netwerk/test/unit/test_no_cookies_after_last_pb_exit.js

   1 "use strict";
   2
   3 do_get_profile();
   4
   5 // This test checks that active private-browsing HTTP channels, do not save
   6 // cookies after the termination of the private-browsing session.
   7
   8 // This test consists in following steps:
   9 // - starts a http server
  10 // - no cookies at this point
  11 // - does a beacon request in private-browsing mode
  12 // - after the completion of the request, a cookie should be set (cookie cleanup)
  13 // - does a beacon request in private-browsing mode and dispatch a
  14 //   last-pb-context-exit notification
  15 // - after the completion of the request, no cookies should be set
  16
  17 const { HttpServer } = ChromeUtils.importESModule(
  18   "resource://testing-common/httpd.sys.mjs"
  19 );
  20
  21 let server;
  22
  23 function setupServer() {
  24   info("Starting the server...");
  25
  26   function beaconHandler(metadata, response) {
  27     response.setHeader("Cache-Control", "max-age=10000", false);
  28     response.setStatusLine(metadata.httpVersion, 204, "No Content");
  29     response.setHeader("Set-Cookie", "a=b; path=/beacon; sameSite=lax", false);
  30     response.bodyOutputStream.write("", 0);
  31   }
  32
  33   server = new HttpServer();
  34   server.registerPathHandler("/beacon", beaconHandler);
  35   server.start(-1);
  36   next();
  37 }
  38
  39 function shutdownServer() {
  40   info("Terminating the server...");
  41   server.stop(next);
  42 }
  43
  44 function sendRequest(notification) {
  45   info("Sending a request...");
  46
  47   var privateLoadContext = Cu.createPrivateLoadContext();
  48
  49   var path =
  50     "http://localhost:" +
  51     server.identity.primaryPort +
  52     "/beacon?" +
  53     Math.random();
  54
  55   var uri = NetUtil.newURI(path);
  56   var securityFlags =
  57     Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL |
  58     Ci.nsILoadInfo.SEC_COOKIES_INCLUDE;
  59   var principal = Services.scriptSecurityManager.createContentPrincipal(uri, {
  60     privateBrowsingId: 1,
  61   });
  62
  63   var chan = NetUtil.newChannel({
  64     uri,
  65     loadingPrincipal: principal,
  66     securityFlags,
  67     contentPolicyType: Ci.nsIContentPolicy.TYPE_BEACON,
  68   });
  69
  70   chan.notificationCallbacks = Cu.createPrivateLoadContext();
  71
  72   let loadGroup = Cc["@mozilla.org/network/load-group;1"].createInstance(
  73     Ci.nsILoadGroup
  74   );
  75
  76   loadGroup.notificationCallbacks = Cu.createPrivateLoadContext();
  77   chan.loadGroup = loadGroup;
  78
  79   chan.notificationCallbacks = privateLoadContext;
  80   var channelListener = new ChannelListener(next, null, CL_ALLOW_UNKNOWN_CL);
  81
  82   if (notification) {
  83     info("Sending notification...");
  84     Services.obs.notifyObservers(null, "last-pb-context-exited");
  85   }
  86
  87   chan.asyncOpen(channelListener);
  88 }
  89
  90 function checkCookies(hasCookie) {
  91   let cm = Services.cookies;
  92   Assert.equal(
  93     cm.cookieExists("localhost", "/beacon", "a", { privateBrowsingId: 1 }),
  94     hasCookie
  95   );
  96   cm.removeAll();
  97   next();
  98 }
  99
 100 const steps = [
 101   setupServer,
 102
 103   // no cookie at startup
 104   () => checkCookies(false),
 105
 106   // no last-pb-context-exit notification
 107   () => sendRequest(false),
 108   () => checkCookies(true),
 109
 110   // last-pb-context-exit notification
 111   () => sendRequest(true),
 112   () => checkCookies(false),
 113
 114   shutdownServer,
 115 ];
 116
 117 function next() {
 118   if (!steps.length) {
 119     do_test_finished();
 120     return;
 121   }
 122
 123   steps.shift()();
 124 }
 125
 126 function run_test() {
 127   // We don't want to have CookieJarSettings blocking this test.
 128   Services.prefs.setBoolPref(
 129     "network.cookieJarSettings.unblocked_for_testing",
 130     true
 131   );
 132
 133   do_test_pending();
 134   next();
 135 }