1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
<!DOCTYPE HTML>
<html>
<head>
<title>WebExtension test</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<script src="/tests/SimpleTest/ExtensionTestUtils.js"></script>
<script type="text/javascript" src="head.js"></script>
<script type="text/javascript" src="head_cookies.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<script type="text/javascript">
"use strict";
add_task(async function init() {
// We need to trigger a cookie eviction in order to test our batch delete
// observer.
// Set quotaPerHost to maxPerHost - 1, so there is only one cookie
// will be evicted everytime.
SpecialPowers.setIntPref("network.cookie.quotaPerHost", 2);
SpecialPowers.setIntPref("network.cookie.maxPerHost", 3);
SimpleTest.registerCleanupFunction(() => {
SpecialPowers.clearUserPref("network.cookie.quotaPerHost");
SpecialPowers.clearUserPref("network.cookie.maxPerHost");
});
});
add_task(async function test_good_cookie_permissions() {
info("Test matching, non-secure domain with non-secure cookie");
await testCookies({
permissions: ["http://example.com/", "cookies"],
url: "http://example.com/",
domain: "example.com",
secure: false,
shouldPass: true,
});
info("Test matching, secure domain with non-secure cookie");
await testCookies({
permissions: ["https://example.com/", "cookies"],
url: "https://example.com/",
domain: "example.com",
secure: false,
shouldPass: true,
});
info("Test matching, secure domain with secure cookie");
await testCookies({
permissions: ["https://example.com/", "cookies"],
url: "https://example.com/",
domain: "example.com",
secure: true,
shouldPass: true,
});
info("Test matching subdomain with superdomain privileges, secure cookie (https)");
await testCookies({
permissions: ["https://foo.bar.example.com/", "cookies"],
url: "https://foo.bar.example.com/",
domain: ".example.com",
secure: true,
shouldPass: true,
});
info("Test matching subdomain with superdomain privileges, non-secure cookie (https)");
await testCookies({
permissions: ["https://foo.bar.example.com/", "cookies"],
url: "https://foo.bar.example.com/",
domain: ".example.com",
secure: false,
shouldPass: true,
});
info("Test matching subdomain with superdomain privileges, non-secure cookie (http)");
await testCookies({
permissions: ["http://foo.bar.example.com/", "cookies"],
url: "http://foo.bar.example.com/",
domain: ".example.com",
secure: false,
shouldPass: true,
});
});
</script>
</body>
</html>
|
