test_permmanager_idn.js (2485B)
1 /* Any copyright is dedicated to the Public Domain. 2 http://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 function getPrincipalFromDomain(aDomain) { 5 let ssm = Services.scriptSecurityManager; 6 let uri = NetUtil.newURI("http://" + aDomain); 7 return ssm.createContentPrincipal(uri, {}); 8 } 9 10 function run_test() { 11 let pm = Services.perms; 12 let perm = "test-idn"; 13 14 // We create three principal linked to IDN. 15 // One with just a domain, one with a subdomain and one with the TLD 16 // containing a UTF-8 character. 17 let mainDomainPrincipal = getPrincipalFromDomain("fôû.com"); 18 let subDomainPrincipal = getPrincipalFromDomain("fôô.bàr.com"); 19 let tldPrincipal = getPrincipalFromDomain("fôû.bàr.côm"); 20 21 // We add those to the permission manager. 22 pm.addFromPrincipal(mainDomainPrincipal, perm, pm.ALLOW_ACTION, 0, 0); 23 pm.addFromPrincipal(subDomainPrincipal, perm, pm.ALLOW_ACTION, 0, 0); 24 pm.addFromPrincipal(tldPrincipal, perm, pm.ALLOW_ACTION, 0, 0); 25 26 // They should obviously be there now.. 27 Assert.equal( 28 pm.testPermissionFromPrincipal(mainDomainPrincipal, perm), 29 pm.ALLOW_ACTION 30 ); 31 Assert.equal( 32 pm.testPermissionFromPrincipal(subDomainPrincipal, perm), 33 pm.ALLOW_ACTION 34 ); 35 Assert.equal( 36 pm.testPermissionFromPrincipal(tldPrincipal, perm), 37 pm.ALLOW_ACTION 38 ); 39 40 // We do the same thing with the puny-encoded versions of the IDN. 41 let punyMainDomainPrincipal = getPrincipalFromDomain("xn--f-xgav.com"); 42 let punySubDomainPrincipal = getPrincipalFromDomain( 43 "xn--f-xgaa.xn--br-jia.com" 44 ); 45 let punyTldPrincipal = getPrincipalFromDomain( 46 "xn--f-xgav.xn--br-jia.xn--cm-8ja" 47 ); 48 49 // Those principals should have the permission granted too. 50 Assert.equal( 51 pm.testPermissionFromPrincipal(punyMainDomainPrincipal, perm), 52 pm.ALLOW_ACTION 53 ); 54 Assert.equal( 55 pm.testPermissionFromPrincipal(punySubDomainPrincipal, perm), 56 pm.ALLOW_ACTION 57 ); 58 Assert.equal( 59 pm.testPermissionFromPrincipal(punyTldPrincipal, perm), 60 pm.ALLOW_ACTION 61 ); 62 63 // However, those two principals shouldn't be allowed because they are like 64 // the IDN but without the UT8-8 characters. 65 let witnessPrincipal = getPrincipalFromDomain("foo.com"); 66 Assert.equal( 67 pm.testPermissionFromPrincipal(witnessPrincipal, perm), 68 pm.UNKNOWN_ACTION 69 ); 70 witnessPrincipal = getPrincipalFromDomain("foo.bar.com"); 71 Assert.equal( 72 pm.testPermissionFromPrincipal(witnessPrincipal, perm), 73 pm.UNKNOWN_ACTION 74 ); 75 }