blob: de6c5dd9438379c5d595f23642530b37978fe072 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
#!/usr/bin/env python
# -*- coding: UTF-8 -*-
import unittest
import pbtest
from functools import partial
class SupercookieTest(pbtest.PBSeleniumTest):
"""Make sure we detect potential supercookies. """
def get_snitch_map_for(self, origin):
self.open_window() # don't replace the test page to allow for retrying
self.load_url(self.options_url)
CHECK_SNITCH_MAP_JS = (
"return chrome.extension.getBackgroundPage()"
".badger.storage.getStore('snitch_map')"
".getItemClones()[arguments[0]];"
)
return self.js(CHECK_SNITCH_MAP_JS, origin)
def setUp(self):
# enable local learning
self.load_url(self.options_url)
self.wait_for_script("return window.OPTIONS_INITIALIZED")
self.find_el_by_css('#local-learning-checkbox').click()
# test for https://github.com/EFForg/privacybadger/pull/1403
# TODO remove retrying entire test after we revert 879a74f807999a2135e4d48bb5efbd8a1beff4f8
@pbtest.repeat_if_failed(5)
def test_async_tracking_attribution_bug(self):
FIRST_PARTY_BASE = "eff.org"
THIRD_PARTY_BASE = "efforg.github.io"
self.load_url((
"https://privacybadger-tests.{}/html/"
"async_localstorage_attribution_bug.html"
).format(FIRST_PARTY_BASE))
# the above HTML page reloads itself furiously to trigger our bug
# we need to wait for it to finish reloading
self.wait_for_script("return window.DONE_RELOADING === true")
# the HTML page contains:
# an iframe from THIRD_PARTY_BASE that writes to localStorage
self.assertEqual(
pbtest.retry_until(partial(self.get_snitch_map_for, THIRD_PARTY_BASE)),
[FIRST_PARTY_BASE],
msg="Frame sets localStorage but was not flagged as a tracker.")
# and an image from raw.githubusercontent.com that doesn't do any tracking
self.assertFalse(self.get_snitch_map_for("raw.githubusercontent.com"),
msg="Image is not a tracker but was flagged as one.")
def test_should_detect_ls_of_third_party_frame(self):
FIRST_PARTY_BASE = "eff.org"
THIRD_PARTY_BASE = "efforg.github.io"
self.assertFalse(self.get_snitch_map_for(THIRD_PARTY_BASE))
self.load_url((
"https://privacybadger-tests.{}/html/"
"localstorage.html"
).format(FIRST_PARTY_BASE))
# TODO We get some intermittent failures for this test.
# It seems we sometimes miss the setting of localStorage items
# because the script runs after we already checked what's in localStorage.
# We can work around this race condition by reloading the page.
self.driver.refresh()
self.assertEqual(
pbtest.retry_until(partial(self.get_snitch_map_for, THIRD_PARTY_BASE), times=3),
[FIRST_PARTY_BASE]
)
def test_should_not_detect_low_entropy_ls_of_third_party_frame(self):
FIRST_PARTY_BASE = "eff.org"
THIRD_PARTY_BASE = "efforg.github.io"
self.assertFalse(self.get_snitch_map_for(THIRD_PARTY_BASE))
self.load_url((
"https://privacybadger-tests.{}/html/"
"localstorage_low_entropy.html"
).format(FIRST_PARTY_BASE))
self.driver.refresh()
self.assertFalse(self.get_snitch_map_for(THIRD_PARTY_BASE))
def test_should_not_detect_first_party_ls(self):
BASE_DOMAIN = "efforg.github.io"
self.load_url((
"https://{}/privacybadger-test-fixtures/html/"
"localstorage/set_ls.html"
).format(BASE_DOMAIN))
self.driver.refresh()
self.assertFalse(self.get_snitch_map_for(BASE_DOMAIN))
def test_should_not_detect_ls_of_third_party_script(self):
FIRST_PARTY_BASE = "eff.org"
THIRD_PARTY_BASE = "efforg.github.io"
# a third-party script included by the top page (not a 3rd party frame)
self.load_url((
"https://privacybadger-tests.{}/html/"
"localstorage_from_third_party_script.html"
).format(FIRST_PARTY_BASE))
self.driver.refresh()
self.assertFalse(self.get_snitch_map_for(FIRST_PARTY_BASE))
self.assertFalse(self.get_snitch_map_for(THIRD_PARTY_BASE))
if __name__ == "__main__":
unittest.main()
|
