Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Warnings
- This test gets skipped with pattern: os == 'android'
- Manifest: toolkit/components/extensions/test/mochitest/chrome.toml
<!DOCTYPE HTML>
<html>
<head>
<title>Test for permissions</title>
</head>
<body>
<script type="text/javascript">
"use strict";
function makeTest(manifestPermissions, optionalPermissions, checkFetch = true) {
return async function() {
function pageScript() {
/* global PERMISSIONS */
browser.test.onMessage.addListener(async msg => {
if (msg == "set-cookie") {
try {
await browser.cookies.set({
name: "COOKIE",
value: "NOM NOM",
});
browser.test.sendMessage("set-cookie.result", {success: true});
} catch (err) {
dump(`set cookie failed with ${err.message}\n`);
browser.test.sendMessage("set-cookie.result",
{success: false, message: err.message});
}
} else if (msg == "remove") {
browser.permissions.remove(PERMISSIONS).then(result => {
browser.test.sendMessage("remove.result", result);
});
} else if (msg == "request") {
browser.test.withHandlingUserInput(() => {
browser.permissions.request(PERMISSIONS).then(result => {
browser.test.sendMessage("request.result", result);
});
});
}
});
browser.test.sendMessage("page-ready");
}
let extension = ExtensionTestUtils.loadExtension({
background() {
browser.test.sendMessage("ready", browser.runtime.getURL("page.html"));
},
manifest: {
permissions: manifestPermissions,
optional_permissions: [...(optionalPermissions.permissions || []),
...(optionalPermissions.origins || [])],
content_scripts: [{
js: ["content_script.js"],
}],
},
files: {
"content_script.js": async () => {
fetch(url, {}).then(response => {
browser.test.sendMessage("fetch.result", response.ok);
}).catch(() => {
browser.test.sendMessage("fetch.result", false);
});
},
"page.html": `<html><head>
<script src="page.js"><\/script>
</head></html>`,
"page.js": `const PERMISSIONS = ${JSON.stringify(optionalPermissions)}; (${pageScript})();`,
},
});
await extension.startup();
function call(method) {
extension.sendMessage(method);
return extension.awaitMessage(`${method}.result`);
}
let base = window.location.href.replace(/^chrome:\/\/mochitests\/content/,
let file = new URL("file_sample.html", base);
async function testContentScript() {
let win = window.open(file);
let result = await extension.awaitMessage("fetch.result");
win.close();
return result;
}
let url = await extension.awaitMessage("ready");
let win = window.open();
win.location.href = url;
await extension.awaitMessage("page-ready");
// Using the cookies API from an extension page should fail
let result = await call("set-cookie");
is(result.success, false, "setting cookie failed");
if (manifestPermissions.includes("cookies")) {
ok(/^Permission denied/.test(result.message),
"setting cookie failed with an appropriate error due to missing host permission");
} else {
ok(/browser\.cookies is undefined/.test(result.message),
"setting cookie failed since cookies API is not present");
}
// Making a cross-origin request from a content script should fail
if (checkFetch) {
result = await testContentScript();
is(result, false, "fetch() failed from content script due to lack of host permission");
}
result = await call("request");
is(result, true, "permissions.request() succeeded");
// Using the cookies API from an extension page should succeed
result = await call("set-cookie");
is(result.success, true, "setting cookie succeeded");
// Making a cross-origin request from a content script should succeed
if (checkFetch) {
result = await testContentScript();
is(result, true, "fetch() succeeded from content script due to lack of host permission");
}
// Now revoke our permissions
result = await call("remove");
// The cookies API should once again fail
result = await call("set-cookie");
is(result.success, false, "setting cookie failed");
// As should the cross-origin request from a content script
if (checkFetch) {
result = await testContentScript();
is(result, false, "fetch() failed from content script due to lack of host permission");
}
await extension.unload();
};
}
add_task(function setup() {
// Don't bother with prompts in this test.
return SpecialPowers.pushPrefEnv({
set: [["extensions.webextOptionalPermissionPrompts", false]],
});
});
const ORIGIN = "*://example.com/";
add_task(makeTest([], {
permissions: ["cookies"],
origins: [ORIGIN],
}));
add_task(makeTest(["cookies"], {origins: [ORIGIN]}));
add_task(makeTest([ORIGIN], {permissions: ["cookies"]}, false));
</script>
</body>
</html>