The Tor Browser: toolkit/identity/tests/chrome/test_sandbox.xul@129ffea94266 (annotated)

toolkit/identity/tests/chrome/test_sandbox.xul@129ffea94266 (annotated)

toolkit/identity/tests/chrome/test_sandbox.xul

Sat, 03 Jan 2015 20:18:00 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Sat, 03 Jan 2015 20:18:00 +0100
branch: TOR_BUG_3246
changeset 7: 129ffea94266
permissions: -rw-r--r--

Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.

 <?xml version="1.0"?>
 <?xml-stylesheet type="text/css" href="chrome://global/skin"?>
 <?xml-stylesheet type="text/css" href="/tests/SimpleTest/test.css"?>
 <!-- Any copyright is dedicated to the Public Domain.
      http://creativecommons.org/publicdomain/zero/1.0/ -->
 <!--
 https://bugzilla.mozilla.org/show_bug.cgi?id=762993
 -->
 <window title="Mozilla Bug 762993"
         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
         onload="run_next_test();">
   <script type="application/javascript"
           src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/>
   <!-- test results are displayed in the html:body -->
   <body xmlns="http://www.w3.org/1999/xhtml">
   <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=762993"
      target="_blank">Mozilla Bug 762993</a>
   </body>
   <!-- test code goes here -->
   <script type="application/javascript;version=1.8">
   <![CDATA[
   /** Test for Bug 762993 **/
 "use strict";
 SimpleTest.expectAssertions(1);
 SimpleTest.waitForExplicitFinish();
 const Cc = Components.classes;
 const Ci = Components.interfaces;
 const Cu = Components.utils;
 const secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager);
 const TEST_URL_1 = "https://example.com/";
 // No trailing slash plus port to test normalization
 const TEST_URL_2 = "https://example.com:443";
 const TEST_BASE = "http://mochi.test:8888/chrome/toolkit/identity/tests/chrome/"
 const STATE_URL = TEST_BASE + "sandbox_content.sjs"
 Cu.import("resource://gre/modules/XPCOMUtils.jsm");
 Cu.import("resource://gre/modules/Services.jsm");
 Services.prefs.setBoolPref("toolkit.identity.debug", true);
 XPCOMUtils.defineLazyModuleGetter(this, "Sandbox",
                                   "resource://gre/modules/identity/Sandbox.jsm");
 function check_sandbox(aSandbox, aURL) {
   ok(aSandbox.id > 0, "valid ID");
   is(aSandbox._url, aURL, "matching URL (with normalization)");
   isnot(aSandbox._frame, null, "frame");
   isnot(aSandbox._container, null, "container");
   let docPrincipal = aSandbox._frame.contentDocument.nodePrincipal;
   is(secMan.isSystemPrincipal(docPrincipal), false,
      "principal must not be system");
 }
 /**
  * Free the sandbox and make sure all properties that are not booleans,
  * functions or numbers were freed.
  */
 function free_and_check_sandbox(aSandbox) {
   SimpleTest.executeSoon(function() {
     aSandbox.free();
     for(let prop in aSandbox) {
       // Don't trigger the "id" getter when the frame is supposed to be freed already
       if (prop == "id")
         continue;
       let propType = typeof(aSandbox[prop]);
       if (propType == "boolean" || propType == "function" || propType == "number")
         continue;
       is(aSandbox[prop], null, "freed " + prop);
     }
     run_next_test();
   });
 }
 function reset_server_state() {
   // Now reset the server state
   let resetReq = new XMLHttpRequest();
   resetReq.open("GET", STATE_URL + "?reset", false);
   resetReq.send();
 }
 function test_creation() {
   new Sandbox(TEST_URL_1, function sandboxCB(aSandbox) {
     check_sandbox(aSandbox, TEST_URL_1);
     free_and_check_sandbox(aSandbox);
   });
 }
 function test_reload() {
   new Sandbox(TEST_URL_1, function sandboxCB(aSandbox) {
     check_sandbox(aSandbox, TEST_URL_1);
     let originalId = aSandbox.id;
     aSandbox.reload(function sandboxReloadCB(aSandbox) {
       check_sandbox(aSandbox, TEST_URL_1);
       is(aSandbox.id, originalId, "Sandbox ID should be the same after reload");
       free_and_check_sandbox(aSandbox);
     });
   });
 }
 function test_url_normalization() {
   new Sandbox(TEST_URL_2, function sandboxCB(aSandbox) {
     // TEST_URL_2 should be normalized into the form of TEST_URL_1
     check_sandbox(aSandbox, TEST_URL_1);
     free_and_check_sandbox(aSandbox);
   });
 }
 /**
  * Check with the server's state to see what content was loaded then reset it.
  */
 function check_loaded_content(aSandbox, aNothingShouldLoad, aCallback) {
   let xhr = new XMLHttpRequest();
   xhr.open("GET", STATE_URL + "?get_loaded", true);
   xhr.onload = function() {
     let res = xhr.responseText;
     is(xhr.status, 200, "Check successful response");
     if (aNothingShouldLoad) {
       is(res, "NOTHING", "Check that nothing was loaded on the server");
     } else {
       let allowedTypes = [ "application/javascript", "text/html", "application/x-test" ];
       let loadedTypes = res == "NOTHING" ? [] : res.split(",");
       for (let loadedType of loadedTypes) {
         isnot(allowedTypes.indexOf(loadedType), -1, "Check that " + loadedType + " was expected to load"); // TODO
       }
       isnot(loadedTypes.indexOf("application/javascript"), -1, "Check JS was loaded");
       isnot(loadedTypes.indexOf("text/html"), -1, "Check iframe was loaded");
       is(loadedTypes.indexOf("video/webm"), -1, "Check webm was not loaded");
       is(loadedTypes.indexOf("audio/ogg"), -1, "Check ogg was not loaded");
       // Check that no plugin tags have a type other than TYPE_NULL (failed load)
       // --
       // Checking if a channel was opened is not sufficient for plugin tags --
       // An object tag may still be allowed to load a sub-document, but not a
       // plugin, so it will open a channel but then abort when it gets a
       // plugin-type.
       let doc = aSandbox._frame.contentDocument;
       let nullType = Components.interfaces.nsIObjectLoadingContent.TYPE_NULL;
       for (let tag of doc.querySelectorAll("embed, object, applet")) {
         tag instanceof Components.interfaces.nsIObjectLoadingContent;
         is(tag.displayedType, nullType, "Check that plugin did not load content");
       }
     }
     reset_server_state();
     aCallback();
   };
   xhr.send();
 }
 /**
  * Helper to check that only certain content is loaded on creation and during reload.
  */
 function check_disabled_content(aSandboxURL, aNothingShouldLoad = false) {
   new Sandbox(aSandboxURL, function sandboxCB(aSandbox) {
     check_sandbox(aSandbox, aSandboxURL);
     let originalId = aSandbox.id;
     setTimeout(function() {
       check_loaded_content(aSandbox, aNothingShouldLoad, function checkFinished() {
         info("reload the sandbox content");
         aSandbox.reload(function sandboxReloadCB(aSandbox) {
           check_sandbox(aSandbox, aSandboxURL);
           is(aSandbox.id, originalId, "Sandbox ID should be the same after reload");
           setTimeout(function() {
             check_loaded_content(aSandbox, aNothingShouldLoad, function reloadCheckFinished() {
               free_and_check_sandbox(aSandbox);
             });
           }, 5000);
         });
       });
     }, 5000);
   });
 }
 function test_disabled_content() {
   let url = TEST_BASE + "sandbox_content.html";
   check_disabled_content(url);
 }
 // Same as test above but with content in an iframe.
 function test_disabled_content_framed() {
   let url = TEST_BASE + "sandbox_content_framed.html";
   check_disabled_content(url);
 }
 function test_redirect() {
   let url = TEST_BASE + "sandbox_content_redirect.html";
   check_disabled_content(url);
 }
 function WindowObserver(aCallback) {
   this.observe = function(aSubject, aTopic, aData) {
     if (aTopic != "domwindowopened") {
       return;
     }
     Services.ww.unregisterNotification(this);
     let domWin = aSubject.QueryInterface(Ci.nsIDOMWindow);
     ok(!domWin, "No window should be opened");
     SimpleTest.executeSoon(function() {
       info("Closing opened window");
       domWin.close();
       aCallback();
     });
   }
 }
 // Can the sandbox call window.alert() or popup other UI?
 function test_alert() {
   let alertURL = TEST_BASE + "sandbox_content_alert.html";
   new Sandbox(alertURL, function sandboxCB(aSandbox) {
     check_sandbox(aSandbox, alertURL);
     setTimeout(function() {
       let win = Services.wm.getMostRecentWindow(null);
       isnot(win.document.documentElement.getAttribute("id"), "commonDialog",
                  "Make sure most recent window is not a dialog");
       if (win.document.documentElement.getAttribute("id") == "commonDialog") {
         // If a dialog did open, close it so we don't interfere with future tests
         win.close()
       }
       free_and_check_sandbox(aSandbox);
     }, 1000);
   });
 }
 // Can the sandboxed page open a popup with window.open?
 function test_popup() {
   let alertURL = TEST_BASE + "sandbox_content_popup.html";
   let theSandbox;
   function continueTest() {
     // avoid double-free
     if (!theSandbox)
       return;
     free_and_check_sandbox(theSandbox);
     theSandbox = null;
   }
   let winObs = new WindowObserver(continueTest);
   Services.ww.registerNotification(winObs);
   new Sandbox(alertURL, function sandboxCB(aSandbox) {
     theSandbox = aSandbox;
     check_sandbox(aSandbox, alertURL);
     // Wait 5 seconds to see if the window is going to open.
     setTimeout(function() {
       Services.ww.unregisterNotification(winObs);
       continueTest();
     }, 5000);
   });
 }
 // Loading a page with a bad cert
 function test_bad_cert() {
   let url = TEST_BASE + "sandbox_content.sjs?text/html";
   url = url.replace("http://mochi.test:8888", "https://untrusted.example.com");
   check_disabled_content(url, /*nothingShouldLoad=*/true);
 }
 // Loading a page to check window.top and other permissions.
 function test_frame_perms() {
   let url = TEST_BASE + "sandbox_content_perms.html";
   new Sandbox(url, function sandboxCB(aSandbox) {
     check_sandbox(aSandbox, url);
     // Give the content time to load
     setTimeout(function() {
       let xhr = new XMLHttpRequest();
       xhr.open("GET", STATE_URL + "?get_loaded", true);
       xhr.responseType = "json";
       xhr.onload = function() {
         is(xhr.status, 200, "Check successful response");
         is(typeof(xhr.response), "object", "Check response is object");
         is(Object.keys(xhr.response).length, 3, "Check the number of perm. tests");
         for (let test in xhr.response) {
           ok(xhr.response[test], "Check result of " + test);
         }
         reset_server_state();
         free_and_check_sandbox(aSandbox);
       };
       xhr.send();
     }, 3000);
   });
 }
 let TESTS = [test_creation, test_reload, test_url_normalization];
 TESTS.push(test_disabled_content, test_disabled_content_framed);
 TESTS.push(test_alert, test_popup, test_bad_cert);
 TESTS.push(test_redirect, test_frame_perms);
 function run_next_test() {
   if (TESTS.length) {
     let test = TESTS.shift();
     info(test.name);
     test();
   } else {
     Services.prefs.clearUserPref("toolkit.identity.debug");
     SimpleTest.finish();
   }
 }
   ]]>
   </script>
 </window>

The Tor Browser / annotate

toolkit/identity/tests/chrome/test_sandbox.xul@129ffea94266 (annotated)

toolkit/identity/tests/chrome/test_sandbox.xul