tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test-helpers.js (2795B)

      1 function testHttpCookies({desc, origin, cookieNames, expectsCookie}) {
      2  promise_test(async () => {
      3    await assertHttpOriginCanAccessCookies({ origin, cookieNames, expectsCookie });
      4  }, getCookieTestName(expectsCookie, desc, "HTTP"));
      5 }
      6 
      7 async function assertHttpOriginCanAccessCookies({
      8  origin,
      9  cookieNames,
     10  expectsCookie,
     11 }) {
     12  const resp = await credFetch(`${origin}/cookies/resources/list.py`);
     13  const cookies = await resp.json();
     14  for (const cookieName of cookieNames) {
     15    assert_equals(
     16      cookies.hasOwnProperty(cookieName), expectsCookie,
     17      getCookieAssertDesc(expectsCookie, cookieName));
     18  }
     19 }
     20 
     21 async function assertThirdPartyHttpCookies({ desc, origin, cookieNames, expectsCookie }) {
     22  // Test that these cookies are not available on cross-site subresource requests to the
     23  // origin that set them.
     24  testHttpCookies({
     25    desc,
     26    origin,
     27    cookieNames,
     28    expectsCookie,
     29  });
     30 
     31  promise_test(async () => {
     32    const thirdPartyHttpCookie = "3P_http"
     33    await credFetch(
     34      `${origin}/cookies/resources/set.py?${thirdPartyHttpCookie}=foobar;` +
     35      "Secure;Path=/;SameSite=None");
     36    await assertHttpOriginCanAccessCookies({
     37      origin,
     38      cookieNames: [thirdPartyHttpCookie],
     39      expectsCookie,
     40    });
     41  }, desc + ": Cross site window setting HTTP cookies");
     42 }
     43 
     44 function testDomCookies({desc, cookieNames, expectsCookie}) {
     45  test(() => {
     46    assertDomCanAccessCookie(cookieNames, expectsCookie);
     47  }, getCookieTestName(expectsCookie, desc, "DOM"));
     48 }
     49 
     50 function assertDomCanAccessCookie(cookieNames, expectsCookie) {
     51  for (const cookieName of cookieNames) {
     52    assert_equals(
     53      document.cookie.includes(cookieName + "="), expectsCookie,
     54      getCookieAssertDesc(expectsCookie, cookieName));
     55  }
     56 }
     57 
     58 function testCookieStoreCookies({desc, cookieNames, expectsCookie}) {
     59  if (!window.cookieStore) return;
     60  promise_test(async () => {
     61    await assertCookieStoreCanAccessCookies(cookieNames, expectsCookie);
     62  }, getCookieTestName(expectsCookie, desc, "CookieStore"));
     63 }
     64 
     65 async function assertCookieStoreCanAccessCookies(cookieNames, expectsCookie) {
     66  const cookies = await cookieStore.getAll({sameSite: 'none'});
     67  for (const cookieName of cookieNames) {
     68    assert_equals(
     69      !!cookies.find(c => c.name === cookieName), expectsCookie,
     70      getCookieAssertDesc(expectsCookie, cookieName));
     71  }
     72 }
     73 
     74 function getCookieTestName(expectsCookie, desc, cookieType) {
     75  if (expectsCookie) {
     76      return `${desc}: Cookies are accessible via ${cookieType}`;
     77  }
     78  return `${desc}: Cookies are not accessible via ${cookieType}`;
     79 }
     80 
     81 function getCookieAssertDesc(expectsCookie, cookieName) {
     82  if (expectsCookie) {
     83    return `Expected cookie ${cookieName} to be available`;
     84  }
     85  return `Expected cookie ${cookieName} to not be available`;
     86 }