);
+
+ await cleanup();
+});
+
+add_task(async function testExceptionListRemoteSettings() {
+ info("Starting Dynamic FPI exception list test (remote settings)");
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.restrict3rdpartystorage.heuristic.recently_visited", false],
+ ],
+ });
+
+ // Make sure we have a pref initially, since the exception list service
+ // requires it.
+ Services.prefs.setStringPref(EXCEPTION_LIST_PREF_NAME, "");
+
+ // Add some initial data
+ let db = await RemoteSettings(COLLECTION_NAME).db;
+ await db.importChanges({}, 42, []);
+
+ // make peuSerivce start working by calling
+ // registerAndRunExceptionListObserver
+ let updateEvent = new UpdateEvent();
+ let obs = data => {
+ let event = new CustomEvent("update", { detail: data });
+ updateEvent.dispatchEvent(event);
+ };
+ let promise = waitForEvent(updateEvent, "update");
+ peuService.registerAndRunExceptionListObserver(obs);
+ await promise;
+
+ info("Creating new tabs");
+ let tabThirdParty = BrowserTestUtils.addTab(
+ gBrowser,
+ TEST_3RD_PARTY_PARTITIONED_PAGE
+ );
+ gBrowser.selectedTab = tabThirdParty;
+
+ let browserThirdParty = gBrowser.getBrowserForTab(tabThirdParty);
+ await BrowserTestUtils.browserLoaded(browserThirdParty);
+
+ let tabFirstParty = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tabFirstParty;
+
+ let browserFirstParty = gBrowser.getBrowserForTab(tabFirstParty);
+ await BrowserTestUtils.browserLoaded(browserFirstParty);
+
+ info("initializing...");
+ await Promise.all([
+ checkData(browserFirstParty, { firstParty: "", thirdParty: "" }),
+ checkData(browserThirdParty, { firstParty: "" }),
+ ]);
+
+ info("fill default data");
+ await Promise.all([
+ createDataInFirstParty(browserFirstParty, "firstParty"),
+ createDataInThirdParty(browserFirstParty, "thirdParty"),
+ createDataInFirstParty(browserThirdParty, "ExceptionListFirstParty"),
+ ]);
+
+ info("check data");
+ await Promise.all([
+ checkData(browserFirstParty, {
+ firstParty: "firstParty",
+ thirdParty: "thirdParty",
+ }),
+ checkData(browserThirdParty, { firstParty: "ExceptionListFirstParty" }),
+ ]);
+
+ info("set exception list remote settings");
+
+ // set records
+ promise = waitForEvent(updateEvent, "update");
+ await RemoteSettings(COLLECTION_NAME).emit("sync", {
+ data: {
+ current: [
+ {
+ id: "1",
+ last_modified: 100000000000000000001,
+ firstPartyOrigin: TEST_DOMAIN,
+ thirdPartyOrigin: TEST_3RD_PARTY_DOMAIN,
+ },
+ ],
+ },
+ });
+
+ let list = await promise;
+ is(
+ list,
+ `${TEST_DOMAIN},${TEST_3RD_PARTY_DOMAIN}`,
+ "exception list is correctly set"
+ );
+
+ info("check data");
+ await Promise.all([
+ checkData(browserFirstParty, {
+ firstParty: "firstParty",
+ thirdParty: "ExceptionListFirstParty",
+ }),
+ checkData(browserThirdParty, { firstParty: "ExceptionListFirstParty" }),
+ ]);
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tabFirstParty);
+ BrowserTestUtils.removeTab(tabThirdParty);
+
+ promise = waitForEvent(updateEvent, "update");
+ await RemoteSettings(COLLECTION_NAME).emit("sync", {
+ data: {
+ current: [],
+ },
+ });
+ is(await promise, "", "Exception list is cleared");
+
+ peuService.unregisterExceptionListObserver(obs);
+ await cleanup();
+});
+
+add_task(async function testWildcardExceptionListPref() {
+ info("Starting Dynamic FPI wirdcard exception list test pref");
+
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.restrict3rdpartystorage.heuristic.recently_visited", false],
+ ],
+ });
+
+ info("Creating new tabs");
+ let tabThirdParty = BrowserTestUtils.addTab(
+ gBrowser,
+ TEST_3RD_PARTY_PARTITIONED_PAGE
+ );
+ gBrowser.selectedTab = tabThirdParty;
+
+ let browserThirdParty = gBrowser.getBrowserForTab(tabThirdParty);
+ await BrowserTestUtils.browserLoaded(browserThirdParty);
+
+ let tabFirstParty = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tabFirstParty;
+
+ let browserFirstParty = gBrowser.getBrowserForTab(tabFirstParty);
+ await BrowserTestUtils.browserLoaded(browserFirstParty);
+
+ info("initializing...");
+ await Promise.all([
+ checkData(browserFirstParty, { firstParty: "", thirdParty: "" }),
+ checkData(browserThirdParty, { firstParty: "" }),
+ ]);
+
+ info("fill default data");
+ await Promise.all([
+ createDataInFirstParty(browserFirstParty, "firstParty"),
+ createDataInThirdParty(browserFirstParty, "thirdParty"),
+ createDataInFirstParty(browserThirdParty, "ExceptionListFirstParty"),
+ ]);
+
+ info("check initial data");
+ await Promise.all([
+ checkData(browserFirstParty, {
+ firstParty: "firstParty",
+ thirdParty: "thirdParty",
+ }),
+ checkData(browserThirdParty, { firstParty: "ExceptionListFirstParty" }),
+ ]);
+
+ info("set wildcard (1st-party) pref");
+ Services.prefs.setStringPref(
+ EXCEPTION_LIST_PREF_NAME,
+ `*,${TEST_3RD_PARTY_DOMAIN}`
+ );
+
+ info("check wildcard (1st-party) data");
+ await Promise.all([
+ checkData(browserFirstParty, {
+ firstParty: "firstParty",
+ thirdParty: "ExceptionListFirstParty",
+ }),
+ checkData(browserThirdParty, { firstParty: "ExceptionListFirstParty" }),
+ ]);
+
+ info("set invalid exception list pref");
+ Services.prefs.setStringPref(EXCEPTION_LIST_PREF_NAME, "*,*");
+
+ info("check initial data");
+ await Promise.all([
+ checkData(browserFirstParty, {
+ firstParty: "firstParty",
+ thirdParty: "thirdParty",
+ }),
+ checkData(browserThirdParty, { firstParty: "ExceptionListFirstParty" }),
+ ]);
+
+ info("set wildcard (3rd-party) pref");
+ Services.prefs.setStringPref(EXCEPTION_LIST_PREF_NAME, `${TEST_DOMAIN},*`);
+
+ info("check wildcard (3rd-party) data");
+ await Promise.all([
+ checkData(browserFirstParty, {
+ firstParty: "firstParty",
+ thirdParty: "ExceptionListFirstParty",
+ }),
+ checkData(browserThirdParty, { firstParty: "ExceptionListFirstParty" }),
+ ]);
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tabFirstParty);
+ BrowserTestUtils.removeTab(tabThirdParty);
+
+ await cleanup();
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccessWithHeuristics.js b/toolkit/components/antitracking/test/browser/browser_storageAccessWithHeuristics.js
new file mode 100644
index 0000000000..a1a83f74f3
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccessWithHeuristics.js
@@ -0,0 +1,829 @@
+/* import-globals-from antitracking_head.js */
+
+function waitStoragePermission() {
+ return new Promise(resolve => {
+ let id = setInterval(async _ => {
+ if (
+ await SpecialPowers.testPermission(
+ `3rdPartyStorage^${TEST_3RD_PARTY_DOMAIN.slice(0, -1)}`,
+ SpecialPowers.Services.perms.ALLOW_ACTION,
+ TEST_DOMAIN
+ )
+ ) {
+ clearInterval(id);
+ resolve();
+ }
+ }, 0);
+ });
+}
+
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+});
+
+add_task(async function testWindowOpenHeuristic() {
+ info("Starting window.open() heuristic test...");
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_WO,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ }).toString();
+
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+ }).toString();
+
+ info("Checking if storage access is denied");
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(msg, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
+
+add_task(async function testDoublyNestedWindowOpenHeuristic() {
+ info("Starting doubly nested window.open() heuristic test...");
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_RELAY + "?" + TEST_3RD_PARTY_PAGE_WO,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ }).toString();
+
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+ }).toString();
+
+ info("Checking if storage access is denied");
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(msg, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
+
+add_task(async function testUserInteractionHeuristic() {
+ info("Starting user interaction heuristic test...");
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_UI,
+ popup: TEST_POPUP_PAGE,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ }).toString();
+
+ info("Checking if storage access is denied");
+
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ info(
+ "The 3rd party content should not have access to first party storage."
+ );
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage({ callback: msg.blockingCallback }, "*");
+ });
+
+ info("Opening a window from the iframe.");
+ await SpecialPowers.spawn(ifr, [obj.popup], async popup => {
+ let windowClosed = new content.Promise(resolve => {
+ Services.ww.registerNotification(function notification(
+ aSubject,
+ aTopic,
+ aData
+ ) {
+ // We need to check the document URI for Fission. It's because the
+ // 'domwindowclosed' would be triggered twice, one for the
+ // 'about:blank' page and another for the tracker page.
+ if (
+ aTopic == "domwindowclosed" &&
+ aSubject.document.documentURI ==
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html"
+ ) {
+ Services.ww.unregisterNotification(notification);
+ resolve();
+ }
+ });
+ });
+
+ content.open(popup);
+
+ info("Let's wait for the window to be closed");
+ await windowClosed;
+ });
+
+ info("The 3rd party content should have access to first party storage.");
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage({ callback: msg.blockingCallback }, "*");
+ });
+ }
+ );
+
+ await AntiTracking.interactWithTracker();
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_UI,
+ popup: TEST_POPUP_PAGE,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ await noStorageAccessInitially();
+ }).toString();
+
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+ }).toString();
+
+ info("Checking if storage access is denied");
+
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ info(
+ "The 3rd party content should not have access to first party storage."
+ );
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage({ callback: msg.blockingCallback }, "*");
+ });
+
+ info("Opening a window from the iframe.");
+ await SpecialPowers.spawn(ifr, [obj.popup], async popup => {
+ let windowClosed = new content.Promise(resolve => {
+ Services.ww.registerNotification(function notification(
+ aSubject,
+ aTopic,
+ aData
+ ) {
+ // We need to check the document URI here as well for the same
+ // reason above.
+ if (
+ aTopic == "domwindowclosed" &&
+ aSubject.document.documentURI ==
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html"
+ ) {
+ Services.ww.unregisterNotification(notification);
+ resolve();
+ }
+ });
+ });
+
+ content.open(popup);
+
+ info("Let's wait for the window to be closed");
+ await windowClosed;
+ });
+
+ info("The 3rd party content should have access to first party storage.");
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage(
+ { callback: msg.nonBlockingCallback },
+ "*"
+ );
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function() {
+ info("Wait until the storage permission is ready before cleaning up.");
+ await waitStoragePermission();
+
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
+
+add_task(async function testDoublyNestedUserInteractionHeuristic() {
+ info("Starting doubly nested user interaction heuristic test...");
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_RELAY + "?" + TEST_3RD_PARTY_PAGE_UI,
+ popup: TEST_POPUP_PAGE,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ }).toString();
+
+ msg.openWindowCallback = (async url => {
+ open(url);
+ }).toString();
+
+ info("Checking if storage access is denied");
+
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ info(
+ "The 3rd party content should not have access to first party storage."
+ );
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage({ callback: msg.blockingCallback }, "*");
+ });
+
+ let windowClosed = new content.Promise(resolve => {
+ Services.ww.registerNotification(function notification(
+ aSubject,
+ aTopic,
+ aData
+ ) {
+ if (aTopic == "domwindowclosed") {
+ Services.ww.unregisterNotification(notification);
+ resolve();
+ }
+ });
+ });
+
+ info("Opening a window from the iframe.");
+ ifr.contentWindow.postMessage(
+ { callback: msg.openWindowCallback, arg: obj.popup },
+ "*"
+ );
+
+ info("Let's wait for the window to be closed");
+ await windowClosed;
+
+ info("The 3rd party content should have access to first party storage.");
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage({ callback: msg.blockingCallback }, "*");
+ });
+ }
+ );
+
+ await AntiTracking.interactWithTracker();
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_RELAY + "?" + TEST_3RD_PARTY_PAGE_UI,
+ popup: TEST_POPUP_PAGE,
+ },
+ ],
+ async obj => {
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ await noStorageAccessInitially();
+ }).toString();
+
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+ }).toString();
+
+ msg.openWindowCallback = (async url => {
+ open(url);
+ }).toString();
+
+ info("Checking if storage access is denied");
+
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ info(
+ "The 3rd party content should not have access to first party storage."
+ );
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage({ callback: msg.blockingCallback }, "*");
+ });
+
+ let windowClosed = new content.Promise(resolve => {
+ Services.ww.registerNotification(function notification(
+ aSubject,
+ aTopic,
+ aData
+ ) {
+ if (aTopic == "domwindowclosed") {
+ Services.ww.unregisterNotification(notification);
+ resolve();
+ }
+ });
+ });
+
+ info("Opening a window from the iframe.");
+ ifr.contentWindow.postMessage(
+ { callback: msg.openWindowCallback, arg: obj.popup },
+ "*"
+ );
+
+ info("Let's wait for the window to be closed");
+ await windowClosed;
+
+ info("The 3rd party content should have access to first party storage.");
+ await new content.Promise(resolve => {
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ ifr.contentWindow.postMessage(
+ { callback: msg.nonBlockingCallback },
+ "*"
+ );
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function() {
+ info("Wait until the storage permission is ready before cleaning up.");
+ await waitStoragePermission();
+
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
+
+add_task(async function testFirstPartyWindowOpenHeuristic() {
+ info("Starting first-party window.open() heuristic test...");
+
+ // Interact with the tracker first before testing window.open heuristic
+ await AntiTracking.interactWithTracker();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE,
+ },
+ ],
+ async obj => {
+ info("Tracker shouldn't have storage access initially");
+ let msg = {};
+ msg.blockingCallback = (async _ => {
+ await noStorageAccessInitially();
+ }).toString();
+
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(msg.blockingCallback, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.id = "ifr";
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Calling window.open in a first-party iframe");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_IFRAME_PAGE,
+ popup: TEST_3RD_PARTY_DOMAIN + TEST_PATH + "3rdPartyOpen.html",
+ },
+ ],
+ async obj => {
+ let ifr = content.document.createElement("iframe");
+ let loading = new content.Promise(resolve => {
+ ifr.onload = resolve;
+ });
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ await loading;
+
+ info("Opening a window from the iframe.");
+ await SpecialPowers.spawn(ifr, [obj.popup], async popup => {
+ await new content.Promise(resolve => {
+ content.open(popup);
+ content.addEventListener("message", function msg(event) {
+ if (event.data == "hello!") {
+ resolve();
+ }
+ });
+ });
+ });
+ }
+ );
+
+ await SpecialPowers.spawn(browser, [], async obj => {
+ info("Tracker should have storage access now");
+ let msg = {};
+ msg.nonBlockingCallback = (async _ => {
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await hasStorageAccessInitially();
+ }).toString();
+
+ await new content.Promise(resolve => {
+ let ifr = content.document.getElementById("ifr");
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(msg.nonBlockingCallback, "*");
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+ });
+ });
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_subResources.js b/toolkit/components/antitracking/test/browser/browser_subResources.js
new file mode 100644
index 0000000000..3c044dad3d
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_subResources.js
@@ -0,0 +1,270 @@
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ["privacy.partition.network_state", false],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading tracking scripts and tracking images");
+ await SpecialPowers.spawn(browser, [], async function() {
+ // Let's load the script twice here.
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+
+ // Let's load an image twice here.
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "0", "Cookies received for images");
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "0", "Cookies received for scripts");
+ });
+
+ info("Creating a 3rd party content");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_WO,
+ blockingCallback: (async _ => {}).toString(),
+ nonBlockingCallback: (async _ => {}).toString(),
+ },
+ ],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Loading tracking scripts and tracking images again");
+ await SpecialPowers.spawn(browser, [], async function() {
+ // Let's load the script twice here.
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+
+ // Let's load an image twice here.
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "1", "One cookie received for images.");
+ });
+
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "1", "One cookie received received for scripts.");
+ });
+
+ let expectTrackerBlocked = (item, blocked) => {
+ is(
+ item[0],
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER,
+ "Correct blocking type reported"
+ );
+ is(item[1], blocked, "Correct blocking status reported");
+ ok(item[2] >= 1, "Correct repeat count reported");
+ };
+
+ let expectTrackerFound = item => {
+ is(
+ item[0],
+ Ci.nsIWebProgressListener.STATE_LOADED_LEVEL_1_TRACKING_CONTENT,
+ "Correct blocking type reported"
+ );
+ is(item[1], true, "Correct blocking status reported");
+ ok(item[2] >= 1, "Correct repeat count reported");
+ };
+
+ let expectCookiesLoaded = item => {
+ is(
+ item[0],
+ Ci.nsIWebProgressListener.STATE_COOKIES_LOADED,
+ "Correct blocking type reported"
+ );
+ is(item[1], true, "Correct blocking status reported");
+ ok(item[2] >= 1, "Correct repeat count reported");
+ };
+
+ let expectTrackerCookiesLoaded = item => {
+ is(
+ item[0],
+ Ci.nsIWebProgressListener.STATE_COOKIES_LOADED_TRACKER,
+ "Correct blocking type reported"
+ );
+ is(item[1], true, "Correct blocking status reported");
+ ok(item[2] >= 1, "Correct repeat count reported");
+ };
+
+ let log = JSON.parse(await browser.getContentBlockingLog());
+ for (let trackerOrigin in log) {
+ is(
+ trackerOrigin + "/",
+ TEST_3RD_PARTY_DOMAIN,
+ "Correct tracker origin must be reported"
+ );
+ let originLog = log[trackerOrigin];
+ is(originLog.length, 5, "We should have 4 entries in the compressed log");
+ expectTrackerFound(originLog[0]);
+ expectCookiesLoaded(originLog[1]);
+ expectTrackerCookiesLoaded(originLog[2]);
+ expectTrackerBlocked(originLog[3], true);
+ expectTrackerBlocked(originLog[4], false);
+ }
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js b/toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js
new file mode 100644
index 0000000000..920f81c6aa
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_subResourcesPartitioned.js
@@ -0,0 +1,297 @@
+async function runTests(topPage, limitForeignContexts) {
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, topPage);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Loading scripts and images");
+ await SpecialPowers.spawn(browser, [], async function() {
+ // Let's load the script twice here.
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+
+ // Let's load an image twice here.
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ });
+
+ await fetch(
+ "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ if (limitForeignContexts) {
+ is(text, "0", "No cookie received for images.");
+ } else {
+ is(text, "1", "One cookie received for images.");
+ }
+ });
+
+ await fetch(
+ "https://example.org/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script"
+ )
+ .then(r => r.text())
+ .then(text => {
+ if (limitForeignContexts) {
+ is(text, "0", "No cookie received received for scripts.");
+ } else {
+ is(text, "1", "One cookie received received for scripts.");
+ }
+ });
+
+ info("Creating a 3rd party content");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_PAGE_WO,
+ blockingCallback: (async _ => {}).toString(),
+ nonBlockingCallback: (async _ => {}).toString(),
+ },
+ ],
+ async function(obj) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = function() {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Loading scripts and images again");
+ await SpecialPowers.spawn(browser, [], async function() {
+ // Let's load the script twice here.
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+ {
+ let src = content.document.createElement("script");
+ let p = new content.Promise(resolve => {
+ src.onload = resolve;
+ });
+ content.document.body.appendChild(src);
+ src.src =
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=script";
+ await p;
+ }
+
+ // Let's load an image twice here.
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ {
+ let img = content.document.createElement("img");
+ let p = new content.Promise(resolve => {
+ img.onload = resolve;
+ });
+ content.document.body.appendChild(img);
+ img.src =
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?what=image";
+ await p;
+ }
+ });
+
+ await fetch(
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=image"
+ )
+ .then(r => r.text())
+ .then(text => {
+ if (limitForeignContexts) {
+ is(text, "0", "No cookie received for images.");
+ } else {
+ is(text, "1", "One cookie received for images.");
+ }
+ });
+
+ await fetch(
+ "https://example.com/browser/toolkit/components/antitracking/test/browser/subResources.sjs?result&what=script"
+ )
+ .then(r => r.text())
+ .then(text => {
+ if (limitForeignContexts) {
+ is(text, "0", "No cookie received received for scripts.");
+ } else {
+ is(text, "1", "One cookie received received for scripts.");
+ }
+ });
+
+ let expectTrackerBlocked = (item, blocked) => {
+ is(
+ item[0],
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER,
+ "Correct blocking type reported"
+ );
+ is(item[1], blocked, "Correct blocking status reported");
+ ok(item[2] >= 1, "Correct repeat count reported");
+ };
+
+ let expectCookiesLoaded = item => {
+ is(
+ item[0],
+ Ci.nsIWebProgressListener.STATE_COOKIES_LOADED,
+ "Correct blocking type reported"
+ );
+ is(item[1], true, "Correct blocking status reported");
+ ok(item[2] >= 1, "Correct repeat count reported");
+ };
+
+ let expectCookiesBlockedForeign = item => {
+ is(
+ item[0],
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN,
+ "Correct blocking type reported"
+ );
+ is(item[1], true, "Correct blocking status reported");
+ ok(item[2] >= 1, "Correct repeat count reported");
+ };
+
+ let log = JSON.parse(await browser.getContentBlockingLog());
+ for (let trackerOrigin in log) {
+ let originLog = log[trackerOrigin];
+ info(trackerOrigin);
+ switch (trackerOrigin) {
+ case "https://example.org":
+ case "https://example.com":
+ let numEntries = 1;
+ if (limitForeignContexts) {
+ ++numEntries;
+ }
+ is(
+ originLog.length,
+ numEntries,
+ `We should have ${numEntries} entries in the compressed log`
+ );
+ expectCookiesLoaded(originLog[0]);
+ if (limitForeignContexts) {
+ expectCookiesBlockedForeign(originLog[1]);
+ }
+ break;
+ case "https://tracking.example.org":
+ is(
+ originLog.length,
+ 1,
+ "We should have 1 entries in the compressed log"
+ );
+ expectTrackerBlocked(originLog[0], false);
+ break;
+ }
+ }
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+}
+
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ],
+ });
+
+ for (let limitForeignContexts of [false, true]) {
+ SpecialPowers.setBoolPref(
+ "privacy.dynamic_firstparty.limitForeign",
+ limitForeignContexts
+ );
+ for (let page of [TEST_TOP_PAGE, TEST_TOP_PAGE_2, TEST_TOP_PAGE_3]) {
+ await runTests(page, limitForeignContexts);
+ }
+ }
+
+ SpecialPowers.clearUserPref("privacy.dynamic_firstparty.limitForeign");
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_thirdPartyStorageRejectionForCORS.js b/toolkit/components/antitracking/test/browser/browser_thirdPartyStorageRejectionForCORS.js
new file mode 100644
index 0000000000..8289c1edaa
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_thirdPartyStorageRejectionForCORS.js
@@ -0,0 +1,98 @@
+// This test works by setting up an exception for the tracker domain, which
+// disables all the anti-tracking tests.
+
+/* import-globals-from antitracking_head.js */
+
+add_task(async _ => {
+ PermissionTestUtils.add(
+ "http://example.net",
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+
+ registerCleanupFunction(_ => {
+ Services.perms.removeAll();
+ });
+});
+
+AntiTracking._createTask({
+ name: "Test that we don't store 3P cookies from non-anonymous CORS XHR",
+ cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
+ blockingByContentBlockingRTUI: false,
+ allowList: false,
+ thirdPartyPage: TEST_DOMAIN + TEST_PATH + "3rdParty.html",
+ callback: async _ => {
+ await new Promise(resolve => {
+ const xhr = new XMLHttpRequest();
+ xhr.open(
+ "GET",
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/cookiesCORS.sjs?some;max-age=999999",
+ true
+ );
+ xhr.withCredentials = true;
+ xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
+ xhr.onreadystatechange = _ => {
+ if (4 === xhr.readyState && 200 === xhr.status) {
+ resolve();
+ }
+ };
+ xhr.send();
+ });
+ },
+ extraPrefs: [["network.cookie.rejectForeignWithExceptions.enabled", true]],
+ expectedBlockingNotifications:
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+});
+
+add_task(async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
+
+AntiTracking._createTask({
+ name: "Test that we don't store 3P cookies from non-anonymous CORS XHR",
+ cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
+ blockingByContentBlockingRTUI: false,
+ allowList: false,
+ thirdPartyPage: TEST_DOMAIN + TEST_PATH + "3rdParty.html",
+ callback: async _ => {
+ await new Promise(resolve => {
+ const xhr = new XMLHttpRequest();
+ xhr.open(
+ "GET",
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/cookiesCORS.sjs?some;max-age=999999",
+ true
+ );
+ xhr.withCredentials = true;
+ xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
+ xhr.onreadystatechange = _ => {
+ if (4 === xhr.readyState && 200 === xhr.status) {
+ resolve();
+ }
+ };
+ xhr.send();
+ });
+ },
+ extraPrefs: [["network.cookie.rejectForeignWithExceptions.enabled", false]],
+ expectedBlockingNotifications:
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+});
+
+add_task(async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_urlDecorationStripping.js b/toolkit/components/antitracking/test/browser/browser_urlDecorationStripping.js
new file mode 100644
index 0000000000..8434324be3
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_urlDecorationStripping.js
@@ -0,0 +1,245 @@
+// This test ensures that the URL decoration annotations service works as
+// expected, and also we successfully downgrade document.referrer to the
+// eTLD+1 URL when tracking identifiers controlled by this service are
+// present in the referrer URI.
+
+/* import-globals-from antitracking_head.js */
+
+"use strict";
+
+const { RemoteSettings } = ChromeUtils.import(
+ "resource://services-settings/remote-settings.js"
+);
+const { Preferences } = ChromeUtils.import(
+ "resource://gre/modules/Preferences.jsm"
+);
+const { XPCOMUtils } = ChromeUtils.import(
+ "resource://gre/modules/XPCOMUtils.jsm"
+);
+
+const COLLECTION_NAME = "anti-tracking-url-decoration";
+const PREF_NAME = "privacy.restrict3rdpartystorage.url_decorations";
+const TOKEN_1 = "fooBar";
+const TOKEN_2 = "foobaz";
+const TOKEN_3 = "fooqux";
+const TOKEN_4 = "bazqux";
+
+const token_1 = TOKEN_1.toLowerCase();
+
+const DOMAIN = TEST_DOMAIN_3;
+const SUB_DOMAIN = "https://sub1.xn--hxajbheg2az3al.xn--jxalpdlp/";
+const TOP_PAGE_WITHOUT_TRACKING_IDENTIFIER =
+ SUB_DOMAIN + TEST_PATH + "page.html";
+const TOP_PAGE_WITH_TRACKING_IDENTIFIER =
+ TOP_PAGE_WITHOUT_TRACKING_IDENTIFIER + "?" + TOKEN_1 + "=123";
+
+add_task(async _ => {
+ let uds = Cc["@mozilla.org/tracking-url-decoration-service;1"].getService(
+ Ci.nsIURLDecorationAnnotationsService
+ );
+
+ let records = [
+ {
+ id: "1",
+ last_modified: 100000000000000000001,
+ schema: Date.now(),
+ token: TOKEN_1,
+ },
+ ];
+
+ // Add some initial data
+ async function emitSync() {
+ await RemoteSettings(COLLECTION_NAME).emit("sync", {
+ data: { current: records },
+ });
+ }
+ let db = await RemoteSettings(COLLECTION_NAME).db;
+ await db.importChanges({}, 42, [records[0]]);
+ await emitSync();
+
+ await uds.ensureUpdated();
+
+ let list = Preferences.get(PREF_NAME).split(" ");
+ ok(list.includes(TOKEN_1), "Token must now be available in " + PREF_NAME);
+ ok(Preferences.locked(PREF_NAME), PREF_NAME + " must be locked");
+
+ async function verifyList(array, not_array) {
+ await emitSync();
+
+ await uds.ensureUpdated();
+
+ list = Preferences.get(PREF_NAME).split(" ");
+ for (let token of array) {
+ ok(
+ list.includes(token),
+ token + " must now be available in " + PREF_NAME
+ );
+ }
+ for (let token of not_array) {
+ ok(
+ !list.includes(token),
+ token + " must not be available in " + PREF_NAME
+ );
+ }
+ ok(Preferences.locked(PREF_NAME), PREF_NAME + " must be locked");
+ }
+
+ records.push(
+ {
+ id: "2",
+ last_modified: 100000000000000000002,
+ schema: Date.now(),
+ token: TOKEN_2,
+ },
+ {
+ id: "3",
+ last_modified: 100000000000000000003,
+ schema: Date.now(),
+ token: TOKEN_3,
+ },
+ {
+ id: "4",
+ last_modified: 100000000000000000004,
+ schema: Date.now(),
+ token: TOKEN_4,
+ }
+ );
+
+ await verifyList([TOKEN_1, TOKEN_2, TOKEN_3, TOKEN_4], []);
+
+ records.pop();
+
+ await verifyList([TOKEN_1, TOKEN_2, TOKEN_3], [TOKEN_4]);
+
+ is(
+ Services.eTLD.getBaseDomain(Services.io.newURI(DOMAIN)),
+ Services.eTLD.getBaseDomain(Services.io.newURI(SUB_DOMAIN)),
+ "Sanity check"
+ );
+
+ registerCleanupFunction(async _ => {
+ records = [];
+ await db.clear();
+ await emitSync();
+ });
+});
+
+AntiTracking._createTask({
+ name:
+ "Test that we do not downgrade document.referrer when it does not contain a tracking identifier",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ blockingByContentBlockingRTUI: true,
+ allowList: false,
+ callback: async _ => {
+ let ref = new URL(document.referrer);
+ is(
+ ref.hostname,
+ "sub1.xn--hxajbheg2az3al.xn--jxalpdlp",
+ "Hostname shouldn't be stripped"
+ );
+ ok(ref.pathname.length > 1, "Path must not be trimmed");
+ // eslint-disable-next-line no-unused-vars
+ for (let entry of ref.searchParams.entries()) {
+ ok(false, "No query parameters should be found");
+ }
+ },
+ extraPrefs: [["network.http.referer.defaultPolicy.trackers", 3]],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ topPage: TOP_PAGE_WITHOUT_TRACKING_IDENTIFIER,
+});
+
+AntiTracking._createTask({
+ name:
+ "Test that we do not downgrade document.referrer when it does not contain a tracking identifier even though it gets downgraded to origin only due to the default referrer policy",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ blockingByContentBlockingRTUI: true,
+ allowList: false,
+ callback: async _ => {
+ let ref = new URL(document.referrer);
+ is(
+ ref.hostname,
+ "sub1.xn--hxajbheg2az3al.xn--jxalpdlp",
+ "Hostname shouldn't be stripped"
+ );
+ is(ref.pathname.length, 1, "Path must be trimmed");
+ // eslint-disable-next-line no-unused-vars
+ for (let entry of ref.searchParams.entries()) {
+ ok(false, "No query parameters should be found");
+ }
+ },
+ extraPrefs: [["network.http.referer.defaultPolicy.trackers", 2]],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ topPage: TOP_PAGE_WITHOUT_TRACKING_IDENTIFIER,
+});
+
+AntiTracking._createTask({
+ name:
+ "Test that we downgrade document.referrer when it contains a tracking identifier",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ blockingByContentBlockingRTUI: true,
+ allowList: false,
+ callback: async _ => {
+ let ref = new URL(document.referrer);
+ is(
+ ref.hostname,
+ "xn--hxajbheg2az3al.xn--jxalpdlp",
+ "Hostname should be stripped"
+ );
+ is(ref.pathname.length, 1, "Path must be trimmed");
+ // eslint-disable-next-line no-unused-vars
+ for (let entry of ref.searchParams.entries()) {
+ ok(false, "No query parameters should be found");
+ }
+ },
+ extraPrefs: [["network.http.referer.defaultPolicy.trackers", 3]],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ topPage: TOP_PAGE_WITH_TRACKING_IDENTIFIER,
+});
+
+AntiTracking._createTask({
+ name:
+ "Test that we don't downgrade document.referrer when it contains a tracking identifier if it gets downgraded to origin only due to the default referrer policy because the tracking identifier wouldn't be present in the referrer any more",
+ cookieBehavior: BEHAVIOR_REJECT_TRACKER,
+ blockingByContentBlockingRTUI: true,
+ allowList: false,
+ callback: async _ => {
+ let ref = new URL(document.referrer);
+ is(
+ ref.hostname,
+ "sub1.xn--hxajbheg2az3al.xn--jxalpdlp",
+ "Hostname shouldn't be stripped"
+ );
+ is(ref.pathname.length, 1, "Path must be trimmed");
+ // eslint-disable-next-line no-unused-vars
+ for (let entry of ref.searchParams.entries()) {
+ ok(false, "No query parameters should be found");
+ }
+ },
+ extraPrefs: [["network.http.referer.defaultPolicy.trackers", 2]],
+ expectedBlockingNotifications: 0,
+ runInPrivateWindow: false,
+ iframeSandbox: null,
+ accessRemoval: null,
+ callbackAfterRemoval: null,
+ topPage: TOP_PAGE_WITH_TRACKING_IDENTIFIER,
+});
+
+add_task(async _ => {
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_userInteraction.js b/toolkit/components/antitracking/test/browser/browser_userInteraction.js
new file mode 100644
index 0000000000..99b801f14c
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_userInteraction.js
@@ -0,0 +1,120 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/* eslint-disable mozilla/no-arbitrary-setTimeout */
+
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["privacy.userInteraction.document.interval", 1],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ let uri = Services.io.newURI(TEST_DOMAIN);
+ is(
+ PermissionTestUtils.testPermission(uri, "storageAccessAPI"),
+ Services.perms.UNKNOWN_ACTION,
+ "Before user-interaction we don't have a permission"
+ );
+
+ let promise = TestUtils.topicObserved("perm-changed", (aSubject, aData) => {
+ let permission = aSubject.QueryInterface(Ci.nsIPermission);
+ return (
+ permission.type == "storageAccessAPI" &&
+ permission.principal.equalsURI(uri)
+ );
+ });
+
+ info("Simulating user-interaction.");
+ await SpecialPowers.spawn(browser, [], async function() {
+ content.document.userInteractionForTesting();
+ });
+
+ info("Waiting to have a permissions set.");
+ await promise;
+
+ // Let's see if the document is able to update the permission correctly.
+ for (var i = 0; i < 3; ++i) {
+ // Another perm-changed event should be triggered by the timer.
+ promise = TestUtils.topicObserved("perm-changed", (aSubject, aData) => {
+ let permission = aSubject.QueryInterface(Ci.nsIPermission);
+ return (
+ permission.type == "storageAccessAPI" &&
+ permission.principal.equalsURI(uri)
+ );
+ });
+
+ info("Simulating another user-interaction.");
+ await SpecialPowers.spawn(browser, [], async function() {
+ content.document.userInteractionForTesting();
+ });
+
+ info("Waiting to have a permissions set.");
+ await promise;
+ }
+
+ // Let's disable the document.interval.
+ await SpecialPowers.pushPrefEnv({
+ set: [["privacy.userInteraction.document.interval", 0]],
+ });
+
+ promise = new Promise(resolve => {
+ let id;
+
+ function observer(subject, topic, data) {
+ ok(false, "Notification received!");
+ Services.obs.removeObserver(observer, "perm-changed");
+ clearTimeout(id);
+ resolve();
+ }
+
+ Services.obs.addObserver(observer, "perm-changed");
+
+ id = setTimeout(() => {
+ ok(true, "No notification received!");
+ Services.obs.removeObserver(observer, "perm-changed");
+ resolve();
+ }, 2000);
+ });
+
+ info("Simulating another user-interaction.");
+ await SpecialPowers.spawn(browser, [], async function() {
+ content.document.userInteractionForTesting();
+ });
+
+ info("Waiting to have a permissions set.");
+ await promise;
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/browser_workerPropagation.js b/toolkit/components/antitracking/test/browser/browser_workerPropagation.js
new file mode 100644
index 0000000000..13e102a631
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_workerPropagation.js
@@ -0,0 +1,83 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/* eslint-disable mozilla/no-arbitrary-setTimeout */
+
+add_task(async function() {
+ info("Starting subResources test");
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.auto_grants", true],
+ ["dom.storage_access.auto_grants.delayed", false],
+ ["dom.storage_access.enabled", true],
+ ["dom.storage_access.prompt.testing", false],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.com,tracking.example.org",
+ ],
+ ],
+ });
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+ gBrowser.selectedTab = tab;
+
+ let browser = gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ // Let's create an iframe and run the test there.
+ let page = TEST_3RD_PARTY_DOMAIN + TEST_PATH + "workerIframe.html";
+ await SpecialPowers.spawn(browser, [page], async function(page) {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.id = "test";
+
+ content.addEventListener("message", e => {
+ if (e.data.type == "finish") {
+ resolve();
+ return;
+ }
+
+ if (e.data.type == "info") {
+ info(e.data.msg);
+ return;
+ }
+
+ if (e.data.type == "ok") {
+ ok(e.data.what, e.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = page;
+ });
+ });
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+ info("Cleaning up.");
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/clearSiteData.sjs b/toolkit/components/antitracking/test/browser/clearSiteData.sjs
new file mode 100644
index 0000000000..374f03a474
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/clearSiteData.sjs
@@ -0,0 +1,6 @@
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+ aResponse.setHeader("Clear-Site-Data", '"*"');
+ aResponse.setHeader("Content-Type", "text/plain");
+ aResponse.write("Clear-Site-Data");
+}
diff --git a/toolkit/components/antitracking/test/browser/container.html b/toolkit/components/antitracking/test/browser/container.html
new file mode 100644
index 0000000000..24daa80113
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/container.html
@@ -0,0 +1,6 @@
+<!DOCTYPE html>
+<html>
+<body>
+<iframe src="embedder.html"></iframe>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/container2.html b/toolkit/components/antitracking/test/browser/container2.html
new file mode 100644
index 0000000000..c2591ad7fc
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/container2.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html>
+<body>
+<script>
+ onmessage = function(e) {
+ parent.postMessage(e.data, "*");
+ };
+</script>
+<iframe src="embedder2.html"></iframe>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/cookies.sjs b/toolkit/components/antitracking/test/browser/cookies.sjs
new file mode 100644
index 0000000000..1267a69d8c
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/cookies.sjs
@@ -0,0 +1,12 @@
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+ let cookie = "";
+ if (aRequest.hasHeader("Cookie")) {
+ cookie = aRequest.getHeader("Cookie");
+ }
+ aResponse.write("cookie:" + cookie);
+
+ if (aRequest.queryString) {
+ aResponse.setHeader("Set-Cookie", "foopy=" + aRequest.queryString);
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/cookiesCORS.sjs b/toolkit/components/antitracking/test/browser/cookiesCORS.sjs
new file mode 100644
index 0000000000..2cfdca2700
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/cookiesCORS.sjs
@@ -0,0 +1,9 @@
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+ aResponse.setHeader("Access-Control-Allow-Origin", "http://example.net");
+ aResponse.setHeader("Access-Control-Allow-Credentials", "true");
+
+ if (aRequest.queryString) {
+ aResponse.setHeader("Set-Cookie", "foopy=" + aRequest.queryString);
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/dynamicfpi_head.js b/toolkit/components/antitracking/test/browser/dynamicfpi_head.js
new file mode 100644
index 0000000000..a3fc1618c1
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/dynamicfpi_head.js
@@ -0,0 +1,150 @@
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* import-globals-from head.js */
+
+"use strict";
+
+this.DynamicFPIHelper = {
+ runTest(name, callback, cleanupFunction, extraPrefs, runInPrivateWindow) {
+ add_task(async _ => {
+ info(
+ "Starting test `" +
+ name +
+ "' with dynamic FPI running in a " +
+ (runInPrivateWindow ? "private" : "normal") +
+ " window..."
+ );
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ["privacy.storagePrincipal.enabledForTrackers", false],
+ ["privacy.dynamic_firstparty.use_site", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "not-tracking.example.com",
+ ],
+ ],
+ });
+
+ if (extraPrefs && Array.isArray(extraPrefs) && extraPrefs.length) {
+ await SpecialPowers.pushPrefEnv({ set: extraPrefs });
+ }
+
+ let win = window;
+ if (runInPrivateWindow) {
+ win = OpenBrowserWindow({ private: true });
+ await TestUtils.topicObserved("browser-delayed-startup-finished");
+ }
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(win.gBrowser, TEST_TOP_PAGE);
+ win.gBrowser.selectedTab = tab;
+
+ let browser = win.gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Check the cookieJarSettings of the browser object");
+ ok(
+ browser.cookieJarSettings,
+ "The browser object has the cookieJarSettings."
+ );
+ is(
+ browser.cookieJarSettings.cookieBehavior,
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ "The cookieJarSettings has the correct cookieBehavior"
+ );
+ is(
+ browser.cookieJarSettings.partitionKey,
+ "(http,example.net)",
+ "The cookieJarSettings has the correct partitionKey"
+ );
+
+ info("Creating a 3rd party content");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_4TH_PARTY_STORAGE_PAGE,
+ callback: callback.toString(),
+ },
+ ],
+ async obj => {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = async _ => {
+ await SpecialPowers.spawn(ifr, [], async _ => {
+ is(
+ content.document.nodePrincipal.originAttributes.partitionKey,
+ "",
+ "We don't have first-party set on nodePrincipal"
+ );
+ is(
+ content.document.effectiveStoragePrincipal.originAttributes
+ .partitionKey,
+ "(http,example.net)",
+ "We have first-party set on storagePrincipal"
+ );
+ });
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj.callback, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ if (runInPrivateWindow) {
+ win.close();
+ }
+ });
+
+ add_task(async _ => {
+ info("Cleaning up.");
+ if (cleanupFunction) {
+ await cleanupFunction();
+ }
+
+ // While running these tests we typically do not have enough idle time to do
+ // GC reliably, so force it here.
+ /* import-globals-from antitracking_head.js */
+ forceGC();
+ });
+ },
+};
diff --git a/toolkit/components/antitracking/test/browser/embedder.html b/toolkit/components/antitracking/test/browser/embedder.html
new file mode 100644
index 0000000000..1a517079e0
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/embedder.html
@@ -0,0 +1,4 @@
+<!DOCTYPE html>
+<script src="https://tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js"></script>
+<script src="https://tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js?redirect"></script>
+<script src="https://tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js?redirect2"></script>
diff --git a/toolkit/components/antitracking/test/browser/embedder2.html b/toolkit/components/antitracking/test/browser/embedder2.html
new file mode 100644
index 0000000000..b1441894a4
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/embedder2.html
@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="https://tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js"></script>
+<script src="https://tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js?redirect"></script>
+<script src="https://tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js?redirect2"></script>
+</head>
+<body onload="parent.postMessage({data:document.querySelectorAll('script').length}, '*');"></body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/empty-altsvc.js b/toolkit/components/antitracking/test/browser/empty-altsvc.js
new file mode 100644
index 0000000000..3053583c76
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/empty-altsvc.js
@@ -0,0 +1 @@
+/* nothing here */
diff --git a/toolkit/components/antitracking/test/browser/empty-altsvc.js^headers^ b/toolkit/components/antitracking/test/browser/empty-altsvc.js^headers^
new file mode 100644
index 0000000000..70592d2f93
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/empty-altsvc.js^headers^
@@ -0,0 +1 @@
+Alt-Svc: h2=":12345"; ma=60
diff --git a/toolkit/components/antitracking/test/browser/empty.html b/toolkit/components/antitracking/test/browser/empty.html
new file mode 100644
index 0000000000..e20d67db57
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/empty.html
@@ -0,0 +1 @@
+<h1>Empty</h1>
diff --git a/toolkit/components/antitracking/test/browser/empty.js b/toolkit/components/antitracking/test/browser/empty.js
new file mode 100644
index 0000000000..3053583c76
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/empty.js
@@ -0,0 +1 @@
+/* nothing here */
diff --git a/toolkit/components/antitracking/test/browser/file_localStorage.html b/toolkit/components/antitracking/test/browser/file_localStorage.html
new file mode 100644
index 0000000000..54bad94bc9
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/file_localStorage.html
@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>Bug 1663192 - Accessing localStorage in a file urls</title>
+</head>
+<script>
+ window.addEventListener("DOMContentLoaded", () => {
+ let result = document.getElementById("result");
+
+ try {
+ window.localStorage.setItem("foo", "bar");
+ result.textContent = "PASS";
+ } catch (e) {
+ result.textContent = "FAIL";
+ }
+ }, { once: true });
+</script>
+<body>
+<a id="result"></a>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/file_saveAsImage.sjs b/toolkit/components/antitracking/test/browser/file_saveAsImage.sjs
new file mode 100644
index 0000000000..ffa608411a
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/file_saveAsImage.sjs
@@ -0,0 +1,19 @@
+// small red image
+const IMAGE = atob(
+ "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" +
+ "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==");
+
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+
+ if (aRequest.queryString.includes("result")) {
+ aResponse.write(getState("hints") || 0);
+ setState("hints", "0");
+ } else {
+ let hints = parseInt(getState("hints") || 0) + 1;
+ setState("hints", hints.toString());
+
+ aResponse.setHeader("Content-Type", "image/png", false);
+ aResponse.write(IMAGE);
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/file_saveAsPageInfo.html b/toolkit/components/antitracking/test/browser/file_saveAsPageInfo.html
new file mode 100644
index 0000000000..aa3de2a555
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/file_saveAsPageInfo.html
@@ -0,0 +1,6 @@
+<html>
+<body>
+ <img src="http://example.net/browser/toolkit/components/antitracking/test/browser/raptor.jpg" id="image1">
+ <video src="http://example.net/browser/toolkit/components/antitracking/test/browser/file_video.ogv" id="video1"> </video>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/file_saveAsVideo.sjs b/toolkit/components/antitracking/test/browser/file_saveAsVideo.sjs
new file mode 100644
index 0000000000..8c0696f966
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/file_saveAsVideo.sjs
@@ -0,0 +1,36 @@
+const VIDEO = atob(
+ "GkXfo49CgoR3ZWJtQoeBAkKFgQIYU4BnI0nOEU2bdKpNu" +
+ "4tTq4QVSalmU6yBL027i1OrhBZUrmtTrIGmTbuLU6uEHF" +
+ "O7a1OsgdEVSalm8k2ApWxpYmVibWwyIHYwLjkuNyArIGx" +
+ "pYm1hdHJvc2thMiB2MC45LjhXQZ5ta2NsZWFuIDAuMi41" +
+ "IGZyb20gTGF2ZjUyLjU3LjFzpJC/CoyJjSbckmOytS9Se" +
+ "y3cRImIQK9AAAAAAABEYYgEHiZDUAHwABZUrmumrqTXgQ" +
+ "FzxYEBnIEAIrWcg3VuZIaFVl9WUDiDgQHgh7CCAUC6gfA" +
+ "cU7trzbuMs4EAt4f3gQHxggEju42zggMgt4f3gQHxgrZd" +
+ "u46zggZAt4j3gQHxgwFba7uOs4IJYLeI94EB8YMCAR+7j" +
+ "rOCDIC3iPeBAfGDAqggH0O2dSBibueBAKNbiYEAAIDQdw" +
+ "CdASpAAfAAAAcIhYWIhYSIAIIb347n/c/Z0BPBfjv7f+I" +
+ "/6df275Wbh/XPuZ+qv9k58KrftA9tvkP+efiN/ovmd/if" +
+ "9L/ef2z+Xv+H/rv+39xD/N/zL+nfid71363e9X+pf6/+q" +
+ "+x7+W/0P/H/233Zf6n/Wv696APuDf0b+YdcL+2HsUfxr+" +
+ "gfP/91P+F/yH9K+H79Z/7j/Xvhj/VjVsvwHXt/n/qz9U/" +
+ "w749+c/g=");
+
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+
+ if (aRequest.queryString.includes("result")) {
+ aResponse.write(getState("hints") || 0);
+ setState("hints", "0");
+ } else {
+ let hints = parseInt(getState("hints") || 0) + 1;
+ setState("hints", hints.toString());
+
+ aResponse.setHeader("Content-Type", "video/webm", false);
+ aResponse.setHeader(
+ "Cache-Control",
+ "public, max-age=604800, immutable",
+ false);
+ aResponse.write(VIDEO);
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/file_video.ogv b/toolkit/components/antitracking/test/browser/file_video.ogv
new file mode 100644
index 0000000000..68dee3cf2b
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/file_video.ogv
Binary files differ
diff --git a/toolkit/components/antitracking/test/browser/head.js b/toolkit/components/antitracking/test/browser/head.js
new file mode 100644
index 0000000000..ffa0bb48a7
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/head.js
@@ -0,0 +1,99 @@
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+const TEST_DOMAIN = "http://example.net/";
+const TEST_DOMAIN_2 = "http://xn--exmple-cua.test/";
+const TEST_DOMAIN_3 = "https://xn--hxajbheg2az3al.xn--jxalpdlp/";
+const TEST_DOMAIN_4 = "http://prefixexample.com/";
+const TEST_DOMAIN_5 = "http://test/";
+const TEST_DOMAIN_6 = "http://mochi.test:8888/";
+const TEST_3RD_PARTY_DOMAIN = "https://tracking.example.org/";
+const TEST_3RD_PARTY_DOMAIN_HTTP = "http://tracking.example.org/";
+const TEST_3RD_PARTY_DOMAIN_TP = "https://tracking.example.com/";
+const TEST_3RD_PARTY_DOMAIN_STP = "https://social-tracking.example.org/";
+const TEST_4TH_PARTY_DOMAIN = "http://not-tracking.example.com/";
+const TEST_ANOTHER_3RD_PARTY_DOMAIN_HTTP =
+ "http://another-tracking.example.net/";
+const TEST_ANOTHER_3RD_PARTY_DOMAIN_HTTPS =
+ "https://another-tracking.example.net/";
+const TEST_ANOTHER_3RD_PARTY_DOMAIN = SpecialPowers.useRemoteSubframes
+ ? TEST_ANOTHER_3RD_PARTY_DOMAIN_HTTP
+ : TEST_ANOTHER_3RD_PARTY_DOMAIN_HTTPS;
+
+const TEST_PATH = "browser/toolkit/components/antitracking/test/browser/";
+
+const TEST_TOP_PAGE = TEST_DOMAIN + TEST_PATH + "page.html";
+const TEST_TOP_PAGE_2 = TEST_DOMAIN_2 + TEST_PATH + "page.html";
+const TEST_TOP_PAGE_3 = TEST_DOMAIN_3 + TEST_PATH + "page.html";
+const TEST_TOP_PAGE_4 = TEST_DOMAIN_4 + TEST_PATH + "page.html";
+const TEST_TOP_PAGE_5 = TEST_DOMAIN_5 + TEST_PATH + "page.html";
+const TEST_TOP_PAGE_6 = TEST_DOMAIN_6 + TEST_PATH + "page.html";
+const TEST_EMBEDDER_PAGE = TEST_DOMAIN + TEST_PATH + "embedder.html";
+const TEST_POPUP_PAGE = TEST_DOMAIN + TEST_PATH + "popup.html";
+const TEST_IFRAME_PAGE = TEST_DOMAIN + TEST_PATH + "iframe.html";
+const TEST_3RD_PARTY_PAGE = TEST_3RD_PARTY_DOMAIN + TEST_PATH + "3rdParty.html";
+const TEST_3RD_PARTY_PAGE_HTTP =
+ TEST_3RD_PARTY_DOMAIN_HTTP + TEST_PATH + "3rdParty.html";
+const TEST_3RD_PARTY_PAGE_WO =
+ TEST_3RD_PARTY_DOMAIN + TEST_PATH + "3rdPartyWO.html";
+const TEST_3RD_PARTY_PAGE_UI =
+ TEST_3RD_PARTY_DOMAIN + TEST_PATH + "3rdPartyUI.html";
+const TEST_3RD_PARTY_PAGE_WITH_SVG =
+ TEST_3RD_PARTY_DOMAIN + TEST_PATH + "3rdPartySVG.html";
+const TEST_3RD_PARTY_PAGE_RELAY =
+ TEST_4TH_PARTY_DOMAIN + TEST_PATH + "3rdPartyRelay.html";
+const TEST_4TH_PARTY_PAGE = TEST_4TH_PARTY_DOMAIN + TEST_PATH + "3rdParty.html";
+const TEST_ANOTHER_3RD_PARTY_PAGE =
+ TEST_ANOTHER_3RD_PARTY_DOMAIN + TEST_PATH + "3rdParty.html";
+const TEST_ANOTHER_3RD_PARTY_PAGE_HTTPS =
+ TEST_ANOTHER_3RD_PARTY_DOMAIN_HTTPS + TEST_PATH + "3rdParty.html";
+const TEST_3RD_PARTY_STORAGE_PAGE =
+ TEST_3RD_PARTY_DOMAIN_HTTP + TEST_PATH + "3rdPartyStorage.html";
+const TEST_3RD_PARTY_PAGE_WORKER =
+ TEST_3RD_PARTY_DOMAIN + TEST_PATH + "3rdPartyWorker.html";
+const TEST_3RD_PARTY_PARTITIONED_PAGE =
+ TEST_3RD_PARTY_DOMAIN + TEST_PATH + "3rdPartyPartitioned.html";
+const TEST_4TH_PARTY_STORAGE_PAGE =
+ TEST_4TH_PARTY_DOMAIN + TEST_PATH + "3rdPartyStorage.html";
+const TEST_4TH_PARTY_PARTITIONED_PAGE =
+ TEST_4TH_PARTY_DOMAIN + TEST_PATH + "3rdPartyPartitioned.html";
+
+const BEHAVIOR_ACCEPT = Ci.nsICookieService.BEHAVIOR_ACCEPT;
+const BEHAVIOR_REJECT = Ci.nsICookieService.BEHAVIOR_REJECT;
+const BEHAVIOR_LIMIT_FOREIGN = Ci.nsICookieService.BEHAVIOR_LIMIT_FOREIGN;
+const BEHAVIOR_REJECT_FOREIGN = Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN;
+const BEHAVIOR_REJECT_TRACKER = Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER;
+const BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN =
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN;
+
+let originalRequestLongerTimeout = requestLongerTimeout;
+// eslint-disable-next-line no-global-assign
+requestLongerTimeout = function AntiTrackingRequestLongerTimeout(factor) {
+ let ccovMultiplier = AppConstants.MOZ_CODE_COVERAGE ? 2 : 1;
+ let fissionMultiplier = SpecialPowers.useRemoteSubframes ? 2 : 1;
+ originalRequestLongerTimeout(ccovMultiplier * fissionMultiplier * factor);
+};
+
+requestLongerTimeout(3);
+
+const { UrlClassifierTestUtils } = ChromeUtils.import(
+ "resource://testing-common/UrlClassifierTestUtils.jsm"
+);
+
+const { PermissionTestUtils } = ChromeUtils.import(
+ "resource://testing-common/PermissionTestUtils.jsm"
+);
+
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/toolkit/components/antitracking/test/browser/antitracking_head.js",
+ this
+);
+
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/toolkit/components/antitracking/test/browser/partitionedstorage_head.js",
+ this
+);
diff --git a/toolkit/components/antitracking/test/browser/iframe.html b/toolkit/components/antitracking/test/browser/iframe.html
new file mode 100644
index 0000000000..85d37ed7fa
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/iframe.html
@@ -0,0 +1,8 @@
+<html>
+<head>
+ <title>Just a first-level iframe</title>
+</head>
+<body>
+ <h1>This is the first-level iframe</h1>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/image.sjs b/toolkit/components/antitracking/test/browser/image.sjs
new file mode 100644
index 0000000000..ad00264bfa
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/image.sjs
@@ -0,0 +1,20 @@
+// A 1x1 PNG image.
+// Source: https://commons.wikimedia.org/wiki/File:1x1.png (Public Domain)
+const IMAGE = atob("iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAAA1BMVEUAA" +
+ "ACnej3aAAAAAXRSTlMAQObYZgAAAApJREFUCNdjYAAAAAIAAeIhvDMAAAAASUVORK5CYII=");
+
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+
+ if (aRequest.queryString.includes("result")) {
+ aResponse.write(getState("hints") || 0);
+ setState("hints", "0");
+ } else {
+ let hints = parseInt(getState("hints") || 0) + 1;
+ setState("hints", hints.toString());
+
+ aResponse.setHeader("Set-Cookie", "foopy=1");
+ aResponse.setHeader("Content-Type", "image/png", false);
+ aResponse.write(IMAGE);
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/imageCacheWorker.js b/toolkit/components/antitracking/test/browser/imageCacheWorker.js
new file mode 100644
index 0000000000..d11221112c
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/imageCacheWorker.js
@@ -0,0 +1,78 @@
+/* import-globals-from head.js */
+/* import-globals-from antitracking_head.js */
+/* import-globals-from browser_imageCache4.js */
+
+AntiTracking.runTest(
+ "Image cache - should load the image three times.",
+ // blocking callback
+ async _ => {
+ // Let's load the image twice here.
+ let img = document.createElement("img");
+ document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/image.sjs";
+ await new Promise(resolve => {
+ img.onload = resolve;
+ });
+ ok(true, "Image 1 loaded");
+
+ img = document.createElement("img");
+ document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/image.sjs";
+ await new Promise(resolve => {
+ img.onload = resolve;
+ });
+ ok(true, "Image 2 loaded");
+ },
+
+ // non-blocking callback
+ {
+ runExtraTests: false,
+ cookieBehavior,
+ blockingByAllowList,
+ expectedBlockingNotifications,
+ callback: async _ => {
+ // Let's load the image twice here as well.
+ let img = document.createElement("img");
+ document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/image.sjs";
+ await new Promise(resolve => {
+ img.onload = resolve;
+ });
+ ok(true, "Image 3 loaded");
+
+ img = document.createElement("img");
+ document.body.appendChild(img);
+ img.src =
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/image.sjs";
+ await new Promise(resolve => {
+ img.onload = resolve;
+ });
+ ok(true, "Image 4 loaded");
+ },
+ },
+ null, // cleanup function
+ null, // no extra prefs
+ false, // no window open test
+ false, // no user-interaction test
+ expectedBlockingNotifications
+);
+
+// We still want to see just expected requests.
+add_task(async _ => {
+ await fetch(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/image.sjs?result"
+ )
+ .then(r => r.text())
+ .then(text => {
+ is(text, "2", "The image should be loaded correctly.");
+ });
+
+ await new Promise(resolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+ resolve()
+ );
+ });
+});
diff --git a/toolkit/components/antitracking/test/browser/localStorage.html b/toolkit/components/antitracking/test/browser/localStorage.html
new file mode 100644
index 0000000000..e08c25f2c4
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/localStorage.html
@@ -0,0 +1,68 @@
+<h1>Here a tracker!</h1>
+<script>
+
+if (window.opener) {
+ SpecialPowers.wrap(document).userInteractionForTesting();
+ localStorage.foo = "opener" + Math.random();
+ // Don't call window.close immediatelly. It can happen that adding the
+ // "storage" event listener below takes more time than usual (it may need to
+ // synchronously subscribe in the parent process to receive storage
+ // notifications). Spending more time in the initial script can prevent
+ // the "load" event from being fired for the window opened by "open and test".
+ setTimeout(() => {
+ window.close();
+ }, 0);
+}
+
+if (parent) {
+ window.onmessage = e => {
+ if (e.data == "test") {
+ let status;
+ try {
+ localStorage.foo = "value" + Math.random();
+ status = true;
+ } catch (e) {
+ status = false;
+ }
+
+ parent.postMessage({type: "test", status }, "*");
+ return;
+ }
+
+ if (e.data == "open") {
+ window.open("localStorage.html");
+ return;
+ }
+
+ if (e.data == "open and test") {
+ let w = window.open("localStorage.html");
+ w.addEventListener("load", _ => {
+ let status;
+ try {
+ localStorage.foo = "value" + Math.random();
+ status = true;
+ } catch (e) {
+ status = false;
+ }
+
+ parent.postMessage({type: "test", status }, "*");
+ }, {once: true});
+ }
+ };
+
+ window.addEventListener("storage", e => {
+ let fromOpener = localStorage.foo.startsWith("opener");
+
+ let status;
+ try {
+ localStorage.foo = "value" + Math.random();
+ status = true;
+ } catch (e) {
+ status = false;
+ }
+
+ parent.postMessage({type: "test", status: status && fromOpener }, "*");
+ });
+}
+
+</script>
diff --git a/toolkit/components/antitracking/test/browser/localStorageEvents.html b/toolkit/components/antitracking/test/browser/localStorageEvents.html
new file mode 100644
index 0000000000..737d1e0cab
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/localStorageEvents.html
@@ -0,0 +1,30 @@
+<script>
+
+let eventCounter = 0;
+
+onmessage = e => {
+ if (e.data == "getValue") {
+ parent.postMessage(localStorage.foo, "*");
+ return;
+ }
+
+ if (e.data == "setValue") {
+ localStorage.foo = "tracker-" + Math.random();
+ return;
+ }
+
+ if (e.data == "getEvents") {
+ parent.postMessage(eventCounter, "*");
+ return;
+ }
+
+ if (e.data == "reload") {
+ window.location.reload();
+ }
+};
+
+addEventListener("storage", _ => {
+ ++eventCounter;
+});
+
+</script>
diff --git a/toolkit/components/antitracking/test/browser/matchAll.js b/toolkit/components/antitracking/test/browser/matchAll.js
new file mode 100644
index 0000000000..8f112b0804
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/matchAll.js
@@ -0,0 +1,16 @@
+self.addEventListener("message", async e => {
+ let clients = await self.clients.matchAll({
+ type: "window",
+ includeUncontrolled: true,
+ });
+
+ let hasWindow = false;
+ for (let client of clients) {
+ if (e.data == client.url) {
+ hasWindow = true;
+ break;
+ }
+ }
+
+ e.source.postMessage(hasWindow);
+});
diff --git a/toolkit/components/antitracking/test/browser/page.html b/toolkit/components/antitracking/test/browser/page.html
new file mode 100644
index 0000000000..a99e8be179
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/page.html
@@ -0,0 +1,8 @@
+<html>
+<head>
+ <title>Just a top-level page</title>
+</head>
+<body>
+ <h1>This is the top-level page</h1>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/partitionedSharedWorker.js b/toolkit/components/antitracking/test/browser/partitionedSharedWorker.js
new file mode 100644
index 0000000000..5ac4ec9f27
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/partitionedSharedWorker.js
@@ -0,0 +1,17 @@
+let value = "";
+self.onconnect = e => {
+ e.ports[0].onmessage = event => {
+ if (event.data.what === "get") {
+ e.ports[0].postMessage(value);
+ return;
+ }
+
+ if (event.data.what === "put") {
+ value = event.data.value;
+ return;
+ }
+
+ // Error.
+ e.ports[0].postMessage(-1);
+ };
+};
diff --git a/toolkit/components/antitracking/test/browser/partitionedstorage_head.js b/toolkit/components/antitracking/test/browser/partitionedstorage_head.js
new file mode 100644
index 0000000000..3cdc82e076
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/partitionedstorage_head.js
@@ -0,0 +1,397 @@
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* import-globals-from head.js */
+
+"use strict";
+
+/* import-globals-from dynamicfpi_head.js */
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/toolkit/components/antitracking/test/browser/dynamicfpi_head.js",
+ this
+);
+
+/* import-globals-from storageprincipal_head.js */
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/toolkit/components/antitracking/test/browser/storageprincipal_head.js",
+ this
+);
+
+this.PartitionedStorageHelper = {
+ runTestInNormalAndPrivateMode(name, callback, cleanupFunction, extraPrefs) {
+ // Normal mode
+ this.runTest(name, callback, cleanupFunction, extraPrefs, false);
+
+ // Private mode
+ this.runTest(name, callback, cleanupFunction, extraPrefs, true);
+ },
+
+ runTest(
+ name,
+ callback,
+ cleanupFunction,
+ extraPrefs,
+ runInPrivateWindow = false
+ ) {
+ DynamicFPIHelper.runTest(
+ name,
+ callback,
+ cleanupFunction,
+ extraPrefs,
+ runInPrivateWindow
+ );
+ StoragePrincipalHelper.runTest(
+ name,
+ callback,
+ cleanupFunction,
+ extraPrefs,
+ runInPrivateWindow
+ );
+ },
+
+ runPartitioningTestInNormalAndPrivateMode(
+ name,
+ testCategory,
+ getDataCallback,
+ addDataCallback,
+ cleanupFunction
+ ) {
+ // Normal mode
+ this.runPartitioningTest(
+ name,
+ testCategory,
+ getDataCallback,
+ addDataCallback,
+ cleanupFunction,
+ false
+ );
+
+ // Private mode
+ this.runPartitioningTest(
+ name,
+ testCategory,
+ getDataCallback,
+ addDataCallback,
+ cleanupFunction,
+ true
+ );
+ },
+
+ runPartitioningTest(
+ name,
+ testCategory,
+ getDataCallback,
+ addDataCallback,
+ cleanupFunction,
+ runInPrivateWindow = false
+ ) {
+ for (let variant of ["normal", "initial-aboutblank"]) {
+ for (let limitForeignContexts of [false, true]) {
+ this.runPartitioningTestInner(
+ name,
+ testCategory,
+ getDataCallback,
+ addDataCallback,
+ cleanupFunction,
+ variant,
+ runInPrivateWindow,
+ limitForeignContexts
+ );
+ }
+ }
+ },
+
+ runPartitioningTestInner(
+ name,
+ testCategory,
+ getDataCallback,
+ addDataCallback,
+ cleanupFunction,
+ variant,
+ runInPrivateWindow,
+ limitForeignContexts
+ ) {
+ add_task(async _ => {
+ info(
+ "Starting test `" +
+ name +
+ "' testCategory `" +
+ testCategory +
+ "' variant `" +
+ variant +
+ "' in a " +
+ (runInPrivateWindow ? "private" : "normal") +
+ " window " +
+ (limitForeignContexts ? "with" : "without") +
+ " limitForeignContexts to check that 2 tabs are correctly partititioned"
+ );
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ ],
+ ["privacy.dynamic_firstparty.limitForeign", limitForeignContexts],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ["privacy.storagePrincipal.enabledForTrackers", false],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "not-tracking.example.com",
+ ],
+ ],
+ });
+
+ let win = window;
+ if (runInPrivateWindow) {
+ win = OpenBrowserWindow({ private: true });
+ await TestUtils.topicObserved("browser-delayed-startup-finished");
+ }
+
+ info("Creating the first tab");
+ let tab1 = BrowserTestUtils.addTab(win.gBrowser, TEST_TOP_PAGE);
+ win.gBrowser.selectedTab = tab1;
+
+ let browser1 = win.gBrowser.getBrowserForTab(tab1);
+ await BrowserTestUtils.browserLoaded(browser1);
+
+ info("Creating the second tab");
+ let tab2 = BrowserTestUtils.addTab(win.gBrowser, TEST_TOP_PAGE_6);
+ win.gBrowser.selectedTab = tab2;
+
+ let browser2 = win.gBrowser.getBrowserForTab(tab2);
+ await BrowserTestUtils.browserLoaded(browser2);
+
+ info("Creating the third tab");
+ let tab3 = BrowserTestUtils.addTab(
+ win.gBrowser,
+ TEST_4TH_PARTY_PARTITIONED_PAGE
+ );
+ win.gBrowser.selectedTab = tab3;
+
+ let browser3 = win.gBrowser.getBrowserForTab(tab3);
+ await BrowserTestUtils.browserLoaded(browser3);
+
+ // Use the same URL as first tab to check partitioned data
+ info("Creating the forth tab");
+ let tab4 = BrowserTestUtils.addTab(win.gBrowser, TEST_TOP_PAGE);
+ win.gBrowser.selectedTab = tab4;
+
+ let browser4 = win.gBrowser.getBrowserForTab(tab4);
+ await BrowserTestUtils.browserLoaded(browser4);
+
+ async function getDataFromThirdParty(browser, result) {
+ // Overwrite the special case here since third party cookies are not
+ // avilable when `limitForeignContexts` is enabled.
+ if (testCategory === "cookies" && limitForeignContexts) {
+ info("overwrite result to empty");
+ result = "";
+ }
+
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_4TH_PARTY_PARTITIONED_PAGE + "?variant=" + variant,
+ getDataCallback: getDataCallback.toString(),
+ result,
+ },
+ ],
+ async obj => {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = __ => {
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage({ cb: obj.getDataCallback }, "*");
+ };
+
+ content.addEventListener(
+ "message",
+ function msg(event) {
+ is(
+ event.data,
+ obj.result,
+ "Partitioned cookie jar has value: " + obj.result
+ );
+ resolve();
+ },
+ { once: true }
+ );
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+ }
+
+ async function getDataFromFirstParty(browser, result) {
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ getDataCallback: getDataCallback.toString(),
+ result,
+ variant,
+ },
+ ],
+ async obj => {
+ let runnableStr = `(() => {return (${obj.getDataCallback});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ let win = content;
+ if (obj.variant == "initial-aboutblank") {
+ let i = win.document.createElement("iframe");
+ i.src = "about:blank";
+ win.document.body.appendChild(i);
+ // override win to make it point to the initial about:blank window
+ win = i.contentWindow;
+ }
+
+ let result = await runnable.call(content, win);
+ is(
+ result,
+ obj.result,
+ "Partitioned cookie jar is empty: " + obj.result
+ );
+ }
+ );
+ }
+
+ info("Checking 3rd party has an empty cookie jar in first tab");
+ await getDataFromThirdParty(browser1, "");
+
+ info("Checking 3rd party has an empty cookie jar in second tab");
+ await getDataFromThirdParty(browser2, "");
+
+ info("Checking first party has an empty cookie jar in third tab");
+ await getDataFromFirstParty(browser3, "");
+
+ info("Checking 3rd party has an empty cookie jar in forth tab");
+ await getDataFromThirdParty(browser4, "");
+
+ async function createDataInThirdParty(browser, value) {
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_4TH_PARTY_PARTITIONED_PAGE + "?variant=" + variant,
+ addDataCallback: addDataCallback.toString(),
+ value,
+ },
+ ],
+ async obj => {
+ await new content.Promise(resolve => {
+ let ifr = content.document.getElementsByTagName("iframe")[0];
+ content.addEventListener(
+ "message",
+ function msg(event) {
+ ok(event.data, "Data created");
+ resolve();
+ },
+ { once: true }
+ );
+
+ ifr.contentWindow.postMessage(
+ {
+ cb: obj.addDataCallback,
+ value: obj.value,
+ },
+ "*"
+ );
+ });
+ }
+ );
+ }
+
+ async function createDataInFirstParty(browser, value) {
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ addDataCallback: addDataCallback.toString(),
+ value,
+ variant,
+ },
+ ],
+ async obj => {
+ let runnableStr = `(() => {return (${obj.addDataCallback});})();`;
+ let runnable = eval(runnableStr); // eslint-disable-line no-eval
+ let win = content;
+ if (obj.variant == "initial-aboutblank") {
+ let i = win.document.createElement("iframe");
+ i.src = "about:blank";
+ win.document.body.appendChild(i);
+ // override win to make it point to the initial about:blank window
+ win = i.contentWindow;
+ }
+
+ let result = await runnable.call(content, win, obj.value);
+ ok(result, "Data created");
+ }
+ );
+ }
+
+ info("Creating data in the first tab");
+ await createDataInThirdParty(browser1, "A");
+
+ info("Creating data in the second tab");
+ await createDataInThirdParty(browser2, "B");
+
+ // Before writing browser4, check data written by browser1
+ info("First tab should still have just 'A'");
+ await getDataFromThirdParty(browser1, "A");
+ info("Forth tab should still have just 'A'");
+ await getDataFromThirdParty(browser4, "A");
+
+ // Ensure to create data in the forth tab before the third tab,
+ // otherwise cookie will be written successfully due to prior cookie
+ // of the base domain exists.
+ info("Creating data in the forth tab");
+ await createDataInThirdParty(browser4, "D");
+
+ info("Creating data in the third tab");
+ await createDataInFirstParty(browser3, "C");
+
+ // read all tabs
+ info("First tab should be changed to 'D'");
+ await getDataFromThirdParty(browser1, "D");
+
+ info("Second tab should still have just 'B'");
+ await getDataFromThirdParty(browser2, "B");
+
+ info("Third tab should still have just 'C'");
+ await getDataFromFirstParty(browser3, "C");
+
+ info("Forth tab should still have just 'D'");
+ await getDataFromThirdParty(browser4, "D");
+
+ info("Removing the tabs");
+ BrowserTestUtils.removeTab(tab1);
+ BrowserTestUtils.removeTab(tab2);
+ BrowserTestUtils.removeTab(tab3);
+ BrowserTestUtils.removeTab(tab4);
+
+ if (runInPrivateWindow) {
+ win.close();
+ }
+ });
+
+ add_task(async _ => {
+ info("Cleaning up.");
+ if (cleanupFunction) {
+ await cleanupFunction();
+ }
+
+ // While running these tests we typically do not have enough idle time to do
+ // GC reliably, so force it here.
+ /* import-globals-from antitracking_head.js */
+ forceGC();
+ });
+ },
+};
diff --git a/toolkit/components/antitracking/test/browser/popup.html b/toolkit/components/antitracking/test/browser/popup.html
new file mode 100644
index 0000000000..f195add788
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/popup.html
@@ -0,0 +1,11 @@
+<html>
+<head>
+ <title>Just a popup that does a redirect</title>
+</head>
+<body>
+ <h1>Just a popup that does a redirect</h1>
+ <script>
+ window.location = "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html";
+ </script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/raptor.jpg b/toolkit/components/antitracking/test/browser/raptor.jpg
new file mode 100644
index 0000000000..243ba9e2d4
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/raptor.jpg
Binary files differ
diff --git a/toolkit/components/antitracking/test/browser/redirect.sjs b/toolkit/components/antitracking/test/browser/redirect.sjs
new file mode 100644
index 0000000000..18cf4adfc6
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/redirect.sjs
@@ -0,0 +1,4 @@
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 302);
+ aResponse.setHeader("Location", aRequest.queryString);
+}
diff --git a/toolkit/components/antitracking/test/browser/referrer.sjs b/toolkit/components/antitracking/test/browser/referrer.sjs
new file mode 100644
index 0000000000..b511e232b2
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/referrer.sjs
@@ -0,0 +1,40 @@
+// A 1x1 PNG image.
+// Source: https://commons.wikimedia.org/wiki/File:1x1.png (Public Domain)
+const IMAGE = atob("iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAAA1BMVEUAA" +
+ "ACnej3aAAAAAXRSTlMAQObYZgAAAApJREFUCNdjYAAAAAIAAeIhvDMAAAAASUVORK5CYII=");
+
+const IFRAME = "<!DOCTYPE html>\n" +
+ "<script>\n" +
+ "onmessage = event => {\n" +
+ "parent.postMessage(document.referrer, '*');\n" +
+ "};\n" +
+ "</script>";
+
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+
+ let key = aRequest.queryString.includes("what=script") ? "script" :
+ (aRequest.queryString.includes("what=image") ? "image" : "iframe");
+
+ if (aRequest.queryString.includes("result")) {
+ aResponse.write(getState(key));
+ setState(key, "");
+ return;
+ }
+
+ if (aRequest.hasHeader('Referer')) {
+ let referrer = aRequest.getHeader('Referer');
+ setState(key, referrer);
+ }
+
+ if (key == "script") {
+ aResponse.setHeader("Content-Type", "text/javascript", false);
+ aResponse.write("42;");
+ } else if (key == "image") {
+ aResponse.setHeader("Content-Type", "image/png", false);
+ aResponse.write(IMAGE);
+ } else {
+ aResponse.setHeader("Content-Type", "text/html", false);
+ aResponse.write(IFRAME);
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/sandboxed.html b/toolkit/components/antitracking/test/browser/sandboxed.html
new file mode 100644
index 0000000000..a359ae0aa3
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/sandboxed.html
@@ -0,0 +1,12 @@
+<!DOCTYPE HTML>
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+ - License, v. 2.0. If a copy of the MPL was not distributed with this
+ - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+<html dir="ltr" xml:lang="en-US" lang="en-US">
+ <head>
+ <meta charset="utf8">
+ </head>
+ <body>
+ <p>Hello, World!</p>
+ </body>
+</html>
diff --git a/toolkit/components/antitracking/test/browser/sandboxed.html^headers^ b/toolkit/components/antitracking/test/browser/sandboxed.html^headers^
new file mode 100644
index 0000000000..4705ce9ded
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/sandboxed.html^headers^
@@ -0,0 +1 @@
+Content-Security-Policy: sandbox allow-scripts;
diff --git a/toolkit/components/antitracking/test/browser/server.sjs b/toolkit/components/antitracking/test/browser/server.sjs
new file mode 100644
index 0000000000..6368c47640
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/server.sjs
@@ -0,0 +1,20 @@
+function handleRequest(aRequest, aResponse) {
+ if (aRequest.queryString.includes("redirect")) {
+ aResponse.setStatusLine(aRequest.httpVersion, 302);
+ if (aRequest.queryString.includes("redirect-checkonly")) {
+ aResponse.setHeader("Location", "server.sjs?checkonly");
+ } else {
+ aResponse.setHeader("Location", "server.sjs");
+ }
+ return;
+ }
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+ if (aRequest.hasHeader('Cookie')) {
+ aResponse.write("cookie-present");
+ } else {
+ if (!aRequest.queryString.includes("checkonly")) {
+ aResponse.setHeader("Set-Cookie", "foopy=1");
+ }
+ aResponse.write("cookie-not-present");
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/sharedWorker.js b/toolkit/components/antitracking/test/browser/sharedWorker.js
new file mode 100644
index 0000000000..01188ed10a
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/sharedWorker.js
@@ -0,0 +1,18 @@
+let ports = 0;
+self.onconnect = e => {
+ ++ports;
+ e.ports[0].onmessage = event => {
+ if (event.data === "count") {
+ e.ports[0].postMessage(ports);
+ return;
+ }
+
+ if (event.data === "close") {
+ self.close();
+ return;
+ }
+
+ // Error.
+ e.ports[0].postMessage(-1);
+ };
+};
diff --git a/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js b/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js
new file mode 100644
index 0000000000..2837cf68a2
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js
@@ -0,0 +1,197 @@
+/* global allowListed */
+
+async function hasStorageAccessInitially() {
+ let hasAccess = await document.hasStorageAccess();
+ ok(hasAccess, "Has storage access");
+}
+
+async function noStorageAccessInitially() {
+ let hasAccess = await document.hasStorageAccess();
+ ok(!hasAccess, "Doesn't yet have storage access");
+}
+
+async function callRequestStorageAccess(callback, expectFail) {
+ let dwu = SpecialPowers.getDOMWindowUtils(window);
+ let helper = dwu.setHandlingUserInput(true);
+
+ let origin = new URL(location.href).origin;
+
+ let success = true;
+ // We only grant storage exceptions when the reject tracker behavior is enabled.
+ let rejectTrackers =
+ [
+ SpecialPowers.Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ SpecialPowers.Ci.nsICookieService
+ .BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ ].includes(
+ SpecialPowers.Services.prefs.getIntPref("network.cookie.cookieBehavior")
+ ) && !isOnContentBlockingAllowList();
+ const TEST_ANOTHER_3RD_PARTY_ORIGIN = SpecialPowers.useRemoteSubframes
+ ? "http://another-tracking.example.net"
+ : "https://another-tracking.example.net";
+ // With another-tracking.example.net, we're same-eTLD+1, so the first try succeeds.
+ if (origin != TEST_ANOTHER_3RD_PARTY_ORIGIN) {
+ if (rejectTrackers) {
+ let p;
+ let threw = false;
+ try {
+ p = document.requestStorageAccess();
+ } catch (e) {
+ threw = true;
+ } finally {
+ helper.destruct();
+ }
+ ok(!threw, "requestStorageAccess should not throw");
+ try {
+ if (callback) {
+ if (expectFail) {
+ await p.catch(_ => callback(dwu));
+ success = false;
+ } else {
+ await p.then(_ => callback(dwu));
+ }
+ } else {
+ await p;
+ }
+ } catch (e) {
+ success = false;
+ }
+ ok(!success, "Should not have worked without user interaction");
+
+ await noStorageAccessInitially();
+
+ await interactWithTracker();
+
+ helper = dwu.setHandlingUserInput(true);
+ }
+ if (
+ SpecialPowers.Services.prefs.getIntPref(
+ "network.cookie.cookieBehavior"
+ ) == SpecialPowers.Ci.nsICookieService.BEHAVIOR_ACCEPT &&
+ !isOnContentBlockingAllowList()
+ ) {
+ try {
+ if (callback) {
+ if (expectFail) {
+ await document.requestStorageAccess().catch(_ => callback(dwu));
+ success = false;
+ } else {
+ await document.requestStorageAccess().then(_ => callback(dwu));
+ }
+ } else {
+ await document.requestStorageAccess();
+ }
+ } catch (e) {
+ success = false;
+ } finally {
+ helper.destruct();
+ }
+ ok(success, "Should not have thrown");
+
+ await hasStorageAccessInitially();
+
+ await interactWithTracker();
+
+ helper = dwu.setHandlingUserInput(true);
+ }
+ }
+
+ let p;
+ let threw = false;
+ try {
+ p = document.requestStorageAccess();
+ } catch (e) {
+ threw = true;
+ } finally {
+ helper.destruct();
+ }
+ let rejected = false;
+ try {
+ if (callback) {
+ if (expectFail) {
+ await p.catch(_ => callback(dwu));
+ rejected = true;
+ } else {
+ await p.then(_ => callback(dwu));
+ }
+ } else {
+ await p;
+ }
+ } catch (e) {
+ rejected = true;
+ }
+
+ success = !threw && !rejected;
+ let hasAccess = await document.hasStorageAccess();
+ is(
+ hasAccess,
+ success,
+ "Should " + (success ? "" : "not ") + "have storage access now"
+ );
+ if (
+ success &&
+ rejectTrackers &&
+ window.location.search != "?disableWaitUntilPermission" &&
+ origin != TEST_ANOTHER_3RD_PARTY_ORIGIN
+ ) {
+ // Wait until the permission is visible in parent process to avoid race
+ // conditions. We don't need to wait the permission to be visible in content
+ // processes since the content process doesn't rely on the permission to
+ // know the storage access is updated.
+ await waitUntilPermission(
+ "http://example.net/browser/toolkit/components/antitracking/test/browser/page.html",
+ "3rdPartyStorage^" + window.origin
+ );
+ }
+
+ return [threw, rejected];
+}
+
+async function waitUntilPermission(url, name) {
+ let originAttributes = SpecialPowers.isContentWindowPrivate(window)
+ ? { privateBrowsingId: 1 }
+ : {};
+ await new Promise(resolve => {
+ let id = setInterval(async _ => {
+ if (
+ await SpecialPowers.testPermission(
+ name,
+ SpecialPowers.Services.perms.ALLOW_ACTION,
+ {
+ url,
+ originAttributes,
+ }
+ )
+ ) {
+ clearInterval(id);
+ resolve();
+ }
+ }, 0);
+ });
+}
+
+async function interactWithTracker() {
+ await new Promise(resolve => {
+ let orionmessage = onmessage;
+ onmessage = _ => {
+ onmessage = orionmessage;
+ resolve();
+ };
+
+ info("Let's interact with the tracker");
+ window.open(
+ "/browser/toolkit/components/antitracking/test/browser/3rdPartyOpenUI.html?messageme"
+ );
+ });
+
+ // Wait until the user interaction permission becomes visible in our process
+ await waitUntilPermission(window.origin, "storageAccessAPI");
+}
+
+function isOnContentBlockingAllowList() {
+ // We directly check the window.allowListed here instead of checking the
+ // permission. The allow list permission might not be available since it is
+ // not in the preload list.
+
+ return window.allowListed;
+}
diff --git a/toolkit/components/antitracking/test/browser/storageprincipal_head.js b/toolkit/components/antitracking/test/browser/storageprincipal_head.js
new file mode 100644
index 0000000000..f32bde6b4f
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/storageprincipal_head.js
@@ -0,0 +1,153 @@
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* import-globals-from head.js */
+
+"use strict";
+
+this.StoragePrincipalHelper = {
+ runTest(name, callback, cleanupFunction, extraPrefs, runInPrivateWindow) {
+ add_task(async _ => {
+ info(
+ "Starting test `" +
+ name +
+ "' with storage principal running in a " +
+ (runInPrivateWindow ? "private" : "normal") +
+ " window..."
+ );
+
+ await SpecialPowers.flushPrefEnv();
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.storage_access.enabled", true],
+ [
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ ],
+ ["privacy.trackingprotection.enabled", false],
+ ["privacy.trackingprotection.pbmode.enabled", false],
+ ["privacy.trackingprotection.annotate_channels", true],
+ ["privacy.storagePrincipal.enabledForTrackers", true],
+ ["privacy.dynamic_firstparty.use_site", true],
+ [
+ "privacy.restrict3rdpartystorage.userInteractionRequiredForHosts",
+ "tracking.example.org",
+ ],
+ ],
+ });
+
+ if (extraPrefs && Array.isArray(extraPrefs) && extraPrefs.length) {
+ await SpecialPowers.pushPrefEnv({ set: extraPrefs });
+ }
+
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let win = window;
+ if (runInPrivateWindow) {
+ win = OpenBrowserWindow({ private: true });
+ await TestUtils.topicObserved("browser-delayed-startup-finished");
+ }
+
+ info("Creating a new tab");
+ let tab = BrowserTestUtils.addTab(win.gBrowser, TEST_TOP_PAGE);
+ win.gBrowser.selectedTab = tab;
+
+ let browser = win.gBrowser.getBrowserForTab(tab);
+ await BrowserTestUtils.browserLoaded(browser);
+
+ info("Check the cookieJarSettings of the browser object");
+ ok(
+ browser.cookieJarSettings,
+ "The browser object has the cookieJarSettings."
+ );
+ is(
+ browser.cookieJarSettings.cookieBehavior,
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ "The cookieJarSettings has the correct cookieBehavior"
+ );
+ is(
+ browser.cookieJarSettings.partitionKey,
+ "(http,example.net)",
+ "The cookieJarSettings has the correct partitionKey"
+ );
+
+ info("Creating a 3rd party content");
+ await SpecialPowers.spawn(
+ browser,
+ [
+ {
+ page: TEST_3RD_PARTY_STORAGE_PAGE,
+ callback: callback.toString(),
+ },
+ ],
+ async obj => {
+ await new content.Promise(resolve => {
+ let ifr = content.document.createElement("iframe");
+ ifr.onload = async _ => {
+ await SpecialPowers.spawn(ifr, [], async _ => {
+ is(
+ content.document.nodePrincipal.originAttributes.partitionKey,
+ "",
+ "We don't have first-party set on nodePrincipal"
+ );
+ is(
+ content.document.effectiveStoragePrincipal.originAttributes
+ .partitionKey,
+ "(http,example.net)",
+ "We have first-party set on storagePrincipal"
+ );
+ });
+ info("Sending code to the 3rd party content");
+ ifr.contentWindow.postMessage(obj.callback, "*");
+ };
+
+ content.addEventListener("message", function msg(event) {
+ if (event.data.type == "finish") {
+ content.removeEventListener("message", msg);
+ resolve();
+ return;
+ }
+
+ if (event.data.type == "ok") {
+ ok(event.data.what, event.data.msg);
+ return;
+ }
+
+ if (event.data.type == "info") {
+ info(event.data.msg);
+ return;
+ }
+
+ ok(false, "Unknown message");
+ });
+
+ content.document.body.appendChild(ifr);
+ ifr.src = obj.page;
+ });
+ }
+ );
+
+ info("Removing the tab");
+ BrowserTestUtils.removeTab(tab);
+
+ if (runInPrivateWindow) {
+ win.close();
+ }
+ });
+
+ add_task(async _ => {
+ info("Cleaning up.");
+ if (cleanupFunction) {
+ await cleanupFunction();
+ }
+ UrlClassifierTestUtils.cleanupTestTrackers();
+
+ // While running these tests we typically do not have enough idle time to do
+ // GC reliably, so force it here.
+ /* import-globals-from antitracking_head.js */
+ forceGC();
+ });
+ },
+};
diff --git a/toolkit/components/antitracking/test/browser/subResources.sjs b/toolkit/components/antitracking/test/browser/subResources.sjs
new file mode 100644
index 0000000000..de50d2ae26
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/subResources.sjs
@@ -0,0 +1,31 @@
+// A 1x1 PNG image.
+// Source: https://commons.wikimedia.org/wiki/File:1x1.png (Public Domain)
+const IMAGE = atob("iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAAA1BMVEUAA" +
+ "ACnej3aAAAAAXRSTlMAQObYZgAAAApJREFUCNdjYAAAAAIAAeIhvDMAAAAASUVORK5CYII=");
+
+function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+
+ let key = aRequest.queryString.includes("what=script") ? "script" : "image";
+
+ if (aRequest.queryString.includes("result")) {
+ aResponse.write(getState(key) || 0);
+ setState(key, "0");
+ return;
+ }
+
+ if (aRequest.hasHeader('Cookie')) {
+ let hints = parseInt(getState(key) || 0) + 1;
+ setState(key, hints.toString());
+ }
+
+ aResponse.setHeader("Set-Cookie", "foopy=1");
+
+ if (key == "script") {
+ aResponse.setHeader("Content-Type", "text/javascript", false);
+ aResponse.write("42;");
+ } else {
+ aResponse.setHeader("Content-Type", "image/png", false);
+ aResponse.write(IMAGE);
+ }
+}
diff --git a/toolkit/components/antitracking/test/browser/tracker.js b/toolkit/components/antitracking/test/browser/tracker.js
new file mode 100644
index 0000000000..85e943f7c4
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/tracker.js
@@ -0,0 +1,7 @@
+window.addEventListener("message", e => {
+ let bc = new BroadcastChannel("a");
+ bc.postMessage("ready!");
+});
+window.open(
+ "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/3rdPartyOpen.html"
+);
diff --git a/toolkit/components/antitracking/test/browser/workerIframe.html b/toolkit/components/antitracking/test/browser/workerIframe.html
new file mode 100644
index 0000000000..37aa5d7c0d
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/workerIframe.html
@@ -0,0 +1,71 @@
+<html>
+<head>
+ <title>3rd party content!</title>
+ <script type="text/javascript" src="https://example.com/browser/toolkit/components/antitracking/test/browser/storageAccessAPIHelpers.js"></script>
+</head>
+<body>
+<h1>Here the 3rd party content!</h1>
+<script>
+
+function info(msg) {
+ parent.postMessage({ type: "info", msg }, "*");
+}
+
+function ok(what, msg) {
+ parent.postMessage({ type: "ok", what: !!what, msg }, "*");
+}
+
+function is(a, b, msg) {
+ ok(a === b, msg);
+}
+
+async function runTest() {
+ function workerCode() {
+ onmessage = e => {
+ try {
+ indexedDB.open("test", "1");
+ postMessage(true);
+ } catch (e) {
+ postMessage(false);
+ }
+ };
+ }
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await noStorageAccessInitially();
+ info("Initialized");
+
+ let blob = new Blob([workerCode.toString() + "; workerCode();"]);
+ let blobURL = URL.createObjectURL(blob);
+ info("Blob created");
+
+ let w = new Worker(blobURL);
+ info("Worker created");
+
+ await new Promise(resolve => {
+ w.addEventListener("message", e => {
+ ok(!e.data, "IDB is disabled");
+ resolve();
+ }, { once: true });
+ w.postMessage("go");
+ });
+
+ /* import-globals-from storageAccessAPIHelpers.js */
+ await callRequestStorageAccess();
+
+ await new Promise(resolve => {
+ w.addEventListener("message", e => {
+ ok(e.data, "IDB is enabled");
+ resolve();
+ }, { once: true });
+ w.postMessage("go");
+ });
+
+ parent.postMessage({ type: "finish" }, "*");
+}
+
+runTest();
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/antitracking/test/xpcshell/data/font.woff b/toolkit/components/antitracking/test/xpcshell/data/font.woff
new file mode 100644
index 0000000000..acda4f3d9f
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/data/font.woff
Binary files differ
diff --git a/toolkit/components/antitracking/test/xpcshell/head.js b/toolkit/components/antitracking/test/xpcshell/head.js
new file mode 100644
index 0000000000..77c86f4466
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/head.js
@@ -0,0 +1,11 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/* import-globals-from ../../../../components/url-classifier/tests/unit/head_urlclassifier.js */
+
+const { XPCOMUtils } = ChromeUtils.import(
+ "resource://gre/modules/XPCOMUtils.jsm"
+);
+const { TestUtils } = ChromeUtils.import(
+ "resource://testing-common/TestUtils.jsm"
+);
diff --git a/toolkit/components/antitracking/test/xpcshell/test_ExceptionListService.js b/toolkit/components/antitracking/test/xpcshell/test_ExceptionListService.js
new file mode 100644
index 0000000000..d9601a3f0a
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_ExceptionListService.js
@@ -0,0 +1,109 @@
+// This test ensures that the URL decoration annotations service works as
+// expected, and also we successfully downgrade document.referrer to the
+// eTLD+1 URL when tracking identifiers controlled by this service are
+// present in the referrer URI.
+
+"use strict";
+
+/* Unit tests for the nsIPartitioningExceptionListService implementation. */
+
+const { RemoteSettings } = ChromeUtils.import(
+ "resource://services-settings/remote-settings.js"
+);
+
+const COLLECTION_NAME = "partitioning-exempt-urls";
+const PREF_NAME = "privacy.restrict3rdpartystorage.skip_list";
+
+XPCOMUtils.defineLazyGlobalGetters(this, ["EventTarget"]);
+
+do_get_profile();
+
+class UpdateEvent extends EventTarget {}
+function waitForEvent(element, eventName) {
+ return new Promise(function(resolve) {
+ element.addEventListener(eventName, e => resolve(e.detail), { once: true });
+ });
+}
+
+add_task(async _ => {
+ let peuService = Cc[
+ "@mozilla.org/partitioning/exception-list-service;1"
+ ].getService(Ci.nsIPartitioningExceptionListService);
+
+ // Make sure we have a pref initially, since the exception list service
+ // requires it.
+ Services.prefs.setStringPref(PREF_NAME, "");
+
+ let updateEvent = new UpdateEvent();
+ let records = [
+ {
+ id: "1",
+ last_modified: 100000000000000000001,
+ firstPartyOrigin: "https://example.org",
+ thirdPartyOrigin: "https://tracking.example.com",
+ },
+ ];
+
+ // Add some initial data
+ let db = await RemoteSettings(COLLECTION_NAME).db;
+ await db.importChanges({}, 42, records);
+
+ let promise = waitForEvent(updateEvent, "update");
+ let obs = data => {
+ let event = new CustomEvent("update", { detail: data });
+ updateEvent.dispatchEvent(event);
+ };
+ peuService.registerAndRunExceptionListObserver(obs);
+ let list = await promise;
+ Assert.equal(list, "", "No items in the list");
+
+ // Second event is from the RemoteSettings record.
+ list = await waitForEvent(updateEvent, "update");
+ Assert.equal(
+ list,
+ "https://example.org,https://tracking.example.com",
+ "Has one item in the list"
+ );
+
+ records.push({
+ id: "2",
+ last_modified: 100000000000000000002,
+ firstPartyOrigin: "https://foo.org",
+ thirdPartyOrigin: "https://bar.com",
+ });
+
+ promise = waitForEvent(updateEvent, "update");
+ await RemoteSettings(COLLECTION_NAME).emit("sync", {
+ data: { current: records },
+ });
+ list = await promise;
+ Assert.equal(
+ list,
+ "https://example.org,https://tracking.example.com;https://foo.org,https://bar.com",
+ "Has several items in the list"
+ );
+
+ promise = waitForEvent(updateEvent, "update");
+ Services.prefs.setStringPref(PREF_NAME, "https://test.com,https://test3.com");
+ list = await promise;
+ Assert.equal(
+ list,
+ "https://test.com,https://test3.com;https://example.org,https://tracking.example.com;https://foo.org,https://bar.com",
+ "Has several items in the list"
+ );
+
+ promise = waitForEvent(updateEvent, "update");
+ Services.prefs.setStringPref(
+ PREF_NAME,
+ "https://test.com,https://test3.com;https://abc.com,https://def.com"
+ );
+ list = await promise;
+ Assert.equal(
+ list,
+ "https://test.com,https://test3.com;https://abc.com,https://def.com;https://example.org,https://tracking.example.com;https://foo.org,https://bar.com",
+ "Has several items in the list"
+ );
+
+ peuService.unregisterExceptionListObserver(obs);
+ await db.clear();
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_cookie_behavior.js b/toolkit/components/antitracking/test/xpcshell/test_cookie_behavior.js
new file mode 100644
index 0000000000..76dcc8375d
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_cookie_behavior.js
@@ -0,0 +1,40 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Note: This test may cause intermittents if run at exactly midnight.
+
+"use strict";
+
+const PREF_FPI = "privacy.firstparty.isolate";
+const PREF_COOKIE_BEHAVIOR = "network.cookie.cookieBehavior";
+
+registerCleanupFunction(() => {
+ Services.prefs.clearUserPref(PREF_FPI);
+ Services.prefs.clearUserPref(PREF_COOKIE_BEHAVIOR);
+});
+
+add_task(function test_FPI_off() {
+ Services.prefs.setBoolPref(PREF_FPI, false);
+
+ for (let i = 0; i <= Ci.nsICookieService.BEHAVIOR_LAST; ++i) {
+ Services.prefs.setIntPref(PREF_COOKIE_BEHAVIOR, i);
+ equal(Services.prefs.getIntPref(PREF_COOKIE_BEHAVIOR), i);
+ equal(Services.cookies.cookieBehavior, i);
+ }
+});
+
+add_task(function test_FPI_on() {
+ Services.prefs.setBoolPref(PREF_FPI, true);
+
+ for (let i = 0; i <= Ci.nsICookieService.BEHAVIOR_LAST; ++i) {
+ Services.prefs.setIntPref(PREF_COOKIE_BEHAVIOR, i);
+ equal(Services.prefs.getIntPref(PREF_COOKIE_BEHAVIOR), i);
+ equal(
+ Services.cookies.cookieBehavior,
+ i == Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN
+ ? Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER
+ : i
+ );
+ }
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_purge_trackers.js b/toolkit/components/antitracking/test/xpcshell/test_purge_trackers.js
new file mode 100644
index 0000000000..9db1683111
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_purge_trackers.js
@@ -0,0 +1,519 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+const TRACKING_PAGE = "https://tracking.example.org";
+const TRACKING_PAGE2 =
+ "https://tracking.example.org^partitionKey=(https,example.com)";
+const BENIGN_PAGE = "https://example.com";
+const FOREIGN_PAGE = "https://example.net";
+const FOREIGN_PAGE2 = "https://example.net^partitionKey=(https,example.com)";
+const FOREIGN_PAGE3 = "https://example.net^partitionKey=(https,example.org)";
+
+const { UrlClassifierTestUtils } = ChromeUtils.import(
+ "resource://testing-common/UrlClassifierTestUtils.jsm"
+);
+const { SiteDataTestUtils } = ChromeUtils.import(
+ "resource://testing-common/SiteDataTestUtils.jsm"
+);
+const { PermissionTestUtils } = ChromeUtils.import(
+ "resource://testing-common/PermissionTestUtils.jsm"
+);
+const { setTimeout } = ChromeUtils.import("resource://gre/modules/Timer.jsm");
+
+XPCOMUtils.defineLazyServiceGetter(
+ this,
+ "PurgeTrackerService",
+ "@mozilla.org/purge-tracker-service;1",
+ "nsIPurgeTrackerService"
+);
+
+async function setupTest(aCookieBehavior) {
+ Services.prefs.setIntPref("network.cookie.cookieBehavior", aCookieBehavior);
+ Services.prefs.setBoolPref("privacy.purge_trackers.enabled", true);
+ Services.prefs.setCharPref("privacy.purge_trackers.logging.level", "Debug");
+ Services.prefs.setStringPref(
+ "urlclassifier.trackingAnnotationTable.testEntries",
+ "tracking.example.org"
+ );
+
+ // Enables us to test localStorage in xpcshell.
+ Services.prefs.setBoolPref("dom.storage.client_validation", false);
+}
+
+/**
+ * Test that purging doesn't happen when it shouldn't happen.
+ */
+add_task(async function testNotPurging() {
+ await UrlClassifierTestUtils.addTestTrackers();
+ setupTest(Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN);
+ SiteDataTestUtils.addToCookies(TRACKING_PAGE);
+
+ Services.prefs.setIntPref(
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_ACCEPT
+ );
+ await PurgeTrackerService.purgeTrackingCookieJars();
+ ok(SiteDataTestUtils.hasCookies(TRACKING_PAGE), "cookie remains.");
+ Services.prefs.setIntPref(
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN
+ );
+
+ Services.prefs.setBoolPref("privacy.purge_trackers.enabled", false);
+ await PurgeTrackerService.purgeTrackingCookieJars();
+ ok(SiteDataTestUtils.hasCookies(TRACKING_PAGE), "cookie remains.");
+ Services.prefs.setBoolPref("privacy.purge_trackers.enabled", true);
+
+ Services.prefs.setBoolPref("privacy.sanitize.sanitizeOnShutdown", true);
+ Services.prefs.setBoolPref("privacy.clearOnShutdown.history", true);
+ await PurgeTrackerService.purgeTrackingCookieJars();
+ ok(SiteDataTestUtils.hasCookies(TRACKING_PAGE), "cookie remains.");
+ Services.prefs.clearUserPref("privacy.sanitize.sanitizeOnShutdown");
+ Services.prefs.clearUserPref("privacy.clearOnShutdown.history");
+
+ await PurgeTrackerService.purgeTrackingCookieJars();
+ ok(!SiteDataTestUtils.hasCookies(TRACKING_PAGE), "cookie cleared.");
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+/**
+ * Test that cookies indexedDB and localStorage are purged if the cookie is found
+ * on the tracking list and does not have an Interaction Permission.
+ */
+async function testIndexedDBAndLocalStorage() {
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ PermissionTestUtils.add(
+ TRACKING_PAGE,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ SiteDataTestUtils.addToCookies(BENIGN_PAGE);
+ for (let url of [
+ TRACKING_PAGE,
+ TRACKING_PAGE2,
+ FOREIGN_PAGE,
+ FOREIGN_PAGE2,
+ FOREIGN_PAGE3,
+ ]) {
+ SiteDataTestUtils.addToLocalStorage(url);
+ SiteDataTestUtils.addToCookies(url);
+ await SiteDataTestUtils.addToIndexedDB(url);
+ }
+
+ // Purge while storage access permission exists.
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ for (let url of [TRACKING_PAGE, TRACKING_PAGE2]) {
+ ok(
+ SiteDataTestUtils.hasCookies(url),
+ "cookie remains while storage access permission exists."
+ );
+ ok(
+ SiteDataTestUtils.hasLocalStorage(url),
+ "localStorage should not have been removed while storage access permission exists."
+ );
+ Assert.greater(
+ await SiteDataTestUtils.getQuotaUsage(url),
+ 0,
+ `We have data for ${url}`
+ );
+ }
+
+ // Run purge after storage access permission has been removed.
+ PermissionTestUtils.remove(TRACKING_PAGE, "storageAccessAPI");
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ ok(
+ SiteDataTestUtils.hasCookies(BENIGN_PAGE),
+ "A non-tracking page should retain cookies after purging"
+ );
+
+ for (let url of [FOREIGN_PAGE, FOREIGN_PAGE2, FOREIGN_PAGE3]) {
+ ok(
+ SiteDataTestUtils.hasCookies(url),
+ `A non-tracking foreign page should retain cookies after purging`
+ );
+ ok(
+ SiteDataTestUtils.hasLocalStorage(url),
+ `localStorage for ${url} should not have been removed.`
+ );
+ Assert.greater(
+ await SiteDataTestUtils.getQuotaUsage(url),
+ 0,
+ `We have data for ${url}`
+ );
+ }
+
+ // Cookie should have been removed.
+
+ for (let url of [TRACKING_PAGE, TRACKING_PAGE2]) {
+ ok(
+ !SiteDataTestUtils.hasCookies(url),
+ "cookie is removed after purge with no storage access permission."
+ );
+ ok(
+ !SiteDataTestUtils.hasLocalStorage(url),
+ "localStorage should have been removed"
+ );
+ Assert.equal(
+ await SiteDataTestUtils.getQuotaUsage(url),
+ 0,
+ "quota storage was deleted"
+ );
+ }
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+}
+
+/**
+ * Test that trackers are treated based on their base domain, not origin.
+ */
+async function testBaseDomain() {
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let associatedOrigins = [
+ "https://itisatracker.org",
+ "https://sub.itisatracker.org",
+ "https://www.itisatracker.org",
+ "https://sub.sub.sub.itisatracker.org",
+ "http://itisatracker.org",
+ "http://sub.itisatracker.org",
+ ];
+
+ for (let permissionOrigin of associatedOrigins) {
+ // Only one of the associated origins gets permission, but
+ // all should be exempt from purging.
+ PermissionTestUtils.add(
+ permissionOrigin,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ for (let origin of associatedOrigins) {
+ SiteDataTestUtils.addToCookies(origin);
+ }
+
+ // Add another tracker to verify we're actually purging.
+ SiteDataTestUtils.addToCookies(TRACKING_PAGE);
+
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ for (let origin of associatedOrigins) {
+ ok(
+ SiteDataTestUtils.hasCookies(origin),
+ `${origin} should have retained its cookies when permission is set for ${permissionOrigin}.`
+ );
+ }
+
+ ok(
+ !SiteDataTestUtils.hasCookies(TRACKING_PAGE),
+ "cookie is removed after purge with no storage access permission."
+ );
+
+ PermissionTestUtils.remove(permissionOrigin, "storageAccessAPI");
+ await SiteDataTestUtils.clear();
+ }
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+}
+
+/**
+ * Test that trackers are not cleared if they are associated
+ * with an entry on the entity list that has user interaction.
+ */
+async function testUserInteraction(ownerPage) {
+ Services.prefs.setBoolPref(
+ "privacy.purge_trackers.consider_entity_list",
+ true
+ );
+ // The test URL for the entity list for annotation is
+ // itisatrap.org/?resource=example.org, so we need to
+ // add example.org as a tracker.
+ Services.prefs.setCharPref(
+ "urlclassifier.trackingAnnotationTable.testEntries",
+ "example.org"
+ );
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ // example.org and itisatrap.org are hard coded test values on the entity list.
+ const RESOURCE_PAGE = "https://example.org";
+
+ PermissionTestUtils.add(
+ ownerPage,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ SiteDataTestUtils.addToCookies(RESOURCE_PAGE);
+
+ // Add another tracker to verify we're actually purging.
+ SiteDataTestUtils.addToCookies("https://another-tracking.example.net");
+
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ ok(
+ SiteDataTestUtils.hasCookies(RESOURCE_PAGE),
+ `${RESOURCE_PAGE} should have retained its cookies when permission is set for ${ownerPage}.`
+ );
+
+ ok(
+ !SiteDataTestUtils.hasCookies("https://another-tracking.example.net"),
+ "cookie is removed after purge with no storage access permission."
+ );
+
+ Services.prefs.setBoolPref(
+ "privacy.purge_trackers.consider_entity_list",
+ false
+ );
+
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ ok(
+ !SiteDataTestUtils.hasCookies(RESOURCE_PAGE),
+ `${RESOURCE_PAGE} should not have retained its cookies when permission is set for ${ownerPage} and the entity list pref is off.`
+ );
+
+ PermissionTestUtils.remove(ownerPage, "storageAccessAPI");
+ await SiteDataTestUtils.clear();
+
+ Services.prefs.clearUserPref("privacy.purge_trackers.consider_entity_list");
+ UrlClassifierTestUtils.cleanupTestTrackers();
+}
+
+/**
+ * Test that quota storage (even without cookies) is considered when purging trackers.
+ */
+async function testQuotaStorage() {
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let testCases = [
+ { localStorage: true, indexedDB: true },
+ { localStorage: false, indexedDB: true },
+ { localStorage: true, indexedDB: false },
+ ];
+
+ for (let { localStorage, indexedDB } of testCases) {
+ PermissionTestUtils.add(
+ TRACKING_PAGE,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ if (localStorage) {
+ for (let url of [
+ TRACKING_PAGE,
+ TRACKING_PAGE2,
+ BENIGN_PAGE,
+ FOREIGN_PAGE,
+ FOREIGN_PAGE2,
+ FOREIGN_PAGE3,
+ ]) {
+ SiteDataTestUtils.addToLocalStorage(url);
+ }
+ }
+
+ if (indexedDB) {
+ for (let url of [
+ TRACKING_PAGE,
+ TRACKING_PAGE2,
+ BENIGN_PAGE,
+ FOREIGN_PAGE,
+ FOREIGN_PAGE2,
+ FOREIGN_PAGE3,
+ ]) {
+ await SiteDataTestUtils.addToIndexedDB(url);
+ }
+ }
+
+ // Purge while storage access permission exists.
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ if (localStorage) {
+ ok(
+ SiteDataTestUtils.hasLocalStorage(TRACKING_PAGE),
+ "localStorage should not have been removed while storage access permission exists."
+ );
+ }
+
+ if (indexedDB) {
+ for (let url of [
+ TRACKING_PAGE,
+ TRACKING_PAGE2,
+ FOREIGN_PAGE,
+ FOREIGN_PAGE2,
+ FOREIGN_PAGE3,
+ ]) {
+ Assert.greater(
+ await SiteDataTestUtils.getQuotaUsage(url),
+ 0,
+ `We have data for ${url}`
+ );
+ }
+ }
+
+ // Run purge after storage access permission has been removed.
+ PermissionTestUtils.remove(TRACKING_PAGE, "storageAccessAPI");
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ if (localStorage) {
+ for (let url of [
+ BENIGN_PAGE,
+ FOREIGN_PAGE,
+ FOREIGN_PAGE2,
+ FOREIGN_PAGE3,
+ ]) {
+ ok(
+ SiteDataTestUtils.hasLocalStorage(url),
+ "localStorage should not have been removed for non-tracking page."
+ );
+ }
+ for (let url of [TRACKING_PAGE, TRACKING_PAGE2]) {
+ ok(
+ !SiteDataTestUtils.hasLocalStorage(url),
+ "localStorage should have been removed."
+ );
+ }
+ }
+
+ if (indexedDB) {
+ for (let url of [
+ BENIGN_PAGE,
+ FOREIGN_PAGE,
+ FOREIGN_PAGE2,
+ FOREIGN_PAGE3,
+ ]) {
+ Assert.greater(
+ await SiteDataTestUtils.getQuotaUsage(url),
+ 0,
+ "quota storage for non-tracking page was not deleted"
+ );
+ }
+
+ for (let url of [TRACKING_PAGE, TRACKING_PAGE2]) {
+ Assert.equal(
+ await SiteDataTestUtils.getQuotaUsage(url),
+ 0,
+ "quota storage was deleted"
+ );
+ }
+ }
+
+ await SiteDataTestUtils.clear();
+ }
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+}
+
+/**
+ * Test that we correctly delete cookies and storage for sites
+ * with an expired interaction permission.
+ */
+async function testExpiredInteractionPermission() {
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ PermissionTestUtils.add(
+ TRACKING_PAGE,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION,
+ Services.perms.EXPIRE_TIME,
+ Date.now() + 500
+ );
+
+ for (let url of [
+ TRACKING_PAGE,
+ TRACKING_PAGE2,
+ FOREIGN_PAGE,
+ FOREIGN_PAGE2,
+ FOREIGN_PAGE3,
+ ]) {
+ SiteDataTestUtils.addToLocalStorage(url);
+ SiteDataTestUtils.addToCookies(url);
+ await SiteDataTestUtils.addToIndexedDB(url);
+ }
+
+ // Purge while storage access permission exists.
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ for (let url of [
+ TRACKING_PAGE,
+ TRACKING_PAGE2,
+ FOREIGN_PAGE,
+ FOREIGN_PAGE2,
+ FOREIGN_PAGE3,
+ ]) {
+ ok(
+ SiteDataTestUtils.hasCookies(url),
+ "cookie remains while storage access permission exists."
+ );
+ ok(
+ SiteDataTestUtils.hasLocalStorage(url),
+ "localStorage should not have been removed while storage access permission exists."
+ );
+ Assert.greater(
+ await SiteDataTestUtils.getQuotaUsage(url),
+ 0,
+ `We have data for ${url}`
+ );
+ }
+
+ // Run purge after storage access permission has been removed.
+ // eslint-disable-next-line mozilla/no-arbitrary-setTimeout
+ await new Promise(c => setTimeout(c, 500));
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ // Cookie should have been removed.
+ for (let url of [TRACKING_PAGE, TRACKING_PAGE2]) {
+ ok(
+ !SiteDataTestUtils.hasCookies(url),
+ "cookie is removed after purge with no storage access permission."
+ );
+ ok(
+ !SiteDataTestUtils.hasLocalStorage(url),
+ "localStorage should not have been removed while storage access permission exists."
+ );
+ Assert.equal(
+ await SiteDataTestUtils.getQuotaUsage(url),
+ 0,
+ "quota storage was deleted"
+ );
+ }
+
+ // Cookie should not have been removed.
+ for (let url of [FOREIGN_PAGE, FOREIGN_PAGE2, FOREIGN_PAGE3]) {
+ ok(
+ SiteDataTestUtils.hasCookies(url),
+ "cookie remains while storage access permission exists."
+ );
+ ok(
+ SiteDataTestUtils.hasLocalStorage(url),
+ "localStorage should not have been removed while storage access permission exists."
+ );
+ }
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+}
+
+add_task(async function() {
+ const cookieBehaviors = [
+ Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN,
+ Ci.nsICookieService.BEHAVIOR_LIMIT_FOREIGN,
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER,
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+ ];
+
+ for (let cookieBehavior of cookieBehaviors) {
+ await setupTest(cookieBehavior);
+ await testIndexedDBAndLocalStorage();
+ await testBaseDomain();
+ // example.org and itisatrap.org are hard coded test values on the entity list.
+ await testUserInteraction("https://itisatrap.org");
+ await testUserInteraction(
+ "https://itisatrap.org^firstPartyDomain=example.net"
+ );
+ await testQuotaStorage();
+ await testExpiredInteractionPermission();
+ }
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_purge_trackers_telemetry.js b/toolkit/components/antitracking/test/xpcshell/test_purge_trackers_telemetry.js
new file mode 100644
index 0000000000..145c311e33
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_purge_trackers_telemetry.js
@@ -0,0 +1,175 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+const TRACKING_PAGE = "https://tracking.example.org";
+const BENIGN_PAGE = "https://example.com";
+
+const { UrlClassifierTestUtils } = ChromeUtils.import(
+ "resource://testing-common/UrlClassifierTestUtils.jsm"
+);
+const { SiteDataTestUtils } = ChromeUtils.import(
+ "resource://testing-common/SiteDataTestUtils.jsm"
+);
+const { PermissionTestUtils } = ChromeUtils.import(
+ "resource://testing-common/PermissionTestUtils.jsm"
+);
+const { TelemetryTestUtils } = ChromeUtils.import(
+ "resource://testing-common/TelemetryTestUtils.jsm"
+);
+
+XPCOMUtils.defineLazyServiceGetter(
+ this,
+ "PurgeTrackerService",
+ "@mozilla.org/purge-tracker-service;1",
+ "nsIPurgeTrackerService"
+);
+
+add_task(async function setup() {
+ Services.prefs.setIntPref(
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER
+ );
+ Services.prefs.setBoolPref("privacy.purge_trackers.enabled", true);
+ Services.prefs.setStringPref(
+ "urlclassifier.trackingAnnotationTable.testEntries",
+ "tracking.example.org"
+ );
+ Services.prefs.setBoolPref(
+ "toolkit.telemetry.testing.overrideProductsCheck",
+ true
+ );
+
+ // Enables us to test localStorage in xpcshell.
+ Services.prefs.setBoolPref("dom.storage.client_validation", false);
+});
+
+/**
+ * Test telemetry for cookie purging.
+ */
+add_task(async function() {
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ let FIVE_DAYS = 5 * 24 * 60 * 60 * 1000;
+
+ PermissionTestUtils.add(
+ TRACKING_PAGE,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION,
+ Services.perms.EXPIRE_TIME,
+ Date.now() + FIVE_DAYS
+ );
+
+ SiteDataTestUtils.addToLocalStorage(TRACKING_PAGE);
+ SiteDataTestUtils.addToCookies(BENIGN_PAGE);
+ SiteDataTestUtils.addToCookies(TRACKING_PAGE);
+ await SiteDataTestUtils.addToIndexedDB(TRACKING_PAGE);
+
+ let purgedHistogram = TelemetryTestUtils.getAndClearHistogram(
+ "COOKIE_PURGING_ORIGINS_PURGED"
+ );
+ let notPurgedHistogram = TelemetryTestUtils.getAndClearHistogram(
+ "COOKIE_PURGING_TRACKERS_WITH_USER_INTERACTION"
+ );
+ let remainingDaysHistogram = TelemetryTestUtils.getAndClearHistogram(
+ "COOKIE_PURGING_TRACKERS_USER_INTERACTION_REMAINING_DAYS"
+ );
+ let intervalHistogram = TelemetryTestUtils.getAndClearHistogram(
+ "COOKIE_PURGING_INTERVAL_HOURS"
+ );
+
+ // Purge while storage access permission exists.
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ ok(
+ SiteDataTestUtils.hasCookies(TRACKING_PAGE),
+ "cookie remains while storage access permission exists."
+ );
+ ok(
+ SiteDataTestUtils.hasLocalStorage(TRACKING_PAGE),
+ "localStorage should not have been removed while storage access permission exists."
+ );
+ Assert.greater(
+ await SiteDataTestUtils.getQuotaUsage(TRACKING_PAGE),
+ 0,
+ `We have data for ${TRACKING_PAGE}`
+ );
+
+ TelemetryTestUtils.assertHistogram(purgedHistogram, 0, 1);
+ TelemetryTestUtils.assertHistogram(notPurgedHistogram, 1, 1);
+ TelemetryTestUtils.assertHistogram(remainingDaysHistogram, 4, 2);
+ TelemetryTestUtils.assertHistogram(intervalHistogram, 0, 1);
+
+ purgedHistogram = TelemetryTestUtils.getAndClearHistogram(
+ "COOKIE_PURGING_ORIGINS_PURGED"
+ );
+ notPurgedHistogram = TelemetryTestUtils.getAndClearHistogram(
+ "COOKIE_PURGING_TRACKERS_WITH_USER_INTERACTION"
+ );
+ intervalHistogram = TelemetryTestUtils.getAndClearHistogram(
+ "COOKIE_PURGING_INTERVAL_HOURS"
+ );
+
+ // Run purge after storage access permission has been removed.
+ PermissionTestUtils.remove(TRACKING_PAGE, "storageAccessAPI");
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ ok(
+ SiteDataTestUtils.hasCookies(BENIGN_PAGE),
+ "A non-tracking page should retain cookies after purging"
+ );
+
+ // Cookie should have been removed.
+ ok(
+ !SiteDataTestUtils.hasCookies(TRACKING_PAGE),
+ "cookie is removed after purge with no storage access permission."
+ );
+ ok(
+ !SiteDataTestUtils.hasLocalStorage(TRACKING_PAGE),
+ "localStorage should not have been removed while storage access permission exists."
+ );
+ Assert.equal(
+ await SiteDataTestUtils.getQuotaUsage(TRACKING_PAGE),
+ 0,
+ "quota storage was deleted"
+ );
+
+ TelemetryTestUtils.assertHistogram(purgedHistogram, 1, 1);
+ Assert.equal(
+ notPurgedHistogram.snapshot().sum,
+ 0,
+ "no origins with user interaction"
+ );
+ TelemetryTestUtils.assertHistogram(intervalHistogram, 0, 1);
+
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+/**
+ * Test counting correctly across cookies batches
+ */
+add_task(async function() {
+ await UrlClassifierTestUtils.addTestTrackers();
+
+ // Enforce deleting the same origin twice by adding two cookies and setting
+ // the max number of cookies per batch to 1.
+ SiteDataTestUtils.addToCookies(TRACKING_PAGE, "cookie1");
+ SiteDataTestUtils.addToCookies(TRACKING_PAGE, "cookie2");
+ Services.prefs.setIntPref("privacy.purge_trackers.max_purge_count", 1);
+
+ let purgedHistogram = TelemetryTestUtils.getAndClearHistogram(
+ "COOKIE_PURGING_ORIGINS_PURGED"
+ );
+
+ await PurgeTrackerService.purgeTrackingCookieJars();
+
+ // Cookie should have been removed.
+ await TestUtils.waitForCondition(
+ () => !SiteDataTestUtils.hasCookies(TRACKING_PAGE),
+ "cookie is removed after purge."
+ );
+
+ TelemetryTestUtils.assertHistogram(purgedHistogram, 1, 1);
+
+ Services.prefs.clearUserPref("privacy.purge_trackers.max_purge_count");
+ UrlClassifierTestUtils.cleanupTestTrackers();
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_rejectForeignAllowList.js b/toolkit/components/antitracking/test/xpcshell/test_rejectForeignAllowList.js
new file mode 100644
index 0000000000..e2aa4b1f01
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_rejectForeignAllowList.js
@@ -0,0 +1,128 @@
+"use strict";
+
+var { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
+
+const { RemoteSettings } = ChromeUtils.import(
+ "resource://services-settings/remote-settings.js"
+);
+
+do_get_profile();
+
+// Let's use AddonTestUtils and ExtensionTestUtils to open/close tabs.
+var { AddonTestUtils, MockAsyncShutdown } = ChromeUtils.import(
+ "resource://testing-common/AddonTestUtils.jsm"
+);
+
+// eslint-disable-next-line no-unused-vars
+XPCOMUtils.defineLazyModuleGetters(this, {
+ ExtensionTestUtils: "resource://testing-common/ExtensionXPCShellUtils.jsm",
+});
+
+ExtensionTestUtils.init(this);
+
+var createHttpServer = (...args) => {
+ AddonTestUtils.maybeInit(this);
+ return AddonTestUtils.createHttpServer(...args);
+};
+
+const server = createHttpServer({
+ hosts: ["3rdparty.org", "4thparty.org", "foobar.com"],
+});
+
+async function testThings(prefValue, expected) {
+ await new Promise(resolve =>
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_ALL_CACHES,
+ resolve
+ )
+ );
+
+ Services.prefs.setCharPref("privacy.rejectForeign.allowList", prefValue);
+
+ let cookiePromise = new Promise(resolve => {
+ server.registerPathHandler("/test3rdPartyChannel", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html; charset=utf-8", false);
+ response.write(`<html><img src="http://3rdparty.org/img" /></html>`);
+ });
+
+ server.registerPathHandler("/img", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ resolve(request.hasHeader("Cookie") ? request.getHeader("Cookie") : "");
+ response.setHeader("Content-Type", "image/png", false);
+ response.write("Not an image");
+ });
+ });
+
+ // Let's load 3rdparty.org as a 3rd-party.
+ let contentPage = await ExtensionTestUtils.loadContentPage(
+ "http://foobar.com/test3rdPartyChannel"
+ );
+ Assert.equal(await cookiePromise, expected, "Cookies received?");
+ await contentPage.close();
+
+ cookiePromise = new Promise(resolve => {
+ server.registerPathHandler("/test3rdPartyDocument", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html; charset=utf-8", false);
+ response.write(
+ `<html><iframe src="http://3rdparty.org/iframe" /></html>`
+ );
+ });
+
+ server.registerPathHandler("/iframe", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ resolve(request.hasHeader("Cookie") ? request.getHeader("Cookie") : "");
+ response.setHeader("Content-Type", "text/html; charset=utf-8", false);
+ response.write(`<html><img src="http://4thparty.org/img" /></html>`);
+ });
+
+ server.registerPathHandler("/img", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ resolve(request.hasHeader("Cookie") ? request.getHeader("Cookie") : "");
+ response.setHeader("Content-Type", "image/png", false);
+ response.write("Not an image");
+ });
+ });
+
+ // Let's load 3rdparty.org loading a 4th-party.
+ contentPage = await ExtensionTestUtils.loadContentPage(
+ "http://foobar.com/test3rdPartyDocument"
+ );
+ Assert.equal(await cookiePromise, expected, "Cookies received?");
+ await contentPage.close();
+}
+
+add_task(async function test_rejectForeignAllowList() {
+ Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
+ Services.prefs.setBoolPref(
+ "network.cookie.rejectForeignWithExceptions.enabled",
+ true
+ );
+
+ // We don't want to have 'secure' cookies because our test http server doesn't run in https.
+ Services.prefs.setBoolPref(
+ "network.cookie.sameSite.noneRequiresSecure",
+ false
+ );
+
+ server.registerPathHandler("/setCookies", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html; charset=utf-8", false);
+ response.setHeader("Set-Cookie", "cookie=wow; sameSite=none", true);
+ response.write("<html></html>");
+ });
+
+ // Let's set a cookie.
+ let contentPage = await ExtensionTestUtils.loadContentPage(
+ "http://3rdparty.org/setCookies"
+ );
+ await contentPage.close();
+ Assert.equal(Services.cookies.cookies.length, 1);
+
+ // Without exceptionlisting, no cookies should be shared.
+ await testThings("", "");
+
+ // Let's exceptionlist 3rdparty.org
+ await testThings("3rdparty.org", "cookie=wow");
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_staticPartition_authhttp.js b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_authhttp.js
new file mode 100644
index 0000000000..563f16969b
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_authhttp.js
@@ -0,0 +1,140 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+"use strict";
+
+const { NetUtil } = ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
+
+const { CookieXPCShellUtils } = ChromeUtils.import(
+ "resource://testing-common/CookieXPCShellUtils.jsm"
+);
+
+CookieXPCShellUtils.init(this);
+
+function Requestor() {}
+Requestor.prototype = {
+ QueryInterface: ChromeUtils.generateQI([
+ "nsIInterfaceRequestor",
+ "nsIAuthPrompt2",
+ ]),
+
+ getInterface(iid) {
+ if (iid.equals(Ci.nsIAuthPrompt2)) {
+ return this;
+ }
+
+ throw Components.Exception("", Cr.NS_ERROR_NO_INTERFACE);
+ },
+
+ promptAuth(channel, level, authInfo) {
+ Assert.equal("secret", authInfo.realm);
+ // No passwords in the URL -> nothing should be prefilled
+ Assert.equal(authInfo.username, "");
+ Assert.equal(authInfo.password, "");
+ Assert.equal(authInfo.domain, "");
+
+ authInfo.username = "guest";
+ authInfo.password = "guest";
+
+ return true;
+ },
+
+ asyncPromptAuth(chan, cb, ctx, lvl, info) {
+ throw Components.Exception("", Cr.NS_ERROR_NOT_IMPLEMENTED);
+ },
+};
+
+let observer = channel => {
+ if (
+ !(channel instanceof Ci.nsIHttpChannel && channel.URI.host === "localhost")
+ ) {
+ return;
+ }
+ channel.notificationCallbacks = new Requestor();
+};
+Services.obs.addObserver(observer, "http-on-modify-request");
+
+function makeChan(url, loadingUrl) {
+ var principal = Services.scriptSecurityManager.createContentPrincipal(
+ Services.io.newURI(loadingUrl),
+ {}
+ );
+ return NetUtil.newChannel({
+ uri: url,
+ loadingPrincipal: principal,
+ securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+ contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
+ });
+}
+
+add_task(async () => {
+ do_get_profile();
+
+ Services.prefs.setBoolPref("network.predictor.enabled", false);
+ Services.prefs.setBoolPref("network.predictor.enable-prefetch", false);
+ Services.prefs.setBoolPref("network.http.rcwn.enabled", false);
+ Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
+ Services.prefs.setIntPref("network.auth.subresource-http-auth-allow", 2);
+
+ for (let test of [true, false]) {
+ Cc["@mozilla.org/network/http-auth-manager;1"]
+ .getService(Ci.nsIHttpAuthManager)
+ .clearAll();
+
+ await new Promise(resolve =>
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve)
+ );
+
+ info("Enabling network state partitioning");
+ Services.prefs.setBoolPref("privacy.partition.network_state", test);
+
+ const httpserv = new HttpServer();
+ httpserv.registerPathHandler("/auth", (metadata, response) => {
+ // btoa("guest:guest"), but that function is not available here
+ const expectedHeader = "Basic Z3Vlc3Q6Z3Vlc3Q=";
+
+ let body;
+ if (
+ metadata.hasHeader("Authorization") &&
+ metadata.getHeader("Authorization") == expectedHeader
+ ) {
+ response.setStatusLine(metadata.httpVersion, 200, "OK, authorized");
+ response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);
+
+ body = "success";
+ } else {
+ // didn't know guest:guest, failure
+ response.setStatusLine(metadata.httpVersion, 401, "Unauthorized");
+ response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);
+
+ body = "failed";
+ }
+
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ httpserv.start(-1);
+ const URL = "http://localhost:" + httpserv.identity.primaryPort;
+
+ const httpHandler = Cc[
+ "@mozilla.org/network/protocol;1?name=http"
+ ].getService(Ci.nsIHttpProtocolHandler);
+
+ const contentPage = await CookieXPCShellUtils.loadContentPage(
+ URL + "/auth?r=" + Math.random()
+ );
+ await contentPage.close();
+
+ let key;
+ if (test) {
+ key = `^partitionKey=%28http%2Clocalhost%2C${httpserv.identity.primaryPort}%29:http://localhost:${httpserv.identity.primaryPort}`;
+ } else {
+ key = `:http://localhost:${httpserv.identity.primaryPort}`;
+ }
+
+ Assert.equal(httpHandler.authCacheKeys.includes(key), true, "Key found!");
+
+ await new Promise(resolve => httpserv.stop(resolve));
+ }
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_staticPartition_font.js b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_font.js
new file mode 100644
index 0000000000..721f50e7dc
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_font.js
@@ -0,0 +1,112 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+const { CookieXPCShellUtils } = ChromeUtils.import(
+ "resource://testing-common/CookieXPCShellUtils.jsm"
+);
+
+CookieXPCShellUtils.init(this);
+
+let gHits = 0;
+
+add_task(async function() {
+ do_get_profile();
+
+ info("Disable predictor and accept all");
+ Services.prefs.setBoolPref("network.predictor.enabled", false);
+ Services.prefs.setBoolPref("network.predictor.enable-prefetch", false);
+ Services.prefs.setBoolPref("network.http.rcwn.enabled", false);
+ Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
+
+ const server = CookieXPCShellUtils.createServer({
+ hosts: ["example.org", "foo.com", "bar.com"],
+ });
+
+ server.registerFile(
+ "/font.woff",
+ do_get_file("data/font.woff"),
+ (_, response) => {
+ response.setHeader("Access-Control-Allow-Origin", "*", false);
+ gHits++;
+ }
+ );
+
+ server.registerPathHandler("/font", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ let body = `
+ <style type="text/css">
+ @font-face {
+ font-family: foo;
+ src: url("http://example.org/font.woff") format('woff');
+ }
+ body { font-family: foo }
+ </style>
+ <iframe src="http://example.org/font-iframe">
+ </iframe>`;
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ server.registerPathHandler("/font-iframe", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ let body = `
+ <style type="text/css">
+ @font-face {
+ font-family: foo;
+ src: url("http://example.org/font.woff") format('woff');
+ }
+ body { font-family: foo }
+ </style>`;
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ const tests = [
+ {
+ prefValue: true,
+ hitsCount: 5,
+ },
+ {
+ prefValue: false,
+ // The font in page B/C is CORS, the channel will be flagged with
+ // nsIRequest::LOAD_ANONYMOUS.
+ // The flag makes the font in A and B/C use different cache key.
+ hitsCount: 2,
+ },
+ ];
+
+ for (let test of tests) {
+ info("Clear network caches");
+ Services.cache2.clear();
+
+ info("Reset the hits count");
+ gHits = 0;
+
+ info("Enabling network state partitioning");
+ Services.prefs.setBoolPref(
+ "privacy.partition.network_state",
+ test.prefValue
+ );
+
+ info("Let's load a page with origin A");
+ let contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://example.org/font"
+ );
+ await contentPage.close();
+
+ info("Let's load a page with origin B");
+ contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://foo.com/font"
+ );
+ await contentPage.close();
+
+ info("Let's load a page with origin C");
+ contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://bar.com/font"
+ );
+ await contentPage.close();
+
+ Assert.equal(gHits, test.hitsCount, "The number of hits match");
+ }
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_staticPartition_image.js b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_image.js
new file mode 100644
index 0000000000..c8a8238cc2
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_image.js
@@ -0,0 +1,85 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+const { CookieXPCShellUtils } = ChromeUtils.import(
+ "resource://testing-common/CookieXPCShellUtils.jsm"
+);
+
+CookieXPCShellUtils.init(this);
+
+let gHits = 0;
+
+add_task(async function() {
+ do_get_profile();
+
+ info("Disable predictor and accept all");
+ Services.prefs.setBoolPref("network.predictor.enabled", false);
+ Services.prefs.setBoolPref("network.predictor.enable-prefetch", false);
+ Services.prefs.setBoolPref("network.http.rcwn.enabled", false);
+ Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
+
+ const server = CookieXPCShellUtils.createServer({
+ hosts: ["example.org", "foo.com"],
+ });
+ server.registerPathHandler("/image.png", (metadata, response) => {
+ gHits++;
+ response.setHeader("Cache-Control", "max-age=10000", false);
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "image/png", false);
+ var body =
+ "iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAIAAADZSiLoAAAAEUlEQVQImWP4z8AAQTAamQkAhpcI+DeMzFcAAAAASUVORK5CYII=";
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ server.registerPathHandler("/image", (metadata, response) => {
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ var body = `<img src="http://example.org/image.png">`;
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ const tests = [
+ {
+ prefValue: true,
+ hitsCount: 2,
+ },
+ {
+ prefValue: false,
+ hitsCount: 1,
+ },
+ ];
+
+ for (let test of tests) {
+ info("Clear image and network caches");
+ let imageCache = Cc["@mozilla.org/image/tools;1"]
+ .getService(Ci.imgITools)
+ .getImgCacheForDocument(null);
+ imageCache.clearCache(true); // true=chrome
+ imageCache.clearCache(false); // false=content
+ Services.cache2.clear();
+
+ info("Reset the hits count");
+ gHits = 0;
+
+ info("Enabling network state partitioning");
+ Services.prefs.setBoolPref(
+ "privacy.partition.network_state",
+ test.prefValue
+ );
+
+ info("Let's load a page with origin A");
+ let contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://example.org/image"
+ );
+ await contentPage.close();
+
+ info("Let's load a page with origin B");
+ contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://foo.com/image"
+ );
+ await contentPage.close();
+
+ Assert.equal(gHits, test.hitsCount, "The number of hits match");
+ }
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_staticPartition_prefetch.js b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_prefetch.js
new file mode 100644
index 0000000000..a786a7e1ce
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_prefetch.js
@@ -0,0 +1,175 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+"use strict";
+
+const { NetUtil } = ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
+
+const { CookieXPCShellUtils } = ChromeUtils.import(
+ "resource://testing-common/CookieXPCShellUtils.jsm"
+);
+
+let gHints = 0;
+
+CookieXPCShellUtils.init(this);
+
+function countMatchingCacheEntries(cacheEntries, domain, path) {
+ return cacheEntries
+ .map(entry => entry.uri.asciiSpec)
+ .filter(spec => spec.includes(domain))
+ .filter(spec => spec.includes(path)).length;
+}
+
+async function checkCache(originAttributes) {
+ const loadContextInfo = Services.loadContextInfo.custom(
+ false,
+ originAttributes
+ );
+
+ const data = await new Promise(resolve => {
+ let cacheEntries = [];
+ let cacheVisitor = {
+ onCacheStorageInfo(num, consumption) {},
+ onCacheEntryInfo(uri, idEnhance) {
+ cacheEntries.push({ uri, idEnhance });
+ },
+ onCacheEntryVisitCompleted() {
+ resolve(cacheEntries);
+ },
+ QueryInterface: ChromeUtils.generateQI(["nsICacheStorageVisitor"]),
+ };
+ // Visiting the disk cache also visits memory storage so we do not
+ // need to use Services.cache2.memoryCacheStorage() here.
+ let storage = Services.cache2.diskCacheStorage(loadContextInfo, false);
+ storage.asyncVisitStorage(cacheVisitor, true);
+ });
+
+ let foundEntryCount = countMatchingCacheEntries(
+ data,
+ "example.org",
+ "image.png"
+ );
+ ok(
+ foundEntryCount > 0,
+ `Cache entries expected for image.png and OA=${originAttributes}`
+ );
+}
+
+add_task(async () => {
+ do_get_profile();
+
+ Services.prefs.setBoolPref("network.prefetch-next", true);
+ Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
+
+ const server = CookieXPCShellUtils.createServer({
+ hosts: ["example.org", "foo.com"],
+ });
+
+ server.registerPathHandler("/image.png", (metadata, response) => {
+ gHints++;
+ response.setHeader("Cache-Control", "max-age=10000", false);
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "image/png", false);
+ var body =
+ "iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAIAAADZSiLoAAAAEUlEQVQImWP4z8AAQTAamQkAhpcI+DeMzFcAAAAASUVORK5CYII=";
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ server.registerPathHandler("/prefetch", (metadata, response) => {
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ var body = `<html><head></head><body><script>
+ const link = document.createElement("link")
+ link.setAttribute("rel", "prefetch");
+ link.setAttribute("href", "http://example.org/image.png");
+ document.head.appendChild(link);
+ link.onload = () => {
+ const img = document.createElement("IMG");
+ img.src = "http://example.org/image.png";
+ document.body.appendChild(img);
+ fetch("/done").then(() => {});
+ }
+ </script></body></html>`;
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ const tests = [
+ {
+ // 2 hints because we have 2 different top-level origins, loading the
+ // same resource. This will end up creating 2 separate cache entries.
+ hints: 2,
+ originAttributes: { partitionKey: "(http,example.org)" },
+ prefValue: true,
+ },
+ {
+ // 1 hint because, with network-state isolation, the cache entry will be
+ // reused for the second loading, even if the top-level origins are
+ // different.
+ hints: 1,
+ originAttributes: {},
+ prefValue: false,
+ },
+ ];
+
+ for (let test of tests) {
+ await new Promise(resolve =>
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve)
+ );
+
+ info("Reset the counter");
+ gHints = 0;
+
+ info("Enabling network state partitioning");
+ Services.prefs.setBoolPref(
+ "privacy.partition.network_state",
+ test.prefValue
+ );
+
+ let complete = new Promise(resolve => {
+ server.registerPathHandler("/done", (metadata, response) => {
+ response.setHeader("Cache-Control", "max-age=10000", false);
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ var body = "OK";
+ response.bodyOutputStream.write(body, body.length);
+ resolve();
+ });
+ });
+
+ info("Let's load a page with origin A");
+ let contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://example.org/prefetch"
+ );
+
+ await complete;
+ await checkCache(test.originAttributes);
+ await contentPage.close();
+
+ complete = new Promise(resolve => {
+ server.registerPathHandler("/done", (metadata, response) => {
+ response.setHeader("Cache-Control", "max-age=10000", false);
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ var body = "OK";
+ response.bodyOutputStream.write(body, body.length);
+ resolve();
+ });
+ });
+
+ info("Let's load a page with origin B");
+ contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://foo.com/prefetch"
+ );
+
+ await complete;
+ await checkCache(test.originAttributes);
+ await contentPage.close();
+
+ Assert.equal(
+ gHints,
+ test.hints,
+ "We have the current number of requests with pref " + test.prefValue
+ );
+ }
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_staticPartition_preload.js b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_preload.js
new file mode 100644
index 0000000000..da6dcc7ef4
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_staticPartition_preload.js
@@ -0,0 +1,189 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+"use strict";
+
+const { NetUtil } = ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
+
+const { CookieXPCShellUtils } = ChromeUtils.import(
+ "resource://testing-common/CookieXPCShellUtils.jsm"
+);
+
+let gHints = 0;
+
+CookieXPCShellUtils.init(this);
+
+function countMatchingCacheEntries(cacheEntries, domain, path) {
+ return cacheEntries
+ .map(entry => entry.uri.asciiSpec)
+ .filter(spec => spec.includes(domain))
+ .filter(spec => spec.includes(path)).length;
+}
+
+async function checkCache(originAttributes) {
+ const loadContextInfo = Services.loadContextInfo.custom(
+ false,
+ originAttributes
+ );
+
+ const data = await new Promise(resolve => {
+ let cacheEntries = [];
+ let cacheVisitor = {
+ onCacheStorageInfo(num, consumption) {},
+ onCacheEntryInfo(uri, idEnhance) {
+ cacheEntries.push({ uri, idEnhance });
+ },
+ onCacheEntryVisitCompleted() {
+ resolve(cacheEntries);
+ },
+ QueryInterface: ChromeUtils.generateQI(["nsICacheStorageVisitor"]),
+ };
+ // Visiting the disk cache also visits memory storage so we do not
+ // need to use Services.cache2.memoryCacheStorage() here.
+ let storage = Services.cache2.diskCacheStorage(loadContextInfo, false);
+ storage.asyncVisitStorage(cacheVisitor, true);
+ });
+
+ let foundEntryCount = countMatchingCacheEntries(
+ data,
+ "example.org",
+ "style.css"
+ );
+ ok(
+ foundEntryCount > 0,
+ `Cache entries expected for style.css and OA=${originAttributes}`
+ );
+}
+
+add_task(async () => {
+ do_get_profile();
+
+ Services.prefs.setBoolPref("network.preload", true);
+ Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
+
+ const server = CookieXPCShellUtils.createServer({
+ hosts: ["example.org", "foo.com"],
+ });
+
+ server.registerPathHandler("/empty", (metadata, response) => {
+ var body = "<h1>Hello!</h1>";
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ server.registerPathHandler("/style.css", (metadata, response) => {
+ gHints++;
+ response.setHeader("Cache-Control", "max-age=10000", false);
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Access-Control-Allow-Origin", "*", false);
+ var body = "* { color: red }";
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ server.registerPathHandler("/preload", (metadata, response) => {
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ var body = `<html><head></head><body><script>
+ const link = document.createElement("link")
+ link.setAttribute("rel", "preload");
+ link.setAttribute("as", "style");
+ link.setAttribute("href", "http://example.org/style.css");
+ document.head.appendChild(link);
+ link.onload = () => {
+ fetch("/done").then(() => {});
+ };
+ </script></body></html>`;
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ const tests = [
+ {
+ // 2 hints because we have 2 different top-level origins, loading the
+ // same resource. This will end up creating 2 separate cache entries.
+ hints: 2,
+ prefValue: true,
+ originAttributes: { partitionKey: "(http,example.org)" },
+ },
+ {
+ // 1 hint because, with network-state isolation, the cache entry will be
+ // reused for the second loading, even if the top-level origins are
+ // different.
+ hints: 1,
+ originAttributes: {},
+ prefValue: false,
+ },
+ ];
+
+ for (let test of tests) {
+ await new Promise(resolve =>
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve)
+ );
+
+ info("Reset the shared sheets");
+ let contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://example.org/empty"
+ );
+
+ await contentPage.spawn(null, () =>
+ // eslint-disable-next-line no-undef
+ content.windowUtils.clearSharedStyleSheetCache()
+ );
+
+ await contentPage.close();
+
+ info("Reset the counter");
+ gHints = 0;
+
+ info("Enabling network state partitioning");
+ Services.prefs.setBoolPref(
+ "privacy.partition.network_state",
+ test.prefValue
+ );
+
+ let complete = new Promise(resolve => {
+ server.registerPathHandler("/done", (metadata, response) => {
+ response.setHeader("Cache-Control", "max-age=10000", false);
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ var body = "OK";
+ response.bodyOutputStream.write(body, body.length);
+ resolve();
+ });
+ });
+
+ info("Let's load a page with origin A");
+ contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://example.org/preload"
+ );
+
+ await complete;
+ await checkCache(test.originAttributes);
+ await contentPage.close();
+
+ complete = new Promise(resolve => {
+ server.registerPathHandler("/done", (metadata, response) => {
+ response.setHeader("Cache-Control", "max-age=10000", false);
+ response.setStatusLine(metadata.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ var body = "OK";
+ response.bodyOutputStream.write(body, body.length);
+ resolve();
+ });
+ });
+
+ info("Let's load a page with origin B");
+ contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://foo.com/preload"
+ );
+
+ await complete;
+ await checkCache(test.originAttributes);
+ await contentPage.close();
+
+ Assert.equal(
+ gHints,
+ test.hints,
+ "We have the current number of requests with pref " + test.prefValue
+ );
+ }
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_tracking_db_service.js b/toolkit/components/antitracking/test/xpcshell/test_tracking_db_service.js
new file mode 100644
index 0000000000..2c7e0011d6
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_tracking_db_service.js
@@ -0,0 +1,476 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Note: This test may cause intermittents if run at exactly midnight.
+
+"use strict";
+
+const { OS } = ChromeUtils.import("resource://gre/modules/osfile.jsm");
+const { Sqlite } = ChromeUtils.import("resource://gre/modules/Sqlite.jsm");
+XPCOMUtils.defineLazyServiceGetter(
+ this,
+ "TrackingDBService",
+ "@mozilla.org/tracking-db-service;1",
+ "nsITrackingDBService"
+);
+
+XPCOMUtils.defineLazyGetter(this, "DB_PATH", function() {
+ return OS.Path.join(OS.Constants.Path.profileDir, "protections.sqlite");
+});
+
+const SQL = {
+ insertCustomTimeEvent:
+ "INSERT INTO events (type, count, timestamp)" +
+ "VALUES (:type, :count, date(:timestamp));",
+
+ selectAllEntriesOfType: "SELECT * FROM events WHERE type = :type;",
+
+ selectAll: "SELECT * FROM events",
+};
+
+// Emulate the content blocking log. We do not record the url key, nor
+// do we use the aggregated event number (the last element in the array).
+const LOG = {
+ "https://1.example.com": [
+ [Ci.nsIWebProgressListener.STATE_BLOCKED_TRACKING_CONTENT, true, 1],
+ ],
+ "https://2.example.com": [
+ [Ci.nsIWebProgressListener.STATE_BLOCKED_FINGERPRINTING_CONTENT, true, 1],
+ ],
+ "https://3.example.com": [
+ [Ci.nsIWebProgressListener.STATE_BLOCKED_CRYPTOMINING_CONTENT, true, 2],
+ ],
+ "https://4.example.com": [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, true, 3],
+ ],
+ "https://5.example.com": [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_TRACKER, true, 1],
+ ],
+ // Cookie blocked for other reason, then identified as a tracker
+ "https://6.example.com": [
+ [
+ Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_ALL |
+ Ci.nsIWebProgressListener.STATE_LOADED_LEVEL_1_TRACKING_CONTENT,
+ true,
+ 4,
+ ],
+ ],
+ "https://7.example.com": [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_SOCIALTRACKER, true, 1],
+ ],
+ "https://8.example.com": [
+ [Ci.nsIWebProgressListener.STATE_BLOCKED_SOCIALTRACKING_CONTENT, true, 1],
+ ],
+
+ // The contents below should not add to the database.
+ // Cookie loaded but not blocked.
+ "https://10.example.com": [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_LOADED, true, 1],
+ ],
+ // Tracker cookie loaded but not blocked.
+ "https://11.unblocked.example.com": [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_LOADED_TRACKER, true, 1],
+ ],
+ // Social tracker cookie loaded but not blocked.
+ "https://12.example.com": [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_LOADED_SOCIALTRACKER, true, 1],
+ ],
+ // Cookie blocked for other reason (not a tracker)
+ "https://13.example.com": [
+ [Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_BY_PERMISSION, true, 2],
+ ],
+ // Fingerprinters set to block, but this one has an exception
+ "https://14.example.com": [
+ [Ci.nsIWebProgressListener.STATE_BLOCKED_FINGERPRINTING_CONTENT, false, 1],
+ ],
+};
+
+do_get_profile();
+
+Services.prefs.setBoolPref("browser.contentblocking.database.enabled", true);
+Services.prefs.setBoolPref(
+ "privacy.socialtracking.block_cookies.enabled",
+ true
+);
+Services.prefs.setBoolPref(
+ "browser.contentblocking.cfr-milestone.enabled",
+ true
+);
+Services.prefs.setIntPref(
+ "browser.contentblocking.cfr-milestone.update-interval",
+ 0
+);
+Services.prefs.setStringPref(
+ "browser.contentblocking.cfr-milestone.milestones",
+ "[1000, 5000, 10000, 25000, 100000, 500000]"
+);
+
+registerCleanupFunction(() => {
+ Services.prefs.clearUserPref("browser.contentblocking.database.enabled");
+ Services.prefs.clearUserPref("privacy.socialtracking.block_cookies.enabled");
+ Services.prefs.clearUserPref("browser.contentblocking.cfr-milestone.enabled");
+ Services.prefs.clearUserPref(
+ "browser.contentblocking.cfr-milestone.update-interval"
+ );
+ Services.prefs.clearUserPref(
+ "browser.contentblocking.cfr-milestone.milestones"
+ );
+});
+
+// This tests that data is added successfully, different types of events should get
+// their own entries, when the type is the same they should be aggregated. Events
+// that are not blocking events should not be recorded. Cookie blocking events
+// should only be recorded if we can identify the cookie as a tracking cookie.
+add_task(async function test_save_and_delete() {
+ await TrackingDBService.saveEvents(JSON.stringify(LOG));
+
+ // Peek in the DB to make sure we have the right data.
+ let db = await Sqlite.openConnection({ path: DB_PATH });
+ // Make sure the items table was created.
+ ok(await db.tableExists("events"), "events table exists");
+
+ // make sure we have the correct contents in the database
+ let rows = await db.execute(SQL.selectAll);
+ equal(
+ rows.length,
+ 5,
+ "Events that should not be saved have not been, length is 4"
+ );
+ rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.TRACKERS_ID,
+ });
+ equal(rows.length, 1, "Only one day has had tracker entries, length is 1");
+ let count = rows[0].getResultByName("count");
+ equal(count, 1, "there is only one tracker entry");
+
+ rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.TRACKING_COOKIES_ID,
+ });
+ equal(rows.length, 1, "Only one day has had cookies entries, length is 1");
+ count = rows[0].getResultByName("count");
+ equal(count, 3, "Cookie entries were aggregated");
+
+ rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.CRYPTOMINERS_ID,
+ });
+ equal(
+ rows.length,
+ 1,
+ "Only one day has had cryptominer entries, length is 1"
+ );
+ count = rows[0].getResultByName("count");
+ equal(count, 1, "there is only one cryptominer entry");
+
+ rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.FINGERPRINTERS_ID,
+ });
+ equal(
+ rows.length,
+ 1,
+ "Only one day has had fingerprinters entries, length is 1"
+ );
+ count = rows[0].getResultByName("count");
+ equal(count, 1, "there is only one fingerprinter entry");
+
+ rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.SOCIAL_ID,
+ });
+ equal(rows.length, 1, "Only one day has had social entries, length is 1");
+ count = rows[0].getResultByName("count");
+ equal(count, 2, "there are two social entries");
+
+ // Use the TrackingDBService API to delete the data.
+ await TrackingDBService.clearAll();
+ // Make sure the data was deleted.
+ rows = await db.execute(SQL.selectAll);
+ equal(rows.length, 0, "length is 0");
+ await db.close();
+});
+
+// This tests that content blocking events encountered on the same day get aggregated,
+// and those on different days get seperate entries
+add_task(async function test_timestamp_aggragation() {
+ // This creates the schema.
+ await TrackingDBService.saveEvents(JSON.stringify({}));
+ let db = await Sqlite.openConnection({ path: DB_PATH });
+
+ let yesterday = new Date(Date.now() - 24 * 60 * 60 * 1000).toISOString();
+ let today = new Date().toISOString();
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.TRACKERS_ID,
+ count: 4,
+ timestamp: yesterday,
+ });
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.CRYPTOMINERS_ID,
+ count: 3,
+ timestamp: yesterday,
+ });
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.FINGERPRINTERS_ID,
+ count: 2,
+ timestamp: yesterday,
+ });
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.TRACKING_COOKIES_ID,
+ count: 1,
+ timestamp: yesterday,
+ });
+
+ // Add some events for today which must get aggregated
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.TRACKERS_ID,
+ count: 2,
+ timestamp: today,
+ });
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.CRYPTOMINERS_ID,
+ count: 2,
+ timestamp: today,
+ });
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.FINGERPRINTERS_ID,
+ count: 2,
+ timestamp: today,
+ });
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.TRACKING_COOKIES_ID,
+ count: 2,
+ timestamp: today,
+ });
+
+ // Add new events, they will have today's timestamp.
+ await TrackingDBService.saveEvents(JSON.stringify(LOG));
+
+ // Ensure events that are inserted today are not aggregated with past events.
+ let rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.TRACKERS_ID,
+ });
+ equal(rows.length, 2, "Tracker entries for today and yesterday, length is 2");
+ for (let i = 0; i < rows.length; i++) {
+ let count = rows[i].getResultByName("count");
+ if (i == 0) {
+ equal(count, 4, "Yesterday's count is 4");
+ } else if (i == 1) {
+ equal(count, 3, "Today's count is 3, new entries were aggregated");
+ }
+ }
+
+ rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.CRYPTOMINERS_ID,
+ });
+ equal(
+ rows.length,
+ 2,
+ "Cryptominer entries for today and yesterday, length is 2"
+ );
+ for (let i = 0; i < rows.length; i++) {
+ let count = rows[i].getResultByName("count");
+ if (i == 0) {
+ equal(count, 3, "Yesterday's count is 3");
+ } else if (i == 1) {
+ equal(count, 3, "Today's count is 3, new entries were aggregated");
+ }
+ }
+
+ rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.FINGERPRINTERS_ID,
+ });
+ equal(
+ rows.length,
+ 2,
+ "Fingerprinter entries for today and yesterday, length is 2"
+ );
+ for (let i = 0; i < rows.length; i++) {
+ let count = rows[i].getResultByName("count");
+ if (i == 0) {
+ equal(count, 2, "Yesterday's count is 2");
+ } else if (i == 1) {
+ equal(count, 3, "Today's count is 3, new entries were aggregated");
+ }
+ }
+
+ rows = await db.execute(SQL.selectAllEntriesOfType, {
+ type: TrackingDBService.TRACKING_COOKIES_ID,
+ });
+ equal(
+ rows.length,
+ 2,
+ "Tracking Cookies entries for today and yesterday, length is 2"
+ );
+ for (let i = 0; i < rows.length; i++) {
+ let count = rows[i].getResultByName("count");
+ if (i == 0) {
+ equal(count, 1, "Yesterday's count is 1");
+ } else if (i == 1) {
+ equal(count, 5, "Today's count is 5, new entries were aggregated");
+ }
+ }
+
+ // Use the TrackingDBService API to delete the data.
+ await TrackingDBService.clearAll();
+ // Make sure the data was deleted.
+ rows = await db.execute(SQL.selectAll);
+ equal(rows.length, 0, "length is 0");
+ await db.close();
+});
+
+let addEventsToDB = async db => {
+ let d = new Date(1521009000000);
+ let date = d.toISOString();
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.CRYPTOMINERS_ID,
+ count: 3,
+ timestamp: date,
+ });
+
+ date = new Date(d - 2 * 24 * 60 * 60 * 1000).toISOString();
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.TRACKERS_ID,
+ count: 2,
+ timestamp: date,
+ });
+
+ date = new Date(d - 3 * 24 * 60 * 60 * 1000).toISOString();
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.TRACKING_COOKIES_ID,
+ count: 2,
+ timestamp: date,
+ });
+
+ date = new Date(d - 4 * 24 * 60 * 60 * 1000).toISOString();
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.TRACKING_COOKIES_ID,
+ count: 2,
+ timestamp: date,
+ });
+
+ date = new Date(d - 9 * 24 * 60 * 60 * 1000).toISOString();
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.FINGERPRINTERS_ID,
+ count: 2,
+ timestamp: date,
+ });
+};
+
+// This tests that TrackingDBService.getEventsByDateRange can accept two timestamps in unix epoch time
+// and return entries that occur within the timestamps, rounded to the nearest day and inclusive.
+add_task(async function test_getEventsByDateRange() {
+ // This creates the schema.
+ await TrackingDBService.saveEvents(JSON.stringify({}));
+ let db = await Sqlite.openConnection({ path: DB_PATH });
+ await addEventsToDB(db);
+
+ let d = new Date(1521009000000);
+ let daysBefore1 = new Date(d - 24 * 60 * 60 * 1000);
+ let daysBefore4 = new Date(d - 4 * 24 * 60 * 60 * 1000);
+ let daysBefore9 = new Date(d - 9 * 24 * 60 * 60 * 1000);
+
+ let events = await TrackingDBService.getEventsByDateRange(daysBefore1, d);
+ equal(
+ events.length,
+ 1,
+ "There is 1 event entry between the date and one day before, inclusive"
+ );
+
+ events = await TrackingDBService.getEventsByDateRange(daysBefore4, d);
+ equal(
+ events.length,
+ 4,
+ "There is 4 event entries between the date and four days before, inclusive"
+ );
+
+ events = await TrackingDBService.getEventsByDateRange(
+ daysBefore9,
+ daysBefore4
+ );
+ equal(
+ events.length,
+ 2,
+ "There is 2 event entries between nine and four days before, inclusive"
+ );
+
+ await TrackingDBService.clearAll();
+ await db.close();
+});
+
+// This tests that TrackingDBService.sumAllEvents returns the number of
+// tracking events in the database, and can handle 0 entries.
+add_task(async function test_sumAllEvents() {
+ // This creates the schema.
+ await TrackingDBService.saveEvents(JSON.stringify({}));
+ let db = await Sqlite.openConnection({ path: DB_PATH });
+
+ let sum = await TrackingDBService.sumAllEvents();
+ equal(sum, 0, "There have been 0 events recorded");
+
+ // populate the database
+ await addEventsToDB(db);
+
+ sum = await TrackingDBService.sumAllEvents();
+ equal(sum, 11, "There have been 11 events recorded");
+
+ await TrackingDBService.clearAll();
+ await db.close();
+});
+
+// This tests that TrackingDBService.getEarliestRecordedDate returns the
+// earliest date recorded and can handle 0 entries.
+add_task(async function test_getEarliestRecordedDate() {
+ // This creates the schema.
+ await TrackingDBService.saveEvents(JSON.stringify({}));
+ let db = await Sqlite.openConnection({ path: DB_PATH });
+
+ let timestamp = await TrackingDBService.getEarliestRecordedDate();
+ equal(timestamp, null, "There is no earliest recorded date");
+
+ // populate the database
+ await addEventsToDB(db);
+ let d = new Date(1521009000000);
+ let daysBefore9 = new Date(d - 9 * 24 * 60 * 60 * 1000)
+ .toISOString()
+ .split("T")[0];
+
+ timestamp = await TrackingDBService.getEarliestRecordedDate();
+ let date = new Date(timestamp).toISOString().split("T")[0];
+ equal(date, daysBefore9, "The earliest recorded event is nine days before.");
+
+ await TrackingDBService.clearAll();
+ await db.close();
+});
+
+// This tests that a message to CFR is sent when the amount of saved trackers meets a milestone
+add_task(async function test_sendMilestoneNotification() {
+ let milestones = JSON.parse(
+ Services.prefs.getStringPref(
+ "browser.contentblocking.cfr-milestone.milestones"
+ )
+ );
+ // This creates the schema.
+ await TrackingDBService.saveEvents(JSON.stringify({}));
+ let db = await Sqlite.openConnection({ path: DB_PATH });
+ // save number of trackers equal to the first milestone
+ await db.execute(SQL.insertCustomTimeEvent, {
+ type: TrackingDBService.CRYPTOMINERS_ID,
+ count: milestones[0],
+ timestamp: new Date().toISOString(),
+ });
+
+ let awaitNotification = TestUtils.topicObserved(
+ "SiteProtection:ContentBlockingMilestone"
+ );
+
+ // trigger a "save" event to compare the trackers with the milestone.
+ await TrackingDBService.saveEvents(
+ JSON.stringify({
+ "https://1.example.com": [
+ [Ci.nsIWebProgressListener.STATE_BLOCKED_TRACKING_CONTENT, true, 1],
+ ],
+ })
+ );
+ await awaitNotification;
+
+ await TrackingDBService.clearAll();
+ await db.close();
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/test_view_source.js b/toolkit/components/antitracking/test/xpcshell/test_view_source.js
new file mode 100644
index 0000000000..df651fa2ec
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/test_view_source.js
@@ -0,0 +1,61 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+
+const { CookieXPCShellUtils } = ChromeUtils.import(
+ "resource://testing-common/CookieXPCShellUtils.jsm"
+);
+
+CookieXPCShellUtils.init(this);
+
+let gHits = 0;
+
+add_task(async function() {
+ do_get_profile();
+
+ info("Disable predictor and accept all");
+ Services.prefs.setBoolPref("network.predictor.enabled", false);
+ Services.prefs.setBoolPref("network.predictor.enable-prefetch", false);
+ Services.prefs.setBoolPref("network.http.rcwn.enabled", false);
+ Services.prefs.setIntPref(
+ "network.cookie.cookieBehavior",
+ Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN
+ );
+
+ const server = CookieXPCShellUtils.createServer({
+ hosts: ["example.org"],
+ });
+ server.registerPathHandler("/test", (request, response) => {
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.setHeader("Content-Type", "text/html", false);
+ if (
+ request.hasHeader("Cookie") &&
+ request.getHeader("Cookie") == "foo=bar"
+ ) {
+ gHits++;
+ } else {
+ response.setHeader("Set-Cookie", "foo=bar");
+ }
+ var body = "<html></html>";
+ response.bodyOutputStream.write(body, body.length);
+ });
+
+ info("Reset the hits count");
+ gHits = 0;
+
+ info("Let's load a page");
+ let contentPage = await CookieXPCShellUtils.loadContentPage(
+ "http://example.org/test?1"
+ );
+ await contentPage.close();
+
+ Assert.equal(gHits, 0, "The number of hits match");
+
+ info("Let's load the source of the page");
+ contentPage = await CookieXPCShellUtils.loadContentPage(
+ "view-source:http://example.org/test?2"
+ );
+ await contentPage.close();
+
+ Assert.equal(gHits, 1, "The number of hits match");
+});
diff --git a/toolkit/components/antitracking/test/xpcshell/xpcshell.ini b/toolkit/components/antitracking/test/xpcshell/xpcshell.ini
new file mode 100644
index 0000000000..d53879f06d
--- /dev/null
+++ b/toolkit/components/antitracking/test/xpcshell/xpcshell.ini
@@ -0,0 +1,23 @@
+[DEFAULT]
+head = head.js ../../../../components/url-classifier/tests/unit/head_urlclassifier.js
+
+[test_cookie_behavior.js]
+[test_purge_trackers.js]
+[test_purge_trackers_telemetry.js]
+[test_tracking_db_service.js]
+[test_rejectForeignAllowList.js]
+skip-if = toolkit == 'android' # Bug 1567341
+[test_staticPartition_font.js]
+support-files =
+ data/font.woff
+skip-if = toolkit == 'android' # Bug 1567341
+[test_staticPartition_image.js]
+skip-if = toolkit == 'android' # Bug 1567341
+[test_staticPartition_authhttp.js]
+skip-if = toolkit == 'android' # Bug 1567341
+[test_staticPartition_prefetch.js]
+skip-if = toolkit == 'android' # Bug 1567341
+[test_staticPartition_preload.js]
+skip-if = toolkit == 'android' # Bug 1567341
+[test_ExceptionListService.js]
+[test_view_source.js]