Adding upstream version 124.0.1.upstream/124.0.1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 162 insertions, 0 deletions

diff --git a/toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_CrossOriginSameSite.js b/toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_CrossOriginSameSite.js
new file mode 100644
index 0000000000..ca3e47d8e7
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_CrossOriginSameSite.js
@@ -0,0 +1,162 @@
+add_task(async function testIntermediatePreferenceReadSameSite() {
+  await SpecialPowers.pushPrefEnv({
+    set: [
+      ["dom.storage_access.enabled", true],
+      ["dom.storage_access.forward_declared.enabled", true],
+      [
+        "network.cookie.cookieBehavior",
+        BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+      ],
+      ["dom.storage_access.auto_grants", false],
+      ["dom.storage_access.max_concurrent_auto_grants", 1],
+    ],
+  });
+  let tab = await BrowserTestUtils.openNewForegroundTab({
+    gBrowser,
+    url: TEST_DOMAIN_7,
+  });
+  let browser = tab.linkedBrowser;
+  await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
+    SpecialPowers.wrap(content.document).notifyUserGestureActivation();
+    var p = content.document.completeStorageAccessRequestFromSite(tp);
+    try {
+      await p;
+      ok(false, "Must not resolve.");
+    } catch {
+      ok(true, "Must reject because we don't have the initial request.");
+    }
+  });
+
+  await SpecialPowers.pushPermissions([
+    {
+      type: "AllowStorageAccessRequest^https://example.com",
+      allow: 1,
+      context: TEST_DOMAIN_7,
+    },
+  ]);
+
+  await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
+    SpecialPowers.wrap(content.document).notifyUserGestureActivation();
+    var p = content.document.completeStorageAccessRequestFromSite(tp);
+    try {
+      await p;
+      ok(false, "Must not resolve.");
+    } catch {
+      ok(true, "Must reject because the permission is cross site.");
+    }
+  });
+
+  await SpecialPowers.pushPermissions([
+    {
+      type: "AllowStorageAccessRequest^https://example.org",
+      allow: 1,
+      context: TEST_DOMAIN_7,
+    },
+  ]);
+
+  await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
+    SpecialPowers.wrap(content.document).notifyUserGestureActivation();
+    var p = content.document.completeStorageAccessRequestFromSite(tp);
+    try {
+      await p;
+      ok(
+        true,
+        "Must resolve now that we have the permission from the embedee."
+      );
+    } catch {
+      ok(false, "Must not reject.");
+    }
+  });
+
+  await SpecialPowers.pushPermissions([
+    {
+      type: "AllowStorageAccessRequest^https://example.org",
+      allow: 1,
+      context: TEST_DOMAIN_8,
+    },
+  ]);
+
+  await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
+    SpecialPowers.wrap(content.document).notifyUserGestureActivation();
+    var p = content.document.completeStorageAccessRequestFromSite(tp);
+    try {
+      await p;
+      ok(
+        true,
+        "Must resolve now that we have the permission from the embedee."
+      );
+    } catch {
+      ok(false, "Must not reject.");
+    }
+  });
+
+  await BrowserTestUtils.removeTab(tab);
+});
+
+// Note: TEST_DOMAIN_7 and TEST_DOMAIN_8 are Same-Site
+add_task(async function testIntermediatePreferenceWriteCrossOrigin() {
+  await SpecialPowers.pushPrefEnv({
+    set: [
+      ["dom.storage_access.enabled", true],
+      ["dom.storage_access.forward_declared.enabled", true],
+      [
+        "network.cookie.cookieBehavior",
+        BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
+      ],
+      ["dom.storage_access.auto_grants", false],
+      ["dom.storage_access.max_concurrent_auto_grants", 1],
+    ],
+  });
+  let tab = await BrowserTestUtils.openNewForegroundTab({
+    gBrowser,
+    url: TEST_3RD_PARTY_PAGE,
+  });
+  let browser = tab.linkedBrowser;
+  await SpecialPowers.spawn(browser, [TEST_DOMAIN_8], async tp => {
+    SpecialPowers.wrap(content.document).notifyUserGestureActivation();
+    var p = content.document.requestStorageAccessUnderSite(tp);
+    try {
+      await p;
+      ok(
+        true,
+        "Must resolve- no funny business here, we just want to set the intermediate pref"
+      );
+    } catch {
+      ok(false, "Must not reject.");
+    }
+  });
+
+  let principal =
+    Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+      TEST_DOMAIN_8
+    );
+  // Important to note that this is the site but not origin of TEST_3RD_PARTY_PAGE
+  var permission = Services.perms.testPermissionFromPrincipal(
+    principal,
+    "AllowStorageAccessRequest^https://example.org"
+  );
+  ok(permission == Services.perms.ALLOW_ACTION);
+
+  // Test that checking the permission across site works
+  principal =
+    Services.scriptSecurityManager.createContentPrincipalFromOrigin(
+      TEST_DOMAIN_7
+    );
+  // Important to note that this is the site but not origin of TEST_3RD_PARTY_PAGE
+  permission = Services.perms.testPermissionFromPrincipal(
+    principal,
+    "AllowStorageAccessRequest^https://example.org"
+  );
+  ok(permission == Services.perms.ALLOW_ACTION);
+
+  await BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async () => {
+  Services.perms.removeAll();
+  await new Promise(resolve => {
+    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+      resolve()
+    );
+  });
+});