1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/extensions/cookie/test/unit/test_cookies_thirdparty.js Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,147 @@
1.4 +/* Any copyright is dedicated to the Public Domain.
1.5 + http://creativecommons.org/publicdomain/zero/1.0/ */
1.6 +
1.7 +// test third party cookie blocking, for the cases:
1.8 +// 1) with null channel
1.9 +// 2) with channel, but with no docshell parent
1.10 +
1.11 +function run_test() {
1.12 + // Create URIs and channels pointing to foo.com and bar.com.
1.13 + // We will use these to put foo.com into first and third party contexts.
1.14 + var spec1 = "http://foo.com/foo.html";
1.15 + var spec2 = "http://bar.com/bar.html";
1.16 + var uri1 = NetUtil.newURI(spec1);
1.17 + var uri2 = NetUtil.newURI(spec2);
1.18 + var channel1 = NetUtil.newChannel(uri1);
1.19 + var channel2 = NetUtil.newChannel(uri2);
1.20 +
1.21 + // test with cookies enabled
1.22 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
1.23 + do_set_cookies(uri1, channel1, true, [1, 2, 3, 4]);
1.24 + Services.cookies.removeAll();
1.25 + do_set_cookies(uri1, channel2, true, [1, 2, 3, 4]);
1.26 + Services.cookies.removeAll();
1.27 +
1.28 + // test with third party cookies blocked
1.29 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
1.30 + do_set_cookies(uri1, channel1, true, [0, 0, 0, 0]);
1.31 + Services.cookies.removeAll();
1.32 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.33 + Services.cookies.removeAll();
1.34 +
1.35 + // Force the channel URI to be used when determining the originating URI of
1.36 + // the channel.
1.37 + var httpchannel1 = channel1.QueryInterface(Ci.nsIHttpChannelInternal);
1.38 + var httpchannel2 = channel2.QueryInterface(Ci.nsIHttpChannelInternal);
1.39 + httpchannel1.forceAllowThirdPartyCookie = true;
1.40 + httpchannel2.forceAllowThirdPartyCookie = true;
1.41 +
1.42 + // test with cookies enabled
1.43 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
1.44 + do_set_cookies(uri1, channel1, true, [1, 2, 3, 4]);
1.45 + Services.cookies.removeAll();
1.46 + do_set_cookies(uri1, channel2, true, [1, 2, 3, 4]);
1.47 + Services.cookies.removeAll();
1.48 +
1.49 + // test with third party cookies blocked
1.50 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
1.51 + do_set_cookies(uri1, channel1, true, [0, 1, 1, 2]);
1.52 + Services.cookies.removeAll();
1.53 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.54 + Services.cookies.removeAll();
1.55 +
1.56 + // test with third party cookies limited
1.57 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 3);
1.58 + do_set_cookies(uri1, channel1, true, [0, 1, 2, 3]);
1.59 + Services.cookies.removeAll();
1.60 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.61 + Services.cookies.removeAll();
1.62 + do_set_single_http_cookie(uri1, channel1, 1);
1.63 + do_set_cookies(uri1, channel2, true, [2, 3, 4, 5]);
1.64 + Services.cookies.removeAll();
1.65 +
1.66 + // Test per-site 3rd party cookie blocking with cookies enabled
1.67 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
1.68 + var kPermissionType = "cookie";
1.69 + var ALLOW_FIRST_PARTY_ONLY = 9;
1.70 + // ALLOW_FIRST_PARTY_ONLY overrides
1.71 + Services.perms.add(uri1, kPermissionType, ALLOW_FIRST_PARTY_ONLY);
1.72 + do_set_cookies(uri1, channel1, true, [0, 1, 1, 2]);
1.73 + Services.cookies.removeAll();
1.74 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.75 + Services.cookies.removeAll();
1.76 +
1.77 + // Test per-site 3rd party cookie blocking with 3rd party cookies disabled
1.78 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
1.79 + do_set_cookies(uri1, channel1, true, [0, 1, 1, 2]);
1.80 + Services.cookies.removeAll();
1.81 + // No preference has been set for uri2, but it should act as if
1.82 + // ALLOW_FIRST_PARTY_ONLY has been set
1.83 + do_set_cookies(uri2, channel2, true, [0, 1, 1, 2]);
1.84 + Services.cookies.removeAll();
1.85 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.86 + Services.cookies.removeAll();
1.87 +
1.88 + // Test per-site 3rd party cookie blocking with 3rd party cookies limited
1.89 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 3);
1.90 + do_set_cookies(uri1, channel1, true, [0, 1, 1, 2]);
1.91 + Services.cookies.removeAll();
1.92 + // No preference has been set for uri2, but it should act as if
1.93 + // LIMIT_THIRD_PARTY has been set
1.94 + do_set_cookies(uri2, channel2, true, [0, 1, 2, 3]);
1.95 + Services.cookies.removeAll();
1.96 + do_set_single_http_cookie(uri2, channel2, 1);
1.97 + do_set_cookies(uri2, channel2, true, [2, 3, 4, 5]);
1.98 + Services.cookies.removeAll();
1.99 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.100 + Services.cookies.removeAll();
1.101 + do_set_single_http_cookie(uri1, channel1, 1);
1.102 + do_set_cookies(uri1, channel2, true, [1, 1, 1, 1]);
1.103 + Services.cookies.removeAll();
1.104 +
1.105 + // Test per-site 3rd party cookie limiting with cookies enabled
1.106 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
1.107 + var kPermissionType = "cookie";
1.108 + var LIMIT_THIRD_PARTY = 10;
1.109 + // LIMIT_THIRD_PARTY overrides
1.110 + Services.perms.add(uri1, kPermissionType, LIMIT_THIRD_PARTY);
1.111 + do_set_cookies(uri1, channel1, true, [0, 1, 2, 3]);
1.112 + Services.cookies.removeAll();
1.113 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.114 + Services.cookies.removeAll();
1.115 + do_set_single_http_cookie(uri1, channel1, 1);
1.116 + do_set_cookies(uri1, channel2, true, [2, 3, 4, 5]);
1.117 + Services.cookies.removeAll();
1.118 +
1.119 + // Test per-site 3rd party cookie limiting with 3rd party cookies disabled
1.120 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 1);
1.121 + do_set_cookies(uri1, channel1, true, [0, 1, 2, 3]);
1.122 + Services.cookies.removeAll();
1.123 + // No preference has been set for uri2, but it should act as if
1.124 + // ALLOW_FIRST_PARTY_ONLY has been set
1.125 + do_set_cookies(uri2, channel2, true, [0, 1, 1, 2]);
1.126 + Services.cookies.removeAll();
1.127 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.128 + Services.cookies.removeAll();
1.129 + do_set_single_http_cookie(uri1, channel1, 1);
1.130 + do_set_cookies(uri1, channel2, true, [2, 3, 4, 5]);
1.131 + Services.cookies.removeAll();
1.132 +
1.133 + // Test per-site 3rd party cookie limiting with 3rd party cookies limited
1.134 + Services.prefs.setIntPref("network.cookie.cookieBehavior", 3);
1.135 + do_set_cookies(uri1, channel1, true, [0, 1, 2, 3]);
1.136 + Services.cookies.removeAll();
1.137 + // No preference has been set for uri2, but it should act as if
1.138 + // LIMIT_THIRD_PARTY has been set
1.139 + do_set_cookies(uri2, channel2, true, [0, 1, 2, 3]);
1.140 + Services.cookies.removeAll();
1.141 + do_set_single_http_cookie(uri2, channel2, 1);
1.142 + do_set_cookies(uri2, channel2, true, [2, 3, 4, 5]);
1.143 + Services.cookies.removeAll();
1.144 + do_set_cookies(uri1, channel2, true, [0, 0, 0, 0]);
1.145 + Services.cookies.removeAll();
1.146 + do_set_single_http_cookie(uri1, channel1, 1);
1.147 + do_set_cookies(uri1, channel2, true, [2, 3, 4, 5]);
1.148 + Services.cookies.removeAll();
1.149 +}
1.150 +
