Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-27 23:02:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backed out 4 changesets (bug 1774854) for causing browser-chrome failures in antitracking/test/browser/browser_subResources.js

Browse Source 
Backed out changeset 46884d2a4eb4 (bug 1774854)
Backed out changeset ee02080a80cc (bug 1774854)
Backed out changeset 5e01fd1a1423 (bug 1774854)
Backed out changeset 98244d30acff (bug 1774854)
This commit is contained in:
smolnar 2022-07-08 17:08:49 +03:00
parent 3a965409ce
commit 1547adcf3d
20 changed files with 6 additions and 1697 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

281
dom/base/Document.cpp
View File

@ -52,7 +52,6 @@
#include "mozilla/ContentBlockingAllowList.h"
#include "mozilla/ContentBlockingNotifier.h"
#include "mozilla/ContentBlockingUserInteraction.h"
#include "mozilla/ContentPrincipal.h"
#include "mozilla/CycleCollectedJSContext.h"
#include "mozilla/DebugOnly.h"
#include "mozilla/DocLoadingTimelineMarker.h"
@ -16796,14 +16795,7 @@ Document::GetContentBlockingEvents() {
RefPtr<MozPromise<int, bool, true>> Document::RequestStorageAccessAsyncHelper(
nsPIDOMWindowInner* aInnerWindow, BrowsingContext* aBrowsingContext,
nsIPrincipal* aPrincipal, bool aHasUserInteraction,
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aNotifier,
bool requireFinalChecks) {
if (!requireFinalChecks) {
// Try to allow access for the given principal.
return StorageAccessAPIHelper::AllowAccessFor(aPrincipal, aBrowsingContext,
aNotifier);
}
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aNotifier) {
RefPtr<Document> self(this);
RefPtr<nsPIDOMWindowInner> inner(aInnerWindow);
RefPtr<nsIPrincipal> principal(aPrincipal);
@ -17039,8 +17031,7 @@ already_AddRefed<mozilla::dom::Promise> Document::RequestStorageAccess(
// on work changing state to reflect the result of the API. If it resolves,
// the request was granted. If it rejects it was denied.
RequestStorageAccessAsyncHelper(inner, bc, NodePrincipal(), true,
ContentBlockingNotifier::eStorageAccessAPI,
true)
ContentBlockingNotifier::eStorageAccessAPI)
->Then(
GetCurrentSerialEventTarget(), __func__,
[self, inner, promise] {
@ -17195,8 +17186,7 @@ already_AddRefed<mozilla::dom::Promise> Document::RequestStorageAccessForOrigin(
// typical requestStorageAccess function.
return self->RequestStorageAccessAsyncHelper(
inner, bc, principal, hasUserActivation,
ContentBlockingNotifier::ePrivilegeStorageAccessForOriginAPI,
true);
ContentBlockingNotifier::ePrivilegeStorageAccessForOriginAPI);
},
// If the IPC rejects, we should reject our promise here which will
// cause a rejection of the promise we already returned
@ -17222,271 +17212,6 @@ already_AddRefed<mozilla::dom::Promise> Document::RequestStorageAccessForOrigin(
return promise.forget();
}
already_AddRefed<Promise> Document::RequestStorageAccessUnderSite(
const nsAString& aSerializedSite, ErrorResult& aRv) {
nsIGlobalObject* global = GetScopeObject();
if (!global) {
aRv.Throw(NS_ERROR_NOT_AVAILABLE);
return nullptr;
}
RefPtr<Promise> promise = Promise::Create(global, aRv);
if (aRv.Failed()) {
return nullptr;
}
// Check that we have user activation before proceeding to prevent
// rapid calls to the API to leak information.
if (!ConsumeTransientUserGestureActivation()) {
// Report an error to the console for this case
nsContentUtils::ReportToConsole(
nsIScriptError::errorFlag, "requestStorageAccess"_ns, this,
nsContentUtils::eDOM_PROPERTIES, "RequestStorageAccessUserGesture");
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Check if the provided URI is different-site to this Document
nsCOMPtr<nsIURI> siteURI;
nsresult rv = NS_NewURI(getter_AddRefs(siteURI), aSerializedSite);
if (NS_WARN_IF(NS_FAILED(rv))) {
promise->MaybeRejectWithUndefined();
return promise.forget();
}
bool isCrossSiteArgument;
rv = NodePrincipal()->IsThirdPartyURI(siteURI, &isCrossSiteArgument);
if (NS_WARN_IF(NS_FAILED(rv))) {
aRv.Throw(rv);
return nullptr;
}
if (!isCrossSiteArgument) {
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Check if this party has broad cookie permissions.
Maybe<bool> resultBecauseCookiesApproved =
StorageAccessAPIHelper::CheckCookiesPermittedDecidesStorageAccessAPI(
CookieJarSettings(), NodePrincipal());
if (resultBecauseCookiesApproved.isSome()) {
if (resultBecauseCookiesApproved.value()) {
promise->MaybeResolveWithUndefined();
return promise.forget();
}
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Check if browser settings preclude this document getting storage
// access under the provided site
bool isOnRejectForeignAllowList = RejectForeignAllowList::Check(this);
Maybe<bool> resultBecauseBrowserSettings =
StorageAccessAPIHelper::CheckBrowserSettingsDecidesStorageAccessAPI(
CookieJarSettings(), true, isOnRejectForeignAllowList, false, true);
if (resultBecauseBrowserSettings.isSome()) {
if (resultBecauseBrowserSettings.value()) {
promise->MaybeResolveWithUndefined();
return promise.forget();
}
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Check that this Document is same-site to the top
Maybe<bool> resultBecauseCallContext = StorageAccessAPIHelper::
CheckSameSiteCallingContextDecidesStorageAccessAPI(this, false);
if (resultBecauseCallContext.isSome()) {
if (resultBecauseCallContext.value()) {
promise->MaybeResolveWithUndefined();
return promise.forget();
}
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Set a permission in the parent process that this document wants storage
// access under the argument's site, resolving our returned promise on success
ContentChild* cc = ContentChild::GetSingleton();
if (!cc) {
// TODO(bug 1778561): Make this work in non-content processes.
promise->MaybeRejectWithUndefined();
return promise.forget();
}
cc->SendSetAllowStorageAccessRequestFlag(NodePrincipal(), siteURI)
->Then(
GetCurrentSerialEventTarget(), __func__,
[promise](bool success) {
if (success) {
promise->MaybeResolveWithUndefined();
} else {
promise->MaybeRejectWithUndefined();
}
},
[promise](mozilla::ipc::ResponseRejectReason reason) {
promise->MaybeRejectWithUndefined();
});
// Return the promise that is resolved in the async handler above
return promise.forget();
}
already_AddRefed<Promise> Document::CompleteStorageAccessRequestFromSite(
const nsAString& aSerializedOrigin, ErrorResult& aRv) {
nsIGlobalObject* global = GetScopeObject();
if (!global) {
aRv.Throw(NS_ERROR_NOT_AVAILABLE);
return nullptr;
}
RefPtr<Promise> promise = Promise::Create(global, aRv);
if (aRv.Failed()) {
return nullptr;
}
// Check that the provided URI is different-site to this Document
nsCOMPtr<nsIURI> argumentURI;
nsresult rv = NS_NewURI(getter_AddRefs(argumentURI), aSerializedOrigin);
if (NS_WARN_IF(NS_FAILED(rv))) {
promise->MaybeRejectWithUndefined();
return promise.forget();
}
bool isCrossSiteArgument;
rv = NodePrincipal()->IsThirdPartyURI(argumentURI, &isCrossSiteArgument);
if (NS_WARN_IF(NS_FAILED(rv))) {
aRv.Throw(rv);
return nullptr;
}
if (!isCrossSiteArgument) {
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Check if browser settings preclude this document getting storage
// access under the provided site
bool isOnRejectForeignAllowList = RejectForeignAllowList::Check(argumentURI);
Maybe<bool> resultBecauseBrowserSettings =
StorageAccessAPIHelper::CheckBrowserSettingsDecidesStorageAccessAPI(
CookieJarSettings(), true, isOnRejectForeignAllowList, false, true);
if (resultBecauseBrowserSettings.isSome()) {
if (resultBecauseBrowserSettings.value()) {
promise->MaybeResolveWithUndefined();
return promise.forget();
}
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Check that this Document is same-site to the top
Maybe<bool> resultBecauseCallContext = StorageAccessAPIHelper::
CheckSameSiteCallingContextDecidesStorageAccessAPI(this, false);
if (resultBecauseCallContext.isSome()) {
if (resultBecauseCallContext.value()) {
promise->MaybeResolveWithUndefined();
return promise.forget();
}
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Create principal of the embedded site requesting storage access
nsCOMPtr<nsIPrincipal> principal = BasePrincipal::CreateContentPrincipal(
argumentURI, NodePrincipal()->OriginAttributesRef());
if (!principal) {
promise->MaybeRejectWithUndefined();
return promise.forget();
}
// Get versions of these objects that we can use in lambdas for callbacks
RefPtr<Document> self(this);
RefPtr<BrowsingContext> bc = GetBrowsingContext();
nsCOMPtr<nsPIDOMWindowInner> inner = GetInnerWindow();
// Test that the permission was set by a call to RequestStorageAccessUnderSite
// from a top level document that is same-site with the argument
ContentChild* cc = ContentChild::GetSingleton();
if (!cc) {
// TODO(bug 1778561): Make this work in non-content processes.
promise->MaybeRejectWithUndefined();
return promise.forget();
}
cc->SendTestAllowStorageAccessRequestFlag(NodePrincipal(), argumentURI)
->Then(
GetCurrentSerialEventTarget(), __func__,
[inner, bc, self, principal](bool success) {
if (success) {
// If that resolved with true, check that we don't already have a
// permission that gives cookie access.
return StorageAccessAPIHelper::
AsyncCheckCookiesPermittedDecidesStorageAccessAPI(bc,
principal);
}
return MozPromise<Maybe<bool>, nsresult, true>::CreateAndReject(
NS_ERROR_FAILURE, __func__);
},
[](mozilla::ipc::ResponseRejectReason reason) {
return MozPromise<Maybe<bool>, nsresult, true>::CreateAndReject(
NS_ERROR_FAILURE, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[inner, bc, principal, self, promise](Maybe<bool> cookieResult) {
// Handle the result of the cookie permission check that took place
// in the ContentParent.
if (cookieResult.isSome()) {
if (cookieResult.value()) {
return StorageAccessAPIHelper::
StorageAccessPermissionGrantPromise::CreateAndResolve(
StorageAccessAPIHelper::eAllowAutoGrant, __func__);
}
return StorageAccessAPIHelper::
StorageAccessPermissionGrantPromise::CreateAndReject(
false, __func__);
}
// Check for the existing storage access permission
nsAutoCString type;
bool ok =
AntiTrackingUtils::CreateStoragePermissionKey(principal, type);
if (!ok) {
return StorageAccessAPIHelper::
StorageAccessPermissionGrantPromise::CreateAndReject(
false, __func__);
}
if (AntiTrackingUtils::CheckStoragePermission(
self->NodePrincipal(), type,
nsContentUtils::IsInPrivateBrowsing(self), nullptr, 0)) {
return StorageAccessAPIHelper::
StorageAccessPermissionGrantPromise::CreateAndResolve(
StorageAccessAPIHelper::eAllowAutoGrant, __func__);
}
// Try to request storage access, ignoring the final checks.
// We ignore the final checks because this is where the "grant"
// either by prompt doorhanger or autogrant takes place. We already
// gathered an equivalent grant in requestStorageAccessUnderSite.
return self->RequestStorageAccessAsyncHelper(
inner, bc, principal, true,
ContentBlockingNotifier::eStorageAccessAPI, false);
},
// If the IPC rejects, we should reject our promise here which will
// cause a rejection of the promise we already returned
[promise]() {
return MozPromise<int, bool, true>::CreateAndReject(false,
__func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
// If the previous handlers resolved, we should reinstate user
// activation and resolve the promise we returned in Step 5.
[self, inner, promise] {
inner->SaveStorageAccessPermissionGranted();
promise->MaybeResolveWithUndefined();
},
// If the previous handler rejected, we should reject the promise
// returned by this function.
[promise] { promise->MaybeRejectWithUndefined(); });
return promise.forget();
}
RefPtr<Document::AutomaticStorageAccessPermissionGrantPromise>
Document::AutomaticStorageAccessPermissionCanBeGranted(bool hasUserActivation) {
// requestStorageAccessForOrigin may not require user activation. If we don't

8
dom/base/Document.h
View File

@ -1257,19 +1257,13 @@ class Document : public nsINode,
RefPtr<MozPromise<int, bool, true>> RequestStorageAccessAsyncHelper(
nsPIDOMWindowInner* aInnerWindow, BrowsingContext* aBrowsingContext,
nsIPrincipal* aPrincipal, bool aHasUserInteraction,
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aNotifier,
bool performFinalChecks);
ContentBlockingNotifier::StorageAccessPermissionGrantedReason aNotifier);
already_AddRefed<Promise> RequestStorageAccess(ErrorResult& aRv);
already_AddRefed<Promise> RequestStorageAccessForOrigin(
const nsAString& aThirdPartyOrigin, const bool aRequireUserInteraction,
ErrorResult& aRv);
already_AddRefed<Promise> RequestStorageAccessUnderSite(
const nsAString& aSerializedSite, ErrorResult& aRv);
already_AddRefed<Promise> CompleteStorageAccessRequestFromSite(
const nsAString& aSerializedOrigin, ErrorResult& aRv);
bool UseRegularPrincipal() const;
/**

88
dom/ipc/ContentParent.cpp
View File

@ -53,7 +53,6 @@
#include "mozilla/ipc/URIUtils.h"
#include "gfxPlatform.h"
#include "gfxPlatformFontList.h"
#include "mozilla/AntiTrackingUtils.h"
#include "mozilla/AppShutdown.h"
#include "mozilla/AutoRestore.h"
#include "mozilla/BasePrincipal.h"
@ -6501,93 +6500,6 @@ mozilla::ipc::IPCResult ContentParent::RecvCompleteAllowAccessFor(
return IPC_OK();
}
mozilla::ipc::IPCResult ContentParent::RecvSetAllowStorageAccessRequestFlag(
nsIPrincipal* aEmbeddedPrincipal, nsIURI* aEmbeddingOrigin,
SetAllowStorageAccessRequestFlagResolver&& aResolver) {
MOZ_ASSERT(aEmbeddedPrincipal);
MOZ_ASSERT(aEmbeddingOrigin);
// Get the permission manager and build the key.
RefPtr<PermissionManager> permManager = PermissionManager::GetInstance();
if (!permManager) {
aResolver(false);
return IPC_OK();
}
nsCOMPtr<nsIURI> embeddedURI = aEmbeddedPrincipal->GetURI();
nsCString permissionKey;
bool success = AntiTrackingUtils::CreateStorageRequestPermissionKey(
embeddedURI, permissionKey);
if (!success) {
aResolver(false);
return IPC_OK();
}
// Set the permission to ALLOW for a prefence specified amount of seconds.
// Time units are inconsistent, be careful
int64_t when = (PR_Now() / PR_USEC_PER_MSEC) +
StaticPrefs::dom_storage_access_forward_declared_lifetime() *
PR_MSEC_PER_SEC;
nsCOMPtr<nsIPrincipal> principal = BasePrincipal::CreateContentPrincipal(
aEmbeddingOrigin, aEmbeddedPrincipal->OriginAttributesRef());
nsresult rv = permManager->AddFromPrincipal(
principal, permissionKey, nsIPermissionManager::ALLOW_ACTION,
nsIPermissionManager::EXPIRE_TIME, when);
if (NS_FAILED(rv)) {
aResolver(false);
return IPC_OK();
}
// Resolve with success if we set the permission.
aResolver(true);
return IPC_OK();
}
mozilla::ipc::IPCResult ContentParent::RecvTestAllowStorageAccessRequestFlag(
nsIPrincipal* aEmbeddingPrincipal, nsIURI* aEmbeddedOrigin,
TestAllowStorageAccessRequestFlagResolver&& aResolver) {
MOZ_ASSERT(aEmbeddingPrincipal);
MOZ_ASSERT(aEmbeddedOrigin);
// Get the permission manager and build the key.
RefPtr<PermissionManager> permManager = PermissionManager::GetInstance();
if (!permManager) {
aResolver(false);
return IPC_OK();
}
nsCString requestPermissionKey;
bool success = AntiTrackingUtils::CreateStorageRequestPermissionKey(
aEmbeddedOrigin, requestPermissionKey);
if (!success) {
aResolver(false);
return IPC_OK();
}
// Get the permission and resolve false if it is not set to ALLOW.
uint32_t access = nsIPermissionManager::UNKNOWN_ACTION;
nsresult rv = permManager->TestPermissionFromPrincipal(
aEmbeddingPrincipal, requestPermissionKey, &access);
if (NS_FAILED(rv)) {
aResolver(false);
return IPC_OK();
}
if (access != nsIPermissionManager::ALLOW_ACTION) {
aResolver(false);
return IPC_OK();
}
// Remove the permission, failing if the permission manager fails
rv = permManager->RemoveFromPrincipal(aEmbeddingPrincipal,
requestPermissionKey);
if (NS_FAILED(rv)) {
aResolver(false);
return IPC_OK();
}
// At this point, signal to our caller that the permission was set
aResolver(true);
return IPC_OK();
}
mozilla::ipc::IPCResult ContentParent::RecvStoreUserInteractionAsPermission(
const Principal& aPrincipal) {
if (!ValidatePrincipal(aPrincipal)) {

8
dom/ipc/ContentParent.h
View File

@ -1259,14 +1259,6 @@ class ContentParent final : public PContentParent,
aReason,
CompleteAllowAccessForResolver&& aResolver);
mozilla::ipc::IPCResult RecvSetAllowStorageAccessRequestFlag(
nsIPrincipal* aEmbeddedPrincipal, nsIURI* aEmbeddingOrigin,
SetAllowStorageAccessRequestFlagResolver&& aResolver);
mozilla::ipc::IPCResult RecvTestAllowStorageAccessRequestFlag(
nsIPrincipal* aEmbeddingPrincipal, nsIURI* aEmbeddedOrigin,
TestAllowStorageAccessRequestFlagResolver&& aResolver);
mozilla::ipc::IPCResult RecvStoreUserInteractionAsPermission(
const Principal& aPrincipal);

10
dom/ipc/PContent.ipdl
View File

@ -1650,16 +1650,6 @@ parent:
StorageAccessPermissionGrantedReason aReason)
returns (StorageAccessPromptChoices? choice);
async SetAllowStorageAccessRequestFlag(
nsIPrincipal aEmbeddingPrincipal,
nsIURI aEmbeddedOrigin)
returns (bool success);
async TestAllowStorageAccessRequestFlag(
nsIPrincipal aEmbeddedPrincipal,
nsIURI aEmbeddingOrigin)
returns (bool success);
async StoreUserInteractionAsPermission(Principal aPrincipal);
async TestCookiePermissionDecided(MaybeDiscardedBrowsingContext aContext,

5
dom/webidl/Document.webidl
View File

@ -544,11 +544,6 @@ partial interface Document {
Promise<boolean> hasStorageAccess();
[Pref="dom.storage_access.enabled", NewObject]
Promise<void> requestStorageAccess();
// https://github.com/privacycg/storage-access/pull/100
[Pref="dom.storage_access.forward_declared.enabled", NewObject]
Promise<void> requestStorageAccessUnderSite(DOMString serializedSite);
[Pref="dom.storage_access.forward_declared.enabled", NewObject]
Promise<void> completeStorageAccessRequestFromSite(DOMString serializedSite);
};
// A privileged API to give chrome privileged code and the content script of the

4
extensions/permissions/PermissionManager.cpp
View File

@ -169,8 +169,8 @@ bool IsOAForceStripPermission(const nsACString& aType) {
// Array of permission prefixes which should be isolated only by site.
// These site-scoped permissions are stored under their site's principal.
// GetAllForPrincipal also needs to look for these especially.
static constexpr std::array<nsLiteralCString, 2> kSiteScopedPermissions = {
{"3rdPartyStorage^"_ns, "AllowStorageAccessRequest^"_ns}};
static constexpr std::array<nsLiteralCString, 1> kSiteScopedPermissions = {
{"3rdPartyStorage^"_ns}};
bool IsSiteScopedPermission(const nsACString& aType) {
if (aType.IsEmpty()) {

13
modules/libpref/init/StaticPrefList.yaml
View File

@ -3640,19 +3640,6 @@
value: false
mirror: always
# Forward-Declared Storage-access API.
- name: dom.storage_access.forward_declared.enabled
type: bool
value: false
mirror: always
# How long the Forward-Declared Storage-access API allows between pair requests
# in seconds
- name: dom.storage_access.forward_declared.lifetime
type: uint32_t
value: 15 * 60
mirror: always
# The maximum number of origins that a given third-party tracker is allowed
# to have concurrent access to before the user is presented with a storage
# access prompt. Only effective when the auto_grants pref is turned on.

23
toolkit/components/antitracking/AntiTrackingUtils.cpp
View File

@ -19,7 +19,6 @@
#include "mozilla/net/NeckoChannelParams.h"
#include "mozilla/PermissionManager.h"
#include "mozIThirdPartyUtil.h"
#include "nsEffectiveTLDService.h"
#include "nsGlobalWindowInner.h"
#include "nsIChannel.h"
#include "nsIHttpChannel.h"
@ -123,28 +122,6 @@ bool AntiTrackingUtils::CreateStoragePermissionKey(nsIPrincipal* aPrincipal,
return true;
}
// static
bool AntiTrackingUtils::CreateStorageRequestPermissionKey(
nsIURI* aURI, nsACString& aPermissionKey) {
MOZ_ASSERT(aPermissionKey.IsEmpty());
RefPtr<nsEffectiveTLDService> eTLDService =
nsEffectiveTLDService::GetInstance();
if (!eTLDService) {
return false;
}
nsCString site;
nsresult rv = eTLDService->GetSite(aURI, site);
if (NS_FAILED(rv)) {
return false;
}
static const nsLiteralCString prefix =
nsLiteralCString("AllowStorageAccessRequest^");
aPermissionKey.SetCapacity(prefix.Length() + site.Length());
aPermissionKey.Append(prefix);
aPermissionKey.Append(site);
return true;
}
// static
bool AntiTrackingUtils::IsStorageAccessPermission(nsIPermission* aPermission,
nsIPrincipal* aPrincipal) {

7
toolkit/components/antitracking/AntiTrackingUtils.h
View File

@ -49,13 +49,6 @@ class AntiTrackingUtils final {
static bool CreateStoragePermissionKey(nsIPrincipal* aPrincipal,
nsACString& aKey);
// Given and embedded URI, returns the permission for allowing storage access
// requests from that URI's site. This permission is site-scoped in two ways:
// the principal it is stored under and the suffix built from aURI are both
// the Site rather than Origin.
static bool CreateStorageRequestPermissionKey(nsIURI* aURI,
nsACString& aPermissionKey);
// Returns true if the permission passed in is a storage access permission
// for the passed in principal argument.
static bool IsStorageAccessPermission(nsIPermission* aPermission,

9
toolkit/components/antitracking/test/browser/browser.ini
View File

@ -92,15 +92,6 @@ support-files = subResources.sjs
support-files = tracker.js
[browser_userInteraction.js]
[browser_serviceWorkersWithStorageAccessGranted.js]
[browser_storageAccess_TopLevel_Arguments.js]
[browser_storageAccess_TopLevel_CookieBehavior.js]
[browser_storageAccess_TopLevel_CookiePermission.js]
[browser_storageAccess_TopLevel_CrossOriginSameSite.js]
[browser_storageAccess_TopLevel_Embed.js]
[browser_storageAccess_TopLevel_Enable.js]
[browser_storageAccess_TopLevel_RequireIntermediatePermission.js]
[browser_storageAccess_TopLevel_StorageAccessPermission.js]
[browser_storageAccess_TopLevel_UserActivation.js]
skip-if = debug # Bug 1700551
[browser_storageAccessAutograntRequiresUserInteraction.js]
[browser_storageAccessDeniedGivesNoUserInteraction.js]

109
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_Arguments.js
View File

@ -1,109 +0,0 @@
add_task(async function testArgumentInRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_4TH_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [], async _ => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite("blob://test");
try {
await p;
ok(false, "Blob URLs must be rejected.");
} catch {
ok(true, "Must reject.");
}
p = content.document.requestStorageAccessUnderSite("about:config");
try {
await p;
ok(false, "about URLs must be rejected.");
} catch {
ok(true, "Must reject.");
}
p = content.document.requestStorageAccessUnderSite("qwertyuiop");
try {
await p;
ok(false, "Non URLs must be rejected.");
} catch {
ok(true, "Must reject.");
}
p = content.document.requestStorageAccessUnderSite("");
try {
await p;
ok(false, "Nullstring must be rejected.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});
add_task(async function testArgumentInCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_ACCEPT],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [], async _ => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(
"blob://test"
);
try {
await p;
ok(false, "Blob URLs must be rejected.");
} catch {
ok(true, "Must reject.");
}
p = content.document.completeStorageAccessRequestFromSite("about:config");
try {
await p;
ok(false, "about URLs must be rejected.");
} catch {
ok(true, "Must reject.");
}
p = content.document.completeStorageAccessRequestFromSite("qwertyuiop");
try {
await p;
ok(false, "Non URLs must be rejected.");
} catch {
ok(true, "Must reject.");
}
p = content.document.completeStorageAccessRequestFromSite("");
try {
await p;
ok(false, "Nullstring must be rejected.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});

403
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_CookieBehavior.js
View File

@ -1,403 +0,0 @@
add_task(async function testBehaviorAcceptRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_ACCEPT],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_3RD_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});
add_task(async function testBehaviorAcceptCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_ACCEPT],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.org",
allow: 1,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});
add_task(async function testBehaviorRejectRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_REJECT],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_3RD_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});
add_task(async function testBehaviorRejectCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_REJECT],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.org",
allow: 1,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});
add_task(
async function testBehaviorLimitForeignRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_LIMIT_FOREIGN],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_3RD_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);
add_task(async function testBehaviorLimitForeignCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_LIMIT_FOREIGN],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.org",
allow: 1,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});
add_task(
async function testBehaviorRejectForeignRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_REJECT_FOREIGN],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_3RD_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);
add_task(
async function testBehaviorRejectForeignCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_REJECT_FOREIGN],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.org",
allow: 1,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);
add_task(
async function testBehaviorRejectTrackerRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_REJECT_TRACKER],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_3RD_PARTY_DOMAIN,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);
add_task(
async function testBehaviorRejectTrackerCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_REJECT_TRACKER],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.com",
allow: 1,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);
add_task(
async function testBehaviorRejectTrackerAndPartitionForeignRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_3RD_PARTY_DOMAIN,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);
add_task(
async function testBehaviorRejectTrackerAndPartitionForeignCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.com",
allow: 1,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);

169
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_CookiePermission.js
View File

@ -1,169 +0,0 @@
add_task(async _ => {
PermissionTestUtils.add(
TEST_4TH_PARTY_PAGE,
"cookie",
Services.perms.ALLOW_ACTION
);
});
add_task(async function testCookiePermissionRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_4TH_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
await SpecialPowers.popPermissions();
});
add_task(async function testCookiePermissionCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_4TH_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.com",
allow: Services.perms.ALLOW_ACTION,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
await SpecialPowers.popPermissions();
});
add_task(async _ => {
Services.perms.removeAll();
});
add_task(async _ => {
PermissionTestUtils.add(
TEST_4TH_PARTY_PAGE,
"cookie",
Services.perms.DENY_ACTION
);
});
add_task(
async function testCookiePermissionRejectRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_4TH_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
await SpecialPowers.popPermissions();
}
);
add_task(
async function testCookiePermissionRejectCompleteStorageAccessRequest() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_4TH_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.com",
allow: Services.perms.ALLOW_ACTION,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
});
await BrowserTestUtils.removeTab(tab);
await SpecialPowers.popPermissions();
}
);
add_task(async _ => {
Services.perms.removeAll();
});

151
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_CrossOriginSameSite.js
View File

@ -1,151 +0,0 @@
add_task(async function testIntermediatePreferenceReadSameSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_DOMAIN_7,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject because we don't have the initial request.");
}
});
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^https://example.com",
allow: 1,
context: TEST_DOMAIN_7,
},
]);
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject because the permission is cross site.");
}
});
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^https://example.org",
allow: 1,
context: TEST_DOMAIN_7,
},
]);
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(
true,
"Must resolve now that we have the permission from the embedee."
);
} catch {
ok(false, "Must not reject.");
}
});
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^https://example.org",
allow: 1,
context: TEST_DOMAIN_8,
},
]);
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(
true,
"Must resolve now that we have the permission from the embedee."
);
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});
// Note: TEST_DOMAIN_7 and TEST_DOMAIN_8 are Same-Site
add_task(async function testIntermediatePreferenceWriteCrossOrigin() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_3RD_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN_8], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(
true,
"Must resolve- no funny business here, we just want to set the intermediate pref"
);
} catch {
ok(false, "Must not reject.");
}
});
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
TEST_DOMAIN_8
);
// Important to note that this is the site but not origin of TEST_3RD_PARTY_PAGE
var permission = Services.perms.testPermissionFromPrincipal(
principal,
"AllowStorageAccessRequest^https://example.org"
);
ok(permission == Services.perms.ALLOW_ACTION);
// Test that checking the permission across site works
principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
TEST_DOMAIN_7
);
// Important to note that this is the site but not origin of TEST_3RD_PARTY_PAGE
permission = Services.perms.testPermissionFromPrincipal(
principal,
"AllowStorageAccessRequest^https://example.org"
);
ok(permission == Services.perms.ALLOW_ACTION);
await BrowserTestUtils.removeTab(tab);
});

147
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_Embed.js
View File

@ -1,147 +0,0 @@
Services.scriptloader.loadSubScript(
"chrome://mochitests/content/browser/toolkit/components/antitracking/test/browser/storage_access_head.js",
this
);
/* import-globals-from storage_access_head.js */
async function requestStorageAccessUnderSiteAndExpectSuccess() {
SpecialPowers.wrap(document).notifyUserGestureActivation();
var p = document.requestStorageAccessUnderSite("http://example.org");
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
}
async function requestStorageAccessUnderSiteAndExpectFailure() {
SpecialPowers.wrap(document).notifyUserGestureActivation();
var p = document.requestStorageAccessUnderSite("http://example.org");
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
}
async function completeStorageAccessRequestFromSiteAndExpectSuccess() {
SpecialPowers.wrap(document).notifyUserGestureActivation();
var p = document.completeStorageAccessRequestFromSite("http://example.org");
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
}
async function completeStorageAccessRequestFromSiteAndExpectFailure() {
SpecialPowers.wrap(document).notifyUserGestureActivation();
var p = document.completeStorageAccessRequestFromSite("http://example.org");
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject.");
}
}
async function setIntermediatePreference() {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.org",
allow: 1,
context: "http://example.com/",
},
]);
}
async function configurePrefs() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
}
add_task(async function rSAUS_sameOriginIframe() {
await configurePrefs();
await openPageAndRunCode(
TEST_TOP_PAGE_7,
() => {},
TEST_DOMAIN_7 + TEST_PATH + "3rdParty.html",
requestStorageAccessUnderSiteAndExpectSuccess
);
await cleanUpData();
await SpecialPowers.flushPrefEnv();
});
add_task(async function rSAUS_sameSiteIframe() {
await configurePrefs();
await openPageAndRunCode(
TEST_TOP_PAGE_7,
() => {},
TEST_DOMAIN_8 + TEST_PATH + "3rdParty.html",
requestStorageAccessUnderSiteAndExpectSuccess
);
await cleanUpData();
await SpecialPowers.flushPrefEnv();
});
add_task(async function rSAUS_crossSiteIframe() {
await configurePrefs();
await openPageAndRunCode(
TEST_TOP_PAGE_7,
() => {},
TEST_DOMAIN + TEST_PATH + "3rdParty.html",
requestStorageAccessUnderSiteAndExpectFailure
);
await cleanUpData();
await SpecialPowers.flushPrefEnv();
});
add_task(async function cSAR_sameOriginIframe() {
await configurePrefs();
await openPageAndRunCode(
TEST_TOP_PAGE_7,
setIntermediatePreference,
TEST_DOMAIN_7 + TEST_PATH + "3rdParty.html",
completeStorageAccessRequestFromSiteAndExpectSuccess
);
await cleanUpData();
await SpecialPowers.flushPrefEnv();
});
add_task(async function cSAR_sameSiteIframe() {
await configurePrefs();
await setIntermediatePreference();
await openPageAndRunCode(
TEST_TOP_PAGE_7,
() => {},
TEST_DOMAIN_8 + TEST_PATH + "3rdParty.html",
completeStorageAccessRequestFromSiteAndExpectSuccess
);
await cleanUpData();
await SpecialPowers.flushPrefEnv();
});
add_task(async function cSAR_crossSiteIframe() {
await configurePrefs();
await openPageAndRunCode(
TEST_TOP_PAGE_7,
setIntermediatePreference,
TEST_DOMAIN + TEST_PATH + "3rdParty.html",
completeStorageAccessRequestFromSiteAndExpectFailure
);
await cleanUpData();
await SpecialPowers.flushPrefEnv();
});

77
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_Enable.js
View File

@ -1,77 +0,0 @@
add_task(async function testDefaultDisabled() {
let value = Services.prefs.getBoolPref(
"dom.storage_access.forward_declared.enabled"
);
ok(!value, "dom.storage_access.forward_declared.enabled should be false");
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [], async _ => {
ok(
content.window.requestStorageAccessUnderSite == undefined,
"API should not be on the window"
);
ok(
content.window.completeStorageAccessRequestFromSite == undefined,
"API should not be on the window"
);
});
await BrowserTestUtils.removeTab(tab);
});
add_task(async function testExplicitlyDisabled() {
await SpecialPowers.pushPrefEnv({
set: [["dom.storage_access.forward_declared.enabled", false]],
});
let value = Services.prefs.getBoolPref(
"dom.storage_access.forward_declared.enabled"
);
ok(!value, "dom.storage_access.forward_declared.enabled should be false");
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [], async _ => {
ok(
content.window.requestStorageAccessUnderSite == undefined,
"API should not be on the window"
);
ok(
content.window.completeStorageAccessRequestFromSite == undefined,
"API should not be on the window"
);
});
await BrowserTestUtils.removeTab(tab);
});
add_task(async function testExplicitlyEnabled() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
],
});
let value = Services.prefs.getBoolPref(
"dom.storage_access.forward_declared.enabled"
);
ok(value, "dom.storage_access.forward_declared.enabled should be true");
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [], async _ => {
ok(
content.document.requestStorageAccessUnderSite != undefined,
"API should be on the window"
);
ok(
content.document.completeStorageAccessRequestFromSite != undefined,
"API should be on the window"
);
});
await BrowserTestUtils.removeTab(tab);
});

52
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_RequireIntermediatePermission.js
View File

@ -1,52 +0,0 @@
add_task(async function testIntermediatePermissionRequired() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(false, "Must not resolve.");
} catch {
ok(true, "Must reject because we don't have the initial request.");
}
});
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^https://example.org",
allow: 1,
context: TEST_TOP_PAGE,
},
]);
await SpecialPowers.spawn(browser, [TEST_3RD_PARTY_DOMAIN], async tp => {
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(
true,
"Must resolve now that we have the permission from the embedee."
);
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
});

85
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_StorageAccessPermission.js
View File

@ -1,85 +0,0 @@
add_task(
async function testStorageAccessPermissionRequestStorageAccessUnderSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_4TH_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "3rdPartyStorage^http://not-tracking.example.com",
allow: 1,
context: tp,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);
add_task(
async function testStorageAccessPermissionCompleteStorageAccessRequestFromSite() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
[
"network.cookie.cookieBehavior",
BEHAVIOR_REJECT_TRACKER_AND_PARTITION_FOREIGN,
],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_4TH_PARTY_DOMAIN], async tp => {
await SpecialPowers.pushPermissions([
{
type: "AllowStorageAccessRequest^http://example.com",
allow: 1,
context: content.document,
},
{
type: "3rdPartyStorage^http://not-tracking.example.com",
allow: 1,
context: content.document,
},
]);
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(true, "Must resolve.");
} catch {
ok(false, "Must not reject.");
}
});
await BrowserTestUtils.removeTab(tab);
}
);

54
toolkit/components/antitracking/test/browser/browser_storageAccess_TopLevel_UserActivation.js
View File

@ -1,54 +0,0 @@
add_task(async function testUserActivations() {
await SpecialPowers.pushPrefEnv({
set: [
["dom.storage_access.enabled", true],
["dom.storage_access.forward_declared.enabled", true],
["network.cookie.cookieBehavior", BEHAVIOR_ACCEPT],
["dom.storage_access.auto_grants", false],
["dom.storage_access.max_concurrent_auto_grants", 1],
],
});
// Part 1: open the embedded site as a top level
let tab = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_3RD_PARTY_PAGE,
});
let browser = tab.linkedBrowser;
await SpecialPowers.spawn(browser, [TEST_DOMAIN], async tp => {
// Part 2: requestStorageAccessUnderSite without activation
var p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(false, "Must not resolve without user activation.");
} catch {
ok(true, "Must reject without user activation.");
}
// Part 3: requestStorageAccessUnderSite with activation
SpecialPowers.wrap(content.document).notifyUserGestureActivation();
p = content.document.requestStorageAccessUnderSite(tp);
try {
await p;
ok(true, "Must resolve with user activation and autogrant.");
} catch {
ok(false, "Must not reject with user activation.");
}
});
// Part 4: open the embedding site as a top level
let tab2 = await BrowserTestUtils.openNewForegroundTab({
gBrowser,
url: TEST_TOP_PAGE,
});
let browser2 = tab2.linkedBrowser;
await SpecialPowers.spawn(browser2, [TEST_3RD_PARTY_DOMAIN], async tp => {
// Part 5: completeStorageAccessRequestFromSite without activation
var p = content.document.completeStorageAccessRequestFromSite(tp);
try {
await p;
ok(true, "Must resolve without user activation.");
} catch {
ok(false, "Must not reject without user activation in this context.");
}
});
await BrowserTestUtils.removeTab(tab);
await BrowserTestUtils.removeTab(tab2);
});