tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

browser_capabilities.js (3153B)

      1 /* Any copyright is dedicated to the Public Domain.
      2 * http://creativecommons.org/publicdomain/zero/1.0/ */
      3 
      4 "use strict";
      5 
      6 /**
      7 * These tests ensures that disabling features by flipping nsIDocShell.allow*
      8 * properties are (re)stored as disabled. Disallowed features must be
      9 * re-enabled when the tab is re-used by another tab restoration.
     10 */
     11 add_task(async function docshell_capabilities() {
     12  let tab = await createTab();
     13  let browser = tab.linkedBrowser;
     14  let { browsingContext, docShell } = browser;
     15 
     16  // Get the list of capabilities for docShells.
     17  let flags = Object.keys(docShell).filter(k => k.startsWith("allow"));
     18 
     19  // Check that everything is allowed by default for new tabs.
     20  let state = JSON.parse(ss.getTabState(tab));
     21  ok(!("disallow" in state), "everything allowed by default");
     22  ok(
     23    flags.every(f => docShell[f]),
     24    "all flags set to true"
     25  );
     26 
     27  // Flip a couple of allow* flags.
     28  docShell.allowImages = false;
     29  docShell.allowMetaRedirects = false;
     30  browsingContext.allowJavascript = false;
     31 
     32  // Now reload the document to ensure that these capabilities
     33  // are taken into account.
     34  browser.reload();
     35  await promiseBrowserLoaded(browser);
     36 
     37  // Flush to make sure chrome received all data.
     38  await TabStateFlusher.flush(browser);
     39 
     40  // Check that we correctly save disallowed features.
     41  let disallowedState = JSON.parse(ss.getTabState(tab));
     42  let disallow = new Set(disallowedState.disallow.split(","));
     43  ok(disallow.has("Images"), "images not allowed");
     44  ok(disallow.has("MetaRedirects"), "meta redirects not allowed");
     45  is(disallow.size, 2, "two capabilities disallowed");
     46 
     47  // Reuse the tab to restore a new, clean state into it.
     48  await promiseTabState(tab, {
     49    entries: [{ url: "about:robots", triggeringPrincipal_base64 }],
     50  });
     51 
     52  // Flush to make sure chrome received all data.
     53  await TabStateFlusher.flush(browser);
     54 
     55  // After restoring disallowed features must be available again.
     56  state = JSON.parse(ss.getTabState(tab));
     57  ok(!("disallow" in state), "everything allowed again");
     58  ok(
     59    flags.every(f => docShell[f]),
     60    "all flags set to true"
     61  );
     62 
     63  // Restore the state with disallowed features.
     64  await promiseTabState(tab, disallowedState);
     65 
     66  // Check that docShell flags are set.
     67  ok(!docShell.allowImages, "images not allowed");
     68  ok(!docShell.allowMetaRedirects, "meta redirects not allowed");
     69 
     70  // Check that docShell allowJavascript flag is not set.
     71  ok(browsingContext.allowJavascript, "Javascript still allowed");
     72 
     73  // Check that we correctly restored features as disabled.
     74  state = JSON.parse(ss.getTabState(tab));
     75  disallow = new Set(state.disallow.split(","));
     76  ok(disallow.has("Images"), "images not allowed anymore");
     77  ok(disallow.has("MetaRedirects"), "meta redirects not allowed anymore");
     78  ok(!disallow.has("Javascript"), "Javascript still allowed");
     79  is(disallow.size, 2, "two capabilities disallowed");
     80 
     81  // Clean up after ourselves.
     82  gBrowser.removeTab(tab);
     83 });
     84 
     85 async function createTab() {
     86  let tab = BrowserTestUtils.addTab(gBrowser, "about:robots");
     87  let browser = tab.linkedBrowser;
     88  await promiseBrowserLoaded(browser);
     89  return tab;
     90 }