1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
let TEST_PATH = getRootDirectory(gTestPath).replace(
"chrome://mochitests/content",
"https://example.com"
);
let TEST_PATH_AUTH = getRootDirectory(gTestPath).replace(
"chrome://mochitests/content",
"https://example.org"
);
const CROSS_DOMAIN_URL = TEST_PATH + "redirect-crossDomain.html";
const AUTH_URL = TEST_PATH_AUTH + "auth-route.sjs";
/**
* Opens a new tab with a url that redirects us cross domain
* tests that auth anti-spoofing mechanisms cover url copy while prompt is open
*
*/
async function trigger401AndHandle() {
await SpecialPowers.pushPrefEnv({
set: [["privacy.authPromptSpoofingProtection", true]],
});
let dialogShown = waitForDialogAndCopyURL();
await BrowserTestUtils.withNewTab(CROSS_DOMAIN_URL, async function () {
await dialogShown;
});
await new Promise(resolve => {
Services.clearData.deleteData(
Ci.nsIClearDataService.CLEAR_AUTH_CACHE,
resolve
);
});
}
async function waitForDialogAndCopyURL() {
await TestUtils.topicObserved("common-dialog-loaded");
let dialog = gBrowser.getTabDialogBox(gBrowser.selectedBrowser)
._tabDialogManager._topDialog;
let dialogDocument = dialog._frame.contentDocument;
//select the whole URL
gURLBar.focus();
await SimpleTest.promiseClipboardChange(AUTH_URL, () => {
Assert.equal(gURLBar.value, AUTH_URL, "url bar copy value set");
gURLBar.select();
goDoCommand("cmd_copy");
});
// select only part of the URL
gURLBar.focus();
let endOfSelectionRange = AUTH_URL.indexOf("/auth-route.sjs");
await SimpleTest.promiseClipboardChange(
AUTH_URL.substring(0, endOfSelectionRange),
() => {
Assert.equal(gURLBar.value, AUTH_URL, "url bar copy value set");
gURLBar.selectionStart = 0;
gURLBar.selectionEnd = endOfSelectionRange;
goDoCommand("cmd_copy");
}
);
let onDialogClosed = BrowserTestUtils.waitForEvent(
window,
"DOMModalDialogClosed"
);
dialogDocument.getElementById("commonDialog").cancelDialog();
await onDialogClosed;
Assert.equal(
window.gURLBar.value,
CROSS_DOMAIN_URL,
"No location is provided by the prompt"
);
//select the whole URL after URL is reset to normal
gURLBar.focus();
await SimpleTest.promiseClipboardChange(CROSS_DOMAIN_URL, () => {
Assert.equal(gURLBar.value, CROSS_DOMAIN_URL, "url bar copy value set");
gURLBar.select();
goDoCommand("cmd_copy");
});
}
/**
* Tests that the 401 auth spoofing mechanisms covers the url bar copy action properly,
* canceling the prompt
*/
add_task(async function testUrlCopy() {
await trigger401AndHandle();
});
|