tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

browser_temporary_permissions_navigation.js (7881B)

      1 /* Any copyright is dedicated to the Public Domain.
      2 * http://creativecommons.org/publicdomain/zero/1.0/ */
      3 
      4 "use strict";
      5 
      6 // Test that temporary permissions are removed on user initiated reload only.
      7 add_task(async function testTempPermissionOnReload() {
      8  let origin = "https://example.com/";
      9  let principal =
     10    Services.scriptSecurityManager.createContentPrincipalFromOrigin(origin);
     11  let id = "geo";
     12 
     13  await BrowserTestUtils.withNewTab(origin, async function (browser) {
     14    SitePermissions.setForPrincipal(
     15      principal,
     16      id,
     17      SitePermissions.BLOCK,
     18      SitePermissions.SCOPE_TEMPORARY,
     19      browser
     20    );
     21 
     22    let reloaded = BrowserTestUtils.browserLoaded(browser, false, origin);
     23 
     24    Assert.deepEqual(SitePermissions.getForPrincipal(principal, id, browser), {
     25      state: SitePermissions.BLOCK,
     26      scope: SitePermissions.SCOPE_TEMPORARY,
     27    });
     28 
     29    // Reload through the page (should not remove the temp permission).
     30    await SpecialPowers.spawn(browser, [], () =>
     31      content.document.location.reload()
     32    );
     33 
     34    await reloaded;
     35 
     36    Assert.deepEqual(SitePermissions.getForPrincipal(principal, id, browser), {
     37      state: SitePermissions.BLOCK,
     38      scope: SitePermissions.SCOPE_TEMPORARY,
     39    });
     40 
     41    reloaded = BrowserTestUtils.browserLoaded(browser, false, origin);
     42 
     43    // Reload as a user (should remove the temp permission).
     44    BrowserCommands.reload();
     45 
     46    await reloaded;
     47 
     48    Assert.deepEqual(SitePermissions.getForPrincipal(principal, id, browser), {
     49      state: SitePermissions.UNKNOWN,
     50      scope: SitePermissions.SCOPE_PERSISTENT,
     51    });
     52 
     53    // Set the permission again.
     54    SitePermissions.setForPrincipal(
     55      principal,
     56      id,
     57      SitePermissions.BLOCK,
     58      SitePermissions.SCOPE_TEMPORARY,
     59      browser
     60    );
     61 
     62    // Open the tab context menu.
     63    let contextMenu = document.getElementById("tabContextMenu");
     64    // The TabContextMenu initializes its strings only on a focus or mouseover event.
     65    // Calls focus event on the TabContextMenu early in the test.
     66    gBrowser.selectedTab.focus();
     67    let popupShownPromise = BrowserTestUtils.waitForEvent(
     68      contextMenu,
     69      "popupshown"
     70    );
     71    EventUtils.synthesizeMouseAtCenter(gBrowser.selectedTab, {
     72      type: "contextmenu",
     73      button: 2,
     74    });
     75    await popupShownPromise;
     76 
     77    let reloadMenuItem = document.getElementById("context_reloadTab");
     78 
     79    reloaded = BrowserTestUtils.browserLoaded(browser, false, origin);
     80 
     81    // Reload as a user through the context menu (should remove the temp permission).
     82    contextMenu.activateItem(reloadMenuItem);
     83 
     84    await reloaded;
     85 
     86    Assert.deepEqual(SitePermissions.getForPrincipal(principal, id, browser), {
     87      state: SitePermissions.UNKNOWN,
     88      scope: SitePermissions.SCOPE_PERSISTENT,
     89    });
     90 
     91    // Set the permission again.
     92    SitePermissions.setForPrincipal(
     93      principal,
     94      id,
     95      SitePermissions.BLOCK,
     96      SitePermissions.SCOPE_TEMPORARY,
     97      browser
     98    );
     99 
    100    // Reload as user via return key in urlbar (should remove the temp permission)
    101    let urlBarInput = gURLBar.inputField;
    102    await EventUtils.synthesizeMouseAtCenter(urlBarInput, {});
    103 
    104    reloaded = BrowserTestUtils.browserLoaded(browser, false, origin);
    105 
    106    EventUtils.synthesizeAndWaitKey("VK_RETURN", {});
    107 
    108    await reloaded;
    109 
    110    Assert.deepEqual(SitePermissions.getForPrincipal(principal, id, browser), {
    111      state: SitePermissions.UNKNOWN,
    112      scope: SitePermissions.SCOPE_PERSISTENT,
    113    });
    114 
    115    SitePermissions.removeFromPrincipal(principal, id, browser);
    116  });
    117 });
    118 
    119 // Test that temporary permissions are not removed when reloading all tabs.
    120 add_task(async function testTempPermissionOnReloadAllTabs() {
    121  let origin = "https://example.com/";
    122  let principal =
    123    Services.scriptSecurityManager.createContentPrincipalFromOrigin(origin);
    124  let id = "geo";
    125 
    126  await BrowserTestUtils.withNewTab(origin, async function (browser) {
    127    SitePermissions.setForPrincipal(
    128      principal,
    129      id,
    130      SitePermissions.BLOCK,
    131      SitePermissions.SCOPE_TEMPORARY,
    132      browser
    133    );
    134 
    135    // Select all tabs before opening the context menu.
    136    let visibleTabs = gBrowser.visibleTabs;
    137    gBrowser.selectAllTabs();
    138    info(`Selected ${visibleTabs.length} tabs`);
    139 
    140    // Open the tab context menu.
    141    let contextMenu = document.getElementById("tabContextMenu");
    142    // The TabContextMenu initializes its strings only on a focus or mouseover event.
    143    // Calls focus event on the TabContextMenu early in the test.
    144    gBrowser.selectedTab.focus();
    145 
    146    Assert.equal(
    147      contextMenu.state,
    148      "closed",
    149      "context menu is initially closed"
    150    );
    151 
    152    let popupShownPromise = BrowserTestUtils.waitForPopupEvent(
    153      contextMenu,
    154      "shown"
    155    );
    156    let popupHiddenPromise = BrowserTestUtils.waitForPopupEvent(
    157      contextMenu,
    158      "hidden"
    159    );
    160    info("Opening tab context menu");
    161    EventUtils.synthesizeMouseAtCenter(gBrowser.selectedTab, {
    162      type: "contextmenu",
    163      button: 2,
    164    });
    165    await popupShownPromise;
    166    info("Context menu opened");
    167 
    168    let reloadMenuItem = document.getElementById("context_reloadSelectedTabs");
    169    Assert.ok(
    170      BrowserTestUtils.isVisible(reloadMenuItem),
    171      "Reload selected tabs menu item should be visible"
    172    );
    173 
    174    let reloaded = Promise.all(
    175      visibleTabs.map(tab =>
    176        BrowserTestUtils.browserLoaded(gBrowser.getBrowserForTab(tab), {
    177          wantLoad: () => true,
    178        })
    179      )
    180    );
    181    info("Triggering reload action");
    182    contextMenu.activateItem(reloadMenuItem);
    183 
    184    info("Waiting for context menu to be hidden");
    185    await popupHiddenPromise;
    186    info("Context menu hidden");
    187 
    188    await reloaded;
    189    info("Tabs reloaded");
    190 
    191    Assert.deepEqual(SitePermissions.getForPrincipal(principal, id, browser), {
    192      state: SitePermissions.BLOCK,
    193      scope: SitePermissions.SCOPE_TEMPORARY,
    194    });
    195 
    196    SitePermissions.removeFromPrincipal(principal, id, browser);
    197  });
    198 });
    199 
    200 // Test that temporary permissions are persisted through navigation in a tab.
    201 add_task(async function testTempPermissionOnNavigation() {
    202  let origin = "https://example.com/";
    203  let principal =
    204    Services.scriptSecurityManager.createContentPrincipalFromOrigin(origin);
    205  let id = "geo";
    206 
    207  await BrowserTestUtils.withNewTab(origin, async function (browser) {
    208    SitePermissions.setForPrincipal(
    209      principal,
    210      id,
    211      SitePermissions.BLOCK,
    212      SitePermissions.SCOPE_TEMPORARY,
    213      browser
    214    );
    215 
    216    Assert.deepEqual(SitePermissions.getForPrincipal(principal, id, browser), {
    217      state: SitePermissions.BLOCK,
    218      scope: SitePermissions.SCOPE_TEMPORARY,
    219    });
    220 
    221    let loaded = BrowserTestUtils.browserLoaded(
    222      browser,
    223      false,
    224      "https://example.org/"
    225    );
    226 
    227    // Navigate to another domain.
    228    await SpecialPowers.spawn(
    229      browser,
    230      [],
    231      () => (content.document.location = "https://example.org/")
    232    );
    233 
    234    await loaded;
    235 
    236    // The temporary permissions for the current URI should be reset.
    237    Assert.deepEqual(
    238      SitePermissions.getForPrincipal(browser.contentPrincipal, id, browser),
    239      {
    240        state: SitePermissions.UNKNOWN,
    241        scope: SitePermissions.SCOPE_PERSISTENT,
    242      }
    243    );
    244 
    245    loaded = BrowserTestUtils.browserLoaded(browser, false, origin);
    246 
    247    // Navigate to the original domain.
    248    await SpecialPowers.spawn(
    249      browser,
    250      [],
    251      () => (content.document.location = "https://example.com/")
    252    );
    253 
    254    await loaded;
    255 
    256    // The temporary permissions for the original URI should still exist.
    257    Assert.deepEqual(
    258      SitePermissions.getForPrincipal(browser.contentPrincipal, id, browser),
    259      {
    260        state: SitePermissions.BLOCK,
    261        scope: SitePermissions.SCOPE_TEMPORARY,
    262      }
    263    );
    264 
    265    SitePermissions.removeFromPrincipal(browser.contentPrincipal, id, browser);
    266  });
    267 });