tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

TestRedirectChainURITruncation.cpp (8129B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 #include "gtest/gtest.h"
      5 #include "mozilla/BasePrincipal.h"
      6 #include "mozilla/ContentPrincipal.h"
      7 #include "mozilla/NullPrincipal.h"
      8 #include "mozilla/SystemPrincipal.h"
      9 #include "mozilla/ExpandedPrincipal.h"
     10 #include "nsContentUtils.h"
     11 #include "mozilla/LoadInfo.h"
     12 
     13 namespace mozilla {
     14 
     15 void checkPrincipalTruncation(nsIPrincipal* aPrincipal,
     16                              const nsACString& aExpectedSpec = ""_ns,
     17                              const nsTArray<nsCString>& aExpectedSpecs = {}) {
     18  nsCOMPtr<nsIPrincipal> truncatedPrincipal =
     19      net::CreateTruncatedPrincipal(aPrincipal);
     20  ASSERT_TRUE(truncatedPrincipal);
     21 
     22  if (aPrincipal->IsSystemPrincipal()) {
     23    ASSERT_TRUE(truncatedPrincipal->IsSystemPrincipal());
     24    return;
     25  }
     26 
     27  if (aPrincipal->GetIsNullPrincipal()) {
     28    nsCOMPtr<nsIPrincipal> precursorPrincipal =
     29        aPrincipal->GetPrecursorPrincipal();
     30 
     31    nsAutoCString principalSpecEnding("}");
     32    nsAutoCString expectedTestSpec(aExpectedSpec);
     33    if (!aExpectedSpec.IsEmpty()) {
     34      principalSpecEnding += "?"_ns;
     35      expectedTestSpec += "/"_ns;
     36    }
     37 
     38    if (precursorPrincipal) {
     39      nsAutoCString precursorSpec;
     40      precursorPrincipal->GetAsciiSpec(precursorSpec);
     41      ASSERT_TRUE(precursorSpec.Equals(expectedTestSpec));
     42    }
     43 
     44    // NullPrincipals have UUIDs as part of their scheme i.e.
     45    // moz-nullprincipal:{9bebdabb-828a-4284-8b00-432a968c6e42}
     46    // To avoid having to know the UUID beforehand we check the principal's spec
     47    // before and after the UUID
     48    nsAutoCString principalSpec;
     49    truncatedPrincipal->GetAsciiSpec(principalSpec);
     50    ASSERT_TRUE(StringBeginsWith(principalSpec, "moz-nullprincipal:{"_ns));
     51    ASSERT_TRUE(
     52        StringEndsWith(principalSpec, principalSpecEnding + aExpectedSpec));
     53    return;
     54  }
     55 
     56  if (aPrincipal->GetIsExpandedPrincipal()) {
     57    const nsTArray<nsCOMPtr<nsIPrincipal>>& truncatedAllowList =
     58        BasePrincipal::Cast(truncatedPrincipal)
     59            ->As<ExpandedPrincipal>()
     60            ->AllowList();
     61 
     62    for (size_t i = 0; i < aExpectedSpecs.Length(); ++i) {
     63      nsAutoCString principalSpec;
     64      truncatedAllowList[i]->GetAsciiSpec(principalSpec);
     65      ASSERT_TRUE(principalSpec.Equals(aExpectedSpecs[i]));
     66    }
     67    return;
     68  }
     69 
     70  if (aPrincipal->GetIsContentPrincipal()) {
     71    nsAutoCString principalSpec;
     72    truncatedPrincipal->GetAsciiSpec(principalSpec);
     73    ASSERT_TRUE(principalSpec.Equals(aExpectedSpec));
     74    return;
     75  }
     76 
     77  // Tests should not reach this point
     78  ADD_FAILURE();
     79 }
     80 
     81 void checkPrincipalTruncation(nsIPrincipal* aPrincipal,
     82                              const nsTArray<nsCString>& aExpectedSpecs = {}) {
     83  checkPrincipalTruncation(aPrincipal, ""_ns, aExpectedSpecs);
     84 }
     85 
     86 TEST(RedirectChainURITruncation, ContentPrincipal)
     87 {
     88  // ======================= HTTP Scheme =======================
     89  nsAutoCString httpSpec(
     90      "http://root:toor@www.example.com:200/foo/bar/baz.html?qux#thud");
     91  nsCOMPtr<nsIURI> uri;
     92  nsresult rv = NS_NewURI(getter_AddRefs(uri), httpSpec);
     93  ASSERT_EQ(rv, NS_OK);
     94 
     95  nsCOMPtr<nsIPrincipal> principal;
     96  OriginAttributes attrs;
     97  principal = BasePrincipal::CreateContentPrincipal(uri, attrs);
     98  ASSERT_TRUE(principal);
     99 
    100  checkPrincipalTruncation(principal,
    101                           "http://www.example.com:200/foo/bar/baz.html"_ns);
    102 
    103  // ======================= HTTPS Scheme =======================
    104  nsAutoCString httpsSpec(
    105      "https://root:toor@www.example.com:200/foo/bar/baz.html?qux#thud");
    106  rv = NS_NewURI(getter_AddRefs(uri), httpsSpec);
    107  ASSERT_EQ(rv, NS_OK);
    108 
    109  principal = BasePrincipal::CreateContentPrincipal(uri, attrs);
    110  ASSERT_TRUE(principal);
    111 
    112  checkPrincipalTruncation(principal,
    113                           "https://www.example.com:200/foo/bar/baz.html"_ns);
    114 
    115  // ======================= View Source Scheme =======================
    116  nsAutoCString viewSourceSpec(
    117      "view-source:https://root:toor@www.example.com:200/foo/bar/"
    118      "baz.html?qux#thud");
    119  rv = NS_NewURI(getter_AddRefs(uri), viewSourceSpec);
    120  ASSERT_EQ(rv, NS_OK);
    121 
    122  principal = BasePrincipal::CreateContentPrincipal(uri, attrs);
    123  ASSERT_TRUE(principal);
    124 
    125  checkPrincipalTruncation(
    126      principal, "view-source:https://www.example.com:200/foo/bar/baz.html"_ns);
    127 
    128  // ======================= About Scheme =======================
    129  nsAutoCString aboutSpec("about:config");
    130  rv = NS_NewURI(getter_AddRefs(uri), aboutSpec);
    131  ASSERT_EQ(rv, NS_OK);
    132 
    133  principal = BasePrincipal::CreateContentPrincipal(uri, attrs);
    134  ASSERT_TRUE(principal);
    135 
    136  checkPrincipalTruncation(principal, "about:config"_ns);
    137 
    138  // ======================= Resource Scheme =======================
    139  nsAutoCString resourceSpec("resource://testing/");
    140  rv = NS_NewURI(getter_AddRefs(uri), resourceSpec);
    141  ASSERT_EQ(rv, NS_OK);
    142 
    143  principal = BasePrincipal::CreateContentPrincipal(uri, attrs);
    144  ASSERT_TRUE(principal);
    145 
    146  checkPrincipalTruncation(principal, "resource://testing/"_ns);
    147 
    148  // ======================= Chrome Scheme =======================
    149  nsAutoCString chromeSpec("chrome://foo/content/bar.xul");
    150  rv = NS_NewURI(getter_AddRefs(uri), chromeSpec);
    151  ASSERT_EQ(rv, NS_OK);
    152 
    153  principal = BasePrincipal::CreateContentPrincipal(uri, attrs);
    154  ASSERT_TRUE(principal);
    155 
    156  checkPrincipalTruncation(principal, "chrome://foo/content/bar.xul"_ns);
    157 }
    158 
    159 TEST(RedirectChainURITruncation, NullPrincipal)
    160 {
    161  // ======================= NullPrincipal =======================
    162  nsCOMPtr<nsIPrincipal> principal =
    163      NullPrincipal::CreateWithoutOriginAttributes();
    164  ASSERT_TRUE(principal);
    165 
    166  checkPrincipalTruncation(principal, ""_ns);
    167 
    168  // ======================= NullPrincipal & Precursor =======================
    169  nsAutoCString precursorSpec(
    170      "https://root:toor@www.example.com:200/foo/bar/baz.html?qux#thud");
    171 
    172  nsCOMPtr<nsIURI> precursorURI;
    173  nsresult rv = NS_NewURI(getter_AddRefs(precursorURI), precursorSpec);
    174  ASSERT_EQ(rv, NS_OK);
    175 
    176  OriginAttributes attrs;
    177  nsCOMPtr<nsIPrincipal> precursorPrincipal =
    178      BasePrincipal::CreateContentPrincipal(precursorURI, attrs);
    179  principal = NullPrincipal::CreateWithInheritedAttributes(precursorPrincipal);
    180  ASSERT_TRUE(principal);
    181 
    182  checkPrincipalTruncation(principal, "https://www.example.com:200"_ns);
    183 }
    184 
    185 TEST(RedirectChainURITruncation, SystemPrincipal)
    186 {
    187  nsCOMPtr<nsIPrincipal> principal = nsContentUtils::GetSystemPrincipal();
    188  ASSERT_TRUE(principal);
    189 
    190  checkPrincipalTruncation(principal, ""_ns);
    191 }
    192 
    193 TEST(RedirectChainURITruncation, ExtendedPrincipal)
    194 {
    195  // ======================= HTTP Scheme =======================
    196  nsAutoCString httpSpec(
    197      "http://root:toor@www.example.com:200/foo/bar/baz.html?qux#thud");
    198  nsCOMPtr<nsIURI> uri;
    199  nsresult rv = NS_NewURI(getter_AddRefs(uri), httpSpec);
    200  ASSERT_EQ(rv, NS_OK);
    201 
    202  nsCOMPtr<nsIPrincipal> firstContentPrincipal;
    203  OriginAttributes attrs;
    204  firstContentPrincipal = BasePrincipal::CreateContentPrincipal(uri, attrs);
    205  ASSERT_TRUE(firstContentPrincipal);
    206 
    207  // ======================= HTTPS Scheme =======================
    208  nsCOMPtr<nsIPrincipal> secondContentPrincipal;
    209  nsAutoCString httpsSpec(
    210      "https://root:toor@www.example.com:200/foo/bar/baz.html?qux#thud");
    211  rv = NS_NewURI(getter_AddRefs(uri), httpsSpec);
    212  ASSERT_EQ(rv, NS_OK);
    213 
    214  secondContentPrincipal = BasePrincipal::CreateContentPrincipal(uri, attrs);
    215  ASSERT_TRUE(secondContentPrincipal);
    216 
    217  // ======================= ExpandedPrincipal =======================
    218  const nsTArray<nsCString>& expectedSpecs = {
    219      "http://www.example.com:200/foo/bar/baz.html"_ns,
    220      "https://www.example.com:200/foo/bar/baz.html"_ns,
    221  };
    222  nsTArray<nsCOMPtr<nsIPrincipal>> allowList = {firstContentPrincipal,
    223                                                secondContentPrincipal};
    224  nsCOMPtr<nsIPrincipal> principal =
    225      ExpandedPrincipal::Create(allowList, attrs);
    226  ASSERT_TRUE(principal);
    227 
    228  checkPrincipalTruncation(principal, expectedSpecs);
    229 }
    230 
    231 }  // namespace mozilla