1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
// Note that E2E test doesn't seem possible via setting a cookie
// from xpcshell (main process) since:
// 1. setCookieStringFromHttp requires a valid URL
// 2. setCookieStringFromDocument requires access to the document
// 3. Services.cookies.add() is just a backdoor that will bypass
// Similarly, even with a browser test, in order to call
// content.document.cookie we would need to SpecialPowers.spawn
// into a BrowserTestUtils tab which requires a valid URL
// not possible to make a valid url with non-ipv4 hostname ending in a number
add_task(async function test_url_failure() {
let validUrl = Services.io.newURI("https://example.com/");
Assert.equal(validUrl.host, "example.com");
// ipv4 ending in number is fine
let validUrl2 = Services.io.newURI("https://1.2.3.4");
Assert.equal(validUrl2.host, "1.2.3.4");
// non-ipv4 ending in number is not
try {
Assert.throws(
() => {
Services.io.newURI("https://example.0");
},
/NS_ERROR_MALFORMED_URI/,
"non-ipv3 ending in number throws"
);
} catch {}
});
add_task(async function test_migrate_invalid_cookie() {
let profile = do_get_profile();
let dbFile = do_get_cookie_file(profile);
Assert.ok(!dbFile.exists());
let schema12db = new CookieDatabaseConnection(dbFile, 12);
let now = Date.now() * 1000; // date in microseconds
let futureExpiry = Math.round(now / 1e6 + 1000);
let cookie1 = new Cookie(
"cookie-name1",
"cookie-value1",
"cookie-host1.com",
"/", // path
futureExpiry,
now,
now,
false,
false,
false
);
// non-ipv4 urls that have a hostname ending in a number are now invalid
let badcookie = new Cookie(
"cookie-name",
"cookie-value",
"cookie-host.0",
"/", // path
futureExpiry,
now,
now,
false,
false,
false
);
let cookie2 = new Cookie(
"cookie-name2",
"cookie-value2",
"cookie-host2.com",
"/", // path
futureExpiry,
now,
now,
false,
false,
false
);
schema12db.insertCookie(cookie1);
schema12db.insertCookie(badcookie);
schema12db.insertCookie(cookie2);
// check that 3 cookies were added to the db
Assert.equal(do_count_cookies_in_db(schema12db.db), 3);
Assert.equal(do_count_cookies_in_db(schema12db.db, "cookie-host1.com"), 1);
Assert.equal(do_count_cookies_in_db(schema12db.db, "cookie-host2.com"), 1);
Assert.equal(do_count_cookies_in_db(schema12db.db, "cookie-host.0"), 1);
// start the cookie service, pull the data into memory
// check that cookie1 and cookie2 were brought into memory
// and that badcookie was not
let cookie1Exists = false;
let cookie2Exists = false;
let badcookieExists = false;
for (let cookie of Services.cookies.cookies) {
if (cookie.host == "cookie-host1.com") {
cookie1Exists = true;
}
if (cookie.host == "cookie-host2.com") {
cookie2Exists = true;
}
if (cookie.host == "cookie-host.0") {
badcookieExists = true;
}
}
Assert.ok(cookie1Exists, "Cookie 1 was inadvertently removed");
Assert.ok(cookie2Exists, "Cookie 2 was inadvertently removed");
Assert.ok(!badcookieExists, "Bad cookie was not filtered by migration");
// Schema was upgraded by cookie service
Assert.equal(schema12db.db.schemaVersion, 13);
// reload to make sure removal was written correctly
await promise_close_profile();
do_load_profile();
// check that the db was also updated
Assert.equal(do_count_cookies_in_db(schema12db.db), 2);
Assert.equal(do_count_cookies_in_db(schema12db.db, "cookie-host1.com"), 1);
Assert.equal(do_count_cookies_in_db(schema12db.db, "cookie-host2.com"), 1);
Assert.equal(do_count_cookies_in_db(schema12db.db, "cookie-host.0"), 0);
schema12db.close();
});
|
