mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 02:14:43 +00:00
Bug 1617611 - Fix all tests using laxByDefault=false under browser/. r=freddyb
This turned out to be more complicated than expected, because: - SameSite=None requires https:// - Many test were using the mochi.test domain, which is not reachable via https Differential Revision: https://phabricator.services.mozilla.com/D157637
This commit is contained in:
parent
fec1ff79b6
commit
3ddbc463f2
@ -3,24 +3,18 @@
|
||||
|
||||
const ROOT_DIR = getRootDirectory(gTestPath);
|
||||
|
||||
const MOCHI_ROOT = ROOT_DIR.replace(
|
||||
const EXAMPLE_NET_ROOT = ROOT_DIR.replace(
|
||||
"chrome://mochitests/content/",
|
||||
"http://mochi.test:8888/"
|
||||
"https://example.net/"
|
||||
);
|
||||
|
||||
const EXAMPLE_COM_ROOT = ROOT_DIR.replace(
|
||||
"chrome://mochitests/content/",
|
||||
"http://example.com/"
|
||||
"https://example.com/"
|
||||
);
|
||||
|
||||
const FAVICON_URL = EXAMPLE_COM_ROOT + "credentials.png";
|
||||
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
Services.prefs.setBoolPref("network.cookie.sameSite.laxByDefault", false);
|
||||
registerCleanupFunction(() => {
|
||||
Services.prefs.clearUserPref("network.cookie.sameSite.laxByDefault");
|
||||
});
|
||||
|
||||
// Bug 1746646: Make mochitests work with TCP enabled (cookieBehavior = 5)
|
||||
// All instances of addPermission and removePermission set up 3rd-party storage
|
||||
// access in a way that allows the test to proceed with TCP enabled.
|
||||
@ -28,7 +22,7 @@ registerCleanupFunction(() => {
|
||||
function run_test(url, shouldHaveCookies, description) {
|
||||
add_task(async () => {
|
||||
await SpecialPowers.addPermission(
|
||||
"3rdPartyStorage^http://example.com",
|
||||
"3rdPartyStorage^https://example.com",
|
||||
true,
|
||||
url
|
||||
);
|
||||
@ -68,14 +62,14 @@ function run_test(url, shouldHaveCookies, description) {
|
||||
}
|
||||
);
|
||||
await SpecialPowers.removePermission(
|
||||
"3rdPartyStorage^http://example.com",
|
||||
"3rdPartyStorage^https://example.com",
|
||||
url
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
// crossorigin="" only has credentials in the same-origin case
|
||||
run_test(`${MOCHI_ROOT}credentials1.html`, false, "anonymous, remote");
|
||||
run_test(`${EXAMPLE_NET_ROOT}credentials1.html`, false, "anonymous, remote");
|
||||
run_test(
|
||||
`${EXAMPLE_COM_ROOT}credentials1.html`,
|
||||
true,
|
||||
@ -83,7 +77,11 @@ run_test(
|
||||
);
|
||||
|
||||
// crossorigin="use-credentials" always has them
|
||||
run_test(`${MOCHI_ROOT}credentials2.html`, true, "use-credentials, remote");
|
||||
run_test(
|
||||
`${EXAMPLE_NET_ROOT}credentials2.html`,
|
||||
true,
|
||||
"use-credentials, remote"
|
||||
);
|
||||
run_test(
|
||||
`${EXAMPLE_COM_ROOT}credentials2.html`,
|
||||
true,
|
||||
|
@ -1,3 +1,3 @@
|
||||
Access-Control-Allow-Origin: http://mochi.test:8888
|
||||
Access-Control-Allow-Origin: https://example.net
|
||||
Access-Control-Allow-Credentials: true
|
||||
Set-Cookie: faviconCookie2=test
|
||||
Set-Cookie: faviconCookie2=test; SameSite=None; Secure;
|
||||
|
@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="UTF-8" />
|
||||
<title>Favicon test for cross-origin credentials</title>
|
||||
<link rel="icon" href="http://example.com/browser/browser/base/content/test/favicons/credentials.png" crossorigin />
|
||||
<link rel="icon" href="https://example.com/browser/browser/base/content/test/favicons/credentials.png" crossorigin />
|
||||
</head>
|
||||
<body>
|
||||
</body>
|
||||
|
@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset="UTF-8" />
|
||||
<title>Favicon test for cross-origin credentials</title>
|
||||
<link rel="icon" href="http://example.com/browser/browser/base/content/test/favicons/credentials.png" crossorigin="use-credentials" />
|
||||
<link rel="icon" href="https://example.com/browser/browser/base/content/test/favicons/credentials.png" crossorigin="use-credentials" />
|
||||
</head>
|
||||
<body>
|
||||
</body>
|
||||
|
@ -8,8 +8,6 @@ const { UrlClassifierTestUtils } = ChromeUtils.import(
|
||||
Services.cookies.QueryInterface(Ci.nsICookieService);
|
||||
|
||||
function restore_prefs() {
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
Services.prefs.clearUserPref("network.cookie.sameSite.laxByDefault");
|
||||
Services.prefs.clearUserPref("network.cookie.cookieBehavior");
|
||||
Services.prefs.clearUserPref(
|
||||
"network.cookieJarSettings.unblocked_for_testing"
|
||||
@ -48,8 +46,8 @@ async function test_cookie_settings({
|
||||
rejectTrackers,
|
||||
cookieJarSettingsLocked,
|
||||
}) {
|
||||
let firstPartyURI = NetUtil.newURI("http://example.com/");
|
||||
let thirdPartyURI = NetUtil.newURI("http://example.org/");
|
||||
let firstPartyURI = NetUtil.newURI("https://example.com/");
|
||||
let thirdPartyURI = NetUtil.newURI("https://example.org/");
|
||||
let channel = NetUtil.newChannel({
|
||||
uri: firstPartyURI,
|
||||
loadUsingSystemPrincipal: true,
|
||||
@ -58,8 +56,16 @@ async function test_cookie_settings({
|
||||
Ci.nsIHttpChannelInternal
|
||||
).forceAllowThirdPartyCookie = true;
|
||||
Services.cookies.removeAll();
|
||||
Services.cookies.setCookieStringFromHttp(firstPartyURI, "key=value", channel);
|
||||
Services.cookies.setCookieStringFromHttp(thirdPartyURI, "key=value", channel);
|
||||
Services.cookies.setCookieStringFromHttp(
|
||||
firstPartyURI,
|
||||
"key=value; SameSite=None; Secure;",
|
||||
channel
|
||||
);
|
||||
Services.cookies.setCookieStringFromHttp(
|
||||
thirdPartyURI,
|
||||
"key=value; SameSite=None; Secure;",
|
||||
channel
|
||||
);
|
||||
|
||||
let expectedFirstPartyCookies = 1;
|
||||
let expectedThirdPartyCookies = 1;
|
||||
@ -85,7 +91,7 @@ async function test_cookie_settings({
|
||||
Services.cookies.removeAll();
|
||||
Services.cookies.setCookieStringFromHttp(
|
||||
firstPartyURI,
|
||||
"key=value; max-age=1000",
|
||||
"key=value; max-age=1000; SameSite=None; Secure;",
|
||||
channel
|
||||
);
|
||||
|
||||
@ -170,7 +176,6 @@ add_task(async function test_initial_state() {
|
||||
"network.cookie.rejectForeignWithExceptions.enabled",
|
||||
false
|
||||
);
|
||||
Services.prefs.setBoolPref("network.cookie.sameSite.laxByDefault", false);
|
||||
|
||||
await test_cookie_settings({
|
||||
cookiesEnabled: true,
|
||||
@ -315,7 +320,6 @@ add_task(async function test_undefined_locked() {
|
||||
"network.cookie.rejectForeignWithExceptions.enabled",
|
||||
false
|
||||
);
|
||||
Services.prefs.setBoolPref("network.cookie.sameSite.laxByDefault", false);
|
||||
await setupPolicyEngineWithJson({
|
||||
policies: {
|
||||
Cookies: {
|
||||
@ -341,7 +345,6 @@ add_task(async function test_cookie_reject_trackers() {
|
||||
"network.cookie.rejectForeignWithExceptions.enabled",
|
||||
false
|
||||
);
|
||||
Services.prefs.setBoolPref("network.cookie.sameSite.laxByDefault", false);
|
||||
await setupPolicyEngineWithJson({
|
||||
policies: {
|
||||
Cookies: {
|
||||
|
@ -3,25 +3,13 @@
|
||||
*/
|
||||
|
||||
const TEST_PAGE =
|
||||
"http://mochi.test:8888/browser/browser/components/" +
|
||||
"https://example.net/browser/browser/components/" +
|
||||
"originattributes/test/browser/file_firstPartyBasic.html";
|
||||
|
||||
// Use a random key so we don't access it in later tests.
|
||||
const key = "key" + Math.random().toString();
|
||||
const re = new RegExp(key + "=([0-9.]+)");
|
||||
|
||||
// IsolationTestTools flushes all preferences
|
||||
// hence we explicitly set the prefs we need.
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
async function setupPrefs() {
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [
|
||||
["dom.security.https_first", false],
|
||||
["network.cookie.sameSite.laxByDefault", false],
|
||||
],
|
||||
});
|
||||
}
|
||||
|
||||
// Define the testing function
|
||||
function doTest(aBrowser) {
|
||||
return SpecialPowers.spawn(aBrowser, [key, re], function(
|
||||
@ -34,7 +22,8 @@ function doTest(aBrowser) {
|
||||
}
|
||||
// No value is found, so we create one.
|
||||
let value = Math.random().toString();
|
||||
content.document.cookie = contentKey + "=" + value;
|
||||
content.document.cookie =
|
||||
contentKey + "=" + value + "; SameSite=None; Secure;";
|
||||
return value;
|
||||
});
|
||||
}
|
||||
@ -43,4 +32,11 @@ registerCleanupFunction(() => {
|
||||
Services.cookies.removeAll();
|
||||
});
|
||||
|
||||
IsolationTestTools.runTests(TEST_PAGE, doTest, null, setupPrefs);
|
||||
IsolationTestTools.runTests(
|
||||
TEST_PAGE,
|
||||
doTest,
|
||||
null,
|
||||
null,
|
||||
false,
|
||||
true /* aUseHttps */
|
||||
);
|
||||
|
@ -23,11 +23,11 @@ Services.scriptloader.loadSubScript(
|
||||
|
||||
const FIRST_PARTY_ONE = "example.com";
|
||||
const FIRST_PARTY_TWO = "example.org";
|
||||
const THIRD_PARTY = "mochi.test:8888";
|
||||
const THIRD_PARTY = "example.net";
|
||||
|
||||
const TEST_SITE_ONE = "http://" + FIRST_PARTY_ONE;
|
||||
const TEST_SITE_TWO = "http://" + FIRST_PARTY_TWO;
|
||||
const THIRD_PARTY_SITE = "http://" + THIRD_PARTY;
|
||||
const TEST_SITE_ONE = "https://" + FIRST_PARTY_ONE;
|
||||
const TEST_SITE_TWO = "https://" + FIRST_PARTY_TWO;
|
||||
const THIRD_PARTY_SITE = "https://" + THIRD_PARTY;
|
||||
const TEST_DIRECTORY =
|
||||
"/browser/browser/components/originattributes/test/browser/";
|
||||
|
||||
@ -200,7 +200,7 @@ async function assignCookiesUnderFirstParty(aURL, aFirstParty, aCookieValue) {
|
||||
await SpecialPowers.spawn(tabInfo.browser, [aCookieValue], async function(
|
||||
value
|
||||
) {
|
||||
content.document.cookie = value;
|
||||
content.document.cookie = value + "; SameSite=None; Secure;";
|
||||
});
|
||||
|
||||
BrowserTestUtils.removeTab(tabInfo.tab);
|
||||
@ -382,12 +382,7 @@ async function doTestForAllTabsFavicon(
|
||||
add_setup(async function() {
|
||||
// Make sure first party isolation is enabled.
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [
|
||||
["privacy.firstparty.isolate", true],
|
||||
["dom.security.https_first", false],
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
["network.cookie.sameSite.laxByDefault", false],
|
||||
],
|
||||
set: [["privacy.firstparty.isolate", true]],
|
||||
});
|
||||
});
|
||||
|
||||
|
@ -17,8 +17,8 @@ ChromeUtils.defineESModuleGetters(this, {
|
||||
PromiseUtils: "resource://gre/modules/PromiseUtils.sys.mjs",
|
||||
});
|
||||
|
||||
const TEST_SITE = "http://example.net";
|
||||
const TEST_THIRD_PARTY_SITE = "http://mochi.test:8888";
|
||||
const TEST_SITE = "https://example.org";
|
||||
const TEST_THIRD_PARTY_SITE = "https://example.net";
|
||||
|
||||
const TEST_PAGE =
|
||||
TEST_SITE +
|
||||
@ -29,7 +29,7 @@ const FAVICON_URI =
|
||||
"/browser/browser/components/originattributes/" +
|
||||
"test/browser/file_favicon.png";
|
||||
const TEST_THIRD_PARTY_PAGE =
|
||||
"http://example.com/browser/browser/components/" +
|
||||
"http://example.net/browser/browser/components/" +
|
||||
"originattributes/test/browser/file_favicon_thirdParty.html";
|
||||
const THIRD_PARTY_FAVICON_URI =
|
||||
TEST_THIRD_PARTY_SITE +
|
||||
@ -325,12 +325,7 @@ async function doTestForAllTabsFavicon(aTestPage, aFaviconHost, aFaviconURL) {
|
||||
add_setup(async function() {
|
||||
// Make sure userContext is enabled.
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [
|
||||
["privacy.userContext.enabled", true],
|
||||
["dom.security.https_first", false],
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
["network.cookie.sameSite.laxByDefault", false],
|
||||
],
|
||||
set: [["privacy.userContext.enabled", true]],
|
||||
});
|
||||
});
|
||||
|
||||
|
@ -1,14 +1,12 @@
|
||||
const BASE_URL =
|
||||
"http://mochi.test:8888/browser/browser/components/originattributes/test/browser/";
|
||||
const EXAMPLE_BASE_URL = BASE_URL.replace("mochi.test:8888", "example.com");
|
||||
const BASE_DOMAIN = "mochi.test";
|
||||
"https://example.net/browser/browser/components/originattributes/test/browser/";
|
||||
const EXAMPLE_BASE_URL = BASE_URL.replace("example.net", "example.com");
|
||||
const BASE_DOMAIN = "example.net";
|
||||
|
||||
add_setup(async function() {
|
||||
Services.prefs.setBoolPref("privacy.firstparty.isolate", true);
|
||||
Services.prefs.setBoolPref("dom.security.https_first", false);
|
||||
registerCleanupFunction(function() {
|
||||
Services.prefs.clearUserPref("privacy.firstparty.isolate");
|
||||
Services.prefs.clearUserPref("dom.security.https_first");
|
||||
Services.cookies.removeAll();
|
||||
Services.cache2.clear();
|
||||
});
|
||||
@ -127,8 +125,8 @@ add_task(async function redirect_test() {
|
||||
|
||||
Assert.equal(
|
||||
content.document.documentURI,
|
||||
"http://example.com/browser/browser/components/originattributes/test/browser/dummy.html",
|
||||
"The page should have been redirected to http://example.com/browser/browser/components/originattributes/test/browser/dummy.html"
|
||||
"https://example.com/browser/browser/components/originattributes/test/browser/dummy.html",
|
||||
"The page should have been redirected to https://example.com/browser/browser/components/originattributes/test/browser/dummy.html"
|
||||
);
|
||||
Assert.equal(
|
||||
content.document.nodePrincipal.originAttributes.firstPartyDomain,
|
||||
@ -146,7 +144,7 @@ add_task(async function redirect_test() {
|
||||
await BrowserTestUtils.browserLoaded(tab2.linkedBrowser, false, function(
|
||||
url
|
||||
) {
|
||||
return url == "http://example.com/";
|
||||
return url == "https://example.com/";
|
||||
});
|
||||
|
||||
await SpecialPowers.spawn(
|
||||
@ -160,8 +158,8 @@ add_task(async function redirect_test() {
|
||||
Assert.ok(true, "2nd tab document uri: " + content.document.documentURI);
|
||||
Assert.equal(
|
||||
content.document.documentURI,
|
||||
"http://example.com/",
|
||||
"The page should have been redirected to http://example.com"
|
||||
"https://example.com/",
|
||||
"The page should have been redirected to https://example.com"
|
||||
);
|
||||
Assert.equal(
|
||||
content.document.nodePrincipal.originAttributes.firstPartyDomain,
|
||||
@ -181,10 +179,10 @@ add_task(async function redirect_test() {
|
||||
|
||||
// This redirect happens on the iframe, so unlike the two redirect tests above,
|
||||
// the firstPartyDomain should still stick to the current top-level document,
|
||||
// which is mochi.test.
|
||||
// which is example.net.
|
||||
await SpecialPowers.spawn(
|
||||
tab3.linkedBrowser,
|
||||
[{ firstPartyDomain: "mochi.test" }],
|
||||
[{ firstPartyDomain: BASE_DOMAIN }],
|
||||
async function(attrs) {
|
||||
let iframe = content.document.getElementById("iframe1");
|
||||
SpecialPowers.spawn(iframe, [attrs.firstPartyDomain], function(
|
||||
@ -198,8 +196,8 @@ add_task(async function redirect_test() {
|
||||
|
||||
Assert.equal(
|
||||
content.document.documentURI,
|
||||
"http://example.com/browser/browser/components/originattributes/test/browser/dummy.html",
|
||||
"The page should have been redirected to http://example.com/browser/browser/components/originattributes/test/browser/dummy.html"
|
||||
"https://example.com/browser/browser/components/originattributes/test/browser/dummy.html",
|
||||
"The page should have been redirected to https://example.com/browser/browser/components/originattributes/test/browser/dummy.html"
|
||||
);
|
||||
|
||||
Assert.equal(
|
||||
@ -260,7 +258,7 @@ add_task(async function openWindow_test() {
|
||||
|
||||
await SpecialPowers.spawn(
|
||||
tab.linkedBrowser,
|
||||
[{ firstPartyDomain: "mochi.test" }],
|
||||
[{ firstPartyDomain: BASE_DOMAIN }],
|
||||
async function(attrs) {
|
||||
let promise = new Promise(resolve => {
|
||||
content.addEventListener("message", resolve, { once: true });
|
||||
@ -325,7 +323,7 @@ add_task(async function window_open_redirect_test() {
|
||||
|
||||
await SpecialPowers.spawn(
|
||||
win.gBrowser.selectedBrowser,
|
||||
[{ firstPartyDomain: "mochi.test" }],
|
||||
[{ firstPartyDomain: BASE_DOMAIN }],
|
||||
async function(attrs) {
|
||||
Assert.equal(
|
||||
content.docShell.getOriginAttributes().firstPartyDomain,
|
||||
@ -363,7 +361,7 @@ add_task(async function window_open_iframe_test() {
|
||||
|
||||
await SpecialPowers.spawn(
|
||||
win.gBrowser.selectedBrowser,
|
||||
[{ firstPartyDomain: "mochi.test" }],
|
||||
[{ firstPartyDomain: BASE_DOMAIN }],
|
||||
async function(attrs) {
|
||||
Assert.equal(
|
||||
content.docShell.getOriginAttributes().firstPartyDomain,
|
||||
@ -371,7 +369,7 @@ add_task(async function window_open_iframe_test() {
|
||||
"window.open() should have firstPartyDomain attribute"
|
||||
);
|
||||
|
||||
// The document is http://example.com/browser/browser/components/originattributes/test/browser/test_firstParty.html
|
||||
// The document is https://example.com/browser/browser/components/originattributes/test/browser/test_firstParty.html
|
||||
// so the firstPartyDomain will be overriden to 'example.com'.
|
||||
Assert.equal(
|
||||
content.document.nodePrincipal.originAttributes.firstPartyDomain,
|
||||
@ -408,7 +406,7 @@ add_task(async function form_test() {
|
||||
|
||||
await SpecialPowers.spawn(
|
||||
tab.linkedBrowser,
|
||||
[{ firstPartyDomain: "mochi.test" }],
|
||||
[{ firstPartyDomain: BASE_DOMAIN }],
|
||||
async function(attrs) {
|
||||
Assert.equal(
|
||||
content.document.nodePrincipal.originAttributes.firstPartyDomain,
|
||||
@ -440,7 +438,7 @@ add_task(async function window_open_form_test() {
|
||||
|
||||
await SpecialPowers.spawn(
|
||||
win.gBrowser.selectedBrowser,
|
||||
[{ firstPartyDomain: "mochi.test" }],
|
||||
[{ firstPartyDomain: BASE_DOMAIN }],
|
||||
async function(attrs) {
|
||||
Assert.equal(
|
||||
content.docShell.getOriginAttributes().firstPartyDomain,
|
||||
|
@ -4,12 +4,9 @@ if (SpecialPowers.useRemoteSubframes) {
|
||||
|
||||
add_setup(async function() {
|
||||
Services.prefs.setBoolPref("privacy.firstparty.isolate", true);
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
Services.prefs.setBoolPref("network.cookie.sameSite.laxByDefault", false);
|
||||
|
||||
registerCleanupFunction(function() {
|
||||
Services.prefs.clearUserPref("privacy.firstparty.isolate");
|
||||
Services.prefs.clearUserPref("network.cookie.sameSite.laxByDefault");
|
||||
});
|
||||
});
|
||||
|
||||
@ -131,7 +128,7 @@ add_task(async function test_remote_window_open_data_uri2() {
|
||||
let win = await BrowserTestUtils.openNewBrowserWindow({ remote: true });
|
||||
let browser = win.gBrowser.selectedBrowser;
|
||||
const TEST_PAGE =
|
||||
"http://mochi.test:8888/browser/browser/components/originattributes/test/browser/test2.html";
|
||||
"https://example.net/browser/browser/components/originattributes/test/browser/test2.html";
|
||||
|
||||
// The iframe test2.html will fetch test2.js, which will have cookies.
|
||||
const DATA_URI = `data:text/html,
|
||||
|
@ -39,8 +39,6 @@ add_setup(async function() {
|
||||
set: [
|
||||
["privacy.firstparty.isolate", true],
|
||||
["dom.security.https_first", false],
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
["network.cookie.sameSite.laxByDefault", false],
|
||||
],
|
||||
});
|
||||
|
||||
|
@ -8,13 +8,10 @@ const { PermissionTestUtils } = ChromeUtils.import(
|
||||
"resource://testing-common/PermissionTestUtils.jsm"
|
||||
);
|
||||
|
||||
const TEST_PAGE = "http://example.net";
|
||||
const TEST_PAGE = "https://example.net";
|
||||
const uri = Services.io.newURI(TEST_PAGE);
|
||||
|
||||
async function disableCookies() {
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["dom.security.https_first", false]],
|
||||
});
|
||||
Services.cookies.removeAll();
|
||||
PermissionTestUtils.add(uri, "cookie", Services.perms.DENY_ACTION);
|
||||
|
||||
@ -35,12 +32,8 @@ async function disableCookies() {
|
||||
}
|
||||
|
||||
async function ensureCookieNotSet(aBrowser) {
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["network.cookie.sameSite.laxByDefault", false]],
|
||||
});
|
||||
await SpecialPowers.spawn(aBrowser, [], async function() {
|
||||
content.document.cookie = "key=value";
|
||||
content.document.cookie = "key=value; SameSite=None; Secure;";
|
||||
Assert.equal(
|
||||
content.document.cookie,
|
||||
"",
|
||||
@ -58,9 +51,6 @@ IsolationTestTools.runTests(
|
||||
);
|
||||
|
||||
async function enableCookies() {
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["dom.security.https_first", false]],
|
||||
});
|
||||
Services.cookies.removeAll();
|
||||
PermissionTestUtils.add(uri, "cookie", Services.perms.ALLOW_ACTION);
|
||||
|
||||
@ -77,12 +67,8 @@ async function enableCookies() {
|
||||
}
|
||||
|
||||
async function ensureCookieSet(aBrowser) {
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["network.cookie.sameSite.laxByDefault", false]],
|
||||
});
|
||||
await SpecialPowers.spawn(aBrowser, [], function() {
|
||||
content.document.cookie = "key=value";
|
||||
content.document.cookie = "key=value; SameSite=None; Secure;";
|
||||
Assert.equal(
|
||||
content.document.cookie,
|
||||
"key=value",
|
||||
|
@ -7,12 +7,12 @@ const CC = Components.Constructor;
|
||||
const FIRST_PARTY_OPENER = "example.com";
|
||||
const FIRST_PARTY_TARGET = "example.org";
|
||||
const OPENER_PAGE =
|
||||
"http://" +
|
||||
"https://" +
|
||||
FIRST_PARTY_OPENER +
|
||||
"/browser/browser/components/" +
|
||||
"originattributes/test/browser/file_windowOpenerRestriction.html";
|
||||
const TARGET_PAGE =
|
||||
"http://" +
|
||||
"https://" +
|
||||
FIRST_PARTY_TARGET +
|
||||
"/browser/browser/components/" +
|
||||
"originattributes/test/browser/file_windowOpenerRestrictionTarget.html";
|
||||
@ -41,7 +41,7 @@ async function testPref(aIsPrefEnabled) {
|
||||
|
||||
// Insert a cookie into this iframe.
|
||||
await SpecialPowers.spawn(childFrame, [obj.cookieStr], aCookieStr => {
|
||||
content.document.cookie = aCookieStr;
|
||||
content.document.cookie = aCookieStr + "; SameSite=None; Secure;";
|
||||
});
|
||||
|
||||
// Open the tab here and focus on it.
|
||||
@ -80,19 +80,11 @@ async function testPref(aIsPrefEnabled) {
|
||||
}
|
||||
|
||||
add_task(async function runTests() {
|
||||
// Bug 1617611: Fix all the tests broken by "cookies SameSite=lax by default"
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [["network.cookie.sameSite.laxByDefault", false]],
|
||||
});
|
||||
|
||||
let tests = [true, false];
|
||||
|
||||
// First, we test the scenario that the first party isolation is enabled.
|
||||
await SpecialPowers.pushPrefEnv({
|
||||
set: [
|
||||
["privacy.firstparty.isolate", true],
|
||||
["dom.security.https_first", false],
|
||||
],
|
||||
set: [["privacy.firstparty.isolate", true]],
|
||||
});
|
||||
|
||||
for (let enabled of tests) {
|
||||
@ -118,6 +110,4 @@ add_task(async function runTests() {
|
||||
// the opener page has the same origin with the target page.
|
||||
await testPref(false);
|
||||
}
|
||||
|
||||
SpecialPowers.clearUserPref("network.cookie.sameSite.laxByDefault");
|
||||
});
|
||||
|
@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset='utf-8'>
|
||||
<title>Favicon Test for originAttributes</title>
|
||||
<link rel="icon" type="image/png" href="http://mochi.test:8888/browser/browser/components/originattributes/test/browser/file_favicon_cache.png" />
|
||||
<link rel="icon" type="image/png" href="https://example.net/browser/browser/components/originattributes/test/browser/file_favicon_cache.png" />
|
||||
</head>
|
||||
<body>
|
||||
Third Party Favicon!!
|
||||
|
@ -3,7 +3,7 @@
|
||||
<head>
|
||||
<meta charset='utf-8'>
|
||||
<title>Favicon Test for originAttributes</title>
|
||||
<link rel="icon" type="image/png" href="http://mochi.test:8888/browser/browser/components/originattributes/test/browser/file_favicon.png" />
|
||||
<link rel="icon" type="image/png" href="https://example.net/browser/browser/components/originattributes/test/browser/file_favicon.png" />
|
||||
</head>
|
||||
<body>
|
||||
Third Party Favicon!!
|
||||
|
@ -5,6 +5,6 @@
|
||||
<title>Test page for window.opener accessibility</title>
|
||||
</head>
|
||||
<body>
|
||||
<iframe id="child" name="child" src="http://example.org/browser/browser/components/originattributes/test/browser/file_firstPartyBasic.html"></iframe>
|
||||
<iframe id="child" name="child" src="https://example.org/browser/browser/components/originattributes/test/browser/file_firstPartyBasic.html"></iframe>
|
||||
</body>
|
||||
</html>
|
||||
|
@ -10,7 +10,7 @@
|
||||
return;
|
||||
}
|
||||
|
||||
window.parent.postMessage("OK", "http://mochi.test:8888");
|
||||
window.parent.postMessage("OK", "https://example.net");
|
||||
};
|
||||
</script>
|
||||
</head>
|
||||
|
@ -1 +1 @@
|
||||
Set-Cookie: test=foo
|
||||
Set-Cookie: test=foo; SameSite=None; Secure;
|
||||
|
@ -1 +1 @@
|
||||
Set-Cookie: test2=foo
|
||||
Set-Cookie: test2=foo; SameSite=None; Secure;
|
||||
|
@ -7,9 +7,9 @@
|
||||
</head>
|
||||
<body>
|
||||
<div>
|
||||
<iframe id="iframe1" src="http://example.com"></iframe>
|
||||
<iframe id="iframe2" sandbox="" src="http://example.com"></iframe>
|
||||
<iframe id="iframe3" sandbox="allow-same-origin" src="http://example.com"></iframe>
|
||||
<iframe id="iframe1" src="https://example.com"></iframe>
|
||||
<iframe id="iframe2" sandbox="" src="https://example.com"></iframe>
|
||||
<iframe id="iframe3" sandbox="allow-same-origin" src="https://example.com"></iframe>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
|
@ -1,7 +1,7 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf8" http-equiv="refresh" content="0; url=http://example.com/"/>
|
||||
<meta charset="utf8" http-equiv="refresh" content="0; url=https://example.com/"/>
|
||||
<title>Test for Bug 1260931</title>
|
||||
</head>
|
||||
<body>
|
||||
|
@ -1,2 +1,2 @@
|
||||
HTTP 302 Found
|
||||
Location: http://example.com/browser/browser/components/originattributes/test/browser/dummy.html
|
||||
Location: https://example.com/browser/browser/components/originattributes/test/browser/dummy.html
|
||||
|
@ -1,2 +1,2 @@
|
||||
HTTP 302 Found
|
||||
Location: http://mochi.test:8888/browser/browser/components/originattributes/test/browser/dummy.html
|
||||
Location: https://example.net/browser/browser/components/originattributes/test/browser/dummy.html
|
||||
|
@ -8,7 +8,7 @@
|
||||
<script>
|
||||
function onload() {
|
||||
let iframe1 = document.getElementById("iframe1");
|
||||
iframe1.contentWindow.postMessage("HI", "http://mochi.test:8888");
|
||||
iframe1.contentWindow.postMessage("HI", "https://example.net");
|
||||
}
|
||||
|
||||
window.onmessage = function(evt) {
|
||||
|
@ -5,7 +5,7 @@
|
||||
</head>
|
||||
<body>
|
||||
<script type="text/javascript">
|
||||
var w = window.open("http://example.com/browser/browser/components/originattributes/test/browser/test_firstParty.html", "test");
|
||||
var w = window.open("https://example.com/browser/browser/components/originattributes/test/browser/test_firstParty.html", "test");
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
@ -5,7 +5,7 @@
|
||||
</head>
|
||||
<body>
|
||||
<script type="text/javascript">
|
||||
var w = window.open("http://example.com/browser/browser/components/originattributes/test/browser/test_form.html", "test");
|
||||
var w = window.open("https://example.com/browser/browser/components/originattributes/test/browser/test_form.html", "test");
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
Loading…
Reference in New Issue
Block a user