From 43a97878ce14b72f0981164f87f2e35e14151312 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 11:22:09 +0200 Subject: Adding upstream version 110.0.1. Signed-off-by: Daniel Baumann --- netwerk/test/unit/test_httpauth.js | 204 +++++++++++++++++++++++++++++++++++++ 1 file changed, 204 insertions(+) create mode 100644 netwerk/test/unit/test_httpauth.js (limited to 'netwerk/test/unit/test_httpauth.js') diff --git a/netwerk/test/unit/test_httpauth.js b/netwerk/test/unit/test_httpauth.js new file mode 100644 index 0000000000..9c9de82618 --- /dev/null +++ b/netwerk/test/unit/test_httpauth.js @@ -0,0 +1,204 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This test makes sure the HTTP authenticated sessions are correctly cleared +// when entering and leaving the private browsing mode. + +"use strict"; + +function run_test() { + var am = Cc["@mozilla.org/network/http-auth-manager;1"].getService( + Ci.nsIHttpAuthManager + ); + + const kHost1 = "pbtest3.example.com"; + const kHost2 = "pbtest4.example.com"; + const kPort = 80; + const kHTTP = "http"; + const kBasic = "basic"; + const kRealm = "realm"; + const kDomain = "example.com"; + const kUser = "user"; + const kUser2 = "user2"; + const kPassword = "pass"; + const kPassword2 = "pass2"; + const kEmpty = ""; + + const PRIVATE = true; + const NOT_PRIVATE = false; + + try { + var domain = { value: kEmpty }, + user = { value: kEmpty }, + pass = { value: kEmpty }; + // simulate a login via HTTP auth outside of the private mode + am.setAuthIdentity( + kHTTP, + kHost1, + kPort, + kBasic, + kRealm, + kEmpty, + kDomain, + kUser, + kPassword + ); + // make sure the recently added auth entry is available outside the private browsing mode + am.getAuthIdentity( + kHTTP, + kHost1, + kPort, + kBasic, + kRealm, + kEmpty, + domain, + user, + pass, + NOT_PRIVATE + ); + Assert.equal(domain.value, kDomain); + Assert.equal(user.value, kUser); + Assert.equal(pass.value, kPassword); + + // make sure the added auth entry is no longer accessible in private + domain = { value: kEmpty }; + user = { value: kEmpty }; + pass = { value: kEmpty }; + try { + // should throw + am.getAuthIdentity( + kHTTP, + kHost1, + kPort, + kBasic, + kRealm, + kEmpty, + domain, + user, + pass, + PRIVATE + ); + do_throw( + "Auth entry should not be retrievable after entering the private browsing mode" + ); + } catch (e) { + Assert.equal(domain.value, kEmpty); + Assert.equal(user.value, kEmpty); + Assert.equal(pass.value, kEmpty); + } + + // simulate a login via HTTP auth inside of the private mode + am.setAuthIdentity( + kHTTP, + kHost2, + kPort, + kBasic, + kRealm, + kEmpty, + kDomain, + kUser2, + kPassword2, + PRIVATE + ); + // make sure the recently added auth entry is available inside the private browsing mode + domain = { value: kEmpty }; + user = { value: kEmpty }; + pass = { value: kEmpty }; + am.getAuthIdentity( + kHTTP, + kHost2, + kPort, + kBasic, + kRealm, + kEmpty, + domain, + user, + pass, + PRIVATE + ); + Assert.equal(domain.value, kDomain); + Assert.equal(user.value, kUser2); + Assert.equal(pass.value, kPassword2); + + try { + // make sure the recently added auth entry is not available outside the private browsing mode + domain = { value: kEmpty }; + user = { value: kEmpty }; + pass = { value: kEmpty }; + am.getAuthIdentity( + kHTTP, + kHost2, + kPort, + kBasic, + kRealm, + kEmpty, + domain, + user, + pass, + NOT_PRIVATE + ); + do_throw( + "Auth entry should not be retrievable outside of private browsing mode" + ); + } catch (x) { + Assert.equal(domain.value, kEmpty); + Assert.equal(user.value, kEmpty); + Assert.equal(pass.value, kEmpty); + } + + // simulate leaving private browsing mode + Services.obs.notifyObservers(null, "last-pb-context-exited"); + + // make sure the added auth entry is no longer accessible in any privacy state + domain = { value: kEmpty }; + user = { value: kEmpty }; + pass = { value: kEmpty }; + try { + // should throw (not available in public mode) + am.getAuthIdentity( + kHTTP, + kHost2, + kPort, + kBasic, + kRealm, + kEmpty, + domain, + user, + pass, + NOT_PRIVATE + ); + do_throw( + "Auth entry should not be retrievable after exiting the private browsing mode" + ); + } catch (e) { + Assert.equal(domain.value, kEmpty); + Assert.equal(user.value, kEmpty); + Assert.equal(pass.value, kEmpty); + } + try { + // should throw (no longer available in private mode) + am.getAuthIdentity( + kHTTP, + kHost2, + kPort, + kBasic, + kRealm, + kEmpty, + domain, + user, + pass, + PRIVATE + ); + do_throw( + "Auth entry should not be retrievable in private mode after exiting the private browsing mode" + ); + } catch (x) { + Assert.equal(domain.value, kEmpty); + Assert.equal(user.value, kEmpty); + Assert.equal(pass.value, kEmpty); + } + } catch (e) { + do_throw("Unexpected exception while testing HTTP auth manager: " + e); + } +} -- cgit v1.2.3