diff options
Diffstat (limited to '')
-rw-r--r-- | toolkit/components/extensions/test/xpcshell/test_ext_dnr_modifyHeaders.js | 1072 |
1 files changed, 1072 insertions, 0 deletions
diff --git a/toolkit/components/extensions/test/xpcshell/test_ext_dnr_modifyHeaders.js b/toolkit/components/extensions/test/xpcshell/test_ext_dnr_modifyHeaders.js new file mode 100644 index 0000000000..236cda4e37 --- /dev/null +++ b/toolkit/components/extensions/test/xpcshell/test_ext_dnr_modifyHeaders.js @@ -0,0 +1,1072 @@ +"use strict"; + +const server = createHttpServer({ + hosts: ["dummy", "restricted", "yes", "no", "maybe", "cookietest"], +}); +server.registerPathHandler("/echoheaders", (req, res) => { + res.setHeader("Content-Type", "application/json"); + const headers = Object.create(null); + for (const nameSupports of req.headers) { + const name = nameSupports.QueryInterface(Ci.nsISupportsString).data; + // httpd.js automatically concats headers with ",", but in some cases it + // stores them separately, joined with "\n". + // https://searchfox.org/mozilla-central/rev/c1180ea13e73eb985a49b15c0d90e977a1aa919c/netwerk/test/httpserver/httpd.js#5271-5286 + const values = req.getHeader(name).split("\n"); + headers[name] = values.length === 1 ? values[0] : values; + } + + // Only keep custom headers, so that the test expectations does not have to + // enumerate all headers of interest. + function dropDefaultHeader(name) { + if (!(name in headers)) { + Assert.ok(false, `Header unexpectedly not found: ${name}`); + } + delete headers[name]; + } + dropDefaultHeader("host"); + dropDefaultHeader("user-agent"); + dropDefaultHeader("accept"); + dropDefaultHeader("accept-language"); + dropDefaultHeader("accept-encoding"); + dropDefaultHeader("connection"); + + res.write(JSON.stringify(headers)); +}); + +server.registerPathHandler("/host", (req, res) => { + res.write(req.getHeader("Host")); +}); + +server.registerPathHandler("/csptest", (req, res) => { + res.setHeader("Access-Control-Allow-Origin", "*"); + res.write("EXPECTED_RESPONSE_FOR /csp test"); +}); +server.registerPathHandler("/csp", (req, res) => { + // Inserting the ";" just in case something somehow merges the headers by "," + // (e.g. to "bla,; default-src http://yes http://maybe ;,bla"). + // This ensures that the server-set "default-src" CSP is not somehow mangled. + res.setHeader( + "Content-Security-Policy", + "; default-src http://yes http://maybe ;" + ); +}); + +server.registerPathHandler("/responseheadersFixture", (req, res) => { + res.setHeader("a", "server_a"); + res.setHeader("b", "server_b"); + res.setHeader("c", "server_c"); + res.setHeader("d", "server_d"); + res.setHeader("e", "server_e"); + // www-authenticate and proxy-authenticate are among the few headers where + // the test server (httpd.js) allows multiple header lines instead of + // automatically concatenating them with ",": + // https://searchfox.org/mozilla-central/rev/a4a41aafa80bf38f6e456238a60781fed46f9d08/netwerk/test/httpserver/httpd.js#5280 + res.setHeader("www-authenticate", "first_line"); + res.setHeader("www-authenticate", "second_line", /* merge */ true); + res.setHeader("proxy-authenticate", "first_line"); + res.setHeader("proxy-authenticate", "second_line", /* merge */ true); +}); + +server.registerPathHandler("/setcookie", (req, res) => { + // set-cookie is also allowed to span multiple lines. + res.setHeader("Set-Cookie", "food=yummy; max-age=999"); + res.setHeader("Set-Cookie", "second=serving; max-age=999", /* merge */ true); + res.write(req.hasHeader("Cookie") ? req.getHeader("Cookie") : ""); +}); +server.registerPathHandler("/empty", (req, res) => {}); + +add_setup(() => { + Services.prefs.setBoolPref("extensions.manifestV3.enabled", true); + Services.prefs.setBoolPref("extensions.dnr.enabled", true); + + // The restrictedDomains pref should be set early, because the pref is read + // only once (on first use) by WebExtensionPolicy::IsRestrictedURI. + Services.prefs.setCharPref( + "extensions.webextensions.restrictedDomains", + "restricted" + ); +}); + +// This function is serialized and called in the context of the test extension's +// background page. dnrTestUtils is passed to the background function. +function makeDnrTestUtils() { + const dnrTestUtils = {}; + async function fetchAsJson(url, options) { + let res = await fetch(url, options); + let txt = await res.text(); + try { + return JSON.parse(txt); + } catch (e) { + return txt; + } + } + Object.assign(dnrTestUtils, { + fetchAsJson, + }); + return dnrTestUtils; +} + +async function runAsDNRExtension({ + background, + manifest, + unloadTestAtEnd = true, +}) { + let extension = ExtensionTestUtils.loadExtension({ + background: `(${background})((${makeDnrTestUtils})())`, + allowInsecureRequests: true, + manifest: { + manifest_version: 3, + permissions: ["declarativeNetRequest"], + host_permissions: ["<all_urls>"], + granted_host_permissions: true, + ...manifest, + }, + temporarilyInstalled: true, // <-- for granted_host_permissions + }); + await extension.startup(); + await extension.awaitFinish(); + if (unloadTestAtEnd) { + await extension.unload(); + } + return extension; +} + +add_task(async function modifyHeaders_requestHeaders() { + await runAsDNRExtension({ + background: async dnrTestUtils => { + const { fetchAsJson } = dnrTestUtils; + await browser.declarativeNetRequest.updateSessionRules({ + addRules: [ + { + id: 1, + condition: { urlFilter: "set_twice" }, + action: { + type: "modifyHeaders", + requestHeaders: [ + { operation: "set", header: "a", value: "a-first" }, + // second set should be ignored after set. + { operation: "set", header: "a", value: "a-second" }, + ], + }, + }, + { + id: 2, + condition: { urlFilter: "set_and_remove" }, + action: { + type: "modifyHeaders", + requestHeaders: [ + { operation: "set", header: "b", value: "b-value" }, + // remove should be ignored after set. + { operation: "remove", header: "b" }, + ], + }, + }, + { + id: 3, + condition: { urlFilter: "remove_and_set" }, + action: { + type: "modifyHeaders", + requestHeaders: [ + { operation: "remove", header: "c" }, + // set should be ignored after remove. + { operation: "set", header: "c", value: "c-value" }, + // append should be ignored after remove. + { operation: "append", header: "c", value: "c-appended" }, + ], + }, + }, + { + id: 4, + condition: { urlFilter: "remove_only" }, + action: { + type: "modifyHeaders", + requestHeaders: [{ operation: "remove", header: "d" }], + }, + }, + { + id: 5, + condition: { urlFilter: "append_twice" }, + action: { + type: "modifyHeaders", + requestHeaders: [ + { operation: "append", header: "e", value: "e-first" }, + { operation: "append", header: "e", value: "e-second" }, + ], + }, + }, + { + id: 6, + condition: { urlFilter: "set_and_append" }, + action: { + type: "modifyHeaders", + requestHeaders: [ + { operation: "set", header: "f", value: "f-first" }, + { operation: "append", header: "f", value: "f-second" }, + ], + }, + }, + ], + }); + + browser.test.assertDeepEq( + { existing: "header" }, + await fetchAsJson( + "http://dummy/echoheaders?not_matching_any_dnr_rule", + { headers: { existing: "header" } } + ), + "Sanity check: should echo original headers without matching DNR rules" + ); + + // Tests set_twice rule: + + browser.test.assertDeepEq( + { a: "a-first" }, + await fetchAsJson("http://dummy/echoheaders?set_twice"), + "only the first header should be used when set twice" + ); + browser.test.assertDeepEq( + { a: "a-first" }, + await fetchAsJson("http://dummy/echoheaders?set_twice", { + headers: { a: "original" }, + }), + "original header should be overwritten by DNR" + ); + + // Tests set_and_remove rule: + + browser.test.assertDeepEq( + { b: "b-value" }, + await fetchAsJson("http://dummy/echoheaders?set_and_remove"), + "after setting a header, remove should be ignored" + ); + browser.test.assertDeepEq( + { b: "b-value" }, + await fetchAsJson("http://dummy/echoheaders?set_and_remove", { + headers: { b: "original" }, + }), + "after overwriting a header, remove should be ignored" + ); + + // Tests remove_and_set rule: + + browser.test.assertDeepEq( + { start: "START", end: "end" }, + await fetchAsJson("http://dummy/echoheaders?remove_and_set", { + headers: { start: "START", c: "remove me", end: "end" }, + }), + "after removing a header, remove should be ignored" + ); + browser.test.assertDeepEq( + {}, + await fetchAsJson("http://dummy/echoheaders?remove_and_set"), + "after a remove op (despite no existing header), set should be ignored" + ); + + // Tests remove_only rule: + + browser.test.assertDeepEq( + {}, + await fetchAsJson("http://dummy/echoheaders?remove_only", { + headers: { d: "remove me please" }, + }), + "should remove header" + ); + + // Tests append_twice rule: + + browser.test.assertDeepEq( + { e: "original, e-first, e-second" }, + await fetchAsJson("http://dummy/echoheaders?append_twice", { + headers: { e: "original" }, + }), + "should append headers" + ); + browser.test.assertDeepEq( + { e: "e-first, e-second" }, + await fetchAsJson("http://dummy/echoheaders?append_twice"), + "should append headers if there are no existing ones yet" + ); + + // Tests set_and_append rule: + + browser.test.assertDeepEq( + { f: "f-first, f-second" }, + await fetchAsJson("http://dummy/echoheaders?set_and_append", { + headers: { f: "original" }, + }), + "should overwrite and append headers" + ); + + // All rules together: + + browser.test.assertDeepEq( + { + a: "a-first", + b: "b-value", + e: "olde, e-first, e-second", + f: "f-first, f-second", + extra: "", + }, + await fetchAsJson( + "http://dummy/echoheaders?set_twice,set_and_remove,remove_and_set,remove_only,append_twice,set_and_append", + { + headers: { + a: "olda", + b: "oldb", + c: "oldc", + d: "oldd", + e: "olde", + f: "oldf", + extra: "", + }, + } + ), + "modifyHeaders actions from multiple rules should all apply" + ); + + browser.test.notifyPass(); + }, + }); +}); + +// Host header is restricted, for details see bug 1467523. +add_task(async function requestHeaders_set_host_header() { + async function background() { + const makeModifyHostRule = (id, urlFilter, value) => ({ + id, + condition: { urlFilter }, + action: { + type: "modifyHeaders", + requestHeaders: [{ operation: "set", header: "Host", value }], + }, + }); + await browser.declarativeNetRequest.updateSessionRules({ + addRules: [ + makeModifyHostRule(1, "yes_host_permissions", "yes"), + makeModifyHostRule(2, "no_host_permissions", "no"), + makeModifyHostRule(3, "restricted_domain", "restricted"), + ], + }); + + browser.test.assertEq( + "yes", + await (await fetch("http://dummy/host?yes_host_permissions")).text(), + "Host header value allowed if extension has permission for new value" + ); + + browser.test.assertEq( + "dummy", + await (await fetch("http://dummy/host?no_host_permissions")).text(), + "Host header value ignored if extension misses permission for new value" + ); + + browser.test.assertEq( + "dummy", + await (await fetch("http://dummy/host?restricted_domain")).text(), + "Host header value ignored if new host is in restrictedDomains" + ); + + browser.test.notifyPass(); + } + const { messages } = await promiseConsoleOutput(async () => { + await runAsDNRExtension({ + manifest: { + // Note: host_permissions without "*://no/*". + host_permissions: ["*://dummy/*", "*://yes/*", "*://restricted/*"], + }, + background, + }); + }); + + AddonTestUtils.checkMessages(messages, { + expected: [ + { + message: + /Failed to apply modifyHeaders action to header "Host" \(DNR rule id 2 from ruleset "_session"\): Error: Unable to set host header, url missing from permissions\./, + }, + { + message: + /Failed to apply modifyHeaders action to header "Host" \(DNR rule id 3 from ruleset "_session"\): Error: Unable to set host header to restricted url\./, + }, + ], + }); +}); + +add_task(async function requestHeaders_set_host_header_multiple_extensions() { + async function background() { + const hostHeaderValue = browser.runtime.getManifest().name; + + await browser.declarativeNetRequest.updateSessionRules({ + addRules: [ + { + id: 1, + condition: { resourceTypes: ["xmlhttprequest"] }, + action: { + type: "modifyHeaders", + requestHeaders: [ + { operation: "set", header: "Host", value: hostHeaderValue }, + // Add a unique header for each request to verify that the + // extension can still modify other headers despite failure to + // modify the host header. + { operation: "set", header: hostHeaderValue, value: "setbydnr" }, + ], + }, + }, + ], + }); + browser.test.notifyPass(); + } + // Precedence is in install order, most recent first. + // While this extension is permitted to change Host to "maybe", it has a lower + // precedence than extensionWithPermissionAndHigherPrecedence. + let extensionWithPermissionButLowerPrecedence = await runAsDNRExtension({ + unloadTestAtEnd: false, + manifest: { + name: "maybe", + host_permissions: ["*://dummy/*", "*://maybe/*"], + }, + background, + }); + // This extension is permitted to change Host to "yes". + let extensionWithPermissionAndHigherPrecedence = await runAsDNRExtension({ + unloadTestAtEnd: false, + manifest: { name: "yes", host_permissions: ["*://dummy/*", "*://yes/*"] }, + background, + }); + // While this extension has the highest precedence by install order, it does + // not have permission to change "Host" to "no". + let extensionWithoutPermissionForHostHeader = await runAsDNRExtension({ + unloadTestAtEnd: false, + manifest: { name: "no", host_permissions: ["*://dummy/*"] }, + background, + }); + + Assert.equal( + await ExtensionTestUtils.fetch("http://dummy/", "http://dummy/host"), + "yes", + "Host header changedby the most recently installed extension with the right permission" + ); + + const { messages, result } = await promiseConsoleOutput(() => + ExtensionTestUtils.fetch("http://dummy/", "http://dummy/echoheaders") + ); + Assert.equal( + result, + `{"referer":"http://dummy/","no":"setbydnr","yes":"setbydnr","maybe":"setbydnr"}`, + "Host header changedby the most recently installed extension with the right permission" + ); + AddonTestUtils.checkMessages(messages, { + expected: [ + { + message: + /Failed to apply modifyHeaders action to header "Host" \(DNR rule id 1 from ruleset "_session"\): Error: Unable to set host header, url missing from permissions\./, + }, + ], + }); + + await extensionWithPermissionButLowerPrecedence.unload(); + await extensionWithPermissionAndHigherPrecedence.unload(); + await extensionWithoutPermissionForHostHeader.unload(); +}); + +add_task(async function modifyHeaders_responseHeaders() { + await runAsDNRExtension({ + background: async () => { + await browser.declarativeNetRequest.updateSessionRules({ + addRules: [ + { + id: 1, + condition: { urlFilter: "/responseheadersFixture" }, + action: { + type: "modifyHeaders", + responseHeaders: [ + { operation: "set", header: "a", value: "a-first" }, + // remove after set should be ignored: + { operation: "remove", header: "a" }, + // Second set should be ignored: + { operation: "set", header: "a", value: "a-second" }, + // But append is permitted: + { operation: "append", header: "a", value: "a-third" }, + // Another append is allowed too: + { operation: "append", header: "a", value: "a-fourth" }, + // An unrelated set is accepted: + { operation: "set", header: "b", value: "b-dnr" }, + // An unrelated remove is also accepted: + { operation: "remove", header: "c" }, + // An unrelated append is also accepted: + { operation: "append", header: "d", value: "d-dnr" }, + // The server also sends the "e" header, we don't touch that. + + // The server sends the www-authenticate header on two lines, + // which should be removed. + { operation: "remove", header: "www-authenticate" }, + // The server also sends the proxy-authenticate header on two + // lines, but we don't touch that. + ], + }, + }, + ], + }); + + let { headers } = await fetch("http://dummy/responseheadersFixture"); + browser.test.assertEq( + "a-first, a-third, a-fourth", + headers.get("a"), + "a set, ignored set + remove, 2x append" + ); + browser.test.assertEq("b-dnr", headers.get("b"), "b set"); + browser.test.assertEq(null, headers.get("c"), "c removed"); + browser.test.assertEq("server_d, d-dnr", headers.get("d"), "d appended"); + browser.test.assertEq("server_e", headers.get("e"), "e not touched"); + browser.test.assertEq( + null, + headers.get("www-authenticate"), + "multi-line www-authenticate header removed" + ); + + // Multi-line http headers cannot be tested through fetch/Headers. This is + // a known limitation of that API, see e.g. note about Set-Cookie in the + // fetch spec - https://fetch.spec.whatwg.org/#headers-class + browser.test.assertEq( + null, // Note: null because Headers does not see multi-line headers. + headers.get("proxy-authenticate"), + "multi-line proxy-authenticate header kept (but fetch cannot see it)" + ); + + // XMLHttpRequest can return multi-line values, so we use that instead. + const xhr = new XMLHttpRequest(); + await new Promise(r => { + xhr.onloadend = r; + xhr.open("GET", "http://dummy/responseheadersFixture?xhr"); + xhr.send(); + }); + browser.test.assertEq( + null, + xhr.getResponseHeader("www-authenticate"), + "multi-line www-authenticate header removed" + ); + browser.test.assertEq( + "first_line\nsecond_line", + xhr.getResponseHeader("proxy-authenticate"), + "multi-line proxy-authenticate header kept (seen through XHR)" + ); + + browser.test.notifyPass(); + }, + }); +}); + +add_task(async function responseHeaders_set_content_security_policy_header() { + let extension = await runAsDNRExtension({ + unloadTestAtEnd: false, + background: async () => { + // By default, a DNR condition excludes the main frame. But to verify that + // the CSP works, we have to modify the CSP header of a document request. + const resourceTypes = ["main_frame"]; + await browser.declarativeNetRequest.updateSessionRules({ + addRules: [ + { + id: 1, + condition: { resourceTypes, urlFilter: "/csp?remove" }, + action: { + type: "modifyHeaders", + responseHeaders: [ + { operation: "remove", header: "Content-Security-Policy" }, + ], + }, + }, + { + id: 2, + condition: { resourceTypes, urlFilter: "/csp?append_to_server" }, + action: { + type: "modifyHeaders", + responseHeaders: [ + { + operation: "append", + header: "Content-Security-Policy", + // Server has "default-src http://yes http://maybe". When + // multiple CSP header lines are present, all policies should + // be enforced, thus "http://no" below should be ignored, and + // the "http://maybe" from the server be ignored. + value: "connect-src http://YES http://not-maybe http://no", + }, + ], + }, + }, + { + id: 3, + condition: { resourceTypes, urlFilter: "/csp?set_and_append" }, + action: { + type: "modifyHeaders", + responseHeaders: [ + { + operation: "set", + header: "Content-Security-Policy", + value: "connect-src 1-of-2 http://yes http://maybe", + }, + { + operation: "append", + header: "Content-Security-Policy", + value: "connect-src 2-of-2 http://yes", + }, + ], + }, + }, + ], + }); + + browser.test.notifyPass(); + }, + }); + + async function testFetchAndCSP(url) { + info(`testFetchAndCSP: ${url}`); + let contentPage = await ExtensionTestUtils.loadContentPage(url); + let cspTestResults = await contentPage.spawn([], async () => { + const { document } = content; + async function doFetchAndCheckCSP(url) { + const cspTestResult = { url, violatedCSP: [] }; + let cspListener; + let cspEventPromise = new Promise(resolve => { + cspListener = e => { + cspTestResult.violatedCSP.push(e.originalPolicy); + // A CSP violation results in an event for each violated policy, + // dispatched after each other. Post a macrotask to ensure that all + // violations are caught. + content.setTimeout(resolve, 0); + }; + }); + document.addEventListener("securitypolicyviolation", cspListener); + try { + let res = await content.fetch(url); + let responseText = await res.text(); + if (responseText !== "EXPECTED_RESPONSE_FOR /csp test") { + cspTestResult.unexpectedResponseText = responseText; + } + // No await cspEventPromise, because we are not expecting any errors. + // If there was any CSP violation, we would have ended in catch. + } catch (e) { + dump(`\nFailed to fetch ${url}, waiting for CSP report/event.\n`); + await cspEventPromise; + } + document.removeEventListener("securitypolicyviolation", cspListener); + return cspTestResult; + } + + return { + yes: await doFetchAndCheckCSP("http://yes/csptest"), + maybe: await doFetchAndCheckCSP("http://maybe/csptest"), + no: await doFetchAndCheckCSP("http://no/csptest"), + }; + }); + await contentPage.close(); + return cspTestResults; + } + + // Note: this is derived from the server's policy. The server sends a bit more + // in the Content-Security-Policy header (i.e. ";"), but the normalized form + // is as follows. + const SERVER_DEFAULT_CSP = "default-src http://yes http://maybe"; + + // First, sanity check: + Assert.deepEqual( + await testFetchAndCSP("http://dummy/csp"), + { + yes: { url: "http://yes/csptest", violatedCSP: [] }, + maybe: { url: "http://maybe/csptest", violatedCSP: [] }, + no: { url: "http://no/csptest", violatedCSP: [SERVER_DEFAULT_CSP] }, + }, + "Sanity check: Server sends CSP that only allows requests to http://yes." + ); + + Assert.deepEqual( + await testFetchAndCSP("http://dummy/csp?remove"), + { + yes: { url: "http://yes/csptest", violatedCSP: [] }, + maybe: { url: "http://maybe/csptest", violatedCSP: [] }, + no: { url: "http://no/csptest", violatedCSP: [] }, + }, + "DNR remove CSP: results in no requests blocked by CSP" + ); + + Assert.deepEqual( + { + yes: { url: "http://yes/csptest", violatedCSP: [] }, + maybe: { + url: "http://maybe/csptest", + violatedCSP: [ + // This value was appended by DNR (with upper-case "http://YES", but + // the normalized form should be lowercase "http://yes"), and notably + // the "yes" request above should still pass. + "connect-src http://yes http://not-maybe http://no", + ], + }, + no: { url: "http://no/csptest", violatedCSP: [SERVER_DEFAULT_CSP] }, + }, + await testFetchAndCSP("http://dummy/csp?append_to_server"), + "DNR append CSP: should enforce CSP of server and DNR" + ); + + Assert.deepEqual( + await testFetchAndCSP("http://dummy/csp?set_and_append"), + { + yes: { url: "http://yes/csptest", violatedCSP: [] }, + maybe: { + url: "http://maybe/csptest", + violatedCSP: [ + // Note: "http://" is before 2-of-2 due to bug 1804145. + "connect-src http://2-of-2 http://yes", + ], + }, + no: { + url: "http://no/csptest", + violatedCSP: [ + // Note: "http://" is before 1-of-2 and 2-of-2 due to bug 1804145. + "connect-src http://1-of-2 http://yes http://maybe", + "connect-src http://2-of-2 http://yes", + ], + }, + }, + "DNR set + append CSP: should enforce both CSPs from DNR" + ); + + await extension.unload(); +}); + +// Set-Cookie is special because it may span multiple lines. This test tests a +// combination of requestHeaders/responseHeaders and that the DNR-set cookies +// are really working, i.e. visible to server and/or modifying the client's +// cookie jar. +add_task(async function requestHeaders_and_responseHeaders_cookies() { + let extension = await runAsDNRExtension({ + unloadTestAtEnd: false, + background: async () => { + // By default, a DNR condition excludes the main frame. But this test uses + // a document load to verify that cookie header modifications (if any) are + // reflected in document.cookie. + const resourceTypes = ["main_frame"]; + + await browser.declarativeNetRequest.updateSessionRules({ + addRules: [ + { + id: 1, + condition: { resourceTypes, urlFilter: "dnr_resp_drop_cookie" }, + action: { + type: "modifyHeaders", + responseHeaders: [{ operation: "remove", header: "set-cookie" }], + }, + }, + { + id: 2, + condition: { resourceTypes, urlFilter: "dnr_resp_set_cookie" }, + action: { + type: "modifyHeaders", + responseHeaders: [ + { + operation: "set", + header: "set-cookie", + value: "dnr_res=set; max-age=999", + }, + ], + }, + }, + { + id: 3, + condition: { resourceTypes, urlFilter: "dnr_set_cookie_to_req" }, + action: { + type: "modifyHeaders", + requestHeaders: [ + { operation: "set", header: "cookie", value: "dnr_req=1" }, + ], + }, + }, + { + id: 4, + condition: { + resourceTypes, + urlFilter: "dnr_append_cookie_to_req_and_res", + }, + action: { + type: "modifyHeaders", + requestHeaders: [ + // Just for extra coverage, mix upper/lower case. + { operation: "append", header: "Cookie", value: "DNR_APP=1" }, + { operation: "append", header: "cookie", value: "DNR_app=2" }, + ], + responseHeaders: [ + { + operation: "append", + header: "set-cookie", + value: "dnr_res=appended; max-age=999", + }, + ], + }, + }, + { + id: 5, + condition: { + resourceTypes, + urlFilter: "dnr_set_server_cookies_expired", + }, + action: { + type: "modifyHeaders", + responseHeaders: [ + { + operation: "set", + header: "set-cookie", + value: "food=deletedbydnr; second=deletedbydnr; max-age=-1", + }, + { + operation: "append", + header: "set-cookie", + value: "second=deletedbydnr; max-age=-1", + }, + ], + }, + }, + { + id: 6, + condition: { + resourceTypes, + urlFilter: "dnr_resp_append_expired_cookie", + }, + action: { + type: "modifyHeaders", + responseHeaders: [ + { + operation: "append", + header: "set-cookie", + value: "dnr_res=deleteme; max-age=-1", + }, + ], + }, + }, + ], + }); + + browser.test.notifyPass(); + }, + }); + + async function loadPageAndGetCookies(pathAndQuery) { + const url = `http://cookietest${pathAndQuery}`; + info(`loadPageAndGetCookies: ${url}`); + let contentPage = await ExtensionTestUtils.loadContentPage(url); + let res = await contentPage.spawn([], () => { + const { document } = content; + const sortCookies = s => s.split("; ").sort().join("; "); + return { + // Server at /setcookie echos value of Cookie request header. + serverSeenCookies: sortCookies(document.body.textContent), + clientSeenCookies: sortCookies(document.cookie), + }; + }); + await contentPage.close(); + return res; + } + + Assert.deepEqual( + { serverSeenCookies: "", clientSeenCookies: "" }, + await loadPageAndGetCookies("/setcookie?dnr_resp_drop_cookie"), + "Set-Cookie from server ignored due to DNR (remove Set-Cookie)" + ); + Assert.deepEqual( + { + serverSeenCookies: "", + clientSeenCookies: "dnr_res=set", + }, + await loadPageAndGetCookies("/setcookie?dnr_resp_set_cookie"), + "Set-Cookie from server overwritten by DNR (set Set-Cookie)" + ); + Assert.deepEqual( + { + // No cookies from previous request + request-specific cookie from DNR. + serverSeenCookies: "dnr_req=1", + // Notably, "dnr_req=1" should be missing from clientSeenCookies, because + // it is added in the request, so only seen by the server. Only cookies + // set by Set-Cookie are persisted/seen by the client. + clientSeenCookies: "dnr_res=set; food=yummy; second=serving", + }, + await loadPageAndGetCookies("/setcookie?dnr_set_cookie_to_req"), + "Cookie req header from DNR, shadows existing client-generated Cookie header" + ); + Assert.deepEqual( + { + // Cookies from previous request + request-specific cookies from DNR. + serverSeenCookies: + "DNR_APP=1; DNR_app=2; dnr_res=set; food=yummy; second=serving", + // NDR_APP and DNR_app are notably missing. dnr_res was modified by DNR, + // because an appended cookie with the same name overwrites existing one. + clientSeenCookies: "dnr_res=appended; food=yummy; second=serving", + }, + await loadPageAndGetCookies("/setcookie?dnr_append_cookie_to_req_and_res"), + "Cookie req header from DNR, merged with existing client cookies; Set-Cookie from server merged with DNR (append Set-Cookie)" + ); + Assert.deepEqual( + { + // Cookies from previous request (not changed by DNR): + serverSeenCookies: "dnr_res=appended; food=yummy; second=serving", + // Server cookies removed, only previously added DNR cookie sticks: + clientSeenCookies: "dnr_res=appended", + }, + await loadPageAndGetCookies("/setcookie?dnr_set_server_cookies_expired"), + "Set-Cookie from server expired by DNR (set Set-Cookie + expire server cookies)" + ); + Assert.deepEqual( + { + // Cookies from previous request (not changed by DNR): + serverSeenCookies: "dnr_res=appended", + // Cookies from server; because we used "append", they should merge, and + // expire the previous DNR cookie, and create the server-set cookies. + clientSeenCookies: "food=yummy; second=serving", + }, + await loadPageAndGetCookies("/setcookie?dnr_resp_append_expired_cookie"), + "Set-Cookie from server merged with DNR (append Set-Cookie + expire dnr_res)" + ); + // We've already tested dnr_set_server_cookies_expired before, now we're just + // cleaning up. + Assert.deepEqual( + { + serverSeenCookies: "food=yummy; second=serving", + clientSeenCookies: "", + }, + await loadPageAndGetCookies("/setcookie?dnr_set_server_cookies_expired"), + "DNR cleared remaining cookies (set Set-Cookie + expire server cookies)" + ); + + await extension.unload(); +}); + +// This test confirms the effective modifyHeaders actions if multiple extensions +// have matching modifyHeaders rules. Only one extension is allowed to modify +// headers. +add_task(async function modifyHeaders_multiple_extensions() { + async function background() { + const extName = browser.runtime.getManifest().name; + function makeModifyHeadersRule(id, operation, headerName) { + const urlFilter = `${extName}_${operation}_${headerName}`; + let value; + if (operation !== "remove") { + // Use the urlFilter as value so that it's obvious which rule added it. + value = urlFilter; + } + return { + id, + condition: { urlFilter }, + action: { + type: "modifyHeaders", + // As the logic of responseHeaders and requestHeaders is shared, it + // suffices to only check responseHeaders here. + responseHeaders: [{ operation, header: headerName, value }], + }, + }; + } + await browser.declarativeNetRequest.updateSessionRules({ + addRules: [ + makeModifyHeadersRule(1, "set", "a"), + makeModifyHeadersRule(2, "remove", "a"), + makeModifyHeadersRule(3, "append", "a"), + makeModifyHeadersRule(4, "set", "b"), + makeModifyHeadersRule(5, "remove", "b"), + makeModifyHeadersRule(6, "append", "b"), + ], + }); + browser.test.notifyPass(); + } + + // Cross-extension rule precedence is in the order of extension installation. + const prioTwoExtension = await runAsDNRExtension({ + manifest: { name: "prioTwo" }, + background, + unloadTestAtEnd: false, + }); + const prioOneExtension = await runAsDNRExtension({ + manifest: { name: "prioOne" }, + background, + unloadTestAtEnd: false, + }); + + let contentPage = await ExtensionTestUtils.loadContentPage( + "http://dummy/empty" + ); + async function checkHeaderActionResult(query, expectedHeaders, description) { + const url = `/responseheadersFixture?${query}`; + const result = await contentPage.spawn([url], async url => { + const res = await content.fetch(url); + return { + a: res.headers.get("a"), + b: res.headers.get("b"), + }; + }); + Assert.deepEqual( + result, + expectedHeaders, + `${description} - Expected headers for ${url}` + ); + } + + await checkHeaderActionResult( + "", + { + a: "server_a", + b: "server_b", + }, + "Sanity check: headers should be unmodified without matching DNR rules" + ); + + // First: verify that "set" is only permitted if there are no other extensions + // that have already modified the header. Note that this requirement already + // holds for actions within one extension, so they should still be enforced + // for modifyHeaders actions from multiple extensions. + await checkHeaderActionResult( + "prioOne_set_a,prioTwo_set_a,prioTwo_set_b", + { + a: "prioOne_set_a", + b: "prioTwo_set_b", + }, + "set should only be allowed if no other extension has set a header" + ); + await checkHeaderActionResult( + "prioOne_remove_a,prioTwo_set_a,prioTwo_set_b", + { + a: null, + b: "prioTwo_set_b", + }, + "set should only be allowed if no other extension has removed the header" + ); + await checkHeaderActionResult( + "prioOne_append_a,prioTwo_set_a,prioTwo_set_b", + { + a: "server_a, prioOne_append_a", + b: "prioTwo_set_b", + }, + "set should only be allowed if no other extension has appended the header" + ); + + // The "remove" operation is not logically conflicting, let's confirm that it + // works as usual. + await checkHeaderActionResult( + "prioOne_remove_a,prioTwo_remove_a,prioTwo_remove_b", + { + a: null, + b: null, + }, + "remove should work, regardless of the number of extensions that use it" + ); + + // While an extension can specify multiple "append" operations, only one + // extension should be able to use it. Another extension is still allowed to + // modify an unrelated, not-yet-modified header. + await checkHeaderActionResult( + "prioOne_append_a,prioTwo_append_a,prioTwo_append_b", + { + a: "server_a, prioOne_append_a", + b: "server_b, prioTwo_append_b", + }, + "Only one extension may modify a specific header" + ); + + await contentPage.close(); + await prioOneExtension.unload(); + await prioTwoExtension.unload(); +}); |