summaryrefslogtreecommitdiffstats
path: root/toolkit/components/antitracking/test/browser/browser_thirdPartyStorageRejectionForCORS.js
blob: b415594662d88a3041a3fd61bef8d8c92ba10656 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

// This test works by setting up an exception for the tracker domain, which
// disables all the anti-tracking tests.

add_task(async _ => {
  PermissionTestUtils.add(
    "http://example.net",
    "cookie",
    Services.perms.ALLOW_ACTION
  );

  registerCleanupFunction(_ => {
    Services.perms.removeAll();
  });
});

AntiTracking._createTask({
  name: "Test that we don't store 3P cookies from non-anonymous CORS XHR",
  cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
  blockingByContentBlockingRTUI: false,
  allowList: false,
  thirdPartyPage: TEST_DOMAIN + TEST_PATH + "3rdParty.html",
  callback: async _ => {
    await new Promise(resolve => {
      const xhr = new XMLHttpRequest();
      xhr.open(
        "GET",
        "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/cookiesCORS.sjs?some;max-age=999999",
        true
      );
      xhr.withCredentials = true;
      xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
      xhr.onreadystatechange = _ => {
        if (4 === xhr.readyState && 200 === xhr.status) {
          resolve();
        }
      };
      xhr.send();
    });
  },
  extraPrefs: [["network.cookie.rejectForeignWithExceptions.enabled", true]],
  expectedBlockingNotifications:
    Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN,
  runInPrivateWindow: false,
  iframeSandbox: null,
  accessRemoval: null,
  callbackAfterRemoval: null,
});

add_task(async _ => {
  await new Promise(resolve => {
    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
      resolve()
    );
  });
});

AntiTracking._createTask({
  name: "Test that we don't store 3P cookies from non-anonymous CORS XHR",
  cookieBehavior: BEHAVIOR_REJECT_FOREIGN,
  blockingByContentBlockingRTUI: false,
  allowList: false,
  thirdPartyPage: TEST_DOMAIN + TEST_PATH + "3rdParty.html",
  callback: async _ => {
    await new Promise(resolve => {
      const xhr = new XMLHttpRequest();
      xhr.open(
        "GET",
        "https://tracking.example.org/browser/toolkit/components/antitracking/test/browser/cookiesCORS.sjs?some;max-age=999999",
        true
      );
      xhr.withCredentials = true;
      xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
      xhr.onreadystatechange = _ => {
        if (4 === xhr.readyState && 200 === xhr.status) {
          resolve();
        }
      };
      xhr.send();
    });
  },
  extraPrefs: [["network.cookie.rejectForeignWithExceptions.enabled", false]],
  expectedBlockingNotifications:
    Ci.nsIWebProgressListener.STATE_COOKIES_BLOCKED_FOREIGN,
  runInPrivateWindow: false,
  iframeSandbox: null,
  accessRemoval: null,
  callbackAfterRemoval: null,
});

add_task(async _ => {
  await new Promise(resolve => {
    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
      resolve()
    );
  });
});
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-07 15:45:56 +0000