Bug 1840902 - Adjusted browser chrome tests under the Anti-tracking t…

…est suite to support only secure context storage access. r=bvandersloot

Depends on D182366

Differential Revision: https://phabricator.services.mozilla.com/D184979

browser/base/content/test/protectionsUI/browser_protectionsUI_trackers_subview.js

@@ -88,7 +88,7 @@ async function assertSitesListed(blocked) {
 
   let listItem = listItems.find(
     // eslint-disable-next-line @microsoft/sdl/no-insecure-url
-    item => item.querySelector("label").value == "http://trackertest.org"
+    item => item.querySelector("label").value == "https://trackertest.org"
   );
   ok(listItem, "Has an item for trackertest.org");
   ok(BrowserTestUtils.is_visible(listItem), "List item is visible");

browser/base/content/test/protectionsUI/trackingAPI.js

@@ -58,7 +58,7 @@ onmessage = event => {
     case "image":
       createImage(
         // eslint-disable-next-line @microsoft/sdl/no-insecure-url
-        "http://trackertest.org/browser/browser/base/content/test/protectionsUI/cookieServer.sjs?type=image-no-cookie"
+        "https://trackertest.org/browser/browser/base/content/test/protectionsUI/cookieServer.sjs?type=image-no-cookie"
       );
       break;
     case "window-open":

browser/base/content/test/protectionsUI/trackingPage.html

@@ -8,6 +8,6 @@
     <script src="trackingAPI.js" type="text/javascript"></script>
   </head>
   <body>
-    <iframe src="http://trackertest.org/"></iframe>
+    <iframe src="https://trackertest.org/"></iframe>
   </body>
 </html>

build/pgo/certs/mochitest-cert.ca

@@ -1,5 +1,5 @@
 -----BEGIN CERTIFICATE-----
-MIID1TCCAr2gAwIBAgIUMxWonuaoi1gBujMOrB4Ap5YkGu0wDQYJKoZIhvcNAQEL
+MIID5jCCAs6gAwIBAgIUSXOeCVPnrKtO0qeVgmcZ9x6dKqowDQYJKoZIhvcNAQEL
 BQAwHTEbMBkGA1UEAwwSIE1vY2hpdGVzdCBUZXN0IENBMCIYDzIwMjIwMTAxMDAw
 MDAwWhgPMjAzMjAxMDEwMDAwMDBaMB8xHTAbBgNVBAMMFCBNb2NoaXRlc3QgVGVz
 dCBDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuohRqESOFtZB
@@ -8,16 +8,16 @@ CHqlWqdFh/cc1SScAn7NQ/weadA4ICmTqyDDSeTbuUzCa2wO7RWCD/F+rWkasdMC
 OosqQe6ncOAPDY39ZgsrsCSSpH25iGF5kLFXkD3SO8XguEgfqDfTiEPvJxbYVbdm
 Wqp+ApAvOnsQgAYkzBxsl62WYVu34pYSwHUxowyR3bTK9/ytHSXTCe+5Fw6naOGz
 ey8ib2njtIqVYR3uJtYlnauRCE42yxwkBCy/Fosv5fGPmRcxuLP+SSP6clHEMdUD
-rNoYCjXtjQIDAQABo4IBBTCCAQEwEwYDVR0lBAwwCgYIKwYBBQUHAwEwgekGA1Ud
-EQSB4TCB3oIKbW9jaGkudGVzdIILZXhhbXBsZS5jb22CDSouZXhhbXBsZS5jb22C
+rNoYCjXtjQIDAQABo4IBFjCCARIwEwYDVR0lBAwwCgYIKwYBBQUHAwEwgfoGA1Ud
+EQSB8jCB74IKbW9jaGkudGVzdIILZXhhbXBsZS5jb22CDSouZXhhbXBsZS5jb22C
 C2V4YW1wbGUubmV0gg0qLmV4YW1wbGUubmV0ggtleGFtcGxlLm9yZ4INKi5leGFt
 cGxlLm9yZ4IPKi5pdGlzYXRyYXAub3Jngg4qLnhuLS1qeGFscGRscIIQaXRpc2F0
 cmFja2VyLm9yZ4IMdzNjLXRlc3Qub3Jngg4qLnczYy10ZXN0Lm9yZ4IVbW9jaGl0
-ZXN0LnlvdXR1YmUuY29tgglsb2NhbGhvc3SCCTEyNy4wLjAuMjANBgkqhkiG9w0B
-AQsFAAOCAQEAlqXzcG/TvKitOZh3SrY+AQH3sbop8gQ5NnzEVTXt4N8LI7Kbb8h1
-2aZjwvnCp0yCdk0dRekZq8f6xq5bd6/k0C4Wkr9ivCdhxc4nvuZa62S2X53JObm2
-egUReeNSqjYyxfO6k1L36+iSLU2iYpYxgPCae0h5c2Fg9UtIbsmjLVqkdGYBnH1B
-HAuVGJkWoKDt9QlG2uROdhFqcz6pSXlTifev6hQ2Ffl7HirIqyqwtB+JygMSat52
-ROfvcFTHXGx0K1OmfjUid9yA2mGUOY/NO2HQhYzm9a4zS10Bw+f19SgVjDOx9pK+
-cl8wZKk5SlwmMi346ctGcPNLVBxDcAps4Q==
+ZXN0LnlvdXR1YmUuY29tgglsb2NhbGhvc3SCCTEyNy4wLjAuMoIPdHJhY2tlcnRl
+c3Qub3JnMA0GCSqGSIb3DQEBCwUAA4IBAQCOk+ebxLrKSUkgwusVtZ0AshmXPSMh
+qLRevykLc4EqXCE78nvrFp632N4+Kn7B2bpB1OdrL8d79gP5xv9Ky0h/2queMtaX
+HHY5RVHTpQSGEJD1gmlajCN1elCTMrJLvfewudHOd8gvBBTI9iLr0swORvBgy1uO
+WoypkOXV/B7HuuFBK4UnguVBdC/XFDfZzpMpaM5LCr7zARlskQsDECocdPr88Ifs
+Gj97VS3cyc9rPsfKG0F0JE5rx1Dlxtur5VN4Lk0SFzoAs5/W0z4Sio46D53TgLnh
+Mq1z+hkwQILxkrfvgEpHL6X19nMLAtjja3FSqgqXw8NQWFEekvcrig6n
 -----END CERTIFICATE-----

build/pgo/certs/mochitest-cert.certspec

@@ -2,4 +2,4 @@ issuer: Mochitest Test CA
 subject: Mochitest Test Cert
 validity:20220101-20320101
 extension:extKeyUsage:serverAuth
-extension:subjectAlternativeName:mochi.test,example.com,*.example.com,example.net,*.example.net,example.org,*.example.org,*.itisatrap.org,*.xn--jxalpdlp,itisatracker.org,w3c-test.org,*.w3c-test.org,mochitest.youtube.com,localhost,127.0.0.2
+extension:subjectAlternativeName:mochi.test,example.com,*.example.com,example.net,*.example.net,example.org,*.example.org,*.itisatrap.org,*.xn--jxalpdlp,itisatracker.org,w3c-test.org,*.w3c-test.org,mochitest.youtube.com,localhost,127.0.0.2,trackertest.org

build/pgo/server-locations.txt

@@ -213,6 +213,7 @@ https://tracking.example.org:443
 https://another-tracking.example.net:443
 https://social-tracking.example.org:443
 https://email-tracking.example.org:443
+https://trackertest.org:443
 
 #
 # Used while testing flash blocking (Bug 1307604)

toolkit/components/antitracking/test/browser/browser.ini

@@ -16,6 +16,8 @@ prefs =
   network.cookie.sameSite.laxByDefault=false
   # Disable https-first because of explicit http/https testing
   dom.security.https_first=false
+  # Enable constraining storage access api to secure contexts
+  dom.storage_access.dont_grant_insecure_contexts=true
 
 support-files =
   container.html

toolkit/components/antitracking/test/browser/browser_hasStorageAccess.js

@@ -200,8 +200,6 @@ var testCases = [
             "privacy.partition.always_partition_third_party_non_cookie_storage",
             false,
           ],
-          // Testing Storage Access API grants constrained to secure contexts
-          ["dom.storage_access.dont_grant_insecure_contexts", true],
         ],
         expectedBlockingNotifications: 0,
         runInPrivateWindow: false,

toolkit/components/antitracking/test/browser/browser_partitionedLockManager.js

@@ -18,7 +18,13 @@ PartitionedStorageHelper.runTest(
 
     is(locks.length, 2, "We should have granted 2 lock requests at this point");
   },
-  /* cleanupFunction */ undefined,
+  async _ => {
+    await new Promise(resolve => {
+      Services.clearData.deleteData(Ci.nsIClearDataService.CLEAR_ALL, value =>
+        resolve()
+      );
+    });
+  },
   /* extraPrefs */ undefined,
   { runInSecureContext: true }
 );

toolkit/components/antitracking/test/browser/browser_partitionedServiceWorkers.js

@@ -428,7 +428,7 @@ PartitionedStorageHelper.runTest(
     );
     is(
       res.value,
-      "http://not-tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js",
+      "https://not-tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js",
       "The first-party service worker received fetch event."
     );
     res = await sendAndWaitWorkerMessage(
@@ -463,7 +463,7 @@ PartitionedStorageHelper.runTest(
     );
     is(
       res.value,
-      "http://not-tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js",
+      "https://not-tracking.example.com/browser/toolkit/components/antitracking/test/browser/empty.js",
       "The third-party service worker received fetch event."
     );
   },

toolkit/components/antitracking/test/browser/browser_partitionedSharedWorkers.js

@@ -44,7 +44,9 @@ PartitionedStorageHelper.runTestInNormalAndPrivateMode(
         resolve()
       );
     });
-  }
+  },
+  [],
+  false
 );
 
 PartitionedStorageHelper.runPartitioningTestInNormalAndPrivateMode(

toolkit/components/antitracking/test/browser/browser_storageAccessPrivilegeAPI.js

@@ -265,7 +265,7 @@ add_task(async function test_privilege_api_with_dFPI() {
   );
   let browser = tab.linkedBrowser;
 
-  await insertSubFrame(browser, TEST_4TH_PARTY_PAGE, "test");
+  await insertSubFrame(browser, TEST_4TH_PARTY_PAGE_HTTPS, "test");
 
   // Verify that the third-party context doesn't have storage access at
   // beginning.
@@ -282,7 +282,7 @@ add_task(async function test_privilege_api_with_dFPI() {
   });
 
   let storagePermissionPromise = waitStoragePermission(
-    "http://not-tracking.example.com"
+    "https://not-tracking.example.com"
   );
 
   // Verify if the prompt has been shown.
@@ -299,7 +299,7 @@ add_task(async function test_privilege_api_with_dFPI() {
 
     try {
       await content.document.requestStorageAccessForOrigin(
-        "http://not-tracking.example.com/"
+        "https://not-tracking.example.com/"
       );
     } catch (e) {
       ok(false, "The API shouldn't throw.");
@@ -328,7 +328,7 @@ add_task(async function test_privilege_api_with_dFPI() {
   });
 
   // Insert another third-party content iframe and check if it has storage access.
-  await insertSubFrame(browser, TEST_4TH_PARTY_PAGE, "test2");
+  await insertSubFrame(browser, TEST_4TH_PARTY_PAGE_HTTPS, "test2");
   await runScriptInSubFrame(browser, "test2", async _ => {
     await hasStorageAccessInitially();
 
@@ -350,7 +350,7 @@ add_task(async function test_privilege_api_with_dFPI() {
     is(document.cookie, "name=value", "Setting cookie to partitioned context.");
   });
 
-  await clearStoragePermission("http://not-tracking.example.com");
+  await clearStoragePermission("https://not-tracking.example.com");
   Services.cookies.removeAll();
   BrowserTestUtils.removeTab(tab);
 });

toolkit/components/antitracking/test/browser/browser_storageAccessRejectsInsecureContexts.js

@@ -13,10 +13,6 @@ Services.scriptloader.loadSubScript(
 );
 
 add_task(async function testInsecureContext() {
-  await SpecialPowers.pushPrefEnv({
-    set: [["dom.storage_access.dont_grant_insecure_contexts", true]],
-  });
-
   await setPreferences();
 
   await openPageAndRunCode(

toolkit/components/antitracking/test/browser/browser_storageAccessThirdPartyChecks.js

@@ -13,7 +13,7 @@ AntiTracking._createTask({
     await callRequestStorageAccess();
 
     const TRACKING_PAGE =
-      "http://another-tracking.example.net/browser/browser/base/content/test/protectionsUI/trackingPage.html";
+      "https://another-tracking.example.net/browser/browser/base/content/test/protectionsUI/trackingPage.html";
     async function runChecks(name) {
       let iframe = document.createElement("iframe");
       iframe.src = TRACKING_PAGE;
@@ -44,11 +44,11 @@ AntiTracking._createTask({
   iframeSandbox: null,
   accessRemoval: null,
   callbackAfterRemoval: null,
-  thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
+  thirdPartyPage: TEST_3RD_PARTY_PAGE,
   errorMessageDomains: [
-    "http://tracking.example.org",
-    "http://tracking.example.org",
-    "http://tracking.example.org",
+    "https://tracking.example.org",
+    "https://tracking.example.org",
+    "https://tracking.example.org",
   ],
 });
 
@@ -79,10 +79,10 @@ AntiTracking._createTask({
   iframeSandbox: null,
   accessRemoval: null,
   callbackAfterRemoval: null,
-  thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
+  thirdPartyPage: TEST_3RD_PARTY_PAGE,
   errorMessageDomains: [
-    "http://tracking.example.org",
-    "http://tracking.example.org",
+    "https://tracking.example.org",
+    "https://tracking.example.org",
   ],
 });
 
@@ -110,10 +110,10 @@ AntiTracking._createTask({
   iframeSandbox: null,
   accessRemoval: null,
   callbackAfterRemoval: null,
-  thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
+  thirdPartyPage: TEST_3RD_PARTY_PAGE,
   errorMessageDomains: [
-    "http://tracking.example.org",
-    "http://tracking.example.org",
+    "https://tracking.example.org",
+    "https://tracking.example.org",
   ],
 });
 
@@ -141,10 +141,10 @@ AntiTracking._createTask({
   iframeSandbox: null,
   accessRemoval: null,
   callbackAfterRemoval: null,
-  thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
+  thirdPartyPage: TEST_3RD_PARTY_PAGE,
   errorMessageDomains: [
-    "http://tracking.example.org",
-    "http://tracking.example.org",
+    "https://tracking.example.org",
+    "https://tracking.example.org",
   ],
 });
 

toolkit/components/antitracking/test/browser/browser_storageAccessThirdPartyChecks_alwaysPartition.js

@@ -16,7 +16,7 @@ AntiTracking._createTask({
     await callRequestStorageAccess();
 
     const TRACKING_PAGE =
-      "http://another-tracking.example.net/browser/browser/base/content/test/protectionsUI/trackingPage.html";
+      "https://another-tracking.example.net/browser/browser/base/content/test/protectionsUI/trackingPage.html";
     async function runChecks(name) {
       let iframe = document.createElement("iframe");
       iframe.src = TRACKING_PAGE;
@@ -47,13 +47,13 @@ AntiTracking._createTask({
   iframeSandbox: null,
   accessRemoval: null,
   callbackAfterRemoval: null,
-  thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
+  thirdPartyPage: TEST_3RD_PARTY_PAGE,
   errorMessageDomains: [
-    "http://tracking.example.org",
-    "http://tracking.example.org",
-    "http://tracking.example.org",
-    "http://tracking.example.org",
-    "http://trackertest.org",
+    "https://tracking.example.org",
+    "https://tracking.example.org",
+    "https://tracking.example.org",
+    "https://tracking.example.org",
+    "https://trackertest.org",
   ],
 });
 
@@ -84,8 +84,8 @@ AntiTracking._createTask({
   iframeSandbox: null,
   accessRemoval: null,
   callbackAfterRemoval: null,
-  thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
-  errorMessageDomains: ["http://tracking.example.org"],
+  thirdPartyPage: TEST_3RD_PARTY_PAGE,
+  errorMessageDomains: ["https://tracking.example.org"],
 });
 
 add_task(async _ => {
@@ -112,8 +112,8 @@ AntiTracking._createTask({
   iframeSandbox: null,
   accessRemoval: null,
   callbackAfterRemoval: null,
-  thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
-  errorMessageDomains: ["http://example.net", "http://tracking.example.org"],
+  thirdPartyPage: TEST_3RD_PARTY_PAGE,
+  errorMessageDomains: ["http://example.net", "https://tracking.example.org"],
 });
 
 add_task(async _ => {
@@ -140,8 +140,8 @@ AntiTracking._createTask({
   iframeSandbox: null,
   accessRemoval: null,
   callbackAfterRemoval: null,
-  thirdPartyPage: TEST_3RD_PARTY_PAGE_HTTP,
-  errorMessageDomains: ["http://tracking.example.org"],
+  thirdPartyPage: TEST_3RD_PARTY_PAGE,
+  errorMessageDomains: ["https://tracking.example.org"],
 });
 
 add_task(async _ => {

toolkit/components/antitracking/test/browser/partitionedstorage_head.js

@@ -13,14 +13,22 @@ Services.scriptloader.loadSubScript(
 );
 
 this.PartitionedStorageHelper = {
-  runTestInNormalAndPrivateMode(name, callback, cleanupFunction, extraPrefs) {
+  runTestInNormalAndPrivateMode(
+    name,
+    callback,
+    cleanupFunction,
+    extraPrefs,
+    runInSecure = true
+  ) {
     // Normal mode
     this.runTest(name, callback, cleanupFunction, extraPrefs, {
+      runInSecureContext: runInSecure,
       runInPrivateWindow: false,
     });
 
     // Private mode
     this.runTest(name, callback, cleanupFunction, extraPrefs, {
+      runInSecureContext: runInSecure,
       runInPrivateWindow: true,
     });
   },
@@ -30,7 +38,7 @@ this.PartitionedStorageHelper = {
     callback,
     cleanupFunction,
     extraPrefs,
-    { runInPrivateWindow = false, runInSecureContext = false } = {}
+    { runInPrivateWindow = false, runInSecureContext = true } = {}
   ) {
     DynamicFPIHelper.runTest(
       name,