Source code
Revision control
Copy as Markdown
Other Tools
Test Info:
<!DOCTYPE HTML>
<html>
<head>
<title>WebExtension test</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<script src="/tests/SimpleTest/ExtensionTestUtils.js"></script>
<script type="text/javascript" src="head.js"></script>
<script type="text/javascript" src="head_cookies.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<script type="text/javascript">
"use strict";
add_task(async function init() {
// We need to trigger a cookie eviction in order to test our batch delete
// observer.
// Set quotaPerHost to maxPerHost - 1, so there is only one cookie
// will be evicted everytime.
SpecialPowers.setIntPref("network.cookie.quotaPerHost", 2);
SpecialPowers.setIntPref("network.cookie.maxPerHost", 3);
SimpleTest.registerCleanupFunction(() => {
SpecialPowers.clearUserPref("network.cookie.quotaPerHost");
SpecialPowers.clearUserPref("network.cookie.maxPerHost");
});
});
add_task(async function test_bad_cookie_permissions() {
info("Test non-matching, non-secure domain with non-secure cookie");
await testCookies({
domain: "example.net",
secure: false,
shouldPass: false,
shouldWrite: false,
});
info("Test non-matching, secure domain with non-secure cookie");
await testCookies({
domain: "example.net",
secure: false,
shouldPass: false,
shouldWrite: false,
});
info("Test non-matching, secure domain with secure cookie");
await testCookies({
domain: "example.net",
secure: false,
shouldPass: false,
shouldWrite: false,
});
info("Test matching subdomain with superdomain privileges, secure cookie (http)");
await testCookies({
domain: ".example.com",
secure: true,
shouldPass: false,
shouldWrite: true,
});
info("Test matching, non-secure domain with secure cookie");
await testCookies({
domain: "example.com",
secure: true,
shouldPass: false,
shouldWrite: true,
});
info("Test matching, non-secure host, secure URL");
await testCookies({
domain: "example.com",
secure: true,
shouldPass: false,
shouldWrite: false,
});
info("Test non-matching domain");
await testCookies({
domain: "example.net",
secure: false,
shouldPass: false,
shouldWrite: false,
});
info("Test invalid scheme");
await testCookies({
domain: "example.com",
secure: false,
shouldPass: false,
shouldWrite: false,
});
});
</script>
</body>
</html>