tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

server-response-for-debugging-only.https.window.js (6877B)

      1 // META: script=/resources/testdriver.js
      2 // META: script=/resources/testdriver-vendor.js
      3 // META: script=/common/get-host-info.sub.js
      4 // META: script=/common/utils.js
      5 // META: script=resources/ba-fledge-util.sub.js
      6 // META: script=resources/fledge-util.sub.js
      7 // META: script=/common/subset-tests.js
      8 // META: script=third_party/cbor-js/cbor.js
      9 // META: timeout=long
     10 // META: variant=?1-last
     11 
     12 "use strict";
     13 
     14 // These tests focus on the debugReports field in AuctionConfig's
     15 // serverResponse, i.e. auctions involving forDebuggingOnly reports.
     16 // NOTE: Due to DB's fDO lockout/cooldown tables are not cleaned after each run
     17 // of a test, fDO reports will not be sent after the first run of the test sent
     18 // it, so we cannot reliably test fDO reports being sent when downsampling is
     19 // enabled yet.
     20 
     21 function createDebugReport(
     22    url, isWinReport = null, isSellerReport = null, componentWin = null) {
     23  let report = {};
     24  if (url !== null) {
     25    report.url = url;
     26  }
     27  if (isWinReport !== null) {
     28    report.isWinReport = isWinReport;
     29  }
     30  if (isSellerReport !== null) {
     31    report.isSellerReport = isSellerReport;
     32  }
     33  if (componentWin !== null) {
     34    report.componentWin = componentWin;
     35  }
     36  return report;
     37 }
     38 
     39 function createDebugReportsPerOrigin(
     40    adTechOrigin = MAIN_ORIGIN, reports = null) {
     41  let reportsPerOrigin = {};
     42  if (adTechOrigin !== null) {
     43    reportsPerOrigin.adTechOrigin = adTechOrigin;
     44  }
     45  if (reports !== null) {
     46    reportsPerOrigin.reports = reports;
     47  }
     48  return reportsPerOrigin;
     49 }
     50 
     51 const delay = ms => new Promise(resolve => step_timeout(resolve, ms));
     52 
     53 // No forDebuggingOnly requests are observed, until time out.
     54 async function noRequestsObserved(uuid, timeout = 2000 /*ms*/) {
     55  const endTime = performance.now() + timeout;
     56 
     57  do {
     58    let trackedData = await fetchTrackedData(uuid);
     59    // Replace UUID to print consistent errors on failure.
     60    let trackedRequests =
     61        trackedData.trackedRequests.map((url) => url.replace(uuid, '<uuid>'))
     62            .sort();
     63 
     64    // No forDebuggingOnly requests should be observed.
     65    for (const request of trackedRequests) {
     66      assert_false(
     67          request.includes('forDebuggingOnly'),
     68          'Unexpected forDebuggingOnly request: ' + request);
     69    }
     70    await delay(/*ms=*/ 100);
     71  } while (performance.now() < endTime);
     72 }
     73 
     74 async function testInvalidDebugReportsFields(
     75    test, uuid, debugReports, ownerOverride = null) {
     76  let result = await BA.testWithMutatedServerResponse(
     77      test, /*expectWin=*/ true,
     78      (msg) => {
     79        msg.debugReports = debugReports;
     80      },
     81      (ig, uuid) => {
     82        ig.ads[0].renderURL = createRenderURL(uuid);
     83      },
     84      ownerOverride);
     85  createAndNavigateFencedFrame(test, result);
     86  await noRequestsObserved(uuid);
     87 }
     88 
     89 subsetTest(promise_test, async test => {
     90  const uuid = generateUuid(test);
     91 
     92  let bidderDebugReportURL =
     93      createBidderReportURL(uuid, /*id=*/ 'forDebuggingOnly');
     94  let debugReports = [createDebugReportsPerOrigin(
     95      /*adTechOrigin=*/ null,
     96      [createDebugReport(bidderDebugReportURL, /*isWinReport=*/ true)])];
     97  await testInvalidDebugReportsFields(test, uuid, debugReports);
     98 }, `B&A forDebuggingOnly - missing required adTechOrigin`);
     99 
    100 subsetTest(promise_test, async test => {
    101  const uuid = generateUuid(test);
    102  let bidderDebugReportURL =
    103      createBidderReportURL(uuid, /*id=*/ 'forDebuggingOnly');
    104  let debugReports = [createDebugReportsPerOrigin(
    105      /*adTechOrigin=*/ 'http://nothttps.com',
    106      [createDebugReport(bidderDebugReportURL, /*isWinReport=*/ true)])];
    107  await testInvalidDebugReportsFields(test, uuid, debugReports);
    108 }, `B&A forDebuggingOnly - HTTP adTechOrigin`);
    109 
    110 subsetTest(promise_test, async test => {
    111  const uuid = generateUuid(test);
    112  let bidderDebugReportURL =
    113      createBidderReportURL(uuid, /*id=*/ 'forDebuggingOnly');
    114  let debugReports = [createDebugReportsPerOrigin(
    115      /*adTechOrigin=*/ window.location.origin,
    116      [createDebugReport('http://nothttps.com', /*isWinReport=*/ true)])];
    117  await testInvalidDebugReportsFields(test, uuid, debugReports);
    118 }, `B&A forDebuggingOnly - HTTP debug report url`);
    119 
    120 subsetTest(promise_test, async test => {
    121  const uuid = generateUuid(test);
    122  let bidderDebugReportURL =
    123      createBidderReportURL(uuid, /*id=*/ 'forDebuggingOnly');
    124  let debugReports = [createDebugReportsPerOrigin(
    125      /*adTechOrigin=*/ window.location.origin,
    126      [createDebugReport('not a url', /*isWinReport=*/ true)])];
    127  await testInvalidDebugReportsFields(test, uuid, debugReports);
    128 }, `B&A forDebuggingOnly - debug report url not a url`);
    129 
    130 subsetTest(promise_test, async test => {
    131  const uuid = generateUuid(test);
    132  const igOwner = OTHER_ORIGIN1;
    133 
    134  let bidderDebugReportURL =
    135      createBidderReportURL(uuid, /*id=*/ 'forDebuggingOnly', igOwner);
    136  let sellerDebugReportURL =
    137      createSellerReportURL(uuid, /*id=*/ 'forDebuggingOnly');
    138 
    139  let debugReports = [
    140    createDebugReportsPerOrigin(
    141        igOwner,
    142        [createDebugReport(bidderDebugReportURL, /*isWinReport=*/ true)]),
    143    createDebugReportsPerOrigin(
    144        window.location.origin, [createDebugReport(
    145                                    sellerDebugReportURL, /*isWinReport=*/ true,
    146                                    /*isSellerReport=*/ true)])
    147  ];
    148 
    149  let result = await BA.testWithMutatedServerResponse(
    150      test, /*expectWin=*/ true,
    151      (msg) => {
    152        msg.debugReports = debugReports;
    153      },
    154      (ig, uuid) => {
    155        ig.ads[0].renderURL = createRenderURL(uuid);
    156      },
    157      igOwner);
    158  createAndNavigateFencedFrame(test, result);
    159  await waitForObservedRequests(
    160      uuid, [bidderDebugReportURL, sellerDebugReportURL]);
    161 }, `B&A forDebuggingOnly - debug reports sent`);
    162 
    163 subsetTest(promise_test, async test => {
    164  const uuid = generateUuid(test);
    165  const igOwner = OTHER_ORIGIN1;
    166 
    167  let bidderDebugReportURL =
    168      createBidderReportURL(uuid, /*id=*/ 'forDebuggingOnly', igOwner);
    169  let sellerDebugReportURL =
    170      createSellerReportURL(uuid, /*id=*/ 'forDebuggingOnly');
    171 
    172  let debugReports = [
    173    createDebugReportsPerOrigin(
    174        igOwner, [createDebugReport('not a url', /*isWinReport=*/ true)]),
    175    createDebugReportsPerOrigin(
    176        window.location.origin, [createDebugReport(
    177                                    sellerDebugReportURL, /*isWinReport=*/ true,
    178                                    /*isSellerReport=*/ true)])
    179  ];
    180 
    181  let result = await BA.testWithMutatedServerResponse(
    182      test, /*expectWin=*/ true,
    183      (msg) => {
    184        msg.debugReports = debugReports;
    185      },
    186      (ig, uuid) => {
    187        ig.ads[0].renderURL = createRenderURL(uuid);
    188      },
    189      igOwner);
    190  createAndNavigateFencedFrame(test, result);
    191  await waitForObservedRequests(uuid, [sellerDebugReportURL]);
    192 }, `B&A forDebuggingOnly - invalid debug reports don't affect other debug reports`);
    193 
    194 // TODO(qingxinwu): multi seller auctions.