Adding upstream version 1:115.7.0.upstream/1%115.7.0 upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-07 17:32:43 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-07 17:32:43 +0000
commit: 6bf0a5cb5034a7e684dcc3500e841785237ce2dd (patch)
tree: a68f146d7fa01f0134297619fbe7e33db084e0aa /toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_downgrade.html
parent: Initial commit. (diff)
download: thunderbird-6bf0a5cb5034a7e684dcc3500e841785237ce2dd.tar.xz
thunderbird-6bf0a5cb5034a7e684dcc3500e841785237ce2dd.zip
1 files changed, 105 insertions, 0 deletions
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_downgrade.html b/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_downgrade.html
new file mode 100644
index 0000000000..109b3e91c6
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_downgrade.html
@@ -0,0 +1,105 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Test autocomplete on an HTTPS page using upgraded HTTP logins</title>
+  <script src="/tests/SimpleTest/SimpleTest.js"></script>
+  <script src="/tests/SimpleTest/EventUtils.js"></script>
+  <script type="text/javascript" src="../../../satchel/test/satchel_common.js"></script>
+  <script type="text/javascript" src="pwmgr_common.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<p id="display"></p>
+
+<!-- we presumably can't hide the content for this test. -->
+<div id="content">
+  <iframe></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+const origin = "http://" + window.location.host;
+const secureOrigin = "https://" + window.location.host;
+const iframe = document.getElementsByTagName("iframe")[0];
+let iframeDoc, hostname;
+let uname;
+let pword;
+
+// Restore the form to the default state.
+function restoreForm() {
+  return SpecialPowers.spawn(getIframeBrowsingContext(window), [], function() {
+    this.content.document.getElementById("form-basic-password").focus();
+    this.content.document.getElementById("form-basic-username").value = "";
+    this.content.document.getElementById("form-basic-password").value = "";
+    this.content.document.getElementById("form-basic-username").focus();
+  });
+}
+
+const HTTP_FORM_URL = origin + "/tests/toolkit/components/passwordmgr/test/mochitest/form_basic.html";
+
+add_setup(async () => {
+  await setStoredLoginsAsync(
+    // We have two actual HTTPS to avoid autofill before the schemeUpgrades pref flips to true.
+    [secureOrigin, secureOrigin, null, "name", "pass", "uname", "pword"],
+    [secureOrigin, secureOrigin, null, "name1", "pass1", "uname", "pword"],
+    // Same as above but HTTP instead of HTTPS (to test de-duping)
+    [origin, origin, null, "name1", "pass1", "uname", "pword"],
+    // Different HTTP login to upgrade with secure formActionOrigin
+    [origin, secureOrigin, null, "name2", "passHTTPtoHTTPS", "uname", "pword"]
+  );
+});
+
+async function setup(formUrl) {
+  await SpecialPowers.pushPrefEnv({"set": [["signon.schemeUpgrades", true]]});
+
+  let processedPromise = promiseFormsProcessed();
+  iframe.src = formUrl;
+  await new Promise(resolve => {
+    iframe.addEventListener("load", function() {
+      resolve();
+    }, {once: true});
+  });
+
+  await processedPromise;
+
+  hostname = await SpecialPowers.spawn(getIframeBrowsingContext(window), [], function() {
+    return this.content.document.documentURIObject.host;
+  });
+}
+
+add_task(async function test_autocomplete_https_downgrade() {
+  info("test_autocomplete_http, setup with " + HTTP_FORM_URL);
+  await setup(HTTP_FORM_URL);
+
+  LoginManager.getAllLogins().then(logins => {
+    info("got logins: " + logins.map(l => l.origin));
+  });
+  // from a HTTP page, look for matching logins, we should never offer a login with an HTTPS scheme
+  // we're expecting just login2 as a match
+  let isCrossOrigin = false;
+  try {
+    // If this is a cross-origin test, the parent will be inaccessible. The fields
+    // should not be filled in.
+    window.parent.windowGlobalChild;
+  } catch(ex) {
+    isCrossOrigin = true;
+  }
+
+  await checkLoginFormInFrame(iframe, "form-basic-username", isCrossOrigin ? "" : "name1",
+                                      "form-basic-password", isCrossOrigin ? "" : "pass1");
+
+  // Trigger autocomplete popup
+  await restoreForm();
+  let popupState = await getPopupState();
+  is(popupState.open, false, "Check popup is initially closed");
+  const autocompleteItems = await popupByArrowDown();
+  info("got results: " + autocompleteItems.join(", "));
+  popupState = await getPopupState();
+  is(popupState.selectedIndex, -1, "Check no entries are selected");
+  checkAutoCompleteResults(autocompleteItems, ["This connection is not secure. Logins entered here could be compromised. Learn More", "name1", "name2"], hostname, "initial");
+});
+</script>
+</pre>
+</body>
+</html>
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-07 17:32:43 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-07 17:32:43 +0000
commit	6bf0a5cb5034a7e684dcc3500e841785237ce2dd (patch)
tree	a68f146d7fa01f0134297619fbe7e33db084e0aa /toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_downgrade.html
parent	Initial commit. (diff)
download	thunderbird-6bf0a5cb5034a7e684dcc3500e841785237ce2dd.tar.xz thunderbird-6bf0a5cb5034a7e684dcc3500e841785237ce2dd.zip