From a90a5cba08fdf6c0ceb95101c275108a152a3aed Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 12 Jun 2024 07:35:37 +0200 Subject: Merging upstream version 127.0. Signed-off-by: Daniel Baumann --- ...st_bouncetracking_clearExpiredUserActivation.js | 10 +- ...uncetracking_importUserActivationPermissions.js | 153 +++++++++++++++++++++ .../test/xpcshell/test_bouncetracking_purge.js | 62 +++++++-- .../test/xpcshell/xpcshell.toml | 3 + 4 files changed, 217 insertions(+), 11 deletions(-) create mode 100644 toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_importUserActivationPermissions.js (limited to 'toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell') diff --git a/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_clearExpiredUserActivation.js b/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_clearExpiredUserActivation.js index 28a1350b3e..a52fb7fd46 100644 --- a/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_clearExpiredUserActivation.js +++ b/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_clearExpiredUserActivation.js @@ -69,13 +69,19 @@ add_task(async function test() { // Assert that expired user activations have been cleared. Assert.deepEqual( - btp.testGetUserActivationHosts({}).sort(), + btp + .testGetUserActivationHosts({}) + .map(entry => entry.siteHost) + .sort(), ["not-expired1.com", "not-expired2.com"], "Expired user activation flags have been cleared for normal browsing." ); Assert.deepEqual( - btp.testGetUserActivationHosts({ privateBrowsingId: 1 }).sort(), + btp + .testGetUserActivationHosts({ privateBrowsingId: 1 }) + .map(entry => entry.siteHost) + .sort(), ["pbm-not-expired.com"], "Expired user activation flags have been cleared for private browsing." ); diff --git a/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_importUserActivationPermissions.js b/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_importUserActivationPermissions.js new file mode 100644 index 0000000000..5150d074c2 --- /dev/null +++ b/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_importUserActivationPermissions.js @@ -0,0 +1,153 @@ +/* Any copyright is dedicated to the Public Domain. +https://creativecommons.org/publicdomain/zero/1.0/ */ + +"use strict"; + +const { PermissionTestUtils } = ChromeUtils.importESModule( + "resource://testing-common/PermissionTestUtils.sys.mjs" +); + +const DOMAIN_A = "example.com"; +const SUB_DOMAIN_A = "sub." + DOMAIN_A; +const DOMAIN_B = "example.org"; +const DOMAIN_C = "example.net"; + +const ORIGIN_A = "https://" + DOMAIN_A; +const ORIGIN_SUB_A = "https://" + SUB_DOMAIN_A; +const ORIGIN_B = "https://" + DOMAIN_B; +const ORIGIN_C = "https://" + DOMAIN_C; +const ORIGIN_NON_HTTP = "file:///foo/bar.html"; + +const OA_PBM = { privateBrowsingId: 1 }; +const PRINCIPAL_C_PBM = Services.scriptSecurityManager.createContentPrincipal( + Services.io.newURI(ORIGIN_C), + OA_PBM +); + +let btp; +let userActivationLifetimeSec = Services.prefs.getIntPref( + "privacy.bounceTrackingProtection.bounceTrackingActivationLifetimeSec" +); + +function cleanup() { + btp.clearAll(); + Services.perms.removeAll(); + Services.prefs.setBoolPref( + "privacy.bounceTrackingProtection.hasMigratedUserActivationData", + false + ); +} + +add_setup(function () { + // Need a profile to data clearing calls. + do_get_profile(); + + btp = Cc["@mozilla.org/bounce-tracking-protection;1"].getService( + Ci.nsIBounceTrackingProtection + ); + + // Clean initial state. + cleanup(); +}); + +add_task(async function test_user_activation_perm_migration() { + // Assert initial test state. + Assert.deepEqual( + btp.testGetUserActivationHosts({}), + [], + "No user activation hosts initially." + ); + Assert.equal( + Services.perms.getAllByTypes(["storageAccessAPI"]).length, + 0, + "No user activation permissions initially." + ); + + info("Add test user activation permissions."); + + let now = Date.now(); + + // Non-expired permissions. + PermissionTestUtils.addWithModificationTime( + ORIGIN_A, + "storageAccessAPI", + Services.perms.ALLOW_ACTION, + now + ); + PermissionTestUtils.addWithModificationTime( + ORIGIN_C, + "storageAccessAPI", + Services.perms.ALLOW_ACTION, + now - 1000 + ); + + // A non expired permission for a subdomain of DOMAIN_A that has an older modification time. + PermissionTestUtils.addWithModificationTime( + ORIGIN_SUB_A, + "storageAccessAPI", + Services.perms.ALLOW_ACTION, + now - 500 + ); + + // An expired permission. + PermissionTestUtils.addWithModificationTime( + ORIGIN_B, + "storageAccessAPI", + Services.perms.ALLOW_ACTION, + now - userActivationLifetimeSec * 1.2 * 1000 + ); + + // A non-HTTP permission. + PermissionTestUtils.addWithModificationTime( + ORIGIN_NON_HTTP, + "storageAccessAPI", + Services.perms.ALLOW_ACTION, + now + ); + + // A permission for PBM. Ideally we'd test a more persistent permission type + // here with custom oa, but permission seperation by userContextId isn't + // enabled yet (Bug 1641584). + PermissionTestUtils.addWithModificationTime( + PRINCIPAL_C_PBM, + "storageAccessAPI", + Services.perms.ALLOW_ACTION, + now + ); + + info("Trigger migration."); + btp.testMaybeMigrateUserInteractionPermissions(); + + Assert.deepEqual( + btp + .testGetUserActivationHosts({}) + .map(entry => entry.siteHost) + .sort(), + [DOMAIN_A, DOMAIN_C].sort(), + "Should have imported the correct user activation flags." + ); + Assert.deepEqual( + btp.testGetUserActivationHosts(OA_PBM).map(entry => entry.siteHost), + [DOMAIN_C], + "Should have imported the correct user activation flags for PBM." + ); + + info("Reset the BTP user activation store"); + btp.clearAll(); + + info("Trigger migration again."); + btp.testMaybeMigrateUserInteractionPermissions(); + + Assert.deepEqual( + btp.testGetUserActivationHosts({}), + [], + "Should not have imported the user activation flags again." + ); + Assert.deepEqual( + btp.testGetUserActivationHosts(OA_PBM), + [], + "Should not have imported the user activation flags again for PBM." + ); + + cleanup(); +}); diff --git a/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_purge.js b/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_purge.js index 5ede57a08b..2fbd8a0a02 100644 --- a/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_purge.js +++ b/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/test_bouncetracking_purge.js @@ -6,6 +6,9 @@ http://creativecommons.org/publicdomain/zero/1.0/ */ const { SiteDataTestUtils } = ChromeUtils.importESModule( "resource://testing-common/SiteDataTestUtils.sys.mjs" ); +const { PermissionTestUtils } = ChromeUtils.importESModule( + "resource://testing-common/PermissionTestUtils.sys.mjs" +); let btp; let bounceTrackingGracePeriodSec; @@ -138,6 +141,14 @@ add_task(async function test_purge() { message: "Should purge after grace period.", shouldPurge: true, }, + // Don't purge if the site is allowlisted. + "example2.net": { + bounceTime: timestampOutsideGracePeriodFiveSeconds, + userActivationTime: null, + isAllowListed: true, + message: "Should not purge after grace period if allowlisted.", + shouldPurge: false, + }, // Also ensure that clear data calls with IP sites succeed. "1.2.3.4": { bounceTime: timestampOutsideGracePeriodThreeDays, @@ -191,16 +202,30 @@ add_task(async function test_purge() { let expectedBounceTrackerHosts = []; let expectedUserActivationHosts = []; + let allowListedHosts = []; let expiredUserActivationHosts = []; let expectedPurgedHosts = []; // This would normally happen over time while browsing. let initPromises = Object.entries(TEST_TRACKERS).map( - async ([siteHost, { bounceTime, userActivationTime, shouldPurge }]) => { + async ([ + siteHost, + { bounceTime, userActivationTime, isAllowListed, shouldPurge }, + ]) => { // Add site state so we can later assert it has been purged. await addStateForHost(siteHost); + // Add allowlist entry if needed. + if (isAllowListed) { + PermissionTestUtils.add( + `https://${siteHost}`, + "trackingprotection", + Services.perms.ALLOW_ACTION + ); + allowListedHosts.push(siteHost); + } + if (bounceTime != null) { if (userActivationTime != null) { throw new Error( @@ -210,7 +235,7 @@ add_task(async function test_purge() { expectedBounceTrackerHosts.push(siteHost); - // Convert bounceTime timestamp to nanoseconds (PRTime). + // Convert bounceTime timestamp to microseconds (PRTime). info( `Adding bounce. siteHost: ${siteHost}, bounceTime: ${bounceTime} ms` ); @@ -232,7 +257,7 @@ add_task(async function test_purge() { expiredUserActivationHosts.push(siteHost); } - // Convert userActivationTime timestamp to nanoseconds (PRTime). + // Convert userActivationTime timestamp to microseconds (PRTime). info( `Adding user interaction. siteHost: ${siteHost}, userActivationTime: ${userActivationTime} ms` ); @@ -250,12 +275,18 @@ add_task(async function test_purge() { "Check that bounce and user activation data has been correctly recorded." ); Assert.deepEqual( - btp.testGetBounceTrackerCandidateHosts({}).sort(), + btp + .testGetBounceTrackerCandidateHosts({}) + .map(entry => entry.siteHost) + .sort(), expectedBounceTrackerHosts.sort(), "Has added bounce tracker hosts." ); Assert.deepEqual( - btp.testGetUserActivationHosts({}).sort(), + btp + .testGetUserActivationHosts({}) + .map(entry => entry.siteHost) + .sort(), expectedUserActivationHosts.sort(), "Has added user activation hosts." ); @@ -269,17 +300,29 @@ add_task(async function test_purge() { "Should have purged all expected hosts." ); + // After the purge only the bounce trackers that have not been purged should + // remain in the candidate map. Additionally the allowlisted hosts should be + // removed from the candidate map. let expectedBounceTrackerHostsAfterPurge = expectedBounceTrackerHosts - .filter(host => !expectedPurgedHosts.includes(host)) + .filter( + host => + !expectedPurgedHosts.includes(host) && !allowListedHosts.includes(host) + ) .sort(); Assert.deepEqual( - btp.testGetBounceTrackerCandidateHosts({}).sort(), + btp + .testGetBounceTrackerCandidateHosts({}) + .map(entry => entry.siteHost) + .sort(), expectedBounceTrackerHostsAfterPurge.sort(), "After purge the bounce tracker candidate host set should be updated correctly." ); Assert.deepEqual( - btp.testGetUserActivationHosts({}).sort(), + btp + .testGetUserActivationHosts({}) + .map(entry => entry.siteHost) + .sort(), expiredUserActivationHosts.sort(), "After purge any expired user activation records should have been removed" ); @@ -302,6 +345,7 @@ add_task(async function test_purge() { btp.clearAll(); assertEmpty(); - info("Clean up site data."); + info("Clean up site data and permissions."); await SiteDataTestUtils.clear(); + Services.perms.removeAll(); }); diff --git a/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/xpcshell.toml b/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/xpcshell.toml index c3aeee502f..8195ea7224 100644 --- a/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/xpcshell.toml +++ b/toolkit/components/antitracking/bouncetrackingprotection/test/xpcshell/xpcshell.toml @@ -3,8 +3,11 @@ prefs = [ "privacy.bounceTrackingProtection.enabled=true", "privacy.bounceTrackingProtection.enableTestMode=true", "privacy.bounceTrackingProtection.bounceTrackingPurgeTimerPeriodSec=0", + "privacy.bounceTrackingProtection.enableDryRunMode=false", ] ["test_bouncetracking_clearExpiredUserActivation.js"] +["test_bouncetracking_importUserActivationPermissions.js"] + ["test_bouncetracking_purge.js"] -- cgit v1.2.3