# SPDX-License-Identifier: CC0-1.0
"""
Haketilo unit tests - main content script
"""
# This file is part of Haketilo
#
# Copyright (C) 2022 Wojtek Kosior <koszko@koszko.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the CC0 1.0 Universal License as published by
# the Creative Commons Corporation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# CC0 1.0 Universal License for more details.
import pytest
import json
from selenium.webdriver.support.ui import WebDriverWait
from ..script_loader import load_script
# From:
# https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/contentScripts/register
# it is unclear whether the dynamically-registered content script is guaranteed
# to be always executed after statically-registered ones. We want to test both
# cases, so we'll make the mocked dynamic content script execute before
# content.js on http:// pages and after it on https:// pages.
dynamic_script = \
''';
this.haketilo_secret = "abracadabra";
this.haketilo_pattern_tree = {};
this.haketilo_default_allow = false;
if (this.haketilo_content_script_main)
this.haketilo_content_script_main();
'''
content_script = \
'''
/* Mock dynamic content script - case 'before'. */
if (/dynamic_before/.test(document.URL)) {
%s;
}
/* Place amalgamated content.js here. */
%s;
/* Rest of mocks */
function mock_decide_policy() {
nonce = "12345";
return {
allow: false,
mapping: "what-is-programmers-favorite-drinking-place",
payload: {identifier: "foo-bar"},
nonce,
csp: "prefetch-src 'none'; script-src-attr 'none'; script-src 'nonce-12345'; script-src-elem 'nonce-12345';"
};
}
async function mock_payload_error([type, res_id]) {
if (type === "indexeddb_files")
return {error: {haketilo_error_type: "missing", id: res_id}};
}
async function mock_payload_ok([type, res_id]) {
if (type === "indexeddb_files")
return {files: [1, 2].map(n => `window.hak_injected_${n} = ${n};`)};
}
if (/payload_error/.test(document.URL)) {
browser.runtime.sendMessage = mock_payload_error;
decide_policy = mock_decide_policy;
} else if (/payload_ok/.test(document.URL)) {
browser.runtime.sendMessage = mock_payload_ok;
decide_policy = mock_decide_policy;
}
/* Otherwise, script blocking policy without payload to inject is used. */
const data_to_verify = {};
function data_set(prop, val) {
data_to_verify[prop] = val;
window.wrappedJSObject.data_to_verify = JSON.stringify(data_to_verify);
}
repo_query_cacher.start = () => data_set("cacher_started", true);
haketilo_apis.start = () => data_set("apis_started", true);
enforce_blocking = policy => data_set("enforcing", policy);
browser.runtime.onMessage.addListener = async function (listener_cb) {
await new Promise(cb => setTimeout(cb, 10));
/* Mock a good request. */
const set_good = val => data_set("good_request_result", val);
data_set("good_request_returned",
!!listener_cb(["page_info"], {}, val => set_good(val)));
/* Mock a bad request. */
const set_bad = val => data_set("bad_request_result", val);
data_set("bad_request_returned",
!!listener_cb(["???"], {}, val => set_bad(val)));
}
/* main() call - normally present in content.js, inside '#IF !UNIT_TEST'. */
main();
/* Mock dynamic content script - case 'after'. */
if (/#dynamic_after/.test(document.URL)) {
%s;
}
data_set("script_run_without_errors", true);
''' % (dynamic_script, load_script('content/content.js'), dynamic_script)
@pytest.mark.ext_data({'content_script': content_script})
@pytest.mark.usefixtures('webextension')
@pytest.mark.parametrize('target1', ['dynamic_before', 'dynamic_after'])
@pytest.mark.parametrize('target2', [
'scripts_blocked',
'payload_error',
'payload_ok'
])
def test_content_unprivileged_page(driver, execute_in_page, target1, target2):
"""
Test functioning of content.js on an page using unprivileged schema (e.g.
'https://' and not 'about:').
"""
driver.get(f'https://gotmyowndoma.in/index.html#{target1}-{target2}')
def get_data(driver):
data = driver.execute_script('return window.data_to_verify;')
return data if 'good_request_result' in data else False
data = json.loads(WebDriverWait(driver, 10).until(get_data))
assert 'gotmyowndoma.in' in data['good_request_result']['url']
assert 'bad_request_result' not in data
assert data['good_request_returned'] == True
assert data['bad_request_returned'] == False
assert data['cacher_started'] == True
assert data.get('apis_started', False) == (target2 == 'payload_ok')
for obj in (data['good_request_result'], data['enforcing']):
assert obj['allow'] == False
assert 'error' not in data['enforcing']
if target2.startswith('payload'):
for obj in (data['good_request_result'], data['enforcing']):
assert obj['payload']['identifier'] == 'foo-bar'
assert 'mapping' in obj
else:
assert 'payload' not in data['enforcing']
assert 'mapping' not in data['enforcing']
assert data['script_run_without_errors'] == True
def vars_made_by_payload(driver):
vars_values = driver.execute_script(
'''
return [
...[1, 2].map(n => window[`hak_injected_${n}`]),
window.haketilo_version
];
''')
if vars_values != [None, None, None]:
return vars_values
if target2 == 'payload_error':
assert data['good_request_result']['error'] == {
'haketilo_error_type': 'missing',
'id': 'foo-bar'
}
elif target2 == 'payload_ok':
vars_values = WebDriverWait(driver, 10).until(vars_made_by_payload)
assert vars_values[:2] == [1, 2]
assert type(vars_values[2]) == str
@pytest.mark.ext_data({'content_script': content_script})
@pytest.mark.usefixtures('webextension')
@pytest.mark.parametrize('target', ['dynamic_before', 'dynamic_after'])
def test_content_privileged_page(driver, execute_in_page, target):
"""
Test functioning of content.js on an page considered privileged (e.g. a
directory listing at 'file:///').
"""
driver.get(f'file:///#{target}')
data = json.loads(driver.execute_script('return window.data_to_verify;'))
assert data == {'script_run_without_errors': True}
