/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/** * Dispatch a RemoteSettings "sync" event. * @param {Object} data - The event's data payload. * @param {Object} [data.created] - Records that were created. * @param {Object} [data.updated] - Records that were updated. * @param {Object} [data.deleted] - Records that were removed.
*/
async function remoteSettingsSync({ created, updated, deleted }) {
await RemoteSettings(COLLECTION_NAME).emit("sync", {
data: {
created,
updated,
deleted,
},
});
}
/** * Compare two string arrays ignoring order. * @param {string[]} arr1 - The first array. * @param {string[]} arr2 - The second array. * @returns {boolean} - Whether the arrays match.
*/ const strArrayMatches = (arr1, arr2) =>
arr1.length === arr2.length &&
arr1.sort().every((value, index) => value === arr2.sort()[index]);
/** * Wait until the 3pcb allow-list matches the expected state. * @param {string[]} allowedSiteHosts - (Unordered) host list to match.
*/
async function waitForAllowListState(expected) { // Ensure the site host exception list has been imported correctly.
await BrowserTestUtils.waitForCondition(() => { return strArrayMatches(Services.cookies.testGet3PCBExceptions(), expected);
}, "Waiting for exceptions to be imported."); Assert.deepEqual(
Services.cookies.testGet3PCBExceptions().sort(),
expected.sort(), "Imported the correct site host exceptions"
);
}
/** * A helper function to create the iframe and the nested ABA iframe. * @param {Browser} browser The browser where the testing is performed. * @param {string} firstPartyURL The first party URL. * @param {string} thirdPartyURL The third party URL. * @returns {Promise} A promise that resolves to the iframe browsing context * and the ABA iframe browsing context.
*/
async function createNestedIframes(browser, firstPartyURL, thirdPartyURL) { return SpecialPowers.spawn(
browser,
[firstPartyURL, thirdPartyURL],
async (firstPartyURL, thirdPartyURL) => {
let iframe = content.document.createElement("iframe");
iframe.src = thirdPartyURL;
await new Promise(resolve => {
iframe.onload = resolve;
content.document.body.appendChild(iframe);
});
let ABABC = await SpecialPowers.spawn(
iframe,
[firstPartyURL],
async firstPartyURL => {
let iframe = content.document.createElement("iframe");
iframe.src = firstPartyURL;
await new Promise(resolve => {
iframe.onload = resolve;
content.document.body.appendChild(iframe);
});
/** * A helper function to set third-party cookies in the third-party iframe and * the ABA iframe. * * @param {Browser} browser The browser where the testing is performed. * @param {CanonicalBrowsingContext} iframeBC The iframe browsing context. * @param {CanonicalBrowsingContext} ABAABC The ABA browsing context.
*/
async function setThirdPartyCookie(browser, iframeBC, ABABC) { const THIRD_PARTY_FETCH_COOKIE_URL = `${THIRD_PARTY_SITE}/${TEST_PATH}/setFetchCookie.sjs`;
// Try to set a third-party cookie by fetching from the third-party URL.
await SpecialPowers.spawn(
browser,
[THIRD_PARTY_FETCH_COOKIE_URL],
async url => {
await content.fetch(url, { credentials: "include" });
}
);
// Set a third-party cookie in the third-party iframe.
await SpecialPowers.spawn(iframeBC, [], async _ => {
content.document.cookie = "thirdPartyIframe=value; SameSite=None; Secure;";
});
// Set a ABA cookie in the nested iframe. An ABA cookie is also considered // as a third-party cookie.
await SpecialPowers.spawn(ABABC, [], async _ => {
content.document.cookie = "ABAIframe=value; SameSite=None; Secure;";
});
}
add_setup(async function () {
await SpecialPowers.pushPrefEnv({
set: [["network.cookie.cookieBehavior.optInPartitioning", true]],
});
// Start with an empty RS collection.
db = RemoteSettings(COLLECTION_NAME).db;
await db.importChanges({}, Date.now(), [], { clear: true });
});
add_task(async function test_3pcb_no_exception() { // Clear cookies before running the test.
Services.cookies.removeAll();
info("Opening a new tab.");
let tab = await BrowserTestUtils.openNewForegroundTab(
gBrowser,
FIRST_PARTY_URL
);
let browser = tab.linkedBrowser;
info("Verifying cookies."); // Verify in the iframeBC to ensure no cookie is set.
await SpecialPowers.spawn(iframeBC, [], async () => {
let cookies = content.document.cookie;
is(cookies, "", "No cookies should be set in the iframeBC");
});
// Verify in the nested iframe to ensure no cookie is set.
await SpecialPowers.spawn(ABABC, [], async () => {
let cookies = content.document.cookie;
is(cookies, "", "No cookies should be set in the ABA iframe");
});
info("Verifying cookies."); // Verify in the iframeBC to ensure cookies are set.
await SpecialPowers.spawn(iframeBC, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "thirdPartyFetch=value; thirdPartyIframe=value", "Cookies should be set in the iframeBC"
);
});
// Verify in the nested ABA iframe to ensure no cookie is set.
await SpecialPowers.spawn(ABABC, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "ABAIframe=value", "No cookies should be set in the ABA iframe"
);
});
BrowserTestUtils.removeTab(tab);
info("Clear exceptions and verify cookies are still valid");
await SpecialPowers.pushPrefEnv({
set: [[PREF_NAME, ""]],
});
await SpecialPowers.spawn(iframeBCNew, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "thirdPartyFetch=value; thirdPartyIframe=value", "Cookies should be set in the iframeBC"
);
});
await SpecialPowers.spawn(ABABCNew, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "ABAIframe=value", "No cookies should be set in the ABA iframe"
);
});
info("Verifying cookies."); // Verify in the iframeBC to ensure cookies are set.
await SpecialPowers.spawn(iframeBC, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "thirdPartyFetch=value; thirdPartyIframe=value", "Cookies should be set in the iframeBC"
);
});
// Verify in the nested ABA iframe to ensure no cookie is set.
await SpecialPowers.spawn(ABABC, [], async () => {
let cookies = content.document.cookie;
is(cookies, "ABAIframe=value", "Cookies should be set in the ABA iframe");
});
BrowserTestUtils.removeTab(tab);
info("Clear exceptions and verify cookies are still valid");
await SpecialPowers.pushPrefEnv({
set: [[PREF_NAME, ""]],
});
await SpecialPowers.spawn(iframeBCNew, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "thirdPartyFetch=value; thirdPartyIframe=value", "Cookies should be set in the iframeBC"
);
});
await SpecialPowers.spawn(ABABCNew, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "ABAIframe=value", "No cookies should be set in the ABA iframe"
);
});
info("Verifying cookies."); // Verify in the iframeBC to ensure cookies are set.
await SpecialPowers.spawn(iframeBC, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "thirdPartyFetch=value; thirdPartyIframe=value", "Cookies should be set in the iframeBC"
);
});
// Verify in the nested ABA iframe to ensure the cookie is set.
await SpecialPowers.spawn(ABABC, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "ABAIframe=value", "No cookies should be set in the ABA iframe"
);
});
BrowserTestUtils.removeTab(tab);
info("Clear exceptions and verify cookies are still valid");
await db.delete(thirdPartyEntry.id);
await db.delete(ABAEntry.id);
await db.importChanges({}, Date.now());
await remoteSettingsSync({
deleted: [thirdPartyEntry, ABAEntry],
});
await waitForAllowListState([]);
await SpecialPowers.spawn(iframeBCNew, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "thirdPartyFetch=value; thirdPartyIframe=value", "Cookies should be set in the iframeBC"
);
});
await SpecialPowers.spawn(ABABCNew, [], async () => {
let cookies = content.document.cookie;
is(
cookies, "ABAIframe=value", "No cookies should be set in the ABA iframe"
);
});
add_task(async function test_3pcb_rs_precedence_over_pref() {
info("Create the third-party entry and the ABA entry.");
let thirdPartyEntry = await db.create({
fpSite: FIRST_PARTY_SITE,
tpSite: THIRD_PARTY_SITE,
});
let ABAEntry = await db.create({
fpSite: FIRST_PARTY_SITE,
tpSite: FIRST_PARTY_SITE,
});
await db.importChanges({}, Date.now());
await remoteSettingsSync({ created: [thirdPartyEntry, ABAEntry] });
await waitForAllowListState([
`${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`,
`${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`,
]);
info("Set the duplicate pref exception."); // Verify that we don't introduce duplicate exceptions if we set the same // exception via pref.
await SpecialPowers.pushPrefEnv({
set: [
[
PREF_NAME,
`${FIRST_PARTY_SITE},${THIRD_PARTY_SITE};${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`,
],
],
});
await waitForAllowListState([
`${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`,
`${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`,
]);
info("Remove the pref exception."); // Verify that the RS exception is still there even if we remove the same // exception via pref.
await SpecialPowers.pushPrefEnv({
set: [[PREF_NAME, ""]],
});
await waitForAllowListState([
`${FIRST_PARTY_SITE},${THIRD_PARTY_SITE}`,
`${FIRST_PARTY_SITE},${FIRST_PARTY_SITE}`,
]);
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
