diff options
Diffstat (limited to 'browser/components/originattributes/test/browser/browser_permissions.js')
| -rw-r--r-- | browser/components/originattributes/test/browser/browser_permissions.js | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/browser/components/originattributes/test/browser/browser_permissions.js b/browser/components/originattributes/test/browser/browser_permissions.js new file mode 100644 index 0000000000..27819e6443 --- /dev/null +++ b/browser/components/originattributes/test/browser/browser_permissions.js @@ -0,0 +1,91 @@ +/** + * Bug 1282655 - Test if site permissions are universal across origin attributes. + * + * This test is testing the cookie "permission" for a specific URI. + */ + +const { PermissionTestUtils } = ChromeUtils.importESModule( + "resource://testing-common/PermissionTestUtils.sys.mjs" +); + +const TEST_PAGE = "https://example.net"; +const uri = Services.io.newURI(TEST_PAGE); + +async function disableCookies() { + Services.cookies.removeAll(); + PermissionTestUtils.add(uri, "cookie", Services.perms.DENY_ACTION); + + // A workaround for making this test working. In Bug 1330467, we separate the + // permissions between different firstPartyDomains, but not for the + // userContextID and the privateBrowsingId. So we need to manually add the + // permission for FPDs in order to make this test working. This test should be + // eventually removed once the permissions are isolated by OAs. + let principal = Services.scriptSecurityManager.createContentPrincipal(uri, { + firstPartyDomain: "example.com", + }); + PermissionTestUtils.add(principal, "cookie", Services.perms.DENY_ACTION); + + principal = Services.scriptSecurityManager.createContentPrincipal(uri, { + firstPartyDomain: "example.org", + }); + PermissionTestUtils.add(principal, "cookie", Services.perms.DENY_ACTION); +} + +async function ensureCookieNotSet(aBrowser) { + await SpecialPowers.spawn(aBrowser, [], async function () { + content.document.cookie = "key=value; SameSite=None; Secure;"; + Assert.equal( + content.document.cookie, + "", + "Setting/reading cookies should be disabled" + + " for this domain for all origin attribute combinations." + ); + }); +} + +IsolationTestTools.runTests( + TEST_PAGE, + ensureCookieNotSet, + () => true, + disableCookies +); + +async function enableCookies() { + Services.cookies.removeAll(); + PermissionTestUtils.add(uri, "cookie", Services.perms.ALLOW_ACTION); + + // A workaround for making this test working. + let principal = Services.scriptSecurityManager.createContentPrincipal(uri, { + firstPartyDomain: "example.com", + }); + PermissionTestUtils.add(principal, "cookie", Services.perms.ALLOW_ACTION); + + principal = Services.scriptSecurityManager.createContentPrincipal(uri, { + firstPartyDomain: "example.org", + }); + PermissionTestUtils.add(principal, "cookie", Services.perms.ALLOW_ACTION); +} + +async function ensureCookieSet(aBrowser) { + await SpecialPowers.spawn(aBrowser, [], function () { + content.document.cookie = "key=value; SameSite=None; Secure;"; + Assert.equal( + content.document.cookie, + "key=value", + "Setting/reading cookies should be" + + " enabled for this domain for all origin attribute combinations." + ); + }); +} + +IsolationTestTools.runTests( + TEST_PAGE, + ensureCookieSet, + () => true, + enableCookies +); + +registerCleanupFunction(() => { + SpecialPowers.clearUserPref("network.cookie.sameSite.laxByDefault"); + Services.cookies.removeAll(); +}); |