tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

browser_formdata_cc.js (2756B)

      1 "use strict";
      2 
      3 const URL =
      4  "http://mochi.test:8888/browser/browser/components/" +
      5  "sessionstore/test/browser_formdata_sample.html";
      6 
      7 requestLongerTimeout(3);
      8 
      9 /**
     10 * This test ensures that credit card numbers in form data will not be
     11 * collected, while numbers that don't look like credit card numbers will
     12 * still be collected.
     13 */
     14 add_task(async function () {
     15  const validCCNumbers = [
     16    // 15 digits
     17    "930771457288760",
     18    "474915027480942",
     19    "924894781317325",
     20    "714816113937185",
     21    "790466087343106",
     22    "474320195408363",
     23    "219211148122351",
     24    "633038472250799",
     25    "354236732906484",
     26    "095347810189325",
     27    // 16 digits
     28    "3091269135815020",
     29    "5471839082338112",
     30    "0580828863575793",
     31    "5015290610002932",
     32    "9465714503078607",
     33    "4302068493801686",
     34    "2721398408985465",
     35    "6160334316984331",
     36    "8643619970075142",
     37    "0218246069710785",
     38  ];
     39 
     40  const invalidCCNumbers = [
     41    // 15 digits
     42    "526931005800649",
     43    "724952425140686",
     44    "379761391174135",
     45    "030551436468583",
     46    "947377014076746",
     47    "254848023655752",
     48    "226871580283345",
     49    "708025346034339",
     50    "917585839076788",
     51    "918632588027666",
     52    // 16 digits
     53    "9946177098017064",
     54    "4081194386488872",
     55    "3095975979578034",
     56    "3662215692222536",
     57    "6723210018630429",
     58    "4411962856225025",
     59    "8276996369036686",
     60    "4449796938248871",
     61    "3350852696538147",
     62    "5011802870046957",
     63  ];
     64 
     65  // Creates a tab, loads a page with a form field, sets the value of the
     66  // field, and then removes the tab to trigger data collection.
     67  async function createAndRemoveTab(formValue) {
     68    // Create a new tab.
     69    let tab = BrowserTestUtils.addTab(gBrowser, URL);
     70    let browser = tab.linkedBrowser;
     71    await promiseBrowserLoaded(browser);
     72 
     73    // Set form value.
     74    await setInputValue(browser, formValue);
     75 
     76    // Remove the tab.
     77    await promiseRemoveTabAndSessionState(tab);
     78  }
     79 
     80  // Test that valid CC numbers are not collected.
     81  for (let number of validCCNumbers) {
     82    await createAndRemoveTab(number);
     83    let [{ state }] = ss.getClosedTabDataForWindow(window);
     84    ok(!("formdata" in state), "valid CC numbers are not collected");
     85  }
     86 
     87  // Test that non-CC numbers are still collected.
     88  for (let number of invalidCCNumbers) {
     89    await createAndRemoveTab(number);
     90    let [
     91      {
     92        state: { formdata },
     93      },
     94    ] = ss.getClosedTabDataForWindow(window);
     95    is(
     96      formdata.id.txt,
     97      number,
     98      "numbers that are not valid CC numbers are still collected"
     99    );
    100  }
    101 });
    102 
    103 function setInputValue(browser, formValue) {
    104  return SpecialPowers.spawn(browser, [formValue], async function (newValue) {
    105    content.document.getElementById("txt").setUserInput(newValue);
    106  });
    107 }