[ tor-browser ].git.dasho

test_schemeMap.js (6674B)
      1 const { NetUtil } = ChromeUtils.importESModule(
      2  "resource://gre/modules/NetUtil.sys.mjs"
      3 );
      4 
      5 function inChildProcess() {
      6  return Services.appinfo.processType != Ci.nsIXULRuntime.PROCESS_TYPE_DEFAULT;
      7 }
      8 
      9 const { CookieXPCShellUtils } = ChromeUtils.importESModule(
     10  "resource://testing-common/CookieXPCShellUtils.sys.mjs"
     11 );
     12 
     13 let CookieXPCShellUtilsInitialized = false;
     14 function maybeInitializeCookieXPCShellUtils() {
     15  if (!CookieXPCShellUtilsInitialized) {
     16    CookieXPCShellUtilsInitialized = true;
     17    CookieXPCShellUtils.init(this);
     18 
     19    CookieXPCShellUtils.createServer({ hosts: ["example.org"] });
     20  }
     21 }
     22 
     23 // Don't pick up default permissions from profile.
     24 Services.prefs.setCharPref("permissions.manager.defaultsUrl", "");
     25 
     26 add_task(async _ => {
     27  do_get_profile();
     28 
     29  // Allow all cookies if the pref service is available in this process.
     30  if (!inChildProcess()) {
     31    Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
     32    Services.prefs.setBoolPref(
     33      "network.cookieJarSettings.unblocked_for_testing",
     34      true
     35    );
     36  }
     37 
     38  info("Let's set a cookie from HTTP example.org");
     39 
     40  let uri = NetUtil.newURI("http://example.org/");
     41  let principal = Services.scriptSecurityManager.createContentPrincipal(
     42    uri,
     43    {}
     44  );
     45  let channel = NetUtil.newChannel({
     46    uri,
     47    loadingPrincipal: principal,
     48    securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
     49    contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
     50  });
     51 
     52  Services.cookies.setCookieStringFromHttp(uri, "a=b; sameSite=lax", channel);
     53 
     54  let cookies = Services.cookies.getCookiesFromHost("example.org", {});
     55  Assert.equal(cookies.length, 1, "We expect 1 cookie only");
     56 
     57  Assert.equal(cookies[0].schemeMap, Ci.nsICookie.SCHEME_HTTP, "HTTP Scheme");
     58 
     59  info("Let's set a cookie from HTTPS example.org");
     60 
     61  uri = NetUtil.newURI("https://example.org/");
     62  principal = Services.scriptSecurityManager.createContentPrincipal(uri, {});
     63  channel = NetUtil.newChannel({
     64    uri,
     65    loadingPrincipal: principal,
     66    securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
     67    contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
     68  });
     69 
     70  Services.cookies.setCookieStringFromHttp(uri, "a=b; sameSite=lax", channel);
     71 
     72  cookies = Services.cookies.getCookiesFromHost("example.org", {});
     73  Assert.equal(cookies.length, 1, "We expect 1 cookie only");
     74 
     75  Assert.equal(
     76    cookies[0].schemeMap,
     77    Ci.nsICookie.SCHEME_HTTP | Ci.nsICookie.SCHEME_HTTPS,
     78    "HTTP + HTTPS Schemes"
     79  );
     80 
     81  Services.cookies.removeAll();
     82 });
     83 
     84 [true, false].forEach(schemefulComparison => {
     85  add_task(async () => {
     86    do_get_profile();
     87    Services.prefs.setBoolPref("dom.security.https_first", false);
     88 
     89    maybeInitializeCookieXPCShellUtils();
     90 
     91    // Allow all cookies if the pref service is available in this process.
     92    if (!inChildProcess()) {
     93      Services.prefs.setBoolPref(
     94        "network.cookie.sameSite.schemeful",
     95        schemefulComparison
     96      );
     97      Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
     98      Services.prefs.setBoolPref(
     99        "network.cookieJarSettings.unblocked_for_testing",
    100        true
    101      );
    102    }
    103 
    104    info(
    105      `Testing schemefulSameSite=${schemefulComparison}. Let's set a cookie from HTTPS example.org`
    106    );
    107 
    108    let https_uri = NetUtil.newURI("https://example.org/");
    109    let https_principal = Services.scriptSecurityManager.createContentPrincipal(
    110      https_uri,
    111      {}
    112    );
    113    let same_site_channel = NetUtil.newChannel({
    114      uri: https_uri,
    115      loadingPrincipal: https_principal,
    116      securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
    117      contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
    118    });
    119 
    120    Services.cookies.setCookieStringFromHttp(
    121      https_uri,
    122      "a=b; sameSite=lax",
    123      same_site_channel
    124    );
    125 
    126    let cookies = Services.cookies.getCookieStringFromHttp(
    127      https_uri,
    128      same_site_channel
    129    );
    130    Assert.equal(cookies, "a=b", "Cookies match");
    131 
    132    let http_uri = NetUtil.newURI("http://example.org/");
    133    let http_principal = Services.scriptSecurityManager.createContentPrincipal(
    134      http_uri,
    135      {}
    136    );
    137    let cross_site_channel = NetUtil.newChannel({
    138      uri: https_uri,
    139      loadingPrincipal: http_principal,
    140      securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
    141      contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
    142    });
    143 
    144    cookies = Services.cookies.getCookieStringFromHttp(
    145      http_uri,
    146      cross_site_channel
    147    );
    148    if (schemefulComparison) {
    149      Assert.equal(cookies, "", "No http(s) cookie for different scheme!");
    150    } else {
    151      Assert.equal(cookies, "a=b", "http(s) Cookie even for differentscheme!");
    152    }
    153 
    154    // SameSite cookies are included via document.domain
    155    cookies = await CookieXPCShellUtils.getCookieStringFromDocument(
    156      http_uri.spec
    157    );
    158    Assert.equal(cookies, "a=b", "document.cookie even for different scheme!");
    159 
    160    Services.cookies.removeAll();
    161    Services.prefs.clearUserPref("dom.security.https_first");
    162  });
    163 });
    164 
    165 add_task(async _ => {
    166  do_get_profile();
    167  Services.prefs.setBoolPref("dom.security.https_first", false);
    168 
    169  // Allow all cookies if the pref service is available in this process.
    170  if (!inChildProcess()) {
    171    Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
    172    Services.prefs.setBoolPref(
    173      "network.cookieJarSettings.unblocked_for_testing",
    174      true
    175    );
    176  }
    177 
    178  info("Let's set a cookie without scheme");
    179  const cv = Services.cookies.add(
    180    "example.org",
    181    "/",
    182    "a",
    183    "b",
    184    false,
    185    false,
    186    false,
    187    Date.now() + 1000 * 1000,
    188    {},
    189    Ci.nsICookie.SAMESITE_LAX,
    190    Ci.nsICookie.SCHEME_UNSET
    191  );
    192  Assert.equal(cv.result, Ci.nsICookieValidation.eOK, "Valid cookie");
    193 
    194  let cookies = Services.cookies.getCookiesFromHost("example.org", {});
    195  Assert.equal(cookies.length, 1, "We expect 1 cookie only");
    196  Assert.equal(cookies[0].schemeMap, Ci.nsICookie.SCHEME_UNSET, "Unset scheme");
    197 
    198  ["https", "http"].forEach(scheme => {
    199    let uri = NetUtil.newURI(scheme + "://example.org/");
    200    let principal = Services.scriptSecurityManager.createContentPrincipal(
    201      uri,
    202      {}
    203    );
    204    let channel = NetUtil.newChannel({
    205      uri,
    206      loadingPrincipal: principal,
    207      securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
    208      contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
    209    });
    210 
    211    cookies = Services.cookies.getCookieStringFromHttp(uri, channel);
    212    Assert.equal(cookies, "a=b", "Cookie for unset scheme");
    213  });
    214 
    215  Services.cookies.removeAll();
    216  Services.prefs.clearUserPref("dom.security.https_first");
    217 });
	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE