test/unit/test_webrequest.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

# SPDX-License-Identifier: CC0-1.0

"""
Haketilo unit tests - modifying requests using webRequest API
"""

# This file is part of Haketilo
#
# Copyright (C) 2021, Wojtek Kosior <koszko@koszko.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the CC0 1.0 Universal License as published by
# the Creative Commons Corporation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# CC0 1.0 Universal License for more details.

import re
from hashlib import sha256
import pytest

from ..script_loader import load_script

def webrequest_js():
    return (load_script('background/webrequest.js',
                        '#IMPORT common/patterns_query_tree.js AS pqt') +
            ''';
            // Mock pattern tree.
            tree = pqt.make();

            // Rule to block scripts.
            pqt.register(tree, "https://site.with.scripts.block.ed/***",
                         "~allow", 0);

            // Rule to allow scripts, but overridden by payload assignment.
            pqt.register(tree, "https://site.with.paylo.ad/***", "~allow", 1);
            pqt.register(tree, "https://site.with.paylo.ad/***",
                         "somemapping", {identifier: "someresource"});

            // Mock IndexedDB.
            haketilodb.track.settings =
                () => [{}, [{name: "default_allow", value: true}]];

            // Mock stream_filter.
            stream_filter.apply = (details, headers, policy) => headers;

            // Mock secret and start webrequest operations.
            start("somesecret");
            ''')

def are_scripts_allowed(driver, nonce=None):
        return driver.execute_script(
            '''
            document.scripts_allowed = false;
            const script = document.createElement("script");
            script.innerHTML = "document.scripts_allowed = true;";
            if (arguments[0])
                script.setAttribute("nonce", arguments[0]);
            document.head.append(script);
            return document.scripts_allowed;
            ''',
            nonce)

@pytest.mark.ext_data({'background_script': webrequest_js})
@pytest.mark.usefixtures('webextension')
def test_on_headers_received(driver, execute_in_page):
    for attempt in range(10):
        driver.get('https://site.with.scripts.block.ed/')

        if not are_scripts_allowed(driver):
            break
        assert attempt != 9

    driver.get('https://site.with.scripts.allow.ed/')
    assert are_scripts_allowed(driver)

    driver.get('https://site.with.paylo.ad/')
    assert not are_scripts_allowed(driver)
    source = 'somemapping:someresource:https://site.with.paylo.ad/index.html:somesecret'
    assert are_scripts_allowed(driver, sha256(source.encode()).digest().hex())