The Tor Browser / file diff

diff: netwerk/test/unit/test_bug856978.js

netwerk/test/unit/test_bug856978.js

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/netwerk/test/unit/test_bug856978.js	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,135 @@
     1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
     1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
     1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
     1.7 +
     1.8 +// This test makes sure that the authorization header can get deleted e.g. by
     1.9 +// extensions if they are observing "http-on-modify-request". In a first step
    1.10 +// the auth cache is filled with credentials which then get added to the
    1.11 +// following request. On "http-on-modify-request" it is tested whether the
    1.12 +// authorization header got added at all and if so it gets removed. This test
    1.13 +// passes iff both succeeds.
    1.14 +
    1.15 +Components.utils.import("resource://testing-common/httpd.js");
    1.16 +
    1.17 +var notification = "http-on-modify-request";
    1.18 +
    1.19 +var httpServer = null;
    1.20 +
    1.21 +var authCredentials = "guest:guest";
    1.22 +var authPath = "/authTest";
    1.23 +var authCredsURL = "http://" + authCredentials + "@localhost:8888" + authPath;
    1.24 +var authURL = "http://localhost:8888" + authPath;
    1.25 +
    1.26 +function authHandler(metadata, response) {
    1.27 +  if (metadata.hasHeader("Test")) {
    1.28 +    // Lets see if the auth header got deleted.
    1.29 +    var noAuthHeader = false;
    1.30 +    if (!metadata.hasHeader("Authorization")) {
    1.31 +      noAuthHeader = true;
    1.32 +    }
    1.33 +    do_check_true(noAuthHeader);
    1.34 +  } else {
    1.35 +    // Not our test request yet.
    1.36 +    if (!metadata.hasHeader("Authorization")) {
    1.37 +      response.setStatusLine(metadata.httpVersion, 401, "Unauthorized");
    1.38 +      response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);
    1.39 +    }
    1.40 +  }
    1.41 +}
    1.42 +
    1.43 +function RequestObserver() {
    1.44 +  this.register();
    1.45 +}
    1.46 +
    1.47 +RequestObserver.prototype = {
    1.48 +  register: function() {
    1.49 +    do_print("Registering " + notification);
    1.50 +    Cc["@mozilla.org/observer-service;1"].getService(Ci.nsIObserverService).
    1.51 +      addObserver(this, notification, true);
    1.52 +  },
    1.53 +
    1.54 +  QueryInterface: function(iid) {
    1.55 +    if (iid.equals(Ci.nsIObserver) || iid.equals(Ci.nsISupportsWeakReference) ||
    1.56 +        iid.equals(Ci.nsISupports)) {
    1.57 +      return this;
    1.58 +    }
    1.59 +    throw Cr.NS_ERROR_NO_INTERFACE;
    1.60 +  },
    1.61 +
    1.62 +  observe: function(subject, topic, data) {
    1.63 +    if (topic == notification) {
    1.64 +      if (!(subject instanceof Ci.nsIHttpChannel)) {
    1.65 +        do_throw(notification + " observed a non-HTTP channel.");
    1.66 +      }
    1.67 +      try {
    1.68 +        let authHeader = subject.getRequestHeader("Authorization");
    1.69 +      } catch (e) {
    1.70 +        // Throw if there is no header to delete. We should get one iff caching
    1.71 +        // the auth credentials is working and the header gets added _before_
    1.72 +        // "http-on-modify-request" gets called.
    1.73 +        httpServer.stop(do_test_finished);
    1.74 +        do_throw("No authorization header found, aborting!");
    1.75 +      }
    1.76 +      // We are still here. Let's remove the authorization header now.
    1.77 +      subject.setRequestHeader("Authorization", null, false);
    1.78 +    }
    1.79 +  }
    1.80 +}
    1.81 +
    1.82 +var listener = {
    1.83 +  onStartRequest: function test_onStartR(request, ctx) {},
    1.84 +
    1.85 +  onDataAvailable: function test_ODA() {
    1.86 +    do_throw("Should not get any data!");
    1.87 +  },
    1.88 +
    1.89 +  onStopRequest: function test_onStopR(request, ctx, status) {
    1.90 +    if (current_test < (tests.length - 1)) {
    1.91 +      current_test++;
    1.92 +      tests[current_test]();
    1.93 +    } else {
    1.94 +      do_test_pending();
    1.95 +      httpServer.stop(do_test_finished);
    1.96 +    }
    1.97 +    do_test_finished();
    1.98 +  }
    1.99 +};
   1.100 +
   1.101 +function makeChan(url) {
   1.102 +  var ios = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService);
   1.103 +  var chan = ios.newChannel(url, null, null).QueryInterface(Ci.nsIHttpChannel);
   1.104 +  return chan;
   1.105 +}
   1.106 +
   1.107 +var tests = [startAuthHeaderTest, removeAuthHeaderTest];
   1.108 +
   1.109 +var current_test = 0;
   1.110 +
   1.111 +var requestObserver = null;
   1.112 +
   1.113 +function run_test() {
   1.114 +  httpServer = new HttpServer();
   1.115 +  httpServer.registerPathHandler(authPath, authHandler);
   1.116 +  httpServer.start(8888);
   1.117 +
   1.118 +  tests[0]();
   1.119 +}
   1.120 +
   1.121 +function startAuthHeaderTest() {
   1.122 +  var chan = makeChan(authCredsURL);
   1.123 +  chan.asyncOpen(listener, null);
   1.124 +
   1.125 +  do_test_pending();
   1.126 +}
   1.127 +
   1.128 +function removeAuthHeaderTest() {
   1.129 +  // After caching the auth credentials in the first test, lets try to remove
   1.130 +  // the authorization header now...
   1.131 +  requestObserver = new RequestObserver();
   1.132 +  var chan = makeChan(authURL);
   1.133 +  // Indicating that the request is coming from the second test.
   1.134 +  chan.setRequestHeader("Test", "1", false);
   1.135 +  chan.asyncOpen(listener, null);
   1.136 +
   1.137 +  do_test_pending();
   1.138 +}

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial