forked from mirrors/gecko-dev
ee093cd087
Differential Revision: https://phabricator.services.mozilla.com/D69257 --HG-- extra : moz-landing-system : lando
204 lines
4.9 KiB
JavaScript
204 lines
4.9 KiB
JavaScript
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
// This test makes sure the HTTP authenticated sessions are correctly cleared
|
|
// when entering and leaving the private browsing mode.
|
|
|
|
"use strict";
|
|
|
|
function run_test() {
|
|
var am = Cc["@mozilla.org/network/http-auth-manager;1"].getService(
|
|
Ci.nsIHttpAuthManager
|
|
);
|
|
|
|
const kHost1 = "pbtest3.example.com";
|
|
const kHost2 = "pbtest4.example.com";
|
|
const kPort = 80;
|
|
const kHTTP = "http";
|
|
const kBasic = "basic";
|
|
const kRealm = "realm";
|
|
const kDomain = "example.com";
|
|
const kUser = "user";
|
|
const kUser2 = "user2";
|
|
const kPassword = "pass";
|
|
const kPassword2 = "pass2";
|
|
const kEmpty = "";
|
|
|
|
const PRIVATE = true;
|
|
const NOT_PRIVATE = false;
|
|
|
|
try {
|
|
var domain = { value: kEmpty },
|
|
user = { value: kEmpty },
|
|
pass = { value: kEmpty };
|
|
// simulate a login via HTTP auth outside of the private mode
|
|
am.setAuthIdentity(
|
|
kHTTP,
|
|
kHost1,
|
|
kPort,
|
|
kBasic,
|
|
kRealm,
|
|
kEmpty,
|
|
kDomain,
|
|
kUser,
|
|
kPassword
|
|
);
|
|
// make sure the recently added auth entry is available outside the private browsing mode
|
|
am.getAuthIdentity(
|
|
kHTTP,
|
|
kHost1,
|
|
kPort,
|
|
kBasic,
|
|
kRealm,
|
|
kEmpty,
|
|
domain,
|
|
user,
|
|
pass,
|
|
NOT_PRIVATE
|
|
);
|
|
Assert.equal(domain.value, kDomain);
|
|
Assert.equal(user.value, kUser);
|
|
Assert.equal(pass.value, kPassword);
|
|
|
|
// make sure the added auth entry is no longer accessible in private
|
|
domain = { value: kEmpty };
|
|
user = { value: kEmpty };
|
|
pass = { value: kEmpty };
|
|
try {
|
|
// should throw
|
|
am.getAuthIdentity(
|
|
kHTTP,
|
|
kHost1,
|
|
kPort,
|
|
kBasic,
|
|
kRealm,
|
|
kEmpty,
|
|
domain,
|
|
user,
|
|
pass,
|
|
PRIVATE
|
|
);
|
|
do_throw(
|
|
"Auth entry should not be retrievable after entering the private browsing mode"
|
|
);
|
|
} catch (e) {
|
|
Assert.equal(domain.value, kEmpty);
|
|
Assert.equal(user.value, kEmpty);
|
|
Assert.equal(pass.value, kEmpty);
|
|
}
|
|
|
|
// simulate a login via HTTP auth inside of the private mode
|
|
am.setAuthIdentity(
|
|
kHTTP,
|
|
kHost2,
|
|
kPort,
|
|
kBasic,
|
|
kRealm,
|
|
kEmpty,
|
|
kDomain,
|
|
kUser2,
|
|
kPassword2,
|
|
PRIVATE
|
|
);
|
|
// make sure the recently added auth entry is available inside the private browsing mode
|
|
domain = { value: kEmpty };
|
|
user = { value: kEmpty };
|
|
pass = { value: kEmpty };
|
|
am.getAuthIdentity(
|
|
kHTTP,
|
|
kHost2,
|
|
kPort,
|
|
kBasic,
|
|
kRealm,
|
|
kEmpty,
|
|
domain,
|
|
user,
|
|
pass,
|
|
PRIVATE
|
|
);
|
|
Assert.equal(domain.value, kDomain);
|
|
Assert.equal(user.value, kUser2);
|
|
Assert.equal(pass.value, kPassword2);
|
|
|
|
try {
|
|
// make sure the recently added auth entry is not available outside the private browsing mode
|
|
domain = { value: kEmpty };
|
|
user = { value: kEmpty };
|
|
pass = { value: kEmpty };
|
|
am.getAuthIdentity(
|
|
kHTTP,
|
|
kHost2,
|
|
kPort,
|
|
kBasic,
|
|
kRealm,
|
|
kEmpty,
|
|
domain,
|
|
user,
|
|
pass,
|
|
NOT_PRIVATE
|
|
);
|
|
do_throw(
|
|
"Auth entry should not be retrievable outside of private browsing mode"
|
|
);
|
|
} catch (x) {
|
|
Assert.equal(domain.value, kEmpty);
|
|
Assert.equal(user.value, kEmpty);
|
|
Assert.equal(pass.value, kEmpty);
|
|
}
|
|
|
|
// simulate leaving private browsing mode
|
|
Services.obs.notifyObservers(null, "last-pb-context-exited");
|
|
|
|
// make sure the added auth entry is no longer accessible in any privacy state
|
|
domain = { value: kEmpty };
|
|
user = { value: kEmpty };
|
|
pass = { value: kEmpty };
|
|
try {
|
|
// should throw (not available in public mode)
|
|
am.getAuthIdentity(
|
|
kHTTP,
|
|
kHost2,
|
|
kPort,
|
|
kBasic,
|
|
kRealm,
|
|
kEmpty,
|
|
domain,
|
|
user,
|
|
pass,
|
|
NOT_PRIVATE
|
|
);
|
|
do_throw(
|
|
"Auth entry should not be retrievable after exiting the private browsing mode"
|
|
);
|
|
} catch (e) {
|
|
Assert.equal(domain.value, kEmpty);
|
|
Assert.equal(user.value, kEmpty);
|
|
Assert.equal(pass.value, kEmpty);
|
|
}
|
|
try {
|
|
// should throw (no longer available in private mode)
|
|
am.getAuthIdentity(
|
|
kHTTP,
|
|
kHost2,
|
|
kPort,
|
|
kBasic,
|
|
kRealm,
|
|
kEmpty,
|
|
domain,
|
|
user,
|
|
pass,
|
|
PRIVATE
|
|
);
|
|
do_throw(
|
|
"Auth entry should not be retrievable in private mode after exiting the private browsing mode"
|
|
);
|
|
} catch (x) {
|
|
Assert.equal(domain.value, kEmpty);
|
|
Assert.equal(user.value, kEmpty);
|
|
Assert.equal(pass.value, kEmpty);
|
|
}
|
|
} catch (e) {
|
|
do_throw("Unexpected exception while testing HTTP auth manager: " + e);
|
|
}
|
|
}
|