[ tor-browser ].git.dasho

browser_active_document.js (4345B)
      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
      3 * You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 "use strict";
      6 
      7 const TEST_URL = "https://example.com/";
      8 
      9 function arrivingHereIsBad(aResult) {
     10  ok(false, "Bad result! Received a: " + aResult);
     11 }
     12 
     13 function expectNotAllowedError(aResult) {
     14  let expected = "NotAllowedError";
     15  is(aResult.slice(0, expected.length), expected, `Expecting a ${expected}`);
     16 }
     17 
     18 function promiseMakeCredential(tab) {
     19  return ContentTask.spawn(tab.linkedBrowser, null, async function () {
     20    const cose_alg_ECDSA_w_SHA256 = -7;
     21 
     22    let publicKey = {
     23      rp: { id: content.document.domain, name: "none", icon: "none" },
     24      user: {
     25        id: new Uint8Array(),
     26        name: "none",
     27        icon: "none",
     28        displayName: "none",
     29      },
     30      challenge: content.crypto.getRandomValues(new Uint8Array(16)),
     31      timeout: 5000, // the minimum timeout is actually 15 seconds
     32      pubKeyCredParams: [{ type: "public-key", alg: cose_alg_ECDSA_w_SHA256 }],
     33    };
     34 
     35    return content.navigator.credentials.create({ publicKey });
     36  });
     37 }
     38 
     39 function promiseGetAssertion(tab) {
     40  return ContentTask.spawn(tab.linkedBrowser, null, async function () {
     41    let newCredential = {
     42      type: "public-key",
     43      id: content.crypto.getRandomValues(new Uint8Array(16)),
     44      transports: ["usb"],
     45    };
     46 
     47    let publicKey = {
     48      challenge: content.crypto.getRandomValues(new Uint8Array(16)),
     49      timeout: 5000, // the minimum timeout is actually 15 seconds
     50      rpId: content.document.domain,
     51      allowCredentials: [newCredential],
     52    };
     53 
     54    return content.navigator.credentials.get({ publicKey });
     55  });
     56 }
     57 
     58 add_task(async function test_setup() {
     59  await SpecialPowers.pushPrefEnv({
     60    set: [
     61      ["security.webauth.webauthn", true],
     62      ["security.webauth.webauthn_enable_softtoken", true],
     63      ["security.webauth.webauthn_enable_usbtoken", false],
     64    ],
     65  });
     66 });
     67 
     68 add_task(async function test_background_tab() {
     69  // Open two tabs, the last one will selected.
     70  let tab_bg = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
     71  let tab_fg = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
     72 
     73  // Requests from background tabs must fail.
     74  await promiseMakeCredential(tab_bg)
     75    .then(arrivingHereIsBad)
     76    .catch(expectNotAllowedError);
     77 
     78  // Requests from background tabs must fail.
     79  await promiseGetAssertion(tab_bg)
     80    .then(arrivingHereIsBad)
     81    .catch(expectNotAllowedError);
     82 
     83  // Close tabs.
     84  await BrowserTestUtils.removeTab(tab_bg);
     85  await BrowserTestUtils.removeTab(tab_fg);
     86 });
     87 
     88 add_task(async function test_background_window() {
     89  // Open a tab, then a new window.
     90  let tab_bg = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
     91  let win = await BrowserTestUtils.openNewBrowserWindow();
     92 
     93  // Wait until the new window is really focused.
     94  await new Promise(resolve => SimpleTest.waitForFocus(resolve, win));
     95 
     96  // Requests from selected tabs not in the active window must fail.
     97  await promiseMakeCredential(tab_bg)
     98    .then(arrivingHereIsBad)
     99    .catch(expectNotAllowedError);
    100 
    101  // Requests from selected tabs not in the active window must fail.
    102  await promiseGetAssertion(tab_bg)
    103    .then(arrivingHereIsBad)
    104    .catch(expectNotAllowedError);
    105 
    106  // Close tab and window.
    107  await BrowserTestUtils.closeWindow(win);
    108  await BrowserTestUtils.removeTab(tab_bg);
    109 });
    110 
    111 add_task(async function test_minimized() {
    112  // Minimizing windows doesn't supported in headless mode.
    113  if (Services.env.get("MOZ_HEADLESS")) {
    114    return;
    115  }
    116 
    117  // Open a window with a tab.
    118  let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL);
    119 
    120  // Minimize the window.
    121  window.minimize();
    122  await TestUtils.waitForCondition(() => !tab.linkedBrowser.docShellIsActive);
    123 
    124  // Requests from minimized windows must fail.
    125  await promiseMakeCredential(tab)
    126    .then(arrivingHereIsBad)
    127    .catch(expectNotAllowedError);
    128 
    129  // Requests from minimized windows must fail.
    130  await promiseGetAssertion(tab)
    131    .then(arrivingHereIsBad)
    132    .catch(expectNotAllowedError);
    133 
    134  // Restore the window.
    135  await new Promise(resolve => SimpleTest.waitForFocus(resolve, window));
    136 
    137  // Close tab.
    138  await BrowserTestUtils.removeTab(tab);
    139 });
	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE