netwerk/test/unit/test_referrer.js@ac0c01689b40 (annotated)
netwerk/test/unit/test_referrer.js
Thu, 15 Jan 2015 15:59:08 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 15 Jan 2015 15:59:08 +0100
- branch
- TOR_BUG_9701
- changeset 10
- ac0c01689b40
- permissions
- -rw-r--r--
Implement a real Private Browsing Mode condition by changing the API/ABI;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
| michael@0 | 1 | var ios = Cc["@mozilla.org/network/io-service;1"]. |
| michael@0 | 2 | getService(Ci.nsIIOService); |
| michael@0 | 3 | |
| michael@0 | 4 | function getTestReferrer(server_uri, referer_uri) { |
| michael@0 | 5 | var chan = ios.newChannel(server_uri, "", null); |
| michael@0 | 6 | chan.QueryInterface(Components.interfaces.nsIHttpChannel); |
| michael@0 | 7 | chan.referrer = ios.newURI(referer_uri, null, null); |
| michael@0 | 8 | var header = null; |
| michael@0 | 9 | try { |
| michael@0 | 10 | header = chan.getRequestHeader("Referer"); |
| michael@0 | 11 | } |
| michael@0 | 12 | catch (NS_ERROR_NOT_AVAILABLE) {} |
| michael@0 | 13 | return header; |
| michael@0 | 14 | } |
| michael@0 | 15 | |
| michael@0 | 16 | function run_test() { |
| michael@0 | 17 | var prefs = Cc["@mozilla.org/preferences-service;1"] |
| michael@0 | 18 | .getService(Components.interfaces.nsIPrefBranch); |
| michael@0 | 19 | |
| michael@0 | 20 | var server_uri = "http://bar.examplesite.com/path2"; |
| michael@0 | 21 | var server_uri_2 = "http://bar.example.com/anotherpath"; |
| michael@0 | 22 | var referer_uri = "http://foo.example.com/path"; |
| michael@0 | 23 | var referer_uri_2 = "http://bar.examplesite.com/path3?q=blah"; |
| michael@0 | 24 | var referer_uri_2_anchor = "http://bar.examplesite.com/path3?q=blah#anchor"; |
| michael@0 | 25 | |
| michael@0 | 26 | // for https tests |
| michael@0 | 27 | var server_uri_https = "https://bar.example.com/anotherpath"; |
| michael@0 | 28 | var referer_uri_https = "https://bar.example.com/path3?q=blah"; |
| michael@0 | 29 | |
| michael@0 | 30 | // tests for sendRefererHeader |
| michael@0 | 31 | prefs.setIntPref("network.http.sendRefererHeader", 0); |
| michael@0 | 32 | do_check_null(getTestReferrer(server_uri, referer_uri)); |
| michael@0 | 33 | prefs.setIntPref("network.http.sendRefererHeader", 2); |
| michael@0 | 34 | do_check_eq(getTestReferrer(server_uri, referer_uri), referer_uri); |
| michael@0 | 35 | |
| michael@0 | 36 | // test that https ref is not sent to http |
| michael@0 | 37 | do_check_null(getTestReferrer(server_uri_2, referer_uri_https)); |
| michael@0 | 38 | |
| michael@0 | 39 | // tests for referer.spoofSource |
| michael@0 | 40 | prefs.setBoolPref("network.http.referer.spoofSource", true); |
| michael@0 | 41 | do_check_eq(getTestReferrer(server_uri, referer_uri), server_uri); |
| michael@0 | 42 | prefs.setBoolPref("network.http.referer.spoofSource", false); |
| michael@0 | 43 | do_check_eq(getTestReferrer(server_uri, referer_uri), referer_uri); |
| michael@0 | 44 | |
| michael@0 | 45 | // tests for referer.XOriginPolicy |
| michael@0 | 46 | prefs.setIntPref("network.http.referer.XOriginPolicy", 2); |
| michael@0 | 47 | do_check_null(getTestReferrer(server_uri_2, referer_uri)); |
| michael@0 | 48 | do_check_eq(getTestReferrer(server_uri, referer_uri_2), referer_uri_2); |
| michael@0 | 49 | prefs.setIntPref("network.http.referer.XOriginPolicy", 1); |
| michael@0 | 50 | do_check_eq(getTestReferrer(server_uri_2, referer_uri), referer_uri); |
| michael@0 | 51 | do_check_null(getTestReferrer(server_uri, referer_uri)); |
| michael@0 | 52 | // https test |
| michael@0 | 53 | do_check_eq(getTestReferrer(server_uri_https, referer_uri_https), referer_uri_https); |
| michael@0 | 54 | prefs.setIntPref("network.http.referer.XOriginPolicy", 0); |
| michael@0 | 55 | do_check_eq(getTestReferrer(server_uri, referer_uri), referer_uri); |
| michael@0 | 56 | |
| michael@0 | 57 | // tests for referer.trimmingPolicy |
| michael@0 | 58 | prefs.setIntPref("network.http.referer.trimmingPolicy", 1); |
| michael@0 | 59 | do_check_eq(getTestReferrer(server_uri, referer_uri_2), "http://bar.examplesite.com/path3"); |
| michael@0 | 60 | prefs.setIntPref("network.http.referer.trimmingPolicy", 2); |
| michael@0 | 61 | do_check_eq(getTestReferrer(server_uri, referer_uri_2), "http://bar.examplesite.com"); |
| michael@0 | 62 | // https test |
| michael@0 | 63 | do_check_eq(getTestReferrer(server_uri_https, referer_uri_https), "https://bar.example.com"); |
| michael@0 | 64 | prefs.setIntPref("network.http.referer.trimmingPolicy", 0); |
| michael@0 | 65 | // test that anchor is lopped off in ordinary case |
| michael@0 | 66 | do_check_eq(getTestReferrer(server_uri, referer_uri_2_anchor), referer_uri_2); |
| michael@0 | 67 | |
| michael@0 | 68 | // combination test: send spoofed path-only when hosts match |
| michael@0 | 69 | var combo_referer_uri = "http://blah.foo.com/path?q=hot"; |
| michael@0 | 70 | var dest_uri = "http://blah.foo.com:9999/spoofedpath?q=bad"; |
| michael@0 | 71 | prefs.setIntPref("network.http.referer.trimmingPolicy", 1); |
| michael@0 | 72 | prefs.setBoolPref("network.http.referer.spoofSource", true); |
| michael@0 | 73 | prefs.setIntPref("network.http.referer.XOriginPolicy", 2); |
| michael@0 | 74 | do_check_eq(getTestReferrer(dest_uri, combo_referer_uri), "http://blah.foo.com:9999/spoofedpath"); |
| michael@0 | 75 | do_check_null(getTestReferrer(dest_uri, "http://gah.foo.com/anotherpath")); |
| michael@0 | 76 | } |
