From 7e0d9ec5c0a66fcbe24c4739e1af2d478c785fca Mon Sep 17 00:00:00 2001
From: Andrea Marchesini <amarchesini@mozilla.com>
Date: Wed, 18 Jul 2018 15:44:55 +0200
Subject: [PATCH] Bug 1476324 - Storage activation via window.open(URL) applies
 across top-level domains - part 2 - tests, r=ehsan

---
 .../antitracking/test/browser/browser.ini     |   2 +
 .../test/browser/browser_script.js            | 131 ++++++++++++++++++
 .../antitracking/test/browser/tracker.js      |   5 +
 3 files changed, 138 insertions(+)
 create mode 100644 toolkit/components/antitracking/test/browser/browser_script.js
 create mode 100644 toolkit/components/antitracking/test/browser/tracker.js

diff --git a/toolkit/components/antitracking/test/browser/browser.ini b/toolkit/components/antitracking/test/browser/browser.ini
index 4fb71c304773..db5ffb62ead2 100644
--- a/toolkit/components/antitracking/test/browser/browser.ini
+++ b/toolkit/components/antitracking/test/browser/browser.ini
@@ -20,3 +20,5 @@ support-files = server.sjs
 support-files = image.sjs
 [browser_subResources.js]
 support-files = subResources.sjs
+[browser_script.js]
+support-files = tracker.js
diff --git a/toolkit/components/antitracking/test/browser/browser_script.js b/toolkit/components/antitracking/test/browser/browser_script.js
new file mode 100644
index 000000000000..69472b4d9cbc
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_script.js
@@ -0,0 +1,131 @@
+ChromeUtils.import("resource://gre/modules/Services.jsm");
+
+add_task(async function() {
+  info("Starting subResources test");
+
+  await SpecialPowers.flushPrefEnv();
+  await SpecialPowers.pushPrefEnv({"set": [
+    ["privacy.restrict3rdpartystorage.enabled", true],
+    ["privacy.trackingprotection.enabled", false],
+    ["privacy.trackingprotection.pbmode.enabled", false],
+    ["privacy.trackingprotection.annotate_channels", true],
+  ]});
+
+  await UrlClassifierTestUtils.addTestTrackers();
+
+  info("Creating a new tab");
+  let tab = BrowserTestUtils.addTab(gBrowser, TEST_TOP_PAGE);
+  gBrowser.selectedTab = tab;
+
+  let browser = gBrowser.getBrowserForTab(tab);
+  await BrowserTestUtils.browserLoaded(browser);
+
+  info("Loading tracking scripts");
+  await ContentTask.spawn(browser, { scriptURL: TEST_DOMAIN + TEST_PATH + "tracker.js",
+                                     page: TEST_3RD_PARTY_PAGE,
+                                   }, async obj => {
+    info("Checking if permission is denied");
+    let callbackBlocked = async _ => {
+      try {
+        localStorage.foo = 42;
+        ok(false, "LocalStorage cannot be used!");
+      } catch (e) {
+        ok(true, "LocalStorage cannot be used!");
+        is(e.name, "SecurityError", "We want a security error message.");
+      }
+    };
+
+    await new content.Promise(resolve => {
+      let ifr = content.document.createElement("iframe");
+      ifr.onload = function() {
+        info("Sending code to the 3rd party content");
+        ifr.contentWindow.postMessage(callbackBlocked.toString(), "*");
+      };
+
+      content.addEventListener("message", function msg(event) {
+        if (event.data.type == "finish") {
+          content.removeEventListener("message", msg);
+          resolve();
+          return;
+        }
+
+        if (event.data.type == "ok") {
+          ok(event.data.what, event.data.msg);
+          return;
+        }
+
+        if (event.data.type == "info") {
+          info(event.data.msg);
+          return;
+        }
+
+        ok(false, "Unknown message");
+      });
+
+      content.document.body.appendChild(ifr);
+      ifr.src = obj.page;
+    });
+
+    info("Triggering a 3rd party script...");
+    let p = new content.Promise(resolve => {
+      let bc = new content.BroadcastChannel("a");
+      bc.onmessage = resolve;
+    });
+
+    let src = content.document.createElement("script");
+    content.document.body.appendChild(src);
+    src.src = obj.scriptURL;
+
+    await p;
+
+    info("Checking if permission is granted");
+    let callbackAllowed = async _ => {
+      localStorage.foo = 42;
+      ok(true, "LocalStorage can be used!");
+    };
+
+    await new content.Promise(resolve => {
+      let ifr = content.document.createElement("iframe");
+      ifr.onload = function() {
+        info("Sending code to the 3rd party content");
+        ifr.contentWindow.postMessage(callbackAllowed.toString(), "*");
+      };
+
+      content.addEventListener("message", function msg(event) {
+        if (event.data.type == "finish") {
+          content.removeEventListener("message", msg);
+          resolve();
+          return;
+        }
+
+        if (event.data.type == "ok") {
+          ok(event.data.what, event.data.msg);
+          return;
+        }
+
+        if (event.data.type == "info") {
+          info(event.data.msg);
+          return;
+        }
+
+        ok(false, "Unknown message");
+      });
+
+      content.document.body.appendChild(ifr);
+      ifr.src = obj.page;
+    });
+  });
+
+  info("Removing the tab");
+  BrowserTestUtils.removeTab(tab);
+
+  UrlClassifierTestUtils.cleanupTestTrackers();
+});
+
+add_task(async function() {
+  info("Cleaning up.");
+  await new Promise(resolve => {
+    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value => resolve());
+  });
+});
+
diff --git a/toolkit/components/antitracking/test/browser/tracker.js b/toolkit/components/antitracking/test/browser/tracker.js
new file mode 100644
index 000000000000..3e84207d5122
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/tracker.js
@@ -0,0 +1,5 @@
+window.addEventListener("message", e => {
+  let bc = new BroadcastChannel("a");
+  bc.postMessage("ready!");
+});
+window.open("https://tracking.example.com/browser/toolkit/components/antitracking/test/browser/3rdPartyOpen.html");