The Tor Browser / file diff

diff: netwerk/test/unit/test_httpauth.js

netwerk/test/unit/test_httpauth.js

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/netwerk/test/unit/test_httpauth.js	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,99 @@
     1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
     1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
     1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
     1.7 +
     1.8 +// This test makes sure the HTTP authenticated sessions are correctly cleared
     1.9 +// when entering and leaving the private browsing mode.
    1.10 +
    1.11 +Components.utils.import("resource://gre/modules/Services.jsm");
    1.12 +
    1.13 +function run_test() {
    1.14 +  var am = Cc["@mozilla.org/network/http-auth-manager;1"].
    1.15 +           getService(Ci.nsIHttpAuthManager);
    1.16 +
    1.17 +  const kHost1 = "pbtest3.example.com";
    1.18 +  const kHost2 = "pbtest4.example.com";
    1.19 +  const kPort = 80;
    1.20 +  const kHTTP = "http";
    1.21 +  const kBasic = "basic";
    1.22 +  const kRealm = "realm";
    1.23 +  const kDomain = "example.com";
    1.24 +  const kUser = "user";
    1.25 +  const kUser2 = "user2";
    1.26 +  const kPassword = "pass";
    1.27 +  const kPassword2 = "pass2";
    1.28 +  const kEmpty = "";
    1.29 +  
    1.30 +  const PRIVATE = true;
    1.31 +  const NOT_PRIVATE = false;
    1.32 +  
    1.33 +  try {
    1.34 +    var domain = {value: kEmpty}, user = {value: kEmpty}, pass = {value: kEmpty};
    1.35 +    // simulate a login via HTTP auth outside of the private mode
    1.36 +    am.setAuthIdentity(kHTTP, kHost1, kPort, kBasic, kRealm, kEmpty, kDomain, kUser, kPassword);
    1.37 +    // make sure the recently added auth entry is available outside the private browsing mode
    1.38 +    am.getAuthIdentity(kHTTP, kHost1, kPort, kBasic, kRealm, kEmpty, domain, user, pass, NOT_PRIVATE);
    1.39 +    do_check_eq(domain.value, kDomain);
    1.40 +    do_check_eq(user.value, kUser);
    1.41 +    do_check_eq(pass.value, kPassword);
    1.42 +
    1.43 +    // make sure the added auth entry is no longer accessible in private
    1.44 +    domain = {value: kEmpty}, user = {value: kEmpty}, pass = {value: kEmpty};
    1.45 +    try {
    1.46 +      // should throw
    1.47 +      am.getAuthIdentity(kHTTP, kHost1, kPort, kBasic, kRealm, kEmpty, domain, user, pass, PRIVATE);
    1.48 +      do_throw("Auth entry should not be retrievable after entering the private browsing mode");
    1.49 +    } catch (e) {
    1.50 +      do_check_eq(domain.value, kEmpty);
    1.51 +      do_check_eq(user.value, kEmpty);
    1.52 +      do_check_eq(pass.value, kEmpty);
    1.53 +    }
    1.54 +
    1.55 +    // simulate a login via HTTP auth inside of the private mode
    1.56 +    am.setAuthIdentity(kHTTP, kHost2, kPort, kBasic, kRealm, kEmpty, kDomain, kUser2, kPassword2, PRIVATE);
    1.57 +    // make sure the recently added auth entry is available inside the private browsing mode
    1.58 +    domain = {value: kEmpty}, user = {value: kEmpty}, pass = {value: kEmpty};
    1.59 +    am.getAuthIdentity(kHTTP, kHost2, kPort, kBasic, kRealm, kEmpty, domain, user, pass, PRIVATE);
    1.60 +    do_check_eq(domain.value, kDomain);
    1.61 +    do_check_eq(user.value, kUser2);
    1.62 +    do_check_eq(pass.value, kPassword2);
    1.63 +
    1.64 +    try {
    1.65 +      // make sure the recently added auth entry is not available outside the private browsing mode
    1.66 +      domain = {value: kEmpty}, user = {value: kEmpty}, pass = {value: kEmpty};
    1.67 +      am.getAuthIdentity(kHTTP, kHost2, kPort, kBasic, kRealm, kEmpty, domain, user, pass, NOT_PRIVATE);
    1.68 +      do_throw("Auth entry should not be retrievable outside of private browsing mode");
    1.69 +    } catch (x) {
    1.70 +      do_check_eq(domain.value, kEmpty);
    1.71 +      do_check_eq(user.value, kEmpty);
    1.72 +      do_check_eq(pass.value, kEmpty);
    1.73 +    }
    1.74 +
    1.75 +    // simulate leaving private browsing mode
    1.76 +    Services.obs.notifyObservers(null, "last-pb-context-exited", null);
    1.77 +
    1.78 +    // make sure the added auth entry is no longer accessible in any privacy state
    1.79 +    domain = {value: kEmpty}, user = {value: kEmpty}, pass = {value: kEmpty};
    1.80 +    try {
    1.81 +      // should throw (not available in public mode)
    1.82 +      am.getAuthIdentity(kHTTP, kHost2, kPort, kBasic, kRealm, kEmpty, domain, user, pass, NOT_PRIVATE);
    1.83 +      do_throw("Auth entry should not be retrievable after exiting the private browsing mode");
    1.84 +    } catch (e) {
    1.85 +      do_check_eq(domain.value, kEmpty);
    1.86 +      do_check_eq(user.value, kEmpty);
    1.87 +      do_check_eq(pass.value, kEmpty);
    1.88 +    }
    1.89 +    try {
    1.90 +      // should throw (no longer available in private mode)
    1.91 +      am.getAuthIdentity(kHTTP, kHost2, kPort, kBasic, kRealm, kEmpty, domain, user, pass, PRIVATE);
    1.92 +      do_throw("Auth entry should not be retrievable in private mode after exiting the private browsing mode");
    1.93 +    } catch (x) {
    1.94 +      do_check_eq(domain.value, kEmpty);
    1.95 +      do_check_eq(user.value, kEmpty);
    1.96 +      do_check_eq(pass.value, kEmpty);
    1.97 +    }
    1.98 +  } catch (e) {
    1.99 +    do_throw("Unexpected exception while testing HTTP auth manager: " + e);
   1.100 +  }
   1.101 +}
   1.102 +

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial