summaryrefslogtreecommitdiffstats
path: root/toolkit/components/passwordmgr/test
diff options
context:
space:
mode:
authorMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
committerMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
commit5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree10027f336435511475e392454359edea8e25895d /toolkit/components/passwordmgr/test
parent49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
downloadUXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip
Add m-esr52 at 52.6.0
Diffstat (limited to 'toolkit/components/passwordmgr/test')
-rw-r--r--toolkit/components/passwordmgr/test/.eslintrc.js13
-rw-r--r--toolkit/components/passwordmgr/test/LoginTestUtils.jsm295
-rw-r--r--toolkit/components/passwordmgr/test/authenticate.sjs228
-rw-r--r--toolkit/components/passwordmgr/test/blank.html8
-rw-r--r--toolkit/components/passwordmgr/test/browser/.eslintrc.js7
-rw-r--r--toolkit/components/passwordmgr/test/browser/authenticate.sjs110
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser.ini72
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_DOMFormHasPassword.js94
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_DOMInputPasswordAdded.js99
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_autocomplete_insecure_warning.js41
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger.js600
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_httpsUpgrade.js123
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_window_open.js144
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_context_menu.js432
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_context_menu_autocomplete_interaction.js99
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_context_menu_iframe.js144
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_exceptions_dialog.js56
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_formless_submit_chrome.js126
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms.js93
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms_streamConverter.js102
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_http_autofill.js78
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js94
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_master_password_autocomplete.js59
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_notifications.js81
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_notifications_2.js125
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_notifications_password.js145
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_notifications_username.js119
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_passwordmgr_contextmenu.js100
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_passwordmgr_editing.js126
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_passwordmgr_fields.js65
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_passwordmgr_observers.js129
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_passwordmgr_sort.js208
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_passwordmgr_switchtab.js42
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_passwordmgrdlg.js192
-rw-r--r--toolkit/components/passwordmgr/test/browser/browser_username_select_dialog.js144
-rw-r--r--toolkit/components/passwordmgr/test/browser/form_autofocus_js.html10
-rw-r--r--toolkit/components/passwordmgr/test/browser/form_basic.html12
-rw-r--r--toolkit/components/passwordmgr/test/browser/form_basic_iframe.html13
-rw-r--r--toolkit/components/passwordmgr/test/browser/form_cross_origin_insecure_action.html12
-rw-r--r--toolkit/components/passwordmgr/test/browser/form_cross_origin_secure_action.html12
-rw-r--r--toolkit/components/passwordmgr/test/browser/form_same_origin_action.html12
-rw-r--r--toolkit/components/passwordmgr/test/browser/formless_basic.html18
-rw-r--r--toolkit/components/passwordmgr/test/browser/head.js137
-rw-r--r--toolkit/components/passwordmgr/test/browser/insecure_test.html9
-rw-r--r--toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html13
-rw-r--r--toolkit/components/passwordmgr/test/browser/multiple_forms.html129
-rw-r--r--toolkit/components/passwordmgr/test/browser/streamConverter_content.sjs6
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_1.html29
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_10.html27
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_11.html25
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_11_popup.html32
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_2.html30
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_0un.html27
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_1un_1text.html31
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_3.html30
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_4.html30
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_5.html26
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_6.html27
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_8.html29
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_9.html29
-rw-r--r--toolkit/components/passwordmgr/test/browser/subtst_notifications_change_p.html32
-rw-r--r--toolkit/components/passwordmgr/test/chrome/chrome.ini13
-rw-r--r--toolkit/components/passwordmgr/test/chrome/notification_common.js111
-rw-r--r--toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html9
-rw-r--r--toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_1.html33
-rw-r--r--toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_2.html33
-rw-r--r--toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_3.html29
-rw-r--r--toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_4.html40
-rw-r--r--toolkit/components/passwordmgr/test/chrome/test_privbrowsing_perwindowpb.html322
-rw-r--r--toolkit/components/passwordmgr/test/chrome_timeout.js11
-rw-r--r--toolkit/components/passwordmgr/test/formsubmit.sjs37
-rw-r--r--toolkit/components/passwordmgr/test/mochitest.ini20
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/auth2/authenticate.sjs220
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/mochitest.ini69
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_upgrade.html218
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_autofill_https_upgrade.html117
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_autofill_password-only.html143
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_autofocus_js.html115
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form.html44
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_0pw.html72
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw.html167
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw_2.html109
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_1.html187
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_2.html105
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_3pw_1.html177
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_autocomplete.html859
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_html5.html164
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwevent.html55
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwonly.html213
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_bug_627616.html145
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_bug_776171.html56
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_case_differences.html147
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_form_action_1.html137
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_form_action_2.html170
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_form_action_javascript.html52
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_formless_autofill.html147
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_formless_submit.html183
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation.html191
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation_negative.html121
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_input_events.html96
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_input_events_for_identical_values.html51
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_autocomplete.html861
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_no_saved_login.html103
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_maxlength.html137
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_password_field_autocomplete.html291
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_passwords_in_type_password.html122
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_prompt.html705
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_prompt_http.html362
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_prompt_noWindow.html81
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth.html406
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth_proxy.html264
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_recipe_login_fields.html145
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_username_focus.html263
-rw-r--r--toolkit/components/passwordmgr/test/mochitest/test_xhr_2.html55
-rw-r--r--toolkit/components/passwordmgr/test/prompt_common.js79
-rw-r--r--toolkit/components/passwordmgr/test/pwmgr_common.js509
-rw-r--r--toolkit/components/passwordmgr/test/subtst_master_pass.html12
-rw-r--r--toolkit/components/passwordmgr/test/subtst_prompt_async.html12
-rw-r--r--toolkit/components/passwordmgr/test/test_master_password.html308
-rw-r--r--toolkit/components/passwordmgr/test/test_prompt_async.html540
-rw-r--r--toolkit/components/passwordmgr/test/test_xhr.html201
-rw-r--r--toolkit/components/passwordmgr/test/test_xml_load.html191
-rw-r--r--toolkit/components/passwordmgr/test/unit/.eslintrc.js7
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/corruptDB.sqlitebin0 -> 32772 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/key3.dbbin0 -> 16384 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v1.sqlitebin0 -> 8192 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v1v2.sqlitebin0 -> 10240 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v2.sqlitebin0 -> 11264 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v2v3.sqlitebin0 -> 12288 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v3.sqlitebin0 -> 11264 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v3v4.sqlitebin0 -> 11264 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v4.sqlitebin0 -> 294912 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v4v5.sqlitebin0 -> 327680 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v5v6.sqlitebin0 -> 327680 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v999-2.sqlitebin0 -> 8192 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/data/signons-v999.sqlitebin0 -> 11264 bytes
-rw-r--r--toolkit/components/passwordmgr/test/unit/head.js135
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_OSCrypto_win.js75
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_context_menu.js165
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_dedupeLogins.js284
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_disabled_hosts.js196
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_getFormFields.js147
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_getPasswordFields.js156
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_getPasswordOrigin.js28
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_isOriginMatching.js40
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_legacy_empty_formSubmitURL.js107
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_legacy_validation.js76
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_logins_change.js384
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js77
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_logins_metainfo.js284
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_logins_search.js221
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_maybeImportLogin.js169
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_module_LoginImport.js243
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_module_LoginStore.js206
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_notifications.js172
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_recipes_add.js177
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_recipes_content.js39
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_removeLegacySignonFiles.js69
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_search_schemeUpgrades.js184
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_storage.js102
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_storage_mozStorage.js507
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_telemetry.js187
-rw-r--r--toolkit/components/passwordmgr/test/unit/test_user_autocomplete_result.js488
-rw-r--r--toolkit/components/passwordmgr/test/unit/xpcshell.ini46
164 files changed, 21186 insertions, 0 deletions
diff --git a/toolkit/components/passwordmgr/test/.eslintrc.js b/toolkit/components/passwordmgr/test/.eslintrc.js
new file mode 100644
index 000000000..ca626f31c
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/.eslintrc.js
@@ -0,0 +1,13 @@
+"use strict";
+
+module.exports = { // eslint-disable-line no-undef
+ "extends": [
+ "../../../../testing/mochitest/mochitest.eslintrc.js",
+ "../../../../testing/mochitest/chrome.eslintrc.js"
+ ],
+ "rules": {
+ "brace-style": "off",
+ "no-undef": "off",
+ "no-unused-vars": "off",
+ },
+};
diff --git a/toolkit/components/passwordmgr/test/LoginTestUtils.jsm b/toolkit/components/passwordmgr/test/LoginTestUtils.jsm
new file mode 100644
index 000000000..2fd8a31a3
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/LoginTestUtils.jsm
@@ -0,0 +1,295 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/*
+ * Shared functions generally available for testing login components.
+ */
+
+"use strict";
+
+this.EXPORTED_SYMBOLS = [
+ "LoginTestUtils",
+];
+
+const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components;
+
+Cu.import("resource://gre/modules/Promise.jsm");
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/Task.jsm");
+Cu.import("resource://gre/modules/XPCOMUtils.jsm");
+
+Cu.import("resource://testing-common/TestUtils.jsm");
+
+const LoginInfo =
+ Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ "nsILoginInfo", "init");
+
+// For now, we need consumers to provide a reference to Assert.jsm.
+var Assert = null;
+
+this.LoginTestUtils = {
+ set Assert(assert) {
+ Assert = assert; // eslint-disable-line no-native-reassign
+ },
+
+ /**
+ * Forces the storage module to save all data, and the Login Manager service
+ * to replace the storage module with a newly initialized instance.
+ */
+ * reloadData() {
+ Services.obs.notifyObservers(null, "passwordmgr-storage-replace", null);
+ yield TestUtils.topicObserved("passwordmgr-storage-replace-complete");
+ },
+
+ /**
+ * Erases all the data stored by the Login Manager service.
+ */
+ clearData() {
+ Services.logins.removeAllLogins();
+ for (let hostname of Services.logins.getAllDisabledHosts()) {
+ Services.logins.setLoginSavingEnabled(hostname, true);
+ }
+ },
+
+ /**
+ * Checks that the currently stored list of nsILoginInfo matches the provided
+ * array. The comparison uses the "equals" method of nsILoginInfo, that does
+ * not include nsILoginMetaInfo properties in the test.
+ */
+ checkLogins(expectedLogins) {
+ this.assertLoginListsEqual(Services.logins.getAllLogins(), expectedLogins);
+ },
+
+ /**
+ * Checks that the two provided arrays of nsILoginInfo have the same length,
+ * and every login in "expected" is also found in "actual". The comparison
+ * uses the "equals" method of nsILoginInfo, that does not include
+ * nsILoginMetaInfo properties in the test.
+ */
+ assertLoginListsEqual(actual, expected) {
+ Assert.equal(expected.length, actual.length);
+ Assert.ok(expected.every(e => actual.some(a => a.equals(e))));
+ },
+
+ /**
+ * Checks that the two provided arrays of strings contain the same values,
+ * maybe in a different order, case-sensitively.
+ */
+ assertDisabledHostsEqual(actual, expected) {
+ Assert.deepEqual(actual.sort(), expected.sort());
+ },
+
+ /**
+ * Checks whether the given time, expressed as the number of milliseconds
+ * since January 1, 1970, 00:00:00 UTC, falls within 30 seconds of now.
+ */
+ assertTimeIsAboutNow(timeMs) {
+ Assert.ok(Math.abs(timeMs - Date.now()) < 30000);
+ },
+};
+
+/**
+ * This object contains functions that return new instances of nsILoginInfo for
+ * every call. The returned instances can be compared using their "equals" or
+ * "matches" methods, or modified for the needs of the specific test being run.
+ *
+ * Any modification to the test data requires updating the tests accordingly, in
+ * particular the search tests.
+ */
+this.LoginTestUtils.testData = {
+ /**
+ * Returns a new nsILoginInfo for use with form submits.
+ *
+ * @param modifications
+ * Each property of this object replaces the property of the same name
+ * in the returned nsILoginInfo or nsILoginMetaInfo.
+ */
+ formLogin(modifications) {
+ let loginInfo = new LoginInfo("http://www3.example.com",
+ "http://www.example.com", null,
+ "the username", "the password",
+ "form_field_username", "form_field_password");
+ loginInfo.QueryInterface(Ci.nsILoginMetaInfo);
+ if (modifications) {
+ for (let [name, value] of Object.entries(modifications)) {
+ loginInfo[name] = value;
+ }
+ }
+ return loginInfo;
+ },
+
+ /**
+ * Returns a new nsILoginInfo for use with HTTP authentication.
+ *
+ * @param modifications
+ * Each property of this object replaces the property of the same name
+ * in the returned nsILoginInfo or nsILoginMetaInfo.
+ */
+ authLogin(modifications) {
+ let loginInfo = new LoginInfo("http://www.example.org", null,
+ "The HTTP Realm", "the username",
+ "the password", "", "");
+ loginInfo.QueryInterface(Ci.nsILoginMetaInfo);
+ if (modifications) {
+ for (let [name, value] of Object.entries(modifications)) {
+ loginInfo[name] = value;
+ }
+ }
+ return loginInfo;
+ },
+
+ /**
+ * Returns an array of typical nsILoginInfo that could be stored in the
+ * database.
+ */
+ loginList() {
+ return [
+ // --- Examples of form logins (subdomains of example.com) ---
+
+ // Simple form login with named fields for username and password.
+ new LoginInfo("http://www.example.com", "http://www.example.com", null,
+ "the username", "the password for www.example.com",
+ "form_field_username", "form_field_password"),
+
+ // Different schemes are treated as completely different sites.
+ new LoginInfo("https://www.example.com", "https://www.example.com", null,
+ "the username", "the password for https",
+ "form_field_username", "form_field_password"),
+
+ // Subdomains are treated as completely different sites.
+ new LoginInfo("https://example.com", "https://example.com", null,
+ "the username", "the password for example.com",
+ "form_field_username", "form_field_password"),
+
+ // Forms found on the same host, but with different hostnames in the
+ // "action" attribute, are handled independently.
+ new LoginInfo("http://www3.example.com", "http://www.example.com", null,
+ "the username", "the password",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://www3.example.com", "https://www.example.com", null,
+ "the username", "the password",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://www3.example.com", "http://example.com", null,
+ "the username", "the password",
+ "form_field_username", "form_field_password"),
+
+ // It is not possible to store multiple passwords for the same username,
+ // however multiple passwords can be stored when the usernames differ.
+ // An empty username is a valid case and different from the others.
+ new LoginInfo("http://www4.example.com", "http://www4.example.com", null,
+ "username one", "password one",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://www4.example.com", "http://www4.example.com", null,
+ "username two", "password two",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://www4.example.com", "http://www4.example.com", null,
+ "", "password three",
+ "form_field_username", "form_field_password"),
+
+ // Username and passwords fields in forms may have no "name" attribute.
+ new LoginInfo("http://www5.example.com", "http://www5.example.com", null,
+ "multi username", "multi password", "", ""),
+
+ // Forms with PIN-type authentication will typically have no username.
+ new LoginInfo("http://www6.example.com", "http://www6.example.com", null,
+ "", "12345", "", "form_field_password"),
+
+ // --- Examples of authentication logins (subdomains of example.org) ---
+
+ // Simple HTTP authentication login.
+ new LoginInfo("http://www.example.org", null, "The HTTP Realm",
+ "the username", "the password", "", ""),
+
+ // Simple FTP authentication login.
+ new LoginInfo("ftp://ftp.example.org", null, "ftp://ftp.example.org",
+ "the username", "the password", "", ""),
+
+ // Multiple HTTP authentication logins can be stored for different realms.
+ new LoginInfo("http://www2.example.org", null, "The HTTP Realm",
+ "the username", "the password", "", ""),
+ new LoginInfo("http://www2.example.org", null, "The HTTP Realm Other",
+ "the username other", "the password other", "", ""),
+
+ // --- Both form and authentication logins (example.net) ---
+
+ new LoginInfo("http://example.net", "http://example.net", null,
+ "the username", "the password",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://example.net", "http://www.example.net", null,
+ "the username", "the password",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://example.net", "http://www.example.net", null,
+ "username two", "the password",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://example.net", null, "The HTTP Realm",
+ "the username", "the password", "", ""),
+ new LoginInfo("http://example.net", null, "The HTTP Realm Other",
+ "username two", "the password", "", ""),
+ new LoginInfo("ftp://example.net", null, "ftp://example.net",
+ "the username", "the password", "", ""),
+
+ // --- Examples of logins added by extensions (chrome scheme) ---
+
+ new LoginInfo("chrome://example_extension", null, "Example Login One",
+ "the username", "the password one", "", ""),
+ new LoginInfo("chrome://example_extension", null, "Example Login Two",
+ "the username", "the password two", "", ""),
+ ];
+ },
+};
+
+this.LoginTestUtils.recipes = {
+ getRecipeParent() {
+ let { LoginManagerParent } = Cu.import("resource://gre/modules/LoginManagerParent.jsm", {});
+ if (!LoginManagerParent.recipeParentPromise) {
+ return null;
+ }
+ return LoginManagerParent.recipeParentPromise.then((recipeParent) => {
+ return recipeParent;
+ });
+ },
+};
+
+this.LoginTestUtils.masterPassword = {
+ masterPassword: "omgsecret!",
+
+ _set(enable) {
+ let oldPW, newPW;
+ if (enable) {
+ oldPW = "";
+ newPW = this.masterPassword;
+ } else {
+ oldPW = this.masterPassword;
+ newPW = "";
+ }
+
+ let secmodDB = Cc["@mozilla.org/security/pkcs11moduledb;1"]
+ .getService(Ci.nsIPKCS11ModuleDB);
+ let slot = secmodDB.findSlotByName("");
+ if (!slot) {
+ throw new Error("Can't find slot");
+ }
+
+ // Set master password. Note that this does not log you in, so the next
+ // invocation of pwmgr can trigger a MP prompt.
+ let pk11db = Cc["@mozilla.org/security/pk11tokendb;1"]
+ .getService(Ci.nsIPK11TokenDB);
+ let token = pk11db.findTokenByName("");
+ if (slot.status == Ci.nsIPKCS11Slot.SLOT_UNINITIALIZED) {
+ dump("MP initialized to " + newPW + "\n");
+ token.initPassword(newPW);
+ } else {
+ token.checkPassword(oldPW);
+ dump("MP change from " + oldPW + " to " + newPW + "\n");
+ token.changePassword(oldPW, newPW);
+ }
+ },
+
+ enable() {
+ this._set(true);
+ },
+
+ disable() {
+ this._set(false);
+ },
+};
diff --git a/toolkit/components/passwordmgr/test/authenticate.sjs b/toolkit/components/passwordmgr/test/authenticate.sjs
new file mode 100644
index 000000000..42edc3220
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/authenticate.sjs
@@ -0,0 +1,228 @@
+function handleRequest(request, response)
+{
+ try {
+ reallyHandleRequest(request, response);
+ } catch (e) {
+ response.setStatusLine("1.0", 200, "AlmostOK");
+ response.write("Error handling request: " + e);
+ }
+}
+
+
+function reallyHandleRequest(request, response) {
+ var match;
+ var requestAuth = true, requestProxyAuth = true;
+
+ // Allow the caller to drive how authentication is processed via the query.
+ // Eg, http://localhost:8888/authenticate.sjs?user=foo&realm=bar
+ // The extra ? allows the user/pass/realm checks to succeed if the name is
+ // at the beginning of the query string.
+ var query = "?" + request.queryString;
+
+ var expected_user = "", expected_pass = "", realm = "mochitest";
+ var proxy_expected_user = "", proxy_expected_pass = "", proxy_realm = "mochi-proxy";
+ var huge = false, plugin = false, anonymous = false, formauth = false;
+ var authHeaderCount = 1;
+ // user=xxx
+ match = /[^_]user=([^&]*)/.exec(query);
+ if (match)
+ expected_user = match[1];
+
+ // pass=xxx
+ match = /[^_]pass=([^&]*)/.exec(query);
+ if (match)
+ expected_pass = match[1];
+
+ // realm=xxx
+ match = /[^_]realm=([^&]*)/.exec(query);
+ if (match)
+ realm = match[1];
+
+ // proxy_user=xxx
+ match = /proxy_user=([^&]*)/.exec(query);
+ if (match)
+ proxy_expected_user = match[1];
+
+ // proxy_pass=xxx
+ match = /proxy_pass=([^&]*)/.exec(query);
+ if (match)
+ proxy_expected_pass = match[1];
+
+ // proxy_realm=xxx
+ match = /proxy_realm=([^&]*)/.exec(query);
+ if (match)
+ proxy_realm = match[1];
+
+ // huge=1
+ match = /huge=1/.exec(query);
+ if (match)
+ huge = true;
+
+ // plugin=1
+ match = /plugin=1/.exec(query);
+ if (match)
+ plugin = true;
+
+ // multiple=1
+ match = /multiple=([^&]*)/.exec(query);
+ if (match)
+ authHeaderCount = match[1]+0;
+
+ // anonymous=1
+ match = /anonymous=1/.exec(query);
+ if (match)
+ anonymous = true;
+
+ // formauth=1
+ match = /formauth=1/.exec(query);
+ if (match)
+ formauth = true;
+
+ // Look for an authentication header, if any, in the request.
+ //
+ // EG: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
+ //
+ // This test only supports Basic auth. The value sent by the client is
+ // "username:password", obscured with base64 encoding.
+
+ var actual_user = "", actual_pass = "", authHeader, authPresent = false;
+ if (request.hasHeader("Authorization")) {
+ authPresent = true;
+ authHeader = request.getHeader("Authorization");
+ match = /Basic (.+)/.exec(authHeader);
+ if (match.length != 2)
+ throw new Error("Couldn't parse auth header: " + authHeader);
+
+ var userpass = base64ToString(match[1]); // no atob() :-(
+ match = /(.*):(.*)/.exec(userpass);
+ if (match.length != 3)
+ throw new Error("Couldn't decode auth header: " + userpass);
+ actual_user = match[1];
+ actual_pass = match[2];
+ }
+
+ var proxy_actual_user = "", proxy_actual_pass = "";
+ if (request.hasHeader("Proxy-Authorization")) {
+ authHeader = request.getHeader("Proxy-Authorization");
+ match = /Basic (.+)/.exec(authHeader);
+ if (match.length != 2)
+ throw new Error("Couldn't parse auth header: " + authHeader);
+
+ var userpass = base64ToString(match[1]); // no atob() :-(
+ match = /(.*):(.*)/.exec(userpass);
+ if (match.length != 3)
+ throw new Error("Couldn't decode auth header: " + userpass);
+ proxy_actual_user = match[1];
+ proxy_actual_pass = match[2];
+ }
+
+ // Don't request authentication if the credentials we got were what we
+ // expected.
+ if (expected_user == actual_user &&
+ expected_pass == actual_pass) {
+ requestAuth = false;
+ }
+ if (proxy_expected_user == proxy_actual_user &&
+ proxy_expected_pass == proxy_actual_pass) {
+ requestProxyAuth = false;
+ }
+
+ if (anonymous) {
+ if (authPresent) {
+ response.setStatusLine("1.0", 400, "Unexpected authorization header found");
+ } else {
+ response.setStatusLine("1.0", 200, "Authorization header not found");
+ }
+ } else {
+ if (requestProxyAuth) {
+ response.setStatusLine("1.0", 407, "Proxy authentication required");
+ for (i = 0; i < authHeaderCount; ++i)
+ response.setHeader("Proxy-Authenticate", "basic realm=\"" + proxy_realm + "\"", true);
+ } else if (requestAuth) {
+ if (formauth && authPresent)
+ response.setStatusLine("1.0", 403, "Form authentication required");
+ else
+ response.setStatusLine("1.0", 401, "Authentication required");
+ for (i = 0; i < authHeaderCount; ++i)
+ response.setHeader("WWW-Authenticate", "basic realm=\"" + realm + "\"", true);
+ } else {
+ response.setStatusLine("1.0", 200, "OK");
+ }
+ }
+
+ response.setHeader("Content-Type", "application/xhtml+xml", false);
+ response.write("<html xmlns='http://www.w3.org/1999/xhtml'>");
+ response.write("<p>Login: <span id='ok'>" + (requestAuth ? "FAIL" : "PASS") + "</span></p>\n");
+ response.write("<p>Proxy: <span id='proxy'>" + (requestProxyAuth ? "FAIL" : "PASS") + "</span></p>\n");
+ response.write("<p>Auth: <span id='auth'>" + authHeader + "</span></p>\n");
+ response.write("<p>User: <span id='user'>" + actual_user + "</span></p>\n");
+ response.write("<p>Pass: <span id='pass'>" + actual_pass + "</span></p>\n");
+
+ if (huge) {
+ response.write("<div style='display: none'>");
+ for (i = 0; i < 100000; i++) {
+ response.write("123456789\n");
+ }
+ response.write("</div>");
+ response.write("<span id='footnote'>This is a footnote after the huge content fill</span>");
+ }
+
+ if (plugin) {
+ response.write("<embed id='embedtest' style='width: 400px; height: 100px;' " +
+ "type='application/x-test'></embed>\n");
+ }
+
+ response.write("</html>");
+}
+
+
+// base64 decoder
+//
+// Yoinked from extensions/xml-rpc/src/nsXmlRpcClient.js because btoa()
+// doesn't seem to exist. :-(
+/* Convert Base64 data to a string */
+const toBinaryTable = [
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63,
+ 52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1, 0,-1,-1,
+ -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10, 11,12,13,14,
+ 15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1,
+ -1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40,
+ 41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1
+];
+const base64Pad = '=';
+
+function base64ToString(data) {
+
+ var result = '';
+ var leftbits = 0; // number of bits decoded, but yet to be appended
+ var leftdata = 0; // bits decoded, but yet to be appended
+
+ // Convert one by one.
+ for (var i = 0; i < data.length; i++) {
+ var c = toBinaryTable[data.charCodeAt(i) & 0x7f];
+ var padding = (data[i] == base64Pad);
+ // Skip illegal characters and whitespace
+ if (c == -1) continue;
+
+ // Collect data into leftdata, update bitcount
+ leftdata = (leftdata << 6) | c;
+ leftbits += 6;
+
+ // If we have 8 or more bits, append 8 bits to the result
+ if (leftbits >= 8) {
+ leftbits -= 8;
+ // Append if not padding.
+ if (!padding)
+ result += String.fromCharCode((leftdata >> leftbits) & 0xff);
+ leftdata &= (1 << leftbits) - 1;
+ }
+ }
+
+ // If there are any bits left, the base64 string was corrupted
+ if (leftbits)
+ throw Components.Exception('Corrupted base64 string');
+
+ return result;
+}
diff --git a/toolkit/components/passwordmgr/test/blank.html b/toolkit/components/passwordmgr/test/blank.html
new file mode 100644
index 000000000..81ddc2235
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/blank.html
@@ -0,0 +1,8 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ </head>
+ <body>
+ </body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/.eslintrc.js b/toolkit/components/passwordmgr/test/browser/.eslintrc.js
new file mode 100644
index 000000000..7c8021192
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/.eslintrc.js
@@ -0,0 +1,7 @@
+"use strict";
+
+module.exports = {
+ "extends": [
+ "../../../../../testing/mochitest/browser.eslintrc.js"
+ ]
+};
diff --git a/toolkit/components/passwordmgr/test/browser/authenticate.sjs b/toolkit/components/passwordmgr/test/browser/authenticate.sjs
new file mode 100644
index 000000000..fe2d2423c
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/authenticate.sjs
@@ -0,0 +1,110 @@
+function handleRequest(request, response)
+{
+ var match;
+ var requestAuth = true;
+
+ // Allow the caller to drive how authentication is processed via the query.
+ // Eg, http://localhost:8888/authenticate.sjs?user=foo&realm=bar
+ // The extra ? allows the user/pass/realm checks to succeed if the name is
+ // at the beginning of the query string.
+ var query = "?" + request.queryString;
+
+ var expected_user = "test", expected_pass = "testpass", realm = "mochitest";
+
+ // Look for an authentication header, if any, in the request.
+ //
+ // EG: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
+ //
+ // This test only supports Basic auth. The value sent by the client is
+ // "username:password", obscured with base64 encoding.
+
+ var actual_user = "", actual_pass = "", authHeader, authPresent = false;
+ if (request.hasHeader("Authorization")) {
+ authPresent = true;
+ authHeader = request.getHeader("Authorization");
+ match = /Basic (.+)/.exec(authHeader);
+ if (match.length != 2)
+ throw new Error("Couldn't parse auth header: " + authHeader);
+
+ var userpass = base64ToString(match[1]); // no atob() :-(
+ match = /(.*):(.*)/.exec(userpass);
+ if (match.length != 3)
+ throw new Error("Couldn't decode auth header: " + userpass);
+ actual_user = match[1];
+ actual_pass = match[2];
+ }
+
+ // Don't request authentication if the credentials we got were what we
+ // expected.
+ if (expected_user == actual_user &&
+ expected_pass == actual_pass) {
+ requestAuth = false;
+ }
+
+ if (requestAuth) {
+ response.setStatusLine("1.0", 401, "Authentication required");
+ response.setHeader("WWW-Authenticate", "basic realm=\"" + realm + "\"", true);
+ } else {
+ response.setStatusLine("1.0", 200, "OK");
+ }
+
+ response.setHeader("Content-Type", "application/xhtml+xml", false);
+ response.write("<html xmlns='http://www.w3.org/1999/xhtml'>");
+ response.write("<p>Login: <span id='ok'>" + (requestAuth ? "FAIL" : "PASS") + "</span></p>\n");
+ response.write("<p>Auth: <span id='auth'>" + authHeader + "</span></p>\n");
+ response.write("<p>User: <span id='user'>" + actual_user + "</span></p>\n");
+ response.write("<p>Pass: <span id='pass'>" + actual_pass + "</span></p>\n");
+ response.write("</html>");
+}
+
+
+// base64 decoder
+//
+// Yoinked from extensions/xml-rpc/src/nsXmlRpcClient.js because btoa()
+// doesn't seem to exist. :-(
+/* Convert Base64 data to a string */
+const toBinaryTable = [
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63,
+ 52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1, 0,-1,-1,
+ -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10, 11,12,13,14,
+ 15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1,
+ -1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40,
+ 41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1
+];
+const base64Pad = '=';
+
+function base64ToString(data) {
+
+ var result = '';
+ var leftbits = 0; // number of bits decoded, but yet to be appended
+ var leftdata = 0; // bits decoded, but yet to be appended
+
+ // Convert one by one.
+ for (var i = 0; i < data.length; i++) {
+ var c = toBinaryTable[data.charCodeAt(i) & 0x7f];
+ var padding = (data[i] == base64Pad);
+ // Skip illegal characters and whitespace
+ if (c == -1) continue;
+
+ // Collect data into leftdata, update bitcount
+ leftdata = (leftdata << 6) | c;
+ leftbits += 6;
+
+ // If we have 8 or more bits, append 8 bits to the result
+ if (leftbits >= 8) {
+ leftbits -= 8;
+ // Append if not padding.
+ if (!padding)
+ result += String.fromCharCode((leftdata >> leftbits) & 0xff);
+ leftdata &= (1 << leftbits) - 1;
+ }
+ }
+
+ // If there are any bits left, the base64 string was corrupted
+ if (leftbits)
+ throw Components.Exception('Corrupted base64 string');
+
+ return result;
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser.ini b/toolkit/components/passwordmgr/test/browser/browser.ini
new file mode 100644
index 000000000..b17591436
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser.ini
@@ -0,0 +1,72 @@
+[DEFAULT]
+support-files =
+ ../formsubmit.sjs
+ authenticate.sjs
+ form_basic.html
+ form_basic_iframe.html
+ formless_basic.html
+ form_same_origin_action.html
+ form_cross_origin_secure_action.html
+ head.js
+ insecure_test.html
+ insecure_test_subframe.html
+ multiple_forms.html
+ streamConverter_content.sjs
+
+[browser_autocomplete_insecure_warning.js]
+support-files =
+ form_cross_origin_insecure_action.html
+[browser_capture_doorhanger.js]
+support-files =
+ subtst_notifications_1.html
+ subtst_notifications_2.html
+ subtst_notifications_2pw_0un.html
+ subtst_notifications_2pw_1un_1text.html
+ subtst_notifications_3.html
+ subtst_notifications_4.html
+ subtst_notifications_5.html
+ subtst_notifications_6.html
+ subtst_notifications_8.html
+ subtst_notifications_9.html
+ subtst_notifications_10.html
+ subtst_notifications_change_p.html
+[browser_capture_doorhanger_httpsUpgrade.js]
+support-files =
+ subtst_notifications_1.html
+ subtst_notifications_8.html
+[browser_capture_doorhanger_window_open.js]
+support-files =
+ subtst_notifications_11.html
+ subtst_notifications_11_popup.html
+skip-if = os == "linux" # Bug 1312981, bug 1313136
+[browser_context_menu_autocomplete_interaction.js]
+[browser_username_select_dialog.js]
+support-files =
+ subtst_notifications_change_p.html
+[browser_DOMFormHasPassword.js]
+[browser_DOMInputPasswordAdded.js]
+[browser_exceptions_dialog.js]
+[browser_formless_submit_chrome.js]
+[browser_hasInsecureLoginForms.js]
+[browser_hasInsecureLoginForms_streamConverter.js]
+[browser_http_autofill.js]
+[browser_insecurePasswordConsoleWarning.js]
+support-files =
+ form_cross_origin_insecure_action.html
+[browser_master_password_autocomplete.js]
+[browser_notifications.js]
+[browser_notifications_username.js]
+[browser_notifications_password.js]
+[browser_notifications_2.js]
+skip-if = os == "linux" # Bug 1272849 Main action button disabled state intermittent
+[browser_passwordmgr_editing.js]
+skip-if = os == "linux"
+[browser_context_menu.js]
+[browser_context_menu_iframe.js]
+[browser_passwordmgr_contextmenu.js]
+subsuite = clipboard
+[browser_passwordmgr_fields.js]
+[browser_passwordmgr_observers.js]
+[browser_passwordmgr_sort.js]
+[browser_passwordmgr_switchtab.js]
+[browser_passwordmgrdlg.js]
diff --git a/toolkit/components/passwordmgr/test/browser/browser_DOMFormHasPassword.js b/toolkit/components/passwordmgr/test/browser/browser_DOMFormHasPassword.js
new file mode 100644
index 000000000..80a0dd903
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_DOMFormHasPassword.js
@@ -0,0 +1,94 @@
+const ids = {
+ INPUT_ID: "input1",
+ FORM1_ID: "form1",
+ FORM2_ID: "form2",
+ CHANGE_INPUT_ID: "input2",
+};
+
+function task(contentIds) {
+ let resolve;
+ let promise = new Promise(r => { resolve = r; });
+
+ function unexpectedContentEvent(evt) {
+ ok(false, "Received a " + evt.type + " event on content");
+ }
+
+ var gDoc = null;
+
+ addEventListener("load", tabLoad, true);
+
+ function tabLoad() {
+ if (content.location.href == "about:blank")
+ return;
+ removeEventListener("load", tabLoad, true);
+
+ gDoc = content.document;
+ gDoc.addEventListener("DOMFormHasPassword", unexpectedContentEvent, false);
+ gDoc.defaultView.setTimeout(test_inputAdd, 0);
+ }
+
+ function test_inputAdd() {
+ addEventListener("DOMFormHasPassword", test_inputAddHandler, false);
+ let input = gDoc.createElementNS("http://www.w3.org/1999/xhtml", "input");
+ input.setAttribute("type", "password");
+ input.setAttribute("id", contentIds.INPUT_ID);
+ input.setAttribute("data-test", "unique-attribute");
+ gDoc.getElementById(contentIds.FORM1_ID).appendChild(input);
+ }
+
+ function test_inputAddHandler(evt) {
+ removeEventListener(evt.type, test_inputAddHandler, false);
+ is(evt.target.id, contentIds.FORM1_ID,
+ evt.type + " event targets correct form element (added password element)");
+ gDoc.defaultView.setTimeout(test_inputChangeForm, 0);
+ }
+
+ function test_inputChangeForm() {
+ addEventListener("DOMFormHasPassword", test_inputChangeFormHandler, false);
+ let input = gDoc.getElementById(contentIds.INPUT_ID);
+ input.setAttribute("form", contentIds.FORM2_ID);
+ }
+
+ function test_inputChangeFormHandler(evt) {
+ removeEventListener(evt.type, test_inputChangeFormHandler, false);
+ is(evt.target.id, contentIds.FORM2_ID,
+ evt.type + " event targets correct form element (changed form)");
+ gDoc.defaultView.setTimeout(test_inputChangesType, 0);
+ }
+
+ function test_inputChangesType() {
+ addEventListener("DOMFormHasPassword", test_inputChangesTypeHandler, false);
+ let input = gDoc.getElementById(contentIds.CHANGE_INPUT_ID);
+ input.setAttribute("type", "password");
+ }
+
+ function test_inputChangesTypeHandler(evt) {
+ removeEventListener(evt.type, test_inputChangesTypeHandler, false);
+ is(evt.target.id, contentIds.FORM1_ID,
+ evt.type + " event targets correct form element (changed type)");
+ gDoc.defaultView.setTimeout(finish, 0);
+ }
+
+ function finish() {
+ gDoc.removeEventListener("DOMFormHasPassword", unexpectedContentEvent, false);
+ resolve();
+ }
+
+ return promise;
+}
+
+add_task(function* () {
+ let tab = gBrowser.selectedTab = gBrowser.addTab();
+
+ let promise = ContentTask.spawn(tab.linkedBrowser, ids, task);
+ tab.linkedBrowser.loadURI("data:text/html;charset=utf-8," +
+ "<html><body>" +
+ "<form id='" + ids.FORM1_ID + "'>" +
+ "<input id='" + ids.CHANGE_INPUT_ID + "'></form>" +
+ "<form id='" + ids.FORM2_ID + "'></form>" +
+ "</body></html>");
+ yield promise;
+
+ ok(true, "Test completed");
+ gBrowser.removeCurrentTab();
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_DOMInputPasswordAdded.js b/toolkit/components/passwordmgr/test/browser/browser_DOMInputPasswordAdded.js
new file mode 100644
index 000000000..f54892e19
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_DOMInputPasswordAdded.js
@@ -0,0 +1,99 @@
+const consts = {
+ HTML_NS: "http://www.w3.org/1999/xhtml",
+
+ INPUT_ID: "input1",
+ FORM1_ID: "form1",
+ FORM2_ID: "form2",
+ CHANGE_INPUT_ID: "input2",
+ BODY_INPUT_ID: "input3",
+};
+
+function task(contentConsts) {
+ let resolve;
+ let promise = new Promise(r => { resolve = r; });
+
+ function unexpectedContentEvent(evt) {
+ Assert.ok(false, "Received a " + evt.type + " event on content");
+ }
+
+ var gDoc = null;
+
+ addEventListener("load", tabLoad, true);
+
+ function tabLoad() {
+ removeEventListener("load", tabLoad, true);
+ gDoc = content.document;
+ // These events shouldn't escape to content.
+ gDoc.addEventListener("DOMInputPasswordAdded", unexpectedContentEvent, false);
+ gDoc.defaultView.setTimeout(test_inputAdd, 0);
+ }
+
+ function test_inputAdd() {
+ addEventListener("DOMInputPasswordAdded", test_inputAddHandler, false);
+ let input = gDoc.createElementNS(contentConsts.HTML_NS, "input");
+ input.setAttribute("type", "password");
+ input.setAttribute("id", contentConsts.INPUT_ID);
+ input.setAttribute("data-test", "unique-attribute");
+ gDoc.getElementById(contentConsts.FORM1_ID).appendChild(input);
+ info("Done appending the input element");
+ }
+
+ function test_inputAddHandler(evt) {
+ removeEventListener(evt.type, test_inputAddHandler, false);
+ Assert.equal(evt.target.id, contentConsts.INPUT_ID,
+ evt.type + " event targets correct input element (added password element)");
+ gDoc.defaultView.setTimeout(test_inputAddOutsideForm, 0);
+ }
+
+ function test_inputAddOutsideForm() {
+ addEventListener("DOMInputPasswordAdded", test_inputAddOutsideFormHandler, false);
+ let input = gDoc.createElementNS(contentConsts.HTML_NS, "input");
+ input.setAttribute("type", "password");
+ input.setAttribute("id", contentConsts.BODY_INPUT_ID);
+ input.setAttribute("data-test", "unique-attribute");
+ gDoc.body.appendChild(input);
+ info("Done appending the input element to the body");
+ }
+
+ function test_inputAddOutsideFormHandler(evt) {
+ removeEventListener(evt.type, test_inputAddOutsideFormHandler, false);
+ Assert.equal(evt.target.id, contentConsts.BODY_INPUT_ID,
+ evt.type + " event targets correct input element (added password element outside form)");
+ gDoc.defaultView.setTimeout(test_inputChangesType, 0);
+ }
+
+ function test_inputChangesType() {
+ addEventListener("DOMInputPasswordAdded", test_inputChangesTypeHandler, false);
+ let input = gDoc.getElementById(contentConsts.CHANGE_INPUT_ID);
+ input.setAttribute("type", "password");
+ }
+
+ function test_inputChangesTypeHandler(evt) {
+ removeEventListener(evt.type, test_inputChangesTypeHandler, false);
+ Assert.equal(evt.target.id, contentConsts.CHANGE_INPUT_ID,
+ evt.type + " event targets correct input element (changed type)");
+ gDoc.defaultView.setTimeout(completeTest, 0);
+ }
+
+ function completeTest() {
+ Assert.ok(true, "Test completed");
+ gDoc.removeEventListener("DOMInputPasswordAdded", unexpectedContentEvent, false);
+ resolve();
+ }
+
+ return promise;
+}
+
+add_task(function* () {
+ let tab = gBrowser.selectedTab = gBrowser.addTab();
+ let promise = ContentTask.spawn(tab.linkedBrowser, consts, task);
+ tab.linkedBrowser.loadURI("data:text/html;charset=utf-8," +
+ "<html><body>" +
+ "<form id='" + consts.FORM1_ID + "'>" +
+ "<input id='" + consts.CHANGE_INPUT_ID + "'></form>" +
+ "<form id='" + consts.FORM2_ID + "'></form>" +
+ "</body></html>");
+ yield promise;
+ gBrowser.removeCurrentTab();
+});
+
diff --git a/toolkit/components/passwordmgr/test/browser/browser_autocomplete_insecure_warning.js b/toolkit/components/passwordmgr/test/browser/browser_autocomplete_insecure_warning.js
new file mode 100644
index 000000000..6aa8e5cf7
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_autocomplete_insecure_warning.js
@@ -0,0 +1,41 @@
+"use strict";
+
+const EXPECTED_SUPPORT_URL = Services.urlFormatter.formatURLPref("app.support.baseURL") +
+ "insecure-password";
+
+add_task(function* test_clickInsecureFieldWarning() {
+ let url = "https://example.com" + DIRECTORY_PATH + "form_cross_origin_insecure_action.html";
+
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url,
+ }, function*(browser) {
+ let popup = document.getElementById("PopupAutoComplete");
+ ok(popup, "Got popup");
+
+ let promiseShown = BrowserTestUtils.waitForEvent(popup, "popupshown");
+
+ yield SimpleTest.promiseFocus(browser);
+ info("content window focused");
+
+ // Focus the username field to open the popup.
+ yield ContentTask.spawn(browser, null, function openAutocomplete() {
+ content.document.getElementById("form-basic-username").focus();
+ });
+
+ yield promiseShown;
+ ok(promiseShown, "autocomplete shown");
+
+ let warningItem = document.getAnonymousElementByAttribute(popup, "type", "insecureWarning");
+ ok(warningItem, "Got warning richlistitem");
+
+ yield BrowserTestUtils.waitForCondition(() => !warningItem.collapsed, "Wait for warning to show");
+
+ info("Clicking on warning");
+ let supportTabPromise = BrowserTestUtils.waitForNewTab(gBrowser, EXPECTED_SUPPORT_URL);
+ EventUtils.synthesizeMouseAtCenter(warningItem, {});
+ let supportTab = yield supportTabPromise;
+ ok(supportTab, "Support tab opened");
+ yield BrowserTestUtils.removeTab(supportTab);
+ });
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger.js b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger.js
new file mode 100644
index 000000000..b6bfdbf50
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger.js
@@ -0,0 +1,600 @@
+/*
+ * Test capture popup notifications
+ */
+
+const BRAND_BUNDLE = Services.strings.createBundle("chrome://branding/locale/brand.properties");
+const BRAND_SHORT_NAME = BRAND_BUNDLE.GetStringFromName("brandShortName");
+
+let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+let login1 = new nsLoginInfo("http://example.com", "http://example.com", null,
+ "notifyu1", "notifyp1", "user", "pass");
+let login2 = new nsLoginInfo("http://example.com", "http://example.com", null,
+ "", "notifyp1", "", "pass");
+let login1B = new nsLoginInfo("http://example.com", "http://example.com", null,
+ "notifyu1B", "notifyp1B", "user", "pass");
+let login2B = new nsLoginInfo("http://example.com", "http://example.com", null,
+ "", "notifyp1B", "", "pass");
+
+requestLongerTimeout(2);
+
+add_task(function* setup() {
+ // Load recipes for this test.
+ let recipeParent = yield LoginManagerParent.recipeParentPromise;
+ yield recipeParent.load({
+ siteRecipes: [{
+ hosts: ["example.org"],
+ usernameSelector: "#user",
+ passwordSelector: "#pass",
+ }],
+ });
+});
+
+add_task(function* test_remember_opens() {
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+ notif.remove();
+ });
+});
+
+add_task(function* test_clickNever() {
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+ is(true, Services.logins.getLoginSavingEnabled("http://example.com"),
+ "Checking for login saving enabled");
+
+ yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1");
+ clickDoorhangerButton(notif, NEVER_BUTTON);
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+
+ info("Make sure Never took effect");
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(!notif, "checking for no notification popup");
+ is(false, Services.logins.getLoginSavingEnabled("http://example.com"),
+ "Checking for login saving disabled");
+ Services.logins.setLoginSavingEnabled("http://example.com", true);
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+add_task(function* test_clickRemember() {
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+
+ yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1");
+ clickDoorhangerButton(notif, REMEMBER_BUTTON);
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username used on the new entry");
+ is(login.password, "notifyp1", "Check the password used on the new entry");
+ is(login.timesUsed, 1, "Check times used on new entry");
+
+ info("Make sure Remember took effect and we don't prompt for an existing login");
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(!notif, "checking for no notification popup");
+ });
+
+ logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username used");
+ is(login.password, "notifyp1", "Check the password used");
+ is(login.timesUsed, 2, "Check times used incremented");
+
+ checkOnlyLoginWasUsedTwice({ justChanged: false });
+
+ // remove that login
+ Services.logins.removeLogin(login1);
+});
+
+/* signons.rememberSignons pref tests... */
+
+add_task(function* test_rememberSignonsFalse() {
+ info("Make sure we don't prompt with rememberSignons=false");
+ Services.prefs.setBoolPref("signon.rememberSignons", false);
+
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(!notif, "checking for no notification popup");
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+add_task(function* test_rememberSignonsTrue() {
+ info("Make sure we prompt with rememberSignons=true");
+ Services.prefs.setBoolPref("signon.rememberSignons", true);
+
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+ notif.remove();
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+/* autocomplete=off tests... */
+
+add_task(function* test_autocompleteOffUsername() {
+ info("Check for notification popup when autocomplete=off present on username");
+
+ yield testSubmittingLoginForm("subtst_notifications_2.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "checking for notification popup");
+ notif.remove();
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+add_task(function* test_autocompleteOffPassword() {
+ info("Check for notification popup when autocomplete=off present on password");
+
+ yield testSubmittingLoginForm("subtst_notifications_3.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "checking for notification popup");
+ notif.remove();
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+add_task(function* test_autocompleteOffForm() {
+ info("Check for notification popup when autocomplete=off present on form");
+
+ yield testSubmittingLoginForm("subtst_notifications_4.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "checking for notification popup");
+ notif.remove();
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+
+add_task(function* test_noPasswordField() {
+ info("Check for no notification popup when no password field present");
+
+ yield testSubmittingLoginForm("subtst_notifications_5.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "null", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(!notif, "checking for no notification popup");
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+add_task(function* test_pwOnlyLoginMatchesForm() {
+ info("Check for update popup when existing pw-only login matches form.");
+ Services.logins.addLogin(login2);
+
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "checking for notification popup");
+ notif.remove();
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "", "Check the username");
+ is(login.password, "notifyp1", "Check the password");
+ is(login.timesUsed, 1, "Check times used");
+
+ Services.logins.removeLogin(login2);
+});
+
+add_task(function* test_pwOnlyFormMatchesLogin() {
+ info("Check for no notification popup when pw-only form matches existing login.");
+ Services.logins.addLogin(login1);
+
+ yield testSubmittingLoginForm("subtst_notifications_6.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(!notif, "checking for no notification popup");
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username");
+ is(login.password, "notifyp1", "Check the password");
+ is(login.timesUsed, 2, "Check times used");
+
+ Services.logins.removeLogin(login1);
+});
+
+add_task(function* test_pwOnlyFormDoesntMatchExisting() {
+ info("Check for notification popup when pw-only form doesn't match existing login.");
+ Services.logins.addLogin(login1B);
+
+ yield testSubmittingLoginForm("subtst_notifications_6.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+ notif.remove();
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1B", "Check the username unchanged");
+ is(login.password, "notifyp1B", "Check the password unchanged");
+ is(login.timesUsed, 1, "Check times used");
+
+ Services.logins.removeLogin(login1B);
+});
+
+add_task(function* test_changeUPLoginOnUPForm_dont() {
+ info("Check for change-password popup, u+p login on u+p form. (not changed)");
+ Services.logins.addLogin(login1);
+
+ yield testSubmittingLoginForm("subtst_notifications_8.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "pass2", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "got notification popup");
+
+ yield* checkDoorhangerUsernamePassword("notifyu1", "pass2");
+ clickDoorhangerButton(notif, DONT_CHANGE_BUTTON);
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username unchanged");
+ is(login.password, "notifyp1", "Check the password unchanged");
+ is(login.timesUsed, 1, "Check times used");
+
+ Services.logins.removeLogin(login1);
+});
+
+add_task(function* test_changeUPLoginOnUPForm_change() {
+ info("Check for change-password popup, u+p login on u+p form.");
+ Services.logins.addLogin(login1);
+
+ yield testSubmittingLoginForm("subtst_notifications_8.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "pass2", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "got notification popup");
+
+ yield* checkDoorhangerUsernamePassword("notifyu1", "pass2");
+ clickDoorhangerButton(notif, CHANGE_BUTTON);
+
+ ok(!getCaptureDoorhanger("password-change"), "popup should be gone");
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username unchanged");
+ is(login.password, "pass2", "Check the password changed");
+ is(login.timesUsed, 2, "Check times used");
+
+ checkOnlyLoginWasUsedTwice({ justChanged: true });
+
+ // cleanup
+ login1.password = "pass2";
+ Services.logins.removeLogin(login1);
+ login1.password = "notifyp1";
+});
+
+add_task(function* test_changePLoginOnUPForm() {
+ info("Check for change-password popup, p-only login on u+p form.");
+ Services.logins.addLogin(login2);
+
+ yield testSubmittingLoginForm("subtst_notifications_9.html", function*(fieldValues) {
+ is(fieldValues.username, "", "Checking submitted username");
+ is(fieldValues.password, "pass2", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "got notification popup");
+
+ yield* checkDoorhangerUsernamePassword("", "pass2");
+ clickDoorhangerButton(notif, CHANGE_BUTTON);
+
+ ok(!getCaptureDoorhanger("password-change"), "popup should be gone");
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "", "Check the username unchanged");
+ is(login.password, "pass2", "Check the password changed");
+ is(login.timesUsed, 2, "Check times used");
+
+ // no cleanup -- saved password to be used in the next test.
+});
+
+add_task(function* test_changePLoginOnPForm() {
+ info("Check for change-password popup, p-only login on p-only form.");
+
+ yield testSubmittingLoginForm("subtst_notifications_10.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "got notification popup");
+
+ yield* checkDoorhangerUsernamePassword("", "notifyp1");
+ clickDoorhangerButton(notif, CHANGE_BUTTON);
+
+ ok(!getCaptureDoorhanger("password-change"), "popup should be gone");
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "", "Check the username unchanged");
+ is(login.password, "notifyp1", "Check the password changed");
+ is(login.timesUsed, 3, "Check times used");
+
+ Services.logins.removeLogin(login2);
+});
+
+add_task(function* test_checkUPSaveText() {
+ info("Check text on a user+pass notification popup");
+
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+ // Check the text, which comes from the localized saveLoginText string.
+ let notificationText = notif.message;
+ let expectedText = "Would you like " + BRAND_SHORT_NAME + " to remember this login?";
+ is(expectedText, notificationText, "Checking text: " + notificationText);
+ notif.remove();
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+add_task(function* test_checkPSaveText() {
+ info("Check text on a pass-only notification popup");
+
+ yield testSubmittingLoginForm("subtst_notifications_6.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+ // Check the text, which comes from the localized saveLoginTextNoUser string.
+ let notificationText = notif.message;
+ let expectedText = "Would you like " + BRAND_SHORT_NAME + " to remember this password?";
+ is(expectedText, notificationText, "Checking text: " + notificationText);
+ notif.remove();
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+add_task(function* test_capture2pw0un() {
+ info("Check for notification popup when a form with 2 password fields (no username) " +
+ "is submitted and there are no saved logins.");
+
+ yield testSubmittingLoginForm("subtst_notifications_2pw_0un.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+ notif.remove();
+ });
+
+ is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet");
+});
+
+add_task(function* test_change2pw0unExistingDifferentUP() {
+ info("Check for notification popup when a form with 2 password fields (no username) " +
+ "is submitted and there is a saved login with a username and different password.");
+
+ Services.logins.addLogin(login1B);
+
+ yield testSubmittingLoginForm("subtst_notifications_2pw_0un.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "got notification popup");
+ notif.remove();
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1B", "Check the username unchanged");
+ is(login.password, "notifyp1B", "Check the password unchanged");
+ is(login.timesUsed, 1, "Check times used");
+
+ Services.logins.removeLogin(login1B);
+});
+
+add_task(function* test_change2pw0unExistingDifferentP() {
+ info("Check for notification popup when a form with 2 password fields (no username) " +
+ "is submitted and there is a saved login with no username and different password.");
+
+ Services.logins.addLogin(login2B);
+
+ yield testSubmittingLoginForm("subtst_notifications_2pw_0un.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "got notification popup");
+ notif.remove();
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "", "Check the username unchanged");
+ is(login.password, "notifyp1B", "Check the password unchanged");
+ is(login.timesUsed, 1, "Check times used");
+
+ Services.logins.removeLogin(login2B);
+});
+
+add_task(function* test_change2pw0unExistingWithSameP() {
+ info("Check for no notification popup when a form with 2 password fields (no username) " +
+ "is submitted and there is a saved login with a username and the same password.");
+
+ Services.logins.addLogin(login2);
+
+ yield testSubmittingLoginForm("subtst_notifications_2pw_0un.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(!notif, "checking for no notification popup");
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "", "Check the username unchanged");
+ is(login.password, "notifyp1", "Check the password unchanged");
+ is(login.timesUsed, 2, "Check times used incremented");
+
+ checkOnlyLoginWasUsedTwice({ justChanged: false });
+
+ Services.logins.removeLogin(login2);
+});
+
+add_task(function* test_changeUPLoginOnPUpdateForm() {
+ info("Check for change-password popup, u+p login on password update form.");
+ Services.logins.addLogin(login1);
+
+ yield testSubmittingLoginForm("subtst_notifications_change_p.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "pass2", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "got notification popup");
+
+ yield* checkDoorhangerUsernamePassword("notifyu1", "pass2");
+ clickDoorhangerButton(notif, CHANGE_BUTTON);
+
+ ok(!getCaptureDoorhanger("password-change"), "popup should be gone");
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username unchanged");
+ is(login.password, "pass2", "Check the password changed");
+ is(login.timesUsed, 2, "Check times used");
+
+ checkOnlyLoginWasUsedTwice({ justChanged: true });
+
+ // cleanup
+ login1.password = "pass2";
+ Services.logins.removeLogin(login1);
+ login1.password = "notifyp1";
+});
+
+add_task(function* test_recipeCaptureFields_NewLogin() {
+ info("Check that we capture the proper fields when a field recipe is in use.");
+
+ yield testSubmittingLoginForm("subtst_notifications_2pw_1un_1text.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+
+ // Sanity check, no logins should exist yet.
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 0, "Should not have any logins yet");
+
+ yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1");
+ clickDoorhangerButton(notif, REMEMBER_BUTTON);
+
+ }, "http://example.org"); // The recipe is for example.org
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username unchanged");
+ is(login.password, "notifyp1", "Check the password unchanged");
+ is(login.timesUsed, 1, "Check times used");
+});
+
+add_task(function* test_recipeCaptureFields_ExistingLogin() {
+ info("Check that we capture the proper fields when a field recipe is in use " +
+ "and there is a matching login");
+
+ yield testSubmittingLoginForm("subtst_notifications_2pw_1un_1text.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(!notif, "checking for no notification popup");
+ }, "http://example.org");
+
+ checkOnlyLoginWasUsedTwice({ justChanged: false });
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username unchanged");
+ is(login.password, "notifyp1", "Check the password unchanged");
+ is(login.timesUsed, 2, "Check times used incremented");
+
+ Services.logins.removeAllLogins();
+});
+
+add_task(function* test_noShowPasswordOnDismissal() {
+ info("Check for no Show Password field when the doorhanger is dismissed");
+
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ info("Opening popup");
+ let notif = getCaptureDoorhanger("password-save");
+ let { panel } = PopupNotifications;
+
+ info("Hiding popup.");
+ let promiseHidden = BrowserTestUtils.waitForEvent(panel, "popuphidden");
+ panel.hidePopup();
+ yield promiseHidden;
+
+ info("Clicking on anchor to reshow popup.");
+ let promiseShown = BrowserTestUtils.waitForEvent(panel, "popupshown");
+ notif.anchorElement.click();
+ yield promiseShown;
+
+ let passwordVisiblityToggle = panel.querySelector("#password-notification-visibilityToggle");
+ is(passwordVisiblityToggle.hidden, true, "Check that the Show Password field is Hidden");
+ });
+});
+
+// TODO:
+// * existing login test, form has different password --> change password, no save prompt
diff --git a/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_httpsUpgrade.js b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_httpsUpgrade.js
new file mode 100644
index 000000000..9be0aa631
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_httpsUpgrade.js
@@ -0,0 +1,123 @@
+/*
+ * Test capture popup notifications with HTTPS upgrades
+ */
+
+let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+let login1 = new nsLoginInfo("http://example.com", "http://example.com", null,
+ "notifyu1", "notifyp1", "user", "pass");
+let login1HTTPS = new nsLoginInfo("https://example.com", "https://example.com", null,
+ "notifyu1", "notifyp1", "user", "pass");
+
+add_task(function* test_httpsUpgradeCaptureFields_noChange() {
+ info("Check that we don't prompt to remember when capturing an upgraded login with no change");
+ Services.logins.addLogin(login1);
+ // Sanity check the HTTP login exists.
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should have the HTTP login");
+
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(!notif, "checking for no notification popup");
+ }, "https://example.com"); // This is HTTPS whereas the saved login is HTTP
+
+ logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login still");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.hostname, "http://example.com", "Check the hostname is unchanged");
+ is(login.username, "notifyu1", "Check the username is unchanged");
+ is(login.password, "notifyp1", "Check the password is unchanged");
+ is(login.timesUsed, 2, "Check times used increased");
+
+ Services.logins.removeLogin(login1);
+});
+
+add_task(function* test_httpsUpgradeCaptureFields_changePW() {
+ info("Check that we prompt to change when capturing an upgraded login with a new PW");
+ Services.logins.addLogin(login1);
+ // Sanity check the HTTP login exists.
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should have the HTTP login");
+
+ yield testSubmittingLoginForm("subtst_notifications_8.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "pass2", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-change");
+ ok(notif, "checking for a change popup");
+
+ yield* checkDoorhangerUsernamePassword("notifyu1", "pass2");
+ clickDoorhangerButton(notif, CHANGE_BUTTON);
+
+ ok(!getCaptureDoorhanger("password-change"), "popup should be gone");
+ }, "https://example.com"); // This is HTTPS whereas the saved login is HTTP
+
+ checkOnlyLoginWasUsedTwice({ justChanged: true });
+ logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login still");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.hostname, "https://example.com", "Check the hostname is upgraded");
+ is(login.formSubmitURL, "https://example.com", "Check the formSubmitURL is upgraded");
+ is(login.username, "notifyu1", "Check the username is unchanged");
+ is(login.password, "pass2", "Check the password changed");
+ is(login.timesUsed, 2, "Check times used increased");
+
+ Services.logins.removeAllLogins();
+});
+
+add_task(function* test_httpsUpgradeCaptureFields_captureMatchingHTTP() {
+ info("Capture a new HTTP login which matches a stored HTTPS one.");
+ Services.logins.addLogin(login1HTTPS);
+
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(notif, "got notification popup");
+
+ is(Services.logins.getAllLogins().length, 1, "Should only have the HTTPS login");
+
+ yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1");
+ clickDoorhangerButton(notif, REMEMBER_BUTTON);
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 2, "Should have both HTTP and HTTPS logins");
+ for (let login of logins) {
+ login = login.QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username used on the new entry");
+ is(login.password, "notifyp1", "Check the password used on the new entry");
+ is(login.timesUsed, 1, "Check times used on entry");
+ }
+
+ info("Make sure Remember took effect and we don't prompt for an existing HTTP login");
+ yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) {
+ is(fieldValues.username, "notifyu1", "Checking submitted username");
+ is(fieldValues.password, "notifyp1", "Checking submitted password");
+ let notif = getCaptureDoorhanger("password-save");
+ ok(!notif, "checking for no notification popup");
+ });
+
+ logins = Services.logins.getAllLogins();
+ is(logins.length, 2, "Should have both HTTP and HTTPS still");
+
+ let httpsLogins = LoginHelper.searchLoginsWithObject({
+ hostname: "https://example.com",
+ });
+ is(httpsLogins.length, 1, "Check https logins count");
+ let httpsLogin = httpsLogins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ ok(httpsLogin.equals(login1HTTPS), "Check HTTPS login didn't change");
+ is(httpsLogin.timesUsed, 1, "Check times used");
+
+ let httpLogins = LoginHelper.searchLoginsWithObject({
+ hostname: "http://example.com",
+ });
+ is(httpLogins.length, 1, "Check http logins count");
+ let httpLogin = httpLogins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ ok(httpLogin.equals(login1), "Check HTTP login is as expected");
+ is(httpLogin.timesUsed, 2, "Check times used increased");
+
+ Services.logins.removeLogin(login1);
+ Services.logins.removeLogin(login1HTTPS);
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_window_open.js b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_window_open.js
new file mode 100644
index 000000000..1bcfec5eb
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_window_open.js
@@ -0,0 +1,144 @@
+/*
+ * Test capture popup notifications in content opened by window.open
+ */
+
+let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+let login1 = new nsLoginInfo("http://mochi.test:8888", "http://mochi.test:8888", null,
+ "notifyu1", "notifyp1", "user", "pass");
+let login2 = new nsLoginInfo("http://mochi.test:8888", "http://mochi.test:8888", null,
+ "notifyu2", "notifyp2", "user", "pass");
+
+
+function withTestTabUntilStorageChange(aPageFile, aTaskFn) {
+ function storageChangedObserved(subject, data) {
+ // Watch for actions triggered from a doorhanger (not cleanup tasks with removeLogin)
+ if (data == "removeLogin") {
+ return false;
+ }
+ return true;
+ }
+
+ let storageChangedPromised = TestUtils.topicObserved("passwordmgr-storage-changed",
+ storageChangedObserved);
+ return BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: "http://mochi.test:8888" + DIRECTORY_PATH + aPageFile,
+ }, function*(browser) {
+ ok(true, "loaded " + aPageFile);
+ info("running test case task");
+ yield* aTaskFn();
+ info("waiting for storage change");
+ yield storageChangedPromised;
+ });
+}
+
+add_task(function* setup() {
+ yield SimpleTest.promiseFocus(window);
+});
+
+add_task(function* test_saveChromeHiddenAutoClose() {
+ let notifShownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown");
+ // query arguments are: username, password, features, auto-close (delimited by '|')
+ let url = "subtst_notifications_11.html?notifyu1|notifyp1|" +
+ "menubar=no,toolbar=no,location=no|autoclose";
+ yield withTestTabUntilStorageChange(url, function*() {
+ info("waiting for popupshown");
+ yield notifShownPromise;
+ // the popup closes and the doorhanger should appear in the opener
+ let popup = getCaptureDoorhanger("password-save");
+ ok(popup, "got notification popup");
+ yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1");
+ // Sanity check, no logins should exist yet.
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 0, "Should not have any logins yet");
+
+ clickDoorhangerButton(popup, REMEMBER_BUTTON);
+ });
+ // Check result of clicking Remember
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.timesUsed, 1, "Check times used on new entry");
+ is(login.username, "notifyu1", "Check the username used on the new entry");
+ is(login.password, "notifyp1", "Check the password used on the new entry");
+});
+
+add_task(function* test_changeChromeHiddenAutoClose() {
+ let notifShownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown");
+ let url = "subtst_notifications_11.html?notifyu1|pass2|menubar=no,toolbar=no,location=no|autoclose";
+ yield withTestTabUntilStorageChange(url, function*() {
+ info("waiting for popupshown");
+ yield notifShownPromise;
+ let popup = getCaptureDoorhanger("password-change");
+ ok(popup, "got notification popup");
+ yield* checkDoorhangerUsernamePassword("notifyu1", "pass2");
+ clickDoorhangerButton(popup, CHANGE_BUTTON);
+ });
+
+ // Check to make sure we updated the password, timestamps and use count for
+ // the login being changed with this form.
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username");
+ is(login.password, "pass2", "Check password changed");
+ is(login.timesUsed, 2, "check .timesUsed incremented on change");
+ ok(login.timeCreated < login.timeLastUsed, "timeLastUsed bumped");
+ ok(login.timeLastUsed == login.timePasswordChanged, "timeUsed == timeChanged");
+
+ login1.password = "pass2";
+ Services.logins.removeLogin(login1);
+ login1.password = "notifyp1";
+});
+
+add_task(function* test_saveChromeVisibleSameWindow() {
+ // This test actually opens a new tab in the same window with default browser settings.
+ let url = "subtst_notifications_11.html?notifyu2|notifyp2||";
+ let notifShownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown");
+ yield withTestTabUntilStorageChange(url, function*() {
+ yield notifShownPromise;
+ let popup = getCaptureDoorhanger("password-save");
+ ok(popup, "got notification popup");
+ yield* checkDoorhangerUsernamePassword("notifyu2", "notifyp2");
+ clickDoorhangerButton(popup, REMEMBER_BUTTON);
+ yield BrowserTestUtils.removeTab(gBrowser.selectedTab);
+ });
+
+ // Check result of clicking Remember
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login now");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu2", "Check the username used on the new entry");
+ is(login.password, "notifyp2", "Check the password used on the new entry");
+ is(login.timesUsed, 1, "Check times used on new entry");
+});
+
+add_task(function* test_changeChromeVisibleSameWindow() {
+ let url = "subtst_notifications_11.html?notifyu2|pass2||";
+ let notifShownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown");
+ yield withTestTabUntilStorageChange(url, function*() {
+ yield notifShownPromise;
+ let popup = getCaptureDoorhanger("password-change");
+ ok(popup, "got notification popup");
+ yield* checkDoorhangerUsernamePassword("notifyu2", "pass2");
+ clickDoorhangerButton(popup, CHANGE_BUTTON);
+ yield BrowserTestUtils.removeTab(gBrowser.selectedTab);
+ });
+
+ // Check to make sure we updated the password, timestamps and use count for
+ // the login being changed with this form.
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should have 1 login");
+ let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu2", "Check the username");
+ is(login.password, "pass2", "Check password changed");
+ is(login.timesUsed, 2, "check .timesUsed incremented on change");
+ ok(login.timeCreated < login.timeLastUsed, "timeLastUsed bumped");
+ ok(login.timeLastUsed == login.timePasswordChanged, "timeUsed == timeChanged");
+
+ // cleanup
+ login2.password = "pass2";
+ Services.logins.removeLogin(login2);
+ login2.password = "notifyp2";
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_context_menu.js b/toolkit/components/passwordmgr/test/browser/browser_context_menu.js
new file mode 100644
index 000000000..6cfcaa7c2
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_context_menu.js
@@ -0,0 +1,432 @@
+/*
+ * Test the password manager context menu.
+ */
+
+/* eslint no-shadow:"off" */
+
+"use strict";
+
+// The hostname for the test URIs.
+const TEST_HOSTNAME = "https://example.com";
+const MULTIPLE_FORMS_PAGE_PATH = "/browser/toolkit/components/passwordmgr/test/browser/multiple_forms.html";
+
+const CONTEXT_MENU = document.getElementById("contentAreaContextMenu");
+const POPUP_HEADER = document.getElementById("fill-login");
+
+/**
+ * Initialize logins needed for the tests and disable autofill
+ * for login forms for easier testing of manual fill.
+ */
+add_task(function* test_initialize() {
+ Services.prefs.setBoolPref("signon.autofillForms", false);
+ registerCleanupFunction(() => {
+ Services.prefs.clearUserPref("signon.autofillForms");
+ Services.prefs.clearUserPref("signon.schemeUpgrades");
+ });
+ for (let login of loginList()) {
+ Services.logins.addLogin(login);
+ }
+});
+
+/**
+ * Check if the context menu is populated with the right
+ * menuitems for the target password input field.
+ */
+add_task(function* test_context_menu_populate_password_noSchemeUpgrades() {
+ Services.prefs.setBoolPref("signon.schemeUpgrades", false);
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + MULTIPLE_FORMS_PAGE_PATH,
+ }, function* (browser) {
+ yield openPasswordContextMenu(browser, "#test-password-1");
+
+ // Check the content of the password manager popup
+ let popupMenu = document.getElementById("fill-login-popup");
+ checkMenu(popupMenu, 2);
+
+ CONTEXT_MENU.hidePopup();
+ });
+});
+
+/**
+ * Check if the context menu is populated with the right
+ * menuitems for the target password input field.
+ */
+add_task(function* test_context_menu_populate_password_schemeUpgrades() {
+ Services.prefs.setBoolPref("signon.schemeUpgrades", true);
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + MULTIPLE_FORMS_PAGE_PATH,
+ }, function* (browser) {
+ yield openPasswordContextMenu(browser, "#test-password-1");
+
+ // Check the content of the password manager popup
+ let popupMenu = document.getElementById("fill-login-popup");
+ checkMenu(popupMenu, 3);
+
+ CONTEXT_MENU.hidePopup();
+ });
+});
+
+/**
+ * Check if the context menu is populated with the right menuitems
+ * for the target username field with a password field present.
+ */
+add_task(function* test_context_menu_populate_username_with_password_noSchemeUpgrades() {
+ Services.prefs.setBoolPref("signon.schemeUpgrades", false);
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + "/browser/toolkit/components/" +
+ "passwordmgr/test/browser/multiple_forms.html",
+ }, function* (browser) {
+ yield openPasswordContextMenu(browser, "#test-username-2");
+
+ // Check the content of the password manager popup
+ let popupMenu = document.getElementById("fill-login-popup");
+ checkMenu(popupMenu, 2);
+
+ CONTEXT_MENU.hidePopup();
+ });
+});
+/**
+ * Check if the context menu is populated with the right menuitems
+ * for the target username field with a password field present.
+ */
+add_task(function* test_context_menu_populate_username_with_password_schemeUpgrades() {
+ Services.prefs.setBoolPref("signon.schemeUpgrades", true);
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + "/browser/toolkit/components/" +
+ "passwordmgr/test/browser/multiple_forms.html",
+ }, function* (browser) {
+ yield openPasswordContextMenu(browser, "#test-username-2");
+
+ // Check the content of the password manager popup
+ let popupMenu = document.getElementById("fill-login-popup");
+ checkMenu(popupMenu, 3);
+
+ CONTEXT_MENU.hidePopup();
+ });
+});
+
+/**
+ * Check if the password field is correctly filled when one
+ * login menuitem is clicked.
+ */
+add_task(function* test_context_menu_password_fill() {
+ Services.prefs.setBoolPref("signon.schemeUpgrades", true);
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + MULTIPLE_FORMS_PAGE_PATH,
+ }, function* (browser) {
+ let formDescriptions = yield ContentTask.spawn(browser, {}, function*() {
+ let forms = Array.from(content.document.getElementsByClassName("test-form"));
+ return forms.map((f) => f.getAttribute("description"));
+ });
+
+ for (let description of formDescriptions) {
+ info("Testing form: " + description);
+
+ let passwordInputIds = yield ContentTask.spawn(browser, {description}, function*({description}) {
+ let formElement = content.document.querySelector(`[description="${description}"]`);
+ let passwords = Array.from(formElement.querySelectorAll("input[type='password']"));
+ return passwords.map((p) => p.id);
+ });
+
+ for (let inputId of passwordInputIds) {
+ info("Testing password field: " + inputId);
+
+ // Synthesize a right mouse click over the username input element.
+ yield openPasswordContextMenu(browser, "#" + inputId, function*() {
+ let inputDisabled = yield ContentTask
+ .spawn(browser, {inputId}, function*({inputId}) {
+ let input = content.document.getElementById(inputId);
+ return input.disabled || input.readOnly;
+ });
+
+ // If the password field is disabled or read-only, we want to see
+ // the disabled Fill Password popup header.
+ if (inputDisabled) {
+ Assert.ok(!POPUP_HEADER.hidden, "Popup menu is not hidden.");
+ Assert.ok(POPUP_HEADER.disabled, "Popup menu is disabled.");
+ CONTEXT_MENU.hidePopup();
+ }
+
+ return !inputDisabled;
+ });
+
+ if (CONTEXT_MENU.state != "open") {
+ continue;
+ }
+
+ // The only field affected by the password fill
+ // should be the target password field itself.
+ yield assertContextMenuFill(browser, description, null, inputId, 1);
+ yield ContentTask.spawn(browser, {inputId}, function*({inputId}) {
+ let passwordField = content.document.getElementById(inputId);
+ Assert.equal(passwordField.value, "password1", "Check upgraded login was actually used");
+ });
+
+ CONTEXT_MENU.hidePopup();
+ }
+ }
+ });
+});
+
+/**
+ * Check if the form is correctly filled when one
+ * username context menu login menuitem is clicked.
+ */
+add_task(function* test_context_menu_username_login_fill() {
+ Services.prefs.setBoolPref("signon.schemeUpgrades", true);
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + MULTIPLE_FORMS_PAGE_PATH,
+ }, function* (browser) {
+
+ let formDescriptions = yield ContentTask.spawn(browser, {}, function*() {
+ let forms = Array.from(content.document.getElementsByClassName("test-form"));
+ return forms.map((f) => f.getAttribute("description"));
+ });
+
+ for (let description of formDescriptions) {
+ info("Testing form: " + description);
+ let usernameInputIds = yield ContentTask
+ .spawn(browser, {description}, function*({description}) {
+ let formElement = content.document.querySelector(`[description="${description}"]`);
+ let inputs = Array.from(formElement.querySelectorAll("input[type='text']"));
+ return inputs.map((p) => p.id);
+ });
+
+ for (let inputId of usernameInputIds) {
+ info("Testing username field: " + inputId);
+
+ // Synthesize a right mouse click over the username input element.
+ yield openPasswordContextMenu(browser, "#" + inputId, function*() {
+ let headerHidden = POPUP_HEADER.hidden;
+ let headerDisabled = POPUP_HEADER.disabled;
+
+ let data = {description, inputId, headerHidden, headerDisabled};
+ let shouldContinue = yield ContentTask.spawn(browser, data, function*(data) {
+ let {description, inputId, headerHidden, headerDisabled} = data;
+ let formElement = content.document.querySelector(`[description="${description}"]`);
+ let usernameField = content.document.getElementById(inputId);
+ // We always want to check if the first password field is filled,
+ // since this is the current behavior from the _fillForm function.
+ let passwordField = formElement.querySelector("input[type='password']");
+
+ // If we don't want to see the actual popup menu,
+ // check if the popup is hidden or disabled.
+ if (!passwordField || usernameField.disabled || usernameField.readOnly ||
+ passwordField.disabled || passwordField.readOnly) {
+ if (!passwordField) {
+ Assert.ok(headerHidden, "Popup menu is hidden.");
+ } else {
+ Assert.ok(!headerHidden, "Popup menu is not hidden.");
+ Assert.ok(headerDisabled, "Popup menu is disabled.");
+ }
+ return false;
+ }
+ return true;
+ });
+
+ if (!shouldContinue) {
+ CONTEXT_MENU.hidePopup();
+ }
+
+ return shouldContinue;
+ });
+
+ if (CONTEXT_MENU.state != "open") {
+ continue;
+ }
+
+ let passwordFieldId = yield ContentTask
+ .spawn(browser, {description}, function*({description}) {
+ let formElement = content.document.querySelector(`[description="${description}"]`);
+ return formElement.querySelector("input[type='password']").id;
+ });
+
+ // We shouldn't change any field that's not the target username field or the first password field
+ yield assertContextMenuFill(browser, description, inputId, passwordFieldId, 1);
+
+ yield ContentTask.spawn(browser, {passwordFieldId}, function*({passwordFieldId}) {
+ let passwordField = content.document.getElementById(passwordFieldId);
+ if (!passwordField.hasAttribute("expectedFail")) {
+ Assert.equal(passwordField.value, "password1", "Check upgraded login was actually used");
+ }
+ });
+
+ CONTEXT_MENU.hidePopup();
+ }
+ }
+ });
+});
+
+/**
+ * Synthesize mouse clicks to open the password manager context menu popup
+ * for a target password input element.
+ *
+ * assertCallback should return true if we should continue or else false.
+ */
+function* openPasswordContextMenu(browser, passwordInput, assertCallback = null) {
+ // Synthesize a right mouse click over the password input element.
+ let contextMenuShownPromise = BrowserTestUtils.waitForEvent(CONTEXT_MENU, "popupshown");
+ let eventDetails = {type: "contextmenu", button: 2};
+ BrowserTestUtils.synthesizeMouseAtCenter(passwordInput, eventDetails, browser);
+ yield contextMenuShownPromise;
+
+ if (assertCallback) {
+ let shouldContinue = yield assertCallback();
+ if (!shouldContinue) {
+ return;
+ }
+ }
+
+ // Synthesize a mouse click over the fill login menu header.
+ let popupShownPromise = BrowserTestUtils.waitForEvent(POPUP_HEADER, "popupshown");
+ EventUtils.synthesizeMouseAtCenter(POPUP_HEADER, {});
+ yield popupShownPromise;
+}
+
+/**
+ * Verify that only the expected form fields are filled.
+ */
+function* assertContextMenuFill(browser, formId, usernameFieldId, passwordFieldId, loginIndex) {
+ let popupMenu = document.getElementById("fill-login-popup");
+ let unchangedSelector = `[description="${formId}"] input:not(#${passwordFieldId})`;
+
+ if (usernameFieldId) {
+ unchangedSelector += `:not(#${usernameFieldId})`;
+ }
+
+ yield ContentTask.spawn(browser, {unchangedSelector}, function*({unchangedSelector}) {
+ let unchangedFields = content.document.querySelectorAll(unchangedSelector);
+
+ // Store the value of fields that should remain unchanged.
+ if (unchangedFields.length) {
+ for (let field of unchangedFields) {
+ field.setAttribute("original-value", field.value);
+ }
+ }
+ });
+
+ // Execute the default command of the specified login menuitem found in the context menu.
+ let loginItem = popupMenu.getElementsByClassName("context-login-item")[loginIndex];
+
+ // Find the used login by it's username (Use only unique usernames in this test).
+ let {username, password} = getLoginFromUsername(loginItem.label);
+
+ let data = {username, password, usernameFieldId, passwordFieldId, formId, unchangedSelector};
+ let continuePromise = ContentTask.spawn(browser, data, function*(data) {
+ let {username, password, usernameFieldId, passwordFieldId, formId, unchangedSelector} = data;
+ let form = content.document.querySelector(`[description="${formId}"]`);
+ yield ContentTaskUtils.waitForEvent(form, "input", "Username input value changed");
+
+ if (usernameFieldId) {
+ let usernameField = content.document.getElementById(usernameFieldId);
+
+ // If we have an username field, check if it's correctly filled
+ if (usernameField.getAttribute("expectedFail") == null) {
+ Assert.equal(username, usernameField.value, "Username filled and correct.");
+ }
+ }
+
+ if (passwordFieldId) {
+ let passwordField = content.document.getElementById(passwordFieldId);
+
+ // If we have a password field, check if it's correctly filled
+ if (passwordField && passwordField.getAttribute("expectedFail") == null) {
+ Assert.equal(password, passwordField.value, "Password filled and correct.");
+ }
+ }
+
+ let unchangedFields = content.document.querySelectorAll(unchangedSelector);
+
+ // Check that all fields that should not change have the same value as before.
+ if (unchangedFields.length) {
+ Assert.ok(() => {
+ for (let field of unchangedFields) {
+ if (field.value != field.getAttribute("original-value")) {
+ return false;
+ }
+ }
+ return true;
+ }, "Other fields were not changed.");
+ }
+ });
+
+ loginItem.doCommand();
+
+ return continuePromise;
+}
+
+/**
+ * Check if every login that matches the page hostname are available at the context menu.
+ * @param {Element} contextMenu
+ * @param {Number} expectedCount - Number of logins expected in the context menu. Used to ensure
+* we continue testing something useful.
+ */
+function checkMenu(contextMenu, expectedCount) {
+ let logins = loginList().filter(login => {
+ return LoginHelper.isOriginMatching(login.hostname, TEST_HOSTNAME, {
+ schemeUpgrades: Services.prefs.getBoolPref("signon.schemeUpgrades"),
+ });
+ });
+ // Make an array of menuitems for easier comparison.
+ let menuitems = [...CONTEXT_MENU.getElementsByClassName("context-login-item")];
+ Assert.equal(menuitems.length, expectedCount, "Expected number of menu items");
+ Assert.ok(logins.every(l => menuitems.some(m => l.username == m.label)), "Every login have an item at the menu.");
+}
+
+/**
+ * Search for a login by it's username.
+ *
+ * Only unique login/hostname combinations should be used at this test.
+ */
+function getLoginFromUsername(username) {
+ return loginList().find(login => login.username == username);
+}
+
+/**
+ * List of logins used for the test.
+ *
+ * We should only use unique usernames in this test,
+ * because we need to search logins by username. There is one duplicate u+p combo
+ * in order to test de-duping in the menu.
+ */
+function loginList() {
+ return [
+ LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: "username",
+ password: "password",
+ }),
+ // Same as above but HTTP in order to test de-duping.
+ LoginTestUtils.testData.formLogin({
+ hostname: "http://example.com",
+ formSubmitURL: "http://example.com",
+ username: "username",
+ password: "password",
+ }),
+ LoginTestUtils.testData.formLogin({
+ hostname: "http://example.com",
+ formSubmitURL: "http://example.com",
+ username: "username1",
+ password: "password1",
+ }),
+ LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: "username2",
+ password: "password2",
+ }),
+ LoginTestUtils.testData.formLogin({
+ hostname: "http://example.org",
+ formSubmitURL: "http://example.org",
+ username: "username-cross-origin",
+ password: "password-cross-origin",
+ }),
+ ];
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_context_menu_autocomplete_interaction.js b/toolkit/components/passwordmgr/test/browser/browser_context_menu_autocomplete_interaction.js
new file mode 100644
index 000000000..1b37e3f79
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_context_menu_autocomplete_interaction.js
@@ -0,0 +1,99 @@
+/*
+ * Test the password manager context menu interaction with autocomplete.
+ */
+
+"use strict";
+
+const TEST_HOSTNAME = "https://example.com";
+const BASIC_FORM_PAGE_PATH = DIRECTORY_PATH + "form_basic.html";
+
+var gUnexpectedIsTODO = false;
+
+/**
+ * Initialize logins needed for the tests and disable autofill
+ * for login forms for easier testing of manual fill.
+ */
+add_task(function* test_initialize() {
+ let autocompletePopup = document.getElementById("PopupAutoComplete");
+ Services.prefs.setBoolPref("signon.autofillForms", false);
+ registerCleanupFunction(() => {
+ Services.prefs.clearUserPref("signon.autofillForms");
+ autocompletePopup.removeEventListener("popupshowing", autocompleteUnexpectedPopupShowing);
+ });
+ for (let login of loginList()) {
+ Services.logins.addLogin(login);
+ }
+ autocompletePopup.addEventListener("popupshowing", autocompleteUnexpectedPopupShowing);
+});
+
+add_task(function* test_context_menu_username() {
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + BASIC_FORM_PAGE_PATH,
+ }, function* (browser) {
+ yield openContextMenu(browser, "#form-basic-username");
+
+ let contextMenu = document.getElementById("contentAreaContextMenu");
+ Assert.equal(contextMenu.state, "open", "Context menu opened");
+ contextMenu.hidePopup();
+ });
+});
+
+add_task(function* test_context_menu_password() {
+ gUnexpectedIsTODO = true;
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + BASIC_FORM_PAGE_PATH,
+ }, function* (browser) {
+ yield openContextMenu(browser, "#form-basic-password");
+
+ let contextMenu = document.getElementById("contentAreaContextMenu");
+ Assert.equal(contextMenu.state, "open", "Context menu opened");
+ contextMenu.hidePopup();
+ });
+});
+
+function autocompleteUnexpectedPopupShowing(event) {
+ if (gUnexpectedIsTODO) {
+ todo(false, "Autocomplete shouldn't appear");
+ } else {
+ Assert.ok(false, "Autocomplete shouldn't appear");
+ }
+ event.target.hidePopup();
+}
+
+/**
+ * Synthesize mouse clicks to open the context menu popup
+ * for a target login input element.
+ */
+function* openContextMenu(browser, loginInput) {
+ // First synthesize a mousedown. We need this to get the focus event with the "contextmenu" event.
+ let eventDetails1 = {type: "mousedown", button: 2};
+ BrowserTestUtils.synthesizeMouseAtCenter(loginInput, eventDetails1, browser);
+
+ // Then synthesize the contextmenu click over the input element.
+ let contextMenuShownPromise = BrowserTestUtils.waitForEvent(window, "popupshown");
+ let eventDetails = {type: "contextmenu", button: 2};
+ BrowserTestUtils.synthesizeMouseAtCenter(loginInput, eventDetails, browser);
+ yield contextMenuShownPromise;
+
+ // Wait to see which popups are shown.
+ yield new Promise(resolve => setTimeout(resolve, 1000));
+}
+
+function loginList() {
+ return [
+ LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: "username",
+ password: "password",
+ }),
+ LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: "username2",
+ password: "password2",
+ }),
+ ];
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_context_menu_iframe.js b/toolkit/components/passwordmgr/test/browser/browser_context_menu_iframe.js
new file mode 100644
index 000000000..c5219789d
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_context_menu_iframe.js
@@ -0,0 +1,144 @@
+/*
+ * Test the password manager context menu.
+ */
+
+"use strict";
+
+const TEST_HOSTNAME = "https://example.com";
+
+// Test with a page that only has a form within an iframe, not in the top-level document
+const IFRAME_PAGE_PATH = "/browser/toolkit/components/passwordmgr/test/browser/form_basic_iframe.html";
+
+/**
+ * Initialize logins needed for the tests and disable autofill
+ * for login forms for easier testing of manual fill.
+ */
+add_task(function* test_initialize() {
+ Services.prefs.setBoolPref("signon.autofillForms", false);
+ registerCleanupFunction(() => {
+ Services.prefs.clearUserPref("signon.autofillForms");
+ Services.prefs.clearUserPref("signon.schemeUpgrades");
+ });
+ for (let login of loginList()) {
+ Services.logins.addLogin(login);
+ }
+});
+
+/**
+ * Check if the password field is correctly filled when it's in an iframe.
+ */
+add_task(function* test_context_menu_iframe_fill() {
+ Services.prefs.setBoolPref("signon.schemeUpgrades", true);
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: TEST_HOSTNAME + IFRAME_PAGE_PATH
+ }, function* (browser) {
+ function getPasswordInput() {
+ let frame = content.document.getElementById("test-iframe");
+ return frame.contentDocument.getElementById("form-basic-password");
+ }
+
+ let contextMenuShownPromise = BrowserTestUtils.waitForEvent(window, "popupshown");
+ let eventDetails = {type: "contextmenu", button: 2};
+
+ // To click at the right point we have to take into account the iframe offset.
+ // Synthesize a right mouse click over the password input element.
+ BrowserTestUtils.synthesizeMouseAtCenter(getPasswordInput, eventDetails, browser);
+ yield contextMenuShownPromise;
+
+ // Synthesize a mouse click over the fill login menu header.
+ let popupHeader = document.getElementById("fill-login");
+ let popupShownPromise = BrowserTestUtils.waitForEvent(popupHeader, "popupshown");
+ EventUtils.synthesizeMouseAtCenter(popupHeader, {});
+ yield popupShownPromise;
+
+ let popupMenu = document.getElementById("fill-login-popup");
+
+ // Stores the original value of username
+ function promiseFrameInputValue(name) {
+ return ContentTask.spawn(browser, name, function(inputname) {
+ let iframe = content.document.getElementById("test-iframe");
+ let input = iframe.contentDocument.getElementById(inputname);
+ return input.value;
+ });
+ }
+ let usernameOriginalValue = yield promiseFrameInputValue("form-basic-username");
+
+ // Execute the command of the first login menuitem found at the context menu.
+ let passwordChangedPromise = ContentTask.spawn(browser, null, function* () {
+ let frame = content.document.getElementById("test-iframe");
+ let passwordInput = frame.contentDocument.getElementById("form-basic-password");
+ yield ContentTaskUtils.waitForEvent(passwordInput, "input");
+ });
+
+ let firstLoginItem = popupMenu.getElementsByClassName("context-login-item")[0];
+ firstLoginItem.doCommand();
+
+ yield passwordChangedPromise;
+
+ // Find the used login by it's username.
+ let login = getLoginFromUsername(firstLoginItem.label);
+ let passwordValue = yield promiseFrameInputValue("form-basic-password");
+ is(login.password, passwordValue, "Password filled and correct.");
+
+ let usernameNewValue = yield promiseFrameInputValue("form-basic-username");
+ is(usernameOriginalValue,
+ usernameNewValue,
+ "Username value was not changed.");
+
+ let contextMenu = document.getElementById("contentAreaContextMenu");
+ contextMenu.hidePopup();
+ });
+});
+
+/**
+ * Search for a login by it's username.
+ *
+ * Only unique login/hostname combinations should be used at this test.
+ */
+function getLoginFromUsername(username) {
+ return loginList().find(login => login.username == username);
+}
+
+/**
+ * List of logins used for the test.
+ *
+ * We should only use unique usernames in this test,
+ * because we need to search logins by username. There is one duplicate u+p combo
+ * in order to test de-duping in the menu.
+ */
+function loginList() {
+ return [
+ LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: "username",
+ password: "password",
+ }),
+ // Same as above but HTTP in order to test de-duping.
+ LoginTestUtils.testData.formLogin({
+ hostname: "http://example.com",
+ formSubmitURL: "http://example.com",
+ username: "username",
+ password: "password",
+ }),
+ LoginTestUtils.testData.formLogin({
+ hostname: "http://example.com",
+ formSubmitURL: "http://example.com",
+ username: "username1",
+ password: "password1",
+ }),
+ LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: "username2",
+ password: "password2",
+ }),
+ LoginTestUtils.testData.formLogin({
+ hostname: "http://example.org",
+ formSubmitURL: "http://example.org",
+ username: "username-cross-origin",
+ password: "password-cross-origin",
+ }),
+ ];
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_exceptions_dialog.js b/toolkit/components/passwordmgr/test/browser/browser_exceptions_dialog.js
new file mode 100644
index 000000000..09fbe0eea
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_exceptions_dialog.js
@@ -0,0 +1,56 @@
+
+"use strict";
+
+const LOGIN_HOST = "http://example.com";
+
+function openExceptionsDialog() {
+ return window.openDialog(
+ "chrome://browser/content/preferences/permissions.xul",
+ "Toolkit:PasswordManagerExceptions", "",
+ {
+ blockVisible: true,
+ sessionVisible: false,
+ allowVisible: false,
+ hideStatusColumn: true,
+ prefilledHost: "",
+ permissionType: "login-saving"
+ }
+ );
+}
+
+function countDisabledHosts(dialog) {
+ let doc = dialog.document;
+ let rejectsTree = doc.getElementById("permissionsTree");
+
+ return rejectsTree.view.rowCount;
+}
+
+function promiseStorageChanged(expectedData) {
+ function observer(subject, data) {
+ return data == expectedData && subject.QueryInterface(Ci.nsISupportsString).data == LOGIN_HOST;
+ }
+
+ return TestUtils.topicObserved("passwordmgr-storage-changed", observer);
+}
+
+add_task(function* test_disable() {
+ let dialog = openExceptionsDialog();
+ let promiseChanged = promiseStorageChanged("hostSavingDisabled");
+
+ yield BrowserTestUtils.waitForEvent(dialog, "load");
+ Services.logins.setLoginSavingEnabled(LOGIN_HOST, false);
+ yield promiseChanged;
+ is(countDisabledHosts(dialog), 1, "Verify disabled host added");
+ yield BrowserTestUtils.closeWindow(dialog);
+});
+
+add_task(function* test_enable() {
+ let dialog = openExceptionsDialog();
+ let promiseChanged = promiseStorageChanged("hostSavingEnabled");
+
+ yield BrowserTestUtils.waitForEvent(dialog, "load");
+ Services.logins.setLoginSavingEnabled(LOGIN_HOST, true);
+ yield promiseChanged;
+ is(countDisabledHosts(dialog), 0, "Verify disabled host removed");
+ yield BrowserTestUtils.closeWindow(dialog);
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_formless_submit_chrome.js b/toolkit/components/passwordmgr/test/browser/browser_formless_submit_chrome.js
new file mode 100644
index 000000000..c6d9ce50a
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_formless_submit_chrome.js
@@ -0,0 +1,126 @@
+/*
+ * Test that browser chrome UI interactions don't trigger a capture doorhanger.
+ */
+
+"use strict";
+
+function* fillTestPage(aBrowser) {
+ yield ContentTask.spawn(aBrowser, null, function*() {
+ content.document.getElementById("form-basic-username").value = "my_username";
+ content.document.getElementById("form-basic-password").value = "my_password";
+ });
+ info("fields filled");
+}
+
+function* withTestPage(aTaskFn) {
+ return BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: "https://example.com" + DIRECTORY_PATH + "formless_basic.html",
+ }, function*(aBrowser) {
+ info("tab opened");
+ yield fillTestPage(aBrowser);
+ yield* aTaskFn(aBrowser);
+
+ // Give a chance for the doorhanger to appear
+ yield new Promise(resolve => SimpleTest.executeSoon(resolve));
+ ok(!getCaptureDoorhanger("any"), "No doorhanger should be present");
+ });
+}
+
+add_task(function* setup() {
+ yield SimpleTest.promiseFocus(window);
+});
+
+add_task(function* test_urlbar_new_URL() {
+ yield withTestPage(function*(aBrowser) {
+ gURLBar.value = "";
+ let focusPromise = BrowserTestUtils.waitForEvent(gURLBar, "focus");
+ gURLBar.focus();
+ yield focusPromise;
+ info("focused");
+ EventUtils.sendString("http://mochi.test:8888/");
+ EventUtils.synthesizeKey("VK_RETURN", {});
+ yield BrowserTestUtils.browserLoaded(aBrowser, false, "http://mochi.test:8888/");
+ });
+});
+
+add_task(function* test_urlbar_fragment_enter() {
+ yield withTestPage(function*(aBrowser) {
+ gURLBar.focus();
+ EventUtils.synthesizeKey("VK_RIGHT", {});
+ EventUtils.sendString("#fragment");
+ EventUtils.synthesizeKey("VK_RETURN", {});
+ });
+});
+
+add_task(function* test_backButton_forwardButton() {
+ yield withTestPage(function*(aBrowser) {
+ // Load a new page in the tab so we can test going back
+ aBrowser.loadURI("https://example.com" + DIRECTORY_PATH + "formless_basic.html?second");
+ yield BrowserTestUtils.browserLoaded(aBrowser, false,
+ "https://example.com" + DIRECTORY_PATH +
+ "formless_basic.html?second");
+ yield fillTestPage(aBrowser);
+
+ let forwardButton = document.getElementById("forward-button");
+ // We need to wait for the forward button transition to complete before we
+ // can click it, so we hook up a listener to wait for it to be ready.
+ let forwardTransitionPromise = BrowserTestUtils.waitForEvent(forwardButton, "transitionend");
+
+ let backPromise = BrowserTestUtils.browserStopped(aBrowser);
+ EventUtils.synthesizeMouseAtCenter(document.getElementById("back-button"), {});
+ yield backPromise;
+
+ // Give a chance for the doorhanger to appear
+ yield new Promise(resolve => SimpleTest.executeSoon(resolve));
+ ok(!getCaptureDoorhanger("any"), "No doorhanger should be present");
+
+ // Now go forward again after filling
+ yield fillTestPage(aBrowser);
+
+ yield forwardTransitionPromise;
+ info("transition done");
+ yield BrowserTestUtils.waitForCondition(() => {
+ return forwardButton.disabled == false;
+ });
+ let forwardPromise = BrowserTestUtils.browserStopped(aBrowser);
+ info("click the forward button");
+ EventUtils.synthesizeMouseAtCenter(forwardButton, {});
+ yield forwardPromise;
+ });
+});
+
+
+add_task(function* test_reloadButton() {
+ yield withTestPage(function*(aBrowser) {
+ let reloadButton = document.getElementById("urlbar-reload-button");
+ let loadPromise = BrowserTestUtils.browserLoaded(aBrowser, false,
+ "https://example.com" + DIRECTORY_PATH +
+ "formless_basic.html");
+
+ yield BrowserTestUtils.waitForCondition(() => {
+ return reloadButton.disabled == false;
+ });
+ EventUtils.synthesizeMouseAtCenter(reloadButton, {});
+ yield loadPromise;
+ });
+});
+
+add_task(function* test_back_keyboard_shortcut() {
+ if (Services.prefs.getIntPref("browser.backspace_action") != 0) {
+ ok(true, "Skipped testing backspace to go back since it's disabled");
+ return;
+ }
+ yield withTestPage(function*(aBrowser) {
+ // Load a new page in the tab so we can test going back
+ aBrowser.loadURI("https://example.com" + DIRECTORY_PATH + "formless_basic.html?second");
+ yield BrowserTestUtils.browserLoaded(aBrowser, false,
+ "https://example.com" + DIRECTORY_PATH +
+ "formless_basic.html?second");
+ yield fillTestPage(aBrowser);
+
+ let backPromise = BrowserTestUtils.browserStopped(aBrowser);
+ EventUtils.synthesizeKey("VK_BACK_SPACE", {});
+ yield backPromise;
+ });
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms.js b/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms.js
new file mode 100644
index 000000000..039312b7d
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms.js
@@ -0,0 +1,93 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+Cu.import("resource://gre/modules/LoginManagerParent.jsm", this);
+
+const testUrlPath =
+ "://example.com/browser/toolkit/components/passwordmgr/test/browser/";
+
+/**
+ * Waits for the given number of occurrences of InsecureLoginFormsStateChange
+ * on the given browser element.
+ */
+function waitForInsecureLoginFormsStateChange(browser, count) {
+ return BrowserTestUtils.waitForEvent(browser, "InsecureLoginFormsStateChange",
+ false, () => --count == 0);
+}
+
+/**
+ * Checks that hasInsecureLoginForms is true for a simple HTTP page and false
+ * for a simple HTTPS page.
+ */
+add_task(function* test_simple() {
+ for (let scheme of ["http", "https"]) {
+ let tab = gBrowser.addTab(scheme + testUrlPath + "form_basic.html");
+ let browser = tab.linkedBrowser;
+ yield Promise.all([
+ BrowserTestUtils.switchTab(gBrowser, tab),
+ BrowserTestUtils.browserLoaded(browser),
+ // One event is triggered by pageshow and one by DOMFormHasPassword.
+ waitForInsecureLoginFormsStateChange(browser, 2),
+ ]);
+
+ Assert.equal(LoginManagerParent.hasInsecureLoginForms(browser),
+ scheme == "http");
+
+ gBrowser.removeTab(tab);
+ }
+});
+
+/**
+ * Checks that hasInsecureLoginForms is true if a password field is present in
+ * an HTTP page loaded as a subframe of a top-level HTTPS page, when mixed
+ * active content blocking is disabled.
+ *
+ * When the subframe is navigated to an HTTPS page, hasInsecureLoginForms should
+ * be set to false.
+ *
+ * Moving back in history should set hasInsecureLoginForms to true again.
+ */
+add_task(function* test_subframe_navigation() {
+ yield new Promise(resolve => SpecialPowers.pushPrefEnv({
+ "set": [["security.mixed_content.block_active_content", false]],
+ }, resolve));
+
+ // Load the page with the subframe in a new tab.
+ let tab = gBrowser.addTab("https" + testUrlPath + "insecure_test.html");
+ let browser = tab.linkedBrowser;
+ yield Promise.all([
+ BrowserTestUtils.switchTab(gBrowser, tab),
+ BrowserTestUtils.browserLoaded(browser),
+ // Two events are triggered by pageshow and one by DOMFormHasPassword.
+ waitForInsecureLoginFormsStateChange(browser, 3),
+ ]);
+
+ Assert.ok(LoginManagerParent.hasInsecureLoginForms(browser));
+
+ // Navigate the subframe to a secure page.
+ let promiseSubframeReady = Promise.all([
+ BrowserTestUtils.browserLoaded(browser, true),
+ // One event is triggered by pageshow and one by DOMFormHasPassword.
+ waitForInsecureLoginFormsStateChange(browser, 2),
+ ]);
+ yield ContentTask.spawn(browser, null, function* () {
+ content.document.getElementById("test-iframe")
+ .contentDocument.getElementById("test-link").click();
+ });
+ yield promiseSubframeReady;
+
+ Assert.ok(!LoginManagerParent.hasInsecureLoginForms(browser));
+
+ // Navigate back to the insecure page. We only have to wait for the
+ // InsecureLoginFormsStateChange event that is triggered by pageshow.
+ let promise = waitForInsecureLoginFormsStateChange(browser, 1);
+ yield ContentTask.spawn(browser, null, function* () {
+ content.document.getElementById("test-iframe")
+ .contentWindow.history.back();
+ });
+ yield promise;
+
+ Assert.ok(LoginManagerParent.hasInsecureLoginForms(browser));
+
+ gBrowser.removeTab(tab);
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms_streamConverter.js b/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms_streamConverter.js
new file mode 100644
index 000000000..2dbffb9cc
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms_streamConverter.js
@@ -0,0 +1,102 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+Cu.import("resource://gre/modules/LoginManagerParent.jsm", this);
+
+function* registerConverter() {
+ Cu.import("resource://gre/modules/Services.jsm", this);
+ Cu.import("resource://gre/modules/NetUtil.jsm", this);
+
+ /**
+ * Converts the "test/content" MIME type, served by the test over HTTP, to an
+ * HTML viewer page containing the "form_basic.html" code. The viewer is
+ * served from a "resource:" URI while keeping the "resource:" principal.
+ */
+ function TestStreamConverter() {}
+
+ TestStreamConverter.prototype = {
+ classID: Components.ID("{5f01d6ef-c090-45a4-b3e5-940d64713eb7}"),
+ contractID: "@mozilla.org/streamconv;1?from=test/content&to=*/*",
+ QueryInterface: XPCOMUtils.generateQI([
+ Ci.nsIRequestObserver,
+ Ci.nsIStreamListener,
+ Ci.nsIStreamConverter,
+ ]),
+
+ // nsIStreamConverter
+ convert() {},
+
+ // nsIStreamConverter
+ asyncConvertData(aFromType, aToType, aListener, aCtxt) {
+ this.listener = aListener;
+ },
+
+ // nsIRequestObserver
+ onStartRequest(aRequest, aContext) {
+ let channel = NetUtil.newChannel({
+ uri: "resource://testing-common/form_basic.html",
+ loadUsingSystemPrincipal: true,
+ });
+ channel.originalURI = aRequest.QueryInterface(Ci.nsIChannel).URI;
+ channel.loadGroup = aRequest.loadGroup;
+ channel.owner = Services.scriptSecurityManager
+ .createCodebasePrincipal(channel.URI, {});
+ // In this test, we pass the new channel to the listener but don't fire a
+ // redirect notification, even if it would be required. This keeps the
+ // test code simpler and doesn't impact the principal check we're testing.
+ channel.asyncOpen2(this.listener);
+ },
+
+ // nsIRequestObserver
+ onStopRequest() {},
+
+ // nsIStreamListener
+ onDataAvailable() {},
+ };
+
+ let factory = XPCOMUtils._getFactory(TestStreamConverter);
+ let registrar = Components.manager.QueryInterface(Ci.nsIComponentRegistrar);
+ registrar.registerFactory(TestStreamConverter.prototype.classID, "",
+ TestStreamConverter.prototype.contractID, factory);
+ this.cleanupFunction = function () {
+ registrar.unregisterFactory(TestStreamConverter.prototype.classID, factory);
+ };
+}
+
+/**
+ * Waits for the given number of occurrences of InsecureLoginFormsStateChange
+ * on the given browser element.
+ */
+function waitForInsecureLoginFormsStateChange(browser, count) {
+ return BrowserTestUtils.waitForEvent(browser, "InsecureLoginFormsStateChange",
+ false, () => --count == 0);
+}
+
+/**
+ * Checks that hasInsecureLoginForms is false for a viewer served internally
+ * using a "resource:" URI.
+ */
+add_task(function* test_streamConverter() {
+ let originalBrowser = gBrowser.selectedTab.linkedBrowser;
+
+ yield ContentTask.spawn(originalBrowser, null, registerConverter);
+
+ let tab = gBrowser.addTab("http://example.com/browser/toolkit/components/" +
+ "passwordmgr/test/browser/streamConverter_content.sjs",
+ { relatedBrowser: originalBrowser.linkedBrowser });
+ let browser = tab.linkedBrowser;
+ yield Promise.all([
+ BrowserTestUtils.switchTab(gBrowser, tab),
+ BrowserTestUtils.browserLoaded(browser),
+ // One event is triggered by pageshow and one by DOMFormHasPassword.
+ waitForInsecureLoginFormsStateChange(browser, 2),
+ ]);
+
+ Assert.ok(!LoginManagerParent.hasInsecureLoginForms(browser));
+
+ yield BrowserTestUtils.removeTab(tab);
+
+ yield ContentTask.spawn(originalBrowser, null, function* () {
+ this.cleanupFunction();
+ });
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_http_autofill.js b/toolkit/components/passwordmgr/test/browser/browser_http_autofill.js
new file mode 100644
index 000000000..beb928a34
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_http_autofill.js
@@ -0,0 +1,78 @@
+const TEST_URL_PATH = "://example.org/browser/toolkit/components/passwordmgr/test/browser/";
+
+add_task(function* setup() {
+ let login = LoginTestUtils.testData.formLogin({
+ hostname: "http://example.org",
+ formSubmitURL: "http://example.org",
+ username: "username",
+ password: "password",
+ });
+ Services.logins.addLogin(login);
+ login = LoginTestUtils.testData.formLogin({
+ hostname: "http://example.org",
+ formSubmitURL: "http://another.domain",
+ username: "username",
+ password: "password",
+ });
+ Services.logins.addLogin(login);
+ yield SpecialPowers.pushPrefEnv({ "set": [["signon.autofillForms.http", false]] });
+});
+
+add_task(function* test_http_autofill() {
+ for (let scheme of ["http", "https"]) {
+ let tab = yield BrowserTestUtils
+ .openNewForegroundTab(gBrowser, `${scheme}${TEST_URL_PATH}form_basic.html`);
+
+ let [username, password] = yield ContentTask.spawn(gBrowser.selectedBrowser, null, function* () {
+ let doc = content.document;
+ let contentUsername = doc.getElementById("form-basic-username").value;
+ let contentPassword = doc.getElementById("form-basic-password").value;
+ return [contentUsername, contentPassword];
+ });
+
+ is(username, scheme == "http" ? "" : "username", "Username filled correctly");
+ is(password, scheme == "http" ? "" : "password", "Password filled correctly");
+
+ gBrowser.removeTab(tab);
+ }
+});
+
+add_task(function* test_iframe_in_http_autofill() {
+ for (let scheme of ["http", "https"]) {
+ let tab = yield BrowserTestUtils
+ .openNewForegroundTab(gBrowser, `${scheme}${TEST_URL_PATH}form_basic_iframe.html`);
+
+ let [username, password] = yield ContentTask.spawn(gBrowser.selectedBrowser, null, function* () {
+ let doc = content.document;
+ let iframe = doc.getElementById("test-iframe");
+ let contentUsername = iframe.contentWindow.document.getElementById("form-basic-username").value;
+ let contentPassword = iframe.contentWindow.document.getElementById("form-basic-password").value;
+ return [contentUsername, contentPassword];
+ });
+
+ is(username, scheme == "http" ? "" : "username", "Username filled correctly");
+ is(password, scheme == "http" ? "" : "password", "Password filled correctly");
+
+ gBrowser.removeTab(tab);
+ }
+});
+
+add_task(function* test_http_action_autofill() {
+ for (let type of ["insecure", "secure"]) {
+ let tab = yield BrowserTestUtils
+ .openNewForegroundTab(gBrowser, `https${TEST_URL_PATH}form_cross_origin_${type}_action.html`);
+
+ let [username, password] = yield ContentTask.spawn(gBrowser.selectedBrowser, null, function* () {
+ let doc = content.document;
+ let contentUsername = doc.getElementById("form-basic-username").value;
+ let contentPassword = doc.getElementById("form-basic-password").value;
+ return [contentUsername, contentPassword];
+ });
+
+ is(username, type == "insecure" ? "" : "username", "Username filled correctly");
+ is(password, type == "insecure" ? "" : "password", "Password filled correctly");
+
+ gBrowser.removeTab(tab);
+ }
+});
+
diff --git a/toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js b/toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js
new file mode 100644
index 000000000..f16ae1b98
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js
@@ -0,0 +1,94 @@
+"use strict";
+
+const WARNING_PATTERN = [{
+ key: "INSECURE_FORM_ACTION",
+ msg: 'JavaScript Warning: "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen."'
+}, {
+ key: "INSECURE_PAGE",
+ msg: 'JavaScript Warning: "Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen."'
+}];
+
+add_task(function* testInsecurePasswordWarning() {
+ let warningPatternHandler;
+
+ function messageHandler(msgObj) {
+ function findWarningPattern(msg) {
+ return WARNING_PATTERN.find(patternPair => {
+ return msg.indexOf(patternPair.msg) !== -1;
+ });
+ }
+
+ let warning = findWarningPattern(msgObj.message);
+
+ // Only handle the insecure password related warning messages.
+ if (warning) {
+ // Prevent any unexpected or redundant matched warning message coming after
+ // the test case is ended.
+ ok(warningPatternHandler, "Invoke a valid warning message handler");
+ warningPatternHandler(warning, msgObj.message);
+ }
+ }
+ Services.console.registerListener(messageHandler);
+ registerCleanupFunction(function() {
+ Services.console.unregisterListener(messageHandler);
+ });
+
+ for (let [origin, testFile, expectWarnings] of [
+ ["http://127.0.0.1", "form_basic.html", []],
+ ["http://127.0.0.1", "formless_basic.html", []],
+ ["http://example.com", "form_basic.html", ["INSECURE_PAGE"]],
+ ["http://example.com", "formless_basic.html", ["INSECURE_PAGE"]],
+ ["https://example.com", "form_basic.html", []],
+ ["https://example.com", "formless_basic.html", []],
+
+ // For a form with customized action link in the same origin.
+ ["http://127.0.0.1", "form_same_origin_action.html", []],
+ ["http://example.com", "form_same_origin_action.html", ["INSECURE_PAGE"]],
+ ["https://example.com", "form_same_origin_action.html", []],
+
+ // For a form with an insecure (http) customized action link.
+ ["http://127.0.0.1", "form_cross_origin_insecure_action.html", ["INSECURE_FORM_ACTION"]],
+ ["http://example.com", "form_cross_origin_insecure_action.html", ["INSECURE_PAGE"]],
+ ["https://example.com", "form_cross_origin_insecure_action.html", ["INSECURE_FORM_ACTION"]],
+
+ // For a form with a secure (https) customized action link.
+ ["http://127.0.0.1", "form_cross_origin_secure_action.html", []],
+ ["http://example.com", "form_cross_origin_secure_action.html", ["INSECURE_PAGE"]],
+ ["https://example.com", "form_cross_origin_secure_action.html", []],
+ ]) {
+ let testURL = origin + DIRECTORY_PATH + testFile;
+ let promiseConsoleMessages = new Promise(resolve => {
+ warningPatternHandler = function (warning, originMessage) {
+ ok(warning, "Handling a warning pattern");
+ let fullMessage = `[${warning.msg} {file: "${testURL}" line: 0 column: 0 source: "0"}]`;
+ is(originMessage, fullMessage, "Message full matched:" + originMessage);
+
+ let index = expectWarnings.indexOf(warning.key);
+ isnot(index, -1, "Found warning: " + warning.key + " for URL:" + testURL);
+ if (index !== -1) {
+ // Remove the shown message.
+ expectWarnings.splice(index, 1);
+ }
+ if (expectWarnings.length === 0) {
+ info("All warnings are shown for URL:" + testURL);
+ resolve();
+ }
+ };
+ });
+
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: testURL
+ }, function*() {
+ if (expectWarnings.length === 0) {
+ info("All warnings are shown for URL:" + testURL);
+ return Promise.resolve();
+ }
+ return promiseConsoleMessages;
+ });
+
+ // Remove warningPatternHandler to stop handling the matched warning pattern
+ // and the task should not get any warning anymore.
+ warningPatternHandler = null;
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_master_password_autocomplete.js b/toolkit/components/passwordmgr/test/browser/browser_master_password_autocomplete.js
new file mode 100644
index 000000000..f3bc62b0a
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_master_password_autocomplete.js
@@ -0,0 +1,59 @@
+const HOST = "https://example.com";
+const URL = HOST + "/browser/toolkit/components/passwordmgr/test/browser/form_basic.html";
+const TIMEOUT_PREF = "signon.masterPasswordReprompt.timeout_ms";
+
+// Waits for the master password prompt and cancels it.
+function waitForDialog() {
+ let dialogShown = TestUtils.topicObserved("common-dialog-loaded");
+ return dialogShown.then(function([subject]) {
+ let dialog = subject.Dialog;
+ is(dialog.args.title, "Password Required");
+ dialog.ui.button1.click();
+ });
+}
+
+// Test that autocomplete does not trigger a master password prompt
+// for a certain time after it was cancelled.
+add_task(function* test_mpAutocompleteTimeout() {
+ let login = LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: "username",
+ password: "password",
+ });
+ Services.logins.addLogin(login);
+ LoginTestUtils.masterPassword.enable();
+
+ registerCleanupFunction(function() {
+ LoginTestUtils.masterPassword.disable();
+ Services.logins.removeAllLogins();
+ });
+
+ // Set master password prompt timeout to 3s.
+ // If this test goes intermittent, you likely have to increase this value.
+ yield SpecialPowers.pushPrefEnv({set: [[TIMEOUT_PREF, 3000]]});
+
+ // Wait for initial master password dialog after opening the tab.
+ let dialogShown = waitForDialog();
+
+ yield BrowserTestUtils.withNewTab(URL, function*(browser) {
+ yield dialogShown;
+
+ yield ContentTask.spawn(browser, null, function*() {
+ // Focus the password field to trigger autocompletion.
+ content.document.getElementById("form-basic-password").focus();
+ });
+
+ // Wait 4s, dialog should not have been shown
+ // (otherwise the code below will not work).
+ yield new Promise((c) => setTimeout(c, 4000));
+
+ dialogShown = waitForDialog();
+ yield ContentTask.spawn(browser, null, function*() {
+ // Re-focus the password field to trigger autocompletion.
+ content.document.getElementById("form-basic-username").focus();
+ content.document.getElementById("form-basic-password").focus();
+ });
+ yield dialogShown;
+ });
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_notifications.js b/toolkit/components/passwordmgr/test/browser/browser_notifications.js
new file mode 100644
index 000000000..4fb012f14
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_notifications.js
@@ -0,0 +1,81 @@
+/**
+ * Test that the doorhanger notification for password saving is populated with
+ * the correct values in various password capture cases.
+ */
+add_task(function* test_save_change() {
+ let testCases = [{
+ username: "username",
+ password: "password",
+ }, {
+ username: "",
+ password: "password",
+ }, {
+ username: "username",
+ oldPassword: "password",
+ password: "newPassword",
+ }, {
+ username: "",
+ oldPassword: "password",
+ password: "newPassword",
+ }];
+
+ for (let { username, oldPassword, password } of testCases) {
+ // Add a login for the origin of the form if testing a change notification.
+ if (oldPassword) {
+ Services.logins.addLogin(LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username,
+ password: oldPassword,
+ }));
+ }
+
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: "https://example.com/browser/toolkit/components/" +
+ "passwordmgr/test/browser/form_basic.html",
+ }, function* (browser) {
+ // Submit the form in the content page with the credentials from the test
+ // case. This will cause the doorhanger notification to be displayed.
+ let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel,
+ "popupshown",
+ (event) => event.target == PopupNotifications.panel);
+ yield ContentTask.spawn(browser, [username, password],
+ function* ([contentUsername, contentPassword]) {
+ let doc = content.document;
+ doc.getElementById("form-basic-username").value = contentUsername;
+ doc.getElementById("form-basic-password").value = contentPassword;
+ doc.getElementById("form-basic").submit();
+ });
+ yield promiseShown;
+ let notificationElement = PopupNotifications.panel.childNodes[0];
+ // Style flush to make sure binding is attached
+ notificationElement.querySelector("#password-notification-password").clientTop;
+
+ // Check the actual content of the popup notification.
+ Assert.equal(notificationElement.querySelector("#password-notification-username")
+ .value, username);
+ Assert.equal(notificationElement.querySelector("#password-notification-password")
+ .value, password);
+
+ // Simulate the action on the notification to request the login to be
+ // saved, and wait for the data to be updated or saved based on the type
+ // of operation we expect.
+ let expectedNotification = oldPassword ? "modifyLogin" : "addLogin";
+ let promiseLogin = TestUtils.topicObserved("passwordmgr-storage-changed",
+ (_, data) => data == expectedNotification);
+ notificationElement.button.doCommand();
+ let [result] = yield promiseLogin;
+
+ // Check that the values in the database match the expected values.
+ let login = oldPassword ? result.QueryInterface(Ci.nsIArray)
+ .queryElementAt(1, Ci.nsILoginInfo)
+ : result.QueryInterface(Ci.nsILoginInfo);
+ Assert.equal(login.username, username);
+ Assert.equal(login.password, password);
+ });
+
+ // Clean up the database before the next test case is executed.
+ Services.logins.removeAllLogins();
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_notifications_2.js b/toolkit/components/passwordmgr/test/browser/browser_notifications_2.js
new file mode 100644
index 000000000..48c73b0e6
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_notifications_2.js
@@ -0,0 +1,125 @@
+add_task(function* setup() {
+ yield SpecialPowers.pushPrefEnv({"set": [
+ ["signon.rememberSignons.visibilityToggle", true]
+ ]});
+});
+
+/**
+ * Test that the doorhanger main action button is disabled
+ * when the password field is empty.
+ *
+ * Also checks that submiting an empty password throws an error.
+ */
+add_task(function* test_empty_password() {
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: "https://example.com/browser/toolkit/components/" +
+ "passwordmgr/test/browser/form_basic.html",
+ }, function* (browser) {
+ // Submit the form in the content page with the credentials from the test
+ // case. This will cause the doorhanger notification to be displayed.
+ let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel,
+ "popupshown",
+ (event) => event.target == PopupNotifications.panel);
+ yield ContentTask.spawn(browser, null,
+ function* () {
+ let doc = content.document;
+ doc.getElementById("form-basic-username").value = "username";
+ doc.getElementById("form-basic-password").value = "p";
+ doc.getElementById("form-basic").submit();
+ });
+ yield promiseShown;
+
+ let notificationElement = PopupNotifications.panel.childNodes[0];
+ let passwordTextbox = notificationElement.querySelector("#password-notification-password");
+ let toggleCheckbox = notificationElement.querySelector("#password-notification-visibilityToggle");
+
+ // Synthesize input to empty the field
+ passwordTextbox.focus();
+ yield EventUtils.synthesizeKey("VK_RIGHT", {});
+ yield EventUtils.synthesizeKey("VK_BACK_SPACE", {});
+
+ let mainActionButton = document.getAnonymousElementByAttribute(notificationElement.button, "anonid", "button");
+ Assert.ok(mainActionButton.disabled, "Main action button is disabled");
+
+ // Makes sure submiting an empty password throws an error
+ Assert.throws(notificationElement.button.doCommand(),
+ "Can't add a login with a null or empty password.",
+ "Should fail for an empty password");
+ });
+});
+
+/**
+ * Test that the doorhanger password field shows plain or * text
+ * when the checkbox is checked.
+ */
+add_task(function* test_toggle_password() {
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: "https://example.com/browser/toolkit/components/" +
+ "passwordmgr/test/browser/form_basic.html",
+ }, function* (browser) {
+ // Submit the form in the content page with the credentials from the test
+ // case. This will cause the doorhanger notification to be displayed.
+ let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel,
+ "popupshown",
+ (event) => event.target == PopupNotifications.panel);
+ yield ContentTask.spawn(browser, null,
+ function* () {
+ let doc = content.document;
+ doc.getElementById("form-basic-username").value = "username";
+ doc.getElementById("form-basic-password").value = "p";
+ doc.getElementById("form-basic").submit();
+ });
+ yield promiseShown;
+
+ let notificationElement = PopupNotifications.panel.childNodes[0];
+ let passwordTextbox = notificationElement.querySelector("#password-notification-password");
+ let toggleCheckbox = notificationElement.querySelector("#password-notification-visibilityToggle");
+
+ yield EventUtils.synthesizeMouseAtCenter(toggleCheckbox, {});
+ Assert.ok(toggleCheckbox.checked);
+ Assert.equal(passwordTextbox.type, "", "Password textbox changed to plain text");
+
+ yield EventUtils.synthesizeMouseAtCenter(toggleCheckbox, {});
+ Assert.ok(!toggleCheckbox.checked);
+ Assert.equal(passwordTextbox.type, "password", "Password textbox changed to * text");
+ });
+});
+
+/**
+ * Test that the doorhanger password toggle checkbox is disabled
+ * when the master password is set.
+ */
+add_task(function* test_checkbox_disabled_if_has_master_password() {
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: "https://example.com/browser/toolkit/components/" +
+ "passwordmgr/test/browser/form_basic.html",
+ }, function* (browser) {
+ // Submit the form in the content page with the credentials from the test
+ // case. This will cause the doorhanger notification to be displayed.
+ let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel,
+ "popupshown",
+ (event) => event.target == PopupNotifications.panel);
+
+ LoginTestUtils.masterPassword.enable();
+
+ yield ContentTask.spawn(browser, null, function* () {
+ let doc = content.document;
+ doc.getElementById("form-basic-username").value = "username";
+ doc.getElementById("form-basic-password").value = "p";
+ doc.getElementById("form-basic").submit();
+ });
+ yield promiseShown;
+
+ let notificationElement = PopupNotifications.panel.childNodes[0];
+ let passwordTextbox = notificationElement.querySelector("#password-notification-password");
+ let toggleCheckbox = notificationElement.querySelector("#password-notification-visibilityToggle");
+
+ Assert.equal(passwordTextbox.type, "password", "Password textbox should show * text");
+ Assert.ok(toggleCheckbox.getAttribute("hidden"), "checkbox is hidden when master password is set");
+ });
+
+ LoginTestUtils.masterPassword.disable();
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_notifications_password.js b/toolkit/components/passwordmgr/test/browser/browser_notifications_password.js
new file mode 100644
index 000000000..8ac49dac5
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_notifications_password.js
@@ -0,0 +1,145 @@
+/**
+ * Test changing the password inside the doorhanger notification for passwords.
+ *
+ * We check the following cases:
+ * - Editing the password of a new login.
+ * - Editing the password of an existing login.
+ * - Changing both username and password to an existing login.
+ * - Changing the username to an existing login.
+ * - Editing username to an empty one and a new password.
+ *
+ * If both the username and password matches an already existing login, we should not
+ * update it's password, but only it's usage timestamp and count.
+ */
+add_task(function* test_edit_password() {
+ let testCases = [{
+ usernameInPage: "username",
+ passwordInPage: "password",
+ passwordChangedTo: "newPassword",
+ timesUsed: 1,
+ }, {
+ usernameInPage: "username",
+ usernameInPageExists: true,
+ passwordInPage: "password",
+ passwordInStorage: "oldPassword",
+ passwordChangedTo: "newPassword",
+ timesUsed: 2,
+ }, {
+ usernameInPage: "username",
+ usernameChangedTo: "newUsername",
+ usernameChangedToExists: true,
+ passwordInPage: "password",
+ passwordChangedTo: "newPassword",
+ timesUsed: 2,
+ }, {
+ usernameInPage: "username",
+ usernameChangedTo: "newUsername",
+ usernameChangedToExists: true,
+ passwordInPage: "password",
+ passwordChangedTo: "password",
+ timesUsed: 2,
+ checkPasswordNotUpdated: true,
+ }, {
+ usernameInPage: "newUsername",
+ usernameChangedTo: "",
+ usernameChangedToExists: true,
+ passwordInPage: "password",
+ passwordChangedTo: "newPassword",
+ timesUsed: 2,
+ }];
+
+ for (let testCase of testCases) {
+ info("Test case: " + JSON.stringify(testCase));
+
+ // Create the pre-existing logins when needed.
+ if (testCase.usernameInPageExists) {
+ Services.logins.addLogin(LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: testCase.usernameInPage,
+ password: testCase.passwordInStorage,
+ }));
+ }
+
+ if (testCase.usernameChangedToExists) {
+ Services.logins.addLogin(LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: testCase.usernameChangedTo,
+ password: testCase.passwordChangedTo,
+ }));
+ }
+
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: "https://example.com/browser/toolkit/components/" +
+ "passwordmgr/test/browser/form_basic.html",
+ }, function* (browser) {
+ // Submit the form in the content page with the credentials from the test
+ // case. This will cause the doorhanger notification to be displayed.
+ let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel,
+ "popupshown",
+ (event) => event.target == PopupNotifications.panel);
+ yield ContentTask.spawn(browser, testCase,
+ function* (contentTestCase) {
+ let doc = content.document;
+ doc.getElementById("form-basic-username").value = contentTestCase.usernameInPage;
+ doc.getElementById("form-basic-password").value = contentTestCase.passwordInPage;
+ doc.getElementById("form-basic").submit();
+ });
+ yield promiseShown;
+ let notificationElement = PopupNotifications.panel.childNodes[0];
+ // Style flush to make sure binding is attached
+ notificationElement.querySelector("#password-notification-password").clientTop;
+
+ // Modify the username in the dialog if requested.
+ if (testCase.usernameChangedTo) {
+ notificationElement.querySelector("#password-notification-username")
+ .value = testCase.usernameChangedTo;
+ }
+
+ // Modify the password in the dialog if requested.
+ if (testCase.passwordChangedTo) {
+ notificationElement.querySelector("#password-notification-password")
+ .value = testCase.passwordChangedTo;
+ }
+
+ // We expect a modifyLogin notification if the final username used by the
+ // dialog exists in the logins database, otherwise an addLogin one.
+ let expectModifyLogin = typeof testCase.usernameChangedTo !== "undefined"
+ ? testCase.usernameChangedToExists
+ : testCase.usernameInPageExists;
+
+ // Simulate the action on the notification to request the login to be
+ // saved, and wait for the data to be updated or saved based on the type
+ // of operation we expect.
+ let expectedNotification = expectModifyLogin ? "modifyLogin" : "addLogin";
+ let promiseLogin = TestUtils.topicObserved("passwordmgr-storage-changed",
+ (_, data) => data == expectedNotification);
+ notificationElement.button.doCommand();
+ let [result] = yield promiseLogin;
+
+ // Check that the values in the database match the expected values.
+ let login = expectModifyLogin ? result.QueryInterface(Ci.nsIArray)
+ .queryElementAt(1, Ci.nsILoginInfo)
+ : result.QueryInterface(Ci.nsILoginInfo);
+
+ Assert.equal(login.username, testCase.usernameChangedTo ||
+ testCase.usernameInPage);
+ Assert.equal(login.password, testCase.passwordChangedTo ||
+ testCase.passwordInPage);
+
+ let meta = login.QueryInterface(Ci.nsILoginMetaInfo);
+ Assert.equal(meta.timesUsed, testCase.timesUsed);
+
+ // Check that the password was not updated if the user is empty
+ if (testCase.checkPasswordNotUpdated) {
+ Assert.ok(meta.timeLastUsed > meta.timeCreated);
+ Assert.ok(meta.timeCreated == meta.timePasswordChanged);
+ }
+ });
+
+ // Clean up the database before the next test case is executed.
+ Services.logins.removeAllLogins();
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_notifications_username.js b/toolkit/components/passwordmgr/test/browser/browser_notifications_username.js
new file mode 100644
index 000000000..2c9ea2607
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_notifications_username.js
@@ -0,0 +1,119 @@
+/**
+ * Test changing the username inside the doorhanger notification for passwords.
+ *
+ * We have to test combination of existing and non-existing logins both for
+ * the original one from the webpage and the final one used by the dialog.
+ *
+ * We also check switching to and from empty usernames.
+ */
+add_task(function* test_edit_username() {
+ let testCases = [{
+ usernameInPage: "username",
+ usernameChangedTo: "newUsername",
+ }, {
+ usernameInPage: "username",
+ usernameInPageExists: true,
+ usernameChangedTo: "newUsername",
+ }, {
+ usernameInPage: "username",
+ usernameChangedTo: "newUsername",
+ usernameChangedToExists: true,
+ }, {
+ usernameInPage: "username",
+ usernameInPageExists: true,
+ usernameChangedTo: "newUsername",
+ usernameChangedToExists: true,
+ }, {
+ usernameInPage: "",
+ usernameChangedTo: "newUsername",
+ }, {
+ usernameInPage: "newUsername",
+ usernameChangedTo: "",
+ }, {
+ usernameInPage: "",
+ usernameChangedTo: "newUsername",
+ usernameChangedToExists: true,
+ }, {
+ usernameInPage: "newUsername",
+ usernameChangedTo: "",
+ usernameChangedToExists: true,
+ }];
+
+ for (let testCase of testCases) {
+ info("Test case: " + JSON.stringify(testCase));
+
+ // Create the pre-existing logins when needed.
+ if (testCase.usernameInPageExists) {
+ Services.logins.addLogin(LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: testCase.usernameInPage,
+ password: "old password",
+ }));
+ }
+
+ if (testCase.usernameChangedToExists) {
+ Services.logins.addLogin(LoginTestUtils.testData.formLogin({
+ hostname: "https://example.com",
+ formSubmitURL: "https://example.com",
+ username: testCase.usernameChangedTo,
+ password: "old password",
+ }));
+ }
+
+ yield BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: "https://example.com/browser/toolkit/components/" +
+ "passwordmgr/test/browser/form_basic.html",
+ }, function* (browser) {
+ // Submit the form in the content page with the credentials from the test
+ // case. This will cause the doorhanger notification to be displayed.
+ let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel,
+ "popupshown",
+ (event) => event.target == PopupNotifications.panel);
+ yield ContentTask.spawn(browser, testCase.usernameInPage,
+ function* (usernameInPage) {
+ let doc = content.document;
+ doc.getElementById("form-basic-username").value = usernameInPage;
+ doc.getElementById("form-basic-password").value = "password";
+ doc.getElementById("form-basic").submit();
+ });
+ yield promiseShown;
+ let notificationElement = PopupNotifications.panel.childNodes[0];
+ // Style flush to make sure binding is attached
+ notificationElement.querySelector("#password-notification-password").clientTop;
+
+ // Modify the username in the dialog if requested.
+ if (testCase.usernameChangedTo) {
+ notificationElement.querySelector("#password-notification-username")
+ .value = testCase.usernameChangedTo;
+ }
+
+ // We expect a modifyLogin notification if the final username used by the
+ // dialog exists in the logins database, otherwise an addLogin one.
+ let expectModifyLogin = testCase.usernameChangedTo
+ ? testCase.usernameChangedToExists
+ : testCase.usernameInPageExists;
+
+ // Simulate the action on the notification to request the login to be
+ // saved, and wait for the data to be updated or saved based on the type
+ // of operation we expect.
+ let expectedNotification = expectModifyLogin ? "modifyLogin" : "addLogin";
+ let promiseLogin = TestUtils.topicObserved("passwordmgr-storage-changed",
+ (_, data) => data == expectedNotification);
+ notificationElement.button.doCommand();
+ let [result] = yield promiseLogin;
+
+ // Check that the values in the database match the expected values.
+ let login = expectModifyLogin ? result.QueryInterface(Ci.nsIArray)
+ .queryElementAt(1, Ci.nsILoginInfo)
+ : result.QueryInterface(Ci.nsILoginInfo);
+ Assert.equal(login.username, testCase.usernameChangedTo ||
+ testCase.usernameInPage);
+ Assert.equal(login.password, "password");
+ });
+
+ // Clean up the database before the next test case is executed.
+ Services.logins.removeAllLogins();
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_contextmenu.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_contextmenu.js
new file mode 100644
index 000000000..ece2b731f
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_contextmenu.js
@@ -0,0 +1,100 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+function test() {
+ waitForExplicitFinish();
+
+ Services.logins.removeAllLogins();
+
+ // Add some initial logins
+ let urls = [
+ "http://example.com/",
+ "http://mozilla.org/",
+ "http://spreadfirefox.com/",
+ "https://support.mozilla.org/",
+ "http://hg.mozilla.org/"
+ ];
+ let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+ let logins = [
+ new nsLoginInfo(urls[0], urls[0], null, "", "o hai", "u1", "p1"),
+ new nsLoginInfo(urls[1], urls[1], null, "ehsan", "coded", "u2", "p2"),
+ new nsLoginInfo(urls[2], urls[2], null, "this", "awesome", "u3", "p3"),
+ new nsLoginInfo(urls[3], urls[3], null, "array of", "logins", "u4", "p4"),
+ new nsLoginInfo(urls[4], urls[4], null, "then", "i wrote the test", "u5", "p5")
+ ];
+ logins.forEach(login => Services.logins.addLogin(login));
+
+ // Open the password manager dialog
+ const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul";
+ let pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", "");
+ SimpleTest.waitForFocus(doTest, pwmgrdlg);
+
+ // Test if "Copy Username" and "Copy Password" works
+ function doTest() {
+ let doc = pwmgrdlg.document;
+ let selection = doc.getElementById("signonsTree").view.selection;
+ let menuitem = doc.getElementById("context-copyusername");
+
+ function copyField() {
+ info("Select all");
+ selection.selectAll();
+ assertMenuitemEnabled("copyusername", false);
+ assertMenuitemEnabled("editusername", false);
+ assertMenuitemEnabled("copypassword", false);
+ assertMenuitemEnabled("editpassword", false);
+
+ info("Select the first row (with an empty username)");
+ selection.select(0);
+ assertMenuitemEnabled("copyusername", false, "empty username");
+ assertMenuitemEnabled("editusername", true);
+ assertMenuitemEnabled("copypassword", true);
+ assertMenuitemEnabled("editpassword", false, "password column hidden");
+
+ info("Clear the selection");
+ selection.clearSelection();
+ assertMenuitemEnabled("copyusername", false);
+ assertMenuitemEnabled("editusername", false);
+ assertMenuitemEnabled("copypassword", false);
+ assertMenuitemEnabled("editpassword", false);
+
+ info("Select the third row and making the password column visible");
+ selection.select(2);
+ doc.getElementById("passwordCol").hidden = false;
+ assertMenuitemEnabled("copyusername", true);
+ assertMenuitemEnabled("editusername", true);
+ assertMenuitemEnabled("copypassword", true);
+ assertMenuitemEnabled("editpassword", true, "password column visible");
+ menuitem.doCommand();
+ }
+
+ function assertMenuitemEnabled(idSuffix, expected, reason = "") {
+ doc.defaultView.UpdateContextMenu();
+ let actual = !doc.getElementById("context-" + idSuffix).getAttribute("disabled");
+ is(actual, expected, idSuffix + " should be " + (expected ? "enabled" : "disabled") +
+ (reason ? ": " + reason : ""));
+ }
+
+ function cleanUp() {
+ Services.ww.registerNotification(function (aSubject, aTopic, aData) {
+ Services.ww.unregisterNotification(arguments.callee);
+ Services.logins.removeAllLogins();
+ doc.getElementById("passwordCol").hidden = true;
+ finish();
+ });
+ pwmgrdlg.close();
+ }
+
+ function testPassword() {
+ info("Testing Copy Password");
+ waitForClipboard("coded", function copyPassword() {
+ menuitem = doc.getElementById("context-copypassword");
+ menuitem.doCommand();
+ }, cleanUp, cleanUp);
+ }
+
+ info("Testing Copy Username");
+ waitForClipboard("ehsan", copyField, testPassword, testPassword);
+ }
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_editing.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_editing.js
new file mode 100644
index 000000000..2b2e42273
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_editing.js
@@ -0,0 +1,126 @@
+const { ContentTaskUtils } = Cu.import("resource://testing-common/ContentTaskUtils.jsm", {});
+const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul";
+
+var doc;
+var pwmgr;
+var pwmgrdlg;
+var signonsTree;
+
+function addLogin(site, username, password) {
+ let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+ let login = new nsLoginInfo(site, site, null, username, password, "u", "p");
+ Services.logins.addLogin(login);
+}
+
+function getUsername(row) {
+ return signonsTree.view.getCellText(row, signonsTree.columns.getNamedColumn("userCol"));
+}
+
+function getPassword(row) {
+ return signonsTree.view.getCellText(row, signonsTree.columns.getNamedColumn("passwordCol"));
+}
+
+function synthesizeDblClickOnCell(aTree, column, row) {
+ let tbo = aTree.treeBoxObject;
+ let rect = tbo.getCoordsForCellItem(row, aTree.columns[column], "text");
+ let x = rect.x + rect.width / 2;
+ let y = rect.y + rect.height / 2;
+ // Simulate the double click.
+ EventUtils.synthesizeMouse(aTree.body, x, y, { clickCount: 2 },
+ aTree.ownerDocument.defaultView);
+}
+
+function* togglePasswords() {
+ pwmgrdlg.document.querySelector("#togglePasswords").doCommand();
+ yield new Promise(resolve => waitForFocus(resolve, pwmgrdlg));
+}
+
+function* editUsernamePromises(site, oldUsername, newUsername) {
+ is(Services.logins.findLogins({}, site, "", "").length, 1, "Correct login found");
+ let login = Services.logins.findLogins({}, site, "", "")[0];
+ is(login.username, oldUsername, "Correct username saved");
+ is(getUsername(0), oldUsername, "Correct username shown");
+ synthesizeDblClickOnCell(signonsTree, 1, 0);
+ yield ContentTaskUtils.waitForCondition(() => signonsTree.getAttribute("editing"),
+ "Waiting for editing");
+
+ EventUtils.sendString(newUsername, pwmgrdlg);
+ let signonsIntro = doc.querySelector("#signonsIntro");
+ EventUtils.sendMouseEvent({type: "click"}, signonsIntro, pwmgrdlg);
+ yield ContentTaskUtils.waitForCondition(() => !signonsTree.getAttribute("editing"),
+ "Waiting for editing to stop");
+
+ is(Services.logins.findLogins({}, site, "", "").length, 1, "Correct login replaced");
+ login = Services.logins.findLogins({}, site, "", "")[0];
+ is(login.username, newUsername, "Correct username updated");
+ is(getUsername(0), newUsername, "Correct username shown after the update");
+}
+
+function* editPasswordPromises(site, oldPassword, newPassword) {
+ is(Services.logins.findLogins({}, site, "", "").length, 1, "Correct login found");
+ let login = Services.logins.findLogins({}, site, "", "")[0];
+ is(login.password, oldPassword, "Correct password saved");
+ is(getPassword(0), oldPassword, "Correct password shown");
+
+ synthesizeDblClickOnCell(signonsTree, 2, 0);
+ yield ContentTaskUtils.waitForCondition(() => signonsTree.getAttribute("editing"),
+ "Waiting for editing");
+
+ EventUtils.sendString(newPassword, pwmgrdlg);
+ let signonsIntro = doc.querySelector("#signonsIntro");
+ EventUtils.sendMouseEvent({type: "click"}, signonsIntro, pwmgrdlg);
+ yield ContentTaskUtils.waitForCondition(() => !signonsTree.getAttribute("editing"),
+ "Waiting for editing to stop");
+
+ is(Services.logins.findLogins({}, site, "", "").length, 1, "Correct login replaced");
+ login = Services.logins.findLogins({}, site, "", "")[0];
+ is(login.password, newPassword, "Correct password updated");
+ is(getPassword(0), newPassword, "Correct password shown after the update");
+}
+
+add_task(function* test_setup() {
+ registerCleanupFunction(function() {
+ Services.logins.removeAllLogins();
+ });
+
+ Services.logins.removeAllLogins();
+ // Open the password manager dialog.
+ pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", "");
+
+ Services.ww.registerNotification(function (aSubject, aTopic, aData) {
+ if (aTopic == "domwindowopened") {
+ let win = aSubject.QueryInterface(Ci.nsIDOMEventTarget);
+ SimpleTest.waitForFocus(function() {
+ EventUtils.sendKey("RETURN", win);
+ }, win);
+ } else if (aSubject.location == pwmgrdlg.location && aTopic == "domwindowclosed") {
+ // Unregister ourself.
+ Services.ww.unregisterNotification(arguments.callee);
+ }
+ });
+
+ yield new Promise((resolve) => {
+ SimpleTest.waitForFocus(() => {
+ doc = pwmgrdlg.document;
+ signonsTree = doc.querySelector("#signonsTree");
+ resolve();
+ }, pwmgrdlg);
+ });
+});
+
+add_task(function* test_edit_multiple_logins() {
+ function* testLoginChange(site, oldUsername, oldPassword, newUsername, newPassword) {
+ addLogin(site, oldUsername, oldPassword);
+ yield* editUsernamePromises(site, oldUsername, newUsername);
+ yield* togglePasswords();
+ yield* editPasswordPromises(site, oldPassword, newPassword);
+ yield* togglePasswords();
+ }
+
+ yield* testLoginChange("http://c.tn/", "userC", "passC", "usernameC", "passwordC");
+ yield* testLoginChange("http://b.tn/", "userB", "passB", "usernameB", "passwordB");
+ yield* testLoginChange("http://a.tn/", "userA", "passA", "usernameA", "passwordA");
+
+ pwmgrdlg.close();
+});
diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_fields.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_fields.js
new file mode 100644
index 000000000..95bcee9ed
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_fields.js
@@ -0,0 +1,65 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+function test() {
+ waitForExplicitFinish();
+
+ let pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+ pwmgr.removeAllLogins();
+
+ // add login data
+ let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+ let login = new nsLoginInfo("http://example.com/", "http://example.com/", null,
+ "user", "password", "u1", "p1");
+ pwmgr.addLogin(login);
+
+ // Open the password manager dialog
+ const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul";
+ let pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", "");
+ SimpleTest.waitForFocus(doTest, pwmgrdlg);
+
+ function doTest() {
+ let doc = pwmgrdlg.document;
+
+ let signonsTree = doc.querySelector("#signonsTree");
+ is(signonsTree.view.rowCount, 1, "One entry in the passwords list");
+
+ is(signonsTree.view.getCellText(0, signonsTree.columns.getNamedColumn("siteCol")),
+ "http://example.com/",
+ "Correct website saved");
+
+ is(signonsTree.view.getCellText(0, signonsTree.columns.getNamedColumn("userCol")),
+ "user",
+ "Correct user saved");
+
+ let timeCreatedCol = doc.getElementById("timeCreatedCol");
+ is(timeCreatedCol.getAttribute("hidden"), "true",
+ "Time created column is not displayed");
+
+
+ let timeLastUsedCol = doc.getElementById("timeLastUsedCol");
+ is(timeLastUsedCol.getAttribute("hidden"), "true",
+ "Last Used column is not displayed");
+
+ let timePasswordChangedCol = doc.getElementById("timePasswordChangedCol");
+ is(timePasswordChangedCol.getAttribute("hidden"), "",
+ "Last Changed column is displayed");
+
+ // cleanup
+ Services.ww.registerNotification(function (aSubject, aTopic, aData) {
+ if (aSubject.location == pwmgrdlg.location && aTopic == "domwindowclosed") {
+ // unregister ourself
+ Services.ww.unregisterNotification(arguments.callee);
+
+ pwmgr.removeAllLogins();
+
+ finish();
+ }
+ });
+
+ pwmgrdlg.close();
+ }
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_observers.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_observers.js
new file mode 100644
index 000000000..1dc7076aa
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_observers.js
@@ -0,0 +1,129 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+function test() {
+ waitForExplicitFinish();
+
+ const LOGIN_HOST = "http://example.com";
+ const LOGIN_COUNT = 5;
+
+ let nsLoginInfo = new Components.Constructor(
+ "@mozilla.org/login-manager/loginInfo;1", Ci.nsILoginInfo, "init");
+ let pmDialog = window.openDialog(
+ "chrome://passwordmgr/content/passwordManager.xul",
+ "Toolkit:PasswordManager", "");
+
+ let logins = [];
+ let loginCounter = 0;
+ let loginOrder = null;
+ let modifiedLogin;
+ let testNumber = 0;
+ let testObserver = {
+ observe: function (subject, topic, data) {
+ if (topic == "passwordmgr-dialog-updated") {
+ switch (testNumber) {
+ case 1:
+ case 2:
+ case 3:
+ case 4:
+ case 5:
+ is(countLogins(), loginCounter, "Verify login added");
+ ok(getLoginOrder().startsWith(loginOrder), "Verify login order");
+ runNextTest();
+ break;
+ case 6:
+ is(countLogins(), loginCounter, "Verify login count");
+ is(getLoginOrder(), loginOrder, "Verify login order");
+ is(getLoginPassword(), "newpassword0", "Verify login modified");
+ runNextTest();
+ break;
+ case 7:
+ is(countLogins(), loginCounter, "Verify login removed");
+ ok(loginOrder.endsWith(getLoginOrder()), "Verify login order");
+ runNextTest();
+ break;
+ case 8:
+ is(countLogins(), 0, "Verify all logins removed");
+ runNextTest();
+ break;
+ }
+ }
+ }
+ };
+
+ SimpleTest.waitForFocus(startTest, pmDialog);
+
+ function createLogins() {
+ let login;
+ for (let i = 0; i < LOGIN_COUNT; i++) {
+ login = new nsLoginInfo(LOGIN_HOST + "?n=" + i, LOGIN_HOST + "?n=" + i,
+ null, "user" + i, "password" + i, "u" + i, "p" + i);
+ logins.push(login);
+ }
+ modifiedLogin = new nsLoginInfo(LOGIN_HOST + "?n=0", LOGIN_HOST + "?n=0",
+ null, "user0", "newpassword0", "u0", "p0");
+ is(logins.length, LOGIN_COUNT, "Verify logins created");
+ }
+
+ function countLogins() {
+ let doc = pmDialog.document;
+ let signonsTree = doc.getElementById("signonsTree");
+ return signonsTree.view.rowCount;
+ }
+
+ function getLoginOrder() {
+ let doc = pmDialog.document;
+ let signonsTree = doc.getElementById("signonsTree");
+ let column = signonsTree.columns[0]; // host column
+ let order = [];
+ for (let i = 0; i < signonsTree.view.rowCount; i++) {
+ order.push(signonsTree.view.getCellText(i, column));
+ }
+ return order.join(',');
+ }
+
+ function getLoginPassword() {
+ let doc = pmDialog.document;
+ let loginsTree = doc.getElementById("signonsTree");
+ let column = loginsTree.columns[2]; // password column
+ return loginsTree.view.getCellText(0, column);
+ }
+
+ function startTest() {
+ Services.obs.addObserver(
+ testObserver, "passwordmgr-dialog-updated", false);
+ is(countLogins(), 0, "Verify starts with 0 logins");
+ createLogins();
+ runNextTest();
+ }
+
+ function runNextTest() {
+ switch (++testNumber) {
+ case 1: // add the logins
+ for (let i = 0; i < logins.length; i++) {
+ loginCounter++;
+ loginOrder = getLoginOrder();
+ Services.logins.addLogin(logins[i]);
+ }
+ break;
+ case 6: // modify a login
+ loginOrder = getLoginOrder();
+ Services.logins.modifyLogin(logins[0], modifiedLogin);
+ break;
+ case 7: // remove a login
+ loginCounter--;
+ loginOrder = getLoginOrder();
+ Services.logins.removeLogin(modifiedLogin);
+ break;
+ case 8: // remove all logins
+ Services.logins.removeAllLogins();
+ break;
+ case 9: // finish
+ Services.obs.removeObserver(
+ testObserver, "passwordmgr-dialog-updated", false);
+ pmDialog.close();
+ finish();
+ break;
+ }
+ }
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_sort.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_sort.js
new file mode 100644
index 000000000..83272a9c4
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_sort.js
@@ -0,0 +1,208 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+function test() {
+ waitForExplicitFinish();
+
+ let pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+ pwmgr.removeAllLogins();
+
+ // Add some initial logins
+ let urls = [
+ "http://example.com/",
+ "http://example.org/",
+ "http://mozilla.com/",
+ "http://mozilla.org/",
+ "http://spreadfirefox.com/",
+ "http://planet.mozilla.org/",
+ "https://developer.mozilla.org/",
+ "http://hg.mozilla.org/",
+ "http://dxr.mozilla.org/",
+ "http://feeds.mozilla.org/",
+ ];
+ let users = [
+ "user",
+ "username",
+ "ehsan",
+ "ehsan",
+ "john",
+ "what?",
+ "really?",
+ "you sure?",
+ "my user name",
+ "my username",
+ ];
+ let pwds = [
+ "password",
+ "password",
+ "mypass",
+ "mypass",
+ "smith",
+ "very secret",
+ "super secret",
+ "absolutely",
+ "mozilla",
+ "mozilla.com",
+ ];
+ let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+ for (let i = 0; i < 10; i++)
+ pwmgr.addLogin(new nsLoginInfo(urls[i], urls[i], null, users[i], pwds[i],
+ "u" + (i + 1), "p" + (i + 1)));
+
+ // Open the password manager dialog
+ const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul";
+ let pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", "");
+ SimpleTest.waitForFocus(doTest, pwmgrdlg);
+
+ // the meat of the test
+ function doTest() {
+ let doc = pwmgrdlg.document;
+ let win = doc.defaultView;
+ let sTree = doc.getElementById("signonsTree");
+ let filter = doc.getElementById("filter");
+ let siteCol = doc.getElementById("siteCol");
+ let userCol = doc.getElementById("userCol");
+ let passwordCol = doc.getElementById("passwordCol");
+
+ let toggleCalls = 0;
+ function toggleShowPasswords(func) {
+ let toggleButton = doc.getElementById("togglePasswords");
+ let showMode = (toggleCalls++ % 2) == 0;
+
+ // only watch for a confirmation dialog every other time being called
+ if (showMode) {
+ Services.ww.registerNotification(function (aSubject, aTopic, aData) {
+ if (aTopic == "domwindowclosed")
+ Services.ww.unregisterNotification(arguments.callee);
+ else if (aTopic == "domwindowopened") {
+ let targetWin = aSubject.QueryInterface(Ci.nsIDOMEventTarget);
+ SimpleTest.waitForFocus(function() {
+ EventUtils.sendKey("RETURN", targetWin);
+ }, targetWin);
+ }
+ });
+ }
+
+ Services.obs.addObserver(function (aSubject, aTopic, aData) {
+ if (aTopic == "passwordmgr-password-toggle-complete") {
+ Services.obs.removeObserver(arguments.callee, aTopic);
+ func();
+ }
+ }, "passwordmgr-password-toggle-complete", false);
+
+ EventUtils.synthesizeMouse(toggleButton, 1, 1, {}, win);
+ }
+
+ function clickCol(col) {
+ EventUtils.synthesizeMouse(col, 20, 1, {}, win);
+ setTimeout(runNextTest, 0);
+ }
+
+ function setFilter(string) {
+ filter.value = string;
+ filter.doCommand();
+ setTimeout(runNextTest, 0);
+ }
+
+ function checkSortMarkers(activeCol) {
+ let isOk = true;
+ let col = null;
+ let hasAttr = false;
+ let treecols = activeCol.parentNode;
+ for (let i = 0; i < treecols.childNodes.length; i++) {
+ col = treecols.childNodes[i];
+ if (col.nodeName != "treecol")
+ continue;
+ hasAttr = col.hasAttribute("sortDirection");
+ isOk &= col == activeCol ? hasAttr : !hasAttr;
+ }
+ ok(isOk, "Only " + activeCol.id + " has a sort marker");
+ }
+
+ function checkSortDirection(col, ascending) {
+ checkSortMarkers(col);
+ let direction = ascending ? "ascending" : "descending";
+ is(col.getAttribute("sortDirection"), direction,
+ col.id + ": sort direction is " + direction);
+ }
+
+ function checkColumnEntries(aCol, expectedValues) {
+ let actualValues = getColumnEntries(aCol);
+ is(actualValues.length, expectedValues.length, "Checking length of expected column");
+ for (let i = 0; i < expectedValues.length; i++)
+ is(actualValues[i], expectedValues[i], "Checking column entry #" + i);
+ }
+
+ function getColumnEntries(aCol) {
+ let entries = [];
+ let column = sTree.columns[aCol];
+ let numRows = sTree.view.rowCount;
+ for (let i = 0; i < numRows; i++)
+ entries.push(sTree.view.getCellText(i, column));
+ return entries;
+ }
+
+ let testCounter = 0;
+ let expectedValues;
+ function runNextTest() {
+ switch (testCounter++) {
+ case 0:
+ expectedValues = urls.slice().sort();
+ checkColumnEntries(0, expectedValues);
+ checkSortDirection(siteCol, true);
+ // Toggle sort direction on Host column
+ clickCol(siteCol);
+ break;
+ case 1:
+ expectedValues.reverse();
+ checkColumnEntries(0, expectedValues);
+ checkSortDirection(siteCol, false);
+ // Sort by Username
+ clickCol(userCol);
+ break;
+ case 2:
+ expectedValues = users.slice().sort();
+ checkColumnEntries(1, expectedValues);
+ checkSortDirection(userCol, true);
+ // Sort by Password
+ clickCol(passwordCol);
+ break;
+ case 3:
+ expectedValues = pwds.slice().sort();
+ checkColumnEntries(2, expectedValues);
+ checkSortDirection(passwordCol, true);
+ // Set filter
+ setFilter("moz");
+ break;
+ case 4:
+ expectedValues = [ "absolutely", "mozilla", "mozilla.com",
+ "mypass", "mypass", "super secret",
+ "very secret" ];
+ checkColumnEntries(2, expectedValues);
+ checkSortDirection(passwordCol, true);
+ // Reset filter
+ setFilter("");
+ break;
+ case 5:
+ expectedValues = pwds.slice().sort();
+ checkColumnEntries(2, expectedValues);
+ checkSortDirection(passwordCol, true);
+ // cleanup
+ Services.ww.registerNotification(function (aSubject, aTopic, aData) {
+ // unregister ourself
+ Services.ww.unregisterNotification(arguments.callee);
+
+ pwmgr.removeAllLogins();
+ finish();
+ });
+ pwmgrdlg.close();
+ }
+ }
+
+ // Toggle Show Passwords to display Password column, then start tests
+ toggleShowPasswords(runNextTest);
+ }
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_switchtab.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_switchtab.js
new file mode 100644
index 000000000..bd4f265b5
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_switchtab.js
@@ -0,0 +1,42 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+const PROMPT_URL = "chrome://global/content/commonDialog.xul";
+var { interfaces: Ci } = Components;
+
+function test() {
+ waitForExplicitFinish();
+
+ let tab = gBrowser.addTab();
+ isnot(tab, gBrowser.selectedTab, "New tab shouldn't be selected");
+
+ let listener = {
+ onOpenWindow: function(window) {
+ var domwindow = window.QueryInterface(Ci.nsIInterfaceRequestor)
+ .getInterface(Ci.nsIDOMWindow);
+ waitForFocus(() => {
+ is(domwindow.document.location.href, PROMPT_URL, "Should have seen a prompt window");
+ is(domwindow.args.promptType, "promptUserAndPass", "Should be an authenticate prompt");
+
+ is(gBrowser.selectedTab, tab, "Should have selected the new tab");
+
+ domwindow.document.documentElement.cancelDialog();
+ }, domwindow);
+ },
+
+ onCloseWindow: function() {
+ }
+ };
+
+ Services.wm.addListener(listener);
+ registerCleanupFunction(() => {
+ Services.wm.removeListener(listener);
+ gBrowser.removeTab(tab);
+ });
+
+ tab.linkedBrowser.addEventListener("load", () => {
+ finish();
+ }, true);
+ tab.linkedBrowser.loadURI("http://example.com/browser/toolkit/components/passwordmgr/test/browser/authenticate.sjs");
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgrdlg.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgrdlg.js
new file mode 100644
index 000000000..57cfa9f83
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgrdlg.js
@@ -0,0 +1,192 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+function test() {
+ waitForExplicitFinish();
+
+ let pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+ pwmgr.removeAllLogins();
+
+ // Add some initial logins
+ let urls = [
+ "http://example.com/",
+ "http://example.org/",
+ "http://mozilla.com/",
+ "http://mozilla.org/",
+ "http://spreadfirefox.com/",
+ "http://planet.mozilla.org/",
+ "https://developer.mozilla.org/",
+ "http://hg.mozilla.org/",
+ "http://dxr.mozilla.org/",
+ "http://feeds.mozilla.org/",
+ ];
+ let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+ let logins = [
+ new nsLoginInfo(urls[0], urls[0], null, "user", "password", "u1", "p1"),
+ new nsLoginInfo(urls[1], urls[1], null, "username", "password", "u2", "p2"),
+ new nsLoginInfo(urls[2], urls[2], null, "ehsan", "mypass", "u3", "p3"),
+ new nsLoginInfo(urls[3], urls[3], null, "ehsan", "mypass", "u4", "p4"),
+ new nsLoginInfo(urls[4], urls[4], null, "john", "smith", "u5", "p5"),
+ new nsLoginInfo(urls[5], urls[5], null, "what?", "very secret", "u6", "p6"),
+ new nsLoginInfo(urls[6], urls[6], null, "really?", "super secret", "u7", "p7"),
+ new nsLoginInfo(urls[7], urls[7], null, "you sure?", "absolutely", "u8", "p8"),
+ new nsLoginInfo(urls[8], urls[8], null, "my user name", "mozilla", "u9", "p9"),
+ new nsLoginInfo(urls[9], urls[9], null, "my username", "mozilla.com", "u10", "p10"),
+ ];
+ logins.forEach(login => pwmgr.addLogin(login));
+
+ // Open the password manager dialog
+ const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul";
+ let pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", "");
+ SimpleTest.waitForFocus(doTest, pwmgrdlg);
+
+ // the meat of the test
+ function doTest() {
+ let doc = pwmgrdlg.document;
+ let win = doc.defaultView;
+ let filter = doc.getElementById("filter");
+ let tree = doc.getElementById("signonsTree");
+ let view = tree.view;
+
+ is(filter.value, "", "Filter box should initially be empty");
+ is(view.rowCount, 10, "There should be 10 passwords initially");
+
+ // Prepare a set of tests
+ // filter: the text entered in the filter search box
+ // count: the number of logins which should match the respective filter
+ // count2: the number of logins which should match the respective filter
+ // if the passwords are being shown as well
+ // Note: if a test doesn't have count2 set, count is used instead.
+ let tests = [
+ {filter: "pass", count: 0, count2: 4},
+ {filter: "", count: 10}, // test clearing the filter
+ {filter: "moz", count: 7},
+ {filter: "mozi", count: 7},
+ {filter: "mozil", count: 7},
+ {filter: "mozill", count: 7},
+ {filter: "mozilla", count: 7},
+ {filter: "mozilla.com", count: 1, count2: 2},
+ {filter: "user", count: 4},
+ {filter: "user ", count: 1},
+ {filter: " user", count: 2},
+ {filter: "http", count: 10},
+ {filter: "https", count: 1},
+ {filter: "secret", count: 0, count2: 2},
+ {filter: "secret!", count: 0},
+ ];
+
+ let toggleCalls = 0;
+ function toggleShowPasswords(func) {
+ let toggleButton = doc.getElementById("togglePasswords");
+ let showMode = (toggleCalls++ % 2) == 0;
+
+ // only watch for a confirmation dialog every other time being called
+ if (showMode) {
+ Services.ww.registerNotification(function (aSubject, aTopic, aData) {
+ if (aTopic == "domwindowclosed")
+ Services.ww.unregisterNotification(arguments.callee);
+ else if (aTopic == "domwindowopened") {
+ let targetWin = aSubject.QueryInterface(Ci.nsIDOMEventTarget);
+ SimpleTest.waitForFocus(function() {
+ EventUtils.sendKey("RETURN", targetWin);
+ }, targetWin);
+ }
+ });
+ }
+
+ Services.obs.addObserver(function (aSubject, aTopic, aData) {
+ if (aTopic == "passwordmgr-password-toggle-complete") {
+ Services.obs.removeObserver(arguments.callee, aTopic);
+ func();
+ }
+ }, "passwordmgr-password-toggle-complete", false);
+
+ EventUtils.synthesizeMouse(toggleButton, 1, 1, {}, win);
+ }
+
+ function runTests(mode, endFunction) {
+ let testCounter = 0;
+
+ function setFilter(string) {
+ filter.value = string;
+ filter.doCommand();
+ }
+
+ function runOneTest(testCase) {
+ function tester() {
+ is(view.rowCount, expected, expected + " logins should match '" + testCase.filter + "'");
+ }
+
+ let expected;
+ switch (mode) {
+ case 1: // without showing passwords
+ expected = testCase.count;
+ break;
+ case 2: // showing passwords
+ expected = ("count2" in testCase) ? testCase.count2 : testCase.count;
+ break;
+ case 3: // toggle
+ expected = testCase.count;
+ tester();
+ toggleShowPasswords(function () {
+ expected = ("count2" in testCase) ? testCase.count2 : testCase.count;
+ tester();
+ toggleShowPasswords(proceed);
+ });
+ return;
+ }
+ tester();
+ proceed();
+ }
+
+ function proceed() {
+ // run the next test if necessary or proceed with the tests
+ if (testCounter != tests.length)
+ runNextTest();
+ else
+ endFunction();
+ }
+
+ function runNextTest() {
+ let testCase = tests[testCounter++];
+ setFilter(testCase.filter);
+ setTimeout(runOneTest, 0, testCase);
+ }
+
+ runNextTest();
+ }
+
+ function step1() {
+ runTests(1, step2);
+ }
+
+ function step2() {
+ toggleShowPasswords(function() {
+ runTests(2, step3);
+ });
+ }
+
+ function step3() {
+ toggleShowPasswords(function() {
+ runTests(3, lastStep);
+ });
+ }
+
+ function lastStep() {
+ // cleanup
+ Services.ww.registerNotification(function (aSubject, aTopic, aData) {
+ // unregister ourself
+ Services.ww.unregisterNotification(arguments.callee);
+
+ pwmgr.removeAllLogins();
+ finish();
+ });
+ pwmgrdlg.close();
+ }
+
+ step1();
+ }
+}
diff --git a/toolkit/components/passwordmgr/test/browser/browser_username_select_dialog.js b/toolkit/components/passwordmgr/test/browser/browser_username_select_dialog.js
new file mode 100644
index 000000000..8df89b510
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/browser_username_select_dialog.js
@@ -0,0 +1,144 @@
+/*
+ * Test username selection dialog, on password update from a p-only form,
+ * when there are multiple saved logins on the domain.
+ */
+
+// Copied from prompt_common.js. TODO: share the code.
+function getSelectDialogDoc() {
+ // Trudge through all the open windows, until we find the one
+ // that has selectDialog.xul loaded.
+ var wm = Cc["@mozilla.org/appshell/window-mediator;1"].
+ getService(Ci.nsIWindowMediator);
+ // var enumerator = wm.getEnumerator("navigator:browser");
+ var enumerator = wm.getXULWindowEnumerator(null);
+
+ while (enumerator.hasMoreElements()) {
+ var win = enumerator.getNext();
+ var windowDocShell = win.QueryInterface(Ci.nsIXULWindow).docShell;
+
+ var containedDocShells = windowDocShell.getDocShellEnumerator(
+ Ci.nsIDocShellTreeItem.typeChrome,
+ Ci.nsIDocShell.ENUMERATE_FORWARDS);
+ while (containedDocShells.hasMoreElements()) {
+ // Get the corresponding document for this docshell
+ var childDocShell = containedDocShells.getNext();
+ // We don't want it if it's not done loading.
+ if (childDocShell.busyFlags != Ci.nsIDocShell.BUSY_FLAGS_NONE)
+ continue;
+ var childDoc = childDocShell.QueryInterface(Ci.nsIDocShell)
+ .contentViewer
+ .DOMDocument;
+
+ if (childDoc.location.href == "chrome://global/content/selectDialog.xul")
+ return childDoc;
+ }
+ }
+
+ return null;
+}
+
+let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+let login1 = new nsLoginInfo("http://example.com", "http://example.com", null,
+ "notifyu1", "notifyp1", "user", "pass");
+let login1B = new nsLoginInfo("http://example.com", "http://example.com", null,
+ "notifyu1B", "notifyp1B", "user", "pass");
+
+add_task(function* test_changeUPLoginOnPUpdateForm_accept() {
+ info("Select an u+p login from multiple logins, on password update form, and accept.");
+ Services.logins.addLogin(login1);
+ Services.logins.addLogin(login1B);
+
+ yield testSubmittingLoginForm("subtst_notifications_change_p.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "pass2", "Checking submitted password");
+
+ yield ContentTaskUtils.waitForCondition(() => {
+ return getSelectDialogDoc();
+ }, "Wait for selection dialog to be accessible.");
+
+ let doc = getSelectDialogDoc();
+ let dialog = doc.getElementsByTagName("dialog")[0];
+ let listbox = doc.getElementById("list");
+
+ is(listbox.selectedIndex, 0, "Checking selected index");
+ is(listbox.itemCount, 2, "Checking selected length");
+ ['notifyu1', 'notifyu1B'].forEach((username, i) => {
+ is(listbox.getItemAtIndex(i).label, username, "Check username selection on dialog");
+ });
+
+ dialog.acceptDialog();
+
+ yield ContentTaskUtils.waitForCondition(() => {
+ return !getSelectDialogDoc();
+ }, "Wait for selection dialog to disappear.");
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 2, "Should have 2 logins");
+
+ let login = SpecialPowers.wrap(logins[0]).QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username unchanged");
+ is(login.password, "pass2", "Check the password changed");
+ is(login.timesUsed, 2, "Check times used");
+
+ login = SpecialPowers.wrap(logins[1]).QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1B", "Check the username unchanged");
+ is(login.password, "notifyp1B", "Check the password unchanged");
+ is(login.timesUsed, 1, "Check times used");
+
+ // cleanup
+ login1.password = "pass2";
+ Services.logins.removeLogin(login1);
+ login1.password = "notifyp1";
+
+ Services.logins.removeLogin(login1B);
+});
+
+add_task(function* test_changeUPLoginOnPUpdateForm_cancel() {
+ info("Select an u+p login from multiple logins, on password update form, and cancel.");
+ Services.logins.addLogin(login1);
+ Services.logins.addLogin(login1B);
+
+ yield testSubmittingLoginForm("subtst_notifications_change_p.html", function*(fieldValues) {
+ is(fieldValues.username, "null", "Checking submitted username");
+ is(fieldValues.password, "pass2", "Checking submitted password");
+
+ yield ContentTaskUtils.waitForCondition(() => {
+ return getSelectDialogDoc();
+ }, "Wait for selection dialog to be accessible.");
+
+ let doc = getSelectDialogDoc();
+ let dialog = doc.getElementsByTagName("dialog")[0];
+ let listbox = doc.getElementById("list");
+
+ is(listbox.selectedIndex, 0, "Checking selected index");
+ is(listbox.itemCount, 2, "Checking selected length");
+ ['notifyu1', 'notifyu1B'].forEach((username, i) => {
+ is(listbox.getItemAtIndex(i).label, username, "Check username selection on dialog");
+ });
+
+ dialog.cancelDialog();
+
+ yield ContentTaskUtils.waitForCondition(() => {
+ return !getSelectDialogDoc();
+ }, "Wait for selection dialog to disappear.");
+ });
+
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 2, "Should have 2 logins");
+
+ let login = SpecialPowers.wrap(logins[0]).QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1", "Check the username unchanged");
+ is(login.password, "notifyp1", "Check the password unchanged");
+ is(login.timesUsed, 1, "Check times used");
+
+ login = SpecialPowers.wrap(logins[1]).QueryInterface(Ci.nsILoginMetaInfo);
+ is(login.username, "notifyu1B", "Check the username unchanged");
+ is(login.password, "notifyp1B", "Check the password unchanged");
+ is(login.timesUsed, 1, "Check times used");
+
+ // cleanup
+ Services.logins.removeLogin(login1);
+ Services.logins.removeLogin(login1B);
+});
diff --git a/toolkit/components/passwordmgr/test/browser/form_autofocus_js.html b/toolkit/components/passwordmgr/test/browser/form_autofocus_js.html
new file mode 100644
index 000000000..76056e375
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/form_autofocus_js.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head>
+<body onload="document.getElementById('form-basic-username').focus();">
+<!-- Username field is focused by js onload -->
+<form id="form-basic">
+ <input id="form-basic-username" name="username">
+ <input id="form-basic-password" name="password" type="password">
+ <input id="form-basic-submit" type="submit">
+</form>
+
+</body></html>
diff --git a/toolkit/components/passwordmgr/test/browser/form_basic.html b/toolkit/components/passwordmgr/test/browser/form_basic.html
new file mode 100644
index 000000000..df2083a93
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/form_basic.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head><body>
+<!-- Any copyright is dedicated to the Public Domain.
+ - http://creativecommons.org/publicdomain/zero/1.0/ -->
+
+<!-- Simplest form with username and password fields. -->
+<form id="form-basic">
+ <input id="form-basic-username" name="username">
+ <input id="form-basic-password" name="password" type="password">
+ <input id="form-basic-submit" type="submit">
+</form>
+
+</body></html>
diff --git a/toolkit/components/passwordmgr/test/browser/form_basic_iframe.html b/toolkit/components/passwordmgr/test/browser/form_basic_iframe.html
new file mode 100644
index 000000000..616f56947
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/form_basic_iframe.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <meta charset="utf-8">
+</head>
+
+<body>
+ <!-- Form in an iframe -->
+ <iframe src="https://example.org/browser/toolkit/components/passwordmgr/test/browser/form_basic.html" id="test-iframe"></iframe>
+</body>
+
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/form_cross_origin_insecure_action.html b/toolkit/components/passwordmgr/test/browser/form_cross_origin_insecure_action.html
new file mode 100644
index 000000000..e8aa8b215
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/form_cross_origin_insecure_action.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head><body>
+<!-- Any copyright is dedicated to the Public Domain.
+ - http://creativecommons.org/publicdomain/zero/1.0/ -->
+
+<!-- Simplest form with username and password fields. -->
+<form id="form-basic" action="http://another.domain/custom_action.html">
+ <input id="form-basic-username" name="username">
+ <input id="form-basic-password" name="password" type="password">
+ <input id="form-basic-submit" type="submit">
+</form>
+
+</body></html>
diff --git a/toolkit/components/passwordmgr/test/browser/form_cross_origin_secure_action.html b/toolkit/components/passwordmgr/test/browser/form_cross_origin_secure_action.html
new file mode 100644
index 000000000..892a9f6f6
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/form_cross_origin_secure_action.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head><body>
+<!-- Any copyright is dedicated to the Public Domain.
+ - http://creativecommons.org/publicdomain/zero/1.0/ -->
+
+<!-- Simplest form with username and password fields. -->
+<form id="form-basic" action="https://another.domain/custom_action.html">
+ <input id="form-basic-username" name="username">
+ <input id="form-basic-password" name="password" type="password">
+ <input id="form-basic-submit" type="submit">
+</form>
+
+</body></html>
diff --git a/toolkit/components/passwordmgr/test/browser/form_same_origin_action.html b/toolkit/components/passwordmgr/test/browser/form_same_origin_action.html
new file mode 100644
index 000000000..8f0c9a14e
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/form_same_origin_action.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head><body>
+<!-- Any copyright is dedicated to the Public Domain.
+ - http://creativecommons.org/publicdomain/zero/1.0/ -->
+
+<!-- Simplest form with username and password fields. -->
+<form id="form-basic" action="./custom_action.html">
+ <input id="form-basic-username" name="username">
+ <input id="form-basic-password" name="password" type="password">
+ <input id="form-basic-submit" type="submit">
+</form>
+
+</body></html>
diff --git a/toolkit/components/passwordmgr/test/browser/formless_basic.html b/toolkit/components/passwordmgr/test/browser/formless_basic.html
new file mode 100644
index 000000000..2f4c5de52
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/formless_basic.html
@@ -0,0 +1,18 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head><body>
+
+<!-- Simplest form with username and password fields. -->
+ <input id="form-basic-username" name="username">
+ <input id="form-basic-password" name="password" type="password">
+ <input id="form-basic-submit" type="submit">
+
+ <button id="add">Add input[type=password]</button>
+
+ <script>
+ document.getElementById("add").addEventListener("click", function () {
+ var node = document.createElement("input");
+ node.setAttribute("type", "password");
+ document.querySelector("body").appendChild(node);
+ });
+ </script>
+
+</body></html>
diff --git a/toolkit/components/passwordmgr/test/browser/head.js b/toolkit/components/passwordmgr/test/browser/head.js
new file mode 100644
index 000000000..926cb6616
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/head.js
@@ -0,0 +1,137 @@
+const DIRECTORY_PATH = "/browser/toolkit/components/passwordmgr/test/browser/";
+
+Cu.import("resource://testing-common/LoginTestUtils.jsm", this);
+Cu.import("resource://testing-common/ContentTaskUtils.jsm", this);
+
+registerCleanupFunction(function* cleanup_removeAllLoginsAndResetRecipes() {
+ Services.logins.removeAllLogins();
+
+ let recipeParent = LoginTestUtils.recipes.getRecipeParent();
+ if (!recipeParent) {
+ // No need to reset the recipes if the recipe module wasn't even loaded.
+ return;
+ }
+ yield recipeParent.then(recipeParentResult => recipeParentResult.reset());
+});
+
+/**
+ * Loads a test page in `DIRECTORY_URL` which automatically submits to formsubmit.sjs and returns a
+ * promise resolving with the field values when the optional `aTaskFn` is done.
+ *
+ * @param {String} aPageFile - test page file name which auto-submits to formsubmit.sjs
+ * @param {Function} aTaskFn - task which can be run before the tab closes.
+ * @param {String} [aOrigin="http://example.com"] - origin of the server to use
+ * to load `aPageFile`.
+ */
+function testSubmittingLoginForm(aPageFile, aTaskFn, aOrigin = "http://example.com") {
+ return BrowserTestUtils.withNewTab({
+ gBrowser,
+ url: aOrigin + DIRECTORY_PATH + aPageFile,
+ }, function*(browser) {
+ ok(true, "loaded " + aPageFile);
+ let fieldValues = yield ContentTask.spawn(browser, undefined, function*() {
+ yield ContentTaskUtils.waitForCondition(() => {
+ return content.location.pathname.endsWith("/formsubmit.sjs") &&
+ content.document.readyState == "complete";
+ }, "Wait for form submission load (formsubmit.sjs)");
+ let username = content.document.getElementById("user").textContent;
+ let password = content.document.getElementById("pass").textContent;
+ return {
+ username,
+ password,
+ };
+ });
+ ok(true, "form submission loaded");
+ if (aTaskFn) {
+ yield* aTaskFn(fieldValues);
+ }
+ return fieldValues;
+ });
+}
+
+function checkOnlyLoginWasUsedTwice({ justChanged }) {
+ // Check to make sure we updated the timestamps and use count on the
+ // existing login that was submitted for the test.
+ let logins = Services.logins.getAllLogins();
+ is(logins.length, 1, "Should only have 1 login");
+ ok(logins[0] instanceof Ci.nsILoginMetaInfo, "metainfo QI");
+ is(logins[0].timesUsed, 2, "check .timesUsed for existing login submission");
+ ok(logins[0].timeCreated < logins[0].timeLastUsed, "timeLastUsed bumped");
+ if (justChanged) {
+ is(logins[0].timeLastUsed, logins[0].timePasswordChanged, "timeLastUsed == timePasswordChanged");
+ } else {
+ is(logins[0].timeCreated, logins[0].timePasswordChanged, "timeChanged not updated");
+ }
+}
+
+// Begin popup notification (doorhanger) functions //
+
+const REMEMBER_BUTTON = 0;
+const NEVER_BUTTON = 1;
+
+const CHANGE_BUTTON = 0;
+const DONT_CHANGE_BUTTON = 1;
+
+/**
+ * Checks if we have a password capture popup notification
+ * of the right type and with the right label.
+ *
+ * @param {String} aKind The desired `passwordNotificationType`
+ * @param {Object} [popupNotifications = PopupNotifications]
+ * @return the found password popup notification.
+ */
+function getCaptureDoorhanger(aKind, popupNotifications = PopupNotifications) {
+ ok(true, "Looking for " + aKind + " popup notification");
+ let notification = popupNotifications.getNotification("password");
+ if (notification) {
+ is(notification.options.passwordNotificationType, aKind, "Notification type matches.");
+ if (aKind == "password-change") {
+ is(notification.mainAction.label, "Update", "Main action label matches update doorhanger.");
+ } else if (aKind == "password-save") {
+ is(notification.mainAction.label, "Remember", "Main action label matches save doorhanger.");
+ }
+ }
+ return notification;
+}
+
+/**
+ * Clicks the specified popup notification button.
+ *
+ * @param {Element} aPopup Popup Notification element
+ * @param {Number} aButtonIndex Number indicating which button to click.
+ * See the constants in this file.
+ */
+function clickDoorhangerButton(aPopup, aButtonIndex) {
+ ok(true, "Looking for action at index " + aButtonIndex);
+
+ let notifications = aPopup.owner.panel.childNodes;
+ ok(notifications.length > 0, "at least one notification displayed");
+ ok(true, notifications.length + " notification(s)");
+ let notification = notifications[0];
+
+ if (aButtonIndex == 0) {
+ ok(true, "Triggering main action");
+ notification.button.doCommand();
+ } else if (aButtonIndex <= aPopup.secondaryActions.length) {
+ ok(true, "Triggering secondary action " + aButtonIndex);
+ notification.childNodes[aButtonIndex].doCommand();
+ }
+}
+
+/**
+ * Checks the doorhanger's username and password.
+ *
+ * @param {String} username The username.
+ * @param {String} password The password.
+ */
+function* checkDoorhangerUsernamePassword(username, password) {
+ yield BrowserTestUtils.waitForCondition(() => {
+ return document.getElementById("password-notification-username").value == username;
+ }, "Wait for nsLoginManagerPrompter writeDataToUI()");
+ is(document.getElementById("password-notification-username").value, username,
+ "Check doorhanger username");
+ is(document.getElementById("password-notification-password").value, password,
+ "Check doorhanger password");
+}
+
+// End popup notification (doorhanger) functions //
diff --git a/toolkit/components/passwordmgr/test/browser/insecure_test.html b/toolkit/components/passwordmgr/test/browser/insecure_test.html
new file mode 100644
index 000000000..fedea1428
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/insecure_test.html
@@ -0,0 +1,9 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head><body>
+<!-- Any copyright is dedicated to the Public Domain.
+ - http://creativecommons.org/publicdomain/zero/1.0/ -->
+
+<!-- This frame is initially loaded over HTTP. -->
+<iframe id="test-iframe"
+ src="http://example.org/browser/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html"/>
+
+</body></html>
diff --git a/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html b/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html
new file mode 100644
index 000000000..3f01e36a6
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head><body>
+<!-- Any copyright is dedicated to the Public Domain.
+ - http://creativecommons.org/publicdomain/zero/1.0/ -->
+
+<form>
+ <input name="password" type="password">
+</form>
+
+<!-- Link to reload this page over HTTPS. -->
+<a id="test-link"
+ href="https://example.org/browser/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html">HTTPS</a>
+
+</body></html>
diff --git a/toolkit/components/passwordmgr/test/browser/multiple_forms.html b/toolkit/components/passwordmgr/test/browser/multiple_forms.html
new file mode 100644
index 000000000..3f64f8993
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/multiple_forms.html
@@ -0,0 +1,129 @@
+<!DOCTYPE html><html><head><meta charset="utf-8"></head><body>
+<!-- Any copyright is dedicated to the Public Domain.
+ - http://creativecommons.org/publicdomain/zero/1.0/ -->
+
+
+<form class="test-form"
+ description="Password only form">
+ <input id='test-password-1' type='password' name='pname' value=''>
+ <input type='submit'>Submit</input>
+</form>
+
+
+<form class="test-form"
+ description="Username only form">
+ <input id='test-username-1' type='text' name='uname' value=''>
+ <input type='submit'>Submit</input>
+</form>
+
+
+<form class="test-form"
+ description="Simple username and password blank form">
+ <input id='test-username-2' type='text' name='uname' value=''>
+ <input id='test-password-2' type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="Simple username and password form, prefilled username">
+ <input id='test-username-3' type='text' name='uname' value='testuser'>
+ <input id='test-password-3' type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="Simple username and password form, prefilled username and password">
+ <input id='test-username-4' type='text' name='uname' value='testuser'>
+ <input id='test-password-4' type='password' name='pname' value='testpass'>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="One username and two passwords empty form">
+ <input id='test-username-5' type='text' name='uname'>
+ <input id='test-password-5' type='password' name='pname'>
+ <input id='test-password2-5' type='password' name='pname2'>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="One username and two passwords form, fields prefiled">
+ <input id='test-username-6' type='text' name='uname' value="testuser">
+ <input id='test-password-6' type='password' name='pname' value="testpass">
+ <input id='test-password2-6' type='password' name='pname2' value="testpass">
+ <button type='submit'>Submit</button>
+</form>
+
+
+<div class="test-form"
+ description="Username and password fields with no form">
+ <input id='test-username-7' type='text' name='uname' value="testuser">
+ <input id='test-password-7' type='password' name='pname' value="testpass">
+</div>
+
+
+<form class="test-form"
+ description="Simple username and password blank form, with disabled password">
+ <input id='test-username-8' type='text' name='uname' value=''>
+ <input id='test-password-8' type='password' name='pname' value='' disabled>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="Simple username and password blank form, with disabled username">
+ <input id='test-username-9' type='text' name='uname' value='' disabled>
+ <input id='test-password-9' type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="Simple username and password blank form, with readonly password">
+ <input id='test-username-10' type='text' name='uname' value=''>
+ <input id='test-password-10' type='password' name='pname' value='' readonly>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="Simple username and password blank form, with readonly username">
+ <input id='test-username-11' type='text' name='uname' value='' readonly>
+ <input id='test-password-11' type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="Two username and one passwords form, fields prefiled">
+ <input id='test-username-12' type='text' name='uname' value="testuser">
+ <input id='test-username2-12' type='text' name='uname2' value="testuser">
+ <input id='test-password-12' type='password' name='pname' value="testpass">
+ <button type='submit'>Submit</button>
+</form>
+
+
+<form class="test-form"
+ description="Two username and one passwords form, one disabled username field">
+ <input id='test-username-13' type='text' name='uname'>
+ <input id='test-username2-13' type='text' name='uname2' disabled>
+ <input id='test-password-13' type='password' name='pname'>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<div class="test-form"
+ description="Second username and password fields with no form">
+ <input id='test-username-14' type='text' name='uname'>
+ <input id='test-password-14' type='password' name='pname' expectedFail>
+</div>
+
+<!-- Form in an iframe -->
+<iframe src="https://example.org/browser/toolkit/components/passwordmgr/test/browser/form_basic.html" id="test-iframe"></iframe>
+
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/streamConverter_content.sjs b/toolkit/components/passwordmgr/test/browser/streamConverter_content.sjs
new file mode 100644
index 000000000..84c75437e
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/streamConverter_content.sjs
@@ -0,0 +1,6 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+function handleRequest(request, response) {
+ response.setHeader("Content-Type", "test/content", false);
+}
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_1.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_1.html
new file mode 100644
index 000000000..b96faf2ee
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_1.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications - Basic 1un 1pw</title>
+</head>
+<body>
+<h2>Subtest 1</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "notifyu1";
+ passField.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_10.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_10.html
new file mode 100644
index 000000000..2dc96b4fd
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_10.html
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications</title>
+</head>
+<body>
+<h2>Subtest 10</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ passField.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_11.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_11.html
new file mode 100644
index 000000000..cf3df5275
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_11.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications - Popup Windows</title>
+</head>
+<body>
+<h2>Subtest 11 (popup windows)</h2>
+<script>
+
+// Ignore the '?' and split on |
+[username, password, features, autoClose] = window.location.search.substring(1).split('|');
+
+var url = "subtst_notifications_11_popup.html?" + username + "|" + password;
+var popupWin = window.open(url, "subtst_11", features);
+
+// Popup window will call this function on form submission.
+function formSubmitted() {
+ if (autoClose)
+ popupWin.close();
+}
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_11_popup.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_11_popup.html
new file mode 100644
index 000000000..2e8e4135c
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_11_popup.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications</title>
+</head>
+<body>
+<h2>Subtest 11</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ // Get the password from the query string (exclude '?').
+ [username, password] = window.location.search.substring(1).split('|');
+ userField.value = username;
+ passField.value = password;
+ form.submit();
+ window.opener.formSubmitted();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_2.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2.html
new file mode 100644
index 000000000..72651d6c1
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications - autocomplete=off on the username field</title>
+</head>
+<body>
+<h2>Subtest 2</h2>
+(username autocomplete=off)
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user" autocomplete="off">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "notifyu1";
+ passField.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_0un.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_0un.html
new file mode 100644
index 000000000..7ddbf0851
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_0un.html
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications with 2 password fields and no username</title>
+</head>
+<body>
+<h2>Subtest 24</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="pass1" name="pass1" type="password" value="staticpw">
+ <input id="pass" name="pass" type="password">
+ <button type="submit">Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ pass.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var pass = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_1un_1text.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_1un_1text.html
new file mode 100644
index 000000000..893f18724
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_1un_1text.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications with 2 password fields and 1 username field and one other text field before the first password field</title>
+</head>
+<body>
+<h2>1 username field followed by a text field followed by 2 username fields</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user" value="staticpw">
+ <input id="city" name="city" value="city">
+ <input id="pass" name="pass" type="password">
+ <input id="pin" name="pin" type="password" value="static-pin">
+ <button type="submit">Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "notifyu1";
+ passField.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_3.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_3.html
new file mode 100644
index 000000000..291e735d0
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_3.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications - autocomplete=off on the password field</title>
+</head>
+<body>
+<h2>Subtest 3</h2>
+(password autocomplete=off)
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user">
+ <input id="pass" name="pass" type="password" autocomplete="off">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "notifyu1";
+ passField.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_4.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_4.html
new file mode 100644
index 000000000..63df3a42d
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_4.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8" >
+ <title>Subtest for Login Manager notifications</title>
+</head>
+<body>
+<h2>Subtest 4</h2>
+(form autocomplete=off)
+<form id="form" action="formsubmit.sjs" autocomplete="off">
+ <input id="user" name="user">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "notifyu1";
+ passField.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_5.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_5.html
new file mode 100644
index 000000000..72a3df95f
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_5.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications - Form with only a username field</title>
+</head>
+<body>
+<h2>Subtest 5</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "notifyu1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_6.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_6.html
new file mode 100644
index 000000000..47e23e972
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_6.html
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications</title>
+</head>
+<body>
+<h2>Subtest 6</h2>
+(password-only form)
+<form id="form" action="formsubmit.sjs">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ passField.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_8.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_8.html
new file mode 100644
index 000000000..abeea4262
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_8.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications</title>
+</head>
+<body>
+<h2>Subtest 8</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "notifyu1";
+ passField.value = "pass2";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_9.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_9.html
new file mode 100644
index 000000000..c6f741068
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_9.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications</title>
+</head>
+<body>
+<h2>Subtest 9</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "";
+ passField.value = "pass2";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_change_p.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_change_p.html
new file mode 100644
index 000000000..d74f3bcdf
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_change_p.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications</title>
+</head>
+<body>
+<h2>Change password</h2>
+<form id="form" action="formsubmit.sjs">
+ <input id="pass_current" name="pass_current" type="password" value="notifyp1">
+ <input id="pass" name="pass" type="password">
+ <input id="pass_confirm" name="pass_confirm" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ passField.value = "pass2";
+ passConfirmField.value = "pass2";
+
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+var passConfirmField = document.getElementById("pass_confirm");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/chrome/chrome.ini b/toolkit/components/passwordmgr/test/chrome/chrome.ini
new file mode 100644
index 000000000..093b87b7d
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome/chrome.ini
@@ -0,0 +1,13 @@
+[DEFAULT]
+skip-if = os == 'android'
+
+[test_privbrowsing_perwindowpb.html]
+skip-if = true # Bug 1173337
+support-files =
+ ../formsubmit.sjs
+ notification_common.js
+ privbrowsing_perwindowpb_iframe.html
+ subtst_privbrowsing_1.html
+ subtst_privbrowsing_2.html
+ subtst_privbrowsing_3.html
+ subtst_privbrowsing_4.html
diff --git a/toolkit/components/passwordmgr/test/chrome/notification_common.js b/toolkit/components/passwordmgr/test/chrome/notification_common.js
new file mode 100644
index 000000000..e8a52929d
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome/notification_common.js
@@ -0,0 +1,111 @@
+/*
+ * Initialization: for each test, remove any prior notifications.
+ */
+function cleanUpPopupNotifications() {
+ var container = getPopupNotifications(window.top);
+ var notes = container._currentNotifications;
+ info(true, "Removing " + notes.length + " popup notifications.");
+ for (var i = notes.length - 1; i >= 0; i--) {
+ notes[i].remove();
+ }
+}
+cleanUpPopupNotifications();
+
+/*
+ * getPopupNotifications
+ *
+ * Fetches the popup notification for the specified window.
+ */
+function getPopupNotifications(aWindow) {
+ var Ci = SpecialPowers.Ci;
+ var Cc = SpecialPowers.Cc;
+ ok(Ci != null, "Access Ci");
+ ok(Cc != null, "Access Cc");
+
+ var chromeWin = SpecialPowers.wrap(aWindow)
+ .QueryInterface(Ci.nsIInterfaceRequestor)
+ .getInterface(Ci.nsIWebNavigation)
+ .QueryInterface(Ci.nsIDocShell)
+ .chromeEventHandler.ownerDocument.defaultView;
+
+ var popupNotifications = chromeWin.PopupNotifications;
+ return popupNotifications;
+}
+
+
+/**
+ * Checks if we have a password popup notification
+ * of the right type and with the right label.
+ *
+ * @deprecated Write a browser-chrome test instead and use the fork of this method there.
+ * @returns the found password popup notification.
+ */
+function getPopup(aPopupNote, aKind) {
+ ok(true, "Looking for " + aKind + " popup notification");
+ var notification = aPopupNote.getNotification("password");
+ if (notification) {
+ is(notification.options.passwordNotificationType, aKind, "Notification type matches.");
+ if (aKind == "password-change") {
+ is(notification.mainAction.label, "Update", "Main action label matches update doorhanger.");
+ } else if (aKind == "password-save") {
+ is(notification.mainAction.label, "Remember", "Main action label matches save doorhanger.");
+ }
+ }
+ return notification;
+}
+
+
+/**
+ * @deprecated - Use a browser chrome test instead.
+ *
+ * Clicks the specified popup notification button.
+ */
+function clickPopupButton(aPopup, aButtonIndex) {
+ ok(true, "Looking for action at index " + aButtonIndex);
+
+ var notifications = SpecialPowers.wrap(aPopup.owner).panel.childNodes;
+ ok(notifications.length > 0, "at least one notification displayed");
+ ok(true, notifications.length + " notifications");
+ var notification = notifications[0];
+
+ if (aButtonIndex == 0) {
+ ok(true, "Triggering main action");
+ notification.button.doCommand();
+ } else if (aButtonIndex <= aPopup.secondaryActions.length) {
+ var index = aButtonIndex;
+ ok(true, "Triggering secondary action " + index);
+ notification.childNodes[index].doCommand();
+ }
+}
+
+const kRememberButton = 0;
+const kNeverButton = 1;
+
+const kChangeButton = 0;
+const kDontChangeButton = 1;
+
+function dumpNotifications() {
+ try {
+ // PopupNotifications
+ var container = getPopupNotifications(window.top);
+ ok(true, "is popup panel open? " + container.isPanelOpen);
+ var notes = container._currentNotifications;
+ ok(true, "Found " + notes.length + " popup notifications.");
+ for (let i = 0; i < notes.length; i++) {
+ ok(true, "#" + i + ": " + notes[i].id);
+ }
+
+ // Notification bars
+ var chromeWin = SpecialPowers.wrap(window.top)
+ .QueryInterface(Ci.nsIInterfaceRequestor)
+ .getInterface(Ci.nsIWebNavigation)
+ .QueryInterface(Ci.nsIDocShell)
+ .chromeEventHandler.ownerDocument.defaultView;
+ var nb = chromeWin.getNotificationBox(window.top);
+ notes = nb.allNotifications;
+ ok(true, "Found " + notes.length + " notification bars.");
+ for (let i = 0; i < notes.length; i++) {
+ ok(true, "#" + i + ": " + notes[i].getAttribute("value"));
+ }
+ } catch (e) { todo(false, "WOAH! " + e); }
+}
diff --git a/toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html b/toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html
new file mode 100644
index 000000000..2efdab265
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html
@@ -0,0 +1,9 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+</head>
+<body>
+<iframe id="iframe"></iframe>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_1.html b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_1.html
new file mode 100644
index 000000000..8c7202dd0
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_1.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications (private browsing)</title>
+</head>
+<body>
+<h2>Subtest 1</h2>
+<!--
+ Make sure that the password-save notification appears outside of
+ the private mode, but not inside it.
+-->
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user" type="text">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ userField.value = "notifyu1";
+ passField.value = "notifyp1";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+var passField = document.getElementById("pass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_2.html b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_2.html
new file mode 100644
index 000000000..bf3b85159
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_2.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications (private browsing)</title>
+</head>
+<body>
+<h2>Subtest 2</h2>
+<!--
+ Make sure that the password-change notification appears outside of
+ the private mode, but not inside it.
+-->
+<form id="form" action="formsubmit.sjs">
+ <input id="pass" name="pass" type="password">
+ <input id="newpass" name="newpass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ passField.value = "notifyp1";
+ passField2.value = "notifyp2";
+ form.submit();
+}
+
+window.onload = submitForm;
+var form = document.getElementById("form");
+var passField = document.getElementById("pass");
+var passField2 = document.getElementById("newpass");
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_3.html b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_3.html
new file mode 100644
index 000000000..e88a302e0
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_3.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications (private browsing)</title>
+</head>
+<body>
+<h2>Subtest 3</h2>
+<!--
+ Make sure that the user/pass fields are auto-filled outside of
+ the private mode, but not inside it.
+-->
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user" type="text">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function submitForm() {
+ form.submit();
+}
+
+var form = document.getElementById("form");
+window.addEventListener('message', () => { submitForm(); });
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_4.html b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_4.html
new file mode 100644
index 000000000..184142743
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_4.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Subtest for Login Manager notifications (private browsing)</title>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+</head>
+<body>
+<h2>Subtest 4</h2>
+<!--
+ Make sure that the user/pass fields have manual filling enabled
+ in private mode.
+-->
+<form id="form" action="formsubmit.sjs">
+ <input id="user" name="user" type="text">
+ <input id="pass" name="pass" type="password">
+ <button type='submit'>Submit</button>
+</form>
+
+<script>
+function startAutocomplete() {
+ userField.focus();
+ doKey("down");
+ setTimeout(submitForm, 100);
+}
+
+function submitForm() {
+ doKey("down");
+ doKey("return");
+ setTimeout(function() { form.submit(); }, 100);
+}
+
+var form = document.getElementById("form");
+var userField = document.getElementById("user");
+
+window.addEventListener('message', () => { startAutocomplete(); });
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/chrome/test_privbrowsing_perwindowpb.html b/toolkit/components/passwordmgr/test/chrome/test_privbrowsing_perwindowpb.html
new file mode 100644
index 000000000..6b7d4abb3
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome/test_privbrowsing_perwindowpb.html
@@ -0,0 +1,322 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=248970
+-->
+<head>
+ <meta charset="utf-8">
+ <title>Test for Private Browsing</title>
+ <script type="application/javascript"
+ src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="notification_common.js"></script>
+ <link rel="stylesheet" type="text/css"
+ href="chrome://mochikit/content/tests/SimpleTest/test.css">
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=248970">Mozilla Bug 248970</a>
+<p id="display"></p>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Bug 248970 **/
+// based on test_notifications.html
+
+const Ci = SpecialPowers.Ci;
+const Cc = SpecialPowers.Cc;
+const Cr = SpecialPowers.Cr;
+
+Components.utils.import("resource://gre/modules/Services.jsm");
+
+var testpath = "/chrome/toolkit/components/passwordmgr/test/chrome/";
+var prefix = "http://test2.example.com" + testpath;
+var subtests = [
+ "subtst_privbrowsing_1.html", // 1
+ "subtst_privbrowsing_1.html", // 2
+ "subtst_privbrowsing_1.html", // 3
+ "subtst_privbrowsing_2.html", // 4
+ "subtst_privbrowsing_2.html", // 5
+ "subtst_privbrowsing_2.html", // 6
+ "subtst_privbrowsing_3.html", // 7
+ "subtst_privbrowsing_3.html", // 8
+ "subtst_privbrowsing_4.html", // 9
+ "subtst_privbrowsing_3.html" // 10
+ ];
+var observer;
+
+var testNum = 0;
+function loadNextTest() {
+ // run the initialization code for each test
+ switch (++ testNum) {
+ case 1:
+ popupNotifications = normalWindowPopupNotifications;
+ iframe = normalWindowIframe;
+ break;
+
+ case 2:
+ popupNotifications = privateWindowPopupNotifications;
+ iframe = privateWindowIframe;
+ break;
+
+ case 3:
+ popupNotifications = normalWindowPopupNotifications;
+ iframe = normalWindowIframe;
+ break;
+
+ case 4:
+ pwmgr.addLogin(login);
+ break;
+
+ case 5:
+ popupNotifications = privateWindowPopupNotifications;
+ iframe = privateWindowIframe;
+ break;
+
+ case 6:
+ popupNotifications = normalWindowPopupNotifications;
+ iframe = normalWindowIframe;
+ break;
+
+ case 7:
+ pwmgr.addLogin(login);
+ break;
+
+ case 8:
+ popupNotifications = privateWindowPopupNotifications;
+ iframe = privateWindowIframe;
+ break;
+
+ case 9:
+ break;
+
+ case 10:
+ popupNotifications = normalWindowPopupNotifications;
+ iframe = normalWindowIframe;
+ break;
+
+ default:
+ ok(false, "Unexpected call to loadNextTest for test #" + testNum);
+ }
+
+ if (testNum === 7) {
+ observer = SpecialPowers.wrapCallback(function(subject, topic, data) {
+ SimpleTest.executeSoon(() => { iframe.contentWindow.postMessage("go", "*"); });
+ });
+ SpecialPowers.addObserver(observer, "passwordmgr-processed-form", false);
+ }
+
+ ok(true, "Starting test #" + testNum);
+ iframe.src = prefix + subtests[testNum - 1];
+}
+
+function checkTest() {
+ var popup;
+ var gotUser;
+ var gotPass;
+
+ switch (testNum) {
+ case 1:
+ // run outside of private mode, popup notification should appear
+ popup = getPopup(popupNotifications, "password-save");
+ ok(popup, "got popup notification");
+ popup.remove();
+ break;
+
+ case 2:
+ // run inside of private mode, popup notification should not appear
+ popup = getPopup(popupNotifications, "password-save");
+ ok(!popup, "checking for no popup notification");
+ break;
+
+ case 3:
+ // run outside of private mode, popup notification should appear
+ popup = getPopup(popupNotifications, "password-save");
+ ok(popup, "got popup notification");
+ popup.remove();
+ break;
+
+ case 4:
+ // run outside of private mode, popup notification should appear
+ popup = getPopup(popupNotifications, "password-change");
+ ok(popup, "got popup notification");
+ popup.remove();
+ break;
+
+ case 5:
+ // run inside of private mode, popup notification should not appear
+ popup = getPopup(popupNotifications, "password-change");
+ ok(!popup, "checking for no popup notification");
+ break;
+
+ case 6:
+ // run outside of private mode, popup notification should appear
+ popup = getPopup(popupNotifications, "password-change");
+ ok(popup, "got popup notification");
+ popup.remove();
+ pwmgr.removeLogin(login);
+ break;
+
+ case 7:
+ // verify that the user/pass pair was autofilled
+ gotUser = iframe.contentDocument.getElementById("user").textContent;
+ gotPass = iframe.contentDocument.getElementById("pass").textContent;
+ is(gotUser, "notifyu1", "Checking submitted username");
+ is(gotPass, "notifyp1", "Checking submitted password");
+ break;
+
+ case 8:
+ // verify that the user/pass pair was not autofilled
+ gotUser = iframe.contentDocument.getElementById("user").textContent;
+ gotPass = iframe.contentDocument.getElementById("pass").textContent;
+ is(gotUser, "", "Checking submitted username");
+ is(gotPass, "", "Checking submitted password");
+ break;
+
+ case 9:
+ // verify that the user/pass pair was available for autocomplete
+ gotUser = iframe.contentDocument.getElementById("user").textContent;
+ gotPass = iframe.contentDocument.getElementById("pass").textContent;
+ is(gotUser, "notifyu1", "Checking submitted username");
+ is(gotPass, "notifyp1", "Checking submitted password");
+ break;
+
+ case 10:
+ // verify that the user/pass pair was autofilled
+ gotUser = iframe.contentDocument.getElementById("user").textContent;
+ gotPass = iframe.contentDocument.getElementById("pass").textContent;
+ is(gotUser, "notifyu1", "Checking submitted username");
+ is(gotPass, "notifyp1", "Checking submitted password");
+ pwmgr.removeLogin(login);
+ break;
+
+ default:
+ ok(false, "Unexpected call to checkTest for test #" + testNum);
+
+ }
+}
+
+var mainWindow = window.QueryInterface(Ci.nsIInterfaceRequestor)
+ .getInterface(Ci.nsIWebNavigation)
+ .QueryInterface(Ci.nsIDocShellTreeItem)
+ .rootTreeItem
+ .QueryInterface(Ci.nsIInterfaceRequestor)
+ .getInterface(Ci.nsIDOMWindow);
+var contentPage = "http://mochi.test:8888/chrome/toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html";
+var testWindows = [];
+
+function whenDelayedStartupFinished(aWindow, aCallback) {
+ Services.obs.addObserver(function obs(aSubject, aTopic) {
+ if (aWindow == aSubject) {
+ Services.obs.removeObserver(obs, aTopic);
+ setTimeout(aCallback, 0);
+ }
+ }, "browser-delayed-startup-finished", false);
+}
+
+function testOnWindow(aIsPrivate, aCallback) {
+ var win = mainWindow.OpenBrowserWindow({private: aIsPrivate});
+ win.addEventListener("load", function onLoad() {
+ win.removeEventListener("load", onLoad, false);
+ whenDelayedStartupFinished(win, function() {
+ win.addEventListener("DOMContentLoaded", function onInnerLoad() {
+ if (win.content.location.href != contentPage) {
+ win.gBrowser.loadURI(contentPage);
+ return;
+ }
+ win.removeEventListener("DOMContentLoaded", onInnerLoad, true);
+
+ win.content.addEventListener('load', function innerLoad2() {
+ win.content.removeEventListener('load', innerLoad2, false);
+ testWindows.push(win);
+ SimpleTest.executeSoon(function() { aCallback(win); });
+ }, false, true);
+ }, true);
+ SimpleTest.executeSoon(function() { win.gBrowser.loadURI(contentPage); });
+ });
+ }, true);
+}
+
+var ignoreLoad = false;
+function handleLoad(aEvent) {
+ // ignore every other load event ... We get one for loading the subtest (which
+ // we want to ignore), and another when the subtest's form submits itself
+ // (which we want to handle, to start the next test).
+ ignoreLoad = !ignoreLoad;
+ if (ignoreLoad) {
+ ok(true, "Ignoring load of subtest #" + testNum);
+ return;
+ }
+ ok(true, "Processing submission of subtest #" + testNum);
+
+ checkTest();
+
+ if (testNum < subtests.length) {
+ loadNextTest();
+ } else {
+ ok(true, "private browsing notification tests finished.");
+
+ testWindows.forEach(function(aWin) {
+ aWin.close();
+ });
+
+ SpecialPowers.removeObserver(observer, "passwordmgr-processed-form");
+ SimpleTest.finish();
+ }
+}
+
+var pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+ok(pwmgr != null, "Access pwmgr");
+
+// We need to make sure no logins have been stored by previous tests
+// for forms in |url|, otherwise the change password notification
+// would turn into a prompt, and the test will fail.
+var url = "http://test2.example.com";
+is(pwmgr.countLogins(url, "", null), 0, "No logins should be stored for " + url);
+
+var nsLoginInfo = new SpecialPowers.wrap(SpecialPowers.Components).Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+var login = new nsLoginInfo(url, url, null, "notifyu1", "notifyp1", "user", "pass");
+
+var normalWindow;
+var privateWindow;
+
+var iframe;
+var normalWindowIframe;
+var privateWindowIframe;
+
+var popupNotifications;
+var normalWindowPopupNotifications;
+var privateWindowPopupNotifications;
+
+testOnWindow(false, function(aWin) {
+ var selectedBrowser = aWin.gBrowser.selectedBrowser;
+ normalWindowIframe = selectedBrowser.contentDocument.getElementById("iframe");
+ normalWindowIframe.onload = handleLoad;
+ selectedBrowser.focus();
+
+ normalWindowPopupNotifications = getPopupNotifications(selectedBrowser.contentWindow.top);
+ ok(normalWindowPopupNotifications, "Got popupNotifications in normal window");
+ // ignore the first load for this window;
+ ignoreLoad = false;
+
+ testOnWindow(true, function(aPrivateWin) {
+ selectedBrowser = aPrivateWin.gBrowser.selectedBrowser;
+ privateWindowIframe = selectedBrowser.contentDocument.getElementById("iframe");
+ privateWindowIframe.onload = handleLoad;
+ selectedBrowser.focus();
+
+ privateWindowPopupNotifications = getPopupNotifications(selectedBrowser.contentWindow.top);
+ ok(privateWindowPopupNotifications, "Got popupNotifications in private window");
+ // ignore the first load for this window;
+ ignoreLoad = false;
+
+ SimpleTest.executeSoon(loadNextTest);
+ });
+});
+
+SimpleTest.waitForExplicitFinish();
+</script>
+</pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/chrome_timeout.js b/toolkit/components/passwordmgr/test/chrome_timeout.js
new file mode 100644
index 000000000..9049d0bea
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/chrome_timeout.js
@@ -0,0 +1,11 @@
+const Cc = Components.classes;
+const Ci = Components.interfaces;
+
+addMessageListener('setTimeout', msg => {
+ let timer = Cc['@mozilla.org/timer;1'].createInstance(Ci.nsITimer);
+ timer.init(_ => {
+ sendAsyncMessage('timeout');
+ }, msg.delay, Ci.nsITimer.TYPE_ONE_SHOT);
+});
+
+sendAsyncMessage('ready');
diff --git a/toolkit/components/passwordmgr/test/formsubmit.sjs b/toolkit/components/passwordmgr/test/formsubmit.sjs
new file mode 100644
index 000000000..4b4a387f7
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/formsubmit.sjs
@@ -0,0 +1,37 @@
+function handleRequest(request, response)
+{
+ try {
+ reallyHandleRequest(request, response);
+ } catch (e) {
+ response.setStatusLine("1.0", 200, "AlmostOK");
+ response.write("Error handling request: " + e);
+ }
+}
+
+
+function reallyHandleRequest(request, response) {
+ var match;
+ var requestAuth = true;
+
+ // XXX I bet this doesn't work for POST requests.
+ var query = request.queryString;
+
+ var user = null, pass = null;
+ // user=xxx
+ match = /user=([^&]*)/.exec(query);
+ if (match)
+ user = match[1];
+
+ // pass=xxx
+ match = /pass=([^&]*)/.exec(query);
+ if (match)
+ pass = match[1];
+
+ response.setStatusLine("1.0", 200, "OK");
+
+ response.setHeader("Content-Type", "application/xhtml+xml", false);
+ response.write("<html xmlns='http://www.w3.org/1999/xhtml'>");
+ response.write("<p>User: <span id='user'>" + user + "</span></p>\n");
+ response.write("<p>Pass: <span id='pass'>" + pass + "</span></p>\n");
+ response.write("</html>");
+}
diff --git a/toolkit/components/passwordmgr/test/mochitest.ini b/toolkit/components/passwordmgr/test/mochitest.ini
new file mode 100644
index 000000000..640f5c256
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest.ini
@@ -0,0 +1,20 @@
+[DEFAULT]
+skip-if = e10s
+support-files =
+ authenticate.sjs
+ blank.html
+ formsubmit.sjs
+ prompt_common.js
+ pwmgr_common.js
+ subtst_master_pass.html
+ subtst_prompt_async.html
+ chrome_timeout.js
+
+[test_master_password.html]
+skip-if = toolkit == 'android' # Tests desktop prompts
+[test_prompt_async.html]
+skip-if = toolkit == 'android' # Tests desktop prompts
+[test_xhr.html]
+skip-if = toolkit == 'android' # Tests desktop prompts
+[test_xml_load.html]
+skip-if = toolkit == 'android' # Tests desktop prompts
diff --git a/toolkit/components/passwordmgr/test/mochitest/auth2/authenticate.sjs b/toolkit/components/passwordmgr/test/mochitest/auth2/authenticate.sjs
new file mode 100644
index 000000000..d2f650013
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/auth2/authenticate.sjs
@@ -0,0 +1,220 @@
+function handleRequest(request, response)
+{
+ try {
+ reallyHandleRequest(request, response);
+ } catch (e) {
+ response.setStatusLine("1.0", 200, "AlmostOK");
+ response.write("Error handling request: " + e);
+ }
+}
+
+
+function reallyHandleRequest(request, response) {
+ var match;
+ var requestAuth = true, requestProxyAuth = true;
+
+ // Allow the caller to drive how authentication is processed via the query.
+ // Eg, http://localhost:8888/authenticate.sjs?user=foo&realm=bar
+ // The extra ? allows the user/pass/realm checks to succeed if the name is
+ // at the beginning of the query string.
+ var query = "?" + request.queryString;
+
+ var expected_user = "", expected_pass = "", realm = "mochitest";
+ var proxy_expected_user = "", proxy_expected_pass = "", proxy_realm = "mochi-proxy";
+ var huge = false, plugin = false, anonymous = false;
+ var authHeaderCount = 1;
+ // user=xxx
+ match = /[^_]user=([^&]*)/.exec(query);
+ if (match)
+ expected_user = match[1];
+
+ // pass=xxx
+ match = /[^_]pass=([^&]*)/.exec(query);
+ if (match)
+ expected_pass = match[1];
+
+ // realm=xxx
+ match = /[^_]realm=([^&]*)/.exec(query);
+ if (match)
+ realm = match[1];
+
+ // proxy_user=xxx
+ match = /proxy_user=([^&]*)/.exec(query);
+ if (match)
+ proxy_expected_user = match[1];
+
+ // proxy_pass=xxx
+ match = /proxy_pass=([^&]*)/.exec(query);
+ if (match)
+ proxy_expected_pass = match[1];
+
+ // proxy_realm=xxx
+ match = /proxy_realm=([^&]*)/.exec(query);
+ if (match)
+ proxy_realm = match[1];
+
+ // huge=1
+ match = /huge=1/.exec(query);
+ if (match)
+ huge = true;
+
+ // plugin=1
+ match = /plugin=1/.exec(query);
+ if (match)
+ plugin = true;
+
+ // multiple=1
+ match = /multiple=([^&]*)/.exec(query);
+ if (match)
+ authHeaderCount = match[1]+0;
+
+ // anonymous=1
+ match = /anonymous=1/.exec(query);
+ if (match)
+ anonymous = true;
+
+ // Look for an authentication header, if any, in the request.
+ //
+ // EG: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
+ //
+ // This test only supports Basic auth. The value sent by the client is
+ // "username:password", obscured with base64 encoding.
+
+ var actual_user = "", actual_pass = "", authHeader, authPresent = false;
+ if (request.hasHeader("Authorization")) {
+ authPresent = true;
+ authHeader = request.getHeader("Authorization");
+ match = /Basic (.+)/.exec(authHeader);
+ if (match.length != 2)
+ throw new Error("Couldn't parse auth header: " + authHeader);
+
+ var userpass = base64ToString(match[1]); // no atob() :-(
+ match = /(.*):(.*)/.exec(userpass);
+ if (match.length != 3)
+ throw new Error("Couldn't decode auth header: " + userpass);
+ actual_user = match[1];
+ actual_pass = match[2];
+ }
+
+ var proxy_actual_user = "", proxy_actual_pass = "";
+ if (request.hasHeader("Proxy-Authorization")) {
+ authHeader = request.getHeader("Proxy-Authorization");
+ match = /Basic (.+)/.exec(authHeader);
+ if (match.length != 2)
+ throw new Error("Couldn't parse auth header: " + authHeader);
+
+ var userpass = base64ToString(match[1]); // no atob() :-(
+ match = /(.*):(.*)/.exec(userpass);
+ if (match.length != 3)
+ throw new Error("Couldn't decode auth header: " + userpass);
+ proxy_actual_user = match[1];
+ proxy_actual_pass = match[2];
+ }
+
+ // Don't request authentication if the credentials we got were what we
+ // expected.
+ if (expected_user == actual_user &&
+ expected_pass == actual_pass) {
+ requestAuth = false;
+ }
+ if (proxy_expected_user == proxy_actual_user &&
+ proxy_expected_pass == proxy_actual_pass) {
+ requestProxyAuth = false;
+ }
+
+ if (anonymous) {
+ if (authPresent) {
+ response.setStatusLine("1.0", 400, "Unexpected authorization header found");
+ } else {
+ response.setStatusLine("1.0", 200, "Authorization header not found");
+ }
+ } else {
+ if (requestProxyAuth) {
+ response.setStatusLine("1.0", 407, "Proxy authentication required");
+ for (i = 0; i < authHeaderCount; ++i)
+ response.setHeader("Proxy-Authenticate", "basic realm=\"" + proxy_realm + "\"", true);
+ } else if (requestAuth) {
+ response.setStatusLine("1.0", 401, "Authentication required");
+ for (i = 0; i < authHeaderCount; ++i)
+ response.setHeader("WWW-Authenticate", "basic realm=\"" + realm + "\"", true);
+ } else {
+ response.setStatusLine("1.0", 200, "OK");
+ }
+ }
+
+ response.setHeader("Content-Type", "application/xhtml+xml", false);
+ response.write("<html xmlns='http://www.w3.org/1999/xhtml'>");
+ response.write("<p>Login: <span id='ok'>" + (requestAuth ? "FAIL" : "PASS") + "</span></p>\n");
+ response.write("<p>Proxy: <span id='proxy'>" + (requestProxyAuth ? "FAIL" : "PASS") + "</span></p>\n");
+ response.write("<p>Auth: <span id='auth'>" + authHeader + "</span></p>\n");
+ response.write("<p>User: <span id='user'>" + actual_user + "</span></p>\n");
+ response.write("<p>Pass: <span id='pass'>" + actual_pass + "</span></p>\n");
+
+ if (huge) {
+ response.write("<div style='display: none'>");
+ for (i = 0; i < 100000; i++) {
+ response.write("123456789\n");
+ }
+ response.write("</div>");
+ response.write("<span id='footnote'>This is a footnote after the huge content fill</span>");
+ }
+
+ if (plugin) {
+ response.write("<embed id='embedtest' style='width: 400px; height: 100px;' " +
+ "type='application/x-test'></embed>\n");
+ }
+
+ response.write("</html>");
+}
+
+
+// base64 decoder
+//
+// Yoinked from extensions/xml-rpc/src/nsXmlRpcClient.js because btoa()
+// doesn't seem to exist. :-(
+/* Convert Base64 data to a string */
+const toBinaryTable = [
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+ -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63,
+ 52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1, 0,-1,-1,
+ -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10, 11,12,13,14,
+ 15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1,
+ -1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40,
+ 41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1
+];
+const base64Pad = '=';
+
+function base64ToString(data) {
+
+ var result = '';
+ var leftbits = 0; // number of bits decoded, but yet to be appended
+ var leftdata = 0; // bits decoded, but yet to be appended
+
+ // Convert one by one.
+ for (var i = 0; i < data.length; i++) {
+ var c = toBinaryTable[data.charCodeAt(i) & 0x7f];
+ var padding = (data[i] == base64Pad);
+ // Skip illegal characters and whitespace
+ if (c == -1) continue;
+
+ // Collect data into leftdata, update bitcount
+ leftdata = (leftdata << 6) | c;
+ leftbits += 6;
+
+ // If we have 8 or more bits, append 8 bits to the result
+ if (leftbits >= 8) {
+ leftbits -= 8;
+ // Append if not padding.
+ if (!padding)
+ result += String.fromCharCode((leftdata >> leftbits) & 0xff);
+ leftdata &= (1 << leftbits) - 1;
+ }
+ }
+
+ // If there are any bits left, the base64 string was corrupted
+ if (leftbits)
+ throw Components.Exception('Corrupted base64 string');
+
+ return result;
+}
diff --git a/toolkit/components/passwordmgr/test/mochitest/mochitest.ini b/toolkit/components/passwordmgr/test/mochitest/mochitest.ini
new file mode 100644
index 000000000..a4170d7e0
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/mochitest.ini
@@ -0,0 +1,69 @@
+[DEFAULT]
+support-files =
+ ../../../prompts/test/chromeScript.js
+ ../../../prompts/test/prompt_common.js
+ ../../../satchel/test/parent_utils.js
+ ../../../satchel/test/satchel_common.js
+ ../authenticate.sjs
+ ../blank.html
+ ../browser/form_autofocus_js.html
+ ../browser/form_basic.html
+ ../browser/form_cross_origin_secure_action.html
+ ../pwmgr_common.js
+ auth2/authenticate.sjs
+
+[test_autocomplete_https_upgrade.html]
+skip-if = toolkit == 'android' # autocomplete
+[test_autofill_https_upgrade.html]
+skip-if = toolkit == 'android' # Bug 1259768
+[test_autofill_password-only.html]
+[test_autofocus_js.html]
+skip-if = toolkit == 'android' # autocomplete
+[test_basic_form.html]
+[test_basic_form_0pw.html]
+[test_basic_form_1pw.html]
+[test_basic_form_1pw_2.html]
+[test_basic_form_2pw_1.html]
+[test_basic_form_2pw_2.html]
+[test_basic_form_3pw_1.html]
+[test_basic_form_autocomplete.html]
+skip-if = toolkit == 'android' # android:autocomplete.
+[test_insecure_form_field_autocomplete.html]
+skip-if = toolkit == 'android' # android:autocomplete.
+[test_password_field_autocomplete.html]
+skip-if = toolkit == 'android' # android:autocomplete.
+[test_insecure_form_field_no_saved_login.html]
+skip-if = toolkit == 'android' || os == 'linux' # android:autocomplete., linux: bug 1325778
+[test_basic_form_html5.html]
+[test_basic_form_pwevent.html]
+[test_basic_form_pwonly.html]
+[test_bug_627616.html]
+skip-if = toolkit == 'android' # Tests desktop prompts
+[test_bug_776171.html]
+[test_case_differences.html]
+skip-if = toolkit == 'android' # autocomplete
+[test_form_action_1.html]
+[test_form_action_2.html]
+[test_form_action_javascript.html]
+[test_formless_autofill.html]
+[test_formless_submit.html]
+[test_formless_submit_navigation.html]
+[test_formless_submit_navigation_negative.html]
+[test_input_events.html]
+[test_input_events_for_identical_values.html]
+[test_maxlength.html]
+[test_passwords_in_type_password.html]
+[test_prompt.html]
+skip-if = os == "linux" || toolkit == 'android' # Tests desktop prompts
+[test_prompt_http.html]
+skip-if = os == "linux" || toolkit == 'android' # Tests desktop prompts
+[test_prompt_noWindow.html]
+skip-if = e10s || toolkit == 'android' # Tests desktop prompts. e10s: bug 1217876
+[test_prompt_promptAuth.html]
+skip-if = os == "linux" || toolkit == 'android' # Tests desktop prompts
+[test_prompt_promptAuth_proxy.html]
+skip-if = e10s || os == "linux" || toolkit == 'android' # Tests desktop prompts
+[test_recipe_login_fields.html]
+[test_username_focus.html]
+skip-if = toolkit == 'android' # android:autocomplete.
+[test_xhr_2.html]
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_upgrade.html b/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_upgrade.html
new file mode 100644
index 000000000..7d5725322
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_upgrade.html
@@ -0,0 +1,218 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test autocomplete on an HTTPS page using upgraded HTTP logins</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script>
+const chromeScript = runChecksAfterCommonInit(false);
+
+runInParent(function addLogins() {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ // Create some logins just for this form, since we'll be deleting them.
+ let nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+
+ // We have two actual HTTPS to avoid autofill before the schemeUpgrades pref flips to true.
+ let login0 = new nsLoginInfo("https://example.org", "https://example.org", null,
+ "name", "pass", "uname", "pword");
+
+ let login1 = new nsLoginInfo("https://example.org", "https://example.org", null,
+ "name1", "pass1", "uname", "pword");
+
+ // Same as above but HTTP instead of HTTPS (to test de-duping)
+ let login2 = new nsLoginInfo("http://example.org", "http://example.org", null,
+ "name1", "passHTTP", "uname", "pword");
+
+ // Different HTTP login to upgrade with secure formSubmitURL
+ let login3 = new nsLoginInfo("http://example.org", "https://example.org", null,
+ "name2", "passHTTPtoHTTPS", "uname", "pword");
+
+ try {
+ Services.logins.addLogin(login0);
+ Services.logins.addLogin(login1);
+ Services.logins.addLogin(login2);
+ Services.logins.addLogin(login3);
+ } catch (e) {
+ assert.ok(false, "addLogin threw: " + e);
+ }
+});
+</script>
+<p id="display"></p>
+
+<!-- we presumably can't hide the content for this test. -->
+<div id="content">
+ <iframe src="https://example.org/tests/toolkit/components/passwordmgr/test/mochitest/form_basic.html"></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK;
+
+let iframe = SpecialPowers.wrap(document.getElementsByTagName("iframe")[0]);
+let iframeDoc;
+let uname;
+let pword;
+
+// Restore the form to the default state.
+function restoreForm() {
+ pword.focus();
+ uname.value = "";
+ pword.value = "";
+ uname.focus();
+}
+
+// Check for expected username/password in form.
+function checkACForm(expectedUsername, expectedPassword) {
+ let formID = uname.parentNode.id;
+ is(uname.value, expectedUsername, "Checking " + formID + " username");
+ is(pword.value, expectedPassword, "Checking " + formID + " password");
+}
+
+add_task(function* setup() {
+ yield SpecialPowers.pushPrefEnv({"set": [["signon.schemeUpgrades", true]]});
+
+ yield new Promise(resolve => {
+ iframe.addEventListener("load", function onLoad() {
+ iframe.removeEventListener("load", onLoad);
+ resolve();
+ });
+ });
+
+ iframeDoc = iframe.contentDocument;
+ uname = iframeDoc.getElementById("form-basic-username");
+ pword = iframeDoc.getElementById("form-basic-password");
+});
+
+add_task(function* test_empty_first_entry() {
+ // Make sure initial form is empty.
+ checkACForm("", "");
+ // Trigger autocomplete popup
+ restoreForm();
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is initially closed");
+ let shownPromise = promiseACShown();
+ doKey("down");
+ let results = yield shownPromise;
+ popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected");
+ checkArrayValues(results, ["name", "name1", "name2"], "initial");
+
+ // Check first entry
+ let index0Promise = notifySelectedIndex(0);
+ doKey("down");
+ yield index0Promise;
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("name", "pass");
+});
+
+add_task(function* test_empty_second_entry() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("name1", "pass1");
+});
+
+add_task(function* test_search() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ // We need to blur for the autocomplete controller to notice the forced value below.
+ uname.blur();
+ uname.value = "name";
+ uname.focus();
+ sendChar("1");
+ doKey("down"); // open
+ let results = yield shownPromise;
+ checkArrayValues(results, ["name1"], "check result deduping for 'name1'");
+ doKey("down"); // first
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("name1", "pass1");
+
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is now closed");
+});
+
+add_task(function* test_delete_first_entry() {
+ restoreForm();
+ uname.focus();
+ let shownPromise = promiseACShown();
+ doKey("down");
+ yield shownPromise;
+
+ let index0Promise = notifySelectedIndex(0);
+ doKey("down");
+ yield index0Promise;
+
+ let deletionPromise = promiseStorageChanged(["removeLogin"]);
+ // On OS X, shift-backspace and shift-delete work, just delete does not.
+ // On Win/Linux, shift-backspace does not work, delete and shift-delete do.
+ doKey("delete", shiftModifier);
+ yield deletionPromise;
+ checkACForm("", "");
+
+ let results = yield notifyMenuChanged(2, "name1");
+
+ checkArrayValues(results, ["name1", "name2"], "two should remain after deleting the first");
+ let popupState = yield getPopupState();
+ is(popupState.open, true, "Check popup stays open after deleting");
+ doKey("escape");
+ popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup closed upon ESC");
+});
+
+add_task(function* test_delete_duplicate_entry() {
+ restoreForm();
+ uname.focus();
+ let shownPromise = promiseACShown();
+ doKey("down");
+ yield shownPromise;
+
+ let index0Promise = notifySelectedIndex(0);
+ doKey("down");
+ yield index0Promise;
+
+ let deletionPromise = promiseStorageChanged(["removeLogin"]);
+ // On OS X, shift-backspace and shift-delete work, just delete does not.
+ // On Win/Linux, shift-backspace does not work, delete and shift-delete do.
+ doKey("delete", shiftModifier);
+ yield deletionPromise;
+ checkACForm("", "");
+
+ is(LoginManager.countLogins("http://example.org", "http://example.org", null), 1,
+ "Check that the HTTP login remains");
+ is(LoginManager.countLogins("https://example.org", "https://example.org", null), 0,
+ "Check that the HTTPS login was deleted");
+
+ // Two menu items should remain as the HTTPS login should have been deleted but
+ // the HTTP would remain.
+ let results = yield notifyMenuChanged(1, "name2");
+
+ checkArrayValues(results, ["name2"], "one should remain after deleting the HTTPS name1");
+ let popupState = yield getPopupState();
+ is(popupState.open, true, "Check popup stays open after deleting");
+ doKey("escape");
+ popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup closed upon ESC");
+});
+
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autofill_https_upgrade.html b/toolkit/components/passwordmgr/test/mochitest/test_autofill_https_upgrade.html
new file mode 100644
index 000000000..ee1424002
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_autofill_https_upgrade.html
@@ -0,0 +1,117 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test autocomplete on an HTTPS page using upgraded HTTP logins</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script>
+const MISSING_ACTION_PATH = TESTS_DIR + "mochitest/form_basic.html";
+const CROSS_ORIGIN_SECURE_PATH = TESTS_DIR + "mochitest/form_cross_origin_secure_action.html";
+
+const chromeScript = runChecksAfterCommonInit(false);
+
+let nsLoginInfo = SpecialPowers.wrap(SpecialPowers.Components).Constructor("@mozilla.org/login-manager/loginInfo;1",
+SpecialPowers.Ci.nsILoginInfo,
+"init");
+</script>
+<p id="display"></p>
+
+<!-- we presumably can't hide the content for this test. -->
+<div id="content">
+ <iframe></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+let iframe = SpecialPowers.wrap(document.getElementsByTagName("iframe")[0]);
+
+// Check for expected username/password in form.
+function checkACForm(expectedUsername, expectedPassword) {
+ let iframeDoc = iframe.contentDocument;
+ let uname = iframeDoc.getElementById("form-basic-username");
+ let pword = iframeDoc.getElementById("form-basic-password");
+ let formID = uname.parentNode.id;
+ is(uname.value, expectedUsername, "Checking " + formID + " username");
+ is(pword.value, expectedPassword, "Checking " + formID + " password");
+}
+function* prepareLoginsAndProcessForm(url, logins = []) {
+ LoginManager.removeAllLogins();
+
+ let dates = Date.now();
+ for (let login of logins) {
+ SpecialPowers.do_QueryInterface(login, SpecialPowers.Ci.nsILoginMetaInfo);
+ // Force all dates to be the same so they don't affect things like deduping.
+ login.timeCreated = login.timePasswordChanged = login.timeLastUsed = dates;
+ LoginManager.addLogin(login);
+ }
+
+ iframe.src = url;
+ yield promiseFormsProcessed();
+}
+
+add_task(function* setup() {
+ yield SpecialPowers.pushPrefEnv({"set": [["signon.schemeUpgrades", true]]});
+});
+
+add_task(function* test_simpleNoDupesNoAction() {
+ yield prepareLoginsAndProcessForm("https://example.com" + MISSING_ACTION_PATH, [
+ new nsLoginInfo("http://example.com", "http://example.com", null,
+ "name2", "pass2", "uname", "pword"),
+ ]);
+
+ checkACForm("name2", "pass2");
+});
+
+add_task(function* test_simpleNoDupesUpgradeOriginAndAction() {
+ yield prepareLoginsAndProcessForm("https://example.com" + CROSS_ORIGIN_SECURE_PATH, [
+ new nsLoginInfo("http://example.com", "http://another.domain", null,
+ "name2", "pass2", "uname", "pword"),
+ ]);
+
+ checkACForm("name2", "pass2");
+});
+
+add_task(function* test_simpleNoDupesUpgradeOriginOnly() {
+ yield prepareLoginsAndProcessForm("https://example.com" + CROSS_ORIGIN_SECURE_PATH, [
+ new nsLoginInfo("http://example.com", "https://another.domain", null,
+ "name2", "pass2", "uname", "pword"),
+ ]);
+
+ checkACForm("name2", "pass2");
+});
+
+add_task(function* test_simpleNoDupesUpgradeActionOnly() {
+ yield prepareLoginsAndProcessForm("https://example.com" + CROSS_ORIGIN_SECURE_PATH, [
+ new nsLoginInfo("https://example.com", "http://another.domain", null,
+ "name2", "pass2", "uname", "pword"),
+ ]);
+
+ checkACForm("name2", "pass2");
+});
+
+add_task(function* test_dedupe() {
+ yield prepareLoginsAndProcessForm("https://example.com" + MISSING_ACTION_PATH, [
+ new nsLoginInfo("https://example.com", "https://example.com", null,
+ "name1", "passHTTPStoHTTPS", "uname", "pword"),
+ new nsLoginInfo("http://example.com", "http://example.com", null,
+ "name1", "passHTTPtoHTTP", "uname", "pword"),
+ new nsLoginInfo("http://example.com", "https://example.com", null,
+ "name1", "passHTTPtoHTTPS", "uname", "pword"),
+ new nsLoginInfo("https://example.com", "http://example.com", null,
+ "name1", "passHTTPStoHTTP", "uname", "pword"),
+ ]);
+
+ checkACForm("name1", "passHTTPStoHTTPS");
+});
+
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autofill_password-only.html b/toolkit/components/passwordmgr/test/mochitest/test_autofill_password-only.html
new file mode 100644
index 000000000..983356371
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_autofill_password-only.html
@@ -0,0 +1,143 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test password-only forms should prefer a password-only login when present</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: Bug 444968
+<script>
+let pwmgrCommonScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+pwmgrCommonScript.sendSyncMessage("setupParent", { selfFilling: true });
+
+SimpleTest.waitForExplicitFinish();
+
+let chromeScript = runInParent(function chromeSetup() {
+ const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+ let pwmgr = Cc["@mozilla.org/login-manager;1"].getService(Ci.nsILoginManager);
+
+ let login1A = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let login1B = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let login2A = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let login2B = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let login2C = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+
+ login1A.init("http://mochi.test:8888", "http://bug444968-1", null,
+ "testuser1A", "testpass1A", "", "");
+ login1B.init("http://mochi.test:8888", "http://bug444968-1", null,
+ "", "testpass1B", "", "");
+
+ login2A.init("http://mochi.test:8888", "http://bug444968-2", null,
+ "testuser2A", "testpass2A", "", "");
+ login2B.init("http://mochi.test:8888", "http://bug444968-2", null,
+ "", "testpass2B", "", "");
+ login2C.init("http://mochi.test:8888", "http://bug444968-2", null,
+ "testuser2C", "testpass2C", "", "");
+
+ pwmgr.addLogin(login1A);
+ pwmgr.addLogin(login1B);
+ pwmgr.addLogin(login2A);
+ pwmgr.addLogin(login2B);
+ pwmgr.addLogin(login2C);
+
+ addMessageListener("removeLogins", function removeLogins() {
+ pwmgr.removeLogin(login1A);
+ pwmgr.removeLogin(login1B);
+ pwmgr.removeLogin(login2A);
+ pwmgr.removeLogin(login2B);
+ pwmgr.removeLogin(login2C);
+ });
+});
+
+SimpleTest.registerCleanupFunction(() => chromeScript.sendSyncMessage("removeLogins"));
+
+registerRunTests();
+</script>
+
+<p id="display"></p>
+<div id="content" style="display: none">
+ <!-- first 3 forms have matching user+pass and pass-only logins -->
+
+ <!-- user+pass form. -->
+ <form id="form1" action="http://bug444968-1">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- password-only form. -->
+ <form id="form2" action="http://bug444968-1">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form, username prefilled -->
+ <form id="form3" action="http://bug444968-1">
+ <input type="text" name="uname" value="testuser1A">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+
+ <!-- next 4 forms have matching user+pass (2x) and pass-only (1x) logins -->
+
+ <!-- user+pass form. -->
+ <form id="form4" action="http://bug444968-2">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- password-only form. -->
+ <form id="form5" action="http://bug444968-2">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form, username prefilled -->
+ <form id="form6" action="http://bug444968-2">
+ <input type="text" name="uname" value="testuser2A">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form, username prefilled -->
+ <form id="form7" action="http://bug444968-2">
+ <input type="text" name="uname" value="testuser2C">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/* Test for Login Manager: 444968 (password-only forms should prefer a
+ * password-only login when present )
+ */
+function startTest() {
+ checkForm(1, "testuser1A", "testpass1A");
+ checkForm(2, "testpass1B");
+ checkForm(3, "testuser1A", "testpass1A");
+
+ checkUnmodifiedForm(4); // 2 logins match
+ checkForm(5, "testpass2B");
+ checkForm(6, "testuser2A", "testpass2A");
+ checkForm(7, "testuser2C", "testpass2C");
+
+ SimpleTest.finish();
+}
+
+window.addEventListener("runTests", startTest);
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autofocus_js.html b/toolkit/components/passwordmgr/test/mochitest/test_autofocus_js.html
new file mode 100644
index 000000000..2ce3293dd
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_autofocus_js.html
@@ -0,0 +1,115 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test login autocomplete is activated when focused by js on load</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script>
+const chromeScript = runChecksAfterCommonInit(false);
+
+runInParent(function addLogins() {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ // Create some logins just for this form, since we'll be deleting them.
+ let nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+
+ let login0 = new nsLoginInfo("https://example.org", "https://example.org", null,
+ "name", "pass", "uname", "pword");
+
+ let login1 = new nsLoginInfo("https://example.org", "https://example.org", null,
+ "name1", "pass1", "uname", "pword");
+
+ try {
+ Services.logins.addLogin(login0);
+ Services.logins.addLogin(login1);
+ } catch (e) {
+ assert.ok(false, "addLogin threw: " + e);
+ }
+});
+</script>
+<p id="display"></p>
+
+<div id="content">
+ <iframe src="https://example.org/tests/toolkit/components/passwordmgr/test/mochitest/form_autofocus_js.html"></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+let iframe = SpecialPowers.wrap(document.getElementsByTagName("iframe")[0]);
+let iframeDoc;
+
+add_task(function* setup() {
+ yield new Promise(resolve => {
+ iframe.addEventListener("load", function onLoad() {
+ iframe.removeEventListener("load", onLoad);
+ resolve();
+ });
+ });
+
+ iframeDoc = iframe.contentDocument;
+
+ SimpleTest.requestFlakyTimeout("Giving a chance for the unexpected popupshown to occur");
+});
+
+add_task(function* test_initial_focus() {
+ let results = yield notifyMenuChanged(2, "name");
+ checkArrayValues(results, ["name", "name1"], "Two results");
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ is(iframeDoc.getElementById("form-basic-password").value, "pass", "Check first password filled");
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is now closed");
+});
+
+// This depends on the filling from the previous test.
+add_task(function* test_not_reopened_if_filled() {
+ listenForUnexpectedPopupShown();
+ let usernameField = iframeDoc.getElementById("form-basic-username");
+ usernameField.focus();
+ info("Waiting to see if a popupshown occurs");
+ yield new Promise(resolve => setTimeout(resolve, 1000));
+
+ // cleanup
+ gPopupShownExpected = true;
+ iframeDoc.getElementById("form-basic-submit").focus();
+});
+
+add_task(function* test_reopened_after_edit_not_matching_saved() {
+ let usernameField = iframeDoc.getElementById("form-basic-username");
+ usernameField.value = "nam";
+ let shownPromise = promiseACShown();
+ usernameField.focus();
+ yield shownPromise;
+ iframeDoc.getElementById("form-basic-submit").focus();
+});
+
+add_task(function* test_not_reopened_after_selecting() {
+ let formFillController = SpecialPowers.Cc["@mozilla.org/satchel/form-fill-controller;1"].
+ getService(SpecialPowers.Ci.nsIFormFillController);
+ let usernameField = iframeDoc.getElementById("form-basic-username");
+ usernameField.value = "";
+ iframeDoc.getElementById("form-basic-password").value = "";
+ listenForUnexpectedPopupShown();
+ formFillController.markAsLoginManagerField(usernameField);
+ info("Waiting to see if a popupshown occurs");
+ yield new Promise(resolve => setTimeout(resolve, 1000));
+
+ // Cleanup
+ gPopupShownExpected = true;
+});
+
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form.html
new file mode 100644
index 000000000..3c38343a5
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form.html
@@ -0,0 +1,44 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test basic autofill</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: simple form fill
+
+<script>
+runChecksAfterCommonInit(startTest);
+
+/** Test for Login Manager: form fill, multiple forms. **/
+
+function startTest() {
+ is($_(1, "uname").value, "testuser", "Checking for filled username");
+ is($_(1, "pword").value, "testpass", "Checking for filled password");
+
+ SimpleTest.finish();
+}
+</script>
+
+<p id="display"></p>
+
+<div id="content" style="display: none">
+
+ <form id="form1" action="formtest.js">
+ <p>This is form 1.</p>
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+</div>
+
+<pre id="test"></pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_0pw.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_0pw.html
new file mode 100644
index 000000000..0b416673b
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_0pw.html
@@ -0,0 +1,72 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test forms with no password fields</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: forms with no password fields
+<p id="display"></p>
+
+<div id="content" style="display: none">
+
+ <!-- Form with no user field or password field -->
+ <form id="form1" action="formtest.js">
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Form with no user field or password field, but one other field -->
+ <form id="form2" action="formtest.js">
+ <input type="checkbox">
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Form with no user field or password field, but one other field -->
+ <form id="form3" action="formtest.js">
+ <input type="checkbox" name="uname" value="">
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Form with a text field, but no password field -->
+ <form id="form4" action="formtest.js">
+ <input type="text" name="yyyyy">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Form with a user field, but no password field -->
+ <form id="form5" action="formtest.js">
+ <input type="text" name="uname">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: form fill, no password fields. **/
+
+function startTest() {
+ is($_(3, "uname").value, "", "Checking for unfilled checkbox (form 3)");
+ is($_(4, "yyyyy").value, "", "Checking for unfilled text field (form 4)");
+ is($_(5, "uname").value, "", "Checking for unfilled text field (form 5)");
+
+ SimpleTest.finish();
+}
+
+runChecksAfterCommonInit(startTest);
+</script>
+</pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw.html
new file mode 100644
index 000000000..3937fad4b
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw.html
@@ -0,0 +1,167 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test autofill for forms with 1 password field</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: forms with 1 password field
+<script>
+runChecksAfterCommonInit(() => startTest());
+</script>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+
+<!-- no username fields -->
+
+<form id='form1' action='formtest.js'> 1
+ <!-- Blank, so fill in the password -->
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form2' action='formtest.js'> 2
+ <!-- Already contains the password, so nothing to do. -->
+ <input type='password' name='pname' value='testpass'>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form3' action='formtest.js'> 3
+ <!-- Contains unknown password, so don't change it -->
+ <input type='password' name='pname' value='xxxxxxxx'>
+ <button type='submit'>Submit</button>
+</form>
+
+
+<!-- username fields -->
+
+<form id='form4' action='formtest.js'> 4
+ <!-- Blanks, so fill in login -->
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form5' action='formtest.js'> 5
+ <!-- Username already set, so fill in password -->
+ <input type='text' name='uname' value='testuser'>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form6' action='formtest.js'> 6
+ <!-- Unknown username, so don't fill in password -->
+ <input type='text' name='uname' value='xxxxxxxx'>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form7' action='formtest.js'> 7
+ <!-- Password already set, could fill in username but that's weird so we don't -->
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value='testpass'>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form8' action='formtest.js'> 8
+ <!-- Unknown password, so don't fill in a username -->
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value='xxxxxxxx'>
+ <button type='submit'>Submit</button>
+</form>
+
+
+
+<!-- extra text fields -->
+
+<form id='form9' action='formtest.js'> 9
+ <!-- text field _after_ password should never be treated as a username field -->
+ <input type='password' name='pname' value=''>
+ <input type='text' name='uname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form10' action='formtest.js'> 10
+ <!-- only the first text field before the password should be for username -->
+ <input type='text' name='other' value=''>
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form11' action='formtest.js'> 11
+ <!-- variation just to make sure extra text field is still ignored -->
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value=''>
+ <input type='text' name='other' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+
+
+<!-- same as last bunch, but with xxxx in the extra field. -->
+
+<form id='form12' action='formtest.js'> 12
+ <!-- text field _after_ password should never be treated as a username field -->
+ <input type='password' name='pname' value=''>
+ <input type='text' name='uname' value='xxxxxxxx'>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form13' action='formtest.js'> 13
+ <!-- only the first text field before the password should be for username -->
+ <input type='text' name='other' value='xxxxxxxx'>
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form14' action='formtest.js'> 14
+ <!-- variation just to make sure extra text field is still ignored -->
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value=''>
+ <input type='text' name='other' value='xxxxxxxx'>
+ <button type='submit'>Submit</button>
+</form>
+
+
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: simple form fill **/
+
+function startTest() {
+ var f = 1;
+
+ // 1-3
+ checkForm(f++, "testpass");
+ checkForm(f++, "testpass");
+ checkForm(f++, "xxxxxxxx");
+
+ // 4-8
+ checkForm(f++, "testuser", "testpass");
+ checkForm(f++, "testuser", "testpass");
+ checkForm(f++, "xxxxxxxx", "");
+ checkForm(f++, "", "testpass");
+ checkForm(f++, "", "xxxxxxxx");
+
+ // 9-14
+ checkForm(f++, "testpass", "");
+ checkForm(f++, "", "testuser", "testpass");
+ checkForm(f++, "testuser", "testpass", "");
+ checkForm(f++, "testpass", "xxxxxxxx");
+ checkForm(f++, "xxxxxxxx", "testuser", "testpass");
+ checkForm(f++, "testuser", "testpass", "xxxxxxxx");
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw_2.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw_2.html
new file mode 100644
index 000000000..0f6566b9c
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw_2.html
@@ -0,0 +1,109 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test forms with 1 password field, part 2</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: forms with 1 password field, part 2
+<script>
+runChecksAfterCommonInit(() => startTest());
+</script>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+
+<form id='form1' action='formtest.js'> 1
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form2' action='formtest.js'> 2
+ <input type='password' name='pname' value='' disabled>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form3' action='formtest.js'> 3
+ <input type='password' name='pname' value='' readonly>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form4' action='formtest.js'> 4
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form5' action='formtest.js'> 5
+ <input type='text' name='uname' value='' disabled>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form6' action='formtest.js'> 6
+ <input type='text' name='uname' value='' readonly>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form7' action='formtest.js'> 7
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value='' disabled>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form8' action='formtest.js'> 8
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value='' readonly>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form9' action='formtest.js'> 9
+ <input type='text' name='uname' value='TESTUSER'>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form10' action='formtest.js'> 10
+ <input type='text' name='uname' value='TESTUSER' readonly>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form11' action='formtest.js'> 11
+ <input type='text' name='uname' value='TESTUSER' disabled>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: simple form fill, part 2 **/
+
+function startTest() {
+ var f;
+
+ // Test various combinations of disabled/readonly inputs
+ checkForm(1, "testpass"); // control
+ checkUnmodifiedForm(2);
+ checkUnmodifiedForm(3);
+ checkForm(4, "testuser", "testpass"); // control
+ for (f = 5; f <= 8; f++) { checkUnmodifiedForm(f); }
+ // Test case-insensitive comparison of username field
+ checkForm(9, "testuser", "testpass");
+ checkForm(10, "TESTUSER", "testpass");
+ checkForm(11, "TESTUSER", "testpass");
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_1.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_1.html
new file mode 100644
index 000000000..128ffca7c
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_1.html
@@ -0,0 +1,187 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test autofill for forms with 2 password fields</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: forms with 2 password fields
+<script>
+runChecksAfterCommonInit(() => startTest());
+</script>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+
+
+<!-- no username fields -->
+
+<form id='form1' action='formtest.js'> 1
+ <!-- simple form, fill in first pw -->
+ <input type='password' name='pname' value=''>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form2' action='formtest.js'> 2
+ <!-- same but reverse pname and qname, field names are ignored. -->
+ <input type='password' name='qname' value=''>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form3' action='formtest.js'> 3
+ <!-- text field after password fields should be ignored, no username. -->
+ <input type='password' name='pname' value=''>
+ <input type='password' name='qname' value=''>
+ <input type='text' name='uname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form4' action='formtest.js'> 4
+ <!-- nothing to do, password already present -->
+ <input type='password' name='pname' value='testpass'>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form5' action='formtest.js'> 5
+ <!-- don't clobber an existing unrecognized password -->
+ <input type='password' name='pname' value='xxxxxxxx'>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form6' action='formtest.js'> 6
+ <!-- fill in first field, 2nd field shouldn't be touched anyway. -->
+ <input type='password' name='pname' value=''>
+ <input type='password' name='qname' value='xxxxxxxx'>
+ <button type='submit'>Submit</button>
+</form>
+
+
+
+<!-- with username fields -->
+
+
+
+<form id='form7' action='formtest.js'> 7
+ <!-- simple form, should fill in username and first pw -->
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value=''>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form8' action='formtest.js'> 8
+ <!-- reverse pname and qname, field names are ignored. -->
+ <input type='text' name='uname' value=''>
+ <input type='password' name='qname' value=''>
+ <input type='password' name='pname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form9' action='formtest.js'> 9
+ <!-- username already filled, so just fill first password -->
+ <input type='text' name='uname' value='testuser'>
+ <input type='password' name='pname' value=''>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form10' action='formtest.js'> 10
+ <!-- unknown username, don't fill in a password -->
+ <input type='text' name='uname' value='xxxxxxxx'>
+ <input type='password' name='pname' value=''>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form11' action='formtest.js'> 11
+ <!-- don't clobber unknown password -->
+ <input type='text' name='uname' value='testuser'>
+ <input type='password' name='pname' value='xxxxxxxx'>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form12' action='formtest.js'> 12
+ <!-- fill in 1st pass, don't clobber 2nd pass -->
+ <input type='text' name='uname' value='testuser'>
+ <input type='password' name='pname' value=''>
+ <input type='password' name='qname' value='xxxxxxxx'>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form13' action='formtest.js'> 13
+ <!-- nothing to do, user and pass prefilled. life is easy. -->
+ <input type='text' name='uname' value='testuser'>
+ <input type='password' name='pname' value='testpass'>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form14' action='formtest.js'> 14
+ <!-- shouldn't fill in username because 1st pw field is unknown. -->
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value='xxxxxxxx'>
+ <input type='password' name='qname' value='testpass'>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form15' action='formtest.js'> 15
+ <!-- textfield in the middle of pw fields should be ignored -->
+ <input type='password' name='pname' value=''>
+ <input type='text' name='uname' value=''>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+<form id='form16' action='formtest.js'> 16
+ <!-- same, and don't clobber existing unknown password -->
+ <input type='password' name='pname' value='xxxxxxxx'>
+ <input type='text' name='uname' value=''>
+ <input type='password' name='qname' value=''>
+ <button type='submit'>Submit</button>
+</form>
+
+
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: simple form fill **/
+
+function startTest() {
+ var f = 1;
+
+ // 1-6 no username
+ checkForm(f++, "testpass", "");
+ checkForm(f++, "testpass", "");
+ checkForm(f++, "testpass", "", "");
+ checkForm(f++, "testpass", "");
+ checkForm(f++, "xxxxxxxx", "");
+ checkForm(f++, "testpass", "xxxxxxxx");
+
+ // 7-15 with username
+ checkForm(f++, "testuser", "testpass", "");
+ checkForm(f++, "testuser", "testpass", "");
+ checkForm(f++, "testuser", "testpass", "");
+ checkForm(f++, "xxxxxxxx", "", "");
+ checkForm(f++, "testuser", "xxxxxxxx", "");
+ checkForm(f++, "testuser", "testpass", "xxxxxxxx");
+ checkForm(f++, "testuser", "testpass", "");
+ checkForm(f++, "", "xxxxxxxx", "testpass");
+ checkForm(f++, "testpass", "", "");
+ checkForm(f++, "xxxxxxxx", "", "");
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_2.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_2.html
new file mode 100644
index 000000000..eba811cf9
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_2.html
@@ -0,0 +1,105 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for form fill with 2 password fields</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: form fill, 2 password fields
+<p id="display"></p>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: form fill, 2 password fields **/
+
+/*
+ * If a form has two password fields, other things may be going on....
+ *
+ * 1 - The user might be creating a new login (2nd field for typo checking)
+ * 2 - The user is changing a password (old and new password each have field)
+ *
+ * This test is for case #1.
+ */
+
+var numSubmittedForms = 0;
+var numStartingLogins = 0;
+
+function startTest() {
+ // Check for unfilled forms
+ is($_(1, "uname").value, "", "Checking username 1");
+ is($_(1, "pword").value, "", "Checking password 1A");
+ is($_(1, "qword").value, "", "Checking password 1B");
+
+ // Fill in the username and password fields, for account creation.
+ // Form 1
+ $_(1, "uname").value = "newuser1";
+ $_(1, "pword").value = "newpass1";
+ $_(1, "qword").value = "newpass1";
+
+ var button = getFormSubmitButton(1);
+
+ todo(false, "form submission disabled, can't auto-accept dialog yet");
+ SimpleTest.finish();
+}
+
+
+// Called by each form's onsubmit handler.
+function checkSubmit(formNum) {
+ numSubmittedForms++;
+
+ // End the test at the last form.
+ if (formNum == 999) {
+ is(numSubmittedForms, 999, "Ensuring all forms submitted for testing.");
+
+ var numEndingLogins = LoginManager.countLogins("", "", "");
+
+ ok(numEndingLogins > 0, "counting logins at end");
+ is(numStartingLogins, numEndingLogins + 222, "counting logins at end");
+
+ SimpleTest.finish();
+ return false; // return false to cancel current form submission
+ }
+
+ // submit the next form.
+ var button = getFormSubmitButton(formNum + 1);
+ button.click();
+
+ return false; // return false to cancel current form submission
+}
+
+
+function getFormSubmitButton(formNum) {
+ var form = $("form" + formNum); // by id, not name
+ ok(form != null, "getting form " + formNum);
+
+ // we can't just call form.submit(), because that doesn't seem to
+ // invoke the form onsubmit handler.
+ var button = form.firstChild;
+ while (button && button.type != "submit") { button = button.nextSibling; }
+ ok(button != null, "getting form submit button");
+
+ return button;
+}
+
+runChecksAfterCommonInit(startTest);
+
+</script>
+</pre>
+<div id="content" style="display: none">
+ <form id="form1" onsubmit="return checkSubmit(1)" action="http://newuser.com">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <input type="password" name="qword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+</div>
+
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_3pw_1.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_3pw_1.html
new file mode 100644
index 000000000..30b5a319f
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_3pw_1.html
@@ -0,0 +1,177 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test autofill for forms with 3 password fields</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: forms with 3 password fields (form filling)
+<script>
+runChecksAfterCommonInit(() => startTest());
+</script>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+ <p>The next three forms are <b>user/pass/passB/passC</b>, as all-empty, preuser(only), and preuser/pass</p>
+ <form id="form1" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <input type="password" name="qword">
+ <input type="password" name="rword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <form id="form2" action="formtest.js">
+ <input type="text" name="uname" value="testuser">
+ <input type="password" name="pword">
+ <input type="password" name="qword">
+ <input type="password" name="rword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <form id="form3" action="formtest.js">
+ <input type="text" name="uname" value="testuser">
+ <input type="password" name="pword" value="testpass">
+ <input type="password" name="qword">
+ <input type="password" name="rword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+
+ <p>The next three forms are <b>user/passB/pass/passC</b>, as all-empty, preuser(only), and preuser/pass</p>
+ <form id="form4" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="qword">
+ <input type="password" name="pword">
+ <input type="password" name="rword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <form id="form5" action="formtest.js">
+ <input type="text" name="uname" value="testuser">
+ <input type="password" name="qword">
+ <input type="password" name="pword">
+ <input type="password" name="rword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <form id="form6" action="formtest.js">
+ <input type="text" name="uname" value="testuser">
+ <input type="password" name="qword">
+ <input type="password" name="pword" value="testpass">
+ <input type="password" name="rword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <p>The next three forms are <b>user/passB/passC/pass</b>, as all-empty, preuser(only), and preuser/pass</p>
+ <form id="form7" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="qword">
+ <input type="password" name="rword">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <form id="form8" action="formtest.js">
+ <input type="text" name="uname" value="testuser">
+ <input type="password" name="qword">
+ <input type="password" name="rword">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <form id="form9" action="formtest.js">
+ <input type="text" name="uname" value="testuser">
+ <input type="password" name="qword">
+ <input type="password" name="rword">
+ <input type="password" name="pword" value="testpass">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: form fill, 3 password fields **/
+
+// Test to make sure 3-password forms are filled properly.
+
+function startTest() {
+ // Check form 1
+ is($_(1, "uname").value, "testuser", "Checking username 1");
+ is($_(1, "pword").value, "testpass", "Checking password 1");
+ is($_(1, "qword").value, "", "Checking password 1 (q)");
+ is($_(1, "rword").value, "", "Checking password 1 (r)");
+ // Check form 2
+ is($_(2, "uname").value, "testuser", "Checking username 2");
+ is($_(2, "pword").value, "testpass", "Checking password 2");
+ is($_(2, "qword").value, "", "Checking password 2 (q)");
+ is($_(2, "rword").value, "", "Checking password 2 (r)");
+ // Check form 3
+ is($_(3, "uname").value, "testuser", "Checking username 3");
+ is($_(3, "pword").value, "testpass", "Checking password 3");
+ is($_(3, "qword").value, "", "Checking password 3 (q)");
+ is($_(3, "rword").value, "", "Checking password 3 (r)");
+
+ // Check form 4
+ is($_(4, "uname").value, "testuser", "Checking username 4");
+ todo_is($_(4, "qword").value, "", "Checking password 4 (q)");
+ todo_is($_(4, "pword").value, "testpass", "Checking password 4");
+ is($_(4, "rword").value, "", "Checking password 4 (r)");
+ // Check form 5
+ is($_(5, "uname").value, "testuser", "Checking username 5");
+ todo_is($_(5, "qword").value, "", "Checking password 5 (q)");
+ todo_is($_(5, "pword").value, "testpass", "Checking password 5");
+ is($_(5, "rword").value, "", "Checking password 5 (r)");
+ // Check form 6
+ is($_(6, "uname").value, "testuser", "Checking username 6");
+ todo_is($_(6, "qword").value, "", "Checking password 6 (q)");
+ is($_(6, "pword").value, "testpass", "Checking password 6");
+ is($_(6, "rword").value, "", "Checking password 6 (r)");
+
+ // Check form 7
+ is($_(7, "uname").value, "testuser", "Checking username 7");
+ todo_is($_(7, "qword").value, "", "Checking password 7 (q)");
+ is($_(7, "rword").value, "", "Checking password 7 (r)");
+ todo_is($_(7, "pword").value, "testpass", "Checking password 7");
+ // Check form 8
+ is($_(8, "uname").value, "testuser", "Checking username 8");
+ todo_is($_(8, "qword").value, "", "Checking password 8 (q)");
+ is($_(8, "rword").value, "", "Checking password 8 (r)");
+ todo_is($_(8, "pword").value, "testpass", "Checking password 8");
+ // Check form 9
+ is($_(9, "uname").value, "testuser", "Checking username 9");
+ todo_is($_(9, "qword").value, "", "Checking password 9 (q)");
+ is($_(9, "rword").value, "", "Checking password 9 (r)");
+ is($_(9, "pword").value, "testpass", "Checking password 9");
+
+ // TODO: as with the 2-password cases, add tests to check for creating new
+ // logins and changing passwords.
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_autocomplete.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_autocomplete.html
new file mode 100644
index 000000000..0eee8e696
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_autocomplete.html
@@ -0,0 +1,859 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test basic login autocomplete</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: multiple login autocomplete
+
+<script>
+var chromeScript = runChecksAfterCommonInit();
+
+var setupScript = runInParent(function setup() {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ // Create some logins just for this form, since we'll be deleting them.
+ var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+ assert.ok(nsLoginInfo != null, "nsLoginInfo constructor");
+
+ // login0 has no username, so should be filtered out from the autocomplete list.
+ var login0 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "", "user0pass", "", "pword");
+
+ var login1 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "tempuser1", "temppass1", "uname", "pword");
+
+ var login2 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "testuser2", "testpass2", "uname", "pword");
+
+ var login3 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "testuser3", "testpass3", "uname", "pword");
+
+ var login4 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "zzzuser4", "zzzpass4", "uname", "pword");
+
+ // login 5 only used in the single-user forms
+ var login5 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete2", null,
+ "singleuser5", "singlepass5", "uname", "pword");
+
+ var login6A = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete3", null,
+ "form7user1", "form7pass1", "uname", "pword");
+ var login6B = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete3", null,
+ "form7user2", "form7pass2", "uname", "pword");
+
+ var login7 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete4", null,
+ "form8user", "form8pass", "uname", "pword");
+
+ var login8A = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null,
+ "form9userAB", "form9pass", "uname", "pword");
+ var login8B = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null,
+ "form9userAAB", "form9pass", "uname", "pword");
+ var login8C = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null,
+ "form9userAABzz", "form9pass", "uname", "pword");
+
+ var login10 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete7", null,
+ "testuser10", "testpass10", "uname", "pword");
+
+
+ // try/catch in case someone runs the tests manually, twice.
+ try {
+ Services.logins.addLogin(login0);
+ Services.logins.addLogin(login1);
+ Services.logins.addLogin(login2);
+ Services.logins.addLogin(login3);
+ Services.logins.addLogin(login4);
+ Services.logins.addLogin(login5);
+ Services.logins.addLogin(login6A);
+ Services.logins.addLogin(login6B);
+ Services.logins.addLogin(login7);
+ Services.logins.addLogin(login8A);
+ Services.logins.addLogin(login8B);
+ // login8C is added later
+ Services.logins.addLogin(login10);
+ } catch (e) {
+ assert.ok(false, "addLogin threw: " + e);
+ }
+
+ addMessageListener("addLogin", loginVariableName => {
+ let login = eval(loginVariableName);
+ assert.ok(!!login, "Login to add is defined: " + loginVariableName);
+ Services.logins.addLogin(login);
+ });
+ addMessageListener("removeLogin", loginVariableName => {
+ let login = eval(loginVariableName);
+ assert.ok(!!login, "Login to delete is defined: " + loginVariableName);
+ Services.logins.removeLogin(login);
+ });
+});
+</script>
+<p id="display"></p>
+
+<!-- we presumably can't hide the content for this test. -->
+<div id="content">
+
+ <!-- form1 tests multiple matching logins -->
+ <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- other forms test single logins, with autocomplete=off set -->
+ <form id="form2" action="http://autocomplete2" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword" autocomplete="off">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form3" action="http://autocomplete2" onsubmit="return false;">
+ <input type="text" name="uname" autocomplete="off">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form4" action="http://autocomplete2" onsubmit="return false;" autocomplete="off">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form5" action="http://autocomplete2" onsubmit="return false;">
+ <input type="text" name="uname" autocomplete="off">
+ <input type="password" name="pword" autocomplete="off">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- control -->
+ <form id="form6" action="http://autocomplete2" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- This form will be manipulated to insert a different username field. -->
+ <form id="form7" action="http://autocomplete3" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- test for no autofill after onblur with blank username -->
+ <form id="form8" action="http://autocomplete4" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- test autocomplete dropdown -->
+ <form id="form9" action="http://autocomplete5" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- test for onUsernameInput recipe testing -->
+ <form id="form11" action="http://autocomplete7" onsubmit="return false;">
+ <input type="text" name="1">
+ <input type="text" name="2">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- tests <form>-less autocomplete -->
+ <div id="form12">
+ <input type="text" name="uname" id="uname">
+ <input type="password" name="pword" id="pword">
+ <button type="submit">Submit</button>
+ </div>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: multiple login autocomplete. **/
+
+var uname = $_(1, "uname");
+var pword = $_(1, "pword");
+const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK;
+
+// Restore the form to the default state.
+function restoreForm() {
+ uname.value = "";
+ pword.value = "";
+ uname.focus();
+}
+
+// Check for expected username/password in form.
+function checkACForm(expectedUsername, expectedPassword) {
+ var formID = uname.parentNode.id;
+ is(uname.value, expectedUsername, "Checking " + formID + " username is: " + expectedUsername);
+ is(pword.value, expectedPassword, "Checking " + formID + " password is: " + expectedPassword);
+}
+
+function sendFakeAutocompleteEvent(element) {
+ var acEvent = document.createEvent("HTMLEvents");
+ acEvent.initEvent("DOMAutoComplete", true, false);
+ element.dispatchEvent(acEvent);
+}
+
+function spinEventLoop() {
+ return Promise.resolve();
+}
+
+add_task(function* setup() {
+ yield SpecialPowers.pushPrefEnv({"set": [["security.insecure_field_warning.contextual.enabled", false],
+ ["signon.autofillForms.http", true]]});
+ listenForUnexpectedPopupShown();
+});
+
+add_task(function* test_form1_initial_empty() {
+ yield SimpleTest.promiseFocus(window);
+
+ // Make sure initial form is empty.
+ checkACForm("", "");
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is initially closed");
+});
+
+add_task(function* test_form1_menuitems() {
+ yield SimpleTest.promiseFocus(window);
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ let results = yield shownPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected upon opening");
+
+ let expectedMenuItems = ["tempuser1",
+ "testuser2",
+ "testuser3",
+ "zzzuser4"];
+ checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly.");
+
+ checkACForm("", ""); // value shouldn't update just by selecting
+ doKey("return"); // not "enter"!
+ yield spinEventLoop(); // let focus happen
+ checkACForm("", "");
+});
+
+add_task(function* test_form1_first_entry() {
+ yield SimpleTest.promiseFocus(window);
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected upon opening");
+
+ doKey("down"); // first
+ checkACForm("", ""); // value shouldn't update just by selecting
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("tempuser1", "temppass1");
+});
+
+add_task(function* test_form1_second_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_third_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("down"); // third
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser3", "testpass3");
+});
+
+add_task(function* test_form1_fourth_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("down"); // third
+ doKey("down"); // fourth
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_wraparound_first_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ yield spinEventLoop(); // let focus happen
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("down"); // third
+ doKey("down"); // fourth
+ doKey("down"); // deselects
+ doKey("down"); // first
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("tempuser1", "temppass1");
+});
+
+add_task(function* test_form1_wraparound_up_last_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("up"); // last (fourth)
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_wraparound_down_up_up() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // select first entry
+ doKey("up"); // selects nothing!
+ doKey("up"); // select last entry
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_wraparound_up_last() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down");
+ doKey("up"); // deselects
+ doKey("up"); // last entry
+ doKey("up");
+ doKey("up");
+ doKey("up"); // first entry
+ doKey("up"); // deselects
+ doKey("up"); // last entry
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_fill_username_without_autofill_right() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Set first entry w/o triggering autocomplete
+ doKey("down"); // first
+ doKey("right");
+ yield spinEventLoop();
+ checkACForm("tempuser1", ""); // empty password
+});
+
+add_task(function* test_form1_fill_username_without_autofill_left() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Set first entry w/o triggering autocomplete
+ doKey("down"); // first
+ doKey("left");
+ checkACForm("tempuser1", ""); // empty password
+});
+
+add_task(function* test_form1_pageup_first() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check first entry (page up)
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("page_up"); // first
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("tempuser1", "temppass1");
+});
+
+add_task(function* test_form1_pagedown_last() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ /* test 13 */
+ // Check last entry (page down)
+ doKey("down"); // first
+ doKey("page_down"); // last
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_untrusted_event() {
+ restoreForm();
+ yield spinEventLoop();
+
+ // Send a fake (untrusted) event.
+ checkACForm("", "");
+ uname.value = "zzzuser4";
+ sendFakeAutocompleteEvent(uname);
+ yield spinEventLoop();
+ checkACForm("zzzuser4", "");
+});
+
+add_task(function* test_form1_delete() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // XXX tried sending character "t" before/during dropdown to test
+ // filtering, but had no luck. Seemed like the character was getting lost.
+ // Setting uname.value didn't seem to work either. This works with a human
+ // driver, so I'm not sure what's up.
+
+ // Delete the first entry (of 4), "tempuser1"
+ doKey("down");
+ var numLogins;
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 5, "Correct number of logins before deleting one");
+
+ let countChangedPromise = notifyMenuChanged(3);
+ var deletionPromise = promiseStorageChanged(["removeLogin"]);
+ // On OS X, shift-backspace and shift-delete work, just delete does not.
+ // On Win/Linux, shift-backspace does not work, delete and shift-delete do.
+ doKey("delete", shiftModifier);
+ yield deletionPromise;
+
+ checkACForm("", "");
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 4, "Correct number of logins after deleting one");
+ yield countChangedPromise;
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_first_after_deletion() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check the new first entry (of 3)
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_delete_second() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Delete the second entry (of 3), "testuser3"
+ doKey("down");
+ doKey("down");
+ doKey("delete", shiftModifier);
+ checkACForm("", "");
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 3, "Correct number of logins after deleting one");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_first_after_deletion2() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check the new first entry (of 2)
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_delete_last() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ /* test 54 */
+ // Delete the last entry (of 2), "zzzuser4"
+ doKey("down");
+ doKey("down");
+ doKey("delete", shiftModifier);
+ checkACForm("", "");
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 2, "Correct number of logins after deleting one");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_first_after_3_deletions() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check the only remaining entry
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_check_only_entry_remaining() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ /* test 56 */
+ // Delete the only remaining entry, "testuser2"
+ doKey("down");
+ doKey("delete", shiftModifier);
+ checkACForm("", "");
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 1, "Correct number of logins after deleting one");
+
+ // remove the login that's not shown in the list.
+ setupScript.sendSyncMessage("removeLogin", "login0");
+});
+
+/* Tests for single-user forms for ignoring autocomplete=off */
+add_task(function* test_form2() {
+ // Turn our attention to form2
+ uname = $_(2, "uname");
+ pword = $_(2, "pword");
+ checkACForm("singleuser5", "singlepass5");
+
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form3() {
+ uname = $_(3, "uname");
+ pword = $_(3, "pword");
+ checkACForm("singleuser5", "singlepass5");
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form4() {
+ uname = $_(4, "uname");
+ pword = $_(4, "pword");
+ checkACForm("singleuser5", "singlepass5");
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form5() {
+ uname = $_(5, "uname");
+ pword = $_(5, "pword");
+ checkACForm("singleuser5", "singlepass5");
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form6() {
+ // (this is a control, w/o autocomplete=off, to ensure the login
+ // that was being suppressed would have been filled in otherwise)
+ uname = $_(6, "uname");
+ pword = $_(6, "pword");
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form6_changeUsername() {
+ // Test that the password field remains filled in after changing
+ // the username.
+ uname.focus();
+ doKey("right");
+ sendChar("X");
+ // Trigger the 'blur' event on uname
+ pword.focus();
+ yield spinEventLoop();
+ checkACForm("singleuser5X", "singlepass5");
+
+ setupScript.sendSyncMessage("removeLogin", "login5");
+});
+
+add_task(function* test_form7() {
+ uname = $_(7, "uname");
+ pword = $_(7, "pword");
+ checkACForm("", "");
+
+ // Insert a new username field into the form. We'll then make sure
+ // that invoking the autocomplete doesn't try to fill the form.
+ var newField = document.createElement("input");
+ newField.setAttribute("type", "text");
+ newField.setAttribute("name", "uname2");
+ pword.parentNode.insertBefore(newField, pword);
+ is($_(7, "uname2").value, "", "Verifying empty uname2");
+
+ // Delete login6B. It was created just to prevent filling in a login
+ // automatically, removing it makes it more likely that we'll catch a
+ // future regression with form filling here.
+ setupScript.sendSyncMessage("removeLogin", "login6B");
+});
+
+add_task(function* test_form7_2() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ // The form changes, so we expect the old username field to get the
+ // selected autocomplete value, but neither the new username field nor
+ // the password field should have any values filled in.
+ yield spinEventLoop();
+ checkACForm("form7user1", "");
+ is($_(7, "uname2").value, "", "Verifying empty uname2");
+ restoreForm(); // clear field, so reloading test doesn't fail
+
+ setupScript.sendSyncMessage("removeLogin", "login6A");
+});
+
+add_task(function* test_form8() {
+ uname = $_(8, "uname");
+ pword = $_(8, "pword");
+ checkACForm("form8user", "form8pass");
+ restoreForm();
+});
+
+add_task(function* test_form8_blur() {
+ checkACForm("", "");
+ // Focus the previous form to trigger a blur.
+ $_(7, "uname").focus();
+});
+
+add_task(function* test_form8_2() {
+ checkACForm("", "");
+ restoreForm();
+});
+
+add_task(function* test_form8_3() {
+ checkACForm("", "");
+ setupScript.sendSyncMessage("removeLogin", "login7");
+});
+
+add_task(function* test_form9_filtering() {
+ // Turn our attention to form9 to test the dropdown - bug 497541
+ uname = $_(9, "uname");
+ pword = $_(9, "pword");
+ uname.focus();
+ let shownPromise = promiseACShown();
+ sendString("form9userAB");
+ yield shownPromise;
+
+ checkACForm("form9userAB", "");
+ uname.focus();
+ doKey("left");
+ shownPromise = promiseACShown();
+ sendChar("A");
+ let results = yield shownPromise;
+
+ checkACForm("form9userAAB", "");
+ checkArrayValues(results, ["form9userAAB"], "Check dropdown is updated after inserting 'A'");
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("form9userAAB", "form9pass");
+});
+
+add_task(function* test_form9_autocomplete_cache() {
+ // Note that this addLogin call will only be seen by the autocomplete
+ // attempt for the sendChar if we do not successfully cache the
+ // autocomplete results.
+ setupScript.sendSyncMessage("addLogin", "login8C");
+ uname.focus();
+ let promise0 = notifyMenuChanged(0);
+ sendChar("z");
+ yield promise0;
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup shouldn't open");
+
+ // check that empty results are cached - bug 496466
+ promise0 = notifyMenuChanged(0);
+ sendChar("z");
+ yield promise0;
+ popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup stays closed due to cached empty result");
+});
+
+add_task(function* test_form11_recipes() {
+ yield loadRecipes({
+ siteRecipes: [{
+ "hosts": ["mochi.test:8888"],
+ "usernameSelector": "input[name='1']",
+ "passwordSelector": "input[name='2']"
+ }],
+ });
+ uname = $_(11, "1");
+ pword = $_(11, "2");
+
+ // First test DOMAutocomplete
+ // Switch the password field to type=password so _fillForm marks the username
+ // field for autocomplete.
+ pword.type = "password";
+ yield promiseFormsProcessed();
+ restoreForm();
+ checkACForm("", "");
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("testuser10", "testpass10");
+
+ // Now test recipes with blur on the username field.
+ restoreForm();
+ checkACForm("", "");
+ uname.value = "testuser10";
+ checkACForm("testuser10", "");
+ doKey("tab");
+ yield promiseFormsProcessed();
+ checkACForm("testuser10", "testpass10");
+ yield resetRecipes();
+});
+
+add_task(function* test_form12_formless() {
+ // Test form-less autocomplete
+ uname = $_(12, "uname");
+ pword = $_(12, "pword");
+ restoreForm();
+ checkACForm("", "");
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Trigger autocomplete
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ let processedPromise = promiseFormsProcessed();
+ doKey("return"); // not "enter"!
+ yield processedPromise;
+ checkACForm("testuser", "testpass");
+});
+
+add_task(function* test_form12_open_on_trusted_focus() {
+ uname = $_(12, "uname");
+ pword = $_(12, "pword");
+ uname.value = "";
+ pword.value = "";
+
+ // Move focus to the password field so we can test the first click on the
+ // username field.
+ pword.focus();
+ checkACForm("", "");
+ const firePrivEventPromise = new Promise((resolve) => {
+ uname.addEventListener("click", (e) => {
+ ok(e.isTrusted, "Ensure event is trusted");
+ resolve();
+ });
+ });
+ const shownPromise = promiseACShown();
+ synthesizeMouseAtCenter(uname, {});
+ yield firePrivEventPromise;
+ yield shownPromise;
+ doKey("down");
+ const processedPromise = promiseFormsProcessed();
+ doKey("return"); // not "enter"!
+ yield processedPromise;
+ checkACForm("testuser", "testpass");
+});
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_html5.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_html5.html
new file mode 100644
index 000000000..40e322afd
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_html5.html
@@ -0,0 +1,164 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for html5 input types (email, tel, url, etc.)</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: html5 input types (email, tel, url, etc.)
+<script>
+runChecksAfterCommonInit(() => startTest());
+
+runInParent(function setup() {
+ const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+ let pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+
+ login1 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login3 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login4 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+
+ login1.init("http://mochi.test:8888", "http://bug600551-1", null,
+ "testuser@example.com", "testpass1", "", "");
+ login2.init("http://mochi.test:8888", "http://bug600551-2", null,
+ "555-555-5555", "testpass2", "", "");
+ login3.init("http://mochi.test:8888", "http://bug600551-3", null,
+ "http://mozilla.org", "testpass3", "", "");
+ login4.init("http://mochi.test:8888", "http://bug600551-4", null,
+ "123456789", "testpass4", "", "");
+
+ pwmgr.addLogin(login1);
+ pwmgr.addLogin(login2);
+ pwmgr.addLogin(login3);
+ pwmgr.addLogin(login4);
+});
+</script>
+
+<p id="display"></p>
+<div id="content" style="display: none">
+
+ <form id="form1" action="http://bug600551-1">
+ <input type="email" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form2" action="http://bug600551-2">
+ <input type="tel" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form3" action="http://bug600551-3">
+ <input type="url" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form4" action="http://bug600551-4">
+ <input type="number" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- The following forms should not be filled with usernames -->
+ <form id="form5" action="formtest.js">
+ <input type="search" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form6" action="formtest.js">
+ <input type="datetime" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form7" action="formtest.js">
+ <input type="date" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form8" action="formtest.js">
+ <input type="month" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form9" action="formtest.js">
+ <input type="week" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form10" action="formtest.js">
+ <input type="time" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form11" action="formtest.js">
+ <input type="datetime-local" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form12" action="formtest.js">
+ <input type="range" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form13" action="formtest.js">
+ <input type="color" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/* Test for Login Manager: 600551
+ (Password manager not working with input type=email)
+ */
+function startTest() {
+ checkForm(1, "testuser@example.com", "testpass1");
+ checkForm(2, "555-555-5555", "testpass2");
+ checkForm(3, "http://mozilla.org", "testpass3");
+ checkForm(4, "123456789", "testpass4");
+
+ is($_(5, "uname").value, "", "type=search should not be considered a username");
+
+ is($_(6, "uname").value, "", "type=datetime should not be considered a username");
+
+ is($_(7, "uname").value, "", "type=date should not be considered a username");
+
+ is($_(8, "uname").value, "", "type=month should not be considered a username");
+
+ is($_(9, "uname").value, "", "type=week should not be considered a username");
+
+ is($_(10, "uname").value, "", "type=time should not be considered a username");
+
+ is($_(11, "uname").value, "", "type=datetime-local should not be considered a username");
+
+ is($_(12, "uname").value, "50", "type=range should not be considered a username");
+
+ is($_(13, "uname").value, "#000000", "type=color should not be considered a username");
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwevent.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwevent.html
new file mode 100644
index 000000000..e0a2883c8
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwevent.html
@@ -0,0 +1,55 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=355063
+-->
+<head>
+ <meta charset="utf-8"/>
+ <title>Test for Bug 355063</title>
+ <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="application/javascript">
+ /** Test for Bug 355063 **/
+
+ runChecksAfterCommonInit(function startTest() {
+ info("startTest");
+ // Password Manager's own listener should always have been added first, so
+ // the test's listener should be called after the pwmgr's listener fills in
+ // a login.
+ //
+ SpecialPowers.addChromeEventListener("DOMFormHasPassword", function eventFired() {
+ SpecialPowers.removeChromeEventListener("DOMFormHasPassword", eventFired);
+ var passField = $("p1");
+ passField.addEventListener("input", checkForm);
+ });
+ addForm();
+ });
+
+ function addForm() {
+ info("addForm");
+ var c = document.getElementById("content");
+ c.innerHTML = "<form id=form1>form1: <input id=u1><input type=password id=p1></form><br>";
+ }
+
+ function checkForm() {
+ info("checkForm");
+ var userField = document.getElementById("u1");
+ var passField = document.getElementById("p1");
+ is(userField.value, "testuser", "checking filled username");
+ is(passField.value, "testpass", "checking filled password");
+
+ SimpleTest.finish();
+ }
+</script>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=355063">Mozilla Bug 355063</a>
+<p id="display"></p>
+<div id="content">
+forms go here!
+</div>
+<pre id="test">
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwonly.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwonly.html
new file mode 100644
index 000000000..40fec8c46
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwonly.html
@@ -0,0 +1,213 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test forms and logins without a username</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: forms and logins without a username.
+<script>
+runChecksAfterCommonInit(() => startTest());
+runInParent(() => {
+ const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+ var pwmgr = Cc["@mozilla.org/login-manager;1"]
+ .getService(Ci.nsILoginManager);
+
+ var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", Ci.nsILoginInfo);
+
+ // pwlogin1 uses a unique formSubmitURL, to check forms where no other logins
+ // will apply. pwlogin2 uses the normal formSubmitURL, so that we can test
+ // forms with a mix of username and non-username logins that might apply.
+ //
+ // Note: pwlogin2 is deleted at the end of the test.
+
+ pwlogin1 = new nsLoginInfo();
+ pwlogin2 = new nsLoginInfo();
+
+ pwlogin1.init("http://mochi.test:8888", "http://mochi.test:1111", null,
+ "", "1234", "uname", "pword");
+
+ pwlogin2.init("http://mochi.test:8888", "http://mochi.test:8888", null,
+ "", "1234", "uname", "pword");
+
+
+ pwmgr.addLogin(pwlogin1);
+ pwmgr.addLogin(pwlogin2);
+});
+</script>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+
+
+<!-- simple form: no username field, 1 password field -->
+<form id='form1' action='http://mochi.test:1111/formtest.js'> 1
+ <input type='password' name='pname' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+<!-- simple form: no username field, 2 password fields -->
+<form id='form2' action='http://mochi.test:1111/formtest.js'> 2
+ <input type='password' name='pname1' value=''>
+ <input type='password' name='pname2' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+<!-- simple form: no username field, 3 password fields -->
+<form id='form3' action='http://mochi.test:1111/formtest.js'> 3
+ <input type='password' name='pname1' value=''>
+ <input type='password' name='pname2' value=''>
+ <input type='password' name='pname3' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+<!-- 4 password fields, should be ignored. -->
+<form id='form4' action='http://mochi.test:1111/formtest.js'> 4
+ <input type='password' name='pname1' value=''>
+ <input type='password' name='pname2' value=''>
+ <input type='password' name='pname3' value=''>
+ <input type='password' name='pname4' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+
+
+<!-- 1 username field -->
+<form id='form5' action='http://mochi.test:1111/formtest.js'> 5
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+
+<!-- 1 username field, with a value set -->
+<form id='form6' action='http://mochi.test:1111/formtest.js'> 6
+ <input type='text' name='uname' value='someuser'>
+ <input type='password' name='pname' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+
+
+<!--
+(The following forms have 2 potentially-matching logins, on is
+password-only, the other is username+password)
+-->
+
+
+
+<!-- 1 username field, with value set. Fill in the matching U+P login -->
+<form id='form7' action='formtest.js'> 7
+ <input type='text' name='uname' value='testuser'>
+ <input type='password' name='pname' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+<!-- 1 username field, with value set. Don't fill in U+P login-->
+<form id='form8' action='formtest.js'> 8
+ <input type='text' name='uname' value='someuser'>
+ <input type='password' name='pname' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+
+
+<!-- 1 username field, too small for U+P login -->
+<form id='form9' action='formtest.js'> 9
+ <input type='text' name='uname' value='' maxlength="4">
+ <input type='password' name='pname' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+<!-- 1 username field, too small for U+P login -->
+<form id='form10' action='formtest.js'> 10
+ <input type='text' name='uname' value='' maxlength="0">
+ <input type='password' name='pname' value=''>
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+<!-- 1 username field, too small for U+P login -->
+<form id='form11' action='formtest.js'> 11
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value='' maxlength="4">
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+<!-- 1 username field, too small for either login -->
+<form id='form12' action='formtest.js'> 12
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value='' maxlength="1">
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+<!-- 1 username field, too small for either login -->
+<form id='form13' action='formtest.js'> 13
+ <input type='text' name='uname' value=''>
+ <input type='password' name='pname' value='' maxlength="0">
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+
+
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: password-only logins **/
+function startTest() {
+
+ checkForm(1, "1234");
+ checkForm(2, "1234", "");
+ checkForm(3, "1234", "", "");
+ checkUnmodifiedForm(4);
+
+ checkForm(5, "", "1234");
+ checkForm(6, "someuser", "");
+
+ checkForm(7, "testuser", "testpass");
+ checkForm(8, "someuser", "");
+
+ checkForm(9, "", "1234");
+ checkForm(10, "", "1234");
+ checkForm(11, "", "1234");
+
+ checkUnmodifiedForm(12);
+ checkUnmodifiedForm(13);
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_bug_627616.html b/toolkit/components/passwordmgr/test/mochitest/test_bug_627616.html
new file mode 100644
index 000000000..ad4a41cdb
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_bug_627616.html
@@ -0,0 +1,145 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test bug 627616 related to proxy authentication</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script class="testbody" type="text/javascript">
+ SimpleTest.waitForExplicitFinish();
+
+ var Ci = SpecialPowers.Ci;
+
+ function makeXHR(expectedStatus, expectedText, extra) {
+ var xhr = new XMLHttpRequest();
+ xhr.open("GET", "authenticate.sjs?" +
+ "proxy_user=proxy_user&" +
+ "proxy_pass=proxy_pass&" +
+ "proxy_realm=proxy_realm&" +
+ "user=user1name&" +
+ "pass=user1pass&" +
+ "realm=mochirealm&" +
+ extra || "");
+ xhr.onloadend = function() {
+ is(xhr.status, expectedStatus, "xhr.status");
+ is(xhr.statusText, expectedText, "xhr.statusText");
+ runNextTest();
+ };
+ return xhr;
+ }
+
+ function testNonAnonymousCredentials() {
+ var xhr = makeXHR(200, "OK");
+ xhr.send();
+ }
+
+ function testAnonymousCredentials() {
+ // Test that an anonymous request correctly performs proxy authentication
+ var xhr = makeXHR(401, "Authentication required");
+ SpecialPowers.wrap(xhr).channel.loadFlags |= Ci.nsIChannel.LOAD_ANONYMOUS;
+ xhr.send();
+ }
+
+ function testAnonymousNoAuth() {
+ // Next, test that an anonymous request still does not include any non-proxy
+ // authentication headers.
+ var xhr = makeXHR(200, "Authorization header not found", "anonymous=1");
+ SpecialPowers.wrap(xhr).channel.loadFlags |= Ci.nsIChannel.LOAD_ANONYMOUS;
+ xhr.send();
+ }
+
+ var gExpectedDialogs = 0;
+ var gCurrentTest;
+ function runNextTest() {
+ is(gExpectedDialogs, 0, "received expected number of auth dialogs");
+ mm.sendAsyncMessage("prepareForNextTest");
+ mm.addMessageListener("prepareForNextTestDone", function prepared(msg) {
+ mm.removeMessageListener("prepareForNextTestDone", prepared);
+ if (pendingTests.length > 0) {
+ ({expectedDialogs: gExpectedDialogs,
+ test: gCurrentTest} = pendingTests.shift());
+ gCurrentTest.call(this);
+ } else {
+ mm.sendAsyncMessage("cleanup");
+ mm.addMessageListener("cleanupDone", () => {
+ // mm.destroy() is called as a cleanup function by runInParent(), no
+ // need to do it here.
+ SimpleTest.finish();
+ });
+ }
+ });
+ }
+
+ var pendingTests = [{expectedDialogs: 2, test: testNonAnonymousCredentials},
+ {expectedDialogs: 1, test: testAnonymousCredentials},
+ {expectedDialogs: 0, test: testAnonymousNoAuth}];
+
+ let mm = runInParent(() => {
+ const { classes: parentCc, interfaces: parentCi, utils: parentCu } = Components;
+
+ parentCu.import("resource://gre/modules/Services.jsm");
+ parentCu.import("resource://gre/modules/NetUtil.jsm");
+ parentCu.import("resource://gre/modules/Timer.jsm");
+ parentCu.import("resource://gre/modules/XPCOMUtils.jsm");
+
+ let channel = NetUtil.newChannel({
+ uri: "http://example.com",
+ loadUsingSystemPrincipal: true
+ });
+
+ let pps = parentCc["@mozilla.org/network/protocol-proxy-service;1"].
+ getService(parentCi.nsIProtocolProxyService);
+ pps.asyncResolve(channel, 0, {
+ onProxyAvailable(req, uri, pi, status) {
+ let mozproxy = "moz-proxy://" + pi.host + ":" + pi.port;
+ let login = parentCc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(parentCi.nsILoginInfo);
+ login.init(mozproxy, null, "proxy_realm", "proxy_user", "proxy_pass",
+ "", "");
+ Services.logins.addLogin(login);
+
+ let login2 = parentCc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(parentCi.nsILoginInfo);
+ login2.init("http://mochi.test:8888", null, "mochirealm", "user1name",
+ "user1pass", "", "");
+ Services.logins.addLogin(login2);
+
+ sendAsyncMessage("setupDone");
+ },
+ QueryInterface: XPCOMUtils.generateQI([parentCi.nsIProtocolProxyCallback]),
+ });
+
+ addMessageListener("prepareForNextTest", message => {
+ parentCc["@mozilla.org/network/http-auth-manager;1"].
+ getService(parentCi.nsIHttpAuthManager).
+ clearAll();
+ sendAsyncMessage("prepareForNextTestDone");
+ });
+
+ let dialogObserverTopic = "common-dialog-loaded";
+
+ function dialogObserver(subj, topic, data) {
+ subj.Dialog.ui.prompt.document.documentElement.acceptDialog();
+ sendAsyncMessage("promptAccepted");
+ }
+
+ Services.obs.addObserver(dialogObserver, dialogObserverTopic, false);
+
+ addMessageListener("cleanup", message => {
+ Services.obs.removeObserver(dialogObserver, dialogObserverTopic);
+ sendAsyncMessage("cleanupDone");
+ });
+ });
+
+ mm.addMessageListener("promptAccepted", msg => {
+ gExpectedDialogs--;
+ });
+ mm.addMessageListener("setupDone", msg => {
+ runNextTest();
+ });
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_bug_776171.html b/toolkit/components/passwordmgr/test/mochitest/test_bug_776171.html
new file mode 100644
index 000000000..4ad08bee2
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_bug_776171.html
@@ -0,0 +1,56 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=776171
+-->
+<head>
+ <meta charset="utf-8">
+ <title>Test for Bug 776171 related to HTTP auth</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body onload="startTest()">
+<script class="testbody" type="text/javascript">
+
+/**
+ * This test checks we correctly ignore authentication entry
+ * for a subpath and use creds from the URL when provided when XHR
+ * is used with filled user name and password.
+ *
+ * 1. connect auth2/authenticate.sjs that expects user1:pass1 password
+ * 2. connect a dummy URL at the same path
+ * 3. connect authenticate.sjs that again expects user1:pass1 password
+ * in this case, however, we have an entry without an identity
+ * for this path (that is a parent for auth2 path in the first step)
+ */
+
+SimpleTest.waitForExplicitFinish();
+
+function doxhr(URL, user, pass, next) {
+ var xhr = new XMLHttpRequest();
+ if (user && pass)
+ xhr.open("POST", URL, true, user, pass);
+ else
+ xhr.open("POST", URL, true);
+ xhr.onload = function() {
+ is(xhr.status, 200, "Got status 200");
+ next();
+ };
+ xhr.onerror = function() {
+ ok(false, "request passed");
+ finishTest();
+ };
+ xhr.send();
+}
+
+function startTest() {
+ doxhr("auth2/authenticate.sjs?user=user1&pass=pass1&realm=realm1", "user1", "pass1", function() {
+ doxhr("auth2", null, null, function() {
+ doxhr("authenticate.sjs?user=user1&pass=pass1&realm=realm1", "user1", "pass1", SimpleTest.finish);
+ });
+ });
+}
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_case_differences.html b/toolkit/components/passwordmgr/test/mochitest/test_case_differences.html
new file mode 100644
index 000000000..316f59da7
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_case_differences.html
@@ -0,0 +1,147 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test autocomplete due to multiple matching logins</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: autocomplete due to multiple matching logins
+
+<script>
+runChecksAfterCommonInit(false);
+
+SpecialPowers.loadChromeScript(function addLogins() {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ // Create some logins just for this form, since we'll be deleting them.
+ var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+
+ var login0 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "name", "pass", "uname", "pword");
+
+ var login1 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "Name", "Pass", "uname", "pword");
+
+ var login2 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "USER", "PASS", "uname", "pword");
+
+ try {
+ Services.logins.addLogin(login0);
+ Services.logins.addLogin(login1);
+ Services.logins.addLogin(login2);
+ } catch (e) {
+ assert.ok(false, "addLogin threw: " + e);
+ }
+});
+</script>
+<p id="display"></p>
+
+<!-- we presumably can't hide the content for this test. -->
+<div id="content">
+
+ <!-- form1 tests multiple matching logins -->
+ <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: autocomplete due to multiple matching logins **/
+
+var uname = $_(1, "uname");
+var pword = $_(1, "pword");
+
+// Restore the form to the default state.
+function restoreForm() {
+ uname.value = "";
+ pword.value = "";
+ uname.focus();
+}
+
+// Check for expected username/password in form.
+function checkACForm(expectedUsername, expectedPassword) {
+ var formID = uname.parentNode.id;
+ is(uname.value, expectedUsername, "Checking " + formID + " username");
+ is(pword.value, expectedPassword, "Checking " + formID + " password");
+}
+
+add_task(function* test_empty_first_entry() {
+ /* test 1 */
+ // Make sure initial form is empty.
+ checkACForm("", "");
+ // Trigger autocomplete popup
+ restoreForm();
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is initially closed");
+ let shownPromise = promiseACShown();
+ doKey("down");
+ let results = yield shownPromise;
+ popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected");
+ checkArrayValues(results, ["name", "Name", "USER"], "initial");
+
+ // Check first entry
+ let index0Promise = notifySelectedIndex(0);
+ doKey("down");
+ yield index0Promise;
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("name", "pass");
+});
+
+add_task(function* test_empty_second_entry() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("Name", "Pass");
+});
+
+add_task(function* test_empty_third_entry() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("down"); // third
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("USER", "PASS");
+});
+
+add_task(function* test_preserve_matching_username_case() {
+ restoreForm();
+ uname.value = "user";
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check that we don't clobber user-entered text when tabbing away
+ // (even with no autocomplete entry selected)
+ doKey("tab");
+ yield promiseFormsProcessed();
+ checkACForm("user", "PASS");
+});
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_form_action_1.html b/toolkit/components/passwordmgr/test/mochitest/test_form_action_1.html
new file mode 100644
index 000000000..430081b3a
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_form_action_1.html
@@ -0,0 +1,137 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for considering form action</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: Bug 360493
+<script>
+runChecksAfterCommonInit(() => startTest());
+</script>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+ <!-- normal form with normal relative action. -->
+ <form id="form1" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- fully specify the action URL -->
+ <form id="form2" action="http://mochi.test:8888/tests/toolkit/components/passwordmgr/test/formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- fully specify the action URL, and change the path -->
+ <form id="form3" action="http://mochi.test:8888/zomg/wtf/bbq/passwordmgr/test/formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- fully specify the action URL, and change the path and filename -->
+ <form id="form4" action="http://mochi.test:8888/zomg/wtf/bbq/passwordmgr/test/not_a_test.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- specify the action URL relative to the current document-->
+ <form id="form5" action="./formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- specify the action URL relative to the current server -->
+ <form id="form6" action="/tests/toolkit/components/passwordmgr/test/formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Change the method from get to post -->
+ <form id="form7" action="formtest.js" method="POST">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Blank action URL specified -->
+ <form id="form8" action="">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- |action| attribute entirely missing -->
+ <form id="form9" >
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- action url as javascript -->
+ <form id="form10" action="javascript:alert('this form is not submitted so this alert should not be invoked');">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- TODO: action=IP.ADDRESS instead of HOSTNAME? -->
+ <!-- TODO: test with |base href="http://othersite//"| ? -->
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: 360493 (Cross-Site Forms + Password
+ Manager = Security Failure) **/
+
+// This test is designed to make sure variations on the form's |action|
+// and |method| continue to work with the fix for 360493.
+
+function startTest() {
+ for (var i = 1; i <= 9; i++) {
+ // Check form i
+ is($_(i, "uname").value, "testuser", "Checking for filled username " + i);
+ is($_(i, "pword").value, "testpass", "Checking for filled password " + i);
+ }
+
+ // The login's formSubmitURL isn't "javascript:", so don't fill it in.
+ isnot($_(10, "uname"), "testuser", "Checking username w/ JS action URL");
+ isnot($_(10, "pword"), "testpass", "Checking password w/ JS action URL");
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_form_action_2.html b/toolkit/components/passwordmgr/test/mochitest/test_form_action_2.html
new file mode 100644
index 000000000..0f0056de0
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_form_action_2.html
@@ -0,0 +1,170 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for considering form action</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: Bug 360493
+<script>
+runChecksAfterCommonInit(() => startTest());
+</script>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+ <!-- The tests in this page exercise things that shouldn't work. -->
+
+ <!-- Change port # of action URL from 8888 to 7777 -->
+ <form id="form1" action="http://localhost:7777/tests/toolkit/components/passwordmgr/test/formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- No port # in action URL -->
+ <form id="form2" action="http://localhost/tests/toolkit/components/passwordmgr/test/formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Change protocol from http:// to ftp://, include the expected 8888 port # -->
+ <form id="form3" action="ftp://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Change protocol from http:// to ftp://, no port # specified -->
+ <form id="form4" action="ftp://localhost/tests/toolkit/components/passwordmgr/test/formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Try a weird URL. -->
+ <form id="form5" action="about:blank">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Try a weird URL. (If the normal embedded action URL doesn't work, that should mean other URLs won't either) -->
+ <form id="form6" action="view-source:http://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Try a weird URL. -->
+ <form id="form7" action="view-source:formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Action URL points to a different host (this is the archetypical exploit) -->
+ <form id="form8" action="http://www.cnn.com/">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Action URL points to a different host, user field prefilled -->
+ <form id="form9" action="http://www.cnn.com/">
+ <input type="text" name="uname" value="testuser">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- Try wrapping a evil form around a good form, to see if we can confuse the parser. -->
+ <form id="form10-A" action="http://www.cnn.com/">
+ <form id="form10-B" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit (inner)</button>
+ <button type="reset"> Reset (inner)</button>
+ </form>
+ <button type="submit" id="neutered_submit10">Submit (outer)</button>
+ <button type="reset">Reset (outer)</button>
+ </form>
+
+ <!-- Try wrapping a good form around an evil form, to see if we can confuse the parser. -->
+ <form id="form11-A" action="formtest.js">
+ <form id="form11-B" action="http://www.cnn.com/">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit (inner)</button>
+ <button type="reset"> Reset (inner)</button>
+ </form>
+ <button type="submit" id="neutered_submit11">Submit (outer)</button>
+ <button type="reset">Reset (outer)</button>
+ </form>
+
+<!-- TODO: probably should have some accounts which have no port # in the action url. JS too. And different host/proto. -->
+<!-- TODO: www.site.com vs. site.com? -->
+<!-- TODO: foo.site.com vs. bar.site.com? -->
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: 360493 (Cross-Site Forms + Password Manager = Security Failure) **/
+
+function startTest() {
+ for (var i = 1; i <= 8; i++) {
+ // Check form i
+ is($_(i, "uname").value, "", "Checking for unfilled username " + i);
+ is($_(i, "pword").value, "", "Checking for unfilled password " + i);
+ }
+
+ is($_(9, "uname").value, "testuser", "Checking for unmodified username 9");
+ is($_(9, "pword").value, "", "Checking for unfilled password 9");
+
+ is($_("10-A", "uname").value, "", "Checking for unfilled username 10A");
+ is($_("10-A", "pword").value, "", "Checking for unfilled password 10A");
+
+ // The DOM indicates this form could be filled, as the evil inner form
+ // is discarded. And yet pwmgr seems not to fill it. Not sure why.
+ todo(false, "Mangled form combo not being filled when maybe it could be?");
+ is($_("11-A", "uname").value, "testuser", "Checking filled username 11A");
+ is($_("11-A", "pword").value, "testpass", "Checking filled password 11A");
+
+ // Verify this by making sure there are no extra forms in the document, and
+ // that the submit button for the neutered forms don't do anything.
+ // If the test finds extra forms the submit() causes the test to timeout, then
+ // there may be a security issue.
+ is(document.forms.length, 11, "Checking for unexpected forms");
+ $("neutered_submit10").click();
+ $("neutered_submit11").click();
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_form_action_javascript.html b/toolkit/components/passwordmgr/test/mochitest/test_form_action_javascript.html
new file mode 100644
index 000000000..d37e92c40
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_form_action_javascript.html
@@ -0,0 +1,52 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test forms with a JS submit action</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: form with JS submit action
+<script>
+runChecksAfterCommonInit(() => startTest());
+
+runInParent(function setup() {
+ const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ let jslogin = Cc["@mozilla.org/login-manager/loginInfo;1"].createInstance(Ci.nsILoginInfo);
+ jslogin.init("http://mochi.test:8888", "javascript:", null,
+ "jsuser", "jspass123", "uname", "pword");
+ Services.logins.addLogin(jslogin);
+});
+
+/** Test for Login Manager: JS action URL **/
+
+function startTest() {
+ checkForm(1, "jsuser", "jspass123");
+
+ SimpleTest.finish();
+}
+</script>
+
+<p id="display"></p>
+
+<div id="content" style="display: none">
+
+
+<form id='form1' action='javascript:alert("never shows")'> 1
+ <input name="uname">
+ <input name="pword" type="password">
+
+ <button type='submit'>Submit</button>
+ <button type='reset'> Reset </button>
+</form>
+
+</div>
+
+<pre id="test"></pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_formless_autofill.html b/toolkit/components/passwordmgr/test/mochitest/test_formless_autofill.html
new file mode 100644
index 000000000..6263c818d
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_formless_autofill.html
@@ -0,0 +1,147 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test autofilling of fields outside of a form</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script type="application/javascript;version=1.8">
+let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+
+document.addEventListener("DOMContentLoaded", () => {
+ document.getElementById("loginFrame").addEventListener("load", (evt) => {
+ // Tell the parent to setup test logins.
+ chromeScript.sendAsyncMessage("setupParent", { selfFilling: true });
+ });
+});
+
+let doneSetupPromise = new Promise(resolve => {
+ // When the setup is done, load a recipe for this test.
+ chromeScript.addMessageListener("doneSetup", function doneSetup() {
+ resolve();
+ });
+});
+
+add_task(function* setup() {
+ info("Waiting for loads and setup");
+ yield doneSetupPromise;
+
+ yield loadRecipes({
+ siteRecipes: [{
+ hosts: ["mochi.test:8888"],
+ usernameSelector: "input[name='recipeuname']",
+ passwordSelector: "input[name='recipepword']",
+ }],
+ });
+});
+
+
+const DEFAULT_ORIGIN = "http://mochi.test:8888";
+const TESTCASES = [
+ {
+ // Inputs
+ document: `<input type=password>`,
+
+ // Expected outputs
+ expectedInputValues: ["testpass"],
+ },
+ {
+ document: `<input>
+ <input type=password>`,
+ expectedInputValues: ["testuser", "testpass"],
+ },
+ {
+ document: `<input>
+ <input type=password>
+ <input type=password>`,
+ expectedInputValues: ["testuser", "testpass", ""],
+ },
+ {
+ document: `<input>
+ <input type=password>
+ <input type=password>
+ <input type=password>`,
+ expectedInputValues: ["testuser", "testpass", "", ""],
+ },
+ {
+ document: `<input>
+ <input type=password form="form1">
+ <input type=password>
+ <form id="form1">
+ <input>
+ <input type=password>
+ </form>`,
+ expectedFormCount: 2,
+ expectedInputValues: ["testuser", "testpass", "testpass", "", ""],
+ },
+ {
+ document: `<!-- formless password field selector recipe test -->
+ <input>
+ <input type=password>
+ <input>
+ <input type=password name="recipepword">`,
+ expectedInputValues: ["", "", "testuser", "testpass"],
+ },
+ {
+ document: `<!-- formless username and password field selector recipe test -->
+ <input name="recipeuname">
+ <input>
+ <input type=password>
+ <input type=password name="recipepword">`,
+ expectedInputValues: ["testuser", "", "", "testpass"],
+ },
+ {
+ document: `<!-- form and formless recipe field selector test -->
+ <input name="recipeuname">
+ <input>
+ <input type=password form="form1"> <!-- not filled since recipe affects both FormLikes -->
+ <input type=password>
+ <input type=password name="recipepword">
+ <form id="form1">
+ <input>
+ <input type=password>
+ </form>`,
+ expectedFormCount: 2,
+ expectedInputValues: ["testuser", "", "", "", "testpass", "", ""],
+ },
+];
+
+add_task(function* test() {
+ let loginFrame = document.getElementById("loginFrame");
+ let frameDoc = loginFrame.contentWindow.document;
+
+ for (let tc of TESTCASES) {
+ info("Starting testcase: " + JSON.stringify(tc));
+
+ let numFormLikesExpected = tc.expectedFormCount || 1;
+
+ let processedFormPromise = promiseFormsProcessed(numFormLikesExpected);
+
+ frameDoc.documentElement.innerHTML = tc.document;
+ info("waiting for " + numFormLikesExpected + " processed form(s)");
+ yield processedFormPromise;
+
+ let testInputs = frameDoc.documentElement.querySelectorAll("input");
+ is(testInputs.length, tc.expectedInputValues.length, "Check number of inputs");
+ for (let i = 0; i < tc.expectedInputValues.length; i++) {
+ let expectedValue = tc.expectedInputValues[i];
+ is(testInputs[i].value, expectedValue,
+ "Check expected input value " + i + ": " + expectedValue);
+ }
+ }
+});
+
+</script>
+
+<p id="display"></p>
+
+<div id="content">
+ <iframe id="loginFrame" src="http://mochi.test:8888/tests/toolkit/components/passwordmgr/test/blank.html"></iframe>
+</div>
+<pre id="test"></pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_formless_submit.html b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit.html
new file mode 100644
index 000000000..468da1e7f
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit.html
@@ -0,0 +1,183 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test capturing of fields outside of a form</title>
+ <script src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script src="pwmgr_common.js"></script>
+ <link rel="stylesheet" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script type="application/javascript;version=1.8">
+const LMCBackstagePass = SpecialPowers.Cu.import("resource://gre/modules/LoginManagerContent.jsm");
+const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass;
+
+let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+
+let loadPromise = new Promise(resolve => {
+ document.addEventListener("DOMContentLoaded", () => {
+ document.getElementById("loginFrame").addEventListener("load", (evt) => {
+ resolve();
+ });
+ });
+});
+
+add_task(function* setup() {
+ info("Waiting for page and frame loads");
+ yield loadPromise;
+
+ yield loadRecipes({
+ siteRecipes: [{
+ hosts: ["mochi.test:8888"],
+ usernameSelector: "input[name='recipeuname']",
+ passwordSelector: "input[name='recipepword']",
+ }],
+ });
+});
+
+const DEFAULT_ORIGIN = "http://mochi.test:8888";
+const TESTCASES = [
+ {
+ // Inputs
+ document: `<input type=password value="pass1">`,
+ inputIndexForFormLike: 0,
+
+ // Expected outputs similar to RemoteLogins:onFormSubmit
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: null,
+ newPasswordFieldValue: "pass1",
+ oldPasswordFieldValue: null,
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="pass1">`,
+ inputIndexForFormLike: 0,
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass1",
+ oldPasswordFieldValue: null,
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="pass1">`,
+ inputIndexForFormLike: 1,
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass1",
+ oldPasswordFieldValue: null,
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="pass1">
+ <input type=password value="pass2">`,
+ inputIndexForFormLike: 2,
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass2",
+ oldPasswordFieldValue: "pass1",
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="pass1">
+ <input type=password value="pass2">
+ <input type=password value="pass2">`,
+ inputIndexForFormLike: 3,
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass2",
+ oldPasswordFieldValue: "pass1",
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="user2" form="form1">
+ <input type=password value="pass1">
+ <form id="form1">
+ <input value="user3">
+ <input type=password value="pass2">
+ </form>`,
+ inputIndexForFormLike: 2,
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass1",
+ oldPasswordFieldValue: null,
+ },
+ {
+ document: `<!-- recipe field override -->
+ <input name="recipeuname" value="username from recipe">
+ <input value="default field username">
+ <input type=password value="pass1">
+ <input name="recipepword" type=password value="pass2">`,
+ inputIndexForFormLike: 2,
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "username from recipe",
+ newPasswordFieldValue: "pass2",
+ oldPasswordFieldValue: null,
+ },
+];
+
+function getSubmitMessage() {
+ info("getSubmitMessage");
+ return new Promise((resolve, reject) => {
+ chromeScript.addMessageListener("formSubmissionProcessed", function processed(...args) {
+ info("got formSubmissionProcessed");
+ chromeScript.removeMessageListener("formSubmissionProcessed", processed);
+ resolve(...args);
+ });
+ });
+}
+
+add_task(function* test() {
+ let loginFrame = document.getElementById("loginFrame");
+ let frameDoc = loginFrame.contentWindow.document;
+
+ for (let tc of TESTCASES) {
+ info("Starting testcase: " + JSON.stringify(tc));
+ frameDoc.documentElement.innerHTML = tc.document;
+ let inputForFormLike = frameDoc.querySelectorAll("input")[tc.inputIndexForFormLike];
+
+ let formLike = LoginFormFactory.createFromField(inputForFormLike);
+
+ info("Calling _onFormSubmit with FormLike");
+ let processedPromise = getSubmitMessage();
+ LoginManagerContent._onFormSubmit(formLike);
+
+ let submittedResult = yield processedPromise;
+
+ // Check data sent via RemoteLogins:onFormSubmit
+ is(submittedResult.hostname, tc.hostname, "Check hostname");
+ is(submittedResult.formSubmitURL, tc.formSubmitURL, "Check formSubmitURL");
+
+ if (tc.usernameFieldValue === null) {
+ is(submittedResult.usernameField, tc.usernameFieldValue, "Check usernameField");
+ } else {
+ is(submittedResult.usernameField.value, tc.usernameFieldValue, "Check usernameField");
+ }
+
+ is(submittedResult.newPasswordField.value, tc.newPasswordFieldValue, "Check newPasswordFieldValue");
+
+ if (tc.oldPasswordFieldValue === null) {
+ is(submittedResult.oldPasswordField, tc.oldPasswordFieldValue, "Check oldPasswordFieldValue");
+ } else {
+ is(submittedResult.oldPasswordField.value, tc.oldPasswordFieldValue, "Check oldPasswordFieldValue");
+ }
+ }
+});
+
+</script>
+
+<p id="display"></p>
+
+<div id="content">
+ <iframe id="loginFrame" src="http://mochi.test:8888/tests/toolkit/components/passwordmgr/test/blank.html"></iframe>
+</div>
+<pre id="test"></pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation.html b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation.html
new file mode 100644
index 000000000..b07d0886c
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation.html
@@ -0,0 +1,191 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test capturing of fields outside of a form due to navigation</title>
+ <script src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script src="pwmgr_common.js"></script>
+ <link rel="stylesheet" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script type="application/javascript;version=1.8">
+const LMCBackstagePass = SpecialPowers.Cu.import("resource://gre/modules/LoginManagerContent.jsm");
+const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass;
+
+let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+
+let loadPromise = new Promise(resolve => {
+ document.addEventListener("DOMContentLoaded", () => {
+ document.getElementById("loginFrame").addEventListener("load", (evt) => {
+ resolve();
+ });
+ });
+});
+
+add_task(function* setup() {
+ yield SpecialPowers.pushPrefEnv({
+ set: [
+ ["signon.formlessCapture.enabled", true],
+ ],
+ });
+
+ info("Waiting for page and frame loads");
+ yield loadPromise;
+
+ yield loadRecipes({
+ siteRecipes: [{
+ hosts: ["test1.mochi.test:8888"],
+ usernameSelector: "input[name='recipeuname']",
+ passwordSelector: "input[name='recipepword']",
+ }],
+ });
+});
+
+const DEFAULT_ORIGIN = "http://test1.mochi.test:8888";
+const SCRIPTS = {
+ PUSHSTATE: `history.pushState({}, "Pushed state", "?pushed");`,
+ WINDOW_LOCATION: `window.location = "data:text/html;charset=utf-8,window.location";`,
+};
+const TESTCASES = [
+ {
+ // Inputs
+ document: `<input type=password value="pass1">`,
+
+ // Expected outputs similar to RemoteLogins:onFormSubmit
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: null,
+ newPasswordFieldValue: "pass1",
+ oldPasswordFieldValue: null,
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="pass1">`,
+
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass1",
+ oldPasswordFieldValue: null,
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="pass1">
+ <input type=password value="pass2">`,
+
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass2",
+ oldPasswordFieldValue: "pass1",
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="pass1">
+ <input type=password value="pass2">
+ <input type=password value="pass2">`,
+
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass2",
+ oldPasswordFieldValue: "pass1",
+ },
+ {
+ document: `<input value="user1">
+ <input type=password value="user2" form="form1">
+ <input type=password value="pass1">
+ <form id="form1">
+ <input value="user3">
+ <input type=password value="pass2">
+ </form>`,
+
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "user1",
+ newPasswordFieldValue: "pass1",
+ oldPasswordFieldValue: null,
+ },
+ {
+ document: `<!-- recipe field override -->
+ <input name="recipeuname" value="username from recipe">
+ <input value="default field username">
+ <input type=password value="pass1">
+ <input name="recipepword" type=password value="pass2">`,
+
+ hostname: DEFAULT_ORIGIN,
+ formSubmitURL: DEFAULT_ORIGIN,
+ usernameFieldValue: "username from recipe",
+ newPasswordFieldValue: "pass2",
+ oldPasswordFieldValue: null,
+ },
+];
+
+function getSubmitMessage() {
+ info("getSubmitMessage");
+ return new Promise((resolve, reject) => {
+ chromeScript.addMessageListener("formSubmissionProcessed", function processed(...args) {
+ info("got formSubmissionProcessed");
+ chromeScript.removeMessageListener("formSubmissionProcessed", processed);
+ resolve(...args);
+ });
+ });
+}
+
+add_task(function* test() {
+ let loginFrame = document.getElementById("loginFrame");
+
+ for (let tc of TESTCASES) {
+ for (let scriptName of Object.keys(SCRIPTS)) {
+ info("Starting testcase with script " + scriptName + ": " + JSON.stringify(tc));
+ let loadedPromise = new Promise((resolve) => {
+ loginFrame.addEventListener("load", function frameLoaded() {
+ loginFrame.removeEventListener("load", frameLoaded);
+ resolve();
+ });
+ });
+ loginFrame.src = DEFAULT_ORIGIN + "/tests/toolkit/components/passwordmgr/test/mochitest/blank.html";
+ yield loadedPromise;
+
+ let frameDoc = SpecialPowers.wrap(loginFrame.contentWindow).document;
+ frameDoc.documentElement.innerHTML = tc.document;
+ // Wait for the form to be processed before trying to submit.
+ yield promiseFormsProcessed();
+ let processedPromise = getSubmitMessage();
+ info("Running " + scriptName + " script to cause a submission");
+ frameDoc.defaultView.eval(SCRIPTS[scriptName]);
+
+ let submittedResult = yield processedPromise;
+
+ // Check data sent via RemoteLogins:onFormSubmit
+ is(submittedResult.hostname, tc.hostname, "Check hostname");
+ is(submittedResult.formSubmitURL, tc.formSubmitURL, "Check formSubmitURL");
+
+ if (tc.usernameFieldValue === null) {
+ is(submittedResult.usernameField, tc.usernameFieldValue, "Check usernameField");
+ } else {
+ is(submittedResult.usernameField.value, tc.usernameFieldValue, "Check usernameField");
+ }
+
+ is(submittedResult.newPasswordField.value, tc.newPasswordFieldValue, "Check newPasswordFieldValue");
+
+ if (tc.oldPasswordFieldValue === null) {
+ is(submittedResult.oldPasswordField, tc.oldPasswordFieldValue, "Check oldPasswordFieldValue");
+ } else {
+ is(submittedResult.oldPasswordField.value, tc.oldPasswordFieldValue, "Check oldPasswordFieldValue");
+ }
+ }
+ }
+});
+
+</script>
+
+<p id="display"></p>
+
+<div id="content">
+ <iframe id="loginFrame" src="http://test1.mochi.test:8888/tests/toolkit/components/passwordmgr/test/mochitest/blank.html"></iframe>
+</div>
+<pre id="test"></pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation_negative.html b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation_negative.html
new file mode 100644
index 000000000..4283f128c
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation_negative.html
@@ -0,0 +1,121 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test no capturing of fields outside of a form due to navigation</title>
+ <script src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script src="pwmgr_common.js"></script>
+ <link rel="stylesheet" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script type="application/javascript;version=1.8">
+const LMCBackstagePass = SpecialPowers.Cu.import("resource://gre/modules/LoginManagerContent.jsm");
+const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass;
+
+SimpleTest.requestFlakyTimeout("Testing that a message doesn't arrive");
+
+let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+
+let loadPromise = new Promise(resolve => {
+ document.addEventListener("DOMContentLoaded", () => {
+ document.getElementById("loginFrame").addEventListener("load", (evt) => {
+ resolve();
+ });
+ });
+});
+
+function submissionProcessed(...args) {
+ ok(false, "No formSubmissionProcessed should occur in this test");
+ info("got: " + JSON.stringify(args));
+}
+
+add_task(function* setup() {
+ yield SpecialPowers.pushPrefEnv({
+ set: [
+ ["signon.formlessCapture.enabled", true],
+ ],
+ });
+
+ info("Waiting for page and frame loads");
+ yield loadPromise;
+
+ chromeScript.addMessageListener("formSubmissionProcessed", submissionProcessed);
+
+ SimpleTest.registerCleanupFunction(() => {
+ chromeScript.removeMessageListener("formSubmissionProcessed", submissionProcessed);
+ });
+});
+
+const DEFAULT_ORIGIN = "http://test1.mochi.test:8888";
+const SCRIPTS = {
+ PUSHSTATE: `history.pushState({}, "Pushed state", "?pushed");`,
+ WINDOW_LOCATION: `window.location = "data:text/html;charset=utf-8,window.location";`,
+ WINDOW_LOCATION_RELOAD: `window.location.reload();`,
+ HISTORY_BACK: `history.back();`,
+ HISTORY_GO_MINUS1: `history.go(-1);`,
+};
+const TESTCASES = [
+ // Begin test cases that shouldn't trigger capture.
+ {
+ // For now we don't trigger upon navigation if <form> is used.
+ document: `<form><input type=password value="pass1"></form>`,
+ },
+ {
+ // Empty password field
+ document: `<input type=password value="">`,
+ },
+ {
+ // Test with an input that would normally be captured but with SCRIPTS that
+ // shouldn't trigger capture.
+ document: `<input type=password value="pass2">`,
+ wouldCapture: true,
+ },
+];
+
+add_task(function* test() {
+ let loginFrame = document.getElementById("loginFrame");
+
+ for (let tc of TESTCASES) {
+ for (let scriptName of Object.keys(SCRIPTS)) {
+ if (tc.wouldCapture && ["PUSHSTATE", "WINDOW_LOCATION"].includes(scriptName)) {
+ // Don't run scripts that should actually capture for this testcase.
+ continue;
+ }
+
+ info("Starting testcase with script " + scriptName + ": " + JSON.stringify(tc));
+ let loadedPromise = new Promise((resolve) => {
+ loginFrame.addEventListener("load", function frameLoaded() {
+ loginFrame.removeEventListener("load", frameLoaded);
+ resolve();
+ });
+ });
+ loginFrame.src = DEFAULT_ORIGIN + "/tests/toolkit/components/passwordmgr/test/mochitest/blank.html";
+ yield loadedPromise;
+
+ let frameDoc = SpecialPowers.wrap(loginFrame.contentWindow).document;
+ frameDoc.documentElement.innerHTML = tc.document;
+
+ // Wait for the form to be processed before trying to submit.
+ yield promiseFormsProcessed();
+
+ info("Running " + scriptName + " script to check for a submission");
+ frameDoc.defaultView.eval(SCRIPTS[scriptName]);
+
+ // Wait for 5000ms to see if the promise above resolves.
+ yield new Promise(resolve => setTimeout(resolve, 5000));
+ ok(true, "Done waiting for captures");
+ }
+ }
+});
+
+</script>
+
+<p id="display"></p>
+
+<div id="content">
+ <iframe id="loginFrame" src="http://test1.mochi.test:8888/tests/toolkit/components/passwordmgr/test/mochitest/blank.html"></iframe>
+</div>
+<pre id="test"></pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_input_events.html b/toolkit/components/passwordmgr/test/mochitest/test_input_events.html
new file mode 100644
index 000000000..0e77956d8
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_input_events.html
@@ -0,0 +1,96 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for input events in Login Manager</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body onload="onNewEvent(event)">
+Login Manager test: input events should fire.
+
+<script>
+runChecksAfterCommonInit();
+
+SimpleTest.requestFlakyTimeout("untriaged");
+
+/** Test for Login Manager: form fill, should get input events. **/
+
+var usernameInputFired = false;
+var passwordInputFired = false;
+var usernameChangeFired = false;
+var passwordChangeFired = false;
+var onloadFired = false;
+
+function onNewEvent(e) {
+ info("Got " + e.type + " event.");
+ if (e.type == "load") {
+ onloadFired = true;
+ } else if (e.type == "input") {
+ if (e.target.name == "uname") {
+ is(e.target.value, "testuser", "Should get 'testuser' as username");
+ ok(!usernameInputFired, "Should not have gotten an input event for the username field yet.");
+ usernameInputFired = true;
+ } else if (e.target.name == "pword") {
+ is(e.target.value, "testpass", "Should get 'testpass' as password");
+ ok(!passwordInputFired, "Should not have gotten an input event for the password field yet.");
+ passwordInputFired = true;
+ }
+ } else if (e.type == "change") {
+ if (e.target.name == "uname") {
+ is(e.target.value, "testuser", "Should get 'testuser' as username");
+ ok(usernameInputFired, "Should get input event before change event for username field.");
+ ok(!usernameChangeFired, "Should not have gotten a change event for the username field yet.");
+ usernameChangeFired = true;
+ } else if (e.target.name == "pword") {
+ is(e.target.value, "testpass", "Should get 'testpass' as password");
+ ok(passwordInputFired, "Should get input event before change event for password field.");
+ ok(!passwordChangeFired, "Should not have gotten a change event for the password field yet.");
+ passwordChangeFired = true;
+ }
+ }
+ if (onloadFired && usernameInputFired && passwordInputFired && usernameChangeFired && passwordChangeFired) {
+ ok(true, "All events fired as expected, we're done.");
+ SimpleTest.finish();
+ }
+}
+
+SimpleTest.registerCleanupFunction(function cleanup() {
+ clearTimeout(timeout);
+ $_(1, "uname").removeAttribute("oninput");
+ $_(1, "pword").removeAttribute("oninput");
+ $_(1, "uname").removeAttribute("onchange");
+ $_(1, "pword").removeAttribute("onchange");
+ document.body.removeAttribute("onload");
+});
+
+var timeout = setTimeout(function() {
+ ok(usernameInputFired, "Username input event should have fired by now.");
+ ok(passwordInputFired, "Password input event should have fired by now.");
+ ok(usernameChangeFired, "Username change event should have fired by now.");
+ ok(passwordChangeFired, "Password change event should have fired by now.");
+ ok(onloadFired, "Window load event should have fired by now.");
+ ok(false, "Not all events fired yet.");
+ SimpleTest.finish();
+}, 10000);
+
+</script>
+
+<p id="display"></p>
+
+<div id="content" style="display: none">
+
+ <form id="form1" action="formtest.js">
+ <p>This is form 1.</p>
+ <input type="text" name="uname" oninput="onNewEvent(event)" onchange="onNewEvent(event)">
+ <input type="password" name="pword" oninput="onNewEvent(event)" onchange="onNewEvent(event)">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+</div>
+<pre id="test"></pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_input_events_for_identical_values.html b/toolkit/components/passwordmgr/test/mochitest/test_input_events_for_identical_values.html
new file mode 100644
index 000000000..d058a87f9
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_input_events_for_identical_values.html
@@ -0,0 +1,51 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for input events in Login Manager when username/password are filled in already</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body onload="onNewEvent(event)">
+Login Manager test: input events should fire.
+
+<script>
+runChecksAfterCommonInit();
+
+SimpleTest.requestFlakyTimeout("untriaged");
+
+/** Test for Login Manager: form fill when form is already filled, should not get input events. **/
+
+var onloadFired = false;
+
+function onNewEvent(e) {
+ console.error("Got " + e.type + " event.");
+ if (e.type == "load") {
+ onloadFired = true;
+ $_(1, "uname").focus();
+ sendKey("Tab");
+ } else {
+ ok(false, "Got an input event for " + e.target.name + " field, which shouldn't happen.");
+ }
+}
+</script>
+
+<p id="display"></p>
+
+<div id="content">
+
+ <form id="form1" action="formtest.js">
+ <p>This is form 1.</p>
+ <input type="text" name="uname" oninput="onNewEvent(event)" value="testuser">
+ <input type="password" name="pword" oninput="onNewEvent(event)" onfocus="setTimeout(function() { SimpleTest.finish() }, 1000);" value="testpass">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+</div>
+<pre id="test"></pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_autocomplete.html b/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_autocomplete.html
new file mode 100644
index 000000000..c5d0a44fa
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_autocomplete.html
@@ -0,0 +1,861 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test insecure form field autocomplete</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+<script>
+var chromeScript = runChecksAfterCommonInit();
+
+var setupScript = runInParent(function setup() {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ // Create some logins just for this form, since we'll be deleting them.
+ var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+ assert.ok(nsLoginInfo != null, "nsLoginInfo constructor");
+
+ // login0 has no username, so should be filtered out from the autocomplete list.
+ var login0 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "", "user0pass", "", "pword");
+
+ var login1 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "tempuser1", "temppass1", "uname", "pword");
+
+ var login2 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "testuser2", "testpass2", "uname", "pword");
+
+ var login3 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "testuser3", "testpass3", "uname", "pword");
+
+ var login4 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "zzzuser4", "zzzpass4", "uname", "pword");
+
+ // login 5 only used in the single-user forms
+ var login5 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete2", null,
+ "singleuser5", "singlepass5", "uname", "pword");
+
+ var login6A = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete3", null,
+ "form7user1", "form7pass1", "uname", "pword");
+ var login6B = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete3", null,
+ "form7user2", "form7pass2", "uname", "pword");
+
+ var login7 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete4", null,
+ "form8user", "form8pass", "uname", "pword");
+
+ var login8A = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null,
+ "form9userAB", "form9pass", "uname", "pword");
+ var login8B = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null,
+ "form9userAAB", "form9pass", "uname", "pword");
+ var login8C = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null,
+ "form9userAABzz", "form9pass", "uname", "pword");
+
+ var login10 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete7", null,
+ "testuser10", "testpass10", "uname", "pword");
+
+
+ // try/catch in case someone runs the tests manually, twice.
+ try {
+ Services.logins.addLogin(login0);
+ Services.logins.addLogin(login1);
+ Services.logins.addLogin(login2);
+ Services.logins.addLogin(login3);
+ Services.logins.addLogin(login4);
+ Services.logins.addLogin(login5);
+ Services.logins.addLogin(login6A);
+ Services.logins.addLogin(login6B);
+ Services.logins.addLogin(login7);
+ Services.logins.addLogin(login8A);
+ Services.logins.addLogin(login8B);
+ // login8C is added later
+ Services.logins.addLogin(login10);
+ } catch (e) {
+ assert.ok(false, "addLogin threw: " + e);
+ }
+
+ addMessageListener("addLogin", loginVariableName => {
+ let login = eval(loginVariableName);
+ assert.ok(!!login, "Login to add is defined: " + loginVariableName);
+ Services.logins.addLogin(login);
+ });
+ addMessageListener("removeLogin", loginVariableName => {
+ let login = eval(loginVariableName);
+ assert.ok(!!login, "Login to delete is defined: " + loginVariableName);
+ Services.logins.removeLogin(login);
+ });
+});
+</script>
+<p id="display"></p>
+
+<!-- we presumably can't hide the content for this test. -->
+<div id="content">
+
+ <!-- form1 tests multiple matching logins -->
+ <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- other forms test single logins, with autocomplete=off set -->
+ <form id="form2" action="http://autocomplete2" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword" autocomplete="off">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form3" action="http://autocomplete2" onsubmit="return false;">
+ <input type="text" name="uname" autocomplete="off">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form4" action="http://autocomplete2" onsubmit="return false;" autocomplete="off">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form5" action="http://autocomplete2" onsubmit="return false;">
+ <input type="text" name="uname" autocomplete="off">
+ <input type="password" name="pword" autocomplete="off">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- control -->
+ <form id="form6" action="http://autocomplete2" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- This form will be manipulated to insert a different username field. -->
+ <form id="form7" action="http://autocomplete3" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- test for no autofill after onblur with blank username -->
+ <form id="form8" action="http://autocomplete4" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- test autocomplete dropdown -->
+ <form id="form9" action="http://autocomplete5" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- test for onUsernameInput recipe testing -->
+ <form id="form11" action="http://autocomplete7" onsubmit="return false;">
+ <input type="text" name="1">
+ <input type="text" name="2">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- tests <form>-less autocomplete -->
+ <div id="form12">
+ <input type="text" name="uname" id="uname">
+ <input type="password" name="pword" id="pword">
+ <button type="submit">Submit</button>
+ </div>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: multiple login autocomplete. **/
+
+var uname = $_(1, "uname");
+var pword = $_(1, "pword");
+const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK;
+
+// Restore the form to the default state.
+function restoreForm() {
+ uname.value = "";
+ pword.value = "";
+ uname.focus();
+}
+
+// Check for expected username/password in form.
+function checkACForm(expectedUsername, expectedPassword) {
+ var formID = uname.parentNode.id;
+ is(uname.value, expectedUsername, "Checking " + formID + " username is: " + expectedUsername);
+ is(pword.value, expectedPassword, "Checking " + formID + " password is: " + expectedPassword);
+}
+
+function sendFakeAutocompleteEvent(element) {
+ var acEvent = document.createEvent("HTMLEvents");
+ acEvent.initEvent("DOMAutoComplete", true, false);
+ element.dispatchEvent(acEvent);
+}
+
+function spinEventLoop() {
+ return Promise.resolve();
+}
+
+add_task(function* setup() {
+ yield SpecialPowers.pushPrefEnv({"set": [["security.insecure_field_warning.contextual.enabled", true],
+ ["signon.autofillForms.http", true]]});
+ listenForUnexpectedPopupShown();
+});
+
+add_task(function* test_form1_initial_empty() {
+ yield SimpleTest.promiseFocus(window);
+
+ // Make sure initial form is empty.
+ checkACForm("", "");
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is initially closed");
+});
+
+add_task(function* test_form1_warning_entry() {
+ yield SimpleTest.promiseFocus(window);
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ let results = yield shownPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected upon opening");
+
+ let expectedMenuItems = ["This connection is not secure. Logins entered here could be compromised. Learn More",
+ "tempuser1",
+ "testuser2",
+ "testuser3",
+ "zzzuser4"];
+ checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly.");
+
+ doKey("down"); // select insecure warning
+ checkACForm("", ""); // value shouldn't update just by selecting
+ doKey("return"); // not "enter"!
+ yield spinEventLoop(); // let focus happen
+ checkACForm("", "");
+});
+
+add_task(function* test_form1_first_entry() {
+ yield SimpleTest.promiseFocus(window);
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected upon opening");
+
+ doKey("down"); // skip insecure warning
+ doKey("down"); // first
+ checkACForm("", ""); // value shouldn't update just by selecting
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("tempuser1", "temppass1");
+});
+
+add_task(function* test_form1_second_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_third_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("down"); // third
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser3", "testpass3");
+});
+
+add_task(function* test_form1_fourth_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("down"); // third
+ doKey("down"); // fourth
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_wraparound_first_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ yield spinEventLoop(); // let focus happen
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("down"); // third
+ doKey("down"); // fourth
+ doKey("down"); // deselects
+ doKey("down"); // skip insecure warning
+ doKey("down"); // first
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("tempuser1", "temppass1");
+});
+
+add_task(function* test_form1_wraparound_up_last_entry() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("up"); // last (fourth)
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_wraparound_down_up_up() {
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // select first entry
+ doKey("up"); // selects nothing!
+ doKey("up"); // select last entry
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_wraparound_up_last() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down");
+ doKey("up"); // deselects
+ doKey("up"); // last entry
+ doKey("up");
+ doKey("up");
+ doKey("up"); // skip insecure warning
+ doKey("up"); // first entry
+ doKey("up"); // deselects
+ doKey("up"); // last entry
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_fill_username_without_autofill_right() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Set first entry w/o triggering autocomplete
+ doKey("down"); // skip insecure warning
+ doKey("down"); // first
+ doKey("right");
+ yield spinEventLoop();
+ checkACForm("tempuser1", ""); // empty password
+});
+
+add_task(function* test_form1_fill_username_without_autofill_left() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Set first entry w/o triggering autocomplete
+ doKey("down"); // skip insecure warning
+ doKey("down"); // first
+ doKey("left");
+ checkACForm("tempuser1", ""); // empty password
+});
+
+add_task(function* test_form1_pageup_first() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // Check first entry (page up)
+ doKey("down"); // first
+ doKey("down"); // second
+ doKey("page_up"); // first
+ doKey("down"); // skip insecure warning
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("tempuser1", "temppass1");
+});
+
+add_task(function* test_form1_pagedown_last() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // test 13
+ // Check last entry (page down)
+ doKey("down"); // first
+ doKey("page_down"); // last
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_untrusted_event() {
+ restoreForm();
+ yield spinEventLoop();
+
+ // Send a fake (untrusted) event.
+ checkACForm("", "");
+ uname.value = "zzzuser4";
+ sendFakeAutocompleteEvent(uname);
+ yield spinEventLoop();
+ checkACForm("zzzuser4", "");
+});
+
+add_task(function* test_form1_delete() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ // XXX tried sending character "t" before/during dropdown to test
+ // filtering, but had no luck. Seemed like the character was getting lost.
+ // Setting uname.value didn't seem to work either. This works with a human
+ // driver, so I'm not sure what's up.
+
+ doKey("down"); // skip insecure warning
+ // Delete the first entry (of 4), "tempuser1"
+ doKey("down");
+ var numLogins;
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 5, "Correct number of logins before deleting one");
+
+ let countChangedPromise = notifyMenuChanged(4);
+ var deletionPromise = promiseStorageChanged(["removeLogin"]);
+ // On OS X, shift-backspace and shift-delete work, just delete does not.
+ // On Win/Linux, shift-backspace does not work, delete and shift-delete do.
+ doKey("delete", shiftModifier);
+ yield deletionPromise;
+
+ checkACForm("", "");
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 4, "Correct number of logins after deleting one");
+ yield countChangedPromise;
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_first_after_deletion() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Check the new first entry (of 3)
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_delete_second() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Delete the second entry (of 3), "testuser3"
+ doKey("down");
+ doKey("down");
+ doKey("delete", shiftModifier);
+ checkACForm("", "");
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 3, "Correct number of logins after deleting one");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("zzzuser4", "zzzpass4");
+});
+
+add_task(function* test_form1_first_after_deletion2() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Check the new first entry (of 2)
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_delete_last() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // test 54
+ // Delete the last entry (of 2), "zzzuser4"
+ doKey("down");
+ doKey("down");
+ doKey("delete", shiftModifier);
+ checkACForm("", "");
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 2, "Correct number of logins after deleting one");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_first_after_3_deletions() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Check the only remaining entry
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("testuser2", "testpass2");
+});
+
+add_task(function* test_form1_check_only_entry_remaining() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // test 56
+ // Delete the only remaining entry, "testuser2"
+ doKey("down");
+ doKey("delete", shiftModifier);
+ checkACForm("", "");
+ numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null);
+ is(numLogins, 1, "Correct number of logins after deleting one");
+
+ // remove the login that's not shown in the list.
+ setupScript.sendSyncMessage("removeLogin", "login0");
+});
+
+// Tests for single-user forms for ignoring autocomplete=off
+add_task(function* test_form2() {
+ // Turn our attention to form2
+ uname = $_(2, "uname");
+ pword = $_(2, "pword");
+ checkACForm("singleuser5", "singlepass5");
+
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form3() {
+ uname = $_(3, "uname");
+ pword = $_(3, "pword");
+ checkACForm("singleuser5", "singlepass5");
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form4() {
+ uname = $_(4, "uname");
+ pword = $_(4, "pword");
+ checkACForm("singleuser5", "singlepass5");
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form5() {
+ uname = $_(5, "uname");
+ pword = $_(5, "pword");
+ checkACForm("singleuser5", "singlepass5");
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form6() {
+ // (this is a control, w/o autocomplete=off, to ensure the login
+ // that was being suppressed would have been filled in otherwise)
+ uname = $_(6, "uname");
+ pword = $_(6, "pword");
+ checkACForm("singleuser5", "singlepass5");
+});
+
+add_task(function* test_form6_changeUsername() {
+ // Test that the password field remains filled in after changing
+ // the username.
+ uname.focus();
+ doKey("right");
+ sendChar("X");
+ // Trigger the 'blur' event on uname
+ pword.focus();
+ yield spinEventLoop();
+ checkACForm("singleuser5X", "singlepass5");
+
+ setupScript.sendSyncMessage("removeLogin", "login5");
+});
+
+add_task(function* test_form7() {
+ uname = $_(7, "uname");
+ pword = $_(7, "pword");
+ checkACForm("", "");
+
+ // Insert a new username field into the form. We'll then make sure
+ // that invoking the autocomplete doesn't try to fill the form.
+ var newField = document.createElement("input");
+ newField.setAttribute("type", "text");
+ newField.setAttribute("name", "uname2");
+ pword.parentNode.insertBefore(newField, pword);
+ is($_(7, "uname2").value, "", "Verifying empty uname2");
+
+ // Delete login6B. It was created just to prevent filling in a login
+ // automatically, removing it makes it more likely that we'll catch a
+ // future regression with form filling here.
+ setupScript.sendSyncMessage("removeLogin", "login6B");
+});
+
+add_task(function* test_form7_2() {
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Check first entry
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ // The form changes, so we expect the old username field to get the
+ // selected autocomplete value, but neither the new username field nor
+ // the password field should have any values filled in.
+ yield spinEventLoop();
+ checkACForm("form7user1", "");
+ is($_(7, "uname2").value, "", "Verifying empty uname2");
+ restoreForm(); // clear field, so reloading test doesn't fail
+
+ setupScript.sendSyncMessage("removeLogin", "login6A");
+});
+
+add_task(function* test_form8() {
+ uname = $_(8, "uname");
+ pword = $_(8, "pword");
+ checkACForm("form8user", "form8pass");
+ restoreForm();
+});
+
+add_task(function* test_form8_blur() {
+ checkACForm("", "");
+ // Focus the previous form to trigger a blur.
+ $_(7, "uname").focus();
+});
+
+add_task(function* test_form8_2() {
+ checkACForm("", "");
+ restoreForm();
+});
+
+add_task(function* test_form8_3() {
+ checkACForm("", "");
+ setupScript.sendSyncMessage("removeLogin", "login7");
+});
+
+add_task(function* test_form9_filtering() {
+ // Turn our attention to form9 to test the dropdown - bug 497541
+ uname = $_(9, "uname");
+ pword = $_(9, "pword");
+ uname.focus();
+ let shownPromise = promiseACShown();
+ sendString("form9userAB");
+ yield shownPromise;
+
+ checkACForm("form9userAB", "");
+ uname.focus();
+ doKey("left");
+ shownPromise = promiseACShown();
+ sendChar("A");
+ let results = yield shownPromise;
+
+ checkACForm("form9userAAB", "");
+ checkArrayValues(results, ["This connection is not secure. Logins entered here could be compromised. Learn More", "form9userAAB"],
+ "Check dropdown is updated after inserting 'A'");
+ doKey("down"); // skip insecure warning
+ doKey("down");
+ doKey("return");
+ yield promiseFormsProcessed();
+ checkACForm("form9userAAB", "form9pass");
+});
+
+add_task(function* test_form9_autocomplete_cache() {
+ // Note that this addLogin call will only be seen by the autocomplete
+ // attempt for the sendChar if we do not successfully cache the
+ // autocomplete results.
+ setupScript.sendSyncMessage("addLogin", "login8C");
+ uname.focus();
+ let promise0 = notifyMenuChanged(1);
+ let shownPromise = promiseACShown();
+ sendChar("z");
+ yield promise0;
+ yield shownPromise;
+ let popupState = yield getPopupState();
+ is(popupState.open, true, "Check popup should open");
+
+ // check that empty results are cached - bug 496466
+ promise0 = notifyMenuChanged(1);
+ sendChar("z");
+ yield promise0;
+ popupState = yield getPopupState();
+ is(popupState.open, true, "Check popup stays opened due to cached empty result");
+});
+
+add_task(function* test_form11_recipes() {
+ yield loadRecipes({
+ siteRecipes: [{
+ "hosts": ["mochi.test:8888"],
+ "usernameSelector": "input[name='1']",
+ "passwordSelector": "input[name='2']"
+ }],
+ });
+ uname = $_(11, "1");
+ pword = $_(11, "2");
+
+ // First test DOMAutocomplete
+ // Switch the password field to type=password so _fillForm marks the username
+ // field for autocomplete.
+ pword.type = "password";
+ yield promiseFormsProcessed();
+ restoreForm();
+ checkACForm("", "");
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ doKey("return"); // not "enter"!
+ yield promiseFormsProcessed();
+ checkACForm("testuser10", "testpass10");
+
+ // Now test recipes with blur on the username field.
+ restoreForm();
+ checkACForm("", "");
+ uname.value = "testuser10";
+ checkACForm("testuser10", "");
+ doKey("tab");
+ yield promiseFormsProcessed();
+ checkACForm("testuser10", "testpass10");
+ yield resetRecipes();
+});
+
+add_task(function* test_form12_formless() {
+ // Test form-less autocomplete
+ uname = $_(12, "uname");
+ pword = $_(12, "pword");
+ restoreForm();
+ checkACForm("", "");
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ doKey("down"); // skip insecure warning
+ // Trigger autocomplete
+ doKey("down");
+ checkACForm("", ""); // value shouldn't update
+ let processedPromise = promiseFormsProcessed();
+ doKey("return"); // not "enter"!
+ yield processedPromise;
+ checkACForm("testuser", "testpass");
+});
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_no_saved_login.html b/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_no_saved_login.html
new file mode 100644
index 000000000..c3a894958
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_no_saved_login.html
@@ -0,0 +1,103 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test basic login, contextual inscure password warning without saved logins</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: contextual inscure password warning without saved logins
+
+<script>
+let chromeScript = runChecksAfterCommonInit();
+</script>
+<p id="display"></p>
+
+<!-- we presumably can't hide the content for this test. -->
+<div id="content">
+
+ <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: contextual inscure password warning without saved logins. **/
+
+// Set to pref before the document loads.
+SpecialPowers.setBoolPref(
+ "security.insecure_field_warning.contextual.enabled", true);
+
+SimpleTest.registerCleanupFunction(() => {
+ SpecialPowers.clearUserPref(
+ "security.insecure_field_warning.contextual.enabled");
+});
+
+let uname = $_(1, "uname");
+let pword = $_(1, "pword");
+const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK;
+
+// Restore the form to the default state.
+function restoreForm() {
+ uname.value = "";
+ pword.value = "";
+ uname.focus();
+}
+
+// Check for expected username/password in form.
+function checkACForm(expectedUsername, expectedPassword) {
+ let formID = uname.parentNode.id;
+ is(uname.value, expectedUsername, "Checking " + formID + " username is: " + expectedUsername);
+ is(pword.value, expectedPassword, "Checking " + formID + " password is: " + expectedPassword);
+}
+
+function spinEventLoop() {
+ return Promise.resolve();
+}
+
+add_task(function* setup() {
+ listenForUnexpectedPopupShown();
+});
+
+add_task(function* test_form1_initial_empty() {
+ yield SimpleTest.promiseFocus(window);
+
+ // Make sure initial form is empty.
+ checkACForm("", "");
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is initially closed");
+});
+
+add_task(function* test_form1_warning_entry() {
+ yield SimpleTest.promiseFocus(window);
+ // Trigger autocomplete popup
+ restoreForm();
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ yield shownPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.open, true, "Check popup is opened");
+ is(popupState.selectedIndex, -1, "Check no entries are selected upon opening");
+
+ doKey("down"); // select insecure warning
+ checkACForm("", ""); // value shouldn't update just by selecting
+ doKey("return"); // not "enter"!
+ yield spinEventLoop(); // let focus happen
+ checkACForm("", "");
+});
+
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_maxlength.html b/toolkit/components/passwordmgr/test/mochitest/test_maxlength.html
new file mode 100644
index 000000000..2b6da33ec
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_maxlength.html
@@ -0,0 +1,137 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for maxlength attributes</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: Bug 391514
+<script>
+runChecksAfterCommonInit(() => startTest());
+</script>
+<p id="display"></p>
+<div id="content" style="display: none">
+ <!-- normal form. -->
+ <form id="form1" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- limited username -->
+ <form id="form2" action="formtest.js">
+ <input type="text" name="uname" maxlength="4">
+ <input type="password" name="pword">
+ </form>
+
+ <!-- limited password -->
+ <form id="form3" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword" maxlength="4">
+ </form>
+
+ <!-- limited username and password -->
+ <form id="form4" action="formtest.js">
+ <input type="text" name="uname" maxlength="4">
+ <input type="password" name="pword" maxlength="4">
+ </form>
+
+
+ <!-- limited username -->
+ <form id="form5" action="formtest.js">
+ <input type="text" name="uname" maxlength="0">
+ <input type="password" name="pword">
+ </form>
+
+ <!-- limited password -->
+ <form id="form6" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword" maxlength="0">
+ </form>
+
+ <!-- limited username and password -->
+ <form id="form7" action="formtest.js">
+ <input type="text" name="uname" maxlength="0">
+ <input type="password" name="pword" maxlength="0">
+ </form>
+
+
+ <!-- limited, but ok, username -->
+ <form id="form8" action="formtest.js">
+ <input type="text" name="uname" maxlength="999">
+ <input type="password" name="pword">
+ </form>
+
+ <!-- limited, but ok, password -->
+ <form id="form9" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword" maxlength="999">
+ </form>
+
+ <!-- limited, but ok, username and password -->
+ <form id="form10" action="formtest.js">
+ <input type="text" name="uname" maxlength="999">
+ <input type="password" name="pword" maxlength="999">
+ </form>
+
+
+ <!-- limited, but ok, username -->
+ <!-- (note that filled values are exactly 8 characters) -->
+ <form id="form11" action="formtest.js">
+ <input type="text" name="uname" maxlength="8">
+ <input type="password" name="pword">
+ </form>
+
+ <!-- limited, but ok, password -->
+ <!-- (note that filled values are exactly 8 characters) -->
+ <form id="form12" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword" maxlength="8">
+ </form>
+
+ <!-- limited, but ok, username and password -->
+ <!-- (note that filled values are exactly 8 characters) -->
+ <form id="form13" action="formtest.js">
+ <input type="text" name="uname" maxlength="8">
+ <input type="password" name="pword" maxlength="8">
+ </form>
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/* Test for Login Manager: 391514 (Login Manager gets confused with
+ * password/PIN on usaa.com)
+ */
+
+function startTest() {
+ var i;
+
+ is($_(1, "uname").value, "testuser", "Checking for filled username 1");
+ is($_(1, "pword").value, "testpass", "Checking for filled password 1");
+
+ for (i = 2; i < 8; i++) {
+ is($_(i, "uname").value, "", "Checking for unfilled username " + i);
+ is($_(i, "pword").value, "", "Checking for unfilled password " + i);
+ }
+
+ for (i = 8; i < 14; i++) {
+ is($_(i, "uname").value, "testuser", "Checking for filled username " + i);
+ is($_(i, "pword").value, "testpass", "Checking for filled password " + i);
+ }
+
+ // Note that tests 11-13 are limited to exactly the expected value.
+ // Assert this lest someone change the login we're testing with.
+ is($_(11, "uname").value.length, 8, "asserting test assumption is valid.");
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_password_field_autocomplete.html b/toolkit/components/passwordmgr/test/mochitest/test_password_field_autocomplete.html
new file mode 100644
index 000000000..443c8a5e9
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_password_field_autocomplete.html
@@ -0,0 +1,291 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test basic login autocomplete</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: multiple login autocomplete
+
+<script>
+var chromeScript = runChecksAfterCommonInit();
+
+var setupScript = runInParent(function setup() {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ // Create some logins just for this form, since we'll be deleting them.
+ var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+ assert.ok(nsLoginInfo != null, "nsLoginInfo constructor");
+
+ // login0 has no username, so should be filtered out from the autocomplete list.
+ var login0 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "", "user0pass", "", "pword");
+
+ var login1 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "tempuser1", "temppass1", "uname", "pword");
+
+ var login2 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "testuser2", "testpass2", "uname", "pword");
+
+ var login3 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "testuser3", "testpass3", "uname", "pword");
+
+ var login4 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "zzzuser4", "zzzpass4", "uname", "pword");
+
+
+ // try/catch in case someone runs the tests manually, twice.
+ try {
+ Services.logins.addLogin(login0);
+ Services.logins.addLogin(login1);
+ Services.logins.addLogin(login2);
+ Services.logins.addLogin(login3);
+ Services.logins.addLogin(login4);
+ } catch (e) {
+ assert.ok(false, "addLogin threw: " + e);
+ }
+
+ addMessageListener("addLogin", loginVariableName => {
+ let login = eval(loginVariableName);
+ assert.ok(!!login, "Login to add is defined: " + loginVariableName);
+ Services.logins.addLogin(login);
+ });
+ addMessageListener("removeLogin", loginVariableName => {
+ let login = eval(loginVariableName);
+ assert.ok(!!login, "Login to delete is defined: " + loginVariableName);
+ Services.logins.removeLogin(login);
+ });
+});
+</script>
+<p id="display"></p>
+
+<!-- we presumably can't hide the content for this test. -->
+<div id="content">
+
+ <!-- form1 tests multiple matching logins -->
+ <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form2" action="http://autocomplete:8888/formtest.js" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword" readonly="true">
+ <button type="submit">Submit</button>
+ </form>
+
+ <form id="form3" action="http://autocomplete:8888/formtest.js" onsubmit="return false;">
+ <input type="text" name="uname">
+ <input type="password" name="pword" disabled="true">
+ <button type="submit">Submit</button>
+ </form>
+
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: multiple login autocomplete. **/
+
+var uname = $_(1, "uname");
+var pword = $_(1, "pword");
+const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK;
+
+// Restore the form to the default state.
+function* reinitializeForm(index) {
+ // Using innerHTML is for creating the autocomplete popup again, so the
+ // preference value will be applied to the constructor of
+ // UserAutoCompleteResult.
+ let form = document.getElementById("form" + index);
+ let temp = form.innerHTML;
+ form.innerHTML = "";
+ form.innerHTML = temp;
+
+ yield new Promise(resolve => {
+ let observer = SpecialPowers.wrapCallback(() => {
+ SpecialPowers.removeObserver(observer, "passwordmgr-processed-form");
+ resolve();
+ });
+ SpecialPowers.addObserver(observer, "passwordmgr-processed-form", false);
+ });
+
+ yield SimpleTest.promiseFocus(window);
+
+ uname = $_(index, "uname");
+ pword = $_(index, "pword");
+ uname.value = "";
+ pword.value = "";
+ pword.focus();
+}
+
+function generateDateString(date) {
+ let dateAndTimeFormatter = new Intl.DateTimeFormat(undefined,
+ { day: "numeric", month: "short", year: "numeric" });
+ return dateAndTimeFormatter.format(date);
+}
+
+const DATE_NOW_STRING = generateDateString(new Date());
+
+// Check for expected username/password in form.
+function checkACFormPasswordField(expectedPassword) {
+ var formID = uname.parentNode.id;
+ is(pword.value, expectedPassword, "Checking " + formID + " password is: " + expectedPassword);
+}
+
+function spinEventLoop() {
+ return Promise.resolve();
+}
+
+add_task(function* setup() {
+ listenForUnexpectedPopupShown();
+});
+
+add_task(function* test_form1_initial_empty() {
+ yield SimpleTest.promiseFocus(window);
+
+ // Make sure initial form is empty.
+ checkACFormPasswordField("");
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is initially closed");
+});
+
+add_task(function* test_form2_password_readonly() {
+ yield SpecialPowers.pushPrefEnv({"set": [
+ ["security.insecure_field_warning.contextual.enabled", true],
+ ["signon.autofillForms.http", true]
+ ]});
+ yield reinitializeForm(2);
+
+ // Trigger autocomplete popup
+ doKey("down"); // open
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is closed for a readonly field.");
+});
+
+add_task(function* test_form3_password_disabled() {
+ yield SpecialPowers.pushPrefEnv({"set": [
+ ["security.insecure_field_warning.contextual.enabled", true],
+ ["signon.autofillForms.http", true]
+ ]});
+ yield reinitializeForm(3);
+
+ // Trigger autocomplete popup
+ doKey("down"); // open
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is closed for a disabled field.");
+});
+
+add_task(function* test_form1_enabledInsecureFieldWarning_enabledInsecureAutoFillForm() {
+ yield SpecialPowers.pushPrefEnv({"set": [
+ ["security.insecure_field_warning.contextual.enabled", true],
+ ["signon.autofillForms.http", true]
+ ]});
+ yield reinitializeForm(1);
+ // Trigger autocomplete popup
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ let results = yield shownPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected upon opening");
+
+ let expectedMenuItems = ["This connection is not secure. Logins entered here could be compromised. Learn More",
+ "No username (" + DATE_NOW_STRING + ")",
+ "tempuser1",
+ "testuser2",
+ "testuser3",
+ "zzzuser4"];
+ checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly.");
+
+ doKey("down"); // select insecure warning
+ checkACFormPasswordField(""); // value shouldn't update just by selecting
+ doKey("return"); // not "enter"!
+ yield spinEventLoop(); // let focus happen
+ checkACFormPasswordField("");
+});
+
+add_task(function* test_form1_disabledInsecureFieldWarning_enabledInsecureAutoFillForm() {
+ yield SpecialPowers.pushPrefEnv({"set": [
+ ["security.insecure_field_warning.contextual.enabled", false],
+ ["signon.autofillForms.http", true]
+ ]});
+ yield reinitializeForm(1);
+
+ // Trigger autocomplete popup
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ let results = yield shownPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected upon opening");
+
+ let expectedMenuItems = ["No username (" + DATE_NOW_STRING + ")",
+ "tempuser1",
+ "testuser2",
+ "testuser3",
+ "zzzuser4"];
+ checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly.");
+
+ doKey("down"); // select first item
+ checkACFormPasswordField(""); // value shouldn't update just by selecting
+ doKey("return"); // not "enter"!
+ yield spinEventLoop(); // let focus happen
+ checkACFormPasswordField("user0pass");
+});
+
+add_task(function* test_form1_enabledInsecureFieldWarning_disabledInsecureAutoFillForm() {
+ yield SpecialPowers.pushPrefEnv({"set": [
+ ["security.insecure_field_warning.contextual.enabled", true],
+ ["signon.autofillForms.http", false]
+ ]});
+ yield reinitializeForm(1);
+
+ // Trigger autocomplete popup
+ let shownPromise = promiseACShown();
+ doKey("down"); // open
+ let results = yield shownPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.selectedIndex, -1, "Check no entries are selected upon opening");
+
+ let expectedMenuItems = ["This connection is not secure. Logins entered here could be compromised. Learn More",
+ "No username (" + DATE_NOW_STRING + ")",
+ "tempuser1",
+ "testuser2",
+ "testuser3",
+ "zzzuser4"];
+ checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly.");
+
+ doKey("down"); // select insecure warning
+ checkACFormPasswordField(""); // value shouldn't update just by selecting
+ doKey("return"); // not "enter"!
+ yield spinEventLoop(); // let focus happen
+ checkACFormPasswordField("");
+});
+
+add_task(function* test_form1_disabledInsecureFieldWarning_disabledInsecureAutoFillForm() {
+ yield SpecialPowers.pushPrefEnv({"set": [
+ ["security.insecure_field_warning.contextual.enabled", false],
+ ["signon.autofillForms.http", false]
+ ]});
+ yield reinitializeForm(1);
+
+ // Trigger autocomplete popup
+ doKey("down"); // open
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is closed with no AutoFillForms.");
+});
+
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_passwords_in_type_password.html b/toolkit/components/passwordmgr/test/mochitest/test_passwords_in_type_password.html
new file mode 100644
index 000000000..e107cebe6
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_passwords_in_type_password.html
@@ -0,0 +1,122 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test that passwords only get filled in type=password</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: Bug 242956
+<script>
+runChecksAfterCommonInit(() => startTest());
+</script>
+<p id="display"></p>
+<div id="content" style="display: none">
+ <!-- pword is not a type=password input -->
+ <form id="form1" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="text" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- uname is not a type=text input -->
+ <form id="form2" action="formtest.js">
+ <input type="password" name="uname">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- two "pword" inputs, (text + password) -->
+ <form id="form3" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="text" name="pword">
+ <input type="password" name="qword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- same thing, different order -->
+ <form id="form4" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <input type="text" name="qword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- uname is not a type=text input (try a checkbox just for variety) -->
+ <form id="form5" action="formtest.js">
+ <input type="checkbox" name="uname" value="">
+ <input type="password" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- pword is not a type=password input (try a checkbox just for variety) -->
+ <form id="form6" action="formtest.js">
+ <input type="text" name="uname">
+ <input type="checkbox" name="pword" value="">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+ <!-- pword is not a type=password input -->
+ <form id="form7" action="formtest.js">
+ <input type="text" name="uname" value="testuser">
+ <input type="text" name="pword">
+
+ <button type="submit">Submit</button>
+ <button type="reset"> Reset </button>
+ </form>
+
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: 242956 (Stored password is inserted into a
+ readable text input on a second page) **/
+
+// Make sure that pwmgr only puts passwords into type=password <input>s.
+// Might as well test the converse, too (username in password field).
+
+function startTest() {
+ is($_(1, "uname").value, "", "Checking for unfilled username 1");
+ is($_(1, "pword").value, "", "Checking for unfilled password 1");
+
+ is($_(2, "uname").value, "testpass", "Checking for password not username 2");
+ is($_(2, "pword").value, "", "Checking for unfilled password 2");
+
+ is($_(3, "uname").value, "", "Checking for unfilled username 3");
+ is($_(3, "pword").value, "testuser", "Checking for unfilled password 3");
+ is($_(3, "qword").value, "testpass", "Checking for unfilled qassword 3");
+
+ is($_(4, "uname").value, "testuser", "Checking for password not username 4");
+ is($_(4, "pword").value, "testpass", "Checking for unfilled password 4");
+ is($_(4, "qword").value, "", "Checking for unfilled qassword 4");
+
+ is($_(5, "uname").value, "", "Checking for unfilled username 5");
+ is($_(5, "pword").value, "testpass", "Checking for filled password 5");
+
+ is($_(6, "uname").value, "", "Checking for unfilled username 6");
+ is($_(6, "pword").value, "", "Checking for unfilled password 6");
+
+ is($_(7, "uname").value, "testuser", "Checking for unmodified username 7");
+ is($_(7, "pword").value, "", "Checking for unfilled password 7");
+
+ SimpleTest.finish();
+}
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt.html
new file mode 100644
index 000000000..1050ab66b
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt.html
@@ -0,0 +1,705 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test prompter.{prompt,promptPassword,promptUsernameAndPassword}</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+var state, action;
+var uname = { value: null };
+var pword = { value: null };
+var result = { value: null };
+var isOk;
+
+// Force parent to not look for tab-modal prompts, as they're not used for auth prompts.
+isTabModal = false;
+
+let prompterParent = runInParent(() => {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ const promptFac = Cc["@mozilla.org/passwordmanager/authpromptfactory;1"].
+ getService(Ci.nsIPromptFactory);
+
+ Cu.import("resource://gre/modules/Services.jsm");
+ let chromeWin = Services.wm.getMostRecentWindow("navigator:browser");
+ let prompter1 = promptFac.getPrompt(chromeWin, Ci.nsIAuthPrompt);
+
+ addMessageListener("proxyPrompter", function onMessage(msg) {
+ let rv = prompter1[msg.methodName](...msg.args);
+ return {
+ rv,
+ // Send the args back to content so out/inout args can be checked.
+ args: msg.args,
+ };
+ });
+});
+
+let prompter1 = new PrompterProxy(prompterParent);
+
+const defaultTitle = "the title";
+const defaultMsg = "the message";
+
+function initLogins() {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ var login1, login2A, login2B, login2C, login2D, login2E;
+ var pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+
+ login1 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2A = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2B = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2C = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2D = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2E = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+
+ login1.init("http://example.com", null, "http://example.com",
+ "", "examplepass", "", "");
+ login2A.init("http://example2.com", null, "http://example2.com",
+ "user1name", "user1pass", "", "");
+ login2B.init("http://example2.com", null, "http://example2.com",
+ "user2name", "user2pass", "", "");
+ login2C.init("http://example2.com", null, "http://example2.com",
+ "user3.name@host", "user3pass", "", "");
+ login2D.init("http://example2.com", null, "http://example2.com",
+ "100@beef", "user3pass", "", "");
+ login2E.init("http://example2.com", null, "http://example2.com",
+ "100%beef", "user3pass", "", "");
+
+ pwmgr.addLogin(login1);
+ pwmgr.addLogin(login2A);
+ pwmgr.addLogin(login2B);
+ pwmgr.addLogin(login2C);
+ pwmgr.addLogin(login2D);
+ pwmgr.addLogin(login2E);
+}
+
+add_task(function* setup() {
+ runInParent(initLogins);
+});
+
+add_task(function* test_prompt_accept() {
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "abc",
+ passValue : "",
+ iconClass : "question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : true,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ textField : "xyz",
+ };
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.prompt(defaultTitle, defaultMsg, "http://example.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, "abc", result);
+ yield promptDone;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ is(result.value, "xyz", "Checking prompt() returned value");
+});
+
+add_task(function* test_prompt_cancel() {
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "abc",
+ passValue : "",
+ iconClass : "question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : true,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "cancel",
+ };
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.prompt(defaultTitle, defaultMsg, "http://example.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, "abc", result);
+ yield promptDone;
+ ok(!isOk, "Checking dialog return value (cancel)");
+});
+
+add_task(function* test_promptPassword_defaultAccept() {
+ // Default password provided, existing logins are ignored.
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "inputpw",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : true,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "passField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "secret",
+ };
+ pword.value = "inputpw";
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://example.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "secret", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_defaultCancel() {
+ // Default password provided, existing logins are ignored.
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "inputpw",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : true,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "passField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "cancel",
+ };
+ pword.value = "inputpw";
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://example.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ yield promptDone;
+ ok(!isOk, "Checking dialog return value (cancel)");
+});
+
+add_task(function* test_promptPassword_emptyAccept() {
+ // No default password provided, realm does not match existing login.
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : true,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "passField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "secret",
+ };
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://nonexample.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "secret", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_saved() {
+ // No default password provided, matching login is returned w/o prompting.
+ pword.value = null;
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://example.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "examplepass", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_noMatchingPasswordForEmptyUN() {
+ // No default password provided, none of the logins from this host are
+ // password-only so the user is prompted.
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : true,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "passField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "secret",
+ };
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "secret", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_matchingPWForUN() {
+ // No default password provided, matching login is returned w/o prompting.
+ pword.value = null;
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://user1name@example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "user1pass", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_matchingPWForUN2() {
+ // No default password provided, matching login is returned w/o prompting.
+ pword.value = null;
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://user2name@example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "user2pass", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_matchingPWForUN3() {
+ // No default password provided, matching login is returned w/o prompting.
+ pword.value = null;
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://user3%2Ename%40host@example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "user3pass", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_extraAt() {
+ // No default password provided, matching login is returned w/o prompting.
+ pword.value = null;
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://100@beef@example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "user3pass", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_usernameEncoding() {
+ // No default password provided, matching login is returned w/o prompting.
+ pword.value = null;
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://100%25beef@example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "user3pass", "Checking returned password");
+
+ // XXX test saving a password with Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY
+});
+
+add_task(function* test_promptPassword_realm() {
+ // We don't pre-fill or save for NS_GetAuthKey-generated realms, but we should still prompt
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : true,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "passField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "fill2pass",
+ };
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "example2.com:80 (somerealm)",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "fill2pass", "Checking returned password");
+});
+
+add_task(function* test_promptPassword_realm2() {
+ // We don't pre-fill or save for NS_GetAuthKey-generated realms, but we should still prompt
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : true,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "passField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "fill2pass",
+ };
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "example2.com:80 (somerealm)",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(pword.value, "fill2pass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_accept() {
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "inuser",
+ passValue : "inpass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ textField : "outuser",
+ passField : "outpass",
+ };
+ uname.value = "inuser";
+ pword.value = "inpass";
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://nonexample.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(uname.value, "outuser", "Checking returned username");
+ is(pword.value, "outpass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_cancel() {
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "inuser",
+ passValue : "inpass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "cancel",
+ };
+ uname.value = "inuser";
+ pword.value = "inpass";
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://nonexample.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, uname, pword);
+ yield promptDone;
+ ok(!isOk, "Checking dialog return value (cancel)");
+});
+
+add_task(function* test_promptUsernameAndPassword_autofill() {
+ // test filling in existing password-only login
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "examplepass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : false,
+ checkMsg : "Use Password Manager to remember this password.",
+ checked : true,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+ uname.value = null;
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(uname.value, "", "Checking returned username");
+ is(pword.value, "examplepass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_multipleExisting() {
+ // test filling in existing login (undetermined from multiple selection)
+ // user2name/user2pass would also be valid to fill here.
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "user1name",
+ passValue : "user1pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : false,
+ checkMsg : "Use Password Manager to remember this password.",
+ checked : true,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+ uname.value = null;
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ ok(uname.value == "user1name" || uname.value == "user2name", "Checking returned username");
+ ok(pword.value == "user1pass" || uname.value == "user2pass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_multipleExisting1() {
+ // test filling in existing login (user1 from multiple selection)
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "user1name",
+ passValue : "user1pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : false,
+ checkMsg : "Use Password Manager to remember this password.",
+ checked : true,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+ uname.value = "user1name";
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(uname.value, "user1name", "Checking returned username");
+ is(pword.value, "user1pass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_multipleExisting2() {
+ // test filling in existing login (user2 from multiple selection)
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "user2name",
+ passValue : "user2pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : false,
+ checkMsg : "Use Password Manager to remember this password.",
+ checked : true,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+ uname.value = "user2name";
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(uname.value, "user2name", "Checking returned username");
+ is(pword.value, "user2pass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_passwordChange() {
+ // test changing password
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "user2name",
+ passValue : "user2pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : false,
+ checkMsg : "Use Password Manager to remember this password.",
+ checked : true,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "NEWuser2pass",
+ };
+ uname.value = "user2name";
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(uname.value, "user2name", "Checking returned username");
+ is(pword.value, "NEWuser2pass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_changePasswordBack() {
+ // test changing password (back to original value)
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "user2name",
+ passValue : "NEWuser2pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : false,
+ checkMsg : "Use Password Manager to remember this password.",
+ checked : true,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "user2pass",
+ };
+ uname.value = "user2name";
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(uname.value, "user2name", "Checking returned username");
+ is(pword.value, "user2pass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_realm() {
+ // We don't pre-fill or save for NS_GetAuthKey-generated realms, but we should still prompt
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ textField : "fill2user",
+ passField : "fill2pass",
+ };
+ uname.value = null;
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "example2.com:80 (somerealm)",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(uname.value, "fill2user", "Checking returned username");
+ is(pword.value, "fill2pass", "Checking returned password");
+});
+
+add_task(function* test_promptUsernameAndPassword_realm2() {
+ // We don't pre-fill or save for NS_GetAuthKey-generated realms, but we should still prompt
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "",
+ passValue : "",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ textField : "fill2user",
+ passField : "fill2pass",
+ };
+ uname.value = null;
+ pword.value = null;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "example2.com:80 (somerealm)",
+ Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword);
+ yield promptDone;
+ ok(isOk, "Checking dialog return value (accept)");
+ is(uname.value, "fill2user", "Checking returned username");
+ is(pword.value, "fill2pass", "Checking returned password");
+});
+
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt_http.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt_http.html
new file mode 100644
index 000000000..0dc8fdf9c
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt_http.html
@@ -0,0 +1,362 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test HTTP auth prompts by loading authenticate.sjs</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+ <iframe id="iframe"></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+var iframe = document.getElementById("iframe");
+
+// Force parent to not look for tab-modal prompts, as they're not used for auth prompts.
+isTabModal = false;
+
+const AUTHENTICATE_PATH = new URL("authenticate.sjs", window.location.href).pathname;
+
+let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+
+runInParent(() => {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ let pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+
+ let login3A, login3B, login4;
+ login3A = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login3B = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login4 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let httpUpgradeLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let httpsDowngradeLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let dedupeHttpUpgradeLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let dedupeHttpsUpgradeLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+
+
+ login3A.init("http://mochi.test:8888", null, "mochitest",
+ "mochiuser1", "mochipass1", "", "");
+ login3B.init("http://mochi.test:8888", null, "mochitest2",
+ "mochiuser2", "mochipass2", "", "");
+ login4.init("http://mochi.test:8888", null, "mochitest3",
+ "mochiuser3", "mochipass3-old", "", "");
+ // Logins to test scheme upgrades (allowed) and downgrades (disallowed)
+ httpUpgradeLogin.init("http://example.com", null, "schemeUpgrade",
+ "httpUser", "httpPass", "", "");
+ httpsDowngradeLogin.init("https://example.com", null, "schemeDowngrade",
+ "httpsUser", "httpsPass", "", "");
+ // HTTP and HTTPS version of the same domain and realm but with different passwords.
+ dedupeHttpUpgradeLogin.init("http://example.org", null, "schemeUpgradeDedupe",
+ "dedupeUser", "httpPass", "", "");
+ dedupeHttpsUpgradeLogin.init("https://example.org", null, "schemeUpgradeDedupe",
+ "dedupeUser", "httpsPass", "", "");
+
+
+ pwmgr.addLogin(login3A);
+ pwmgr.addLogin(login3B);
+ pwmgr.addLogin(login4);
+ pwmgr.addLogin(httpUpgradeLogin);
+ pwmgr.addLogin(httpsDowngradeLogin);
+ pwmgr.addLogin(dedupeHttpUpgradeLogin);
+ pwmgr.addLogin(dedupeHttpsUpgradeLogin);
+});
+
+add_task(function* test_iframe() {
+ let state = {
+ msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest”",
+ title : "Authentication Required",
+ textValue : "mochiuser1",
+ passValue : "mochipass1",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ let action = {
+ buttonClick : "ok",
+ };
+ promptDone = handlePrompt(state, action);
+
+ // The following tests are driven by iframe loads
+
+ var iframeLoaded = onloadPromiseFor("iframe");
+ iframe.src = "authenticate.sjs?user=mochiuser1&pass=mochipass1";
+ yield promptDone;
+ yield iframeLoaded;
+ checkEchoedAuthInfo({user: "mochiuser1", pass: "mochipass1"},
+ iframe.contentDocument);
+
+ state = {
+ msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest2”",
+ title : "Authentication Required",
+ textValue : "mochiuser2",
+ passValue : "mochipass2",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+ promptDone = handlePrompt(state, action);
+ // We've already authenticated to this host:port. For this next
+ // request, the existing auth should be sent, we'll get a 401 reply,
+ // and we should prompt for new auth.
+ iframeLoaded = onloadPromiseFor("iframe");
+ iframe.src = "authenticate.sjs?user=mochiuser2&pass=mochipass2&realm=mochitest2";
+ yield promptDone;
+ yield iframeLoaded;
+ checkEchoedAuthInfo({user: "mochiuser2", pass: "mochipass2"},
+ iframe.contentDocument);
+
+ // Now make a load that requests the realm from test 1000. It was
+ // already provided there, so auth will *not* be prompted for -- the
+ // networking layer already knows it!
+ iframeLoaded = onloadPromiseFor("iframe");
+ iframe.src = "authenticate.sjs?user=mochiuser1&pass=mochipass1";
+ yield iframeLoaded;
+ checkEchoedAuthInfo({user: "mochiuser1", pass: "mochipass1"},
+ iframe.contentDocument);
+
+ // Same realm we've already authenticated to, but with a different
+ // expected password (to trigger an auth prompt, and change-password
+ // popup notification).
+ state = {
+ msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest”",
+ title : "Authentication Required",
+ textValue : "mochiuser1",
+ passValue : "mochipass1",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "mochipass1-new",
+ };
+ promptDone = handlePrompt(state, action);
+ iframeLoaded = onloadPromiseFor("iframe");
+ let promptShownPromise = promisePromptShown("passwordmgr-prompt-change");
+ iframe.src = "authenticate.sjs?user=mochiuser1&pass=mochipass1-new";
+ yield promptDone;
+ yield iframeLoaded;
+ checkEchoedAuthInfo({user: "mochiuser1", pass: "mochipass1-new"},
+ iframe.contentDocument);
+ yield promptShownPromise;
+
+ // Same as last test, but for a realm we haven't already authenticated
+ // to (but have an existing saved login for, so that we'll trigger
+ // a change-password popup notification.
+ state = {
+ msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest3”",
+ title : "Authentication Required",
+ textValue : "mochiuser3",
+ passValue : "mochipass3-old",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ passField : "mochipass3-new",
+ };
+ promptDone = handlePrompt(state, action);
+ iframeLoaded = onloadPromiseFor("iframe");
+ promptShownPromise = promisePromptShown("passwordmgr-prompt-change");
+ iframe.src = "authenticate.sjs?user=mochiuser3&pass=mochipass3-new&realm=mochitest3";
+ yield promptDone;
+ yield iframeLoaded;
+ checkEchoedAuthInfo({user: "mochiuser3", pass: "mochipass3-new"},
+ iframe.contentDocument);
+ yield promptShownPromise;
+
+ // Housekeeping: Delete login4 to test the save prompt in the next test.
+ runInParent(() => {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ var tmpLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ tmpLogin.init("http://mochi.test:8888", null, "mochitest3",
+ "mochiuser3", "mochipass3-old", "", "");
+ Services.logins.removeLogin(tmpLogin);
+
+ // Clear cached auth from this subtest, and avoid leaking due to bug 459620.
+ var authMgr = Cc['@mozilla.org/network/http-auth-manager;1'].
+ getService(Ci.nsIHttpAuthManager);
+ authMgr.clearAll();
+ });
+
+ state = {
+ msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest3”",
+ title : "Authentication Required",
+ textValue : "",
+ passValue : "",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ textField : "mochiuser3",
+ passField : "mochipass3-old",
+ };
+ // Trigger a new prompt, so we can test adding a new login.
+ promptDone = handlePrompt(state, action);
+
+ iframeLoaded = onloadPromiseFor("iframe");
+ promptShownPromise = promisePromptShown("passwordmgr-prompt-save");
+ iframe.src = "authenticate.sjs?user=mochiuser3&pass=mochipass3-old&realm=mochitest3";
+ yield promptDone;
+ yield iframeLoaded;
+ checkEchoedAuthInfo({user: "mochiuser3", pass: "mochipass3-old"},
+ iframe.contentDocument);
+ yield promptShownPromise;
+});
+
+add_task(function* test_schemeUpgrade() {
+ let state = {
+ msg : "https://example.com is requesting your username and password. " +
+ "WARNING: Your password will not be sent to the website you are currently visiting!",
+ title : "Authentication Required",
+ textValue : "httpUser",
+ passValue : "httpPass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ let action = {
+ buttonClick : "ok",
+ };
+ let promptDone = handlePrompt(state, action);
+
+ // The following tests are driven by iframe loads
+
+ let iframeLoaded = onloadPromiseFor("iframe");
+ iframe.src = "https://example.com" + AUTHENTICATE_PATH +
+ "?user=httpUser&pass=httpPass&realm=schemeUpgrade";
+ yield promptDone;
+ yield iframeLoaded;
+ checkEchoedAuthInfo({user: "httpUser", pass: "httpPass"},
+ SpecialPowers.wrap(iframe).contentDocument);
+});
+
+add_task(function* test_schemeDowngrade() {
+ let state = {
+ msg : "http://example.com is requesting your username and password. " +
+ "WARNING: Your password will not be sent to the website you are currently visiting!",
+ title : "Authentication Required",
+ textValue : "", // empty because we shouldn't downgrade
+ passValue : "",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ let action = {
+ buttonClick : "cancel",
+ };
+ let promptDone = handlePrompt(state, action);
+
+ // The following tests are driven by iframe loads
+
+ let iframeLoaded = onloadPromiseFor("iframe");
+ iframe.src = "http://example.com" + AUTHENTICATE_PATH +
+ "?user=unused&pass=unused&realm=schemeDowngrade";
+ yield promptDone;
+ yield iframeLoaded;
+});
+
+add_task(function* test_schemeUpgrade_dedupe() {
+ let state = {
+ msg : "https://example.org is requesting your username and password. " +
+ "WARNING: Your password will not be sent to the website you are currently visiting!",
+ title : "Authentication Required",
+ textValue : "dedupeUser",
+ passValue : "httpsPass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ let action = {
+ buttonClick : "ok",
+ };
+ let promptDone = handlePrompt(state, action);
+
+ // The following tests are driven by iframe loads
+
+ let iframeLoaded = onloadPromiseFor("iframe");
+ iframe.src = "https://example.org" + AUTHENTICATE_PATH +
+ "?user=dedupeUser&pass=httpsPass&realm=schemeUpgradeDedupe";
+ yield promptDone;
+ yield iframeLoaded;
+ checkEchoedAuthInfo({user: "dedupeUser", pass: "httpsPass"},
+ SpecialPowers.wrap(iframe).contentDocument);
+});
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt_noWindow.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt_noWindow.html
new file mode 100644
index 000000000..92af172ca
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt_noWindow.html
@@ -0,0 +1,81 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test HTTP auth prompts by loading authenticate.sjs with no window</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+// Force parent to not look for tab-modal prompts, as they're not used for auth prompts.
+isTabModal = false;
+
+let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+
+runInParent(() => {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ let login = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login.init("http://mochi.test:8888", null, "mochitest",
+ "mochiuser1", "mochipass1", "", "");
+ Services.logins.addLogin(login);
+});
+
+add_task(function* test_sandbox_xhr() {
+ let state = {
+ msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest”",
+ title : "Authentication Required",
+ textValue : "mochiuser1",
+ passValue : "mochipass1",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ let action = {
+ buttonClick : "ok",
+ };
+ let promptDone = handlePrompt(state, action);
+
+ let url = new URL("authenticate.sjs?user=mochiuser1&pass=mochipass1", window.location.href);
+ let sandboxConstructor = SpecialPowers.Cu.Sandbox;
+ let sandbox = new sandboxConstructor(this, {wantXrays: true});
+ function sandboxedRequest(sandboxedUrl) {
+ let req = SpecialPowers.Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
+ .createInstance(SpecialPowers.Ci.nsIXMLHttpRequest);
+ req.open("GET", sandboxedUrl, true);
+ req.send(null);
+ }
+
+ let loginModifiedPromise = promiseStorageChanged(["modifyLogin"]);
+ sandbox.sandboxedRequest = sandboxedRequest(url);
+ info("send the XHR request in the sandbox");
+ SpecialPowers.Cu.evalInSandbox("sandboxedRequest;", sandbox);
+
+ yield promptDone;
+ info("prompt shown, waiting for metadata updates");
+ // Ensure the timeLastUsed and timesUsed metadata are updated.
+ yield loginModifiedPromise;
+});
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth.html
new file mode 100644
index 000000000..36f53a54a
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth.html
@@ -0,0 +1,406 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test promptAuth prompts</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+var state, action;
+var isOk;
+
+var level = Ci.nsIAuthPrompt2.LEVEL_NONE;
+var authinfo = {
+ username : "",
+ password : "",
+ domain : "",
+
+ flags : Ci.nsIAuthInformation.AUTH_HOST,
+ authenticationScheme : "basic",
+ realm : ""
+};
+
+// Force parent to not look for tab-modal prompts, as they're not used for auth prompts.
+isTabModal = false;
+
+let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+
+let prompterParent = runInParent(() => {
+ const { classes: Cc, interfaces: Ci, utils: Cu } = Components;
+ const promptFac = Cc["@mozilla.org/passwordmanager/authpromptfactory;1"].
+ getService(Ci.nsIPromptFactory);
+
+ Cu.import("resource://gre/modules/Services.jsm");
+ let chromeWin = Services.wm.getMostRecentWindow("navigator:browser");
+ let prompter2 = promptFac.getPrompt(chromeWin, Ci.nsIAuthPrompt2);
+
+ let ioService = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService);
+ let channels = {};
+ channels.channel1 = ioService.newChannel2("http://example.com",
+ null,
+ null,
+ null, // aLoadingNode
+ Services.
+ scriptSecurityManager.getSystemPrincipal(),
+ null, // aTriggeringPrincipal
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
+ Ci.nsIContentPolicy.TYPE_OTHER);
+
+ channels.channel2 = ioService.newChannel2("http://example2.com",
+ null,
+ null,
+ null, // aLoadingNode
+ Services.
+ scriptSecurityManager.getSystemPrincipal(),
+ null, // aTriggeringPrincipal
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
+ Ci.nsIContentPolicy.TYPE_OTHER);
+
+ addMessageListener("proxyPrompter", function onMessage(msg) {
+ let args = [...msg.args];
+ let channelName = args.shift();
+ // Replace the channel name string (arg. 0) with the channel by that name.
+ args.unshift(channels[channelName]);
+
+ let rv = prompter2[msg.methodName](...args);
+ return {
+ rv,
+ // Send the args back to content so out/inout args can be checked.
+ args: msg.args,
+ };
+ });
+
+ Cu.import("resource://gre/modules/Services.jsm");
+
+ let pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+
+ let login1, login2A, login2B, login2C, login2D, login2E;
+ login1 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2A = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2B = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2C = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2D = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2E = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+
+ login1.init("http://example.com", null, "http://example.com",
+ "", "examplepass", "", "");
+ login2A.init("http://example2.com", null, "http://example2.com",
+ "user1name", "user1pass", "", "");
+ login2B.init("http://example2.com", null, "http://example2.com",
+ "user2name", "user2pass", "", "");
+ login2C.init("http://example2.com", null, "http://example2.com",
+ "user3.name@host", "user3pass", "", "");
+ login2D.init("http://example2.com", null, "http://example2.com",
+ "100@beef", "user3pass", "", "");
+ login2E.init("http://example2.com", null, "http://example2.com",
+ "100%beef", "user3pass", "", "");
+
+ pwmgr.addLogin(login1);
+ pwmgr.addLogin(login2A);
+ pwmgr.addLogin(login2B);
+ pwmgr.addLogin(login2C);
+ pwmgr.addLogin(login2D);
+ pwmgr.addLogin(login2E);
+});
+
+let prompter2 = new PrompterProxy(prompterParent);
+
+add_task(function* test_accept() {
+ state = {
+ msg : "http://example.com is requesting your username and password. The site says: “some realm”",
+ title : "Authentication Required",
+ textValue : "inuser",
+ passValue : "inpass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ textField : "outuser",
+ passField : "outpass",
+ };
+ authinfo.username = "inuser";
+ authinfo.password = "inpass";
+ authinfo.realm = "some realm";
+
+ promptDone = handlePrompt(state, action);
+ // Since prompter2 is actually a proxy to send a message to a chrome script and
+ // we can't send a channel in a message, we instead send the channel name that
+ // already exists in the chromeScript.
+ isOk = prompter2.promptAuth("channel1", level, authinfo);
+ yield promptDone;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ is(authinfo.username, "outuser", "Checking returned username");
+ is(authinfo.password, "outpass", "Checking returned password");
+});
+
+add_task(function* test_cancel() {
+ state = {
+ msg : "http://example.com is requesting your username and password. The site says: “some realm”",
+ title : "Authentication Required",
+ textValue : "outuser",
+ passValue : "outpass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "cancel",
+ };
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth("channel1", level, authinfo);
+ yield promptDone;
+
+ ok(!isOk, "Checking dialog return value (cancel)");
+});
+
+add_task(function* test_pwonly() {
+ // test filling in password-only login
+ state = {
+ msg : "http://example.com is requesting your username and password. The site says: “http://example.com”",
+ title : "Authentication Required",
+ textValue : "",
+ passValue : "examplepass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+ authinfo.username = "";
+ authinfo.password = "";
+ authinfo.realm = "http://example.com";
+
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth("channel1", level, authinfo);
+ yield promptDone;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ is(authinfo.username, "", "Checking returned username");
+ is(authinfo.password, "examplepass", "Checking returned password");
+});
+
+add_task(function* test_multipleExisting() {
+ // test filling in existing login (undetermined from multiple selection)
+ // user2name/user2pass would also be valid to fill here.
+ state = {
+ msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”",
+ title : "Authentication Required",
+ textValue : "user1name",
+ passValue : "user1pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+ authinfo.username = "";
+ authinfo.password = "";
+ authinfo.realm = "http://example2.com";
+
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth("channel2", level, authinfo);
+ yield promptDone;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ ok(authinfo.username == "user1name" || authinfo.username == "user2name", "Checking returned username");
+ ok(authinfo.password == "user1pass" || authinfo.password == "user2pass", "Checking returned password");
+});
+
+add_task(function* test_multipleExisting2() {
+ // test filling in existing login (undetermined --> user1)
+ // user2name/user2pass would also be valid to fill here.
+ state = {
+ msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”",
+ title : "Authentication Required",
+ textValue : "user1name",
+ passValue : "user1pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ // enter one of the known logins, test 504+505 exercise the two possible states.
+ action = {
+ buttonClick : "ok",
+ textField : "user1name",
+ passField : "user1pass",
+ };
+ authinfo.username = "";
+ authinfo.password = "";
+ authinfo.realm = "http://example2.com";
+
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth("channel2", level, authinfo);
+ yield promptDone;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ is(authinfo.username, "user1name", "Checking returned username");
+ is(authinfo.password, "user1pass", "Checking returned password");
+});
+
+add_task(function* test_multipleExisting3() {
+ // test filling in existing login (undetermined --> user2)
+ // user2name/user2pass would also be valid to fill here.
+ state = {
+ msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”",
+ title : "Authentication Required",
+ textValue : "user1name",
+ passValue : "user1pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ // enter one of the known logins, test 504+505 exercise the two possible states.
+ action = {
+ buttonClick : "ok",
+ textField : "user2name",
+ passField : "user2pass",
+ };
+ authinfo.username = "";
+ authinfo.password = "";
+ authinfo.realm = "http://example2.com";
+
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth("channel2", level, authinfo);
+ yield promptDone;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ is(authinfo.username, "user2name", "Checking returned username");
+ is(authinfo.password, "user2pass", "Checking returned password");
+});
+
+add_task(function* test_changingMultiple() {
+ // test changing a password (undetermined --> user2 w/ newpass)
+ // user2name/user2pass would also be valid to fill here.
+ state = {
+ msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”",
+ title : "Authentication Required",
+ textValue : "user1name",
+ passValue : "user1pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ // force to user2, and change the password
+ action = {
+ buttonClick : "ok",
+ textField : "user2name",
+ passField : "NEWuser2pass",
+ };
+ authinfo.username = "";
+ authinfo.password = "";
+ authinfo.realm = "http://example2.com";
+
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth("channel2", level, authinfo);
+ yield promptDone;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ is(authinfo.username, "user2name", "Checking returned username");
+ is(authinfo.password, "NEWuser2pass", "Checking returned password");
+});
+
+add_task(function* test_changingMultiple2() {
+ // test changing a password (undetermined --> user2 w/ origpass)
+ // user2name/user2pass would also be valid to fill here.
+ state = {
+ msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”",
+ title : "Authentication Required",
+ textValue : "user1name",
+ passValue : "user1pass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ // force to user2, and change the password back
+ action = {
+ buttonClick : "ok",
+ textField : "user2name",
+ passField : "user2pass",
+ };
+ authinfo.username = "";
+ authinfo.password = "";
+ authinfo.realm = "http://example2.com";
+
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth("channel2", level, authinfo);
+ yield promptDone;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ is(authinfo.username, "user2name", "Checking returned username");
+ is(authinfo.password, "user2pass", "Checking returned password");
+});
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth_proxy.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth_proxy.html
new file mode 100644
index 000000000..95dd4c7bc
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth_proxy.html
@@ -0,0 +1,264 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test promptAuth proxy prompts</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<p id="display"></p>
+
+<div id="content" style="display: none">
+ <iframe id="iframe"></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+var state, action;
+var pwmgr;
+var proxyLogin;
+var isOk;
+var mozproxy, proxiedHost = "http://mochi.test:8888";
+var proxyChannel;
+var systemPrincipal = SpecialPowers.Services.scriptSecurityManager.getSystemPrincipal();
+var ioService = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService);
+
+var prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
+
+var level = Ci.nsIAuthPrompt2.LEVEL_NONE;
+
+var proxyAuthinfo = {
+ username : "",
+ password : "",
+ domain : "",
+
+ flags : Ci.nsIAuthInformation.AUTH_PROXY,
+ authenticationScheme : "basic",
+ realm : ""
+};
+
+// Force parent to not look for tab-modal prompts, as they're not used for auth prompts.
+isTabModal = false;
+
+const Cc_promptFac = Cc["@mozilla.org/passwordmanager/authpromptfactory;1"];
+ok(Cc_promptFac != null, "Access Cc[@mozilla.org/passwordmanager/authpromptfactory;1]");
+
+const Ci_promptFac = Ci.nsIPromptFactory;
+ok(Ci_promptFac != null, "Access Ci.nsIPromptFactory");
+
+const promptFac = Cc_promptFac.getService(Ci_promptFac);
+ok(promptFac != null, "promptFac getService()");
+
+var prompter2 = promptFac.getPrompt(window, Ci.nsIAuthPrompt2);
+
+function initLogins(pi) {
+ pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+
+ mozproxy = "moz-proxy://" + SpecialPowers.wrap(pi).host + ":" +
+ SpecialPowers.wrap(pi).port;
+
+ proxyLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+
+ proxyLogin.init(mozproxy, null, "Proxy Realm",
+ "proxuser", "proxpass", "", "");
+
+ pwmgr.addLogin(proxyLogin);
+}
+
+var startupCompleteResolver;
+var startupComplete = new Promise(resolve => startupCompleteResolver = resolve);
+
+function proxyChannelListener() { }
+proxyChannelListener.prototype = {
+ onStartRequest: function(request, context) {
+ startupCompleteResolver();
+ },
+ onStopRequest: function(request, context, status) { }
+};
+
+var resolveCallback = SpecialPowers.wrapCallbackObject({
+ QueryInterface : function (iid) {
+ const interfaces = [Ci.nsIProtocolProxyCallback, Ci.nsISupports];
+
+ if (!interfaces.some( function(v) { return iid.equals(v); } ))
+ throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE;
+ return this;
+ },
+
+ onProxyAvailable : function (req, uri, pi, status) {
+ initLogins(pi);
+
+ // I'm cheating a bit here... We should probably do some magic foo to get
+ // something implementing nsIProxiedProtocolHandler and then call
+ // NewProxiedChannel(), so we have something that's definately a proxied
+ // channel. But Mochitests use a proxy for a number of hosts, so just
+ // requesting a normal channel will give us a channel that's proxied.
+ // The proxyChannel needs to move to at least on-modify-request to
+ // have valid ProxyInfo, but we use OnStartRequest during startup()
+ // for simplicity.
+ proxyChannel = ioService.newChannel2(proxiedHost,
+ null,
+ null,
+ null, // aLoadingNode
+ systemPrincipal,
+ null, // aTriggeringPrincipal
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
+ Ci.nsIContentPolicy.TYPE_OTHER);
+ proxyChannel.asyncOpen2(SpecialPowers.wrapCallbackObject(new proxyChannelListener()));
+ }
+});
+
+function startup() {
+ // Need to allow for arbitrary network servers defined in PAC instead of a hardcoded moz-proxy.
+ var ios = SpecialPowers.Cc["@mozilla.org/network/io-service;1"].
+ getService(SpecialPowers.Ci.nsIIOService);
+
+ var pps = SpecialPowers.Cc["@mozilla.org/network/protocol-proxy-service;1"].getService();
+
+ var channel = ios.newChannel2("http://example.com",
+ null,
+ null,
+ null, // aLoadingNode
+ systemPrincipal,
+ null, // aTriggeringPrincipal
+ Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
+ Ci.nsIContentPolicy.TYPE_OTHER);
+ pps.asyncResolve(channel, 0, resolveCallback);
+}
+
+startup();
+
+add_task(function* setup() {
+ info("Waiting for startup to complete...");
+ yield startupComplete;
+});
+
+add_task(function* test_noAutologin() {
+ // test proxy login (default = no autologin), make sure it prompts.
+ state = {
+ msg : "The proxy moz-proxy://127.0.0.1:8888 is requesting a username and password. The site says: “Proxy Realm”",
+ title : "Authentication Required",
+ textValue : "proxuser",
+ passValue : "proxpass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+ proxyAuthinfo.username = "";
+ proxyAuthinfo.password = "";
+ proxyAuthinfo.realm = "Proxy Realm";
+ proxyAuthinfo.flags = Ci.nsIAuthInformation.AUTH_PROXY;
+
+ var time1 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth(proxyChannel, level, proxyAuthinfo);
+ yield promptDone;
+ var time2 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ isnot(time1, time2, "Checking that timeLastUsed was updated");
+ is(proxyAuthinfo.username, "proxuser", "Checking returned username");
+ is(proxyAuthinfo.password, "proxpass", "Checking returned password");
+});
+
+add_task(function* test_autologin() {
+ // test proxy login (with autologin)
+
+ // Enable the autologin pref.
+ prefs.setBoolPref("signon.autologin.proxy", true);
+
+ proxyAuthinfo.username = "";
+ proxyAuthinfo.password = "";
+ proxyAuthinfo.realm = "Proxy Realm";
+ proxyAuthinfo.flags = Ci.nsIAuthInformation.AUTH_PROXY;
+
+ time1 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed;
+ isOk = prompter2.promptAuth(proxyChannel, level, proxyAuthinfo);
+ time2 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ isnot(time1, time2, "Checking that timeLastUsed was updated");
+ is(proxyAuthinfo.username, "proxuser", "Checking returned username");
+ is(proxyAuthinfo.password, "proxpass", "Checking returned password");
+});
+
+add_task(function* test_autologin_incorrect() {
+ // test proxy login (with autologin), ensure it prompts after a failed auth.
+ state = {
+ msg : "The proxy moz-proxy://127.0.0.1:8888 is requesting a username and password. The site says: “Proxy Realm”",
+ title : "Authentication Required",
+ textValue : "proxuser",
+ passValue : "proxpass",
+ iconClass : "authentication-icon question-icon",
+ titleHidden : true,
+ textHidden : false,
+ passHidden : false,
+ checkHidden : true,
+ checkMsg : "",
+ checked : false,
+ focused : "textField",
+ defButton : "button0",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+
+ proxyAuthinfo.username = "";
+ proxyAuthinfo.password = "";
+ proxyAuthinfo.realm = "Proxy Realm";
+ proxyAuthinfo.flags = (Ci.nsIAuthInformation.AUTH_PROXY | Ci.nsIAuthInformation.PREVIOUS_FAILED);
+
+ time1 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed;
+ promptDone = handlePrompt(state, action);
+ isOk = prompter2.promptAuth(proxyChannel, level, proxyAuthinfo);
+ yield promptDone;
+ time2 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed;
+
+ ok(isOk, "Checking dialog return value (accept)");
+ isnot(time1, time2, "Checking that timeLastUsed was updated");
+ is(proxyAuthinfo.username, "proxuser", "Checking returned username");
+ is(proxyAuthinfo.password, "proxpass", "Checking returned password");
+});
+
+add_task(function* test_autologin_private() {
+ // test proxy login (with autologin), ensure it prompts in Private Browsing mode.
+ state = {
+ msg : "the message",
+ title : "the title",
+ textValue : "proxuser",
+ passValue : "proxpass",
+ };
+ action = {
+ buttonClick : "ok",
+ };
+
+ proxyAuthinfo.username = "";
+ proxyAuthinfo.password = "";
+ proxyAuthinfo.realm = "Proxy Realm";
+ proxyAuthinfo.flags = Ci.nsIAuthInformation.AUTH_PROXY;
+
+ prefs.clearUserPref("signon.autologin.proxy");
+
+ // XXX check for and kill popup notification??
+ // XXX check for checkbox / checkstate on old prompts?
+ // XXX check NTLM domain stuff
+});
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_recipe_login_fields.html b/toolkit/components/passwordmgr/test/mochitest/test_recipe_login_fields.html
new file mode 100644
index 000000000..943bffc52
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_recipe_login_fields.html
@@ -0,0 +1,145 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for recipes overriding login fields</title>
+ <script src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script src="pwmgr_common.js"></script>
+ <link rel="stylesheet" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script>
+var chromeScript = runChecksAfterCommonInit();
+
+let fillPromiseResolvers = [];
+
+function waitForFills(fillCount) {
+ let promises = [];
+ while (fillCount--) {
+ let promise = new Promise(resolve => fillPromiseResolvers.push(resolve));
+ promises.push(promise);
+ }
+
+ return Promise.all(promises);
+}
+
+add_task(function* setup() {
+ if (document.readyState !== "complete") {
+ yield new Promise((resolve) => {
+ document.onreadystatechange = () => {
+ if (document.readyState !== "complete") {
+ return;
+ }
+ document.onreadystatechange = null;
+ resolve();
+ };
+ });
+ }
+
+ document.getElementById("content")
+ .addEventListener("input", function handleInputEvent(evt) {
+ let resolve = fillPromiseResolvers.shift();
+ if (!resolve) {
+ ok(false, "Too many fills");
+ return;
+ }
+
+ resolve(evt.target);
+ });
+});
+
+add_task(function* loadUsernamePasswordSelectorRecipes() {
+ yield loadRecipes({
+ siteRecipes: [{
+ hosts: ["mochi.test:8888"],
+ usernameSelector: "input[name='uname1']",
+ passwordSelector: "input[name='pword2']",
+ }],
+ });
+});
+
+add_task(function* testOverriddingFields() {
+ // Insert the form dynamically so autofill is triggered after setup above.
+ document.getElementById("content").innerHTML = `
+ <!-- form with recipe for the username and password -->
+ <form id="form1">
+ <input type="text" name="uname1" data-expected="true">
+ <input type="text" name="uname2" data-expected="false">
+ <input type="password" name="pword1" data-expected="false">
+ <input type="password" name="pword2" data-expected="true">
+ </form>`;
+
+ let elements = yield waitForFills(2);
+ for (let element of elements) {
+ is(element.dataset.expected, "true", `${element.name} was filled`);
+ }
+});
+
+add_task(function* testDefaultHeuristics() {
+ // Insert the form dynamically so autofill is triggered after setup above.
+ document.getElementById("content").innerHTML = `
+ <!-- Fallback to the default heuristics since the selectors don't match -->
+ <form id="form2">
+ <input type="text" name="uname3" data-expected="false">
+ <input type="text" name="uname4" data-expected="true">
+ <input type="password" name="pword3" data-expected="true">
+ <input type="password" name="pword4" data-expected="false">
+ </form>`;
+
+ let elements = yield waitForFills(2);
+ for (let element of elements) {
+ is(element.dataset.expected, "true", `${element.name} was filled`);
+ }
+});
+
+add_task(function* loadNotUsernameSelectorRecipes() {
+ yield resetRecipes();
+ yield loadRecipes({
+ siteRecipes: [{
+ hosts: ["mochi.test:8888"],
+ notUsernameSelector: "input[name='not_uname1']"
+ }],
+ });
+});
+
+add_task(function* testNotUsernameField() {
+ document.getElementById("content").innerHTML = `
+ <!-- The field matching notUsernameSelector should be skipped -->
+ <form id="form3">
+ <input type="text" name="uname5" data-expected="true">
+ <input type="text" name="not_uname1" data-expected="false">
+ <input type="password" name="pword5" data-expected="true">
+ </form>`;
+
+ let elements = yield waitForFills(2);
+ for (let element of elements) {
+ is(element.dataset.expected, "true", `${element.name} was filled`);
+ }
+});
+
+add_task(function* testNotUsernameFieldNoUsername() {
+ document.getElementById("content").innerHTML = `
+ <!-- The field matching notUsernameSelector should be skipped.
+ No username field should be found and filled in this case -->
+ <form id="form4">
+ <input type="text" name="not_uname1" data-expected="false">
+ <input type="password" name="pword6" data-expected="true">
+ </form>`;
+
+ let elements = yield waitForFills(1);
+ for (let element of elements) {
+ is(element.dataset.expected, "true", `${element.name} was filled`);
+ }
+});
+
+</script>
+
+<p id="display"></p>
+
+<div id="content">
+ // Forms are inserted dynamically
+</div>
+<pre id="test"></pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_username_focus.html b/toolkit/components/passwordmgr/test/mochitest/test_username_focus.html
new file mode 100644
index 000000000..c93c1e9c9
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_username_focus.html
@@ -0,0 +1,263 @@
+
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test interaction between autocomplete and focus on username fields</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
+ <script type="text/javascript" src="satchel_common.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<script>
+let pwmgrCommonScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+
+let readyPromise = registerRunTests();
+let chromeScript = runInParent(function chromeSetup() {
+ const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+ let pwmgr = Cc["@mozilla.org/login-manager;1"].getService(Ci.nsILoginManager);
+
+ let login1A = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let login1B = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let login2A = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let login2B = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ let login2C = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+
+ login1A.init("http://mochi.test:8888", "http://username-focus-1", null,
+ "testuser1A", "testpass1A", "", "");
+
+ login2A.init("http://mochi.test:8888", "http://username-focus-2", null,
+ "testuser2A", "testpass2A", "", "");
+ login2B.init("http://mochi.test:8888", "http://username-focus-2", null,
+ "testuser2B", "testpass2B", "", "");
+
+ pwmgr.addLogin(login1A);
+ pwmgr.addLogin(login2A);
+ pwmgr.addLogin(login2B);
+});
+</script>
+
+<p id="display"></p>
+<div id="content">
+ <!-- first 3 forms have a matching user+pass login -->
+
+ <!-- user+pass form. -->
+ <form id="form-autofilled" action="http://username-focus-1">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit" name="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form, username prefilled -->
+ <form id="form-autofilled-prefilled-un" action="http://username-focus-1">
+ <input type="text" name="uname" value="testuser1A">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form. -->
+ <form id="form-autofilled-focused-dynamic" action="http://username-focus-1">
+ <input type="text" name="uname">
+ <input type="not-yet-password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+
+ <!-- next 5 forms have matching user+pass (2x) logins -->
+
+ <!-- user+pass form. -->
+ <form id="form-multiple" action="http://username-focus-2">
+ <input type="text" name="uname">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form dynamic with existing focus -->
+ <form id="form-multiple-dynamic" action="http://username-focus-2">
+ <input type="text" name="uname">
+ <input type="not-yet-password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form, username prefilled -->
+ <form id="form-multiple-prefilled-un1" action="http://username-focus-2">
+ <input type="text" name="uname" value="testuser2A">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form, different username prefilled -->
+ <form id="form-multiple-prefilled-un2" action="http://username-focus-2">
+ <input type="text" name="uname" value="testuser2B">
+ <input type="password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+ <!-- user+pass form, username prefilled with existing focus -->
+ <form id="form-multiple-prefilled-focused-dynamic" action="http://username-focus-2">
+ <input type="text" name="uname" value="testuser2B">
+ <input type="not-yet-password" name="pword">
+ <button type="submit">Submit</button>
+ </form>
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+function removeFocus() {
+ $_("-autofilled", "submit").focus();
+}
+
+add_task(function* setup() {
+ yield SpecialPowers.pushPrefEnv({"set": [
+ ["security.insecure_field_warning.contextual.enabled", false],
+ ]});
+
+ ok(readyPromise, "check promise is available");
+ yield readyPromise;
+});
+
+add_task(function* test_autofilled() {
+ let usernameField = $_("-autofilled", "uname");
+ info("Username and password already filled so don't show autocomplete");
+ let noPopupPromise = promiseNoUnexpectedPopupShown();
+ usernameField.focus();
+ yield noPopupPromise;
+
+ removeFocus();
+ usernameField.value = "testuser";
+ info("Focus when we don't have an exact match");
+ shownPromise = promiseACShown();
+ usernameField.focus();
+ yield shownPromise;
+});
+
+add_task(function* test_autofilled_prefilled_un() {
+ let usernameField = $_("-autofilled-prefilled-un", "uname");
+ info("Username and password already filled so don't show autocomplete");
+ let noPopupPromise = promiseNoUnexpectedPopupShown();
+ usernameField.focus();
+ yield noPopupPromise;
+
+ removeFocus();
+ usernameField.value = "testuser";
+ info("Focus when we don't have an exact match");
+ shownPromise = promiseACShown();
+ usernameField.focus();
+ yield shownPromise;
+});
+
+add_task(function* test_autofilled_focused_dynamic() {
+ let usernameField = $_("-autofilled-focused-dynamic", "uname");
+ let passwordField = $_("-autofilled-focused-dynamic", "pword");
+ info("Username and password will be filled while username focused");
+ let noPopupPromise = promiseNoUnexpectedPopupShown();
+ usernameField.focus();
+ yield noPopupPromise;
+ info("triggering autofill");
+ noPopupPromise = promiseNoUnexpectedPopupShown();
+ passwordField.type = "password";
+ yield noPopupPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is closed");
+
+ removeFocus();
+ passwordField.value = "test";
+ info("Focus when we don't have an exact match");
+ shownPromise = promiseACShown();
+ usernameField.focus();
+ yield shownPromise;
+});
+
+// Begin testing forms that have multiple saved logins
+
+add_task(function* test_multiple() {
+ let usernameField = $_("-multiple", "uname");
+ info("Fields not filled due to multiple so autocomplete upon focus");
+ shownPromise = promiseACShown();
+ usernameField.focus();
+ yield shownPromise;
+});
+
+add_task(function* test_multiple_dynamic() {
+ let usernameField = $_("-multiple-dynamic", "uname");
+ let passwordField = $_("-multiple-dynamic", "pword");
+ info("Fields not filled but username is focused upon marking so open");
+ let noPopupPromise = promiseNoUnexpectedPopupShown();
+ usernameField.focus();
+ yield noPopupPromise;
+
+ info("triggering _fillForm code");
+ let shownPromise = promiseACShown();
+ passwordField.type = "password";
+ yield shownPromise;
+});
+
+add_task(function* test_multiple_prefilled_un1() {
+ let usernameField = $_("-multiple-prefilled-un1", "uname");
+ info("Username and password already filled so don't show autocomplete");
+ let noPopupPromise = promiseNoUnexpectedPopupShown();
+ usernameField.focus();
+ yield noPopupPromise;
+
+ removeFocus();
+ usernameField.value = "testuser";
+ info("Focus when we don't have an exact match");
+ shownPromise = promiseACShown();
+ usernameField.focus();
+ yield shownPromise;
+});
+
+add_task(function* test_multiple_prefilled_un2() {
+ let usernameField = $_("-multiple-prefilled-un2", "uname");
+ info("Username and password already filled so don't show autocomplete");
+ let noPopupPromise = promiseNoUnexpectedPopupShown();
+ usernameField.focus();
+ yield noPopupPromise;
+
+ removeFocus();
+ usernameField.value = "testuser";
+ info("Focus when we don't have an exact match");
+ shownPromise = promiseACShown();
+ usernameField.focus();
+ yield shownPromise;
+});
+
+add_task(function* test_multiple_prefilled_focused_dynamic() {
+ let usernameField = $_("-multiple-prefilled-focused-dynamic", "uname");
+ let passwordField = $_("-multiple-prefilled-focused-dynamic", "pword");
+ info("Username and password will be filled while username focused");
+ let noPopupPromise = promiseNoUnexpectedPopupShown();
+ usernameField.focus();
+ yield noPopupPromise;
+ info("triggering autofill");
+ noPopupPromise = promiseNoUnexpectedPopupShown();
+ passwordField.type = "password";
+ yield noPopupPromise;
+
+ let popupState = yield getPopupState();
+ is(popupState.open, false, "Check popup is closed");
+
+ removeFocus();
+ passwordField.value = "test";
+ info("Focus when we don't have an exact match");
+ shownPromise = promiseACShown();
+ usernameField.focus();
+ yield shownPromise;
+});
+
+add_task(function* cleanup() {
+ removeFocus();
+});
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/mochitest/test_xhr_2.html b/toolkit/components/passwordmgr/test/mochitest/test_xhr_2.html
new file mode 100644
index 000000000..fa8357792
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/mochitest/test_xhr_2.html
@@ -0,0 +1,55 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=654348
+-->
+<head>
+ <meta charset="utf-8">
+ <title>Test XHR auth with user and pass arguments</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body onload="startTest()">
+<script class="testbody" type="text/javascript">
+
+/**
+ * This test checks we correctly ignore authentication entry
+ * for a subpath and use creds from the URL when provided when XHR
+ * is used with filled user name and password.
+ *
+ * 1. connect authenticate.sjs that excepts user1:pass1 password
+ * 2. connect authenticate.sjs that this time expects differentuser2:pass2 password
+ * we must use the creds that are provided to the xhr witch are different and expected
+ */
+
+function doxhr(URL, user, pass, code, next) {
+ var xhr = new XMLHttpRequest();
+ if (user && pass)
+ xhr.open("POST", URL, true, user, pass);
+ else
+ xhr.open("POST", URL, true);
+ xhr.onload = function() {
+ is(xhr.status, code, "expected response code " + code);
+ next();
+ };
+ xhr.onerror = function() {
+ ok(false, "request passed");
+ finishTest();
+ };
+ xhr.send();
+}
+
+function startTest() {
+ doxhr("authenticate.sjs?user=dummy&pass=pass1&realm=realm1&formauth=1", "dummy", "dummy", 403, function() {
+ doxhr("authenticate.sjs?user=dummy&pass=pass1&realm=realm1&formauth=1", "dummy", "pass1", 200, finishTest);
+ });
+}
+
+function finishTest() {
+ SimpleTest.finish();
+}
+
+</script>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/prompt_common.js b/toolkit/components/passwordmgr/test/prompt_common.js
new file mode 100644
index 000000000..267e697ae
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/prompt_common.js
@@ -0,0 +1,79 @@
+/**
+ * NOTE:
+ * This file is currently only being used for tests which haven't been
+ * fixed to work with e10s. Favor using the `prompt_common.js` file that
+ * is in `toolkit/components/prompts/test/` instead.
+ */
+
+var Ci = SpecialPowers.Ci;
+ok(Ci != null, "Access Ci");
+var Cc = SpecialPowers.Cc;
+ok(Cc != null, "Access Cc");
+
+var didDialog;
+
+var timer; // keep in outer scope so it's not GC'd before firing
+function startCallbackTimer() {
+ didDialog = false;
+
+ // Delay before the callback twiddles the prompt.
+ const dialogDelay = 10;
+
+ // Use a timer to invoke a callback to twiddle the authentication dialog
+ timer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer);
+ timer.init(observer, dialogDelay, Ci.nsITimer.TYPE_ONE_SHOT);
+}
+
+
+var observer = SpecialPowers.wrapCallbackObject({
+ QueryInterface : function (iid) {
+ const interfaces = [Ci.nsIObserver,
+ Ci.nsISupports, Ci.nsISupportsWeakReference];
+
+ if (!interfaces.some( function(v) { return iid.equals(v); } ))
+ throw SpecialPowers.Components.results.NS_ERROR_NO_INTERFACE;
+ return this;
+ },
+
+ observe : function (subject, topic, data) {
+ var doc = getDialogDoc();
+ if (doc)
+ handleDialog(doc, testNum);
+ else
+ startCallbackTimer(); // try again in a bit
+ }
+});
+
+function getDialogDoc() {
+ // Find the <browser> which contains notifyWindow, by looking
+ // through all the open windows and all the <browsers> in each.
+ var wm = Cc["@mozilla.org/appshell/window-mediator;1"].
+ getService(Ci.nsIWindowMediator);
+ // var enumerator = wm.getEnumerator("navigator:browser");
+ var enumerator = wm.getXULWindowEnumerator(null);
+
+ while (enumerator.hasMoreElements()) {
+ var win = enumerator.getNext();
+ var windowDocShell = win.QueryInterface(Ci.nsIXULWindow).docShell;
+
+ var containedDocShells = windowDocShell.getDocShellEnumerator(
+ Ci.nsIDocShellTreeItem.typeChrome,
+ Ci.nsIDocShell.ENUMERATE_FORWARDS);
+ while (containedDocShells.hasMoreElements()) {
+ // Get the corresponding document for this docshell
+ var childDocShell = containedDocShells.getNext();
+ // We don't want it if it's not done loading.
+ if (childDocShell.busyFlags != Ci.nsIDocShell.BUSY_FLAGS_NONE)
+ continue;
+ var childDoc = childDocShell.QueryInterface(Ci.nsIDocShell)
+ .contentViewer
+ .DOMDocument;
+
+ // ok(true, "Got window: " + childDoc.location.href);
+ if (childDoc.location.href == "chrome://global/content/commonDialog.xul")
+ return childDoc;
+ }
+ }
+
+ return null;
+}
diff --git a/toolkit/components/passwordmgr/test/pwmgr_common.js b/toolkit/components/passwordmgr/test/pwmgr_common.js
new file mode 100644
index 000000000..fa7c4fd85
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/pwmgr_common.js
@@ -0,0 +1,509 @@
+const TESTS_DIR = "/tests/toolkit/components/passwordmgr/test/";
+
+/**
+ * Returns the element with the specified |name| attribute.
+ */
+function $_(formNum, name) {
+ var form = document.getElementById("form" + formNum);
+ if (!form) {
+ logWarning("$_ couldn't find requested form " + formNum);
+ return null;
+ }
+
+ var element = form.children.namedItem(name);
+ if (!element) {
+ logWarning("$_ couldn't find requested element " + name);
+ return null;
+ }
+
+ // Note that namedItem is a bit stupid, and will prefer an
+ // |id| attribute over a |name| attribute when looking for
+ // the element. Login Mananger happens to use .namedItem
+ // anyway, but let's rigorously check it here anyway so
+ // that we don't end up with tests that mistakenly pass.
+
+ if (element.getAttribute("name") != name) {
+ logWarning("$_ got confused.");
+ return null;
+ }
+
+ return element;
+}
+
+/**
+ * Check a form for expected values. If an argument is null, a field's
+ * expected value will be the default value.
+ *
+ * <form id="form#">
+ * checkForm(#, "foo");
+ */
+function checkForm(formNum, val1, val2, val3) {
+ var e, form = document.getElementById("form" + formNum);
+ ok(form, "Locating form " + formNum);
+
+ var numToCheck = arguments.length - 1;
+
+ if (!numToCheck--)
+ return;
+ e = form.elements[0];
+ if (val1 == null)
+ is(e.value, e.defaultValue, "Test default value of field " + e.name +
+ " in form " + formNum);
+ else
+ is(e.value, val1, "Test value of field " + e.name +
+ " in form " + formNum);
+
+
+ if (!numToCheck--)
+ return;
+ e = form.elements[1];
+ if (val2 == null)
+ is(e.value, e.defaultValue, "Test default value of field " + e.name +
+ " in form " + formNum);
+ else
+ is(e.value, val2, "Test value of field " + e.name +
+ " in form " + formNum);
+
+
+ if (!numToCheck--)
+ return;
+ e = form.elements[2];
+ if (val3 == null)
+ is(e.value, e.defaultValue, "Test default value of field " + e.name +
+ " in form " + formNum);
+ else
+ is(e.value, val3, "Test value of field " + e.name +
+ " in form " + formNum);
+}
+
+/**
+ * Check a form for unmodified values from when page was loaded.
+ *
+ * <form id="form#">
+ * checkUnmodifiedForm(#);
+ */
+function checkUnmodifiedForm(formNum) {
+ var form = document.getElementById("form" + formNum);
+ ok(form, "Locating form " + formNum);
+
+ for (var i = 0; i < form.elements.length; i++) {
+ var ele = form.elements[i];
+
+ // No point in checking form submit/reset buttons.
+ if (ele.type == "submit" || ele.type == "reset")
+ continue;
+
+ is(ele.value, ele.defaultValue, "Test to default value of field " +
+ ele.name + " in form " + formNum);
+ }
+}
+
+/**
+ * Mochitest gives us a sendKey(), but it's targeted to a specific element.
+ * This basically sends an untargeted key event, to whatever's focused.
+ */
+function doKey(aKey, modifier) {
+ var keyName = "DOM_VK_" + aKey.toUpperCase();
+ var key = KeyEvent[keyName];
+
+ // undefined --> null
+ if (!modifier)
+ modifier = null;
+
+ // Window utils for sending fake sey events.
+ var wutils = SpecialPowers.wrap(window).
+ QueryInterface(SpecialPowers.Ci.nsIInterfaceRequestor).
+ getInterface(SpecialPowers.Ci.nsIDOMWindowUtils);
+
+ if (wutils.sendKeyEvent("keydown", key, 0, modifier)) {
+ wutils.sendKeyEvent("keypress", key, 0, modifier);
+ }
+ wutils.sendKeyEvent("keyup", key, 0, modifier);
+}
+
+/**
+ * Init with a common login
+ * If selfFilling is true or non-undefined, fires an event at the page so that
+ * the test can start checking filled-in values. Tests that check observer
+ * notifications might be confused by this.
+ */
+function commonInit(selfFilling) {
+ var pwmgr = SpecialPowers.Cc["@mozilla.org/login-manager;1"].
+ getService(SpecialPowers.Ci.nsILoginManager);
+ ok(pwmgr != null, "Access LoginManager");
+
+ // Check that initial state has no logins
+ var logins = pwmgr.getAllLogins();
+ is(logins.length, 0, "Not expecting logins to be present");
+ var disabledHosts = pwmgr.getAllDisabledHosts();
+ if (disabledHosts.length) {
+ ok(false, "Warning: wasn't expecting disabled hosts to be present.");
+ for (var host of disabledHosts)
+ pwmgr.setLoginSavingEnabled(host, true);
+ }
+
+ // Add a login that's used in multiple tests
+ var login = SpecialPowers.Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(SpecialPowers.Ci.nsILoginInfo);
+ login.init("http://mochi.test:8888", "http://mochi.test:8888", null,
+ "testuser", "testpass", "uname", "pword");
+ pwmgr.addLogin(login);
+
+ // Last sanity check
+ logins = pwmgr.getAllLogins();
+ is(logins.length, 1, "Checking for successful init login");
+ disabledHosts = pwmgr.getAllDisabledHosts();
+ is(disabledHosts.length, 0, "Checking for no disabled hosts");
+
+ if (selfFilling)
+ return;
+
+ if (this.sendAsyncMessage) {
+ sendAsyncMessage("registerRunTests");
+ } else {
+ registerRunTests();
+ }
+}
+
+function registerRunTests() {
+ return new Promise(resolve => {
+ // We provide a general mechanism for our tests to know when they can
+ // safely run: we add a final form that we know will be filled in, wait
+ // for the login manager to tell us that it's filled in and then continue
+ // with the rest of the tests.
+ window.addEventListener("DOMContentLoaded", (event) => {
+ var form = document.createElement('form');
+ form.id = 'observerforcer';
+ var username = document.createElement('input');
+ username.name = 'testuser';
+ form.appendChild(username);
+ var password = document.createElement('input');
+ password.name = 'testpass';
+ password.type = 'password';
+ form.appendChild(password);
+
+ var observer = SpecialPowers.wrapCallback(function(subject, topic, data) {
+ var formLikeRoot = subject.QueryInterface(SpecialPowers.Ci.nsIDOMNode);
+ if (formLikeRoot.id !== 'observerforcer')
+ return;
+ SpecialPowers.removeObserver(observer, "passwordmgr-processed-form");
+ formLikeRoot.remove();
+ SimpleTest.executeSoon(() => {
+ var runTestEvent = new Event("runTests");
+ window.dispatchEvent(runTestEvent);
+ resolve();
+ });
+ });
+ SpecialPowers.addObserver(observer, "passwordmgr-processed-form", false);
+
+ document.body.appendChild(form);
+ });
+ });
+}
+
+const masterPassword = "omgsecret!";
+
+function enableMasterPassword() {
+ setMasterPassword(true);
+}
+
+function disableMasterPassword() {
+ setMasterPassword(false);
+}
+
+function setMasterPassword(enable) {
+ var oldPW, newPW;
+ if (enable) {
+ oldPW = "";
+ newPW = masterPassword;
+ } else {
+ oldPW = masterPassword;
+ newPW = "";
+ }
+ // Set master password. Note that this does not log you in, so the next
+ // invocation of pwmgr can trigger a MP prompt.
+
+ var pk11db = Cc["@mozilla.org/security/pk11tokendb;1"].getService(Ci.nsIPK11TokenDB);
+ var token = pk11db.findTokenByName("");
+ info("MP change from " + oldPW + " to " + newPW);
+ token.changePassword(oldPW, newPW);
+}
+
+function logoutMasterPassword() {
+ var sdr = Cc["@mozilla.org/security/sdr;1"].getService(Ci.nsISecretDecoderRing);
+ sdr.logoutAndTeardown();
+}
+
+function dumpLogins(pwmgr) {
+ var logins = pwmgr.getAllLogins();
+ ok(true, "----- dumpLogins: have " + logins.length + " logins. -----");
+ for (var i = 0; i < logins.length; i++)
+ dumpLogin("login #" + i + " --- ", logins[i]);
+}
+
+function dumpLogin(label, login) {
+ var loginText = "";
+ loginText += "host: ";
+ loginText += login.hostname;
+ loginText += " / formURL: ";
+ loginText += login.formSubmitURL;
+ loginText += " / realm: ";
+ loginText += login.httpRealm;
+ loginText += " / user: ";
+ loginText += login.username;
+ loginText += " / pass: ";
+ loginText += login.password;
+ loginText += " / ufield: ";
+ loginText += login.usernameField;
+ loginText += " / pfield: ";
+ loginText += login.passwordField;
+ ok(true, label + loginText);
+}
+
+function getRecipeParent() {
+ var { LoginManagerParent } = SpecialPowers.Cu.import("resource://gre/modules/LoginManagerParent.jsm", {});
+ if (!LoginManagerParent.recipeParentPromise) {
+ return null;
+ }
+ return LoginManagerParent.recipeParentPromise.then((recipeParent) => {
+ return SpecialPowers.wrap(recipeParent);
+ });
+}
+
+/**
+ * Resolves when a specified number of forms have been processed.
+ */
+function promiseFormsProcessed(expectedCount = 1) {
+ var processedCount = 0;
+ return new Promise((resolve, reject) => {
+ function onProcessedForm(subject, topic, data) {
+ processedCount++;
+ if (processedCount == expectedCount) {
+ SpecialPowers.removeObserver(onProcessedForm, "passwordmgr-processed-form");
+ resolve(SpecialPowers.Cu.waiveXrays(subject), data);
+ }
+ }
+ SpecialPowers.addObserver(onProcessedForm, "passwordmgr-processed-form", false);
+ });
+}
+
+function loadRecipes(recipes) {
+ info("Loading recipes");
+ return new Promise(resolve => {
+ chromeScript.addMessageListener("loadedRecipes", function loaded() {
+ chromeScript.removeMessageListener("loadedRecipes", loaded);
+ resolve(recipes);
+ });
+ chromeScript.sendAsyncMessage("loadRecipes", recipes);
+ });
+}
+
+function resetRecipes() {
+ info("Resetting recipes");
+ return new Promise(resolve => {
+ chromeScript.addMessageListener("recipesReset", function reset() {
+ chromeScript.removeMessageListener("recipesReset", reset);
+ resolve();
+ });
+ chromeScript.sendAsyncMessage("resetRecipes");
+ });
+}
+
+function promiseStorageChanged(expectedChangeTypes) {
+ return new Promise((resolve, reject) => {
+ function onStorageChanged({ topic, data }) {
+ let changeType = expectedChangeTypes.shift();
+ is(data, changeType, "Check expected passwordmgr-storage-changed type");
+ if (expectedChangeTypes.length === 0) {
+ chromeScript.removeMessageListener("storageChanged", onStorageChanged);
+ resolve();
+ }
+ }
+ chromeScript.addMessageListener("storageChanged", onStorageChanged);
+ });
+}
+
+function promisePromptShown(expectedTopic) {
+ return new Promise((resolve, reject) => {
+ function onPromptShown({ topic, data }) {
+ is(topic, expectedTopic, "Check expected prompt topic");
+ chromeScript.removeMessageListener("promptShown", onPromptShown);
+ resolve();
+ }
+ chromeScript.addMessageListener("promptShown", onPromptShown);
+ });
+}
+
+/**
+ * Run a function synchronously in the parent process and destroy it in the test cleanup function.
+ * @param {Function|String} aFunctionOrURL - either a function that will be stringified and run
+ * or the URL to a JS file.
+ * @return {Object} - the return value of loadChromeScript providing message-related methods.
+ * @see loadChromeScript in specialpowersAPI.js
+ */
+function runInParent(aFunctionOrURL) {
+ let chromeScript = SpecialPowers.loadChromeScript(aFunctionOrURL);
+ SimpleTest.registerCleanupFunction(() => {
+ chromeScript.destroy();
+ });
+ return chromeScript;
+}
+
+/**
+ * Run commonInit synchronously in the parent then run the test function after the runTests event.
+ *
+ * @param {Function} aFunction The test function to run
+ */
+function runChecksAfterCommonInit(aFunction = null) {
+ SimpleTest.waitForExplicitFinish();
+ let pwmgrCommonScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js"));
+ if (aFunction) {
+ window.addEventListener("runTests", aFunction);
+ pwmgrCommonScript.addMessageListener("registerRunTests", () => registerRunTests());
+ }
+ pwmgrCommonScript.sendSyncMessage("setupParent");
+ return pwmgrCommonScript;
+}
+
+// Code to run when loaded as a chrome script in tests via loadChromeScript
+if (this.addMessageListener) {
+ const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+ var SpecialPowers = { Cc, Ci, Cr, Cu, };
+ var ok, is;
+ // Ignore ok/is in commonInit since they aren't defined in a chrome script.
+ ok = is = () => {}; // eslint-disable-line no-native-reassign
+
+ Cu.import("resource://gre/modules/LoginHelper.jsm");
+ Cu.import("resource://gre/modules/LoginManagerParent.jsm");
+ Cu.import("resource://gre/modules/Services.jsm");
+ Cu.import("resource://gre/modules/Task.jsm");
+
+ function onStorageChanged(subject, topic, data) {
+ sendAsyncMessage("storageChanged", {
+ topic,
+ data,
+ });
+ }
+ Services.obs.addObserver(onStorageChanged, "passwordmgr-storage-changed", false);
+
+ function onPrompt(subject, topic, data) {
+ sendAsyncMessage("promptShown", {
+ topic,
+ data,
+ });
+ }
+ Services.obs.addObserver(onPrompt, "passwordmgr-prompt-change", false);
+ Services.obs.addObserver(onPrompt, "passwordmgr-prompt-save", false);
+
+ addMessageListener("setupParent", ({selfFilling = false} = {selfFilling: false}) => {
+ // Force LoginManagerParent to init for the tests since it's normally delayed
+ // by apps such as on Android.
+ LoginManagerParent.init();
+
+ commonInit(selfFilling);
+ sendAsyncMessage("doneSetup");
+ });
+
+ addMessageListener("loadRecipes", Task.async(function*(recipes) {
+ var recipeParent = yield LoginManagerParent.recipeParentPromise;
+ yield recipeParent.load(recipes);
+ sendAsyncMessage("loadedRecipes", recipes);
+ }));
+
+ addMessageListener("resetRecipes", Task.async(function*() {
+ let recipeParent = yield LoginManagerParent.recipeParentPromise;
+ yield recipeParent.reset();
+ sendAsyncMessage("recipesReset");
+ }));
+
+ addMessageListener("proxyLoginManager", msg => {
+ // Recreate nsILoginInfo objects from vanilla JS objects.
+ let recreatedArgs = msg.args.map((arg, index) => {
+ if (msg.loginInfoIndices.includes(index)) {
+ return LoginHelper.vanillaObjectToLogin(arg);
+ }
+
+ return arg;
+ });
+
+ let rv = Services.logins[msg.methodName](...recreatedArgs);
+ if (rv instanceof Ci.nsILoginInfo) {
+ rv = LoginHelper.loginToVanillaObject(rv);
+ }
+ return rv;
+ });
+
+ var globalMM = Cc["@mozilla.org/globalmessagemanager;1"].getService(Ci.nsIMessageListenerManager);
+ globalMM.addMessageListener("RemoteLogins:onFormSubmit", function onFormSubmit(message) {
+ sendAsyncMessage("formSubmissionProcessed", message.data, message.objects);
+ });
+} else {
+ // Code to only run in the mochitest pages (not in the chrome script).
+ SpecialPowers.pushPrefEnv({"set": [["signon.autofillForms.http", true],
+ ["security.insecure_field_warning.contextual.enabled", false]]
+ });
+
+ SimpleTest.registerCleanupFunction(() => {
+ SpecialPowers.popPrefEnv();
+ runInParent(function cleanupParent() {
+ const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+ Cu.import("resource://gre/modules/Services.jsm");
+ Cu.import("resource://gre/modules/LoginManagerParent.jsm");
+
+ // Remove all logins and disabled hosts
+ Services.logins.removeAllLogins();
+
+ let disabledHosts = Services.logins.getAllDisabledHosts();
+ disabledHosts.forEach(host => Services.logins.setLoginSavingEnabled(host, true));
+
+ let authMgr = Cc["@mozilla.org/network/http-auth-manager;1"].
+ getService(Ci.nsIHttpAuthManager);
+ authMgr.clearAll();
+
+ if (LoginManagerParent._recipeManager) {
+ LoginManagerParent._recipeManager.reset();
+ }
+
+ // Cleanup PopupNotifications (if on a relevant platform)
+ let chromeWin = Services.wm.getMostRecentWindow("navigator:browser");
+ if (chromeWin && chromeWin.PopupNotifications) {
+ let notes = chromeWin.PopupNotifications._currentNotifications;
+ if (notes.length > 0) {
+ dump("Removing " + notes.length + " popup notifications.\n");
+ }
+ for (let note of notes) {
+ note.remove();
+ }
+ }
+ });
+ });
+
+
+ let { LoginHelper } = SpecialPowers.Cu.import("resource://gre/modules/LoginHelper.jsm", {});
+ /**
+ * Proxy for Services.logins (nsILoginManager).
+ * Only supports arguments which support structured clone plus {nsILoginInfo}
+ * Assumes properties are methods.
+ */
+ this.LoginManager = new Proxy({}, {
+ get(target, prop, receiver) {
+ return (...args) => {
+ let loginInfoIndices = [];
+ let cloneableArgs = args.map((val, index) => {
+ if (SpecialPowers.call_Instanceof(val, SpecialPowers.Ci.nsILoginInfo)) {
+ loginInfoIndices.push(index);
+ return LoginHelper.loginToVanillaObject(val);
+ }
+
+ return val;
+ });
+
+ return chromeScript.sendSyncMessage("proxyLoginManager", {
+ args: cloneableArgs,
+ loginInfoIndices,
+ methodName: prop,
+ })[0][0];
+ };
+ },
+ });
+}
diff --git a/toolkit/components/passwordmgr/test/subtst_master_pass.html b/toolkit/components/passwordmgr/test/subtst_master_pass.html
new file mode 100644
index 000000000..20211866a
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/subtst_master_pass.html
@@ -0,0 +1,12 @@
+<h2>MP subtest</h2>
+This form triggers a MP and gets filled in.<br>
+<form>
+Username: <input type="text" id="userfield" name="u"><br>
+Password: <input type="password" id="passfield" name="p"><br>
+<script>
+ // Only notify when we fill in the password field.
+ document.getElementById("passfield").addEventListener("input", function() {
+ parent.postMessage("filled", "*");
+ });
+</script>
+</form>
diff --git a/toolkit/components/passwordmgr/test/subtst_prompt_async.html b/toolkit/components/passwordmgr/test/subtst_prompt_async.html
new file mode 100644
index 000000000..f60f63814
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/subtst_prompt_async.html
@@ -0,0 +1,12 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Multiple auth request</title>
+</head>
+<body>
+ <iframe id="iframe1" src="http://example.com/tests/toolkit/components/passwordmgr/test/authenticate.sjs?r=1&user=user3name&pass=user3pass&realm=mochirealm3&proxy_user=proxy_user2&proxy_pass=proxy_pass2&proxy_realm=proxy_realm2"></iframe>
+ <iframe id="iframe2" src="http://example.com/tests/toolkit/components/passwordmgr/test/authenticate.sjs?r=2&user=user3name&pass=user3pass&realm=mochirealm3&proxy_user=proxy_user2&proxy_pass=proxy_pass2&proxy_realm=proxy_realm2"></iframe>
+ <iframe id="iframe3" src="http://example.com/tests/toolkit/components/passwordmgr/test/authenticate.sjs?r=3&user=user3name&pass=user3pass&realm=mochirealm3&proxy_user=proxy_user2&proxy_pass=proxy_pass2&proxy_realm=proxy_realm2"></iframe>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/test_master_password.html b/toolkit/components/passwordmgr/test/test_master_password.html
new file mode 100644
index 000000000..c8884811f
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/test_master_password.html
@@ -0,0 +1,308 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for master password</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: master password.
+<script>
+"use strict";
+
+commonInit();
+SimpleTest.waitForExplicitFinish();
+SimpleTest.requestFlakyTimeout("untriaged");
+
+var pwmgr = SpecialPowers.Cc["@mozilla.org/login-manager;1"]
+ .getService(SpecialPowers.Ci.nsILoginManager);
+var pwcrypt = SpecialPowers.Cc["@mozilla.org/login-manager/crypto/SDR;1"]
+ .getService(Ci.nsILoginManagerCrypto);
+
+var nsLoginInfo = new SpecialPowers.wrap(SpecialPowers.Components).Constructor("@mozilla.org/login-manager/loginInfo;1", Ci.nsILoginInfo);
+
+var exampleCom = "http://example.com/tests/toolkit/components/passwordmgr/test/";
+var exampleOrg = "http://example.org/tests/toolkit/components/passwordmgr/test/";
+
+var login1 = new nsLoginInfo();
+var login2 = new nsLoginInfo();
+
+login1.init("http://example.com", "http://example.com", null,
+ "user1", "pass1", "uname", "pword");
+login2.init("http://example.org", "http://example.org", null,
+ "user2", "pass2", "uname", "pword");
+
+pwmgr.addLogin(login1);
+pwmgr.addLogin(login2);
+</script>
+
+<p id="display"></p>
+
+<div id="content" style="display: none">
+<iframe id="iframe1"></iframe>
+<iframe id="iframe2"></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+var testNum = 1;
+var iframe1 = document.getElementById("iframe1");
+var iframe2 = document.getElementById("iframe2");
+
+// A couple of tests have to wait until the password manager gets around to
+// filling in the password in the subtest (after we dismiss the master
+// password dialog). In order to accomplish this, the test waits for an event
+// and then posts a message back up to us telling us to continue.
+var continuation = null;
+addEventListener("message", () => {
+ if (continuation) {
+ var c = continuation;
+ continuation = null;
+ c();
+ }
+});
+
+/*
+ * handleDialog
+ *
+ * Invoked a short period of time after calling startCallbackTimer(), and
+ * allows testing the actual auth dialog while it's being displayed. Tests
+ * should call startCallbackTimer() each time the auth dialog is expected (the
+ * timer is a one-shot).
+ */
+function handleDialog(doc, testNumber) {
+ ok(true, "handleDialog running for test " + testNumber);
+
+ var clickOK = true;
+ var doNothing = false;
+ var passfield = doc.getElementById("password1Textbox");
+ var dialog = doc.getElementById("commonDialog");
+
+ switch (testNumber) {
+ case 1:
+ is(passfield.getAttribute("value"), "", "Checking empty prompt");
+ passfield.setAttribute("value", masterPassword);
+ is(passfield.getAttribute("value"), masterPassword, "Checking filled prompt");
+ break;
+
+ case 2:
+ clickOK = false;
+ break;
+
+ case 3:
+ is(passfield.getAttribute("value"), "", "Checking empty prompt");
+ passfield.setAttribute("value", masterPassword);
+ break;
+
+ case 4:
+ doNothing = true;
+ break;
+
+ case 5:
+ is(passfield.getAttribute("value"), "", "Checking empty prompt");
+ passfield.setAttribute("value", masterPassword);
+ break;
+
+ default:
+ ok(false, "Uhh, unhandled switch for testNum #" + testNumber);
+ break;
+ }
+
+ didDialog = true;
+
+ if (!doNothing) {
+ SpecialPowers.addObserver(outerWindowObserver, "outer-window-destroyed", false);
+ if (clickOK)
+ dialog.acceptDialog();
+ else
+ dialog.cancelDialog();
+ }
+
+ ok(true, "handleDialog done for test " + testNumber);
+
+ if (testNumber == 4)
+ checkTest4A();
+}
+
+var outerWindowObserver = {
+ observe: function(id) {
+ SpecialPowers.removeObserver(outerWindowObserver, "outer-window-destroyed");
+ var func;
+ if (testNum == 1)
+ func = startTest2;
+ else if (testNum == 2)
+ func = startTest3;
+
+ // For tests 3 and 4C, we use the 'continuation' mechanism, described
+ // above.
+ if (func)
+ setTimeout(func, 300);
+ }
+};
+
+
+function startTest1() {
+ ok(pwcrypt.isLoggedIn, "should be initially logged in (no MP)");
+ enableMasterPassword();
+ ok(!pwcrypt.isLoggedIn, "should be logged out after setting MP");
+
+ // --- Test 1 ---
+ // Trigger a MP prompt via the API
+ startCallbackTimer();
+ var logins = pwmgr.getAllLogins();
+ ok(didDialog, "handleDialog was invoked");
+ is(logins.length, 3, "expected number of logins");
+
+ ok(pwcrypt.isLoggedIn, "should be logged in after MP prompt");
+ logoutMasterPassword();
+ ok(!pwcrypt.isLoggedIn, "should be logged out");
+}
+
+function startTest2() {
+ // Try again but click cancel.
+ testNum++;
+ startCallbackTimer();
+ var failedAsExpected = false;
+ logins = null;
+ try {
+ logins = pwmgr.getAllLogins();
+ } catch (e) { failedAsExpected = true; }
+ ok(didDialog, "handleDialog was invoked");
+ ok(failedAsExpected, "getAllLogins should have thrown");
+ is(logins, null, "shouldn't have gotten logins");
+ ok(!pwcrypt.isLoggedIn, "should still be logged out");
+}
+
+function startTest3() {
+ // Load a single iframe to trigger a MP
+ testNum++;
+ iframe1.src = exampleCom + "subtst_master_pass.html";
+ continuation = checkTest3;
+ startCallbackTimer();
+}
+
+function checkTest3() {
+ ok(true, "checkTest3 starting");
+ ok(didDialog, "handleDialog was invoked");
+
+ // check contents of iframe1 fields
+ var u = SpecialPowers.wrap(iframe1).contentDocument.getElementById("userfield");
+ var p = SpecialPowers.wrap(iframe1).contentDocument.getElementById("passfield");
+ is(u.value, "user1", "checking expected user to have been filled in");
+ is(p.value, "pass1", "checking expected pass to have been filled in");
+
+ ok(pwcrypt.isLoggedIn, "should be logged in");
+ logoutMasterPassword();
+ ok(!pwcrypt.isLoggedIn, "should be logged out");
+
+
+ // --- Test 4 ---
+ // first part of loading 2 MP-triggering iframes
+ testNum++;
+ iframe1.src = exampleOrg + "subtst_master_pass.html";
+ // start the callback, but we'll not enter the MP, just call checkTest4A
+ startCallbackTimer();
+}
+
+function checkTest4A() {
+ ok(true, "checkTest4A starting");
+ ok(didDialog, "handleDialog was invoked");
+
+ // check contents of iframe1 fields
+ var u = SpecialPowers.wrap(iframe1).contentDocument.getElementById("userfield");
+ var p = SpecialPowers.wrap(iframe1).contentDocument.getElementById("passfield");
+ is(u.value, "", "checking expected empty user");
+ is(p.value, "", "checking expected empty pass");
+
+
+ ok(!pwcrypt.isLoggedIn, "should be logged out");
+
+ // XXX check that there's 1 MP window open
+
+ // Load another iframe with a login form
+ // This should detect that there's already a pending MP prompt, and not
+ // put up a second one. The load event will fire (note that when pwmgr is
+ // driven from DOMContentLoaded, if that blocks due to prompting for a MP,
+ // the load even will also be blocked until the prompt is dismissed).
+ iframe2.onload = checkTest4B_delay;
+ iframe2.src = exampleCom + "subtst_master_pass.html";
+}
+
+function checkTest4B_delay() {
+ // Testing a negative, wait a little to give the login manager a chance to
+ // (incorrectly) fill in the form. Note, we cannot use setTimeout()
+ // here because the modal window suspends all window timers. Instead we
+ // must use a chrome script to use nsITimer directly.
+ let chromeURL = SimpleTest.getTestFileURL("chrome_timeout.js");
+ let script = SpecialPowers.loadChromeScript(chromeURL);
+ script.addMessageListener('ready', _ => {
+ script.sendAsyncMessage('setTimeout', { delay: 500 });
+ });
+ script.addMessageListener('timeout', checkTest4B);
+}
+
+function checkTest4B() {
+ ok(true, "checkTest4B starting");
+ // iframe2 should load without having triggered a MP prompt (because one
+ // is already waiting)
+
+ // check contents of iframe2 fields
+ var u = SpecialPowers.wrap(iframe2).contentDocument.getElementById("userfield");
+ var p = SpecialPowers.wrap(iframe2).contentDocument.getElementById("passfield");
+ is(u.value, "", "checking expected empty user");
+ is(p.value, "", "checking expected empty pass");
+
+ // XXX check that there's 1 MP window open
+ ok(!pwcrypt.isLoggedIn, "should be logged out");
+
+ continuation = checkTest4C;
+
+ // Ok, now enter the MP. The MP prompt is already up, but we'll just reuse startCallBackTimer.
+ // --- Test 5 ---
+ testNum++;
+ startCallbackTimer();
+}
+
+function checkTest4C() {
+ ok(true, "checkTest4C starting");
+ ok(didDialog, "handleDialog was invoked");
+
+ // We shouldn't have to worry about iframe1's load event racing with
+ // filling of iframe2's data. We notify observers synchronously, so
+ // iframe2's observer will process iframe2 before iframe1 even finishes
+ // processing the form (which is blocking its load event).
+ ok(pwcrypt.isLoggedIn, "should be logged in");
+
+ // check contents of iframe1 fields
+ var u = SpecialPowers.wrap(iframe1).contentDocument.getElementById("userfield");
+ var p = SpecialPowers.wrap(iframe1).contentDocument.getElementById("passfield");
+ is(u.value, "user2", "checking expected user to have been filled in");
+ is(p.value, "pass2", "checking expected pass to have been filled in");
+
+ // check contents of iframe2 fields
+ u = SpecialPowers.wrap(iframe2).contentDocument.getElementById("userfield");
+ p = SpecialPowers.wrap(iframe2).contentDocument.getElementById("passfield");
+ is(u.value, "user1", "checking expected user to have been filled in");
+ is(p.value, "pass1", "checking expected pass to have been filled in");
+
+ SimpleTest.finish();
+}
+
+// XXX do a test5ABC with clicking cancel?
+
+SimpleTest.registerCleanupFunction(function finishTest() {
+ disableMasterPassword();
+
+ pwmgr.removeLogin(login1);
+ pwmgr.removeLogin(login2);
+});
+
+window.addEventListener("runTests", startTest1);
+</script>
+</pre>
+</body>
+</html>
+
diff --git a/toolkit/components/passwordmgr/test/test_prompt_async.html b/toolkit/components/passwordmgr/test/test_prompt_async.html
new file mode 100644
index 000000000..38b34679a
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/test_prompt_async.html
@@ -0,0 +1,540 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for Async Auth Prompt</title>
+ <script type="text/javascript" src="/MochiKit/MochiKit.js"></script>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+
+ <script class="testbody" type="text/javascript">
+ SimpleTest.waitForExplicitFinish();
+ SimpleTest.requestFlakyTimeout("untriaged");
+
+ const { NetUtil } = SpecialPowers.Cu.import('resource://gre/modules/NetUtil.jsm');
+
+ var prefs = Cc["@mozilla.org/preferences-service;1"].
+ getService(Ci.nsIPrefBranch);
+ prefs.setIntPref("network.auth.subresource-http-auth-allow", 2);
+ // Class monitoring number of open dialog windows
+ // It checks there is always open just a single dialog per application
+ function dialogMonitor() {
+ var observerService = SpecialPowers.Cc["@mozilla.org/observer-service;1"]
+ .getService(Ci.nsIObserverService);
+ observerService.addObserver(this, "domwindowopened", false);
+ observerService.addObserver(this, "domwindowclosed", false);
+ }
+
+ /*
+ * As documented in Bug 718543, checking equality of objects pulled
+ * from SpecialPowers-wrapped objects is unreliable. Because of that,
+ * `dialogMonitor` now tracks the number of open windows rather than
+ * specific window objects.
+ *
+ * NB: Because the constructor (above) adds |this| directly as an observer,
+ * we need to do SpecialPowers.wrapCallbackObject directly on the prototype.
+ */
+ dialogMonitor.prototype = SpecialPowers.wrapCallbackObject({
+ windowsOpen : 0,
+ windowsRegistered : 0,
+
+ QueryInterface : function (iid) {
+ const interfaces = [Ci.nsIObserver, Ci.nsISupports];
+
+ if (!interfaces.some( function(v) { return iid.equals(v); } ))
+ throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE;
+ return this;
+ },
+
+ observe: function(subject, topic, data) {
+ if (topic === "domwindowopened") {
+ this.windowsOpen++;
+ this.windowsRegistered++;
+ return;
+ }
+ if (topic === "domwindowclosed") {
+ this.windowsOpen--;
+ return;
+ }
+ },
+
+ shutdown: function() {
+ var observerService = SpecialPowers.Cc["@mozilla.org/observer-service;1"]
+ .getService(Ci.nsIObserverService);
+ observerService.removeObserver(this, "domwindowopened");
+ observerService.removeObserver(this, "domwindowclosed");
+ },
+
+ reset: function() {
+ this.windowsOpen = 0;
+ this.windowsRegistered = 0;
+ }
+ });
+
+ var monitor = new dialogMonitor();
+
+ var pwmgr, logins = [];
+
+ function initLogins(pi) {
+ pwmgr = SpecialPowers.Cc["@mozilla.org/login-manager;1"]
+ .getService(Ci.nsILoginManager);
+
+ function addLogin(host, realm, user, pass) {
+ var login = SpecialPowers.Cc["@mozilla.org/login-manager/loginInfo;1"]
+ .createInstance(Ci.nsILoginInfo);
+ login.init(host, null, realm, user, pass, "", "");
+ pwmgr.addLogin(login);
+ logins.push(login);
+ }
+
+ var mozproxy = "moz-proxy://" +
+ SpecialPowers.wrap(pi).host + ":" +
+ SpecialPowers.wrap(pi).port;
+
+ addLogin(mozproxy, "proxy_realm",
+ "proxy_user", "proxy_pass");
+ addLogin(mozproxy, "proxy_realm2",
+ "proxy_user2", "proxy_pass2");
+ addLogin(mozproxy, "proxy_realm3",
+ "proxy_user3", "proxy_pass3");
+ addLogin(mozproxy, "proxy_realm4",
+ "proxy_user4", "proxy_pass4");
+ addLogin(mozproxy, "proxy_realm5",
+ "proxy_user5", "proxy_pass5");
+ addLogin("http://example.com", "mochirealm",
+ "user1name", "user1pass");
+ addLogin("http://example.org", "mochirealm2",
+ "user2name", "user2pass");
+ addLogin("http://example.com", "mochirealm3",
+ "user3name", "user3pass");
+ addLogin("http://example.com", "mochirealm4",
+ "user4name", "user4pass");
+ addLogin("http://example.com", "mochirealm5",
+ "user5name", "user5pass");
+ addLogin("http://example.com", "mochirealm6",
+ "user6name", "user6pass");
+ }
+
+ function finishTest() {
+ ok(true, "finishTest removing testing logins...");
+ for (i in logins)
+ pwmgr.removeLogin(logins[i]);
+
+ var authMgr = SpecialPowers.Cc['@mozilla.org/network/http-auth-manager;1']
+ .getService(Ci.nsIHttpAuthManager);
+ authMgr.clearAll();
+
+ monitor.shutdown();
+ SimpleTest.finish();
+ }
+
+ var resolveCallback = SpecialPowers.wrapCallbackObject({
+ QueryInterface : function (iid) {
+ const interfaces = [Ci.nsIProtocolProxyCallback, Ci.nsISupports];
+
+ if (!interfaces.some( function(v) { return iid.equals(v); } ))
+ throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE;
+ return this;
+ },
+
+ onProxyAvailable : function (req, uri, pi, status) {
+ initLogins(pi);
+ doTest(testNum);
+ }
+ });
+
+ function startup() {
+ // Need to allow for arbitrary network servers defined in PAC instead of a hardcoded moz-proxy.
+ var channel = NetUtil.newChannel({
+ uri: "http://example.com",
+ loadUsingSystemPrincipal: true
+ });
+
+ var pps = SpecialPowers.Cc["@mozilla.org/network/protocol-proxy-service;1"]
+ .getService();
+
+ pps.asyncResolve(channel, 0, resolveCallback);
+ }
+
+ // --------------- Test loop spin ----------------
+ var testNum = 1;
+ var iframe1;
+ var iframe2a;
+ var iframe2b;
+ window.onload = function () {
+ iframe1 = document.getElementById("iframe1");
+ iframe2a = document.getElementById("iframe2a");
+ iframe2b = document.getElementById("iframe2b");
+ iframe1.onload = onFrameLoad;
+ iframe2a.onload = onFrameLoad;
+ iframe2b.onload = onFrameLoad;
+
+ startup();
+ };
+
+ var expectedLoads;
+ var expectedDialogs;
+ function onFrameLoad()
+ {
+ if (--expectedLoads == 0) {
+ // All pages expected to load has loaded, continue with the next test
+ ok(true, "Expected frames loaded");
+
+ doCheck(testNum);
+ monitor.reset();
+
+ testNum++;
+ doTest(testNum);
+ }
+ }
+
+ function doTest(testNumber)
+ {
+ /*
+ * These contentDocument variables are located here,
+ * rather than in the global scope, because SpecialPowers threw
+ * errors (complaining that the objects were deleted)
+ * when these were in the global scope.
+ */
+ var iframe1Doc = SpecialPowers.wrap(iframe1).contentDocument;
+ var iframe2aDoc = SpecialPowers.wrap(iframe2a).contentDocument;
+ var iframe2bDoc = SpecialPowers.wrap(iframe2b).contentDocument;
+ var exampleCom = "http://example.com/tests/toolkit/components/passwordmgr/test/";
+ var exampleOrg = "http://example.org/tests/toolkit/components/passwordmgr/test/";
+
+ switch (testNumber)
+ {
+ case 1:
+ // Load through a single proxy with authentication required 3 different
+ // pages, first with one login, other two with their own different login.
+ // We expect to show just a single dialog for proxy authentication and
+ // then two dialogs to authenticate to login 1 and then login 2.
+ ok(true, "doTest testNum 1");
+ expectedLoads = 3;
+ expectedDialogs = 3;
+ iframe1.src = exampleCom + "authenticate.sjs?" +
+ "r=1&" +
+ "user=user1name&" +
+ "pass=user1pass&" +
+ "realm=mochirealm&" +
+ "proxy_user=proxy_user&" +
+ "proxy_pass=proxy_pass&" +
+ "proxy_realm=proxy_realm";
+ iframe2a.src = exampleOrg + "authenticate.sjs?" +
+ "r=2&" +
+ "user=user2name&" +
+ "pass=user2pass&" +
+ "realm=mochirealm2&" +
+ "proxy_user=proxy_user&" +
+ "proxy_pass=proxy_pass&" +
+ "proxy_realm=proxy_realm";
+ iframe2b.src = exampleOrg + "authenticate.sjs?" +
+ "r=3&" +
+ "user=user2name&" +
+ "pass=user2pass&" +
+ "realm=mochirealm2&" +
+ "proxy_user=proxy_user&" +
+ "proxy_pass=proxy_pass&" +
+ "proxy_realm=proxy_realm";
+ break;
+
+ case 2:
+ // Load an iframe with 3 subpages all requiring the same login through
+ // anuthenticated proxy. We expect 2 dialogs, proxy authentication
+ // and web authentication.
+ ok(true, "doTest testNum 2");
+ expectedLoads = 3;
+ expectedDialogs = 2;
+ iframe1.src = exampleCom + "subtst_prompt_async.html";
+ iframe2a.src = "about:blank";
+ iframe2b.src = "about:blank";
+ break;
+
+ case 3:
+ // Load in the iframe page through unauthenticated proxy
+ // and discard the proxy authentication. We expect to see
+ // unauthenticated page content and just a single dialog.
+ ok(true, "doTest testNum 3");
+ expectedLoads = 1;
+ expectedDialogs = 1;
+ iframe1.src = exampleCom + "authenticate.sjs?" +
+ "user=user4name&" +
+ "pass=user4pass&" +
+ "realm=mochirealm4&" +
+ "proxy_user=proxy_user3&" +
+ "proxy_pass=proxy_pass3&" +
+ "proxy_realm=proxy_realm3";
+ break;
+
+ case 4:
+ // Reload the frame from previous step and pass the proxy authentication
+ // but cancel the WWW authentication. We should get the proxy=ok and WWW=fail
+ // content as a result.
+ ok(true, "doTest testNum 4");
+ expectedLoads = 1;
+ expectedDialogs = 2;
+ iframe1.src = exampleCom + "authenticate.sjs?" +
+ "user=user4name&" +
+ "pass=user4pass&" +
+ "realm=mochirealm4&" +
+ "proxy_user=proxy_user3&" +
+ "proxy_pass=proxy_pass3&" +
+ "proxy_realm=proxy_realm3";
+
+
+ break;
+
+ case 5:
+ // Same as the previous two steps but let the server generate
+ // huge content load to check http channel is capable to handle
+ // case when auth dialog is canceled or accepted before unauthenticated
+ // content data is load from the server. (This would be better to
+ // implement using delay of server response).
+ ok(true, "doTest testNum 5");
+ expectedLoads = 1;
+ expectedDialogs = 1;
+ iframe1.src = exampleCom + "authenticate.sjs?" +
+ "user=user5name&" +
+ "pass=user5pass&" +
+ "realm=mochirealm5&" +
+ "proxy_user=proxy_user4&" +
+ "proxy_pass=proxy_pass4&" +
+ "proxy_realm=proxy_realm4&" +
+ "huge=1";
+ break;
+
+ case 6:
+ // Reload the frame from the previous step and let the proxy
+ // authentication pass but WWW fail. We expect two dialogs
+ // and an unathenticated page content load.
+ ok(true, "doTest testNum 6");
+ expectedLoads = 1;
+ expectedDialogs = 2;
+ iframe1.src = exampleCom + "authenticate.sjs?" +
+ "user=user5name&" +
+ "pass=user5pass&" +
+ "realm=mochirealm5&" +
+ "proxy_user=proxy_user4&" +
+ "proxy_pass=proxy_pass4&" +
+ "proxy_realm=proxy_realm4&" +
+ "huge=1";
+ break;
+
+ case 7:
+ // Reload again and let pass all authentication dialogs.
+ // Check we get the authenticated content not broken by
+ // the unauthenticated content.
+ ok(true, "doTest testNum 7");
+ expectedLoads = 1;
+ expectedDialogs = 1;
+ iframe1Doc.location.reload();
+ break;
+
+ case 8:
+ // Check we proccess all challenges sent by server when
+ // user cancels prompts
+ ok(true, "doTest testNum 8");
+ expectedLoads = 1;
+ expectedDialogs = 5;
+ iframe1.src = exampleCom + "authenticate.sjs?" +
+ "user=user6name&" +
+ "pass=user6pass&" +
+ "realm=mochirealm6&" +
+ "proxy_user=proxy_user5&" +
+ "proxy_pass=proxy_pass5&" +
+ "proxy_realm=proxy_realm5&" +
+ "huge=1&" +
+ "multiple=3";
+ break;
+
+ case 9:
+ finishTest();
+ return;
+ }
+
+ startCallbackTimer();
+ }
+
+ function handleDialog(doc, testNumber)
+ {
+ var dialog = doc.getElementById("commonDialog");
+
+ switch (testNumber)
+ {
+ case 1:
+ case 2:
+ dialog.acceptDialog();
+ break;
+
+ case 3:
+ dialog.cancelDialog();
+ setTimeout(onFrameLoad, 10); // there are no successful frames for test 3
+ break;
+
+ case 4:
+ if (expectedDialogs == 2)
+ dialog.acceptDialog();
+ else
+ dialog.cancelDialog();
+ break;
+
+ case 5:
+ dialog.cancelDialog();
+ setTimeout(onFrameLoad, 10); // there are no successful frames for test 5
+ break;
+
+ case 6:
+ if (expectedDialogs == 2)
+ dialog.acceptDialog();
+ else
+ dialog.cancelDialog();
+ break;
+
+ case 7:
+ dialog.acceptDialog();
+ break;
+
+ case 8:
+ if (expectedDialogs == 3 || expectedDialogs == 1)
+ dialog.acceptDialog();
+ else
+ dialog.cancelDialog();
+ break;
+
+ default:
+ ok(false, "Unhandled testNum " + testNumber + " in handleDialog");
+ }
+
+ if (--expectedDialogs > 0)
+ startCallbackTimer();
+ }
+
+ function doCheck(testNumber)
+ {
+ var iframe1Doc = SpecialPowers.wrap(iframe1).contentDocument;
+ var iframe2aDoc = SpecialPowers.wrap(iframe2a).contentDocument;
+ var iframe2bDoc = SpecialPowers.wrap(iframe2b).contentDocument;
+ var authok1;
+ var proxyok1;
+ var footnote;
+ switch (testNumber)
+ {
+ case 1:
+ ok(true, "doCheck testNum 1");
+ is(monitor.windowsRegistered, 3, "Registered 3 open dialogs");
+
+ authok1 = iframe1Doc.getElementById("ok").textContent;
+ proxyok1 = iframe1Doc.getElementById("proxy").textContent;
+
+ var authok2a = iframe2aDoc.getElementById("ok").textContent;
+ var proxyok2a = iframe2aDoc.getElementById("proxy").textContent;
+
+ var authok2b = iframe2bDoc.getElementById("ok").textContent;
+ var proxyok2b = iframe2bDoc.getElementById("proxy").textContent;
+
+ is(authok1, "PASS", "WWW Authorization OK, frame1");
+ is(authok2a, "PASS", "WWW Authorization OK, frame2a");
+ is(authok2b, "PASS", "WWW Authorization OK, frame2b");
+ is(proxyok1, "PASS", "Proxy Authorization OK, frame1");
+ is(proxyok2a, "PASS", "Proxy Authorization OK, frame2a");
+ is(proxyok2b, "PASS", "Proxy Authorization OK, frame2b");
+ break;
+
+ case 2:
+ is(monitor.windowsRegistered, 2, "Registered 2 open dialogs");
+ ok(true, "doCheck testNum 2");
+
+ function checkIframe(frame) {
+ var doc = SpecialPowers.wrap(frame).contentDocument;
+
+ var authok = doc.getElementById("ok").textContent;
+ var proxyok = doc.getElementById("proxy").textContent;
+
+ is(authok, "PASS", "WWW Authorization OK, " + frame.id);
+ is(proxyok, "PASS", "Proxy Authorization OK, " + frame.id);
+ }
+
+ checkIframe(iframe1Doc.getElementById("iframe1"));
+ checkIframe(iframe1Doc.getElementById("iframe2"));
+ checkIframe(iframe1Doc.getElementById("iframe3"));
+ break;
+
+ case 3:
+ ok(true, "doCheck testNum 3");
+ is(monitor.windowsRegistered, 1, "Registered 1 open dialog");
+
+ // ensure that the page content is not displayed on failed proxy auth
+ is(iframe1Doc.getElementById("ok"), null, "frame did not load");
+ break;
+
+ case 4:
+ ok(true, "doCheck testNum 4");
+ is(monitor.windowsRegistered, 2, "Registered 2 open dialogs");
+ authok1 = iframe1Doc.getElementById("ok").textContent;
+ proxyok1 = iframe1Doc.getElementById("proxy").textContent;
+
+ is(authok1, "FAIL", "WWW Authorization FAILED, frame1");
+ is(proxyok1, "PASS", "Proxy Authorization OK, frame1");
+ break;
+
+ case 5:
+ ok(true, "doCheck testNum 5");
+ is(monitor.windowsRegistered, 1, "Registered 1 open dialog");
+
+ // ensure that the page content is not displayed on failed proxy auth
+ is(iframe1Doc.getElementById("footnote"), null, "frame did not load");
+ break;
+
+ case 6:
+ ok(true, "doCheck testNum 6");
+ is(monitor.windowsRegistered, 2, "Registered 2 open dialogs");
+ authok1 = iframe1Doc.getElementById("ok").textContent;
+ proxyok1 = iframe1Doc.getElementById("proxy").textContent;
+ footnote = iframe1Doc.getElementById("footnote").textContent;
+
+ is(authok1, "FAIL", "WWW Authorization FAILED, frame1");
+ is(proxyok1, "PASS", "Proxy Authorization OK, frame1");
+ is(footnote, "This is a footnote after the huge content fill",
+ "Footnote present and loaded completely");
+ break;
+
+ case 7:
+ ok(true, "doCheck testNum 7");
+ is(monitor.windowsRegistered, 1, "Registered 1 open dialogs");
+ authok1 = iframe1Doc.getElementById("ok").textContent;
+ proxyok1 = iframe1Doc.getElementById("proxy").textContent;
+ footnote = iframe1Doc.getElementById("footnote").textContent;
+
+ is(authok1, "PASS", "WWW Authorization OK, frame1");
+ is(proxyok1, "PASS", "Proxy Authorization OK, frame1");
+ is(footnote, "This is a footnote after the huge content fill",
+ "Footnote present and loaded completely");
+ break;
+
+ case 8:
+ ok(true, "doCheck testNum 8");
+ is(monitor.windowsRegistered, 5, "Registered 5 open dialogs");
+ authok1 = iframe1Doc.getElementById("ok").textContent;
+ proxyok1 = iframe1Doc.getElementById("proxy").textContent;
+ footnote = iframe1Doc.getElementById("footnote").textContent;
+
+ is(authok1, "PASS", "WWW Authorization OK, frame1");
+ is(proxyok1, "PASS", "Proxy Authorization OK, frame1");
+ is(footnote, "This is a footnote after the huge content fill",
+ "Footnote present and loaded completely");
+ break;
+
+ default:
+ ok(false, "Unhandled testNum " + testNumber + " in doCheck");
+ }
+ }
+
+ </script>
+</head>
+<body>
+ <iframe id="iframe1"></iframe>
+ <iframe id="iframe2a"></iframe>
+ <iframe id="iframe2b"></iframe>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/test_xhr.html b/toolkit/components/passwordmgr/test/test_xhr.html
new file mode 100644
index 000000000..296371685
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/test_xhr.html
@@ -0,0 +1,201 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test for XHR prompts</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: XHR prompt
+<p id="display"></p>
+
+<div id="content" style="display: none">
+ <iframe id="iframe"></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: XHR prompts. **/
+var pwmgr, login1, login2;
+
+function initLogins() {
+ pwmgr = Cc["@mozilla.org/login-manager;1"].
+ getService(Ci.nsILoginManager);
+
+ login1 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+ login2 = Cc["@mozilla.org/login-manager/loginInfo;1"].
+ createInstance(Ci.nsILoginInfo);
+
+ login1.init("http://mochi.test:8888", null, "xhr",
+ "xhruser1", "xhrpass1", "", "");
+ login2.init("http://mochi.test:8888", null, "xhr2",
+ "xhruser2", "xhrpass2", "", "");
+
+ pwmgr.addLogin(login1);
+ pwmgr.addLogin(login2);
+}
+
+function finishTest() {
+ ok(true, "finishTest removing testing logins...");
+ pwmgr.removeLogin(login1);
+ pwmgr.removeLogin(login2);
+
+ SimpleTest.finish();
+}
+
+function handleDialog(doc, testNum) {
+ ok(true, "handleDialog running for test " + testNum);
+
+ var clickOK = true;
+ var userfield = doc.getElementById("loginTextbox");
+ var passfield = doc.getElementById("password1Textbox");
+ var username = userfield.getAttribute("value");
+ var password = passfield.getAttribute("value");
+ var dialog = doc.getElementById("commonDialog");
+
+ switch (testNum) {
+ case 1:
+ is(username, "xhruser1", "Checking provided username");
+ is(password, "xhrpass1", "Checking provided password");
+ break;
+
+ case 2:
+ is(username, "xhruser2", "Checking provided username");
+ is(password, "xhrpass2", "Checking provided password");
+
+ // Check that the dialog is modal, chrome and dependent;
+ // We can't just check window.opener because that'll be
+ // a content window, which therefore isn't exposed (it'll lie and
+ // be null).
+ var win = doc.defaultView;
+ var Ci = SpecialPowers.Ci;
+ var treeOwner = win.QueryInterface(Ci.nsIInterfaceRequestor).getInterface(Ci.nsIWebNavigation).
+ QueryInterface(Ci.nsIDocShellTreeItem).treeOwner;
+ treeOwner.QueryInterface(Ci.nsIInterfaceRequestor);
+ var flags = treeOwner.getInterface(Ci.nsIXULWindow).chromeFlags;
+ var wbc = treeOwner.getInterface(Ci.nsIWebBrowserChrome);
+ info("Flags: " + flags);
+ ok((flags & Ci.nsIWebBrowserChrome.CHROME_OPENAS_CHROME) != 0,
+ "Dialog should be opened as chrome");
+ ok((flags & Ci.nsIWebBrowserChrome.CHROME_OPENAS_DIALOG) != 0,
+ "Dialog should be opened as a dialog");
+ ok((flags & Ci.nsIWebBrowserChrome.CHROME_DEPENDENT) != 0,
+ "Dialog should be opened as dependent.");
+ ok(wbc.isWindowModal(), "Dialog should be modal");
+
+ // Check that the right tab is focused:
+ var browserWin = SpecialPowers.Services.wm.getMostRecentWindow("navigator:browser");
+ var spec = browserWin.gBrowser.selectedBrowser.currentURI.spec;
+ ok(spec.startsWith("http://mochi.test:8888"),
+ "Tab with remote URI (rather than about:blank) should be focused (" + spec + ")");
+
+
+ break;
+
+ default:
+ ok(false, "Uhh, unhandled switch for testNum #" + testNum);
+ break;
+ }
+
+ // Explicitly cancel the dialog and report a fail in this failure
+ // case, rather than letting the dialog get stuck due to an auth
+ // failure and having the test timeout.
+ if (!username && !password) {
+ ok(false, "No values prefilled");
+ clickOK = false;
+ }
+
+ if (clickOK)
+ dialog.acceptDialog();
+ else
+ dialog.cancelDialog();
+
+ ok(true, "handleDialog done");
+ didDialog = true;
+}
+
+var newWin;
+function xhrLoad(xmlDoc) {
+ ok(true, "xhrLoad running for test " + testNum);
+
+ // The server echos back the user/pass it received.
+ var username = xmlDoc.getElementById("user").textContent;
+ var password = xmlDoc.getElementById("pass").textContent;
+ var authok = xmlDoc.getElementById("ok").textContent;
+
+
+ switch (testNum) {
+ case 1:
+ is(username, "xhruser1", "Checking provided username");
+ is(password, "xhrpass1", "Checking provided password");
+ break;
+
+ case 2:
+ is(username, "xhruser2", "Checking provided username");
+ is(password, "xhrpass2", "Checking provided password");
+
+ newWin.close();
+ break;
+
+ default:
+ ok(false, "Uhh, unhandled switch for testNum #" + testNum);
+ break;
+ }
+
+ doTest();
+}
+
+function doTest() {
+ switch (++testNum) {
+ case 1:
+ startCallbackTimer();
+ makeRequest("authenticate.sjs?user=xhruser1&pass=xhrpass1&realm=xhr");
+ break;
+
+ case 2:
+ // Test correct parenting, by opening another tab in the foreground,
+ // and making sure the prompt re-focuses the original tab when shown:
+ newWin = window.open();
+ newWin.focus();
+ startCallbackTimer();
+ makeRequest("authenticate.sjs?user=xhruser2&pass=xhrpass2&realm=xhr2");
+ break;
+
+ default:
+ finishTest();
+ }
+}
+
+function makeRequest(uri) {
+ var request = new XMLHttpRequest();
+ request.open("GET", uri, true);
+ request.onreadystatechange = function () {
+ if (request.readyState == 4)
+ xhrLoad(request.responseXML);
+ };
+ request.send(null);
+}
+
+
+initLogins();
+
+// clear plain HTTP auth sessions before the test, to allow
+// running them more than once.
+var authMgr = SpecialPowers.Cc['@mozilla.org/network/http-auth-manager;1']
+ .getService(SpecialPowers.Ci.nsIHttpAuthManager);
+authMgr.clearAll();
+
+// start the tests
+testNum = 0;
+doTest();
+
+SimpleTest.waitForExplicitFinish();
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/test_xml_load.html b/toolkit/components/passwordmgr/test/test_xml_load.html
new file mode 100644
index 000000000..5672c7117
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/test_xml_load.html
@@ -0,0 +1,191 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title>Test XML document prompts</title>
+ <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <script type="text/javascript" src="pwmgr_common.js"></script>
+ <script type="text/javascript" src="prompt_common.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+Login Manager test: XML prompt
+<p id="display"></p>
+
+<div id="content" style="display: none">
+ <iframe id="iframe"></iframe>
+</div>
+
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Login Manager: XML prompts. **/
+var pwmgr, login1, login2;
+
+function initLogins() {
+ pwmgr = SpecialPowers.Cc["@mozilla.org/login-manager;1"]
+ .getService(Ci.nsILoginManager);
+
+ login1 = SpecialPowers.Cc["@mozilla.org/login-manager/loginInfo;1"]
+ .createInstance(Ci.nsILoginInfo);
+ login2 = SpecialPowers.Cc["@mozilla.org/login-manager/loginInfo;1"]
+ .createInstance(Ci.nsILoginInfo);
+
+ login1.init("http://mochi.test:8888", null, "xml",
+ "xmluser1", "xmlpass1", "", "");
+ login2.init("http://mochi.test:8888", null, "xml2",
+ "xmluser2", "xmlpass2", "", "");
+
+ pwmgr.addLogin(login1);
+ pwmgr.addLogin(login2);
+}
+
+function handleDialog(doc, testNum) {
+ ok(true, "handleDialog running for test " + testNum);
+
+ var clickOK = true;
+ var userfield = doc.getElementById("loginTextbox");
+ var passfield = doc.getElementById("password1Textbox");
+ var username = userfield.getAttribute("value");
+ var password = passfield.getAttribute("value");
+ var dialog = doc.getElementById("commonDialog");
+
+ switch (testNum) {
+ case 1:
+ is(username, "xmluser1", "Checking provided username");
+ is(password, "xmlpass1", "Checking provided password");
+ break;
+
+ case 2:
+ is(username, "xmluser2", "Checking provided username");
+ is(password, "xmlpass2", "Checking provided password");
+
+ // Check that the dialog is modal, chrome and dependent;
+ // We can't just check window.opener because that'll be
+ // a content window, which therefore isn't exposed (it'll lie and
+ // be null).
+ var win = doc.defaultView;
+ var Ci = SpecialPowers.Ci;
+ var treeOwner = win.QueryInterface(Ci.nsIInterfaceRequestor).getInterface(Ci.nsIWebNavigation).
+ QueryInterface(Ci.nsIDocShellTreeItem).treeOwner;
+ treeOwner.QueryInterface(Ci.nsIInterfaceRequestor);
+ var flags = treeOwner.getInterface(Ci.nsIXULWindow).chromeFlags;
+ var wbc = treeOwner.getInterface(Ci.nsIWebBrowserChrome);
+ info("Flags: " + flags);
+ ok((flags & Ci.nsIWebBrowserChrome.CHROME_OPENAS_CHROME) != 0,
+ "Dialog should be opened as chrome");
+ ok((flags & Ci.nsIWebBrowserChrome.CHROME_OPENAS_DIALOG) != 0,
+ "Dialog should be opened as a dialog");
+ ok((flags & Ci.nsIWebBrowserChrome.CHROME_DEPENDENT) != 0,
+ "Dialog should be opened as dependent.");
+ ok(wbc.isWindowModal(), "Dialog should be modal");
+
+ // Check that the right tab is focused:
+ var browserWin = SpecialPowers.Services.wm.getMostRecentWindow("navigator:browser");
+ var spec = browserWin.gBrowser.selectedBrowser.currentURI.spec;
+ ok(spec.startsWith("http://mochi.test:8888"),
+ "Tab with remote URI (rather than about:blank) should be focused (" + spec + ")");
+
+ break;
+
+ default:
+ ok(false, "Uhh, unhandled switch for testNum #" + testNum);
+ break;
+ }
+
+ // Explicitly cancel the dialog and report a fail in this failure
+ // case, rather than letting the dialog get stuck due to an auth
+ // failure and having the test timeout.
+ if (!username && !password) {
+ ok(false, "No values prefilled");
+ clickOK = false;
+ }
+
+ if (clickOK)
+ dialog.acceptDialog();
+ else
+ dialog.cancelDialog();
+
+ ok(true, "handleDialog done");
+ didDialog = true;
+}
+
+var newWin;
+function xmlLoad(responseDoc) {
+ ok(true, "xmlLoad running for test " + testNum);
+
+ // The server echos back the user/pass it received.
+ var username = responseDoc.getElementById("user").textContent;
+ var password = responseDoc.getElementById("pass").textContent;
+ var authok = responseDoc.getElementById("ok").textContent;
+
+ switch (testNum) {
+ case 1:
+ is(username, "xmluser1", "Checking provided username");
+ is(password, "xmlpass1", "Checking provided password");
+ break;
+
+ case 2:
+ is(username, "xmluser2", "Checking provided username");
+ is(password, "xmlpass2", "Checking provided password");
+
+ newWin.close();
+ break;
+
+ default:
+ ok(false, "Uhh, unhandled switch for testNum #" + testNum);
+ break;
+ }
+
+ doTest();
+}
+
+function doTest() {
+ switch (++testNum) {
+ case 1:
+ startCallbackTimer();
+ makeRequest("authenticate.sjs?user=xmluser1&pass=xmlpass1&realm=xml");
+ break;
+
+ case 2:
+ // Test correct parenting, by opening another tab in the foreground,
+ // and making sure the prompt re-focuses the original tab when shown:
+ newWin = window.open();
+ newWin.focus();
+ startCallbackTimer();
+ makeRequest("authenticate.sjs?user=xmluser2&pass=xmlpass2&realm=xml2");
+ break;
+
+ default:
+ SimpleTest.finish();
+ }
+}
+
+function makeRequest(uri) {
+ var xmlDoc = document.implementation.createDocument("", "test", null);
+
+ function documentLoaded(e) {
+ xmlLoad(xmlDoc);
+ }
+ xmlDoc.addEventListener("load", documentLoaded, false);
+ xmlDoc.load(uri);
+}
+
+
+initLogins();
+
+// clear plain HTTP auth sessions before the test, to allow
+// running them more than once.
+var authMgr = SpecialPowers.Cc['@mozilla.org/network/http-auth-manager;1']
+ .getService(SpecialPowers.Ci.nsIHttpAuthManager);
+authMgr.clearAll();
+
+// start the tests
+testNum = 0;
+doTest();
+
+SimpleTest.waitForExplicitFinish();
+</script>
+</pre>
+</body>
+</html>
diff --git a/toolkit/components/passwordmgr/test/unit/.eslintrc.js b/toolkit/components/passwordmgr/test/unit/.eslintrc.js
new file mode 100644
index 000000000..d35787cd2
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/.eslintrc.js
@@ -0,0 +1,7 @@
+"use strict";
+
+module.exports = {
+ "extends": [
+ "../../../../../testing/xpcshell/xpcshell.eslintrc.js"
+ ]
+};
diff --git a/toolkit/components/passwordmgr/test/unit/data/corruptDB.sqlite b/toolkit/components/passwordmgr/test/unit/data/corruptDB.sqlite
new file mode 100644
index 000000000..b234246ca
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/corruptDB.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/key3.db b/toolkit/components/passwordmgr/test/unit/data/key3.db
new file mode 100644
index 000000000..a83a0a577
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/key3.db
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v1.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v1.sqlite
new file mode 100644
index 000000000..fe030b61f
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v1.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v1v2.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v1v2.sqlite
new file mode 100644
index 000000000..729512a12
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v1v2.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v2.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v2.sqlite
new file mode 100644
index 000000000..a6c72b31e
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v2.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v2v3.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v2v3.sqlite
new file mode 100644
index 000000000..359df5d31
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v2v3.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v3.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v3.sqlite
new file mode 100644
index 000000000..918f4142f
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v3.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v3v4.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v3v4.sqlite
new file mode 100644
index 000000000..e06c33aae
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v3v4.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v4.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v4.sqlite
new file mode 100644
index 000000000..227c09c81
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v4.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v4v5.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v4v5.sqlite
new file mode 100644
index 000000000..4534cf255
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v4v5.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v5v6.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v5v6.sqlite
new file mode 100644
index 000000000..eb4ee6d01
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v5v6.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v999-2.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v999-2.sqlite
new file mode 100644
index 000000000..e09c4f710
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v999-2.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v999.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v999.sqlite
new file mode 100644
index 000000000..0328a1a02
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/data/signons-v999.sqlite
Binary files differ
diff --git a/toolkit/components/passwordmgr/test/unit/head.js b/toolkit/components/passwordmgr/test/unit/head.js
new file mode 100644
index 000000000..baf958ab4
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/head.js
@@ -0,0 +1,135 @@
+/**
+ * Provides infrastructure for automated login components tests.
+ */
+
+"use strict";
+
+// Globals
+
+let { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components;
+
+Cu.import("resource://gre/modules/XPCOMUtils.jsm");
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/LoginRecipes.jsm");
+Cu.import("resource://gre/modules/LoginHelper.jsm");
+Cu.import("resource://testing-common/MockDocument.jsm");
+
+XPCOMUtils.defineLazyModuleGetter(this, "DownloadPaths",
+ "resource://gre/modules/DownloadPaths.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "FileUtils",
+ "resource://gre/modules/FileUtils.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "OS",
+ "resource://gre/modules/osfile.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "Promise",
+ "resource://gre/modules/Promise.jsm");
+
+const LoginInfo =
+ Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ "nsILoginInfo", "init");
+
+// Import LoginTestUtils.jsm as LoginTestUtils.
+XPCOMUtils.defineLazyModuleGetter(this, "LoginTestUtils",
+ "resource://testing-common/LoginTestUtils.jsm");
+LoginTestUtils.Assert = Assert;
+const TestData = LoginTestUtils.testData;
+const newPropertyBag = LoginHelper.newPropertyBag;
+
+/**
+ * All the tests are implemented with add_task, this starts them automatically.
+ */
+function run_test()
+{
+ do_get_profile();
+ run_next_test();
+}
+
+// Global helpers
+
+// Some of these functions are already implemented in other parts of the source
+// tree, see bug 946708 about sharing more code.
+
+// While the previous test file should have deleted all the temporary files it
+// used, on Windows these might still be pending deletion on the physical file
+// system. Thus, start from a new base number every time, to make a collision
+// with a file that is still pending deletion highly unlikely.
+let gFileCounter = Math.floor(Math.random() * 1000000);
+
+/**
+ * Returns a reference to a temporary file, that is guaranteed not to exist, and
+ * to have never been created before.
+ *
+ * @param aLeafName
+ * Suggested leaf name for the file to be created.
+ *
+ * @return nsIFile pointing to a non-existent file in a temporary directory.
+ *
+ * @note It is not enough to delete the file if it exists, or to delete the file
+ * after calling nsIFile.createUnique, because on Windows the delete
+ * operation in the file system may still be pending, preventing a new
+ * file with the same name to be created.
+ */
+function getTempFile(aLeafName)
+{
+ // Prepend a serial number to the extension in the suggested leaf name.
+ let [base, ext] = DownloadPaths.splitBaseNameAndExtension(aLeafName);
+ let leafName = base + "-" + gFileCounter + ext;
+ gFileCounter++;
+
+ // Get a file reference under the temporary directory for this test file.
+ let file = FileUtils.getFile("TmpD", [leafName]);
+ do_check_false(file.exists());
+
+ do_register_cleanup(function () {
+ if (file.exists()) {
+ file.remove(false);
+ }
+ });
+
+ return file;
+}
+
+const RecipeHelpers = {
+ initNewParent() {
+ return (new LoginRecipesParent({ defaults: null })).initializationPromise;
+ },
+};
+
+// Initialization functions common to all tests
+
+add_task(function* test_common_initialize()
+{
+ // Before initializing the service for the first time, we should copy the key
+ // file required to decrypt the logins contained in the SQLite databases used
+ // by migration tests. This file is not required for the other tests.
+ yield OS.File.copy(do_get_file("data/key3.db").path,
+ OS.Path.join(OS.Constants.Path.profileDir, "key3.db"));
+
+ // Ensure that the service and the storage module are initialized.
+ yield Services.logins.initializationPromise;
+
+ // Ensure that every test file starts with an empty database.
+ LoginTestUtils.clearData();
+
+ // Clean up after every test.
+ do_register_cleanup(() => LoginTestUtils.clearData());
+});
+
+/**
+ * Compare two FormLike to see if they represent the same information. Elements
+ * are compared using their @id attribute.
+ */
+function formLikeEqual(a, b) {
+ Assert.strictEqual(Object.keys(a).length, Object.keys(b).length,
+ "Check the formLikes have the same number of properties");
+
+ for (let propName of Object.keys(a)) {
+ if (propName == "elements") {
+ Assert.strictEqual(a.elements.length, b.elements.length, "Check element count");
+ for (let i = 0; i < a.elements.length; i++) {
+ Assert.strictEqual(a.elements[i].id, b.elements[i].id, "Check element " + i + " id");
+ }
+ continue;
+ }
+ Assert.strictEqual(a[propName], b[propName], "Compare formLike " + propName + " property");
+ }
+}
diff --git a/toolkit/components/passwordmgr/test/unit/test_OSCrypto_win.js b/toolkit/components/passwordmgr/test/unit/test_OSCrypto_win.js
new file mode 100644
index 000000000..94d2e50c0
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_OSCrypto_win.js
@@ -0,0 +1,75 @@
+/**
+ * Tests the OSCrypto object.
+ */
+
+"use strict";
+
+// Globals
+
+XPCOMUtils.defineLazyModuleGetter(this, "OSCrypto",
+ "resource://gre/modules/OSCrypto.jsm");
+
+var crypto = new OSCrypto();
+
+// Tests
+
+add_task(function test_getIELoginHash()
+{
+ do_check_eq(crypto.getIELoginHash("https://bugzilla.mozilla.org/page.cgi"),
+ "4A66FE96607885790F8E67B56EEE52AB539BAFB47D");
+
+ do_check_eq(crypto.getIELoginHash("https://github.com/login"),
+ "0112F7DCE67B8579EA01367678AA44AB9868B5A143");
+
+ do_check_eq(crypto.getIELoginHash("https://login.live.com/login.srf"),
+ "FBF92E5D804C82717A57856533B779676D92903688");
+
+ do_check_eq(crypto.getIELoginHash("https://preview.c9.io/riadh/w1/pass.1.html"),
+ "6935CF27628830605927F86AB53831016FC8973D1A");
+
+
+ do_check_eq(crypto.getIELoginHash("https://reviewboard.mozilla.org/account/login/"),
+ "09141FD287E2E59A8B1D3BB5671537FD3D6B61337A");
+
+ do_check_eq(crypto.getIELoginHash("https://www.facebook.com/"),
+ "EF44D3E034009CB0FD1B1D81A1FF3F3335213BD796");
+
+});
+
+add_task(function test_decryptData_encryptData()
+{
+ function decryptEncryptTest(key) {
+ do_check_eq(crypto.decryptData(crypto.encryptData("", key), key),
+ "");
+
+ do_check_eq(crypto.decryptData(crypto.encryptData("secret", key), key),
+ "secret");
+
+ do_check_eq(crypto.decryptData(crypto.encryptData("https://www.mozilla.org", key),
+ key),
+ "https://www.mozilla.org");
+
+ do_check_eq(crypto.decryptData(crypto.encryptData("https://reviewboard.mozilla.org", key),
+ key),
+ "https://reviewboard.mozilla.org");
+
+ do_check_eq(crypto.decryptData(crypto.encryptData("https://bugzilla.mozilla.org/page.cgi",
+ key),
+ key),
+ "https://bugzilla.mozilla.org/page.cgi");
+ }
+
+ let keys = [null, "a", "keys", "abcdedf", "pass", "https://bugzilla.mozilla.org/page.cgi",
+ "https://login.live.com/login.srf"];
+ for (let key of keys) {
+ decryptEncryptTest(key);
+ }
+ let url = "https://twitter.com/";
+ let value = [1, 0, 0, 0, 208, 140, 157, 223, 1, 21, 209, 17, 140, 122, 0, 192, 79, 194, 151, 235, 1, 0, 0, 0, 254, 58, 230, 75, 132, 228, 181, 79, 184, 160, 37, 106, 201, 29, 42, 152, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 16, 102, 0, 0, 0, 1, 0, 0, 32, 0, 0, 0, 90, 136, 17, 124, 122, 57, 178, 24, 34, 86, 209, 198, 184, 107, 58, 58, 32, 98, 61, 239, 129, 101, 56, 239, 114, 159, 139, 165, 183, 40, 183, 85, 0, 0, 0, 0, 14, 128, 0, 0, 0, 2, 0, 0, 32, 0, 0, 0, 147, 170, 34, 21, 53, 227, 191, 6, 201, 84, 106, 31, 57, 227, 46, 127, 219, 199, 80, 142, 37, 104, 112, 223, 26, 165, 223, 55, 176, 89, 55, 37, 112, 0, 0, 0, 98, 70, 221, 109, 5, 152, 46, 11, 190, 213, 226, 58, 244, 20, 180, 217, 63, 155, 227, 132, 7, 151, 235, 6, 37, 232, 176, 182, 141, 191, 251, 50, 20, 123, 53, 11, 247, 233, 112, 121, 130, 27, 168, 68, 92, 144, 192, 7, 12, 239, 53, 217, 253, 155, 54, 109, 236, 216, 225, 245, 79, 234, 165, 225, 104, 36, 77, 13, 195, 237, 143, 165, 100, 107, 230, 70, 54, 19, 179, 35, 8, 101, 93, 202, 121, 210, 222, 28, 93, 122, 36, 84, 185, 249, 238, 3, 102, 149, 248, 94, 137, 16, 192, 22, 251, 220, 22, 223, 16, 58, 104, 187, 64, 0, 0, 0, 70, 72, 15, 119, 144, 66, 117, 203, 190, 82, 131, 46, 111, 130, 238, 191, 170, 63, 186, 117, 46, 88, 171, 3, 94, 146, 75, 86, 243, 159, 63, 195, 149, 25, 105, 141, 42, 217, 108, 18, 63, 62, 98, 182, 241, 195, 12, 216, 152, 230, 176, 253, 202, 129, 41, 185, 135, 111, 226, 92, 27, 78, 27, 198];
+
+ let arr1 = crypto.arrayToString(value);
+ let arr2 = crypto.stringToArray(crypto.decryptData(crypto.encryptData(arr1, url), url));
+ for (let i = 0; i < arr1.length; i++) {
+ do_check_eq(arr2[i], value[i]);
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_context_menu.js b/toolkit/components/passwordmgr/test/unit/test_context_menu.js
new file mode 100644
index 000000000..722c13e15
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_context_menu.js
@@ -0,0 +1,165 @@
+/*
+ * Test the password manager context menu.
+ */
+
+"use strict";
+
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/LoginManagerContextMenu.jsm");
+
+XPCOMUtils.defineLazyGetter(this, "_stringBundle", function() {
+ return Services.strings.
+ createBundle("chrome://passwordmgr/locale/passwordmgr.properties");
+});
+
+/**
+ * Prepare data for the following tests.
+ */
+add_task(function* test_initialize() {
+ for (let login of loginList()) {
+ Services.logins.addLogin(login);
+ }
+});
+
+/**
+ * Tests if the LoginManagerContextMenu returns the correct login items.
+ */
+add_task(function* test_contextMenuAddAndRemoveLogins() {
+ const DOCUMENT_CONTENT = "<form><input id='pw' type=password></form>";
+ const INPUT_QUERY = "input[type='password']";
+
+ let testHostnames = [
+ "http://www.example.com",
+ "http://www2.example.com",
+ "http://www3.example.com",
+ "http://empty.example.com",
+ ];
+
+ for (let hostname of testHostnames) {
+ do_print("test for hostname: " + hostname);
+ // Get expected logins for this test.
+ let logins = getExpectedLogins(hostname);
+
+ // Create the logins menuitems fragment.
+ let {fragment, document} = createLoginsFragment(hostname, DOCUMENT_CONTENT, INPUT_QUERY);
+
+ if (!logins.length) {
+ Assert.ok(fragment === null, "Null returned. No logins where found.");
+ continue;
+ }
+ let items = [...fragment.querySelectorAll("menuitem")];
+
+ // Check if the items are those expected to be listed.
+ Assert.ok(checkLoginItems(logins, items), "All expected logins found.");
+ document.body.appendChild(fragment);
+
+ // Try to clear the fragment.
+ LoginManagerContextMenu.clearLoginsFromMenu(document);
+ Assert.equal(fragment.querySelectorAll("menuitem").length, 0, "All items correctly cleared.");
+ }
+
+ Services.logins.removeAllLogins();
+});
+
+/**
+ * Create a fragment with a menuitem for each login.
+ */
+function createLoginsFragment(url, content, elementQuery) {
+ const CHROME_URL = "chrome://mock-chrome";
+
+ // Create a mock document.
+ let document = MockDocument.createTestDocument(CHROME_URL, content);
+ let inputElement = document.querySelector(elementQuery);
+ MockDocument.mockOwnerDocumentProperty(inputElement, document, url);
+
+ // We also need a simple mock Browser object for this test.
+ let browser = {
+ ownerDocument: document
+ };
+
+ let URI = Services.io.newURI(url, null, null);
+ return {
+ document,
+ fragment: LoginManagerContextMenu.addLoginsToMenu(inputElement, browser, URI),
+ };
+}
+
+/**
+ * Check if every login have it's corresponding menuitem.
+ * Duplicates and empty usernames have a date appended.
+ */
+function checkLoginItems(logins, items) {
+ function findDuplicates(unfilteredLoginList) {
+ var seen = new Set();
+ var duplicates = new Set();
+ for (let login of unfilteredLoginList) {
+ if (seen.has(login.username)) {
+ duplicates.add(login.username);
+ }
+ seen.add(login.username);
+ }
+ return duplicates;
+ }
+ let duplicates = findDuplicates(logins);
+
+ let dateAndTimeFormatter = new Intl.DateTimeFormat(undefined,
+ { day: "numeric", month: "short", year: "numeric" });
+ for (let login of logins) {
+ if (login.username && !duplicates.has(login.username)) {
+ // If login is not duplicate and we can't find an item for it, fail.
+ if (!items.find(item => item.label == login.username)) {
+ return false;
+ }
+ continue;
+ }
+
+ let meta = login.QueryInterface(Ci.nsILoginMetaInfo);
+ let time = dateAndTimeFormatter.format(new Date(meta.timePasswordChanged));
+ // If login is duplicate, check if we have a login item with appended date.
+ if (login.username && !items.find(item => item.label == login.username + " (" + time + ")")) {
+ return false;
+ }
+ // If login is empty, check if we have a login item with appended date.
+ if (!login.username &&
+ !items.find(item => item.label == _stringBundle.GetStringFromName("noUsername") + " (" + time + ")")) {
+ return false;
+ }
+ }
+ return true;
+}
+
+/**
+ * Gets the list of expected logins for a hostname.
+ */
+function getExpectedLogins(hostname) {
+ return Services.logins.getAllLogins().filter(entry => entry["hostname"] === hostname);
+}
+
+function loginList() {
+ return [
+ new LoginInfo("http://www.example.com", "http://www.example.com", null,
+ "username1", "password",
+ "form_field_username", "form_field_password"),
+
+ new LoginInfo("http://www.example.com", "http://www.example.com", null,
+ "username2", "password",
+ "form_field_username", "form_field_password"),
+
+ new LoginInfo("http://www2.example.com", "http://www.example.com", null,
+ "username", "password",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://www2.example.com", "http://www2.example.com", null,
+ "username", "password2",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://www2.example.com", "http://www2.example.com", null,
+ "username2", "password2",
+ "form_field_username", "form_field_password"),
+
+ new LoginInfo("http://www3.example.com", "http://www.example.com", null,
+ "", "password",
+ "form_field_username", "form_field_password"),
+ new LoginInfo("http://www3.example.com", "http://www3.example.com", null,
+ "", "password2",
+ "form_field_username", "form_field_password"),
+ ];
+}
diff --git a/toolkit/components/passwordmgr/test/unit/test_dedupeLogins.js b/toolkit/components/passwordmgr/test/unit/test_dedupeLogins.js
new file mode 100644
index 000000000..d688a6dbf
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_dedupeLogins.js
@@ -0,0 +1,284 @@
+/*
+ * Test LoginHelper.dedupeLogins
+ */
+
+"use strict";
+
+Cu.import("resource://gre/modules/LoginHelper.jsm");
+
+const DOMAIN1_HTTP_TO_HTTP_U1_P1 = TestData.formLogin({
+ timePasswordChanged: 3000,
+ timeLastUsed: 2000,
+});
+const DOMAIN1_HTTP_TO_HTTP_U1_P2 = TestData.formLogin({
+ password: "password two",
+});
+const DOMAIN1_HTTP_TO_HTTP_U2_P2 = TestData.formLogin({
+ password: "password two",
+ username: "username two",
+});
+const DOMAIN1_HTTPS_TO_HTTPS_U1_P1 = TestData.formLogin({
+ formSubmitURL: "http://www.example.com",
+ hostname: "https://www3.example.com",
+ timePasswordChanged: 4000,
+ timeLastUsed: 1000,
+});
+const DOMAIN1_HTTPS_TO_EMPTY_U1_P1 = TestData.formLogin({
+ formSubmitURL: "",
+ hostname: "https://www3.example.com",
+});
+const DOMAIN1_HTTPS_TO_EMPTYU_P1 = TestData.formLogin({
+ hostname: "https://www3.example.com",
+ username: "",
+});
+const DOMAIN1_HTTP_AUTH = TestData.authLogin({
+ hostname: "http://www3.example.com",
+});
+const DOMAIN1_HTTPS_AUTH = TestData.authLogin({
+ hostname: "https://www3.example.com",
+});
+
+
+add_task(function test_dedupeLogins() {
+ // [description, expectedOutput, dedupe arg. 0, dedupe arg 1, ...]
+ let testcases = [
+ [
+ "exact dupes",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ [], // force no resolveBy logic to test behavior of preferring the first..
+ ],
+ [
+ "default uniqueKeys is un + pw",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P2],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P2],
+ undefined,
+ [],
+ ],
+ [
+ "same usernames, different passwords, dedupe username only",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P2],
+ ["username"],
+ [],
+ ],
+ [
+ "same un+pw, different scheme",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ undefined,
+ [],
+ ],
+ [
+ "same un+pw, different scheme, reverse order",
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ [],
+ ],
+ [
+ "same un+pw, different scheme, include hostname",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ ["hostname", "username", "password"],
+ [],
+ ],
+ [
+ "empty username is not deduped with non-empty",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_EMPTYU_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_EMPTYU_P1],
+ undefined,
+ [],
+ ],
+ [
+ "empty username is deduped with same passwords",
+ [DOMAIN1_HTTPS_TO_EMPTYU_P1],
+ [DOMAIN1_HTTPS_TO_EMPTYU_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ ["password"],
+ [],
+ ],
+ [
+ "mix of form and HTTP auth",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_AUTH],
+ undefined,
+ [],
+ ],
+ ];
+
+ for (let tc of testcases) {
+ let description = tc.shift();
+ let expected = tc.shift();
+ let actual = LoginHelper.dedupeLogins(...tc);
+ Assert.strictEqual(actual.length, expected.length, `Check: ${description}`);
+ for (let [i, login] of expected.entries()) {
+ Assert.strictEqual(actual[i], login, `Check index ${i}`);
+ }
+ }
+});
+
+
+add_task(function* test_dedupeLogins_resolveBy() {
+ Assert.ok(DOMAIN1_HTTP_TO_HTTP_U1_P1.timeLastUsed > DOMAIN1_HTTPS_TO_HTTPS_U1_P1.timeLastUsed,
+ "Sanity check timeLastUsed difference");
+ Assert.ok(DOMAIN1_HTTP_TO_HTTP_U1_P1.timePasswordChanged < DOMAIN1_HTTPS_TO_HTTPS_U1_P1.timePasswordChanged,
+ "Sanity check timePasswordChanged difference");
+
+ let testcases = [
+ [
+ "default resolveBy is timeLastUsed",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ ],
+ [
+ "default resolveBy is timeLastUsed, reversed input",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ ],
+ [
+ "resolveBy timeLastUsed + timePasswordChanged",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ ["timeLastUsed", "timePasswordChanged"],
+ ],
+ [
+ "resolveBy timeLastUsed + timePasswordChanged, reversed input",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ undefined,
+ ["timeLastUsed", "timePasswordChanged"],
+ ],
+ [
+ "resolveBy timePasswordChanged",
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ ["timePasswordChanged"],
+ ],
+ [
+ "resolveBy timePasswordChanged, reversed",
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ undefined,
+ ["timePasswordChanged"],
+ ],
+ [
+ "resolveBy timePasswordChanged + timeLastUsed",
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ ["timePasswordChanged", "timeLastUsed"],
+ ],
+ [
+ "resolveBy timePasswordChanged + timeLastUsed, reversed",
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ undefined,
+ ["timePasswordChanged", "timeLastUsed"],
+ ],
+ [
+ "resolveBy scheme + timePasswordChanged, prefer HTTP",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ ["scheme", "timePasswordChanged"],
+ DOMAIN1_HTTP_TO_HTTP_U1_P1.hostname,
+ ],
+ [
+ "resolveBy scheme + timePasswordChanged, prefer HTTP, reversed input",
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ undefined,
+ ["scheme", "timePasswordChanged"],
+ DOMAIN1_HTTP_TO_HTTP_U1_P1.hostname,
+ ],
+ [
+ "resolveBy scheme + timePasswordChanged, prefer HTTPS",
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ ["scheme", "timePasswordChanged"],
+ DOMAIN1_HTTPS_TO_HTTPS_U1_P1.hostname,
+ ],
+ [
+ "resolveBy scheme + timePasswordChanged, prefer HTTPS, reversed input",
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ undefined,
+ ["scheme", "timePasswordChanged"],
+ DOMAIN1_HTTPS_TO_HTTPS_U1_P1.hostname,
+ ],
+ [
+ "resolveBy scheme HTTP auth",
+ [DOMAIN1_HTTPS_AUTH],
+ [DOMAIN1_HTTP_AUTH, DOMAIN1_HTTPS_AUTH],
+ undefined,
+ ["scheme"],
+ DOMAIN1_HTTPS_AUTH.hostname,
+ ],
+ [
+ "resolveBy scheme HTTP auth, reversed input",
+ [DOMAIN1_HTTPS_AUTH],
+ [DOMAIN1_HTTPS_AUTH, DOMAIN1_HTTP_AUTH],
+ undefined,
+ ["scheme"],
+ DOMAIN1_HTTPS_AUTH.hostname,
+ ],
+ [
+ "resolveBy scheme, empty form submit URL",
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1],
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTPS_TO_EMPTY_U1_P1],
+ undefined,
+ ["scheme"],
+ DOMAIN1_HTTPS_TO_HTTPS_U1_P1.hostname,
+ ],
+ ];
+
+ for (let tc of testcases) {
+ let description = tc.shift();
+ let expected = tc.shift();
+ let actual = LoginHelper.dedupeLogins(...tc);
+ Assert.strictEqual(actual.length, expected.length, `Check: ${description}`);
+ for (let [i, login] of expected.entries()) {
+ Assert.strictEqual(actual[i], login, `Check index ${i}`);
+ }
+ }
+
+});
+
+add_task(function* test_dedupeLogins_preferredOriginMissing() {
+ let testcases = [
+ [
+ "resolveBy scheme + timePasswordChanged, missing preferredOrigin",
+ /preferredOrigin/,
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ ["scheme", "timePasswordChanged"],
+ ],
+ [
+ "resolveBy timePasswordChanged + scheme, missing preferredOrigin",
+ /preferredOrigin/,
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ ["timePasswordChanged", "scheme"],
+ ],
+ [
+ "resolveBy scheme + timePasswordChanged, empty preferredOrigin",
+ /preferredOrigin/,
+ [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1],
+ undefined,
+ ["scheme", "timePasswordChanged"],
+ "",
+ ],
+ ];
+
+ for (let tc of testcases) {
+ let description = tc.shift();
+ let expectedException = tc.shift();
+ Assert.throws(() => {
+ LoginHelper.dedupeLogins(...tc);
+ }, expectedException, `Check: ${description}`);
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_disabled_hosts.js b/toolkit/components/passwordmgr/test/unit/test_disabled_hosts.js
new file mode 100644
index 000000000..ff3b7e868
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_disabled_hosts.js
@@ -0,0 +1,196 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests getLoginSavingEnabled, setLoginSavingEnabled, and getAllDisabledHosts.
+ */
+
+"use strict";
+
+// Tests
+
+/**
+ * Tests setLoginSavingEnabled and getAllDisabledHosts.
+ */
+add_task(function test_setLoginSavingEnabled_getAllDisabledHosts()
+{
+ // Add some disabled hosts, and verify that different schemes for the same
+ // domain are considered different hosts.
+ let hostname1 = "http://disabled1.example.com";
+ let hostname2 = "http://disabled2.example.com";
+ let hostname3 = "https://disabled2.example.com";
+ Services.logins.setLoginSavingEnabled(hostname1, false);
+ Services.logins.setLoginSavingEnabled(hostname2, false);
+ Services.logins.setLoginSavingEnabled(hostname3, false);
+
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ [hostname1, hostname2, hostname3]);
+
+ // Adding the same host twice should not result in an error.
+ Services.logins.setLoginSavingEnabled(hostname2, false);
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ [hostname1, hostname2, hostname3]);
+
+ // Removing a disabled host should work.
+ Services.logins.setLoginSavingEnabled(hostname2, true);
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ [hostname1, hostname3]);
+
+ // Removing the last disabled host should work.
+ Services.logins.setLoginSavingEnabled(hostname1, true);
+ Services.logins.setLoginSavingEnabled(hostname3, true);
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ []);
+});
+
+/**
+ * Tests setLoginSavingEnabled and getLoginSavingEnabled.
+ */
+add_task(function test_setLoginSavingEnabled_getLoginSavingEnabled()
+{
+ let hostname1 = "http://disabled.example.com";
+ let hostname2 = "https://disabled.example.com";
+
+ // Hosts should not be disabled by default.
+ do_check_true(Services.logins.getLoginSavingEnabled(hostname1));
+ do_check_true(Services.logins.getLoginSavingEnabled(hostname2));
+
+ // Test setting initial values.
+ Services.logins.setLoginSavingEnabled(hostname1, false);
+ Services.logins.setLoginSavingEnabled(hostname2, true);
+ do_check_false(Services.logins.getLoginSavingEnabled(hostname1));
+ do_check_true(Services.logins.getLoginSavingEnabled(hostname2));
+
+ // Test changing values.
+ Services.logins.setLoginSavingEnabled(hostname1, true);
+ Services.logins.setLoginSavingEnabled(hostname2, false);
+ do_check_true(Services.logins.getLoginSavingEnabled(hostname1));
+ do_check_false(Services.logins.getLoginSavingEnabled(hostname2));
+
+ // Clean up.
+ Services.logins.setLoginSavingEnabled(hostname2, true);
+});
+
+/**
+ * Tests setLoginSavingEnabled with invalid NUL characters in the hostname.
+ */
+add_task(function test_setLoginSavingEnabled_invalid_characters()
+{
+ let hostname = "http://null\0X.example.com";
+ Assert.throws(() => Services.logins.setLoginSavingEnabled(hostname, false),
+ /Invalid hostname/);
+
+ // Verify that no data was stored by the previous call.
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ []);
+});
+
+/**
+ * Tests different values of the "signon.rememberSignons" property.
+ */
+add_task(function test_rememberSignons()
+{
+ let hostname1 = "http://example.com";
+ let hostname2 = "http://localhost";
+
+ // The default value for the preference should be true.
+ do_check_true(Services.prefs.getBoolPref("signon.rememberSignons"));
+
+ // Hosts should not be disabled by default.
+ Services.logins.setLoginSavingEnabled(hostname1, false);
+ do_check_false(Services.logins.getLoginSavingEnabled(hostname1));
+ do_check_true(Services.logins.getLoginSavingEnabled(hostname2));
+
+ // Disable storage of saved passwords globally.
+ Services.prefs.setBoolPref("signon.rememberSignons", false);
+ do_register_cleanup(
+ () => Services.prefs.clearUserPref("signon.rememberSignons"));
+
+ // All hosts should now appear disabled.
+ do_check_false(Services.logins.getLoginSavingEnabled(hostname1));
+ do_check_false(Services.logins.getLoginSavingEnabled(hostname2));
+
+ // The list of disabled hosts should be unaltered.
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ [hostname1]);
+
+ // Changing values with the preference set should work.
+ Services.logins.setLoginSavingEnabled(hostname1, true);
+ Services.logins.setLoginSavingEnabled(hostname2, false);
+
+ // All hosts should still appear disabled.
+ do_check_false(Services.logins.getLoginSavingEnabled(hostname1));
+ do_check_false(Services.logins.getLoginSavingEnabled(hostname2));
+
+ // The list of disabled hosts should have been changed.
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ [hostname2]);
+
+ // Enable storage of saved passwords again.
+ Services.prefs.setBoolPref("signon.rememberSignons", true);
+
+ // Hosts should now appear enabled as requested.
+ do_check_true(Services.logins.getLoginSavingEnabled(hostname1));
+ do_check_false(Services.logins.getLoginSavingEnabled(hostname2));
+
+ // Clean up.
+ Services.logins.setLoginSavingEnabled(hostname2, true);
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ []);
+});
+
+/**
+ * Tests storing disabled hosts with non-ASCII characters where IDN is supported.
+ */
+add_task(function* test_storage_setLoginSavingEnabled_nonascii_IDN_is_supported()
+{
+ let hostname = "http://大.net";
+ let encoding = "http://xn--pss.net";
+
+ // Test adding disabled host with nonascii URL (http://大.net).
+ Services.logins.setLoginSavingEnabled(hostname, false);
+ yield* LoginTestUtils.reloadData();
+ Assert.equal(Services.logins.getLoginSavingEnabled(hostname), false);
+ Assert.equal(Services.logins.getLoginSavingEnabled(encoding), false);
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), [hostname]);
+
+ LoginTestUtils.clearData();
+
+ // Test adding disabled host with IDN ("http://xn--pss.net").
+ Services.logins.setLoginSavingEnabled(encoding, false);
+ yield* LoginTestUtils.reloadData();
+ Assert.equal(Services.logins.getLoginSavingEnabled(hostname), false);
+ Assert.equal(Services.logins.getLoginSavingEnabled(encoding), false);
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), [hostname]);
+
+ LoginTestUtils.clearData();
+});
+
+/**
+ * Tests storing disabled hosts with non-ASCII characters where IDN is not supported.
+ */
+add_task(function* test_storage_setLoginSavingEnabled_nonascii_IDN_not_supported()
+{
+ let hostname = "http://√.com";
+ let encoding = "http://xn--19g.com";
+
+ // Test adding disabled host with nonascii URL (http://√.com).
+ Services.logins.setLoginSavingEnabled(hostname, false);
+ yield* LoginTestUtils.reloadData();
+ Assert.equal(Services.logins.getLoginSavingEnabled(hostname), false);
+ Assert.equal(Services.logins.getLoginSavingEnabled(encoding), false);
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), [encoding]);
+
+ LoginTestUtils.clearData();
+
+ // Test adding disabled host with IDN ("http://xn--19g.com").
+ Services.logins.setLoginSavingEnabled(encoding, false);
+ yield* LoginTestUtils.reloadData();
+ Assert.equal(Services.logins.getLoginSavingEnabled(hostname), false);
+ Assert.equal(Services.logins.getLoginSavingEnabled(encoding), false);
+ LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), [encoding]);
+
+ LoginTestUtils.clearData();
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_getFormFields.js b/toolkit/components/passwordmgr/test/unit/test_getFormFields.js
new file mode 100644
index 000000000..46912ab8f
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_getFormFields.js
@@ -0,0 +1,147 @@
+/*
+ * Test for LoginManagerContent._getFormFields.
+ */
+
+"use strict";
+
+// Services.prefs.setBoolPref("signon.debug", true);
+
+Cu.importGlobalProperties(["URL"]);
+
+const LMCBackstagePass = Cu.import("resource://gre/modules/LoginManagerContent.jsm");
+const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass;
+const TESTCASES = [
+ {
+ description: "1 password field outside of a <form>",
+ document: `<input id="pw1" type=password>`,
+ returnedFieldIDs: [null, "pw1", null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "1 text field outside of a <form> without a password field",
+ document: `<input id="un1">`,
+ returnedFieldIDs: [null, null, null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "1 username & password field outside of a <form>",
+ document: `<input id="un1">
+ <input id="pw1" type=password>`,
+ returnedFieldIDs: ["un1", "pw1", null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "1 username & password field in a <form>",
+ document: `<form>
+ <input id="un1">
+ <input id="pw1" type=password>
+ </form>`,
+ returnedFieldIDs: ["un1", "pw1", null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "4 empty password fields outside of a <form>",
+ document: `<input id="pw1" type=password>
+ <input id="pw2" type=password>
+ <input id="pw3" type=password>
+ <input id="pw4" type=password>`,
+ returnedFieldIDs: [null, null, null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "4 password fields outside of a <form> (1 empty, 3 full) with skipEmpty",
+ document: `<input id="pw1" type=password>
+ <input id="pw2" type=password value="pass2">
+ <input id="pw3" type=password value="pass3">
+ <input id="pw4" type=password value="pass4">`,
+ returnedFieldIDs: [null, null, null],
+ skipEmptyFields: true,
+ },
+ {
+ description: "Form with 1 password field",
+ document: `<form><input id="pw1" type=password></form>`,
+ returnedFieldIDs: [null, "pw1", null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "Form with 2 password fields",
+ document: `<form><input id="pw1" type=password><input id='pw2' type=password></form>`,
+ returnedFieldIDs: [null, "pw1", null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "1 password field in a form, 1 outside (not processed)",
+ document: `<form><input id="pw1" type=password></form><input id="pw2" type=password>`,
+ returnedFieldIDs: [null, "pw1", null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "1 password field in a form, 1 text field outside (not processed)",
+ document: `<form><input id="pw1" type=password></form><input>`,
+ returnedFieldIDs: [null, "pw1", null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "1 text field in a form, 1 password field outside (not processed)",
+ document: `<form><input></form><input id="pw1" type=password>`,
+ returnedFieldIDs: [null, null, null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "2 password fields outside of a <form> with 1 linked via @form",
+ document: `<input id="pw1" type=password><input id="pw2" type=password form='form1'>
+ <form id="form1"></form>`,
+ returnedFieldIDs: [null, "pw1", null],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "2 password fields outside of a <form> with 1 linked via @form + skipEmpty",
+ document: `<input id="pw1" type=password><input id="pw2" type=password form="form1">
+ <form id="form1"></form>`,
+ returnedFieldIDs: [null, null, null],
+ skipEmptyFields: true,
+ },
+ {
+ description: "2 password fields outside of a <form> with 1 linked via @form + skipEmpty with 1 empty",
+ document: `<input id="pw1" type=password value="pass1"><input id="pw2" type=password form="form1">
+ <form id="form1"></form>`,
+ returnedFieldIDs: [null, "pw1", null],
+ skipEmptyFields: true,
+ },
+];
+
+for (let tc of TESTCASES) {
+ do_print("Sanity checking the testcase: " + tc.description);
+
+ (function() {
+ let testcase = tc;
+ add_task(function*() {
+ do_print("Starting testcase: " + testcase.description);
+ let document = MockDocument.createTestDocument("http://localhost:8080/test/",
+ testcase.document);
+
+ let input = document.querySelector("input");
+ MockDocument.mockOwnerDocumentProperty(input, document, "http://localhost:8080/test/");
+
+ let formLike = LoginFormFactory.createFromField(input);
+
+ let actual = LoginManagerContent._getFormFields(formLike,
+ testcase.skipEmptyFields,
+ new Set());
+
+ Assert.strictEqual(testcase.returnedFieldIDs.length, 3,
+ "_getFormFields returns 3 elements");
+
+ for (let i = 0; i < testcase.returnedFieldIDs.length; i++) {
+ let expectedID = testcase.returnedFieldIDs[i];
+ if (expectedID === null) {
+ Assert.strictEqual(actual[i], expectedID,
+ "Check returned field " + i + " is null");
+ } else {
+ Assert.strictEqual(actual[i].id, expectedID,
+ "Check returned field " + i + " ID");
+ }
+ }
+ });
+ })();
+}
diff --git a/toolkit/components/passwordmgr/test/unit/test_getPasswordFields.js b/toolkit/components/passwordmgr/test/unit/test_getPasswordFields.js
new file mode 100644
index 000000000..08fa422ab
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_getPasswordFields.js
@@ -0,0 +1,156 @@
+/*
+ * Test for LoginManagerContent._getPasswordFields using LoginFormFactory.
+ */
+
+"use strict";
+
+const LMCBackstagePass = Cu.import("resource://gre/modules/LoginManagerContent.jsm");
+const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass;
+const TESTCASES = [
+ {
+ description: "Empty document",
+ document: ``,
+ returnedFieldIDsByFormLike: [],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "Non-password input with no <form> present",
+ document: `<input>`,
+ // Only the IDs of password fields should be in this array
+ returnedFieldIDsByFormLike: [[]],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "1 password field outside of a <form>",
+ document: `<input id="pw1" type=password>`,
+ returnedFieldIDsByFormLike: [["pw1"]],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "4 empty password fields outside of a <form>",
+ document: `<input id="pw1" type=password>
+ <input id="pw2" type=password>
+ <input id="pw3" type=password>
+ <input id="pw4" type=password>`,
+ returnedFieldIDsByFormLike: [[]],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "4 password fields outside of a <form> (1 empty, 3 full) with skipEmpty",
+ document: `<input id="pw1" type=password>
+ <input id="pw2" type=password value="pass2">
+ <input id="pw3" type=password value="pass3">
+ <input id="pw4" type=password value="pass4">`,
+ returnedFieldIDsByFormLike: [["pw2", "pw3", "pw4"]],
+ skipEmptyFields: true,
+ },
+ {
+ description: "Form with 1 password field",
+ document: `<form><input id="pw1" type=password></form>`,
+ returnedFieldIDsByFormLike: [["pw1"]],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "Form with 2 password fields",
+ document: `<form><input id="pw1" type=password><input id='pw2' type=password></form>`,
+ returnedFieldIDsByFormLike: [["pw1", "pw2"]],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "1 password field in a form, 1 outside",
+ document: `<form><input id="pw1" type=password></form><input id="pw2" type=password>`,
+ returnedFieldIDsByFormLike: [["pw1"], ["pw2"]],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "2 password fields outside of a <form> with 1 linked via @form",
+ document: `<input id="pw1" type=password><input id="pw2" type=password form='form1'>
+ <form id="form1"></form>`,
+ returnedFieldIDsByFormLike: [["pw1"], ["pw2"]],
+ skipEmptyFields: undefined,
+ },
+ {
+ description: "2 password fields outside of a <form> with 1 linked via @form + skipEmpty",
+ document: `<input id="pw1" type=password><input id="pw2" type=password form="form1">
+ <form id="form1"></form>`,
+ returnedFieldIDsByFormLike: [[], []],
+ skipEmptyFields: true,
+ },
+ {
+ description: "skipEmptyFields should also skip white-space only fields",
+ document: `<input id="pw-space" type=password value=" ">
+ <input id="pw-tab" type=password value=" ">
+ <input id="pw-newline" type=password form="form1" value="
+">
+ <form id="form1"></form>`,
+ returnedFieldIDsByFormLike: [[], []],
+ skipEmptyFields: true,
+ },
+ {
+ description: "2 password fields outside of a <form> with 1 linked via @form + skipEmpty with 1 empty",
+ document: `<input id="pw1" type=password value=" pass1 "><input id="pw2" type=password form="form1">
+ <form id="form1"></form>`,
+ returnedFieldIDsByFormLike: [["pw1"], []],
+ skipEmptyFields: true,
+ },
+];
+
+for (let tc of TESTCASES) {
+ do_print("Sanity checking the testcase: " + tc.description);
+
+ (function() {
+ let testcase = tc;
+ add_task(function*() {
+ do_print("Starting testcase: " + testcase.description);
+ let document = MockDocument.createTestDocument("http://localhost:8080/test/",
+ testcase.document);
+
+ let mapRootElementToFormLike = new Map();
+ for (let input of document.querySelectorAll("input")) {
+ let formLike = LoginFormFactory.createFromField(input);
+ let existingFormLike = mapRootElementToFormLike.get(formLike.rootElement);
+ if (!existingFormLike) {
+ mapRootElementToFormLike.set(formLike.rootElement, formLike);
+ continue;
+ }
+
+ // If the formLike is already present, ensure that the properties are the same.
+ do_print("Checking if the new FormLike for the same root has the same properties");
+ formLikeEqual(formLike, existingFormLike);
+ }
+
+ Assert.strictEqual(mapRootElementToFormLike.size, testcase.returnedFieldIDsByFormLike.length,
+ "Check the correct number of different formLikes were returned");
+
+ let formLikeIndex = -1;
+ for (let formLikeFromInput of mapRootElementToFormLike.values()) {
+ formLikeIndex++;
+ let pwFields = LoginManagerContent._getPasswordFields(formLikeFromInput,
+ testcase.skipEmptyFields);
+
+ if (formLikeFromInput.rootElement instanceof Ci.nsIDOMHTMLFormElement) {
+ let formLikeFromForm = LoginFormFactory.createFromForm(formLikeFromInput.rootElement);
+ do_print("Checking that the FormLike created for the <form> matches" +
+ " the one from a password field");
+ formLikeEqual(formLikeFromInput, formLikeFromForm);
+ }
+
+
+ if (testcase.returnedFieldIDsByFormLike[formLikeIndex].length === 0) {
+ Assert.strictEqual(pwFields, null,
+ "If no password fields were found null should be returned");
+ } else {
+ Assert.strictEqual(pwFields.length,
+ testcase.returnedFieldIDsByFormLike[formLikeIndex].length,
+ "Check the # of password fields for formLike #" + formLikeIndex);
+ }
+
+ for (let i = 0; i < testcase.returnedFieldIDsByFormLike[formLikeIndex].length; i++) {
+ let expectedID = testcase.returnedFieldIDsByFormLike[formLikeIndex][i];
+ Assert.strictEqual(pwFields[i].element.id, expectedID,
+ "Check password field " + i + " ID");
+ }
+ }
+ });
+ })();
+}
diff --git a/toolkit/components/passwordmgr/test/unit/test_getPasswordOrigin.js b/toolkit/components/passwordmgr/test/unit/test_getPasswordOrigin.js
new file mode 100644
index 000000000..f2773ec62
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_getPasswordOrigin.js
@@ -0,0 +1,28 @@
+/*
+ * Test for LoginUtils._getPasswordOrigin
+ */
+
+"use strict";
+
+const LMCBackstagePass = Cu.import("resource://gre/modules/LoginManagerContent.jsm");
+const TESTCASES = [
+ ["javascript:void(0);", null],
+ ["javascript:void(0);", "javascript:", true],
+ ["chrome://MyAccount", null],
+ ["data:text/html,example", null],
+ ["http://username:password@example.com:80/foo?bar=baz#fragment", "http://example.com", true],
+ ["http://127.0.0.1:80/foo", "http://127.0.0.1"],
+ ["http://[::1]:80/foo", "http://[::1]"],
+ ["http://example.com:8080/foo", "http://example.com:8080"],
+ ["http://127.0.0.1:8080/foo", "http://127.0.0.1:8080", true],
+ ["http://[::1]:8080/foo", "http://[::1]:8080"],
+ ["https://example.com:443/foo", "https://example.com"],
+ ["https://[::1]:443/foo", "https://[::1]"],
+ ["https://[::1]:8443/foo", "https://[::1]:8443"],
+ ["ftp://username:password@[::1]:2121/foo", "ftp://[::1]:2121"],
+];
+
+for (let [input, expected, allowJS] of TESTCASES) {
+ let actual = LMCBackstagePass.LoginUtils._getPasswordOrigin(input, allowJS);
+ Assert.strictEqual(actual, expected, "Checking: " + input);
+}
diff --git a/toolkit/components/passwordmgr/test/unit/test_isOriginMatching.js b/toolkit/components/passwordmgr/test/unit/test_isOriginMatching.js
new file mode 100644
index 000000000..660910dff
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_isOriginMatching.js
@@ -0,0 +1,40 @@
+/*
+ * Test LoginHelper.isOriginMatching
+ */
+
+"use strict";
+
+Cu.import("resource://gre/modules/LoginHelper.jsm");
+
+add_task(function test_isOriginMatching() {
+ let testcases = [
+ // Index 0 holds the expected return value followed by arguments to isOriginMatching.
+ [true, "http://example.com", "http://example.com"],
+ [true, "http://example.com:8080", "http://example.com:8080"],
+ [true, "https://example.com", "https://example.com"],
+ [true, "https://example.com:8443", "https://example.com:8443"],
+ [false, "http://example.com", "http://mozilla.org"],
+ [false, "http://example.com", "http://example.com:8080"],
+ [false, "https://example.com", "http://example.com"],
+ [false, "https://example.com", "https://mozilla.org"],
+ [false, "http://example.com", "http://sub.example.com"],
+ [false, "https://example.com", "https://sub.example.com"],
+ [false, "http://example.com", "https://example.com:8443"],
+ [false, "http://example.com:8080", "http://example.com:8081"],
+ [false, "http://example.com", ""],
+ [false, "", "http://example.com"],
+ [true, "http://example.com", "https://example.com", { schemeUpgrades: true }],
+ [true, "https://example.com", "https://example.com", { schemeUpgrades: true }],
+ [true, "http://example.com:8080", "http://example.com:8080", { schemeUpgrades: true }],
+ [true, "https://example.com:8443", "https://example.com:8443", { schemeUpgrades: true }],
+ [false, "https://example.com", "http://example.com", { schemeUpgrades: true }], // downgrade
+ [false, "http://example.com:8080", "https://example.com", { schemeUpgrades: true }], // port mismatch
+ [false, "http://example.com", "https://example.com:8443", { schemeUpgrades: true }], // port mismatch
+ [false, "http://sub.example.com", "http://example.com", { schemeUpgrades: true }],
+ ];
+ for (let tc of testcases) {
+ let expected = tc.shift();
+ Assert.strictEqual(LoginHelper.isOriginMatching(...tc), expected,
+ "Check " + JSON.stringify(tc));
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_legacy_empty_formSubmitURL.js b/toolkit/components/passwordmgr/test/unit/test_legacy_empty_formSubmitURL.js
new file mode 100644
index 000000000..4e16aa267
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_legacy_empty_formSubmitURL.js
@@ -0,0 +1,107 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests the legacy case of a login store containing entries that have an empty
+ * string in the formSubmitURL field.
+ *
+ * In normal conditions, for the purpose of login autocomplete, HTML forms are
+ * identified using both the prePath of the URI on which they are located, and
+ * the prePath of the URI where the data will be submitted. This is represented
+ * by the hostname and formSubmitURL properties of the stored nsILoginInfo.
+ *
+ * When a new login for use in forms is saved (after the user replies to the
+ * password prompt), it is always stored with both the hostname and the
+ * formSubmitURL (that will be equal to the hostname when the form has no
+ * "action" attribute).
+ *
+ * When the same form is displayed again, the password is autocompleted. If
+ * there is another form on the same site that submits to a different site, it
+ * is considered a different form, so the password is not autocompleted, but a
+ * new password can be stored for the other form.
+ *
+ * However, the login database might contain data for an nsILoginInfo that has a
+ * valid hostname, but an empty formSubmitURL. This means that the login
+ * applies to all forms on the site, regardless of where they submit data to.
+ *
+ * A site can have at most one such login, and in case it is present, then it is
+ * not possible to store separate logins for forms on the same site that submit
+ * data to different sites.
+ *
+ * The only way to have such condition is to be using logins that were initially
+ * saved by a very old version of the browser, or because of data manually added
+ * by an extension in an old version.
+ */
+
+"use strict";
+
+// Tests
+
+/**
+ * Adds a login with an empty formSubmitURL, then it verifies that no other
+ * form logins can be added for the same host.
+ */
+add_task(function test_addLogin_wildcard()
+{
+ let loginInfo = TestData.formLogin({ hostname: "http://any.example.com",
+ formSubmitURL: "" });
+ Services.logins.addLogin(loginInfo);
+
+ // Normal form logins cannot be added anymore.
+ loginInfo = TestData.formLogin({ hostname: "http://any.example.com" });
+ Assert.throws(() => Services.logins.addLogin(loginInfo), /already exists/);
+
+ // Authentication logins can still be added.
+ loginInfo = TestData.authLogin({ hostname: "http://any.example.com" });
+ Services.logins.addLogin(loginInfo);
+
+ // Form logins can be added for other hosts.
+ loginInfo = TestData.formLogin({ hostname: "http://other.example.com" });
+ Services.logins.addLogin(loginInfo);
+});
+
+/**
+ * Verifies that findLogins, searchLogins, and countLogins include all logins
+ * that have an empty formSubmitURL in the store, even when a formSubmitURL is
+ * specified.
+ */
+add_task(function test_search_all_wildcard()
+{
+ // Search a given formSubmitURL on any host.
+ let matchData = newPropertyBag({ formSubmitURL: "http://www.example.com" });
+ do_check_eq(Services.logins.searchLogins({}, matchData).length, 2);
+
+ do_check_eq(Services.logins.findLogins({}, "", "http://www.example.com",
+ null).length, 2);
+
+ do_check_eq(Services.logins.countLogins("", "http://www.example.com",
+ null), 2);
+
+ // Restrict the search to one host.
+ matchData.setProperty("hostname", "http://any.example.com");
+ do_check_eq(Services.logins.searchLogins({}, matchData).length, 1);
+
+ do_check_eq(Services.logins.findLogins({}, "http://any.example.com",
+ "http://www.example.com",
+ null).length, 1);
+
+ do_check_eq(Services.logins.countLogins("http://any.example.com",
+ "http://www.example.com",
+ null), 1);
+});
+
+/**
+ * Verifies that specifying an empty string for formSubmitURL in searchLogins
+ * includes only logins that have an empty formSubmitURL in the store.
+ */
+add_task(function test_searchLogins_wildcard()
+{
+ let logins = Services.logins.searchLogins({},
+ newPropertyBag({ formSubmitURL: "" }));
+
+ let loginInfo = TestData.formLogin({ hostname: "http://any.example.com",
+ formSubmitURL: "" });
+ LoginTestUtils.assertLoginListsEqual(logins, [loginInfo]);
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_legacy_validation.js b/toolkit/components/passwordmgr/test/unit/test_legacy_validation.js
new file mode 100644
index 000000000..709bc9818
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_legacy_validation.js
@@ -0,0 +1,76 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests the legacy validation made when storing nsILoginInfo or disabled hosts.
+ *
+ * These rules exist because of limitations of the "signons.txt" storage file,
+ * that is not used anymore. They are still enforced by the Login Manager
+ * service, despite these values can now be safely stored in the back-end.
+ */
+
+"use strict";
+
+// Tests
+
+/**
+ * Tests legacy validation with addLogin.
+ */
+add_task(function test_addLogin_invalid_characters_legacy()
+{
+ // Test newlines and carriage returns in properties that contain URLs.
+ for (let testValue of ["http://newline\n.example.com",
+ "http://carriagereturn.example.com\r"]) {
+ let loginInfo = TestData.formLogin({ hostname: testValue });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /login values can't contain newlines/);
+
+ loginInfo = TestData.formLogin({ formSubmitURL: testValue });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /login values can't contain newlines/);
+
+ loginInfo = TestData.authLogin({ httpRealm: testValue });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /login values can't contain newlines/);
+ }
+
+ // Test newlines and carriage returns in form field names.
+ for (let testValue of ["newline_field\n", "carriagereturn\r_field"]) {
+ let loginInfo = TestData.formLogin({ usernameField: testValue });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /login values can't contain newlines/);
+
+ loginInfo = TestData.formLogin({ passwordField: testValue });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /login values can't contain newlines/);
+ }
+
+ // Test a single dot as the value of usernameField and formSubmitURL.
+ let loginInfo = TestData.formLogin({ usernameField: "." });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /login values can't be periods/);
+
+ loginInfo = TestData.formLogin({ formSubmitURL: "." });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /login values can't be periods/);
+
+ // Test the sequence " (" inside the value of the "hostname" property.
+ loginInfo = TestData.formLogin({ hostname: "http://parens (.example.com" });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /bad parens in hostname/);
+});
+
+/**
+ * Tests legacy validation with setLoginSavingEnabled.
+ */
+add_task(function test_setLoginSavingEnabled_invalid_characters_legacy()
+{
+ for (let hostname of ["http://newline\n.example.com",
+ "http://carriagereturn.example.com\r",
+ "."]) {
+ Assert.throws(() => Services.logins.setLoginSavingEnabled(hostname, false),
+ /Invalid hostname/);
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_change.js b/toolkit/components/passwordmgr/test/unit/test_logins_change.js
new file mode 100644
index 000000000..79c6d2f54
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_logins_change.js
@@ -0,0 +1,384 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests methods that add, remove, and modify logins.
+ */
+
+"use strict";
+
+// Globals
+
+/**
+ * Verifies that the specified login is considered invalid by addLogin and by
+ * modifyLogin with both nsILoginInfo and nsIPropertyBag arguments.
+ *
+ * This test requires that the login store is empty.
+ *
+ * @param aLoginInfo
+ * nsILoginInfo corresponding to an invalid login.
+ * @param aExpectedError
+ * This argument is passed to the "Assert.throws" test to determine which
+ * error is expected from the modification functions.
+ */
+function checkLoginInvalid(aLoginInfo, aExpectedError)
+{
+ // Try to add the new login, and verify that no data is stored.
+ Assert.throws(() => Services.logins.addLogin(aLoginInfo), aExpectedError);
+ LoginTestUtils.checkLogins([]);
+
+ // Add a login for the modification tests.
+ let testLogin = TestData.formLogin({ hostname: "http://modify.example.com" });
+ Services.logins.addLogin(testLogin);
+
+ // Try to modify the existing login using nsILoginInfo and nsIPropertyBag.
+ Assert.throws(() => Services.logins.modifyLogin(testLogin, aLoginInfo),
+ aExpectedError);
+ Assert.throws(() => Services.logins.modifyLogin(testLogin, newPropertyBag({
+ hostname: aLoginInfo.hostname,
+ formSubmitURL: aLoginInfo.formSubmitURL,
+ httpRealm: aLoginInfo.httpRealm,
+ username: aLoginInfo.username,
+ password: aLoginInfo.password,
+ usernameField: aLoginInfo.usernameField,
+ passwordField: aLoginInfo.passwordField,
+ })), aExpectedError);
+
+ // Verify that no data was stored by the previous calls.
+ LoginTestUtils.checkLogins([testLogin]);
+ Services.logins.removeLogin(testLogin);
+}
+
+/**
+ * Verifies that two objects are not the same instance
+ * but have equal attributes.
+ *
+ * @param {Object} objectA
+ * An object to compare.
+ *
+ * @param {Object} objectB
+ * Another object to compare.
+ *
+ * @param {string[]} attributes
+ * Attributes to compare.
+ *
+ * @return true if all passed attributes are equal for both objects, false otherwise.
+ */
+function compareAttributes(objectA, objectB, attributes) {
+ // If it's the same object, we want to return false.
+ if (objectA == objectB) {
+ return false;
+ }
+ return attributes.every(attr => objectA[attr] == objectB[attr]);
+}
+
+// Tests
+
+/**
+ * Tests that adding logins to the database works.
+ */
+add_task(function test_addLogin_removeLogin()
+{
+ // Each login from the test data should be valid and added to the list.
+ for (let loginInfo of TestData.loginList()) {
+ Services.logins.addLogin(loginInfo);
+ }
+ LoginTestUtils.checkLogins(TestData.loginList());
+
+ // Trying to add each login again should result in an error.
+ for (let loginInfo of TestData.loginList()) {
+ Assert.throws(() => Services.logins.addLogin(loginInfo), /already exists/);
+ }
+
+ // Removing each login should succeed.
+ for (let loginInfo of TestData.loginList()) {
+ Services.logins.removeLogin(loginInfo);
+ }
+
+ LoginTestUtils.checkLogins([]);
+});
+
+/**
+ * Tests invalid combinations of httpRealm and formSubmitURL.
+ *
+ * For an nsILoginInfo to be valid for storage, one of the two properties should
+ * be strictly equal to null, and the other must not be null or an empty string.
+ *
+ * The legacy case of an empty string in formSubmitURL and a null value in
+ * httpRealm is also supported for storage at the moment.
+ */
+add_task(function test_invalid_httpRealm_formSubmitURL()
+{
+ // httpRealm === null, formSubmitURL === null
+ checkLoginInvalid(TestData.formLogin({ formSubmitURL: null }),
+ /without a httpRealm or formSubmitURL/);
+
+ // httpRealm === "", formSubmitURL === null
+ checkLoginInvalid(TestData.authLogin({ httpRealm: "" }),
+ /without a httpRealm or formSubmitURL/);
+
+ // httpRealm === null, formSubmitURL === ""
+ // This is not enforced for now.
+ // checkLoginInvalid(TestData.formLogin({ formSubmitURL: "" }),
+ // /without a httpRealm or formSubmitURL/);
+
+ // httpRealm === "", formSubmitURL === ""
+ checkLoginInvalid(TestData.formLogin({ formSubmitURL: "", httpRealm: "" }),
+ /both a httpRealm and formSubmitURL/);
+
+ // !!httpRealm, !!formSubmitURL
+ checkLoginInvalid(TestData.formLogin({ httpRealm: "The HTTP Realm" }),
+ /both a httpRealm and formSubmitURL/);
+
+ // httpRealm === "", !!formSubmitURL
+ checkLoginInvalid(TestData.formLogin({ httpRealm: "" }),
+ /both a httpRealm and formSubmitURL/);
+
+ // !!httpRealm, formSubmitURL === ""
+ checkLoginInvalid(TestData.authLogin({ formSubmitURL: "" }),
+ /both a httpRealm and formSubmitURL/);
+});
+
+/**
+ * Tests null or empty values in required login properties.
+ */
+add_task(function test_missing_properties()
+{
+ checkLoginInvalid(TestData.formLogin({ hostname: null }),
+ /null or empty hostname/);
+
+ checkLoginInvalid(TestData.formLogin({ hostname: "" }),
+ /null or empty hostname/);
+
+ checkLoginInvalid(TestData.formLogin({ username: null }),
+ /null username/);
+
+ checkLoginInvalid(TestData.formLogin({ password: null }),
+ /null or empty password/);
+
+ checkLoginInvalid(TestData.formLogin({ password: "" }),
+ /null or empty password/);
+});
+
+/**
+ * Tests invalid NUL characters in nsILoginInfo properties.
+ */
+add_task(function test_invalid_characters()
+{
+ let loginList = [
+ TestData.authLogin({ hostname: "http://null\0X.example.com" }),
+ TestData.authLogin({ httpRealm: "realm\0" }),
+ TestData.formLogin({ formSubmitURL: "http://null\0X.example.com" }),
+ TestData.formLogin({ usernameField: "field\0_null" }),
+ TestData.formLogin({ usernameField: ".\0" }), // Special single dot case
+ TestData.formLogin({ passwordField: "field\0_null" }),
+ TestData.formLogin({ username: "user\0name" }),
+ TestData.formLogin({ password: "pass\0word" }),
+ ];
+ for (let loginInfo of loginList) {
+ checkLoginInvalid(loginInfo, /login values can't contain nulls/);
+ }
+});
+
+/**
+ * Tests removing a login that does not exists.
+ */
+add_task(function test_removeLogin_nonexisting()
+{
+ Assert.throws(() => Services.logins.removeLogin(TestData.formLogin()),
+ /No matching logins/);
+});
+
+/**
+ * Tests removing all logins at once.
+ */
+add_task(function test_removeAllLogins()
+{
+ for (let loginInfo of TestData.loginList()) {
+ Services.logins.addLogin(loginInfo);
+ }
+ Services.logins.removeAllLogins();
+ LoginTestUtils.checkLogins([]);
+
+ // The function should also work when there are no logins to delete.
+ Services.logins.removeAllLogins();
+});
+
+/**
+ * Tests the modifyLogin function with an nsILoginInfo argument.
+ */
+add_task(function test_modifyLogin_nsILoginInfo()
+{
+ let loginInfo = TestData.formLogin();
+ let updatedLoginInfo = TestData.formLogin({
+ username: "new username",
+ password: "new password",
+ usernameField: "new_form_field_username",
+ passwordField: "new_form_field_password",
+ });
+ let differentLoginInfo = TestData.authLogin();
+
+ // Trying to modify a login that does not exist should throw.
+ Assert.throws(() => Services.logins.modifyLogin(loginInfo, updatedLoginInfo),
+ /No matching logins/);
+
+ // Add the first form login, then modify it to match the second.
+ Services.logins.addLogin(loginInfo);
+ Services.logins.modifyLogin(loginInfo, updatedLoginInfo);
+
+ // The data should now match the second login.
+ LoginTestUtils.checkLogins([updatedLoginInfo]);
+ Assert.throws(() => Services.logins.modifyLogin(loginInfo, updatedLoginInfo),
+ /No matching logins/);
+
+ // The login can be changed to have a different type and hostname.
+ Services.logins.modifyLogin(updatedLoginInfo, differentLoginInfo);
+ LoginTestUtils.checkLogins([differentLoginInfo]);
+
+ // It is now possible to add a login with the old type and hostname.
+ Services.logins.addLogin(loginInfo);
+ LoginTestUtils.checkLogins([loginInfo, differentLoginInfo]);
+
+ // Modifying a login to match an existing one should not be possible.
+ Assert.throws(
+ () => Services.logins.modifyLogin(loginInfo, differentLoginInfo),
+ /already exists/);
+ LoginTestUtils.checkLogins([loginInfo, differentLoginInfo]);
+
+ LoginTestUtils.clearData();
+});
+
+/**
+ * Tests the modifyLogin function with an nsIPropertyBag argument.
+ */
+add_task(function test_modifyLogin_nsIProperyBag()
+{
+ let loginInfo = TestData.formLogin();
+ let updatedLoginInfo = TestData.formLogin({
+ username: "new username",
+ password: "new password",
+ usernameField: "",
+ passwordField: "new_form_field_password",
+ });
+ let differentLoginInfo = TestData.authLogin();
+ let differentLoginProperties = newPropertyBag({
+ hostname: differentLoginInfo.hostname,
+ formSubmitURL: differentLoginInfo.formSubmitURL,
+ httpRealm: differentLoginInfo.httpRealm,
+ username: differentLoginInfo.username,
+ password: differentLoginInfo.password,
+ usernameField: differentLoginInfo.usernameField,
+ passwordField: differentLoginInfo.passwordField,
+ });
+
+ // Trying to modify a login that does not exist should throw.
+ Assert.throws(() => Services.logins.modifyLogin(loginInfo, newPropertyBag()),
+ /No matching logins/);
+
+ // Add the first form login, then modify it to match the second, changing
+ // only some of its properties and checking the behavior with an empty string.
+ Services.logins.addLogin(loginInfo);
+ Services.logins.modifyLogin(loginInfo, newPropertyBag({
+ username: "new username",
+ password: "new password",
+ usernameField: "",
+ passwordField: "new_form_field_password",
+ }));
+
+ // The data should now match the second login.
+ LoginTestUtils.checkLogins([updatedLoginInfo]);
+ Assert.throws(() => Services.logins.modifyLogin(loginInfo, newPropertyBag()),
+ /No matching logins/);
+
+ // It is also possible to provide no properties to be modified.
+ Services.logins.modifyLogin(updatedLoginInfo, newPropertyBag());
+
+ // Specifying a null property for a required value should throw.
+ Assert.throws(() => Services.logins.modifyLogin(loginInfo, newPropertyBag({
+ usernameField: null,
+ })));
+
+ // The login can be changed to have a different type and hostname.
+ Services.logins.modifyLogin(updatedLoginInfo, differentLoginProperties);
+ LoginTestUtils.checkLogins([differentLoginInfo]);
+
+ // It is now possible to add a login with the old type and hostname.
+ Services.logins.addLogin(loginInfo);
+ LoginTestUtils.checkLogins([loginInfo, differentLoginInfo]);
+
+ // Modifying a login to match an existing one should not be possible.
+ Assert.throws(
+ () => Services.logins.modifyLogin(loginInfo, differentLoginProperties),
+ /already exists/);
+ LoginTestUtils.checkLogins([loginInfo, differentLoginInfo]);
+
+ LoginTestUtils.clearData();
+});
+
+/**
+ * Tests the login deduplication function.
+ */
+add_task(function test_deduplicate_logins() {
+ // Different key attributes combinations and the amount of unique
+ // results expected for the TestData login list.
+ let keyCombinations = [
+ {
+ keyset: ["username", "password"],
+ results: 13,
+ },
+ {
+ keyset: ["hostname", "username"],
+ results: 17,
+ },
+ {
+ keyset: ["hostname", "username", "password"],
+ results: 18,
+ },
+ {
+ keyset: ["hostname", "username", "password", "formSubmitURL"],
+ results: 23,
+ },
+ ];
+
+ let logins = TestData.loginList();
+
+ for (let testCase of keyCombinations) {
+ // Deduplicate the logins using the current testcase keyset.
+ let deduped = LoginHelper.dedupeLogins(logins, testCase.keyset);
+ Assert.equal(deduped.length, testCase.results, "Correct amount of results.");
+
+ // Checks that every login after deduping is unique.
+ Assert.ok(deduped.every(loginA =>
+ deduped.every(loginB => !compareAttributes(loginA, loginB, testCase.keyset))
+ ), "Every login is unique.");
+ }
+});
+
+/**
+ * Ensure that the login deduplication function keeps the most recent login.
+ */
+add_task(function test_deduplicate_keeps_most_recent() {
+ // Logins to deduplicate.
+ let logins = [
+ TestData.formLogin({timeLastUsed: Date.UTC(2004, 11, 4, 0, 0, 0)}),
+ TestData.formLogin({formSubmitURL: "http://example.com", timeLastUsed: Date.UTC(2015, 11, 4, 0, 0, 0)}),
+ ];
+
+ // Deduplicate the logins.
+ let deduped = LoginHelper.dedupeLogins(logins);
+ Assert.equal(deduped.length, 1, "Deduplicated the logins array.");
+
+ // Verify that the remaining login have the most recent date.
+ let loginTimeLastUsed = deduped[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed;
+ Assert.equal(loginTimeLastUsed, Date.UTC(2015, 11, 4, 0, 0, 0), "Most recent login was kept.");
+
+ // Deduplicate the reverse logins array.
+ deduped = LoginHelper.dedupeLogins(logins.reverse());
+ Assert.equal(deduped.length, 1, "Deduplicated the reversed logins array.");
+
+ // Verify that the remaining login have the most recent date.
+ loginTimeLastUsed = deduped[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed;
+ Assert.equal(loginTimeLastUsed, Date.UTC(2015, 11, 4, 0, 0, 0), "Most recent login was kept.");
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js b/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js
new file mode 100644
index 000000000..ffbedb4de
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js
@@ -0,0 +1,77 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests the case where there are logins that cannot be decrypted.
+ */
+
+"use strict";
+
+// Globals
+
+/**
+ * Resets the token used to decrypt logins. This is equivalent to resetting the
+ * master password when it is not known.
+ */
+function resetMasterPassword()
+{
+ let token = Cc["@mozilla.org/security/pk11tokendb;1"]
+ .getService(Ci.nsIPK11TokenDB).getInternalKeyToken();
+ token.reset();
+ token.changePassword("", "");
+}
+
+// Tests
+
+/**
+ * Resets the master password after some logins were added to the database.
+ */
+add_task(function test_logins_decrypt_failure()
+{
+ let logins = TestData.loginList();
+ for (let loginInfo of logins) {
+ Services.logins.addLogin(loginInfo);
+ }
+
+ // This makes the existing logins non-decryptable.
+ resetMasterPassword();
+
+ // These functions don't see the non-decryptable entries anymore.
+ do_check_eq(Services.logins.getAllLogins().length, 0);
+ do_check_eq(Services.logins.findLogins({}, "", "", "").length, 0);
+ do_check_eq(Services.logins.searchLogins({}, newPropertyBag()).length, 0);
+ Assert.throws(() => Services.logins.modifyLogin(logins[0], newPropertyBag()),
+ /No matching logins/);
+ Assert.throws(() => Services.logins.removeLogin(logins[0]),
+ /No matching logins/);
+
+ // The function that counts logins sees the non-decryptable entries also.
+ do_check_eq(Services.logins.countLogins("", "", ""), logins.length);
+
+ // Equivalent logins can be added.
+ for (let loginInfo of logins) {
+ Services.logins.addLogin(loginInfo);
+ }
+ LoginTestUtils.checkLogins(logins);
+ do_check_eq(Services.logins.countLogins("", "", ""), logins.length * 2);
+
+ // Finding logins doesn't return the non-decryptable duplicates.
+ do_check_eq(Services.logins.findLogins({}, "http://www.example.com",
+ "", "").length, 1);
+ let matchData = newPropertyBag({ hostname: "http://www.example.com" });
+ do_check_eq(Services.logins.searchLogins({}, matchData).length, 1);
+
+ // Removing single logins does not remove non-decryptable logins.
+ for (let loginInfo of TestData.loginList()) {
+ Services.logins.removeLogin(loginInfo);
+ }
+ do_check_eq(Services.logins.getAllLogins().length, 0);
+ do_check_eq(Services.logins.countLogins("", "", ""), logins.length);
+
+ // Removing all logins removes the non-decryptable entries also.
+ Services.logins.removeAllLogins();
+ do_check_eq(Services.logins.getAllLogins().length, 0);
+ do_check_eq(Services.logins.countLogins("", "", ""), 0);
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_metainfo.js b/toolkit/components/passwordmgr/test/unit/test_logins_metainfo.js
new file mode 100644
index 000000000..38344aa7d
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_logins_metainfo.js
@@ -0,0 +1,284 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests the handling of nsILoginMetaInfo by methods that add, remove, modify,
+ * and find logins.
+ */
+
+"use strict";
+
+// Globals
+
+XPCOMUtils.defineLazyServiceGetter(this, "gUUIDGenerator",
+ "@mozilla.org/uuid-generator;1",
+ "nsIUUIDGenerator");
+
+var gLooksLikeUUIDRegex = /^\{\w{8}-\w{4}-\w{4}-\w{4}-\w{12}\}$/;
+
+/**
+ * Retrieves the only login among the current data that matches the hostname of
+ * the given nsILoginInfo. In case there is more than one login for the
+ * hostname, the test fails.
+ */
+function retrieveLoginMatching(aLoginInfo)
+{
+ let logins = Services.logins.findLogins({}, aLoginInfo.hostname, "", "");
+ do_check_eq(logins.length, 1);
+ return logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+}
+
+/**
+ * Checks that the nsILoginInfo and nsILoginMetaInfo properties of two different
+ * login instances are equal.
+ */
+function assertMetaInfoEqual(aActual, aExpected)
+{
+ do_check_neq(aActual, aExpected);
+
+ // Check the nsILoginInfo properties.
+ do_check_true(aActual.equals(aExpected));
+
+ // Check the nsILoginMetaInfo properties.
+ do_check_eq(aActual.guid, aExpected.guid);
+ do_check_eq(aActual.timeCreated, aExpected.timeCreated);
+ do_check_eq(aActual.timeLastUsed, aExpected.timeLastUsed);
+ do_check_eq(aActual.timePasswordChanged, aExpected.timePasswordChanged);
+ do_check_eq(aActual.timesUsed, aExpected.timesUsed);
+}
+
+/**
+ * nsILoginInfo instances with or without nsILoginMetaInfo properties.
+ */
+var gLoginInfo1;
+var gLoginInfo2;
+var gLoginInfo3;
+
+/**
+ * nsILoginInfo instances reloaded with all the nsILoginMetaInfo properties.
+ * These are often used to provide the reference values to test against.
+ */
+var gLoginMetaInfo1;
+var gLoginMetaInfo2;
+var gLoginMetaInfo3;
+
+// Tests
+
+/**
+ * Prepare the test objects that will be used by the following tests.
+ */
+add_task(function test_initialize()
+{
+ // Use a reference time from ten minutes ago to initialize one instance of
+ // nsILoginMetaInfo, to test that reference times are updated when needed.
+ let baseTimeMs = Date.now() - 600000;
+
+ gLoginInfo1 = TestData.formLogin();
+ gLoginInfo2 = TestData.formLogin({
+ hostname: "http://other.example.com",
+ guid: gUUIDGenerator.generateUUID().toString(),
+ timeCreated: baseTimeMs,
+ timeLastUsed: baseTimeMs + 2,
+ timePasswordChanged: baseTimeMs + 1,
+ timesUsed: 2,
+ });
+ gLoginInfo3 = TestData.authLogin();
+});
+
+/**
+ * Tests the behavior of addLogin with regard to metadata. The logins added
+ * here are also used by the following tests.
+ */
+add_task(function test_addLogin_metainfo()
+{
+ // Add a login without metadata to the database.
+ Services.logins.addLogin(gLoginInfo1);
+
+ // The object provided to addLogin should not have been modified.
+ do_check_eq(gLoginInfo1.guid, null);
+ do_check_eq(gLoginInfo1.timeCreated, 0);
+ do_check_eq(gLoginInfo1.timeLastUsed, 0);
+ do_check_eq(gLoginInfo1.timePasswordChanged, 0);
+ do_check_eq(gLoginInfo1.timesUsed, 0);
+
+ // A login with valid metadata should have been stored.
+ gLoginMetaInfo1 = retrieveLoginMatching(gLoginInfo1);
+ do_check_true(gLooksLikeUUIDRegex.test(gLoginMetaInfo1.guid));
+ let creationTime = gLoginMetaInfo1.timeCreated;
+ LoginTestUtils.assertTimeIsAboutNow(creationTime);
+ do_check_eq(gLoginMetaInfo1.timeLastUsed, creationTime);
+ do_check_eq(gLoginMetaInfo1.timePasswordChanged, creationTime);
+ do_check_eq(gLoginMetaInfo1.timesUsed, 1);
+
+ // Add a login without metadata to the database.
+ let originalLogin = gLoginInfo2.clone().QueryInterface(Ci.nsILoginMetaInfo);
+ Services.logins.addLogin(gLoginInfo2);
+
+ // The object provided to addLogin should not have been modified.
+ assertMetaInfoEqual(gLoginInfo2, originalLogin);
+
+ // A login with the provided metadata should have been stored.
+ gLoginMetaInfo2 = retrieveLoginMatching(gLoginInfo2);
+ assertMetaInfoEqual(gLoginMetaInfo2, gLoginInfo2);
+
+ // Add an authentication login to the database before continuing.
+ Services.logins.addLogin(gLoginInfo3);
+ gLoginMetaInfo3 = retrieveLoginMatching(gLoginInfo3);
+ LoginTestUtils.checkLogins([gLoginInfo1, gLoginInfo2, gLoginInfo3]);
+});
+
+/**
+ * Tests that adding a login with a duplicate GUID throws an exception.
+ */
+add_task(function test_addLogin_metainfo_duplicate()
+{
+ let loginInfo = TestData.formLogin({
+ hostname: "http://duplicate.example.com",
+ guid: gLoginMetaInfo2.guid,
+ });
+ Assert.throws(() => Services.logins.addLogin(loginInfo),
+ /specified GUID already exists/);
+
+ // Verify that no data was stored by the previous call.
+ LoginTestUtils.checkLogins([gLoginInfo1, gLoginInfo2, gLoginInfo3]);
+});
+
+/**
+ * Tests that the existing metadata is not changed when modifyLogin is called
+ * with an nsILoginInfo argument.
+ */
+add_task(function test_modifyLogin_nsILoginInfo_metainfo_ignored()
+{
+ let newLoginInfo = gLoginInfo1.clone().QueryInterface(Ci.nsILoginMetaInfo);
+ newLoginInfo.guid = gUUIDGenerator.generateUUID().toString();
+ newLoginInfo.timeCreated = Date.now();
+ newLoginInfo.timeLastUsed = Date.now();
+ newLoginInfo.timePasswordChanged = Date.now();
+ newLoginInfo.timesUsed = 12;
+ Services.logins.modifyLogin(gLoginInfo1, newLoginInfo);
+
+ newLoginInfo = retrieveLoginMatching(gLoginInfo1);
+ assertMetaInfoEqual(newLoginInfo, gLoginMetaInfo1);
+});
+
+/**
+ * Tests the modifyLogin function with an nsIProperyBag argument.
+ */
+add_task(function test_modifyLogin_nsIProperyBag_metainfo()
+{
+ // Use a new reference time that is two minutes from now.
+ let newTimeMs = Date.now() + 120000;
+ let newUUIDValue = gUUIDGenerator.generateUUID().toString();
+
+ // Check that properties are changed as requested.
+ Services.logins.modifyLogin(gLoginInfo1, newPropertyBag({
+ guid: newUUIDValue,
+ timeCreated: newTimeMs,
+ timeLastUsed: newTimeMs + 2,
+ timePasswordChanged: newTimeMs + 1,
+ timesUsed: 2,
+ }));
+
+ gLoginMetaInfo1 = retrieveLoginMatching(gLoginInfo1);
+ do_check_eq(gLoginMetaInfo1.guid, newUUIDValue);
+ do_check_eq(gLoginMetaInfo1.timeCreated, newTimeMs);
+ do_check_eq(gLoginMetaInfo1.timeLastUsed, newTimeMs + 2);
+ do_check_eq(gLoginMetaInfo1.timePasswordChanged, newTimeMs + 1);
+ do_check_eq(gLoginMetaInfo1.timesUsed, 2);
+
+ // Check that timePasswordChanged is updated when changing the password.
+ let originalLogin = gLoginInfo2.clone().QueryInterface(Ci.nsILoginMetaInfo);
+ Services.logins.modifyLogin(gLoginInfo2, newPropertyBag({
+ password: "new password",
+ }));
+ gLoginInfo2.password = "new password";
+
+ gLoginMetaInfo2 = retrieveLoginMatching(gLoginInfo2);
+ do_check_eq(gLoginMetaInfo2.password, gLoginInfo2.password);
+ do_check_eq(gLoginMetaInfo2.timeCreated, originalLogin.timeCreated);
+ do_check_eq(gLoginMetaInfo2.timeLastUsed, originalLogin.timeLastUsed);
+ LoginTestUtils.assertTimeIsAboutNow(gLoginMetaInfo2.timePasswordChanged);
+
+ // Check that timePasswordChanged is not set to the current time when changing
+ // the password and specifying a new value for the property at the same time.
+ Services.logins.modifyLogin(gLoginInfo2, newPropertyBag({
+ password: "other password",
+ timePasswordChanged: newTimeMs,
+ }));
+ gLoginInfo2.password = "other password";
+
+ gLoginMetaInfo2 = retrieveLoginMatching(gLoginInfo2);
+ do_check_eq(gLoginMetaInfo2.password, gLoginInfo2.password);
+ do_check_eq(gLoginMetaInfo2.timeCreated, originalLogin.timeCreated);
+ do_check_eq(gLoginMetaInfo2.timeLastUsed, originalLogin.timeLastUsed);
+ do_check_eq(gLoginMetaInfo2.timePasswordChanged, newTimeMs);
+
+ // Check the special timesUsedIncrement property.
+ Services.logins.modifyLogin(gLoginInfo2, newPropertyBag({
+ timesUsedIncrement: 2,
+ }));
+
+ gLoginMetaInfo2 = retrieveLoginMatching(gLoginInfo2);
+ do_check_eq(gLoginMetaInfo2.timeCreated, originalLogin.timeCreated);
+ do_check_eq(gLoginMetaInfo2.timeLastUsed, originalLogin.timeLastUsed);
+ do_check_eq(gLoginMetaInfo2.timePasswordChanged, newTimeMs);
+ do_check_eq(gLoginMetaInfo2.timesUsed, 4);
+});
+
+/**
+ * Tests that modifying a login to a duplicate GUID throws an exception.
+ */
+add_task(function test_modifyLogin_nsIProperyBag_metainfo_duplicate()
+{
+ Assert.throws(() => Services.logins.modifyLogin(gLoginInfo1, newPropertyBag({
+ guid: gLoginInfo2.guid,
+ })), /specified GUID already exists/);
+ LoginTestUtils.checkLogins([gLoginInfo1, gLoginInfo2, gLoginInfo3]);
+});
+
+/**
+ * Tests searching logins using nsILoginMetaInfo properties.
+ */
+add_task(function test_searchLogins_metainfo()
+{
+ // Find by GUID.
+ let logins = Services.logins.searchLogins({}, newPropertyBag({
+ guid: gLoginMetaInfo1.guid,
+ }));
+ do_check_eq(logins.length, 1);
+ let foundLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ assertMetaInfoEqual(foundLogin, gLoginMetaInfo1);
+
+ // Find by timestamp.
+ logins = Services.logins.searchLogins({}, newPropertyBag({
+ timePasswordChanged: gLoginMetaInfo2.timePasswordChanged,
+ }));
+ do_check_eq(logins.length, 1);
+ foundLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ assertMetaInfoEqual(foundLogin, gLoginMetaInfo2);
+
+ // Find using two properties at the same time.
+ logins = Services.logins.searchLogins({}, newPropertyBag({
+ guid: gLoginMetaInfo3.guid,
+ timePasswordChanged: gLoginMetaInfo3.timePasswordChanged,
+ }));
+ do_check_eq(logins.length, 1);
+ foundLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo);
+ assertMetaInfoEqual(foundLogin, gLoginMetaInfo3);
+});
+
+/**
+ * Tests that the default nsILoginManagerStorage module attached to the Login
+ * Manager service is able to save and reload nsILoginMetaInfo properties.
+ */
+add_task(function* test_storage_metainfo()
+{
+ yield* LoginTestUtils.reloadData();
+ LoginTestUtils.checkLogins([gLoginInfo1, gLoginInfo2, gLoginInfo3]);
+
+ assertMetaInfoEqual(retrieveLoginMatching(gLoginInfo1), gLoginMetaInfo1);
+ assertMetaInfoEqual(retrieveLoginMatching(gLoginInfo2), gLoginMetaInfo2);
+ assertMetaInfoEqual(retrieveLoginMatching(gLoginInfo3), gLoginMetaInfo3);
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_search.js b/toolkit/components/passwordmgr/test/unit/test_logins_search.js
new file mode 100644
index 000000000..188c75039
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_logins_search.js
@@ -0,0 +1,221 @@
+/*
+ * Tests methods that find specific logins in the store (findLogins,
+ * searchLogins, and countLogins).
+ *
+ * The getAllLogins method is not tested explicitly here, because it is used by
+ * all tests to verify additions, removals and modifications to the login store.
+ */
+
+"use strict";
+
+// Globals
+
+/**
+ * Returns a list of new nsILoginInfo objects that are a subset of the test
+ * data, built to match the specified query.
+ *
+ * @param aQuery
+ * Each property and value of this object restricts the search to those
+ * entries from the test data that match the property exactly.
+ */
+function buildExpectedLogins(aQuery)
+{
+ return TestData.loginList().filter(
+ entry => Object.keys(aQuery).every(name => entry[name] === aQuery[name]));
+}
+
+/**
+ * Tests the searchLogins function.
+ *
+ * @param aQuery
+ * Each property and value of this object is translated to an entry in
+ * the nsIPropertyBag parameter of searchLogins.
+ * @param aExpectedCount
+ * Number of logins from the test data that should be found. The actual
+ * list of logins is obtained using the buildExpectedLogins helper, and
+ * this value is just used to verify that modifications to the test data
+ * don't make the current test meaningless.
+ */
+function checkSearchLogins(aQuery, aExpectedCount)
+{
+ do_print("Testing searchLogins for " + JSON.stringify(aQuery));
+
+ let expectedLogins = buildExpectedLogins(aQuery);
+ do_check_eq(expectedLogins.length, aExpectedCount);
+
+ let outCount = {};
+ let logins = Services.logins.searchLogins(outCount, newPropertyBag(aQuery));
+ do_check_eq(outCount.value, expectedLogins.length);
+ LoginTestUtils.assertLoginListsEqual(logins, expectedLogins);
+}
+
+/**
+ * Tests findLogins, searchLogins, and countLogins with the same query.
+ *
+ * @param aQuery
+ * The "hostname", "formSubmitURL", and "httpRealm" properties of this
+ * object are passed as parameters to findLogins and countLogins. The
+ * same object is then passed to the checkSearchLogins function.
+ * @param aExpectedCount
+ * Number of logins from the test data that should be found. The actual
+ * list of logins is obtained using the buildExpectedLogins helper, and
+ * this value is just used to verify that modifications to the test data
+ * don't make the current test meaningless.
+ */
+function checkAllSearches(aQuery, aExpectedCount)
+{
+ do_print("Testing all search functions for " + JSON.stringify(aQuery));
+
+ let expectedLogins = buildExpectedLogins(aQuery);
+ do_check_eq(expectedLogins.length, aExpectedCount);
+
+ // The findLogins and countLogins functions support wildcard matches by
+ // specifying empty strings as parameters, while searchLogins requires
+ // omitting the property entirely.
+ let hostname = ("hostname" in aQuery) ? aQuery.hostname : "";
+ let formSubmitURL = ("formSubmitURL" in aQuery) ? aQuery.formSubmitURL : "";
+ let httpRealm = ("httpRealm" in aQuery) ? aQuery.httpRealm : "";
+
+ // Test findLogins.
+ let outCount = {};
+ let logins = Services.logins.findLogins(outCount, hostname, formSubmitURL,
+ httpRealm);
+ do_check_eq(outCount.value, expectedLogins.length);
+ LoginTestUtils.assertLoginListsEqual(logins, expectedLogins);
+
+ // Test countLogins.
+ let count = Services.logins.countLogins(hostname, formSubmitURL, httpRealm);
+ do_check_eq(count, expectedLogins.length);
+
+ // Test searchLogins.
+ checkSearchLogins(aQuery, aExpectedCount);
+}
+
+// Tests
+
+/**
+ * Prepare data for the following tests.
+ */
+add_task(function test_initialize()
+{
+ for (let login of TestData.loginList()) {
+ Services.logins.addLogin(login);
+ }
+});
+
+/**
+ * Tests findLogins, searchLogins, and countLogins with basic queries.
+ */
+add_task(function test_search_all_basic()
+{
+ // Find all logins, using no filters in the search functions.
+ checkAllSearches({}, 23);
+
+ // Find all form logins, then all authentication logins.
+ checkAllSearches({ httpRealm: null }, 14);
+ checkAllSearches({ formSubmitURL: null }, 9);
+
+ // Find all form logins on one host, then all authentication logins.
+ checkAllSearches({ hostname: "http://www4.example.com",
+ httpRealm: null }, 3);
+ checkAllSearches({ hostname: "http://www2.example.org",
+ formSubmitURL: null }, 2);
+
+ // Verify that scheme and subdomain are distinct in the hostname.
+ checkAllSearches({ hostname: "http://www.example.com" }, 1);
+ checkAllSearches({ hostname: "https://www.example.com" }, 1);
+ checkAllSearches({ hostname: "https://example.com" }, 1);
+ checkAllSearches({ hostname: "http://www3.example.com" }, 3);
+
+ // Verify that scheme and subdomain are distinct in formSubmitURL.
+ checkAllSearches({ formSubmitURL: "http://www.example.com" }, 2);
+ checkAllSearches({ formSubmitURL: "https://www.example.com" }, 2);
+ checkAllSearches({ formSubmitURL: "http://example.com" }, 1);
+
+ // Find by formSubmitURL on a single host.
+ checkAllSearches({ hostname: "http://www3.example.com",
+ formSubmitURL: "http://www.example.com" }, 1);
+ checkAllSearches({ hostname: "http://www3.example.com",
+ formSubmitURL: "https://www.example.com" }, 1);
+ checkAllSearches({ hostname: "http://www3.example.com",
+ formSubmitURL: "http://example.com" }, 1);
+
+ // Find by httpRealm on all hosts.
+ checkAllSearches({ httpRealm: "The HTTP Realm" }, 3);
+ checkAllSearches({ httpRealm: "ftp://ftp.example.org" }, 1);
+ checkAllSearches({ httpRealm: "The HTTP Realm Other" }, 2);
+
+ // Find by httpRealm on a single host.
+ checkAllSearches({ hostname: "http://example.net",
+ httpRealm: "The HTTP Realm" }, 1);
+ checkAllSearches({ hostname: "http://example.net",
+ httpRealm: "The HTTP Realm Other" }, 1);
+ checkAllSearches({ hostname: "ftp://example.net",
+ httpRealm: "ftp://example.net" }, 1);
+});
+
+/**
+ * Tests searchLogins with advanced queries.
+ */
+add_task(function test_searchLogins()
+{
+ checkSearchLogins({ usernameField: "form_field_username" }, 12);
+ checkSearchLogins({ passwordField: "form_field_password" }, 13);
+
+ // Find all logins with an empty usernameField, including for authentication.
+ checkSearchLogins({ usernameField: "" }, 11);
+
+ // Find form logins with an empty usernameField.
+ checkSearchLogins({ httpRealm: null,
+ usernameField: "" }, 2);
+
+ // Find logins with an empty usernameField on one host.
+ checkSearchLogins({ hostname: "http://www6.example.com",
+ usernameField: "" }, 1);
+});
+
+/**
+ * Tests searchLogins with invalid arguments.
+ */
+add_task(function test_searchLogins_invalid()
+{
+ Assert.throws(() => Services.logins.searchLogins({},
+ newPropertyBag({ username: "value" })),
+ /Unexpected field/);
+});
+
+/**
+ * Tests that matches are case-sensitive, compare the full field value, and are
+ * strict when interpreting the prePath of URIs.
+ */
+add_task(function test_search_all_full_case_sensitive()
+{
+ checkAllSearches({ hostname: "http://www.example.com" }, 1);
+ checkAllSearches({ hostname: "http://www.example.com/" }, 0);
+ checkAllSearches({ hostname: "http://" }, 0);
+ checkAllSearches({ hostname: "example.com" }, 0);
+
+ checkAllSearches({ formSubmitURL: "http://www.example.com" }, 2);
+ checkAllSearches({ formSubmitURL: "http://www.example.com/" }, 0);
+ checkAllSearches({ formSubmitURL: "http://" }, 0);
+ checkAllSearches({ formSubmitURL: "example.com" }, 0);
+
+ checkAllSearches({ httpRealm: "The HTTP Realm" }, 3);
+ checkAllSearches({ httpRealm: "The http Realm" }, 0);
+ checkAllSearches({ httpRealm: "The HTTP" }, 0);
+ checkAllSearches({ httpRealm: "Realm" }, 0);
+});
+
+/**
+ * Tests findLogins, searchLogins, and countLogins with queries that should
+ * return no values.
+ */
+add_task(function test_search_all_empty()
+{
+ checkAllSearches({ hostname: "http://nonexistent.example.com" }, 0);
+ checkAllSearches({ formSubmitURL: "http://www.example.com",
+ httpRealm: "The HTTP Realm" }, 0);
+
+ checkSearchLogins({ hostname: "" }, 0);
+ checkSearchLogins({ id: "1000" }, 0);
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_maybeImportLogin.js b/toolkit/components/passwordmgr/test/unit/test_maybeImportLogin.js
new file mode 100644
index 000000000..19175df59
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_maybeImportLogin.js
@@ -0,0 +1,169 @@
+"use strict";
+
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/LoginHelper.jsm");
+
+const HOST1 = "https://www.example.com/";
+const HOST2 = "https://www.mozilla.org/";
+
+const USER1 = "myuser";
+const USER2 = "anotheruser";
+
+const PASS1 = "mypass";
+const PASS2 = "anotherpass";
+const PASS3 = "yetanotherpass";
+
+add_task(function test_new_logins() {
+ let importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ });
+ Assert.ok(importedLogin, "Return value should indicate imported login.");
+ let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);
+
+ importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST2,
+ formSubmitURL: HOST2,
+ });
+
+ Assert.ok(importedLogin, "Return value should indicate another imported login.");
+ matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
+
+ matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST2});
+ Assert.equal(matchingLogins.length, 1, `There should also be 1 login for ${HOST2}`);
+ Assert.equal(Services.logins.getAllLogins().length, 2, "There should be 2 logins in total");
+ Services.logins.removeAllLogins();
+});
+
+add_task(function test_duplicate_logins() {
+ let importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ });
+ Assert.ok(importedLogin, "Return value should indicate imported login.");
+ let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);
+
+ importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ });
+ Assert.ok(!importedLogin, "Return value should indicate no new login was imported.");
+ matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
+ Services.logins.removeAllLogins();
+});
+
+add_task(function test_different_passwords() {
+ let importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ timeCreated: new Date(Date.now() - 1000),
+ });
+ Assert.ok(importedLogin, "Return value should indicate imported login.");
+ let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);
+
+ // This item will be newer, so its password should take precedence.
+ importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS2,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ timeCreated: new Date(),
+ });
+ Assert.ok(!importedLogin, "Return value should not indicate imported login (as we updated an existing one).");
+ matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
+ Assert.equal(matchingLogins[0].password, PASS2, "We should have updated the password for this login.");
+
+ // Now try to update with an older password:
+ importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS3,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ timeCreated: new Date(Date.now() - 1000000),
+ });
+ Assert.ok(!importedLogin, "Return value should not indicate imported login (as we didn't update anything).");
+ matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
+ Assert.equal(matchingLogins[0].password, PASS2, "We should NOT have updated the password for this login.");
+
+ Services.logins.removeAllLogins();
+});
+
+add_task(function test_different_usernames() {
+ let importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ });
+ Assert.ok(importedLogin, "Return value should indicate imported login.");
+ let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);
+
+ importedLogin = LoginHelper.maybeImportLogin({
+ username: USER2,
+ password: PASS1,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ });
+ Assert.ok(importedLogin, "Return value should indicate another imported login.");
+ matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 2, `There should now be 2 logins for ${HOST1}`);
+
+ Services.logins.removeAllLogins();
+});
+
+add_task(function test_different_targets() {
+ let importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST1,
+ formSubmitURL: HOST1,
+ });
+ Assert.ok(importedLogin, "Return value should indicate imported login.");
+ let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`);
+
+ // Not passing either a formSubmitURL or a httpRealm should be treated as
+ // the same as the previous login
+ importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST1,
+ });
+ Assert.ok(!importedLogin, "Return value should NOT indicate imported login " +
+ "(because a missing formSubmitURL and httpRealm should be duped to the existing login).");
+ matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`);
+ Assert.equal(matchingLogins[0].formSubmitURL, HOST1, "The form submission URL should have been kept.");
+
+ importedLogin = LoginHelper.maybeImportLogin({
+ username: USER1,
+ password: PASS1,
+ hostname: HOST1,
+ httpRealm: HOST1,
+ });
+ Assert.ok(importedLogin, "Return value should indicate another imported login " +
+ "as an httpRealm login shouldn't be duped.");
+ matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1});
+ Assert.equal(matchingLogins.length, 2, `There should now be 2 logins for ${HOST1}`);
+
+ Services.logins.removeAllLogins();
+});
+
diff --git a/toolkit/components/passwordmgr/test/unit/test_module_LoginImport.js b/toolkit/components/passwordmgr/test/unit/test_module_LoginImport.js
new file mode 100644
index 000000000..b8793e1bd
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_module_LoginImport.js
@@ -0,0 +1,243 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests the LoginImport object.
+ */
+
+"use strict";
+
+// Globals
+
+Cu.import("resource://gre/modules/Task.jsm");
+
+XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper",
+ "resource://gre/modules/LoginHelper.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "LoginImport",
+ "resource://gre/modules/LoginImport.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "LoginStore",
+ "resource://gre/modules/LoginStore.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "Sqlite",
+ "resource://gre/modules/Sqlite.jsm");
+
+XPCOMUtils.defineLazyServiceGetter(this, "gLoginManagerCrypto",
+ "@mozilla.org/login-manager/crypto/SDR;1",
+ "nsILoginManagerCrypto");
+XPCOMUtils.defineLazyServiceGetter(this, "gUUIDGenerator",
+ "@mozilla.org/uuid-generator;1",
+ "nsIUUIDGenerator");
+
+/**
+ * Creates empty login data tables in the given SQLite connection, resembling
+ * the most recent schema version (excluding indices).
+ */
+function promiseCreateDatabaseSchema(aConnection)
+{
+ return Task.spawn(function* () {
+ yield aConnection.setSchemaVersion(5);
+ yield aConnection.execute("CREATE TABLE moz_logins (" +
+ "id INTEGER PRIMARY KEY," +
+ "hostname TEXT NOT NULL," +
+ "httpRealm TEXT," +
+ "formSubmitURL TEXT," +
+ "usernameField TEXT NOT NULL," +
+ "passwordField TEXT NOT NULL," +
+ "encryptedUsername TEXT NOT NULL," +
+ "encryptedPassword TEXT NOT NULL," +
+ "guid TEXT," +
+ "encType INTEGER," +
+ "timeCreated INTEGER," +
+ "timeLastUsed INTEGER," +
+ "timePasswordChanged INTEGER," +
+ "timesUsed INTEGER)");
+ yield aConnection.execute("CREATE TABLE moz_disabledHosts (" +
+ "id INTEGER PRIMARY KEY," +
+ "hostname TEXT UNIQUE)");
+ yield aConnection.execute("CREATE TABLE moz_deleted_logins (" +
+ "id INTEGER PRIMARY KEY," +
+ "guid TEXT," +
+ "timeDeleted INTEGER)");
+ });
+}
+
+/**
+ * Inserts a new entry in the database resembling the given nsILoginInfo object.
+ */
+function promiseInsertLoginInfo(aConnection, aLoginInfo)
+{
+ aLoginInfo.QueryInterface(Ci.nsILoginMetaInfo);
+
+ // We can't use the aLoginInfo object directly in the execute statement
+ // because the bind code in Sqlite.jsm doesn't allow objects with extra
+ // properties beyond those being binded. So we might as well use an array as
+ // it is simpler.
+ let values = [
+ aLoginInfo.hostname,
+ aLoginInfo.httpRealm,
+ aLoginInfo.formSubmitURL,
+ aLoginInfo.usernameField,
+ aLoginInfo.passwordField,
+ gLoginManagerCrypto.encrypt(aLoginInfo.username),
+ gLoginManagerCrypto.encrypt(aLoginInfo.password),
+ aLoginInfo.guid,
+ aLoginInfo.encType,
+ aLoginInfo.timeCreated,
+ aLoginInfo.timeLastUsed,
+ aLoginInfo.timePasswordChanged,
+ aLoginInfo.timesUsed,
+ ];
+
+ return aConnection.execute("INSERT INTO moz_logins (hostname, " +
+ "httpRealm, formSubmitURL, usernameField, " +
+ "passwordField, encryptedUsername, " +
+ "encryptedPassword, guid, encType, timeCreated, " +
+ "timeLastUsed, timePasswordChanged, timesUsed) " +
+ "VALUES (?" + ",?".repeat(12) + ")", values);
+}
+
+/**
+ * Inserts a new disabled host entry in the database.
+ */
+function promiseInsertDisabledHost(aConnection, aHostname)
+{
+ return aConnection.execute("INSERT INTO moz_disabledHosts (hostname) " +
+ "VALUES (?)", [aHostname]);
+}
+
+// Tests
+
+/**
+ * Imports login data from a SQLite file constructed using the test data.
+ */
+add_task(function* test_import()
+{
+ let store = new LoginStore(getTempFile("test-import.json").path);
+ let loginsSqlite = getTempFile("test-logins.sqlite").path;
+
+ // Prepare the logins to be imported, including the nsILoginMetaInfo data.
+ let loginList = TestData.loginList();
+ for (let loginInfo of loginList) {
+ loginInfo.QueryInterface(Ci.nsILoginMetaInfo);
+ loginInfo.guid = gUUIDGenerator.generateUUID().toString();
+ loginInfo.timeCreated = Date.now();
+ loginInfo.timeLastUsed = Date.now();
+ loginInfo.timePasswordChanged = Date.now();
+ loginInfo.timesUsed = 1;
+ }
+
+ // Create and populate the SQLite database first.
+ let connection = yield Sqlite.openConnection({ path: loginsSqlite });
+ try {
+ yield promiseCreateDatabaseSchema(connection);
+ for (let loginInfo of loginList) {
+ yield promiseInsertLoginInfo(connection, loginInfo);
+ }
+ yield promiseInsertDisabledHost(connection, "http://www.example.com");
+ yield promiseInsertDisabledHost(connection, "https://www.example.org");
+ } finally {
+ yield connection.close();
+ }
+
+ // The "load" method must be called before importing data.
+ yield store.load();
+ yield new LoginImport(store, loginsSqlite).import();
+
+ // Verify that every login in the test data has a matching imported row.
+ do_check_eq(loginList.length, store.data.logins.length);
+ do_check_true(loginList.every(function (loginInfo) {
+ return store.data.logins.some(function (loginDataItem) {
+ let username = gLoginManagerCrypto.decrypt(loginDataItem.encryptedUsername);
+ let password = gLoginManagerCrypto.decrypt(loginDataItem.encryptedPassword);
+ return loginDataItem.hostname == loginInfo.hostname &&
+ loginDataItem.httpRealm == loginInfo.httpRealm &&
+ loginDataItem.formSubmitURL == loginInfo.formSubmitURL &&
+ loginDataItem.usernameField == loginInfo.usernameField &&
+ loginDataItem.passwordField == loginInfo.passwordField &&
+ username == loginInfo.username &&
+ password == loginInfo.password &&
+ loginDataItem.guid == loginInfo.guid &&
+ loginDataItem.encType == loginInfo.encType &&
+ loginDataItem.timeCreated == loginInfo.timeCreated &&
+ loginDataItem.timeLastUsed == loginInfo.timeLastUsed &&
+ loginDataItem.timePasswordChanged == loginInfo.timePasswordChanged &&
+ loginDataItem.timesUsed == loginInfo.timesUsed;
+ });
+ }));
+
+ // Verify that disabled hosts have been imported.
+ do_check_eq(store.data.disabledHosts.length, 2);
+ do_check_true(store.data.disabledHosts.indexOf("http://www.example.com") != -1);
+ do_check_true(store.data.disabledHosts.indexOf("https://www.example.org") != -1);
+});
+
+/**
+ * Tests imports of NULL values due to a downgraded database.
+ */
+add_task(function* test_import_downgraded()
+{
+ let store = new LoginStore(getTempFile("test-import-downgraded.json").path);
+ let loginsSqlite = getTempFile("test-logins-downgraded.sqlite").path;
+
+ // Create and populate the SQLite database first.
+ let connection = yield Sqlite.openConnection({ path: loginsSqlite });
+ try {
+ yield promiseCreateDatabaseSchema(connection);
+ yield connection.setSchemaVersion(3);
+ yield promiseInsertLoginInfo(connection, TestData.formLogin({
+ guid: gUUIDGenerator.generateUUID().toString(),
+ timeCreated: null,
+ timeLastUsed: null,
+ timePasswordChanged: null,
+ timesUsed: 0,
+ }));
+ } finally {
+ yield connection.close();
+ }
+
+ // The "load" method must be called before importing data.
+ yield store.load();
+ yield new LoginImport(store, loginsSqlite).import();
+
+ // Verify that the missing metadata was generated correctly.
+ let loginItem = store.data.logins[0];
+ let creationTime = loginItem.timeCreated;
+ LoginTestUtils.assertTimeIsAboutNow(creationTime);
+ do_check_eq(loginItem.timeLastUsed, creationTime);
+ do_check_eq(loginItem.timePasswordChanged, creationTime);
+ do_check_eq(loginItem.timesUsed, 1);
+});
+
+/**
+ * Verifies that importing from a SQLite file with database version 2 fails.
+ */
+add_task(function* test_import_v2()
+{
+ let store = new LoginStore(getTempFile("test-import-v2.json").path);
+ let loginsSqlite = do_get_file("data/signons-v2.sqlite").path;
+
+ // The "load" method must be called before importing data.
+ yield store.load();
+ try {
+ yield new LoginImport(store, loginsSqlite).import();
+ do_throw("The operation should have failed.");
+ } catch (ex) { }
+});
+
+/**
+ * Imports login data from a SQLite file, with database version 3.
+ */
+add_task(function* test_import_v3()
+{
+ let store = new LoginStore(getTempFile("test-import-v3.json").path);
+ let loginsSqlite = do_get_file("data/signons-v3.sqlite").path;
+
+ // The "load" method must be called before importing data.
+ yield store.load();
+ yield new LoginImport(store, loginsSqlite).import();
+
+ // We only execute basic integrity checks.
+ do_check_eq(store.data.logins[0].usernameField, "u1");
+ do_check_eq(store.data.disabledHosts.length, 0);
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_module_LoginStore.js b/toolkit/components/passwordmgr/test/unit/test_module_LoginStore.js
new file mode 100644
index 000000000..335eb601b
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_module_LoginStore.js
@@ -0,0 +1,206 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests the LoginStore object.
+ */
+
+"use strict";
+
+// Globals
+
+XPCOMUtils.defineLazyModuleGetter(this, "LoginStore",
+ "resource://gre/modules/LoginStore.jsm");
+
+const TEST_STORE_FILE_NAME = "test-logins.json";
+
+// Tests
+
+/**
+ * Saves login data to a file, then reloads it.
+ */
+add_task(function* test_save_reload()
+{
+ let storeForSave = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path);
+
+ // The "load" method must be called before preparing the data to be saved.
+ yield storeForSave.load();
+
+ let rawLoginData = {
+ id: storeForSave.data.nextId++,
+ hostname: "http://www.example.com",
+ httpRealm: null,
+ formSubmitURL: "http://www.example.com/submit-url",
+ usernameField: "field_" + String.fromCharCode(533, 537, 7570, 345),
+ passwordField: "field_" + String.fromCharCode(421, 259, 349, 537),
+ encryptedUsername: "(test)",
+ encryptedPassword: "(test)",
+ guid: "(test)",
+ encType: Ci.nsILoginManagerCrypto.ENCTYPE_SDR,
+ timeCreated: Date.now(),
+ timeLastUsed: Date.now(),
+ timePasswordChanged: Date.now(),
+ timesUsed: 1,
+ };
+ storeForSave.data.logins.push(rawLoginData);
+
+ storeForSave.data.disabledHosts.push("http://www.example.org");
+
+ yield storeForSave._save();
+
+ // Test the asynchronous initialization path.
+ let storeForLoad = new LoginStore(storeForSave.path);
+ yield storeForLoad.load();
+
+ do_check_eq(storeForLoad.data.logins.length, 1);
+ do_check_matches(storeForLoad.data.logins[0], rawLoginData);
+ do_check_eq(storeForLoad.data.disabledHosts.length, 1);
+ do_check_eq(storeForLoad.data.disabledHosts[0], "http://www.example.org");
+
+ // Test the synchronous initialization path.
+ storeForLoad = new LoginStore(storeForSave.path);
+ storeForLoad.ensureDataReady();
+
+ do_check_eq(storeForLoad.data.logins.length, 1);
+ do_check_matches(storeForLoad.data.logins[0], rawLoginData);
+ do_check_eq(storeForLoad.data.disabledHosts.length, 1);
+ do_check_eq(storeForLoad.data.disabledHosts[0], "http://www.example.org");
+});
+
+/**
+ * Checks that loading from a missing file results in empty arrays.
+ */
+add_task(function* test_load_empty()
+{
+ let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path);
+
+ do_check_false(yield OS.File.exists(store.path));
+
+ yield store.load();
+
+ do_check_false(yield OS.File.exists(store.path));
+
+ do_check_eq(store.data.logins.length, 0);
+ do_check_eq(store.data.disabledHosts.length, 0);
+});
+
+/**
+ * Checks that saving empty data still overwrites any existing file.
+ */
+add_task(function* test_save_empty()
+{
+ let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path);
+
+ yield store.load();
+
+ let createdFile = yield OS.File.open(store.path, { create: true });
+ yield createdFile.close();
+
+ yield store._save();
+
+ do_check_true(yield OS.File.exists(store.path));
+});
+
+/**
+ * Loads data from a string in a predefined format. The purpose of this test is
+ * to verify that the JSON format used in previous versions can be loaded.
+ */
+add_task(function* test_load_string_predefined()
+{
+ let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path);
+
+ let string = "{\"logins\":[{" +
+ "\"id\":1," +
+ "\"hostname\":\"http://www.example.com\"," +
+ "\"httpRealm\":null," +
+ "\"formSubmitURL\":\"http://www.example.com/submit-url\"," +
+ "\"usernameField\":\"usernameField\"," +
+ "\"passwordField\":\"passwordField\"," +
+ "\"encryptedUsername\":\"(test)\"," +
+ "\"encryptedPassword\":\"(test)\"," +
+ "\"guid\":\"(test)\"," +
+ "\"encType\":1," +
+ "\"timeCreated\":1262304000000," +
+ "\"timeLastUsed\":1262390400000," +
+ "\"timePasswordChanged\":1262476800000," +
+ "\"timesUsed\":1}],\"disabledHosts\":[" +
+ "\"http://www.example.org\"]}";
+
+ yield OS.File.writeAtomic(store.path,
+ new TextEncoder().encode(string),
+ { tmpPath: store.path + ".tmp" });
+
+ yield store.load();
+
+ do_check_eq(store.data.logins.length, 1);
+ do_check_matches(store.data.logins[0], {
+ id: 1,
+ hostname: "http://www.example.com",
+ httpRealm: null,
+ formSubmitURL: "http://www.example.com/submit-url",
+ usernameField: "usernameField",
+ passwordField: "passwordField",
+ encryptedUsername: "(test)",
+ encryptedPassword: "(test)",
+ guid: "(test)",
+ encType: Ci.nsILoginManagerCrypto.ENCTYPE_SDR,
+ timeCreated: 1262304000000,
+ timeLastUsed: 1262390400000,
+ timePasswordChanged: 1262476800000,
+ timesUsed: 1,
+ });
+
+ do_check_eq(store.data.disabledHosts.length, 1);
+ do_check_eq(store.data.disabledHosts[0], "http://www.example.org");
+});
+
+/**
+ * Loads login data from a malformed JSON string.
+ */
+add_task(function* test_load_string_malformed()
+{
+ let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path);
+
+ let string = "{\"logins\":[{\"hostname\":\"http://www.example.com\"," +
+ "\"id\":1,";
+
+ yield OS.File.writeAtomic(store.path, new TextEncoder().encode(string),
+ { tmpPath: store.path + ".tmp" });
+
+ yield store.load();
+
+ // A backup file should have been created.
+ do_check_true(yield OS.File.exists(store.path + ".corrupt"));
+ yield OS.File.remove(store.path + ".corrupt");
+
+ // The store should be ready to accept new data.
+ do_check_eq(store.data.logins.length, 0);
+ do_check_eq(store.data.disabledHosts.length, 0);
+});
+
+/**
+ * Loads login data from a malformed JSON string, using the synchronous
+ * initialization path.
+ */
+add_task(function* test_load_string_malformed_sync()
+{
+ let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path);
+
+ let string = "{\"logins\":[{\"hostname\":\"http://www.example.com\"," +
+ "\"id\":1,";
+
+ yield OS.File.writeAtomic(store.path, new TextEncoder().encode(string),
+ { tmpPath: store.path + ".tmp" });
+
+ store.ensureDataReady();
+
+ // A backup file should have been created.
+ do_check_true(yield OS.File.exists(store.path + ".corrupt"));
+ yield OS.File.remove(store.path + ".corrupt");
+
+ // The store should be ready to accept new data.
+ do_check_eq(store.data.logins.length, 0);
+ do_check_eq(store.data.disabledHosts.length, 0);
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_notifications.js b/toolkit/components/passwordmgr/test/unit/test_notifications.js
new file mode 100644
index 000000000..41caa2c1b
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_notifications.js
@@ -0,0 +1,172 @@
+/*
+ * Tests notifications dispatched when modifying stored logins.
+ */
+
+var expectedNotification;
+var expectedData;
+
+var TestObserver = {
+ QueryInterface : XPCOMUtils.generateQI([Ci.nsIObserver, Ci.nsISupportsWeakReference]),
+
+ observe : function (subject, topic, data) {
+ do_check_eq(topic, "passwordmgr-storage-changed");
+ do_check_eq(data, expectedNotification);
+
+ switch (data) {
+ case "addLogin":
+ do_check_true(subject instanceof Ci.nsILoginInfo);
+ do_check_true(subject instanceof Ci.nsILoginMetaInfo);
+ do_check_true(expectedData.equals(subject)); // nsILoginInfo.equals()
+ break;
+ case "modifyLogin":
+ do_check_true(subject instanceof Ci.nsIArray);
+ do_check_eq(subject.length, 2);
+ var oldLogin = subject.queryElementAt(0, Ci.nsILoginInfo);
+ var newLogin = subject.queryElementAt(1, Ci.nsILoginInfo);
+ do_check_true(expectedData[0].equals(oldLogin)); // nsILoginInfo.equals()
+ do_check_true(expectedData[1].equals(newLogin));
+ break;
+ case "removeLogin":
+ do_check_true(subject instanceof Ci.nsILoginInfo);
+ do_check_true(subject instanceof Ci.nsILoginMetaInfo);
+ do_check_true(expectedData.equals(subject)); // nsILoginInfo.equals()
+ break;
+ case "removeAllLogins":
+ do_check_eq(subject, null);
+ break;
+ case "hostSavingEnabled":
+ case "hostSavingDisabled":
+ do_check_true(subject instanceof Ci.nsISupportsString);
+ do_check_eq(subject.data, expectedData);
+ break;
+ default:
+ do_throw("Unhandled notification: " + data + " / " + topic);
+ }
+
+ expectedNotification = null; // ensure a duplicate is flagged as unexpected.
+ expectedData = null;
+ }
+};
+
+add_task(function test_notifications()
+{
+
+try {
+
+var testnum = 0;
+var testdesc = "Setup of nsLoginInfo test-users";
+
+var testuser1 = new LoginInfo("http://testhost1", "", null,
+ "dummydude", "itsasecret", "put_user_here", "put_pw_here");
+
+var testuser2 = new LoginInfo("http://testhost2", "", null,
+ "dummydude2", "itsasecret2", "put_user2_here", "put_pw2_here");
+
+Services.obs.addObserver(TestObserver, "passwordmgr-storage-changed", false);
+
+
+/* ========== 1 ========== */
+testnum = 1;
+testdesc = "Initial connection to storage module";
+
+/* ========== 2 ========== */
+testnum++;
+testdesc = "addLogin";
+
+expectedNotification = "addLogin";
+expectedData = testuser1;
+Services.logins.addLogin(testuser1);
+LoginTestUtils.checkLogins([testuser1]);
+do_check_eq(expectedNotification, null); // check that observer got a notification
+
+/* ========== 3 ========== */
+testnum++;
+testdesc = "modifyLogin";
+
+expectedNotification = "modifyLogin";
+expectedData = [testuser1, testuser2];
+Services.logins.modifyLogin(testuser1, testuser2);
+do_check_eq(expectedNotification, null);
+LoginTestUtils.checkLogins([testuser2]);
+
+/* ========== 4 ========== */
+testnum++;
+testdesc = "removeLogin";
+
+expectedNotification = "removeLogin";
+expectedData = testuser2;
+Services.logins.removeLogin(testuser2);
+do_check_eq(expectedNotification, null);
+LoginTestUtils.checkLogins([]);
+
+/* ========== 5 ========== */
+testnum++;
+testdesc = "removeAllLogins";
+
+expectedNotification = "removeAllLogins";
+expectedData = null;
+Services.logins.removeAllLogins();
+do_check_eq(expectedNotification, null);
+LoginTestUtils.checkLogins([]);
+
+/* ========== 6 ========== */
+testnum++;
+testdesc = "removeAllLogins (again)";
+
+expectedNotification = "removeAllLogins";
+expectedData = null;
+Services.logins.removeAllLogins();
+do_check_eq(expectedNotification, null);
+LoginTestUtils.checkLogins([]);
+
+/* ========== 7 ========== */
+testnum++;
+testdesc = "setLoginSavingEnabled / false";
+
+expectedNotification = "hostSavingDisabled";
+expectedData = "http://site.com";
+Services.logins.setLoginSavingEnabled("http://site.com", false);
+do_check_eq(expectedNotification, null);
+LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ ["http://site.com"]);
+
+/* ========== 8 ========== */
+testnum++;
+testdesc = "setLoginSavingEnabled / false (again)";
+
+expectedNotification = "hostSavingDisabled";
+expectedData = "http://site.com";
+Services.logins.setLoginSavingEnabled("http://site.com", false);
+do_check_eq(expectedNotification, null);
+LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(),
+ ["http://site.com"]);
+
+/* ========== 9 ========== */
+testnum++;
+testdesc = "setLoginSavingEnabled / true";
+
+expectedNotification = "hostSavingEnabled";
+expectedData = "http://site.com";
+Services.logins.setLoginSavingEnabled("http://site.com", true);
+do_check_eq(expectedNotification, null);
+LoginTestUtils.checkLogins([]);
+
+/* ========== 10 ========== */
+testnum++;
+testdesc = "setLoginSavingEnabled / true (again)";
+
+expectedNotification = "hostSavingEnabled";
+expectedData = "http://site.com";
+Services.logins.setLoginSavingEnabled("http://site.com", true);
+do_check_eq(expectedNotification, null);
+LoginTestUtils.checkLogins([]);
+
+Services.obs.removeObserver(TestObserver, "passwordmgr-storage-changed");
+
+LoginTestUtils.clearData();
+
+} catch (e) {
+ throw new Error("FAILED in test #" + testnum + " -- " + testdesc + ": " + e);
+}
+
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_recipes_add.js b/toolkit/components/passwordmgr/test/unit/test_recipes_add.js
new file mode 100644
index 000000000..ef5086c3b
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_recipes_add.js
@@ -0,0 +1,177 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests adding and retrieving LoginRecipes in the parent process.
+ */
+
+"use strict";
+
+add_task(function* test_init() {
+ let parent = new LoginRecipesParent({ defaults: null });
+ let initPromise1 = parent.initializationPromise;
+ let initPromise2 = parent.initializationPromise;
+ Assert.strictEqual(initPromise1, initPromise2, "Check that the same promise is returned");
+
+ let recipesParent = yield initPromise1;
+ Assert.ok(recipesParent instanceof LoginRecipesParent, "Check init return value");
+ Assert.strictEqual(recipesParent._recipesByHost.size, 0, "Initially 0 recipes");
+});
+
+add_task(function* test_get_missing_host() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ let exampleRecipes = recipesParent.getRecipesForHost("example.invalid");
+ Assert.strictEqual(exampleRecipes.size, 0, "Check recipe count for example.invalid");
+
+});
+
+add_task(function* test_add_get_simple_host() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ Assert.strictEqual(recipesParent._recipesByHost.size, 0, "Initially 0 recipes");
+ recipesParent.add({
+ hosts: ["example.com"],
+ });
+ Assert.strictEqual(recipesParent._recipesByHost.size, 1,
+ "Check number of hosts after the addition");
+
+ let exampleRecipes = recipesParent.getRecipesForHost("example.com");
+ Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com");
+ let recipe = [...exampleRecipes][0];
+ Assert.strictEqual(typeof(recipe), "object", "Check recipe type");
+ Assert.strictEqual(recipe.hosts.length, 1, "Check that one host is present");
+ Assert.strictEqual(recipe.hosts[0], "example.com", "Check the one host");
+});
+
+add_task(function* test_add_get_non_standard_port_host() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ recipesParent.add({
+ hosts: ["example.com:8080"],
+ });
+ Assert.strictEqual(recipesParent._recipesByHost.size, 1,
+ "Check number of hosts after the addition");
+
+ let exampleRecipes = recipesParent.getRecipesForHost("example.com:8080");
+ Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com:8080");
+ let recipe = [...exampleRecipes][0];
+ Assert.strictEqual(typeof(recipe), "object", "Check recipe type");
+ Assert.strictEqual(recipe.hosts.length, 1, "Check that one host is present");
+ Assert.strictEqual(recipe.hosts[0], "example.com:8080", "Check the one host");
+});
+
+add_task(function* test_add_multiple_hosts() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ recipesParent.add({
+ hosts: ["example.com", "foo.invalid"],
+ });
+ Assert.strictEqual(recipesParent._recipesByHost.size, 2,
+ "Check number of hosts after the addition");
+
+ let exampleRecipes = recipesParent.getRecipesForHost("example.com");
+ Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com");
+ let recipe = [...exampleRecipes][0];
+ Assert.strictEqual(typeof(recipe), "object", "Check recipe type");
+ Assert.strictEqual(recipe.hosts.length, 2, "Check that two hosts are present");
+ Assert.strictEqual(recipe.hosts[0], "example.com", "Check the first host");
+ Assert.strictEqual(recipe.hosts[1], "foo.invalid", "Check the second host");
+
+ let fooRecipes = recipesParent.getRecipesForHost("foo.invalid");
+ Assert.strictEqual(fooRecipes.size, 1, "Check recipe count for foo.invalid");
+ let fooRecipe = [...fooRecipes][0];
+ Assert.strictEqual(fooRecipe, recipe, "Check that the recipe is shared");
+ Assert.strictEqual(typeof(fooRecipe), "object", "Check recipe type");
+ Assert.strictEqual(fooRecipe.hosts.length, 2, "Check that two hosts are present");
+ Assert.strictEqual(fooRecipe.hosts[0], "example.com", "Check the first host");
+ Assert.strictEqual(fooRecipe.hosts[1], "foo.invalid", "Check the second host");
+});
+
+add_task(function* test_add_pathRegex() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ recipesParent.add({
+ hosts: ["example.com"],
+ pathRegex: /^\/mypath\//,
+ });
+ Assert.strictEqual(recipesParent._recipesByHost.size, 1,
+ "Check number of hosts after the addition");
+
+ let exampleRecipes = recipesParent.getRecipesForHost("example.com");
+ Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com");
+ let recipe = [...exampleRecipes][0];
+ Assert.strictEqual(typeof(recipe), "object", "Check recipe type");
+ Assert.strictEqual(recipe.hosts.length, 1, "Check that one host is present");
+ Assert.strictEqual(recipe.hosts[0], "example.com", "Check the one host");
+ Assert.strictEqual(recipe.pathRegex.toString(), "/^\\/mypath\\//", "Check the pathRegex");
+});
+
+add_task(function* test_add_selectors() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ recipesParent.add({
+ hosts: ["example.com"],
+ usernameSelector: "#my-username",
+ passwordSelector: "#my-form > input.password",
+ });
+ Assert.strictEqual(recipesParent._recipesByHost.size, 1,
+ "Check number of hosts after the addition");
+
+ let exampleRecipes = recipesParent.getRecipesForHost("example.com");
+ Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com");
+ let recipe = [...exampleRecipes][0];
+ Assert.strictEqual(typeof(recipe), "object", "Check recipe type");
+ Assert.strictEqual(recipe.hosts.length, 1, "Check that one host is present");
+ Assert.strictEqual(recipe.hosts[0], "example.com", "Check the one host");
+ Assert.strictEqual(recipe.usernameSelector, "#my-username", "Check the usernameSelector");
+ Assert.strictEqual(recipe.passwordSelector, "#my-form > input.password", "Check the passwordSelector");
+});
+
+/* Begin checking errors with add */
+
+add_task(function* test_add_missing_prop() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ Assert.throws(() => recipesParent.add({}), /required/, "Some properties are required");
+});
+
+add_task(function* test_add_unknown_prop() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ Assert.throws(() => recipesParent.add({
+ unknownProp: true,
+ }), /supported/, "Unknown properties should cause an error to help with typos");
+});
+
+add_task(function* test_add_invalid_hosts() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ Assert.throws(() => recipesParent.add({
+ hosts: 404,
+ }), /array/, "hosts should be an array");
+});
+
+add_task(function* test_add_empty_host_array() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ Assert.throws(() => recipesParent.add({
+ hosts: [],
+ }), /array/, "hosts should be a non-empty array");
+});
+
+add_task(function* test_add_pathRegex_non_regexp() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ Assert.throws(() => recipesParent.add({
+ hosts: ["example.com"],
+ pathRegex: "foo",
+ }), /regular expression/, "pathRegex should be a RegExp");
+});
+
+add_task(function* test_add_usernameSelector_non_string() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ Assert.throws(() => recipesParent.add({
+ hosts: ["example.com"],
+ usernameSelector: 404,
+ }), /string/, "usernameSelector should be a string");
+});
+
+add_task(function* test_add_passwordSelector_non_string() {
+ let recipesParent = yield RecipeHelpers.initNewParent();
+ Assert.throws(() => recipesParent.add({
+ hosts: ["example.com"],
+ passwordSelector: 404,
+ }), /string/, "passwordSelector should be a string");
+});
+
+/* End checking errors with add */
diff --git a/toolkit/components/passwordmgr/test/unit/test_recipes_content.js b/toolkit/components/passwordmgr/test/unit/test_recipes_content.js
new file mode 100644
index 000000000..3d3751452
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_recipes_content.js
@@ -0,0 +1,39 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Test filtering recipes in LoginRecipesContent.
+ */
+
+"use strict";
+
+Cu.importGlobalProperties(["URL"]);
+
+add_task(function* test_getFieldOverrides() {
+ let recipes = new Set([
+ { // path doesn't match but otherwise good
+ hosts: ["example.com:8080"],
+ passwordSelector: "#password",
+ pathRegex: /^\/$/,
+ usernameSelector: ".username",
+ },
+ { // match with no field overrides
+ hosts: ["example.com:8080"],
+ },
+ { // best match (field selectors + path match)
+ description: "best match",
+ hosts: ["a.invalid", "example.com:8080", "other.invalid"],
+ passwordSelector: "#password",
+ pathRegex: /^\/first\/second\/$/,
+ usernameSelector: ".username",
+ },
+ ]);
+
+ let form = MockDocument.createTestDocument("http://localhost:8080/first/second/", "<form>").
+ forms[0];
+ let override = LoginRecipesContent.getFieldOverrides(recipes, form);
+ Assert.strictEqual(override.description, "best match",
+ "Check the best field override recipe was returned");
+ Assert.strictEqual(override.usernameSelector, ".username", "Check usernameSelector");
+ Assert.strictEqual(override.passwordSelector, "#password", "Check passwordSelector");
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_removeLegacySignonFiles.js b/toolkit/components/passwordmgr/test/unit/test_removeLegacySignonFiles.js
new file mode 100644
index 000000000..51a107170
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_removeLegacySignonFiles.js
@@ -0,0 +1,69 @@
+/**
+ * Tests the LoginHelper object.
+ */
+
+"use strict";
+
+
+Cu.import("resource://gre/modules/Task.jsm");
+
+XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper",
+ "resource://gre/modules/LoginHelper.jsm");
+
+
+function* createSignonFile(singon) {
+ let {file, pref} = singon;
+
+ if (pref) {
+ Services.prefs.setCharPref(pref, file);
+ }
+
+ yield OS.File.writeAtomic(
+ OS.Path.join(OS.Constants.Path.profileDir, file), new Uint8Array(1));
+}
+
+function* isSignonClear(singon) {
+ const {file, pref} = singon;
+ const fileExists = yield OS.File.exists(
+ OS.Path.join(OS.Constants.Path.profileDir, file));
+
+ if (pref) {
+ try {
+ Services.prefs.getCharPref(pref);
+ return false;
+ } catch (e) {}
+ }
+
+ return !fileExists;
+}
+
+add_task(function* test_remove_lagecy_signonfile() {
+ // In the last test case, signons3.txt being deleted even when
+ // it doesn't exist.
+ const signonsSettings = [[
+ { file: "signons.txt" },
+ { file: "signons2.txt" },
+ { file: "signons3.txt" }
+ ], [
+ { file: "signons.txt", pref: "signon.SignonFileName" },
+ { file: "signons2.txt", pref: "signon.SignonFileName2" },
+ { file: "signons3.txt", pref: "signon.SignonFileName3" }
+ ], [
+ { file: "signons2.txt" },
+ { file: "singons.txt", pref: "signon.SignonFileName" },
+ { file: "customized2.txt", pref: "signon.SignonFileName2" },
+ { file: "customized3.txt", pref: "signon.SignonFileName3" }
+ ]];
+
+ for (let setting of signonsSettings) {
+ for (let singon of setting) {
+ yield createSignonFile(singon);
+ }
+
+ LoginHelper.removeLegacySignonFiles();
+
+ for (let singon of setting) {
+ equal(yield isSignonClear(singon), true);
+ }
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_search_schemeUpgrades.js b/toolkit/components/passwordmgr/test/unit/test_search_schemeUpgrades.js
new file mode 100644
index 000000000..3406becff
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_search_schemeUpgrades.js
@@ -0,0 +1,184 @@
+/*
+ * Test Services.logins.searchLogins with the `schemeUpgrades` property.
+ */
+
+const HTTP3_ORIGIN = "http://www3.example.com";
+const HTTPS_ORIGIN = "https://www.example.com";
+const HTTP_ORIGIN = "http://www.example.com";
+
+/**
+ * Returns a list of new nsILoginInfo objects that are a subset of the test
+ * data, built to match the specified query.
+ *
+ * @param {Object} aQuery
+ * Each property and value of this object restricts the search to those
+ * entries from the test data that match the property exactly.
+ */
+function buildExpectedLogins(aQuery) {
+ return TestData.loginList().filter(
+ entry => Object.keys(aQuery).every(name => {
+ if (name == "schemeUpgrades") {
+ return true;
+ }
+ if (["hostname", "formSubmitURL"].includes(name)) {
+ return LoginHelper.isOriginMatching(entry[name], aQuery[name], {
+ schemeUpgrades: aQuery.schemeUpgrades,
+ });
+ }
+ return entry[name] === aQuery[name];
+ }));
+}
+
+/**
+ * Tests the searchLogins function.
+ *
+ * @param {Object} aQuery
+ * Each property and value of this object is translated to an entry in
+ * the nsIPropertyBag parameter of searchLogins.
+ * @param {Number} aExpectedCount
+ * Number of logins from the test data that should be found. The actual
+ * list of logins is obtained using the buildExpectedLogins helper, and
+ * this value is just used to verify that modifications to the test data
+ * don't make the current test meaningless.
+ */
+function checkSearch(aQuery, aExpectedCount) {
+ do_print("Testing searchLogins for " + JSON.stringify(aQuery));
+
+ let expectedLogins = buildExpectedLogins(aQuery);
+ do_check_eq(expectedLogins.length, aExpectedCount);
+
+ let outCount = {};
+ let logins = Services.logins.searchLogins(outCount, newPropertyBag(aQuery));
+ do_check_eq(outCount.value, expectedLogins.length);
+ LoginTestUtils.assertLoginListsEqual(logins, expectedLogins);
+}
+
+/**
+ * Prepare data for the following tests.
+ */
+add_task(function test_initialize() {
+ for (let login of TestData.loginList()) {
+ Services.logins.addLogin(login);
+ }
+});
+
+/**
+ * Tests searchLogins with the `schemeUpgrades` property
+ */
+add_task(function test_search_schemeUpgrades_hostname() {
+ // Hostname-only
+ checkSearch({
+ hostname: HTTPS_ORIGIN,
+ }, 1);
+ checkSearch({
+ hostname: HTTPS_ORIGIN,
+ schemeUpgrades: false,
+ }, 1);
+ checkSearch({
+ hostname: HTTPS_ORIGIN,
+ schemeUpgrades: undefined,
+ }, 1);
+ checkSearch({
+ hostname: HTTPS_ORIGIN,
+ schemeUpgrades: true,
+ }, 2);
+});
+
+/**
+ * Same as above but replacing hostname with formSubmitURL.
+ */
+add_task(function test_search_schemeUpgrades_formSubmitURL() {
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ }, 2);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ schemeUpgrades: false,
+ }, 2);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ schemeUpgrades: undefined,
+ }, 2);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ schemeUpgrades: true,
+ }, 4);
+});
+
+
+add_task(function test_search_schemeUpgrades_hostname_formSubmitURL() {
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTPS_ORIGIN,
+ }, 1);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTPS_ORIGIN,
+ schemeUpgrades: false,
+ }, 1);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTPS_ORIGIN,
+ schemeUpgrades: undefined,
+ }, 1);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTPS_ORIGIN,
+ schemeUpgrades: true,
+ }, 2);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTPS_ORIGIN,
+ schemeUpgrades: true,
+ usernameField: "form_field_username",
+ }, 2);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTPS_ORIGIN,
+ passwordField: "form_field_password",
+ schemeUpgrades: true,
+ usernameField: "form_field_username",
+ }, 2);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTPS_ORIGIN,
+ httpRealm: null,
+ passwordField: "form_field_password",
+ schemeUpgrades: true,
+ usernameField: "form_field_username",
+ }, 2);
+});
+
+/**
+ * HTTP submitting to HTTPS
+ */
+add_task(function test_http_to_https() {
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTP3_ORIGIN,
+ httpRealm: null,
+ schemeUpgrades: false,
+ }, 1);
+ checkSearch({
+ formSubmitURL: HTTPS_ORIGIN,
+ hostname: HTTP3_ORIGIN,
+ httpRealm: null,
+ schemeUpgrades: true,
+ }, 2);
+});
+
+/**
+ * schemeUpgrades shouldn't cause downgrades
+ */
+add_task(function test_search_schemeUpgrades_downgrade() {
+ checkSearch({
+ formSubmitURL: HTTP_ORIGIN,
+ hostname: HTTP_ORIGIN,
+ }, 1);
+ do_print("The same number should be found with schemeUpgrades since we're searching for HTTP");
+ checkSearch({
+ formSubmitURL: HTTP_ORIGIN,
+ hostname: HTTP_ORIGIN,
+ schemeUpgrades: true,
+ }, 1);
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_storage.js b/toolkit/components/passwordmgr/test/unit/test_storage.js
new file mode 100644
index 000000000..d65516d9b
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_storage.js
@@ -0,0 +1,102 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests that the default nsILoginManagerStorage module attached to the Login
+ * Manager service is able to save and reload nsILoginInfo properties correctly,
+ * even when they include special characters.
+ */
+
+"use strict";
+
+// Globals
+
+function* reloadAndCheckLoginsGen(aExpectedLogins)
+{
+ yield LoginTestUtils.reloadData();
+ LoginTestUtils.checkLogins(aExpectedLogins);
+ LoginTestUtils.clearData();
+}
+
+// Tests
+
+/**
+ * Tests addLogin with valid non-ASCII characters.
+ */
+add_task(function* test_storage_addLogin_nonascii()
+{
+ let hostname = "http://" + String.fromCharCode(355) + ".example.com";
+
+ // Store the strings "user" and "pass" using similarly looking glyphs.
+ let loginInfo = TestData.formLogin({
+ hostname: hostname,
+ formSubmitURL: hostname,
+ username: String.fromCharCode(533, 537, 7570, 345),
+ password: String.fromCharCode(421, 259, 349, 537),
+ usernameField: "field_" + String.fromCharCode(533, 537, 7570, 345),
+ passwordField: "field_" + String.fromCharCode(421, 259, 349, 537),
+ });
+ Services.logins.addLogin(loginInfo);
+ yield* reloadAndCheckLoginsGen([loginInfo]);
+
+ // Store the string "test" using similarly looking glyphs.
+ loginInfo = TestData.authLogin({
+ httpRealm: String.fromCharCode(355, 277, 349, 357),
+ });
+ Services.logins.addLogin(loginInfo);
+ yield* reloadAndCheckLoginsGen([loginInfo]);
+});
+
+/**
+ * Tests addLogin with newline characters in the username and password.
+ */
+add_task(function* test_storage_addLogin_newlines()
+{
+ let loginInfo = TestData.formLogin({
+ username: "user\r\nname",
+ password: "password\r\n",
+ });
+ Services.logins.addLogin(loginInfo);
+ yield* reloadAndCheckLoginsGen([loginInfo]);
+});
+
+/**
+ * Tests addLogin with a single dot in fields where it is allowed.
+ *
+ * These tests exist to verify the legacy "signons.txt" storage format.
+ */
+add_task(function* test_storage_addLogin_dot()
+{
+ let loginInfo = TestData.formLogin({ hostname: ".", passwordField: "." });
+ Services.logins.addLogin(loginInfo);
+ yield* reloadAndCheckLoginsGen([loginInfo]);
+
+ loginInfo = TestData.authLogin({ httpRealm: "." });
+ Services.logins.addLogin(loginInfo);
+ yield* reloadAndCheckLoginsGen([loginInfo]);
+});
+
+/**
+ * Tests addLogin with parentheses in hostnames.
+ *
+ * These tests exist to verify the legacy "signons.txt" storage format.
+ */
+add_task(function* test_storage_addLogin_parentheses()
+{
+ let loginList = [
+ TestData.authLogin({ httpRealm: "(realm" }),
+ TestData.authLogin({ httpRealm: "realm)" }),
+ TestData.authLogin({ httpRealm: "(realm)" }),
+ TestData.authLogin({ httpRealm: ")realm(" }),
+ TestData.authLogin({ hostname: "http://parens(.example.com" }),
+ TestData.authLogin({ hostname: "http://parens).example.com" }),
+ TestData.authLogin({ hostname: "http://parens(example).example.com" }),
+ TestData.authLogin({ hostname: "http://parens)example(.example.com" }),
+ ];
+ for (let loginInfo of loginList) {
+ Services.logins.addLogin(loginInfo);
+ }
+ yield* reloadAndCheckLoginsGen(loginList);
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_storage_mozStorage.js b/toolkit/components/passwordmgr/test/unit/test_storage_mozStorage.js
new file mode 100644
index 000000000..8eab6efe5
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_storage_mozStorage.js
@@ -0,0 +1,507 @@
+/*
+ * This test interfaces directly with the mozStorage password storage module,
+ * bypassing the normal password manager usage.
+ */
+
+
+const ENCTYPE_BASE64 = 0;
+const ENCTYPE_SDR = 1;
+const PERMISSION_SAVE_LOGINS = "login-saving";
+
+// Current schema version used by storage-mozStorage.js. This will need to be
+// kept in sync with the version there (or else the tests fail).
+const CURRENT_SCHEMA = 6;
+
+function* copyFile(aLeafName)
+{
+ yield OS.File.copy(OS.Path.join(do_get_file("data").path, aLeafName),
+ OS.Path.join(OS.Constants.Path.profileDir, aLeafName));
+}
+
+function openDB(aLeafName)
+{
+ var dbFile = new FileUtils.File(OS.Constants.Path.profileDir);
+ dbFile.append(aLeafName);
+
+ return Services.storage.openDatabase(dbFile);
+}
+
+function deleteFile(pathname, filename)
+{
+ var file = new FileUtils.File(pathname);
+ file.append(filename);
+
+ // Suppress failures, this happens in the mozstorage tests on Windows
+ // because the module may still be holding onto the DB. (We don't
+ // have a way to explicitly shutdown/GC the module).
+ try {
+ if (file.exists())
+ file.remove(false);
+ } catch (e) {}
+}
+
+function reloadStorage(aInputPathName, aInputFileName)
+{
+ var inputFile = null;
+ if (aInputFileName) {
+ inputFile = Cc["@mozilla.org/file/local;1"].
+ createInstance(Ci.nsILocalFile);
+ inputFile.initWithPath(aInputPathName);
+ inputFile.append(aInputFileName);
+ }
+
+ let storage = Cc["@mozilla.org/login-manager/storage/mozStorage;1"]
+ .createInstance(Ci.nsILoginManagerStorage);
+ storage.QueryInterface(Ci.nsIInterfaceRequestor)
+ .getInterface(Ci.nsIVariant)
+ .initWithFile(inputFile);
+
+ return storage;
+}
+
+function checkStorageData(storage, ref_disabledHosts, ref_logins)
+{
+ LoginTestUtils.assertLoginListsEqual(storage.getAllLogins(), ref_logins);
+ LoginTestUtils.assertDisabledHostsEqual(getAllDisabledHostsFromPermissionManager(),
+ ref_disabledHosts);
+}
+
+function getAllDisabledHostsFromPermissionManager() {
+ let disabledHosts = [];
+ let enumerator = Services.perms.enumerator;
+
+ while (enumerator.hasMoreElements()) {
+ let perm = enumerator.getNext();
+ if (perm.type == PERMISSION_SAVE_LOGINS && perm.capability == Services.perms.DENY_ACTION) {
+ disabledHosts.push(perm.principal.URI.prePath);
+ }
+ }
+
+ return disabledHosts;
+}
+
+function setLoginSavingEnabled(origin, enabled) {
+ let uri = Services.io.newURI(origin, null, null);
+
+ if (enabled) {
+ Services.perms.remove(uri, PERMISSION_SAVE_LOGINS);
+ } else {
+ Services.perms.add(uri, PERMISSION_SAVE_LOGINS, Services.perms.DENY_ACTION);
+ }
+}
+
+add_task(function* test_execute()
+{
+
+const OUTDIR = OS.Constants.Path.profileDir;
+
+try {
+
+var isGUID = /^\{[0-9a-f\d]{8}-[0-9a-f\d]{4}-[0-9a-f\d]{4}-[0-9a-f\d]{4}-[0-9a-f\d]{12}\}$/;
+function getGUIDforID(conn, id) {
+ var stmt = conn.createStatement("SELECT guid from moz_logins WHERE id = " + id);
+ stmt.executeStep();
+ var guid = stmt.getString(0);
+ stmt.finalize();
+ return guid;
+}
+
+function getEncTypeForID(conn, id) {
+ var stmt = conn.createStatement("SELECT encType from moz_logins WHERE id = " + id);
+ stmt.executeStep();
+ var encType = stmt.row.encType;
+ stmt.finalize();
+ return encType;
+}
+
+function getAllDisabledHostsFromMozStorage(conn) {
+ let disabledHosts = [];
+ let stmt = conn.createStatement("SELECT hostname from moz_disabledHosts");
+
+ while (stmt.executeStep()) {
+ disabledHosts.push(stmt.row.hostname);
+ }
+
+ return disabledHosts;
+}
+
+var storage;
+var dbConnection;
+var testnum = 0;
+var testdesc = "Setup of nsLoginInfo test-users";
+var nsLoginInfo = new Components.Constructor(
+ "@mozilla.org/login-manager/loginInfo;1",
+ Components.interfaces.nsILoginInfo);
+do_check_true(nsLoginInfo != null);
+
+var testuser1 = new nsLoginInfo;
+testuser1.init("http://test.com", "http://test.com", null,
+ "testuser1", "testpass1", "u1", "p1");
+var testuser1B = new nsLoginInfo;
+testuser1B.init("http://test.com", "http://test.com", null,
+ "testuser1B", "testpass1B", "u1", "p1");
+var testuser2 = new nsLoginInfo;
+testuser2.init("http://test.org", "http://test.org", null,
+ "testuser2", "testpass2", "u2", "p2");
+var testuser3 = new nsLoginInfo;
+testuser3.init("http://test.gov", "http://test.gov", null,
+ "testuser3", "testpass3", "u3", "p3");
+var testuser4 = new nsLoginInfo;
+testuser4.init("http://test.gov", "http://test.gov", null,
+ "testuser1", "testpass2", "u4", "p4");
+var testuser5 = new nsLoginInfo;
+testuser5.init("http://test.gov", "http://test.gov", null,
+ "testuser2", "testpass1", "u5", "p5");
+
+
+/* ========== 1 ========== */
+testnum++;
+testdesc = "Test downgrade from v999 storage";
+
+yield* copyFile("signons-v999.sqlite");
+// Verify the schema version in the test file.
+dbConnection = openDB("signons-v999.sqlite");
+do_check_eq(999, dbConnection.schemaVersion);
+dbConnection.close();
+
+storage = reloadStorage(OUTDIR, "signons-v999.sqlite");
+setLoginSavingEnabled("https://disabled.net", false);
+checkStorageData(storage, ["https://disabled.net"], [testuser1]);
+
+// Check to make sure we downgraded the schema version.
+dbConnection = openDB("signons-v999.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+dbConnection.close();
+
+deleteFile(OUTDIR, "signons-v999.sqlite");
+
+/* ========== 2 ========== */
+testnum++;
+testdesc = "Test downgrade from incompat v999 storage";
+// This file has a testuser999/testpass999, but is missing an expected column
+
+var origFile = OS.Path.join(OUTDIR, "signons-v999-2.sqlite");
+var failFile = OS.Path.join(OUTDIR, "signons-v999-2.sqlite.corrupt");
+
+// Make sure we always start clean in a clean state.
+yield* copyFile("signons-v999-2.sqlite");
+yield OS.File.remove(failFile);
+
+Assert.throws(() => reloadStorage(OUTDIR, "signons-v999-2.sqlite"),
+ /Initialization failed/);
+
+// Check to ensure the DB file was renamed to .corrupt.
+do_check_false(yield OS.File.exists(origFile));
+do_check_true(yield OS.File.exists(failFile));
+
+yield OS.File.remove(failFile);
+
+/* ========== 3 ========== */
+testnum++;
+testdesc = "Test upgrade from v1->v2 storage";
+
+yield* copyFile("signons-v1.sqlite");
+// Sanity check the test file.
+dbConnection = openDB("signons-v1.sqlite");
+do_check_eq(1, dbConnection.schemaVersion);
+dbConnection.close();
+
+storage = reloadStorage(OUTDIR, "signons-v1.sqlite");
+checkStorageData(storage, ["https://disabled.net"], [testuser1, testuser2]);
+
+// Check to see that we added a GUIDs to the logins.
+dbConnection = openDB("signons-v1.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+var guid = getGUIDforID(dbConnection, 1);
+do_check_true(isGUID.test(guid));
+guid = getGUIDforID(dbConnection, 2);
+do_check_true(isGUID.test(guid));
+dbConnection.close();
+
+deleteFile(OUTDIR, "signons-v1.sqlite");
+
+/* ========== 4 ========== */
+testnum++;
+testdesc = "Test upgrade v2->v1 storage";
+// This is the case where a v2 DB has been accessed with v1 code, and now we
+// are upgrading it again. Any logins added by the v1 code must be properly
+// upgraded.
+
+yield* copyFile("signons-v1v2.sqlite");
+// Sanity check the test file.
+dbConnection = openDB("signons-v1v2.sqlite");
+do_check_eq(1, dbConnection.schemaVersion);
+dbConnection.close();
+
+storage = reloadStorage(OUTDIR, "signons-v1v2.sqlite");
+checkStorageData(storage, ["https://disabled.net"], [testuser1, testuser2, testuser3]);
+
+// While we're here, try modifying a login, to ensure that doing so doesn't
+// change the existing GUID.
+storage.modifyLogin(testuser1, testuser1B);
+checkStorageData(storage, ["https://disabled.net"], [testuser1B, testuser2, testuser3]);
+
+// Check the GUIDs. Logins 1 and 2 should retain their original GUID, login 3
+// should have one created (because it didn't have one previously).
+dbConnection = openDB("signons-v1v2.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+guid = getGUIDforID(dbConnection, 1);
+do_check_eq("{655c7358-f1d6-6446-adab-53f98ac5d80f}", guid);
+guid = getGUIDforID(dbConnection, 2);
+do_check_eq("{13d9bfdc-572a-4d4e-9436-68e9803e84c1}", guid);
+guid = getGUIDforID(dbConnection, 3);
+do_check_true(isGUID.test(guid));
+dbConnection.close();
+
+deleteFile(OUTDIR, "signons-v1v2.sqlite");
+
+/* ========== 5 ========== */
+testnum++;
+testdesc = "Test upgrade from v2->v3 storage";
+
+yield* copyFile("signons-v2.sqlite");
+// Sanity check the test file.
+dbConnection = openDB("signons-v2.sqlite");
+do_check_eq(2, dbConnection.schemaVersion);
+
+storage = reloadStorage(OUTDIR, "signons-v2.sqlite");
+
+// Check to see that we added the correct encType to the logins.
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+var encTypes = [ENCTYPE_BASE64, ENCTYPE_SDR, ENCTYPE_BASE64, ENCTYPE_BASE64];
+for (let i = 0; i < encTypes.length; i++)
+ do_check_eq(encTypes[i], getEncTypeForID(dbConnection, i + 1));
+dbConnection.close();
+
+// There are 4 logins, but 3 will be invalid because we can no longer decrypt
+// base64-encoded items. (testuser1/4/5)
+checkStorageData(storage, ["https://disabled.net"],
+ [testuser2]);
+
+deleteFile(OUTDIR, "signons-v2.sqlite");
+
+/* ========== 6 ========== */
+testnum++;
+testdesc = "Test upgrade v3->v2 storage";
+// This is the case where a v3 DB has been accessed with v2 code, and now we
+// are upgrading it again. Any logins added by the v2 code must be properly
+// upgraded.
+
+yield* copyFile("signons-v2v3.sqlite");
+// Sanity check the test file.
+dbConnection = openDB("signons-v2v3.sqlite");
+do_check_eq(2, dbConnection.schemaVersion);
+encTypes = [ENCTYPE_BASE64, ENCTYPE_SDR, ENCTYPE_BASE64, ENCTYPE_BASE64, null];
+for (let i = 0; i < encTypes.length; i++)
+ do_check_eq(encTypes[i], getEncTypeForID(dbConnection, i + 1));
+
+// Reload storage, check that the new login now has encType=1, others untouched
+storage = reloadStorage(OUTDIR, "signons-v2v3.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+
+encTypes = [ENCTYPE_BASE64, ENCTYPE_SDR, ENCTYPE_BASE64, ENCTYPE_BASE64, ENCTYPE_SDR];
+for (let i = 0; i < encTypes.length; i++)
+ do_check_eq(encTypes[i], getEncTypeForID(dbConnection, i + 1));
+
+// Sanity check that the data gets migrated
+// There are 5 logins, but 3 will be invalid because we can no longer decrypt
+// base64-encoded items. (testuser1/4/5). We no longer reencrypt with SDR.
+checkStorageData(storage, ["https://disabled.net"], [testuser2, testuser3]);
+encTypes = [ENCTYPE_BASE64, ENCTYPE_SDR, ENCTYPE_BASE64, ENCTYPE_BASE64, ENCTYPE_SDR];
+for (let i = 0; i < encTypes.length; i++)
+ do_check_eq(encTypes[i], getEncTypeForID(dbConnection, i + 1));
+dbConnection.close();
+
+deleteFile(OUTDIR, "signons-v2v3.sqlite");
+
+
+/* ========== 7 ========== */
+testnum++;
+testdesc = "Test upgrade from v3->v4 storage";
+
+yield* copyFile("signons-v3.sqlite");
+// Sanity check the test file.
+dbConnection = openDB("signons-v3.sqlite");
+do_check_eq(3, dbConnection.schemaVersion);
+
+storage = reloadStorage(OUTDIR, "signons-v3.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+
+// Remove old entry from permission manager.
+setLoginSavingEnabled("https://disabled.net", true);
+
+// Check that timestamps and counts were initialized correctly
+checkStorageData(storage, [], [testuser1, testuser2]);
+
+var logins = storage.getAllLogins();
+for (var i = 0; i < 2; i++) {
+ do_check_true(logins[i] instanceof Ci.nsILoginMetaInfo);
+ do_check_eq(1, logins[i].timesUsed);
+ LoginTestUtils.assertTimeIsAboutNow(logins[i].timeCreated);
+ LoginTestUtils.assertTimeIsAboutNow(logins[i].timeLastUsed);
+ LoginTestUtils.assertTimeIsAboutNow(logins[i].timePasswordChanged);
+}
+
+/* ========== 8 ========== */
+testnum++;
+testdesc = "Test upgrade from v3->v4->v3 storage";
+
+yield* copyFile("signons-v3v4.sqlite");
+// Sanity check the test file.
+dbConnection = openDB("signons-v3v4.sqlite");
+do_check_eq(3, dbConnection.schemaVersion);
+
+storage = reloadStorage(OUTDIR, "signons-v3v4.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+
+// testuser1 already has timestamps, testuser2 does not.
+checkStorageData(storage, [], [testuser1, testuser2]);
+
+logins = storage.getAllLogins();
+
+var t1, t2;
+if (logins[0].username == "testuser1") {
+ t1 = logins[0];
+ t2 = logins[1];
+} else {
+ t1 = logins[1];
+ t2 = logins[0];
+}
+
+do_check_true(t1 instanceof Ci.nsILoginMetaInfo);
+do_check_true(t2 instanceof Ci.nsILoginMetaInfo);
+
+do_check_eq(9, t1.timesUsed);
+do_check_eq(1262049951275, t1.timeCreated);
+do_check_eq(1262049951275, t1.timeLastUsed);
+do_check_eq(1262049951275, t1.timePasswordChanged);
+
+do_check_eq(1, t2.timesUsed);
+LoginTestUtils.assertTimeIsAboutNow(t2.timeCreated);
+LoginTestUtils.assertTimeIsAboutNow(t2.timeLastUsed);
+LoginTestUtils.assertTimeIsAboutNow(t2.timePasswordChanged);
+
+
+/* ========== 9 ========== */
+testnum++;
+testdesc = "Test upgrade from v4 storage";
+
+yield* copyFile("signons-v4.sqlite");
+// Sanity check the test file.
+dbConnection = openDB("signons-v4.sqlite");
+do_check_eq(4, dbConnection.schemaVersion);
+do_check_false(dbConnection.tableExists("moz_deleted_logins"));
+
+storage = reloadStorage(OUTDIR, "signons-v4.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+do_check_true(dbConnection.tableExists("moz_deleted_logins"));
+
+
+/* ========== 10 ========== */
+testnum++;
+testdesc = "Test upgrade from v4->v5->v4 storage";
+
+yield copyFile("signons-v4v5.sqlite");
+// Sanity check the test file.
+dbConnection = openDB("signons-v4v5.sqlite");
+do_check_eq(4, dbConnection.schemaVersion);
+do_check_true(dbConnection.tableExists("moz_deleted_logins"));
+
+storage = reloadStorage(OUTDIR, "signons-v4v5.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+do_check_true(dbConnection.tableExists("moz_deleted_logins"));
+
+/* ========== 11 ========== */
+testnum++;
+testdesc = "Test upgrade from v5->v6 storage";
+
+yield* copyFile("signons-v5v6.sqlite");
+
+// Sanity check the test file.
+dbConnection = openDB("signons-v5v6.sqlite");
+do_check_eq(5, dbConnection.schemaVersion);
+do_check_true(dbConnection.tableExists("moz_disabledHosts"));
+
+// Initial disabled hosts inside signons-v5v6.sqlite
+var disabledHosts = [
+ "http://disabled1.example.com",
+ "http://大.net",
+ "http://xn--19g.com"
+];
+
+LoginTestUtils.assertDisabledHostsEqual(disabledHosts, getAllDisabledHostsFromMozStorage(dbConnection));
+
+// Reload storage
+storage = reloadStorage(OUTDIR, "signons-v5v6.sqlite");
+do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion);
+
+// moz_disabledHosts should now be empty after migration.
+LoginTestUtils.assertDisabledHostsEqual([], getAllDisabledHostsFromMozStorage(dbConnection));
+
+// Get all the other hosts currently saved in the permission manager.
+let hostsInPermissionManager = getAllDisabledHostsFromPermissionManager();
+
+// All disabledHosts should have migrated to the permission manager
+LoginTestUtils.assertDisabledHostsEqual(disabledHosts, hostsInPermissionManager);
+
+// Remove all disabled hosts from the permission manager before test ends
+for (let host of disabledHosts) {
+ setLoginSavingEnabled(host, true);
+}
+
+/* ========== 12 ========== */
+testnum++;
+testdesc = "Create nsILoginInfo instances for testing with";
+
+testuser1 = new nsLoginInfo;
+testuser1.init("http://dummyhost.mozilla.org", "", null,
+ "dummydude", "itsasecret", "put_user_here", "put_pw_here");
+
+
+/*
+ * ---------------------- DB Corruption ----------------------
+ * Try to initialize with a corrupt database file. This should create a backup
+ * file, then upon next use create a new database file.
+ */
+
+/* ========== 13 ========== */
+testnum++;
+testdesc = "Corrupt database and backup";
+
+const filename = "signons-c.sqlite";
+const filepath = OS.Path.join(OS.Constants.Path.profileDir, filename);
+
+yield OS.File.copy(do_get_file("data/corruptDB.sqlite").path, filepath);
+
+// will init mozStorage module with corrupt database, init should fail
+Assert.throws(
+ () => reloadStorage(OS.Constants.Path.profileDir, filename),
+ /Initialization failed/);
+
+// check that the backup file exists
+do_check_true(yield OS.File.exists(filepath + ".corrupt"));
+
+// check that the original corrupt file has been deleted
+do_check_false(yield OS.File.exists(filepath));
+
+// initialize the storage module again
+storage = reloadStorage(OS.Constants.Path.profileDir, filename);
+
+// use the storage module again, should work now
+storage.addLogin(testuser1);
+checkStorageData(storage, [], [testuser1]);
+
+// check the file exists
+var file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsILocalFile);
+file.initWithPath(OS.Constants.Path.profileDir);
+file.append(filename);
+do_check_true(file.exists());
+
+deleteFile(OS.Constants.Path.profileDir, filename + ".corrupt");
+deleteFile(OS.Constants.Path.profileDir, filename);
+
+} catch (e) {
+ throw new Error("FAILED in test #" + testnum + " -- " + testdesc + ": " + e);
+}
+
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_telemetry.js b/toolkit/components/passwordmgr/test/unit/test_telemetry.js
new file mode 100644
index 000000000..1d8f80226
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_telemetry.js
@@ -0,0 +1,187 @@
+/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+/**
+ * Tests the statistics and other counters reported through telemetry.
+ */
+
+"use strict";
+
+// Globals
+
+const MS_PER_DAY = 24 * 60 * 60 * 1000;
+
+// To prevent intermittent failures when the test is executed at a time that is
+// very close to a day boundary, we make it deterministic by using a static
+// reference date for all the time-based statistics.
+const gReferenceTimeMs = new Date("2000-01-01T00:00:00").getTime();
+
+// Returns a milliseconds value to use with nsILoginMetaInfo properties, falling
+// approximately in the middle of the specified number of days before the
+// reference time, where zero days indicates a time within the past 24 hours.
+var daysBeforeMs = days => gReferenceTimeMs - (days + 0.5) * MS_PER_DAY;
+
+/**
+ * Contains metadata that will be attached to test logins in order to verify
+ * that the statistics collection is working properly. Most properties of the
+ * logins are initialized to the default test values already.
+ *
+ * If you update this data or any of the telemetry histograms it checks, you'll
+ * probably need to update the expected statistics in the test below.
+ */
+const StatisticsTestData = [
+ {
+ timeLastUsed: daysBeforeMs(0),
+ },
+ {
+ timeLastUsed: daysBeforeMs(1),
+ },
+ {
+ timeLastUsed: daysBeforeMs(7),
+ formSubmitURL: null,
+ httpRealm: "The HTTP Realm",
+ },
+ {
+ username: "",
+ timeLastUsed: daysBeforeMs(7),
+ },
+ {
+ username: "",
+ timeLastUsed: daysBeforeMs(30),
+ },
+ {
+ username: "",
+ timeLastUsed: daysBeforeMs(31),
+ },
+ {
+ timeLastUsed: daysBeforeMs(365),
+ },
+ {
+ username: "",
+ timeLastUsed: daysBeforeMs(366),
+ },
+ {
+ // If the login was saved in the future, it is ignored for statistiscs.
+ timeLastUsed: daysBeforeMs(-1),
+ },
+ {
+ timeLastUsed: daysBeforeMs(1000),
+ },
+];
+
+/**
+ * Triggers the collection of those statistics that are not accumulated each
+ * time an action is taken, but are a static snapshot of the current state.
+ */
+function triggerStatisticsCollection() {
+ Services.obs.notifyObservers(null, "gather-telemetry", "" + gReferenceTimeMs);
+}
+
+/**
+ * Tests the telemetry histogram with the given ID contains only the specified
+ * non-zero ranges, expressed in the format { range1: value1, range2: value2 }.
+ */
+function testHistogram(histogramId, expectedNonZeroRanges) {
+ let snapshot = Services.telemetry.getHistogramById(histogramId).snapshot();
+
+ // Compute the actual ranges in the format { range1: value1, range2: value2 }.
+ let actualNonZeroRanges = {};
+ for (let [index, range] of snapshot.ranges.entries()) {
+ let value = snapshot.counts[index];
+ if (value > 0) {
+ actualNonZeroRanges[range] = value;
+ }
+ }
+
+ // These are stringified to visualize the differences between the values.
+ do_print("Testing histogram: " + histogramId);
+ do_check_eq(JSON.stringify(actualNonZeroRanges),
+ JSON.stringify(expectedNonZeroRanges));
+}
+
+// Tests
+
+/**
+ * Enable local telemetry recording for the duration of the tests, and prepare
+ * the test data that will be used by the following tests.
+ */
+add_task(function test_initialize() {
+ let oldCanRecord = Services.telemetry.canRecordExtended;
+ Services.telemetry.canRecordExtended = true;
+ do_register_cleanup(function () {
+ Services.telemetry.canRecordExtended = oldCanRecord;
+ });
+
+ let uniqueNumber = 1;
+ for (let loginModifications of StatisticsTestData) {
+ loginModifications.hostname = `http://${uniqueNumber++}.example.com`;
+ Services.logins.addLogin(TestData.formLogin(loginModifications));
+ }
+});
+
+/**
+ * Tests the collection of statistics related to login metadata.
+ */
+add_task(function test_logins_statistics() {
+ // Repeat the operation twice to test that histograms are not accumulated.
+ for (let repeating of [false, true]) {
+ triggerStatisticsCollection();
+
+ // Should record 1 in the bucket corresponding to the number of passwords.
+ testHistogram("PWMGR_NUM_SAVED_PASSWORDS",
+ { 10: 1 });
+
+ // Should record 1 in the bucket corresponding to the number of passwords.
+ testHistogram("PWMGR_NUM_HTTPAUTH_PASSWORDS",
+ { 1: 1 });
+
+ // For each saved login, should record 1 in the bucket corresponding to the
+ // age in days since the login was last used.
+ testHistogram("PWMGR_LOGIN_LAST_USED_DAYS",
+ { 0: 1, 1: 1, 7: 2, 29: 2, 356: 2, 750: 1 });
+
+ // Should record the number of logins without a username in bucket 0, and
+ // the number of logins with a username in bucket 1.
+ testHistogram("PWMGR_USERNAME_PRESENT",
+ { 0: 4, 1: 6 });
+ }
+});
+
+/**
+ * Tests the collection of statistics related to hosts for which passowrd saving
+ * has been explicitly disabled.
+ */
+add_task(function test_disabledHosts_statistics() {
+ // Should record 1 in the bucket corresponding to the number of sites for
+ // which password saving is disabled.
+ Services.logins.setLoginSavingEnabled("http://www.example.com", false);
+ triggerStatisticsCollection();
+ testHistogram("PWMGR_BLOCKLIST_NUM_SITES", { 1: 1 });
+
+ Services.logins.setLoginSavingEnabled("http://www.example.com", true);
+ triggerStatisticsCollection();
+ testHistogram("PWMGR_BLOCKLIST_NUM_SITES", { 0: 1 });
+});
+
+/**
+ * Tests the collection of statistics related to general settings.
+ */
+add_task(function test_settings_statistics() {
+ let oldRememberSignons = Services.prefs.getBoolPref("signon.rememberSignons");
+ do_register_cleanup(function () {
+ Services.prefs.setBoolPref("signon.rememberSignons", oldRememberSignons);
+ });
+
+ // Repeat the operation twice per value to test that histograms are reset.
+ for (let remember of [false, true, false, true]) {
+ // This change should be observed immediately by the login service.
+ Services.prefs.setBoolPref("signon.rememberSignons", remember);
+
+ triggerStatisticsCollection();
+
+ // Should record 1 in either bucket 0 or bucket 1 based on the preference.
+ testHistogram("PWMGR_SAVING_ENABLED", remember ? { 1: 1 } : { 0: 1 });
+ }
+});
diff --git a/toolkit/components/passwordmgr/test/unit/test_user_autocomplete_result.js b/toolkit/components/passwordmgr/test/unit/test_user_autocomplete_result.js
new file mode 100644
index 000000000..e1d250a76
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/test_user_autocomplete_result.js
@@ -0,0 +1,488 @@
+XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper",
+ "resource://gre/modules/LoginHelper.jsm");
+Cu.import("resource://gre/modules/LoginManagerContent.jsm");
+var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1",
+ Ci.nsILoginInfo, "init");
+
+const PREF_INSECURE_FIELD_WARNING_ENABLED = "security.insecure_field_warning.contextual.enabled";
+const PREF_INSECURE_AUTOFILLFORMS_ENABLED = "signon.autofillForms.http";
+
+let matchingLogins = [];
+matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "", "emptypass1", "uname", "pword"));
+
+matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "tempuser1", "temppass1", "uname", "pword"));
+
+matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "testuser2", "testpass2", "uname", "pword"));
+
+matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "testuser3", "testpass3", "uname", "pword"));
+
+matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null,
+ "zzzuser4", "zzzpass4", "uname", "pword"));
+
+let meta = matchingLogins[0].QueryInterface(Ci.nsILoginMetaInfo);
+let dateAndTimeFormatter = new Intl.DateTimeFormat(undefined,
+ { day: "numeric", month: "short", year: "numeric" });
+let time = dateAndTimeFormatter.format(new Date(meta.timePasswordChanged));
+const LABEL_NO_USERNAME = "No username (" + time + ")";
+
+let expectedResults = [
+ {
+ insecureFieldWarningEnabled: true,
+ insecureAutoFillFormsEnabled: true,
+ isSecure: true,
+ isPasswordField: false,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "tempuser1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testuser2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testuser3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzuser4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: true,
+ insecureAutoFillFormsEnabled: true,
+ isSecure: false,
+ isPasswordField: false,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: "This connection is not secure. Logins entered here could be compromised. Learn More",
+ style: "insecureWarning"
+ }, {
+ value: "",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "tempuser1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testuser2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testuser3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzuser4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: true,
+ insecureAutoFillFormsEnabled: true,
+ isSecure: true,
+ isPasswordField: true,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "emptypass1",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "temppass1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testpass2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testpass3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzpass4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: true,
+ insecureAutoFillFormsEnabled: true,
+ isSecure: false,
+ isPasswordField: true,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: "This connection is not secure. Logins entered here could be compromised. Learn More",
+ style: "insecureWarning"
+ }, {
+ value: "emptypass1",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "temppass1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testpass2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testpass3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzpass4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: false,
+ insecureAutoFillFormsEnabled: true,
+ isSecure: true,
+ isPasswordField: false,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "tempuser1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testuser2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testuser3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzuser4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: false,
+ insecureAutoFillFormsEnabled: true,
+ isSecure: false,
+ isPasswordField: false,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "tempuser1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testuser2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testuser3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzuser4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: false,
+ insecureAutoFillFormsEnabled: true,
+ isSecure: true,
+ isPasswordField: true,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "emptypass1",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "temppass1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testpass2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testpass3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzpass4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: false,
+ insecureAutoFillFormsEnabled: true,
+ isSecure: false,
+ isPasswordField: true,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "emptypass1",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "temppass1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testpass2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testpass3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzpass4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: true,
+ insecureAutoFillFormsEnabled: false,
+ isSecure: true,
+ isPasswordField: false,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "tempuser1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testuser2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testuser3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzuser4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: true,
+ insecureAutoFillFormsEnabled: false,
+ isSecure: false,
+ isPasswordField: false,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: "This connection is not secure. Logins entered here could be compromised. Learn More",
+ style: "insecureWarning"
+ }, {
+ value: "",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "tempuser1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testuser2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testuser3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzuser4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: true,
+ insecureAutoFillFormsEnabled: false,
+ isSecure: true,
+ isPasswordField: true,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "emptypass1",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "temppass1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testpass2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testpass3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzpass4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: true,
+ insecureAutoFillFormsEnabled: false,
+ isSecure: false,
+ isPasswordField: true,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: "This connection is not secure. Logins entered here could be compromised. Learn More",
+ style: "insecureWarning"
+ }, {
+ value: "emptypass1",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "temppass1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testpass2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testpass3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzpass4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: false,
+ insecureAutoFillFormsEnabled: false,
+ isSecure: true,
+ isPasswordField: false,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "tempuser1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testuser2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testuser3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzuser4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: false,
+ insecureAutoFillFormsEnabled: false,
+ isSecure: false,
+ isPasswordField: false,
+ matchingLogins: matchingLogins,
+ items: []
+ },
+ {
+ insecureFieldWarningEnabled: false,
+ insecureAutoFillFormsEnabled: false,
+ isSecure: true,
+ isPasswordField: true,
+ matchingLogins: matchingLogins,
+ items: [{
+ value: "emptypass1",
+ label: LABEL_NO_USERNAME,
+ style: "login",
+ }, {
+ value: "temppass1",
+ label: "tempuser1",
+ style: "login",
+ }, {
+ value: "testpass2",
+ label: "testuser2",
+ style: "login",
+ }, {
+ value: "testpass3",
+ label: "testuser3",
+ style: "login",
+ }, {
+ value: "zzzpass4",
+ label: "zzzuser4",
+ style: "login",
+ }]
+ },
+ {
+ insecureFieldWarningEnabled: false,
+ insecureAutoFillFormsEnabled: false,
+ isSecure: false,
+ isPasswordField: true,
+ matchingLogins: matchingLogins,
+ items: []
+ },
+];
+
+add_task(function* test_all_patterns() {
+ LoginHelper.createLogger("UserAutoCompleteResult");
+ expectedResults.forEach(pattern => {
+ Services.prefs.setBoolPref(PREF_INSECURE_FIELD_WARNING_ENABLED,
+ pattern.insecureFieldWarningEnabled);
+ Services.prefs.setBoolPref(PREF_INSECURE_AUTOFILLFORMS_ENABLED,
+ pattern.insecureAutoFillFormsEnabled);
+ let actual = new UserAutoCompleteResult("", pattern.matchingLogins,
+ {
+ isSecure: pattern.isSecure,
+ isPasswordField: pattern.isPasswordField
+ });
+ pattern.items.forEach((item, index) => {
+ equal(actual.getValueAt(index), item.value);
+ equal(actual.getLabelAt(index), item.label);
+ equal(actual.getStyleAt(index), item.style);
+ });
+
+ if (pattern.items.length != 0) {
+ Assert.throws(() => actual.getValueAt(pattern.items.length),
+ /Index out of range\./);
+
+ Assert.throws(() => actual.getLabelAt(pattern.items.length),
+ /Index out of range\./);
+
+ Assert.throws(() => actual.removeValueAt(pattern.items.length, true),
+ /Index out of range\./);
+ }
+ });
+});
diff --git a/toolkit/components/passwordmgr/test/unit/xpcshell.ini b/toolkit/components/passwordmgr/test/unit/xpcshell.ini
new file mode 100644
index 000000000..8f8c92a28
--- /dev/null
+++ b/toolkit/components/passwordmgr/test/unit/xpcshell.ini
@@ -0,0 +1,46 @@
+[DEFAULT]
+head = head.js
+tail =
+support-files = data/**
+
+# Test JSON file access and import from SQLite, not applicable to Android.
+[test_module_LoginImport.js]
+skip-if = os == "android"
+[test_module_LoginStore.js]
+skip-if = os == "android"
+[test_removeLegacySignonFiles.js]
+skip-if = os == "android"
+
+# Test SQLite database backup and migration, applicable to Android only.
+[test_storage_mozStorage.js]
+skip-if = true || os != "android" # Bug 1171687: Needs fixing on Android
+
+# The following tests apply to any storage back-end.
+[test_context_menu.js]
+skip-if = os == "android" # The context menu isn't used on Android.
+# LoginManagerContextMenu is only included for MOZ_BUILD_APP == 'browser'.
+run-if = buildapp == "browser"
+[test_dedupeLogins.js]
+[test_disabled_hosts.js]
+[test_getFormFields.js]
+[test_getPasswordFields.js]
+[test_getPasswordOrigin.js]
+[test_isOriginMatching.js]
+[test_legacy_empty_formSubmitURL.js]
+[test_legacy_validation.js]
+[test_logins_change.js]
+[test_logins_decrypt_failure.js]
+skip-if = os == "android" # Bug 1171687: Needs fixing on Android
+[test_user_autocomplete_result.js]
+skip-if = os == "android"
+[test_logins_metainfo.js]
+[test_logins_search.js]
+[test_maybeImportLogin.js]
+[test_notifications.js]
+[test_OSCrypto_win.js]
+skip-if = os != "win"
+[test_recipes_add.js]
+[test_recipes_content.js]
+[test_search_schemeUpgrades.js]
+[test_storage.js]
+[test_telemetry.js]