Merging upstream version 127.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

4 files changed, 168 insertions, 0 deletions

diff --git a/toolkit/components/antitracking/test/browser/browser.toml b/toolkit/components/antitracking/test/browser/browser.toml
index edb429b49e..76023a1f9d 100644
--- a/toolkit/components/antitracking/test/browser/browser.toml
+++ b/toolkit/components/antitracking/test/browser/browser.toml
@@ -122,6 +122,12 @@ support-files = ["clearSiteData.sjs"]
 ["browser_partitionedCookies.js"]
 support-files = ["cookies.sjs"]
 
+["browser_partitionedDedicatedWorker.js"]
+support-files = [
+  "cookies.sjs",
+  "dedicatedWorker.js",
+]
+
 ["browser_partitionedDOMCache.js"]
 
 ["browser_partitionedIndexedDB.js"]
@@ -322,6 +328,10 @@ tags = "remote-settings"
 skip-if = ["os == 'linux' && asan"]  # Bug 1713909 - new Fission platform triage
 support-files = ["file_stripping.html"]
 
+["browser_urlQueryStringStrippingWithEncoding.js"]
+skip-if = ["os == 'linux' && asan"]
+support-files = ["file_stripping.html"]
+
 ["browser_urlQueryStringStripping_allowList.js"]
 support-files = ["file_stripping.html"]
 
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionedDedicatedWorker.js b/toolkit/components/antitracking/test/browser/browser_partitionedDedicatedWorker.js
new file mode 100644
index 0000000000..55156beca3
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionedDedicatedWorker.js
@@ -0,0 +1,58 @@
+PartitionedStorageHelper.runTestInNormalAndPrivateMode(
+  "DedicatedWorkers",
+  async (win3rdParty, win1stParty) => {
+    // Set one cookie to the first party context.
+    await win1stParty.fetch("cookies.sjs?first").then(r => r.text());
+
+    // Create a dedicated worker in the first-party context.
+    let firstPartyWorker = new win1stParty.Worker("dedicatedWorker.js");
+
+    // Verify that the cookie from the first-party worker.
+    await new Promise(resolve => {
+      firstPartyWorker.addEventListener("message", msg => {
+        is(
+          msg.data,
+          "cookie:foopy=first",
+          "Got the expected first-party cookie."
+        );
+        resolve();
+      });
+
+      firstPartyWorker.postMessage("getCookies");
+    });
+
+    // Set one cookie to the third-party context.
+    await win3rdParty
+      .fetch("cookies.sjs?3rd;Partitioned;Secure")
+      .then(r => r.text());
+
+    // Create a dedicated worker in the third-party context.
+    let thirdPartyWorker = new win3rdParty.Worker("dedicatedWorker.js");
+
+    // Verify that the third-party worker cannot access first-party cookies.
+    await new Promise(resolve => {
+      thirdPartyWorker.addEventListener("message", msg => {
+        is(
+          msg.data,
+          "cookie:foopy=3rd",
+          "Got the expected third-party cookie."
+        );
+        resolve();
+      });
+
+      thirdPartyWorker.postMessage("getCookies");
+    });
+
+    firstPartyWorker.terminate();
+    thirdPartyWorker.terminate();
+  },
+
+  async _ => {
+    await new Promise(resolve => {
+      Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, () =>
+        resolve()
+      );
+    });
+  },
+  []
+);
diff --git a/toolkit/components/antitracking/test/browser/browser_urlQueryStringStrippingWithEncoding.js b/toolkit/components/antitracking/test/browser/browser_urlQueryStringStrippingWithEncoding.js
new file mode 100644
index 0000000000..9cc7c381c8
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_urlQueryStringStrippingWithEncoding.js
@@ -0,0 +1,93 @@
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+const TEST_THIRD_PARTY_DOMAIN = TEST_DOMAIN_2;
+const TEST_URI = TEST_DOMAIN + TEST_PATH + "file_stripping.html";
+const TEST_THIRD_PARTY_URI =
+  TEST_THIRD_PARTY_DOMAIN + TEST_PATH + "file_stripping.html";
+
+async function verifyQueryString(browser, expected) {
+  await SpecialPowers.spawn(browser, [expected], expected => {
+    // Strip the first question mark.
+    let search = content.location.search.slice(1);
+
+    is(search, expected, "The query string is correct.");
+  });
+}
+
+let listService;
+
+add_setup(async function () {
+  await SpecialPowers.pushPrefEnv({
+    set: [
+      ["privacy.query_stripping.strip_list", "paramToStrip1 paramToStrip2"],
+      ["privacy.query_stripping.redirect", true],
+      ["privacy.query_stripping.enabled", true],
+      ["privacy.query_stripping.listService.logLevel", "Debug"],
+      ["privacy.query_stripping.strip_on_share.enabled", false],
+    ],
+  });
+
+  // Get the list service so we can wait for it to be fully initialized before running tests.
+  listService = Cc["@mozilla.org/query-stripping-list-service;1"].getService(
+    Ci.nsIURLQueryStrippingListService
+  );
+  // Here we don't care about the actual enabled state, we just want any init to be done so we get reliable starting conditions.
+  await listService.testWaitForInit();
+});
+
+add_task(async function testRedirectWithStrippingMultipleTimes() {
+  info(
+    "Start testing query stripping for redirect link with multiple query paramaters"
+  );
+
+  const NESTED_QUERY = "paramToStrip1=123&paramToKeep=123";
+  const NESTED_QUERY_STRIPPED = "paramToKeep=123";
+  const INITIAL_QUERY = "paramToStrip2=123";
+
+  let encodedURI = encodeURIComponent(
+    `${TEST_THIRD_PARTY_URI}?${NESTED_QUERY}`
+  );
+
+  let testThirdPartyURI = `${TEST_URI}?redirect=${encodedURI}&${INITIAL_QUERY}`;
+  let testThirdPartyURIStrippedQuery = `redirect=${encodedURI}`;
+  let targetURI = `${TEST_THIRD_PARTY_URI}?${NESTED_QUERY_STRIPPED}`;
+
+  // 1. Open a new tab with the redirect link
+  let tab = await BrowserTestUtils.openNewForegroundTab(
+    gBrowser,
+    testThirdPartyURI
+  );
+  let browser = tab.linkedBrowser;
+
+  // 2. Ensure the initial query parameter is stripped before the redirect
+  await verifyQueryString(browser, testThirdPartyURIStrippedQuery);
+
+  // Create the promise to wait for the location change.
+  let targetURLLoadedPromise = BrowserTestUtils.browserLoaded(
+    browser,
+    false,
+    targetURI
+  );
+
+  // 4. Trigger redirect by decoding the embedded URI
+  await SpecialPowers.spawn(browser, [], async function () {
+    let url = new URL(content.location);
+    let value = url.searchParams.get("redirect");
+    let decodedValue = decodeURIComponent(value);
+
+    content.location.href = decodedValue;
+  });
+
+  // 5. Wait for the location change
+  await targetURLLoadedPromise;
+
+  // 6. Verify that the query parameters in the nested link have been stripped
+  await verifyQueryString(browser, NESTED_QUERY_STRIPPED);
+
+  BrowserTestUtils.removeTab(tab);
+});
diff --git a/toolkit/components/antitracking/test/browser/dedicatedWorker.js b/toolkit/components/antitracking/test/browser/dedicatedWorker.js
index 72fd4ad850..6766709a8a 100644
--- a/toolkit/components/antitracking/test/browser/dedicatedWorker.js
+++ b/toolkit/components/antitracking/test/browser/dedicatedWorker.js
@@ -1,3 +1,10 @@
 self.onmessage = msg => {
+  if (msg.data == "getCookies") {
+    fetch("cookies.sjs")
+      .then(response => response.text())
+      .then(data => postMessage(data));
+    return;
+  }
+
   self.postMessage(msg.data);
 };