search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Backed out changeset b71c8c052463 (bug 1943846) for causing mass failures. CLOSED...
[gecko.git] / netwerk / test / unit / test_bug526789.js
blobfe7650e5b409ac0170a8863b226a218226940991
1 /* Any copyright is dedicated to the Public Domain.
2 http://creativecommons.org/publicdomain/zero/1.0/ */
3
4 "use strict";
5
6 add_task(async () => {
7 var cm = Services.cookies;
8 var expiry = (Date.now() + 1000) * 1000;
9
10 cm.removeAll();
11
12 // Allow all cookies.
13 Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
14 Services.prefs.setBoolPref("dom.security.https_first", false);
15
16 // test that variants of 'baz.com' get normalized appropriately, but that
17 // malformed hosts are rejected
18 cm.add(
19 "baz.com",
20 "/",
21 "foo",
22 "bar",
23 false,
24 false,
25 true,
26 expiry,
27 {},
28 Ci.nsICookie.SAMESITE_NONE,
29 Ci.nsICookie.SCHEME_HTTPS
30 );
31 Assert.equal(cm.countCookiesFromHost("baz.com"), 1);
32 Assert.equal(cm.countCookiesFromHost("BAZ.com"), 1);
33 Assert.equal(cm.countCookiesFromHost(".baz.com"), 1);
34 Assert.equal(cm.countCookiesFromHost("baz.com."), 0);
35 Assert.equal(cm.countCookiesFromHost(".baz.com."), 0);
36 do_check_throws(function () {
37 cm.countCookiesFromHost("baz.com..");
38 }, Cr.NS_ERROR_ILLEGAL_VALUE);
39 do_check_throws(function () {
40 cm.countCookiesFromHost("baz..com");
41 }, Cr.NS_ERROR_ILLEGAL_VALUE);
42 do_check_throws(function () {
43 cm.countCookiesFromHost("..baz.com");
44 }, Cr.NS_ERROR_ILLEGAL_VALUE);
45 cm.remove("BAZ.com.", "foo", "/", {});
46 Assert.equal(cm.countCookiesFromHost("baz.com"), 1);
47 cm.remove("baz.com", "foo", "/", {});
48 Assert.equal(cm.countCookiesFromHost("baz.com"), 0);
49
50 // Test that 'baz.com' and 'baz.com.' are treated differently
51 cm.add(
52 "baz.com.",
53 "/",
54 "foo",
55 "bar",
56 false,
57 false,
58 true,
59 expiry,
60 {},
61 Ci.nsICookie.SAMESITE_NONE,
62 Ci.nsICookie.SCHEME_HTTPS
63 );
64 Assert.equal(cm.countCookiesFromHost("baz.com"), 0);
65 Assert.equal(cm.countCookiesFromHost("BAZ.com"), 0);
66 Assert.equal(cm.countCookiesFromHost(".baz.com"), 0);
67 Assert.equal(cm.countCookiesFromHost("baz.com."), 1);
68 Assert.equal(cm.countCookiesFromHost(".baz.com."), 1);
69 cm.remove("baz.com", "foo", "/", {});
70 Assert.equal(cm.countCookiesFromHost("baz.com."), 1);
71 cm.remove("baz.com.", "foo", "/", {});
72 Assert.equal(cm.countCookiesFromHost("baz.com."), 0);
73
74 // test that domain cookies are illegal for IP addresses, aliases such as
75 // 'localhost', and eTLD's such as 'co.uk'
76 cm.add(
77 "192.168.0.1",
78 "/",
79 "foo",
80 "bar",
81 false,
82 false,
83 true,
84 expiry,
85 {},
86 Ci.nsICookie.SAMESITE_NONE,
87 Ci.nsICookie.SCHEME_HTTPS
88 );
89 Assert.equal(cm.countCookiesFromHost("192.168.0.1"), 1);
90 Assert.equal(cm.countCookiesFromHost("192.168.0.1."), 0);
91 do_check_throws(function () {
92 cm.countCookiesFromHost(".192.168.0.1");
93 }, Cr.NS_ERROR_ILLEGAL_VALUE);
94 do_check_throws(function () {
95 cm.countCookiesFromHost(".192.168.0.1.");
96 }, Cr.NS_ERROR_ILLEGAL_VALUE);
97
98 cm.add(
99 "localhost",
100 "/",
101 "foo",
102 "bar",
103 false,
104 false,
105 true,
106 expiry,
107 {},
108 Ci.nsICookie.SAMESITE_NONE,
109 Ci.nsICookie.SCHEME_HTTPS
110 );
111 Assert.equal(cm.countCookiesFromHost("localhost"), 1);
112 Assert.equal(cm.countCookiesFromHost("localhost."), 0);
113 do_check_throws(function () {
114 cm.countCookiesFromHost(".localhost");
115 }, Cr.NS_ERROR_ILLEGAL_VALUE);
116 do_check_throws(function () {
117 cm.countCookiesFromHost(".localhost.");
118 }, Cr.NS_ERROR_ILLEGAL_VALUE);
119
120 cm.add(
121 "co.uk",
122 "/",
123 "foo",
124 "bar",
125 false,
126 false,
127 true,
128 expiry,
129 {},
130 Ci.nsICookie.SAMESITE_NONE,
131 Ci.nsICookie.SCHEME_HTTPS
132 );
133 Assert.equal(cm.countCookiesFromHost("co.uk"), 1);
134 Assert.equal(cm.countCookiesFromHost("co.uk."), 0);
135 do_check_throws(function () {
136 cm.countCookiesFromHost(".co.uk");
137 }, Cr.NS_ERROR_ILLEGAL_VALUE);
138 do_check_throws(function () {
139 cm.countCookiesFromHost(".co.uk.");
140 }, Cr.NS_ERROR_ILLEGAL_VALUE);
141
142 cm.removeAll();
143
144 CookieXPCShellUtils.createServer({
145 hosts: ["baz.com", "192.168.0.1", "localhost", "co.uk", "foo.com"],
146 });
147
148 var uri = NetUtil.newURI("http://baz.com/");
149 Services.scriptSecurityManager.createContentPrincipal(uri, {});
150
151 Assert.equal(uri.asciiHost, "baz.com");
152
153 await CookieXPCShellUtils.setCookieToDocument(uri.spec, "foo=bar");
154 const docCookies = await CookieXPCShellUtils.getCookieStringFromDocument(
155 uri.spec
156 );
157 Assert.equal(docCookies, "foo=bar");
158
159 Assert.equal(cm.countCookiesFromHost(""), 0);
160 do_check_throws(function () {
161 cm.countCookiesFromHost(".");
162 }, Cr.NS_ERROR_ILLEGAL_VALUE);
163 do_check_throws(function () {
164 cm.countCookiesFromHost("..");
165 }, Cr.NS_ERROR_ILLEGAL_VALUE);
166
167 var cookies = cm.getCookiesFromHost("", {});
168 Assert.ok(!cookies.length);
169 do_check_throws(function () {
170 cm.getCookiesFromHost(".", {});
171 }, Cr.NS_ERROR_ILLEGAL_VALUE);
172 do_check_throws(function () {
173 cm.getCookiesFromHost("..", {});
174 }, Cr.NS_ERROR_ILLEGAL_VALUE);
175
176 cookies = cm.getCookiesFromHost("baz.com", {});
177 Assert.equal(cookies.length, 1);
178 Assert.equal(cookies[0].name, "foo");
179 cookies = cm.getCookiesFromHost("", {});
180 Assert.ok(!cookies.length);
181 do_check_throws(function () {
182 cm.getCookiesFromHost(".", {});
183 }, Cr.NS_ERROR_ILLEGAL_VALUE);
184 do_check_throws(function () {
185 cm.getCookiesFromHost("..", {});
186 }, Cr.NS_ERROR_ILLEGAL_VALUE);
187
188 cm.removeAll();
189
190 // test that an empty host to add() or remove() works,
191 // but a host of '.' doesn't
192 cm.add(
193 "",
194 "/",
195 "foo2",
196 "bar",
197 false,
198 false,
199 true,
200 expiry,
201 {},
202 Ci.nsICookie.SAMESITE_NONE,
203 Ci.nsICookie.SCHEME_HTTPS
204 );
205 Assert.equal(getCookieCount(), 1);
206 do_check_throws(function () {
207 cm.add(
208 ".",
209 "/",
210 "foo3",
211 "bar",
212 false,
213 false,
214 true,
215 expiry,
216 {},
217 Ci.nsICookie.SAMESITE_NONE,
218 Ci.nsICookie.SCHEME_HTTPS
219 );
220 }, Cr.NS_ERROR_ILLEGAL_VALUE);
221 Assert.equal(getCookieCount(), 1);
222
223 cm.remove("", "foo2", "/", {});
224 Assert.equal(getCookieCount(), 0);
225 do_check_throws(function () {
226 cm.remove(".", "foo3", "/", {});
227 }, Cr.NS_ERROR_ILLEGAL_VALUE);
228
229 // test that the 'domain' attribute accepts a leading dot for IP addresses,
230 // aliases such as 'localhost', and eTLD's such as 'co.uk'; but that the
231 // resulting cookie is for the exact host only.
232 await testDomainCookie("http://192.168.0.1/", "192.168.0.1");
233 await testDomainCookie("http://localhost/", "localhost");
234 await testDomainCookie("http://co.uk/", "co.uk");
235
236 // Test that trailing dots are treated differently for purposes of the
237 // 'domain' attribute.
238 await testTrailingDotCookie("http://localhost/", "localhost");
239 await testTrailingDotCookie("http://foo.com/", "foo.com");
240
241 cm.removeAll();
242 Services.prefs.clearUserPref("dom.security.https_first");
243 });
244
245 function getCookieCount() {
246 var cm = Services.cookies;
247 return cm.cookies.length;
248 }
249
250 async function testDomainCookie(uriString, domain) {
251 var cm = Services.cookies;
252
253 cm.removeAll();
254
255 await CookieXPCShellUtils.setCookieToDocument(
256 uriString,
257 "foo=bar; domain=" + domain
258 );
259
260 var cookies = cm.getCookiesFromHost(domain, {});
261 Assert.ok(cookies.length);
262 Assert.equal(cookies[0].host, domain);
263 cm.removeAll();
264
265 await CookieXPCShellUtils.setCookieToDocument(
266 uriString,
267 "foo=bar; domain=." + domain
268 );
269
270 cookies = cm.getCookiesFromHost(domain, {});
271 Assert.ok(cookies.length);
272 Assert.equal(cookies[0].host, domain);
273 cm.removeAll();
274 }
275
276 async function testTrailingDotCookie(uriString, domain) {
277 var cm = Services.cookies;
278
279 cm.removeAll();
280
281 await CookieXPCShellUtils.setCookieToDocument(
282 uriString,
283 "foo=bar; domain=" + domain + "/"
284 );
285
286 Assert.equal(cm.countCookiesFromHost(domain), 0);
287 Assert.equal(cm.countCookiesFromHost(domain + "."), 0);
288 cm.removeAll();
289 }