[tor-commits] [tor-browser/tor-browser-31.4.0esr-4.5-1] Bug #13749.1: regression tests for first party isolation of localStorage

mikeperry at torproject.org mikeperry at torproject.org
Wed Jan 14 16:40:50 UTC 2015


commit a447c129b1f779ffdb76c401176e38a2d0c58192
Author: Arthur Edelstein <arthuredelstein at gmail.com>
Date:   Wed Dec 10 17:35:12 2014 -0800

    Bug #13749.1: regression tests for first party isolation of localStorage
---
 dom/tests/mochitest/localstorage/firstParty.html   |   16 +++++
 .../mochitest/localstorage/firstPartyInner.html    |   25 +++++++
 dom/tests/mochitest/localstorage/mochitest.ini     |    3 +
 .../test_localStorageByFirstParty.html             |   73 ++++++++++++++++++++
 4 files changed, 117 insertions(+)

diff --git a/dom/tests/mochitest/localstorage/firstParty.html b/dom/tests/mochitest/localstorage/firstParty.html
new file mode 100644
index 0000000..7bf2539
--- /dev/null
+++ b/dom/tests/mochitest/localstorage/firstParty.html
@@ -0,0 +1,16 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+  <script>
+    window.onload = function () {
+      var inner = document.getElementById("inner");
+      window.addEventListener("message", function (event) {
+        opener.postMessage(event.data, "http://mochi.test:8888");
+      });
+      inner.src = "http://example.net/tests/dom/tests/mochitest/localstorage/firstPartyInner.html" +
+                  location.search + "&host=" + encodeURIComponent(location.protocol + "//" + location.host);
+    };
+  </script>
+  <body>
+    <div>firstParty.html</div>
+    <iframe id="inner" width=400 height=200></iframe>
+  </body>
+</html>
diff --git a/dom/tests/mochitest/localstorage/firstPartyInner.html b/dom/tests/mochitest/localstorage/firstPartyInner.html
new file mode 100644
index 0000000..1b24d2b
--- /dev/null
+++ b/dom/tests/mochitest/localstorage/firstPartyInner.html
@@ -0,0 +1,25 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+  <body>
+    <div>firstPartyInner.html</div>
+    <pre id="result"></pre>
+    <script>
+      var request = new URLSearchParams(location.search.substring(1)),
+          expected = request.get("expected"),
+          prescribed = request.get("prescribed"),
+          host = decodeURIComponent(request.get("host")),
+          found = localStorage.getItem("firstPartyTest"),
+          resultDiv = document.getElementById("result"),
+          show = function (x) { resultDiv.innerHTML += x + "\n"; };
+      show("host: " + host);
+      if (expected) {
+        show("expected: " + expected);
+        show("found: " + found);
+      }
+      if (prescribed) {
+        localStorage.setItem("firstPartyTest", prescribed);
+        show("wrote: " + prescribed);
+      }
+      parent.postMessage(expected ? (found === expected) : true, host);
+    </script>
+  </body>
+</html>
diff --git a/dom/tests/mochitest/localstorage/mochitest.ini b/dom/tests/mochitest/localstorage/mochitest.ini
index 3b3c50c..6d258f3 100644
--- a/dom/tests/mochitest/localstorage/mochitest.ini
+++ b/dom/tests/mochitest/localstorage/mochitest.ini
@@ -1,5 +1,7 @@
 [DEFAULT]
 support-files =
+  firstParty.html
+  firstPartyInner.html
   frameAppIsolation.html
   frameChromeSlave.html
   frameKeySync.html
@@ -32,6 +34,7 @@ skip-if = toolkit=='gonk' # b2g(4 failures) b2g-debug(debug-only failure)
 [test_localStorageBase.html]
 skip-if = buildapp == 'b2g' || e10s # b2g(no storage chrome event received)
 [test_localStorageBaseSessionOnly.html]
+[test_localStorageByFirstParty.html]
 skip-if = (buildapp == 'b2g' && (toolkit != 'gonk' || debug))
 [test_localStorageCookieSettings.html]
 skip-if = (buildapp == 'b2g' && (toolkit != 'gonk' || debug))
diff --git a/dom/tests/mochitest/localstorage/test_localStorageByFirstParty.html b/dom/tests/mochitest/localstorage/test_localStorageByFirstParty.html
new file mode 100644
index 0000000..6858303
--- /dev/null
+++ b/dom/tests/mochitest/localstorage/test_localStorageByFirstParty.html
@@ -0,0 +1,73 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>localStorage by first party test</title>
+
+<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+
+<script type="application/javascript;version=1.7">
+
+// This series of unit tests ensures that, when the "privacy.thirdparty.isolate" pref
+// is set to 2 (active), we should have a separate localStorage for each first-party
+// (URL bar domain). If the pref is set to 0 (inactive), then two iframes with the
+// same origin but different first-party domains will share localStorage.
+
+let originalPrefValue = SpecialPowers.getIntPref("privacy.thirdparty.isolate");
+
+let mapToUriParameters = aMap =>
+  Object.keys(aMap).map(k => encodeURIComponent(k) + "=" +
+                             encodeURIComponent(aMap[k])).join("&");
+
+let steps = [
+  // When first party isolation is turned off, we expect that DOM storage will be
+  // the same for two iframes at http://example.net.
+  { domain : "example.com", prescribed : "test1", pref : 0 },
+  { domain : "example.org", prescribed : "test2" },
+  { domain : "example.com", expected : "test2", prescribed : "test3" },
+  { domain : "example.org", expected : "test3", prescribed : "test4" },
+  // When first party isolation is turned on, we expect two separate DOM storage
+  // silos for two iframes both at http://example.net but contained in pages
+  // with different first party domains.
+  { domain : "example.com", prescribed : "test1", pref : 2 },
+  { domain : "example.org", prescribed : "test2" },
+  { domain : "example.com", expected : "test1", prescribed : "test3" },
+  { domain : "example.org", expected : "test2", prescribed : "test4" }
+];
+
+let runStep = function (i) {
+  if (i < steps.length) {
+    let step = steps[i],
+        { domain, pref } = step;
+    if (pref !== undefined) {
+      SpecialPowers.setIntPref("privacy.thirdparty.isolate", pref);
+    }
+    window.open("http://" + domain +
+                "/tests/dom/tests/mochitest/localstorage/firstParty.html?" +
+                mapToUriParameters(step), "_blank");
+  } else if (i == steps.length) {
+    SpecialPowers.setIntPref("privacy.thirdparty.isolate", originalPrefValue);
+    SimpleTest.finish();
+  }
+};
+
+let startTest = function () {
+  let i = 0;
+  window.addEventListener("message", function (event) {
+    // Get the result of the last step.
+    is(event.data, true, "correct DOM storage isolation");
+    // Run the next step.
+    runStep(++i);
+  });
+  runStep(0);
+};
+
+SimpleTest.waitForExplicitFinish();
+
+</script>
+
+</head>
+
+<body onload="startTest();">
+
+</body>
+</html>





More information about the tor-commits mailing list