The Tor Browser / file diff

diff: netwerk/test/unit/test_cookiejars_safebrowsing.js

netwerk/test/unit/test_cookiejars_safebrowsing.js

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/netwerk/test/unit/test_cookiejars_safebrowsing.js	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,179 @@
     1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
     1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
     1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
     1.7 +
     1.8 +/*
     1.9 + * Description of the test:
    1.10 + *   We show that we can separate the safebrowsing cookie by creating a custom
    1.11 + *   LoadContext using a reserved AppId (UINT_32_MAX - 1). Setting this
    1.12 + *   custom LoadContext as a callback on the channel allows us to query the
    1.13 + *   AppId and therefore separate the safebrowing cookie in its own cookie-jar.
    1.14 + *   For testing safebrowsing update we do >> NOT << emulate a response
    1.15 + *   in the body, rather we only set the cookies in the header of the response
    1.16 + *   and confirm that cookies are separated in their own cookie-jar.
    1.17 + *
    1.18 + * 1) We init safebrowsing and simulate an update (cookies are set for localhost)
    1.19 + *
    1.20 + * 2) We open a channel that should send regular cookies, but not the
    1.21 + *    safebrowsing cookie.
    1.22 + *
    1.23 + * 3) We open a channel with a custom callback, simulating a safebrowsing cookie
    1.24 + *    that should send this simulated safebrowsing cookie as well as the
    1.25 + *    real safebrowsing cookies. (Confirming that the safebrowsing cookies
    1.26 + *    actually get stored in the correct jar).
    1.27 + */
    1.28 +
    1.29 +Cu.import("resource://testing-common/httpd.js");
    1.30 +Cu.import("resource://gre/modules/Services.jsm");
    1.31 +
    1.32 +XPCOMUtils.defineLazyGetter(this, "URL", function() {
    1.33 +  return "http://localhost:" + httpserver.identity.primaryPort;
    1.34 +});
    1.35 +
    1.36 +XPCOMUtils.defineLazyModuleGetter(this, "SafeBrowsing",
    1.37 +  "resource://gre/modules/SafeBrowsing.jsm");
    1.38 +
    1.39 +var setCookiePath = "/setcookie";
    1.40 +var checkCookiePath = "/checkcookie";
    1.41 +var safebrowsingUpdatePath = "/safebrowsingUpdate";
    1.42 +var httpserver;
    1.43 +
    1.44 +function inChildProcess() {
    1.45 +  return Cc["@mozilla.org/xre/app-info;1"].getService(Ci.nsIXULRuntime)
    1.46 +           .processType != Ci.nsIXULRuntime.PROCESS_TYPE_DEFAULT;
    1.47 +}
    1.48 +
    1.49 +function cookieSetHandler(metadata, response) {
    1.50 +  var cookieName = metadata.getHeader("set-cookie");
    1.51 +  response.setStatusLine(metadata.httpVersion, 200, "Ok");
    1.52 +  response.setHeader("set-Cookie", cookieName + "=1; Path=/", false);
    1.53 +  response.setHeader("Content-Type", "text/plain");
    1.54 +  response.bodyOutputStream.write("Ok", "Ok".length);
    1.55 +}
    1.56 +
    1.57 +function cookieCheckHandler(metadata, response) {
    1.58 +  var cookies = metadata.getHeader("Cookie");
    1.59 +  response.setStatusLine(metadata.httpVersion, 200, "Ok");
    1.60 +  response.setHeader("saw-cookies", cookies, false);
    1.61 +  response.setHeader("Content-Type", "text/plain");
    1.62 +  response.bodyOutputStream.write("Ok", "Ok".length);
    1.63 +}
    1.64 +
    1.65 +function safebrowsingUpdateHandler(metadata, response) {
    1.66 +  var cookieName = "sb-update-cookie";
    1.67 +  response.setStatusLine(metadata.httpVersion, 200, "Ok");
    1.68 +  response.setHeader("set-Cookie", cookieName + "=1; Path=/", false);
    1.69 +  response.setHeader("Content-Type", "text/plain");
    1.70 +  response.bodyOutputStream.write("Ok", "Ok".length);
    1.71 +}
    1.72 +
    1.73 +function setupChannel(path, loadContext) {
    1.74 +  var ios = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService);
    1.75 +  var channel = ios.newChannel(URL + path, "", null);
    1.76 +  channel.notificationCallbacks = loadContext;
    1.77 +  channel.QueryInterface(Ci.nsIHttpChannel);
    1.78 +  return channel;
    1.79 +}
    1.80 +
    1.81 +function run_test() {
    1.82 +
    1.83 +  // Set up a profile
    1.84 +  do_get_profile();
    1.85 +
    1.86 +  // Allow all cookies if the pref service is available in this process.
    1.87 +  if (!inChildProcess())
    1.88 +    Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
    1.89 +
    1.90 +  httpserver = new HttpServer();
    1.91 +  httpserver.registerPathHandler(setCookiePath, cookieSetHandler);
    1.92 +  httpserver.registerPathHandler(checkCookiePath, cookieCheckHandler);
    1.93 +  httpserver.registerPathHandler(safebrowsingUpdatePath, safebrowsingUpdateHandler);
    1.94 +
    1.95 +  httpserver.start(-1);
    1.96 +  run_next_test();
    1.97 +}
    1.98 +
    1.99 +// this test does not emulate a response in the body,
   1.100 +// rather we only set the cookies in the header of response.
   1.101 +add_test(function test_safebrowsing_update() {
   1.102 +
   1.103 +  var dbservice = Cc["@mozilla.org/url-classifier/dbservice;1"]
   1.104 +                  .getService(Ci.nsIUrlClassifierDBService);
   1.105 +  var streamUpdater = Cc["@mozilla.org/url-classifier/streamupdater;1"]
   1.106 +                     .getService(Ci.nsIUrlClassifierStreamUpdater);
   1.107 +
   1.108 +  streamUpdater.updateUrl = URL + safebrowsingUpdatePath;
   1.109 +
   1.110 +  function onSuccess() {
   1.111 +    run_next_test();
   1.112 +  }
   1.113 +  function onUpdateError() {
   1.114 +    do_throw("ERROR: received onUpdateError!");
   1.115 +  }
   1.116 +  function onDownloadError() {
   1.117 +    do_throw("ERROR: received onDownloadError!");
   1.118 +  }
   1.119 +
   1.120 +  streamUpdater.downloadUpdates("test-phish-simple,test-malware-simple", "",
   1.121 +    onSuccess, onUpdateError, onDownloadError);
   1.122 +});
   1.123 +
   1.124 +add_test(function test_non_safebrowsing_cookie() {
   1.125 +
   1.126 +  var cookieName = 'regCookie_id0';
   1.127 +  var loadContext = new LoadContextCallback(0, false, false, false);
   1.128 +
   1.129 +  function setNonSafeBrowsingCookie() {
   1.130 +    var channel = setupChannel(setCookiePath, loadContext);
   1.131 +    channel.setRequestHeader("set-cookie", cookieName, false);
   1.132 +    channel.asyncOpen(new ChannelListener(checkNonSafeBrowsingCookie, null), null);
   1.133 +  }
   1.134 +
   1.135 +  function checkNonSafeBrowsingCookie() {
   1.136 +    var channel = setupChannel(checkCookiePath, loadContext);
   1.137 +    channel.asyncOpen(new ChannelListener(completeCheckNonSafeBrowsingCookie, null), null);
   1.138 +  }
   1.139 +
   1.140 +  function completeCheckNonSafeBrowsingCookie(request, data, context) {
   1.141 +    // Confirm that only the >> ONE << cookie is sent over the channel.
   1.142 +    var expectedCookie = cookieName + "=1";
   1.143 +    request.QueryInterface(Ci.nsIHttpChannel);
   1.144 +    var cookiesSeen = request.getResponseHeader("saw-cookies");
   1.145 +    do_check_eq(cookiesSeen, expectedCookie);
   1.146 +    run_next_test();
   1.147 +  }
   1.148 +
   1.149 +  setNonSafeBrowsingCookie();
   1.150 +});
   1.151 +
   1.152 +add_test(function test_safebrowsing_cookie() {
   1.153 +
   1.154 +  var cookieName = 'sbCookie_id4294967294';
   1.155 +  var loadContext = new LoadContextCallback(Ci.nsIScriptSecurityManager.SAFEBROWSING_APP_ID, false, false, false);
   1.156 +
   1.157 +  function setSafeBrowsingCookie() {
   1.158 +    var channel = setupChannel(setCookiePath, loadContext);
   1.159 +    channel.setRequestHeader("set-cookie", cookieName, false);
   1.160 +    channel.asyncOpen(new ChannelListener(checkSafeBrowsingCookie, null), null);
   1.161 +  }
   1.162 +
   1.163 +  function checkSafeBrowsingCookie() {
   1.164 +    var channel = setupChannel(checkCookiePath, loadContext);
   1.165 +    channel.asyncOpen(new ChannelListener(completeCheckSafeBrowsingCookie, null), null);
   1.166 +  }
   1.167 +
   1.168 +  function completeCheckSafeBrowsingCookie(request, data, context) {
   1.169 +    // Confirm that all >> THREE << cookies are sent back over the channel:
   1.170 +    //   a) the safebrowsing cookie set when updating
   1.171 +    //   b) the regular cookie with custom loadcontext defined in this test.
   1.172 +    var expectedCookies = "sb-update-cookie=1; ";
   1.173 +    expectedCookies += cookieName + "=1";
   1.174 +    request.QueryInterface(Ci.nsIHttpChannel);
   1.175 +    var cookiesSeen = request.getResponseHeader("saw-cookies");
   1.176 +
   1.177 +    do_check_eq(cookiesSeen, expectedCookies);
   1.178 +    httpserver.stop(do_test_finished);
   1.179 +  }
   1.180 +
   1.181 +  setSafeBrowsingCookie();
   1.182 +});

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial