From 6bf0a5cb5034a7e684dcc3500e841785237ce2dd Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 19:32:43 +0200 Subject: Adding upstream version 1:115.7.0. Signed-off-by: Daniel Baumann --- browser/base/content/test/sanitize/head.js | 329 +++++++++++++++++++++++++++++ 1 file changed, 329 insertions(+) create mode 100644 browser/base/content/test/sanitize/head.js (limited to 'browser/base/content/test/sanitize/head.js') diff --git a/browser/base/content/test/sanitize/head.js b/browser/base/content/test/sanitize/head.js new file mode 100644 index 0000000000..161ccdc9fc --- /dev/null +++ b/browser/base/content/test/sanitize/head.js @@ -0,0 +1,329 @@ +ChromeUtils.defineESModuleGetters(this, { + Downloads: "resource://gre/modules/Downloads.sys.mjs", + FormHistory: "resource://gre/modules/FormHistory.sys.mjs", + PermissionTestUtils: "resource://testing-common/PermissionTestUtils.sys.mjs", + PlacesUtils: "resource://gre/modules/PlacesUtils.sys.mjs", + Sanitizer: "resource:///modules/Sanitizer.sys.mjs", + SiteDataTestUtils: "resource://testing-common/SiteDataTestUtils.sys.mjs", +}); + +function createIndexedDB(host, originAttributes) { + let uri = Services.io.newURI("https://" + host); + let principal = Services.scriptSecurityManager.createContentPrincipal( + uri, + originAttributes + ); + return SiteDataTestUtils.addToIndexedDB(principal.origin); +} + +function checkIndexedDB(host, originAttributes) { + return new Promise(resolve => { + let data = true; + let uri = Services.io.newURI("https://" + host); + let principal = Services.scriptSecurityManager.createContentPrincipal( + uri, + originAttributes + ); + let request = indexedDB.openForPrincipal(principal, "TestDatabase", 1); + request.onupgradeneeded = function (e) { + data = false; + }; + request.onsuccess = function (e) { + resolve(data); + }; + }); +} + +function createHostCookie(host, originAttributes) { + Services.cookies.add( + host, + "/test", + "foo", + "bar", + false, + false, + false, + Date.now() + 24000 * 60 * 60, + originAttributes, + Ci.nsICookie.SAMESITE_NONE, + Ci.nsICookie.SCHEME_HTTPS + ); +} + +function createDomainCookie(host, originAttributes) { + Services.cookies.add( + "." + host, + "/test", + "foo", + "bar", + false, + false, + false, + Date.now() + 24000 * 60 * 60, + originAttributes, + Ci.nsICookie.SAMESITE_NONE, + Ci.nsICookie.SCHEME_HTTPS + ); +} + +function checkCookie(host, originAttributes) { + for (let cookie of Services.cookies.cookies) { + if ( + ChromeUtils.isOriginAttributesEqual( + originAttributes, + cookie.originAttributes + ) && + cookie.host.includes(host) + ) { + return true; + } + } + return false; +} + +async function deleteOnShutdown(opt) { + // Let's clean up all the data. + await new Promise(resolve => { + Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, resolve); + }); + + await SpecialPowers.pushPrefEnv({ + set: [ + ["privacy.sanitize.sanitizeOnShutdown", opt.sanitize], + ["privacy.clearOnShutdown.cookies", opt.sanitize], + ["privacy.clearOnShutdown.offlineApps", opt.sanitize], + ["browser.sanitizer.loglevel", "All"], + ], + }); + + // Custom permission without considering OriginAttributes + if (opt.cookiePermission !== undefined) { + let uri = Services.io.newURI("https://www.example.com"); + PermissionTestUtils.add(uri, "cookie", opt.cookiePermission); + } + + // Let's create a tab with some data. + await opt.createData( + (opt.fullHost ? "www." : "") + "example.org", + opt.originAttributes + ); + ok( + await opt.checkData( + (opt.fullHost ? "www." : "") + "example.org", + opt.originAttributes + ), + "We have data for www.example.org" + ); + await opt.createData( + (opt.fullHost ? "www." : "") + "example.com", + opt.originAttributes + ); + ok( + await opt.checkData( + (opt.fullHost ? "www." : "") + "example.com", + opt.originAttributes + ), + "We have data for www.example.com" + ); + + // Cleaning up. + await Sanitizer.runSanitizeOnShutdown(); + + // All gone! + is( + !!(await opt.checkData( + (opt.fullHost ? "www." : "") + "example.org", + opt.originAttributes + )), + opt.expectedForOrg, + "Do we have data for www.example.org?" + ); + is( + !!(await opt.checkData( + (opt.fullHost ? "www." : "") + "example.com", + opt.originAttributes + )), + opt.expectedForCom, + "Do we have data for www.example.com?" + ); + + // Clean up. + await Sanitizer.sanitize(["cookies", "offlineApps"]); + + if (opt.cookiePermission !== undefined) { + let uri = Services.io.newURI("https://www.example.com"); + PermissionTestUtils.remove(uri, "cookie"); + } +} + +function runAllCookiePermissionTests(originAttributes) { + let tests = [ + { name: "IDB", createData: createIndexedDB, checkData: checkIndexedDB }, + { + name: "Host Cookie", + createData: createHostCookie, + checkData: checkCookie, + }, + { + name: "Domain Cookie", + createData: createDomainCookie, + checkData: checkCookie, + }, + ]; + + // Delete all, no custom permission, data in example.com, cookie permission set + // for www.example.com + tests.forEach(methods => { + add_task(async function deleteStorageOnShutdown() { + info( + methods.name + + ": Delete all, no custom permission, data in example.com, cookie permission set for www.example.com - OA: " + + originAttributes.name + ); + await deleteOnShutdown({ + sanitize: true, + createData: methods.createData, + checkData: methods.checkData, + originAttributes: originAttributes.oa, + cookiePermission: undefined, + expectedForOrg: false, + expectedForCom: false, + fullHost: false, + }); + }); + }); + + // Delete all, no custom permission, data in www.example.com, cookie permission + // set for www.example.com + tests.forEach(methods => { + add_task(async function deleteStorageOnShutdown() { + info( + methods.name + + ": Delete all, no custom permission, data in www.example.com, cookie permission set for www.example.com - OA: " + + originAttributes.name + ); + await deleteOnShutdown({ + sanitize: true, + createData: methods.createData, + checkData: methods.checkData, + originAttributes: originAttributes.oa, + cookiePermission: undefined, + expectedForOrg: false, + expectedForCom: false, + fullHost: true, + }); + }); + }); + + // All is session, but with ALLOW custom permission, data in example.com, + // cookie permission set for www.example.com + tests.forEach(methods => { + add_task(async function deleteStorageWithCustomPermission() { + info( + methods.name + + ": All is session, but with ALLOW custom permission, data in example.com, cookie permission set for www.example.com - OA: " + + originAttributes.name + ); + await deleteOnShutdown({ + sanitize: true, + createData: methods.createData, + checkData: methods.checkData, + originAttributes: originAttributes.oa, + cookiePermission: Ci.nsICookiePermission.ACCESS_ALLOW, + expectedForOrg: false, + expectedForCom: true, + fullHost: false, + }); + }); + }); + + // All is session, but with ALLOW custom permission, data in www.example.com, + // cookie permission set for www.example.com + tests.forEach(methods => { + add_task(async function deleteStorageWithCustomPermission() { + info( + methods.name + + ": All is session, but with ALLOW custom permission, data in www.example.com, cookie permission set for www.example.com - OA: " + + originAttributes.name + ); + await deleteOnShutdown({ + sanitize: true, + createData: methods.createData, + checkData: methods.checkData, + originAttributes: originAttributes.oa, + cookiePermission: Ci.nsICookiePermission.ACCESS_ALLOW, + expectedForOrg: false, + expectedForCom: true, + fullHost: true, + }); + }); + }); + + // All is default, but with SESSION custom permission, data in example.com, + // cookie permission set for www.example.com + tests.forEach(methods => { + add_task(async function deleteStorageOnlyCustomPermission() { + info( + methods.name + + ": All is default, but with SESSION custom permission, data in example.com, cookie permission set for www.example.com - OA: " + + originAttributes.name + ); + await deleteOnShutdown({ + sanitize: false, + createData: methods.createData, + checkData: methods.checkData, + originAttributes: originAttributes.oa, + cookiePermission: Ci.nsICookiePermission.ACCESS_SESSION, + expectedForOrg: true, + // expected data just for example.com when using indexedDB because + // QuotaManager deletes for principal. + expectedForCom: false, + fullHost: false, + }); + }); + }); + + // All is default, but with SESSION custom permission, data in www.example.com, + // cookie permission set for www.example.com + tests.forEach(methods => { + add_task(async function deleteStorageOnlyCustomPermission() { + info( + methods.name + + ": All is default, but with SESSION custom permission, data in www.example.com, cookie permission set for www.example.com - OA: " + + originAttributes.name + ); + await deleteOnShutdown({ + sanitize: false, + createData: methods.createData, + checkData: methods.checkData, + originAttributes: originAttributes.oa, + cookiePermission: Ci.nsICookiePermission.ACCESS_SESSION, + expectedForOrg: true, + expectedForCom: false, + fullHost: true, + }); + }); + }); + + // Session mode, but with unsupported custom permission, data in + // www.example.com, cookie permission set for www.example.com + tests.forEach(methods => { + add_task(async function deleteStorageOnlyCustomPermission() { + info( + methods.name + + ": All is session only, but with unsupported custom custom permission, data in www.example.com, cookie permission set for www.example.com - OA: " + + originAttributes.name + ); + await deleteOnShutdown({ + sanitize: true, + createData: methods.createData, + checkData: methods.checkData, + originAttributes: originAttributes.oa, + cookiePermission: 123, // invalid cookie permission + expectedForOrg: false, + expectedForCom: false, + fullHost: true, + }); + }); + }); +} -- cgit v1.2.3