Bug 1440578 - Policy: "block" under "cookies" should clear already-stored cookies r=felipc
authorYUKI "Piro" Hiroshi <yuki>
Thu, 08 Mar 2018 09:22:00 +0200
changeset 407361 7eae9d89985b
parent 407360 13163586e52b
child 407362 865c06c8aae7
push id100652
push userdluca@mozilla.com
push dateFri, 09 Mar 2018 16:49:03 +0000
treeherdermozilla-inbound@865c06c8aae7 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersfelipc
bugs1440578
milestone60.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1440578 - Policy: "block" under "cookies" should clear already-stored cookies r=felipc
browser/components/enterprisepolicies/Policies.jsm
browser/components/enterprisepolicies/tests/EnterprisePolicyTesting.jsm
browser/components/enterprisepolicies/tests/browser/browser.ini
browser/components/enterprisepolicies/tests/browser/browser_policy_clear_blocked_cookies.js
--- a/browser/components/enterprisepolicies/Policies.jsm
+++ b/browser/components/enterprisepolicies/Policies.jsm
@@ -102,16 +102,25 @@ var Policies = {
     onAllWindowsRestored(manager, param) {
       BookmarksPolicies.processBookmarks(param);
     }
   },
 
   "Cookies": {
     onBeforeUIStartup(manager, param) {
       addAllowDenyPermissions("cookie", param.Allow, param.Block);
+
+      if (param.Block) {
+        const hosts = param.Block.map(uri => uri.host).sort().join("\n");
+        runOncePerModification("clearCookiesForBlockedHosts", hosts, () => {
+          for (let blocked of param.Block) {
+            Services.cookies.removeCookiesWithOriginAttributes("{}", blocked.host);
+          }
+        });
+      }
     }
   },
 
   "CreateMasterPassword": {
     onBeforeUIStartup(manager, param) {
       if (!param) {
         manager.disallowFeature("createMasterPassword");
       }
--- a/browser/components/enterprisepolicies/tests/EnterprisePolicyTesting.jsm
+++ b/browser/components/enterprisepolicies/tests/EnterprisePolicyTesting.jsm
@@ -44,9 +44,22 @@ this.EnterprisePolicyTesting = {
     if (customSchema) {
       let schemaModule = ChromeUtils.import("resource:///modules/policies/schema.jsm", {});
       schemaModule.schema = customSchema;
     }
 
     Services.obs.notifyObservers(null, "EnterprisePolicies:Restart");
     return promise;
   },
+
+  resetRunOnceState: function resetRunOnceState() {
+    const runOnceBaseKeys = [
+      "browser.policies.runonce.",
+      "browser.policies.runOncePerModification."
+    ];
+    for (let base of runOnceBaseKeys) {
+      for (let key of Services.prefs.getChildList(base, {})) {
+        if (Services.prefs.prefHasUserValue(key))
+          Services.prefs.clearUserPref(key);
+      }
+    }
+  },
 };
--- a/browser/components/enterprisepolicies/tests/browser/browser.ini
+++ b/browser/components/enterprisepolicies/tests/browser/browser.ini
@@ -17,16 +17,17 @@ support-files =
 [browser_policies_validate_and_parse_API.js]
 [browser_policy_app_update.js]
 [browser_policy_block_about_addons.js]
 [browser_policy_block_about_config.js]
 [browser_policy_block_about_profiles.js]
 [browser_policy_block_about_support.js]
 [browser_policy_block_set_desktop_background.js]
 [browser_policy_bookmarks.js]
+[browser_policy_clear_blocked_cookies.js]
 [browser_policy_default_browser_check.js]
 [browser_policy_disable_formhistory.js]
 [browser_policy_disable_fxaccounts.js]
 [browser_policy_disable_fxscreenshots.js]
 [browser_policy_disable_masterpassword.js]
 [browser_policy_disable_pocket.js]
 [browser_policy_disable_privatebrowsing.js]
 [browser_policy_disable_shield.js]
new file mode 100644
--- /dev/null
+++ b/browser/components/enterprisepolicies/tests/browser/browser_policy_clear_blocked_cookies.js
@@ -0,0 +1,63 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+"use strict";
+
+add_task(async function setup() {
+  EnterprisePolicyTesting.resetRunOnceState();
+  const expiry = Date.now() + 24 * 60 * 60;
+  Services.cookies.add("example.com", "/", "secure", "true", true, false, false, expiry, {});
+  Services.cookies.add("example.com", "/", "insecure", "true", false, false, false, expiry, {});
+  Services.cookies.add("example.org", "/", "secure", "true", true, false, false, expiry, {});
+  Services.cookies.add("example.org", "/", "insecure", "true", false, false, false, expiry, {});
+  Services.cookies.add("example.net", "/", "secure", "true", true, false, false, expiry, {});
+  await setupPolicyEngineWithJson({
+    "policies": {
+      "Cookies": {
+        "Block": [
+          "http://example.com",
+          "https://example.org:8080"
+        ]
+      }
+    }
+  });
+});
+
+function retrieve_all_cookies(host) {
+  const values = [];
+  const cookies = Services.cookies.getCookiesFromHost(host, {});
+  while (cookies.hasMoreElements()) {
+    const cookie = cookies.getNext().QueryInterface(Ci.nsICookie);
+    values.push({
+      host: cookie.host,
+      name: cookie.name,
+      path: cookie.path
+    });
+  }
+  return values;
+}
+
+add_task(async function test_cookies_for_blocked_sites_cleared() {
+  const cookies = {
+    hostname: retrieve_all_cookies("example.com"),
+    origin: retrieve_all_cookies("example.org"),
+    keep: retrieve_all_cookies("example.net")
+  };
+  const expected = {
+    hostname: [],
+    origin: [],
+    keep: [
+      {host: "example.net",
+       name: "secure",
+       path: "/"}
+    ]
+  };
+  is(JSON.stringify(cookies), JSON.stringify(expected),
+     "All stored cookies for blocked origins should be cleared");
+});
+
+add_task(function teardown() {
+  for (let host of ["example.com", "example.org", "example.net"]) {
+    Services.cookies.removeCookiesWithOriginAttributes("{}", host);
+  }
+  EnterprisePolicyTesting.resetRunOnceState();
+});