TestSecureContext.cpp (4056B)
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */ 3 /* This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 #include <string.h> 8 9 #include "gtest/gtest.h" 10 #include "mozilla/NullPrincipal.h" 11 #include "mozilla/Preferences.h" 12 #include "nsContentSecurityManager.h" 13 #include "nsContentUtils.h" 14 #include "nsIPrincipal.h" 15 #include "nsScriptSecurityManager.h" 16 17 using namespace mozilla; 18 19 static const uint32_t kURIMaxLength = 64; 20 21 struct TestExpectations { 22 char uri[kURIMaxLength]; 23 bool expectedResult; 24 }; 25 26 class MOZ_RAII AutoRestoreBoolPref final { 27 public: 28 AutoRestoreBoolPref(const char* aPref, bool aValue) : mPref(aPref) { 29 Preferences::GetBool(mPref, &mOldValue); 30 Preferences::SetBool(mPref, aValue); 31 } 32 33 ~AutoRestoreBoolPref() { Preferences::SetBool(mPref, mOldValue); } 34 35 private: 36 const char* mPref = nullptr; 37 bool mOldValue = false; 38 }; 39 40 // ============================= TestDirectives ======================== 41 42 TEST(SecureContext, IsOriginPotentiallyTrustworthyWithContentPrincipal) 43 { 44 // boolean isOriginPotentiallyTrustworthy(in nsIPrincipal aPrincipal); 45 46 AutoRestoreBoolPref savedPref("network.proxy.allow_hijacking_localhost", 47 false); 48 49 static const TestExpectations uris[] = { 50 {"http://example.com/", false}, 51 {"https://example.com/", true}, 52 {"ws://example.com/", false}, 53 {"wss://example.com/", true}, 54 {"file:///xyzzy", true}, 55 {"about:config", false}, 56 {"http://localhost", true}, 57 {"http://localhost.localhost", true}, 58 {"http://a.b.c.d.e.localhost", true}, 59 {"http://xyzzy.localhost", true}, 60 {"http://127.0.0.1", true}, 61 {"http://127.0.0.2", true}, 62 {"http://127.1.0.1", true}, 63 {"http://128.0.0.1", false}, 64 {"http://[::1]", true}, 65 {"http://[::ffff:127.0.0.1]", false}, 66 {"http://[::ffff:127.0.0.2]", false}, 67 {"http://[::ffff:7f00:1]", false}, 68 {"http://[::ffff:7f00:2]", false}, 69 {"resource://xyzzy", true}, 70 {"moz-extension://xyzzy", true}, 71 {"data:data:text/plain;charset=utf-8;base64,eHl6enk=", false}, 72 {"blob://unique-id", false}, 73 {"mailto:foo@bar.com", false}, 74 {"moz-icon://example.com", false}, 75 {"javascript:42", false}, 76 }; 77 78 uint32_t numExpectations = sizeof(uris) / sizeof(TestExpectations); 79 nsCOMPtr<nsIContentSecurityManager> csManager = 80 do_GetService(NS_CONTENTSECURITYMANAGER_CONTRACTID); 81 ASSERT_TRUE(!!csManager); 82 83 nsresult rv; 84 for (uint32_t i = 0; i < numExpectations; i++) { 85 nsCOMPtr<nsIPrincipal> prin; 86 nsAutoCString uri(uris[i].uri); 87 rv = nsScriptSecurityManager::GetScriptSecurityManager() 88 ->CreateContentPrincipalFromOrigin(uri, getter_AddRefs(prin)); 89 ASSERT_EQ(rv, NS_OK); 90 bool isPotentiallyTrustworthy = prin->GetIsOriginPotentiallyTrustworthy(); 91 ASSERT_EQ(isPotentiallyTrustworthy, uris[i].expectedResult) 92 << uris[i].uri << uris[i].expectedResult; 93 } 94 } 95 96 TEST(SecureContext, IsOriginPotentiallyTrustworthyWithSystemPrincipal) 97 { 98 RefPtr<nsScriptSecurityManager> ssManager = 99 nsScriptSecurityManager::GetScriptSecurityManager(); 100 ASSERT_TRUE(!!ssManager); 101 nsCOMPtr<nsIPrincipal> sysPrin = nsContentUtils::GetSystemPrincipal(); 102 bool isPotentiallyTrustworthy = sysPrin->GetIsOriginPotentiallyTrustworthy(); 103 ASSERT_TRUE(isPotentiallyTrustworthy); 104 } 105 106 TEST(SecureContext, IsOriginPotentiallyTrustworthyWithNullPrincipal) 107 { 108 RefPtr<nsScriptSecurityManager> ssManager = 109 nsScriptSecurityManager::GetScriptSecurityManager(); 110 ASSERT_TRUE(!!ssManager); 111 112 RefPtr<NullPrincipal> nullPrin = 113 NullPrincipal::CreateWithoutOriginAttributes(); 114 bool isPotentiallyTrustworthy; 115 nsresult rv = 116 nullPrin->GetIsOriginPotentiallyTrustworthy(&isPotentiallyTrustworthy); 117 ASSERT_EQ(rv, NS_OK); 118 ASSERT_TRUE(!isPotentiallyTrustworthy); 119 }