summaryrefslogtreecommitdiffstats
path: root/toolkit/components/cleardata/tests
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:47:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:47:29 +0000
commit0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d (patch)
treea31f07c9bcca9d56ce61e9a1ffd30ef350d513aa /toolkit/components/cleardata/tests
parentInitial commit. (diff)
downloadfirefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.tar.xz
firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.zip
Adding upstream version 115.8.0esr.upstream/115.8.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'toolkit/components/cleardata/tests')
-rw-r--r--toolkit/components/cleardata/tests/browser/browser.ini20
-rw-r--r--toolkit/components/cleardata/tests/browser/browser_auth_tokens.js108
-rw-r--r--toolkit/components/cleardata/tests/browser/browser_css_cache.js129
-rw-r--r--toolkit/components/cleardata/tests/browser/browser_image_cache.js219
-rw-r--r--toolkit/components/cleardata/tests/browser/browser_preflight_cache.js166
-rw-r--r--toolkit/components/cleardata/tests/browser/browser_quota.js318
-rw-r--r--toolkit/components/cleardata/tests/browser/browser_serviceworkers.js287
-rw-r--r--toolkit/components/cleardata/tests/browser/browser_sessionStorage.js235
-rw-r--r--toolkit/components/cleardata/tests/browser/file_cors_preflight.sjs40
-rw-r--r--toolkit/components/cleardata/tests/browser/file_css_cache.css3
-rw-r--r--toolkit/components/cleardata/tests/browser/file_css_cache.html6
-rw-r--r--toolkit/components/cleardata/tests/browser/file_image_cache.html7
-rw-r--r--toolkit/components/cleardata/tests/browser/file_image_cache.jpgbin0 -> 361 bytes
-rw-r--r--toolkit/components/cleardata/tests/browser/worker.js1
-rw-r--r--toolkit/components/cleardata/tests/marionette/manifest.ini2
-rw-r--r--toolkit/components/cleardata/tests/marionette/test_moved_origin_directory_cleanup.py134
-rw-r--r--toolkit/components/cleardata/tests/marionette/test_service_worker_at_shutdown.py62
-rw-r--r--toolkit/components/cleardata/tests/unit/head.js27
-rw-r--r--toolkit/components/cleardata/tests/unit/test_basic.js19
-rw-r--r--toolkit/components/cleardata/tests/unit/test_certs.js233
-rw-r--r--toolkit/components/cleardata/tests/unit/test_cookies.js393
-rw-r--r--toolkit/components/cleardata/tests/unit/test_downloads.js310
-rw-r--r--toolkit/components/cleardata/tests/unit/test_identity_credential_storage.js121
-rw-r--r--toolkit/components/cleardata/tests/unit/test_network_cache.js316
-rw-r--r--toolkit/components/cleardata/tests/unit/test_passwords.js89
-rw-r--r--toolkit/components/cleardata/tests/unit/test_permissions.js424
-rw-r--r--toolkit/components/cleardata/tests/unit/test_quota.js560
-rw-r--r--toolkit/components/cleardata/tests/unit/test_security_settings.js279
-rw-r--r--toolkit/components/cleardata/tests/unit/test_storage_permission.js398
-rw-r--r--toolkit/components/cleardata/tests/unit/xpcshell.ini19
30 files changed, 4925 insertions, 0 deletions
diff --git a/toolkit/components/cleardata/tests/browser/browser.ini b/toolkit/components/cleardata/tests/browser/browser.ini
new file mode 100644
index 0000000000..7b1f709e81
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/browser.ini
@@ -0,0 +1,20 @@
+[browser_auth_tokens.js]
+[browser_css_cache.js]
+https_first_disabled = true
+support-files =
+ file_css_cache.css
+ file_css_cache.html
+[browser_image_cache.js]
+https_first_disabled = true
+support-files =
+ file_image_cache.html
+ file_image_cache.jpg
+[browser_preflight_cache.js]
+https_first_disabled = true
+support-files =
+ file_cors_preflight.sjs
+[browser_serviceworkers.js]
+[browser_sessionStorage.js]
+https_first_disabled = true
+[browser_quota.js]
+support-files = worker.js
diff --git a/toolkit/components/cleardata/tests/browser/browser_auth_tokens.js b/toolkit/components/cleardata/tests/browser/browser_auth_tokens.js
new file mode 100644
index 0000000000..e62c8b4ac4
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/browser_auth_tokens.js
@@ -0,0 +1,108 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+/**
+ * Tests for AuthTokensCleaner.
+ */
+
+const TEST_SECRET = "secret";
+const TEST_PRINCIPAL =
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "https://example.com"
+ );
+const TEST_CLEAR_DATA_FLAGS = Services.clearData.CLEAR_AUTH_TOKENS;
+
+const pk11db = Cc["@mozilla.org/security/pk11tokendb;1"].getService(
+ Ci.nsIPK11TokenDB
+);
+
+const { LoginTestUtils } = ChromeUtils.importESModule(
+ "resource://testing-common/LoginTestUtils.sys.mjs"
+);
+
+function testLoggedIn(isLoggedIn) {
+ Assert.equal(
+ pk11db.getInternalKeyToken().isLoggedIn(),
+ isLoggedIn,
+ `Should ${isLoggedIn ? "" : "not "}be logged in`
+ );
+ pk11db.getInternalKeyToken().isLoggedIn();
+}
+
+function clearData({ deleteBy = "all", hasUserInput = false } = {}) {
+ return new Promise(resolve => {
+ if (deleteBy == "principal") {
+ Services.clearData.deleteDataFromPrincipal(
+ TEST_PRINCIPAL,
+ hasUserInput,
+ TEST_CLEAR_DATA_FLAGS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ } else if (deleteBy == "baseDomain") {
+ Services.clearData.deleteDataFromBaseDomain(
+ TEST_PRINCIPAL.baseDomain,
+ hasUserInput,
+ TEST_CLEAR_DATA_FLAGS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ } else {
+ Services.clearData.deleteData(TEST_CLEAR_DATA_FLAGS, value => {
+ Assert.equal(value, 0);
+ resolve();
+ });
+ }
+ });
+}
+
+function runTest({ deleteBy, hasUserInput }) {
+ testLoggedIn(false);
+
+ info("Setup primary password and login");
+ LoginTestUtils.primaryPassword.enable(true);
+ testLoggedIn(true);
+
+ info(
+ `Clear AuthTokensCleaner data for ${deleteBy}, hasUserInput: ${hasUserInput}`
+ );
+ clearData({ deleteBy, hasUserInput });
+
+ // The auth tokens cleaner cannot delete by principal or baseDomain
+ // (yet). If this method is called, it will check whether the used requested
+ // the clearing. If the user requested clearing, it will over-clear (clear
+ // all data). If the request didn't come from the user, for example from the
+ // PurgeTrackerService, it will not clear anything to avoid clearing storage
+ // unrelated to the baseDomain or principal.
+ let isCleared = deleteBy == "all" || hasUserInput;
+ testLoggedIn(!isCleared);
+
+ // Cleanup
+ let sdr = Cc["@mozilla.org/security/sdr;1"].getService(
+ Ci.nsISecretDecoderRing
+ );
+ sdr.logoutAndTeardown();
+ LoginTestUtils.primaryPassword.disable();
+}
+
+add_task(async function test_deleteAll() {
+ runTest({ deleteBy: "all" });
+});
+
+add_task(async function test_deleteByPrincipal() {
+ for (let hasUserInput of [false, true]) {
+ runTest({ deleteBy: "principal", hasUserInput });
+ }
+});
+
+add_task(async function test_deleteByBaseDomain() {
+ for (let hasUserInput of [false, true]) {
+ runTest({ deleteBy: "baseDomain", hasUserInput });
+ }
+});
diff --git a/toolkit/components/cleardata/tests/browser/browser_css_cache.js b/toolkit/components/cleardata/tests/browser/browser_css_cache.js
new file mode 100644
index 0000000000..47088e5011
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/browser_css_cache.js
@@ -0,0 +1,129 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const BASE_DOMAIN_A = "example.com";
+const ORIGIN_A = `https://${BASE_DOMAIN_A}`;
+const ORIGIN_A_HTTP = `http://${BASE_DOMAIN_A}`;
+const ORIGIN_A_SUB = `https://test1.${BASE_DOMAIN_A}`;
+
+const BASE_DOMAIN_B = "example.org";
+const ORIGIN_B = `https://${BASE_DOMAIN_B}`;
+const ORIGIN_B_HTTP = `http://${BASE_DOMAIN_B}`;
+const ORIGIN_B_SUB = `https://test1.${BASE_DOMAIN_B}`;
+
+const TEST_ROOT_DIR = getRootDirectory(gTestPath);
+
+// Stylesheets are cached per process, so we need to keep tabs open for the
+// duration of a test.
+let tabs = {};
+
+function getTestURLForOrigin(origin) {
+ return (
+ TEST_ROOT_DIR.replace("chrome://mochitests/content", origin) +
+ "file_css_cache.html"
+ );
+}
+
+async function testCached(origin, isCached) {
+ let url = getTestURLForOrigin(origin);
+
+ let numParsed;
+
+ let tab = tabs[origin];
+ let loadedPromise;
+ if (!tab) {
+ info("Creating new tab for " + url);
+ tab = BrowserTestUtils.addTab(gBrowser, url);
+ loadedPromise = BrowserTestUtils.browserLoaded(tab.linkedBrowser);
+ tabs[origin] = tab;
+ } else {
+ loadedPromise = BrowserTestUtils.browserLoaded(tab.linkedBrowser);
+ tab.linkedBrowser.reload();
+ }
+ await loadedPromise;
+
+ numParsed = await SpecialPowers.spawn(tab.linkedBrowser, [], () => {
+ return SpecialPowers.getDOMWindowUtils(content).parsedStyleSheets;
+ });
+
+ // Stylesheets is cached if numParsed is 0.
+ is(!numParsed, isCached, `${origin} is${isCached ? " " : " not "}cached`);
+}
+
+async function addTestTabs() {
+ await testCached(ORIGIN_A, false);
+ await testCached(ORIGIN_A_SUB, false);
+ await testCached(ORIGIN_A_HTTP, false);
+ await testCached(ORIGIN_B, false);
+ await testCached(ORIGIN_B_SUB, false);
+ await testCached(ORIGIN_B_HTTP, false);
+ // Test that the cache has been populated.
+ await testCached(ORIGIN_A, true);
+ await testCached(ORIGIN_A_SUB, true);
+ await testCached(ORIGIN_A_HTTP, true);
+ await testCached(ORIGIN_B, true);
+ await testCached(ORIGIN_B_SUB, true);
+ await testCached(ORIGIN_B_HTTP, true);
+}
+
+async function cleanupTestTabs() {
+ Object.values(tabs).forEach(BrowserTestUtils.removeTab);
+ tabs = {};
+}
+
+add_task(async function test_deleteByPrincipal() {
+ await addTestTabs();
+
+ // Clear data for content principal of A
+ info("Clearing cache for principal " + ORIGIN_A);
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(ORIGIN_A),
+ false,
+ Ci.nsIClearDataService.CLEAR_CSS_CACHE,
+ resolve
+ );
+ });
+
+ // Only the cache entry for ORIGIN_A should have been cleared.
+ await testCached(ORIGIN_A, false);
+ await testCached(ORIGIN_A_SUB, true);
+ await testCached(ORIGIN_A_HTTP, true);
+ await testCached(ORIGIN_B, true);
+ await testCached(ORIGIN_B_SUB, true);
+ await testCached(ORIGIN_B_HTTP, true);
+
+ // Cleanup
+ cleanupTestTabs();
+ ChromeUtils.clearStyleSheetCache();
+});
+
+add_task(async function test_deleteByBaseDomain() {
+ await addTestTabs();
+
+ // Clear data for base domain of A.
+ info("Clearing cache for base domain " + BASE_DOMAIN_A);
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ BASE_DOMAIN_A,
+ false,
+ Ci.nsIClearDataService.CLEAR_CSS_CACHE,
+ resolve
+ );
+ });
+
+ // All entries for A should have been cleared.
+ await testCached(ORIGIN_A, false);
+ await testCached(ORIGIN_A_SUB, false);
+ await testCached(ORIGIN_A_HTTP, false);
+ // Entries for B should still exist.
+ await testCached(ORIGIN_B, true);
+ await testCached(ORIGIN_B_SUB, true);
+ await testCached(ORIGIN_B_HTTP, true);
+
+ // Cleanup
+ cleanupTestTabs();
+ ChromeUtils.clearStyleSheetCache();
+});
diff --git a/toolkit/components/cleardata/tests/browser/browser_image_cache.js b/toolkit/components/cleardata/tests/browser/browser_image_cache.js
new file mode 100644
index 0000000000..d7116d2502
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/browser_image_cache.js
@@ -0,0 +1,219 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const BASE_DOMAIN_A = "example.com";
+const ORIGIN_A = `https://${BASE_DOMAIN_A}`;
+const ORIGIN_A_HTTP = `http://${BASE_DOMAIN_A}`;
+const ORIGIN_A_SUB = `https://test1.${BASE_DOMAIN_A}`;
+
+const BASE_DOMAIN_B = "example.org";
+const ORIGIN_B = `https://${BASE_DOMAIN_B}`;
+const ORIGIN_B_HTTP = `http://${BASE_DOMAIN_B}`;
+const ORIGIN_B_SUB = `https://test1.${BASE_DOMAIN_B}`;
+
+const TEST_ROOT_DIR = getRootDirectory(gTestPath);
+
+// Images are cached per process, so we need to keep tabs open for the
+// duration of a test.
+let originToTabs = {};
+
+function getTestURLForOrigin(origin) {
+ return TEST_ROOT_DIR.replace("chrome://mochitests/content", origin);
+}
+
+async function testCached(origin, isCached, testPartitioned = false) {
+ let tabs = originToTabs[origin];
+
+ for (let tab of tabs) {
+ // For the partition test we inspect the cache state of the iframe.
+ let browsingContext = testPartitioned
+ ? tab.linkedBrowser.browsingContext.children[0]
+ : tab.linkedBrowser.browsingContext;
+ let actualCached = await SpecialPowers.spawn(browsingContext, [], () => {
+ let imgUrl = content.document.querySelector("img").src;
+ let imageCache = SpecialPowers.Cc[
+ "@mozilla.org/image/tools;1"
+ ].getService(Ci.imgITools);
+ let uri = SpecialPowers.Services.io.newURI(imgUrl);
+ let properties = imageCache
+ .getImgCacheForDocument(content.document)
+ .findEntryProperties(uri, content.document);
+ return !!properties;
+ });
+
+ let msg = `${origin}${isCached ? " " : " not "}cached`;
+ if (testPartitioned) {
+ msg = "Partitioned under " + msg;
+ }
+
+ is(actualCached, isCached, msg);
+ }
+}
+
+/**
+ * Creates tabs and loads images in first party and third party context.
+ * @returns {Promise} - Promise which resolves once all tabs are initialized,
+ * {@link originToTabs} is populated and (sub-)resources have loaded.
+ */
+function addTestTabs() {
+ // Adding two tabs for ORIGIN_A so we can test clearing for a principal
+ // cross-process (non-fission).
+ let promises = [
+ [ORIGIN_A, ORIGIN_B],
+ [ORIGIN_A, ORIGIN_B],
+ [ORIGIN_A_SUB, ORIGIN_B_SUB],
+ [ORIGIN_A_HTTP, ORIGIN_B_HTTP],
+ [ORIGIN_B, ORIGIN_A],
+ [ORIGIN_B_SUB, ORIGIN_A_SUB],
+ [ORIGIN_B_HTTP, ORIGIN_A_HTTP],
+ ].map(async ([firstParty, thirdParty]) => {
+ let urlFirstParty =
+ getTestURLForOrigin(firstParty) + "file_image_cache.html";
+ let urlThirdParty =
+ getTestURLForOrigin(thirdParty) + "file_image_cache.html";
+
+ info("Creating new tab for " + urlFirstParty);
+ let tab = BrowserTestUtils.addTab(gBrowser, urlFirstParty);
+ await BrowserTestUtils.browserLoaded(tab.linkedBrowser);
+
+ info("Creating iframe for " + urlThirdParty);
+ await SpecialPowers.spawn(tab.linkedBrowser, [urlThirdParty], async url => {
+ let iframe = content.document.createElement("iframe");
+ iframe.src = url;
+
+ let loadPromise = ContentTaskUtils.waitForEvent(iframe, "load", false);
+ content.document.body.appendChild(iframe);
+ await loadPromise;
+ });
+
+ let tabs = originToTabs[firstParty];
+ if (!tabs) {
+ tabs = [];
+ originToTabs[firstParty] = tabs;
+ }
+ tabs.push(tab);
+ });
+
+ return Promise.all(promises);
+}
+
+function cleanup() {
+ Object.values(originToTabs).flat().forEach(BrowserTestUtils.removeTab);
+ originToTabs = {};
+ let imageCache = Cc["@mozilla.org/image/tools;1"]
+ .getService(Ci.imgITools)
+ .getImgCacheForDocument(null);
+ imageCache.clearCache(false);
+ imageCache.clearCache(true);
+}
+
+add_setup(function () {
+ cleanup();
+});
+
+add_task(async function test_deleteByPrincipal() {
+ await addTestTabs();
+
+ // Clear data for content principal of A
+ info("Clearing cache for principal " + ORIGIN_A);
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(ORIGIN_A),
+ false,
+ Ci.nsIClearDataService.CLEAR_IMAGE_CACHE,
+ resolve
+ );
+ });
+
+ // Only the cache entry for ORIGIN_A should have been cleared.
+ await testCached(ORIGIN_A, false);
+ await testCached(ORIGIN_A_SUB, true);
+ await testCached(ORIGIN_A_HTTP, true);
+ await testCached(ORIGIN_B, true);
+ await testCached(ORIGIN_B_SUB, true);
+ await testCached(ORIGIN_B_HTTP, true);
+
+ // No partitioned cache should have been cleared.
+ await testCached(ORIGIN_A, true, true);
+ await testCached(ORIGIN_A_SUB, true, true);
+ await testCached(ORIGIN_A_HTTP, true, true);
+ // TODO: ImageCacheCleaner deleteByPrincipal does not look at the cache key's
+ // isolationKey and thus over-clears. In this case it clears cache for A
+ // partitioned under B, even though the test principal does not set a
+ // partitionKey.
+ // See Bug 1713088.
+ await testCached(ORIGIN_B, false, true);
+ await testCached(ORIGIN_B_SUB, true, true);
+ await testCached(ORIGIN_B_HTTP, true, true);
+
+ cleanup();
+});
+
+add_task(async function test_deleteByBaseDomain() {
+ await addTestTabs();
+
+ // Clear data for base domain of A.
+ info("Clearing cache for base domain " + BASE_DOMAIN_A);
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ BASE_DOMAIN_A,
+ false,
+ Ci.nsIClearDataService.CLEAR_IMAGE_CACHE,
+ resolve
+ );
+ });
+
+ // All entries for A should have been cleared.
+ await testCached(ORIGIN_A, false);
+ await testCached(ORIGIN_A_SUB, false);
+ await testCached(ORIGIN_A_HTTP, false);
+ // Entries for B should still exist.
+ await testCached(ORIGIN_B, true);
+ await testCached(ORIGIN_B_SUB, true);
+ await testCached(ORIGIN_B_HTTP, true);
+
+ // All partitioned entries for B under A should have been cleared.
+ await testCached(ORIGIN_A, false, true);
+ await testCached(ORIGIN_A_SUB, false, true);
+ await testCached(ORIGIN_A_HTTP, false, true);
+
+ // All partitioned entries of A under B should have been cleared.
+ await testCached(ORIGIN_B, false, true);
+ await testCached(ORIGIN_B_SUB, false, true);
+ await testCached(ORIGIN_B_HTTP, false, true);
+
+ cleanup();
+});
+
+add_task(async function test_deleteAll() {
+ await addTestTabs();
+
+ // Clear the whole image cache across processes.
+ info("Clearing cache for base domain " + BASE_DOMAIN_A);
+ await new Promise(resolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_IMAGE_CACHE,
+ resolve
+ );
+ });
+
+ // All entries should have been cleared.
+ await testCached(ORIGIN_A, false);
+ await testCached(ORIGIN_A_SUB, false);
+ await testCached(ORIGIN_A_HTTP, false);
+ await testCached(ORIGIN_B, false);
+ await testCached(ORIGIN_B_SUB, false);
+ await testCached(ORIGIN_B_HTTP, false);
+
+ // All partitioned entries should have been cleared.
+ await testCached(ORIGIN_A, false, true);
+ await testCached(ORIGIN_A_SUB, false, true);
+ await testCached(ORIGIN_A_HTTP, false, true);
+ await testCached(ORIGIN_B, false, true);
+ await testCached(ORIGIN_B_SUB, false, true);
+ await testCached(ORIGIN_B_HTTP, false, true);
+
+ cleanup();
+});
diff --git a/toolkit/components/cleardata/tests/browser/browser_preflight_cache.js b/toolkit/components/cleardata/tests/browser/browser_preflight_cache.js
new file mode 100644
index 0000000000..d3eabb9e38
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/browser_preflight_cache.js
@@ -0,0 +1,166 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const { SiteDataTestUtils } = ChromeUtils.importESModule(
+ "resource://testing-common/SiteDataTestUtils.sys.mjs"
+);
+
+const uuidGenerator = Services.uuid;
+
+const ORIGIN_A = "http://example.net";
+const ORIGIN_B = "http://example.org";
+
+const PREFLIGHT_URL_PATH =
+ "/browser/toolkit/components/cleardata/tests/browser/file_cors_preflight.sjs";
+
+const PREFLIGHT_URL_A = ORIGIN_A + PREFLIGHT_URL_PATH;
+const PREFLIGHT_URL_B = ORIGIN_B + PREFLIGHT_URL_PATH;
+
+function testPreflightCached(browser, url, token, isCached) {
+ return SpecialPowers.spawn(
+ browser,
+ [url, token, isCached],
+ async (url, token, isCached) => {
+ let response = await content.fetch(
+ new content.Request(`${url}?token=${token}`, {
+ mode: "cors",
+ method: "GET",
+ headers: [["x-test-header", "check"]],
+ })
+ );
+
+ let expected = isCached ? "0" : "1";
+ is(
+ await response.text(),
+ expected,
+ `Preflight cache for ${url} ${isCached ? "HIT" : "MISS"}.`
+ );
+ }
+ );
+}
+
+async function testDeleteAll(
+ clearDataFlag,
+ { deleteBy = "all", hasUserInput = false } = {}
+) {
+ await BrowserTestUtils.withNewTab("http://example.com", async browser => {
+ let token = uuidGenerator.generateUUID().toString();
+
+ // Populate the preflight cache.
+ await testPreflightCached(browser, PREFLIGHT_URL_A, token, false);
+ await testPreflightCached(browser, PREFLIGHT_URL_B, token, false);
+ // Cache should be populated.
+ await testPreflightCached(browser, PREFLIGHT_URL_A, token, true);
+ await testPreflightCached(browser, PREFLIGHT_URL_B, token, true);
+
+ await new Promise(resolve => {
+ if (deleteBy == "principal") {
+ Services.clearData.deleteDataFromPrincipal(
+ browser.contentPrincipal,
+ hasUserInput,
+ clearDataFlag,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ } else if (deleteBy == "baseDomain") {
+ Services.clearData.deleteDataFromBaseDomain(
+ browser.contentPrincipal.baseDomain,
+ hasUserInput,
+ clearDataFlag,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ } else {
+ Services.clearData.deleteData(clearDataFlag, value => {
+ Assert.equal(value, 0);
+ resolve();
+ });
+ }
+ });
+
+ // The preflight cache cleaner cannot delete by principal or baseDomain
+ // (Bug 1727141). If this method is called, it will check whether the used
+ // requested the clearing. If the user requested clearing, it will
+ // over-clear (clear all data). If the request didn't come from the user,
+ // for example from the PurgeTrackerService, it will not clear anything to
+ // avoid clearing storage unrelated to the baseDomain or principal.
+ let clearedAll = deleteBy == "all" || hasUserInput;
+
+ // Cache should be cleared.
+ await testPreflightCached(browser, PREFLIGHT_URL_A, token, !clearedAll);
+ await testPreflightCached(browser, PREFLIGHT_URL_B, token, !clearedAll);
+ });
+
+ SiteDataTestUtils.clear();
+}
+
+add_task(async function test_deleteAll() {
+ // The cleaner should be called when we target all cleaners, all cache
+ // cleaners, or just the preflight cache.
+ let { CLEAR_ALL, CLEAR_ALL_CACHES, CLEAR_PREFLIGHT_CACHE } =
+ Ci.nsIClearDataService;
+
+ for (let flag of [CLEAR_ALL, CLEAR_ALL_CACHES, CLEAR_PREFLIGHT_CACHE]) {
+ await testDeleteAll(flag);
+ }
+});
+
+add_task(async function test_deleteByPrincipal() {
+ // The cleaner should be called when we target all cleaners, all cache
+ // cleaners, or just the preflight cache.
+ let { CLEAR_ALL, CLEAR_ALL_CACHES, CLEAR_PREFLIGHT_CACHE } =
+ Ci.nsIClearDataService;
+
+ for (let flag of [CLEAR_ALL, CLEAR_ALL_CACHES, CLEAR_PREFLIGHT_CACHE]) {
+ for (let hasUserInput of [true, false]) {
+ await testDeleteAll(flag, { deleteBy: "principal", hasUserInput });
+ }
+ }
+});
+
+add_task(async function test_deletePrivateBrowsingCache() {
+ async function deletePrivateBrowsingCache(token) {
+ const browser = await BrowserTestUtils.openNewBrowserWindow({
+ private: true,
+ });
+
+ const tab = (browser.gBrowser.selectedTab = BrowserTestUtils.addTab(
+ browser.gBrowser,
+ "http://example.com"
+ ));
+ await BrowserTestUtils.browserLoaded(tab.linkedBrowser);
+
+ // Populate the preflight cache and make sure it isn't populated right now
+ await testPreflightCached(tab.linkedBrowser, PREFLIGHT_URL_A, token, false);
+ await testPreflightCached(tab.linkedBrowser, PREFLIGHT_URL_B, token, false);
+ // Cache should be populated.
+ await testPreflightCached(tab.linkedBrowser, PREFLIGHT_URL_A, token, true);
+ await testPreflightCached(tab.linkedBrowser, PREFLIGHT_URL_B, token, true);
+
+ await browser.close();
+ }
+
+ // Disable https_first mode to not upgrade the connection of the main page
+ // and get "Blocked loading mixed active content" for the CORS request
+ // making this test case fail. Another solution would be to change all URLs
+ // to https.
+ await SpecialPowers.pushPrefEnv({
+ set: [["dom.security.https_first_pbm", false]],
+ });
+
+ let token = uuidGenerator.generateUUID().toString();
+
+ // Make sure the CORS preflight cache is cleared between two private
+ // browsing sessions. Calling this function twice to see if the cache isn't
+ // populated anymore after the first call.
+ await deletePrivateBrowsingCache(token);
+ await deletePrivateBrowsingCache(token);
+
+ await SpecialPowers.clearUserPref("dom.security.https_first_pbm");
+});
diff --git a/toolkit/components/cleardata/tests/browser/browser_quota.js b/toolkit/components/cleardata/tests/browser/browser_quota.js
new file mode 100644
index 0000000000..94ff223773
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/browser_quota.js
@@ -0,0 +1,318 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+// This function adds the quota storage by simpleDB (one of quota clients
+// managed by the QuotaManager). In this function, a directory
+// ${profile}/storage/default/${origin}/sdb/ and a file inside are expected to
+// be added.
+async function addQuotaStorage(principal) {
+ let connection = Cc["@mozilla.org/dom/sdb-connection;1"].createInstance(
+ Ci.nsISDBConnection
+ );
+
+ connection.init(principal);
+
+ await new Promise((aResolve, aReject) => {
+ let request = connection.open("db");
+ request.callback = request => {
+ if (request.resultCode == Cr.NS_OK) {
+ aResolve();
+ } else {
+ aReject(request.resultCode);
+ }
+ };
+ });
+
+ await new Promise((aResolve, aReject) => {
+ let request = connection.write(new ArrayBuffer(1));
+ request.callback = request => {
+ if (request.resultCode == Cr.NS_OK) {
+ aResolve();
+ } else {
+ aReject(request.resultCode);
+ }
+ };
+ });
+}
+
+function getPrincipal(url, attr = {}) {
+ let uri = Services.io.newURI(url);
+ let ssm = Services.scriptSecurityManager;
+
+ return ssm.createContentPrincipal(uri, attr);
+}
+
+function getProfileDir() {
+ let directoryService = Services.dirsvc;
+
+ return directoryService.get("ProfD", Ci.nsIFile);
+}
+
+function getRelativeFile(relativePath) {
+ let profileDir = getProfileDir();
+
+ let file = profileDir.clone();
+ relativePath.split("/").forEach(function (component) {
+ file.append(component);
+ });
+
+ return file;
+}
+
+function getPath(origin) {
+ // Sanitizing
+ let regex = /[:\/]/g;
+ return "storage/default/" + origin.replace(regex, "+");
+}
+
+// This function checks if the origin has the quota storage by checking whether
+// the origin directory of that origin exists or not.
+function hasQuotaStorage(origin, attr) {
+ let path = getPath(origin);
+ if (attr) {
+ let principal = Services.scriptSecurityManager.createContentPrincipal(
+ Services.io.newURI(origin),
+ attr
+ );
+ path += principal.originSuffix;
+ }
+
+ let file = getRelativeFile(path);
+ return file.exists();
+}
+
+async function runTest(sites, deleteDataFunc) {
+ info(`Adding quota storage`);
+ for (let site of sites) {
+ const principal = getPrincipal(site.origin, site.originAttributes);
+ await addQuotaStorage(principal);
+ }
+
+ info(`Verifying ${deleteDataFunc.name}`);
+ let site;
+ while ((site = sites.shift())) {
+ await new Promise(aResolve => {
+ deleteDataFunc(...site.args, value => {
+ Assert.equal(value, 0);
+ aResolve();
+ });
+ });
+
+ ok(
+ !hasQuotaStorage(site.origin, site.originAttributes),
+ `${site.origin} has no quota storage`
+ );
+ sites.forEach(remainSite =>
+ ok(
+ hasQuotaStorage(remainSite.origin, remainSite.originAttributes),
+ `${remainSite.origin} has quota storage`
+ )
+ );
+ }
+}
+
+add_setup(async function () {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.quotaManager.testing", true],
+ ["dom.simpleDB.enabled", true],
+ ],
+ });
+});
+
+const ORG_DOMAIN = "example.org";
+const ORG_DOMAIN_SUB = `test.${ORG_DOMAIN}`;
+const ORG_ORIGIN = `https://${ORG_DOMAIN}`;
+const ORG_ORIGIN_SUB = `https://${ORG_DOMAIN_SUB}`;
+const COM_DOMAIN = "example.com";
+const COM_ORIGIN = `https://${COM_DOMAIN}`;
+const LH_DOMAIN = "localhost";
+const FOO_DOMAIN = "foo.com";
+
+add_task(async function test_deleteFromHost() {
+ const sites = [
+ {
+ args: [ORG_DOMAIN, true, Ci.nsIClearDataService.CLEAR_DOM_QUOTA],
+ origin: ORG_ORIGIN,
+ },
+ {
+ args: [COM_DOMAIN, true, Ci.nsIClearDataService.CLEAR_DOM_QUOTA],
+ origin: COM_ORIGIN,
+ },
+ {
+ args: [LH_DOMAIN, true, Ci.nsIClearDataService.CLEAR_DOM_QUOTA],
+ origin: `http://${LH_DOMAIN}:8000`,
+ },
+ {
+ args: [FOO_DOMAIN, true, Ci.nsIClearDataService.CLEAR_DOM_QUOTA],
+ origin: `http://${FOO_DOMAIN}`,
+ originAttributes: { userContextId: 1 },
+ },
+ ];
+
+ await runTest(sites, Services.clearData.deleteDataFromHost);
+});
+
+add_task(async function test_deleteFromPrincipal() {
+ const sites = [
+ {
+ args: [
+ getPrincipal(ORG_ORIGIN),
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ ],
+ origin: ORG_ORIGIN,
+ },
+ {
+ args: [
+ getPrincipal(COM_ORIGIN),
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ ],
+ origin: COM_ORIGIN,
+ },
+ ];
+
+ await runTest(sites, Services.clearData.deleteDataFromPrincipal);
+});
+
+add_task(async function test_deleteFromOriginAttributes() {
+ const ORG_OA = { userContextId: 1 };
+ const COM_OA = { userContextId: 2 };
+ const sites = [
+ {
+ args: [ORG_OA],
+ origin: ORG_ORIGIN,
+ originAttributes: ORG_OA,
+ },
+ {
+ args: [COM_OA],
+ origin: COM_ORIGIN,
+ originAttributes: COM_OA,
+ },
+ ];
+
+ await runTest(
+ sites,
+ Services.clearData.deleteDataFromOriginAttributesPattern
+ );
+});
+
+add_task(async function test_deleteAll() {
+ info(`Adding quota storage`);
+ await addQuotaStorage(getPrincipal(ORG_ORIGIN));
+ await addQuotaStorage(getPrincipal(COM_ORIGIN));
+
+ info(`Verifying deleteData`);
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ ok(!hasQuotaStorage(ORG_ORIGIN), `${ORG_ORIGIN} has no quota storage`);
+ ok(!hasQuotaStorage(COM_ORIGIN), `${COM_ORIGIN} has no quota storage`);
+});
+
+add_task(async function test_deleteSubdomain() {
+ const ANOTHER_ORIGIN = `https://wwww.${ORG_DOMAIN}`;
+ info(`Adding quota storage`);
+ await addQuotaStorage(getPrincipal(ORG_ORIGIN));
+ await addQuotaStorage(getPrincipal(ANOTHER_ORIGIN));
+
+ info(`Verifying deleteDataFromHost for subdomain`);
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ ORG_DOMAIN,
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ ok(!hasQuotaStorage(ORG_ORIGIN), `${ORG_ORIGIN} has no quota storage`);
+ ok(!hasQuotaStorage(COM_ORIGIN), `${ANOTHER_ORIGIN} has no quota storage`);
+});
+
+function getOAWithPartitionKey(topLevelBaseDomain, originAttributes = {}) {
+ if (!topLevelBaseDomain) {
+ return originAttributes;
+ }
+ return {
+ ...originAttributes,
+ partitionKey: `(https,${topLevelBaseDomain})`,
+ };
+}
+
+add_task(async function test_deleteBaseDomain() {
+ info("Adding quota storage");
+ await addQuotaStorage(getPrincipal(ORG_ORIGIN));
+ await addQuotaStorage(getPrincipal(ORG_ORIGIN_SUB));
+ await addQuotaStorage(getPrincipal(COM_ORIGIN));
+
+ info("Adding partitioned quota storage");
+ // Partitioned
+ await addQuotaStorage(
+ getPrincipal(COM_ORIGIN, getOAWithPartitionKey(ORG_DOMAIN))
+ );
+ await addQuotaStorage(
+ getPrincipal(COM_ORIGIN, getOAWithPartitionKey(FOO_DOMAIN))
+ );
+ await addQuotaStorage(
+ getPrincipal(ORG_ORIGIN, getOAWithPartitionKey(COM_DOMAIN))
+ );
+
+ info(`Verifying deleteDataFromBaseDomain`);
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ ORG_DOMAIN,
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ ok(!hasQuotaStorage(ORG_ORIGIN), `${ORG_ORIGIN} has no quota storage`);
+ ok(
+ !hasQuotaStorage(ORG_ORIGIN_SUB),
+ `${ORG_ORIGIN_SUB} has no quota storage`
+ );
+ ok(hasQuotaStorage(COM_ORIGIN), `${COM_ORIGIN} has quota storage`);
+
+ // Partitioned
+ ok(
+ !hasQuotaStorage(COM_ORIGIN, getOAWithPartitionKey(ORG_DOMAIN)),
+ `${COM_ORIGIN} under ${ORG_DOMAIN} has no quota storage`
+ );
+ ok(
+ hasQuotaStorage(COM_ORIGIN, getOAWithPartitionKey(FOO_DOMAIN)),
+ `${COM_ORIGIN} under ${FOO_DOMAIN} has quota storage`
+ );
+ ok(
+ !hasQuotaStorage(ORG_ORIGIN, getOAWithPartitionKey(COM_DOMAIN)),
+ `${ORG_ORIGIN} under ${COM_DOMAIN} has no quota storage`
+ );
+
+ // Cleanup
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+});
diff --git a/toolkit/components/cleardata/tests/browser/browser_serviceworkers.js b/toolkit/components/cleardata/tests/browser/browser_serviceworkers.js
new file mode 100644
index 0000000000..ad501aed70
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/browser_serviceworkers.js
@@ -0,0 +1,287 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const { SiteDataTestUtils } = ChromeUtils.importESModule(
+ "resource://testing-common/SiteDataTestUtils.sys.mjs"
+);
+
+async function addServiceWorker(origin) {
+ let swURL =
+ getRootDirectory(gTestPath).replace("chrome://mochitests/content", origin) +
+ "worker.js";
+
+ let registered = SiteDataTestUtils.promiseServiceWorkerRegistered(swURL);
+ await SiteDataTestUtils.addServiceWorker(swURL);
+ await registered;
+
+ ok(true, `${origin} has a service worker`);
+}
+
+add_setup(async function () {
+ await SpecialPowers.pushPrefEnv({
+ set: [
+ ["dom.serviceWorkers.enabled", true],
+ ["dom.serviceWorkers.exemptFromPerDomainMax", true],
+ ["dom.serviceWorkers.testing.enabled", true],
+ ],
+ });
+});
+
+add_task(async function test_deleteFromHost() {
+ await addServiceWorker("https://example.com");
+ await addServiceWorker("https://example.org");
+ await addServiceWorker("https://test1.example.org");
+
+ let unregistered = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://example.com"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "example.com",
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+ await unregistered;
+
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://example.com"),
+ "example.com has no service worker"
+ );
+ ok(
+ SiteDataTestUtils.hasServiceWorkers("https://example.org"),
+ "example.org has a service worker"
+ );
+ ok(
+ SiteDataTestUtils.hasServiceWorkers("https://test1.example.org"),
+ "test1.example.org has a service worker"
+ );
+
+ // Clearing the subdomain should not clear the base domain.
+ unregistered = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://test1.example.org"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "test1.example.org",
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+ await unregistered;
+
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test1.example.org"),
+ "test1.example.org has no service worker"
+ );
+ ok(
+ SiteDataTestUtils.hasServiceWorkers("https://example.org"),
+ "example.org has a service worker"
+ );
+
+ unregistered = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://example.org"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "example.org",
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+ await unregistered;
+
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://example.org"),
+ "example.org has no service worker"
+ );
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://example.com"),
+ "example.com has no service worker"
+ );
+});
+
+add_task(async function test_deleteFromBaseDomain() {
+ await addServiceWorker("https://example.com");
+ await addServiceWorker("https://test1.example.com");
+ await addServiceWorker("https://test2.example.com");
+ await addServiceWorker("https://example.org");
+
+ let unregistered = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://example.com"
+ );
+ let unregisteredSub1 = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://test1.example.com"
+ );
+ let unregisteredSub2 = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://test1.example.com"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.com",
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+ await Promise.all([unregistered, unregisteredSub1, unregisteredSub2]);
+
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://example.com"),
+ "example.com has no service worker"
+ );
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test1.example.com"),
+ "test1.example.com has no service worker"
+ );
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test2.example.com"),
+ "test2.example.com has no service worker"
+ );
+ ok(
+ SiteDataTestUtils.hasServiceWorkers("https://example.org"),
+ "example.org has a service worker"
+ );
+
+ unregistered = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://example.org"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.org",
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+ await unregistered;
+
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://example.org"),
+ "example.org has no service worker"
+ );
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://example.com"),
+ "example.com has no service worker"
+ );
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test1.example.com"),
+ "test1.example.com has no service worker"
+ );
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test2.example.com"),
+ "test2.example.com has no service worker"
+ );
+});
+
+add_task(async function test_deleteFromPrincipal() {
+ await addServiceWorker("https://test1.example.com");
+ await addServiceWorker("https://test1.example.org");
+
+ let unregistered = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://test1.example.com"
+ );
+ let principal =
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "https://test1.example.com/"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+ await unregistered;
+
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test1.example.com"),
+ "test1.example.com has no service worker"
+ );
+ ok(
+ SiteDataTestUtils.hasServiceWorkers("https://test1.example.org"),
+ "test1.example.org has a service worker"
+ );
+
+ unregistered = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://test1.example.org"
+ );
+ principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "https://test1.example.org/"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+ await unregistered;
+
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test1.example.org"),
+ "test1.example.org has no service worker"
+ );
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test1.example.com"),
+ "test1.example.com has no service worker"
+ );
+});
+
+add_task(async function test_deleteAll() {
+ await addServiceWorker("https://test2.example.com");
+ await addServiceWorker("https://test2.example.org");
+
+ let unregistered = SiteDataTestUtils.promiseServiceWorkerUnregistered(
+ "https://test2.example.com"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+ await unregistered;
+
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test2.example.com"),
+ "test2.example.com has no service worker"
+ );
+ ok(
+ !SiteDataTestUtils.hasServiceWorkers("https://test2.example.org"),
+ "test2.example.org has no service worker"
+ );
+
+ await SiteDataTestUtils.clear();
+});
diff --git a/toolkit/components/cleardata/tests/browser/browser_sessionStorage.js b/toolkit/components/cleardata/tests/browser/browser_sessionStorage.js
new file mode 100644
index 0000000000..013ae0fa92
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/browser_sessionStorage.js
@@ -0,0 +1,235 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const BASE_DOMAIN_A = "example.com";
+const ORIGIN_A = `https://${BASE_DOMAIN_A}`;
+const ORIGIN_A_HTTP = `http://${BASE_DOMAIN_A}`;
+const ORIGIN_A_SUB = `https://test1.${BASE_DOMAIN_A}`;
+
+const BASE_DOMAIN_B = "example.org";
+const ORIGIN_B = `https://${BASE_DOMAIN_B}`;
+const ORIGIN_B_HTTP = `http://${BASE_DOMAIN_B}`;
+const ORIGIN_B_SUB = `https://test1.${BASE_DOMAIN_B}`;
+
+const TEST_ROOT_DIR = getRootDirectory(gTestPath);
+
+// Session storage is only valid for the lifetime of a tab, so we need to keep
+// tabs open for the duration of a test.
+let originToTabs = {};
+
+function getTestURLForOrigin(origin) {
+ return TEST_ROOT_DIR.replace("chrome://mochitests/content", origin);
+}
+
+function getTestEntryName(origin, partitioned) {
+ return `${origin}${partitioned ? "_partitioned" : ""}`;
+}
+
+async function testHasEntry(originFirstParty, isSet, originThirdParty) {
+ let tabs = originToTabs[originFirstParty];
+
+ for (let tab of tabs) {
+ // For the partition test we inspect the sessionStorage of the iframe.
+ let browsingContext = originThirdParty
+ ? tab.linkedBrowser.browsingContext.children[0]
+ : tab.linkedBrowser.browsingContext;
+ let actualSet = await SpecialPowers.spawn(
+ browsingContext,
+ [
+ getTestEntryName(
+ originThirdParty || originFirstParty,
+ !!originThirdParty
+ ),
+ ],
+ key => {
+ return !!content.sessionStorage.getItem(key);
+ }
+ );
+
+ let msg = `${originFirstParty}${isSet ? " " : " not "}set`;
+ if (originThirdParty) {
+ msg = "Partitioned under " + msg;
+ }
+
+ is(actualSet, isSet, msg);
+ }
+}
+
+/**
+ * Creates tabs and sets sessionStorage entries in first party and third party
+ * context.
+ * @returns {Promise} - Promise which resolves once all tabs are initialized,
+ * {@link originToTabs} is populated and (sub-)resources have loaded.
+ */
+function addTestTabs() {
+ let promises = [
+ [ORIGIN_A, ORIGIN_B],
+ [ORIGIN_A_SUB, ORIGIN_B_SUB],
+ [ORIGIN_A_HTTP, ORIGIN_B_HTTP],
+ [ORIGIN_B, ORIGIN_A],
+ [ORIGIN_B_SUB, ORIGIN_A_SUB],
+ [ORIGIN_B_HTTP, ORIGIN_A_HTTP],
+ ].map(async ([firstParty, thirdParty]) => {
+ info("Creating new tab for " + firstParty);
+ let tab = BrowserTestUtils.addTab(gBrowser, firstParty);
+ await BrowserTestUtils.browserLoaded(tab.linkedBrowser);
+
+ info("Creating iframe for " + thirdParty);
+ await SpecialPowers.spawn(
+ tab.linkedBrowser,
+ [getTestEntryName(firstParty, false), thirdParty],
+ async (storageKey, url) => {
+ // Set unpartitioned sessionStorage for firstParty.
+ content.sessionStorage.setItem(storageKey, "foo");
+
+ let iframe = content.document.createElement("iframe");
+ iframe.src = url;
+
+ let loadPromise = ContentTaskUtils.waitForEvent(iframe, "load", false);
+ content.document.body.appendChild(iframe);
+ await loadPromise;
+ }
+ );
+
+ await SpecialPowers.spawn(
+ tab.linkedBrowser.browsingContext.children[0],
+ [getTestEntryName(thirdParty, true)],
+ async storageKey => {
+ // Set sessionStorage in partitioned third-party iframe.
+ content.sessionStorage.setItem(storageKey, "foo");
+ }
+ );
+
+ let tabs = originToTabs[firstParty];
+ if (!tabs) {
+ tabs = [];
+ originToTabs[firstParty] = tabs;
+ }
+ tabs.push(tab);
+ });
+
+ return Promise.all(promises);
+}
+
+function cleanup() {
+ Object.values(originToTabs).flat().forEach(BrowserTestUtils.removeTab);
+ originToTabs = {};
+ Services.obs.notifyObservers(null, "browser:purge-sessionStorage");
+}
+
+add_setup(async function () {
+ await SpecialPowers.pushPrefEnv({
+ set: [["network.cookie.cookieBehavior", 5]],
+ });
+ cleanup();
+});
+
+add_task(async function test_deleteByBaseDomain() {
+ await addTestTabs();
+
+ info("Clearing sessionStorage for base domain A " + BASE_DOMAIN_A);
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ BASE_DOMAIN_A,
+ false,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ resolve
+ );
+ });
+
+ info("All entries for A should have been cleared.");
+ await testHasEntry(ORIGIN_A, false);
+ await testHasEntry(ORIGIN_A_SUB, false);
+ await testHasEntry(ORIGIN_A_HTTP, false);
+
+ info("Entries for B should still exist.");
+ await testHasEntry(ORIGIN_B, true);
+ await testHasEntry(ORIGIN_B_SUB, true);
+ await testHasEntry(ORIGIN_B_HTTP, true);
+
+ info("All partitioned entries for B under A should have been cleared.");
+ await testHasEntry(ORIGIN_A, false, ORIGIN_B);
+ await testHasEntry(ORIGIN_A_SUB, false, ORIGIN_B_SUB);
+ await testHasEntry(ORIGIN_A_HTTP, false, ORIGIN_B_HTTP);
+
+ info("All partitioned entries of A under B should have been cleared.");
+ await testHasEntry(ORIGIN_B, false, ORIGIN_A);
+ await testHasEntry(ORIGIN_B_SUB, false, ORIGIN_A_SUB);
+ await testHasEntry(ORIGIN_B_HTTP, false, ORIGIN_A_HTTP);
+
+ cleanup();
+});
+
+add_task(async function test_deleteAll() {
+ await addTestTabs();
+
+ info("Clearing sessionStorage for base domain A " + BASE_DOMAIN_A);
+ await new Promise(resolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ resolve
+ );
+ });
+
+ info("All entries should have been cleared.");
+ await testHasEntry(ORIGIN_A, false);
+ await testHasEntry(ORIGIN_A_SUB, false);
+ await testHasEntry(ORIGIN_A_HTTP, false);
+ await testHasEntry(ORIGIN_B, false);
+ await testHasEntry(ORIGIN_B_SUB, false);
+ await testHasEntry(ORIGIN_B_HTTP, false);
+
+ info("All partitioned entries should have been cleared.");
+ await testHasEntry(ORIGIN_A, false, ORIGIN_B);
+ await testHasEntry(ORIGIN_A_SUB, false, ORIGIN_B_SUB);
+ await testHasEntry(ORIGIN_A_HTTP, false, ORIGIN_B_HTTP);
+ await testHasEntry(ORIGIN_B, false, ORIGIN_A);
+ await testHasEntry(ORIGIN_B_SUB, false, ORIGIN_A_SUB);
+ await testHasEntry(ORIGIN_B_HTTP, false, ORIGIN_A_HTTP);
+
+ cleanup();
+});
+
+add_task(async function test_deleteFromPrincipal() {
+ await addTestTabs();
+
+ info("Clearing sessionStorage for partitioned principal A " + BASE_DOMAIN_A);
+
+ let principalA = Services.scriptSecurityManager.createContentPrincipal(
+ Services.io.newURI(ORIGIN_A),
+ { partitionKey: `(https,${BASE_DOMAIN_B})` }
+ );
+
+ info("principal: " + principalA.origin);
+ info("principal partitionKey " + principalA.originAttributes.partitionKey);
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principalA,
+ false,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ resolve
+ );
+ });
+
+ info("Unpartitioned entries should still exist.");
+ await testHasEntry(ORIGIN_A, true);
+ await testHasEntry(ORIGIN_A_SUB, true);
+ await testHasEntry(ORIGIN_A_HTTP, true);
+ await testHasEntry(ORIGIN_B, true);
+ await testHasEntry(ORIGIN_B_SUB, true);
+ await testHasEntry(ORIGIN_B_HTTP, true);
+
+ info("Only entries of principal should have been cleared.");
+ await testHasEntry(ORIGIN_A, true, ORIGIN_B);
+ await testHasEntry(ORIGIN_A_SUB, true, ORIGIN_B_SUB);
+ await testHasEntry(ORIGIN_A_HTTP, true, ORIGIN_B_HTTP);
+
+ await testHasEntry(ORIGIN_B, false, ORIGIN_A);
+
+ await testHasEntry(ORIGIN_B_SUB, true, ORIGIN_A_SUB);
+ await testHasEntry(ORIGIN_B_HTTP, true, ORIGIN_A_HTTP);
+
+ cleanup();
+});
diff --git a/toolkit/components/cleardata/tests/browser/file_cors_preflight.sjs b/toolkit/components/cleardata/tests/browser/file_cors_preflight.sjs
new file mode 100644
index 0000000000..0f7041aaa7
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/file_cors_preflight.sjs
@@ -0,0 +1,40 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+Cu.importGlobalProperties(["URLSearchParams"]);
+
+function handleRequest(request, response) {
+ let query = new URLSearchParams(request.queryString);
+ let token = query.get("token");
+
+ response.setHeader("Content-Type", "text/plain", false);
+ response.setHeader("Access-Control-Allow-Origin", "*", false);
+ response.setHeader("Access-Control-Allow-Headers", "x-test-header", false);
+
+ if (request.method == "OPTIONS") {
+ response.setHeader(
+ "Access-Control-Allow-Methods",
+ request.getHeader("Access-Control-Request-Method"),
+ false
+ );
+ response.setHeader("Access-Control-Max-Age", "20", false);
+
+ setState(token, token);
+ } else {
+ let test_op = request.getHeader("x-test-header");
+
+ if (test_op == "check") {
+ let value = getState(token);
+
+ if (value) {
+ response.write("1");
+ setState(token, "");
+ } else {
+ response.write("0");
+ }
+ }
+ }
+}
diff --git a/toolkit/components/cleardata/tests/browser/file_css_cache.css b/toolkit/components/cleardata/tests/browser/file_css_cache.css
new file mode 100644
index 0000000000..2ceb1b7e0b
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/file_css_cache.css
@@ -0,0 +1,3 @@
+:root {
+ background-color: lime;
+}
diff --git a/toolkit/components/cleardata/tests/browser/file_css_cache.html b/toolkit/components/cleardata/tests/browser/file_css_cache.html
new file mode 100644
index 0000000000..b382bc1887
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/file_css_cache.html
@@ -0,0 +1,6 @@
+<!doctype html>
+<meta charset="utf-8">
+<head>
+ <link rel="stylesheet" href="file_css_cache.css">
+</head>
+<body></body>
diff --git a/toolkit/components/cleardata/tests/browser/file_image_cache.html b/toolkit/components/cleardata/tests/browser/file_image_cache.html
new file mode 100644
index 0000000000..37439a8fa7
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/file_image_cache.html
@@ -0,0 +1,7 @@
+<!doctype html>
+<meta charset="utf-8">
+<head>
+</head>
+<body>
+ <img src="file_image_cache.jpg">
+</body>
diff --git a/toolkit/components/cleardata/tests/browser/file_image_cache.jpg b/toolkit/components/cleardata/tests/browser/file_image_cache.jpg
new file mode 100644
index 0000000000..48c454d27c
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/file_image_cache.jpg
Binary files differ
diff --git a/toolkit/components/cleardata/tests/browser/worker.js b/toolkit/components/cleardata/tests/browser/worker.js
new file mode 100644
index 0000000000..aa8a83a4ce
--- /dev/null
+++ b/toolkit/components/cleardata/tests/browser/worker.js
@@ -0,0 +1 @@
+// Empty script for testing service workers
diff --git a/toolkit/components/cleardata/tests/marionette/manifest.ini b/toolkit/components/cleardata/tests/marionette/manifest.ini
new file mode 100644
index 0000000000..be03a9aff0
--- /dev/null
+++ b/toolkit/components/cleardata/tests/marionette/manifest.ini
@@ -0,0 +1,2 @@
+[test_moved_origin_directory_cleanup.py]
+[test_service_worker_at_shutdown.py]
diff --git a/toolkit/components/cleardata/tests/marionette/test_moved_origin_directory_cleanup.py b/toolkit/components/cleardata/tests/marionette/test_moved_origin_directory_cleanup.py
new file mode 100644
index 0000000000..e0a066577e
--- /dev/null
+++ b/toolkit/components/cleardata/tests/marionette/test_moved_origin_directory_cleanup.py
@@ -0,0 +1,134 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+from pathlib import Path
+
+from marionette_driver import Wait
+from marionette_harness import MarionetteTestCase
+
+
+class MovedOriginDirectoryCleanupTestCase(MarionetteTestCase):
+ def setUp(self):
+ super().setUp()
+ self.marionette.enforce_gecko_prefs(
+ {
+ "privacy.sanitize.sanitizeOnShutdown": True,
+ "privacy.clearOnShutdown.offlineApps": True,
+ "dom.quotaManager.backgroundTask.enabled": False,
+ }
+ )
+ self.moved_origin_directory = (
+ Path(self.marionette.profile_path) / "storage" / "to-be-removed" / "foo"
+ )
+ self.moved_origin_directory.mkdir(parents=True, exist_ok=True)
+
+ # Add a cookie to get a principal to be cleaned up
+ with self.marionette.using_context("chrome"):
+ self.marionette.execute_script(
+ """
+ Services.cookies.add(
+ "example.local",
+ "path",
+ "name",
+ "value",
+ false,
+ false,
+ false,
+ Math.floor(Date.now() / 1000) + 24 * 60 * 60,
+ {},
+ Ci.nsICookie.SAMESITE_NONE,
+ Ci.nsICookie.SCHEME_UNSET
+ );
+ """
+ )
+
+ def removeAllCookies(self):
+ with self.marionette.using_context("chrome"):
+ self.marionette.execute_script(
+ """
+ Services.cookies.removeAll();
+ """
+ )
+
+ def test_ensure_cleanup_by_quit(self):
+ self.assertTrue(
+ self.moved_origin_directory.exists(),
+ "to-be-removed subdirectory must exist",
+ )
+
+ # Cleanup happens via Sanitizer.sanitizeOnShutdown
+ self.marionette.quit()
+
+ self.assertFalse(
+ self.moved_origin_directory.exists(),
+ "to-be-removed subdirectory must disappear",
+ )
+
+ def test_ensure_cleanup_at_crashed_restart(self):
+ self.assertTrue(
+ self.moved_origin_directory.exists(),
+ "to-be-removed subdirectory must exist",
+ )
+
+ # Pending sanitization is added via Sanitizer.onStartup
+ # "offlineApps" corresponds to CLEAR_DOM_STORAGES
+ Wait(self.marionette).until(
+ lambda _: (
+ "offlineApps" in self.marionette.get_pref("privacy.sanitize.pending"),
+ ),
+ message="privacy.sanitize.pending must include offlineApps",
+ )
+
+ # Cleanup happens via Sanitizer.onStartup after restart
+ self.marionette.restart(in_app=False)
+
+ Wait(self.marionette).until(
+ lambda _: not self.moved_origin_directory.exists(),
+ message="to-be-removed subdirectory must disappear",
+ )
+
+ def test_ensure_cleanup_by_quit_with_background_task(self):
+ self.assertTrue(
+ self.moved_origin_directory.exists(),
+ "to-be-removed subdirectory must exist",
+ )
+
+ self.marionette.set_pref("dom.quotaManager.backgroundTask.enabled", True)
+
+ # Cleanup happens via Sanitizer.sanitizeOnShutdown
+ self.marionette.quit()
+
+ Wait(self.marionette).until(
+ lambda _: not self.moved_origin_directory.exists(),
+ message="to-be-removed subdirectory must disappear",
+ )
+
+ def test_ensure_no_cleanup_when_disabled(self):
+ self.assertTrue(
+ self.moved_origin_directory.exists(),
+ "to-be-removed subdirectory must exist",
+ )
+
+ self.marionette.set_pref("privacy.sanitize.sanitizeOnShutdown", False)
+ self.marionette.quit()
+
+ self.assertTrue(
+ self.moved_origin_directory.exists(),
+ "to-be-removed subdirectory must not disappear",
+ )
+
+ def test_ensure_no_cleanup_when_no_cookie(self):
+ self.assertTrue(
+ self.moved_origin_directory.exists(),
+ "to-be-removed subdirectory must exist",
+ )
+
+ self.removeAllCookies()
+
+ self.marionette.quit()
+
+ self.assertTrue(
+ self.moved_origin_directory.exists(),
+ "to-be-removed subdirectory must not disappear",
+ )
diff --git a/toolkit/components/cleardata/tests/marionette/test_service_worker_at_shutdown.py b/toolkit/components/cleardata/tests/marionette/test_service_worker_at_shutdown.py
new file mode 100644
index 0000000000..9738c0ea17
--- /dev/null
+++ b/toolkit/components/cleardata/tests/marionette/test_service_worker_at_shutdown.py
@@ -0,0 +1,62 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+from marionette_driver import Wait
+from marionette_harness import MarionetteTestCase
+
+
+class ServiceWorkerAtShutdownTestCase(MarionetteTestCase):
+ def setUp(self):
+ super(ServiceWorkerAtShutdownTestCase, self).setUp()
+ self.install_service_worker()
+ self.set_pref_to_delete_site_data_on_shutdown()
+
+ def tearDown(self):
+ self.marionette.restart(in_app=False, clean=True)
+ super(ServiceWorkerAtShutdownTestCase, self).tearDown()
+
+ def install_service_worker(self):
+ install_url = self.marionette.absolute_url(
+ "serviceworker/install_serviceworker.html"
+ )
+ self.marionette.navigate(install_url)
+ # Make sure 'install_url' is not loaded on startup, it would reinstall the service worker
+ dummy_url = self.marionette.absolute_url("dummy.html")
+ self.marionette.navigate(dummy_url)
+ Wait(self.marionette).until(lambda _: self.is_service_worker_registered)
+
+ def set_pref_to_delete_site_data_on_shutdown(self):
+ self.marionette.set_pref("privacy.sanitize.sanitizeOnShutdown", True)
+ self.marionette.set_pref("privacy.clearOnShutdown.offlineApps", True)
+
+ def test_unregistering_service_worker_when_clearing_data(self):
+ self.marionette.restart(clean=False, in_app=True)
+ self.assertFalse(self.is_service_worker_registered)
+
+ @property
+ def is_service_worker_registered(self):
+ with self.marionette.using_context("chrome"):
+ return self.marionette.execute_script(
+ """
+ let serviceWorkerManager = Cc["@mozilla.org/serviceworkers/manager;1"].getService(
+ Ci.nsIServiceWorkerManager
+ );
+
+ let principal =
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(arguments[0]);
+
+ let serviceWorkers = serviceWorkerManager.getAllRegistrations();
+ for (let i = 0; i < serviceWorkers.length; i++) {
+ let sw = serviceWorkers.queryElementAt(
+ i,
+ Ci.nsIServiceWorkerRegistrationInfo
+ );
+ if (sw.principal.origin == principal.origin) {
+ return true;
+ }
+ }
+ return false;
+ """,
+ script_args=(self.marionette.absolute_url(""),),
+ )
diff --git a/toolkit/components/cleardata/tests/unit/head.js b/toolkit/components/cleardata/tests/unit/head.js
new file mode 100644
index 0000000000..5e73b8a789
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/head.js
@@ -0,0 +1,27 @@
+"use strict";
+
+const { SiteDataTestUtils } = ChromeUtils.importESModule(
+ "resource://testing-common/SiteDataTestUtils.sys.mjs"
+);
+const { PermissionTestUtils } = ChromeUtils.importESModule(
+ "resource://testing-common/PermissionTestUtils.sys.mjs"
+);
+
+function run_test() {
+ do_get_profile();
+ run_next_test();
+}
+
+function getOAWithPartitionKey(
+ { scheme = "https", topLevelBaseDomain, port = null } = {},
+ originAttributes = {}
+) {
+ if (!topLevelBaseDomain || !scheme) {
+ return originAttributes;
+ }
+
+ return {
+ ...originAttributes,
+ partitionKey: `(${scheme},${topLevelBaseDomain}${port ? `,${port}` : ""})`,
+ };
+}
diff --git a/toolkit/components/cleardata/tests/unit/test_basic.js b/toolkit/components/cleardata/tests/unit/test_basic.js
new file mode 100644
index 0000000000..3634483ee4
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_basic.js
@@ -0,0 +1,19 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Basic test for nsIClearDataService module.
+ */
+
+"use strict";
+
+add_task(async function test_basic() {
+ Assert.ok(!!Services.clearData);
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value => {
+ Assert.equal(value, 0);
+ aResolve();
+ });
+ });
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_certs.js b/toolkit/components/cleardata/tests/unit/test_certs.js
new file mode 100644
index 0000000000..3ff538d5a8
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_certs.js
@@ -0,0 +1,233 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const overrideService = Cc["@mozilla.org/security/certoverride;1"].getService(
+ Ci.nsICertOverrideService
+);
+const certDB = Cc["@mozilla.org/security/x509certdb;1"].getService(
+ Ci.nsIX509CertDB
+);
+
+const CERT_TEST =
+ "MIHhMIGcAgEAMA0GCSqGSIb3DQEBBQUAMAwxCjAIBgNVBAMTAUEwHhcNMTEwMzIzMjMyNTE3WhcNMTEwNDIyMjMyNTE3WjAMMQowCAYDVQQDEwFBMEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxANFm7ZCfYNJViaDWTFuMClX3+9u18VFGiyLfM6xJrxir4QVtQC7VUC/WUGoBUs9COQIDAQABMA0GCSqGSIb3DQEBBQUAAzEAx2+gIwmuYjJO5SyabqIm4lB1MandHH1HQc0y0tUFshBOMESTzQRPSVwPn77a6R9t";
+
+add_task(async function () {
+ Assert.ok(Services.clearData);
+
+ const TEST_URI = Services.io.newURI("http://test.com/");
+ const ANOTHER_TEST_URI = Services.io.newURI("https://example.com/");
+ const YET_ANOTHER_TEST_URI = Services.io.newURI("https://example.test/");
+ let cert = certDB.constructX509FromBase64(CERT_TEST);
+ let flags = Ci.nsIClearDataService.CLEAR_CERT_EXCEPTIONS;
+
+ ok(cert, "Cert was created");
+
+ Assert.ok(
+ !overrideService.hasMatchingOverride(
+ TEST_URI.asciiHost,
+ TEST_URI.port,
+ {},
+ cert,
+ {}
+ ),
+ `Should not have override for ${TEST_URI.asciiHost}:${TEST_URI.port} yet`
+ );
+
+ overrideService.rememberValidityOverride(
+ TEST_URI.asciiHost,
+ TEST_URI.port,
+ {},
+ cert,
+ flags,
+ false
+ );
+
+ Assert.ok(
+ overrideService.hasMatchingOverride(
+ TEST_URI.asciiHost,
+ TEST_URI.port,
+ {},
+ cert,
+ {}
+ ),
+ `Should have override for ${TEST_URI.asciiHost}:${TEST_URI.port} now`
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ TEST_URI.asciiHostPort,
+ true /* user request */,
+ flags,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.ok(
+ !overrideService.hasMatchingOverride(
+ TEST_URI.asciiHost,
+ TEST_URI.port,
+ {},
+ cert,
+ {}
+ ),
+ `Should not have override for ${TEST_URI.asciiHost}:${TEST_URI.port} now`
+ );
+
+ for (let uri of [TEST_URI, ANOTHER_TEST_URI, YET_ANOTHER_TEST_URI]) {
+ overrideService.rememberValidityOverride(
+ uri.asciiHost,
+ uri.port,
+ { privateBrowsingId: 1 },
+ cert,
+ flags,
+ false
+ );
+ Assert.ok(
+ overrideService.hasMatchingOverride(
+ uri.asciiHost,
+ uri.port,
+ { privateBrowsingId: 1 },
+ cert,
+ {}
+ ),
+ `Should have added override for ${uri.asciiHost}:${uri.port} with private browsing ID`
+ );
+ Assert.ok(
+ !overrideService.hasMatchingOverride(
+ uri.asciiHost,
+ uri.port,
+ { privateBrowsingId: 2 },
+ cert,
+ {}
+ ),
+ `Should not have added override for ${uri.asciiHost}:${uri.port} with private browsing ID 2`
+ );
+ Assert.ok(
+ !overrideService.hasMatchingOverride(
+ uri.asciiHost,
+ uri.port,
+ {},
+ cert,
+ {}
+ ),
+ `Should not have added override for ${uri.asciiHost}:${uri.port}`
+ );
+ overrideService.rememberValidityOverride(
+ uri.asciiHost,
+ uri.port,
+ {},
+ cert,
+ flags,
+ false
+ );
+ Assert.ok(
+ overrideService.hasMatchingOverride(
+ uri.asciiHost,
+ uri.port,
+ {},
+ cert,
+ {}
+ ),
+ `Should have added override for ${uri.asciiHost}:${uri.port}`
+ );
+ }
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(flags, value => {
+ Assert.equal(value, 0);
+ aResolve();
+ });
+ });
+
+ for (let uri of [TEST_URI, ANOTHER_TEST_URI, YET_ANOTHER_TEST_URI]) {
+ Assert.ok(
+ !overrideService.hasMatchingOverride(
+ uri.asciiHost,
+ uri.port,
+ {},
+ cert,
+ {}
+ ),
+ `Should have removed override for ${uri.asciiHost}:${uri.port}`
+ );
+ Assert.ok(
+ !overrideService.hasMatchingOverride(
+ uri.asciiHost,
+ uri.port,
+ { privateBrowsingId: 1 },
+ cert,
+ {}
+ ),
+ `Should have removed override for ${uri.asciiHost}:${uri.port} with private browsing attribute`
+ );
+ }
+});
+
+add_task(async function test_deleteByBaseDomain() {
+ let toClear = [
+ Services.io.newURI("https://example.com"),
+ Services.io.newURI("http://example.com:8080"),
+ Services.io.newURI("http://test1.example.com"),
+ Services.io.newURI("http://foo.bar.example.com"),
+ ];
+
+ let toKeep = [
+ Services.io.newURI("https://example.org"),
+ Services.io.newURI("http://test1.example.org"),
+ Services.io.newURI("http://foo.bar.example.org"),
+ Services.io.newURI("http://example.test"),
+ ];
+
+ let all = toClear.concat(toKeep);
+
+ let cert = certDB.constructX509FromBase64(CERT_TEST);
+ ok(cert, "Cert was created");
+
+ all.forEach(({ asciiHost, port }) => {
+ Assert.ok(
+ !overrideService.hasMatchingOverride(asciiHost, port, {}, cert, {}),
+ `Should not have override for ${asciiHost}:${port} yet`
+ );
+
+ overrideService.rememberValidityOverride(asciiHost, port, {}, cert, false);
+
+ Assert.ok(
+ overrideService.hasMatchingOverride(asciiHost, port, {}, cert, {}),
+ `Should have override for ${asciiHost}:${port} now`
+ );
+ });
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.com",
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_CERT_EXCEPTIONS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ toClear.forEach(({ asciiHost, port }) =>
+ Assert.ok(
+ !overrideService.hasMatchingOverride(asciiHost, port, {}, cert, {}),
+ `Should have cleared override for ${asciiHost}:${port}`
+ )
+ );
+
+ toKeep.forEach(({ asciiHost, port }) =>
+ Assert.ok(
+ overrideService.hasMatchingOverride(asciiHost, port, {}, cert, {}),
+ `Should have kept override for ${asciiHost}:${port}`
+ )
+ );
+
+ // Cleanup
+ overrideService.clearAllOverrides();
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_cookies.js b/toolkit/components/cleardata/tests/unit/test_cookies.js
new file mode 100644
index 0000000000..4bcb6d725a
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_cookies.js
@@ -0,0 +1,393 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests for cookies.
+ */
+
+"use strict";
+
+add_task(async function test_all_cookies() {
+ const expiry = Date.now() + 24 * 60 * 60;
+ Services.cookies.add(
+ "example.net",
+ "path",
+ "name",
+ "value",
+ true /* secure */,
+ true /* http only */,
+ false /* session */,
+ expiry,
+ {},
+ Ci.nsICookie.SAMESITE_NONE,
+ Ci.nsICookie.SCHEME_HTTPS
+ );
+ Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 1);
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 0);
+});
+
+add_task(async function test_range_cookies() {
+ const expiry = Date.now() + 24 * 60 * 60;
+ Services.cookies.add(
+ "example.net",
+ "path",
+ "name",
+ "value",
+ true /* secure */,
+ true /* http only */,
+ false /* session */,
+ expiry,
+ {},
+ Ci.nsICookie.SAMESITE_NONE,
+ Ci.nsICookie.SCHEME_HTTPS
+ );
+ Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 1);
+
+ // The cookie is out of time range here.
+ let from = Date.now() + 60 * 60;
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataInTimeRange(
+ from * 1000,
+ expiry * 2000,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 1);
+
+ // Now we delete all.
+ from = Date.now() - 60 * 60;
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataInTimeRange(
+ from * 1000,
+ expiry * 2000,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 0);
+});
+
+add_task(async function test_principal_cookies() {
+ const expiry = Date.now() + 24 * 60 * 60;
+ Services.cookies.add(
+ "example.net",
+ "path",
+ "name",
+ "value",
+ true /* secure */,
+ true /* http only */,
+ false /* session */,
+ expiry,
+ {},
+ Ci.nsICookie.SAMESITE_NONE,
+ Ci.nsICookie.SCHEME_HTTPS
+ );
+ Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 1);
+
+ let uri = Services.io.newURI("http://example.com");
+ let principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 1);
+
+ // Now we delete all.
+ uri = Services.io.newURI("http://example.net");
+ principal = Services.scriptSecurityManager.createContentPrincipal(uri, {});
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.equal(Services.cookies.countCookiesFromHost("example.net"), 0);
+});
+
+add_task(async function test_localfile_cookies() {
+ const expiry = Date.now() + 24 * 60 * 60;
+ Services.cookies.add(
+ "", // local file
+ "path",
+ "name",
+ "value",
+ false /* secure */,
+ false /* http only */,
+ false /* session */,
+ expiry,
+ {},
+ Ci.nsICookie.SAMESITE_NONE,
+ Ci.nsICookie.SCHEME_HTTP
+ );
+
+ Assert.notEqual(Services.cookies.countCookiesFromHost(""), 0);
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromLocalFiles(
+ true,
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ aResolve
+ );
+ });
+ Assert.equal(Services.cookies.countCookiesFromHost(""), 0);
+});
+
+// The following tests ensure we properly clear (partitioned/unpartitioned)
+// cookies when using deleteDataFromBaseDomain and deleteDataFromHost.
+
+function getTestCookieName(host, topLevelBaseDomain) {
+ if (!topLevelBaseDomain) {
+ return host;
+ }
+ return `${host}_${topLevelBaseDomain}`;
+}
+
+function setTestCookie({
+ host,
+ topLevelBaseDomain = null,
+ originAttributes = {},
+}) {
+ SiteDataTestUtils.addToCookies({
+ host,
+ name: getTestCookieName(host, topLevelBaseDomain),
+ originAttributes: getOAWithPartitionKey(
+ { topLevelBaseDomain },
+ originAttributes
+ ),
+ });
+}
+
+function setTestCookies() {
+ // First party cookies
+ setTestCookie({ host: "example.net" });
+ setTestCookie({ host: "test.example.net" });
+ setTestCookie({ host: "example.org" });
+
+ // Third-party partitioned cookies.
+ setTestCookie({ host: "example.com", topLevelBaseDomain: "example.net" });
+ setTestCookie({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ originAttributes: { userContextId: 1 },
+ });
+ setTestCookie({ host: "example.net", topLevelBaseDomain: "example.org" });
+ setTestCookie({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ });
+
+ // Ensure we have the correct cookie test state.
+ // Not using countCookiesFromHost because it doesn't see partitioned cookies.
+ testCookieExists({ host: "example.net" });
+ testCookieExists({ host: "test.example.net" });
+ testCookieExists({ host: "example.org" });
+
+ testCookieExists({ host: "example.com", topLevelBaseDomain: "example.net" });
+ testCookieExists({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ originAttributes: { userContextId: 1 },
+ });
+ testCookieExists({ host: "example.net", topLevelBaseDomain: "example.org" });
+ testCookieExists({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ });
+}
+
+function testCookieExists({
+ host,
+ topLevelBaseDomain = null,
+ expected = true,
+ originAttributes = {},
+}) {
+ let exists = Services.cookies.cookieExists(
+ host,
+ "path",
+ getTestCookieName(host, topLevelBaseDomain),
+ getOAWithPartitionKey({ topLevelBaseDomain }, originAttributes)
+ );
+ let message = `Cookie ${expected ? "is set" : "is not set"} for ${host}`;
+ if (topLevelBaseDomain) {
+ message += ` partitioned under ${topLevelBaseDomain}`;
+ }
+ Assert.equal(exists, expected, message);
+ return exists;
+}
+
+/**
+ * Tests deleting (partitioned) cookies by base domain.
+ */
+add_task(async function test_baseDomain_cookies() {
+ Services.cookies.removeAll();
+ setTestCookies();
+
+ // Clear cookies of example.net including partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ aResolve
+ );
+ });
+
+ testCookieExists({ host: "example.net", expected: false });
+ testCookieExists({ host: "test.example.net", expected: false });
+ testCookieExists({ host: "example.org" });
+
+ testCookieExists({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ expected: false,
+ });
+ testCookieExists({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ originAttributes: { userContextId: 1 },
+ expected: false,
+ });
+ testCookieExists({
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+ testCookieExists({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+
+ // Cleanup
+ Services.cookies.removeAll();
+});
+
+/**
+ * Tests deleting (non-partitioned) cookies by host.
+ */
+add_task(async function test_host_cookies() {
+ Services.cookies.removeAll();
+ setTestCookies();
+
+ // Clear cookies of example.net without partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ aResolve
+ );
+ });
+
+ testCookieExists({ host: "example.net", expected: false });
+ testCookieExists({ host: "test.example.net" });
+ testCookieExists({ host: "example.org" });
+ // Third-party partitioned cookies under example.net should not be cleared.
+ testCookieExists({ host: "example.com", topLevelBaseDomain: "example.net" });
+ setTestCookie({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ originAttributes: { userContextId: 1 },
+ });
+ // Third-party partitioned cookies of example.net should be removed, because
+ // CookieCleaner matches with host, but any partition key (oa = {}) via
+ // removeCookiesFromExactHost.
+ testCookieExists({
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+ testCookieExists({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ });
+
+ // Cleanup
+ Services.cookies.removeAll();
+});
+
+/**
+ * Tests that we correctly clear data when given a subdomain.
+ */
+add_task(async function test_baseDomain_cookies_subdomain() {
+ Services.cookies.removeAll();
+ setTestCookies();
+
+ // Clear cookies of test.example.net including partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "test.example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_COOKIES,
+ aResolve
+ );
+ });
+
+ testCookieExists({ host: "example.net", expected: false });
+ testCookieExists({ host: "test.example.net", expected: false });
+ testCookieExists({ host: "example.org" });
+
+ testCookieExists({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ expected: false,
+ });
+ setTestCookie({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ originAttributes: { userContextId: 1 },
+ expected: false,
+ });
+ testCookieExists({
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+ testCookieExists({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+
+ // Cleanup
+ Services.cookies.removeAll();
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_downloads.js b/toolkit/components/cleardata/tests/unit/test_downloads.js
new file mode 100644
index 0000000000..72de763ce3
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_downloads.js
@@ -0,0 +1,310 @@
+/**
+ * Tests for downloads.
+ */
+
+"use strict";
+
+const { Downloads } = ChromeUtils.importESModule(
+ "resource://gre/modules/Downloads.sys.mjs"
+);
+const { FileTestUtils } = ChromeUtils.importESModule(
+ "resource://testing-common/FileTestUtils.sys.mjs"
+);
+
+const TEST_TARGET_FILE_NAME = "test-download.txt";
+let fileURL;
+let downloadList;
+
+function createFileURL() {
+ if (!fileURL) {
+ const file = Services.dirsvc.get("TmpD", Ci.nsIFile);
+ file.append("foo.txt");
+ file.createUnique(Ci.nsIFile.NORMAL_FILE_TYPE, 0o600);
+
+ fileURL = Services.io.newFileURI(file);
+ }
+
+ return fileURL;
+}
+
+async function createDownloadList() {
+ if (!downloadList) {
+ Downloads._promiseListsInitialized = null;
+ Downloads._lists = {};
+ Downloads._summaries = {};
+
+ downloadList = await Downloads.getList(Downloads.ALL);
+ }
+
+ return downloadList;
+}
+
+add_task(async function test_all_downloads() {
+ const url = createFileURL();
+ const list = await createDownloadList();
+
+ // First download.
+ let download = await Downloads.createDownload({
+ source: { url: url.spec, isPrivate: false },
+ target: { path: FileTestUtils.getTempFile(TEST_TARGET_FILE_NAME).path },
+ });
+ Assert.ok(!!download);
+ list.add(download);
+
+ let view;
+ let removePromise = new Promise(resolve => {
+ view = {
+ onDownloadAdded() {},
+ onDownloadChanged() {},
+ onDownloadRemoved() {
+ resolve();
+ },
+ };
+ });
+
+ await list.addView(view);
+
+ let items = await list.getAll();
+ Assert.equal(items.length, 1);
+
+ await new Promise(resolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOWNLOADS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ });
+
+ await removePromise;
+
+ items = await list.getAll();
+ Assert.equal(items.length, 0);
+});
+
+add_task(async function test_range_downloads() {
+ const url = createFileURL();
+ const list = await createDownloadList();
+
+ let download = await Downloads.createDownload({
+ source: { url: url.spec, isPrivate: false },
+ target: { path: FileTestUtils.getTempFile(TEST_TARGET_FILE_NAME).path },
+ });
+ Assert.ok(!!download);
+ list.add(download);
+
+ // Start + cancel. I need to have a startTime value.
+ await download.start();
+ await download.cancel();
+
+ let items = await list.getAll();
+ Assert.equal(items.length, 1);
+
+ let view;
+ let removePromise = new Promise(resolve => {
+ view = {
+ onDownloadAdded() {},
+ onDownloadChanged() {},
+ onDownloadRemoved() {
+ resolve();
+ },
+ };
+ });
+
+ await list.addView(view);
+
+ await new Promise(resolve => {
+ Services.clearData.deleteDataInTimeRange(
+ download.startTime.getTime() * 1000,
+ download.startTime.getTime() * 1000,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_DOWNLOADS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ });
+
+ await removePromise;
+
+ items = await list.getAll();
+ Assert.equal(items.length, 0);
+});
+
+add_task(async function test_principal_downloads() {
+ const list = await createDownloadList();
+
+ let download = await Downloads.createDownload({
+ source: { url: "http://example.net", isPrivate: false },
+ target: { path: FileTestUtils.getTempFile(TEST_TARGET_FILE_NAME).path },
+ });
+ Assert.ok(!!download);
+ list.add(download);
+
+ download = await Downloads.createDownload({
+ source: { url: "http://example.com", isPrivate: false },
+ target: { path: FileTestUtils.getTempFile(TEST_TARGET_FILE_NAME).path },
+ });
+ Assert.ok(!!download);
+ list.add(download);
+
+ let items = await list.getAll();
+ Assert.equal(items.length, 2);
+
+ let view;
+ let removePromise = new Promise(resolve => {
+ view = {
+ onDownloadAdded() {},
+ onDownloadChanged() {},
+ onDownloadRemoved() {
+ resolve();
+ },
+ };
+ });
+
+ await list.addView(view);
+
+ let uri = Services.io.newURI("http://example.com");
+ let principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_DOWNLOADS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ });
+
+ await removePromise;
+
+ items = await list.getAll();
+ Assert.equal(items.length, 1);
+
+ removePromise = new Promise(resolve => {
+ view = {
+ onDownloadAdded() {},
+ onDownloadChanged() {},
+ onDownloadRemoved() {
+ resolve();
+ },
+ };
+ });
+
+ await list.addView(view);
+
+ await new Promise(resolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOWNLOADS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ });
+
+ await removePromise;
+
+ items = await list.getAll();
+ Assert.equal(items.length, 0);
+});
+
+add_task(async function test_basedomain_downloads() {
+ const list = await createDownloadList();
+
+ let download = await Downloads.createDownload({
+ source: { url: "http://example.net", isPrivate: false },
+ target: { path: FileTestUtils.getTempFile(TEST_TARGET_FILE_NAME).path },
+ });
+ Assert.ok(!!download);
+ list.add(download);
+
+ download = await Downloads.createDownload({
+ source: { url: "http://test.example.net", isPrivate: false },
+ target: { path: FileTestUtils.getTempFile(TEST_TARGET_FILE_NAME).path },
+ });
+ Assert.ok(!!download);
+ list.add(download);
+
+ download = await Downloads.createDownload({
+ source: { url: "https://foo.bar.example.net", isPrivate: true },
+ target: { path: FileTestUtils.getTempFile(TEST_TARGET_FILE_NAME).path },
+ });
+ Assert.ok(!!download);
+ list.add(download);
+
+ download = await Downloads.createDownload({
+ source: { url: "http://example.com", isPrivate: false },
+ target: { path: FileTestUtils.getTempFile(TEST_TARGET_FILE_NAME).path },
+ });
+ Assert.ok(!!download);
+ list.add(download);
+
+ let items = await list.getAll();
+ Assert.equal(items.length, 4);
+
+ let view;
+ let removePromise = new Promise(resolve => {
+ view = {
+ onDownloadAdded() {},
+ onDownloadChanged() {},
+ onDownloadRemoved() {
+ resolve();
+ },
+ };
+ });
+
+ await list.addView(view);
+
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.net",
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_DOWNLOADS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ });
+
+ await removePromise;
+
+ items = await list.getAll();
+ Assert.equal(items.length, 1);
+
+ removePromise = new Promise(resolve => {
+ view = {
+ onDownloadAdded() {},
+ onDownloadChanged() {},
+ onDownloadRemoved() {
+ resolve();
+ },
+ };
+ });
+
+ await list.addView(view);
+
+ await new Promise(resolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOWNLOADS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ });
+
+ await removePromise;
+
+ items = await list.getAll();
+ Assert.equal(items.length, 0);
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_identity_credential_storage.js b/toolkit/components/cleardata/tests/unit/test_identity_credential_storage.js
new file mode 100644
index 0000000000..13369fc787
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_identity_credential_storage.js
@@ -0,0 +1,121 @@
+/* Any copyright is dedicated to the Public Domain.
+http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+const { XPCOMUtils } = ChromeUtils.importESModule(
+ "resource://gre/modules/XPCOMUtils.sys.mjs"
+);
+
+XPCOMUtils.defineLazyServiceGetter(
+ this,
+ "IdentityCredentialStorageService",
+ "@mozilla.org/browser/identity-credential-storage-service;1",
+ "nsIIdentityCredentialStorageService"
+);
+
+do_get_profile();
+
+add_task(async function test_deleteByRange() {
+ Services.prefs.setBoolPref(
+ "dom.security.credentialmanagement.identity.enabled",
+ true
+ );
+ const expiry = Date.now() + 24 * 60 * 60;
+ let rpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
+ Services.io.newURI("https://rp.com/"),
+ {}
+ );
+ let idpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
+ Services.io.newURI("https://idp.com/"),
+ {}
+ );
+ const credentialID = "ID";
+
+ // Test initial value
+ let registered = {};
+ let allowLogout = {};
+ IdentityCredentialStorageService.getState(
+ rpPrincipal,
+ idpPrincipal,
+ credentialID,
+ registered,
+ allowLogout
+ );
+ Assert.ok(!registered.value, "Should not be registered initially.");
+ Assert.ok(!allowLogout.value, "Should not allow logout initially.");
+
+ // Set and read a value
+ IdentityCredentialStorageService.setState(
+ rpPrincipal,
+ idpPrincipal,
+ credentialID,
+ true,
+ true
+ );
+
+ IdentityCredentialStorageService.getState(
+ rpPrincipal,
+ idpPrincipal,
+ credentialID,
+ registered,
+ allowLogout
+ );
+ Assert.ok(registered.value, "Should be registered by set.");
+ Assert.ok(allowLogout.value, "Should now allow logout by set.");
+
+ let from = Date.now() + 60 * 60;
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataInTimeRange(
+ from * 1000,
+ expiry * 1000,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_CREDENTIAL_MANAGER_STATE,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ IdentityCredentialStorageService.getState(
+ rpPrincipal,
+ idpPrincipal,
+ credentialID,
+ registered,
+ allowLogout
+ );
+
+ Assert.ok(
+ registered.value,
+ "Should be existing since the value is not deleted"
+ );
+
+ from = Date.now() - 60 * 60;
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataInTimeRange(
+ from * 1000,
+ expiry * 1000,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_CREDENTIAL_MANAGER_STATE,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ IdentityCredentialStorageService.getState(
+ rpPrincipal,
+ idpPrincipal,
+ credentialID,
+ registered,
+ allowLogout
+ );
+ Assert.ok(!registered.value, "Should not be existing");
+
+ Services.prefs.clearUserPref(
+ "dom.security.credentialmanagement.identity.enabled"
+ );
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_network_cache.js b/toolkit/components/cleardata/tests/unit/test_network_cache.js
new file mode 100644
index 0000000000..bb54cdc6a8
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_network_cache.js
@@ -0,0 +1,316 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Test clearing cache.
+ */
+
+"use strict";
+
+function getPartitionedLoadContextInfo(
+ { scheme, topLevelBaseDomain, port },
+ originAttributes = {}
+) {
+ return Services.loadContextInfo.custom(
+ false,
+ getOAWithPartitionKey(
+ { scheme, topLevelBaseDomain, port },
+ originAttributes
+ )
+ );
+}
+
+add_task(async function test_deleteFromHost() {
+ await SiteDataTestUtils.addCacheEntry("http://example.com/", "disk");
+ await SiteDataTestUtils.addCacheEntry("http://example.com/", "memory");
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.com/", "disk"),
+ "The disk cache has an entry"
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.com/", "memory"),
+ "The memory cache has an entry"
+ );
+
+ await SiteDataTestUtils.addCacheEntry("http://example.org/", "disk");
+ await SiteDataTestUtils.addCacheEntry("http://example.org/", "memory");
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "disk"),
+ "The disk cache has an entry"
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "memory"),
+ "The memory cache has an entry"
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "example.com",
+ true,
+ Ci.nsIClearDataService.CLEAR_NETWORK_CACHE,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.com/", "disk"),
+ "The disk cache is cleared"
+ );
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.com/", "memory"),
+ "The memory cache is cleared"
+ );
+
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "disk"),
+ "The disk cache has an entry"
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "memory"),
+ "The memory cache has an entry"
+ );
+
+ await SiteDataTestUtils.clear();
+});
+
+add_task(async function test_deleteFromPrincipal() {
+ await SiteDataTestUtils.addCacheEntry("http://example.com/", "disk");
+ await SiteDataTestUtils.addCacheEntry("http://example.com/", "memory");
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.com/", "disk"),
+ "The disk cache has an entry"
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.com/", "memory"),
+ "The memory cache has an entry"
+ );
+
+ await SiteDataTestUtils.addCacheEntry("http://example.org/", "disk");
+ await SiteDataTestUtils.addCacheEntry("http://example.org/", "memory");
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "disk"),
+ "The disk cache has an entry"
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "memory"),
+ "The memory cache has an entry"
+ );
+
+ let principal =
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "http://example.com/"
+ );
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true,
+ Ci.nsIClearDataService.CLEAR_NETWORK_CACHE,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.com/", "disk"),
+ "The disk cache is cleared"
+ );
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.com/", "memory"),
+ "The memory cache is cleared"
+ );
+
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "disk"),
+ "The disk cache has an entry"
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "memory"),
+ "The memory cache has an entry"
+ );
+
+ await SiteDataTestUtils.clear();
+});
+
+add_task(async function test_deleteFromBaseDomain() {
+ for (let cacheType of ["disk", "memory"]) {
+ await SiteDataTestUtils.addCacheEntry("http://example.com/", cacheType);
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.com/", cacheType),
+ `The ${cacheType} cache has an entry.`
+ );
+
+ await SiteDataTestUtils.addCacheEntry("http://example.org/", cacheType);
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", cacheType),
+ `The ${cacheType} cache has an entry.`
+ );
+
+ // Partitioned cache.
+ await SiteDataTestUtils.addCacheEntry(
+ "http://example.com/",
+ cacheType,
+ getPartitionedLoadContextInfo({ topLevelBaseDomain: "example.org" })
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry(
+ "http://example.com/",
+ cacheType,
+ getPartitionedLoadContextInfo({ topLevelBaseDomain: "example.org" })
+ ),
+ `The ${cacheType} cache has a partitioned entry`
+ );
+ await SiteDataTestUtils.addCacheEntry(
+ "http://example.org/",
+ cacheType,
+ getPartitionedLoadContextInfo({ topLevelBaseDomain: "example.com" })
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry(
+ "http://example.org/",
+ cacheType,
+ getPartitionedLoadContextInfo({ topLevelBaseDomain: "example.com" })
+ ),
+ `The ${cacheType} cache has a partitioned entry`
+ );
+
+ // Clear an unrelated base domain.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "foo.com",
+ true,
+ Ci.nsIClearDataService.CLEAR_NETWORK_CACHE,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ // Should still have all cache entries.
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.com/", cacheType),
+ `The ${cacheType} cache has an entry.`
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", cacheType),
+ `The ${cacheType} cache has an entry.`
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry(
+ "http://example.com/",
+ cacheType,
+ getPartitionedLoadContextInfo({ topLevelBaseDomain: "example.org" })
+ ),
+ `The ${cacheType} cache has a partitioned entry`
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry(
+ "http://example.org/",
+ cacheType,
+ getPartitionedLoadContextInfo({ topLevelBaseDomain: "example.com" })
+ ),
+ `The ${cacheType} cache has a partitioned entry`
+ );
+
+ // Clear data for example.com
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.com",
+ true,
+ Ci.nsIClearDataService.CLEAR_NETWORK_CACHE,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.com/", cacheType),
+ `The ${cacheType} cache is cleared.`
+ );
+
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", cacheType),
+ `The ${cacheType} cache has an entry.`
+ );
+
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry(
+ "http://example.com/",
+ cacheType,
+ getPartitionedLoadContextInfo({ topLevelBaseDomain: "example.org" })
+ ),
+ `The ${cacheType} cache is cleared.`
+ );
+
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry(
+ "http://example.org/",
+ cacheType,
+ getPartitionedLoadContextInfo({ topLevelBaseDomain: "example.com" })
+ ),
+ `The ${cacheType} cache is cleared.`
+ );
+ await SiteDataTestUtils.clear();
+ }
+});
+
+add_task(async function test_deleteAll() {
+ await SiteDataTestUtils.addCacheEntry("http://example.com/", "disk");
+ await SiteDataTestUtils.addCacheEntry("http://example.com/", "memory");
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.com/", "disk"),
+ "The disk cache has an entry"
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.com/", "memory"),
+ "The memory cache has an entry"
+ );
+
+ await SiteDataTestUtils.addCacheEntry("http://example.org/", "disk");
+ await SiteDataTestUtils.addCacheEntry("http://example.org/", "memory");
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "disk"),
+ "The disk cache has an entry"
+ );
+ Assert.ok(
+ SiteDataTestUtils.hasCacheEntry("http://example.org/", "memory"),
+ "The memory cache has an entry"
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_NETWORK_CACHE,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.com/", "disk"),
+ "The disk cache is cleared"
+ );
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.com/", "memory"),
+ "The memory cache is cleared"
+ );
+
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.org/", "disk"),
+ "The disk cache is cleared"
+ );
+ Assert.ok(
+ !SiteDataTestUtils.hasCacheEntry("http://example.org/", "memory"),
+ "The memory cache is cleared"
+ );
+
+ await SiteDataTestUtils.clear();
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_passwords.js b/toolkit/components/cleardata/tests/unit/test_passwords.js
new file mode 100644
index 0000000000..895c135754
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_passwords.js
@@ -0,0 +1,89 @@
+/**
+ * Tests for passwords.
+ */
+
+"use strict";
+
+const URL = "http://example.com";
+
+const { LoginTestUtils } = ChromeUtils.importESModule(
+ "resource://testing-common/LoginTestUtils.sys.mjs"
+);
+
+add_task(async function test_principal_downloads() {
+ // Store the strings "user" and "pass" using similarly looking glyphs.
+ let loginInfo = LoginTestUtils.testData.formLogin({
+ origin: URL,
+ formActionOrigin: URL,
+ username: "admin",
+ password: "12345678",
+ usernameField: "field_username",
+ passwordField: "field_password",
+ });
+ await Services.logins.addLoginAsync(loginInfo);
+
+ Assert.equal(countLogins(URL), 1);
+
+ let uri = Services.io.newURI(URL);
+ let principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+
+ await new Promise(resolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_PASSWORDS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ });
+
+ Assert.equal(countLogins(URL), 0);
+
+ LoginTestUtils.clearData();
+});
+
+add_task(async function test_all() {
+ // Store the strings "user" and "pass" using similarly looking glyphs.
+ let loginInfo = LoginTestUtils.testData.formLogin({
+ origin: URL,
+ formActionOrigin: URL,
+ username: "admin",
+ password: "12345678",
+ usernameField: "field_username",
+ passwordField: "field_password",
+ });
+ await Services.logins.addLoginAsync(loginInfo);
+
+ Assert.equal(countLogins(URL), 1);
+
+ await new Promise(resolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_PASSWORDS,
+ value => {
+ Assert.equal(value, 0);
+ resolve();
+ }
+ );
+ });
+
+ Assert.equal(countLogins(URL), 0);
+
+ LoginTestUtils.clearData();
+});
+
+function countLogins(origin) {
+ let count = 0;
+ const logins = Services.logins.getAllLogins();
+ for (const login of logins) {
+ if (login.origin == origin) {
+ ++count;
+ }
+ }
+
+ return count;
+}
diff --git a/toolkit/components/cleardata/tests/unit/test_permissions.js b/toolkit/components/cleardata/tests/unit/test_permissions.js
new file mode 100644
index 0000000000..e3b7df60a7
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_permissions.js
@@ -0,0 +1,424 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests for permissions
+ */
+
+"use strict";
+
+add_task(async function test_all_permissions() {
+ const uri = Services.io.newURI("https://example.net");
+ const principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+
+ Services.perms.addFromPrincipal(
+ principal,
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(principal, "cookie", true) != null
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.ok(
+ Services.perms.getPermissionObject(principal, "cookie", true) == null
+ );
+});
+
+add_task(async function test_principal_permissions() {
+ const uri = Services.io.newURI("https://example.net");
+ const principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+
+ const anotherUri = Services.io.newURI("https://example.com");
+ const anotherPrincipal =
+ Services.scriptSecurityManager.createContentPrincipal(anotherUri, {});
+
+ Services.perms.addFromPrincipal(
+ principal,
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+ Services.perms.addFromPrincipal(
+ anotherPrincipal,
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(principal, "cookie", true) != null
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(anotherPrincipal, "cookie", true) != null
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.ok(
+ Services.perms.getPermissionObject(principal, "cookie", true) == null
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(anotherPrincipal, "cookie", true) != null
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => aResolve()
+ );
+ });
+});
+
+function addTestPermissions() {
+ Services.perms.removeAll();
+
+ PermissionTestUtils.add(
+ "https://example.net",
+ "geo",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "http://example.net",
+ "cookie",
+ Services.perms.DENY_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://bar.example.net",
+ "geo",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://foo.bar.example.net",
+ "geo",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://example.com",
+ "3rdPartyStorage^https://example.net",
+ Services.perms.ALLOW_ACTION
+ );
+
+ PermissionTestUtils.add(
+ "https://example.com",
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "http://example.com",
+ "geo",
+ Services.perms.ALLOW_ACTION
+ );
+
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject("https://example.net", "geo", true)
+ .capability,
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "http://example.net",
+ "cookie",
+ true
+ ).capability,
+ Services.perms.DENY_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "https://bar.example.net",
+ "geo",
+ true
+ ).capability,
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "https://foo.bar.example.net",
+ "geo",
+ true
+ ).capability,
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "https://example.com",
+ "3rdPartyStorage^https://example.net",
+ true
+ ).capability,
+ Services.perms.ALLOW_ACTION
+ );
+
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "https://example.com",
+ "cookie",
+ true
+ ).capability,
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject("http://example.com", "geo", true)
+ .capability,
+ Services.perms.ALLOW_ACTION
+ );
+}
+
+add_task(async function test_basedomain_permissions() {
+ for (let domain of [
+ "example.net",
+ "test.example.net",
+ "foo.bar.example.net",
+ ]) {
+ addTestPermissions();
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ domain,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ // Should have cleared all entries associated with the base domain.
+ Assert.ok(
+ !PermissionTestUtils.getPermissionObject(
+ "https://example.net",
+ "geo",
+ true
+ )
+ );
+ Assert.ok(
+ !PermissionTestUtils.getPermissionObject(
+ "http://example.net",
+ "cookie",
+ true
+ )
+ );
+ Assert.ok(
+ !PermissionTestUtils.getPermissionObject(
+ "https://bar.example.net",
+ "geo",
+ true
+ )
+ );
+ Assert.ok(
+ !PermissionTestUtils.getPermissionObject(
+ "https://foo.bar.example.net",
+ "geo",
+ true
+ )
+ );
+ Assert.ok(
+ !PermissionTestUtils.getPermissionObject(
+ "https://example.com",
+ "3rdPartyStorage^https://example.net",
+ true
+ )
+ );
+
+ // Unrelated entries should still exist.
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "https://example.com",
+ "cookie",
+ true
+ ).capability,
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject("http://example.com", "geo", true)
+ .capability,
+ Services.perms.ALLOW_ACTION
+ );
+ }
+
+ Services.perms.removeAll();
+});
+
+add_task(async function test_host_permissions() {
+ addTestPermissions();
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "bar.example.net",
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ // Should have cleared all entries associated with the host and its
+ // subdomains.
+ Assert.ok(
+ !PermissionTestUtils.getPermissionObject(
+ "https://bar.example.net",
+ "geo",
+ true
+ )
+ );
+ Assert.ok(
+ !PermissionTestUtils.getPermissionObject(
+ "https://foo.bar.example.net",
+ "geo",
+ true
+ )
+ );
+
+ // Unrelated entries should still exist.
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject("https://example.net", "geo", true)
+ .capability,
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "http://example.net",
+ "cookie",
+ true
+ ).capability,
+ Services.perms.DENY_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "https://example.com",
+ "3rdPartyStorage^https://example.net",
+ true
+ ).capability,
+ Services.perms.ALLOW_ACTION
+ );
+
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject(
+ "https://example.com",
+ "cookie",
+ true
+ ).capability,
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.getPermissionObject("http://example.com", "geo", true)
+ .capability,
+ Services.perms.ALLOW_ACTION
+ );
+
+ Services.perms.removeAll();
+});
+
+add_task(async function test_3rdpartystorage_permissions() {
+ const uri = Services.io.newURI("https://example.net");
+ const principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+ Services.perms.addFromPrincipal(
+ principal,
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+
+ const anotherUri = Services.io.newURI("https://example.com");
+ const anotherPrincipal =
+ Services.scriptSecurityManager.createContentPrincipal(anotherUri, {});
+ Services.perms.addFromPrincipal(
+ anotherPrincipal,
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+ Services.perms.addFromPrincipal(
+ anotherPrincipal,
+ "3rdPartyStorage^https://example.net",
+ Services.perms.ALLOW_ACTION
+ );
+
+ const oneMoreUri = Services.io.newURI("https://example.org");
+ const oneMorePrincipal =
+ Services.scriptSecurityManager.createContentPrincipal(oneMoreUri, {});
+ Services.perms.addFromPrincipal(
+ oneMorePrincipal,
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+
+ Assert.ok(
+ Services.perms.getPermissionObject(principal, "cookie", true) != null
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(anotherPrincipal, "cookie", true) != null
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(
+ anotherPrincipal,
+ "3rdPartyStorage^https://example.net",
+ true
+ ) != null
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(oneMorePrincipal, "cookie", true) != null
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.ok(
+ Services.perms.getPermissionObject(principal, "cookie", true) == null
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(anotherPrincipal, "cookie", true) != null
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(
+ anotherPrincipal,
+ "3rdPartyStorage^https://example.net",
+ true
+ ) == null
+ );
+ Assert.ok(
+ Services.perms.getPermissionObject(oneMorePrincipal, "cookie", true) != null
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => aResolve()
+ );
+ });
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_quota.js b/toolkit/components/cleardata/tests/unit/test_quota.js
new file mode 100644
index 0000000000..e916c33d93
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_quota.js
@@ -0,0 +1,560 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests for the QuotaCleaner.
+ */
+
+"use strict";
+
+// The following tests ensure we properly clear (partitioned/unpartitioned)
+// localStorage and indexedDB when using deleteDataFromBaseDomain,
+// deleteDataFromHost and deleteDataFromPrincipal.
+
+// Skip localStorage tests when using legacy localStorage. The legacy
+// localStorage implementation does not support clearing data by principal. See
+// Bug 1688221, Bug 1688665.
+const skipLocalStorageTests = Services.prefs.getBoolPref(
+ "dom.storage.enable_unsupported_legacy_implementation"
+);
+
+// XXX(krosylight): xpcshell does not support background tasks
+const skipCleanupAfterDeletionAtShutdownTests = Services.prefs.getBoolPref(
+ "dom.quotaManager.backgroundTask.enabled"
+);
+
+/**
+ * Create an origin with partitionKey.
+ * @param {String} host - Host portion of origin to create.
+ * @param {String} [topLevelBaseDomain] - Optional first party base domain to use for partitionKey.
+ * @param {Object} [originAttributes] - Optional object of origin attributes to
+ * set. If topLevelBaseDomain is passed, the partitionKey will be overwritten.
+ * @returns {String} Origin with suffix.
+ */
+function getOrigin(host, topLevelBaseDomain, originAttributes = {}) {
+ return getPrincipal(host, topLevelBaseDomain, originAttributes).origin;
+}
+
+function getPrincipal(host, topLevelBaseDomain, originAttributes = {}) {
+ originAttributes = getOAWithPartitionKey(
+ { topLevelBaseDomain },
+ originAttributes
+ );
+ let principal = Services.scriptSecurityManager.createContentPrincipal(
+ Services.io.newURI(`https://${host}`),
+ originAttributes
+ );
+ return principal;
+}
+
+function getTestEntryName(host, topLevelBaseDomain) {
+ if (!topLevelBaseDomain) {
+ return host;
+ }
+ return `${host}_${topLevelBaseDomain}`;
+}
+
+function setTestEntry({
+ storageType,
+ host,
+ topLevelBaseDomain = null,
+ originAttributes = {},
+}) {
+ let origin = getOrigin(host, topLevelBaseDomain, originAttributes);
+ if (storageType == "localStorage") {
+ SiteDataTestUtils.addToLocalStorage(
+ origin,
+ getTestEntryName(host, topLevelBaseDomain),
+ "bar"
+ );
+ return;
+ }
+ SiteDataTestUtils.addToIndexedDB(origin);
+}
+
+async function testEntryExists({
+ storageType,
+ host,
+ topLevelBaseDomain = null,
+ expected = true,
+ originAttributes = {},
+}) {
+ let exists;
+ let origin = getOrigin(host, topLevelBaseDomain, originAttributes);
+ if (storageType == "localStorage") {
+ exists = SiteDataTestUtils.hasLocalStorage(origin, [
+ { key: getTestEntryName(host, topLevelBaseDomain), value: "bar" },
+ ]);
+ } else {
+ exists = await SiteDataTestUtils.hasIndexedDB(origin);
+ }
+
+ let message = `${storageType} entry ${
+ expected ? "is set" : "is not set"
+ } for ${host}`;
+ if (topLevelBaseDomain) {
+ message += ` partitioned under ${topLevelBaseDomain}`;
+ }
+ Assert.equal(exists, expected, message);
+ return exists;
+}
+
+const TEST_ORIGINS = [
+ // First party
+ { host: "example.net" },
+ { host: "test.example.net" },
+ { host: "example.org" },
+
+ // Third-party partitioned.
+ { host: "example.com", topLevelBaseDomain: "example.net" },
+ {
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ originAttributes: { userContextId: 1 },
+ },
+ { host: "example.net", topLevelBaseDomain: "example.org" },
+ { host: "test.example.net", topLevelBaseDomain: "example.org" },
+];
+
+async function setTestEntries(storageType) {
+ for (const origin of TEST_ORIGINS) {
+ setTestEntry({ storageType, ...origin });
+ }
+
+ // Ensure we have the correct storage test state.
+ for (const origin of TEST_ORIGINS) {
+ await testEntryExists({ storageType, ...origin });
+ }
+}
+
+/**
+ * Run the base domain test with either localStorage or indexedDB.
+ * @param {('localStorage'|'indexedDB')} storageType
+ */
+async function runTestBaseDomain(storageType) {
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+ await setTestEntries(storageType);
+
+ // Clear entries of example.net including partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ await testEntryExists({ storageType, host: "example.net", expected: false });
+ await testEntryExists({
+ storageType,
+ host: "test.example.net",
+ expected: false,
+ });
+ await testEntryExists({ storageType, host: "example.org" });
+
+ await testEntryExists({
+ storageType,
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ expected: false,
+ });
+ await testEntryExists({
+ storageType,
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ originAttributes: { userContextId: 1 },
+ expected: false,
+ });
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+ await testEntryExists({
+ storageType,
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+
+ // Cleanup
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+}
+
+/**
+ * Run the host test with either localStorage or indexedDB.
+ * @param {('localStorage'|'indexedDB')} storageType
+ */
+async function runTestHost(storageType) {
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+ await setTestEntries(storageType);
+
+ // Clear entries of example.net without partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ await testEntryExists({ storageType, host: "example.net", expected: false });
+ // QuotaCleaner#deleteByHost also clears subdomains.
+ await testEntryExists({
+ storageType,
+ host: "test.example.net",
+ expected: false,
+ });
+ await testEntryExists({ storageType, host: "example.org" });
+
+ await testEntryExists({
+ storageType,
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ expected: true,
+ });
+ await testEntryExists({
+ storageType,
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ originAttributes: { userContextId: 1 },
+ expected: true,
+ });
+ // QuotaCleaner#deleteByHost ignores partitionKey.
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+ await testEntryExists({
+ storageType,
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ expected: false,
+ });
+
+ // Cleanup
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+}
+
+/**
+ * Run the principal test with either localStorage or indexedDB.
+ * @param {('localStorage'|'indexedDB')} storageType
+ */
+async function runTestPrincipal(storageType) {
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ // First party
+ setTestEntry({ storageType, host: "example.net" });
+ setTestEntry({
+ storageType,
+ host: "example.net",
+ originAttributes: { userContextId: 2 },
+ });
+ setTestEntry({
+ storageType,
+ host: "example.net",
+ originAttributes: { privateBrowsingId: 1 },
+ });
+ setTestEntry({ storageType, host: "test.example.net" });
+ setTestEntry({ storageType, host: "example.org" });
+
+ // Third-party partitioned.
+ setTestEntry({
+ storageType,
+ host: "example.net",
+ topLevelBaseDomain: "example.com",
+ });
+
+ // Ensure we have the correct storage test state.
+ await testEntryExists({ storageType, host: "example.net" });
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ originAttributes: { userContextId: 2 },
+ });
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ originAttributes: { privateBrowsingId: 1 },
+ });
+ await testEntryExists({ storageType, host: "test.example.net" });
+ await testEntryExists({ storageType, host: "example.org" });
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ topLevelBaseDomain: "example.com",
+ });
+
+ // Clear entries from principal with custom OA.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ getPrincipal("example.net", null, { userContextId: 2 }),
+ false,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ // Test that we only deleted entries for the exact origin.
+ await testEntryExists({ storageType, host: "example.net" });
+ await testEntryExists({
+ expected: false,
+ storageType,
+ host: "example.net",
+ originAttributes: { userContextId: 2 },
+ });
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ originAttributes: { privateBrowsingId: 1 },
+ });
+ await testEntryExists({ storageType, host: "test.example.net" });
+ await testEntryExists({ storageType, host: "example.org" });
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ topLevelBaseDomain: "example.com",
+ });
+
+ // Clear entries of from partitioned principal.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ getPrincipal("example.net", "example.com"),
+ false,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ // Test that we only deleted entries for the partition.
+ await testEntryExists({ storageType, host: "example.net" });
+ await testEntryExists({
+ expected: false,
+ storageType,
+ host: "example.net",
+ originAttributes: { userContextId: 2 },
+ });
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ originAttributes: { privateBrowsingId: 1 },
+ });
+ await testEntryExists({ storageType, host: "test.example.net" });
+ await testEntryExists({ storageType, host: "example.org" });
+ await testEntryExists({
+ expected: false,
+ storageType,
+ host: "example.net",
+ topLevelBaseDomain: "example.com",
+ });
+
+ // Clear entries of from principal without suffix.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ getPrincipal("example.net", null),
+ false,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ // Test that we only deleted entries for the given principal, and not entries
+ // for principals with the same host, but different OriginAttributes or
+ // subdomains.
+ await testEntryExists({ expected: false, storageType, host: "example.net" });
+ await testEntryExists({
+ expected: false,
+ storageType,
+ host: "example.net",
+ originAttributes: { userContextId: 2 },
+ });
+ await testEntryExists({
+ storageType,
+ host: "example.net",
+ originAttributes: { privateBrowsingId: 1 },
+ });
+
+ await testEntryExists({ storageType, host: "test.example.net" });
+ await testEntryExists({ storageType, host: "example.org" });
+ await testEntryExists({
+ expected: false,
+ storageType,
+ host: "example.net",
+ topLevelBaseDomain: "example.com",
+ });
+
+ // Cleanup
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+}
+
+// Tests
+
+add_task(function setup() {
+ // Allow setting local storage in xpcshell tests.
+ Services.prefs.setBoolPref("dom.storage.client_validation", false);
+});
+
+/**
+ * Tests deleting localStorage entries by host.
+ */
+add_task(async function test_host_localStorage() {
+ await runTestHost("localStorage");
+});
+
+/**
+ * Tests deleting indexedDB entries by host.
+ */
+add_task(async function test_host_indexedDB() {
+ await runTestHost("indexedDB");
+});
+
+/**
+ * Tests deleting (partitioned) localStorage entries by base domain.
+ */
+add_task(async function test_baseDomain_localStorage() {
+ await runTestBaseDomain("localStorage");
+});
+
+/**
+ * Tests deleting (partitioned) indexedDB entries by base domain.
+ */
+add_task(async function test_baseDomain_indexedDB() {
+ await runTestBaseDomain("indexedDB");
+});
+
+/**
+ * Tests deleting localStorage entries by principal.
+ */
+add_task(async function test_principal_localStorage() {
+ // Bug 1688221, Bug 1688665.
+ if (skipLocalStorageTests) {
+ info("Skipping test");
+ return;
+ }
+ await runTestPrincipal("localStorage");
+});
+
+function getRelativeFile(...components) {
+ const profileDir = Services.dirsvc.get("ProfD", Ci.nsIFile);
+
+ const file = profileDir.clone();
+ for (const component of components) {
+ file.append(component);
+ }
+
+ return file;
+}
+
+function countSubitems(file) {
+ const entriesIterator = file.directoryEntries;
+ let count = 0;
+ while (entriesIterator.hasMoreElements()) {
+ ++count;
+ entriesIterator.nextFile;
+ }
+ return count;
+}
+
+add_task(async function test_deleteAllAtShutdown() {
+ const storageType = "indexedDB";
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ const toBeRemovedDir = getRelativeFile("storage", "to-be-removed");
+ if (toBeRemovedDir.exists()) {
+ toBeRemovedDir.remove(true);
+ }
+
+ await setTestEntries(storageType);
+
+ Services.startup.advanceShutdownPhase(
+ Services.startup.SHUTDOWN_PHASE_APPSHUTDOWNTEARDOWN
+ );
+
+ // Clear entries from principal with custom OA.
+ for (const origin of TEST_ORIGINS) {
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ getPrincipal(
+ origin.host,
+ origin.topLevelBaseDomain,
+ origin.originAttributes
+ ),
+ false,
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ await testEntryExists({ expected: false, storageType, ...origin });
+ }
+
+ Assert.ok(
+ toBeRemovedDir.exists(),
+ "to-be-removed directory should exist now"
+ );
+
+ Assert.equal(
+ countSubitems(toBeRemovedDir),
+ TEST_ORIGINS.length,
+ `storage/to-be-removed has ${TEST_ORIGINS.length} subdirectories`
+ );
+
+ if (skipCleanupAfterDeletionAtShutdownTests) {
+ // XXX(krosylight): xpcshell does not support background tasks
+ return;
+ }
+
+ info("Verifying cleanupAfterDeletionAtShutdown");
+ await new Promise(aResolve => {
+ Services.clearData.cleanupAfterDeletionAtShutdown(
+ Ci.nsIClearDataService.CLEAR_DOM_QUOTA,
+ aResolve
+ );
+ });
+
+ Assert.ok(
+ !toBeRemovedDir.exists(),
+ "to-be-removed directory should disappear"
+ );
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_security_settings.js b/toolkit/components/cleardata/tests/unit/test_security_settings.js
new file mode 100644
index 0000000000..b14f567bab
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_security_settings.js
@@ -0,0 +1,279 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Test for SecuritySettingsCleaner.
+ * This tests both, the SiteSecurityService and the ClientAuthRememberService.
+ */
+
+"use strict";
+
+let gSSService = Cc["@mozilla.org/ssservice;1"].getService(
+ Ci.nsISiteSecurityService
+);
+
+let cars = Cc["@mozilla.org/security/clientAuthRememberService;1"].getService(
+ Ci.nsIClientAuthRememberService
+);
+
+let certDB = Cc["@mozilla.org/security/x509certdb;1"].getService(
+ Ci.nsIX509CertDB
+);
+
+// These are not actual server and client certs. The ClientAuthRememberService
+// does not care which certs we store decisions for, as long as they're valid.
+let [clientCert] = certDB.getCerts();
+
+function addSecurityInfo({ host, topLevelBaseDomain, originAttributes = {} }) {
+ let attrs = getOAWithPartitionKey({ topLevelBaseDomain }, originAttributes);
+
+ let uri = Services.io.newURI(`https://${host}`);
+
+ gSSService.processHeader(uri, "max-age=1000;", attrs);
+
+ cars.rememberDecisionScriptable(host, attrs, clientCert);
+}
+
+function addTestSecurityInfo() {
+ // First party
+ addSecurityInfo({ host: "example.net" });
+ addSecurityInfo({ host: "test.example.net" });
+ addSecurityInfo({ host: "example.org" });
+
+ // Third-party partitioned
+ addSecurityInfo({ host: "example.com", topLevelBaseDomain: "example.net" });
+ addSecurityInfo({ host: "example.net", topLevelBaseDomain: "example.org" });
+ addSecurityInfo({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ });
+
+ // Ensure we have the correct state initially.
+ testSecurityInfo({ host: "example.net" });
+ testSecurityInfo({ host: "test.example.net" });
+ testSecurityInfo({ host: "example.org" });
+ testSecurityInfo({ host: "example.com", topLevelBaseDomain: "example.net" });
+ testSecurityInfo({ host: "example.net", topLevelBaseDomain: "example.org" });
+ testSecurityInfo({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ });
+}
+
+function testSecurityInfo({
+ host,
+ topLevelBaseDomain,
+ expectedHSTS = true,
+ expectedCARS = true,
+ originAttributes = {},
+}) {
+ let attrs = getOAWithPartitionKey({ topLevelBaseDomain }, originAttributes);
+
+ let messageSuffix = `for ${host}`;
+ if (topLevelBaseDomain) {
+ messageSuffix += ` partitioned under ${topLevelBaseDomain}`;
+ }
+
+ let uri = Services.io.newURI(`https://${host}`);
+ let isSecure = gSSService.isSecureURI(uri, attrs);
+ Assert.equal(
+ isSecure,
+ expectedHSTS,
+ `HSTS ${expectedHSTS ? "is set" : "is not set"} ${messageSuffix}`
+ );
+
+ let hasRemembered = cars.hasRememberedDecisionScriptable(host, attrs, {});
+ // CARS deleteDecisionsByHost does not include subdomains. That means for some
+ // test cases we expect a different remembered state.
+ Assert.equal(
+ hasRemembered,
+ expectedCARS,
+ `CAR ${expectedCARS ? "is set" : "is not set"} ${messageSuffix}`
+ );
+}
+
+add_task(async function test_baseDomain() {
+ gSSService.clearAll();
+
+ // ---- hsts cleaner ----
+ addTestSecurityInfo();
+
+ // Clear hsts data of example.net including partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_HSTS,
+ aResolve
+ );
+ });
+
+ testSecurityInfo({
+ host: "example.net",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+ // HSTSCleaner also removes subdomain settings.
+ testSecurityInfo({
+ host: "test.example.net",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+ testSecurityInfo({ host: "example.org" });
+
+ testSecurityInfo({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+ testSecurityInfo({
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+ testSecurityInfo({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+
+ // ---- client auth remember cleaner -----
+ addTestSecurityInfo();
+
+ // Clear security settings of example.net including partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_CLIENT_AUTH_REMEMBER_SERVICE,
+ aResolve
+ );
+ });
+
+ testSecurityInfo({
+ host: "example.net",
+ expectedHSTS: true,
+ expectedCARS: false,
+ });
+ // ClientAuthRememberCleaner also removes subdomain settings.
+ testSecurityInfo({
+ host: "test.example.net",
+ expectedHSTS: true,
+ expectedCARS: false,
+ });
+ testSecurityInfo({ host: "example.org" });
+
+ testSecurityInfo({
+ host: "example.com",
+ topLevelBaseDomain: "example.net",
+ expectedHSTS: true,
+ expectedCARS: false,
+ });
+ testSecurityInfo({
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expectedHSTS: true,
+ expectedCARS: false,
+ });
+ testSecurityInfo({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ expectedHSTS: true,
+ expectedCARS: false,
+ });
+
+ // Cleanup
+ gSSService.clearAll();
+});
+
+add_task(async function test_host() {
+ gSSService.clearAll();
+
+ // ---- HSTS cleaer ----
+ addTestSecurityInfo();
+
+ // Clear security settings of example.net without partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_HSTS,
+ aResolve
+ );
+ });
+
+ testSecurityInfo({
+ host: "example.net",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+ testSecurityInfo({
+ host: "test.example.net",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+ testSecurityInfo({ host: "example.org" });
+
+ testSecurityInfo({ host: "example.com", topLevelBaseDomain: "example.net" });
+ testSecurityInfo({
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+ testSecurityInfo({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ expectedHSTS: false,
+ expectedCARS: true,
+ });
+
+ // Cleanup
+ gSSService.clearAll();
+
+ // --- clientAuthRemember cleaner ---
+
+ addTestSecurityInfo();
+
+ // Clear security settings of example.net without partitions.
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromHost(
+ "example.net",
+ false,
+ Ci.nsIClearDataService.CLEAR_CLIENT_AUTH_REMEMBER_SERVICE,
+ aResolve
+ );
+ });
+
+ testSecurityInfo({
+ host: "example.net",
+ expectedHSTS: true,
+ expectedCARS: false,
+ });
+ testSecurityInfo({
+ host: "test.example.net",
+ expectedHSTS: true,
+ expectedCARS: true,
+ });
+ testSecurityInfo({ host: "example.org" });
+
+ testSecurityInfo({ host: "example.com", topLevelBaseDomain: "example.net" });
+ testSecurityInfo({
+ host: "example.net",
+ topLevelBaseDomain: "example.org",
+ expectedHSTS: true,
+ expectedCARS: false,
+ });
+ testSecurityInfo({
+ host: "test.example.net",
+ topLevelBaseDomain: "example.org",
+ expectedHSTS: true,
+ expectedCARS: true,
+ });
+
+ // Cleanup
+ gSSService.clearAll();
+});
diff --git a/toolkit/components/cleardata/tests/unit/test_storage_permission.js b/toolkit/components/cleardata/tests/unit/test_storage_permission.js
new file mode 100644
index 0000000000..a44e9f2c6a
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/test_storage_permission.js
@@ -0,0 +1,398 @@
+/* Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests for permissions
+ */
+
+"use strict";
+
+// Test that only the storageAccessAPI gets removed.
+add_task(async function test_removing_storage_permission() {
+ const uri = Services.io.newURI("https://example.net");
+ const principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+
+ Services.perms.addFromPrincipal(
+ principal,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ Services.perms.addFromPrincipal(
+ principal,
+ "cookie",
+ Services.perms.ALLOW_ACTION
+ );
+
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ principal,
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION,
+ "There is a storageAccessAPI permission set"
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_STORAGE_ACCESS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ principal,
+ "storageAccessAPI"
+ ),
+ Services.perms.UNKNOWN_ACTION,
+ "the storageAccessAPI permission has been removed"
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(principal, "cookie"),
+ Services.perms.ALLOW_ACTION,
+ "the cookie permission has not been removed"
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => aResolve()
+ );
+ });
+});
+
+// Test that the storageAccessAPI gets removed from a particular principal
+add_task(async function test_removing_storage_permission_from_principal() {
+ const uri = Services.io.newURI("https://example.net");
+ const principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+
+ const anotherUri = Services.io.newURI("https://example.com");
+ const anotherPrincipal =
+ Services.scriptSecurityManager.createContentPrincipal(anotherUri, {});
+
+ Services.perms.addFromPrincipal(
+ principal,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ Services.perms.addFromPrincipal(
+ anotherPrincipal,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ principal,
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION,
+ "storageAccessAPI permission has been added to the first principal"
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ anotherPrincipal,
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION,
+ "storageAccessAPI permission has been added to the second principal"
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromPrincipal(
+ principal,
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_STORAGE_ACCESS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ principal,
+ "storageAccessAPI"
+ ),
+ Services.perms.UNKNOWN_ACTION,
+ "storageAccessAPI permission has been removed from the first principal"
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ anotherPrincipal,
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION,
+ "storageAccessAPI permission has not been removed from the second principal"
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => aResolve()
+ );
+ });
+});
+
+// Test that the storageAccessAPI gets removed from a base domain.
+add_task(async function test_removing_storage_permission_from_base_domainl() {
+ const uri = Services.io.newURI("https://example.net");
+ const principal = Services.scriptSecurityManager.createContentPrincipal(
+ uri,
+ {}
+ );
+ const uriSub = Services.io.newURI("http://test.example.net");
+ const principalSub = Services.scriptSecurityManager.createContentPrincipal(
+ uriSub,
+ {}
+ );
+
+ const anotherUri = Services.io.newURI("https://example.com");
+ const anotherPrincipal =
+ Services.scriptSecurityManager.createContentPrincipal(anotherUri, {});
+
+ Services.perms.addFromPrincipal(
+ principal,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ Services.perms.addFromPrincipal(
+ principalSub,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ Services.perms.addFromPrincipal(
+ anotherPrincipal,
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ principal,
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION,
+ "storageAccessAPI permission has been added to the first principal"
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ principalSub,
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION,
+ "storageAccessAPI permission has been added to the subdomain principal"
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ anotherPrincipal,
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION,
+ "storageAccessAPI permission has been added to the second principal"
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteDataFromBaseDomain(
+ "example.net",
+ true /* user request */,
+ Ci.nsIClearDataService.CLEAR_STORAGE_ACCESS,
+ value => {
+ Assert.equal(value, 0);
+ aResolve();
+ }
+ );
+ });
+
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ principal,
+ "storageAccessAPI"
+ ),
+ Services.perms.UNKNOWN_ACTION,
+ "storageAccessAPI permission has been removed from the first principal"
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ principalSub,
+ "storageAccessAPI"
+ ),
+ Services.perms.UNKNOWN_ACTION,
+ "storageAccessAPI permission has been removed from the sub domain principal"
+ );
+ Assert.equal(
+ Services.perms.testExactPermissionFromPrincipal(
+ anotherPrincipal,
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION,
+ "storageAccessAPI permission has not been removed from the second principal"
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => aResolve()
+ );
+ });
+});
+
+// Tests the deleteUserInteractionForClearingHistory function.
+add_task(async function test_deleteUserInteractionForClearingHistory() {
+ // These should be retained.
+ PermissionTestUtils.add(
+ "https://example.com",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://sub.example.com",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://sub.example.com^userContextId=3",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ // These should be removed.
+ PermissionTestUtils.add(
+ "https://example.org",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://sub.example.org",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+ PermissionTestUtils.add(
+ "https://sub.example.org^userContextId=3",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ let principalWithStorage =
+ Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+ "https://sub.example.com"
+ );
+
+ await new Promise(resolve => {
+ return Services.clearData.deleteUserInteractionForClearingHistory(
+ [principalWithStorage],
+ 0,
+ resolve
+ );
+ });
+
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://example.org",
+ "storageAccessAPI"
+ ),
+ Services.perms.UNKNOWN_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://sub.example.org",
+ "storageAccessAPI"
+ ),
+ Services.perms.UNKNOWN_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://sub.example.org^userContextId=3",
+ "storageAccessAPI"
+ ),
+ Services.perms.UNKNOWN_ACTION
+ );
+
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://example.com",
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://sub.example.com",
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://sub.example.com^userContextId=3",
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION
+ );
+
+ // This permission is set earlier than the timestamp and should be retained.
+ PermissionTestUtils.add(
+ "https://example.net",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ // Add some time in between taking the snapshot of the timestamp
+ // to avoid flakyness.
+ await new Promise(c => do_timeout(100, c));
+ let timestamp = Date.now();
+ await new Promise(c => do_timeout(100, c));
+
+ // This permission is set later than the timestamp and should be removed.
+ PermissionTestUtils.add(
+ "https://example.org",
+ "storageAccessAPI",
+ Services.perms.ALLOW_ACTION
+ );
+
+ await new Promise(resolve => {
+ return Services.clearData.deleteUserInteractionForClearingHistory(
+ [principalWithStorage],
+ // ClearDataService takes PRTime (microseconds)
+ timestamp * 1000,
+ resolve
+ );
+ });
+
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://example.org",
+ "storageAccessAPI"
+ ),
+ Services.perms.UNKNOWN_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://example.net",
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION
+ );
+ Assert.equal(
+ PermissionTestUtils.testExactPermission(
+ "https://example.com",
+ "storageAccessAPI"
+ ),
+ Services.perms.ALLOW_ACTION
+ );
+
+ await new Promise(aResolve => {
+ Services.clearData.deleteData(
+ Ci.nsIClearDataService.CLEAR_PERMISSIONS,
+ value => aResolve()
+ );
+ });
+});
diff --git a/toolkit/components/cleardata/tests/unit/xpcshell.ini b/toolkit/components/cleardata/tests/unit/xpcshell.ini
new file mode 100644
index 0000000000..49c8fcf38c
--- /dev/null
+++ b/toolkit/components/cleardata/tests/unit/xpcshell.ini
@@ -0,0 +1,19 @@
+[DEFAULT]
+tags = condprof
+firefox-appdir = browser
+head = head.js
+skip-if = toolkit == 'android'
+support-files =
+
+[test_basic.js]
+[test_certs.js]
+[test_cookies.js]
+[test_identity_credential_storage.js]
+[test_downloads.js]
+[test_network_cache.js]
+skip-if = condprof # Bug 1769154 - expected fail w/condprof
+[test_passwords.js]
+[test_permissions.js]
+[test_security_settings.js]
+[test_storage_permission.js]
+[test_quota.js]