From d8bbc7858622b6d9c278469aab701ca0b609cddf Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 15 May 2024 05:35:49 +0200 Subject: Merging upstream version 126.0. Signed-off-by: Daniel Baumann --- .../cleardata/tests/browser/browser.toml | 3 - .../cleardata/tests/browser/browser_css_cache.js | 1 + .../cleardata/tests/browser/browser_image_cache.js | 2 + .../tests/browser/browser_preflight_cache.js | 8 +- .../test_moved_origin_directory_cleanup.py | 9 + .../cleardata/tests/unit/test_permissions.js | 4 +- .../tests/unit/test_storage_permission.js | 8 +- .../tests/unit/test_storage_permission_clearing.js | 271 +++++++++++++++++++++ .../components/cleardata/tests/unit/xpcshell.toml | 2 + 9 files changed, 295 insertions(+), 13 deletions(-) create mode 100644 toolkit/components/cleardata/tests/unit/test_storage_permission_clearing.js (limited to 'toolkit/components/cleardata/tests') diff --git a/toolkit/components/cleardata/tests/browser/browser.toml b/toolkit/components/cleardata/tests/browser/browser.toml index 16ecffce02..d13f4f4f32 100644 --- a/toolkit/components/cleardata/tests/browser/browser.toml +++ b/toolkit/components/cleardata/tests/browser/browser.toml @@ -3,21 +3,18 @@ ["browser_auth_tokens.js"] ["browser_css_cache.js"] -https_first_disabled = true support-files = [ "file_css_cache.css", "file_css_cache.html" ] ["browser_image_cache.js"] -https_first_disabled = true support-files = [ "file_image_cache.html", "file_image_cache.jpg" ] ["browser_preflight_cache.js"] -https_first_disabled = true support-files = ["file_cors_preflight.sjs"] ["browser_quota.js"] diff --git a/toolkit/components/cleardata/tests/browser/browser_css_cache.js b/toolkit/components/cleardata/tests/browser/browser_css_cache.js index 47088e5011..61cee8b8d9 100644 --- a/toolkit/components/cleardata/tests/browser/browser_css_cache.js +++ b/toolkit/components/cleardata/tests/browser/browser_css_cache.js @@ -74,6 +74,7 @@ async function cleanupTestTabs() { } add_task(async function test_deleteByPrincipal() { + await SpecialPowers.setBoolPref("dom.security.https_first", false); await addTestTabs(); // Clear data for content principal of A diff --git a/toolkit/components/cleardata/tests/browser/browser_image_cache.js b/toolkit/components/cleardata/tests/browser/browser_image_cache.js index d7116d2502..947d4aba3e 100644 --- a/toolkit/components/cleardata/tests/browser/browser_image_cache.js +++ b/toolkit/components/cleardata/tests/browser/browser_image_cache.js @@ -114,6 +114,7 @@ add_setup(function () { }); add_task(async function test_deleteByPrincipal() { + await SpecialPowers.setBoolPref("dom.security.https_first", false); await addTestTabs(); // Clear data for content principal of A @@ -152,6 +153,7 @@ add_task(async function test_deleteByPrincipal() { }); add_task(async function test_deleteByBaseDomain() { + await SpecialPowers.setBoolPref("dom.security.https_first", false); await addTestTabs(); // Clear data for base domain of A. diff --git a/toolkit/components/cleardata/tests/browser/browser_preflight_cache.js b/toolkit/components/cleardata/tests/browser/browser_preflight_cache.js index d3eabb9e38..8973cc981c 100644 --- a/toolkit/components/cleardata/tests/browser/browser_preflight_cache.js +++ b/toolkit/components/cleardata/tests/browser/browser_preflight_cache.js @@ -9,8 +9,8 @@ const { SiteDataTestUtils } = ChromeUtils.importESModule( const uuidGenerator = Services.uuid; -const ORIGIN_A = "http://example.net"; -const ORIGIN_B = "http://example.org"; +const ORIGIN_A = "https://example.net"; +const ORIGIN_B = "https://example.org"; const PREFLIGHT_URL_PATH = "/browser/toolkit/components/cleardata/tests/browser/file_cors_preflight.sjs"; @@ -45,7 +45,7 @@ async function testDeleteAll( clearDataFlag, { deleteBy = "all", hasUserInput = false } = {} ) { - await BrowserTestUtils.withNewTab("http://example.com", async browser => { + await BrowserTestUtils.withNewTab("https://example.com", async browser => { let token = uuidGenerator.generateUUID().toString(); // Populate the preflight cache. @@ -132,7 +132,7 @@ add_task(async function test_deletePrivateBrowsingCache() { const tab = (browser.gBrowser.selectedTab = BrowserTestUtils.addTab( browser.gBrowser, - "http://example.com" + "https://example.com" )); await BrowserTestUtils.browserLoaded(tab.linkedBrowser); diff --git a/toolkit/components/cleardata/tests/marionette/test_moved_origin_directory_cleanup.py b/toolkit/components/cleardata/tests/marionette/test_moved_origin_directory_cleanup.py index 50f4c93f65..d30cf438e1 100644 --- a/toolkit/components/cleardata/tests/marionette/test_moved_origin_directory_cleanup.py +++ b/toolkit/components/cleardata/tests/marionette/test_moved_origin_directory_cleanup.py @@ -16,6 +16,7 @@ class MovedOriginDirectoryCleanupTestCase(MarionetteTestCase): "privacy.sanitize.sanitizeOnShutdown": True, "privacy.clearOnShutdown.offlineApps": True, "dom.quotaManager.backgroundTask.enabled": False, + "browser.sanitizer.loglevel": "All", } ) self.moved_origin_directory = ( @@ -30,6 +31,13 @@ class MovedOriginDirectoryCleanupTestCase(MarionetteTestCase): with self.marionette.using_context("chrome"): self.marionette.execute_script( """ + let promise = new Promise(resolve => { + function observer() { + Services.obs.removeObserver(observer, "cookie-saved-on-disk"); + resolve(); + } + Services.obs.addObserver(observer, "cookie-saved-on-disk"); + }); Services.cookies.add( "example.local", "path", @@ -43,6 +51,7 @@ class MovedOriginDirectoryCleanupTestCase(MarionetteTestCase): Ci.nsICookie.SAMESITE_NONE, Ci.nsICookie.SCHEME_UNSET ); + return promise; """ ) diff --git a/toolkit/components/cleardata/tests/unit/test_permissions.js b/toolkit/components/cleardata/tests/unit/test_permissions.js index 1f46ab5015..450476183a 100644 --- a/toolkit/components/cleardata/tests/unit/test_permissions.js +++ b/toolkit/components/cleardata/tests/unit/test_permissions.js @@ -88,7 +88,7 @@ add_task(async function test_principal_permissions() { await new Promise(aResolve => { Services.clearData.deleteData( Ci.nsIClearDataService.CLEAR_PERMISSIONS, - value => aResolve() + () => aResolve() ); }); }); @@ -465,7 +465,7 @@ add_task(async function test_3rdpartystorage_permissions() { await new Promise(aResolve => { Services.clearData.deleteData( Ci.nsIClearDataService.CLEAR_PERMISSIONS, - value => aResolve() + () => aResolve() ); }); }); diff --git a/toolkit/components/cleardata/tests/unit/test_storage_permission.js b/toolkit/components/cleardata/tests/unit/test_storage_permission.js index a44e9f2c6a..5ff3e6d15c 100644 --- a/toolkit/components/cleardata/tests/unit/test_storage_permission.js +++ b/toolkit/components/cleardata/tests/unit/test_storage_permission.js @@ -62,7 +62,7 @@ add_task(async function test_removing_storage_permission() { await new Promise(aResolve => { Services.clearData.deleteData( Ci.nsIClearDataService.CLEAR_PERMISSIONS, - value => aResolve() + () => aResolve() ); }); }); @@ -138,7 +138,7 @@ add_task(async function test_removing_storage_permission_from_principal() { await new Promise(aResolve => { Services.clearData.deleteData( Ci.nsIClearDataService.CLEAR_PERMISSIONS, - value => aResolve() + () => aResolve() ); }); }); @@ -240,7 +240,7 @@ add_task(async function test_removing_storage_permission_from_base_domainl() { await new Promise(aResolve => { Services.clearData.deleteData( Ci.nsIClearDataService.CLEAR_PERMISSIONS, - value => aResolve() + () => aResolve() ); }); }); @@ -392,7 +392,7 @@ add_task(async function test_deleteUserInteractionForClearingHistory() { await new Promise(aResolve => { Services.clearData.deleteData( Ci.nsIClearDataService.CLEAR_PERMISSIONS, - value => aResolve() + () => aResolve() ); }); }); diff --git a/toolkit/components/cleardata/tests/unit/test_storage_permission_clearing.js b/toolkit/components/cleardata/tests/unit/test_storage_permission_clearing.js new file mode 100644 index 0000000000..9285236958 --- /dev/null +++ b/toolkit/components/cleardata/tests/unit/test_storage_permission_clearing.js @@ -0,0 +1,271 @@ +/* Any copyright is dedicated to the Public Domain. + http://creativecommons.org/publicdomain/zero/1.0/ */ + +/*** + * Tests clearing storage access and persistent storage permissions + */ + +"use strict"; + +const baseDomain = "example.net"; +const baseDomain2 = "host.org"; +const uri = Services.io.newURI(`https://` + baseDomain); +const uri2 = Services.io.newURI(`https://` + baseDomain2); +const uri3 = Services.io.newURI(`https://www.` + baseDomain); +const principal = Services.scriptSecurityManager.createContentPrincipal( + uri, + {} +); +const principal2 = Services.scriptSecurityManager.createContentPrincipal( + uri2, + {} +); +const principal3 = Services.scriptSecurityManager.createContentPrincipal( + uri3, + {} +); + +add_task(async function test_clearing_by_principal() { + Services.perms.addFromPrincipal( + principal, + "storage-access", + Services.perms.ALLOW_ACTION + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "storage-access" + ), + Services.perms.ALLOW_ACTION, + "There is a storage-access permission set for principal 1" + ); + + Services.perms.addFromPrincipal( + principal, + "persistent-storage", + Services.perms.ALLOW_ACTION + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "persistent-storage" + ), + Services.perms.ALLOW_ACTION, + "There is a persistent-storage permission set for principal 1" + ); + + // Add a principal that shouldn't get cleared + Services.perms.addFromPrincipal( + principal2, + "storage-access", + Services.perms.ALLOW_ACTION + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal2, + "storage-access" + ), + Services.perms.ALLOW_ACTION, + "There is a storage-access permission set for principal 2" + ); + + // Add an unrelated permission which we don't expect to be cleared + Services.perms.addFromPrincipal( + principal, + "desktop-notification", + Services.perms.ALLOW_ACTION + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "desktop-notification" + ), + Services.perms.ALLOW_ACTION, + "There is a desktop-notification permission set for principal 1" + ); + + await new Promise(aResolve => { + Services.clearData.deleteDataFromPrincipal( + principal, + true, + Ci.nsIClearDataService.CLEAR_STORAGE_PERMISSIONS, + value => { + Assert.equal(value, 0); + aResolve(); + } + ); + }); + + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "storage-access" + ), + Services.perms.UNKNOWN_ACTION, + "storage-access permission for principal 1 has been removed" + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "persistent-storage" + ), + Services.perms.UNKNOWN_ACTION, + "persistent-storage permission for principal 1 should be removed" + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal2, + "storage-access" + ), + Services.perms.ALLOW_ACTION, + "storage-access permission for principal 2 should not be removed" + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "desktop-notification" + ), + Services.perms.ALLOW_ACTION, + "desktop-notification permission for principal should not be removed" + ); +}); + +add_task(async function test_clearing_by_baseDomain() { + Services.perms.addFromPrincipal( + principal, + "storage-access", + Services.perms.ALLOW_ACTION + ); + Services.perms.addFromPrincipal( + principal2, + "storage-access", + Services.perms.ALLOW_ACTION + ); + Services.perms.addFromPrincipal( + principal3, + "storage-access", + Services.perms.ALLOW_ACTION + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "storage-access" + ), + Services.perms.ALLOW_ACTION, + "There is a storage-access permission set for principal 1" + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal2, + "storage-access" + ), + Services.perms.ALLOW_ACTION, + "There is a storage-access permission set for principal 2" + ); + + await new Promise(aResolve => { + Services.clearData.deleteDataFromBaseDomain( + baseDomain, + true, + Ci.nsIClearDataService.CLEAR_STORAGE_PERMISSIONS, + value => { + Assert.equal(value, 0); + aResolve(); + } + ); + }); + + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "storage-access" + ), + Services.perms.UNKNOWN_ACTION, + "storage-access permission for principal 1 has been removed" + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal2, + "storage-access" + ), + Services.perms.ALLOW_ACTION, + "storage-access permission for principal 2 should not be removed" + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal3, + "storage-access" + ), + Services.perms.UNKNOWN_ACTION, + "storage-access permission for principal 3 should be removed" + ); +}); + +add_task(async function test_clearing_by_range() { + let currTime = Date.now(); + let modificationTimeTwoHoursAgo = new Date(currTime - 2 * 60 * 60 * 1000); + let modificationTimeThirtyMinsAgo = new Date(currTime - 30 * 60 * 1000); + + Services.perms.testAddFromPrincipalByTime( + principal, + "storage-access", + Services.perms.ALLOW_ACTION, + modificationTimeTwoHoursAgo + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "storage-access" + ), + Services.perms.ALLOW_ACTION, + "There is a storage-access permission set for principal 1" + ); + + Services.perms.testAddFromPrincipalByTime( + principal2, + "persistent-storage", + Services.perms.ALLOW_ACTION, + modificationTimeThirtyMinsAgo + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal2, + "persistent-storage" + ), + Services.perms.ALLOW_ACTION, + "There is a persistent-storage permission set for principal 2" + ); + + let modificationTimeOneHourAgo = new Date(currTime - 60 * 60 * 1000); + // We need to pass in microseconds to the clear data service + // so we multiply the ranges by 1000 + await new Promise(aResolve => { + Services.clearData.deleteDataInTimeRange( + modificationTimeOneHourAgo * 1000, + Date.now() * 1000, + true, + Ci.nsIClearDataService.CLEAR_STORAGE_PERMISSIONS, + value => { + Assert.equal(value, 0); + aResolve(); + } + ); + }); + + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal, + "storage-access" + ), + Services.perms.ALLOW_ACTION, + "storage-access permission for principal 1 should not be removed" + ); + Assert.equal( + Services.perms.testExactPermissionFromPrincipal( + principal2, + "persistent-storage" + ), + Services.perms.UNKNOWN_ACTION, + "persistent-storage permission for principal 2 should be removed" + ); +}); diff --git a/toolkit/components/cleardata/tests/unit/xpcshell.toml b/toolkit/components/cleardata/tests/unit/xpcshell.toml index 2df07abcea..bf2813a401 100644 --- a/toolkit/components/cleardata/tests/unit/xpcshell.toml +++ b/toolkit/components/cleardata/tests/unit/xpcshell.toml @@ -38,3 +38,5 @@ skip-if = ["condprof"] # Bug 1769154 - expected fail w/condprof ["test_security_settings.js"] ["test_storage_permission.js"] + +["test_storage_permission_clearing.js"] -- cgit v1.2.3