1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
#!/usr/bin/env python
# -*- coding: UTF-8 -*-
import unittest
import pbtest
from popup_test import get_domain_slider_state
class CookieTest(pbtest.PBSeleniumTest):
"""Basic test to make sure the PB doesn't mess up with the cookies."""
def assert_pass_opera_cookie_test(self, url, test_name):
self.load_url(url)
self.assertEqual("PASS", self.txt_by_css("#result"),
"Cookie test failed: %s" % test_name)
def test_should_pass_std_cookie_test(self):
self.assert_pass_opera_cookie_test((
"https://efforg.github.io/privacybadger-test-fixtures/html/"
"first_party_cookie.html"
), "Set 1st party cookie")
def test_cookie_tracker_detection(self):
"""Tests basic cookie tracking. The tracking site has no DNT file,
and gets blocked by PB.
Visits three sites, all of which have an iframe that points to a fourth site
that reads and writes a cookie. The third party cookie will be picked up by
PB after each of the site loads, but no action will be taken. Then the first
site will be reloaded, and the UI will show the third party domain as blocked."""
SITE1_URL = "https://ddrybktjfxh4.cloudfront.net/"
SITE2_URL = "https://d3syxqe9po5ji0.cloudfront.net/"
SITE3_URL = "https://d3b37ucnz1m2l2.cloudfront.net/"
THIRD_PARTY_DOMAIN = "efforg.github.io"
# enable local learning
self.load_url(self.options_url)
self.wait_for_script("return window.OPTIONS_INITIALIZED")
self.find_el_by_css('#local-learning-checkbox').click()
# remove pre-trained domains
self.js(
"chrome.extension.getBackgroundPage()."
"badger.storage.clearTrackerData();"
)
# load the first site with the third party code that reads and writes a cookie
self.load_url(SITE1_URL)
self.load_pb_ui(SITE1_URL)
# TODO it takes another visit (or a page reload)
# TODO to show the domain as not-yet-blocked-but-tracking?
#self.assertIn(THIRD_PARTY_DOMAIN, self.notYetBlocked)
self.close_window_with_url(SITE1_URL)
# go to second site
self.load_url(SITE2_URL)
self.load_pb_ui(SITE2_URL)
self.assertIn(THIRD_PARTY_DOMAIN, self.notYetBlocked)
self.close_window_with_url(SITE2_URL)
# go to third site
self.load_url(SITE3_URL)
self.load_pb_ui(SITE3_URL)
self.assertIn(THIRD_PARTY_DOMAIN, self.notYetBlocked)
self.close_window_with_url(SITE3_URL)
# revisiting the first site should cause
# the third-party domain to be blocked
self.load_url(SITE1_URL)
self.load_pb_ui(SITE1_URL)
self.assertIn(THIRD_PARTY_DOMAIN, self.blocked)
def load_pb_ui(self, target_url):
"""Show the PB popup as a new tab.
If Selenium would let us just programmatically launch an extension from its icon,
we wouldn't need this method. Alas it will not.
But! We can open a new tab and set the url to the extension's popup html page and
test away. That's how most devs test extensions. But**2!! PB's popup code uses
the current tab's url to report the current tracker status. And since we changed
the current tab's url when we loaded the popup as a tab, the popup loses all the
blocker status information from the original tab.
The workaround is to execute a new convenience function in the popup codebase that
looks for a given url in the tabs and, if it finds a match, refreshes the popup
with the associated tabid. Then the correct status information will be displayed
in the popup."""
self.open_window()
self.load_url(self.popup_url)
# get the popup populated with status information for the correct url
self.switch_to_window_with_url(self.popup_url)
self.js("""
/**
* if the query url pattern matches a tab, switch the module's tab object to that tab
*/
(function (url) {
chrome.tabs.query({url}, function (tabs) {
if (!tabs || !tabs.length) {
return;
}
chrome.runtime.sendMessage({
type: "getPopupData",
tabId: tabs[0].id,
tabUrl: tabs[0].url
}, (response) => {
setPopupData(response);
refreshPopup();
window.DONE_REFRESHING = true;
});
});
}(arguments[0]));""", target_url)
# wait for popup to be ready
self.wait_for_script(
"return typeof window.DONE_REFRESHING != 'undefined' &&"
"window.POPUP_INITIALIZED &&"
"window.SLIDERS_DONE"
)
self.get_tracker_state()
def get_tracker_state(self):
"""Parse the UI to group all third party origins into their respective action states."""
self.notYetBlocked = {}
self.cookieBlocked = {}
self.blocked = {}
self.driver.switch_to.window(self.driver.current_window_handle)
domain_divs = self.driver.find_elements_by_css_selector(
"#blockedResourcesInner > div.clicker[data-origin]")
for div in domain_divs:
origin = div.get_attribute('data-origin')
# assert that this origin is never duplicated in the UI
self.assertNotIn(origin, self.notYetBlocked)
self.assertNotIn(origin, self.cookieBlocked)
self.assertNotIn(origin, self.blocked)
# get slider state for given origin
action_type = get_domain_slider_state(self.driver, origin)
# non-tracking domains are hidden by default
# so if we see a slider set to "allow",
# it must be in the tracking-but-not-yet-blocked section
if action_type == 'allow':
self.notYetBlocked[origin] = True
elif action_type == 'cookieblock':
self.cookieBlocked[origin] = True
elif action_type == 'block':
self.blocked[origin] = True
else:
self.fail("what is this?!? %s" % action_type)
if __name__ == "__main__":
unittest.main()
|
