tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

child_cookie_header.js (3081B)

      1 /* global NetUtil, ChannelListener */
      2 
      3 "use strict";
      4 
      5 function inChildProcess() {
      6  return (
      7    // eslint-disable-next-line mozilla/use-services
      8    Cc["@mozilla.org/xre/app-info;1"].getService(Ci.nsIXULRuntime)
      9      .processType != Ci.nsIXULRuntime.PROCESS_TYPE_DEFAULT
     10  );
     11 }
     12 
     13 let uri = null;
     14 function makeChan() {
     15  return NetUtil.newChannel({
     16    uri,
     17    loadUsingSystemPrincipal: true,
     18  }).QueryInterface(Ci.nsIHttpChannel);
     19 }
     20 
     21 function OpenChannelPromise(aChannel, aClosure) {
     22  return new Promise(resolve => {
     23    function processResponse(request, buffer, context) {
     24      aClosure(request.QueryInterface(Ci.nsIHttpChannel), buffer, context);
     25      resolve();
     26    }
     27    aChannel.asyncOpen(new ChannelListener(processResponse, null));
     28  });
     29 }
     30 
     31 // This test doesn't do much, except to communicate with the parent, and get
     32 // URL we need to connect to.
     33 add_task(async function setup() {
     34  ok(inChildProcess(), "Sanity check. This should run in the child process");
     35  // Initialize the URL. Parent runs the server
     36  do_send_remote_message("start-test");
     37  uri = await do_await_remote_message("start-test-done");
     38 });
     39 
     40 // This test performs a request, and checks that no cookie header are visible
     41 // to the child process
     42 add_task(async function test1() {
     43  let chan = makeChan();
     44 
     45  await OpenChannelPromise(chan, (request, buffer) => {
     46    equal(buffer, "response");
     47    Assert.throws(
     48      () => request.getRequestHeader("Cookie"),
     49      /NS_ERROR_NOT_AVAILABLE/,
     50      "Cookie header should not be visible on request in the child"
     51    );
     52    Assert.throws(
     53      () => request.getResponseHeader("Set-Cookie"),
     54      /NS_ERROR_NOT_AVAILABLE/,
     55      "Cookie header should not be visible on response in the child"
     56    );
     57  });
     58 
     59  // We also check that a cookie was saved by the Set-Cookie header
     60  // in the parent.
     61  do_send_remote_message("check-cookie-count");
     62  let count = await do_await_remote_message("check-cookie-count-done");
     63  equal(count, 1);
     64 });
     65 
     66 // This test communicates with the parent, to locally save a new cookie.
     67 // Then it performs another request, makes sure no cookie headers are visible,
     68 // after which it checks that both cookies are visible to the parent.
     69 add_task(async function test2() {
     70  do_send_remote_message("set-cookie");
     71  await do_await_remote_message("set-cookie-done");
     72 
     73  let chan = makeChan();
     74  await OpenChannelPromise(chan, (request, buffer) => {
     75    equal(buffer, "response");
     76    Assert.throws(
     77      () => request.getRequestHeader("Cookie"),
     78      /NS_ERROR_NOT_AVAILABLE/,
     79      "Cookie header should not be visible on request in the child"
     80    );
     81    Assert.throws(
     82      () => request.getResponseHeader("Set-Cookie"),
     83      /NS_ERROR_NOT_AVAILABLE/,
     84      "Cookie header should not be visible on response in the child"
     85    );
     86  });
     87 
     88  // We should have two cookies. One set by the Set-Cookie header sent by the
     89  // server, and one that was manually set in the parent.
     90  do_send_remote_message("second-check-cookie-count");
     91  let count = await do_await_remote_message("second-check-cookie-count-done");
     92  equal(count, 2);
     93 });