Bug 1029887: Test DOM nodes blocked by NS_ERROR_TRACKING_URI (r=mmc)

build/pgo/server-locations.txt

@@ -153,6 +153,7 @@ https://sub.sectest1.example.org:443
 # Used while testing the url-classifier
 #
 http://malware.example.com:80
+http://tracking.example.com:80
 
 # Bug 483437, 484111
 https://www.bank1.com:443           privileged,cert=escapeattack1

testing/profiles/prefs_general.js

@@ -85,6 +85,8 @@ user_pref("urlclassifier.updateinterval", 172800);
 user_pref("browser.safebrowsing.gethashURL", "http://%(server)s/safebrowsing-dummy/gethash");
 user_pref("browser.safebrowsing.updateURL", "http://%(server)s/safebrowsing-dummy/update");
 user_pref("browser.safebrowsing.appRepURL", "http://%(server)s/safebrowsing-dummy/update");
+user_pref("browser.trackingprotection.gethashURL", "http://%(server)s/safebrowsing-dummy/gethash");
+user_pref("browser.trackingprotection.updateURL", "http://%(server)s/safebrowsing-dummy/update");
 // Point update checks to the local testing server for fast failures
 user_pref("extensions.update.url", "http://%(server)s/extensions-dummy/updateURL");
 user_pref("extensions.update.background.url", "http://%(server)s/extensions-dummy/updateBackgroundURL");

toolkit/components/url-classifier/tests/mochitest/chrome.ini

@@ -1,3 +1,9 @@
 [DEFAULT]
+support-files =
+  classifiedAnnotatedFrame.html
+  evil.js
+  raptor.jpg
+  track.html
 
 [test_lookup_system_principal.html]
+[test_classified_annotations.html]

toolkit/components/url-classifier/tests/mochitest/classifiedAnnotatedFrame.html

@@ -0,0 +1,107 @@
+<html>
+<head>
+<title></title>
+
+<script type="text/javascript">
+"use strict";
+
+var scriptItem = "untouched";
+var imageItem = "untouched";
+var frameItem = "untouched";
+
+var badids = [
+  "badscript1",
+  "badscript2",
+  "badimage1",
+  "badimage2",
+  "badframe1",
+  "badframe2"
+];
+
+function checkLoads() {
+  window.parent.is(scriptItem, "untouched", "Should not load tracking javascript");
+
+  window.parent.is(imageItem, "untouched", "Should not load tracking images");
+
+  window.parent.is(frameItem, "untouched", "Should not load tracking iframes");
+
+  window.parent.is(window.document.blockedTrackingNodeCount, badids.length,
+    "Should identify all tracking elements");
+
+  var blockedTrackingNodes = window.document.blockedTrackingNodes;
+
+  // Make sure that every node in blockedTrackingNodes exists in the tree
+  // (that may not always be the case but do not expect any nodes to disappear
+  // from the tree here)
+  var allNodeMatch = true;
+  for (var i = 0; i < blockedTrackingNodes.length; i++) {
+    var nodeMatch = false;
+    for (var j = 0; j < badids.length && !nodeMatch; j++) {
+      nodeMatch |=
+        (blockedTrackingNodes[i] == document.getElementById(badids[j]));
+    }
+
+    allNodeMatch &= nodeMatch;
+  }
+  window.parent.is(allNodeMatch, true,
+    "All annotated nodes are expected in the tree");
+
+  // Make sure that every node with a badid (see badids) is found in the
+  // blockedTrackingNodes. This tells us if we are neglecting to annotate
+  // some nodes
+  allNodeMatch = true;
+  for (var j = 0; j < badids.length; j++) {
+    var nodeMatch = false;
+    for (var i = 0; i < blockedTrackingNodes.length && !nodeMatch; i++) {
+      nodeMatch |=
+        (blockedTrackingNodes[i] == document.getElementById(badids[j]));
+    }
+
+    allNodeMatch &= nodeMatch;
+  }
+  window.parent.is(allNodeMatch, true,
+    "All tracking nodes are expected to be annotated as such");
+
+  // End (parent) test.
+  window.parent.SimpleTest.finish();
+}
+
+</script>
+
+</head>
+
+<body onload="checkLoads()">
+
+<!-- Try loading from a tracking script URI (1) -->
+<script id="badscript1" src="http://tracking.example.com/tests/toolkit/components/url-classifier/tests/mochitest/evil.js" onload="function() {scriptItem='spoiled';}"></script>
+
+<!-- Try loading from a tracking image URI (1) -->
+<img id="badimage1" src="http://tracking.example.com/tests/toolkit/components/url-classifier/tests/mochitest/raptor.jpg" onload="function() {imageItem='spoiled';}"/>
+
+<!-- Try loading from a tracking frame URI (1) -->
+<iframe id="badframe1" src="http://tracking.example.com/tests/toolkit/components/url-classifier/tests/mochitest/track.html" onload="function() {frameItem='spoiled';}"></iframe>
+
+<script>
+// Try loading from a tracking script URI (2) - The loader may follow a different path depending on whether the resource is loaded from JS or HTML.
+var newScript = document.createElement("script");
+newScript.id = "badscript2";
+newScript.src = "http://tracking.example.com/tests/toolkit/components/url-classifier/tests/mochitest/evil.js";
+newScript.addEventListener("load", function() {scriptItem = 'spoiled';});
+document.body.appendChild(newScript);
+
+/// Try loading from a tracking image URI (2)
+var newImage = document.createElement("img");
+newImage.id = "badimage2";
+newImage.src = "http://tracking.example.com/tests/toolkit/components/url-classifier/tests/mochitest/raptor.jpg";
+newImage.addEventListener("load", function() {imageItem = 'spoiled'});
+document.body.appendChild(newImage);
+
+// Try loading from a tracking iframe URI (2)
+var newFrame = document.createElement("iframe");
+newFrame.id = "badframe2";
+newFrame.src = "http://tracking.example.com/tests/toolkit/components/url-classifier/tests/mochitest/track.html"
+newFrame.addEventListener("load", function() {frameItem = 'spoiled'});
+document.body.appendChild(newFrame);
+</script>
+</body>
+</html>

toolkit/components/url-classifier/tests/mochitest/test_classified_annotations.html

@@ -0,0 +1,76 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Test the URI Classifier</title>
+  <script type="text/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css">
+</head>
+
+<p id="display"></p>
+<div id="content" style="display: none">
+</div>
+<pre id="test">
+
+<script class="testbody" type="text/javascript">
+
+var Cc = SpecialPowers.Cc;
+var Ci = SpecialPowers.Ci;
+
+// Add some URLs to the tracking database
+var testData = "tracking.example.com/";
+var testUpdate =
+  "n:1000\ni:test-track-simple\nad:1\n" +
+  "a:524:32:" + testData.length + "\n" +
+  testData;
+
+var dbService = Cc["@mozilla.org/url-classifier/dbservice;1"]
+                .getService(Ci.nsIUrlClassifierDBService);
+
+function doUpdate(update) {
+  var listener = {
+    QueryInterface: function(iid)
+    {
+      if (iid.equals(Ci.nsISupports) ||
+          iid.equals(Ci.nsIUrlClassifierUpdateObserver))
+        return this;
+
+      throw Cr.NS_ERROR_NO_INTERFACE;
+    },
+    updateUrlRequested: function(url) { },
+    streamFinished: function(status) { },
+    updateError: function(errorCode) {
+      ok(false, "Couldn't update classifier.");
+      // Abort test.
+      SimpleTest.finish();
+    },
+    updateSuccess: function(requestedTimeout) {
+      SpecialPowers.pushPrefEnv(
+        {"set" : [["privacy.trackingprotection.enabled", true]]},
+        function loadTestFrame() {
+          document.getElementById("testFrame").src =
+            "classifiedAnnotatedFrame.html";
+        }
+      );
+    }
+  };
+
+  dbService.beginUpdate(listener, "test-track-simple", "");
+  dbService.beginStream("", "");
+  dbService.updateStream(update);
+  dbService.finishStream();
+  dbService.finishUpdate();
+}
+
+SpecialPowers.pushPrefEnv(
+  {"set" : [["urlclassifier.trackingTable", "test-track-simple"]]},
+  function() { doUpdate(testUpdate); });
+
+// Expected finish() call is in "classifiedAnnotatedFrame.html".
+SimpleTest.waitForExplicitFinish();
+
+</script>
+
+</pre>
+<iframe id="testFrame" width="100%" height="100%" onload=""></iframe>
+</body>
+</html>

toolkit/components/url-classifier/tests/mochitest/track.html

@@ -0,0 +1,7 @@
+<html>
+  <head>
+  </head>
+  <body>
+    <h1>Tracking Works!</h1>
+  </body>
+</html>