File: test_gethash.html

package info (click to toggle)

firefox-esr 52.8.1esr-1~deb8u1

links: PTS, VCS
area: main
in suites: jessie
size: 1,983,244 kB
sloc: cpp: 4,810,275; ansic: 2,004,548; python: 451,282; java: 241,615; asm: 178,649; xml: 136,302; sh: 82,207; makefile: 22,575; perl: 15,783; objc: 4,389; yacc: 1,816; ada: 1,697; pascal: 1,519; lex: 1,257; cs: 879; exp: 499; php: 436; lisp: 258; awk: 152; sed: 51; ruby: 47; csh: 27

file content (157 lines) | stat: -rw-r--r-- 4,711 bytes

parent folder | download | duplicates (4)

<!DOCTYPE HTML>
<html>
<head>
  <title>Bug 1272239 - Test gethash.</title>
  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
  <script type="text/javascript" src="classifierHelper.js"></script>
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>

<body>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<pre id="test">
<iframe id="testFrame1" onload=""></iframe>
<iframe id="testFrame2" onload=""></iframe>

<script class="testbody" type="text/javascript">

const MALWARE_LIST = "test-malware-simple";
const MALWARE_HOST = "malware.example.com/";

const UNWANTED_LIST = "test-unwanted-simple";
const UNWANTED_HOST = "unwanted.example.com/";

const GETHASH_URL = "http://mochi.test:8888/tests/toolkit/components/url-classifier/tests/mochitest/gethash.sjs";
const NOTEXIST_URL = "http://mochi.test:8888/tests/toolkit/components/url-classifier/tests/mochitest/nonexistserver.sjs";

var shouldLoad = false;

// In this testcase we store prefixes to localdb and send the fullhash to gethash server.
// When access the test page gecko should trigger gethash request to server and
// get the completion response.
function loadTestFrame(id) {
  return new Promise(function(resolve, reject) {

    var iframe = document.getElementById(id);
    iframe.setAttribute("src", "gethashFrame.html");

    iframe.onload = function() {
      resolve();
    };
  });
}

// add 4-bytes prefixes to local database, so when we access the url,
// it will trigger gethash request.
function addPrefixToDB(list, url) {
  var testData = [{ db: list, url: url, len: 4 }];

  return classifierHelper.addUrlToDB(testData)
    .catch(function(err) {
      ok(false, "Couldn't update classifier. Error code: " + err);
      // Abort test.
      SimpleTest.finish();
    });
}

// calculate the fullhash and send it to gethash server
function addCompletionToServer(list, url) {
  return new Promise(function(resolve, reject) {
    var listParam = "list=" + list;
    var fullhashParam = "fullhash=" + hash(url);

    var xhr = new XMLHttpRequest;
    xhr.open("PUT", GETHASH_URL + "?" +
             listParam + "&" +
             fullhashParam, true);
    xhr.setRequestHeader("Content-Type", "text/plain");
    xhr.onreadystatechange = function() {
      if (this.readyState == this.DONE) {
        resolve();
      }
    };
    xhr.send();
  });
}

function hash(str) {
  function bytesFromString(str) {
    var converter =
      SpecialPowers.Cc["@mozilla.org/intl/scriptableunicodeconverter"]
                       .createInstance(SpecialPowers.Ci.nsIScriptableUnicodeConverter);
    converter.charset = "UTF-8";
    return converter.convertToByteArray(str);
  }

  var hasher = SpecialPowers.Cc["@mozilla.org/security/hash;1"]
                               .createInstance(SpecialPowers.Ci.nsICryptoHash);

  var data = bytesFromString(str);
  hasher.init(hasher.SHA256);
  hasher.update(data, data.length);

  return hasher.finish(true);
}

function setup404() {
  shouldLoad = true;

  classifierHelper.allowCompletion([MALWARE_LIST, UNWANTED_LIST], NOTEXIST_URL);

  return Promise.all([
    addPrefixToDB(MALWARE_LIST, MALWARE_HOST),
    addPrefixToDB(UNWANTED_LIST, UNWANTED_HOST)
  ]);
}

function setup() {
  classifierHelper.allowCompletion([MALWARE_LIST, UNWANTED_LIST], GETHASH_URL);

  return Promise.all([
    addPrefixToDB(MALWARE_LIST, MALWARE_HOST),
    addPrefixToDB(UNWANTED_LIST, UNWANTED_HOST),
    addCompletionToServer(MALWARE_LIST, MALWARE_HOST),
    addCompletionToServer(UNWANTED_LIST, UNWANTED_HOST),
  ]);
}

// manually reset DB to make sure next test won't be affected by cache.
function reset() {
  return classifierHelper.resetDB;
}

function runTest() {
  Promise.resolve()
    // This test resources get blocked when gethash returns successfully
    .then(classifierHelper.waitForInit)
    .then(setup)
    .then(() => loadTestFrame("testFrame1"))
    .then(reset)
    // This test resources are not blocked when gethash returns an error
    .then(setup404)
    .then(() => loadTestFrame("testFrame2"))
    .then(function() {
      SimpleTest.finish();
    }).catch(function(e) {
      ok(false, "Some test failed with error " + e);
      SimpleTest.finish();
    });
}

SimpleTest.waitForExplicitFinish();

// 'network.predictor.enabled' is disabled because if other testcase load
// evil.js, evil.css ...etc resources, it may cause we load them from cache
// directly and bypass classifier check
SpecialPowers.pushPrefEnv({"set": [
  ["browser.safebrowsing.malware.enabled", true],
  ["network.predictor.enabled", false],
  ["urlclassifier.gethash.timeout_ms", 30000],
]}, runTest);

</script>
</pre>
</body>
</html>