browser_cookie_file_url_domain.js

Enable keyboard shortcuts

/* This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

"use strict";

registerCleanupFunction(() => {

  Services.cookies.removeAll();

  Services.prefs.clearUserPref("dom.security.https_first");

  Services.prefs.clearUserPref("network.cookie.cookieBehavior");

  Services.prefs.clearUserPref(

    "network.cookieJarSettings.unblocked_for_testing"

);

});

add_task(async function test_file_url_external_domain_rejected() {

  Services.prefs.setBoolPref("dom.security.https_first", false);

  Services.prefs.setIntPref("network.cookie.cookieBehavior", 0);

  Services.prefs.setBoolPref(

    "network.cookieJarSettings.unblocked_for_testing",

    true

);

  Services.cookies.removeAll();

  // Simulate a cookie previously set by https://www.example.com.

  const exampleURI = Services.io.newURI("https://www.example.com/");

  const exampleChannel = NetUtil.newChannel({

    uri: exampleURI,

    loadUsingSystemPrincipal: true,

    contentPolicyType: Ci.nsIContentPolicy.TYPE_DOCUMENT,

});

  Services.cookies.setCookieStringFromHttp(

    exampleURI,

    "test=value; domain=.example.com; max-age=3600",

    exampleChannel

);

  Assert.ok(

    Services.cookies.cookies.some(c => c.name === "test"),

    "HTTPS cookie added"

);

  // Build the file:// URL for the test page.

  const testPath = getResolvedURI(gTestPath);

  const dir = getChromeDir(testPath);

  dir.append("file_cookie_domain.html");

  const fileURL = Services.io.newFileURI(dir).spec;

  const tab = BrowserTestUtils.addTab(gBrowser, fileURL);

  const browser = gBrowser.getBrowserForTab(tab);

  await BrowserTestUtils.browserLoaded(browser);

  const cookies = Services.cookies.cookies;

  // "test=evil; domain=.example.com" must have been rejected: no file:// cookie

  // named "test" should exist.  Without the fix it would be accepted, producing

  // a duplicate (name, host, path, OA) that corrupts the DB on the next write.

  const fileCookieWithExternalDomain = cookies.find(

    c => c.name === "test" && c.schemeMap === Ci.nsICookie.SCHEME_FILE

);

  Assert.ok(

    !fileCookieWithExternalDomain,

    "file:// cookie with external domain was rejected"

);

  // "local=1" (no explicit domain) must have been accepted.

  const localCookie = cookies.find(c => c.name === "local");

  Assert.ok(localCookie, "file:// cookie without explicit domain was accepted");

  Assert.equal(localCookie.schemeMap, Ci.nsICookie.SCHEME_FILE);

  // The original HTTPS cookie must still be intact.

  const httpsCookie = cookies.find(

    c => c.name === "test" && c.schemeMap === Ci.nsICookie.SCHEME_HTTPS

);

  Assert.ok(httpsCookie, "HTTPS cookie is still present");

  BrowserTestUtils.removeTab(tab);

});