Revision fbfddb02
Added by koszko over 1 year ago
| test/unit/test_content.py | ||
|---|---|---|
| 42 | 42 |
content_script = \ |
| 43 | 43 |
''' |
| 44 | 44 |
/* Mock dynamic content script - case 'before'. */ |
| 45 |
if (/#dynamic_before$/.test(document.URL)) {
|
|
| 45 |
if (/dynamic_before/.test(document.URL)) {
|
|
| 46 | 46 |
%s; |
| 47 | 47 |
} |
| 48 | 48 |
|
| ... | ... | |
| 50 | 50 |
%s; |
| 51 | 51 |
|
| 52 | 52 |
/* Rest of mocks */ |
| 53 |
|
|
| 54 |
function mock_decide_policy() {
|
|
| 55 |
nonce = "12345"; |
|
| 56 |
return {
|
|
| 57 |
allow: false, |
|
| 58 |
mapping: "what-is-programmers-favorite-drinking-place", |
|
| 59 |
payload: {identifier: "foo-bar"},
|
|
| 60 |
nonce, |
|
| 61 |
csp: "prefetch-src 'none'; script-src-attr 'none'; script-src 'nonce-12345'; script-src-elem 'nonce-12345';" |
|
| 62 |
}; |
|
| 63 |
} |
|
| 64 |
|
|
| 65 |
async function mock_payload_error([type, res_id]) {
|
|
| 66 |
if (type === "indexeddb_files") |
|
| 67 |
return {error: {haketilo_error_type: "missing", id: res_id}};
|
|
| 68 |
} |
|
| 69 |
|
|
| 70 |
async function mock_payload_ok([type, res_id]) {
|
|
| 71 |
if (type === "indexeddb_files") |
|
| 72 |
return [1, 2].map(n => `window.haketilo_injected_${n} = ${n}${n};`);
|
|
| 73 |
} |
|
| 74 |
|
|
| 75 |
if (/payload_error/.test(document.URL)) {
|
|
| 76 |
browser.runtime.sendMessage = mock_payload_error; |
|
| 77 |
decide_policy = mock_decide_policy; |
|
| 78 |
} else if (/payload_ok/.test(document.URL)) {
|
|
| 79 |
browser.runtime.sendMessage = mock_payload_ok; |
|
| 80 |
decide_policy = mock_decide_policy; |
|
| 81 |
} |
|
| 82 |
/* Otherwise, script blocking policy without payload to inject is used. */ |
|
| 83 |
|
|
| 53 | 84 |
const data_to_verify = {};
|
| 54 | 85 |
function data_set(prop, val) {
|
| 55 | 86 |
data_to_verify[prop] = val; |
| ... | ... | |
| 61 | 92 |
enforce_blocking = policy => data_set("enforcing", policy);
|
| 62 | 93 |
|
| 63 | 94 |
browser.runtime.onMessage.addListener = async function (listener_cb) {
|
| 64 |
await new Promise(cb => setTimeout(cb, 0)); |
|
| 95 |
await new Promise(cb => setTimeout(cb, 10));
|
|
| 65 | 96 |
|
| 66 | 97 |
/* Mock a good request. */ |
| 67 | 98 |
const set_good = val => data_set("good_request_result", val);
|
| 68 |
listener_cb(["page_info"], {}, val => set_good(val));
|
|
| 99 |
data_set("good_request_returned",
|
|
| 100 |
!!listener_cb(["page_info"], {}, val => set_good(val)));
|
|
| 69 | 101 |
|
| 70 | 102 |
/* Mock a bad request. */ |
| 71 | 103 |
const set_bad = val => data_set("bad_request_result", val);
|
| 72 |
listener_cb(["???"], {}, val => set_bad(val));
|
|
| 104 |
data_set("bad_request_returned",
|
|
| 105 |
!!listener_cb(["???"], {}, val => set_bad(val)));
|
|
| 73 | 106 |
} |
| 74 | 107 |
|
| 75 | 108 |
/* main() call - normally present in content.js, inside '#IF !UNIT_TEST'. */ |
| 76 | 109 |
main(); |
| 77 | 110 |
|
| 78 | 111 |
/* Mock dynamic content script - case 'after'. */ |
| 79 |
if (/#dynamic_after$/.test(document.URL)) {
|
|
| 112 |
if (/#dynamic_after/.test(document.URL)) {
|
|
| 80 | 113 |
%s; |
| 81 | 114 |
} |
| 82 | 115 |
|
| ... | ... | |
| 85 | 118 |
|
| 86 | 119 |
@pytest.mark.ext_data({'content_script': content_script})
|
| 87 | 120 |
@pytest.mark.usefixtures('webextension')
|
| 88 |
@pytest.mark.parametrize('target', ['dynamic_before', 'dynamic_after'])
|
|
| 89 |
def test_content_unprivileged_page(driver, execute_in_page, target): |
|
| 121 |
@pytest.mark.parametrize('target1', ['dynamic_before'])#, 'dynamic_after'])
|
|
| 122 |
@pytest.mark.parametrize('target2', [
|
|
| 123 |
'scripts_blocked', |
|
| 124 |
'payload_error', |
|
| 125 |
'payload_ok' |
|
| 126 |
]) |
|
| 127 |
def test_content_unprivileged_page(driver, execute_in_page, target1, target2): |
|
| 90 | 128 |
""" |
| 91 | 129 |
Test functioning of content.js on an page using unprivileged schema (e.g. |
| 92 | 130 |
'https://' and not 'about:'). |
| 93 | 131 |
""" |
| 94 |
driver.get(f'https://gotmyowndoma.in/index.html#{target}')
|
|
| 95 |
data = json.loads(driver.execute_script('return window.data_to_verify;'))
|
|
| 132 |
driver.get(f'https://gotmyowndoma.in/index.html#{target1}-{target2}')
|
|
| 133 |
|
|
| 134 |
def get_data(driver): |
|
| 135 |
data = driver.execute_script('return window.data_to_verify;')
|
|
| 136 |
return data if 'good_request_result' in data else False |
|
| 137 |
|
|
| 138 |
data = json.loads(WebDriverWait(driver, 10).until(get_data)) |
|
| 96 | 139 |
|
| 97 | 140 |
assert 'gotmyowndoma.in' in data['good_request_result']['url'] |
| 98 | 141 |
assert 'bad_request_result' not in data |
| 99 | 142 |
|
| 143 |
assert data['good_request_returned'] == True |
|
| 144 |
assert data['bad_request_returned'] == False |
|
| 145 |
|
|
| 100 | 146 |
assert data['cacher_started'] == True |
| 101 | 147 |
|
| 102 |
assert data['enforcing']['allow'] == False |
|
| 103 |
assert 'mapping' not in data['enforcing'] |
|
| 104 |
assert 'error' not in data['enforcing'] |
|
| 148 |
for obj in (data['good_request_result'], data['enforcing']): |
|
| 149 |
assert obj['allow'] == False |
|
| 150 |
|
|
| 151 |
assert 'error' not in data['enforcing'] |
|
| 152 |
|
|
| 153 |
if target2.startswith('payload'):
|
|
| 154 |
for obj in (data['good_request_result'], data['enforcing']): |
|
| 155 |
assert obj['payload']['identifier'] == 'foo-bar' |
|
| 156 |
assert 'mapping' in obj |
|
| 157 |
else: |
|
| 158 |
assert 'payload' not in data['enforcing'] |
|
| 159 |
assert 'mapping' not in data['enforcing'] |
|
| 105 | 160 |
|
| 106 | 161 |
assert data['script_run_without_errors'] == True |
| 107 | 162 |
|
| 163 |
def vars_made_by_payload(driver): |
|
| 164 |
vars_values = driver.execute_script( |
|
| 165 |
'return [1, 2].map(n => window[`haketilo_injected_${n}`]);'
|
|
| 166 |
) |
|
| 167 |
if vars_values != [None, None]: |
|
| 168 |
return vars_values |
|
| 169 |
|
|
| 170 |
if target2 == 'payload_error': |
|
| 171 |
assert data['good_request_result']['error'] == {
|
|
| 172 |
'haketilo_error_type': 'missing', |
|
| 173 |
'id': 'foo-bar' |
|
| 174 |
} |
|
| 175 |
elif target2 == 'payload_ok': |
|
| 176 |
vars_values = WebDriverWait(driver, 10).until(vars_made_by_payload) |
|
| 177 |
assert vars_values == [11, 22] |
|
| 178 |
|
|
| 108 | 179 |
@pytest.mark.ext_data({'content_script': content_script})
|
| 109 | 180 |
@pytest.mark.usefixtures('webextension')
|
| 110 | 181 |
@pytest.mark.parametrize('target', ['dynamic_before', 'dynamic_after'])
|
Also available in: Unified diff
add actual payload injection functionality to new content script