diff -r 000000000000 -r 6474c204b198 browser/components/sessionstore/test/browser_454908.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/browser/components/sessionstore/test/browser_454908.js Wed Dec 31 06:09:35 2014 +0100 @@ -0,0 +1,53 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +"use strict"; + +let tmp = {}; +Cu.import("resource:///modules/sessionstore/SessionSaver.jsm", tmp); +let {SessionSaver} = tmp; + +const URL = ROOT + "browser_454908_sample.html"; +const PASS = "pwd-" + Math.random(); + +/** + * Bug 454908 - Don't save/restore values of password fields. + */ +add_task(function test_dont_save_passwords() { + // Make sure we do save form data. + Services.prefs.clearUserPref("browser.sessionstore.privacy_level"); + + // Add a tab with a password field. + let tab = gBrowser.addTab(URL); + let browser = tab.linkedBrowser; + yield promiseBrowserLoaded(browser); + + // Fill in some values. + let usernameValue = "User " + Math.random(); + yield setInputValue(browser, {id: "username", value: usernameValue}); + yield setInputValue(browser, {id: "passwd", value: PASS}); + + // Close and restore the tab. + gBrowser.removeTab(tab); + tab = ss.undoCloseTab(window, 0); + browser = tab.linkedBrowser; + yield promiseTabRestored(tab); + + // Check that password fields aren't saved/restored. + let username = yield getInputValue(browser, {id: "username"}); + is(username, usernameValue, "username was saved/restored"); + let passwd = yield getInputValue(browser, {id: "passwd"}); + is(passwd, "", "password wasn't saved/restored"); + + // Write to disk and read our file. + yield SessionSaver.run(); + let path = OS.Path.join(OS.Constants.Path.profileDir, "sessionstore.js"); + let data = yield OS.File.read(path); + let state = new TextDecoder().decode(data); + + // Ensure that sessionstore.js doesn't contain our password. + is(state.indexOf(PASS), -1, "password has not been written to disk"); + + // Cleanup. + gBrowser.removeTab(tab); +});