Bug 897516 - Implement a separate cookie jar for safebrowsing - tests. r=mmc
☠☠ backed out by 07e9ba5dbf03 ☠ ☠
authorChristoph Kerschbaumer <mozilla@christophkerschbaumer.com>
Mon, 19 Aug 2013 12:25:31 -0700
changeset 148979 b4f4c2e6a7d6f6f4eee3bfddc66a38d97e2a0314
parent 148978 d768ef5946b959aeb3ea3fc9817de68116ec32be
child 148980 bcf7717f8f3672410896cd977ffc37f76a02e345
push id34395
push userryanvm@gmail.com
push dateFri, 27 Sep 2013 12:21:15 +0000
treeherdermozilla-inbound@356ba083bb5f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmmc
bugs897516
milestone27.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 897516 - Implement a separate cookie jar for safebrowsing - tests. r=mmc
netwerk/test/unit/test_cookiejars_safebrowsing.js
netwerk/test/unit/xpcshell.ini
new file mode 100644
--- /dev/null
+++ b/netwerk/test/unit/test_cookiejars_safebrowsing.js
@@ -0,0 +1,206 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Description of the test:
+ *   We show that we can separate the safebrowsing cookie by creating a custom
+ *   LoadContext using a reserved AppId (UINT_32_MAX - 1). Setting this
+ *   custom LoadContext as a callback on the channel allows us to query the
+ *   AppId and therefore separate the safebrowing cookie in its own cookie-jar.
+ *   For testing safebrowsing update and rekey we do >> NOT << emulate a response
+ *   in the body, rather we only set the cookies in the header of the response
+ *   and confirm that cookies are separated in their own cookie-jar.
+ *
+ * 1) We init safebrowsing and simulate an update (cookies are set for localhost)
+ *
+ * 2) We simulate a rekey request (cookies should be set for localhost)
+ *
+ * 3) We open a channel that should send regular cookies, but not the
+ *    safebrowsing cookie.
+ *
+ * 4) We open a channel with a custom callback, simulating a safebrowsing cookie
+ *    that should send this simulated safebrowsing cookie as well as the
+ *    real safebrowsing cookies. (Confirming that the safebrowsing cookies
+ *    actually get stored in the correct jar).
+ */
+
+Cu.import("resource://testing-common/httpd.js");
+Cu.import("resource://gre/modules/Services.jsm");
+
+XPCOMUtils.defineLazyGetter(this, "URL", function() {
+  return "http://localhost:" + httpserver.identity.primaryPort;
+});
+
+XPCOMUtils.defineLazyModuleGetter(this, "SafeBrowsing",
+  "resource://gre/modules/SafeBrowsing.jsm");
+
+var setCookiePath = "/setcookie";
+var checkCookiePath = "/checkcookie";
+var safebrowsingUpdatePath = "/safebrowsingUpdate";
+var safebrowsingRekeyPath = "/safebrowsingRekey";
+var httpserver;
+
+function inChildProcess() {
+  return Cc["@mozilla.org/xre/app-info;1"].getService(Ci.nsIXULRuntime)
+           .processType != Ci.nsIXULRuntime.PROCESS_TYPE_DEFAULT;
+}
+
+function cookieSetHandler(metadata, response) {
+  var cookieName = metadata.getHeader("set-cookie");
+  response.setStatusLine(metadata.httpVersion, 200, "Ok");
+  response.setHeader("set-Cookie", cookieName + "=1; Path=/", false);
+  response.setHeader("Content-Type", "text/plain");
+  response.bodyOutputStream.write("Ok", "Ok".length);
+}
+
+function cookieCheckHandler(metadata, response) {
+  var cookies = metadata.getHeader("Cookie");
+  response.setStatusLine(metadata.httpVersion, 200, "Ok");
+  response.setHeader("saw-cookies", cookies, false);
+  response.setHeader("Content-Type", "text/plain");
+  response.bodyOutputStream.write("Ok", "Ok".length);
+}
+
+function safebrowsingUpdateHandler(metadata, response) {
+  var cookieName = "sb-update-cookie";
+  response.setStatusLine(metadata.httpVersion, 200, "Ok");
+  response.setHeader("set-Cookie", cookieName + "=1; Path=/", false);
+  response.setHeader("Content-Type", "text/plain");
+  response.bodyOutputStream.write("Ok", "Ok".length);
+}
+
+function safebrowsingRekeyHandler(metadata, response) {
+  var cookieName = "sb-rekey-cookie";
+  response.setStatusLine(metadata.httpVersion, 200, "Ok");
+  response.setHeader("Set-Cookie", cookieName + "=1; Path=/", false);
+  response.setHeader("Content-Type", "text/plain");
+  response.bodyOutputStream.write("Ok", "Ok".length);
+}
+
+function setupChannel(path, loadContext) {
+  var ios = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService);
+  var channel = ios.newChannel(URL + path, "", null);
+  channel.notificationCallbacks = loadContext;
+  channel.QueryInterface(Ci.nsIHttpChannel);
+  return channel;
+}
+
+function run_test() {
+
+  // Set up a profile
+  do_get_profile();
+
+  // Allow all cookies if the pref service is available in this process.
+  if (!inChildProcess())
+    Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
+
+  httpserver = new HttpServer();
+  httpserver.registerPathHandler(setCookiePath, cookieSetHandler);
+  httpserver.registerPathHandler(checkCookiePath, cookieCheckHandler);
+  httpserver.registerPathHandler(safebrowsingUpdatePath, safebrowsingUpdateHandler);
+  httpserver.registerPathHandler(safebrowsingRekeyPath, safebrowsingRekeyHandler);
+
+  httpserver.start(-1);
+  run_next_test();
+}
+
+// this test does not emulate a response in the body,
+// rather we only set the cookies in the header of response.
+add_test(function test_safebrowsing_update() {
+
+  var dbservice = Cc["@mozilla.org/url-classifier/dbservice;1"]
+                  .getService(Ci.nsIUrlClassifierDBService);
+  var streamUpdater = Cc["@mozilla.org/url-classifier/streamupdater;1"]
+                     .getService(Ci.nsIUrlClassifierStreamUpdater);
+
+  streamUpdater.updateUrl = URL + safebrowsingUpdatePath;
+
+  function onSuccess() {
+    run_next_test();
+  }
+  function onUpdateError() {
+    do_throw("ERROR: received onUpdateError!");
+  }
+  function onDownloadError() {
+    do_throw("ERROR: received onDownloadError!");
+  }
+
+  streamUpdater.downloadUpdates("test-phish-simple,test-malware-simple", "",
+    "", onSuccess, onUpdateError, onDownloadError);
+});
+
+// this test does not emulate a response in the body,
+// rather we only set the cookies in the header of response.
+add_test(function test_safebrowsing_rekey() {
+
+  var jslib = Cc["@mozilla.org/url-classifier/jslib;1"]
+                .getService().wrappedJSObject;
+  var cm = new jslib.PROT_UrlCryptoKeyManager();
+  cm.setKeyUrl(URL + safebrowsingRekeyPath);
+  cm.reKey();
+
+  run_next_test();
+});
+
+add_test(function test_non_safebrowsing_cookie() {
+
+  var cookieName = 'regCookie_id0';
+  var loadContext = new LoadContextCallback(0, false, false, false);
+
+  function setNonSafeBrowsingCookie() {
+    var channel = setupChannel(setCookiePath, loadContext);
+    channel.setRequestHeader("set-cookie", cookieName, false);
+    channel.asyncOpen(new ChannelListener(checkNonSafeBrowsingCookie, null), null);
+  }
+
+  function checkNonSafeBrowsingCookie() {
+    var channel = setupChannel(checkCookiePath, loadContext);
+    channel.asyncOpen(new ChannelListener(completeCheckNonSafeBrowsingCookie, null), null);
+  }
+
+  function completeCheckNonSafeBrowsingCookie(request, data, context) {
+    // Confirm that only the >> ONE << cookie is sent over the channel.
+    var expectedCookie = cookieName + "=1";
+    request.QueryInterface(Ci.nsIHttpChannel);
+    var cookiesSeen = request.getResponseHeader("saw-cookies");
+    do_check_eq(cookiesSeen, expectedCookie);
+    run_next_test();
+  }
+
+  setNonSafeBrowsingCookie();
+});
+
+add_test(function test_safebrowsing_cookie() {
+
+  var cookieName = 'sbCookie_id4294967294';
+  var loadContext = new LoadContextCallback(Ci.nsIScriptSecurityManager.SAFEBROWSING_APP_ID, false, false, false);
+
+  function setSafeBrowsingCookie() {
+    var channel = setupChannel(setCookiePath, loadContext);
+    channel.setRequestHeader("set-cookie", cookieName, false);
+    channel.asyncOpen(new ChannelListener(checkSafeBrowsingCookie, null), null);
+  }
+
+  function checkSafeBrowsingCookie() {
+    var channel = setupChannel(checkCookiePath, loadContext);
+    channel.asyncOpen(new ChannelListener(completeCheckSafeBrowsingCookie, null), null);
+  }
+
+  function completeCheckSafeBrowsingCookie(request, data, context) {
+    // Confirm that all >> THREE << cookies are sent back over the channel:
+    //   a) the safebrowsing cookie set when updating
+    //   b) the safebrowsing cookie set when rekeying
+    //   c) the regular cookie with custom loadcontext defined in this test.
+    var expectedCookies = "sb-update-cookie=1; ";
+    expectedCookies += "sb-rekey-cookie=1; ";
+    expectedCookies += cookieName + "=1";
+    request.QueryInterface(Ci.nsIHttpChannel);
+    var cookiesSeen = request.getResponseHeader("saw-cookies");
+
+    do_check_eq(cookiesSeen, expectedCookies);
+    httpserver.stop(do_test_finished);
+  }
+
+  setSafeBrowsingCookie();
+});
--- a/netwerk/test/unit/xpcshell.ini
+++ b/netwerk/test/unit/xpcshell.ini
@@ -171,16 +171,17 @@ skip-if = os == "android"
 [test_cache_jar.js]
 [test_channel_close.js]
 [test_compareURIs.js]
 [test_compressappend.js]
 [test_content_encoding_gzip.js]
 [test_content_sniffer.js]
 [test_cookie_header.js]
 [test_cookiejars.js]
+[test_cookiejars_safebrowsing.js]
 [test_data_protocol.js]
 [test_dns_service.js]
 [test_dns_localredirect.js]
 [test_duplicate_headers.js]
 [test_event_sink.js]
 [test_extract_charset_from_content_type.js]
 [test_force_sniffing.js]
 [test_fallback_no-cache-entry_canceled.js]