Bug 1482055 - Cleanup cookie at shutdown must support domain cookies, r=johannh
authorAndrea Marchesini <amarchesini@mozilla.com>
Sat, 27 Oct 2018 10:26:31 +0200
changeset 443248 1cf243201204ea1c447de6bbef144eb9a2130cdb
parent 443245 ab03a5f493975fe3403bbcdbcab4d1075f1a9a42
child 443249 3155ef9756f19489937c120abd22dee80c9e09b8
push id34947
push userdluca@mozilla.com
push dateSat, 27 Oct 2018 21:53:25 +0000
treeherdermozilla-central@6d7686f1082f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjohannh
bugs1482055
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1482055 - Cleanup cookie at shutdown must support domain cookies, r=johannh
browser/base/content/test/sanitize/browser_cookiePermission.js
browser/modules/Sanitizer.jsm
--- a/browser/base/content/test/sanitize/browser_cookiePermission.js
+++ b/browser/base/content/test/sanitize/browser_cookiePermission.js
@@ -1,113 +1,171 @@
+const STORAGE = "storage";
+const HOST_COOKIE = "host cookie";
+const DOMAIN_COOKIE = "domain cookie";
+
 ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
 const {Sanitizer} = ChromeUtils.import("resource:///modules/Sanitizer.jsm", {});
 const {SiteDataTestUtils} = ChromeUtils.import("resource://testing-common/SiteDataTestUtils.jsm", {});
 
 function hasIndexedDB(origin) {
   return new Promise(resolve => {
-    let hasData = true;
+    let data = true;
     let uri = Services.io.newURI(origin);
     let principal = Services.scriptSecurityManager.createCodebasePrincipal(uri, {});
     let request = indexedDB.openForPrincipal(principal, "TestDatabase", 1);
     request.onupgradeneeded = function(e) {
-      hasData = false;
+      data = false;
     };
     request.onsuccess = function(e) {
-      resolve(hasData);
+      resolve(data);
     };
   });
 }
 
-async function createData(host) {
-  let origin = "https://" + host;
-  await SiteDataTestUtils.addToIndexedDB(origin);
+async function createData(host, what) {
+  if (what == STORAGE) {
+    let origin = "https://" + host;
+    await SiteDataTestUtils.addToIndexedDB(origin);
+    return;
+  }
+
+  if (what == HOST_COOKIE) {
+    Services.cookies.add(host, "/test1", "foo", "bar",
+      false, false, false, Date.now() + 24000 * 60 * 60, {},
+      Ci.nsICookie2.SAMESITE_UNSET);
+    return;
+  }
+
+  if (what == DOMAIN_COOKIE) {
+    Services.cookies.add("." + host, "/test1", "foo", "bar",
+      false, false, false, Date.now() + 24000 * 60 * 60, {},
+      Ci.nsICookie2.SAMESITE_UNSET);
+    return;
+  }
+
+  ok(false, "Invalid arguments");
 }
 
-add_task(async function deleteAllOnShutdown() {
+async function hasData(host, what) {
+  if (what == STORAGE) {
+    return hasIndexedDB("https://" + host);
+  }
+
+  if (what == HOST_COOKIE || what == DOMAIN_COOKIE) {
+    for (let cookie of Services.cookies.enumerator) {
+      if (cookie.host.includes(host)) {
+        return true;
+      }
+    }
+    return false;
+  }
+
+  ok(false, "Invalid arguments");
+  return false;
+}
+
+async function deleteOnShutdown(what) {
+  // Let's clean up all the data.
+  await new Promise(resolve => {
+    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value => resolve());
+  });
+
   // Let's force the session-only cookie pref.
   await SpecialPowers.pushPrefEnv({"set": [
     ["network.cookie.lifetimePolicy", Ci.nsICookieService.ACCEPT_SESSION],
   ]});
 
   // Let's create a tab with some IDB data.
-  await createData("example.org");
-  ok(await hasIndexedDB("https://example.org"),
-    "We have indexedDB data for example.org");
+  await createData("example.org", what);
+  ok(await hasData("example.org", what), "We have data for example.org");
 
   // Cleaning up.
   await Sanitizer.runSanitizeOnShutdown();
 
   // All gone!
-  ok(!(await hasIndexedDB("https://example.org")),
-    "We don't have indexedDB data for example.org");
+  ok(!(await hasData("example.org", what)), "We don't have data for example.org");
 
   // Clean up.
   await Sanitizer.sanitize([ "cookies", "offlineApps" ]);
-});
+}
+
+add_task(async function deleteStorageOnShutdown() { await deleteOnShutdown(STORAGE); });
+add_task(async function deleteHostCookieOnShutdown() { await deleteOnShutdown(HOST_COOKIE); });
+add_task(async function deleteDomainCookieOnShutdown() { await deleteOnShutdown(DOMAIN_COOKIE); });
 
-add_task(async function deleteAllWithCustomPermission() {
+async function deleteWithCustomPermission(what) {
+  // Let's clean up all the data.
+  await new Promise(resolve => {
+    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value => resolve());
+  });
+
   // Let's force the session-only cookie pref.
   await SpecialPowers.pushPrefEnv({"set": [
     ["network.cookie.lifetimePolicy", Ci.nsICookieService.ACCEPT_SESSION],
   ]});
 
   let uri = Services.io.newURI("https://example.com");
   Services.perms.add(uri, "cookie", Ci.nsICookiePermission.ACCESS_ALLOW);
 
   // Let's create a couple of tabs with some IDB data.
-  await createData("example.org");
-  ok(await hasIndexedDB("https://example.org"),
-    "We have indexedDB data for example.org");
-  await createData("example.com");
-  ok(await hasIndexedDB("https://example.com"),
-    "We have indexedDB data for example.com");
+  await createData("example.org", what);
+  ok(await hasData("example.org", what), "We have data for example.org");
+  await createData("example.com", what);
+  ok(await hasData("example.com", what), "We have data for example.com");
 
   // Cleaning up.
   await Sanitizer.runSanitizeOnShutdown();
 
   // All gone!
-  ok(!(await hasIndexedDB("https://example.org")),
-    "We don't have indexedDB data for example.org");
-  ok(await hasIndexedDB("https://example.com"),
-    "We do have indexedDB data for example.com");
+  ok(!(await hasData("example.org", what)), "We don't have data for example.org");
+  ok(await hasData("example.com", what), "We do have data for example.com");
 
   // Clean up.
   await Sanitizer.sanitize([ "cookies", "offlineApps" ]);
 
   // Remove custom permission
   uri = Services.io.newURI("https://example.com");
   Services.perms.remove(uri, "cookie");
-});
+}
+
+add_task(async function deleteStorageWithCustomPermission() { await deleteWithCustomPermission(STORAGE); });
+add_task(async function deleteHostCookieWithCustomPermission() { await deleteWithCustomPermission(HOST_COOKIE); });
+add_task(async function deleteDomainCookieWithCustomPermission() { await deleteWithCustomPermission(DOMAIN_COOKIE); });
 
-add_task(async function deleteOnlyCustomPermission() {
+async function deleteOnlyCustomPermission(what) {
+  // Let's clean up all the data.
+  await new Promise(resolve => {
+    Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value => resolve());
+  });
+
   // Let's force the session-only cookie pref.
   await SpecialPowers.pushPrefEnv({"set": [
     ["network.cookie.lifetimePolicy", Ci.nsICookieService.ACCEPT_NORMALLY],
   ]});
 
   let uri = Services.io.newURI("https://example.com");
   Services.perms.add(uri, "cookie", Ci.nsICookiePermission.ACCESS_SESSION);
 
   // Let's create a couple of tabs with some IDB data.
-  await createData("example.org");
-  ok(await hasIndexedDB("https://example.org"),
-    "We have indexedDB data for example.org");
-  await createData("example.com");
-  ok(await hasIndexedDB("https://example.com"),
-    "We have indexedDB data for example.com");
+  await createData("example.org", what);
+  ok(await hasData("example.org", what), "We have data for example.org");
+  await createData("example.com", what);
+  ok(await hasData("example.com", what), "We have data for example.com");
 
   // Cleaning up.
   await Sanitizer.runSanitizeOnShutdown();
 
   // All gone!
-  ok(await hasIndexedDB("https://example.org"),
-    "We do have indexedDB data for example.org");
-  ok(!await hasIndexedDB("https://example.com"),
-    "We don't have indexedDB data for example.com");
+  ok(await hasData("example.org", what), "We do have for example.org");
+  ok(!await hasData("example.com", what), "We don't have data for example.com");
 
   // Clean up.
   await Sanitizer.sanitize([ "cookies", "offlineApps" ]);
 
   // Remove custom permission
   uri = Services.io.newURI("https://example.com");
   Services.perms.remove(uri, "cookie");
-});
+}
+
+add_task(async function deleteStorageOnlyCustomPermission() { await deleteOnlyCustomPermission(STORAGE); });
+add_task(async function deleteHostCookieOnlyCustomPermission() { await deleteOnlyCustomPermission(HOST_COOKIE); });
+add_task(async function deleteDomainCookieOnlyCustomPermission() { await deleteOnlyCustomPermission(DOMAIN_COOKIE); });
--- a/browser/modules/Sanitizer.jsm
+++ b/browser/modules/Sanitizer.jsm
@@ -737,17 +737,17 @@ async function sanitizeSessionPrincipals
     let sw = serviceWorkers.queryElementAt(i, Ci.nsIServiceWorkerRegistrationInfo);
     principals.push(sw.principal);
   }
 
   // Let's take the list of unique hosts+OA from cookies.
   let enumerator = Services.cookies.enumerator;
   let hosts = new Set();
   for (let cookie of enumerator) {
-    hosts.add(cookie.host + ChromeUtils.originAttributesToSuffix(cookie.originAttributes));
+    hosts.add(cookie.rawHost + ChromeUtils.originAttributesToSuffix(cookie.originAttributes));
   }
 
   hosts.forEach(host => {
     // Cookies and permissions are handled by origin/host. Doesn't matter if we
     // use http: or https: schema here.
     principals.push(
       Services.scriptSecurityManager.createCodebasePrincipalFromOrigin("https://" + host));
   });