Source code
Revision control
Copy as Markdown
Other Tools
Test Info:
- Manifest: netwerk/cookie/test/unit/xpcshell.toml
const { NetUtil } = ChromeUtils.importESModule(
"resource://gre/modules/NetUtil.sys.mjs"
);
function inChildProcess() {
return Services.appinfo.processType != Ci.nsIXULRuntime.PROCESS_TYPE_DEFAULT;
}
const { CookieXPCShellUtils } = ChromeUtils.importESModule(
);
let CookieXPCShellUtilsInitialized = false;
function maybeInitializeCookieXPCShellUtils() {
if (!CookieXPCShellUtilsInitialized) {
CookieXPCShellUtilsInitialized = true;
CookieXPCShellUtils.init(this);
CookieXPCShellUtils.createServer({ hosts: ["example.org"] });
}
}
// Don't pick up default permissions from profile.
Services.prefs.setCharPref("permissions.manager.defaultsUrl", "");
add_task(async _ => {
do_get_profile();
// Allow all cookies if the pref service is available in this process.
if (!inChildProcess()) {
Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
Services.prefs.setBoolPref(
"network.cookieJarSettings.unblocked_for_testing",
true
);
}
info("Let's set a cookie from HTTP example.org");
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
let channel = NetUtil.newChannel({
uri,
loadingPrincipal: principal,
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
});
Services.cookies.setCookieStringFromHttp(uri, "a=b; sameSite=lax", channel);
let cookies = Services.cookies.getCookiesFromHost("example.org", {});
Assert.equal(cookies.length, 1, "We expect 1 cookie only");
Assert.equal(cookies[0].schemeMap, Ci.nsICookie.SCHEME_HTTP, "HTTP Scheme");
info("Let's set a cookie from HTTPS example.org");
principal = Services.scriptSecurityManager.createContentPrincipal(uri, {});
channel = NetUtil.newChannel({
uri,
loadingPrincipal: principal,
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
});
Services.cookies.setCookieStringFromHttp(uri, "a=b; sameSite=lax", channel);
cookies = Services.cookies.getCookiesFromHost("example.org", {});
Assert.equal(cookies.length, 1, "We expect 1 cookie only");
Assert.equal(
cookies[0].schemeMap,
Ci.nsICookie.SCHEME_HTTP | Ci.nsICookie.SCHEME_HTTPS,
"HTTP + HTTPS Schemes"
);
Services.cookies.removeAll();
});
[true, false].forEach(schemefulComparison => {
add_task(async () => {
do_get_profile();
Services.prefs.setBoolPref("dom.security.https_first", false);
maybeInitializeCookieXPCShellUtils();
// Allow all cookies if the pref service is available in this process.
if (!inChildProcess()) {
Services.prefs.setBoolPref(
"network.cookie.sameSite.schemeful",
schemefulComparison
);
Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
Services.prefs.setBoolPref(
"network.cookieJarSettings.unblocked_for_testing",
true
);
}
info(
`Testing schemefulSameSite=${schemefulComparison}. Let's set a cookie from HTTPS example.org`
);
let https_principal = Services.scriptSecurityManager.createContentPrincipal(
https_uri,
{}
);
let same_site_channel = NetUtil.newChannel({
uri: https_uri,
loadingPrincipal: https_principal,
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
});
Services.cookies.setCookieStringFromHttp(
https_uri,
"a=b; sameSite=lax",
same_site_channel
);
let cookies = Services.cookies.getCookieStringFromHttp(
https_uri,
same_site_channel
);
Assert.equal(cookies, "a=b", "Cookies match");
let http_principal = Services.scriptSecurityManager.createContentPrincipal(
http_uri,
{}
);
let cross_site_channel = NetUtil.newChannel({
uri: https_uri,
loadingPrincipal: http_principal,
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
});
cookies = Services.cookies.getCookieStringFromHttp(
http_uri,
cross_site_channel
);
if (schemefulComparison) {
Assert.equal(cookies, "", "No http(s) cookie for different scheme!");
} else {
Assert.equal(cookies, "a=b", "http(s) Cookie even for differentscheme!");
}
// SameSite cookies are included via document.domain
cookies = await CookieXPCShellUtils.getCookieStringFromDocument(
http_uri.spec
);
Assert.equal(cookies, "a=b", "document.cookie even for different scheme!");
Services.cookies.removeAll();
Services.prefs.clearUserPref("dom.security.https_first");
});
});
add_task(async _ => {
do_get_profile();
Services.prefs.setBoolPref("dom.security.https_first", false);
// Allow all cookies if the pref service is available in this process.
if (!inChildProcess()) {
Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);
Services.prefs.setBoolPref(
"network.cookieJarSettings.unblocked_for_testing",
true
);
}
info("Let's set a cookie without scheme");
Services.cookies.add(
"example.org",
"/",
"a",
"b",
false,
false,
false,
Math.floor(Date.now() / 1000 + 1000),
{},
Ci.nsICookie.SAMESITE_LAX,
Ci.nsICookie.SCHEME_UNSET
);
let cookies = Services.cookies.getCookiesFromHost("example.org", {});
Assert.equal(cookies.length, 1, "We expect 1 cookie only");
Assert.equal(cookies[0].schemeMap, Ci.nsICookie.SCHEME_UNSET, "Unset scheme");
["https", "http"].forEach(scheme => {
let uri = NetUtil.newURI(scheme + "://example.org/");
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
let channel = NetUtil.newChannel({
uri,
loadingPrincipal: principal,
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
contentPolicyType: Ci.nsIContentPolicy.TYPE_OTHER,
});
cookies = Services.cookies.getCookieStringFromHttp(uri, channel);
Assert.equal(cookies, "a=b", "Cookie for unset scheme");
});
Services.cookies.removeAll();
Services.prefs.clearUserPref("dom.security.https_first");
});