1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
"use strict";
const HOSTS = new Set(["example.com", "example.org"]);
const server = createHttpServer({ hosts: HOSTS });
const BASE_URL = "http://example.com";
const FETCH_ORIGIN = "http://example.com/dummy";
server.registerPathHandler("/return_headers.sjs", (request, response) => {
response.setHeader("Content-Type", "text/plain", false);
let headers = {};
for (let { data: header } of request.headers) {
headers[header] = request.getHeader(header);
}
response.write(JSON.stringify(headers));
});
server.registerPathHandler("/dummy", (request, response) => {
response.setStatusLine(request.httpVersion, 200, "OK");
response.write("ok");
});
function getExtension(permission = "<all_urls>") {
return ExtensionTestUtils.loadExtension({
manifest: {
permissions: ["webRequest", "webRequestBlocking", permission],
},
background() {
browser.webRequest.onBeforeSendHeaders.addListener(
details => {
details.requestHeaders.push({ name: "Host", value: "example.org" });
return { requestHeaders: details.requestHeaders };
},
{ urls: ["<all_urls>"] },
["blocking", "requestHeaders"]
);
},
});
}
add_task(async function test_host_header_accepted() {
let extension = getExtension();
await extension.startup();
let headers = JSON.parse(
await ExtensionTestUtils.fetch(
FETCH_ORIGIN,
`${BASE_URL}/return_headers.sjs`
)
);
equal(headers.host, "example.org", "Host header was set on request");
await extension.unload();
});
add_task(async function test_host_header_denied() {
let extension = getExtension(`${BASE_URL}/`);
await extension.startup();
let headers = JSON.parse(
await ExtensionTestUtils.fetch(
FETCH_ORIGIN,
`${BASE_URL}/return_headers.sjs`
)
);
equal(headers.host, "example.com", "Host header was not set on request");
await extension.unload();
});
add_task(async function test_host_header_restricted() {
Services.prefs.setCharPref(
"extensions.webextensions.restrictedDomains",
"example.org"
);
registerCleanupFunction(() => {
Services.prefs.clearUserPref("extensions.webextensions.restrictedDomains");
});
let extension = getExtension();
await extension.startup();
let headers = JSON.parse(
await ExtensionTestUtils.fetch(
FETCH_ORIGIN,
`${BASE_URL}/return_headers.sjs`
)
);
equal(headers.host, "example.com", "Host header was not set on request");
await extension.unload();
});
|