browser_site_scoped_permissions.js (3808B)
1 /* Any copyright is dedicated to the Public Domain. 2 * http://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 const EMPTY_PAGE = 5 getRootDirectory(gTestPath).replace( 6 "chrome://mochitests/content", 7 "https://example.com" 8 ) + "empty.html"; 9 10 const SUBDOMAIN_EMPTY_PAGE = 11 getRootDirectory(gTestPath).replace( 12 "chrome://mochitests/content", 13 "https://www.example.com" 14 ) + "empty.html"; 15 16 add_task(async function testSiteScopedPermissionSubdomainAffectsBaseDomain() { 17 let subdomainOrigin = "https://www.example.com"; 18 let subdomainPrincipal = 19 Services.scriptSecurityManager.createContentPrincipalFromOrigin( 20 subdomainOrigin 21 ); 22 let id = "3rdPartyStorage^https://example.org"; 23 24 await BrowserTestUtils.withNewTab(EMPTY_PAGE, async function () { 25 Services.perms.addFromPrincipal( 26 subdomainPrincipal, 27 id, 28 SitePermissions.ALLOW 29 ); 30 31 await openPermissionPopup(); 32 33 let permissionsList = document.getElementById( 34 "permission-popup-permission-list" 35 ); 36 let listEntryCount = permissionsList.querySelectorAll( 37 ".permission-popup-permission-item" 38 ).length; 39 is( 40 listEntryCount, 41 1, 42 "Permission exists on base domain when set on subdomain" 43 ); 44 45 closePermissionPopup(); 46 47 Services.perms.removeFromPrincipal(subdomainPrincipal, id); 48 49 // We intentionally turn off a11y_checks, because the following function 50 // is expected to click a toolbar button that may be already hidden 51 // with "display:none;". The permissions panel anchor is hidden because 52 // the last permission was removed, however we force opening the panel 53 // anyways in order to test that the list has been properly emptied: 54 AccessibilityUtils.setEnv({ 55 mustHaveAccessibleRule: false, 56 }); 57 await openPermissionPopup(); 58 AccessibilityUtils.resetEnv(); 59 60 listEntryCount = permissionsList.querySelectorAll( 61 ".permission-popup-permission-item-3rdPartyStorage" 62 ).length; 63 is( 64 listEntryCount, 65 0, 66 "Permission removed on base domain when removed on subdomain" 67 ); 68 69 await closePermissionPopup(); 70 }); 71 }); 72 73 add_task(async function testSiteScopedPermissionBaseDomainAffectsSubdomain() { 74 let origin = "https://example.com"; 75 let principal = 76 Services.scriptSecurityManager.createContentPrincipalFromOrigin(origin); 77 let id = "3rdPartyStorage^https://example.org"; 78 79 await BrowserTestUtils.withNewTab(SUBDOMAIN_EMPTY_PAGE, async function () { 80 Services.perms.addFromPrincipal(principal, id, SitePermissions.ALLOW); 81 await openPermissionPopup(); 82 83 let permissionsList = document.getElementById( 84 "permission-popup-permission-list" 85 ); 86 let listEntryCount = permissionsList.querySelectorAll( 87 ".permission-popup-permission-item" 88 ).length; 89 is( 90 listEntryCount, 91 1, 92 "Permission exists on base domain when set on subdomain" 93 ); 94 95 closePermissionPopup(); 96 97 Services.perms.removeFromPrincipal(principal, id); 98 99 // We intentionally turn off a11y_checks, because the following function 100 // is expected to click a toolbar button that may be already hidden 101 // with "display:none;". The permissions panel anchor is hidden because 102 // the last permission was removed, however we force opening the panel 103 // anyways in order to test that the list has been properly emptied: 104 AccessibilityUtils.setEnv({ 105 mustHaveAccessibleRule: false, 106 }); 107 await openPermissionPopup(); 108 AccessibilityUtils.resetEnv(); 109 110 listEntryCount = permissionsList.querySelectorAll( 111 ".permission-popup-permission-item-3rdPartyStorage" 112 ).length; 113 is( 114 listEntryCount, 115 0, 116 "Permission removed on base domain when removed on subdomain" 117 ); 118 119 await closePermissionPopup(); 120 }); 121 });