[tor-bugs] #14057 [Tor Browser]: Implement a test plan for double key cookie logic
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jan 2 15:17:44 UTC 2015
#14057: Implement a test plan for double key cookie logic
-----------------------------+----------------------------------
Reporter: michael | Owner: michael
Type: task | Status: assigned
Priority: normal | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords: TorBrowserTeam201501
Actual Points: | Parent ID: #3246
Points: |
-----------------------------+----------------------------------
Description changed by michael:
Old description:
> Write a test plan including unit and regression testing, and simplifying
> QA while supporting reuse.
> ----
> == 3rd party consumer and provider hosts ==
> For purposes of analysis (R&D) and validation (QA), implement a ''real
> world'' (as '''mcs''' puts it) test harness by configuring at least two
> divergent (according to RFC6265 5.1.3. Domain Matching) virtual hosts
> consuming 3rd party content. Implement a cookie provider serving HTTP
> headers in a 3rd party context (as a IFrame for example.)
>
> == Popular website tests ==
> Write verification tests of a set of popular websites consuming 3rd party
> cookies to prove correct isolation via 1st party contexts.
>
> == Regression tests ==
> Implement automated test scripts (possibly using either Mozilla XPCShell
> or Mochitest) for regression testing. Review #13749 for possible overlap.
>
> == Unit tests ==
> Write unit tests (possibly using hand typed code in the JavaScript
> browser console from integrated developer tools) for individual
> components like host domain matching, cookie searches, cookie blocking,
> and privacy.thirdparty.isolate condition.
>
> == Optional unit tests ==
> Optionally write unit tests (possibly using QUnitJS) for individual
> components.
New description:
Write a test plan including unit and regression testing, and simplifying
QA while supporting reuse.
----
== 3rd party consumer and provider hosts ==
For purposes of analysis (R&D) and validation (QA), implement a ''real
world'' (as '''mcs''' puts it) test harness by configuring at least two
divergent (according to RFC6265 5.1.3. Domain Matching) virtual hosts
consuming 3rd party content. Implement a cookie provider serving HTTP
headers in a 3rd party context (as a IFrame for example.)
== Popular website tests ==
Write verification tests of a set of popular websites consuming 3rd party
cookies to prove correct isolation via 1st party contexts. Specify a
subset of web application use cases of 3rd party cookies (federated login,
shopping cart, gaming) as well as a list of websites for each set.
== Regression tests ==
Implement automated test scripts (possibly using either Mozilla XPCShell
or Mochitest) for regression testing. Review #13749 for possible overlap.
== Unit tests ==
Write unit tests (possibly hand typing in the JavaScript browser console)
for individual components like host domain matching, cookie searches,
cookie blocking, and privacy.thirdparty.isolate condition.
== Optional unit tests ==
Optionally write unit tests (possibly using QUnitJS) for individual
components.
== Optional peripheral tests ==
Optionally integrate tests for #3600, leverage ideas from #3546 and #3676,
and avoid redundancy with #13749.
== Optional addon review ==
Get cozy with Cookie Monster #4132 and other Firefox addons to optionally
broaden the scope of tests.
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14057#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list