The Tor Browser / file revision

netwerk/test/unit/test_bug856978.js@ca08bd8f51b2

netwerk/test/unit/test_bug856978.js

Wed, 31 Dec 2014 06:55:46 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:55:46 +0100
changeset 1
ca08bd8f51b2
permissions
-rw-r--r--

Added tag TORBROWSER_REPLICA for changeset 6474c204b198

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     4 

     5 // This test makes sure that the authorization header can get deleted e.g. by

     6 // extensions if they are observing "http-on-modify-request". In a first step

     7 // the auth cache is filled with credentials which then get added to the

     8 // following request. On "http-on-modify-request" it is tested whether the

     9 // authorization header got added at all and if so it gets removed. This test

    10 // passes iff both succeeds.

    11 

    12 Components.utils.import("resource://testing-common/httpd.js");

    13 

    14 var notification = "http-on-modify-request";

    15 

    16 var httpServer = null;

    17 

    18 var authCredentials = "guest:guest";

    19 var authPath = "/authTest";

    20 var authCredsURL = "http://" + authCredentials + "@localhost:8888" + authPath;

    21 var authURL = "http://localhost:8888" + authPath;

    22 

    23 function authHandler(metadata, response) {

    24   if (metadata.hasHeader("Test")) {

    25     // Lets see if the auth header got deleted.

    26     var noAuthHeader = false;

    27     if (!metadata.hasHeader("Authorization")) {

    28       noAuthHeader = true;

    29     }

    30     do_check_true(noAuthHeader);

    31   } else {

    32     // Not our test request yet.

    33     if (!metadata.hasHeader("Authorization")) {

    34       response.setStatusLine(metadata.httpVersion, 401, "Unauthorized");

    35       response.setHeader("WWW-Authenticate", 'Basic realm="secret"', false);

    36     }

    37   }

    38 }

    39 

    40 function RequestObserver() {

    41   this.register();

    42 }

    43 

    44 RequestObserver.prototype = {

    45   register: function() {

    46     do_print("Registering " + notification);

    47     Cc["@mozilla.org/observer-service;1"].getService(Ci.nsIObserverService).

    48       addObserver(this, notification, true);

    49   },

    50 

    51   QueryInterface: function(iid) {

    52     if (iid.equals(Ci.nsIObserver) || iid.equals(Ci.nsISupportsWeakReference) ||

    53         iid.equals(Ci.nsISupports)) {

    54       return this;

    55     }

    56     throw Cr.NS_ERROR_NO_INTERFACE;

    57   },

    58 

    59   observe: function(subject, topic, data) {

    60     if (topic == notification) {

    61       if (!(subject instanceof Ci.nsIHttpChannel)) {

    62         do_throw(notification + " observed a non-HTTP channel.");

    63       }

    64       try {

    65         let authHeader = subject.getRequestHeader("Authorization");

    66       } catch (e) {

    67         // Throw if there is no header to delete. We should get one iff caching

    68         // the auth credentials is working and the header gets added _before_

    69         // "http-on-modify-request" gets called.

    70         httpServer.stop(do_test_finished);

    71         do_throw("No authorization header found, aborting!");

    72       }

    73       // We are still here. Let's remove the authorization header now.

    74       subject.setRequestHeader("Authorization", null, false);

    75     }

    76   }

    77 }

    78 

    79 var listener = {

    80   onStartRequest: function test_onStartR(request, ctx) {},

    81 

    82   onDataAvailable: function test_ODA() {

    83     do_throw("Should not get any data!");

    84   },

    85 

    86   onStopRequest: function test_onStopR(request, ctx, status) {

    87     if (current_test < (tests.length - 1)) {

    88       current_test++;

    89       tests[current_test]();

    90     } else {

    91       do_test_pending();

    92       httpServer.stop(do_test_finished);

    93     }

    94     do_test_finished();

    95   }

    96 };

    97 

    98 function makeChan(url) {

    99   var ios = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService);

   100   var chan = ios.newChannel(url, null, null).QueryInterface(Ci.nsIHttpChannel);

   101   return chan;

   102 }

   103 

   104 var tests = [startAuthHeaderTest, removeAuthHeaderTest];

   105 

   106 var current_test = 0;

   107 

   108 var requestObserver = null;

   109 

   110 function run_test() {

   111   httpServer = new HttpServer();

   112   httpServer.registerPathHandler(authPath, authHandler);

   113   httpServer.start(8888);

   114 

   115   tests[0]();

   116 }

   117 

   118 function startAuthHeaderTest() {

   119   var chan = makeChan(authCredsURL);

   120   chan.asyncOpen(listener, null);

   121 

   122   do_test_pending();

   123 }

   124 

   125 function removeAuthHeaderTest() {

   126   // After caching the auth credentials in the first test, lets try to remove

   127   // the authorization header now...

   128   requestObserver = new RequestObserver();

   129   var chan = makeChan(authURL);

   130   // Indicating that the request is coming from the second test.

   131   chan.setRequestHeader("Test", "1", false);

   132   chan.asyncOpen(listener, null);

   133 

   134   do_test_pending();

   135 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial