Bug 1452496: gtest for discarding same-site cookies in cross site context. r=dveditz

netwerk/test/TestCookie.cpp

@@ -12,6 +12,9 @@
 #include <stdio.h>
 #include "plstr.h"
 #include "nsNetUtil.h"
+#include "nsIChannel.h"
+#include "nsIPrincipal.h"
+#include "nsIScriptSecurityManager.h"
 #include "nsISimpleEnumerator.h"
 #include "nsServiceManagerUtils.h"
 #include "nsNetCID.h"
@@ -75,6 +78,36 @@ SetACookie(nsICookieService *aCookieService, const char *aSpec1, const char *aSp
     EXPECT_TRUE(NS_SUCCEEDED(rv));
 }
 
+// Custom Cookie Generator specifically for the needs of same-site cookies!
+// Hands off unless you know exactly what you are doing!
+void
+SetASameSiteCookie(nsICookieService *aCookieService, const char *aSpec1, const char *aSpec2, const char* aCookieString, const char *aServerTime)
+{
+    nsCOMPtr<nsIURI> uri1, uri2;
+    NS_NewURI(getter_AddRefs(uri1), aSpec1);
+    if (aSpec2)
+        NS_NewURI(getter_AddRefs(uri2), aSpec2);
+
+    // We create a dummy channel using the aSpec1 to simulate same-siteness
+    nsresult rv0;
+    nsCOMPtr<nsIScriptSecurityManager> ssm =
+      do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv0);
+    ASSERT_TRUE(NS_SUCCEEDED(rv0));
+    nsCOMPtr<nsIPrincipal> spec1Principal;
+    nsCString tmpString(aSpec1);
+    ssm->CreateCodebasePrincipalFromOrigin(tmpString, getter_AddRefs(spec1Principal));
+
+    nsCOMPtr<nsIChannel> dummyChannel;
+    NS_NewChannel(getter_AddRefs(dummyChannel),
+                  uri1,
+                  spec1Principal,
+                  nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK,
+                  nsIContentPolicy::TYPE_OTHER);
+
+    nsresult rv = aCookieService->SetCookieStringFromHttp(uri1, uri2, nullptr, (char *)aCookieString, aServerTime, dummyChannel);
+    EXPECT_TRUE(NS_SUCCEEDED(rv));
+}
+
 void
 SetACookieNoHttp(nsICookieService *aCookieService, const char *aSpec, const char* aCookieString)
 {
@@ -773,17 +806,17 @@ TEST(TestCookie,TestCookieMain)
 
     // Set cookies with various incantations of the samesite attribute:
     // No same site attribute present
-    SetACookie(cookieService, "http://samesite.test", nullptr, "unset=yes", nullptr);
+    SetASameSiteCookie(cookieService, "http://samesite.test", nullptr, "unset=yes", nullptr);
     // samesite attribute present but with no value
-    SetACookie(cookieService, "http://samesite.test", nullptr, "unspecified=yes; samesite", nullptr);
+    SetASameSiteCookie(cookieService, "http://samesite.test", nullptr, "unspecified=yes; samesite", nullptr);
     // samesite attribute present but with an empty value
-    SetACookie(cookieService, "http://samesite.test", nullptr, "empty=yes; samesite=", nullptr);
+    SetASameSiteCookie(cookieService, "http://samesite.test", nullptr, "empty=yes; samesite=", nullptr);
     // samesite attribute present but with an invalid value
-    SetACookie(cookieService, "http://samesite.test", nullptr, "bogus=yes; samesite=bogus", nullptr);
+    SetASameSiteCookie(cookieService, "http://samesite.test", nullptr, "bogus=yes; samesite=bogus", nullptr);
     // samesite=strict
-    SetACookie(cookieService, "http://samesite.test", nullptr, "strict=yes; samesite=strict", nullptr);
+    SetASameSiteCookie(cookieService, "http://samesite.test", nullptr, "strict=yes; samesite=strict", nullptr);
     // samesite=lax
-    SetACookie(cookieService, "http://samesite.test", nullptr, "lax=yes; samesite=lax", nullptr);
+    SetASameSiteCookie(cookieService, "http://samesite.test", nullptr, "lax=yes; samesite=lax", nullptr);
 
     EXPECT_TRUE(NS_SUCCEEDED(cookieMgr->GetEnumerator(getter_AddRefs(enumerator))));
     i = 0;