diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /netwerk/test/browser/browser_cookie_filtering_subdomain.js | |
parent | Initial commit. (diff) | |
download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip |
Adding upstream version 115.7.0esr.upstream/115.7.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'netwerk/test/browser/browser_cookie_filtering_subdomain.js')
-rw-r--r-- | netwerk/test/browser/browser_cookie_filtering_subdomain.js | 175 |
1 files changed, 175 insertions, 0 deletions
diff --git a/netwerk/test/browser/browser_cookie_filtering_subdomain.js b/netwerk/test/browser/browser_cookie_filtering_subdomain.js new file mode 100644 index 0000000000..78fcdb07dd --- /dev/null +++ b/netwerk/test/browser/browser_cookie_filtering_subdomain.js @@ -0,0 +1,175 @@ +/* + * Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ + */ + +"use strict"; + +const { + HTTPS_EXAMPLE_ORG, + HTTPS_EXAMPLE_COM, + HTTP_EXAMPLE_COM, + browserTestPath, + waitForAllExpectedTests, + cleanupObservers, + checkExpectedCookies, + fetchHelper, + preclean_test, + cleanup_test, +} = ChromeUtils.importESModule( + "resource://testing-common/cookie_filtering_helper.sys.mjs" +); + +const HTTPS_SUBDOMAIN_1_EXAMPLE_COM = "https://test1.example.com"; +const HTTP_SUBDOMAIN_1_EXAMPLE_COM = "http://test1.example.com"; +const HTTPS_SUBDOMAIN_2_EXAMPLE_COM = "https://test2.example.com"; +const HTTP_SUBDOMAIN_2_EXAMPLE_COM = "http://test2.example.com"; + +// run suite with content listener +// 1. initializes the content process and observer +// 2. runs the test gamut +// 3. cleans up the content process +async function runSuiteWithContentListener(name, triggerSuiteFunc, expected) { + return async function (browser) { + info("Running content suite: " + name); + await SpecialPowers.spawn(browser, [expected, name], checkExpectedCookies); + await triggerSuiteFunc(); + await SpecialPowers.spawn(browser, [], waitForAllExpectedTests); + await SpecialPowers.spawn(browser, [], cleanupObservers); + info("Complete content suite: " + name); + }; +} + +// TEST: domain receives subdomain cookies +async function test_domain() { + await BrowserTestUtils.withNewTab( + { + gBrowser, + url: browserTestPath(HTTPS_EXAMPLE_COM), + }, + await runSuiteWithContentListener( + "test_domain", + triggerSuite, + cookiesFromSuite() + ) + ); +} + +// TEST: insecure domain receives base and sub-domain insecure cookies +async function test_insecure_domain() { + await BrowserTestUtils.withNewTab( + { + gBrowser, + url: browserTestPath(HTTP_EXAMPLE_COM), + }, + + await runSuiteWithContentListener("test_insecure_domain", triggerSuite, [ + "", + "", // HTTPS fetch cookies show as empty strings + "test-cookie-insecure=insecure_domain", + "test-cookie-insecure=insecure_subdomain", + "", + ]) + ); +} + +// TEST: subdomain receives base domain and other sub-domain cookies +async function test_subdomain() { + await BrowserTestUtils.withNewTab( + { + gBrowser, + url: browserTestPath(HTTPS_SUBDOMAIN_2_EXAMPLE_COM), + }, + await runSuiteWithContentListener( + "test_subdomain", + triggerSuite, + cookiesFromSuite() + ) + ); +} + +// TEST: insecure subdomain receives base and sub-domain insecure cookies +async function test_insecure_subdomain() { + await BrowserTestUtils.withNewTab( + { + gBrowser, + url: browserTestPath(HTTP_SUBDOMAIN_2_EXAMPLE_COM), + }, + await runSuiteWithContentListener( + "test_insecure_subdomain", + triggerSuite, + + [ + "", + "", // HTTPS fetch cookies show as empty strings + "test-cookie-insecure=insecure_domain", + "test-cookie-insecure=insecure_subdomain", + "", + ] + ) + ); +} + +function suite() { + var suite = []; + suite.push(["test-cookie=domain", HTTPS_EXAMPLE_COM]); + suite.push(["test-cookie=subdomain", HTTPS_SUBDOMAIN_1_EXAMPLE_COM]); + suite.push(["test-cookie-insecure=insecure_domain", HTTP_EXAMPLE_COM]); + suite.push([ + "test-cookie-insecure=insecure_subdomain", + HTTP_SUBDOMAIN_1_EXAMPLE_COM, + ]); + suite.push(["test-cookie=sentinel", HTTPS_EXAMPLE_COM]); + return suite; +} + +function cookiesFromSuite() { + var cookies = []; + for (var [cookie] of suite()) { + cookies.push(cookie); + } + return cookies; +} + +function cookiesMatchingDomain(domain) { + var s = suite(); + var result = []; + for (var [cookie, dom] of s) { + if (dom == domain) { + result.push(cookie); + } + } + return result; +} + +function justSitename(maybeSchemefulMaybeSubdomainSite) { + let mssArray = maybeSchemefulMaybeSubdomainSite.split("://"); + let maybesubdomain = mssArray[mssArray.length - 1]; + let msdArray = maybesubdomain.split("."); + return msdArray.slice(msdArray.length - 2, msdArray.length).join("."); +} + +// triggers set-cookie, which will trigger cookie-changed messages +// messages will be filtered against the cookie list created from above +// only unfiltered messages should make it to the content process +async function triggerSuite() { + let triggerCookies = suite(); + for (var [cookie, schemefulDomain] of triggerCookies) { + let secure = false; + if (schemefulDomain.includes("https")) { + secure = true; + } + + var url = + browserTestPath(schemefulDomain) + "cookie_filtering_resource.sjs"; + await fetchHelper(url, cookie, secure, justSitename(schemefulDomain)); + Services.cookies.removeAll(); // clean cookies across secure/insecure runs + } +} + +add_task(preclean_test); +add_task(test_domain); // 5 +add_task(test_insecure_domain); // 2 +add_task(test_subdomain); // 5 +add_task(test_insecure_subdomain); // 2 +add_task(cleanup_test); |