1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
|
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test filling generated passwords into confirm password fields</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<script src="/tests/SimpleTest/EventUtils.js"></script>
<script src="pwmgr_common.js"></script>
<script src="../../../satchel/test/satchel_common.js"></script>
<link rel="stylesheet" href="/tests/SimpleTest/test.css" />
</head>
<body>
<p id="display"></p>
<div id="content"></div>
<pre id="test">
Login Manager test: filling generated passwords into confirm password fields
<template id="form1-template">
<form id="form1" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="pwordNext">
<button type="submit">Submit</button>
</form>
</template>
<template id="form2-template">
<form id="form2" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="pwordNext" value="initial value">
<button type="submit">Submit</button>
</form>
</template>
<template id="form3-template">
<form id="form3" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="pwordNext" readonly>
<button type="submit">Submit</button>
</form>
</template>
<template id="form4-template">
<form id="form4" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="pwordNext" disabled>
<button type="submit">Submit</button>
</form>
</template>
<template id="form5-template">
<form id="form5" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="pwordBetween">
<input type="password" name="pwordNext" autocomplete="new-password">
<button type="submit">Submit</button>
</form>
</template>
<template id="form6-template">
<form id="form6" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="pwordNext">
<input type="password" name="pwordAfter" autocomplete="new-password" disabled>
<button type="submit">Submit</button>
</form>
</template>
<template id="form7-template">
<form id="form7" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="junk0">
<input type="password" name="junk1">
<input type="password" name="junk2">
<input type="password" name="junk3">
<input type="password" name="junk4">
<input type="password" name="pwordNext" autocomplete="new-password">
<button type="submit">Submit</button>
</form>
</template>
<template id="form8-template">
<form id="form8" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="junk0" disabled>
<input type="password" name="junk1" disabled>
<input type="password" name="junk2" disabled>
<input type="password" name="junk3" disabled>
<input type="password" name="junk4" disabled>
<input type="password" name="pwordNext" autocomplete="new-password">
<button type="submit">Submit</button>
</form>
</template>
<template id="form9-template">
<form id="form9" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="hidden" name="junk0">
<input type="hidden" name="junk1">
<input type="hidden" name="junk2">
<input type="hidden" name="junk3">
<input type="hidden" name="junk4">
<input type="password" name="pwordNext" autocomplete="new-password">
<button type="submit">Submit</button>
</form>
</template>
<template id="form10-template">
<form id="form10" action="https://example.com">
<input type="text" name="uname">
<input type="password" name="pword" autocomplete="new-password">
<input type="password" name="pwordNext" autocomplete="new-password">
<input type="password" name="pwordExtra" autocomplete="new-password">
<button type="submit">Submit</button>
</form>
</template>
<script class="testbody" type="text/javascript">
const formTemplates = {
form1: document.getElementById("form1-template"),
form2: document.getElementById("form2-template"),
form3: document.getElementById("form3-template"),
form4: document.getElementById("form4-template"),
form5: document.getElementById("form5-template"),
form6: document.getElementById("form6-template"),
form7: document.getElementById("form7-template"),
form8: document.getElementById("form8-template"),
form9: document.getElementById("form9-template"),
form10: document.getElementById("form10-template"),
};
const setupScript = runInParent(function parentTestSetup() {
const { LoginTestUtils } = ChromeUtils.importESModule(
"resource://testing-common/LoginTestUtils.sys.mjs"
);
addMessageListener(
"resetLoginsAndGeneratedPasswords", () => {
LoginTestUtils.clearData();
LoginTestUtils.resetGeneratedPasswordsCache();
return Promise.resolve();
}
);
});
function resetLoginsAndGeneratedPasswords() {
return setupScript.sendQuery("resetLoginsAndGeneratedPasswords");
}
async function triggerPasswordGeneration(form) {
await openPopupOn(form.pword);
synthesizeKey("KEY_ArrowDown");
synthesizeKey("KEY_Enter");
const storageAddPromise = promiseStorageChanged(["addLogin"]);
await SimpleTest.promiseWaitForCondition(() => !!form.pword.value, "Wait for generated password to get filled");
await storageAddPromise;
}
add_setup(async () => {
SpecialPowers.pushPrefEnv({"set": [["signon.webauthn.autocomplete", false]]});
})
add_named_task("autocomplete menu contains option to generate password", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
const { items } = await openPopupOn(form.pword);
checkAutoCompleteResults(items, [
"Use a Securely Generated Password"
], location.host, "Check all rows are correct");
});
add_named_task("username field highlight", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
ok(!form.uname.matches(":autofill"), "Highlight was not applied to the username field");
});
add_named_task("password field highlight", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
ok(form.pword.matches(":autofill"), "Highlight was applied to the password field");
});
add_named_task("username field is left untouched", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
is(form.uname.value, "", "Value is still empty")
});
add_named_task("generated password looks like a generated password", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
const generatedPassword = form.pword.value;
is(generatedPassword.length, GENERATED_PASSWORD_LENGTH, "Generated password length matches");
ok(generatedPassword.match(GENERATED_PASSWORD_REGEX), "Generated password format matches");
});
add_named_task("password confirmation also gets filled with the generated password", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
await SimpleTest.promiseWaitForCondition(() => form.pword.value == form.pwordNext.value, "Value of the confirm field has been filled with generated password");
});
add_named_task("password field is not masked initially after password generation", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
LOGIN_FIELD_UTILS.checkPasswordMasked(form.pword, false, "password field is not masked after password generation");
LOGIN_FIELD_UTILS.checkPasswordMasked(form.pwordNext, true, "password confirmation field is masked after user input");
});
add_named_task("password field is masked after user input", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
form.pwordNext.focus();
form.pwordNext.select();
synthesizeKey("KEY_Backspace");
synthesizeKey("a");
form.pwordNext.blur();
LOGIN_FIELD_UTILS.checkPasswordMasked(form.pword, true, "password field is masked after user input");
LOGIN_FIELD_UTILS.checkPasswordMasked(form.pwordNext, true, "password confirmation field is also masked after user input");
});
add_named_task("password field highlight is cleared after user input", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
form.pwordNext.focus();
form.pwordNext.select();
synthesizeKey("KEY_Backspace");
synthesizeKey("a");
form.pwordNext.blur();
await SimpleTest.promiseWaitForCondition(() => !form.pwordNext.matches(":autofill"), "Highlight was cleared");
});
add_named_task("generated password can be changed", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
const generatedPassword = form.pword.value;
form.pword.focus();
synthesizeKey("KEY_End");
synthesizeKey("@");
is(form.pword.value, `${generatedPassword}@`, "Value of the password field changed");
});
add_named_task("password confirmation field does not receive changes from password field", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
const generatedPassword = form.pword.value;
// changing the password field value should result in a message sent to the parent process
const messageSentPromise = getPasswordEditedMessage();
form.pword.focus();
synthesizeKey("KEY_End");
synthesizeKey("@");
// bluring results in a "change" event
form.pword.blur();
await messageSentPromise;
await SimpleTest.promiseWaitForCondition(() => form.pwordNext.value == generatedPassword, "Value of the confirm field still holds the original generated password");
ok(form.pwordNext.matches(":autofill"), "Highlight is still applied to password confirmation field");
});
add_named_task("password confirmation field behaves like a normal password field once changed", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
await triggerPasswordGeneration(form);
form.pwordNext.focus();
form.pwordNext.select();
synthesizeKey("KEY_Backspace");
// verify the focused confirm field now masks its input like a normal,
// non-generated password field after being emptied
form.pwordNext.focus();
synthesizeKey("a");
form.pwordNext.blur();
LOGIN_FIELD_UTILS.checkPasswordMasked(form.pwordNext, true, "password confirmation field is masked");
await SimpleTest.promiseWaitForCondition(() => !form.pwordNext.matches(":autofill"), "highlight was cleared");
});
add_named_task("password confirmation also gets filled with the generated password, even if it has been changed to be of type text", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
form.pwordNext.type = "text";
await triggerPasswordGeneration(form);
is(form.pwordNext.value, form.pword.value, "Value of the confirm field has been filled with generated password");
});
add_named_task("password confirmation does not get filled with the generated password if it is not empty", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form2);
await triggerPasswordGeneration(form);
is(form.pwordNext.value, "initial value", "Value of the confirm field has been filled with generated password");
});
add_named_task("password confirmation does not get filled with the generated password if it has been edited", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form1);
form.pwordNext.focus()
sendString("edited value");
await triggerPasswordGeneration(form);
await SimpleTest.promiseWaitForCondition(() => form.pwordNext.value == "edited value", "Value of the confirm field has been filled with generated password");
});
add_named_task("password confirmation does not get filled with the generated password if its readonly", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form3);
await triggerPasswordGeneration(form);
await SimpleTest.promiseWaitForCondition(() => form.pwordNext.value == "", "Value of the confirm field has been filled with generated password");
});
add_named_task("password confirmation does not get filled with the generated password if its disabled", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form4);
await triggerPasswordGeneration(form);
await SimpleTest.promiseWaitForCondition(() => form.pwordNext.value == "", "Value of the confirm field has been filled with generated password");
});
add_named_task("password confirmation matching autocomplete info gets filled with the generated password", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form5);
await triggerPasswordGeneration(form);
is(form.pwordBetween.value, "", "Value of the between field has not been filled");
await SimpleTest.promiseWaitForCondition(() => form.pwordNext.value == form.pword.value, "Value of the confirm field has been filled with generated password");
});
add_named_task("password confirmation matching autocomplete info gets ignored if its disabled, even if has autocomplete info", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form6);
await triggerPasswordGeneration(form);
await SimpleTest.promiseWaitForCondition(() => form.pwordNext.value == form.pword.value, "Value of the confirm field has been filled with generated password");
is(form.pwordAfter.value, "", "Value of the disabled confirmation field has not been filled");
});
add_named_task("password confirmation matching autocomplete info gets ignored there are too many fields in between, even if has autocomplete info", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form7);
await triggerPasswordGeneration(form);
is(form.pwordNext.value, "", "Value of the confirm field has not been filled");
});
add_named_task("password confirmation matching autocomplete info gets ignored there are too many disabled fields in between, even if has autocomplete info", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form8);
await triggerPasswordGeneration(form);
is(form.pwordNext.value, "", "Value of the confirm field has not been filled");
});
add_named_task("password confirmation matching autocomplete info gets filled even if there are many hidden fields in between", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form9);
await triggerPasswordGeneration(form);
await SimpleTest.promiseWaitForCondition(() => form.pwordNext.value == form.pword.value, "Value of the confirm field has been filled with generated password");
});
add_named_task("do not fill third password field after the confirm-password field", async () => {
await resetLoginsAndGeneratedPasswords();
const form = setContentForTask(formTemplates.form10);
await triggerPasswordGeneration(form);
is(form.pwordExtra.value, "", "Value of the additional confirm field has not been filled");
});
</script>
</pre>
</body>
</html>
|
