diff options
Diffstat (limited to 'toolkit/components/passwordmgr')
193 files changed, 31386 insertions, 0 deletions
diff --git a/toolkit/components/passwordmgr/.eslintrc.js b/toolkit/components/passwordmgr/.eslintrc.js new file mode 100644 index 000000000..188f7eeff --- /dev/null +++ b/toolkit/components/passwordmgr/.eslintrc.js @@ -0,0 +1,36 @@ +"use strict"; + +module.exports = { // eslint-disable-line no-undef + "extends": "../../.eslintrc.js", + "rules": { + // Require spacing around => + "arrow-spacing": "error", + + // No newline before open brace for a block + "brace-style": ["error", "1tbs", {"allowSingleLine": true}], + + // No space before always a space after a comma + "comma-spacing": ["error", {"before": false, "after": true}], + + // Commas at the end of the line not the start + "comma-style": "error", + + // Use [] instead of Array() + "no-array-constructor": "error", + + // Use {} instead of new Object() + "no-new-object": "error", + + // No using undeclared variables + "no-undef": "error", + + // Don't allow unused local variables unless they match the pattern + "no-unused-vars": ["error", {"args": "none", "vars": "local", "varsIgnorePattern": "^(ids|ignored|unused)$"}], + + // Always require semicolon at end of statement + "semi": ["error", "always"], + + // Require spaces around operators + "space-infix-ops": "error", + } +}; diff --git a/toolkit/components/passwordmgr/InsecurePasswordUtils.jsm b/toolkit/components/passwordmgr/InsecurePasswordUtils.jsm new file mode 100644 index 000000000..5351e45b2 --- /dev/null +++ b/toolkit/components/passwordmgr/InsecurePasswordUtils.jsm @@ -0,0 +1,150 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +this.EXPORTED_SYMBOLS = [ "InsecurePasswordUtils" ]; + +const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; +const STRINGS_URI = "chrome://global/locale/security/security.properties"; + +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "devtools", + "resource://devtools/shared/Loader.jsm"); +XPCOMUtils.defineLazyServiceGetter(this, "gContentSecurityManager", + "@mozilla.org/contentsecuritymanager;1", + "nsIContentSecurityManager"); +XPCOMUtils.defineLazyServiceGetter(this, "gScriptSecurityManager", + "@mozilla.org/scriptsecuritymanager;1", + "nsIScriptSecurityManager"); +XPCOMUtils.defineLazyGetter(this, "WebConsoleUtils", () => { + return this.devtools.require("devtools/server/actors/utils/webconsole-utils").Utils; +}); + +/* + * A module that provides utility functions for form security. + * + * Note: + * This module uses isSecureContextIfOpenerIgnored instead of isSecureContext. + * + * We don't want to expose JavaScript APIs in a non-Secure Context even if + * the context is only insecure because the windows has an insecure opener. + * Doing so prevents sites from implementing postMessage workarounds to enable + * an insecure opener to gain access to Secure Context-only APIs. However, + * in the case of form fields such as password fields we don't need to worry + * about whether the opener is secure or not. In fact to flag a password + * field as insecure in such circumstances would unnecessarily confuse our + * users. + */ +this.InsecurePasswordUtils = { + _formRootsWarned: new WeakMap(), + _sendWebConsoleMessage(messageTag, domDoc) { + let windowId = WebConsoleUtils.getInnerWindowId(domDoc.defaultView); + let category = "Insecure Password Field"; + // All web console messages are warnings for now. + let flag = Ci.nsIScriptError.warningFlag; + let bundle = Services.strings.createBundle(STRINGS_URI); + let message = bundle.GetStringFromName(messageTag); + let consoleMsg = Cc["@mozilla.org/scripterror;1"].createInstance(Ci.nsIScriptError); + consoleMsg.initWithWindowID(message, domDoc.location.href, 0, 0, 0, flag, category, windowId); + + Services.console.logMessage(consoleMsg); + }, + + /** + * Gets the security state of the passed form. + * + * @param {FormLike} aForm A form-like object. @See {FormLikeFactory} + * + * @returns {Object} An object with the following boolean values: + * isFormSubmitHTTP: if the submit action is an http:// URL + * isFormSubmitSecure: if the submit action URL is secure, + * either because it is HTTPS or because its origin is considered trustworthy + */ + _checkFormSecurity(aForm) { + let isFormSubmitHTTP = false, isFormSubmitSecure = false; + if (aForm.rootElement instanceof Ci.nsIDOMHTMLFormElement) { + let uri = Services.io.newURI(aForm.rootElement.action || aForm.rootElement.baseURI, + null, null); + let principal = gScriptSecurityManager.getCodebasePrincipal(uri); + + if (uri.schemeIs("http")) { + isFormSubmitHTTP = true; + if (gContentSecurityManager.isOriginPotentiallyTrustworthy(principal)) { + isFormSubmitSecure = true; + } + } else { + isFormSubmitSecure = true; + } + } + + return { isFormSubmitHTTP, isFormSubmitSecure }; + }, + + /** + * Checks if there are insecure password fields present on the form's document + * i.e. passwords inside forms with http action, inside iframes with http src, + * or on insecure web pages. + * + * @param {FormLike} aForm A form-like object. @See {LoginFormFactory} + * @return {boolean} whether the form is secure + */ + isFormSecure(aForm) { + // Ignores window.opener, see top level documentation. + let isSafePage = aForm.ownerDocument.defaultView.isSecureContextIfOpenerIgnored; + let { isFormSubmitSecure, isFormSubmitHTTP } = this._checkFormSecurity(aForm); + + return isSafePage && (isFormSubmitSecure || !isFormSubmitHTTP); + }, + + /** + * Report insecure password fields in a form to the web console to warn developers. + * + * @param {FormLike} aForm A form-like object. @See {FormLikeFactory} + */ + reportInsecurePasswords(aForm) { + if (this._formRootsWarned.has(aForm.rootElement) || + this._formRootsWarned.get(aForm.rootElement)) { + return; + } + + let domDoc = aForm.ownerDocument; + // Ignores window.opener, see top level documentation. + let isSafePage = domDoc.defaultView.isSecureContextIfOpenerIgnored; + + let { isFormSubmitHTTP, isFormSubmitSecure } = this._checkFormSecurity(aForm); + + if (!isSafePage) { + if (domDoc.defaultView == domDoc.defaultView.parent) { + this._sendWebConsoleMessage("InsecurePasswordsPresentOnPage", domDoc); + } else { + this._sendWebConsoleMessage("InsecurePasswordsPresentOnIframe", domDoc); + } + this._formRootsWarned.set(aForm.rootElement, true); + } else if (isFormSubmitHTTP && !isFormSubmitSecure) { + this._sendWebConsoleMessage("InsecureFormActionPasswordsPresent", domDoc); + this._formRootsWarned.set(aForm.rootElement, true); + } + + // The safety of a password field determined by the form action and the page protocol + let passwordSafety; + if (isSafePage) { + if (isFormSubmitSecure) { + passwordSafety = 0; + } else if (isFormSubmitHTTP) { + passwordSafety = 1; + } else { + passwordSafety = 2; + } + } else if (isFormSubmitSecure) { + passwordSafety = 3; + } else if (isFormSubmitHTTP) { + passwordSafety = 4; + } else { + passwordSafety = 5; + } + + Services.telemetry.getHistogramById("PWMGR_LOGIN_PAGE_SAFETY").add(passwordSafety); + }, +}; diff --git a/toolkit/components/passwordmgr/LoginHelper.jsm b/toolkit/components/passwordmgr/LoginHelper.jsm new file mode 100644 index 000000000..e0c4d872b --- /dev/null +++ b/toolkit/components/passwordmgr/LoginHelper.jsm @@ -0,0 +1,725 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/** + * Contains functions shared by different Login Manager components. + * + * This JavaScript module exists in order to share code between the different + * XPCOM components that constitute the Login Manager, including implementations + * of nsILoginManager and nsILoginManagerStorage. + */ + +"use strict"; + +this.EXPORTED_SYMBOLS = [ + "LoginHelper", +]; + +// Globals + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); + +// LoginHelper + +/** + * Contains functions shared by different Login Manager components. + */ +this.LoginHelper = { + /** + * Warning: these only update if a logger was created. + */ + debug: Services.prefs.getBoolPref("signon.debug"), + formlessCaptureEnabled: Services.prefs.getBoolPref("signon.formlessCapture.enabled"), + schemeUpgrades: Services.prefs.getBoolPref("signon.schemeUpgrades"), + insecureAutofill: Services.prefs.getBoolPref("signon.autofillForms.http"), + showInsecureFieldWarning: Services.prefs.getBoolPref("security.insecure_field_warning.contextual.enabled"), + + createLogger(aLogPrefix) { + let getMaxLogLevel = () => { + return this.debug ? "debug" : "warn"; + }; + + // Create a new instance of the ConsoleAPI so we can control the maxLogLevel with a pref. + let ConsoleAPI = Cu.import("resource://gre/modules/Console.jsm", {}).ConsoleAPI; + let consoleOptions = { + maxLogLevel: getMaxLogLevel(), + prefix: aLogPrefix, + }; + let logger = new ConsoleAPI(consoleOptions); + + // Watch for pref changes and update this.debug and the maxLogLevel for created loggers + Services.prefs.addObserver("signon.", () => { + this.debug = Services.prefs.getBoolPref("signon.debug"); + this.formlessCaptureEnabled = Services.prefs.getBoolPref("signon.formlessCapture.enabled"); + this.schemeUpgrades = Services.prefs.getBoolPref("signon.schemeUpgrades"); + this.insecureAutofill = Services.prefs.getBoolPref("signon.autofillForms.http"); + logger.maxLogLevel = getMaxLogLevel(); + }, false); + + Services.prefs.addObserver("security.insecure_field_warning.", () => { + this.showInsecureFieldWarning = Services.prefs.getBoolPref("security.insecure_field_warning.contextual.enabled"); + }, false); + + return logger; + }, + + /** + * Due to the way the signons2.txt file is formatted, we need to make + * sure certain field values or characters do not cause the file to + * be parsed incorrectly. Reject hostnames that we can't store correctly. + * + * @throws String with English message in case validation failed. + */ + checkHostnameValue(aHostname) { + // Nulls are invalid, as they don't round-trip well. Newlines are also + // invalid for any field stored as plaintext, and a hostname made of a + // single dot cannot be stored in the legacy format. + if (aHostname == "." || + aHostname.indexOf("\r") != -1 || + aHostname.indexOf("\n") != -1 || + aHostname.indexOf("\0") != -1) { + throw new Error("Invalid hostname"); + } + }, + + /** + * Due to the way the signons2.txt file is formatted, we need to make + * sure certain field values or characters do not cause the file to + * be parsed incorrectly. Reject logins that we can't store correctly. + * + * @throws String with English message in case validation failed. + */ + checkLoginValues(aLogin) { + function badCharacterPresent(l, c) { + return ((l.formSubmitURL && l.formSubmitURL.indexOf(c) != -1) || + (l.httpRealm && l.httpRealm.indexOf(c) != -1) || + l.hostname.indexOf(c) != -1 || + l.usernameField.indexOf(c) != -1 || + l.passwordField.indexOf(c) != -1); + } + + // Nulls are invalid, as they don't round-trip well. + // Mostly not a formatting problem, although ".\0" can be quirky. + if (badCharacterPresent(aLogin, "\0")) { + throw new Error("login values can't contain nulls"); + } + + // In theory these nulls should just be rolled up into the encrypted + // values, but nsISecretDecoderRing doesn't use nsStrings, so the + // nulls cause truncation. Check for them here just to avoid + // unexpected round-trip surprises. + if (aLogin.username.indexOf("\0") != -1 || + aLogin.password.indexOf("\0") != -1) { + throw new Error("login values can't contain nulls"); + } + + // Newlines are invalid for any field stored as plaintext. + if (badCharacterPresent(aLogin, "\r") || + badCharacterPresent(aLogin, "\n")) { + throw new Error("login values can't contain newlines"); + } + + // A line with just a "." can have special meaning. + if (aLogin.usernameField == "." || + aLogin.formSubmitURL == ".") { + throw new Error("login values can't be periods"); + } + + // A hostname with "\ \(" won't roundtrip. + // eg host="foo (", realm="bar" --> "foo ( (bar)" + // vs host="foo", realm=" (bar" --> "foo ( (bar)" + if (aLogin.hostname.indexOf(" (") != -1) { + throw new Error("bad parens in hostname"); + } + }, + + /** + * Returns a new XPCOM property bag with the provided properties. + * + * @param {Object} aProperties + * Each property of this object is copied to the property bag. This + * parameter can be omitted to return an empty property bag. + * + * @return A new property bag, that is an instance of nsIWritablePropertyBag, + * nsIWritablePropertyBag2, nsIPropertyBag, and nsIPropertyBag2. + */ + newPropertyBag(aProperties) { + let propertyBag = Cc["@mozilla.org/hash-property-bag;1"] + .createInstance(Ci.nsIWritablePropertyBag); + if (aProperties) { + for (let [name, value] of Object.entries(aProperties)) { + propertyBag.setProperty(name, value); + } + } + return propertyBag.QueryInterface(Ci.nsIPropertyBag) + .QueryInterface(Ci.nsIPropertyBag2) + .QueryInterface(Ci.nsIWritablePropertyBag2); + }, + + /** + * Helper to avoid the `count` argument and property bags when calling + * Services.logins.searchLogins from JS. + * + * @param {Object} aSearchOptions - A regular JS object to copy to a property bag before searching + * @return {nsILoginInfo[]} - The result of calling searchLogins. + */ + searchLoginsWithObject(aSearchOptions) { + return Services.logins.searchLogins({}, this.newPropertyBag(aSearchOptions)); + }, + + /** + * @param {String} aLoginOrigin - An origin value from a stored login's + * hostname or formSubmitURL properties. + * @param {String} aSearchOrigin - The origin that was are looking to match + * with aLoginOrigin. This would normally come + * from a form or page that we are considering. + * @param {nsILoginFindOptions} aOptions - Options to affect whether the origin + * from the login (aLoginOrigin) is a + * match for the origin we're looking + * for (aSearchOrigin). + */ + isOriginMatching(aLoginOrigin, aSearchOrigin, aOptions = { + schemeUpgrades: false, + }) { + if (aLoginOrigin == aSearchOrigin) { + return true; + } + + if (!aOptions) { + return false; + } + + if (aOptions.schemeUpgrades) { + try { + let loginURI = Services.io.newURI(aLoginOrigin, null, null); + let searchURI = Services.io.newURI(aSearchOrigin, null, null); + if (loginURI.scheme == "http" && searchURI.scheme == "https" && + loginURI.hostPort == searchURI.hostPort) { + return true; + } + } catch (ex) { + // newURI will throw for some values e.g. chrome://FirefoxAccounts + return false; + } + } + + return false; + }, + + doLoginsMatch(aLogin1, aLogin2, { + ignorePassword = false, + ignoreSchemes = false, + }) { + if (aLogin1.httpRealm != aLogin2.httpRealm || + aLogin1.username != aLogin2.username) + return false; + + if (!ignorePassword && aLogin1.password != aLogin2.password) + return false; + + if (ignoreSchemes) { + let hostname1URI = Services.io.newURI(aLogin1.hostname, null, null); + let hostname2URI = Services.io.newURI(aLogin2.hostname, null, null); + if (hostname1URI.hostPort != hostname2URI.hostPort) + return false; + + if (aLogin1.formSubmitURL != "" && aLogin2.formSubmitURL != "" && + Services.io.newURI(aLogin1.formSubmitURL, null, null).hostPort != + Services.io.newURI(aLogin2.formSubmitURL, null, null).hostPort) + return false; + } else { + if (aLogin1.hostname != aLogin2.hostname) + return false; + + // If either formSubmitURL is blank (but not null), then match. + if (aLogin1.formSubmitURL != "" && aLogin2.formSubmitURL != "" && + aLogin1.formSubmitURL != aLogin2.formSubmitURL) + return false; + } + + // The .usernameField and .passwordField values are ignored. + + return true; + }, + + /** + * Creates a new login object that results by modifying the given object with + * the provided data. + * + * @param aOldStoredLogin + * Existing nsILoginInfo object to modify. + * @param aNewLoginData + * The new login values, either as nsILoginInfo or nsIProperyBag. + * + * @return The newly created nsILoginInfo object. + * + * @throws String with English message in case validation failed. + */ + buildModifiedLogin(aOldStoredLogin, aNewLoginData) { + function bagHasProperty(aPropName) { + try { + aNewLoginData.getProperty(aPropName); + return true; + } catch (ex) { } + return false; + } + + aOldStoredLogin.QueryInterface(Ci.nsILoginMetaInfo); + + let newLogin; + if (aNewLoginData instanceof Ci.nsILoginInfo) { + // Clone the existing login to get its nsILoginMetaInfo, then init it + // with the replacement nsILoginInfo data from the new login. + newLogin = aOldStoredLogin.clone(); + newLogin.init(aNewLoginData.hostname, + aNewLoginData.formSubmitURL, aNewLoginData.httpRealm, + aNewLoginData.username, aNewLoginData.password, + aNewLoginData.usernameField, aNewLoginData.passwordField); + newLogin.QueryInterface(Ci.nsILoginMetaInfo); + + // Automatically update metainfo when password is changed. + if (newLogin.password != aOldStoredLogin.password) { + newLogin.timePasswordChanged = Date.now(); + } + } else if (aNewLoginData instanceof Ci.nsIPropertyBag) { + // Clone the existing login, along with all its properties. + newLogin = aOldStoredLogin.clone(); + newLogin.QueryInterface(Ci.nsILoginMetaInfo); + + // Automatically update metainfo when password is changed. + // (Done before the main property updates, lest the caller be + // explicitly updating both .password and .timePasswordChanged) + if (bagHasProperty("password")) { + let newPassword = aNewLoginData.getProperty("password"); + if (newPassword != aOldStoredLogin.password) { + newLogin.timePasswordChanged = Date.now(); + } + } + + let propEnum = aNewLoginData.enumerator; + while (propEnum.hasMoreElements()) { + let prop = propEnum.getNext().QueryInterface(Ci.nsIProperty); + switch (prop.name) { + // nsILoginInfo + case "hostname": + case "httpRealm": + case "formSubmitURL": + case "username": + case "password": + case "usernameField": + case "passwordField": + // nsILoginMetaInfo + case "guid": + case "timeCreated": + case "timeLastUsed": + case "timePasswordChanged": + case "timesUsed": + newLogin[prop.name] = prop.value; + break; + + // Fake property, allows easy incrementing. + case "timesUsedIncrement": + newLogin.timesUsed += prop.value; + break; + + // Fail if caller requests setting an unknown property. + default: + throw new Error("Unexpected propertybag item: " + prop.name); + } + } + } else { + throw new Error("newLoginData needs an expected interface!"); + } + + // Sanity check the login + if (newLogin.hostname == null || newLogin.hostname.length == 0) { + throw new Error("Can't add a login with a null or empty hostname."); + } + + // For logins w/o a username, set to "", not null. + if (newLogin.username == null) { + throw new Error("Can't add a login with a null username."); + } + + if (newLogin.password == null || newLogin.password.length == 0) { + throw new Error("Can't add a login with a null or empty password."); + } + + if (newLogin.formSubmitURL || newLogin.formSubmitURL == "") { + // We have a form submit URL. Can't have a HTTP realm. + if (newLogin.httpRealm != null) { + throw new Error("Can't add a login with both a httpRealm and formSubmitURL."); + } + } else if (newLogin.httpRealm) { + // We have a HTTP realm. Can't have a form submit URL. + if (newLogin.formSubmitURL != null) { + throw new Error("Can't add a login with both a httpRealm and formSubmitURL."); + } + } else { + // Need one or the other! + throw new Error("Can't add a login without a httpRealm or formSubmitURL."); + } + + // Throws if there are bogus values. + this.checkLoginValues(newLogin); + + return newLogin; + }, + + /** + * Removes duplicates from a list of logins while preserving the sort order. + * + * @param {nsILoginInfo[]} logins + * A list of logins we want to deduplicate. + * @param {string[]} [uniqueKeys = ["username", "password"]] + * A list of login attributes to use as unique keys for the deduplication. + * @param {string[]} [resolveBy = ["timeLastUsed"]] + * Ordered array of keyword strings used to decide which of the + * duplicates should be used. "scheme" would prefer the login that has + * a scheme matching `preferredOrigin`'s if there are two logins with + * the same `uniqueKeys`. The default preference to distinguish two + * logins is `timeLastUsed`. If there is no preference between two + * logins, the first one found wins. + * @param {string} [preferredOrigin = undefined] + * String representing the origin to use for preferring one login over + * another when they are dupes. This is used with "scheme" for + * `resolveBy` so the scheme from this origin will be preferred. + * + * @returns {nsILoginInfo[]} list of unique logins. + */ + dedupeLogins(logins, uniqueKeys = ["username", "password"], + resolveBy = ["timeLastUsed"], + preferredOrigin = undefined) { + const KEY_DELIMITER = ":"; + + if (!preferredOrigin && resolveBy.includes("scheme")) { + throw new Error("dedupeLogins: `preferredOrigin` is required in order to " + + "prefer schemes which match it."); + } + + let preferredOriginScheme; + if (preferredOrigin) { + try { + preferredOriginScheme = Services.io.newURI(preferredOrigin, null, null).scheme; + } catch (ex) { + // Handle strings that aren't valid URIs e.g. chrome://FirefoxAccounts + } + } + + if (!preferredOriginScheme && resolveBy.includes("scheme")) { + log.warn("dedupeLogins: Deduping with a scheme preference but couldn't " + + "get the preferred origin scheme."); + } + + // We use a Map to easily lookup logins by their unique keys. + let loginsByKeys = new Map(); + + // Generate a unique key string from a login. + function getKey(login, uniqueKeys) { + return uniqueKeys.reduce((prev, key) => prev + KEY_DELIMITER + login[key], ""); + } + + /** + * @return {bool} whether `login` is preferred over its duplicate (considering `uniqueKeys`) + * `existingLogin`. + * + * `resolveBy` is a sorted array so we can return true the first time `login` is preferred + * over the existingLogin. + */ + function isLoginPreferred(existingLogin, login) { + if (!resolveBy || resolveBy.length == 0) { + // If there is no preference, prefer the existing login. + return false; + } + + for (let preference of resolveBy) { + switch (preference) { + case "scheme": { + if (!preferredOriginScheme) { + break; + } + + try { + // Only `hostname` is currently considered + let existingLoginURI = Services.io.newURI(existingLogin.hostname, null, null); + let loginURI = Services.io.newURI(login.hostname, null, null); + // If the schemes of the two logins are the same or neither match the + // preferredOriginScheme then we have no preference and look at the next resolveBy. + if (loginURI.scheme == existingLoginURI.scheme || + (loginURI.scheme != preferredOriginScheme && + existingLoginURI.scheme != preferredOriginScheme)) { + break; + } + + return loginURI.scheme == preferredOriginScheme; + } catch (ex) { + // Some URLs aren't valid nsIURI (e.g. chrome://FirefoxAccounts) + log.debug("dedupeLogins/shouldReplaceExisting: Error comparing schemes:", + existingLogin.hostname, login.hostname, + "preferredOrigin:", preferredOrigin, ex); + } + break; + } + case "timeLastUsed": + case "timePasswordChanged": { + // If we find a more recent login for the same key, replace the existing one. + let loginDate = login.QueryInterface(Ci.nsILoginMetaInfo)[preference]; + let storedLoginDate = existingLogin.QueryInterface(Ci.nsILoginMetaInfo)[preference]; + if (loginDate == storedLoginDate) { + break; + } + + return loginDate > storedLoginDate; + } + default: { + throw new Error("dedupeLogins: Invalid resolveBy preference: " + preference); + } + } + } + + return false; + } + + for (let login of logins) { + let key = getKey(login, uniqueKeys); + + if (loginsByKeys.has(key)) { + if (!isLoginPreferred(loginsByKeys.get(key), login)) { + // If there is no preference for the new login, use the existing one. + continue; + } + } + loginsByKeys.set(key, login); + } + + // Return the map values in the form of an array. + return [...loginsByKeys.values()]; + }, + + /** + * Open the password manager window. + * + * @param {Window} window + * the window from where we want to open the dialog + * + * @param {string} [filterString=""] + * the filterString parameter to pass to the login manager dialog + */ + openPasswordManager(window, filterString = "") { + let win = Services.wm.getMostRecentWindow("Toolkit:PasswordManager"); + if (win) { + win.setFilter(filterString); + win.focus(); + } else { + window.openDialog("chrome://passwordmgr/content/passwordManager.xul", + "Toolkit:PasswordManager", "", + {filterString : filterString}); + } + }, + + /** + * Checks if a field type is username compatible. + * + * @param {Element} element + * the field we want to check. + * + * @returns {Boolean} true if the field type is one + * of the username types. + */ + isUsernameFieldType(element) { + if (!(element instanceof Ci.nsIDOMHTMLInputElement)) + return false; + + let fieldType = (element.hasAttribute("type") ? + element.getAttribute("type").toLowerCase() : + element.type); + if (fieldType == "text" || + fieldType == "email" || + fieldType == "url" || + fieldType == "tel" || + fieldType == "number") { + return true; + } + return false; + }, + + /** + * Add the login to the password manager if a similar one doesn't already exist. Merge it + * otherwise with the similar existing ones. + * @param {Object} loginData - the data about the login that needs to be added. + * @returns {nsILoginInfo} the newly added login, or null if no login was added. + * Note that we will also return null if an existing login + * was modified. + */ + maybeImportLogin(loginData) { + // create a new login + let login = Cc["@mozilla.org/login-manager/loginInfo;1"].createInstance(Ci.nsILoginInfo); + login.init(loginData.hostname, + loginData.formSubmitURL || (typeof(loginData.httpRealm) == "string" ? null : ""), + typeof(loginData.httpRealm) == "string" ? loginData.httpRealm : null, + loginData.username, + loginData.password, + loginData.usernameElement || "", + loginData.passwordElement || ""); + + login.QueryInterface(Ci.nsILoginMetaInfo); + login.timeCreated = loginData.timeCreated; + login.timeLastUsed = loginData.timeLastUsed || loginData.timeCreated; + login.timePasswordChanged = loginData.timePasswordChanged || loginData.timeCreated; + login.timesUsed = loginData.timesUsed || 1; + // While here we're passing formSubmitURL and httpRealm, they could be empty/null and get + // ignored in that case, leading to multiple logins for the same username. + let existingLogins = Services.logins.findLogins({}, login.hostname, + login.formSubmitURL, + login.httpRealm); + // Check for an existing login that matches *including* the password. + // If such a login exists, we do not need to add a new login. + if (existingLogins.some(l => login.matches(l, false /* ignorePassword */))) { + return null; + } + // Now check for a login with the same username, where it may be that we have an + // updated password. + let foundMatchingLogin = false; + for (let existingLogin of existingLogins) { + if (login.username == existingLogin.username) { + foundMatchingLogin = true; + existingLogin.QueryInterface(Ci.nsILoginMetaInfo); + if (login.password != existingLogin.password & + login.timePasswordChanged > existingLogin.timePasswordChanged) { + // if a login with the same username and different password already exists and it's older + // than the current one, update its password and timestamp. + let propBag = Cc["@mozilla.org/hash-property-bag;1"]. + createInstance(Ci.nsIWritablePropertyBag); + propBag.setProperty("password", login.password); + propBag.setProperty("timePasswordChanged", login.timePasswordChanged); + Services.logins.modifyLogin(existingLogin, propBag); + } + } + } + // if the new login is an update or is older than an exiting login, don't add it. + if (foundMatchingLogin) { + return null; + } + return Services.logins.addLogin(login); + }, + + /** + * Convert an array of nsILoginInfo to vanilla JS objects suitable for + * sending over IPC. + * + * NB: All members of nsILoginInfo and nsILoginMetaInfo are strings. + */ + loginsToVanillaObjects(logins) { + return logins.map(this.loginToVanillaObject); + }, + + /** + * Same as above, but for a single login. + */ + loginToVanillaObject(login) { + let obj = {}; + for (let i in login.QueryInterface(Ci.nsILoginMetaInfo)) { + if (typeof login[i] !== 'function') { + obj[i] = login[i]; + } + } + + return obj; + }, + + /** + * Convert an object received from IPC into an nsILoginInfo (with guid). + */ + vanillaObjectToLogin(login) { + let formLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + formLogin.init(login.hostname, login.formSubmitURL, + login.httpRealm, login.username, + login.password, login.usernameField, + login.passwordField); + + formLogin.QueryInterface(Ci.nsILoginMetaInfo); + for (let prop of ["guid", "timeCreated", "timeLastUsed", "timePasswordChanged", "timesUsed"]) { + formLogin[prop] = login[prop]; + } + return formLogin; + }, + + /** + * As above, but for an array of objects. + */ + vanillaObjectsToLogins(logins) { + return logins.map(this.vanillaObjectToLogin); + }, + + removeLegacySignonFiles() { + const {Constants, Path, File} = Cu.import("resource://gre/modules/osfile.jsm").OS; + + const profileDir = Constants.Path.profileDir; + const defaultSignonFilePrefs = new Map([ + ["signon.SignonFileName", "signons.txt"], + ["signon.SignonFileName2", "signons2.txt"], + ["signon.SignonFileName3", "signons3.txt"] + ]); + const toDeletes = new Set(); + + for (let [pref, val] of defaultSignonFilePrefs.entries()) { + toDeletes.add(Path.join(profileDir, val)); + + try { + let signonFile = Services.prefs.getCharPref(pref); + + toDeletes.add(Path.join(profileDir, signonFile)); + Services.prefs.clearUserPref(pref); + } catch (e) {} + } + + for (let file of toDeletes) { + File.remove(file); + } + }, + + /** + * Returns true if the user has a master password set and false otherwise. + */ + isMasterPasswordSet() { + let secmodDB = Cc["@mozilla.org/security/pkcs11moduledb;1"]. + getService(Ci.nsIPKCS11ModuleDB); + let slot = secmodDB.findSlotByName(""); + if (!slot) { + return false; + } + let hasMP = slot.status != Ci.nsIPKCS11Slot.SLOT_UNINITIALIZED && + slot.status != Ci.nsIPKCS11Slot.SLOT_READY; + return hasMP; + }, + + /** + * Send a notification when stored data is changed. + */ + notifyStorageChanged(changeType, data) { + let dataObject = data; + // Can't pass a raw JS string or array though notifyObservers(). :-( + if (Array.isArray(data)) { + dataObject = Cc["@mozilla.org/array;1"]. + createInstance(Ci.nsIMutableArray); + for (let i = 0; i < data.length; i++) { + dataObject.appendElement(data[i], false); + } + } else if (typeof(data) == "string") { + dataObject = Cc["@mozilla.org/supports-string;1"]. + createInstance(Ci.nsISupportsString); + dataObject.data = data; + } + Services.obs.notifyObservers(dataObject, "passwordmgr-storage-changed", changeType); + } +}; + +XPCOMUtils.defineLazyGetter(this, "log", () => { + let logger = LoginHelper.createLogger("LoginHelper"); + return logger; +}); diff --git a/toolkit/components/passwordmgr/LoginImport.jsm b/toolkit/components/passwordmgr/LoginImport.jsm new file mode 100644 index 000000000..a1d5c988a --- /dev/null +++ b/toolkit/components/passwordmgr/LoginImport.jsm @@ -0,0 +1,173 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80 filetype=javascript: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/** + * Provides an object that has a method to import login-related data from the + * previous SQLite storage format. + */ + +"use strict"; + +this.EXPORTED_SYMBOLS = [ + "LoginImport", +]; + +// Globals + +const Cc = Components.classes; +const Ci = Components.interfaces; +const Cu = Components.utils; +const Cr = Components.results; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Task.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "OS", + "resource://gre/modules/osfile.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "Sqlite", + "resource://gre/modules/Sqlite.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "NetUtil", + "resource://gre/modules/NetUtil.jsm"); + +// LoginImport + +/** + * Provides an object that has a method to import login-related data from the + * previous SQLite storage format. + * + * @param aStore + * LoginStore object where imported data will be added. + * @param aPath + * String containing the file path of the SQLite login database. + */ +this.LoginImport = function (aStore, aPath) { + this.store = aStore; + this.path = aPath; +}; + +this.LoginImport.prototype = { + /** + * LoginStore object where imported data will be added. + */ + store: null, + + /** + * String containing the file path of the SQLite login database. + */ + path: null, + + /** + * Imports login-related data from the previous SQLite storage format. + */ + import: Task.async(function* () { + // We currently migrate data directly from the database to the JSON store at + // first run, then we set a preference to prevent repeating the import. + // Thus, merging with existing data is not a use case we support. This + // restriction might be removed to support re-importing passwords set by an + // old version by flipping the import preference and restarting. + if (this.store.data.logins.length > 0 || + this.store.data.disabledHosts.length > 0) { + throw new Error("Unable to import saved passwords because some data " + + "has already been imported or saved."); + } + + // When a timestamp is not specified, we will use the same reference time. + let referenceTimeMs = Date.now(); + + let connection = yield Sqlite.openConnection({ path: this.path }); + try { + let schemaVersion = yield connection.getSchemaVersion(); + + // We support importing database schema versions from 3 onwards. + // Version 3 was implemented in bug 316084 (Firefox 3.6, March 2009). + // Version 4 was implemented in bug 465636 (Firefox 4, March 2010). + // Version 5 was implemented in bug 718817 (Firefox 13, February 2012). + if (schemaVersion < 3) { + throw new Error("Unable to import saved passwords because " + + "the existing profile is too old."); + } + + let rows = yield connection.execute("SELECT * FROM moz_logins"); + for (let row of rows) { + try { + let hostname = row.getResultByName("hostname"); + let httpRealm = row.getResultByName("httpRealm"); + let formSubmitURL = row.getResultByName("formSubmitURL"); + let usernameField = row.getResultByName("usernameField"); + let passwordField = row.getResultByName("passwordField"); + let encryptedUsername = row.getResultByName("encryptedUsername"); + let encryptedPassword = row.getResultByName("encryptedPassword"); + + // The "guid" field was introduced in schema version 2, and the + // "enctype" field was introduced in schema version 3. We don't + // support upgrading from older versions of the database. + let guid = row.getResultByName("guid"); + let encType = row.getResultByName("encType"); + + // The time and count fields were introduced in schema version 4. + let timeCreated = null; + let timeLastUsed = null; + let timePasswordChanged = null; + let timesUsed = null; + try { + timeCreated = row.getResultByName("timeCreated"); + timeLastUsed = row.getResultByName("timeLastUsed"); + timePasswordChanged = row.getResultByName("timePasswordChanged"); + timesUsed = row.getResultByName("timesUsed"); + } catch (ex) { } + + // These columns may be null either because they were not present in + // the database or because the record was created on a new schema + // version by an old application version. + if (!timeCreated) { + timeCreated = referenceTimeMs; + } + if (!timeLastUsed) { + timeLastUsed = referenceTimeMs; + } + if (!timePasswordChanged) { + timePasswordChanged = referenceTimeMs; + } + if (!timesUsed) { + timesUsed = 1; + } + + this.store.data.logins.push({ + id: this.store.data.nextId++, + hostname: hostname, + httpRealm: httpRealm, + formSubmitURL: formSubmitURL, + usernameField: usernameField, + passwordField: passwordField, + encryptedUsername: encryptedUsername, + encryptedPassword: encryptedPassword, + guid: guid, + encType: encType, + timeCreated: timeCreated, + timeLastUsed: timeLastUsed, + timePasswordChanged: timePasswordChanged, + timesUsed: timesUsed, + }); + } catch (ex) { + Cu.reportError("Error importing login: " + ex); + } + } + + rows = yield connection.execute("SELECT * FROM moz_disabledHosts"); + for (let row of rows) { + try { + let hostname = row.getResultByName("hostname"); + + this.store.data.disabledHosts.push(hostname); + } catch (ex) { + Cu.reportError("Error importing disabled host: " + ex); + } + } + } finally { + yield connection.close(); + } + }), +}; diff --git a/toolkit/components/passwordmgr/LoginManagerContent.jsm b/toolkit/components/passwordmgr/LoginManagerContent.jsm new file mode 100644 index 000000000..60805530d --- /dev/null +++ b/toolkit/components/passwordmgr/LoginManagerContent.jsm @@ -0,0 +1,1619 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +this.EXPORTED_SYMBOLS = [ "LoginManagerContent", + "LoginFormFactory", + "UserAutoCompleteResult" ]; + +const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; +const PASSWORD_INPUT_ADDED_COALESCING_THRESHOLD_MS = 1; +const AUTOCOMPLETE_AFTER_CONTEXTMENU_THRESHOLD_MS = 250; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/PrivateBrowsingUtils.jsm"); +Cu.import("resource://gre/modules/InsecurePasswordUtils.jsm"); +Cu.import("resource://gre/modules/Promise.jsm"); +Cu.import("resource://gre/modules/Preferences.jsm"); +Cu.import("resource://gre/modules/Timer.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "DeferredTask", "resource://gre/modules/DeferredTask.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "FormLikeFactory", + "resource://gre/modules/FormLikeFactory.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginRecipesContent", + "resource://gre/modules/LoginRecipes.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "InsecurePasswordUtils", + "resource://gre/modules/InsecurePasswordUtils.jsm"); + +XPCOMUtils.defineLazyServiceGetter(this, "gNetUtil", + "@mozilla.org/network/util;1", + "nsINetUtil"); + +XPCOMUtils.defineLazyGetter(this, "log", () => { + let logger = LoginHelper.createLogger("LoginManagerContent"); + return logger.log.bind(logger); +}); + +// These mirror signon.* prefs. +var gEnabled, gAutofillForms, gStoreWhenAutocompleteOff; +var gLastContextMenuEventTimeStamp = Number.NEGATIVE_INFINITY; + +var observer = { + QueryInterface : XPCOMUtils.generateQI([Ci.nsIObserver, + Ci.nsIFormSubmitObserver, + Ci.nsIWebProgressListener, + Ci.nsIDOMEventListener, + Ci.nsISupportsWeakReference]), + + // nsIFormSubmitObserver + notify(formElement, aWindow, actionURI) { + log("observer notified for form submission."); + + // We're invoked before the content's |onsubmit| handlers, so we + // can grab form data before it might be modified (see bug 257781). + + try { + let formLike = LoginFormFactory.createFromForm(formElement); + LoginManagerContent._onFormSubmit(formLike); + } catch (e) { + log("Caught error in onFormSubmit(", e.lineNumber, "):", e.message); + Cu.reportError(e); + } + + return true; // Always return true, or form submit will be canceled. + }, + + onPrefChange() { + gEnabled = Services.prefs.getBoolPref("signon.rememberSignons"); + gAutofillForms = Services.prefs.getBoolPref("signon.autofillForms"); + gStoreWhenAutocompleteOff = Services.prefs.getBoolPref("signon.storeWhenAutocompleteOff"); + }, + + // nsIWebProgressListener + onLocationChange(aWebProgress, aRequest, aLocation, aFlags) { + // Only handle pushState/replaceState here. + if (!(aFlags & Ci.nsIWebProgressListener.LOCATION_CHANGE_SAME_DOCUMENT) || + !(aWebProgress.loadType & Ci.nsIDocShell.LOAD_CMD_PUSHSTATE)) { + return; + } + + log("onLocationChange handled:", aLocation.spec, aWebProgress.DOMWindow.document); + + LoginManagerContent._onNavigation(aWebProgress.DOMWindow.document); + }, + + onStateChange(aWebProgress, aRequest, aState, aStatus) { + if (!(aState & Ci.nsIWebProgressListener.STATE_START)) { + return; + } + + // We only care about when a page triggered a load, not the user. For example: + // clicking refresh/back/forward, typing a URL and hitting enter, and loading a bookmark aren't + // likely to be when a user wants to save a login. + let channel = aRequest.QueryInterface(Ci.nsIChannel); + let triggeringPrincipal = channel.loadInfo.triggeringPrincipal; + if (triggeringPrincipal.isNullPrincipal || + triggeringPrincipal.equals(Services.scriptSecurityManager.getSystemPrincipal())) { + return; + } + + // Don't handle history navigation, reload, or pushState not triggered via chrome UI. + // e.g. history.go(-1), location.reload(), history.replaceState() + if (!(aWebProgress.loadType & Ci.nsIDocShell.LOAD_CMD_NORMAL)) { + log("onStateChange: loadType isn't LOAD_CMD_NORMAL:", aWebProgress.loadType); + return; + } + + log("onStateChange handled:", channel); + LoginManagerContent._onNavigation(aWebProgress.DOMWindow.document); + }, + + handleEvent(aEvent) { + if (!aEvent.isTrusted) { + return; + } + + if (!gEnabled) { + return; + } + + switch (aEvent.type) { + // Only used for username fields. + case "focus": { + LoginManagerContent._onUsernameFocus(aEvent); + break; + } + + case "contextmenu": { + gLastContextMenuEventTimeStamp = Date.now(); + break; + } + + default: { + throw new Error("Unexpected event"); + } + } + }, +}; + +Services.obs.addObserver(observer, "earlyformsubmit", false); +var prefBranch = Services.prefs.getBranch("signon."); +prefBranch.addObserver("", observer.onPrefChange, false); + +observer.onPrefChange(); // read initial values + + +function messageManagerFromWindow(win) { + return win.QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIWebNavigation) + .QueryInterface(Ci.nsIDocShell) + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIContentFrameMessageManager); +} + +// This object maps to the "child" process (even in the single-process case). +var LoginManagerContent = { + + __formFillService : null, // FormFillController, for username autocompleting + get _formFillService() { + if (!this.__formFillService) + this.__formFillService = + Cc["@mozilla.org/satchel/form-fill-controller;1"]. + getService(Ci.nsIFormFillController); + return this.__formFillService; + }, + + _getRandomId() { + return Cc["@mozilla.org/uuid-generator;1"] + .getService(Ci.nsIUUIDGenerator).generateUUID().toString(); + }, + + _messages: [ "RemoteLogins:loginsFound", + "RemoteLogins:loginsAutoCompleted" ], + + /** + * WeakMap of the root element of a FormLike to the FormLike representing its fields. + * + * This is used to be able to lookup an existing FormLike for a given root element since multiple + * calls to LoginFormFactory won't give the exact same object. When batching fills we don't always + * want to use the most recent list of elements for a FormLike since we may end up doing multiple + * fills for the same set of elements when a field gets added between arming and running the + * DeferredTask. + * + * @type {WeakMap} + */ + _formLikeByRootElement: new WeakMap(), + + /** + * WeakMap of the root element of a WeakMap to the DeferredTask to fill its fields. + * + * This is used to be able to throttle fills for a FormLike since onDOMInputPasswordAdded gets + * dispatched for each password field added to a document but we only want to fill once per + * FormLike when multiple fields are added at once. + * + * @type {WeakMap} + */ + _deferredPasswordAddedTasksByRootElement: new WeakMap(), + + // Map from form login requests to information about that request. + _requests: new Map(), + + // Number of outstanding requests to each manager. + _managers: new Map(), + + _takeRequest(msg) { + let data = msg.data; + let request = this._requests.get(data.requestId); + + this._requests.delete(data.requestId); + + let count = this._managers.get(msg.target); + if (--count === 0) { + this._managers.delete(msg.target); + + for (let message of this._messages) + msg.target.removeMessageListener(message, this); + } else { + this._managers.set(msg.target, count); + } + + return request; + }, + + _sendRequest(messageManager, requestData, + name, messageData) { + let count; + if (!(count = this._managers.get(messageManager))) { + this._managers.set(messageManager, 1); + + for (let message of this._messages) + messageManager.addMessageListener(message, this); + } else { + this._managers.set(messageManager, ++count); + } + + let requestId = this._getRandomId(); + messageData.requestId = requestId; + + messageManager.sendAsyncMessage(name, messageData); + + let deferred = Promise.defer(); + requestData.promise = deferred; + this._requests.set(requestId, requestData); + return deferred.promise; + }, + + receiveMessage(msg, window) { + if (msg.name == "RemoteLogins:fillForm") { + this.fillForm({ + topDocument: window.document, + loginFormOrigin: msg.data.loginFormOrigin, + loginsFound: LoginHelper.vanillaObjectsToLogins(msg.data.logins), + recipes: msg.data.recipes, + inputElement: msg.objects.inputElement, + }); + return; + } + + let request = this._takeRequest(msg); + switch (msg.name) { + case "RemoteLogins:loginsFound": { + let loginsFound = LoginHelper.vanillaObjectsToLogins(msg.data.logins); + request.promise.resolve({ + form: request.form, + loginsFound: loginsFound, + recipes: msg.data.recipes, + }); + break; + } + + case "RemoteLogins:loginsAutoCompleted": { + let loginsFound = + LoginHelper.vanillaObjectsToLogins(msg.data.logins); + // If we're in the parent process, don't pass a message manager so our + // autocomplete result objects know they can remove the login from the + // login manager directly. + let messageManager = + (Services.appinfo.processType === Services.appinfo.PROCESS_TYPE_CONTENT) ? + msg.target : undefined; + request.promise.resolve({ logins: loginsFound, messageManager }); + break; + } + } + }, + + /** + * Get relevant logins and recipes from the parent + * + * @param {HTMLFormElement} form - form to get login data for + * @param {Object} options + * @param {boolean} options.showMasterPassword - whether to show a master password prompt + */ + _getLoginDataFromParent(form, options) { + let doc = form.ownerDocument; + let win = doc.defaultView; + + let formOrigin = LoginUtils._getPasswordOrigin(doc.documentURI); + if (!formOrigin) { + return Promise.reject("_getLoginDataFromParent: A form origin is required"); + } + let actionOrigin = LoginUtils._getActionOrigin(form); + + let messageManager = messageManagerFromWindow(win); + + // XXX Weak?? + let requestData = { form: form }; + let messageData = { formOrigin: formOrigin, + actionOrigin: actionOrigin, + options: options }; + + return this._sendRequest(messageManager, requestData, + "RemoteLogins:findLogins", + messageData); + }, + + _autoCompleteSearchAsync(aSearchString, aPreviousResult, + aElement, aRect) { + let doc = aElement.ownerDocument; + let form = LoginFormFactory.createFromField(aElement); + let win = doc.defaultView; + + let formOrigin = LoginUtils._getPasswordOrigin(doc.documentURI); + let actionOrigin = LoginUtils._getActionOrigin(form); + + let messageManager = messageManagerFromWindow(win); + + let remote = (Services.appinfo.processType === + Services.appinfo.PROCESS_TYPE_CONTENT); + + let previousResult = aPreviousResult ? + { searchString: aPreviousResult.searchString, + logins: LoginHelper.loginsToVanillaObjects(aPreviousResult.logins) } : + null; + + let requestData = {}; + let messageData = { formOrigin: formOrigin, + actionOrigin: actionOrigin, + searchString: aSearchString, + previousResult: previousResult, + rect: aRect, + isSecure: InsecurePasswordUtils.isFormSecure(form), + isPasswordField: aElement.type == "password", + remote: remote }; + + return this._sendRequest(messageManager, requestData, + "RemoteLogins:autoCompleteLogins", + messageData); + }, + + setupProgressListener(window) { + if (!LoginHelper.formlessCaptureEnabled) { + return; + } + + try { + let webProgress = window.QueryInterface(Ci.nsIInterfaceRequestor). + getInterface(Ci.nsIWebNavigation). + QueryInterface(Ci.nsIDocShell). + QueryInterface(Ci.nsIInterfaceRequestor). + getInterface(Ci.nsIWebProgress); + webProgress.addProgressListener(observer, + Ci.nsIWebProgress.NOTIFY_STATE_DOCUMENT | + Ci.nsIWebProgress.NOTIFY_LOCATION); + } catch (ex) { + // Ignore NS_ERROR_FAILURE if the progress listener was already added + } + }, + + onDOMFormHasPassword(event, window) { + if (!event.isTrusted) { + return; + } + + let form = event.target; + let formLike = LoginFormFactory.createFromForm(form); + log("onDOMFormHasPassword:", form, formLike); + this._fetchLoginsFromParentAndFillForm(formLike, window); + }, + + onDOMInputPasswordAdded(event, window) { + if (!event.isTrusted) { + return; + } + + let pwField = event.target; + if (pwField.form) { + // Fill is handled by onDOMFormHasPassword which is already throttled. + return; + } + + // Only setup the listener for formless inputs. + // Capture within a <form> but without a submit event is bug 1287202. + this.setupProgressListener(window); + + let formLike = LoginFormFactory.createFromField(pwField); + log("onDOMInputPasswordAdded:", pwField, formLike); + + let deferredTask = this._deferredPasswordAddedTasksByRootElement.get(formLike.rootElement); + if (!deferredTask) { + log("Creating a DeferredTask to call _fetchLoginsFromParentAndFillForm soon"); + this._formLikeByRootElement.set(formLike.rootElement, formLike); + + deferredTask = new DeferredTask(function* deferredInputProcessing() { + // Get the updated formLike instead of the one at the time of creating the DeferredTask via + // a closure since it could be stale since FormLike.elements isn't live. + let formLike2 = this._formLikeByRootElement.get(formLike.rootElement); + log("Running deferred processing of onDOMInputPasswordAdded", formLike2); + this._deferredPasswordAddedTasksByRootElement.delete(formLike2.rootElement); + this._fetchLoginsFromParentAndFillForm(formLike2, window); + }.bind(this), PASSWORD_INPUT_ADDED_COALESCING_THRESHOLD_MS); + + this._deferredPasswordAddedTasksByRootElement.set(formLike.rootElement, deferredTask); + } + + if (deferredTask.isArmed) { + log("DeferredTask is already armed so just updating the FormLike"); + // We update the FormLike so it (most important .elements) is fresh when the task eventually + // runs since changes to the elements could affect our field heuristics. + this._formLikeByRootElement.set(formLike.rootElement, formLike); + } else if (window.document.readyState == "complete") { + log("Arming the DeferredTask we just created since document.readyState == 'complete'"); + deferredTask.arm(); + } else { + window.addEventListener("DOMContentLoaded", function armPasswordAddedTask() { + window.removeEventListener("DOMContentLoaded", armPasswordAddedTask); + log("Arming the onDOMInputPasswordAdded DeferredTask due to DOMContentLoaded"); + deferredTask.arm(); + }); + } + }, + + /** + * Fetch logins from the parent for a given form and then attempt to fill it. + * + * @param {FormLike} form to fetch the logins for then try autofill. + * @param {Window} window + */ + _fetchLoginsFromParentAndFillForm(form, window) { + this._detectInsecureFormLikes(window); + + let messageManager = messageManagerFromWindow(window); + messageManager.sendAsyncMessage("LoginStats:LoginEncountered"); + + if (!gEnabled) { + return; + } + + this._getLoginDataFromParent(form, { showMasterPassword: true }) + .then(this.loginsFound.bind(this)) + .then(null, Cu.reportError); + }, + + onPageShow(event, window) { + this._detectInsecureFormLikes(window); + }, + + /** + * Maps all DOM content documents in this content process, including those in + * frames, to the current state used by the Login Manager. + */ + loginFormStateByDocument: new WeakMap(), + + /** + * Retrieves a reference to the state object associated with the given + * document. This is initialized to an object with default values. + */ + stateForDocument(document) { + let loginFormState = this.loginFormStateByDocument.get(document); + if (!loginFormState) { + loginFormState = { + /** + * Keeps track of filled fields and values. + */ + fillsByRootElement: new WeakMap(), + loginFormRootElements: new Set(), + }; + this.loginFormStateByDocument.set(document, loginFormState); + } + return loginFormState; + }, + + /** + * Compute whether there is an insecure login form on any frame of the current page, and + * notify the parent process. This is used to control whether insecure password UI appears. + */ + _detectInsecureFormLikes(topWindow) { + log("_detectInsecureFormLikes", topWindow.location.href); + + // Returns true if this window or any subframes have insecure login forms. + let hasInsecureLoginForms = (thisWindow) => { + let doc = thisWindow.document; + let hasLoginForm = this.stateForDocument(doc).loginFormRootElements.size > 0; + // Ignores window.opener, because it's not relevant for indicating + // form security. See InsecurePasswordUtils docs for details. + return (hasLoginForm && !thisWindow.isSecureContextIfOpenerIgnored) || + Array.some(thisWindow.frames, + frame => hasInsecureLoginForms(frame)); + }; + + let messageManager = messageManagerFromWindow(topWindow); + messageManager.sendAsyncMessage("RemoteLogins:insecureLoginFormPresent", { + hasInsecureLoginForms: hasInsecureLoginForms(topWindow), + }); + }, + + /** + * Perform a password fill upon user request coming from the parent process. + * The fill will be in the form previously identified during page navigation. + * + * @param An object with the following properties: + * { + * topDocument: + * DOM document currently associated to the the top-level window + * for which the fill is requested. This may be different from the + * document that originally caused the login UI to be displayed. + * loginFormOrigin: + * String with the origin for which the login UI was displayed. + * This must match the origin of the form used for the fill. + * loginsFound: + * Array containing the login to fill. While other messages may + * have more logins, for this use case this is expected to have + * exactly one element. The origin of the login may be different + * from the origin of the form used for the fill. + * recipes: + * Fill recipes transmitted together with the original message. + * inputElement: + * Username or password input element from the form we want to fill. + * } + */ + fillForm({ topDocument, loginFormOrigin, loginsFound, recipes, inputElement }) { + if (!inputElement) { + log("fillForm: No input element specified"); + return; + } + if (LoginUtils._getPasswordOrigin(topDocument.documentURI) != loginFormOrigin) { + if (!inputElement || + LoginUtils._getPasswordOrigin(inputElement.ownerDocument.documentURI) != loginFormOrigin) { + log("fillForm: The requested origin doesn't match the one form the", + "document. This may mean we navigated to a document from a different", + "site before we had a chance to indicate this change in the user", + "interface."); + return; + } + } + + let clobberUsername = true; + let options = { + inputElement, + }; + + let form = LoginFormFactory.createFromField(inputElement); + if (inputElement.type == "password") { + clobberUsername = false; + } + this._fillForm(form, true, clobberUsername, true, true, loginsFound, recipes, options); + }, + + loginsFound({ form, loginsFound, recipes }) { + let doc = form.ownerDocument; + let autofillForm = gAutofillForms && !PrivateBrowsingUtils.isContentWindowPrivate(doc.defaultView); + + this._fillForm(form, autofillForm, false, false, false, loginsFound, recipes); + }, + + /** + * Focus event handler for username fields to decide whether to show autocomplete. + * @param {FocusEvent} event + */ + _onUsernameFocus(event) { + let focusedField = event.target; + if (!focusedField.mozIsTextField(true) || focusedField.readOnly) { + return; + } + + if (this._isLoginAlreadyFilled(focusedField)) { + log("_onUsernameFocus: Already filled"); + return; + } + + /* + * A `focus` event is fired before a `contextmenu` event if a user right-clicks into an + * unfocused field. In that case we don't want to show both autocomplete and a context menu + * overlapping so we spin the event loop to see if a `contextmenu` event is coming next. If no + * `contextmenu` event was seen and the focused field is still focused by the form fill + * controller then show the autocomplete popup. + */ + let timestamp = Date.now(); + setTimeout(function maybeOpenAutocompleteAfterFocus() { + // Even though the `focus` event happens first, its .timeStamp is greater in + // testing and I don't want to rely on that so the absolute value is used. + let timeDiff = Math.abs(gLastContextMenuEventTimeStamp - timestamp); + if (timeDiff < AUTOCOMPLETE_AFTER_CONTEXTMENU_THRESHOLD_MS) { + log("Not opening autocomplete after focus since a context menu was opened within", + timeDiff, "ms"); + return; + } + + if (this._formFillService.focusedInput == focusedField) { + log("maybeOpenAutocompleteAfterFocus: Opening the autocomplete popup. Time diff:", timeDiff); + this._formFillService.showPopup(); + } else { + log("maybeOpenAutocompleteAfterFocus: FormFillController has a different focused input"); + } + }.bind(this), 0); + }, + + /** + * Listens for DOMAutoComplete and blur events on an input field. + */ + onUsernameInput(event) { + if (!event.isTrusted) + return; + + if (!gEnabled) + return; + + var acInputField = event.target; + + // This is probably a bit over-conservatative. + if (!(acInputField.ownerDocument instanceof Ci.nsIDOMHTMLDocument)) + return; + + if (!LoginHelper.isUsernameFieldType(acInputField)) + return; + + var acForm = LoginFormFactory.createFromField(acInputField); + if (!acForm) + return; + + // If the username is blank, bail out now -- we don't want + // fillForm() to try filling in a login without a username + // to filter on (bug 471906). + if (!acInputField.value) + return; + + log("onUsernameInput from", event.type); + + let doc = acForm.ownerDocument; + let messageManager = messageManagerFromWindow(doc.defaultView); + let recipes = messageManager.sendSyncMessage("RemoteLogins:findRecipes", { + formOrigin: LoginUtils._getPasswordOrigin(doc.documentURI), + })[0]; + + // Make sure the username field fillForm will use is the + // same field as the autocomplete was activated on. + var [usernameField, passwordField, ignored] = + this._getFormFields(acForm, false, recipes); + if (usernameField == acInputField && passwordField) { + this._getLoginDataFromParent(acForm, { showMasterPassword: false }) + .then(({ form, loginsFound, recipes }) => { + this._fillForm(form, true, false, true, true, loginsFound, recipes); + }) + .then(null, Cu.reportError); + } else { + // Ignore the event, it's for some input we don't care about. + } + }, + + /** + * @param {FormLike} form - the FormLike to look for password fields in. + * @param {bool} [skipEmptyFields=false] - Whether to ignore password fields with no value. + * Used at capture time since saving empty values isn't + * useful. + * @return {Array|null} Array of password field elements for the specified form. + * If no pw fields are found, or if more than 3 are found, then null + * is returned. + */ + _getPasswordFields(form, skipEmptyFields = false) { + // Locate the password fields in the form. + let pwFields = []; + for (let i = 0; i < form.elements.length; i++) { + let element = form.elements[i]; + if (!(element instanceof Ci.nsIDOMHTMLInputElement) || + element.type != "password") { + continue; + } + + if (skipEmptyFields && !element.value.trim()) { + continue; + } + + pwFields[pwFields.length] = { + index : i, + element : element + }; + } + + // If too few or too many fields, bail out. + if (pwFields.length == 0) { + log("(form ignored -- no password fields.)"); + return null; + } else if (pwFields.length > 3) { + log("(form ignored -- too many password fields. [ got ", pwFields.length, "])"); + return null; + } + + return pwFields; + }, + + /** + * Returns the username and password fields found in the form. + * Can handle complex forms by trying to figure out what the + * relevant fields are. + * + * @param {FormLike} form + * @param {bool} isSubmission + * @param {Set} recipes + * @return {Array} [usernameField, newPasswordField, oldPasswordField] + * + * usernameField may be null. + * newPasswordField will always be non-null. + * oldPasswordField may be null. If null, newPasswordField is just + * "theLoginField". If not null, the form is apparently a + * change-password field, with oldPasswordField containing the password + * that is being changed. + * + * Note that even though we can create a FormLike from a text field, + * this method will only return a non-null usernameField if the + * FormLike has a password field. + */ + _getFormFields(form, isSubmission, recipes) { + var usernameField = null; + var pwFields = null; + var fieldOverrideRecipe = LoginRecipesContent.getFieldOverrides(recipes, form); + if (fieldOverrideRecipe) { + var pwOverrideField = LoginRecipesContent.queryLoginField( + form, + fieldOverrideRecipe.passwordSelector + ); + if (pwOverrideField) { + // The field from the password override may be in a different FormLike. + let formLike = LoginFormFactory.createFromField(pwOverrideField); + pwFields = [{ + index : [...formLike.elements].indexOf(pwOverrideField), + element : pwOverrideField, + }]; + } + + var usernameOverrideField = LoginRecipesContent.queryLoginField( + form, + fieldOverrideRecipe.usernameSelector + ); + if (usernameOverrideField) { + usernameField = usernameOverrideField; + } + } + + if (!pwFields) { + // Locate the password field(s) in the form. Up to 3 supported. + // If there's no password field, there's nothing for us to do. + pwFields = this._getPasswordFields(form, isSubmission); + } + + if (!pwFields) { + return [null, null, null]; + } + + if (!usernameField) { + // Locate the username field in the form by searching backwards + // from the first password field, assume the first text field is the + // username. We might not find a username field if the user is + // already logged in to the site. + for (var i = pwFields[0].index - 1; i >= 0; i--) { + var element = form.elements[i]; + if (!LoginHelper.isUsernameFieldType(element)) { + continue; + } + + if (fieldOverrideRecipe && fieldOverrideRecipe.notUsernameSelector && + element.matches(fieldOverrideRecipe.notUsernameSelector)) { + continue; + } + + usernameField = element; + break; + } + } + + if (!usernameField) + log("(form -- no username field found)"); + else + log("Username field ", usernameField, "has name/value:", + usernameField.name, "/", usernameField.value); + + // If we're not submitting a form (it's a page load), there are no + // password field values for us to use for identifying fields. So, + // just assume the first password field is the one to be filled in. + if (!isSubmission || pwFields.length == 1) { + var passwordField = pwFields[0].element; + log("Password field", passwordField, "has name: ", passwordField.name); + return [usernameField, passwordField, null]; + } + + + // Try to figure out WTF is in the form based on the password values. + var oldPasswordField, newPasswordField; + var pw1 = pwFields[0].element.value; + var pw2 = pwFields[1].element.value; + var pw3 = (pwFields[2] ? pwFields[2].element.value : null); + + if (pwFields.length == 3) { + // Look for two identical passwords, that's the new password + + if (pw1 == pw2 && pw2 == pw3) { + // All 3 passwords the same? Weird! Treat as if 1 pw field. + newPasswordField = pwFields[0].element; + oldPasswordField = null; + } else if (pw1 == pw2) { + newPasswordField = pwFields[0].element; + oldPasswordField = pwFields[2].element; + } else if (pw2 == pw3) { + oldPasswordField = pwFields[0].element; + newPasswordField = pwFields[2].element; + } else if (pw1 == pw3) { + // A bit odd, but could make sense with the right page layout. + newPasswordField = pwFields[0].element; + oldPasswordField = pwFields[1].element; + } else { + // We can't tell which of the 3 passwords should be saved. + log("(form ignored -- all 3 pw fields differ)"); + return [null, null, null]; + } + } else if (pw1 == pw2) { + // pwFields.length == 2 + // Treat as if 1 pw field + newPasswordField = pwFields[0].element; + oldPasswordField = null; + } else { + // Just assume that the 2nd password is the new password + oldPasswordField = pwFields[0].element; + newPasswordField = pwFields[1].element; + } + + log("Password field (new) id/name is: ", newPasswordField.id, " / ", newPasswordField.name); + if (oldPasswordField) { + log("Password field (old) id/name is: ", oldPasswordField.id, " / ", oldPasswordField.name); + } else { + log("Password field (old):", oldPasswordField); + } + return [usernameField, newPasswordField, oldPasswordField]; + }, + + + /** + * @return true if the page requests autocomplete be disabled for the + * specified element. + */ + _isAutocompleteDisabled(element) { + return element && element.autocomplete == "off"; + }, + + /** + * Trigger capture on any relevant FormLikes due to a navigation alone (not + * necessarily due to an actual form submission). This method is used to + * capture logins for cases where form submit events are not used. + * + * To avoid multiple notifications for the same FormLike, this currently + * avoids capturing when dealing with a real <form> which are ideally already + * using a submit event. + * + * @param {Document} document being navigated + */ + _onNavigation(aDocument) { + let state = this.stateForDocument(aDocument); + let loginFormRootElements = state.loginFormRootElements; + log("_onNavigation: state:", state, "loginFormRootElements size:", loginFormRootElements.size, + "document:", aDocument); + + for (let formRoot of state.loginFormRootElements) { + if (formRoot instanceof Ci.nsIDOMHTMLFormElement) { + // For now only perform capture upon navigation for FormLike's without + // a <form> to avoid capture from both an earlyformsubmit and + // navigation for the same "form". + log("Ignoring navigation for the form root to avoid multiple prompts " + + "since it was for a real <form>"); + continue; + } + let formLike = this._formLikeByRootElement.get(formRoot); + this._onFormSubmit(formLike); + } + }, + + /** + * Called by our observer when notified of a form submission. + * [Note that this happens before any DOM onsubmit handlers are invoked.] + * Looks for a password change in the submitted form, so we can update + * our stored password. + * + * @param {FormLike} form + */ + _onFormSubmit(form) { + log("_onFormSubmit", form); + var doc = form.ownerDocument; + var win = doc.defaultView; + + if (PrivateBrowsingUtils.isContentWindowPrivate(win)) { + // We won't do anything in private browsing mode anyway, + // so there's no need to perform further checks. + log("(form submission ignored in private browsing mode)"); + return; + } + + // If password saving is disabled (globally or for host), bail out now. + if (!gEnabled) + return; + + var hostname = LoginUtils._getPasswordOrigin(doc.documentURI); + if (!hostname) { + log("(form submission ignored -- invalid hostname)"); + return; + } + + let formSubmitURL = LoginUtils._getActionOrigin(form); + let messageManager = messageManagerFromWindow(win); + + let recipes = messageManager.sendSyncMessage("RemoteLogins:findRecipes", { + formOrigin: hostname, + })[0]; + + // Get the appropriate fields from the form. + var [usernameField, newPasswordField, oldPasswordField] = + this._getFormFields(form, true, recipes); + + // Need at least 1 valid password field to do anything. + if (newPasswordField == null) + return; + + // Check for autocomplete=off attribute. We don't use it to prevent + // autofilling (for existing logins), but won't save logins when it's + // present and the storeWhenAutocompleteOff pref is false. + // XXX spin out a bug that we don't update timeLastUsed in this case? + if ((this._isAutocompleteDisabled(form) || + this._isAutocompleteDisabled(usernameField) || + this._isAutocompleteDisabled(newPasswordField) || + this._isAutocompleteDisabled(oldPasswordField)) && + !gStoreWhenAutocompleteOff) { + log("(form submission ignored -- autocomplete=off found)"); + return; + } + + // Don't try to send DOM nodes over IPC. + let mockUsername = usernameField ? + { name: usernameField.name, + value: usernameField.value } : + null; + let mockPassword = { name: newPasswordField.name, + value: newPasswordField.value }; + let mockOldPassword = oldPasswordField ? + { name: oldPasswordField.name, + value: oldPasswordField.value } : + null; + + // Make sure to pass the opener's top in case it was in a frame. + let openerTopWindow = win.opener ? win.opener.top : null; + + messageManager.sendAsyncMessage("RemoteLogins:onFormSubmit", + { hostname: hostname, + formSubmitURL: formSubmitURL, + usernameField: mockUsername, + newPasswordField: mockPassword, + oldPasswordField: mockOldPassword }, + { openerTopWindow }); + }, + + /** + * Attempt to find the username and password fields in a form, and fill them + * in using the provided logins and recipes. + * + * @param {LoginForm} form + * @param {bool} autofillForm denotes if we should fill the form in automatically + * @param {bool} clobberUsername controls if an existing username can be overwritten. + * If this is false and an inputElement of type password + * is also passed, the username field will be ignored. + * If this is false and no inputElement is passed, if the username + * field value is not found in foundLogins, it will not fill the password. + * @param {bool} clobberPassword controls if an existing password value can be + * overwritten + * @param {bool} userTriggered is an indication of whether this filling was triggered by + * the user + * @param {nsILoginInfo[]} foundLogins is an array of nsILoginInfo that could be used for the form + * @param {Set} recipes that could be used to affect how the form is filled + * @param {Object} [options = {}] is a list of options for this method. + - [inputElement] is an optional target input element we want to fill + */ + _fillForm(form, autofillForm, clobberUsername, clobberPassword, + userTriggered, foundLogins, recipes, {inputElement} = {}) { + if (form instanceof Ci.nsIDOMHTMLFormElement) { + throw new Error("_fillForm should only be called with FormLike objects"); + } + + log("_fillForm", form.elements); + let ignoreAutocomplete = true; + // Will be set to one of AUTOFILL_RESULT in the `try` block. + let autofillResult = -1; + const AUTOFILL_RESULT = { + FILLED: 0, + NO_PASSWORD_FIELD: 1, + PASSWORD_DISABLED_READONLY: 2, + NO_LOGINS_FIT: 3, + NO_SAVED_LOGINS: 4, + EXISTING_PASSWORD: 5, + EXISTING_USERNAME: 6, + MULTIPLE_LOGINS: 7, + NO_AUTOFILL_FORMS: 8, + AUTOCOMPLETE_OFF: 9, + INSECURE: 10, + }; + + try { + // Nothing to do if we have no matching logins available, + // and there isn't a need to show the insecure form warning. + if (foundLogins.length == 0 && + (InsecurePasswordUtils.isFormSecure(form) || + !LoginHelper.showInsecureFieldWarning)) { + // We don't log() here since this is a very common case. + autofillResult = AUTOFILL_RESULT.NO_SAVED_LOGINS; + return; + } + + // Heuristically determine what the user/pass fields are + // We do this before checking to see if logins are stored, + // so that the user isn't prompted for a master password + // without need. + var [usernameField, passwordField, ignored] = + this._getFormFields(form, false, recipes); + + // If we have a password inputElement parameter and it's not + // the same as the one heuristically found, use the parameter + // one instead. + if (inputElement) { + if (inputElement.type == "password") { + passwordField = inputElement; + if (!clobberUsername) { + usernameField = null; + } + } else if (LoginHelper.isUsernameFieldType(inputElement)) { + usernameField = inputElement; + } else { + throw new Error("Unexpected input element type."); + } + } + + // Need a valid password field to do anything. + if (passwordField == null) { + log("not filling form, no password field found"); + autofillResult = AUTOFILL_RESULT.NO_PASSWORD_FIELD; + return; + } + + // If the password field is disabled or read-only, there's nothing to do. + if (passwordField.disabled || passwordField.readOnly) { + log("not filling form, password field disabled or read-only"); + autofillResult = AUTOFILL_RESULT.PASSWORD_DISABLED_READONLY; + return; + } + + // Attach autocomplete stuff to the username field, if we have + // one. This is normally used to select from multiple accounts, + // but even with one account we should refill if the user edits. + // We would also need this attached to show the insecure login + // warning, regardless of saved login. + if (usernameField) { + this._formFillService.markAsLoginManagerField(usernameField); + } + + // Nothing to do if we have no matching logins available. + // Only insecure pages reach this block and logs the same + // telemetry flag. + if (foundLogins.length == 0) { + // We don't log() here since this is a very common case. + autofillResult = AUTOFILL_RESULT.NO_SAVED_LOGINS; + return; + } + + // Prevent autofilling insecure forms. + if (!userTriggered && !LoginHelper.insecureAutofill && + !InsecurePasswordUtils.isFormSecure(form)) { + log("not filling form since it's insecure"); + autofillResult = AUTOFILL_RESULT.INSECURE; + return; + } + + var isAutocompleteOff = false; + if (this._isAutocompleteDisabled(form) || + this._isAutocompleteDisabled(usernameField) || + this._isAutocompleteDisabled(passwordField)) { + isAutocompleteOff = true; + } + + // Discard logins which have username/password values that don't + // fit into the fields (as specified by the maxlength attribute). + // The user couldn't enter these values anyway, and it helps + // with sites that have an extra PIN to be entered (bug 391514) + var maxUsernameLen = Number.MAX_VALUE; + var maxPasswordLen = Number.MAX_VALUE; + + // If attribute wasn't set, default is -1. + if (usernameField && usernameField.maxLength >= 0) + maxUsernameLen = usernameField.maxLength; + if (passwordField.maxLength >= 0) + maxPasswordLen = passwordField.maxLength; + + var logins = foundLogins.filter(function (l) { + var fit = (l.username.length <= maxUsernameLen && + l.password.length <= maxPasswordLen); + if (!fit) + log("Ignored", l.username, "login: won't fit"); + + return fit; + }, this); + + if (logins.length == 0) { + log("form not filled, none of the logins fit in the field"); + autofillResult = AUTOFILL_RESULT.NO_LOGINS_FIT; + return; + } + + // Don't clobber an existing password. + if (passwordField.value && !clobberPassword) { + log("form not filled, the password field was already filled"); + autofillResult = AUTOFILL_RESULT.EXISTING_PASSWORD; + return; + } + + // Select a login to use for filling in the form. + var selectedLogin; + if (!clobberUsername && usernameField && (usernameField.value || + usernameField.disabled || + usernameField.readOnly)) { + // If username was specified in the field, it's disabled or it's readOnly, only fill in the + // password if we find a matching login. + var username = usernameField.value.toLowerCase(); + + let matchingLogins = logins.filter(l => + l.username.toLowerCase() == username); + if (matchingLogins.length == 0) { + log("Password not filled. None of the stored logins match the username already present."); + autofillResult = AUTOFILL_RESULT.EXISTING_USERNAME; + return; + } + + // If there are multiple, and one matches case, use it + for (let l of matchingLogins) { + if (l.username == usernameField.value) { + selectedLogin = l; + } + } + // Otherwise just use the first + if (!selectedLogin) { + selectedLogin = matchingLogins[0]; + } + } else if (logins.length == 1) { + selectedLogin = logins[0]; + } else { + // We have multiple logins. Handle a special case here, for sites + // which have a normal user+pass login *and* a password-only login + // (eg, a PIN). Prefer the login that matches the type of the form + // (user+pass or pass-only) when there's exactly one that matches. + let matchingLogins; + if (usernameField) + matchingLogins = logins.filter(l => l.username); + else + matchingLogins = logins.filter(l => !l.username); + + if (matchingLogins.length != 1) { + log("Multiple logins for form, so not filling any."); + autofillResult = AUTOFILL_RESULT.MULTIPLE_LOGINS; + return; + } + + selectedLogin = matchingLogins[0]; + } + + // We will always have a selectedLogin at this point. + + if (!autofillForm) { + log("autofillForms=false but form can be filled"); + autofillResult = AUTOFILL_RESULT.NO_AUTOFILL_FORMS; + return; + } + + if (isAutocompleteOff && !ignoreAutocomplete) { + log("Not filling the login because we're respecting autocomplete=off"); + autofillResult = AUTOFILL_RESULT.AUTOCOMPLETE_OFF; + return; + } + + // Fill the form + + if (usernameField) { + // Don't modify the username field if it's disabled or readOnly so we preserve its case. + let disabledOrReadOnly = usernameField.disabled || usernameField.readOnly; + + let userNameDiffers = selectedLogin.username != usernameField.value; + // Don't replace the username if it differs only in case, and the user triggered + // this autocomplete. We assume that if it was user-triggered the entered text + // is desired. + let userEnteredDifferentCase = userTriggered && userNameDiffers && + usernameField.value.toLowerCase() == selectedLogin.username.toLowerCase(); + + if (!disabledOrReadOnly && !userEnteredDifferentCase && userNameDiffers) { + usernameField.setUserInput(selectedLogin.username); + } + } + + let doc = form.ownerDocument; + if (passwordField.value != selectedLogin.password) { + passwordField.setUserInput(selectedLogin.password); + let autoFilledLogin = { + guid: selectedLogin.QueryInterface(Ci.nsILoginMetaInfo).guid, + username: selectedLogin.username, + usernameField: usernameField ? Cu.getWeakReference(usernameField) : null, + password: selectedLogin.password, + passwordField: Cu.getWeakReference(passwordField), + }; + log("Saving autoFilledLogin", autoFilledLogin.guid, "for", form.rootElement); + this.stateForDocument(doc).fillsByRootElement.set(form.rootElement, autoFilledLogin); + } + + log("_fillForm succeeded"); + autofillResult = AUTOFILL_RESULT.FILLED; + + let win = doc.defaultView; + let messageManager = messageManagerFromWindow(win); + messageManager.sendAsyncMessage("LoginStats:LoginFillSuccessful"); + } finally { + if (autofillResult == -1) { + // eslint-disable-next-line no-unsafe-finally + throw new Error("_fillForm: autofillResult must be specified"); + } + + if (!userTriggered) { + // Ignore fills as a result of user action for this probe. + Services.telemetry.getHistogramById("PWMGR_FORM_AUTOFILL_RESULT").add(autofillResult); + + if (usernameField) { + let focusedElement = this._formFillService.focusedInput; + if (usernameField == focusedElement && + autofillResult !== AUTOFILL_RESULT.FILLED) { + log("_fillForm: Opening username autocomplete popup since the form wasn't autofilled"); + this._formFillService.showPopup(); + } + } + } + + if (usernameField) { + log("_fillForm: Attaching event listeners to usernameField"); + usernameField.addEventListener("focus", observer); + usernameField.addEventListener("contextmenu", observer); + } + + Services.obs.notifyObservers(form.rootElement, "passwordmgr-processed-form", null); + } + }, + + /** + * Given a field, determine whether that field was last filled as a username + * field AND whether the username is still filled in with the username AND + * whether the associated password field has the matching password. + * + * @note This could possibly be unified with getFieldContext but they have + * slightly different use cases. getFieldContext looks up recipes whereas this + * method doesn't need to since it's only returning a boolean based upon the + * recipes used for the last fill (in _fillForm). + * + * @param {HTMLInputElement} aUsernameField element contained in a FormLike + * cached in _formLikeByRootElement. + * @returns {Boolean} whether the username and password fields still have the + * last-filled values, if previously filled. + */ + _isLoginAlreadyFilled(aUsernameField) { + let formLikeRoot = FormLikeFactory.findRootForField(aUsernameField); + // Look for the existing FormLike. + let existingFormLike = this._formLikeByRootElement.get(formLikeRoot); + if (!existingFormLike) { + throw new Error("_isLoginAlreadyFilled called with a username field with " + + "no rootElement FormLike"); + } + + log("_isLoginAlreadyFilled: existingFormLike", existingFormLike); + let filledLogin = this.stateForDocument(aUsernameField.ownerDocument).fillsByRootElement.get(formLikeRoot); + if (!filledLogin) { + return false; + } + + // Unpack the weak references. + let autoFilledUsernameField = filledLogin.usernameField ? filledLogin.usernameField.get() : null; + let autoFilledPasswordField = filledLogin.passwordField.get(); + + // Check username and password values match what was filled. + if (!autoFilledUsernameField || + autoFilledUsernameField != aUsernameField || + autoFilledUsernameField.value != filledLogin.username || + !autoFilledPasswordField || + autoFilledPasswordField.value != filledLogin.password) { + return false; + } + + return true; + }, + + /** + * Verify if a field is a valid login form field and + * returns some information about it's FormLike. + * + * @param {Element} aField + * A form field we want to verify. + * + * @returns {Object} an object with information about the + * FormLike username and password field + * or null if the passed field is invalid. + */ + getFieldContext(aField) { + // If the element is not a proper form field, return null. + if (!(aField instanceof Ci.nsIDOMHTMLInputElement) || + (aField.type != "password" && !LoginHelper.isUsernameFieldType(aField)) || + !aField.ownerDocument) { + return null; + } + let form = LoginFormFactory.createFromField(aField); + + let doc = aField.ownerDocument; + let messageManager = messageManagerFromWindow(doc.defaultView); + let recipes = messageManager.sendSyncMessage("RemoteLogins:findRecipes", { + formOrigin: LoginUtils._getPasswordOrigin(doc.documentURI), + })[0]; + + let [usernameField, newPasswordField] = + this._getFormFields(form, false, recipes); + + // If we are not verifying a password field, we want + // to use aField as the username field. + if (aField.type != "password") { + usernameField = aField; + } + + return { + usernameField: { + found: !!usernameField, + disabled: usernameField && (usernameField.disabled || usernameField.readOnly), + }, + passwordField: { + found: !!newPasswordField, + disabled: newPasswordField && (newPasswordField.disabled || newPasswordField.readOnly), + }, + }; + }, +}; + +var LoginUtils = { + /** + * Get the parts of the URL we want for identification. + * Strip out things like the userPass portion + */ + _getPasswordOrigin(uriString, allowJS) { + var realm = ""; + try { + var uri = Services.io.newURI(uriString, null, null); + + if (allowJS && uri.scheme == "javascript") + return "javascript:"; + + // Build this manually instead of using prePath to avoid including the userPass portion. + realm = uri.scheme + "://" + uri.hostPort; + } catch (e) { + // bug 159484 - disallow url types that don't support a hostPort. + // (although we handle "javascript:..." as a special case above.) + log("Couldn't parse origin for", uriString, e); + realm = null; + } + + return realm; + }, + + _getActionOrigin(form) { + var uriString = form.action; + + // A blank or missing action submits to where it came from. + if (uriString == "") + uriString = form.baseURI; // ala bug 297761 + + return this._getPasswordOrigin(uriString, true); + }, +}; + +// nsIAutoCompleteResult implementation +function UserAutoCompleteResult(aSearchString, matchingLogins, {isSecure, messageManager, isPasswordField}) { + function loginSort(a, b) { + var userA = a.username.toLowerCase(); + var userB = b.username.toLowerCase(); + + if (userA < userB) + return -1; + + if (userA > userB) + return 1; + + return 0; + } + + function findDuplicates(loginList) { + let seen = new Set(); + let duplicates = new Set(); + for (let login of loginList) { + if (seen.has(login.username)) { + duplicates.add(login.username); + } + seen.add(login.username); + } + return duplicates; + } + + this._showInsecureFieldWarning = (!isSecure && LoginHelper.showInsecureFieldWarning) ? 1 : 0; + this.searchString = aSearchString; + this.logins = matchingLogins.sort(loginSort); + this.matchCount = matchingLogins.length + this._showInsecureFieldWarning; + this._messageManager = messageManager; + this._stringBundle = Services.strings.createBundle("chrome://passwordmgr/locale/passwordmgr.properties"); + this._dateAndTimeFormatter = new Intl.DateTimeFormat(undefined, + { day: "numeric", month: "short", year: "numeric" }); + + this._isPasswordField = isPasswordField; + + this._duplicateUsernames = findDuplicates(matchingLogins); + + if (this.matchCount > 0) { + this.searchResult = Ci.nsIAutoCompleteResult.RESULT_SUCCESS; + this.defaultIndex = 0; + } +} + +UserAutoCompleteResult.prototype = { + QueryInterface : XPCOMUtils.generateQI([Ci.nsIAutoCompleteResult, + Ci.nsISupportsWeakReference]), + + // private + logins : null, + + // Allow autoCompleteSearch to get at the JS object so it can + // modify some readonly properties for internal use. + get wrappedJSObject() { + return this; + }, + + // Interfaces from idl... + searchString : null, + searchResult : Ci.nsIAutoCompleteResult.RESULT_NOMATCH, + defaultIndex : -1, + errorDescription : "", + matchCount : 0, + + getValueAt(index) { + if (index < 0 || index >= this.matchCount) { + throw new Error("Index out of range."); + } + + if (this._showInsecureFieldWarning && index === 0) { + return ""; + } + + let selectedLogin = this.logins[index - this._showInsecureFieldWarning]; + + return this._isPasswordField ? selectedLogin.password : selectedLogin.username; + }, + + getLabelAt(index) { + if (index < 0 || index >= this.matchCount) { + throw new Error("Index out of range."); + } + + if (this._showInsecureFieldWarning && index === 0) { + return this._stringBundle.GetStringFromName("insecureFieldWarningDescription") + " " + + this._stringBundle.GetStringFromName("insecureFieldWarningLearnMore"); + } + + let that = this; + + function getLocalizedString(key, formatArgs) { + if (formatArgs) { + return that._stringBundle.formatStringFromName(key, formatArgs, formatArgs.length); + } + return that._stringBundle.GetStringFromName(key); + } + + let login = this.logins[index - this._showInsecureFieldWarning]; + let username = login.username; + // If login is empty or duplicated we want to append a modification date to it. + if (!username || this._duplicateUsernames.has(username)) { + if (!username) { + username = getLocalizedString("noUsername"); + } + let meta = login.QueryInterface(Ci.nsILoginMetaInfo); + let time = this._dateAndTimeFormatter.format(new Date(meta.timePasswordChanged)); + username = getLocalizedString("loginHostAge", [username, time]); + } + + return username; + }, + + getCommentAt(index) { + return ""; + }, + + getStyleAt(index) { + if (index == 0 && this._showInsecureFieldWarning) { + return "insecureWarning"; + } + + return "login"; + }, + + getImageAt(index) { + return ""; + }, + + getFinalCompleteValueAt(index) { + return this.getValueAt(index); + }, + + removeValueAt(index, removeFromDB) { + if (index < 0 || index >= this.matchCount) { + throw new Error("Index out of range."); + } + + if (this._showInsecureFieldWarning && index === 0) { + // Ignore the warning message item. + return; + } + if (this._showInsecureFieldWarning) { + index--; + } + + var [removedLogin] = this.logins.splice(index, 1); + + this.matchCount--; + if (this.defaultIndex > this.logins.length) + this.defaultIndex--; + + if (removeFromDB) { + if (this._messageManager) { + let vanilla = LoginHelper.loginToVanillaObject(removedLogin); + this._messageManager.sendAsyncMessage("RemoteLogins:removeLogin", + { login: vanilla }); + } else { + Services.logins.removeLogin(removedLogin); + } + } + } +}; + +/** + * A factory to generate FormLike objects that represent a set of login fields + * which aren't necessarily marked up with a <form> element. + */ +var LoginFormFactory = { + /** + * Create a LoginForm object from a <form>. + * + * @param {HTMLFormElement} aForm + * @return {LoginForm} + * @throws Error if aForm isn't an HTMLFormElement + */ + createFromForm(aForm) { + let formLike = FormLikeFactory.createFromForm(aForm); + formLike.action = LoginUtils._getActionOrigin(aForm); + + let state = LoginManagerContent.stateForDocument(formLike.ownerDocument); + state.loginFormRootElements.add(formLike.rootElement); + log("adding", formLike.rootElement, "to loginFormRootElements for", formLike.ownerDocument); + + LoginManagerContent._formLikeByRootElement.set(formLike.rootElement, formLike); + return formLike; + }, + + /** + * Create a LoginForm object from a password or username field. + * + * If the field is in a <form>, construct the LoginForm from the form. + * Otherwise, create a LoginForm with a rootElement (wrapper) according to + * heuristics. Currently all <input> not in a <form> are one LoginForm but this + * shouldn't be relied upon as the heuristics may change to detect multiple + * "forms" (e.g. registration and login) on one page with a <form>. + * + * Note that two LoginForms created from the same field won't return the same LoginForm object. + * Use the `rootElement` property on the LoginForm as a key instead. + * + * @param {HTMLInputElement} aField - a password or username field in a document + * @return {LoginForm} + * @throws Error if aField isn't a password or username field in a document + */ + createFromField(aField) { + if (!(aField instanceof Ci.nsIDOMHTMLInputElement) || + (aField.type != "password" && !LoginHelper.isUsernameFieldType(aField)) || + !aField.ownerDocument) { + throw new Error("createFromField requires a password or username field in a document"); + } + + if (aField.form) { + return this.createFromForm(aField.form); + } + + let formLike = FormLikeFactory.createFromField(aField); + formLike.action = LoginUtils._getPasswordOrigin(aField.ownerDocument.baseURI); + log("Created non-form FormLike for rootElement:", aField.ownerDocument.documentElement); + + let state = LoginManagerContent.stateForDocument(formLike.ownerDocument); + state.loginFormRootElements.add(formLike.rootElement); + log("adding", formLike.rootElement, "to loginFormRootElements for", formLike.ownerDocument); + + + LoginManagerContent._formLikeByRootElement.set(formLike.rootElement, formLike); + + return formLike; + }, +}; diff --git a/toolkit/components/passwordmgr/LoginManagerContextMenu.jsm b/toolkit/components/passwordmgr/LoginManagerContextMenu.jsm new file mode 100644 index 000000000..5c88687bf --- /dev/null +++ b/toolkit/components/passwordmgr/LoginManagerContextMenu.jsm @@ -0,0 +1,199 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +this.EXPORTED_SYMBOLS = ["LoginManagerContextMenu"]; + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginManagerParent", + "resource://gre/modules/LoginManagerParent.jsm"); + +/* + * Password manager object for the browser contextual menu. + */ +var LoginManagerContextMenu = { + /** + * Look for login items and add them to the contextual menu. + * + * @param {HTMLInputElement} inputElement + * The target input element of the context menu click. + * @param {xul:browser} browser + * The browser for the document the context menu was open on. + * @param {nsIURI} documentURI + * The URI of the document that the context menu was activated from. + * This isn't the same as the browser's top-level document URI + * when subframes are involved. + * @returns {DocumentFragment} a document fragment with all the login items. + */ + addLoginsToMenu(inputElement, browser, documentURI) { + let foundLogins = this._findLogins(documentURI); + + if (!foundLogins.length) { + return null; + } + + let fragment = browser.ownerDocument.createDocumentFragment(); + let duplicateUsernames = this._findDuplicates(foundLogins); + for (let login of foundLogins) { + let item = fragment.ownerDocument.createElement("menuitem"); + + let username = login.username; + // If login is empty or duplicated we want to append a modification date to it. + if (!username || duplicateUsernames.has(username)) { + if (!username) { + username = this._getLocalizedString("noUsername"); + } + let meta = login.QueryInterface(Ci.nsILoginMetaInfo); + let time = this.dateAndTimeFormatter.format(new Date(meta.timePasswordChanged)); + username = this._getLocalizedString("loginHostAge", [username, time]); + } + item.setAttribute("label", username); + item.setAttribute("class", "context-login-item"); + + // login is bound so we can keep the reference to each object. + item.addEventListener("command", function(login, event) { + this._fillTargetField(login, inputElement, browser, documentURI); + }.bind(this, login)); + + fragment.appendChild(item); + } + + return fragment; + }, + + /** + * Undoes the work of addLoginsToMenu for the same menu. + * + * @param {Document} + * The context menu owner document. + */ + clearLoginsFromMenu(document) { + let loginItems = document.getElementsByClassName("context-login-item"); + while (loginItems.item(0)) { + loginItems.item(0).remove(); + } + }, + + /** + * Find logins for the current URI. + * + * @param {nsIURI} documentURI + * URI object with the hostname of the logins we want to find. + * This isn't the same as the browser's top-level document URI + * when subframes are involved. + * + * @returns {nsILoginInfo[]} a login list + */ + _findLogins(documentURI) { + let searchParams = { + hostname: documentURI.prePath, + schemeUpgrades: LoginHelper.schemeUpgrades, + }; + let logins = LoginHelper.searchLoginsWithObject(searchParams); + let resolveBy = [ + "scheme", + "timePasswordChanged", + ]; + logins = LoginHelper.dedupeLogins(logins, ["username", "password"], resolveBy, documentURI.prePath); + + // Sort logins in alphabetical order and by date. + logins.sort((loginA, loginB) => { + // Sort alphabetically + let result = loginA.username.localeCompare(loginB.username); + if (result) { + // Forces empty logins to be at the end + if (!loginA.username) { + return 1; + } + if (!loginB.username) { + return -1; + } + return result; + } + + // Same username logins are sorted by last change date + let metaA = loginA.QueryInterface(Ci.nsILoginMetaInfo); + let metaB = loginB.QueryInterface(Ci.nsILoginMetaInfo); + return metaB.timePasswordChanged - metaA.timePasswordChanged; + }); + + return logins; + }, + + /** + * Find duplicate usernames in a login list. + * + * @param {nsILoginInfo[]} loginList + * A list of logins we want to look for duplicate usernames. + * + * @returns {Set} a set with the duplicate usernames. + */ + _findDuplicates(loginList) { + let seen = new Set(); + let duplicates = new Set(); + for (let login of loginList) { + if (seen.has(login.username)) { + duplicates.add(login.username); + } + seen.add(login.username); + } + return duplicates; + }, + + /** + * @param {nsILoginInfo} login + * The login we want to fill the form with. + * @param {Element} inputElement + * The target input element we want to fill. + * @param {xul:browser} browser + * The target tab browser. + * @param {nsIURI} documentURI + * URI of the document owning the form we want to fill. + * This isn't the same as the browser's top-level + * document URI when subframes are involved. + */ + _fillTargetField(login, inputElement, browser, documentURI) { + LoginManagerParent.fillForm({ + browser: browser, + loginFormOrigin: documentURI.prePath, + login: login, + inputElement: inputElement, + }).catch(Cu.reportError); + }, + + /** + * @param {string} key + * The localized string key + * @param {string[]} formatArgs + * An array of formatting argument string + * + * @returns {string} the localized string for the specified key, + * formatted with arguments if required. + */ + _getLocalizedString(key, formatArgs) { + if (formatArgs) { + return this._stringBundle.formatStringFromName(key, formatArgs, formatArgs.length); + } + return this._stringBundle.GetStringFromName(key); + }, +}; + +XPCOMUtils.defineLazyGetter(LoginManagerContextMenu, "_stringBundle", function() { + return Services.strings. + createBundle("chrome://passwordmgr/locale/passwordmgr.properties"); +}); + +XPCOMUtils.defineLazyGetter(LoginManagerContextMenu, "dateAndTimeFormatter", function() { + return new Intl.DateTimeFormat(undefined, { + day: "numeric", + month: "short", + year: "numeric", + }); +}); diff --git a/toolkit/components/passwordmgr/LoginManagerParent.jsm b/toolkit/components/passwordmgr/LoginManagerParent.jsm new file mode 100644 index 000000000..e472fb61c --- /dev/null +++ b/toolkit/components/passwordmgr/LoginManagerParent.jsm @@ -0,0 +1,511 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + +Cu.importGlobalProperties(["URL"]); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/Task.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "UserAutoCompleteResult", + "resource://gre/modules/LoginManagerContent.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "AutoCompletePopup", + "resource://gre/modules/AutoCompletePopup.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "DeferredTask", + "resource://gre/modules/DeferredTask.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); + +XPCOMUtils.defineLazyGetter(this, "log", () => { + let logger = LoginHelper.createLogger("LoginManagerParent"); + return logger.log.bind(logger); +}); + +this.EXPORTED_SYMBOLS = [ "LoginManagerParent" ]; + +var LoginManagerParent = { + /** + * Reference to the default LoginRecipesParent (instead of the initialization promise) for + * synchronous access. This is a temporary hack and new consumers should yield on + * recipeParentPromise instead. + * + * @type LoginRecipesParent + * @deprecated + */ + _recipeManager: null, + + // Tracks the last time the user cancelled the master password prompt, + // to avoid spamming master password prompts on autocomplete searches. + _lastMPLoginCancelled: Math.NEGATIVE_INFINITY, + + _searchAndDedupeLogins: function (formOrigin, actionOrigin) { + let logins; + try { + logins = LoginHelper.searchLoginsWithObject({ + hostname: formOrigin, + formSubmitURL: actionOrigin, + schemeUpgrades: LoginHelper.schemeUpgrades, + }); + } catch (e) { + // Record the last time the user cancelled the MP prompt + // to avoid spamming them with MP prompts for autocomplete. + if (e.result == Cr.NS_ERROR_ABORT) { + log("User cancelled master password prompt."); + this._lastMPLoginCancelled = Date.now(); + return []; + } + throw e; + } + + // Dedupe so the length checks below still make sense with scheme upgrades. + let resolveBy = [ + "scheme", + "timePasswordChanged", + ]; + return LoginHelper.dedupeLogins(logins, ["username"], resolveBy, formOrigin); + }, + + init: function() { + let mm = Cc["@mozilla.org/globalmessagemanager;1"] + .getService(Ci.nsIMessageListenerManager); + mm.addMessageListener("RemoteLogins:findLogins", this); + mm.addMessageListener("RemoteLogins:findRecipes", this); + mm.addMessageListener("RemoteLogins:onFormSubmit", this); + mm.addMessageListener("RemoteLogins:autoCompleteLogins", this); + mm.addMessageListener("RemoteLogins:removeLogin", this); + mm.addMessageListener("RemoteLogins:insecureLoginFormPresent", this); + + XPCOMUtils.defineLazyGetter(this, "recipeParentPromise", () => { + const { LoginRecipesParent } = Cu.import("resource://gre/modules/LoginRecipes.jsm", {}); + this._recipeManager = new LoginRecipesParent({ + defaults: Services.prefs.getComplexValue("signon.recipes.path", Ci.nsISupportsString).data, + }); + return this._recipeManager.initializationPromise; + }); + }, + + receiveMessage: function (msg) { + let data = msg.data; + switch (msg.name) { + case "RemoteLogins:findLogins": { + // TODO Verify msg.target's principals against the formOrigin? + this.sendLoginDataToChild(data.options.showMasterPassword, + data.formOrigin, + data.actionOrigin, + data.requestId, + msg.target.messageManager); + break; + } + + case "RemoteLogins:findRecipes": { + let formHost = (new URL(data.formOrigin)).host; + return this._recipeManager.getRecipesForHost(formHost); + } + + case "RemoteLogins:onFormSubmit": { + // TODO Verify msg.target's principals against the formOrigin? + this.onFormSubmit(data.hostname, + data.formSubmitURL, + data.usernameField, + data.newPasswordField, + data.oldPasswordField, + msg.objects.openerTopWindow, + msg.target); + break; + } + + case "RemoteLogins:insecureLoginFormPresent": { + this.setHasInsecureLoginForms(msg.target, data.hasInsecureLoginForms); + break; + } + + case "RemoteLogins:autoCompleteLogins": { + this.doAutocompleteSearch(data, msg.target); + break; + } + + case "RemoteLogins:removeLogin": { + let login = LoginHelper.vanillaObjectToLogin(data.login); + AutoCompletePopup.removeLogin(login); + break; + } + } + + return undefined; + }, + + /** + * Trigger a login form fill and send relevant data (e.g. logins and recipes) + * to the child process (LoginManagerContent). + */ + fillForm: Task.async(function* ({ browser, loginFormOrigin, login, inputElement }) { + let recipes = []; + if (loginFormOrigin) { + let formHost; + try { + formHost = (new URL(loginFormOrigin)).host; + let recipeManager = yield this.recipeParentPromise; + recipes = recipeManager.getRecipesForHost(formHost); + } catch (ex) { + // Some schemes e.g. chrome aren't supported by URL + } + } + + // Convert the array of nsILoginInfo to vanilla JS objects since nsILoginInfo + // doesn't support structured cloning. + let jsLogins = [LoginHelper.loginToVanillaObject(login)]; + + let objects = inputElement ? {inputElement} : null; + browser.messageManager.sendAsyncMessage("RemoteLogins:fillForm", { + loginFormOrigin, + logins: jsLogins, + recipes, + }, objects); + }), + + /** + * Send relevant data (e.g. logins and recipes) to the child process (LoginManagerContent). + */ + sendLoginDataToChild: Task.async(function*(showMasterPassword, formOrigin, actionOrigin, + requestId, target) { + let recipes = []; + if (formOrigin) { + let formHost; + try { + formHost = (new URL(formOrigin)).host; + let recipeManager = yield this.recipeParentPromise; + recipes = recipeManager.getRecipesForHost(formHost); + } catch (ex) { + // Some schemes e.g. chrome aren't supported by URL + } + } + + if (!showMasterPassword && !Services.logins.isLoggedIn) { + try { + target.sendAsyncMessage("RemoteLogins:loginsFound", { + requestId: requestId, + logins: [], + recipes, + }); + } catch (e) { + log("error sending message to target", e); + } + return; + } + + // If we're currently displaying a master password prompt, defer + // processing this form until the user handles the prompt. + if (Services.logins.uiBusy) { + log("deferring sendLoginDataToChild for", formOrigin); + let self = this; + let observer = { + QueryInterface: XPCOMUtils.generateQI([Ci.nsIObserver, + Ci.nsISupportsWeakReference]), + + observe: function (subject, topic, data) { + log("Got deferred sendLoginDataToChild notification:", topic); + // Only run observer once. + Services.obs.removeObserver(this, "passwordmgr-crypto-login"); + Services.obs.removeObserver(this, "passwordmgr-crypto-loginCanceled"); + if (topic == "passwordmgr-crypto-loginCanceled") { + target.sendAsyncMessage("RemoteLogins:loginsFound", { + requestId: requestId, + logins: [], + recipes, + }); + return; + } + + self.sendLoginDataToChild(showMasterPassword, formOrigin, actionOrigin, + requestId, target); + }, + }; + + // Possible leak: it's possible that neither of these notifications + // will fire, and if that happens, we'll leak the observer (and + // never return). We should guarantee that at least one of these + // will fire. + // See bug XXX. + Services.obs.addObserver(observer, "passwordmgr-crypto-login", false); + Services.obs.addObserver(observer, "passwordmgr-crypto-loginCanceled", false); + return; + } + + let logins = this._searchAndDedupeLogins(formOrigin, actionOrigin); + + log("sendLoginDataToChild:", logins.length, "deduped logins"); + // Convert the array of nsILoginInfo to vanilla JS objects since nsILoginInfo + // doesn't support structured cloning. + var jsLogins = LoginHelper.loginsToVanillaObjects(logins); + target.sendAsyncMessage("RemoteLogins:loginsFound", { + requestId: requestId, + logins: jsLogins, + recipes, + }); + }), + + doAutocompleteSearch: function({ formOrigin, actionOrigin, + searchString, previousResult, + rect, requestId, isSecure, isPasswordField, + remote }, target) { + // Note: previousResult is a regular object, not an + // nsIAutoCompleteResult. + + // Cancel if we unsuccessfully prompted for the master password too recently. + if (!Services.logins.isLoggedIn) { + let timeDiff = Date.now() - this._lastMPLoginCancelled; + if (timeDiff < this._repromptTimeout) { + log("Not searching logins for autocomplete since the master password " + + `prompt was last cancelled ${Math.round(timeDiff / 1000)} seconds ago.`); + // Send an empty array to make LoginManagerContent clear the + // outstanding request it has temporarily saved. + target.messageManager.sendAsyncMessage("RemoteLogins:loginsAutoCompleted", { + requestId, + logins: [], + }); + return; + } + } + + let searchStringLower = searchString.toLowerCase(); + let logins; + if (previousResult && + searchStringLower.startsWith(previousResult.searchString.toLowerCase())) { + log("Using previous autocomplete result"); + + // We have a list of results for a shorter search string, so just + // filter them further based on the new search string. + logins = LoginHelper.vanillaObjectsToLogins(previousResult.logins); + } else { + log("Creating new autocomplete search result."); + + logins = this._searchAndDedupeLogins(formOrigin, actionOrigin); + } + + let matchingLogins = logins.filter(function(fullMatch) { + let match = fullMatch.username; + + // Remove results that are too short, or have different prefix. + // Also don't offer empty usernames as possible results except + // for password field. + if (isPasswordField) { + return true; + } + return match && match.toLowerCase().startsWith(searchStringLower); + }); + + // XXX In the E10S case, we're responsible for showing our own + // autocomplete popup here because the autocomplete protocol hasn't + // been e10s-ized yet. In the non-e10s case, our caller is responsible + // for showing the autocomplete popup (via the regular + // nsAutoCompleteController). + if (remote) { + let results = new UserAutoCompleteResult(searchString, matchingLogins, {isSecure}); + AutoCompletePopup.showPopupWithResults({ browser: target.ownerDocument.defaultView, rect, results }); + } + + // Convert the array of nsILoginInfo to vanilla JS objects since nsILoginInfo + // doesn't support structured cloning. + var jsLogins = LoginHelper.loginsToVanillaObjects(matchingLogins); + target.messageManager.sendAsyncMessage("RemoteLogins:loginsAutoCompleted", { + requestId: requestId, + logins: jsLogins, + }); + }, + + onFormSubmit: function(hostname, formSubmitURL, + usernameField, newPasswordField, + oldPasswordField, openerTopWindow, + target) { + function getPrompter() { + var prompterSvc = Cc["@mozilla.org/login-manager/prompter;1"]. + createInstance(Ci.nsILoginManagerPrompter); + prompterSvc.init(target.ownerDocument.defaultView); + prompterSvc.browser = target; + prompterSvc.opener = openerTopWindow; + return prompterSvc; + } + + function recordLoginUse(login) { + // Update the lastUsed timestamp and increment the use count. + let propBag = Cc["@mozilla.org/hash-property-bag;1"]. + createInstance(Ci.nsIWritablePropertyBag); + propBag.setProperty("timeLastUsed", Date.now()); + propBag.setProperty("timesUsedIncrement", 1); + Services.logins.modifyLogin(login, propBag); + } + + if (!Services.logins.getLoginSavingEnabled(hostname)) { + log("(form submission ignored -- saving is disabled for:", hostname, ")"); + return; + } + + var formLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + formLogin.init(hostname, formSubmitURL, null, + (usernameField ? usernameField.value : ""), + newPasswordField.value, + (usernameField ? usernameField.name : ""), + newPasswordField.name); + + // Below here we have one login per hostPort + action + username with the + // matching scheme being preferred. + let logins = this._searchAndDedupeLogins(hostname, formSubmitURL); + + // If we didn't find a username field, but seem to be changing a + // password, allow the user to select from a list of applicable + // logins to update the password for. + if (!usernameField && oldPasswordField && logins.length > 0) { + var prompter = getPrompter(); + + if (logins.length == 1) { + var oldLogin = logins[0]; + + if (oldLogin.password == formLogin.password) { + recordLoginUse(oldLogin); + log("(Not prompting to save/change since we have no username and the " + + "only saved password matches the new password)"); + return; + } + + formLogin.username = oldLogin.username; + formLogin.usernameField = oldLogin.usernameField; + + prompter.promptToChangePassword(oldLogin, formLogin); + } else { + // Note: It's possible that that we already have the correct u+p saved + // but since we don't have the username, we don't know if the user is + // changing a second account to the new password so we ask anyways. + + prompter.promptToChangePasswordWithUsernames( + logins, logins.length, formLogin); + } + + return; + } + + + var existingLogin = null; + // Look for an existing login that matches the form login. + for (let login of logins) { + let same; + + // If one login has a username but the other doesn't, ignore + // the username when comparing and only match if they have the + // same password. Otherwise, compare the logins and match even + // if the passwords differ. + if (!login.username && formLogin.username) { + var restoreMe = formLogin.username; + formLogin.username = ""; + same = LoginHelper.doLoginsMatch(formLogin, login, { + ignorePassword: false, + ignoreSchemes: LoginHelper.schemeUpgrades, + }); + formLogin.username = restoreMe; + } else if (!formLogin.username && login.username) { + formLogin.username = login.username; + same = LoginHelper.doLoginsMatch(formLogin, login, { + ignorePassword: false, + ignoreSchemes: LoginHelper.schemeUpgrades, + }); + formLogin.username = ""; // we know it's always blank. + } else { + same = LoginHelper.doLoginsMatch(formLogin, login, { + ignorePassword: true, + ignoreSchemes: LoginHelper.schemeUpgrades, + }); + } + + if (same) { + existingLogin = login; + break; + } + } + + if (existingLogin) { + log("Found an existing login matching this form submission"); + + // Change password if needed. + if (existingLogin.password != formLogin.password) { + log("...passwords differ, prompting to change."); + prompter = getPrompter(); + prompter.promptToChangePassword(existingLogin, formLogin); + } else if (!existingLogin.username && formLogin.username) { + log("...empty username update, prompting to change."); + prompter = getPrompter(); + prompter.promptToChangePassword(existingLogin, formLogin); + } else { + recordLoginUse(existingLogin); + } + + return; + } + + + // Prompt user to save login (via dialog or notification bar) + prompter = getPrompter(); + prompter.promptToSavePassword(formLogin); + }, + + /** + * Maps all the <browser> elements for tabs in the parent process to the + * current state used to display tab-specific UI. + * + * This mapping is not updated in case a web page is moved to a different + * chrome window by the swapDocShells method. In this case, it is possible + * that a UI update just requested for the login fill doorhanger and then + * delayed by a few hundred milliseconds will be lost. Later requests would + * use the new browser reference instead. + * + * Given that the case above is rare, and it would not cause any origin + * mismatch at the time of filling because the origin is checked later in the + * content process, this case is left unhandled. + */ + loginFormStateByBrowser: new WeakMap(), + + /** + * Retrieves a reference to the state object associated with the given + * browser. This is initialized to an empty object. + */ + stateForBrowser(browser) { + let loginFormState = this.loginFormStateByBrowser.get(browser); + if (!loginFormState) { + loginFormState = {}; + this.loginFormStateByBrowser.set(browser, loginFormState); + } + return loginFormState; + }, + + /** + * Returns true if the page currently loaded in the given browser element has + * insecure login forms. This state may be updated asynchronously, in which + * case a custom event named InsecureLoginFormsStateChange will be dispatched + * on the browser element. + */ + hasInsecureLoginForms(browser) { + return !!this.stateForBrowser(browser).hasInsecureLoginForms; + }, + + /** + * Called to indicate whether an insecure password field is present so + * insecure password UI can know when to show. + */ + setHasInsecureLoginForms(browser, hasInsecureLoginForms) { + let state = this.stateForBrowser(browser); + + // Update the data to use to the latest known values. Since messages are + // processed in order, this will always be the latest version to use. + state.hasInsecureLoginForms = hasInsecureLoginForms; + + // Report the insecure login form state immediately. + browser.dispatchEvent(new browser.ownerDocument.defaultView + .CustomEvent("InsecureLoginFormsStateChange")); + }, +}; + +XPCOMUtils.defineLazyPreferenceGetter(LoginManagerParent, "_repromptTimeout", + "signon.masterPasswordReprompt.timeout_ms", 900000); // 15 Minutes diff --git a/toolkit/components/passwordmgr/LoginRecipes.jsm b/toolkit/components/passwordmgr/LoginRecipes.jsm new file mode 100644 index 000000000..4a8124bbc --- /dev/null +++ b/toolkit/components/passwordmgr/LoginRecipes.jsm @@ -0,0 +1,260 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +this.EXPORTED_SYMBOLS = ["LoginRecipesContent", "LoginRecipesParent"]; + +const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; +const REQUIRED_KEYS = ["hosts"]; +const OPTIONAL_KEYS = ["description", "notUsernameSelector", "passwordSelector", "pathRegex", "usernameSelector"]; +const SUPPORTED_KEYS = REQUIRED_KEYS.concat(OPTIONAL_KEYS); + +Cu.importGlobalProperties(["URL"]); + +Cu.import("resource://gre/modules/NetUtil.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); + +XPCOMUtils.defineLazyGetter(this, "log", () => LoginHelper.createLogger("LoginRecipes")); + +/** + * Create an instance of the object to manage recipes in the parent process. + * Consumers should wait until {@link initializationPromise} resolves before + * calling methods on the object. + * + * @constructor + * @param {String} [aOptions.defaults=null] the URI to load the recipes from. + * If it's null, nothing is loaded. + * +*/ +function LoginRecipesParent(aOptions = { defaults: null }) { + if (Services.appinfo.processType != Ci.nsIXULRuntime.PROCESS_TYPE_DEFAULT) { + throw new Error("LoginRecipesParent should only be used from the main process"); + } + this._defaults = aOptions.defaults; + this.reset(); +} + +LoginRecipesParent.prototype = { + /** + * Promise resolved with an instance of itself when the module is ready. + * + * @type {Promise} + */ + initializationPromise: null, + + /** + * @type {bool} Whether default recipes were loaded at construction time. + */ + _defaults: null, + + /** + * @type {Map} Map of hosts (including non-default port numbers) to Sets of recipes. + * e.g. "example.com:8080" => Set({...}) + */ + _recipesByHost: null, + + /** + * @param {Object} aRecipes an object containing recipes to load for use. The object + * should be compatible with JSON (e.g. no RegExp). + * @return {Promise} resolving when the recipes are loaded + */ + load(aRecipes) { + let recipeErrors = 0; + for (let rawRecipe of aRecipes.siteRecipes) { + try { + rawRecipe.pathRegex = rawRecipe.pathRegex ? new RegExp(rawRecipe.pathRegex) : undefined; + this.add(rawRecipe); + } catch (ex) { + recipeErrors++; + log.error("Error loading recipe", rawRecipe, ex); + } + } + + if (recipeErrors) { + return Promise.reject(`There were ${recipeErrors} recipe error(s)`); + } + + return Promise.resolve(); + }, + + /** + * Reset the set of recipes to the ones from the time of construction. + */ + reset() { + log.debug("Resetting recipes with defaults:", this._defaults); + this._recipesByHost = new Map(); + + if (this._defaults) { + let channel = NetUtil.newChannel({uri: NetUtil.newURI(this._defaults, "UTF-8"), + loadUsingSystemPrincipal: true}); + channel.contentType = "application/json"; + + try { + this.initializationPromise = new Promise(function(resolve) { + NetUtil.asyncFetch(channel, function (stream, result) { + if (!Components.isSuccessCode(result)) { + throw new Error("Error fetching recipe file:" + result); + } + let count = stream.available(); + let data = NetUtil.readInputStreamToString(stream, count, { charset: "UTF-8" }); + resolve(JSON.parse(data)); + }); + }).then(recipes => { + return this.load(recipes); + }).then(resolve => { + return this; + }); + } catch (e) { + throw new Error("Error reading recipe file:" + e); + } + } else { + this.initializationPromise = Promise.resolve(this); + } + }, + + /** + * Validate the recipe is sane and then add it to the set of recipes. + * + * @param {Object} recipe + */ + add(recipe) { + log.debug("Adding recipe:", recipe); + let recipeKeys = Object.keys(recipe); + let unknownKeys = recipeKeys.filter(key => SUPPORTED_KEYS.indexOf(key) == -1); + if (unknownKeys.length > 0) { + throw new Error("The following recipe keys aren't supported: " + unknownKeys.join(", ")); + } + + let missingRequiredKeys = REQUIRED_KEYS.filter(key => recipeKeys.indexOf(key) == -1); + if (missingRequiredKeys.length > 0) { + throw new Error("The following required recipe keys are missing: " + missingRequiredKeys.join(", ")); + } + + if (!Array.isArray(recipe.hosts)) { + throw new Error("'hosts' must be a array"); + } + + if (!recipe.hosts.length) { + throw new Error("'hosts' must be a non-empty array"); + } + + if (recipe.pathRegex && recipe.pathRegex.constructor.name != "RegExp") { + throw new Error("'pathRegex' must be a regular expression"); + } + + const OPTIONAL_STRING_PROPS = ["description", "passwordSelector", "usernameSelector"]; + for (let prop of OPTIONAL_STRING_PROPS) { + if (recipe[prop] && typeof(recipe[prop]) != "string") { + throw new Error(`'${prop}' must be a string`); + } + } + + // Add the recipe to the map for each host + for (let host of recipe.hosts) { + if (!this._recipesByHost.has(host)) { + this._recipesByHost.set(host, new Set()); + } + this._recipesByHost.get(host).add(recipe); + } + }, + + /** + * Currently only exact host matches are returned but this will eventually handle parent domains. + * + * @param {String} aHost (e.g. example.com:8080 [non-default port] or sub.example.com) + * @return {Set} of recipes that apply to the host ordered by host priority + */ + getRecipesForHost(aHost) { + let hostRecipes = this._recipesByHost.get(aHost); + if (!hostRecipes) { + return new Set(); + } + + return hostRecipes; + }, +}; + + +var LoginRecipesContent = { + /** + * @param {Set} aRecipes - Possible recipes that could apply to the form + * @param {FormLike} aForm - We use a form instead of just a URL so we can later apply + * tests to the page contents. + * @return {Set} a subset of recipes that apply to the form with the order preserved + */ + _filterRecipesForForm(aRecipes, aForm) { + let formDocURL = aForm.ownerDocument.location; + let hostRecipes = aRecipes; + let recipes = new Set(); + log.debug("_filterRecipesForForm", aRecipes); + if (!hostRecipes) { + return recipes; + } + + for (let hostRecipe of hostRecipes) { + if (hostRecipe.pathRegex && !hostRecipe.pathRegex.test(formDocURL.pathname)) { + continue; + } + recipes.add(hostRecipe); + } + + return recipes; + }, + + /** + * Given a set of recipes that apply to the host, choose the one most applicable for + * overriding login fields in the form. + * + * @param {Set} aRecipes The set of recipes to consider for the form + * @param {FormLike} aForm The form where login fields exist. + * @return {Object} The recipe that is most applicable for the form. + */ + getFieldOverrides(aRecipes, aForm) { + let recipes = this._filterRecipesForForm(aRecipes, aForm); + log.debug("getFieldOverrides: filtered recipes:", recipes); + if (!recipes.size) { + return null; + } + + let chosenRecipe = null; + // Find the first (most-specific recipe that involves field overrides). + for (let recipe of recipes) { + if (!recipe.usernameSelector && !recipe.passwordSelector && + !recipe.notUsernameSelector) { + continue; + } + + chosenRecipe = recipe; + break; + } + + return chosenRecipe; + }, + + /** + * @param {HTMLElement} aParent the element to query for the selector from. + * @param {CSSSelector} aSelector the CSS selector to query for the login field. + * @return {HTMLElement|null} + */ + queryLoginField(aParent, aSelector) { + if (!aSelector) { + return null; + } + let field = aParent.ownerDocument.querySelector(aSelector); + if (!field) { + log.debug("Login field selector wasn't matched:", aSelector); + return null; + } + if (!(field instanceof aParent.ownerDocument.defaultView.HTMLInputElement)) { + log.warn("Login field isn't an <input> so ignoring it:", aSelector); + return null; + } + return field; + }, +}; diff --git a/toolkit/components/passwordmgr/LoginStore.jsm b/toolkit/components/passwordmgr/LoginStore.jsm new file mode 100644 index 000000000..9fa6e7dff --- /dev/null +++ b/toolkit/components/passwordmgr/LoginStore.jsm @@ -0,0 +1,136 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/** + * Handles serialization of the data and persistence into a file. + * + * The file is stored in JSON format, without indentation, using UTF-8 encoding. + * With indentation applied, the file would look like this: + * + * { + * "logins": [ + * { + * "id": 2, + * "hostname": "http://www.example.com", + * "httpRealm": null, + * "formSubmitURL": "http://www.example.com/submit-url", + * "usernameField": "username_field", + * "passwordField": "password_field", + * "encryptedUsername": "...", + * "encryptedPassword": "...", + * "guid": "...", + * "encType": 1, + * "timeCreated": 1262304000000, + * "timeLastUsed": 1262304000000, + * "timePasswordChanged": 1262476800000, + * "timesUsed": 1 + * }, + * { + * "id": 4, + * (...) + * } + * ], + * "disabledHosts": [ + * "http://www.example.org", + * "http://www.example.net" + * ], + * "nextId": 10, + * "version": 1 + * } + */ + +"use strict"; + +this.EXPORTED_SYMBOLS = [ + "LoginStore", +]; + +// Globals + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "JSONFile", + "resource://gre/modules/JSONFile.jsm"); + +/** + * Current data version assigned by the code that last touched the data. + * + * This number should be updated only when it is important to understand whether + * an old version of the code has touched the data, for example to execute an + * update logic. In most cases, this number should not be changed, in + * particular when no special one-time update logic is needed. + * + * For example, this number should NOT be changed when a new optional field is + * added to a login entry. + */ +const kDataVersion = 2; + +// The permission type we store in the permission manager. +const PERMISSION_SAVE_LOGINS = "login-saving"; + +// LoginStore + +/** + * Inherits from JSONFile and handles serialization of login-related data and + * persistence into a file. + * + * @param aPath + * String containing the file path where data should be saved. + */ +function LoginStore(aPath) { + JSONFile.call(this, { + path: aPath, + dataPostProcessor: this._dataPostProcessor.bind(this) + }); +} + +LoginStore.prototype = Object.create(JSONFile.prototype); +LoginStore.prototype.constructor = LoginStore; + +/** + * Synchronously work on the data just loaded into memory. + */ +LoginStore.prototype._dataPostProcessor = function(data) { + if (data.nextId === undefined) { + data.nextId = 1; + } + + // Create any arrays that are not present in the saved file. + if (!data.logins) { + data.logins = []; + } + + // Stub needed for login imports before data has been migrated. + if (!data.disabledHosts) { + data.disabledHosts = []; + } + + if (data.version === 1) { + this._migrateDisabledHosts(data); + } + + // Indicate that the current version of the code has touched the file. + data.version = kDataVersion; + + return data; +}; + +/** + * Migrates disabled hosts to the permission manager. + */ +LoginStore.prototype._migrateDisabledHosts = function (data) { + for (let host of data.disabledHosts) { + try { + let uri = Services.io.newURI(host, null, null); + Services.perms.add(uri, PERMISSION_SAVE_LOGINS, Services.perms.DENY_ACTION); + } catch (e) { + Cu.reportError(e); + } + } + + delete data.disabledHosts; +}; diff --git a/toolkit/components/passwordmgr/OSCrypto.jsm b/toolkit/components/passwordmgr/OSCrypto.jsm new file mode 100644 index 000000000..04254f66f --- /dev/null +++ b/toolkit/components/passwordmgr/OSCrypto.jsm @@ -0,0 +1,22 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/** + * Common front for various implementations of OSCrypto + */ + +"use strict"; + +Components.utils.import("resource://gre/modules/AppConstants.jsm"); +Components.utils.import("resource://gre/modules/Services.jsm"); + +this.EXPORTED_SYMBOLS = ["OSCrypto"]; + +var OSCrypto = {}; + +if (AppConstants.platform == "win") { + Services.scriptloader.loadSubScript("resource://gre/modules/OSCrypto_win.js", this); +} else { + throw new Error("OSCrypto.jsm isn't supported on this platform"); +} diff --git a/toolkit/components/passwordmgr/OSCrypto_win.js b/toolkit/components/passwordmgr/OSCrypto_win.js new file mode 100644 index 000000000..0f52f4269 --- /dev/null +++ b/toolkit/components/passwordmgr/OSCrypto_win.js @@ -0,0 +1,245 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +var { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "ctypes", "resource://gre/modules/ctypes.jsm"); + +const FLAGS_NOT_SET = 0; + +const wintypes = { + BOOL: ctypes.bool, + BYTE: ctypes.uint8_t, + DWORD: ctypes.uint32_t, + PBYTE: ctypes.unsigned_char.ptr, + PCHAR: ctypes.char.ptr, + PDWORD: ctypes.uint32_t.ptr, + PVOID: ctypes.voidptr_t, + WORD: ctypes.uint16_t, +}; + +function OSCrypto() { + this._structs = {}; + this._functions = new Map(); + this._libs = new Map(); + this._structs.DATA_BLOB = new ctypes.StructType("DATA_BLOB", + [ + {cbData: wintypes.DWORD}, + {pbData: wintypes.PVOID} + ]); + + try { + + this._libs.set("crypt32", ctypes.open("Crypt32")); + this._libs.set("kernel32", ctypes.open("Kernel32")); + + this._functions.set("CryptProtectData", + this._libs.get("crypt32").declare("CryptProtectData", + ctypes.winapi_abi, + wintypes.DWORD, + this._structs.DATA_BLOB.ptr, + wintypes.PVOID, + wintypes.PVOID, + wintypes.PVOID, + wintypes.PVOID, + wintypes.DWORD, + this._structs.DATA_BLOB.ptr)); + this._functions.set("CryptUnprotectData", + this._libs.get("crypt32").declare("CryptUnprotectData", + ctypes.winapi_abi, + wintypes.DWORD, + this._structs.DATA_BLOB.ptr, + wintypes.PVOID, + wintypes.PVOID, + wintypes.PVOID, + wintypes.PVOID, + wintypes.DWORD, + this._structs.DATA_BLOB.ptr)); + this._functions.set("LocalFree", + this._libs.get("kernel32").declare("LocalFree", + ctypes.winapi_abi, + wintypes.DWORD, + wintypes.PVOID)); + } catch (ex) { + Cu.reportError(ex); + this.finalize(); + throw ex; + } +} +OSCrypto.prototype = { + /** + * Convert an array containing only two bytes unsigned numbers to a string. + * @param {number[]} arr - the array that needs to be converted. + * @returns {string} the string representation of the array. + */ + arrayToString(arr) { + let str = ""; + for (let i = 0; i < arr.length; i++) { + str += String.fromCharCode(arr[i]); + } + return str; + }, + + /** + * Convert a string to an array. + * @param {string} str - the string that needs to be converted. + * @returns {number[]} the array representation of the string. + */ + stringToArray(str) { + let arr = []; + for (let i = 0; i < str.length; i++) { + arr.push(str.charCodeAt(i)); + } + return arr; + }, + + /** + * Calculate the hash value used by IE as the name of the registry value where login details are + * stored. + * @param {string} data - the string value that needs to be hashed. + * @returns {string} the hash value of the string. + */ + getIELoginHash(data) { + // return the two-digit hexadecimal code for a byte + function toHexString(charCode) { + return ("00" + charCode.toString(16)).slice(-2); + } + + // the data needs to be encoded in null terminated UTF-16 + data += "\0"; + let converter = Cc["@mozilla.org/intl/scriptableunicodeconverter"]. + createInstance(Ci.nsIScriptableUnicodeConverter); + converter.charset = "UTF-16"; + // result is an out parameter, + // result.value will contain the array length + let result = {}; + // dataArray is an array of bytes + let dataArray = converter.convertToByteArray(data, result); + // calculation of SHA1 hash value + let cryptoHash = Cc["@mozilla.org/security/hash;1"]. + createInstance(Ci.nsICryptoHash); + cryptoHash.init(cryptoHash.SHA1); + cryptoHash.update(dataArray, dataArray.length); + let hash = cryptoHash.finish(false); + + let tail = 0; // variable to calculate value for the last 2 bytes + // convert to a character string in hexadecimal notation + for (let c of hash) { + tail += c.charCodeAt(0); + } + hash += String.fromCharCode(tail % 256); + + // convert the binary hash data to a hex string. + let hashStr = Array.from(hash, (c, i) => toHexString(hash.charCodeAt(i))).join(""); + return hashStr.toUpperCase(); + }, + + /** + * Decrypt a string using the windows CryptUnprotectData API. + * @param {string} data - the encrypted string that needs to be decrypted. + * @param {?string} entropy - the entropy value of the decryption (could be null). Its value must + * be the same as the one used when the data was encrypted. + * @returns {string} the decryption of the string. + */ + decryptData(data, entropy = null) { + let array = this.stringToArray(data); + let decryptedData = ""; + let encryptedData = wintypes.BYTE.array(array.length)(array); + let inData = new this._structs.DATA_BLOB(encryptedData.length, encryptedData); + let outData = new this._structs.DATA_BLOB(); + let entropyParam; + if (entropy) { + let entropyArray = this.stringToArray(entropy); + entropyArray.push(0); + let entropyData = wintypes.WORD.array(entropyArray.length)(entropyArray); + let optionalEntropy = new this._structs.DATA_BLOB(entropyData.length * 2, + entropyData); + entropyParam = optionalEntropy.address(); + } else { + entropyParam = null; + } + + let status = this._functions.get("CryptUnprotectData")(inData.address(), null, + entropyParam, + null, null, FLAGS_NOT_SET, + outData.address()); + if (status === 0) { + throw new Error("decryptData failed: " + status); + } + + // convert byte array to JS string. + let len = outData.cbData; + let decrypted = ctypes.cast(outData.pbData, + wintypes.BYTE.array(len).ptr).contents; + for (let i = 0; i < decrypted.length; i++) { + decryptedData += String.fromCharCode(decrypted[i]); + } + + this._functions.get("LocalFree")(outData.pbData); + return decryptedData; + }, + + /** + * Encrypt a string using the windows CryptProtectData API. + * @param {string} data - the string that is going to be encrypted. + * @param {?string} entropy - the entropy value of the encryption (could be null). Its value must + * be the same as the one that is going to be used for the decryption. + * @returns {string} the encrypted string. + */ + encryptData(data, entropy = null) { + let encryptedData = ""; + let decryptedData = wintypes.BYTE.array(data.length)(this.stringToArray(data)); + + let inData = new this._structs.DATA_BLOB(data.length, decryptedData); + let outData = new this._structs.DATA_BLOB(); + let entropyParam; + if (!entropy) { + entropyParam = null; + } else { + let entropyArray = this.stringToArray(entropy); + entropyArray.push(0); + let entropyData = wintypes.WORD.array(entropyArray.length)(entropyArray); + let optionalEntropy = new this._structs.DATA_BLOB(entropyData.length * 2, + entropyData); + entropyParam = optionalEntropy.address(); + } + + let status = this._functions.get("CryptProtectData")(inData.address(), null, + entropyParam, + null, null, FLAGS_NOT_SET, + outData.address()); + if (status === 0) { + throw new Error("encryptData failed: " + status); + } + + // convert byte array to JS string. + let len = outData.cbData; + let encrypted = ctypes.cast(outData.pbData, + wintypes.BYTE.array(len).ptr).contents; + encryptedData = this.arrayToString(encrypted); + this._functions.get("LocalFree")(outData.pbData); + return encryptedData; + }, + + /** + * Must be invoked once after last use of any of the provided helpers. + */ + finalize() { + this._structs = {}; + this._functions.clear(); + for (let lib of this._libs.values()) { + try { + lib.close(); + } catch (ex) { + Cu.reportError(ex); + } + } + this._libs.clear(); + }, +}; diff --git a/toolkit/components/passwordmgr/content/passwordManager.js b/toolkit/components/passwordmgr/content/passwordManager.js new file mode 100644 index 000000000..333dc1d24 --- /dev/null +++ b/toolkit/components/passwordmgr/content/passwordManager.js @@ -0,0 +1,728 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/** * =================== SAVED SIGNONS CODE =================== ***/ +const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + +Cu.import("resource://gre/modules/AppConstants.jsm"); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "DeferredTask", + "resource://gre/modules/DeferredTask.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "PlacesUtils", + "resource://gre/modules/PlacesUtils.jsm"); + +let kSignonBundle; + +// Default value for signon table sorting +let lastSignonSortColumn = "hostname"; +let lastSignonSortAscending = true; + +let showingPasswords = false; + +// password-manager lists +let signons = []; +let deletedSignons = []; + +// Elements that would be used frequently +let filterField; +let togglePasswordsButton; +let signonsIntro; +let removeButton; +let removeAllButton; +let signonsTree; + +let signonReloadDisplay = { + observe: function(subject, topic, data) { + if (topic == "passwordmgr-storage-changed") { + switch (data) { + case "addLogin": + case "modifyLogin": + case "removeLogin": + case "removeAllLogins": + if (!signonsTree) { + return; + } + signons.length = 0; + LoadSignons(); + // apply the filter if needed + if (filterField && filterField.value != "") { + FilterPasswords(); + } + break; + } + Services.obs.notifyObservers(null, "passwordmgr-dialog-updated", null); + } + } +}; + +// Formatter for localization. +let dateFormatter = new Intl.DateTimeFormat(undefined, + { day: "numeric", month: "short", year: "numeric" }); +let dateAndTimeFormatter = new Intl.DateTimeFormat(undefined, + { day: "numeric", month: "short", year: "numeric", + hour: "numeric", minute: "numeric" }); + +function Startup() { + // be prepared to reload the display if anything changes + Services.obs.addObserver(signonReloadDisplay, "passwordmgr-storage-changed", false); + + signonsTree = document.getElementById("signonsTree"); + kSignonBundle = document.getElementById("signonBundle"); + filterField = document.getElementById("filter"); + togglePasswordsButton = document.getElementById("togglePasswords"); + signonsIntro = document.getElementById("signonsIntro"); + removeButton = document.getElementById("removeSignon"); + removeAllButton = document.getElementById("removeAllSignons"); + + togglePasswordsButton.label = kSignonBundle.getString("showPasswords"); + togglePasswordsButton.accessKey = kSignonBundle.getString("showPasswordsAccessKey"); + signonsIntro.textContent = kSignonBundle.getString("loginsDescriptionAll"); + document.getElementsByTagName("treecols")[0].addEventListener("click", (event) => { + let { target, button } = event; + let sortField = target.getAttribute("data-field-name"); + + if (target.nodeName != "treecol" || button != 0 || !sortField) { + return; + } + + SignonColumnSort(sortField); + Services.telemetry.getKeyedHistogramById("PWMGR_MANAGE_SORTED").add(sortField); + }); + + LoadSignons(); + + // filter the table if requested by caller + if (window.arguments && + window.arguments[0] && + window.arguments[0].filterString) { + setFilter(window.arguments[0].filterString); + Services.telemetry.getHistogramById("PWMGR_MANAGE_OPENED").add(1); + } else { + Services.telemetry.getHistogramById("PWMGR_MANAGE_OPENED").add(0); + } + + FocusFilterBox(); +} + +function Shutdown() { + Services.obs.removeObserver(signonReloadDisplay, "passwordmgr-storage-changed"); +} + +function setFilter(aFilterString) { + filterField.value = aFilterString; + FilterPasswords(); +} + +let signonsTreeView = { + // Keep track of which favicons we've fetched or started fetching. + // Maps a login origin to a favicon URL. + _faviconMap: new Map(), + _filterSet: [], + // Coalesce invalidations to avoid repeated flickering. + _invalidateTask: new DeferredTask(() => { + signonsTree.treeBoxObject.invalidateColumn(signonsTree.columns.siteCol); + }, 10), + _lastSelectedRanges: [], + selection: null, + + rowCount: 0, + setTree(tree) {}, + getImageSrc(row, column) { + if (column.element.getAttribute("id") !== "siteCol") { + return ""; + } + + const signon = this._filterSet.length ? this._filterSet[row] : signons[row]; + + // We already have the favicon URL or we started to fetch (value is null). + if (this._faviconMap.has(signon.hostname)) { + return this._faviconMap.get(signon.hostname); + } + + // Record the fact that we already starting fetching a favicon for this + // origin in order to avoid multiple requests for the same origin. + this._faviconMap.set(signon.hostname, null); + + PlacesUtils.promiseFaviconLinkUrl(signon.hostname) + .then(faviconURI => { + this._faviconMap.set(signon.hostname, faviconURI.spec); + this._invalidateTask.arm(); + }).catch(Cu.reportError); + + return ""; + }, + getProgressMode(row, column) {}, + getCellValue(row, column) {}, + getCellText(row, column) { + let time; + let signon = this._filterSet.length ? this._filterSet[row] : signons[row]; + switch (column.id) { + case "siteCol": + return signon.httpRealm ? + (signon.hostname + " (" + signon.httpRealm + ")") : + signon.hostname; + case "userCol": + return signon.username || ""; + case "passwordCol": + return signon.password || ""; + case "timeCreatedCol": + time = new Date(signon.timeCreated); + return dateFormatter.format(time); + case "timeLastUsedCol": + time = new Date(signon.timeLastUsed); + return dateAndTimeFormatter.format(time); + case "timePasswordChangedCol": + time = new Date(signon.timePasswordChanged); + return dateFormatter.format(time); + case "timesUsedCol": + return signon.timesUsed; + default: + return ""; + } + }, + isEditable(row, col) { + if (col.id == "userCol" || col.id == "passwordCol") { + return true; + } + return false; + }, + isSeparator(index) { return false; }, + isSorted() { return false; }, + isContainer(index) { return false; }, + cycleHeader(column) {}, + getRowProperties(row) { return ""; }, + getColumnProperties(column) { return ""; }, + getCellProperties(row, column) { + if (column.element.getAttribute("id") == "siteCol") + return "ltr"; + + return ""; + }, + setCellText(row, col, value) { + // If there is a filter, _filterSet needs to be used, otherwise signons is used. + let table = signonsTreeView._filterSet.length ? signonsTreeView._filterSet : signons; + function _editLogin(field) { + if (value == table[row][field]) { + return; + } + let existingLogin = table[row].clone(); + table[row][field] = value; + table[row].timePasswordChanged = Date.now(); + Services.logins.modifyLogin(existingLogin, table[row]); + signonsTree.treeBoxObject.invalidateRow(row); + } + + if (col.id == "userCol") { + _editLogin("username"); + + } else if (col.id == "passwordCol") { + if (!value) { + return; + } + _editLogin("password"); + } + }, +}; + +function SortTree(column, ascending) { + let table = signonsTreeView._filterSet.length ? signonsTreeView._filterSet : signons; + // remember which item was selected so we can restore it after the sort + let selections = GetTreeSelections(); + let selectedNumber = selections.length ? table[selections[0]].number : -1; + + function compareFunc(a, b) { + let valA, valB; + switch (column) { + case "hostname": + let realmA = a.httpRealm; + let realmB = b.httpRealm; + realmA = realmA == null ? "" : realmA.toLowerCase(); + realmB = realmB == null ? "" : realmB.toLowerCase(); + + valA = a[column].toLowerCase() + realmA; + valB = b[column].toLowerCase() + realmB; + break; + case "username": + case "password": + valA = a[column].toLowerCase(); + valB = b[column].toLowerCase(); + break; + + default: + valA = a[column]; + valB = b[column]; + } + + if (valA < valB) + return -1; + if (valA > valB) + return 1; + return 0; + } + + // do the sort + table.sort(compareFunc); + if (!ascending) { + table.reverse(); + } + + // restore the selection + let selectedRow = -1; + if (selectedNumber >= 0 && false) { + for (let s = 0; s < table.length; s++) { + if (table[s].number == selectedNumber) { + // update selection + // note: we need to deselect before reselecting in order to trigger ...Selected() + signonsTree.view.selection.select(-1); + signonsTree.view.selection.select(s); + selectedRow = s; + break; + } + } + } + + // display the results + signonsTree.treeBoxObject.invalidate(); + if (selectedRow >= 0) { + signonsTree.treeBoxObject.ensureRowIsVisible(selectedRow); + } +} + +function LoadSignons() { + // loads signons into table + try { + signons = Services.logins.getAllLogins(); + } catch (e) { + signons = []; + } + signons.forEach(login => login.QueryInterface(Ci.nsILoginMetaInfo)); + signonsTreeView.rowCount = signons.length; + + // sort and display the table + signonsTree.view = signonsTreeView; + // The sort column didn't change. SortTree (called by + // SignonColumnSort) assumes we want to toggle the sort + // direction but here we don't so we have to trick it + lastSignonSortAscending = !lastSignonSortAscending; + SignonColumnSort(lastSignonSortColumn); + + // disable "remove all signons" button if there are no signons + if (signons.length == 0) { + removeAllButton.setAttribute("disabled", "true"); + togglePasswordsButton.setAttribute("disabled", "true"); + } else { + removeAllButton.removeAttribute("disabled"); + togglePasswordsButton.removeAttribute("disabled"); + } + + return true; +} + +function GetTreeSelections() { + let selections = []; + let select = signonsTree.view.selection; + if (select) { + let count = select.getRangeCount(); + let min = {}; + let max = {}; + for (let i = 0; i < count; i++) { + select.getRangeAt(i, min, max); + for (let k = min.value; k <= max.value; k++) { + if (k != -1) { + selections[selections.length] = k; + } + } + } + } + return selections; +} + +function SignonSelected() { + let selections = GetTreeSelections(); + if (selections.length) { + removeButton.removeAttribute("disabled"); + } else { + removeButton.setAttribute("disabled", true); + } +} + +function DeleteSignon() { + let filterSet = signonsTreeView._filterSet; + let syncNeeded = (filterSet.length != 0); + let tree = signonsTree; + let view = signonsTreeView; + let table = filterSet.length ? filterSet : signons; + + // Turn off tree selection notifications during the deletion + tree.view.selection.selectEventsSuppressed = true; + + // remove selected items from list (by setting them to null) and place in deleted list + let selections = GetTreeSelections(); + for (let s = selections.length - 1; s >= 0; s--) { + let i = selections[s]; + deletedSignons.push(table[i]); + table[i] = null; + } + + // collapse list by removing all the null entries + for (let j = 0; j < table.length; j++) { + if (table[j] == null) { + let k = j; + while ((k < table.length) && (table[k] == null)) { + k++; + } + table.splice(j, k - j); + view.rowCount -= k - j; + tree.treeBoxObject.rowCountChanged(j, j - k); + } + } + + // update selection and/or buttons + if (table.length) { + // update selection + let nextSelection = (selections[0] < table.length) ? selections[0] : table.length - 1; + tree.view.selection.select(nextSelection); + tree.treeBoxObject.ensureRowIsVisible(nextSelection); + } else { + // disable buttons + removeButton.setAttribute("disabled", "true"); + removeAllButton.setAttribute("disabled", "true"); + } + tree.view.selection.selectEventsSuppressed = false; + FinalizeSignonDeletions(syncNeeded); +} + +function DeleteAllSignons() { + let prompter = Cc["@mozilla.org/embedcomp/prompt-service;1"] + .getService(Ci.nsIPromptService); + + // Confirm the user wants to remove all passwords + let dummy = { value: false }; + if (prompter.confirmEx(window, + kSignonBundle.getString("removeAllPasswordsTitle"), + kSignonBundle.getString("removeAllPasswordsPrompt"), + prompter.STD_YES_NO_BUTTONS + prompter.BUTTON_POS_1_DEFAULT, + null, null, null, null, dummy) == 1) // 1 == "No" button + return; + + let filterSet = signonsTreeView._filterSet; + let syncNeeded = (filterSet.length != 0); + let view = signonsTreeView; + let table = filterSet.length ? filterSet : signons; + + // remove all items from table and place in deleted table + for (let i = 0; i < table.length; i++) { + deletedSignons.push(table[i]); + } + table.length = 0; + + // clear out selections + view.selection.select(-1); + + // update the tree view and notify the tree + view.rowCount = 0; + + let box = signonsTree.treeBoxObject; + box.rowCountChanged(0, -deletedSignons.length); + box.invalidate(); + + // disable buttons + removeButton.setAttribute("disabled", "true"); + removeAllButton.setAttribute("disabled", "true"); + FinalizeSignonDeletions(syncNeeded); + Services.telemetry.getHistogramById("PWMGR_MANAGE_DELETED_ALL").add(1); +} + +function TogglePasswordVisible() { + if (showingPasswords || masterPasswordLogin(AskUserShowPasswords)) { + showingPasswords = !showingPasswords; + togglePasswordsButton.label = kSignonBundle.getString(showingPasswords ? "hidePasswords" : "showPasswords"); + togglePasswordsButton.accessKey = kSignonBundle.getString(showingPasswords ? "hidePasswordsAccessKey" : "showPasswordsAccessKey"); + document.getElementById("passwordCol").hidden = !showingPasswords; + FilterPasswords(); + } + + // Notify observers that the password visibility toggling is + // completed. (Mostly useful for tests) + Services.obs.notifyObservers(null, "passwordmgr-password-toggle-complete", null); + Services.telemetry.getHistogramById("PWMGR_MANAGE_VISIBILITY_TOGGLED").add(showingPasswords); +} + +function AskUserShowPasswords() { + let prompter = Cc["@mozilla.org/embedcomp/prompt-service;1"].getService(Ci.nsIPromptService); + let dummy = { value: false }; + + // Confirm the user wants to display passwords + return prompter.confirmEx(window, + null, + kSignonBundle.getString("noMasterPasswordPrompt"), prompter.STD_YES_NO_BUTTONS, + null, null, null, null, dummy) == 0; // 0=="Yes" button +} + +function FinalizeSignonDeletions(syncNeeded) { + for (let s = 0; s < deletedSignons.length; s++) { + Services.logins.removeLogin(deletedSignons[s]); + Services.telemetry.getHistogramById("PWMGR_MANAGE_DELETED").add(1); + } + // If the deletion has been performed in a filtered view, reflect the deletion in the unfiltered table. + // See bug 405389. + if (syncNeeded) { + try { + signons = Services.logins.getAllLogins(); + } catch (e) { + signons = []; + } + } + deletedSignons.length = 0; +} + +function HandleSignonKeyPress(e) { + // If editing is currently performed, don't do anything. + if (signonsTree.getAttribute("editing")) { + return; + } + if (e.keyCode == KeyboardEvent.DOM_VK_DELETE || + (AppConstants.platform == "macosx" && + e.keyCode == KeyboardEvent.DOM_VK_BACK_SPACE)) { + DeleteSignon(); + } +} + +function getColumnByName(column) { + switch (column) { + case "hostname": + return document.getElementById("siteCol"); + case "username": + return document.getElementById("userCol"); + case "password": + return document.getElementById("passwordCol"); + case "timeCreated": + return document.getElementById("timeCreatedCol"); + case "timeLastUsed": + return document.getElementById("timeLastUsedCol"); + case "timePasswordChanged": + return document.getElementById("timePasswordChangedCol"); + case "timesUsed": + return document.getElementById("timesUsedCol"); + } + return undefined; +} + +function SignonColumnSort(column) { + let sortedCol = getColumnByName(column); + let lastSortedCol = getColumnByName(lastSignonSortColumn); + + // clear out the sortDirection attribute on the old column + lastSortedCol.removeAttribute("sortDirection"); + + // determine if sort is to be ascending or descending + lastSignonSortAscending = (column == lastSignonSortColumn) ? !lastSignonSortAscending : true; + + // sort + lastSignonSortColumn = column; + SortTree(lastSignonSortColumn, lastSignonSortAscending); + + // set the sortDirection attribute to get the styling going + // first we need to get the right element + sortedCol.setAttribute("sortDirection", lastSignonSortAscending ? + "ascending" : "descending"); +} + +function SignonClearFilter() { + let singleSelection = (signonsTreeView.selection.count == 1); + + // Clear the Tree Display + signonsTreeView.rowCount = 0; + signonsTree.treeBoxObject.rowCountChanged(0, -signonsTreeView._filterSet.length); + signonsTreeView._filterSet = []; + + // Just reload the list to make sure deletions are respected + LoadSignons(); + + // Restore selection + if (singleSelection) { + signonsTreeView.selection.clearSelection(); + for (let i = 0; i < signonsTreeView._lastSelectedRanges.length; ++i) { + let range = signonsTreeView._lastSelectedRanges[i]; + signonsTreeView.selection.rangedSelect(range.min, range.max, true); + } + } else { + signonsTreeView.selection.select(0); + } + signonsTreeView._lastSelectedRanges = []; + + signonsIntro.textContent = kSignonBundle.getString("loginsDescriptionAll"); +} + +function FocusFilterBox() { + if (filterField.getAttribute("focused") != "true") { + filterField.focus(); + } +} + +function SignonMatchesFilter(aSignon, aFilterValue) { + if (aSignon.hostname.toLowerCase().indexOf(aFilterValue) != -1) + return true; + if (aSignon.username && + aSignon.username.toLowerCase().indexOf(aFilterValue) != -1) + return true; + if (aSignon.httpRealm && + aSignon.httpRealm.toLowerCase().indexOf(aFilterValue) != -1) + return true; + if (showingPasswords && aSignon.password && + aSignon.password.toLowerCase().indexOf(aFilterValue) != -1) + return true; + + return false; +} + +function _filterPasswords(aFilterValue, view) { + aFilterValue = aFilterValue.toLowerCase(); + return signons.filter(s => SignonMatchesFilter(s, aFilterValue)); +} + +function SignonSaveState() { + // Save selection + let seln = signonsTreeView.selection; + signonsTreeView._lastSelectedRanges = []; + let rangeCount = seln.getRangeCount(); + for (let i = 0; i < rangeCount; ++i) { + let min = {}; let max = {}; + seln.getRangeAt(i, min, max); + signonsTreeView._lastSelectedRanges.push({ min: min.value, max: max.value }); + } +} + +function FilterPasswords() { + if (filterField.value == "") { + SignonClearFilter(); + return; + } + + let newFilterSet = _filterPasswords(filterField.value, signonsTreeView); + if (!signonsTreeView._filterSet.length) { + // Save Display Info for the Non-Filtered mode when we first + // enter Filtered mode. + SignonSaveState(); + } + signonsTreeView._filterSet = newFilterSet; + + // Clear the display + let oldRowCount = signonsTreeView.rowCount; + signonsTreeView.rowCount = 0; + signonsTree.treeBoxObject.rowCountChanged(0, -oldRowCount); + // Set up the filtered display + signonsTreeView.rowCount = signonsTreeView._filterSet.length; + signonsTree.treeBoxObject.rowCountChanged(0, signonsTreeView.rowCount); + + // if the view is not empty then select the first item + if (signonsTreeView.rowCount > 0) + signonsTreeView.selection.select(0); + + signonsIntro.textContent = kSignonBundle.getString("loginsDescriptionFiltered"); +} + +function CopyPassword() { + // Don't copy passwords if we aren't already showing the passwords & a master + // password hasn't been entered. + if (!showingPasswords && !masterPasswordLogin()) + return; + // Copy selected signon's password to clipboard + let clipboard = Cc["@mozilla.org/widget/clipboardhelper;1"]. + getService(Ci.nsIClipboardHelper); + let row = signonsTree.currentIndex; + let password = signonsTreeView.getCellText(row, {id : "passwordCol" }); + clipboard.copyString(password); + Services.telemetry.getHistogramById("PWMGR_MANAGE_COPIED_PASSWORD").add(1); +} + +function CopyUsername() { + // Copy selected signon's username to clipboard + let clipboard = Cc["@mozilla.org/widget/clipboardhelper;1"]. + getService(Ci.nsIClipboardHelper); + let row = signonsTree.currentIndex; + let username = signonsTreeView.getCellText(row, {id : "userCol" }); + clipboard.copyString(username); + Services.telemetry.getHistogramById("PWMGR_MANAGE_COPIED_USERNAME").add(1); +} + +function EditCellInSelectedRow(columnName) { + let row = signonsTree.currentIndex; + let columnElement = getColumnByName(columnName); + signonsTree.startEditing(row, signonsTree.columns.getColumnFor(columnElement)); +} + +function UpdateContextMenu() { + let singleSelection = (signonsTreeView.selection.count == 1); + let menuItems = new Map(); + let menupopup = document.getElementById("signonsTreeContextMenu"); + for (let menuItem of menupopup.querySelectorAll("menuitem")) { + menuItems.set(menuItem.id, menuItem); + } + + if (!singleSelection) { + for (let menuItem of menuItems.values()) { + menuItem.setAttribute("disabled", "true"); + } + return; + } + + let selectedRow = signonsTree.currentIndex; + + // Disable "Copy Username" if the username is empty. + if (signonsTreeView.getCellText(selectedRow, { id: "userCol" }) != "") { + menuItems.get("context-copyusername").removeAttribute("disabled"); + } else { + menuItems.get("context-copyusername").setAttribute("disabled", "true"); + } + + menuItems.get("context-editusername").removeAttribute("disabled"); + menuItems.get("context-copypassword").removeAttribute("disabled"); + + // Disable "Edit Password" if the password column isn't showing. + if (!document.getElementById("passwordCol").hidden) { + menuItems.get("context-editpassword").removeAttribute("disabled"); + } else { + menuItems.get("context-editpassword").setAttribute("disabled", "true"); + } +} + +function masterPasswordLogin(noPasswordCallback) { + // This doesn't harm if passwords are not encrypted + let tokendb = Cc["@mozilla.org/security/pk11tokendb;1"] + .createInstance(Ci.nsIPK11TokenDB); + let token = tokendb.getInternalKeyToken(); + + // If there is no master password, still give the user a chance to opt-out of displaying passwords + if (token.checkPassword("")) + return noPasswordCallback ? noPasswordCallback() : true; + + // So there's a master password. But since checkPassword didn't succeed, we're logged out (per nsIPK11Token.idl). + try { + // Relogin and ask for the master password. + token.login(true); // 'true' means always prompt for token password. User will be prompted until + // clicking 'Cancel' or entering the correct password. + } catch (e) { + // An exception will be thrown if the user cancels the login prompt dialog. + // User is also logged out of Software Security Device. + } + + return token.isLoggedIn(); +} + +function escapeKeyHandler() { + // If editing is currently performed, don't do anything. + if (signonsTree.getAttribute("editing")) { + return; + } + window.close(); +} + +function OpenMigrator() { + const { MigrationUtils } = Cu.import("resource:///modules/MigrationUtils.jsm", {}); + // We pass in the type of source we're using for use in telemetry: + MigrationUtils.showMigrationWizard(window, [MigrationUtils.MIGRATION_ENTRYPOINT_PASSWORDS]); +} diff --git a/toolkit/components/passwordmgr/content/passwordManager.xul b/toolkit/components/passwordmgr/content/passwordManager.xul new file mode 100644 index 000000000..d248283b6 --- /dev/null +++ b/toolkit/components/passwordmgr/content/passwordManager.xul @@ -0,0 +1,134 @@ +<?xml version="1.0"?> <!-- -*- Mode: SGML; indent-tabs-mode: nil -*- --> +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +<?xml-stylesheet href="chrome://global/skin/" type="text/css"?> +<?xml-stylesheet href="chrome://global/skin/passwordmgr.css" type="text/css"?> + +<!DOCTYPE dialog SYSTEM "chrome://passwordmgr/locale/passwordManager.dtd" > + +<window id="SignonViewerDialog" + windowtype="Toolkit:PasswordManager" + xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul" + onload="Startup();" + onunload="Shutdown();" + title="&savedLogins.title;" + style="width: 45em;" + persist="width height screenX screenY"> + + <script type="application/javascript" src="chrome://passwordmgr/content/passwordManager.js"/> + + <stringbundle id="signonBundle" + src="chrome://passwordmgr/locale/passwordmgr.properties"/> + + <keyset> + <key keycode="VK_ESCAPE" oncommand="escapeKeyHandler();"/> + <key key="&windowClose.key;" modifiers="accel" oncommand="escapeKeyHandler();"/> + <key key="&focusSearch1.key;" modifiers="accel" oncommand="FocusFilterBox();"/> + <key key="&focusSearch2.key;" modifiers="accel" oncommand="FocusFilterBox();"/> + </keyset> + + <popupset id="signonsTreeContextSet"> + <menupopup id="signonsTreeContextMenu" + onpopupshowing="UpdateContextMenu()"> + <menuitem id="context-copyusername" + label="©UsernameCmd.label;" + accesskey="©UsernameCmd.accesskey;" + oncommand="CopyUsername()"/> + <menuitem id="context-editusername" + label="&editUsernameCmd.label;" + accesskey="&editUsernameCmd.accesskey;" + oncommand="EditCellInSelectedRow('username')"/> + <menuseparator/> + <menuitem id="context-copypassword" + label="©PasswordCmd.label;" + accesskey="©PasswordCmd.accesskey;" + oncommand="CopyPassword()"/> + <menuitem id="context-editpassword" + label="&editPasswordCmd.label;" + accesskey="&editPasswordCmd.accesskey;" + oncommand="EditCellInSelectedRow('password')"/> + </menupopup> + </popupset> + + <!-- saved signons --> + <vbox id="savedsignons" class="contentPane" flex="1"> + <!-- filter --> + <hbox align="center"> + <label accesskey="&filter.accesskey;" control="filter">&filter.label;</label> + <textbox id="filter" flex="1" type="search" + aria-controls="signonsTree" + oncommand="FilterPasswords();"/> + </hbox> + + <label control="signonsTree" id="signonsIntro"/> + <separator class="thin"/> + <tree id="signonsTree" flex="1" + width="750" + style="height: 20em;" + onkeypress="HandleSignonKeyPress(event)" + onselect="SignonSelected();" + editable="true" + context="signonsTreeContextMenu"> + <treecols> + <treecol id="siteCol" label="&treehead.site.label;" flex="40" + data-field-name="hostname" persist="width" + ignoreincolumnpicker="true" + sortDirection="ascending"/> + <splitter class="tree-splitter"/> + <treecol id="userCol" label="&treehead.username.label;" flex="25" + ignoreincolumnpicker="true" + data-field-name="username" persist="width"/> + <splitter class="tree-splitter"/> + <treecol id="passwordCol" label="&treehead.password.label;" flex="15" + ignoreincolumnpicker="true" + data-field-name="password" persist="width" + hidden="true"/> + <splitter class="tree-splitter"/> + <treecol id="timeCreatedCol" label="&treehead.timeCreated.label;" flex="10" + data-field-name="timeCreated" persist="width hidden" + hidden="true"/> + <splitter class="tree-splitter"/> + <treecol id="timeLastUsedCol" label="&treehead.timeLastUsed.label;" flex="20" + data-field-name="timeLastUsed" persist="width hidden" + hidden="true"/> + <splitter class="tree-splitter"/> + <treecol id="timePasswordChangedCol" label="&treehead.timePasswordChanged.label;" flex="10" + data-field-name="timePasswordChanged" persist="width hidden"/> + <splitter class="tree-splitter"/> + <treecol id="timesUsedCol" label="&treehead.timesUsed.label;" flex="1" + data-field-name="timesUsed" persist="width hidden" + hidden="true"/> + <splitter class="tree-splitter"/> + </treecols> + <treechildren/> + </tree> + <separator class="thin"/> + <hbox id="SignonViewerButtons"> + <button id="removeSignon" disabled="true" icon="remove" + label="&remove.label;" accesskey="&remove.accesskey;" + oncommand="DeleteSignon();"/> + <button id="removeAllSignons" icon="clear" + label="&removeall.label;" accesskey="&removeall.accesskey;" + oncommand="DeleteAllSignons();"/> + <spacer flex="1"/> +#if defined(MOZ_BUILD_APP_IS_BROWSER) && defined(XP_WIN) + <button accesskey="&import.accesskey;" + label="&import.label;" + oncommand="OpenMigrator();"/> +#endif + <button id="togglePasswords" + oncommand="TogglePasswordVisible();"/> + </hbox> + </vbox> + <hbox align="end"> + <hbox class="actionButtons" flex="1"> + <spacer flex="1"/> +#ifndef XP_MACOSX + <button oncommand="close();" icon="close" + label="&closebutton.label;" accesskey="&closebutton.accesskey;"/> +#endif + </hbox> + </hbox> +</window> diff --git a/toolkit/components/passwordmgr/content/recipes.json b/toolkit/components/passwordmgr/content/recipes.json new file mode 100644 index 000000000..fc747219b --- /dev/null +++ b/toolkit/components/passwordmgr/content/recipes.json @@ -0,0 +1,31 @@ +{ + "siteRecipes": [ + { + "description": "okta uses a hidden password field to disable filling", + "hosts": ["mozilla.okta.com"], + "passwordSelector": "#pass-signin" + }, + { + "description": "anthem uses a hidden password and username field to disable filling", + "hosts": ["www.anthem.com"], + "passwordSelector": "#LoginContent_txtLoginPass" + }, + { + "description": "An ephemeral password-shim field is incorrectly selected as the username field.", + "hosts": ["www.discover.com"], + "usernameSelector": "#login-account" + }, + { + "description": "Tibia uses type=password for its username field and puts the email address before the password field during registration", + "hosts": ["secure.tibia.com"], + "usernameSelector": "#accountname, input[name='loginname']", + "passwordSelector": "#password1, input[name='loginpassword']", + "pathRegex": "^\/account\/" + }, + { + "description": "Username field will be incorrectly captured in the change password form (bug 1243722)", + "hosts": ["www.facebook.com"], + "notUsernameSelector": "#password_strength" + } + ] +} diff --git a/toolkit/components/passwordmgr/crypto-SDR.js b/toolkit/components/passwordmgr/crypto-SDR.js new file mode 100644 index 000000000..b0916eb29 --- /dev/null +++ b/toolkit/components/passwordmgr/crypto-SDR.js @@ -0,0 +1,207 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +Components.utils.import("resource://gre/modules/XPCOMUtils.jsm"); +Components.utils.import("resource://gre/modules/Services.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); + +function LoginManagerCrypto_SDR() { + this.init(); +} + +LoginManagerCrypto_SDR.prototype = { + + classID : Components.ID("{dc6c2976-0f73-4f1f-b9ff-3d72b4e28309}"), + QueryInterface : XPCOMUtils.generateQI([Ci.nsILoginManagerCrypto]), + + __sdrSlot : null, // PKCS#11 slot being used by the SDR. + get _sdrSlot() { + if (!this.__sdrSlot) { + let modules = Cc["@mozilla.org/security/pkcs11moduledb;1"]. + getService(Ci.nsIPKCS11ModuleDB); + this.__sdrSlot = modules.findSlotByName(""); + } + return this.__sdrSlot; + }, + + __decoderRing : null, // nsSecretDecoderRing service + get _decoderRing() { + if (!this.__decoderRing) + this.__decoderRing = Cc["@mozilla.org/security/sdr;1"]. + getService(Ci.nsISecretDecoderRing); + return this.__decoderRing; + }, + + __utfConverter : null, // UCS2 <--> UTF8 string conversion + get _utfConverter() { + if (!this.__utfConverter) { + this.__utfConverter = Cc["@mozilla.org/intl/scriptableunicodeconverter"]. + createInstance(Ci.nsIScriptableUnicodeConverter); + this.__utfConverter.charset = "UTF-8"; + } + return this.__utfConverter; + }, + + _utfConverterReset : function() { + this.__utfConverter = null; + }, + + _uiBusy : false, + + + init : function () { + // Check to see if the internal PKCS#11 token has been initialized. + // If not, set a blank password. + let tokenDB = Cc["@mozilla.org/security/pk11tokendb;1"]. + getService(Ci.nsIPK11TokenDB); + + let token = tokenDB.getInternalKeyToken(); + if (token.needsUserInit) { + this.log("Initializing key3.db with default blank password."); + token.initPassword(""); + } + }, + + + /* + * encrypt + * + * Encrypts the specified string, using the SecretDecoderRing. + * + * Returns the encrypted string, or throws an exception if there was a + * problem. + */ + encrypt : function (plainText) { + let cipherText = null; + + let wasLoggedIn = this.isLoggedIn; + let canceledMP = false; + + this._uiBusy = true; + try { + let plainOctet = this._utfConverter.ConvertFromUnicode(plainText); + plainOctet += this._utfConverter.Finish(); + cipherText = this._decoderRing.encryptString(plainOctet); + } catch (e) { + this.log("Failed to encrypt string. (" + e.name + ")"); + // If the user clicks Cancel, we get NS_ERROR_FAILURE. + // (unlike decrypting, which gets NS_ERROR_NOT_AVAILABLE). + if (e.result == Cr.NS_ERROR_FAILURE) { + canceledMP = true; + throw Components.Exception("User canceled master password entry", Cr.NS_ERROR_ABORT); + } else { + throw Components.Exception("Couldn't encrypt string", Cr.NS_ERROR_FAILURE); + } + } finally { + this._uiBusy = false; + // If we triggered a master password prompt, notify observers. + if (!wasLoggedIn && this.isLoggedIn) + this._notifyObservers("passwordmgr-crypto-login"); + else if (canceledMP) + this._notifyObservers("passwordmgr-crypto-loginCanceled"); + } + return cipherText; + }, + + + /* + * decrypt + * + * Decrypts the specified string, using the SecretDecoderRing. + * + * Returns the decrypted string, or throws an exception if there was a + * problem. + */ + decrypt : function (cipherText) { + let plainText = null; + + let wasLoggedIn = this.isLoggedIn; + let canceledMP = false; + + this._uiBusy = true; + try { + let plainOctet; + plainOctet = this._decoderRing.decryptString(cipherText); + plainText = this._utfConverter.ConvertToUnicode(plainOctet); + } catch (e) { + this.log("Failed to decrypt string: " + cipherText + + " (" + e.name + ")"); + + // In the unlikely event the converter threw, reset it. + this._utfConverterReset(); + + // If the user clicks Cancel, we get NS_ERROR_NOT_AVAILABLE. + // If the cipherText is bad / wrong key, we get NS_ERROR_FAILURE + // Wrong passwords are handled by the decoderRing reprompting; + // we get no notification. + if (e.result == Cr.NS_ERROR_NOT_AVAILABLE) { + canceledMP = true; + throw Components.Exception("User canceled master password entry", Cr.NS_ERROR_ABORT); + } else { + throw Components.Exception("Couldn't decrypt string", Cr.NS_ERROR_FAILURE); + } + } finally { + this._uiBusy = false; + // If we triggered a master password prompt, notify observers. + if (!wasLoggedIn && this.isLoggedIn) + this._notifyObservers("passwordmgr-crypto-login"); + else if (canceledMP) + this._notifyObservers("passwordmgr-crypto-loginCanceled"); + } + + return plainText; + }, + + + /* + * uiBusy + */ + get uiBusy() { + return this._uiBusy; + }, + + + /* + * isLoggedIn + */ + get isLoggedIn() { + let status = this._sdrSlot.status; + this.log("SDR slot status is " + status); + if (status == Ci.nsIPKCS11Slot.SLOT_READY || + status == Ci.nsIPKCS11Slot.SLOT_LOGGED_IN) + return true; + if (status == Ci.nsIPKCS11Slot.SLOT_NOT_LOGGED_IN) + return false; + throw Components.Exception("unexpected slot status: " + status, Cr.NS_ERROR_FAILURE); + }, + + + /* + * defaultEncType + */ + get defaultEncType() { + return Ci.nsILoginManagerCrypto.ENCTYPE_SDR; + }, + + + /* + * _notifyObservers + */ + _notifyObservers : function(topic) { + this.log("Prompted for a master password, notifying for " + topic); + Services.obs.notifyObservers(null, topic, null); + }, +}; // end of nsLoginManagerCrypto_SDR implementation + +XPCOMUtils.defineLazyGetter(this.LoginManagerCrypto_SDR.prototype, "log", () => { + let logger = LoginHelper.createLogger("Login crypto"); + return logger.log.bind(logger); +}); + +var component = [LoginManagerCrypto_SDR]; +this.NSGetFactory = XPCOMUtils.generateNSGetFactory(component); diff --git a/toolkit/components/passwordmgr/jar.mn b/toolkit/components/passwordmgr/jar.mn new file mode 100644 index 000000000..9fa574e49 --- /dev/null +++ b/toolkit/components/passwordmgr/jar.mn @@ -0,0 +1,9 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +toolkit.jar: +% content passwordmgr %content/passwordmgr/ +* content/passwordmgr/passwordManager.xul (content/passwordManager.xul) + content/passwordmgr/passwordManager.js (content/passwordManager.js) + content/passwordmgr/recipes.json (content/recipes.json) diff --git a/toolkit/components/passwordmgr/moz.build b/toolkit/components/passwordmgr/moz.build new file mode 100644 index 000000000..72c8c70a4 --- /dev/null +++ b/toolkit/components/passwordmgr/moz.build @@ -0,0 +1,78 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +if CONFIG['MOZ_BUILD_APP'] == 'browser': + DEFINES['MOZ_BUILD_APP_IS_BROWSER'] = True + +MOCHITEST_MANIFESTS += ['test/mochitest.ini', 'test/mochitest/mochitest.ini'] +MOCHITEST_CHROME_MANIFESTS += ['test/chrome/chrome.ini'] +BROWSER_CHROME_MANIFESTS += ['test/browser/browser.ini'] +XPCSHELL_TESTS_MANIFESTS += ['test/unit/xpcshell.ini'] + +TESTING_JS_MODULES += [ + # Make this file available from the "resource:" URI of the test environment. + 'test/browser/form_basic.html', + 'test/LoginTestUtils.jsm', +] + +XPIDL_SOURCES += [ + 'nsILoginInfo.idl', + 'nsILoginManager.idl', + 'nsILoginManagerCrypto.idl', + 'nsILoginManagerPrompter.idl', + 'nsILoginManagerStorage.idl', + 'nsILoginMetaInfo.idl', +] + +XPIDL_MODULE = 'loginmgr' + +EXTRA_COMPONENTS += [ + 'crypto-SDR.js', + 'nsLoginInfo.js', + 'nsLoginManager.js', + 'nsLoginManagerPrompter.js', +] + +EXTRA_PP_COMPONENTS += [ + 'passwordmgr.manifest', +] + +EXTRA_JS_MODULES += [ + 'InsecurePasswordUtils.jsm', + 'LoginHelper.jsm', + 'LoginManagerContent.jsm', + 'LoginManagerParent.jsm', + 'LoginRecipes.jsm', + 'OSCrypto.jsm', +] + +if CONFIG['OS_TARGET'] == 'Android': + EXTRA_COMPONENTS += [ + 'storage-mozStorage.js', + ] +else: + EXTRA_COMPONENTS += [ + 'storage-json.js', + ] + EXTRA_JS_MODULES += [ + 'LoginImport.jsm', + 'LoginStore.jsm', + ] + +if CONFIG['OS_TARGET'] == 'WINNT': + EXTRA_JS_MODULES += [ + 'OSCrypto_win.js', + ] + +if CONFIG['MOZ_BUILD_APP'] == 'browser': + EXTRA_JS_MODULES += [ + 'LoginManagerContextMenu.jsm', + ] + +JAR_MANIFESTS += ['jar.mn'] + +with Files('**'): + BUG_COMPONENT = ('Toolkit', 'Password Manager') diff --git a/toolkit/components/passwordmgr/nsILoginInfo.idl b/toolkit/components/passwordmgr/nsILoginInfo.idl new file mode 100644 index 000000000..7dce9033d --- /dev/null +++ b/toolkit/components/passwordmgr/nsILoginInfo.idl @@ -0,0 +1,120 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + + +#include "nsISupports.idl" + +[scriptable, uuid(c41b7dff-6b9b-42fe-b78d-113051facb05)] + +/** + * An object containing information for a login stored by the + * password manager. + */ +interface nsILoginInfo : nsISupports { + /** + * The hostname the login applies to. + * + * The hostname should be formatted as an URL. For example, + * "https://site.com", "http://site.com:1234", "ftp://ftp.site.com". + */ + attribute AString hostname; + + /** + * The URL a form-based login was submitted to. + * + * For logins obtained from HTML forms, this field is the |action| + * attribute from the |form| element, with the path removed. For + * example "http://www.site.com". [Forms with no |action| attribute + * default to submitting to their origin URL, so we store that.] + * + * For logins obtained from a HTTP or FTP protocol authentication, + * this field is NULL. + */ + attribute AString formSubmitURL; + + /** + * The HTTP Realm a login was requested for. + * + * When an HTTP server sends a 401 result, the WWW-Authenticate + * header includes a realm to identify the "protection space." See + * RFC2617. If the response sent has a missing or blank realm, the + * hostname is used instead. + * + * For logins obtained from HTML forms, this field is NULL. + */ + attribute AString httpRealm; + + /** + * The username for the login. + */ + attribute AString username; + + /** + * The |name| attribute for the username input field. + * + * For logins obtained from a HTTP or FTP protocol authentication, + * this field is an empty string. + */ + attribute AString usernameField; + + /** + * The password for the login. + */ + attribute AString password; + + /** + * The |name| attribute for the password input field. + * + * For logins obtained from a HTTP or FTP protocol authentication, + * this field is an empty string. + */ + attribute AString passwordField; + + /** + * Initialize a newly created nsLoginInfo object. + * + * The arguments are the fields for the new object. + */ + void init(in AString aHostname, + in AString aFormSubmitURL, in AString aHttpRealm, + in AString aUsername, in AString aPassword, + in AString aUsernameField, in AString aPasswordField); + + /** + * Test for strict equality with another nsILoginInfo object. + * + * @param aLoginInfo + * The other object to test. + */ + boolean equals(in nsILoginInfo aLoginInfo); + + /** + * Test for loose equivalency with another nsILoginInfo object. The + * passwordField and usernameField values are ignored, and the password + * values may be optionally ignored. If one login's formSubmitURL is an + * empty string (but not null), it will be treated as a wildcard. [The + * blank value indicates the login was stored before bug 360493 was fixed.] + * + * @param aLoginInfo + * The other object to test. + * @param ignorePassword + * If true, ignore the password when checking for match. + */ + boolean matches(in nsILoginInfo aLoginInfo, in boolean ignorePassword); + + /** + * Create an identical copy of the login, duplicating all of the login's + * nsILoginInfo and nsILoginMetaInfo properties. + * + * This allows code to be forwards-compatible, when additional properties + * are added to nsILoginMetaInfo (or nsILoginInfo) in the future. + */ + nsILoginInfo clone(); +}; + +%{C++ + +#define NS_LOGININFO_CONTRACTID "@mozilla.org/login-manager/loginInfo;1" + +%} diff --git a/toolkit/components/passwordmgr/nsILoginManager.idl b/toolkit/components/passwordmgr/nsILoginManager.idl new file mode 100644 index 000000000..30b5a0449 --- /dev/null +++ b/toolkit/components/passwordmgr/nsILoginManager.idl @@ -0,0 +1,262 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + + +#include "nsISupports.idl" + +interface nsIURI; +interface nsILoginInfo; +interface nsIAutoCompleteResult; +interface nsIFormAutoCompleteObserver; +interface nsIDOMHTMLInputElement; +interface nsIDOMHTMLFormElement; +interface nsIPropertyBag; + +[scriptable, uuid(38c7f6af-7df9-49c7-b558-2776b24e6cc1)] +interface nsILoginManager : nsISupports { + /** + * This promise is resolved when initialization is complete, and is rejected + * in case initialization failed. This includes the initial loading of the + * login data as well as any migration from previous versions. + * + * Calling any method of nsILoginManager before this promise is resolved + * might trigger the synchronous initialization fallback. + */ + readonly attribute jsval initializationPromise; + + + /** + * Store a new login in the login manager. + * + * @param aLogin + * The login to be added. + * @return a clone of the login info with the guid set (even if it was not provided) + * + * Default values for the login's nsILoginMetaInfo properties will be + * created. However, if the caller specifies non-default values, they will + * be used instead. + */ + nsILoginInfo addLogin(in nsILoginInfo aLogin); + + + /** + * Remove a login from the login manager. + * + * @param aLogin + * The login to be removed. + * + * The specified login must exactly match a stored login. However, the + * values of any nsILoginMetaInfo properties are ignored. + */ + void removeLogin(in nsILoginInfo aLogin); + + + /** + * Modify an existing login in the login manager. + * + * @param oldLogin + * The login to be modified. + * @param newLoginData + * The new login values (either a nsILoginInfo or nsIProperyBag) + * + * If newLoginData is a nsILoginInfo, all of the old login's nsILoginInfo + * properties are changed to the values from newLoginData (but the old + * login's nsILoginMetaInfo properties are unmodified). + * + * If newLoginData is a nsIPropertyBag, only the specified properties + * will be changed. The nsILoginMetaInfo properties of oldLogin can be + * changed in this manner. + * + * If the propertybag contains an item named "timesUsedIncrement", the + * login's timesUsed property will be incremented by the item's value. + */ + void modifyLogin(in nsILoginInfo oldLogin, in nsISupports newLoginData); + + + /** + * Remove all logins known to login manager. + * + * The browser sanitization feature allows the user to clear any stored + * passwords. This interface allows that to be done without getting each + * login first (which might require knowing the master password). + * + */ + void removeAllLogins(); + + + /** + * Fetch all logins in the login manager. An array is always returned; + * if there are no logins the array is empty. + * + * @param count + * The number of elements in the array. JS callers can simply use + * the array's .length property and omit this param. + * @param logins + * An array of nsILoginInfo objects. + * + * NOTE: This can be called from JS as: + * var logins = pwmgr.getAllLogins(); + * (|logins| is an array). + */ + void getAllLogins([optional] out unsigned long count, + [retval, array, size_is(count)] out nsILoginInfo logins); + + + /** + * Obtain a list of all hosts for which password saving is disabled. + * + * @param count + * The number of elements in the array. JS callers can simply use + * the array's .length property and omit this param. + * @param hostnames + * An array of hostname strings, in origin URL format without a + * pathname. For example: "https://www.site.com". + * + * NOTE: This can be called from JS as: + * var logins = pwmgr.getDisabledAllLogins(); + */ + void getAllDisabledHosts([optional] out unsigned long count, + [retval, array, size_is(count)] out wstring hostnames); + + + /** + * Check to see if saving logins has been disabled for a host. + * + * @param aHost + * The hostname to check. This argument should be in the origin + * URL format, without a pathname. For example: "http://foo.com". + */ + boolean getLoginSavingEnabled(in AString aHost); + + + /** + * Disable (or enable) storing logins for the specified host. When + * disabled, the login manager will not prompt to store logins for + * that host. Existing logins are not affected. + * + * @param aHost + * The hostname to set. This argument should be in the origin + * URL format, without a pathname. For example: "http://foo.com". + * @param isEnabled + * Specify if saving logins should be enabled (true) or + * disabled (false) + */ + void setLoginSavingEnabled(in AString aHost, in boolean isEnabled); + + + /** + * Search for logins matching the specified criteria. Called when looking + * for logins that might be applicable to a form or authentication request. + * + * @param count + * The number of elements in the array. JS callers can simply use + * the array's .length property, and supply an dummy object for + * this out param. For example: |findLogins({}, hostname, ...)| + * @param aHostname + * The hostname to restrict searches to, in URL format. For + * example: "http://www.site.com". + * To find logins for a given nsIURI, you would typically pass in + * its prePath. + * @param aActionURL + * For form logins, this argument should be the URL to which the + * form will be submitted. For protocol logins, specify null. + * An empty string ("") will match any value (except null). + * @param aHttpRealm + * For protocol logins, this argument should be the HTTP Realm + * for which the login applies. This is obtained from the + * WWW-Authenticate header. See RFC2617. For form logins, + * specify null. + * An empty string ("") will match any value (except null). + * @param logins + * An array of nsILoginInfo objects. + * + * NOTE: This can be called from JS as: + * var logins = pwmgr.findLogins({}, hostname, ...); + * + */ + void findLogins(out unsigned long count, in AString aHostname, + in AString aActionURL, in AString aHttpRealm, + [retval, array, size_is(count)] out nsILoginInfo logins); + + + /** + * Search for logins matching the specified criteria, as with + * findLogins(). This interface only returns the number of matching + * logins (and not the logins themselves), which allows a caller to + * check for logins without causing the user to be prompted for a master + * password to decrypt the logins. + * + * @param aHostname + * The hostname to restrict searches to. Specify an empty string + * to match all hosts. A null value will not match any logins, and + * will thus always return a count of 0. + * @param aActionURL + * The URL to which a form login will be submitted. To match any + * form login, specify an empty string. To not match any form + * login, specify null. + * @param aHttpRealm + * The HTTP Realm for which the login applies. To match logins for + * any realm, specify an empty string. To not match logins for any + * realm, specify null. + */ + unsigned long countLogins(in AString aHostname, in AString aActionURL, + in AString aHttpRealm); + + + /** + * Generate results for a userfield autocomplete menu. + * + * NOTE: This interface is provided for use only by the FormFillController, + * which calls it directly. This isn't really ideal, it should + * probably be callback registered through the FFC. + */ + void autoCompleteSearchAsync(in AString aSearchString, + in nsIAutoCompleteResult aPreviousResult, + in nsIDOMHTMLInputElement aElement, + in nsIFormAutoCompleteObserver aListener); + + /** + * Stop a previously-started async search. + */ + void stopSearch(); + + /** + * Search for logins in the login manager. An array is always returned; + * if there are no logins the array is empty. + * + * @param count + * The number of elements in the array. JS callers can simply use + * the array's .length property, and supply an dummy object for + * this out param. For example: |searchLogins({}, matchData)| + * @param matchData + * The data used to search. This does not follow the same + * requirements as findLogins for those fields. Wildcard matches are + * simply not specified. + * @param logins + * An array of nsILoginInfo objects. + * + * NOTE: This can be called from JS as: + * var logins = pwmgr.searchLogins({}, matchData); + * (|logins| is an array). + */ + void searchLogins(out unsigned long count, in nsIPropertyBag matchData, + [retval, array, size_is(count)] out nsILoginInfo logins); + + /** + * True when a master password prompt is being displayed. + */ + readonly attribute boolean uiBusy; + + /** + * True when the master password has already been entered, and so a caller + * can ask for decrypted logins without triggering a prompt. + */ + readonly attribute boolean isLoggedIn; +}; + +%{C++ + +#define NS_LOGINMANAGER_CONTRACTID "@mozilla.org/login-manager;1" + +%} diff --git a/toolkit/components/passwordmgr/nsILoginManagerCrypto.idl b/toolkit/components/passwordmgr/nsILoginManagerCrypto.idl new file mode 100644 index 000000000..8af36a258 --- /dev/null +++ b/toolkit/components/passwordmgr/nsILoginManagerCrypto.idl @@ -0,0 +1,67 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + + +#include "nsISupports.idl" + +[scriptable, uuid(2030770e-542e-40cd-8061-cd9d4ad4227f)] + +interface nsILoginManagerCrypto : nsISupports { + + const unsigned long ENCTYPE_BASE64 = 0; // obsolete + const unsigned long ENCTYPE_SDR = 1; + + /** + * encrypt + * + * @param plainText + * The string to be encrypted. + * + * Encrypts the specified string, returning the ciphertext value. + * + * NOTE: The current implemention of this inferface simply uses NSS/PSM's + * "Secret Decoder Ring" service. It is not recommended for general + * purpose encryption/decryption. + * + * Can throw if the user cancels entry of their master password. + */ + AString encrypt(in AString plainText); + + /** + * decrypt + * + * @param cipherText + * The string to be decrypted. + * + * Decrypts the specified string, returning the plaintext value. + * + * Can throw if the user cancels entry of their master password, or if the + * cipherText value can not be successfully decrypted (eg, if it was + * encrypted with some other key). + */ + AString decrypt(in AString cipherText); + + /** + * uiBusy + * + * True when a master password prompt is being displayed. + */ + readonly attribute boolean uiBusy; + + /** + * isLoggedIn + * + * Current login state of the token used for encryption. If the user is + * not logged in, performing a crypto operation will result in a master + * password prompt. + */ + readonly attribute boolean isLoggedIn; + + /** + * defaultEncType + * + * Default encryption type used by an implementation of this interface. + */ + readonly attribute unsigned long defaultEncType; +}; diff --git a/toolkit/components/passwordmgr/nsILoginManagerPrompter.idl b/toolkit/components/passwordmgr/nsILoginManagerPrompter.idl new file mode 100644 index 000000000..c673154d1 --- /dev/null +++ b/toolkit/components/passwordmgr/nsILoginManagerPrompter.idl @@ -0,0 +1,94 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + + +#include "nsISupports.idl" + +interface nsILoginInfo; +interface nsIDOMElement; +interface nsIDOMWindow; + +[scriptable, uuid(425f73b9-b2db-4e8a-88c5-9ac2512934ce)] +interface nsILoginManagerPrompter : nsISupports { + /** + * Initialize the prompter. Must be called before using other interfaces. + * + * @param aWindow + * The window in which the user is doing some login-related action that's + * resulting in a need to prompt them for something. The prompt + * will be associated with this window (or, if a notification bar + * is being used, topmost opener in some cases). + * + * aWindow can be null if there is no associated window, e.g. in a JSM + * or Sandbox. In this case there will be no checkbox to save the login + * since the window is needed to know if this is a private context. + * + * If this window is a content window, the corresponding window and browser + * elements will be calculated. If this window is a chrome window, the + * corresponding browser element needs to be set using setBrowser. + */ + void init(in nsIDOMWindow aWindow); + + /** + * The browser this prompter is being created for. + * This is required if the init function received a chrome window as argument. + */ + attribute nsIDOMElement browser; + + /** + * The opener that was used to open the window passed to init. + * The opener can be used to determine in which window the prompt + * should be shown. Must be a content window that is not a frame window, + * make sure to pass the top window using e.g. window.top. + */ + attribute nsIDOMWindow opener; + + /** + * Ask the user if they want to save a login (Yes, Never, Not Now) + * + * @param aLogin + * The login to be saved. + */ + void promptToSavePassword(in nsILoginInfo aLogin); + + /** + * Ask the user if they want to change a login's password or username. + * If the user consents, modifyLogin() will be called. + * + * @param aOldLogin + * The existing login (with the old password). + * @param aNewLogin + * The new login. + */ + void promptToChangePassword(in nsILoginInfo aOldLogin, + in nsILoginInfo aNewLogin); + + /** + * Ask the user if they want to change the password for one of + * multiple logins, when the caller can't determine exactly which + * login should be changed. If the user consents, modifyLogin() will + * be called. + * + * @param logins + * An array of existing logins. + * @param count + * (length of the array) + * @param aNewLogin + * The new login. + * + * Note: Because the caller does not know the username of the login + * to be changed, aNewLogin.username and aNewLogin.usernameField + * will be set (using the user's selection) before modifyLogin() + * is called. + */ + void promptToChangePasswordWithUsernames( + [array, size_is(count)] in nsILoginInfo logins, + in uint32_t count, + in nsILoginInfo aNewLogin); +}; +%{C++ + +#define NS_LOGINMANAGERPROMPTER_CONTRACTID "@mozilla.org/login-manager/prompter/;1" + +%} diff --git a/toolkit/components/passwordmgr/nsILoginManagerStorage.idl b/toolkit/components/passwordmgr/nsILoginManagerStorage.idl new file mode 100644 index 000000000..4ad3dbfe9 --- /dev/null +++ b/toolkit/components/passwordmgr/nsILoginManagerStorage.idl @@ -0,0 +1,211 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + + +#include "nsISupports.idl" + +interface nsIFile; +interface nsILoginInfo; +interface nsIPropertyBag; + +[scriptable, uuid(5df81a93-25e6-4b45-a696-089479e15c7d)] + +/* + * NOTE: This interface is intended to be implemented by modules + * providing storage mechanisms for the login manager. + * Other code should use the login manager's interfaces + * (nsILoginManager), and should not call storage modules + * directly. + */ +interface nsILoginManagerStorage : nsISupports { + /** + * Initialize the component. + * + * At present, other methods of this interface may be called before the + * returned promise is resolved or rejected. + * + * @return {Promise} + * @resolves When initialization is complete. + * @rejects JavaScript exception. + */ + jsval initialize(); + + + /** + * Ensures that all data has been written to disk and all files are closed. + * + * At present, this method is called by regression tests only. Finalization + * on shutdown is done by observers within the component. + * + * @return {Promise} + * @resolves When finalization is complete. + * @rejects JavaScript exception. + */ + jsval terminate(); + + + /** + * Store a new login in the storage module. + * + * @param aLogin + * The login to be added. + * @return a clone of the login info with the guid set (even if it was not provided). + * + * Default values for the login's nsILoginMetaInfo properties will be + * created. However, if the caller specifies non-default values, they will + * be used instead. + */ + nsILoginInfo addLogin(in nsILoginInfo aLogin); + + + /** + * Remove a login from the storage module. + * + * @param aLogin + * The login to be removed. + * + * The specified login must exactly match a stored login. However, the + * values of any nsILoginMetaInfo properties are ignored. + */ + void removeLogin(in nsILoginInfo aLogin); + + + /** + * Modify an existing login in the storage module. + * + * @param oldLogin + * The login to be modified. + * @param newLoginData + * The new login values (either a nsILoginInfo or nsIProperyBag) + * + * If newLoginData is a nsILoginInfo, all of the old login's nsILoginInfo + * properties are changed to the values from newLoginData (but the old + * login's nsILoginMetaInfo properties are unmodified). + * + * If newLoginData is a nsIPropertyBag, only the specified properties + * will be changed. The nsILoginMetaInfo properties of oldLogin can be + * changed in this manner. + * + * If the propertybag contains an item named "timesUsedIncrement", the + * login's timesUsed property will be incremented by the item's value. + */ + void modifyLogin(in nsILoginInfo oldLogin, in nsISupports newLoginData); + + + /** + * Remove all stored logins. + * + * The browser sanitization feature allows the user to clear any stored + * passwords. This interface allows that to be done without getting each + * login first (which might require knowing the master password). + * + */ + void removeAllLogins(); + + + /** + * Fetch all logins in the login manager. An array is always returned; + * if there are no logins the array is empty. + * + * @param count + * The number of elements in the array. JS callers can simply use + * the array's .length property and omit this param. + * @param logins + * An array of nsILoginInfo objects. + * + * NOTE: This can be called from JS as: + * var logins = pwmgr.getAllLogins(); + * (|logins| is an array). + */ + void getAllLogins([optional] out unsigned long count, + [retval, array, size_is(count)] out nsILoginInfo logins); + + + /** + * Search for logins in the login manager. An array is always returned; + * if there are no logins the array is empty. + * + * @param count + * The number of elements in the array. JS callers can simply use + * the array's .length property, and supply an dummy object for + * this out param. For example: |searchLogins({}, matchData)| + * @param matchData + * The data used to search. This does not follow the same + * requirements as findLogins for those fields. Wildcard matches are + * simply not specified. + * @param logins + * An array of nsILoginInfo objects. + * + * NOTE: This can be called from JS as: + * var logins = pwmgr.searchLogins({}, matchData); + * (|logins| is an array). + */ + void searchLogins(out unsigned long count, in nsIPropertyBag matchData, + [retval, array, size_is(count)] out nsILoginInfo logins); + + + /** + * Search for logins matching the specified criteria. Called when looking + * for logins that might be applicable to a form or authentication request. + * + * @param count + * The number of elements in the array. JS callers can simply use + * the array's .length property, and supply an dummy object for + * this out param. For example: |findLogins({}, hostname, ...)| + * @param aHostname + * The hostname to restrict searches to, in URL format. For + * example: "http://www.site.com". + * @param aActionURL + * For form logins, this argument should be the URL to which the + * form will be submitted. For protocol logins, specify null. + * @param aHttpRealm + * For protocol logins, this argument should be the HTTP Realm + * for which the login applies. This is obtained from the + * WWW-Authenticate header. See RFC2617. For form logins, + * specify null. + * @param logins + * An array of nsILoginInfo objects. + * + * NOTE: This can be called from JS as: + * var logins = pwmgr.findLogins({}, hostname, ...); + * + */ + void findLogins(out unsigned long count, in AString aHostname, + in AString aActionURL, in AString aHttpRealm, + [retval, array, size_is(count)] out nsILoginInfo logins); + + + /** + * Search for logins matching the specified criteria, as with + * findLogins(). This interface only returns the number of matching + * logins (and not the logins themselves), which allows a caller to + * check for logins without causing the user to be prompted for a master + * password to decrypt the logins. + * + * @param aHostname + * The hostname to restrict searches to. Specify an empty string + * to match all hosts. A null value will not match any logins, and + * will thus always return a count of 0. + * @param aActionURL + * The URL to which a form login will be submitted. To match any + * form login, specify an empty string. To not match any form + * login, specify null. + * @param aHttpRealm + * The HTTP Realm for which the login applies. To match logins for + * any realm, specify an empty string. To not match logins for any + * realm, specify null. + */ + unsigned long countLogins(in AString aHostname, in AString aActionURL, + in AString aHttpRealm); + /** + * True when a master password prompt is being shown. + */ + readonly attribute boolean uiBusy; + + /** + * True when the master password has already been entered, and so a caller + * can ask for decrypted logins without triggering a prompt. + */ + readonly attribute boolean isLoggedIn; +}; diff --git a/toolkit/components/passwordmgr/nsILoginMetaInfo.idl b/toolkit/components/passwordmgr/nsILoginMetaInfo.idl new file mode 100644 index 000000000..92d8f2bc8 --- /dev/null +++ b/toolkit/components/passwordmgr/nsILoginMetaInfo.idl @@ -0,0 +1,55 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + + +#include "nsISupports.idl" + +[scriptable, uuid(20d8eb40-c494-497f-b2a6-aaa32f807ebd)] + +/** + * An object containing metainfo for a login stored by the login manager. + * + * Code using login manager can generally ignore this interface. When adding + * logins, default value will be created. When modifying logins, these + * properties will be unchanged unless a change is explicitly requested [by + * using modifyLogin() with a nsIPropertyBag]. When deleting a login or + * comparing logins, these properties are ignored. + */ +interface nsILoginMetaInfo : nsISupports { + /** + * The GUID to uniquely identify the login. This can be any arbitrary + * string, but a format as created by nsIUUIDGenerator is recommended. + * For example, "{d4e1a1f6-5ea0-40ee-bff5-da57982f21cf}" + * + * addLogin will generate a random value unless a value is provided. + * + * addLogin and modifyLogin will throw if the GUID already exists. + */ + attribute AString guid; + + /** + * The time, in Unix Epoch milliseconds, when the login was first created. + */ + attribute unsigned long long timeCreated; + + /** + * The time, in Unix Epoch milliseconds, when the login was last submitted + * in a form or used to begin an HTTP auth session. + */ + attribute unsigned long long timeLastUsed; + + /** + * The time, in Unix Epoch milliseconds, when the login was last modified. + * + * Contrary to what the name may suggest, this attribute takes into account + * not only the password but also the username attribute. + */ + attribute unsigned long long timePasswordChanged; + + /** + * The number of times the login was submitted in a form or used to begin + * an HTTP auth session. + */ + attribute unsigned long timesUsed; +}; diff --git a/toolkit/components/passwordmgr/nsLoginInfo.js b/toolkit/components/passwordmgr/nsLoginInfo.js new file mode 100644 index 000000000..d6ea86446 --- /dev/null +++ b/toolkit/components/passwordmgr/nsLoginInfo.js @@ -0,0 +1,93 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); + + +function nsLoginInfo() {} + +nsLoginInfo.prototype = { + + classID : Components.ID("{0f2f347c-1e4f-40cc-8efd-792dea70a85e}"), + QueryInterface: XPCOMUtils.generateQI([Ci.nsILoginInfo, Ci.nsILoginMetaInfo]), + + // + // nsILoginInfo interfaces... + // + + hostname : null, + formSubmitURL : null, + httpRealm : null, + username : null, + password : null, + usernameField : null, + passwordField : null, + + init : function (aHostname, aFormSubmitURL, aHttpRealm, + aUsername, aPassword, + aUsernameField, aPasswordField) { + this.hostname = aHostname; + this.formSubmitURL = aFormSubmitURL; + this.httpRealm = aHttpRealm; + this.username = aUsername; + this.password = aPassword; + this.usernameField = aUsernameField; + this.passwordField = aPasswordField; + }, + + matches(aLogin, ignorePassword) { + return LoginHelper.doLoginsMatch(this, aLogin, { + ignorePassword, + }); + }, + + equals : function (aLogin) { + if (this.hostname != aLogin.hostname || + this.formSubmitURL != aLogin.formSubmitURL || + this.httpRealm != aLogin.httpRealm || + this.username != aLogin.username || + this.password != aLogin.password || + this.usernameField != aLogin.usernameField || + this.passwordField != aLogin.passwordField) + return false; + + return true; + }, + + clone : function() { + let clone = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + clone.init(this.hostname, this.formSubmitURL, this.httpRealm, + this.username, this.password, + this.usernameField, this.passwordField); + + // Copy nsILoginMetaInfo props + clone.QueryInterface(Ci.nsILoginMetaInfo); + clone.guid = this.guid; + clone.timeCreated = this.timeCreated; + clone.timeLastUsed = this.timeLastUsed; + clone.timePasswordChanged = this.timePasswordChanged; + clone.timesUsed = this.timesUsed; + + return clone; + }, + + // + // nsILoginMetaInfo interfaces... + // + + guid : null, + timeCreated : null, + timeLastUsed : null, + timePasswordChanged : null, + timesUsed : null + +}; // end of nsLoginInfo implementation + +this.NSGetFactory = XPCOMUtils.generateNSGetFactory([nsLoginInfo]); diff --git a/toolkit/components/passwordmgr/nsLoginManager.js b/toolkit/components/passwordmgr/nsLoginManager.js new file mode 100644 index 000000000..514351fa5 --- /dev/null +++ b/toolkit/components/passwordmgr/nsLoginManager.js @@ -0,0 +1,541 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + +const PERMISSION_SAVE_LOGINS = "login-saving"; + +Cu.import("resource://gre/modules/AppConstants.jsm"); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/Timer.jsm"); +Cu.import("resource://gre/modules/LoginManagerContent.jsm"); /* global UserAutoCompleteResult */ + +XPCOMUtils.defineLazyModuleGetter(this, "Promise", + "resource://gre/modules/Promise.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "Task", + "resource://gre/modules/Task.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "BrowserUtils", + "resource://gre/modules/BrowserUtils.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginFormFactory", + "resource://gre/modules/LoginManagerContent.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "InsecurePasswordUtils", + "resource://gre/modules/InsecurePasswordUtils.jsm"); + +XPCOMUtils.defineLazyGetter(this, "log", () => { + let logger = LoginHelper.createLogger("nsLoginManager"); + return logger; +}); + +const MS_PER_DAY = 24 * 60 * 60 * 1000; + +function LoginManager() { + this.init(); +} + +LoginManager.prototype = { + + classID: Components.ID("{cb9e0de8-3598-4ed7-857b-827f011ad5d8}"), + QueryInterface: XPCOMUtils.generateQI([Ci.nsILoginManager, + Ci.nsISupportsWeakReference, + Ci.nsIInterfaceRequestor]), + getInterface(aIID) { + if (aIID.equals(Ci.mozIStorageConnection) && this._storage) { + let ir = this._storage.QueryInterface(Ci.nsIInterfaceRequestor); + return ir.getInterface(aIID); + } + + if (aIID.equals(Ci.nsIVariant)) { + // Allows unwrapping the JavaScript object for regression tests. + return this; + } + + throw new Components.Exception("Interface not available", Cr.NS_ERROR_NO_INTERFACE); + }, + + + /* ---------- private members ---------- */ + + + __formFillService: null, // FormFillController, for username autocompleting + get _formFillService() { + if (!this.__formFillService) { + this.__formFillService = Cc["@mozilla.org/satchel/form-fill-controller;1"]. + getService(Ci.nsIFormFillController); + } + return this.__formFillService; + }, + + + _storage: null, // Storage component which contains the saved logins + _prefBranch: null, // Preferences service + _remember: true, // mirrors signon.rememberSignons preference + + + /** + * Initialize the Login Manager. Automatically called when service + * is created. + * + * Note: Service created in /browser/base/content/browser.js, + * delayedStartup() + */ + init() { + + // Cache references to current |this| in utility objects + this._observer._pwmgr = this; + + // Preferences. Add observer so we get notified of changes. + this._prefBranch = Services.prefs.getBranch("signon."); + this._prefBranch.addObserver("rememberSignons", this._observer, false); + + this._remember = this._prefBranch.getBoolPref("rememberSignons"); + this._autoCompleteLookupPromise = null; + + // Form submit observer checks forms for new logins and pw changes. + Services.obs.addObserver(this._observer, "xpcom-shutdown", false); + + if (Services.appinfo.processType === + Services.appinfo.PROCESS_TYPE_DEFAULT) { + Services.obs.addObserver(this._observer, "passwordmgr-storage-replace", + false); + + // Initialize storage so that asynchronous data loading can start. + this._initStorage(); + } + + Services.obs.addObserver(this._observer, "gather-telemetry", false); + }, + + + _initStorage() { + let contractID; + if (AppConstants.platform == "android") { + contractID = "@mozilla.org/login-manager/storage/mozStorage;1"; + } else { + contractID = "@mozilla.org/login-manager/storage/json;1"; + } + try { + let catMan = Cc["@mozilla.org/categorymanager;1"]. + getService(Ci.nsICategoryManager); + contractID = catMan.getCategoryEntry("login-manager-storage", + "nsILoginManagerStorage"); + log.debug("Found alternate nsILoginManagerStorage with contract ID:", contractID); + } catch (e) { + log.debug("No alternate nsILoginManagerStorage registered"); + } + + this._storage = Cc[contractID]. + createInstance(Ci.nsILoginManagerStorage); + this.initializationPromise = this._storage.initialize(); + }, + + + /* ---------- Utility objects ---------- */ + + + /** + * Internal utility object, implements the nsIObserver interface. + * Used to receive notification for: form submission, preference changes. + */ + _observer: { + _pwmgr: null, + + QueryInterface: XPCOMUtils.generateQI([Ci.nsIObserver, + Ci.nsISupportsWeakReference]), + + // nsIObserver + observe(subject, topic, data) { + if (topic == "nsPref:changed") { + var prefName = data; + log.debug("got change to", prefName, "preference"); + + if (prefName == "rememberSignons") { + this._pwmgr._remember = + this._pwmgr._prefBranch.getBoolPref("rememberSignons"); + } else { + log.debug("Oops! Pref not handled, change ignored."); + } + } else if (topic == "xpcom-shutdown") { + delete this._pwmgr.__formFillService; + delete this._pwmgr._storage; + delete this._pwmgr._prefBranch; + this._pwmgr = null; + } else if (topic == "passwordmgr-storage-replace") { + Task.spawn(function* () { + yield this._pwmgr._storage.terminate(); + this._pwmgr._initStorage(); + yield this._pwmgr.initializationPromise; + Services.obs.notifyObservers(null, + "passwordmgr-storage-replace-complete", null); + }.bind(this)); + } else if (topic == "gather-telemetry") { + // When testing, the "data" parameter is a string containing the + // reference time in milliseconds for time-based statistics. + this._pwmgr._gatherTelemetry(data ? parseInt(data) + : new Date().getTime()); + } else { + log.debug("Oops! Unexpected notification:", topic); + } + } + }, + + /** + * Collects statistics about the current logins and settings. The telemetry + * histograms used here are not accumulated, but are reset each time this + * function is called, since it can be called multiple times in a session. + * + * This function might also not be called at all in the current session. + * + * @param referenceTimeMs + * Current time used to calculate time-based statistics, expressed as + * the number of milliseconds since January 1, 1970, 00:00:00 UTC. + * This is set to a fake value during unit testing. + */ + _gatherTelemetry(referenceTimeMs) { + function clearAndGetHistogram(histogramId) { + let histogram = Services.telemetry.getHistogramById(histogramId); + histogram.clear(); + return histogram; + } + + clearAndGetHistogram("PWMGR_BLOCKLIST_NUM_SITES").add( + this.getAllDisabledHosts({}).length + ); + clearAndGetHistogram("PWMGR_NUM_SAVED_PASSWORDS").add( + this.countLogins("", "", "") + ); + clearAndGetHistogram("PWMGR_NUM_HTTPAUTH_PASSWORDS").add( + this.countLogins("", null, "") + ); + + // This is a boolean histogram, and not a flag, because we don't want to + // record any value if _gatherTelemetry is not called. + clearAndGetHistogram("PWMGR_SAVING_ENABLED").add(this._remember); + + // Don't try to get logins if MP is enabled, since we don't want to show a MP prompt. + if (!this.isLoggedIn) { + return; + } + + let logins = this.getAllLogins({}); + + let usernamePresentHistogram = clearAndGetHistogram("PWMGR_USERNAME_PRESENT"); + let loginLastUsedDaysHistogram = clearAndGetHistogram("PWMGR_LOGIN_LAST_USED_DAYS"); + + let hostnameCount = new Map(); + for (let login of logins) { + usernamePresentHistogram.add(!!login.username); + + let hostname = login.hostname; + hostnameCount.set(hostname, (hostnameCount.get(hostname) || 0 ) + 1); + + login.QueryInterface(Ci.nsILoginMetaInfo); + let timeLastUsedAgeMs = referenceTimeMs - login.timeLastUsed; + if (timeLastUsedAgeMs > 0) { + loginLastUsedDaysHistogram.add( + Math.floor(timeLastUsedAgeMs / MS_PER_DAY) + ); + } + } + + let passwordsCountHistogram = clearAndGetHistogram("PWMGR_NUM_PASSWORDS_PER_HOSTNAME"); + for (let count of hostnameCount.values()) { + passwordsCountHistogram.add(count); + } + }, + + + + + + /* ---------- Primary Public interfaces ---------- */ + + + + + /** + * @type Promise + * This promise is resolved when initialization is complete, and is rejected + * in case the asynchronous part of initialization failed. + */ + initializationPromise: null, + + + /** + * Add a new login to login storage. + */ + addLogin(login) { + // Sanity check the login + if (login.hostname == null || login.hostname.length == 0) { + throw new Error("Can't add a login with a null or empty hostname."); + } + + // For logins w/o a username, set to "", not null. + if (login.username == null) { + throw new Error("Can't add a login with a null username."); + } + + if (login.password == null || login.password.length == 0) { + throw new Error("Can't add a login with a null or empty password."); + } + + if (login.formSubmitURL || login.formSubmitURL == "") { + // We have a form submit URL. Can't have a HTTP realm. + if (login.httpRealm != null) { + throw new Error("Can't add a login with both a httpRealm and formSubmitURL."); + } + } else if (login.httpRealm) { + // We have a HTTP realm. Can't have a form submit URL. + if (login.formSubmitURL != null) { + throw new Error("Can't add a login with both a httpRealm and formSubmitURL."); + } + } else { + // Need one or the other! + throw new Error("Can't add a login without a httpRealm or formSubmitURL."); + } + + + // Look for an existing entry. + var logins = this.findLogins({}, login.hostname, login.formSubmitURL, + login.httpRealm); + + if (logins.some(l => login.matches(l, true))) { + throw new Error("This login already exists."); + } + + log.debug("Adding login"); + return this._storage.addLogin(login); + }, + + /** + * Remove the specified login from the stored logins. + */ + removeLogin(login) { + log.debug("Removing login"); + return this._storage.removeLogin(login); + }, + + + /** + * Change the specified login to match the new login. + */ + modifyLogin(oldLogin, newLogin) { + log.debug("Modifying login"); + return this._storage.modifyLogin(oldLogin, newLogin); + }, + + + /** + * Get a dump of all stored logins. Used by the login manager UI. + * + * @param count - only needed for XPCOM. + * @return {nsILoginInfo[]} - If there are no logins, the array is empty. + */ + getAllLogins(count) { + log.debug("Getting a list of all logins"); + return this._storage.getAllLogins(count); + }, + + + /** + * Remove all stored logins. + */ + removeAllLogins() { + log.debug("Removing all logins"); + this._storage.removeAllLogins(); + }, + + /** + * Get a list of all origins for which logins are disabled. + * + * @param {Number} count - only needed for XPCOM. + * + * @return {String[]} of disabled origins. If there are no disabled origins, + * the array is empty. + */ + getAllDisabledHosts(count) { + log.debug("Getting a list of all disabled origins"); + + let disabledHosts = []; + let enumerator = Services.perms.enumerator; + + while (enumerator.hasMoreElements()) { + let perm = enumerator.getNext(); + if (perm.type == PERMISSION_SAVE_LOGINS && perm.capability == Services.perms.DENY_ACTION) { + disabledHosts.push(perm.principal.URI.prePath); + } + } + + if (count) + count.value = disabledHosts.length; // needed for XPCOM + + log.debug("getAllDisabledHosts: returning", disabledHosts.length, "disabled hosts."); + return disabledHosts; + }, + + + /** + * Search for the known logins for entries matching the specified criteria. + */ + findLogins(count, origin, formActionOrigin, httpRealm) { + log.debug("Searching for logins matching origin:", origin, + "formActionOrigin:", formActionOrigin, "httpRealm:", httpRealm); + + return this._storage.findLogins(count, origin, formActionOrigin, + httpRealm); + }, + + + /** + * Public wrapper around _searchLogins to convert the nsIPropertyBag to a + * JavaScript object and decrypt the results. + * + * @return {nsILoginInfo[]} which are decrypted. + */ + searchLogins(count, matchData) { + log.debug("Searching for logins"); + + matchData.QueryInterface(Ci.nsIPropertyBag2); + if (!matchData.hasKey("guid")) { + if (!matchData.hasKey("hostname")) { + log.warn("searchLogins: A `hostname` is recommended"); + } + + if (!matchData.hasKey("formSubmitURL") && !matchData.hasKey("httpRealm")) { + log.warn("searchLogins: `formSubmitURL` or `httpRealm` is recommended"); + } + } + + return this._storage.searchLogins(count, matchData); + }, + + + /** + * Search for the known logins for entries matching the specified criteria, + * returns only the count. + */ + countLogins(origin, formActionOrigin, httpRealm) { + log.debug("Counting logins matching origin:", origin, + "formActionOrigin:", formActionOrigin, "httpRealm:", httpRealm); + + return this._storage.countLogins(origin, formActionOrigin, httpRealm); + }, + + + get uiBusy() { + return this._storage.uiBusy; + }, + + + get isLoggedIn() { + return this._storage.isLoggedIn; + }, + + + /** + * Check to see if user has disabled saving logins for the origin. + */ + getLoginSavingEnabled(origin) { + log.debug("Checking if logins to", origin, "can be saved."); + if (!this._remember) { + return false; + } + + let uri = Services.io.newURI(origin, null, null); + return Services.perms.testPermission(uri, PERMISSION_SAVE_LOGINS) != Services.perms.DENY_ACTION; + }, + + + /** + * Enable or disable storing logins for the specified origin. + */ + setLoginSavingEnabled(origin, enabled) { + // Throws if there are bogus values. + LoginHelper.checkHostnameValue(origin); + + let uri = Services.io.newURI(origin, null, null); + if (enabled) { + Services.perms.remove(uri, PERMISSION_SAVE_LOGINS); + } else { + Services.perms.add(uri, PERMISSION_SAVE_LOGINS, Services.perms.DENY_ACTION); + } + + log.debug("Login saving for", origin, "now enabled?", enabled); + LoginHelper.notifyStorageChanged(enabled ? "hostSavingEnabled" : "hostSavingDisabled", origin); + }, + + /** + * Yuck. This is called directly by satchel: + * nsFormFillController::StartSearch() + * [toolkit/components/satchel/nsFormFillController.cpp] + * + * We really ought to have a simple way for code to register an + * auto-complete provider, and not have satchel calling pwmgr directly. + */ + autoCompleteSearchAsync(aSearchString, aPreviousResult, + aElement, aCallback) { + // aPreviousResult is an nsIAutoCompleteResult, aElement is + // nsIDOMHTMLInputElement + + let form = LoginFormFactory.createFromField(aElement); + let isSecure = InsecurePasswordUtils.isFormSecure(form); + let isPasswordField = aElement.type == "password"; + + let completeSearch = (autoCompleteLookupPromise, { logins, messageManager }) => { + // If the search was canceled before we got our + // results, don't bother reporting them. + if (this._autoCompleteLookupPromise !== autoCompleteLookupPromise) { + return; + } + + this._autoCompleteLookupPromise = null; + let results = new UserAutoCompleteResult(aSearchString, logins, { + messageManager, + isSecure, + isPasswordField, + }); + aCallback.onSearchCompletion(results); + }; + + if (isPasswordField && aSearchString) { + // Return empty result on password fields with password already filled. + let acLookupPromise = this._autoCompleteLookupPromise = Promise.resolve({ logins: [] }); + acLookupPromise.then(completeSearch.bind(this, acLookupPromise)); + return; + } + + if (!this._remember) { + let acLookupPromise = this._autoCompleteLookupPromise = Promise.resolve({ logins: [] }); + acLookupPromise.then(completeSearch.bind(this, acLookupPromise)); + return; + } + + log.debug("AutoCompleteSearch invoked. Search is:", aSearchString); + + let previousResult; + if (aPreviousResult) { + previousResult = { searchString: aPreviousResult.searchString, + logins: aPreviousResult.wrappedJSObject.logins }; + } else { + previousResult = null; + } + + let rect = BrowserUtils.getElementBoundingScreenRect(aElement); + let acLookupPromise = this._autoCompleteLookupPromise = + LoginManagerContent._autoCompleteSearchAsync(aSearchString, previousResult, + aElement, rect); + acLookupPromise.then(completeSearch.bind(this, acLookupPromise)) + .then(null, Cu.reportError); + }, + + stopSearch() { + this._autoCompleteLookupPromise = null; + }, +}; // end of LoginManager implementation + +this.NSGetFactory = XPCOMUtils.generateNSGetFactory([LoginManager]); diff --git a/toolkit/components/passwordmgr/nsLoginManagerPrompter.js b/toolkit/components/passwordmgr/nsLoginManagerPrompter.js new file mode 100644 index 000000000..b66489234 --- /dev/null +++ b/toolkit/components/passwordmgr/nsLoginManagerPrompter.js @@ -0,0 +1,1701 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/PrivateBrowsingUtils.jsm"); +const { PromptUtils } = Cu.import("resource://gre/modules/SharedPromptUtils.jsm", {}); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); + +const LoginInfo = + Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + "nsILoginInfo", "init"); + +const BRAND_BUNDLE = "chrome://branding/locale/brand.properties"; + +/** + * Constants for password prompt telemetry. + * Mirrored in mobile/android/components/LoginManagerPrompter.js */ +const PROMPT_DISPLAYED = 0; + +const PROMPT_ADD_OR_UPDATE = 1; +const PROMPT_NOTNOW = 2; +const PROMPT_NEVER = 3; + +/** + * Implements nsIPromptFactory + * + * Invoked by [toolkit/components/prompts/src/nsPrompter.js] + */ +function LoginManagerPromptFactory() { + Services.obs.addObserver(this, "quit-application-granted", true); + Services.obs.addObserver(this, "passwordmgr-crypto-login", true); + Services.obs.addObserver(this, "passwordmgr-crypto-loginCanceled", true); +} + +LoginManagerPromptFactory.prototype = { + + classID : Components.ID("{749e62f4-60ae-4569-a8a2-de78b649660e}"), + QueryInterface : XPCOMUtils.generateQI([Ci.nsIPromptFactory, Ci.nsIObserver, Ci.nsISupportsWeakReference]), + + _asyncPrompts : {}, + _asyncPromptInProgress : false, + + observe : function (subject, topic, data) { + this.log("Observed: " + topic); + if (topic == "quit-application-granted") { + this._cancelPendingPrompts(); + } else if (topic == "passwordmgr-crypto-login") { + // Start processing the deferred prompters. + this._doAsyncPrompt(); + } else if (topic == "passwordmgr-crypto-loginCanceled") { + // User canceled a Master Password prompt, so go ahead and cancel + // all pending auth prompts to avoid nagging over and over. + this._cancelPendingPrompts(); + } + }, + + getPrompt : function (aWindow, aIID) { + var prompt = new LoginManagerPrompter().QueryInterface(aIID); + prompt.init(aWindow, this); + return prompt; + }, + + _doAsyncPrompt : function() { + if (this._asyncPromptInProgress) { + this.log("_doAsyncPrompt bypassed, already in progress"); + return; + } + + // Find the first prompt key we have in the queue + var hashKey = null; + for (hashKey in this._asyncPrompts) + break; + + if (!hashKey) { + this.log("_doAsyncPrompt:run bypassed, no prompts in the queue"); + return; + } + + // If login manger has logins for this host, defer prompting if we're + // already waiting on a master password entry. + var prompt = this._asyncPrompts[hashKey]; + var prompter = prompt.prompter; + var [hostname, httpRealm] = prompter._getAuthTarget(prompt.channel, prompt.authInfo); + var hasLogins = (prompter._pwmgr.countLogins(hostname, null, httpRealm) > 0); + if (!hasLogins && LoginHelper.schemeUpgrades && hostname.startsWith("https://")) { + let httpHostname = hostname.replace(/^https:\/\//, "http://"); + hasLogins = (prompter._pwmgr.countLogins(httpHostname, null, httpRealm) > 0); + } + if (hasLogins && prompter._pwmgr.uiBusy) { + this.log("_doAsyncPrompt:run bypassed, master password UI busy"); + return; + } + + // Allow only a limited number of authentication dialogs when they are all + // canceled by the user. + var cancelationCounter = (prompter._browser && prompter._browser.canceledAuthenticationPromptCounter) || { count: 0, id: 0 }; + if (prompt.channel) { + var httpChannel = prompt.channel.QueryInterface(Ci.nsIHttpChannel); + if (httpChannel) { + var windowId = httpChannel.topLevelContentWindowId; + if (windowId != cancelationCounter.id) { + // window has been reloaded or navigated, reset the counter + cancelationCounter = { count: 0, id: windowId }; + } + } + } + + var self = this; + + var runnable = { + cancel: false, + run : function() { + var ok = false; + if (!this.cancel) { + try { + self.log("_doAsyncPrompt:run - performing the prompt for '" + hashKey + "'"); + ok = prompter.promptAuth(prompt.channel, + prompt.level, + prompt.authInfo); + } catch (e) { + if (e instanceof Components.Exception && + e.result == Cr.NS_ERROR_NOT_AVAILABLE) { + self.log("_doAsyncPrompt:run bypassed, UI is not available in this context"); + } else { + Components.utils.reportError("LoginManagerPrompter: " + + "_doAsyncPrompt:run: " + e + "\n"); + } + } + + delete self._asyncPrompts[hashKey]; + prompt.inProgress = false; + self._asyncPromptInProgress = false; + + if (ok) { + cancelationCounter.count = 0; + } else { + cancelationCounter.count++; + } + if (prompter._browser) { + prompter._browser.canceledAuthenticationPromptCounter = cancelationCounter; + } + } + + for (var consumer of prompt.consumers) { + if (!consumer.callback) + // Not having a callback means that consumer didn't provide it + // or canceled the notification + continue; + + self.log("Calling back to " + consumer.callback + " ok=" + ok); + try { + if (ok) { + consumer.callback.onAuthAvailable(consumer.context, prompt.authInfo); + } else { + consumer.callback.onAuthCancelled(consumer.context, !this.cancel); + } + } catch (e) { /* Throw away exceptions caused by callback */ } + } + self._doAsyncPrompt(); + } + }; + + var cancelDialogLimit = Services.prefs.getIntPref("prompts.authentication_dialog_abuse_limit"); + + this.log("cancelationCounter =", cancelationCounter); + if (cancelDialogLimit && cancelationCounter.count >= cancelDialogLimit) { + this.log("Blocking auth dialog, due to exceeding dialog bloat limit"); + delete this._asyncPrompts[hashKey]; + + // just make the runnable cancel all consumers + runnable.cancel = true; + } else { + this._asyncPromptInProgress = true; + prompt.inProgress = true; + } + + Services.tm.mainThread.dispatch(runnable, Ci.nsIThread.DISPATCH_NORMAL); + this.log("_doAsyncPrompt:run dispatched"); + }, + + + _cancelPendingPrompts : function() { + this.log("Canceling all pending prompts..."); + var asyncPrompts = this._asyncPrompts; + this.__proto__._asyncPrompts = {}; + + for (var hashKey in asyncPrompts) { + let prompt = asyncPrompts[hashKey]; + // Watch out! If this prompt is currently prompting, let it handle + // notifying the callbacks of success/failure, since it's already + // asking the user for input. Reusing a callback can be crashy. + if (prompt.inProgress) { + this.log("skipping a prompt in progress"); + continue; + } + + for (var consumer of prompt.consumers) { + if (!consumer.callback) + continue; + + this.log("Canceling async auth prompt callback " + consumer.callback); + try { + consumer.callback.onAuthCancelled(consumer.context, true); + } catch (e) { /* Just ignore exceptions from the callback */ } + } + } + }, +}; // end of LoginManagerPromptFactory implementation + +XPCOMUtils.defineLazyGetter(this.LoginManagerPromptFactory.prototype, "log", () => { + let logger = LoginHelper.createLogger("Login PromptFactory"); + return logger.log.bind(logger); +}); + + + + +/* ==================== LoginManagerPrompter ==================== */ + + + + +/** + * Implements interfaces for prompting the user to enter/save/change auth info. + * + * nsIAuthPrompt: Used by SeaMonkey, Thunderbird, but not Firefox. + * + * nsIAuthPrompt2: Is invoked by a channel for protocol-based authentication + * (eg HTTP Authenticate, FTP login). + * + * nsILoginManagerPrompter: Used by Login Manager for saving/changing logins + * found in HTML forms. + */ +function LoginManagerPrompter() {} + +LoginManagerPrompter.prototype = { + + classID : Components.ID("{8aa66d77-1bbb-45a6-991e-b8f47751c291}"), + QueryInterface : XPCOMUtils.generateQI([Ci.nsIAuthPrompt, + Ci.nsIAuthPrompt2, + Ci.nsILoginManagerPrompter]), + + _factory : null, + _chromeWindow : null, + _browser : null, + _opener : null, + + __pwmgr : null, // Password Manager service + get _pwmgr() { + if (!this.__pwmgr) + this.__pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + return this.__pwmgr; + }, + + __promptService : null, // Prompt service for user interaction + get _promptService() { + if (!this.__promptService) + this.__promptService = + Cc["@mozilla.org/embedcomp/prompt-service;1"]. + getService(Ci.nsIPromptService2); + return this.__promptService; + }, + + + __strBundle : null, // String bundle for L10N + get _strBundle() { + if (!this.__strBundle) { + var bunService = Cc["@mozilla.org/intl/stringbundle;1"]. + getService(Ci.nsIStringBundleService); + this.__strBundle = bunService.createBundle( + "chrome://passwordmgr/locale/passwordmgr.properties"); + if (!this.__strBundle) + throw new Error("String bundle for Login Manager not present!"); + } + + return this.__strBundle; + }, + + + __ellipsis : null, + get _ellipsis() { + if (!this.__ellipsis) { + this.__ellipsis = "\u2026"; + try { + this.__ellipsis = Services.prefs.getComplexValue( + "intl.ellipsis", Ci.nsIPrefLocalizedString).data; + } catch (e) { } + } + return this.__ellipsis; + }, + + + // Whether we are in private browsing mode + get _inPrivateBrowsing() { + if (this._chromeWindow) { + return PrivateBrowsingUtils.isWindowPrivate(this._chromeWindow); + } + // If we don't that we're in private browsing mode if the caller did + // not provide a window. The callers which really care about this + // will indeed pass down a window to us, and for those who don't, + // we can just assume that we don't want to save the entered login + // information. + this.log("We have no chromeWindow so assume we're in a private context"); + return true; + }, + + + + + /* ---------- nsIAuthPrompt prompts ---------- */ + + + /** + * Wrapper around the prompt service prompt. Saving random fields here + * doesn't really make sense and therefore isn't implemented. + */ + prompt : function (aDialogTitle, aText, aPasswordRealm, + aSavePassword, aDefaultText, aResult) { + if (aSavePassword != Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER) + throw new Components.Exception("prompt only supports SAVE_PASSWORD_NEVER", + Cr.NS_ERROR_NOT_IMPLEMENTED); + + this.log("===== prompt() called ====="); + + if (aDefaultText) { + aResult.value = aDefaultText; + } + + return this._promptService.prompt(this._chromeWindow, + aDialogTitle, aText, aResult, null, {}); + }, + + + /** + * Looks up a username and password in the database. Will prompt the user + * with a dialog, even if a username and password are found. + */ + promptUsernameAndPassword : function (aDialogTitle, aText, aPasswordRealm, + aSavePassword, aUsername, aPassword) { + this.log("===== promptUsernameAndPassword() called ====="); + + if (aSavePassword == Ci.nsIAuthPrompt.SAVE_PASSWORD_FOR_SESSION) + throw new Components.Exception("promptUsernameAndPassword doesn't support SAVE_PASSWORD_FOR_SESSION", + Cr.NS_ERROR_NOT_IMPLEMENTED); + + var selectedLogin = null; + var checkBox = { value : false }; + var checkBoxLabel = null; + var [hostname, realm, unused] = this._getRealmInfo(aPasswordRealm); + + // If hostname is null, we can't save this login. + if (hostname) { + var canRememberLogin; + if (this._inPrivateBrowsing) + canRememberLogin = false; + else + canRememberLogin = (aSavePassword == + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY) && + this._pwmgr.getLoginSavingEnabled(hostname); + + // if checkBoxLabel is null, the checkbox won't be shown at all. + if (canRememberLogin) + checkBoxLabel = this._getLocalizedString("rememberPassword"); + + // Look for existing logins. + var foundLogins = this._pwmgr.findLogins({}, hostname, null, + realm); + + // XXX Like the original code, we can't deal with multiple + // account selection. (bug 227632) + if (foundLogins.length > 0) { + selectedLogin = foundLogins[0]; + + // If the caller provided a username, try to use it. If they + // provided only a password, this will try to find a password-only + // login (or return null if none exists). + if (aUsername.value) + selectedLogin = this._repickSelectedLogin(foundLogins, + aUsername.value); + + if (selectedLogin) { + checkBox.value = true; + aUsername.value = selectedLogin.username; + // If the caller provided a password, prefer it. + if (!aPassword.value) + aPassword.value = selectedLogin.password; + } + } + } + + var ok = this._promptService.promptUsernameAndPassword(this._chromeWindow, + aDialogTitle, aText, aUsername, aPassword, + checkBoxLabel, checkBox); + + if (!ok || !checkBox.value || !hostname) + return ok; + + if (!aPassword.value) { + this.log("No password entered, so won't offer to save."); + return ok; + } + + // XXX We can't prompt with multiple logins yet (bug 227632), so + // the entered login might correspond to an existing login + // other than the one we originally selected. + selectedLogin = this._repickSelectedLogin(foundLogins, aUsername.value); + + // If we didn't find an existing login, or if the username + // changed, save as a new login. + let newLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + newLogin.init(hostname, null, realm, + aUsername.value, aPassword.value, "", ""); + if (!selectedLogin) { + // add as new + this.log("New login seen for " + realm); + this._pwmgr.addLogin(newLogin); + } else if (aPassword.value != selectedLogin.password) { + // update password + this.log("Updating password for " + realm); + this._updateLogin(selectedLogin, newLogin); + } else { + this.log("Login unchanged, no further action needed."); + this._updateLogin(selectedLogin); + } + + return ok; + }, + + + /** + * If a password is found in the database for the password realm, it is + * returned straight away without displaying a dialog. + * + * If a password is not found in the database, the user will be prompted + * with a dialog with a text field and ok/cancel buttons. If the user + * allows it, then the password will be saved in the database. + */ + promptPassword : function (aDialogTitle, aText, aPasswordRealm, + aSavePassword, aPassword) { + this.log("===== promptPassword called() ====="); + + if (aSavePassword == Ci.nsIAuthPrompt.SAVE_PASSWORD_FOR_SESSION) + throw new Components.Exception("promptPassword doesn't support SAVE_PASSWORD_FOR_SESSION", + Cr.NS_ERROR_NOT_IMPLEMENTED); + + var checkBox = { value : false }; + var checkBoxLabel = null; + var [hostname, realm, username] = this._getRealmInfo(aPasswordRealm); + + username = decodeURIComponent(username); + + // If hostname is null, we can't save this login. + if (hostname && !this._inPrivateBrowsing) { + var canRememberLogin = (aSavePassword == + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY) && + this._pwmgr.getLoginSavingEnabled(hostname); + + // if checkBoxLabel is null, the checkbox won't be shown at all. + if (canRememberLogin) + checkBoxLabel = this._getLocalizedString("rememberPassword"); + + if (!aPassword.value) { + // Look for existing logins. + var foundLogins = this._pwmgr.findLogins({}, hostname, null, + realm); + + // XXX Like the original code, we can't deal with multiple + // account selection (bug 227632). We can deal with finding the + // account based on the supplied username - but in this case we'll + // just return the first match. + for (var i = 0; i < foundLogins.length; ++i) { + if (foundLogins[i].username == username) { + aPassword.value = foundLogins[i].password; + // wallet returned straight away, so this mimics that code + return true; + } + } + } + } + + var ok = this._promptService.promptPassword(this._chromeWindow, aDialogTitle, + aText, aPassword, + checkBoxLabel, checkBox); + + if (ok && checkBox.value && hostname && aPassword.value) { + var newLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + newLogin.init(hostname, null, realm, username, + aPassword.value, "", ""); + + this.log("New login seen for " + realm); + + this._pwmgr.addLogin(newLogin); + } + + return ok; + }, + + /* ---------- nsIAuthPrompt helpers ---------- */ + + + /** + * Given aRealmString, such as "http://user@example.com/foo", returns an + * array of: + * - the formatted hostname + * - the realm (hostname + path) + * - the username, if present + * + * If aRealmString is in the format produced by NS_GetAuthKey for HTTP[S] + * channels, e.g. "example.com:80 (httprealm)", null is returned for all + * arguments to let callers know the login can't be saved because we don't + * know whether it's http or https. + */ + _getRealmInfo : function (aRealmString) { + var httpRealm = /^.+ \(.+\)$/; + if (httpRealm.test(aRealmString)) + return [null, null, null]; + + var uri = Services.io.newURI(aRealmString, null, null); + var pathname = ""; + + if (uri.path != "/") + pathname = uri.path; + + var formattedHostname = this._getFormattedHostname(uri); + + return [formattedHostname, formattedHostname + pathname, uri.username]; + }, + + /* ---------- nsIAuthPrompt2 prompts ---------- */ + + + + + /** + * Implementation of nsIAuthPrompt2. + * + * @param {nsIChannel} aChannel + * @param {int} aLevel + * @param {nsIAuthInformation} aAuthInfo + */ + promptAuth : function (aChannel, aLevel, aAuthInfo) { + var selectedLogin = null; + var checkbox = { value : false }; + var checkboxLabel = null; + var epicfail = false; + var canAutologin = false; + var notifyObj; + var foundLogins; + + try { + this.log("===== promptAuth called ====="); + + // If the user submits a login but it fails, we need to remove the + // notification bar that was displayed. Conveniently, the user will + // be prompted for authentication again, which brings us here. + this._removeLoginNotifications(); + + var [hostname, httpRealm] = this._getAuthTarget(aChannel, aAuthInfo); + + // Looks for existing logins to prefill the prompt with. + foundLogins = LoginHelper.searchLoginsWithObject({ + hostname, + httpRealm, + schemeUpgrades: LoginHelper.schemeUpgrades, + }); + this.log("found", foundLogins.length, "matching logins."); + let resolveBy = [ + "scheme", + "timePasswordChanged", + ]; + foundLogins = LoginHelper.dedupeLogins(foundLogins, ["username"], resolveBy, hostname); + this.log(foundLogins.length, "matching logins remain after deduping"); + + // XXX Can't select from multiple accounts yet. (bug 227632) + if (foundLogins.length > 0) { + selectedLogin = foundLogins[0]; + this._SetAuthInfo(aAuthInfo, selectedLogin.username, + selectedLogin.password); + + // Allow automatic proxy login + if (aAuthInfo.flags & Ci.nsIAuthInformation.AUTH_PROXY && + !(aAuthInfo.flags & Ci.nsIAuthInformation.PREVIOUS_FAILED) && + Services.prefs.getBoolPref("signon.autologin.proxy") && + !this._inPrivateBrowsing) { + + this.log("Autologin enabled, skipping auth prompt."); + canAutologin = true; + } + + checkbox.value = true; + } + + var canRememberLogin = this._pwmgr.getLoginSavingEnabled(hostname); + if (this._inPrivateBrowsing) + canRememberLogin = false; + + // if checkboxLabel is null, the checkbox won't be shown at all. + notifyObj = this._getPopupNote() || this._getNotifyBox(); + if (canRememberLogin && !notifyObj) + checkboxLabel = this._getLocalizedString("rememberPassword"); + } catch (e) { + // Ignore any errors and display the prompt anyway. + epicfail = true; + Components.utils.reportError("LoginManagerPrompter: " + + "Epic fail in promptAuth: " + e + "\n"); + } + + var ok = canAutologin; + if (!ok) { + if (this._chromeWindow) + PromptUtils.fireDialogEvent(this._chromeWindow, "DOMWillOpenModalDialog", this._browser); + ok = this._promptService.promptAuth(this._chromeWindow, + aChannel, aLevel, aAuthInfo, + checkboxLabel, checkbox); + } + + // If there's a notification box, use it to allow the user to + // determine if the login should be saved. If there isn't a + // notification box, only save the login if the user set the + // checkbox to do so. + var rememberLogin = notifyObj ? canRememberLogin : checkbox.value; + if (!ok || !rememberLogin || epicfail) + return ok; + + try { + var [username, password] = this._GetAuthInfo(aAuthInfo); + + if (!password) { + this.log("No password entered, so won't offer to save."); + return ok; + } + + // XXX We can't prompt with multiple logins yet (bug 227632), so + // the entered login might correspond to an existing login + // other than the one we originally selected. + selectedLogin = this._repickSelectedLogin(foundLogins, username); + + // If we didn't find an existing login, or if the username + // changed, save as a new login. + let newLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + newLogin.init(hostname, null, httpRealm, + username, password, "", ""); + if (!selectedLogin) { + this.log("New login seen for " + username + + " @ " + hostname + " (" + httpRealm + ")"); + + if (notifyObj) + this._showSaveLoginNotification(notifyObj, newLogin); + else + this._pwmgr.addLogin(newLogin); + } else if (password != selectedLogin.password) { + this.log("Updating password for " + username + + " @ " + hostname + " (" + httpRealm + ")"); + if (notifyObj) + this._showChangeLoginNotification(notifyObj, + selectedLogin, newLogin); + else + this._updateLogin(selectedLogin, newLogin); + } else { + this.log("Login unchanged, no further action needed."); + this._updateLogin(selectedLogin); + } + } catch (e) { + Components.utils.reportError("LoginManagerPrompter: " + + "Fail2 in promptAuth: " + e + "\n"); + } + + return ok; + }, + + asyncPromptAuth : function (aChannel, aCallback, aContext, aLevel, aAuthInfo) { + var cancelable = null; + + try { + this.log("===== asyncPromptAuth called ====="); + + // If the user submits a login but it fails, we need to remove the + // notification bar that was displayed. Conveniently, the user will + // be prompted for authentication again, which brings us here. + this._removeLoginNotifications(); + + cancelable = this._newAsyncPromptConsumer(aCallback, aContext); + + var [hostname, httpRealm] = this._getAuthTarget(aChannel, aAuthInfo); + + var hashKey = aLevel + "|" + hostname + "|" + httpRealm; + this.log("Async prompt key = " + hashKey); + var asyncPrompt = this._factory._asyncPrompts[hashKey]; + if (asyncPrompt) { + this.log("Prompt bound to an existing one in the queue, callback = " + aCallback); + asyncPrompt.consumers.push(cancelable); + return cancelable; + } + + this.log("Adding new prompt to the queue, callback = " + aCallback); + asyncPrompt = { + consumers: [cancelable], + channel: aChannel, + authInfo: aAuthInfo, + level: aLevel, + inProgress : false, + prompter: this + }; + + this._factory._asyncPrompts[hashKey] = asyncPrompt; + this._factory._doAsyncPrompt(); + } catch (e) { + Components.utils.reportError("LoginManagerPrompter: " + + "asyncPromptAuth: " + e + "\nFalling back to promptAuth\n"); + // Fail the prompt operation to let the consumer fall back + // to synchronous promptAuth method + throw e; + } + + return cancelable; + }, + + + + + /* ---------- nsILoginManagerPrompter prompts ---------- */ + + + init : function (aWindow = null, aFactory = null) { + if (!aWindow) { + // There may be no applicable window e.g. in a Sandbox or JSM. + this._chromeWindow = null; + this._browser = null; + } else if (aWindow instanceof Ci.nsIDOMChromeWindow) { + this._chromeWindow = aWindow; + // needs to be set explicitly using setBrowser + this._browser = null; + } else { + let {win, browser} = this._getChromeWindow(aWindow); + this._chromeWindow = win; + this._browser = browser; + } + this._opener = null; + this._factory = aFactory || null; + + this.log("===== initialized ====="); + }, + + set browser(aBrowser) { + this._browser = aBrowser; + }, + + set opener(aOpener) { + this._opener = aOpener; + }, + + promptToSavePassword : function (aLogin) { + this.log("promptToSavePassword"); + var notifyObj = this._getPopupNote() || this._getNotifyBox(); + if (notifyObj) + this._showSaveLoginNotification(notifyObj, aLogin); + else + this._showSaveLoginDialog(aLogin); + }, + + /** + * Displays a notification bar. + */ + _showLoginNotification : function (aNotifyBox, aName, aText, aButtons) { + var oldBar = aNotifyBox.getNotificationWithValue(aName); + const priority = aNotifyBox.PRIORITY_INFO_MEDIUM; + + this.log("Adding new " + aName + " notification bar"); + var newBar = aNotifyBox.appendNotification( + aText, aName, "", + priority, aButtons); + + // The page we're going to hasn't loaded yet, so we want to persist + // across the first location change. + newBar.persistence++; + + // Sites like Gmail perform a funky redirect dance before you end up + // at the post-authentication page. I don't see a good way to + // heuristically determine when to ignore such location changes, so + // we'll try ignoring location changes based on a time interval. + newBar.timeout = Date.now() + 20000; // 20 seconds + + if (oldBar) { + this.log("(...and removing old " + aName + " notification bar)"); + aNotifyBox.removeNotification(oldBar); + } + }, + + /** + * Displays the PopupNotifications.jsm doorhanger for password save or change. + * + * @param {nsILoginInfo} login + * Login to save or change. For changes, this login should contain the + * new password. + * @param {string} type + * This is "password-save" or "password-change" depending on the + * original notification type. This is used for telemetry and tests. + */ + _showLoginCaptureDoorhanger(login, type) { + let { browser } = this._getNotifyWindow(); + + let saveMsgNames = { + prompt: login.username === "" ? "rememberLoginMsgNoUser" + : "rememberLoginMsg", + buttonLabel: "rememberLoginButtonText", + buttonAccessKey: "rememberLoginButtonAccessKey", + }; + + let changeMsgNames = { + prompt: login.username === "" ? "updateLoginMsgNoUser" + : "updateLoginMsg", + buttonLabel: "updateLoginButtonText", + buttonAccessKey: "updateLoginButtonAccessKey", + }; + + let initialMsgNames = type == "password-save" ? saveMsgNames + : changeMsgNames; + + let brandBundle = Services.strings.createBundle(BRAND_BUNDLE); + let brandShortName = brandBundle.GetStringFromName("brandShortName"); + let promptMsg = type == "password-save" ? this._getLocalizedString(saveMsgNames.prompt, [brandShortName]) + : this._getLocalizedString(changeMsgNames.prompt); + + let histogramName = type == "password-save" ? "PWMGR_PROMPT_REMEMBER_ACTION" + : "PWMGR_PROMPT_UPDATE_ACTION"; + let histogram = Services.telemetry.getHistogramById(histogramName); + histogram.add(PROMPT_DISPLAYED); + + let chromeDoc = browser.ownerDocument; + + let currentNotification; + + let updateButtonStatus = (element) => { + let mainActionButton = chromeDoc.getAnonymousElementByAttribute(element.button, "anonid", "button"); + // Disable the main button inside the menu-button if the password field is empty. + if (login.password.length == 0) { + mainActionButton.setAttribute("disabled", true); + chromeDoc.getElementById("password-notification-password") + .classList.add("popup-notification-invalid-input"); + } else { + mainActionButton.removeAttribute("disabled"); + chromeDoc.getElementById("password-notification-password") + .classList.remove("popup-notification-invalid-input"); + } + }; + + let updateButtonLabel = () => { + let foundLogins = LoginHelper.searchLoginsWithObject({ + formSubmitURL: login.formSubmitURL, + hostname: login.hostname, + httpRealm: login.httpRealm, + schemeUpgrades: LoginHelper.schemeUpgrades, + }); + + let logins = this._filterUpdatableLogins(login, foundLogins); + let msgNames = (logins.length == 0) ? saveMsgNames : changeMsgNames; + + // Update the label based on whether this will be a new login or not. + let label = this._getLocalizedString(msgNames.buttonLabel); + let accessKey = this._getLocalizedString(msgNames.buttonAccessKey); + + // Update the labels for the next time the panel is opened. + currentNotification.mainAction.label = label; + currentNotification.mainAction.accessKey = accessKey; + + // Update the labels in real time if the notification is displayed. + let element = [...currentNotification.owner.panel.childNodes] + .find(n => n.notification == currentNotification); + if (element) { + element.setAttribute("buttonlabel", label); + element.setAttribute("buttonaccesskey", accessKey); + updateButtonStatus(element); + } + }; + + let writeDataToUI = () => { + // setAttribute is used since the <textbox> binding may not be attached yet. + chromeDoc.getElementById("password-notification-username") + .setAttribute("placeholder", usernamePlaceholder); + chromeDoc.getElementById("password-notification-username") + .setAttribute("value", login.username); + + let toggleCheckbox = chromeDoc.getElementById("password-notification-visibilityToggle"); + toggleCheckbox.removeAttribute("checked"); + let passwordField = chromeDoc.getElementById("password-notification-password"); + // Ensure the type is reset so the field is masked. + passwordField.setAttribute("type", "password"); + passwordField.setAttribute("value", login.password); + updateButtonLabel(); + }; + + let readDataFromUI = () => { + login.username = + chromeDoc.getElementById("password-notification-username").value; + login.password = + chromeDoc.getElementById("password-notification-password").value; + }; + + let onInput = () => { + readDataFromUI(); + updateButtonLabel(); + }; + + let onVisibilityToggle = (commandEvent) => { + let passwordField = chromeDoc.getElementById("password-notification-password"); + // Gets the caret position before changing the type of the textbox + let selectionStart = passwordField.selectionStart; + let selectionEnd = passwordField.selectionEnd; + passwordField.setAttribute("type", commandEvent.target.checked ? "" : "password"); + if (!passwordField.hasAttribute("focused")) { + return; + } + passwordField.selectionStart = selectionStart; + passwordField.selectionEnd = selectionEnd; + }; + + let persistData = () => { + let foundLogins = LoginHelper.searchLoginsWithObject({ + formSubmitURL: login.formSubmitURL, + hostname: login.hostname, + httpRealm: login.httpRealm, + schemeUpgrades: LoginHelper.schemeUpgrades, + }); + + let logins = this._filterUpdatableLogins(login, foundLogins); + + if (logins.length == 0) { + // The original login we have been provided with might have its own + // metadata, but we don't want it propagated to the newly created one. + Services.logins.addLogin(new LoginInfo(login.hostname, + login.formSubmitURL, + login.httpRealm, + login.username, + login.password, + login.usernameField, + login.passwordField)); + } else if (logins.length == 1) { + if (logins[0].password == login.password && + logins[0].username == login.username) { + // We only want to touch the login's use count and last used time. + this._updateLogin(logins[0]); + } else { + this._updateLogin(logins[0], login); + } + } else { + Cu.reportError("Unexpected match of multiple logins."); + } + }; + + // The main action is the "Remember" or "Update" button. + let mainAction = { + label: this._getLocalizedString(initialMsgNames.buttonLabel), + accessKey: this._getLocalizedString(initialMsgNames.buttonAccessKey), + callback: () => { + histogram.add(PROMPT_ADD_OR_UPDATE); + if (histogramName == "PWMGR_PROMPT_REMEMBER_ACTION") { + Services.obs.notifyObservers(null, 'LoginStats:NewSavedPassword', null); + } + readDataFromUI(); + persistData(); + browser.focus(); + } + }; + + // Include a "Never for this site" button when saving a new password. + let secondaryActions = type == "password-save" ? [{ + label: this._getLocalizedString("notifyBarNeverRememberButtonText"), + accessKey: this._getLocalizedString("notifyBarNeverRememberButtonAccessKey"), + callback: () => { + histogram.add(PROMPT_NEVER); + Services.logins.setLoginSavingEnabled(login.hostname, false); + browser.focus(); + } + }] : null; + + let usernamePlaceholder = this._getLocalizedString("noUsernamePlaceholder"); + let togglePasswordLabel = this._getLocalizedString("togglePasswordLabel"); + let togglePasswordAccessKey = this._getLocalizedString("togglePasswordAccessKey"); + + this._getPopupNote().show( + browser, + "password", + promptMsg, + "password-notification-icon", + mainAction, + secondaryActions, + { + timeout: Date.now() + 10000, + displayURI: Services.io.newURI(login.hostname, null, null), + persistWhileVisible: true, + passwordNotificationType: type, + eventCallback: function (topic) { + switch (topic) { + case "showing": + currentNotification = this; + chromeDoc.getElementById("password-notification-password") + .removeAttribute("focused"); + chromeDoc.getElementById("password-notification-username") + .removeAttribute("focused"); + chromeDoc.getElementById("password-notification-username") + .addEventListener("input", onInput); + chromeDoc.getElementById("password-notification-password") + .addEventListener("input", onInput); + let toggleBtn = chromeDoc.getElementById("password-notification-visibilityToggle"); + + if (Services.prefs.getBoolPref("signon.rememberSignons.visibilityToggle")) { + toggleBtn.addEventListener("command", onVisibilityToggle); + toggleBtn.setAttribute("label", togglePasswordLabel); + toggleBtn.setAttribute("accesskey", togglePasswordAccessKey); + toggleBtn.setAttribute("hidden", LoginHelper.isMasterPasswordSet()); + } + if (this.wasDismissed) { + chromeDoc.getElementById("password-notification-visibilityToggle") + .setAttribute("hidden", true); + } + break; + case "shown": + writeDataToUI(); + break; + case "dismissed": + this.wasDismissed = true; + readDataFromUI(); + // Fall through. + case "removed": + currentNotification = null; + chromeDoc.getElementById("password-notification-username") + .removeEventListener("input", onInput); + chromeDoc.getElementById("password-notification-password") + .removeEventListener("input", onInput); + chromeDoc.getElementById("password-notification-visibilityToggle") + .removeEventListener("command", onVisibilityToggle); + break; + } + return false; + }, + } + ); + }, + + /** + * Displays a notification bar or a popup notification, to allow the user + * to save the specified login. This allows the user to see the results of + * their login, and only save a login which they know worked. + * + * @param aNotifyObj + * A notification box or a popup notification. + * @param aLogin + * The login captured from the form. + */ + _showSaveLoginNotification : function (aNotifyObj, aLogin) { + // Ugh. We can't use the strings from the popup window, because they + // have the access key marked in the string (eg "Mo&zilla"), along + // with some weird rules for handling access keys that do not occur + // in the string, for L10N. See commonDialog.js's setLabelForNode(). + var neverButtonText = + this._getLocalizedString("notifyBarNeverRememberButtonText"); + var neverButtonAccessKey = + this._getLocalizedString("notifyBarNeverRememberButtonAccessKey"); + var rememberButtonText = + this._getLocalizedString("notifyBarRememberPasswordButtonText"); + var rememberButtonAccessKey = + this._getLocalizedString("notifyBarRememberPasswordButtonAccessKey"); + + var displayHost = this._getShortDisplayHost(aLogin.hostname); + var notificationText = this._getLocalizedString( + "rememberPasswordMsgNoUsername", + [displayHost]); + + // The callbacks in |buttons| have a closure to access the variables + // in scope here; set one to |this._pwmgr| so we can get back to pwmgr + // without a getService() call. + var pwmgr = this._pwmgr; + + // Notification is a PopupNotification + if (aNotifyObj == this._getPopupNote()) { + this._showLoginCaptureDoorhanger(aLogin, "password-save"); + } else { + var notNowButtonText = + this._getLocalizedString("notifyBarNotNowButtonText"); + var notNowButtonAccessKey = + this._getLocalizedString("notifyBarNotNowButtonAccessKey"); + var buttons = [ + // "Remember" button + { + label: rememberButtonText, + accessKey: rememberButtonAccessKey, + popup: null, + callback: function(aNotifyObj, aButton) { + pwmgr.addLogin(aLogin); + } + }, + + // "Never for this site" button + { + label: neverButtonText, + accessKey: neverButtonAccessKey, + popup: null, + callback: function(aNotifyObj, aButton) { + pwmgr.setLoginSavingEnabled(aLogin.hostname, false); + } + }, + + // "Not now" button + { + label: notNowButtonText, + accessKey: notNowButtonAccessKey, + popup: null, + callback: function() { /* NOP */ } + } + ]; + + this._showLoginNotification(aNotifyObj, "password-save", + notificationText, buttons); + } + + Services.obs.notifyObservers(aLogin, "passwordmgr-prompt-save", null); + }, + + _removeLoginNotifications : function () { + var popupNote = this._getPopupNote(); + if (popupNote) + popupNote = popupNote.getNotification("password"); + if (popupNote) + popupNote.remove(); + + var notifyBox = this._getNotifyBox(); + if (notifyBox) { + var oldBar = notifyBox.getNotificationWithValue("password-save"); + if (oldBar) { + this.log("Removing save-password notification bar."); + notifyBox.removeNotification(oldBar); + } + + oldBar = notifyBox.getNotificationWithValue("password-change"); + if (oldBar) { + this.log("Removing change-password notification bar."); + notifyBox.removeNotification(oldBar); + } + } + }, + + + /** + * Called when we detect a new login in a form submission, + * asks the user what to do. + */ + _showSaveLoginDialog : function (aLogin) { + const buttonFlags = Ci.nsIPrompt.BUTTON_POS_1_DEFAULT + + (Ci.nsIPrompt.BUTTON_TITLE_IS_STRING * Ci.nsIPrompt.BUTTON_POS_0) + + (Ci.nsIPrompt.BUTTON_TITLE_IS_STRING * Ci.nsIPrompt.BUTTON_POS_1) + + (Ci.nsIPrompt.BUTTON_TITLE_IS_STRING * Ci.nsIPrompt.BUTTON_POS_2); + + var displayHost = this._getShortDisplayHost(aLogin.hostname); + + var dialogText; + if (aLogin.username) { + var displayUser = this._sanitizeUsername(aLogin.username); + dialogText = this._getLocalizedString( + "rememberPasswordMsg", + [displayUser, displayHost]); + } else { + dialogText = this._getLocalizedString( + "rememberPasswordMsgNoUsername", + [displayHost]); + + } + var dialogTitle = this._getLocalizedString( + "savePasswordTitle"); + var neverButtonText = this._getLocalizedString( + "neverForSiteButtonText"); + var rememberButtonText = this._getLocalizedString( + "rememberButtonText"); + var notNowButtonText = this._getLocalizedString( + "notNowButtonText"); + + this.log("Prompting user to save/ignore login"); + var userChoice = this._promptService.confirmEx(this._chromeWindow, + dialogTitle, dialogText, + buttonFlags, rememberButtonText, + notNowButtonText, neverButtonText, + null, {}); + // Returns: + // 0 - Save the login + // 1 - Ignore the login this time + // 2 - Never save logins for this site + if (userChoice == 2) { + this.log("Disabling " + aLogin.hostname + " logins by request."); + this._pwmgr.setLoginSavingEnabled(aLogin.hostname, false); + } else if (userChoice == 0) { + this.log("Saving login for " + aLogin.hostname); + this._pwmgr.addLogin(aLogin); + } else { + // userChoice == 1 --> just ignore the login. + this.log("Ignoring login."); + } + + Services.obs.notifyObservers(aLogin, "passwordmgr-prompt-save", null); + }, + + + /** + * Called when we think we detect a password or username change for + * an existing login, when the form being submitted contains multiple + * password fields. + * + * @param {nsILoginInfo} aOldLogin + * The old login we may want to update. + * @param {nsILoginInfo} aNewLogin + * The new login from the page form. + */ + promptToChangePassword(aOldLogin, aNewLogin) { + this.log("promptToChangePassword"); + let notifyObj = this._getPopupNote() || this._getNotifyBox(); + + if (notifyObj) { + this._showChangeLoginNotification(notifyObj, aOldLogin, + aNewLogin); + } else { + this._showChangeLoginDialog(aOldLogin, aNewLogin); + } + }, + + /** + * Shows the Change Password notification bar or popup notification. + * + * @param aNotifyObj + * A notification box or a popup notification. + * + * @param aOldLogin + * The stored login we want to update. + * + * @param aNewLogin + * The login object with the changes we want to make. + */ + _showChangeLoginNotification(aNotifyObj, aOldLogin, aNewLogin) { + var changeButtonText = + this._getLocalizedString("notifyBarUpdateButtonText"); + var changeButtonAccessKey = + this._getLocalizedString("notifyBarUpdateButtonAccessKey"); + + // We reuse the existing message, even if it expects a username, until we + // switch to the final terminology in bug 1144856. + var displayHost = this._getShortDisplayHost(aOldLogin.hostname); + var notificationText = this._getLocalizedString("updatePasswordMsg", + [displayHost]); + + // The callbacks in |buttons| have a closure to access the variables + // in scope here; set one to |this._pwmgr| so we can get back to pwmgr + // without a getService() call. + var self = this; + + // Notification is a PopupNotification + if (aNotifyObj == this._getPopupNote()) { + aOldLogin.hostname = aNewLogin.hostname; + aOldLogin.formSubmitURL = aNewLogin.formSubmitURL; + aOldLogin.password = aNewLogin.password; + aOldLogin.username = aNewLogin.username; + this._showLoginCaptureDoorhanger(aOldLogin, "password-change"); + } else { + var dontChangeButtonText = + this._getLocalizedString("notifyBarDontChangeButtonText"); + var dontChangeButtonAccessKey = + this._getLocalizedString("notifyBarDontChangeButtonAccessKey"); + var buttons = [ + // "Yes" button + { + label: changeButtonText, + accessKey: changeButtonAccessKey, + popup: null, + callback: function(aNotifyObj, aButton) { + self._updateLogin(aOldLogin, aNewLogin); + } + }, + + // "No" button + { + label: dontChangeButtonText, + accessKey: dontChangeButtonAccessKey, + popup: null, + callback: function(aNotifyObj, aButton) { + // do nothing + } + } + ]; + + this._showLoginNotification(aNotifyObj, "password-change", + notificationText, buttons); + } + + let oldGUID = aOldLogin.QueryInterface(Ci.nsILoginMetaInfo).guid; + Services.obs.notifyObservers(aNewLogin, "passwordmgr-prompt-change", oldGUID); + }, + + + /** + * Shows the Change Password dialog. + */ + _showChangeLoginDialog(aOldLogin, aNewLogin) { + const buttonFlags = Ci.nsIPrompt.STD_YES_NO_BUTTONS; + + var dialogText; + if (aOldLogin.username) + dialogText = this._getLocalizedString( + "updatePasswordMsg", + [aOldLogin.username]); + else + dialogText = this._getLocalizedString( + "updatePasswordMsgNoUser"); + + var dialogTitle = this._getLocalizedString( + "passwordChangeTitle"); + + // returns 0 for yes, 1 for no. + var ok = !this._promptService.confirmEx(this._chromeWindow, + dialogTitle, dialogText, buttonFlags, + null, null, null, + null, {}); + if (ok) { + this.log("Updating password for user " + aOldLogin.username); + this._updateLogin(aOldLogin, aNewLogin); + } + + let oldGUID = aOldLogin.QueryInterface(Ci.nsILoginMetaInfo).guid; + Services.obs.notifyObservers(aNewLogin, "passwordmgr-prompt-change", oldGUID); + }, + + + /** + * Called when we detect a password change in a form submission, but we + * don't know which existing login (username) it's for. Asks the user + * to select a username and confirm the password change. + * + * Note: The caller doesn't know the username for aNewLogin, so this + * function fills in .username and .usernameField with the values + * from the login selected by the user. + * + * Note; XPCOM stupidity: |count| is just |logins.length|. + */ + promptToChangePasswordWithUsernames : function (logins, count, aNewLogin) { + this.log("promptToChangePasswordWithUsernames with count:", count); + + var usernames = logins.map(l => l.username); + var dialogText = this._getLocalizedString("userSelectText"); + var dialogTitle = this._getLocalizedString("passwordChangeTitle"); + var selectedIndex = { value: null }; + + // If user selects ok, outparam.value is set to the index + // of the selected username. + var ok = this._promptService.select(this._chromeWindow, + dialogTitle, dialogText, + usernames.length, usernames, + selectedIndex); + if (ok) { + // Now that we know which login to use, modify its password. + var selectedLogin = logins[selectedIndex.value]; + this.log("Updating password for user " + selectedLogin.username); + var newLoginWithUsername = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + newLoginWithUsername.init(aNewLogin.hostname, + aNewLogin.formSubmitURL, aNewLogin.httpRealm, + selectedLogin.username, aNewLogin.password, + selectedLogin.userNameField, aNewLogin.passwordField); + this._updateLogin(selectedLogin, newLoginWithUsername); + } + }, + + + + + /* ---------- Internal Methods ---------- */ + + + + + _updateLogin(login, aNewLogin = null) { + var now = Date.now(); + var propBag = Cc["@mozilla.org/hash-property-bag;1"]. + createInstance(Ci.nsIWritablePropertyBag); + if (aNewLogin) { + propBag.setProperty("formSubmitURL", aNewLogin.formSubmitURL); + propBag.setProperty("hostname", aNewLogin.hostname); + propBag.setProperty("password", aNewLogin.password); + propBag.setProperty("username", aNewLogin.username); + // Explicitly set the password change time here (even though it would + // be changed automatically), to ensure that it's exactly the same + // value as timeLastUsed. + propBag.setProperty("timePasswordChanged", now); + } + propBag.setProperty("timeLastUsed", now); + propBag.setProperty("timesUsedIncrement", 1); + this._pwmgr.modifyLogin(login, propBag); + }, + + /** + * Given a content DOM window, returns the chrome window and browser it's in. + */ + _getChromeWindow: function (aWindow) { + let windows = Services.wm.getEnumerator(null); + while (windows.hasMoreElements()) { + let win = windows.getNext(); + let browser = win.gBrowser.getBrowserForContentWindow(aWindow); + if (browser) { + return { win, browser }; + } + } + return null; + }, + + _getNotifyWindow: function () { + // Some sites pop up a temporary login window, which disappears + // upon submission of credentials. We want to put the notification + // bar in the opener window if this seems to be happening. + if (this._opener) { + let chromeDoc = this._chromeWindow.document.documentElement; + + // Check to see if the current window was opened with chrome + // disabled, and if so use the opener window. But if the window + // has been used to visit other pages (ie, has a history), + // assume it'll stick around and *don't* use the opener. + if (chromeDoc.getAttribute("chromehidden") && !this._browser.canGoBack) { + this.log("Using opener window for notification bar."); + return this._getChromeWindow(this._opener); + } + } + + return { win: this._chromeWindow, browser: this._browser }; + }, + + /** + * Returns the popup notification to this prompter, + * or null if there isn't one available. + */ + _getPopupNote : function () { + let popupNote = null; + + try { + let { win: notifyWin } = this._getNotifyWindow(); + + // .wrappedJSObject needed here -- see bug 422974 comment 5. + popupNote = notifyWin.wrappedJSObject.PopupNotifications; + } catch (e) { + this.log("Popup notifications not available on window"); + } + + return popupNote; + }, + + + /** + * Returns the notification box to this prompter, or null if there isn't + * a notification box available. + */ + _getNotifyBox : function () { + let notifyBox = null; + + try { + let { win: notifyWin } = this._getNotifyWindow(); + + // .wrappedJSObject needed here -- see bug 422974 comment 5. + notifyBox = notifyWin.wrappedJSObject.getNotificationBox(notifyWin); + } catch (e) { + this.log("Notification bars not available on window"); + } + + return notifyBox; + }, + + + /** + * The user might enter a login that isn't the one we prefilled, but + * is the same as some other existing login. So, pick a login with a + * matching username, or return null. + */ + _repickSelectedLogin : function (foundLogins, username) { + for (var i = 0; i < foundLogins.length; i++) + if (foundLogins[i].username == username) + return foundLogins[i]; + return null; + }, + + + /** + * Can be called as: + * _getLocalizedString("key1"); + * _getLocalizedString("key2", ["arg1"]); + * _getLocalizedString("key3", ["arg1", "arg2"]); + * (etc) + * + * Returns the localized string for the specified key, + * formatted if required. + * + */ + _getLocalizedString : function (key, formatArgs) { + if (formatArgs) + return this._strBundle.formatStringFromName( + key, formatArgs, formatArgs.length); + return this._strBundle.GetStringFromName(key); + }, + + + /** + * Sanitizes the specified username, by stripping quotes and truncating if + * it's too long. This helps prevent an evil site from messing with the + * "save password?" prompt too much. + */ + _sanitizeUsername : function (username) { + if (username.length > 30) { + username = username.substring(0, 30); + username += this._ellipsis; + } + return username.replace(/['"]/g, ""); + }, + + + /** + * The aURI parameter may either be a string uri, or an nsIURI instance. + * + * Returns the hostname to use in a nsILoginInfo object (for example, + * "http://example.com"). + */ + _getFormattedHostname : function (aURI) { + let uri; + if (aURI instanceof Ci.nsIURI) { + uri = aURI; + } else { + uri = Services.io.newURI(aURI, null, null); + } + + return uri.scheme + "://" + uri.hostPort; + }, + + + /** + * Converts a login's hostname field (a URL) to a short string for + * prompting purposes. Eg, "http://foo.com" --> "foo.com", or + * "ftp://www.site.co.uk" --> "site.co.uk". + */ + _getShortDisplayHost: function (aURIString) { + var displayHost; + + var eTLDService = Cc["@mozilla.org/network/effective-tld-service;1"]. + getService(Ci.nsIEffectiveTLDService); + var idnService = Cc["@mozilla.org/network/idn-service;1"]. + getService(Ci.nsIIDNService); + try { + var uri = Services.io.newURI(aURIString, null, null); + var baseDomain = eTLDService.getBaseDomain(uri); + displayHost = idnService.convertToDisplayIDN(baseDomain, {}); + } catch (e) { + this.log("_getShortDisplayHost couldn't process " + aURIString); + } + + if (!displayHost) + displayHost = aURIString; + + return displayHost; + }, + + + /** + * Returns the hostname and realm for which authentication is being + * requested, in the format expected to be used with nsILoginInfo. + */ + _getAuthTarget : function (aChannel, aAuthInfo) { + var hostname, realm; + + // If our proxy is demanding authentication, don't use the + // channel's actual destination. + if (aAuthInfo.flags & Ci.nsIAuthInformation.AUTH_PROXY) { + this.log("getAuthTarget is for proxy auth"); + if (!(aChannel instanceof Ci.nsIProxiedChannel)) + throw new Error("proxy auth needs nsIProxiedChannel"); + + var info = aChannel.proxyInfo; + if (!info) + throw new Error("proxy auth needs nsIProxyInfo"); + + // Proxies don't have a scheme, but we'll use "moz-proxy://" + // so that it's more obvious what the login is for. + var idnService = Cc["@mozilla.org/network/idn-service;1"]. + getService(Ci.nsIIDNService); + hostname = "moz-proxy://" + + idnService.convertUTF8toACE(info.host) + + ":" + info.port; + realm = aAuthInfo.realm; + if (!realm) + realm = hostname; + + return [hostname, realm]; + } + + hostname = this._getFormattedHostname(aChannel.URI); + + // If a HTTP WWW-Authenticate header specified a realm, that value + // will be available here. If it wasn't set or wasn't HTTP, we'll use + // the formatted hostname instead. + realm = aAuthInfo.realm; + if (!realm) + realm = hostname; + + return [hostname, realm]; + }, + + + /** + * Returns [username, password] as extracted from aAuthInfo (which + * holds this info after having prompted the user). + * + * If the authentication was for a Windows domain, we'll prepend the + * return username with the domain. (eg, "domain\user") + */ + _GetAuthInfo : function (aAuthInfo) { + var username, password; + + var flags = aAuthInfo.flags; + if (flags & Ci.nsIAuthInformation.NEED_DOMAIN && aAuthInfo.domain) + username = aAuthInfo.domain + "\\" + aAuthInfo.username; + else + username = aAuthInfo.username; + + password = aAuthInfo.password; + + return [username, password]; + }, + + + /** + * Given a username (possibly in DOMAIN\user form) and password, parses the + * domain out of the username if necessary and sets domain, username and + * password on the auth information object. + */ + _SetAuthInfo : function (aAuthInfo, username, password) { + var flags = aAuthInfo.flags; + if (flags & Ci.nsIAuthInformation.NEED_DOMAIN) { + // Domain is separated from username by a backslash + var idx = username.indexOf("\\"); + if (idx == -1) { + aAuthInfo.username = username; + } else { + aAuthInfo.domain = username.substring(0, idx); + aAuthInfo.username = username.substring(idx + 1); + } + } else { + aAuthInfo.username = username; + } + aAuthInfo.password = password; + }, + + _newAsyncPromptConsumer : function(aCallback, aContext) { + return { + QueryInterface: XPCOMUtils.generateQI([Ci.nsICancelable]), + callback: aCallback, + context: aContext, + cancel: function() { + this.callback.onAuthCancelled(this.context, false); + this.callback = null; + this.context = null; + } + }; + }, + + /** + * This function looks for existing logins that can be updated + * to match a submitted login, instead of creating a new one. + * + * Given a login and a loginList, it filters the login list + * to find every login with either the same username as aLogin + * or with the same password as aLogin and an empty username + * so the user can add a username. + * + * @param {nsILoginInfo} aLogin + * login to use as filter. + * @param {nsILoginInfo[]} aLoginList + * Array of logins to filter. + * @returns {nsILoginInfo[]} the filtered array of logins. + */ + _filterUpdatableLogins(aLogin, aLoginList) { + return aLoginList.filter(l => l.username == aLogin.username || + (l.password == aLogin.password && + !l.username)); + }, + +}; // end of LoginManagerPrompter implementation + +XPCOMUtils.defineLazyGetter(this.LoginManagerPrompter.prototype, "log", () => { + let logger = LoginHelper.createLogger("LoginManagerPrompter"); + return logger.log.bind(logger); +}); + +var component = [LoginManagerPromptFactory, LoginManagerPrompter]; +this.NSGetFactory = XPCOMUtils.generateNSGetFactory(component); diff --git a/toolkit/components/passwordmgr/passwordmgr.manifest b/toolkit/components/passwordmgr/passwordmgr.manifest new file mode 100644 index 000000000..72e9ccffb --- /dev/null +++ b/toolkit/components/passwordmgr/passwordmgr.manifest @@ -0,0 +1,17 @@ +component {cb9e0de8-3598-4ed7-857b-827f011ad5d8} nsLoginManager.js +contract @mozilla.org/login-manager;1 {cb9e0de8-3598-4ed7-857b-827f011ad5d8} +component {749e62f4-60ae-4569-a8a2-de78b649660e} nsLoginManagerPrompter.js +contract @mozilla.org/passwordmanager/authpromptfactory;1 {749e62f4-60ae-4569-a8a2-de78b649660e} +component {8aa66d77-1bbb-45a6-991e-b8f47751c291} nsLoginManagerPrompter.js +contract @mozilla.org/login-manager/prompter;1 {8aa66d77-1bbb-45a6-991e-b8f47751c291} +component {0f2f347c-1e4f-40cc-8efd-792dea70a85e} nsLoginInfo.js +contract @mozilla.org/login-manager/loginInfo;1 {0f2f347c-1e4f-40cc-8efd-792dea70a85e} +#ifdef ANDROID +component {8c2023b9-175c-477e-9761-44ae7b549756} storage-mozStorage.js +contract @mozilla.org/login-manager/storage/mozStorage;1 {8c2023b9-175c-477e-9761-44ae7b549756} +#else +component {c00c432d-a0c9-46d7-bef6-9c45b4d07341} storage-json.js +contract @mozilla.org/login-manager/storage/json;1 {c00c432d-a0c9-46d7-bef6-9c45b4d07341} +#endif +component {dc6c2976-0f73-4f1f-b9ff-3d72b4e28309} crypto-SDR.js +contract @mozilla.org/login-manager/crypto/SDR;1 {dc6c2976-0f73-4f1f-b9ff-3d72b4e28309}
\ No newline at end of file diff --git a/toolkit/components/passwordmgr/storage-json.js b/toolkit/components/passwordmgr/storage-json.js new file mode 100644 index 000000000..20834d45b --- /dev/null +++ b/toolkit/components/passwordmgr/storage-json.js @@ -0,0 +1,514 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* + * nsILoginManagerStorage implementation for the JSON back-end. + */ + +"use strict"; + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/Task.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginImport", + "resource://gre/modules/LoginImport.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginStore", + "resource://gre/modules/LoginStore.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "OS", + "resource://gre/modules/osfile.jsm"); + +XPCOMUtils.defineLazyServiceGetter(this, "gUUIDGenerator", + "@mozilla.org/uuid-generator;1", + "nsIUUIDGenerator"); + +this.LoginManagerStorage_json = function () {}; + +this.LoginManagerStorage_json.prototype = { + classID: Components.ID("{c00c432d-a0c9-46d7-bef6-9c45b4d07341}"), + QueryInterface: XPCOMUtils.generateQI([Ci.nsILoginManagerStorage]), + + __crypto: null, // nsILoginManagerCrypto service + get _crypto() { + if (!this.__crypto) + this.__crypto = Cc["@mozilla.org/login-manager/crypto/SDR;1"]. + getService(Ci.nsILoginManagerCrypto); + return this.__crypto; + }, + + initialize() { + try { + // Force initialization of the crypto module. + // See bug 717490 comment 17. + this._crypto; + + // Set the reference to LoginStore synchronously. + let jsonPath = OS.Path.join(OS.Constants.Path.profileDir, + "logins.json"); + this._store = new LoginStore(jsonPath); + + return Task.spawn(function* () { + // Load the data asynchronously. + this.log("Opening database at", this._store.path); + yield this._store.load(); + + // The import from previous versions operates the first time + // that this built-in storage back-end is used. This may be + // later than expected, in case add-ons have registered an + // alternate storage that disabled the default one. + try { + if (Services.prefs.getBoolPref("signon.importedFromSqlite")) { + return; + } + } catch (ex) { + // If the preference does not exist, we need to import. + } + + // Import only happens asynchronously. + let sqlitePath = OS.Path.join(OS.Constants.Path.profileDir, + "signons.sqlite"); + if (yield OS.File.exists(sqlitePath)) { + let loginImport = new LoginImport(this._store, sqlitePath); + // Failures during import, for example due to a corrupt + // file or a schema version that is too old, will not + // prevent us from marking the operation as completed. + // At the next startup, we will not try the import again. + yield loginImport.import().catch(Cu.reportError); + this._store.saveSoon(); + } + + // We won't attempt import again on next startup. + Services.prefs.setBoolPref("signon.importedFromSqlite", true); + }.bind(this)).catch(Cu.reportError); + } catch (e) { + this.log("Initialization failed:", e); + throw new Error("Initialization failed"); + } + }, + + /** + * Internal method used by regression tests only. It is called before + * replacing this storage module with a new instance. + */ + terminate() { + this._store._saver.disarm(); + return this._store._save(); + }, + + addLogin(login) { + this._store.ensureDataReady(); + + // Throws if there are bogus values. + LoginHelper.checkLoginValues(login); + + let [encUsername, encPassword, encType] = this._encryptLogin(login); + + // Clone the login, so we don't modify the caller's object. + let loginClone = login.clone(); + + // Initialize the nsILoginMetaInfo fields, unless the caller gave us values + loginClone.QueryInterface(Ci.nsILoginMetaInfo); + if (loginClone.guid) { + if (!this._isGuidUnique(loginClone.guid)) + throw new Error("specified GUID already exists"); + } else { + loginClone.guid = gUUIDGenerator.generateUUID().toString(); + } + + // Set timestamps + let currentTime = Date.now(); + if (!loginClone.timeCreated) + loginClone.timeCreated = currentTime; + if (!loginClone.timeLastUsed) + loginClone.timeLastUsed = currentTime; + if (!loginClone.timePasswordChanged) + loginClone.timePasswordChanged = currentTime; + if (!loginClone.timesUsed) + loginClone.timesUsed = 1; + + this._store.data.logins.push({ + id: this._store.data.nextId++, + hostname: loginClone.hostname, + httpRealm: loginClone.httpRealm, + formSubmitURL: loginClone.formSubmitURL, + usernameField: loginClone.usernameField, + passwordField: loginClone.passwordField, + encryptedUsername: encUsername, + encryptedPassword: encPassword, + guid: loginClone.guid, + encType: encType, + timeCreated: loginClone.timeCreated, + timeLastUsed: loginClone.timeLastUsed, + timePasswordChanged: loginClone.timePasswordChanged, + timesUsed: loginClone.timesUsed + }); + this._store.saveSoon(); + + // Send a notification that a login was added. + LoginHelper.notifyStorageChanged("addLogin", loginClone); + return loginClone; + }, + + removeLogin(login) { + this._store.ensureDataReady(); + + let [idToDelete, storedLogin] = this._getIdForLogin(login); + if (!idToDelete) + throw new Error("No matching logins"); + + let foundIndex = this._store.data.logins.findIndex(l => l.id == idToDelete); + if (foundIndex != -1) { + this._store.data.logins.splice(foundIndex, 1); + this._store.saveSoon(); + } + + LoginHelper.notifyStorageChanged("removeLogin", storedLogin); + }, + + modifyLogin(oldLogin, newLoginData) { + this._store.ensureDataReady(); + + let [idToModify, oldStoredLogin] = this._getIdForLogin(oldLogin); + if (!idToModify) + throw new Error("No matching logins"); + + let newLogin = LoginHelper.buildModifiedLogin(oldStoredLogin, newLoginData); + + // Check if the new GUID is duplicate. + if (newLogin.guid != oldStoredLogin.guid && + !this._isGuidUnique(newLogin.guid)) { + throw new Error("specified GUID already exists"); + } + + // Look for an existing entry in case key properties changed. + if (!newLogin.matches(oldLogin, true)) { + let logins = this.findLogins({}, newLogin.hostname, + newLogin.formSubmitURL, + newLogin.httpRealm); + + if (logins.some(login => newLogin.matches(login, true))) + throw new Error("This login already exists."); + } + + // Get the encrypted value of the username and password. + let [encUsername, encPassword, encType] = this._encryptLogin(newLogin); + + for (let loginItem of this._store.data.logins) { + if (loginItem.id == idToModify) { + loginItem.hostname = newLogin.hostname; + loginItem.httpRealm = newLogin.httpRealm; + loginItem.formSubmitURL = newLogin.formSubmitURL; + loginItem.usernameField = newLogin.usernameField; + loginItem.passwordField = newLogin.passwordField; + loginItem.encryptedUsername = encUsername; + loginItem.encryptedPassword = encPassword; + loginItem.guid = newLogin.guid; + loginItem.encType = encType; + loginItem.timeCreated = newLogin.timeCreated; + loginItem.timeLastUsed = newLogin.timeLastUsed; + loginItem.timePasswordChanged = newLogin.timePasswordChanged; + loginItem.timesUsed = newLogin.timesUsed; + this._store.saveSoon(); + break; + } + } + + LoginHelper.notifyStorageChanged("modifyLogin", [oldStoredLogin, newLogin]); + }, + + /** + * @return {nsILoginInfo[]} + */ + getAllLogins(count) { + let [logins, ids] = this._searchLogins({}); + + // decrypt entries for caller. + logins = this._decryptLogins(logins); + + this.log("_getAllLogins: returning", logins.length, "logins."); + if (count) + count.value = logins.length; // needed for XPCOM + return logins; + }, + + /** + * Public wrapper around _searchLogins to convert the nsIPropertyBag to a + * JavaScript object and decrypt the results. + * + * @return {nsILoginInfo[]} which are decrypted. + */ + searchLogins(count, matchData) { + let realMatchData = {}; + let options = {}; + // Convert nsIPropertyBag to normal JS object + let propEnum = matchData.enumerator; + while (propEnum.hasMoreElements()) { + let prop = propEnum.getNext().QueryInterface(Ci.nsIProperty); + switch (prop.name) { + // Some property names aren't field names but are special options to affect the search. + case "schemeUpgrades": { + options[prop.name] = prop.value; + break; + } + default: { + realMatchData[prop.name] = prop.value; + break; + } + } + } + + let [logins, ids] = this._searchLogins(realMatchData, options); + + // Decrypt entries found for the caller. + logins = this._decryptLogins(logins); + + count.value = logins.length; // needed for XPCOM + return logins; + }, + + /** + * Private method to perform arbitrary searches on any field. Decryption is + * left to the caller. + * + * Returns [logins, ids] for logins that match the arguments, where logins + * is an array of encrypted nsLoginInfo and ids is an array of associated + * ids in the database. + */ + _searchLogins(matchData, aOptions = { + schemeUpgrades: false, + }) { + this._store.ensureDataReady(); + + function match(aLogin) { + for (let field in matchData) { + let wantedValue = matchData[field]; + switch (field) { + case "formSubmitURL": + if (wantedValue != null) { + // Historical compatibility requires this special case + if (aLogin.formSubmitURL == "") { + break; + } + if (!LoginHelper.isOriginMatching(aLogin[field], wantedValue, aOptions)) { + return false; + } + break; + } + // fall through + case "hostname": + if (wantedValue != null) { // needed for formSubmitURL fall through + if (!LoginHelper.isOriginMatching(aLogin[field], wantedValue, aOptions)) { + return false; + } + break; + } + // fall through + // Normal cases. + case "httpRealm": + case "id": + case "usernameField": + case "passwordField": + case "encryptedUsername": + case "encryptedPassword": + case "guid": + case "encType": + case "timeCreated": + case "timeLastUsed": + case "timePasswordChanged": + case "timesUsed": + if (wantedValue == null && aLogin[field]) { + return false; + } else if (aLogin[field] != wantedValue) { + return false; + } + break; + // Fail if caller requests an unknown property. + default: + throw new Error("Unexpected field: " + field); + } + } + return true; + } + + let foundLogins = [], foundIds = []; + for (let loginItem of this._store.data.logins) { + if (match(loginItem)) { + // Create the new nsLoginInfo object, push to array + let login = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login.init(loginItem.hostname, loginItem.formSubmitURL, + loginItem.httpRealm, loginItem.encryptedUsername, + loginItem.encryptedPassword, loginItem.usernameField, + loginItem.passwordField); + // set nsILoginMetaInfo values + login.QueryInterface(Ci.nsILoginMetaInfo); + login.guid = loginItem.guid; + login.timeCreated = loginItem.timeCreated; + login.timeLastUsed = loginItem.timeLastUsed; + login.timePasswordChanged = loginItem.timePasswordChanged; + login.timesUsed = loginItem.timesUsed; + foundLogins.push(login); + foundIds.push(loginItem.id); + } + } + + this.log("_searchLogins: returning", foundLogins.length, "logins for", matchData, + "with options", aOptions); + return [foundLogins, foundIds]; + }, + + /** + * Removes all logins from storage. + */ + removeAllLogins() { + this._store.ensureDataReady(); + + this.log("Removing all logins"); + this._store.data.logins = []; + this._store.saveSoon(); + + LoginHelper.notifyStorageChanged("removeAllLogins", null); + }, + + findLogins(count, hostname, formSubmitURL, httpRealm) { + let loginData = { + hostname: hostname, + formSubmitURL: formSubmitURL, + httpRealm: httpRealm + }; + let matchData = { }; + for (let field of ["hostname", "formSubmitURL", "httpRealm"]) + if (loginData[field] != '') + matchData[field] = loginData[field]; + let [logins, ids] = this._searchLogins(matchData); + + // Decrypt entries found for the caller. + logins = this._decryptLogins(logins); + + this.log("_findLogins: returning", logins.length, "logins"); + count.value = logins.length; // needed for XPCOM + return logins; + }, + + countLogins(hostname, formSubmitURL, httpRealm) { + let loginData = { + hostname: hostname, + formSubmitURL: formSubmitURL, + httpRealm: httpRealm + }; + let matchData = { }; + for (let field of ["hostname", "formSubmitURL", "httpRealm"]) + if (loginData[field] != '') + matchData[field] = loginData[field]; + let [logins, ids] = this._searchLogins(matchData); + + this.log("_countLogins: counted logins:", logins.length); + return logins.length; + }, + + get uiBusy() { + return this._crypto.uiBusy; + }, + + get isLoggedIn() { + return this._crypto.isLoggedIn; + }, + + /** + * Returns an array with two items: [id, login]. If the login was not + * found, both items will be null. The returned login contains the actual + * stored login (useful for looking at the actual nsILoginMetaInfo values). + */ + _getIdForLogin(login) { + let matchData = { }; + for (let field of ["hostname", "formSubmitURL", "httpRealm"]) + if (login[field] != '') + matchData[field] = login[field]; + let [logins, ids] = this._searchLogins(matchData); + + let id = null; + let foundLogin = null; + + // The specified login isn't encrypted, so we need to ensure + // the logins we're comparing with are decrypted. We decrypt one entry + // at a time, lest _decryptLogins return fewer entries and screw up + // indices between the two. + for (let i = 0; i < logins.length; i++) { + let [decryptedLogin] = this._decryptLogins([logins[i]]); + + if (!decryptedLogin || !decryptedLogin.equals(login)) + continue; + + // We've found a match, set id and break + foundLogin = decryptedLogin; + id = ids[i]; + break; + } + + return [id, foundLogin]; + }, + + /** + * Checks to see if the specified GUID already exists. + */ + _isGuidUnique(guid) { + this._store.ensureDataReady(); + + return this._store.data.logins.every(l => l.guid != guid); + }, + + /** + * Returns the encrypted username, password, and encrypton type for the specified + * login. Can throw if the user cancels a master password entry. + */ + _encryptLogin(login) { + let encUsername = this._crypto.encrypt(login.username); + let encPassword = this._crypto.encrypt(login.password); + let encType = this._crypto.defaultEncType; + + return [encUsername, encPassword, encType]; + }, + + /** + * Decrypts username and password fields in the provided array of + * logins. + * + * The entries specified by the array will be decrypted, if possible. + * An array of successfully decrypted logins will be returned. The return + * value should be given to external callers (since still-encrypted + * entries are useless), whereas internal callers generally don't want + * to lose unencrypted entries (eg, because the user clicked Cancel + * instead of entering their master password) + */ + _decryptLogins(logins) { + let result = []; + + for (let login of logins) { + try { + login.username = this._crypto.decrypt(login.username); + login.password = this._crypto.decrypt(login.password); + } catch (e) { + // If decryption failed (corrupt entry?), just skip it. + // Rethrow other errors (like canceling entry of a master pw) + if (e.result == Cr.NS_ERROR_FAILURE) + continue; + throw e; + } + result.push(login); + } + + return result; + }, +}; + +XPCOMUtils.defineLazyGetter(this.LoginManagerStorage_json.prototype, "log", () => { + let logger = LoginHelper.createLogger("Login storage"); + return logger.log.bind(logger); +}); + +this.NSGetFactory = XPCOMUtils.generateNSGetFactory([LoginManagerStorage_json]); diff --git a/toolkit/components/passwordmgr/storage-mozStorage.js b/toolkit/components/passwordmgr/storage-mozStorage.js new file mode 100644 index 000000000..7fc9e57fd --- /dev/null +++ b/toolkit/components/passwordmgr/storage-mozStorage.js @@ -0,0 +1,1262 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; +const DB_VERSION = 6; // The database schema version +const PERMISSION_SAVE_LOGINS = "login-saving"; + +Components.utils.import("resource://gre/modules/XPCOMUtils.jsm"); +Components.utils.import("resource://gre/modules/Services.jsm"); +Components.utils.import("resource://gre/modules/Promise.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); + +/** + * Object that manages a database transaction properly so consumers don't have + * to worry about it throwing. + * + * @param aDatabase + * The mozIStorageConnection to start a transaction on. + */ +function Transaction(aDatabase) { + this._db = aDatabase; + + this._hasTransaction = false; + try { + this._db.beginTransaction(); + this._hasTransaction = true; + } catch (e) { /* om nom nom exceptions */ } +} + +Transaction.prototype = { + commit : function() { + if (this._hasTransaction) + this._db.commitTransaction(); + }, + + rollback : function() { + if (this._hasTransaction) + this._db.rollbackTransaction(); + }, +}; + + +function LoginManagerStorage_mozStorage() { } + +LoginManagerStorage_mozStorage.prototype = { + + classID : Components.ID("{8c2023b9-175c-477e-9761-44ae7b549756}"), + QueryInterface : XPCOMUtils.generateQI([Ci.nsILoginManagerStorage, + Ci.nsIInterfaceRequestor]), + getInterface : function(aIID) { + if (aIID.equals(Ci.nsIVariant)) { + // Allows unwrapping the JavaScript object for regression tests. + return this; + } + + if (aIID.equals(Ci.mozIStorageConnection)) { + return this._dbConnection; + } + + throw new Components.Exception("Interface not available", Cr.NS_ERROR_NO_INTERFACE); + }, + + __crypto : null, // nsILoginManagerCrypto service + get _crypto() { + if (!this.__crypto) + this.__crypto = Cc["@mozilla.org/login-manager/crypto/SDR;1"]. + getService(Ci.nsILoginManagerCrypto); + return this.__crypto; + }, + + __profileDir: null, // nsIFile for the user's profile dir + get _profileDir() { + if (!this.__profileDir) + this.__profileDir = Services.dirsvc.get("ProfD", Ci.nsIFile); + return this.__profileDir; + }, + + __storageService: null, // Storage service for using mozStorage + get _storageService() { + if (!this.__storageService) + this.__storageService = Cc["@mozilla.org/storage/service;1"]. + getService(Ci.mozIStorageService); + return this.__storageService; + }, + + __uuidService: null, + get _uuidService() { + if (!this.__uuidService) + this.__uuidService = Cc["@mozilla.org/uuid-generator;1"]. + getService(Ci.nsIUUIDGenerator); + return this.__uuidService; + }, + + + // The current database schema. + _dbSchema: { + tables: { + moz_logins: "id INTEGER PRIMARY KEY," + + "hostname TEXT NOT NULL," + + "httpRealm TEXT," + + "formSubmitURL TEXT," + + "usernameField TEXT NOT NULL," + + "passwordField TEXT NOT NULL," + + "encryptedUsername TEXT NOT NULL," + + "encryptedPassword TEXT NOT NULL," + + "guid TEXT," + + "encType INTEGER," + + "timeCreated INTEGER," + + "timeLastUsed INTEGER," + + "timePasswordChanged INTEGER," + + "timesUsed INTEGER", + // Changes must be reflected in this._dbAreExpectedColumnsPresent(), + // this._searchLogins(), and this.modifyLogin(). + + moz_disabledHosts: "id INTEGER PRIMARY KEY," + + "hostname TEXT UNIQUE ON CONFLICT REPLACE", + + moz_deleted_logins: "id INTEGER PRIMARY KEY," + + "guid TEXT," + + "timeDeleted INTEGER", + }, + indices: { + moz_logins_hostname_index: { + table: "moz_logins", + columns: ["hostname"] + }, + moz_logins_hostname_formSubmitURL_index: { + table: "moz_logins", + columns: ["hostname", "formSubmitURL"] + }, + moz_logins_hostname_httpRealm_index: { + table: "moz_logins", + columns: ["hostname", "httpRealm"] + }, + moz_logins_guid_index: { + table: "moz_logins", + columns: ["guid"] + }, + moz_logins_encType_index: { + table: "moz_logins", + columns: ["encType"] + } + } + }, + _dbConnection : null, // The database connection + _dbStmts : null, // Database statements for memoization + + _signonsFile : null, // nsIFile for "signons.sqlite" + + + /* + * Internal method used by regression tests only. It overrides the default + * database location. + */ + initWithFile : function(aDBFile) { + if (aDBFile) + this._signonsFile = aDBFile; + + this.initialize(); + }, + + + initialize : function () { + this._dbStmts = {}; + + let isFirstRun; + try { + // Force initialization of the crypto module. + // See bug 717490 comment 17. + this._crypto; + + // If initWithFile is calling us, _signonsFile may already be set. + if (!this._signonsFile) { + // Initialize signons.sqlite + this._signonsFile = this._profileDir.clone(); + this._signonsFile.append("signons.sqlite"); + } + this.log("Opening database at " + this._signonsFile.path); + + // Initialize the database (create, migrate as necessary) + isFirstRun = this._dbInit(); + + this._initialized = true; + + return Promise.resolve(); + } catch (e) { + this.log("Initialization failed: " + e); + // If the import fails on first run, we want to delete the db + if (isFirstRun && e == "Import failed") + this._dbCleanup(false); + throw new Error("Initialization failed"); + } + }, + + + /** + * Internal method used by regression tests only. It is called before + * replacing this storage module with a new instance. + */ + terminate : function () { + return Promise.resolve(); + }, + + + addLogin : function (login) { + // Throws if there are bogus values. + LoginHelper.checkLoginValues(login); + + let [encUsername, encPassword, encType] = this._encryptLogin(login); + + // Clone the login, so we don't modify the caller's object. + let loginClone = login.clone(); + + // Initialize the nsILoginMetaInfo fields, unless the caller gave us values + loginClone.QueryInterface(Ci.nsILoginMetaInfo); + if (loginClone.guid) { + if (!this._isGuidUnique(loginClone.guid)) + throw new Error("specified GUID already exists"); + } else { + loginClone.guid = this._uuidService.generateUUID().toString(); + } + + // Set timestamps + let currentTime = Date.now(); + if (!loginClone.timeCreated) + loginClone.timeCreated = currentTime; + if (!loginClone.timeLastUsed) + loginClone.timeLastUsed = currentTime; + if (!loginClone.timePasswordChanged) + loginClone.timePasswordChanged = currentTime; + if (!loginClone.timesUsed) + loginClone.timesUsed = 1; + + let query = + "INSERT INTO moz_logins " + + "(hostname, httpRealm, formSubmitURL, usernameField, " + + "passwordField, encryptedUsername, encryptedPassword, " + + "guid, encType, timeCreated, timeLastUsed, timePasswordChanged, " + + "timesUsed) " + + "VALUES (:hostname, :httpRealm, :formSubmitURL, :usernameField, " + + ":passwordField, :encryptedUsername, :encryptedPassword, " + + ":guid, :encType, :timeCreated, :timeLastUsed, " + + ":timePasswordChanged, :timesUsed)"; + + let params = { + hostname: loginClone.hostname, + httpRealm: loginClone.httpRealm, + formSubmitURL: loginClone.formSubmitURL, + usernameField: loginClone.usernameField, + passwordField: loginClone.passwordField, + encryptedUsername: encUsername, + encryptedPassword: encPassword, + guid: loginClone.guid, + encType: encType, + timeCreated: loginClone.timeCreated, + timeLastUsed: loginClone.timeLastUsed, + timePasswordChanged: loginClone.timePasswordChanged, + timesUsed: loginClone.timesUsed + }; + + let stmt; + try { + stmt = this._dbCreateStatement(query, params); + stmt.execute(); + } catch (e) { + this.log("addLogin failed: " + e.name + " : " + e.message); + throw new Error("Couldn't write to database, login not added."); + } finally { + if (stmt) { + stmt.reset(); + } + } + + // Send a notification that a login was added. + LoginHelper.notifyStorageChanged("addLogin", loginClone); + return loginClone; + }, + + + removeLogin : function (login) { + let [idToDelete, storedLogin] = this._getIdForLogin(login); + if (!idToDelete) + throw new Error("No matching logins"); + + // Execute the statement & remove from DB + let query = "DELETE FROM moz_logins WHERE id = :id"; + let params = { id: idToDelete }; + let stmt; + let transaction = new Transaction(this._dbConnection); + try { + stmt = this._dbCreateStatement(query, params); + stmt.execute(); + this.storeDeletedLogin(storedLogin); + transaction.commit(); + } catch (e) { + this.log("_removeLogin failed: " + e.name + " : " + e.message); + transaction.rollback(); + throw new Error("Couldn't write to database, login not removed."); + } finally { + if (stmt) { + stmt.reset(); + } + } + LoginHelper.notifyStorageChanged("removeLogin", storedLogin); + }, + + modifyLogin : function (oldLogin, newLoginData) { + let [idToModify, oldStoredLogin] = this._getIdForLogin(oldLogin); + if (!idToModify) + throw new Error("No matching logins"); + + let newLogin = LoginHelper.buildModifiedLogin(oldStoredLogin, newLoginData); + + // Check if the new GUID is duplicate. + if (newLogin.guid != oldStoredLogin.guid && + !this._isGuidUnique(newLogin.guid)) { + throw new Error("specified GUID already exists"); + } + + // Look for an existing entry in case key properties changed. + if (!newLogin.matches(oldLogin, true)) { + let logins = this.findLogins({}, newLogin.hostname, + newLogin.formSubmitURL, + newLogin.httpRealm); + + if (logins.some(login => newLogin.matches(login, true))) + throw new Error("This login already exists."); + } + + // Get the encrypted value of the username and password. + let [encUsername, encPassword, encType] = this._encryptLogin(newLogin); + + let query = + "UPDATE moz_logins " + + "SET hostname = :hostname, " + + "httpRealm = :httpRealm, " + + "formSubmitURL = :formSubmitURL, " + + "usernameField = :usernameField, " + + "passwordField = :passwordField, " + + "encryptedUsername = :encryptedUsername, " + + "encryptedPassword = :encryptedPassword, " + + "guid = :guid, " + + "encType = :encType, " + + "timeCreated = :timeCreated, " + + "timeLastUsed = :timeLastUsed, " + + "timePasswordChanged = :timePasswordChanged, " + + "timesUsed = :timesUsed " + + "WHERE id = :id"; + + let params = { + id: idToModify, + hostname: newLogin.hostname, + httpRealm: newLogin.httpRealm, + formSubmitURL: newLogin.formSubmitURL, + usernameField: newLogin.usernameField, + passwordField: newLogin.passwordField, + encryptedUsername: encUsername, + encryptedPassword: encPassword, + guid: newLogin.guid, + encType: encType, + timeCreated: newLogin.timeCreated, + timeLastUsed: newLogin.timeLastUsed, + timePasswordChanged: newLogin.timePasswordChanged, + timesUsed: newLogin.timesUsed + }; + + let stmt; + try { + stmt = this._dbCreateStatement(query, params); + stmt.execute(); + } catch (e) { + this.log("modifyLogin failed: " + e.name + " : " + e.message); + throw new Error("Couldn't write to database, login not modified."); + } finally { + if (stmt) { + stmt.reset(); + } + } + + LoginHelper.notifyStorageChanged("modifyLogin", [oldStoredLogin, newLogin]); + }, + + + /** + * Returns an array of nsILoginInfo. + */ + getAllLogins : function (count) { + let [logins, ids] = this._searchLogins({}); + + // decrypt entries for caller. + logins = this._decryptLogins(logins); + + this.log("_getAllLogins: returning " + logins.length + " logins."); + if (count) + count.value = logins.length; // needed for XPCOM + return logins; + }, + + + /** + * Public wrapper around _searchLogins to convert the nsIPropertyBag to a + * JavaScript object and decrypt the results. + * + * @return {nsILoginInfo[]} which are decrypted. + */ + searchLogins : function(count, matchData) { + let realMatchData = {}; + let options = {}; + // Convert nsIPropertyBag to normal JS object + let propEnum = matchData.enumerator; + while (propEnum.hasMoreElements()) { + let prop = propEnum.getNext().QueryInterface(Ci.nsIProperty); + switch (prop.name) { + // Some property names aren't field names but are special options to affect the search. + case "schemeUpgrades": { + options[prop.name] = prop.value; + break; + } + default: { + realMatchData[prop.name] = prop.value; + break; + } + } + } + + let [logins, ids] = this._searchLogins(realMatchData, options); + + // Decrypt entries found for the caller. + logins = this._decryptLogins(logins); + + count.value = logins.length; // needed for XPCOM + return logins; + }, + + + /** + * Private method to perform arbitrary searches on any field. Decryption is + * left to the caller. + * + * Returns [logins, ids] for logins that match the arguments, where logins + * is an array of encrypted nsLoginInfo and ids is an array of associated + * ids in the database. + */ + _searchLogins : function (matchData, aOptions = { + schemeUpgrades: false, + }) { + let conditions = [], params = {}; + + for (let field in matchData) { + let value = matchData[field]; + let condition = ""; + switch (field) { + case "formSubmitURL": + if (value != null) { + // Historical compatibility requires this special case + condition = "formSubmitURL = '' OR "; + } + // Fall through + case "hostname": + if (value != null) { + condition += `${field} = :${field}`; + params[field] = value; + let valueURI; + try { + if (aOptions.schemeUpgrades && (valueURI = Services.io.newURI(value, null, null)) && + valueURI.scheme == "https") { + condition += ` OR ${field} = :http${field}`; + params["http" + field] = "http://" + valueURI.hostPort; + } + } catch (ex) { + // newURI will throw for some values (e.g. chrome://FirefoxAccounts) + // but those URLs wouldn't support upgrades anyways. + } + break; + } + // Fall through + // Normal cases. + case "httpRealm": + case "id": + case "usernameField": + case "passwordField": + case "encryptedUsername": + case "encryptedPassword": + case "guid": + case "encType": + case "timeCreated": + case "timeLastUsed": + case "timePasswordChanged": + case "timesUsed": + if (value == null) { + condition = field + " isnull"; + } else { + condition = field + " = :" + field; + params[field] = value; + } + break; + // Fail if caller requests an unknown property. + default: + throw new Error("Unexpected field: " + field); + } + if (condition) { + conditions.push(condition); + } + } + + // Build query + let query = "SELECT * FROM moz_logins"; + if (conditions.length) { + conditions = conditions.map(c => "(" + c + ")"); + query += " WHERE " + conditions.join(" AND "); + } + + let stmt; + let logins = [], ids = []; + try { + stmt = this._dbCreateStatement(query, params); + // We can't execute as usual here, since we're iterating over rows + while (stmt.executeStep()) { + // Create the new nsLoginInfo object, push to array + let login = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login.init(stmt.row.hostname, stmt.row.formSubmitURL, + stmt.row.httpRealm, stmt.row.encryptedUsername, + stmt.row.encryptedPassword, stmt.row.usernameField, + stmt.row.passwordField); + // set nsILoginMetaInfo values + login.QueryInterface(Ci.nsILoginMetaInfo); + login.guid = stmt.row.guid; + login.timeCreated = stmt.row.timeCreated; + login.timeLastUsed = stmt.row.timeLastUsed; + login.timePasswordChanged = stmt.row.timePasswordChanged; + login.timesUsed = stmt.row.timesUsed; + logins.push(login); + ids.push(stmt.row.id); + } + } catch (e) { + this.log("_searchLogins failed: " + e.name + " : " + e.message); + } finally { + if (stmt) { + stmt.reset(); + } + } + + this.log("_searchLogins: returning " + logins.length + " logins"); + return [logins, ids]; + }, + + /** + * Moves a login to the deleted logins table + */ + storeDeletedLogin : function(aLogin) { + let stmt = null; + try { + this.log("Storing " + aLogin.guid + " in deleted passwords\n"); + let query = "INSERT INTO moz_deleted_logins (guid, timeDeleted) VALUES (:guid, :timeDeleted)"; + let params = { guid: aLogin.guid, + timeDeleted: Date.now() }; + let stmt = this._dbCreateStatement(query, params); + stmt.execute(); + } catch (ex) { + throw ex; + } finally { + if (stmt) + stmt.reset(); + } + }, + + + /** + * Removes all logins from storage. + */ + removeAllLogins : function () { + this.log("Removing all logins"); + let query; + let stmt; + let transaction = new Transaction(this._dbConnection); + + // Disabled hosts kept, as one presumably doesn't want to erase those. + // TODO: Add these items to the deleted items table once we've sorted + // out the issues from bug 756701 + query = "DELETE FROM moz_logins"; + try { + stmt = this._dbCreateStatement(query); + stmt.execute(); + transaction.commit(); + } catch (e) { + this.log("_removeAllLogins failed: " + e.name + " : " + e.message); + transaction.rollback(); + throw new Error("Couldn't write to database"); + } finally { + if (stmt) { + stmt.reset(); + } + } + + LoginHelper.notifyStorageChanged("removeAllLogins", null); + }, + + + findLogins : function (count, hostname, formSubmitURL, httpRealm) { + let loginData = { + hostname: hostname, + formSubmitURL: formSubmitURL, + httpRealm: httpRealm + }; + let matchData = { }; + for (let field of ["hostname", "formSubmitURL", "httpRealm"]) + if (loginData[field] != '') + matchData[field] = loginData[field]; + let [logins, ids] = this._searchLogins(matchData); + + // Decrypt entries found for the caller. + logins = this._decryptLogins(logins); + + this.log("_findLogins: returning " + logins.length + " logins"); + count.value = logins.length; // needed for XPCOM + return logins; + }, + + + countLogins : function (hostname, formSubmitURL, httpRealm) { + + let _countLoginsHelper = (hostname, formSubmitURL, httpRealm) => { + // Do checks for null and empty strings, adjust conditions and params + let [conditions, params] = + this._buildConditionsAndParams(hostname, formSubmitURL, httpRealm); + + let query = "SELECT COUNT(1) AS numLogins FROM moz_logins"; + if (conditions.length) { + conditions = conditions.map(c => "(" + c + ")"); + query += " WHERE " + conditions.join(" AND "); + } + + let stmt, numLogins; + try { + stmt = this._dbCreateStatement(query, params); + stmt.executeStep(); + numLogins = stmt.row.numLogins; + } catch (e) { + this.log("_countLogins failed: " + e.name + " : " + e.message); + } finally { + if (stmt) { + stmt.reset(); + } + } + return numLogins; + }; + + let resultLogins = _countLoginsHelper(hostname, formSubmitURL, httpRealm); + this.log("_countLogins: counted logins: " + resultLogins); + return resultLogins; + }, + + + get uiBusy() { + return this._crypto.uiBusy; + }, + + + get isLoggedIn() { + return this._crypto.isLoggedIn; + }, + + + /** + * Returns an array with two items: [id, login]. If the login was not + * found, both items will be null. The returned login contains the actual + * stored login (useful for looking at the actual nsILoginMetaInfo values). + */ + _getIdForLogin : function (login) { + let matchData = { }; + for (let field of ["hostname", "formSubmitURL", "httpRealm"]) + if (login[field] != '') + matchData[field] = login[field]; + let [logins, ids] = this._searchLogins(matchData); + + let id = null; + let foundLogin = null; + + // The specified login isn't encrypted, so we need to ensure + // the logins we're comparing with are decrypted. We decrypt one entry + // at a time, lest _decryptLogins return fewer entries and screw up + // indices between the two. + for (let i = 0; i < logins.length; i++) { + let [decryptedLogin] = this._decryptLogins([logins[i]]); + + if (!decryptedLogin || !decryptedLogin.equals(login)) + continue; + + // We've found a match, set id and break + foundLogin = decryptedLogin; + id = ids[i]; + break; + } + + return [id, foundLogin]; + }, + + + /** + * Adjusts the WHERE conditions and parameters for statements prior to the + * statement being created. This fixes the cases where nulls are involved + * and the empty string is supposed to be a wildcard match + */ + _buildConditionsAndParams : function (hostname, formSubmitURL, httpRealm) { + let conditions = [], params = {}; + + if (hostname == null) { + conditions.push("hostname isnull"); + } else if (hostname != '') { + conditions.push("hostname = :hostname"); + params["hostname"] = hostname; + } + + if (formSubmitURL == null) { + conditions.push("formSubmitURL isnull"); + } else if (formSubmitURL != '') { + conditions.push("formSubmitURL = :formSubmitURL OR formSubmitURL = ''"); + params["formSubmitURL"] = formSubmitURL; + } + + if (httpRealm == null) { + conditions.push("httpRealm isnull"); + } else if (httpRealm != '') { + conditions.push("httpRealm = :httpRealm"); + params["httpRealm"] = httpRealm; + } + + return [conditions, params]; + }, + + + /** + * Checks to see if the specified GUID already exists. + */ + _isGuidUnique : function (guid) { + let query = "SELECT COUNT(1) AS numLogins FROM moz_logins WHERE guid = :guid"; + let params = { guid: guid }; + + let stmt, numLogins; + try { + stmt = this._dbCreateStatement(query, params); + stmt.executeStep(); + numLogins = stmt.row.numLogins; + } catch (e) { + this.log("_isGuidUnique failed: " + e.name + " : " + e.message); + } finally { + if (stmt) { + stmt.reset(); + } + } + + return (numLogins == 0); + }, + + + /** + * Returns the encrypted username, password, and encrypton type for the specified + * login. Can throw if the user cancels a master password entry. + */ + _encryptLogin : function (login) { + let encUsername = this._crypto.encrypt(login.username); + let encPassword = this._crypto.encrypt(login.password); + let encType = this._crypto.defaultEncType; + + return [encUsername, encPassword, encType]; + }, + + + /** + * Decrypts username and password fields in the provided array of + * logins. + * + * The entries specified by the array will be decrypted, if possible. + * An array of successfully decrypted logins will be returned. The return + * value should be given to external callers (since still-encrypted + * entries are useless), whereas internal callers generally don't want + * to lose unencrypted entries (eg, because the user clicked Cancel + * instead of entering their master password) + */ + _decryptLogins : function (logins) { + let result = []; + + for (let login of logins) { + try { + login.username = this._crypto.decrypt(login.username); + login.password = this._crypto.decrypt(login.password); + } catch (e) { + // If decryption failed (corrupt entry?), just skip it. + // Rethrow other errors (like canceling entry of a master pw) + if (e.result == Cr.NS_ERROR_FAILURE) + continue; + throw e; + } + result.push(login); + } + + return result; + }, + + + // Database Creation & Access + + /** + * Creates a statement, wraps it, and then does parameter replacement + * Returns the wrapped statement for execution. Will use memoization + * so that statements can be reused. + */ + _dbCreateStatement : function (query, params) { + let wrappedStmt = this._dbStmts[query]; + // Memoize the statements + if (!wrappedStmt) { + this.log("Creating new statement for query: " + query); + wrappedStmt = this._dbConnection.createStatement(query); + this._dbStmts[query] = wrappedStmt; + } + // Replace parameters, must be done 1 at a time + if (params) + for (let i in params) + wrappedStmt.params[i] = params[i]; + return wrappedStmt; + }, + + + /** + * Attempts to initialize the database. This creates the file if it doesn't + * exist, performs any migrations, etc. Return if this is the first run. + */ + _dbInit : function () { + this.log("Initializing Database"); + let isFirstRun = false; + try { + this._dbConnection = this._storageService.openDatabase(this._signonsFile); + // Get the version of the schema in the file. It will be 0 if the + // database has not been created yet. + let version = this._dbConnection.schemaVersion; + if (version == 0) { + this._dbCreate(); + isFirstRun = true; + } else if (version != DB_VERSION) { + this._dbMigrate(version); + } + } catch (e) { + if (e.result == Cr.NS_ERROR_FILE_CORRUPTED) { + // Database is corrupted, so we backup the database, then throw + // causing initialization to fail and a new db to be created next use + this._dbCleanup(true); + } + throw e; + } + + Services.obs.addObserver(this, "profile-before-change", false); + return isFirstRun; + }, + + observe: function (subject, topic, data) { + switch (topic) { + case "profile-before-change": + Services.obs.removeObserver(this, "profile-before-change"); + this._dbClose(); + break; + } + }, + + _dbCreate: function () { + this.log("Creating Database"); + this._dbCreateSchema(); + this._dbConnection.schemaVersion = DB_VERSION; + }, + + + _dbCreateSchema : function () { + this._dbCreateTables(); + this._dbCreateIndices(); + }, + + + _dbCreateTables : function () { + this.log("Creating Tables"); + for (let name in this._dbSchema.tables) + this._dbConnection.createTable(name, this._dbSchema.tables[name]); + }, + + + _dbCreateIndices : function () { + this.log("Creating Indices"); + for (let name in this._dbSchema.indices) { + let index = this._dbSchema.indices[name]; + let statement = "CREATE INDEX IF NOT EXISTS " + name + " ON " + index.table + + "(" + index.columns.join(", ") + ")"; + this._dbConnection.executeSimpleSQL(statement); + } + }, + + + _dbMigrate : function (oldVersion) { + this.log("Attempting to migrate from version " + oldVersion); + + if (oldVersion > DB_VERSION) { + this.log("Downgrading to version " + DB_VERSION); + // User's DB is newer. Sanity check that our expected columns are + // present, and if so mark the lower version and merrily continue + // on. If the columns are borked, something is wrong so blow away + // the DB and start from scratch. [Future incompatible upgrades + // should swtich to a different table or file.] + + if (!this._dbAreExpectedColumnsPresent()) + throw Components.Exception("DB is missing expected columns", + Cr.NS_ERROR_FILE_CORRUPTED); + + // Change the stored version to the current version. If the user + // runs the newer code again, it will see the lower version number + // and re-upgrade (to fixup any entries the old code added). + this._dbConnection.schemaVersion = DB_VERSION; + return; + } + + // Upgrade to newer version... + + let transaction = new Transaction(this._dbConnection); + + try { + for (let v = oldVersion + 1; v <= DB_VERSION; v++) { + this.log("Upgrading to version " + v + "..."); + let migrateFunction = "_dbMigrateToVersion" + v; + this[migrateFunction](); + } + } catch (e) { + this.log("Migration failed: " + e); + transaction.rollback(); + throw e; + } + + this._dbConnection.schemaVersion = DB_VERSION; + transaction.commit(); + this.log("DB migration completed."); + }, + + + /** + * Version 2 adds a GUID column. Existing logins are assigned a random GUID. + */ + _dbMigrateToVersion2 : function () { + // Check to see if GUID column already exists, add if needed + let query; + if (!this._dbColumnExists("guid")) { + query = "ALTER TABLE moz_logins ADD COLUMN guid TEXT"; + this._dbConnection.executeSimpleSQL(query); + + query = "CREATE INDEX IF NOT EXISTS moz_logins_guid_index ON moz_logins (guid)"; + this._dbConnection.executeSimpleSQL(query); + } + + // Get a list of IDs for existing logins + let ids = []; + query = "SELECT id FROM moz_logins WHERE guid isnull"; + let stmt; + try { + stmt = this._dbCreateStatement(query); + while (stmt.executeStep()) + ids.push(stmt.row.id); + } catch (e) { + this.log("Failed getting IDs: " + e); + throw e; + } finally { + if (stmt) { + stmt.reset(); + } + } + + // Generate a GUID for each login and update the DB. + query = "UPDATE moz_logins SET guid = :guid WHERE id = :id"; + for (let id of ids) { + let params = { + id: id, + guid: this._uuidService.generateUUID().toString() + }; + + try { + stmt = this._dbCreateStatement(query, params); + stmt.execute(); + } catch (e) { + this.log("Failed setting GUID: " + e); + throw e; + } finally { + if (stmt) { + stmt.reset(); + } + } + } + }, + + + /** + * Version 3 adds a encType column. + */ + _dbMigrateToVersion3 : function () { + // Check to see if encType column already exists, add if needed + let query; + if (!this._dbColumnExists("encType")) { + query = "ALTER TABLE moz_logins ADD COLUMN encType INTEGER"; + this._dbConnection.executeSimpleSQL(query); + + query = "CREATE INDEX IF NOT EXISTS " + + "moz_logins_encType_index ON moz_logins (encType)"; + this._dbConnection.executeSimpleSQL(query); + } + + // Get a list of existing logins + let logins = []; + let stmt; + query = "SELECT id, encryptedUsername, encryptedPassword " + + "FROM moz_logins WHERE encType isnull"; + try { + stmt = this._dbCreateStatement(query); + while (stmt.executeStep()) { + let params = { id: stmt.row.id }; + // We will tag base64 logins correctly, but no longer support their use. + if (stmt.row.encryptedUsername.charAt(0) == '~' || + stmt.row.encryptedPassword.charAt(0) == '~') + params.encType = Ci.nsILoginManagerCrypto.ENCTYPE_BASE64; + else + params.encType = Ci.nsILoginManagerCrypto.ENCTYPE_SDR; + logins.push(params); + } + } catch (e) { + this.log("Failed getting logins: " + e); + throw e; + } finally { + if (stmt) { + stmt.reset(); + } + } + + // Determine encryption type for each login and update the DB. + query = "UPDATE moz_logins SET encType = :encType WHERE id = :id"; + for (let params of logins) { + try { + stmt = this._dbCreateStatement(query, params); + stmt.execute(); + } catch (e) { + this.log("Failed setting encType: " + e); + throw e; + } finally { + if (stmt) { + stmt.reset(); + } + } + } + }, + + + /** + * Version 4 adds timeCreated, timeLastUsed, timePasswordChanged, + * and timesUsed columns + */ + _dbMigrateToVersion4 : function () { + let query; + // Add the new columns, if needed. + for (let column of ["timeCreated", "timeLastUsed", "timePasswordChanged", "timesUsed"]) { + if (!this._dbColumnExists(column)) { + query = "ALTER TABLE moz_logins ADD COLUMN " + column + " INTEGER"; + this._dbConnection.executeSimpleSQL(query); + } + } + + // Get a list of IDs for existing logins. + let ids = []; + let stmt; + query = "SELECT id FROM moz_logins WHERE timeCreated isnull OR " + + "timeLastUsed isnull OR timePasswordChanged isnull OR timesUsed isnull"; + try { + stmt = this._dbCreateStatement(query); + while (stmt.executeStep()) + ids.push(stmt.row.id); + } catch (e) { + this.log("Failed getting IDs: " + e); + throw e; + } finally { + if (stmt) { + stmt.reset(); + } + } + + // Initialize logins with current time. + query = "UPDATE moz_logins SET timeCreated = :initTime, timeLastUsed = :initTime, " + + "timePasswordChanged = :initTime, timesUsed = 1 WHERE id = :id"; + let params = { + id: null, + initTime: Date.now() + }; + for (let id of ids) { + params.id = id; + try { + stmt = this._dbCreateStatement(query, params); + stmt.execute(); + } catch (e) { + this.log("Failed setting timestamps: " + e); + throw e; + } finally { + if (stmt) { + stmt.reset(); + } + } + } + }, + + + /** + * Version 5 adds the moz_deleted_logins table + */ + _dbMigrateToVersion5 : function () { + if (!this._dbConnection.tableExists("moz_deleted_logins")) { + this._dbConnection.createTable("moz_deleted_logins", this._dbSchema.tables.moz_deleted_logins); + } + }, + + /** + * Version 6 migrates all the hosts from + * moz_disabledHosts to the permission manager. + */ + _dbMigrateToVersion6 : function () { + let disabledHosts = []; + let query = "SELECT hostname FROM moz_disabledHosts"; + let stmt; + + try { + stmt = this._dbCreateStatement(query); + + while (stmt.executeStep()) { + disabledHosts.push(stmt.row.hostname); + } + + for (let host of disabledHosts) { + try { + let uri = Services.io.newURI(host, null, null); + Services.perms.add(uri, PERMISSION_SAVE_LOGINS, Services.perms.DENY_ACTION); + } catch (e) { + Cu.reportError(e); + } + } + } catch (e) { + this.log(`_dbMigrateToVersion6 failed: ${e.name} : ${e.message}`); + } finally { + if (stmt) { + stmt.reset(); + } + } + + query = "DELETE FROM moz_disabledHosts"; + this._dbConnection.executeSimpleSQL(query); + }, + + /** + * Sanity check to ensure that the columns this version of the code expects + * are present in the DB we're using. + */ + _dbAreExpectedColumnsPresent : function () { + let query = "SELECT " + + "id, " + + "hostname, " + + "httpRealm, " + + "formSubmitURL, " + + "usernameField, " + + "passwordField, " + + "encryptedUsername, " + + "encryptedPassword, " + + "guid, " + + "encType, " + + "timeCreated, " + + "timeLastUsed, " + + "timePasswordChanged, " + + "timesUsed " + + "FROM moz_logins"; + try { + let stmt = this._dbConnection.createStatement(query); + // (no need to execute statement, if it compiled we're good) + stmt.finalize(); + } catch (e) { + return false; + } + + query = "SELECT " + + "id, " + + "hostname " + + "FROM moz_disabledHosts"; + try { + let stmt = this._dbConnection.createStatement(query); + // (no need to execute statement, if it compiled we're good) + stmt.finalize(); + } catch (e) { + return false; + } + + this.log("verified that expected columns are present in DB."); + return true; + }, + + + /** + * Checks to see if the named column already exists. + */ + _dbColumnExists : function (columnName) { + let query = "SELECT " + columnName + " FROM moz_logins"; + try { + let stmt = this._dbConnection.createStatement(query); + // (no need to execute statement, if it compiled we're good) + stmt.finalize(); + return true; + } catch (e) { + return false; + } + }, + + _dbClose : function () { + this.log("Closing the DB connection."); + // Finalize all statements to free memory, avoid errors later + for (let query in this._dbStmts) { + let stmt = this._dbStmts[query]; + stmt.finalize(); + } + this._dbStmts = {}; + + if (this._dbConnection !== null) { + try { + this._dbConnection.close(); + } catch (e) { + Components.utils.reportError(e); + } + } + this._dbConnection = null; + }, + + /** + * Called when database creation fails. Finalizes database statements, + * closes the database connection, deletes the database file. + */ + _dbCleanup : function (backup) { + this.log("Cleaning up DB file - close & remove & backup=" + backup); + + // Create backup file + if (backup) { + let backupFile = this._signonsFile.leafName + ".corrupt"; + this._storageService.backupDatabaseFile(this._signonsFile, backupFile); + } + + this._dbClose(); + this._signonsFile.remove(false); + } + +}; // end of nsLoginManagerStorage_mozStorage implementation + +XPCOMUtils.defineLazyGetter(this.LoginManagerStorage_mozStorage.prototype, "log", () => { + let logger = LoginHelper.createLogger("Login storage"); + return logger.log.bind(logger); +}); + +var component = [LoginManagerStorage_mozStorage]; +this.NSGetFactory = XPCOMUtils.generateNSGetFactory(component); diff --git a/toolkit/components/passwordmgr/test/.eslintrc.js b/toolkit/components/passwordmgr/test/.eslintrc.js new file mode 100644 index 000000000..ca626f31c --- /dev/null +++ b/toolkit/components/passwordmgr/test/.eslintrc.js @@ -0,0 +1,13 @@ +"use strict"; + +module.exports = { // eslint-disable-line no-undef + "extends": [ + "../../../../testing/mochitest/mochitest.eslintrc.js", + "../../../../testing/mochitest/chrome.eslintrc.js" + ], + "rules": { + "brace-style": "off", + "no-undef": "off", + "no-unused-vars": "off", + }, +}; diff --git a/toolkit/components/passwordmgr/test/LoginTestUtils.jsm b/toolkit/components/passwordmgr/test/LoginTestUtils.jsm new file mode 100644 index 000000000..2fd8a31a3 --- /dev/null +++ b/toolkit/components/passwordmgr/test/LoginTestUtils.jsm @@ -0,0 +1,295 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/* + * Shared functions generally available for testing login components. + */ + +"use strict"; + +this.EXPORTED_SYMBOLS = [ + "LoginTestUtils", +]; + +const { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +Cu.import("resource://gre/modules/Promise.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/Task.jsm"); +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); + +Cu.import("resource://testing-common/TestUtils.jsm"); + +const LoginInfo = + Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + "nsILoginInfo", "init"); + +// For now, we need consumers to provide a reference to Assert.jsm. +var Assert = null; + +this.LoginTestUtils = { + set Assert(assert) { + Assert = assert; // eslint-disable-line no-native-reassign + }, + + /** + * Forces the storage module to save all data, and the Login Manager service + * to replace the storage module with a newly initialized instance. + */ + * reloadData() { + Services.obs.notifyObservers(null, "passwordmgr-storage-replace", null); + yield TestUtils.topicObserved("passwordmgr-storage-replace-complete"); + }, + + /** + * Erases all the data stored by the Login Manager service. + */ + clearData() { + Services.logins.removeAllLogins(); + for (let hostname of Services.logins.getAllDisabledHosts()) { + Services.logins.setLoginSavingEnabled(hostname, true); + } + }, + + /** + * Checks that the currently stored list of nsILoginInfo matches the provided + * array. The comparison uses the "equals" method of nsILoginInfo, that does + * not include nsILoginMetaInfo properties in the test. + */ + checkLogins(expectedLogins) { + this.assertLoginListsEqual(Services.logins.getAllLogins(), expectedLogins); + }, + + /** + * Checks that the two provided arrays of nsILoginInfo have the same length, + * and every login in "expected" is also found in "actual". The comparison + * uses the "equals" method of nsILoginInfo, that does not include + * nsILoginMetaInfo properties in the test. + */ + assertLoginListsEqual(actual, expected) { + Assert.equal(expected.length, actual.length); + Assert.ok(expected.every(e => actual.some(a => a.equals(e)))); + }, + + /** + * Checks that the two provided arrays of strings contain the same values, + * maybe in a different order, case-sensitively. + */ + assertDisabledHostsEqual(actual, expected) { + Assert.deepEqual(actual.sort(), expected.sort()); + }, + + /** + * Checks whether the given time, expressed as the number of milliseconds + * since January 1, 1970, 00:00:00 UTC, falls within 30 seconds of now. + */ + assertTimeIsAboutNow(timeMs) { + Assert.ok(Math.abs(timeMs - Date.now()) < 30000); + }, +}; + +/** + * This object contains functions that return new instances of nsILoginInfo for + * every call. The returned instances can be compared using their "equals" or + * "matches" methods, or modified for the needs of the specific test being run. + * + * Any modification to the test data requires updating the tests accordingly, in + * particular the search tests. + */ +this.LoginTestUtils.testData = { + /** + * Returns a new nsILoginInfo for use with form submits. + * + * @param modifications + * Each property of this object replaces the property of the same name + * in the returned nsILoginInfo or nsILoginMetaInfo. + */ + formLogin(modifications) { + let loginInfo = new LoginInfo("http://www3.example.com", + "http://www.example.com", null, + "the username", "the password", + "form_field_username", "form_field_password"); + loginInfo.QueryInterface(Ci.nsILoginMetaInfo); + if (modifications) { + for (let [name, value] of Object.entries(modifications)) { + loginInfo[name] = value; + } + } + return loginInfo; + }, + + /** + * Returns a new nsILoginInfo for use with HTTP authentication. + * + * @param modifications + * Each property of this object replaces the property of the same name + * in the returned nsILoginInfo or nsILoginMetaInfo. + */ + authLogin(modifications) { + let loginInfo = new LoginInfo("http://www.example.org", null, + "The HTTP Realm", "the username", + "the password", "", ""); + loginInfo.QueryInterface(Ci.nsILoginMetaInfo); + if (modifications) { + for (let [name, value] of Object.entries(modifications)) { + loginInfo[name] = value; + } + } + return loginInfo; + }, + + /** + * Returns an array of typical nsILoginInfo that could be stored in the + * database. + */ + loginList() { + return [ + // --- Examples of form logins (subdomains of example.com) --- + + // Simple form login with named fields for username and password. + new LoginInfo("http://www.example.com", "http://www.example.com", null, + "the username", "the password for www.example.com", + "form_field_username", "form_field_password"), + + // Different schemes are treated as completely different sites. + new LoginInfo("https://www.example.com", "https://www.example.com", null, + "the username", "the password for https", + "form_field_username", "form_field_password"), + + // Subdomains are treated as completely different sites. + new LoginInfo("https://example.com", "https://example.com", null, + "the username", "the password for example.com", + "form_field_username", "form_field_password"), + + // Forms found on the same host, but with different hostnames in the + // "action" attribute, are handled independently. + new LoginInfo("http://www3.example.com", "http://www.example.com", null, + "the username", "the password", + "form_field_username", "form_field_password"), + new LoginInfo("http://www3.example.com", "https://www.example.com", null, + "the username", "the password", + "form_field_username", "form_field_password"), + new LoginInfo("http://www3.example.com", "http://example.com", null, + "the username", "the password", + "form_field_username", "form_field_password"), + + // It is not possible to store multiple passwords for the same username, + // however multiple passwords can be stored when the usernames differ. + // An empty username is a valid case and different from the others. + new LoginInfo("http://www4.example.com", "http://www4.example.com", null, + "username one", "password one", + "form_field_username", "form_field_password"), + new LoginInfo("http://www4.example.com", "http://www4.example.com", null, + "username two", "password two", + "form_field_username", "form_field_password"), + new LoginInfo("http://www4.example.com", "http://www4.example.com", null, + "", "password three", + "form_field_username", "form_field_password"), + + // Username and passwords fields in forms may have no "name" attribute. + new LoginInfo("http://www5.example.com", "http://www5.example.com", null, + "multi username", "multi password", "", ""), + + // Forms with PIN-type authentication will typically have no username. + new LoginInfo("http://www6.example.com", "http://www6.example.com", null, + "", "12345", "", "form_field_password"), + + // --- Examples of authentication logins (subdomains of example.org) --- + + // Simple HTTP authentication login. + new LoginInfo("http://www.example.org", null, "The HTTP Realm", + "the username", "the password", "", ""), + + // Simple FTP authentication login. + new LoginInfo("ftp://ftp.example.org", null, "ftp://ftp.example.org", + "the username", "the password", "", ""), + + // Multiple HTTP authentication logins can be stored for different realms. + new LoginInfo("http://www2.example.org", null, "The HTTP Realm", + "the username", "the password", "", ""), + new LoginInfo("http://www2.example.org", null, "The HTTP Realm Other", + "the username other", "the password other", "", ""), + + // --- Both form and authentication logins (example.net) --- + + new LoginInfo("http://example.net", "http://example.net", null, + "the username", "the password", + "form_field_username", "form_field_password"), + new LoginInfo("http://example.net", "http://www.example.net", null, + "the username", "the password", + "form_field_username", "form_field_password"), + new LoginInfo("http://example.net", "http://www.example.net", null, + "username two", "the password", + "form_field_username", "form_field_password"), + new LoginInfo("http://example.net", null, "The HTTP Realm", + "the username", "the password", "", ""), + new LoginInfo("http://example.net", null, "The HTTP Realm Other", + "username two", "the password", "", ""), + new LoginInfo("ftp://example.net", null, "ftp://example.net", + "the username", "the password", "", ""), + + // --- Examples of logins added by extensions (chrome scheme) --- + + new LoginInfo("chrome://example_extension", null, "Example Login One", + "the username", "the password one", "", ""), + new LoginInfo("chrome://example_extension", null, "Example Login Two", + "the username", "the password two", "", ""), + ]; + }, +}; + +this.LoginTestUtils.recipes = { + getRecipeParent() { + let { LoginManagerParent } = Cu.import("resource://gre/modules/LoginManagerParent.jsm", {}); + if (!LoginManagerParent.recipeParentPromise) { + return null; + } + return LoginManagerParent.recipeParentPromise.then((recipeParent) => { + return recipeParent; + }); + }, +}; + +this.LoginTestUtils.masterPassword = { + masterPassword: "omgsecret!", + + _set(enable) { + let oldPW, newPW; + if (enable) { + oldPW = ""; + newPW = this.masterPassword; + } else { + oldPW = this.masterPassword; + newPW = ""; + } + + let secmodDB = Cc["@mozilla.org/security/pkcs11moduledb;1"] + .getService(Ci.nsIPKCS11ModuleDB); + let slot = secmodDB.findSlotByName(""); + if (!slot) { + throw new Error("Can't find slot"); + } + + // Set master password. Note that this does not log you in, so the next + // invocation of pwmgr can trigger a MP prompt. + let pk11db = Cc["@mozilla.org/security/pk11tokendb;1"] + .getService(Ci.nsIPK11TokenDB); + let token = pk11db.findTokenByName(""); + if (slot.status == Ci.nsIPKCS11Slot.SLOT_UNINITIALIZED) { + dump("MP initialized to " + newPW + "\n"); + token.initPassword(newPW); + } else { + token.checkPassword(oldPW); + dump("MP change from " + oldPW + " to " + newPW + "\n"); + token.changePassword(oldPW, newPW); + } + }, + + enable() { + this._set(true); + }, + + disable() { + this._set(false); + }, +}; diff --git a/toolkit/components/passwordmgr/test/authenticate.sjs b/toolkit/components/passwordmgr/test/authenticate.sjs new file mode 100644 index 000000000..42edc3220 --- /dev/null +++ b/toolkit/components/passwordmgr/test/authenticate.sjs @@ -0,0 +1,228 @@ +function handleRequest(request, response) +{ + try { + reallyHandleRequest(request, response); + } catch (e) { + response.setStatusLine("1.0", 200, "AlmostOK"); + response.write("Error handling request: " + e); + } +} + + +function reallyHandleRequest(request, response) { + var match; + var requestAuth = true, requestProxyAuth = true; + + // Allow the caller to drive how authentication is processed via the query. + // Eg, http://localhost:8888/authenticate.sjs?user=foo&realm=bar + // The extra ? allows the user/pass/realm checks to succeed if the name is + // at the beginning of the query string. + var query = "?" + request.queryString; + + var expected_user = "", expected_pass = "", realm = "mochitest"; + var proxy_expected_user = "", proxy_expected_pass = "", proxy_realm = "mochi-proxy"; + var huge = false, plugin = false, anonymous = false, formauth = false; + var authHeaderCount = 1; + // user=xxx + match = /[^_]user=([^&]*)/.exec(query); + if (match) + expected_user = match[1]; + + // pass=xxx + match = /[^_]pass=([^&]*)/.exec(query); + if (match) + expected_pass = match[1]; + + // realm=xxx + match = /[^_]realm=([^&]*)/.exec(query); + if (match) + realm = match[1]; + + // proxy_user=xxx + match = /proxy_user=([^&]*)/.exec(query); + if (match) + proxy_expected_user = match[1]; + + // proxy_pass=xxx + match = /proxy_pass=([^&]*)/.exec(query); + if (match) + proxy_expected_pass = match[1]; + + // proxy_realm=xxx + match = /proxy_realm=([^&]*)/.exec(query); + if (match) + proxy_realm = match[1]; + + // huge=1 + match = /huge=1/.exec(query); + if (match) + huge = true; + + // plugin=1 + match = /plugin=1/.exec(query); + if (match) + plugin = true; + + // multiple=1 + match = /multiple=([^&]*)/.exec(query); + if (match) + authHeaderCount = match[1]+0; + + // anonymous=1 + match = /anonymous=1/.exec(query); + if (match) + anonymous = true; + + // formauth=1 + match = /formauth=1/.exec(query); + if (match) + formauth = true; + + // Look for an authentication header, if any, in the request. + // + // EG: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== + // + // This test only supports Basic auth. The value sent by the client is + // "username:password", obscured with base64 encoding. + + var actual_user = "", actual_pass = "", authHeader, authPresent = false; + if (request.hasHeader("Authorization")) { + authPresent = true; + authHeader = request.getHeader("Authorization"); + match = /Basic (.+)/.exec(authHeader); + if (match.length != 2) + throw new Error("Couldn't parse auth header: " + authHeader); + + var userpass = base64ToString(match[1]); // no atob() :-( + match = /(.*):(.*)/.exec(userpass); + if (match.length != 3) + throw new Error("Couldn't decode auth header: " + userpass); + actual_user = match[1]; + actual_pass = match[2]; + } + + var proxy_actual_user = "", proxy_actual_pass = ""; + if (request.hasHeader("Proxy-Authorization")) { + authHeader = request.getHeader("Proxy-Authorization"); + match = /Basic (.+)/.exec(authHeader); + if (match.length != 2) + throw new Error("Couldn't parse auth header: " + authHeader); + + var userpass = base64ToString(match[1]); // no atob() :-( + match = /(.*):(.*)/.exec(userpass); + if (match.length != 3) + throw new Error("Couldn't decode auth header: " + userpass); + proxy_actual_user = match[1]; + proxy_actual_pass = match[2]; + } + + // Don't request authentication if the credentials we got were what we + // expected. + if (expected_user == actual_user && + expected_pass == actual_pass) { + requestAuth = false; + } + if (proxy_expected_user == proxy_actual_user && + proxy_expected_pass == proxy_actual_pass) { + requestProxyAuth = false; + } + + if (anonymous) { + if (authPresent) { + response.setStatusLine("1.0", 400, "Unexpected authorization header found"); + } else { + response.setStatusLine("1.0", 200, "Authorization header not found"); + } + } else { + if (requestProxyAuth) { + response.setStatusLine("1.0", 407, "Proxy authentication required"); + for (i = 0; i < authHeaderCount; ++i) + response.setHeader("Proxy-Authenticate", "basic realm=\"" + proxy_realm + "\"", true); + } else if (requestAuth) { + if (formauth && authPresent) + response.setStatusLine("1.0", 403, "Form authentication required"); + else + response.setStatusLine("1.0", 401, "Authentication required"); + for (i = 0; i < authHeaderCount; ++i) + response.setHeader("WWW-Authenticate", "basic realm=\"" + realm + "\"", true); + } else { + response.setStatusLine("1.0", 200, "OK"); + } + } + + response.setHeader("Content-Type", "application/xhtml+xml", false); + response.write("<html xmlns='http://www.w3.org/1999/xhtml'>"); + response.write("<p>Login: <span id='ok'>" + (requestAuth ? "FAIL" : "PASS") + "</span></p>\n"); + response.write("<p>Proxy: <span id='proxy'>" + (requestProxyAuth ? "FAIL" : "PASS") + "</span></p>\n"); + response.write("<p>Auth: <span id='auth'>" + authHeader + "</span></p>\n"); + response.write("<p>User: <span id='user'>" + actual_user + "</span></p>\n"); + response.write("<p>Pass: <span id='pass'>" + actual_pass + "</span></p>\n"); + + if (huge) { + response.write("<div style='display: none'>"); + for (i = 0; i < 100000; i++) { + response.write("123456789\n"); + } + response.write("</div>"); + response.write("<span id='footnote'>This is a footnote after the huge content fill</span>"); + } + + if (plugin) { + response.write("<embed id='embedtest' style='width: 400px; height: 100px;' " + + "type='application/x-test'></embed>\n"); + } + + response.write("</html>"); +} + + +// base64 decoder +// +// Yoinked from extensions/xml-rpc/src/nsXmlRpcClient.js because btoa() +// doesn't seem to exist. :-( +/* Convert Base64 data to a string */ +const toBinaryTable = [ + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63, + 52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1, 0,-1,-1, + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10, 11,12,13,14, + 15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1, + -1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40, + 41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1 +]; +const base64Pad = '='; + +function base64ToString(data) { + + var result = ''; + var leftbits = 0; // number of bits decoded, but yet to be appended + var leftdata = 0; // bits decoded, but yet to be appended + + // Convert one by one. + for (var i = 0; i < data.length; i++) { + var c = toBinaryTable[data.charCodeAt(i) & 0x7f]; + var padding = (data[i] == base64Pad); + // Skip illegal characters and whitespace + if (c == -1) continue; + + // Collect data into leftdata, update bitcount + leftdata = (leftdata << 6) | c; + leftbits += 6; + + // If we have 8 or more bits, append 8 bits to the result + if (leftbits >= 8) { + leftbits -= 8; + // Append if not padding. + if (!padding) + result += String.fromCharCode((leftdata >> leftbits) & 0xff); + leftdata &= (1 << leftbits) - 1; + } + } + + // If there are any bits left, the base64 string was corrupted + if (leftbits) + throw Components.Exception('Corrupted base64 string'); + + return result; +} diff --git a/toolkit/components/passwordmgr/test/blank.html b/toolkit/components/passwordmgr/test/blank.html new file mode 100644 index 000000000..81ddc2235 --- /dev/null +++ b/toolkit/components/passwordmgr/test/blank.html @@ -0,0 +1,8 @@ +<!DOCTYPE html> +<html> + <head> + <meta charset="utf-8"> + </head> + <body> + </body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/.eslintrc.js b/toolkit/components/passwordmgr/test/browser/.eslintrc.js new file mode 100644 index 000000000..7c8021192 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/.eslintrc.js @@ -0,0 +1,7 @@ +"use strict"; + +module.exports = { + "extends": [ + "../../../../../testing/mochitest/browser.eslintrc.js" + ] +}; diff --git a/toolkit/components/passwordmgr/test/browser/authenticate.sjs b/toolkit/components/passwordmgr/test/browser/authenticate.sjs new file mode 100644 index 000000000..fe2d2423c --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/authenticate.sjs @@ -0,0 +1,110 @@ +function handleRequest(request, response) +{ + var match; + var requestAuth = true; + + // Allow the caller to drive how authentication is processed via the query. + // Eg, http://localhost:8888/authenticate.sjs?user=foo&realm=bar + // The extra ? allows the user/pass/realm checks to succeed if the name is + // at the beginning of the query string. + var query = "?" + request.queryString; + + var expected_user = "test", expected_pass = "testpass", realm = "mochitest"; + + // Look for an authentication header, if any, in the request. + // + // EG: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== + // + // This test only supports Basic auth. The value sent by the client is + // "username:password", obscured with base64 encoding. + + var actual_user = "", actual_pass = "", authHeader, authPresent = false; + if (request.hasHeader("Authorization")) { + authPresent = true; + authHeader = request.getHeader("Authorization"); + match = /Basic (.+)/.exec(authHeader); + if (match.length != 2) + throw new Error("Couldn't parse auth header: " + authHeader); + + var userpass = base64ToString(match[1]); // no atob() :-( + match = /(.*):(.*)/.exec(userpass); + if (match.length != 3) + throw new Error("Couldn't decode auth header: " + userpass); + actual_user = match[1]; + actual_pass = match[2]; + } + + // Don't request authentication if the credentials we got were what we + // expected. + if (expected_user == actual_user && + expected_pass == actual_pass) { + requestAuth = false; + } + + if (requestAuth) { + response.setStatusLine("1.0", 401, "Authentication required"); + response.setHeader("WWW-Authenticate", "basic realm=\"" + realm + "\"", true); + } else { + response.setStatusLine("1.0", 200, "OK"); + } + + response.setHeader("Content-Type", "application/xhtml+xml", false); + response.write("<html xmlns='http://www.w3.org/1999/xhtml'>"); + response.write("<p>Login: <span id='ok'>" + (requestAuth ? "FAIL" : "PASS") + "</span></p>\n"); + response.write("<p>Auth: <span id='auth'>" + authHeader + "</span></p>\n"); + response.write("<p>User: <span id='user'>" + actual_user + "</span></p>\n"); + response.write("<p>Pass: <span id='pass'>" + actual_pass + "</span></p>\n"); + response.write("</html>"); +} + + +// base64 decoder +// +// Yoinked from extensions/xml-rpc/src/nsXmlRpcClient.js because btoa() +// doesn't seem to exist. :-( +/* Convert Base64 data to a string */ +const toBinaryTable = [ + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63, + 52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1, 0,-1,-1, + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10, 11,12,13,14, + 15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1, + -1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40, + 41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1 +]; +const base64Pad = '='; + +function base64ToString(data) { + + var result = ''; + var leftbits = 0; // number of bits decoded, but yet to be appended + var leftdata = 0; // bits decoded, but yet to be appended + + // Convert one by one. + for (var i = 0; i < data.length; i++) { + var c = toBinaryTable[data.charCodeAt(i) & 0x7f]; + var padding = (data[i] == base64Pad); + // Skip illegal characters and whitespace + if (c == -1) continue; + + // Collect data into leftdata, update bitcount + leftdata = (leftdata << 6) | c; + leftbits += 6; + + // If we have 8 or more bits, append 8 bits to the result + if (leftbits >= 8) { + leftbits -= 8; + // Append if not padding. + if (!padding) + result += String.fromCharCode((leftdata >> leftbits) & 0xff); + leftdata &= (1 << leftbits) - 1; + } + } + + // If there are any bits left, the base64 string was corrupted + if (leftbits) + throw Components.Exception('Corrupted base64 string'); + + return result; +} diff --git a/toolkit/components/passwordmgr/test/browser/browser.ini b/toolkit/components/passwordmgr/test/browser/browser.ini new file mode 100644 index 000000000..b17591436 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser.ini @@ -0,0 +1,72 @@ +[DEFAULT] +support-files = + ../formsubmit.sjs + authenticate.sjs + form_basic.html + form_basic_iframe.html + formless_basic.html + form_same_origin_action.html + form_cross_origin_secure_action.html + head.js + insecure_test.html + insecure_test_subframe.html + multiple_forms.html + streamConverter_content.sjs + +[browser_autocomplete_insecure_warning.js] +support-files = + form_cross_origin_insecure_action.html +[browser_capture_doorhanger.js] +support-files = + subtst_notifications_1.html + subtst_notifications_2.html + subtst_notifications_2pw_0un.html + subtst_notifications_2pw_1un_1text.html + subtst_notifications_3.html + subtst_notifications_4.html + subtst_notifications_5.html + subtst_notifications_6.html + subtst_notifications_8.html + subtst_notifications_9.html + subtst_notifications_10.html + subtst_notifications_change_p.html +[browser_capture_doorhanger_httpsUpgrade.js] +support-files = + subtst_notifications_1.html + subtst_notifications_8.html +[browser_capture_doorhanger_window_open.js] +support-files = + subtst_notifications_11.html + subtst_notifications_11_popup.html +skip-if = os == "linux" # Bug 1312981, bug 1313136 +[browser_context_menu_autocomplete_interaction.js] +[browser_username_select_dialog.js] +support-files = + subtst_notifications_change_p.html +[browser_DOMFormHasPassword.js] +[browser_DOMInputPasswordAdded.js] +[browser_exceptions_dialog.js] +[browser_formless_submit_chrome.js] +[browser_hasInsecureLoginForms.js] +[browser_hasInsecureLoginForms_streamConverter.js] +[browser_http_autofill.js] +[browser_insecurePasswordConsoleWarning.js] +support-files = + form_cross_origin_insecure_action.html +[browser_master_password_autocomplete.js] +[browser_notifications.js] +[browser_notifications_username.js] +[browser_notifications_password.js] +[browser_notifications_2.js] +skip-if = os == "linux" # Bug 1272849 Main action button disabled state intermittent +[browser_passwordmgr_editing.js] +skip-if = os == "linux" +[browser_context_menu.js] +[browser_context_menu_iframe.js] +[browser_passwordmgr_contextmenu.js] +subsuite = clipboard +[browser_passwordmgr_fields.js] +[browser_passwordmgr_observers.js] +[browser_passwordmgr_sort.js] +[browser_passwordmgr_switchtab.js] +[browser_passwordmgrdlg.js] diff --git a/toolkit/components/passwordmgr/test/browser/browser_DOMFormHasPassword.js b/toolkit/components/passwordmgr/test/browser/browser_DOMFormHasPassword.js new file mode 100644 index 000000000..80a0dd903 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_DOMFormHasPassword.js @@ -0,0 +1,94 @@ +const ids = { + INPUT_ID: "input1", + FORM1_ID: "form1", + FORM2_ID: "form2", + CHANGE_INPUT_ID: "input2", +}; + +function task(contentIds) { + let resolve; + let promise = new Promise(r => { resolve = r; }); + + function unexpectedContentEvent(evt) { + ok(false, "Received a " + evt.type + " event on content"); + } + + var gDoc = null; + + addEventListener("load", tabLoad, true); + + function tabLoad() { + if (content.location.href == "about:blank") + return; + removeEventListener("load", tabLoad, true); + + gDoc = content.document; + gDoc.addEventListener("DOMFormHasPassword", unexpectedContentEvent, false); + gDoc.defaultView.setTimeout(test_inputAdd, 0); + } + + function test_inputAdd() { + addEventListener("DOMFormHasPassword", test_inputAddHandler, false); + let input = gDoc.createElementNS("http://www.w3.org/1999/xhtml", "input"); + input.setAttribute("type", "password"); + input.setAttribute("id", contentIds.INPUT_ID); + input.setAttribute("data-test", "unique-attribute"); + gDoc.getElementById(contentIds.FORM1_ID).appendChild(input); + } + + function test_inputAddHandler(evt) { + removeEventListener(evt.type, test_inputAddHandler, false); + is(evt.target.id, contentIds.FORM1_ID, + evt.type + " event targets correct form element (added password element)"); + gDoc.defaultView.setTimeout(test_inputChangeForm, 0); + } + + function test_inputChangeForm() { + addEventListener("DOMFormHasPassword", test_inputChangeFormHandler, false); + let input = gDoc.getElementById(contentIds.INPUT_ID); + input.setAttribute("form", contentIds.FORM2_ID); + } + + function test_inputChangeFormHandler(evt) { + removeEventListener(evt.type, test_inputChangeFormHandler, false); + is(evt.target.id, contentIds.FORM2_ID, + evt.type + " event targets correct form element (changed form)"); + gDoc.defaultView.setTimeout(test_inputChangesType, 0); + } + + function test_inputChangesType() { + addEventListener("DOMFormHasPassword", test_inputChangesTypeHandler, false); + let input = gDoc.getElementById(contentIds.CHANGE_INPUT_ID); + input.setAttribute("type", "password"); + } + + function test_inputChangesTypeHandler(evt) { + removeEventListener(evt.type, test_inputChangesTypeHandler, false); + is(evt.target.id, contentIds.FORM1_ID, + evt.type + " event targets correct form element (changed type)"); + gDoc.defaultView.setTimeout(finish, 0); + } + + function finish() { + gDoc.removeEventListener("DOMFormHasPassword", unexpectedContentEvent, false); + resolve(); + } + + return promise; +} + +add_task(function* () { + let tab = gBrowser.selectedTab = gBrowser.addTab(); + + let promise = ContentTask.spawn(tab.linkedBrowser, ids, task); + tab.linkedBrowser.loadURI("data:text/html;charset=utf-8," + + "<html><body>" + + "<form id='" + ids.FORM1_ID + "'>" + + "<input id='" + ids.CHANGE_INPUT_ID + "'></form>" + + "<form id='" + ids.FORM2_ID + "'></form>" + + "</body></html>"); + yield promise; + + ok(true, "Test completed"); + gBrowser.removeCurrentTab(); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_DOMInputPasswordAdded.js b/toolkit/components/passwordmgr/test/browser/browser_DOMInputPasswordAdded.js new file mode 100644 index 000000000..f54892e19 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_DOMInputPasswordAdded.js @@ -0,0 +1,99 @@ +const consts = { + HTML_NS: "http://www.w3.org/1999/xhtml", + + INPUT_ID: "input1", + FORM1_ID: "form1", + FORM2_ID: "form2", + CHANGE_INPUT_ID: "input2", + BODY_INPUT_ID: "input3", +}; + +function task(contentConsts) { + let resolve; + let promise = new Promise(r => { resolve = r; }); + + function unexpectedContentEvent(evt) { + Assert.ok(false, "Received a " + evt.type + " event on content"); + } + + var gDoc = null; + + addEventListener("load", tabLoad, true); + + function tabLoad() { + removeEventListener("load", tabLoad, true); + gDoc = content.document; + // These events shouldn't escape to content. + gDoc.addEventListener("DOMInputPasswordAdded", unexpectedContentEvent, false); + gDoc.defaultView.setTimeout(test_inputAdd, 0); + } + + function test_inputAdd() { + addEventListener("DOMInputPasswordAdded", test_inputAddHandler, false); + let input = gDoc.createElementNS(contentConsts.HTML_NS, "input"); + input.setAttribute("type", "password"); + input.setAttribute("id", contentConsts.INPUT_ID); + input.setAttribute("data-test", "unique-attribute"); + gDoc.getElementById(contentConsts.FORM1_ID).appendChild(input); + info("Done appending the input element"); + } + + function test_inputAddHandler(evt) { + removeEventListener(evt.type, test_inputAddHandler, false); + Assert.equal(evt.target.id, contentConsts.INPUT_ID, + evt.type + " event targets correct input element (added password element)"); + gDoc.defaultView.setTimeout(test_inputAddOutsideForm, 0); + } + + function test_inputAddOutsideForm() { + addEventListener("DOMInputPasswordAdded", test_inputAddOutsideFormHandler, false); + let input = gDoc.createElementNS(contentConsts.HTML_NS, "input"); + input.setAttribute("type", "password"); + input.setAttribute("id", contentConsts.BODY_INPUT_ID); + input.setAttribute("data-test", "unique-attribute"); + gDoc.body.appendChild(input); + info("Done appending the input element to the body"); + } + + function test_inputAddOutsideFormHandler(evt) { + removeEventListener(evt.type, test_inputAddOutsideFormHandler, false); + Assert.equal(evt.target.id, contentConsts.BODY_INPUT_ID, + evt.type + " event targets correct input element (added password element outside form)"); + gDoc.defaultView.setTimeout(test_inputChangesType, 0); + } + + function test_inputChangesType() { + addEventListener("DOMInputPasswordAdded", test_inputChangesTypeHandler, false); + let input = gDoc.getElementById(contentConsts.CHANGE_INPUT_ID); + input.setAttribute("type", "password"); + } + + function test_inputChangesTypeHandler(evt) { + removeEventListener(evt.type, test_inputChangesTypeHandler, false); + Assert.equal(evt.target.id, contentConsts.CHANGE_INPUT_ID, + evt.type + " event targets correct input element (changed type)"); + gDoc.defaultView.setTimeout(completeTest, 0); + } + + function completeTest() { + Assert.ok(true, "Test completed"); + gDoc.removeEventListener("DOMInputPasswordAdded", unexpectedContentEvent, false); + resolve(); + } + + return promise; +} + +add_task(function* () { + let tab = gBrowser.selectedTab = gBrowser.addTab(); + let promise = ContentTask.spawn(tab.linkedBrowser, consts, task); + tab.linkedBrowser.loadURI("data:text/html;charset=utf-8," + + "<html><body>" + + "<form id='" + consts.FORM1_ID + "'>" + + "<input id='" + consts.CHANGE_INPUT_ID + "'></form>" + + "<form id='" + consts.FORM2_ID + "'></form>" + + "</body></html>"); + yield promise; + gBrowser.removeCurrentTab(); +}); + diff --git a/toolkit/components/passwordmgr/test/browser/browser_autocomplete_insecure_warning.js b/toolkit/components/passwordmgr/test/browser/browser_autocomplete_insecure_warning.js new file mode 100644 index 000000000..6aa8e5cf7 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_autocomplete_insecure_warning.js @@ -0,0 +1,41 @@ +"use strict"; + +const EXPECTED_SUPPORT_URL = Services.urlFormatter.formatURLPref("app.support.baseURL") + + "insecure-password"; + +add_task(function* test_clickInsecureFieldWarning() { + let url = "https://example.com" + DIRECTORY_PATH + "form_cross_origin_insecure_action.html"; + + yield BrowserTestUtils.withNewTab({ + gBrowser, + url, + }, function*(browser) { + let popup = document.getElementById("PopupAutoComplete"); + ok(popup, "Got popup"); + + let promiseShown = BrowserTestUtils.waitForEvent(popup, "popupshown"); + + yield SimpleTest.promiseFocus(browser); + info("content window focused"); + + // Focus the username field to open the popup. + yield ContentTask.spawn(browser, null, function openAutocomplete() { + content.document.getElementById("form-basic-username").focus(); + }); + + yield promiseShown; + ok(promiseShown, "autocomplete shown"); + + let warningItem = document.getAnonymousElementByAttribute(popup, "type", "insecureWarning"); + ok(warningItem, "Got warning richlistitem"); + + yield BrowserTestUtils.waitForCondition(() => !warningItem.collapsed, "Wait for warning to show"); + + info("Clicking on warning"); + let supportTabPromise = BrowserTestUtils.waitForNewTab(gBrowser, EXPECTED_SUPPORT_URL); + EventUtils.synthesizeMouseAtCenter(warningItem, {}); + let supportTab = yield supportTabPromise; + ok(supportTab, "Support tab opened"); + yield BrowserTestUtils.removeTab(supportTab); + }); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger.js b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger.js new file mode 100644 index 000000000..b6bfdbf50 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger.js @@ -0,0 +1,600 @@ +/* + * Test capture popup notifications + */ + +const BRAND_BUNDLE = Services.strings.createBundle("chrome://branding/locale/brand.properties"); +const BRAND_SHORT_NAME = BRAND_BUNDLE.GetStringFromName("brandShortName"); + +let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); +let login1 = new nsLoginInfo("http://example.com", "http://example.com", null, + "notifyu1", "notifyp1", "user", "pass"); +let login2 = new nsLoginInfo("http://example.com", "http://example.com", null, + "", "notifyp1", "", "pass"); +let login1B = new nsLoginInfo("http://example.com", "http://example.com", null, + "notifyu1B", "notifyp1B", "user", "pass"); +let login2B = new nsLoginInfo("http://example.com", "http://example.com", null, + "", "notifyp1B", "", "pass"); + +requestLongerTimeout(2); + +add_task(function* setup() { + // Load recipes for this test. + let recipeParent = yield LoginManagerParent.recipeParentPromise; + yield recipeParent.load({ + siteRecipes: [{ + hosts: ["example.org"], + usernameSelector: "#user", + passwordSelector: "#pass", + }], + }); +}); + +add_task(function* test_remember_opens() { + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + notif.remove(); + }); +}); + +add_task(function* test_clickNever() { + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + is(true, Services.logins.getLoginSavingEnabled("http://example.com"), + "Checking for login saving enabled"); + + yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1"); + clickDoorhangerButton(notif, NEVER_BUTTON); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); + + info("Make sure Never took effect"); + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(!notif, "checking for no notification popup"); + is(false, Services.logins.getLoginSavingEnabled("http://example.com"), + "Checking for login saving disabled"); + Services.logins.setLoginSavingEnabled("http://example.com", true); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +add_task(function* test_clickRemember() { + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); + + yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1"); + clickDoorhangerButton(notif, REMEMBER_BUTTON); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username used on the new entry"); + is(login.password, "notifyp1", "Check the password used on the new entry"); + is(login.timesUsed, 1, "Check times used on new entry"); + + info("Make sure Remember took effect and we don't prompt for an existing login"); + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(!notif, "checking for no notification popup"); + }); + + logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username used"); + is(login.password, "notifyp1", "Check the password used"); + is(login.timesUsed, 2, "Check times used incremented"); + + checkOnlyLoginWasUsedTwice({ justChanged: false }); + + // remove that login + Services.logins.removeLogin(login1); +}); + +/* signons.rememberSignons pref tests... */ + +add_task(function* test_rememberSignonsFalse() { + info("Make sure we don't prompt with rememberSignons=false"); + Services.prefs.setBoolPref("signon.rememberSignons", false); + + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(!notif, "checking for no notification popup"); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +add_task(function* test_rememberSignonsTrue() { + info("Make sure we prompt with rememberSignons=true"); + Services.prefs.setBoolPref("signon.rememberSignons", true); + + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + notif.remove(); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +/* autocomplete=off tests... */ + +add_task(function* test_autocompleteOffUsername() { + info("Check for notification popup when autocomplete=off present on username"); + + yield testSubmittingLoginForm("subtst_notifications_2.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "checking for notification popup"); + notif.remove(); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +add_task(function* test_autocompleteOffPassword() { + info("Check for notification popup when autocomplete=off present on password"); + + yield testSubmittingLoginForm("subtst_notifications_3.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "checking for notification popup"); + notif.remove(); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +add_task(function* test_autocompleteOffForm() { + info("Check for notification popup when autocomplete=off present on form"); + + yield testSubmittingLoginForm("subtst_notifications_4.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "checking for notification popup"); + notif.remove(); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + + +add_task(function* test_noPasswordField() { + info("Check for no notification popup when no password field present"); + + yield testSubmittingLoginForm("subtst_notifications_5.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "null", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(!notif, "checking for no notification popup"); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +add_task(function* test_pwOnlyLoginMatchesForm() { + info("Check for update popup when existing pw-only login matches form."); + Services.logins.addLogin(login2); + + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "checking for notification popup"); + notif.remove(); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "", "Check the username"); + is(login.password, "notifyp1", "Check the password"); + is(login.timesUsed, 1, "Check times used"); + + Services.logins.removeLogin(login2); +}); + +add_task(function* test_pwOnlyFormMatchesLogin() { + info("Check for no notification popup when pw-only form matches existing login."); + Services.logins.addLogin(login1); + + yield testSubmittingLoginForm("subtst_notifications_6.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(!notif, "checking for no notification popup"); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username"); + is(login.password, "notifyp1", "Check the password"); + is(login.timesUsed, 2, "Check times used"); + + Services.logins.removeLogin(login1); +}); + +add_task(function* test_pwOnlyFormDoesntMatchExisting() { + info("Check for notification popup when pw-only form doesn't match existing login."); + Services.logins.addLogin(login1B); + + yield testSubmittingLoginForm("subtst_notifications_6.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + notif.remove(); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1B", "Check the username unchanged"); + is(login.password, "notifyp1B", "Check the password unchanged"); + is(login.timesUsed, 1, "Check times used"); + + Services.logins.removeLogin(login1B); +}); + +add_task(function* test_changeUPLoginOnUPForm_dont() { + info("Check for change-password popup, u+p login on u+p form. (not changed)"); + Services.logins.addLogin(login1); + + yield testSubmittingLoginForm("subtst_notifications_8.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "pass2", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "got notification popup"); + + yield* checkDoorhangerUsernamePassword("notifyu1", "pass2"); + clickDoorhangerButton(notif, DONT_CHANGE_BUTTON); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username unchanged"); + is(login.password, "notifyp1", "Check the password unchanged"); + is(login.timesUsed, 1, "Check times used"); + + Services.logins.removeLogin(login1); +}); + +add_task(function* test_changeUPLoginOnUPForm_change() { + info("Check for change-password popup, u+p login on u+p form."); + Services.logins.addLogin(login1); + + yield testSubmittingLoginForm("subtst_notifications_8.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "pass2", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "got notification popup"); + + yield* checkDoorhangerUsernamePassword("notifyu1", "pass2"); + clickDoorhangerButton(notif, CHANGE_BUTTON); + + ok(!getCaptureDoorhanger("password-change"), "popup should be gone"); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username unchanged"); + is(login.password, "pass2", "Check the password changed"); + is(login.timesUsed, 2, "Check times used"); + + checkOnlyLoginWasUsedTwice({ justChanged: true }); + + // cleanup + login1.password = "pass2"; + Services.logins.removeLogin(login1); + login1.password = "notifyp1"; +}); + +add_task(function* test_changePLoginOnUPForm() { + info("Check for change-password popup, p-only login on u+p form."); + Services.logins.addLogin(login2); + + yield testSubmittingLoginForm("subtst_notifications_9.html", function*(fieldValues) { + is(fieldValues.username, "", "Checking submitted username"); + is(fieldValues.password, "pass2", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "got notification popup"); + + yield* checkDoorhangerUsernamePassword("", "pass2"); + clickDoorhangerButton(notif, CHANGE_BUTTON); + + ok(!getCaptureDoorhanger("password-change"), "popup should be gone"); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "", "Check the username unchanged"); + is(login.password, "pass2", "Check the password changed"); + is(login.timesUsed, 2, "Check times used"); + + // no cleanup -- saved password to be used in the next test. +}); + +add_task(function* test_changePLoginOnPForm() { + info("Check for change-password popup, p-only login on p-only form."); + + yield testSubmittingLoginForm("subtst_notifications_10.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "got notification popup"); + + yield* checkDoorhangerUsernamePassword("", "notifyp1"); + clickDoorhangerButton(notif, CHANGE_BUTTON); + + ok(!getCaptureDoorhanger("password-change"), "popup should be gone"); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "", "Check the username unchanged"); + is(login.password, "notifyp1", "Check the password changed"); + is(login.timesUsed, 3, "Check times used"); + + Services.logins.removeLogin(login2); +}); + +add_task(function* test_checkUPSaveText() { + info("Check text on a user+pass notification popup"); + + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + // Check the text, which comes from the localized saveLoginText string. + let notificationText = notif.message; + let expectedText = "Would you like " + BRAND_SHORT_NAME + " to remember this login?"; + is(expectedText, notificationText, "Checking text: " + notificationText); + notif.remove(); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +add_task(function* test_checkPSaveText() { + info("Check text on a pass-only notification popup"); + + yield testSubmittingLoginForm("subtst_notifications_6.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + // Check the text, which comes from the localized saveLoginTextNoUser string. + let notificationText = notif.message; + let expectedText = "Would you like " + BRAND_SHORT_NAME + " to remember this password?"; + is(expectedText, notificationText, "Checking text: " + notificationText); + notif.remove(); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +add_task(function* test_capture2pw0un() { + info("Check for notification popup when a form with 2 password fields (no username) " + + "is submitted and there are no saved logins."); + + yield testSubmittingLoginForm("subtst_notifications_2pw_0un.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + notif.remove(); + }); + + is(Services.logins.getAllLogins().length, 0, "Should not have any logins yet"); +}); + +add_task(function* test_change2pw0unExistingDifferentUP() { + info("Check for notification popup when a form with 2 password fields (no username) " + + "is submitted and there is a saved login with a username and different password."); + + Services.logins.addLogin(login1B); + + yield testSubmittingLoginForm("subtst_notifications_2pw_0un.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "got notification popup"); + notif.remove(); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1B", "Check the username unchanged"); + is(login.password, "notifyp1B", "Check the password unchanged"); + is(login.timesUsed, 1, "Check times used"); + + Services.logins.removeLogin(login1B); +}); + +add_task(function* test_change2pw0unExistingDifferentP() { + info("Check for notification popup when a form with 2 password fields (no username) " + + "is submitted and there is a saved login with no username and different password."); + + Services.logins.addLogin(login2B); + + yield testSubmittingLoginForm("subtst_notifications_2pw_0un.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "got notification popup"); + notif.remove(); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "", "Check the username unchanged"); + is(login.password, "notifyp1B", "Check the password unchanged"); + is(login.timesUsed, 1, "Check times used"); + + Services.logins.removeLogin(login2B); +}); + +add_task(function* test_change2pw0unExistingWithSameP() { + info("Check for no notification popup when a form with 2 password fields (no username) " + + "is submitted and there is a saved login with a username and the same password."); + + Services.logins.addLogin(login2); + + yield testSubmittingLoginForm("subtst_notifications_2pw_0un.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(!notif, "checking for no notification popup"); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "", "Check the username unchanged"); + is(login.password, "notifyp1", "Check the password unchanged"); + is(login.timesUsed, 2, "Check times used incremented"); + + checkOnlyLoginWasUsedTwice({ justChanged: false }); + + Services.logins.removeLogin(login2); +}); + +add_task(function* test_changeUPLoginOnPUpdateForm() { + info("Check for change-password popup, u+p login on password update form."); + Services.logins.addLogin(login1); + + yield testSubmittingLoginForm("subtst_notifications_change_p.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "pass2", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "got notification popup"); + + yield* checkDoorhangerUsernamePassword("notifyu1", "pass2"); + clickDoorhangerButton(notif, CHANGE_BUTTON); + + ok(!getCaptureDoorhanger("password-change"), "popup should be gone"); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username unchanged"); + is(login.password, "pass2", "Check the password changed"); + is(login.timesUsed, 2, "Check times used"); + + checkOnlyLoginWasUsedTwice({ justChanged: true }); + + // cleanup + login1.password = "pass2"; + Services.logins.removeLogin(login1); + login1.password = "notifyp1"; +}); + +add_task(function* test_recipeCaptureFields_NewLogin() { + info("Check that we capture the proper fields when a field recipe is in use."); + + yield testSubmittingLoginForm("subtst_notifications_2pw_1un_1text.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + + // Sanity check, no logins should exist yet. + let logins = Services.logins.getAllLogins(); + is(logins.length, 0, "Should not have any logins yet"); + + yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1"); + clickDoorhangerButton(notif, REMEMBER_BUTTON); + + }, "http://example.org"); // The recipe is for example.org + + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username unchanged"); + is(login.password, "notifyp1", "Check the password unchanged"); + is(login.timesUsed, 1, "Check times used"); +}); + +add_task(function* test_recipeCaptureFields_ExistingLogin() { + info("Check that we capture the proper fields when a field recipe is in use " + + "and there is a matching login"); + + yield testSubmittingLoginForm("subtst_notifications_2pw_1un_1text.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(!notif, "checking for no notification popup"); + }, "http://example.org"); + + checkOnlyLoginWasUsedTwice({ justChanged: false }); + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username unchanged"); + is(login.password, "notifyp1", "Check the password unchanged"); + is(login.timesUsed, 2, "Check times used incremented"); + + Services.logins.removeAllLogins(); +}); + +add_task(function* test_noShowPasswordOnDismissal() { + info("Check for no Show Password field when the doorhanger is dismissed"); + + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + info("Opening popup"); + let notif = getCaptureDoorhanger("password-save"); + let { panel } = PopupNotifications; + + info("Hiding popup."); + let promiseHidden = BrowserTestUtils.waitForEvent(panel, "popuphidden"); + panel.hidePopup(); + yield promiseHidden; + + info("Clicking on anchor to reshow popup."); + let promiseShown = BrowserTestUtils.waitForEvent(panel, "popupshown"); + notif.anchorElement.click(); + yield promiseShown; + + let passwordVisiblityToggle = panel.querySelector("#password-notification-visibilityToggle"); + is(passwordVisiblityToggle.hidden, true, "Check that the Show Password field is Hidden"); + }); +}); + +// TODO: +// * existing login test, form has different password --> change password, no save prompt diff --git a/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_httpsUpgrade.js b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_httpsUpgrade.js new file mode 100644 index 000000000..9be0aa631 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_httpsUpgrade.js @@ -0,0 +1,123 @@ +/* + * Test capture popup notifications with HTTPS upgrades + */ + +let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); +let login1 = new nsLoginInfo("http://example.com", "http://example.com", null, + "notifyu1", "notifyp1", "user", "pass"); +let login1HTTPS = new nsLoginInfo("https://example.com", "https://example.com", null, + "notifyu1", "notifyp1", "user", "pass"); + +add_task(function* test_httpsUpgradeCaptureFields_noChange() { + info("Check that we don't prompt to remember when capturing an upgraded login with no change"); + Services.logins.addLogin(login1); + // Sanity check the HTTP login exists. + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should have the HTTP login"); + + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(!notif, "checking for no notification popup"); + }, "https://example.com"); // This is HTTPS whereas the saved login is HTTP + + logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login still"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.hostname, "http://example.com", "Check the hostname is unchanged"); + is(login.username, "notifyu1", "Check the username is unchanged"); + is(login.password, "notifyp1", "Check the password is unchanged"); + is(login.timesUsed, 2, "Check times used increased"); + + Services.logins.removeLogin(login1); +}); + +add_task(function* test_httpsUpgradeCaptureFields_changePW() { + info("Check that we prompt to change when capturing an upgraded login with a new PW"); + Services.logins.addLogin(login1); + // Sanity check the HTTP login exists. + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should have the HTTP login"); + + yield testSubmittingLoginForm("subtst_notifications_8.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "pass2", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-change"); + ok(notif, "checking for a change popup"); + + yield* checkDoorhangerUsernamePassword("notifyu1", "pass2"); + clickDoorhangerButton(notif, CHANGE_BUTTON); + + ok(!getCaptureDoorhanger("password-change"), "popup should be gone"); + }, "https://example.com"); // This is HTTPS whereas the saved login is HTTP + + checkOnlyLoginWasUsedTwice({ justChanged: true }); + logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login still"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.hostname, "https://example.com", "Check the hostname is upgraded"); + is(login.formSubmitURL, "https://example.com", "Check the formSubmitURL is upgraded"); + is(login.username, "notifyu1", "Check the username is unchanged"); + is(login.password, "pass2", "Check the password changed"); + is(login.timesUsed, 2, "Check times used increased"); + + Services.logins.removeAllLogins(); +}); + +add_task(function* test_httpsUpgradeCaptureFields_captureMatchingHTTP() { + info("Capture a new HTTP login which matches a stored HTTPS one."); + Services.logins.addLogin(login1HTTPS); + + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(notif, "got notification popup"); + + is(Services.logins.getAllLogins().length, 1, "Should only have the HTTPS login"); + + yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1"); + clickDoorhangerButton(notif, REMEMBER_BUTTON); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 2, "Should have both HTTP and HTTPS logins"); + for (let login of logins) { + login = login.QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username used on the new entry"); + is(login.password, "notifyp1", "Check the password used on the new entry"); + is(login.timesUsed, 1, "Check times used on entry"); + } + + info("Make sure Remember took effect and we don't prompt for an existing HTTP login"); + yield testSubmittingLoginForm("subtst_notifications_1.html", function*(fieldValues) { + is(fieldValues.username, "notifyu1", "Checking submitted username"); + is(fieldValues.password, "notifyp1", "Checking submitted password"); + let notif = getCaptureDoorhanger("password-save"); + ok(!notif, "checking for no notification popup"); + }); + + logins = Services.logins.getAllLogins(); + is(logins.length, 2, "Should have both HTTP and HTTPS still"); + + let httpsLogins = LoginHelper.searchLoginsWithObject({ + hostname: "https://example.com", + }); + is(httpsLogins.length, 1, "Check https logins count"); + let httpsLogin = httpsLogins[0].QueryInterface(Ci.nsILoginMetaInfo); + ok(httpsLogin.equals(login1HTTPS), "Check HTTPS login didn't change"); + is(httpsLogin.timesUsed, 1, "Check times used"); + + let httpLogins = LoginHelper.searchLoginsWithObject({ + hostname: "http://example.com", + }); + is(httpLogins.length, 1, "Check http logins count"); + let httpLogin = httpLogins[0].QueryInterface(Ci.nsILoginMetaInfo); + ok(httpLogin.equals(login1), "Check HTTP login is as expected"); + is(httpLogin.timesUsed, 2, "Check times used increased"); + + Services.logins.removeLogin(login1); + Services.logins.removeLogin(login1HTTPS); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_window_open.js b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_window_open.js new file mode 100644 index 000000000..1bcfec5eb --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_capture_doorhanger_window_open.js @@ -0,0 +1,144 @@ +/* + * Test capture popup notifications in content opened by window.open + */ + +let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); +let login1 = new nsLoginInfo("http://mochi.test:8888", "http://mochi.test:8888", null, + "notifyu1", "notifyp1", "user", "pass"); +let login2 = new nsLoginInfo("http://mochi.test:8888", "http://mochi.test:8888", null, + "notifyu2", "notifyp2", "user", "pass"); + + +function withTestTabUntilStorageChange(aPageFile, aTaskFn) { + function storageChangedObserved(subject, data) { + // Watch for actions triggered from a doorhanger (not cleanup tasks with removeLogin) + if (data == "removeLogin") { + return false; + } + return true; + } + + let storageChangedPromised = TestUtils.topicObserved("passwordmgr-storage-changed", + storageChangedObserved); + return BrowserTestUtils.withNewTab({ + gBrowser, + url: "http://mochi.test:8888" + DIRECTORY_PATH + aPageFile, + }, function*(browser) { + ok(true, "loaded " + aPageFile); + info("running test case task"); + yield* aTaskFn(); + info("waiting for storage change"); + yield storageChangedPromised; + }); +} + +add_task(function* setup() { + yield SimpleTest.promiseFocus(window); +}); + +add_task(function* test_saveChromeHiddenAutoClose() { + let notifShownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown"); + // query arguments are: username, password, features, auto-close (delimited by '|') + let url = "subtst_notifications_11.html?notifyu1|notifyp1|" + + "menubar=no,toolbar=no,location=no|autoclose"; + yield withTestTabUntilStorageChange(url, function*() { + info("waiting for popupshown"); + yield notifShownPromise; + // the popup closes and the doorhanger should appear in the opener + let popup = getCaptureDoorhanger("password-save"); + ok(popup, "got notification popup"); + yield* checkDoorhangerUsernamePassword("notifyu1", "notifyp1"); + // Sanity check, no logins should exist yet. + let logins = Services.logins.getAllLogins(); + is(logins.length, 0, "Should not have any logins yet"); + + clickDoorhangerButton(popup, REMEMBER_BUTTON); + }); + // Check result of clicking Remember + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.timesUsed, 1, "Check times used on new entry"); + is(login.username, "notifyu1", "Check the username used on the new entry"); + is(login.password, "notifyp1", "Check the password used on the new entry"); +}); + +add_task(function* test_changeChromeHiddenAutoClose() { + let notifShownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown"); + let url = "subtst_notifications_11.html?notifyu1|pass2|menubar=no,toolbar=no,location=no|autoclose"; + yield withTestTabUntilStorageChange(url, function*() { + info("waiting for popupshown"); + yield notifShownPromise; + let popup = getCaptureDoorhanger("password-change"); + ok(popup, "got notification popup"); + yield* checkDoorhangerUsernamePassword("notifyu1", "pass2"); + clickDoorhangerButton(popup, CHANGE_BUTTON); + }); + + // Check to make sure we updated the password, timestamps and use count for + // the login being changed with this form. + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username"); + is(login.password, "pass2", "Check password changed"); + is(login.timesUsed, 2, "check .timesUsed incremented on change"); + ok(login.timeCreated < login.timeLastUsed, "timeLastUsed bumped"); + ok(login.timeLastUsed == login.timePasswordChanged, "timeUsed == timeChanged"); + + login1.password = "pass2"; + Services.logins.removeLogin(login1); + login1.password = "notifyp1"; +}); + +add_task(function* test_saveChromeVisibleSameWindow() { + // This test actually opens a new tab in the same window with default browser settings. + let url = "subtst_notifications_11.html?notifyu2|notifyp2||"; + let notifShownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown"); + yield withTestTabUntilStorageChange(url, function*() { + yield notifShownPromise; + let popup = getCaptureDoorhanger("password-save"); + ok(popup, "got notification popup"); + yield* checkDoorhangerUsernamePassword("notifyu2", "notifyp2"); + clickDoorhangerButton(popup, REMEMBER_BUTTON); + yield BrowserTestUtils.removeTab(gBrowser.selectedTab); + }); + + // Check result of clicking Remember + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login now"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu2", "Check the username used on the new entry"); + is(login.password, "notifyp2", "Check the password used on the new entry"); + is(login.timesUsed, 1, "Check times used on new entry"); +}); + +add_task(function* test_changeChromeVisibleSameWindow() { + let url = "subtst_notifications_11.html?notifyu2|pass2||"; + let notifShownPromise = BrowserTestUtils.waitForEvent(PopupNotifications.panel, "popupshown"); + yield withTestTabUntilStorageChange(url, function*() { + yield notifShownPromise; + let popup = getCaptureDoorhanger("password-change"); + ok(popup, "got notification popup"); + yield* checkDoorhangerUsernamePassword("notifyu2", "pass2"); + clickDoorhangerButton(popup, CHANGE_BUTTON); + yield BrowserTestUtils.removeTab(gBrowser.selectedTab); + }); + + // Check to make sure we updated the password, timestamps and use count for + // the login being changed with this form. + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should have 1 login"); + let login = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu2", "Check the username"); + is(login.password, "pass2", "Check password changed"); + is(login.timesUsed, 2, "check .timesUsed incremented on change"); + ok(login.timeCreated < login.timeLastUsed, "timeLastUsed bumped"); + ok(login.timeLastUsed == login.timePasswordChanged, "timeUsed == timeChanged"); + + // cleanup + login2.password = "pass2"; + Services.logins.removeLogin(login2); + login2.password = "notifyp2"; +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_context_menu.js b/toolkit/components/passwordmgr/test/browser/browser_context_menu.js new file mode 100644 index 000000000..6cfcaa7c2 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_context_menu.js @@ -0,0 +1,432 @@ +/* + * Test the password manager context menu. + */ + +/* eslint no-shadow:"off" */ + +"use strict"; + +// The hostname for the test URIs. +const TEST_HOSTNAME = "https://example.com"; +const MULTIPLE_FORMS_PAGE_PATH = "/browser/toolkit/components/passwordmgr/test/browser/multiple_forms.html"; + +const CONTEXT_MENU = document.getElementById("contentAreaContextMenu"); +const POPUP_HEADER = document.getElementById("fill-login"); + +/** + * Initialize logins needed for the tests and disable autofill + * for login forms for easier testing of manual fill. + */ +add_task(function* test_initialize() { + Services.prefs.setBoolPref("signon.autofillForms", false); + registerCleanupFunction(() => { + Services.prefs.clearUserPref("signon.autofillForms"); + Services.prefs.clearUserPref("signon.schemeUpgrades"); + }); + for (let login of loginList()) { + Services.logins.addLogin(login); + } +}); + +/** + * Check if the context menu is populated with the right + * menuitems for the target password input field. + */ +add_task(function* test_context_menu_populate_password_noSchemeUpgrades() { + Services.prefs.setBoolPref("signon.schemeUpgrades", false); + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + MULTIPLE_FORMS_PAGE_PATH, + }, function* (browser) { + yield openPasswordContextMenu(browser, "#test-password-1"); + + // Check the content of the password manager popup + let popupMenu = document.getElementById("fill-login-popup"); + checkMenu(popupMenu, 2); + + CONTEXT_MENU.hidePopup(); + }); +}); + +/** + * Check if the context menu is populated with the right + * menuitems for the target password input field. + */ +add_task(function* test_context_menu_populate_password_schemeUpgrades() { + Services.prefs.setBoolPref("signon.schemeUpgrades", true); + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + MULTIPLE_FORMS_PAGE_PATH, + }, function* (browser) { + yield openPasswordContextMenu(browser, "#test-password-1"); + + // Check the content of the password manager popup + let popupMenu = document.getElementById("fill-login-popup"); + checkMenu(popupMenu, 3); + + CONTEXT_MENU.hidePopup(); + }); +}); + +/** + * Check if the context menu is populated with the right menuitems + * for the target username field with a password field present. + */ +add_task(function* test_context_menu_populate_username_with_password_noSchemeUpgrades() { + Services.prefs.setBoolPref("signon.schemeUpgrades", false); + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + "/browser/toolkit/components/" + + "passwordmgr/test/browser/multiple_forms.html", + }, function* (browser) { + yield openPasswordContextMenu(browser, "#test-username-2"); + + // Check the content of the password manager popup + let popupMenu = document.getElementById("fill-login-popup"); + checkMenu(popupMenu, 2); + + CONTEXT_MENU.hidePopup(); + }); +}); +/** + * Check if the context menu is populated with the right menuitems + * for the target username field with a password field present. + */ +add_task(function* test_context_menu_populate_username_with_password_schemeUpgrades() { + Services.prefs.setBoolPref("signon.schemeUpgrades", true); + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + "/browser/toolkit/components/" + + "passwordmgr/test/browser/multiple_forms.html", + }, function* (browser) { + yield openPasswordContextMenu(browser, "#test-username-2"); + + // Check the content of the password manager popup + let popupMenu = document.getElementById("fill-login-popup"); + checkMenu(popupMenu, 3); + + CONTEXT_MENU.hidePopup(); + }); +}); + +/** + * Check if the password field is correctly filled when one + * login menuitem is clicked. + */ +add_task(function* test_context_menu_password_fill() { + Services.prefs.setBoolPref("signon.schemeUpgrades", true); + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + MULTIPLE_FORMS_PAGE_PATH, + }, function* (browser) { + let formDescriptions = yield ContentTask.spawn(browser, {}, function*() { + let forms = Array.from(content.document.getElementsByClassName("test-form")); + return forms.map((f) => f.getAttribute("description")); + }); + + for (let description of formDescriptions) { + info("Testing form: " + description); + + let passwordInputIds = yield ContentTask.spawn(browser, {description}, function*({description}) { + let formElement = content.document.querySelector(`[description="${description}"]`); + let passwords = Array.from(formElement.querySelectorAll("input[type='password']")); + return passwords.map((p) => p.id); + }); + + for (let inputId of passwordInputIds) { + info("Testing password field: " + inputId); + + // Synthesize a right mouse click over the username input element. + yield openPasswordContextMenu(browser, "#" + inputId, function*() { + let inputDisabled = yield ContentTask + .spawn(browser, {inputId}, function*({inputId}) { + let input = content.document.getElementById(inputId); + return input.disabled || input.readOnly; + }); + + // If the password field is disabled or read-only, we want to see + // the disabled Fill Password popup header. + if (inputDisabled) { + Assert.ok(!POPUP_HEADER.hidden, "Popup menu is not hidden."); + Assert.ok(POPUP_HEADER.disabled, "Popup menu is disabled."); + CONTEXT_MENU.hidePopup(); + } + + return !inputDisabled; + }); + + if (CONTEXT_MENU.state != "open") { + continue; + } + + // The only field affected by the password fill + // should be the target password field itself. + yield assertContextMenuFill(browser, description, null, inputId, 1); + yield ContentTask.spawn(browser, {inputId}, function*({inputId}) { + let passwordField = content.document.getElementById(inputId); + Assert.equal(passwordField.value, "password1", "Check upgraded login was actually used"); + }); + + CONTEXT_MENU.hidePopup(); + } + } + }); +}); + +/** + * Check if the form is correctly filled when one + * username context menu login menuitem is clicked. + */ +add_task(function* test_context_menu_username_login_fill() { + Services.prefs.setBoolPref("signon.schemeUpgrades", true); + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + MULTIPLE_FORMS_PAGE_PATH, + }, function* (browser) { + + let formDescriptions = yield ContentTask.spawn(browser, {}, function*() { + let forms = Array.from(content.document.getElementsByClassName("test-form")); + return forms.map((f) => f.getAttribute("description")); + }); + + for (let description of formDescriptions) { + info("Testing form: " + description); + let usernameInputIds = yield ContentTask + .spawn(browser, {description}, function*({description}) { + let formElement = content.document.querySelector(`[description="${description}"]`); + let inputs = Array.from(formElement.querySelectorAll("input[type='text']")); + return inputs.map((p) => p.id); + }); + + for (let inputId of usernameInputIds) { + info("Testing username field: " + inputId); + + // Synthesize a right mouse click over the username input element. + yield openPasswordContextMenu(browser, "#" + inputId, function*() { + let headerHidden = POPUP_HEADER.hidden; + let headerDisabled = POPUP_HEADER.disabled; + + let data = {description, inputId, headerHidden, headerDisabled}; + let shouldContinue = yield ContentTask.spawn(browser, data, function*(data) { + let {description, inputId, headerHidden, headerDisabled} = data; + let formElement = content.document.querySelector(`[description="${description}"]`); + let usernameField = content.document.getElementById(inputId); + // We always want to check if the first password field is filled, + // since this is the current behavior from the _fillForm function. + let passwordField = formElement.querySelector("input[type='password']"); + + // If we don't want to see the actual popup menu, + // check if the popup is hidden or disabled. + if (!passwordField || usernameField.disabled || usernameField.readOnly || + passwordField.disabled || passwordField.readOnly) { + if (!passwordField) { + Assert.ok(headerHidden, "Popup menu is hidden."); + } else { + Assert.ok(!headerHidden, "Popup menu is not hidden."); + Assert.ok(headerDisabled, "Popup menu is disabled."); + } + return false; + } + return true; + }); + + if (!shouldContinue) { + CONTEXT_MENU.hidePopup(); + } + + return shouldContinue; + }); + + if (CONTEXT_MENU.state != "open") { + continue; + } + + let passwordFieldId = yield ContentTask + .spawn(browser, {description}, function*({description}) { + let formElement = content.document.querySelector(`[description="${description}"]`); + return formElement.querySelector("input[type='password']").id; + }); + + // We shouldn't change any field that's not the target username field or the first password field + yield assertContextMenuFill(browser, description, inputId, passwordFieldId, 1); + + yield ContentTask.spawn(browser, {passwordFieldId}, function*({passwordFieldId}) { + let passwordField = content.document.getElementById(passwordFieldId); + if (!passwordField.hasAttribute("expectedFail")) { + Assert.equal(passwordField.value, "password1", "Check upgraded login was actually used"); + } + }); + + CONTEXT_MENU.hidePopup(); + } + } + }); +}); + +/** + * Synthesize mouse clicks to open the password manager context menu popup + * for a target password input element. + * + * assertCallback should return true if we should continue or else false. + */ +function* openPasswordContextMenu(browser, passwordInput, assertCallback = null) { + // Synthesize a right mouse click over the password input element. + let contextMenuShownPromise = BrowserTestUtils.waitForEvent(CONTEXT_MENU, "popupshown"); + let eventDetails = {type: "contextmenu", button: 2}; + BrowserTestUtils.synthesizeMouseAtCenter(passwordInput, eventDetails, browser); + yield contextMenuShownPromise; + + if (assertCallback) { + let shouldContinue = yield assertCallback(); + if (!shouldContinue) { + return; + } + } + + // Synthesize a mouse click over the fill login menu header. + let popupShownPromise = BrowserTestUtils.waitForEvent(POPUP_HEADER, "popupshown"); + EventUtils.synthesizeMouseAtCenter(POPUP_HEADER, {}); + yield popupShownPromise; +} + +/** + * Verify that only the expected form fields are filled. + */ +function* assertContextMenuFill(browser, formId, usernameFieldId, passwordFieldId, loginIndex) { + let popupMenu = document.getElementById("fill-login-popup"); + let unchangedSelector = `[description="${formId}"] input:not(#${passwordFieldId})`; + + if (usernameFieldId) { + unchangedSelector += `:not(#${usernameFieldId})`; + } + + yield ContentTask.spawn(browser, {unchangedSelector}, function*({unchangedSelector}) { + let unchangedFields = content.document.querySelectorAll(unchangedSelector); + + // Store the value of fields that should remain unchanged. + if (unchangedFields.length) { + for (let field of unchangedFields) { + field.setAttribute("original-value", field.value); + } + } + }); + + // Execute the default command of the specified login menuitem found in the context menu. + let loginItem = popupMenu.getElementsByClassName("context-login-item")[loginIndex]; + + // Find the used login by it's username (Use only unique usernames in this test). + let {username, password} = getLoginFromUsername(loginItem.label); + + let data = {username, password, usernameFieldId, passwordFieldId, formId, unchangedSelector}; + let continuePromise = ContentTask.spawn(browser, data, function*(data) { + let {username, password, usernameFieldId, passwordFieldId, formId, unchangedSelector} = data; + let form = content.document.querySelector(`[description="${formId}"]`); + yield ContentTaskUtils.waitForEvent(form, "input", "Username input value changed"); + + if (usernameFieldId) { + let usernameField = content.document.getElementById(usernameFieldId); + + // If we have an username field, check if it's correctly filled + if (usernameField.getAttribute("expectedFail") == null) { + Assert.equal(username, usernameField.value, "Username filled and correct."); + } + } + + if (passwordFieldId) { + let passwordField = content.document.getElementById(passwordFieldId); + + // If we have a password field, check if it's correctly filled + if (passwordField && passwordField.getAttribute("expectedFail") == null) { + Assert.equal(password, passwordField.value, "Password filled and correct."); + } + } + + let unchangedFields = content.document.querySelectorAll(unchangedSelector); + + // Check that all fields that should not change have the same value as before. + if (unchangedFields.length) { + Assert.ok(() => { + for (let field of unchangedFields) { + if (field.value != field.getAttribute("original-value")) { + return false; + } + } + return true; + }, "Other fields were not changed."); + } + }); + + loginItem.doCommand(); + + return continuePromise; +} + +/** + * Check if every login that matches the page hostname are available at the context menu. + * @param {Element} contextMenu + * @param {Number} expectedCount - Number of logins expected in the context menu. Used to ensure +* we continue testing something useful. + */ +function checkMenu(contextMenu, expectedCount) { + let logins = loginList().filter(login => { + return LoginHelper.isOriginMatching(login.hostname, TEST_HOSTNAME, { + schemeUpgrades: Services.prefs.getBoolPref("signon.schemeUpgrades"), + }); + }); + // Make an array of menuitems for easier comparison. + let menuitems = [...CONTEXT_MENU.getElementsByClassName("context-login-item")]; + Assert.equal(menuitems.length, expectedCount, "Expected number of menu items"); + Assert.ok(logins.every(l => menuitems.some(m => l.username == m.label)), "Every login have an item at the menu."); +} + +/** + * Search for a login by it's username. + * + * Only unique login/hostname combinations should be used at this test. + */ +function getLoginFromUsername(username) { + return loginList().find(login => login.username == username); +} + +/** + * List of logins used for the test. + * + * We should only use unique usernames in this test, + * because we need to search logins by username. There is one duplicate u+p combo + * in order to test de-duping in the menu. + */ +function loginList() { + return [ + LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: "username", + password: "password", + }), + // Same as above but HTTP in order to test de-duping. + LoginTestUtils.testData.formLogin({ + hostname: "http://example.com", + formSubmitURL: "http://example.com", + username: "username", + password: "password", + }), + LoginTestUtils.testData.formLogin({ + hostname: "http://example.com", + formSubmitURL: "http://example.com", + username: "username1", + password: "password1", + }), + LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: "username2", + password: "password2", + }), + LoginTestUtils.testData.formLogin({ + hostname: "http://example.org", + formSubmitURL: "http://example.org", + username: "username-cross-origin", + password: "password-cross-origin", + }), + ]; +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_context_menu_autocomplete_interaction.js b/toolkit/components/passwordmgr/test/browser/browser_context_menu_autocomplete_interaction.js new file mode 100644 index 000000000..1b37e3f79 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_context_menu_autocomplete_interaction.js @@ -0,0 +1,99 @@ +/* + * Test the password manager context menu interaction with autocomplete. + */ + +"use strict"; + +const TEST_HOSTNAME = "https://example.com"; +const BASIC_FORM_PAGE_PATH = DIRECTORY_PATH + "form_basic.html"; + +var gUnexpectedIsTODO = false; + +/** + * Initialize logins needed for the tests and disable autofill + * for login forms for easier testing of manual fill. + */ +add_task(function* test_initialize() { + let autocompletePopup = document.getElementById("PopupAutoComplete"); + Services.prefs.setBoolPref("signon.autofillForms", false); + registerCleanupFunction(() => { + Services.prefs.clearUserPref("signon.autofillForms"); + autocompletePopup.removeEventListener("popupshowing", autocompleteUnexpectedPopupShowing); + }); + for (let login of loginList()) { + Services.logins.addLogin(login); + } + autocompletePopup.addEventListener("popupshowing", autocompleteUnexpectedPopupShowing); +}); + +add_task(function* test_context_menu_username() { + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + BASIC_FORM_PAGE_PATH, + }, function* (browser) { + yield openContextMenu(browser, "#form-basic-username"); + + let contextMenu = document.getElementById("contentAreaContextMenu"); + Assert.equal(contextMenu.state, "open", "Context menu opened"); + contextMenu.hidePopup(); + }); +}); + +add_task(function* test_context_menu_password() { + gUnexpectedIsTODO = true; + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + BASIC_FORM_PAGE_PATH, + }, function* (browser) { + yield openContextMenu(browser, "#form-basic-password"); + + let contextMenu = document.getElementById("contentAreaContextMenu"); + Assert.equal(contextMenu.state, "open", "Context menu opened"); + contextMenu.hidePopup(); + }); +}); + +function autocompleteUnexpectedPopupShowing(event) { + if (gUnexpectedIsTODO) { + todo(false, "Autocomplete shouldn't appear"); + } else { + Assert.ok(false, "Autocomplete shouldn't appear"); + } + event.target.hidePopup(); +} + +/** + * Synthesize mouse clicks to open the context menu popup + * for a target login input element. + */ +function* openContextMenu(browser, loginInput) { + // First synthesize a mousedown. We need this to get the focus event with the "contextmenu" event. + let eventDetails1 = {type: "mousedown", button: 2}; + BrowserTestUtils.synthesizeMouseAtCenter(loginInput, eventDetails1, browser); + + // Then synthesize the contextmenu click over the input element. + let contextMenuShownPromise = BrowserTestUtils.waitForEvent(window, "popupshown"); + let eventDetails = {type: "contextmenu", button: 2}; + BrowserTestUtils.synthesizeMouseAtCenter(loginInput, eventDetails, browser); + yield contextMenuShownPromise; + + // Wait to see which popups are shown. + yield new Promise(resolve => setTimeout(resolve, 1000)); +} + +function loginList() { + return [ + LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: "username", + password: "password", + }), + LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: "username2", + password: "password2", + }), + ]; +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_context_menu_iframe.js b/toolkit/components/passwordmgr/test/browser/browser_context_menu_iframe.js new file mode 100644 index 000000000..c5219789d --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_context_menu_iframe.js @@ -0,0 +1,144 @@ +/* + * Test the password manager context menu. + */ + +"use strict"; + +const TEST_HOSTNAME = "https://example.com"; + +// Test with a page that only has a form within an iframe, not in the top-level document +const IFRAME_PAGE_PATH = "/browser/toolkit/components/passwordmgr/test/browser/form_basic_iframe.html"; + +/** + * Initialize logins needed for the tests and disable autofill + * for login forms for easier testing of manual fill. + */ +add_task(function* test_initialize() { + Services.prefs.setBoolPref("signon.autofillForms", false); + registerCleanupFunction(() => { + Services.prefs.clearUserPref("signon.autofillForms"); + Services.prefs.clearUserPref("signon.schemeUpgrades"); + }); + for (let login of loginList()) { + Services.logins.addLogin(login); + } +}); + +/** + * Check if the password field is correctly filled when it's in an iframe. + */ +add_task(function* test_context_menu_iframe_fill() { + Services.prefs.setBoolPref("signon.schemeUpgrades", true); + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: TEST_HOSTNAME + IFRAME_PAGE_PATH + }, function* (browser) { + function getPasswordInput() { + let frame = content.document.getElementById("test-iframe"); + return frame.contentDocument.getElementById("form-basic-password"); + } + + let contextMenuShownPromise = BrowserTestUtils.waitForEvent(window, "popupshown"); + let eventDetails = {type: "contextmenu", button: 2}; + + // To click at the right point we have to take into account the iframe offset. + // Synthesize a right mouse click over the password input element. + BrowserTestUtils.synthesizeMouseAtCenter(getPasswordInput, eventDetails, browser); + yield contextMenuShownPromise; + + // Synthesize a mouse click over the fill login menu header. + let popupHeader = document.getElementById("fill-login"); + let popupShownPromise = BrowserTestUtils.waitForEvent(popupHeader, "popupshown"); + EventUtils.synthesizeMouseAtCenter(popupHeader, {}); + yield popupShownPromise; + + let popupMenu = document.getElementById("fill-login-popup"); + + // Stores the original value of username + function promiseFrameInputValue(name) { + return ContentTask.spawn(browser, name, function(inputname) { + let iframe = content.document.getElementById("test-iframe"); + let input = iframe.contentDocument.getElementById(inputname); + return input.value; + }); + } + let usernameOriginalValue = yield promiseFrameInputValue("form-basic-username"); + + // Execute the command of the first login menuitem found at the context menu. + let passwordChangedPromise = ContentTask.spawn(browser, null, function* () { + let frame = content.document.getElementById("test-iframe"); + let passwordInput = frame.contentDocument.getElementById("form-basic-password"); + yield ContentTaskUtils.waitForEvent(passwordInput, "input"); + }); + + let firstLoginItem = popupMenu.getElementsByClassName("context-login-item")[0]; + firstLoginItem.doCommand(); + + yield passwordChangedPromise; + + // Find the used login by it's username. + let login = getLoginFromUsername(firstLoginItem.label); + let passwordValue = yield promiseFrameInputValue("form-basic-password"); + is(login.password, passwordValue, "Password filled and correct."); + + let usernameNewValue = yield promiseFrameInputValue("form-basic-username"); + is(usernameOriginalValue, + usernameNewValue, + "Username value was not changed."); + + let contextMenu = document.getElementById("contentAreaContextMenu"); + contextMenu.hidePopup(); + }); +}); + +/** + * Search for a login by it's username. + * + * Only unique login/hostname combinations should be used at this test. + */ +function getLoginFromUsername(username) { + return loginList().find(login => login.username == username); +} + +/** + * List of logins used for the test. + * + * We should only use unique usernames in this test, + * because we need to search logins by username. There is one duplicate u+p combo + * in order to test de-duping in the menu. + */ +function loginList() { + return [ + LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: "username", + password: "password", + }), + // Same as above but HTTP in order to test de-duping. + LoginTestUtils.testData.formLogin({ + hostname: "http://example.com", + formSubmitURL: "http://example.com", + username: "username", + password: "password", + }), + LoginTestUtils.testData.formLogin({ + hostname: "http://example.com", + formSubmitURL: "http://example.com", + username: "username1", + password: "password1", + }), + LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: "username2", + password: "password2", + }), + LoginTestUtils.testData.formLogin({ + hostname: "http://example.org", + formSubmitURL: "http://example.org", + username: "username-cross-origin", + password: "password-cross-origin", + }), + ]; +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_exceptions_dialog.js b/toolkit/components/passwordmgr/test/browser/browser_exceptions_dialog.js new file mode 100644 index 000000000..09fbe0eea --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_exceptions_dialog.js @@ -0,0 +1,56 @@ + +"use strict"; + +const LOGIN_HOST = "http://example.com"; + +function openExceptionsDialog() { + return window.openDialog( + "chrome://browser/content/preferences/permissions.xul", + "Toolkit:PasswordManagerExceptions", "", + { + blockVisible: true, + sessionVisible: false, + allowVisible: false, + hideStatusColumn: true, + prefilledHost: "", + permissionType: "login-saving" + } + ); +} + +function countDisabledHosts(dialog) { + let doc = dialog.document; + let rejectsTree = doc.getElementById("permissionsTree"); + + return rejectsTree.view.rowCount; +} + +function promiseStorageChanged(expectedData) { + function observer(subject, data) { + return data == expectedData && subject.QueryInterface(Ci.nsISupportsString).data == LOGIN_HOST; + } + + return TestUtils.topicObserved("passwordmgr-storage-changed", observer); +} + +add_task(function* test_disable() { + let dialog = openExceptionsDialog(); + let promiseChanged = promiseStorageChanged("hostSavingDisabled"); + + yield BrowserTestUtils.waitForEvent(dialog, "load"); + Services.logins.setLoginSavingEnabled(LOGIN_HOST, false); + yield promiseChanged; + is(countDisabledHosts(dialog), 1, "Verify disabled host added"); + yield BrowserTestUtils.closeWindow(dialog); +}); + +add_task(function* test_enable() { + let dialog = openExceptionsDialog(); + let promiseChanged = promiseStorageChanged("hostSavingEnabled"); + + yield BrowserTestUtils.waitForEvent(dialog, "load"); + Services.logins.setLoginSavingEnabled(LOGIN_HOST, true); + yield promiseChanged; + is(countDisabledHosts(dialog), 0, "Verify disabled host removed"); + yield BrowserTestUtils.closeWindow(dialog); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_formless_submit_chrome.js b/toolkit/components/passwordmgr/test/browser/browser_formless_submit_chrome.js new file mode 100644 index 000000000..c6d9ce50a --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_formless_submit_chrome.js @@ -0,0 +1,126 @@ +/* + * Test that browser chrome UI interactions don't trigger a capture doorhanger. + */ + +"use strict"; + +function* fillTestPage(aBrowser) { + yield ContentTask.spawn(aBrowser, null, function*() { + content.document.getElementById("form-basic-username").value = "my_username"; + content.document.getElementById("form-basic-password").value = "my_password"; + }); + info("fields filled"); +} + +function* withTestPage(aTaskFn) { + return BrowserTestUtils.withNewTab({ + gBrowser, + url: "https://example.com" + DIRECTORY_PATH + "formless_basic.html", + }, function*(aBrowser) { + info("tab opened"); + yield fillTestPage(aBrowser); + yield* aTaskFn(aBrowser); + + // Give a chance for the doorhanger to appear + yield new Promise(resolve => SimpleTest.executeSoon(resolve)); + ok(!getCaptureDoorhanger("any"), "No doorhanger should be present"); + }); +} + +add_task(function* setup() { + yield SimpleTest.promiseFocus(window); +}); + +add_task(function* test_urlbar_new_URL() { + yield withTestPage(function*(aBrowser) { + gURLBar.value = ""; + let focusPromise = BrowserTestUtils.waitForEvent(gURLBar, "focus"); + gURLBar.focus(); + yield focusPromise; + info("focused"); + EventUtils.sendString("http://mochi.test:8888/"); + EventUtils.synthesizeKey("VK_RETURN", {}); + yield BrowserTestUtils.browserLoaded(aBrowser, false, "http://mochi.test:8888/"); + }); +}); + +add_task(function* test_urlbar_fragment_enter() { + yield withTestPage(function*(aBrowser) { + gURLBar.focus(); + EventUtils.synthesizeKey("VK_RIGHT", {}); + EventUtils.sendString("#fragment"); + EventUtils.synthesizeKey("VK_RETURN", {}); + }); +}); + +add_task(function* test_backButton_forwardButton() { + yield withTestPage(function*(aBrowser) { + // Load a new page in the tab so we can test going back + aBrowser.loadURI("https://example.com" + DIRECTORY_PATH + "formless_basic.html?second"); + yield BrowserTestUtils.browserLoaded(aBrowser, false, + "https://example.com" + DIRECTORY_PATH + + "formless_basic.html?second"); + yield fillTestPage(aBrowser); + + let forwardButton = document.getElementById("forward-button"); + // We need to wait for the forward button transition to complete before we + // can click it, so we hook up a listener to wait for it to be ready. + let forwardTransitionPromise = BrowserTestUtils.waitForEvent(forwardButton, "transitionend"); + + let backPromise = BrowserTestUtils.browserStopped(aBrowser); + EventUtils.synthesizeMouseAtCenter(document.getElementById("back-button"), {}); + yield backPromise; + + // Give a chance for the doorhanger to appear + yield new Promise(resolve => SimpleTest.executeSoon(resolve)); + ok(!getCaptureDoorhanger("any"), "No doorhanger should be present"); + + // Now go forward again after filling + yield fillTestPage(aBrowser); + + yield forwardTransitionPromise; + info("transition done"); + yield BrowserTestUtils.waitForCondition(() => { + return forwardButton.disabled == false; + }); + let forwardPromise = BrowserTestUtils.browserStopped(aBrowser); + info("click the forward button"); + EventUtils.synthesizeMouseAtCenter(forwardButton, {}); + yield forwardPromise; + }); +}); + + +add_task(function* test_reloadButton() { + yield withTestPage(function*(aBrowser) { + let reloadButton = document.getElementById("urlbar-reload-button"); + let loadPromise = BrowserTestUtils.browserLoaded(aBrowser, false, + "https://example.com" + DIRECTORY_PATH + + "formless_basic.html"); + + yield BrowserTestUtils.waitForCondition(() => { + return reloadButton.disabled == false; + }); + EventUtils.synthesizeMouseAtCenter(reloadButton, {}); + yield loadPromise; + }); +}); + +add_task(function* test_back_keyboard_shortcut() { + if (Services.prefs.getIntPref("browser.backspace_action") != 0) { + ok(true, "Skipped testing backspace to go back since it's disabled"); + return; + } + yield withTestPage(function*(aBrowser) { + // Load a new page in the tab so we can test going back + aBrowser.loadURI("https://example.com" + DIRECTORY_PATH + "formless_basic.html?second"); + yield BrowserTestUtils.browserLoaded(aBrowser, false, + "https://example.com" + DIRECTORY_PATH + + "formless_basic.html?second"); + yield fillTestPage(aBrowser); + + let backPromise = BrowserTestUtils.browserStopped(aBrowser); + EventUtils.synthesizeKey("VK_BACK_SPACE", {}); + yield backPromise; + }); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms.js b/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms.js new file mode 100644 index 000000000..039312b7d --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms.js @@ -0,0 +1,93 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +Cu.import("resource://gre/modules/LoginManagerParent.jsm", this); + +const testUrlPath = + "://example.com/browser/toolkit/components/passwordmgr/test/browser/"; + +/** + * Waits for the given number of occurrences of InsecureLoginFormsStateChange + * on the given browser element. + */ +function waitForInsecureLoginFormsStateChange(browser, count) { + return BrowserTestUtils.waitForEvent(browser, "InsecureLoginFormsStateChange", + false, () => --count == 0); +} + +/** + * Checks that hasInsecureLoginForms is true for a simple HTTP page and false + * for a simple HTTPS page. + */ +add_task(function* test_simple() { + for (let scheme of ["http", "https"]) { + let tab = gBrowser.addTab(scheme + testUrlPath + "form_basic.html"); + let browser = tab.linkedBrowser; + yield Promise.all([ + BrowserTestUtils.switchTab(gBrowser, tab), + BrowserTestUtils.browserLoaded(browser), + // One event is triggered by pageshow and one by DOMFormHasPassword. + waitForInsecureLoginFormsStateChange(browser, 2), + ]); + + Assert.equal(LoginManagerParent.hasInsecureLoginForms(browser), + scheme == "http"); + + gBrowser.removeTab(tab); + } +}); + +/** + * Checks that hasInsecureLoginForms is true if a password field is present in + * an HTTP page loaded as a subframe of a top-level HTTPS page, when mixed + * active content blocking is disabled. + * + * When the subframe is navigated to an HTTPS page, hasInsecureLoginForms should + * be set to false. + * + * Moving back in history should set hasInsecureLoginForms to true again. + */ +add_task(function* test_subframe_navigation() { + yield new Promise(resolve => SpecialPowers.pushPrefEnv({ + "set": [["security.mixed_content.block_active_content", false]], + }, resolve)); + + // Load the page with the subframe in a new tab. + let tab = gBrowser.addTab("https" + testUrlPath + "insecure_test.html"); + let browser = tab.linkedBrowser; + yield Promise.all([ + BrowserTestUtils.switchTab(gBrowser, tab), + BrowserTestUtils.browserLoaded(browser), + // Two events are triggered by pageshow and one by DOMFormHasPassword. + waitForInsecureLoginFormsStateChange(browser, 3), + ]); + + Assert.ok(LoginManagerParent.hasInsecureLoginForms(browser)); + + // Navigate the subframe to a secure page. + let promiseSubframeReady = Promise.all([ + BrowserTestUtils.browserLoaded(browser, true), + // One event is triggered by pageshow and one by DOMFormHasPassword. + waitForInsecureLoginFormsStateChange(browser, 2), + ]); + yield ContentTask.spawn(browser, null, function* () { + content.document.getElementById("test-iframe") + .contentDocument.getElementById("test-link").click(); + }); + yield promiseSubframeReady; + + Assert.ok(!LoginManagerParent.hasInsecureLoginForms(browser)); + + // Navigate back to the insecure page. We only have to wait for the + // InsecureLoginFormsStateChange event that is triggered by pageshow. + let promise = waitForInsecureLoginFormsStateChange(browser, 1); + yield ContentTask.spawn(browser, null, function* () { + content.document.getElementById("test-iframe") + .contentWindow.history.back(); + }); + yield promise; + + Assert.ok(LoginManagerParent.hasInsecureLoginForms(browser)); + + gBrowser.removeTab(tab); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms_streamConverter.js b/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms_streamConverter.js new file mode 100644 index 000000000..2dbffb9cc --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_hasInsecureLoginForms_streamConverter.js @@ -0,0 +1,102 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +Cu.import("resource://gre/modules/LoginManagerParent.jsm", this); + +function* registerConverter() { + Cu.import("resource://gre/modules/Services.jsm", this); + Cu.import("resource://gre/modules/NetUtil.jsm", this); + + /** + * Converts the "test/content" MIME type, served by the test over HTTP, to an + * HTML viewer page containing the "form_basic.html" code. The viewer is + * served from a "resource:" URI while keeping the "resource:" principal. + */ + function TestStreamConverter() {} + + TestStreamConverter.prototype = { + classID: Components.ID("{5f01d6ef-c090-45a4-b3e5-940d64713eb7}"), + contractID: "@mozilla.org/streamconv;1?from=test/content&to=*/*", + QueryInterface: XPCOMUtils.generateQI([ + Ci.nsIRequestObserver, + Ci.nsIStreamListener, + Ci.nsIStreamConverter, + ]), + + // nsIStreamConverter + convert() {}, + + // nsIStreamConverter + asyncConvertData(aFromType, aToType, aListener, aCtxt) { + this.listener = aListener; + }, + + // nsIRequestObserver + onStartRequest(aRequest, aContext) { + let channel = NetUtil.newChannel({ + uri: "resource://testing-common/form_basic.html", + loadUsingSystemPrincipal: true, + }); + channel.originalURI = aRequest.QueryInterface(Ci.nsIChannel).URI; + channel.loadGroup = aRequest.loadGroup; + channel.owner = Services.scriptSecurityManager + .createCodebasePrincipal(channel.URI, {}); + // In this test, we pass the new channel to the listener but don't fire a + // redirect notification, even if it would be required. This keeps the + // test code simpler and doesn't impact the principal check we're testing. + channel.asyncOpen2(this.listener); + }, + + // nsIRequestObserver + onStopRequest() {}, + + // nsIStreamListener + onDataAvailable() {}, + }; + + let factory = XPCOMUtils._getFactory(TestStreamConverter); + let registrar = Components.manager.QueryInterface(Ci.nsIComponentRegistrar); + registrar.registerFactory(TestStreamConverter.prototype.classID, "", + TestStreamConverter.prototype.contractID, factory); + this.cleanupFunction = function () { + registrar.unregisterFactory(TestStreamConverter.prototype.classID, factory); + }; +} + +/** + * Waits for the given number of occurrences of InsecureLoginFormsStateChange + * on the given browser element. + */ +function waitForInsecureLoginFormsStateChange(browser, count) { + return BrowserTestUtils.waitForEvent(browser, "InsecureLoginFormsStateChange", + false, () => --count == 0); +} + +/** + * Checks that hasInsecureLoginForms is false for a viewer served internally + * using a "resource:" URI. + */ +add_task(function* test_streamConverter() { + let originalBrowser = gBrowser.selectedTab.linkedBrowser; + + yield ContentTask.spawn(originalBrowser, null, registerConverter); + + let tab = gBrowser.addTab("http://example.com/browser/toolkit/components/" + + "passwordmgr/test/browser/streamConverter_content.sjs", + { relatedBrowser: originalBrowser.linkedBrowser }); + let browser = tab.linkedBrowser; + yield Promise.all([ + BrowserTestUtils.switchTab(gBrowser, tab), + BrowserTestUtils.browserLoaded(browser), + // One event is triggered by pageshow and one by DOMFormHasPassword. + waitForInsecureLoginFormsStateChange(browser, 2), + ]); + + Assert.ok(!LoginManagerParent.hasInsecureLoginForms(browser)); + + yield BrowserTestUtils.removeTab(tab); + + yield ContentTask.spawn(originalBrowser, null, function* () { + this.cleanupFunction(); + }); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_http_autofill.js b/toolkit/components/passwordmgr/test/browser/browser_http_autofill.js new file mode 100644 index 000000000..beb928a34 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_http_autofill.js @@ -0,0 +1,78 @@ +const TEST_URL_PATH = "://example.org/browser/toolkit/components/passwordmgr/test/browser/"; + +add_task(function* setup() { + let login = LoginTestUtils.testData.formLogin({ + hostname: "http://example.org", + formSubmitURL: "http://example.org", + username: "username", + password: "password", + }); + Services.logins.addLogin(login); + login = LoginTestUtils.testData.formLogin({ + hostname: "http://example.org", + formSubmitURL: "http://another.domain", + username: "username", + password: "password", + }); + Services.logins.addLogin(login); + yield SpecialPowers.pushPrefEnv({ "set": [["signon.autofillForms.http", false]] }); +}); + +add_task(function* test_http_autofill() { + for (let scheme of ["http", "https"]) { + let tab = yield BrowserTestUtils + .openNewForegroundTab(gBrowser, `${scheme}${TEST_URL_PATH}form_basic.html`); + + let [username, password] = yield ContentTask.spawn(gBrowser.selectedBrowser, null, function* () { + let doc = content.document; + let contentUsername = doc.getElementById("form-basic-username").value; + let contentPassword = doc.getElementById("form-basic-password").value; + return [contentUsername, contentPassword]; + }); + + is(username, scheme == "http" ? "" : "username", "Username filled correctly"); + is(password, scheme == "http" ? "" : "password", "Password filled correctly"); + + gBrowser.removeTab(tab); + } +}); + +add_task(function* test_iframe_in_http_autofill() { + for (let scheme of ["http", "https"]) { + let tab = yield BrowserTestUtils + .openNewForegroundTab(gBrowser, `${scheme}${TEST_URL_PATH}form_basic_iframe.html`); + + let [username, password] = yield ContentTask.spawn(gBrowser.selectedBrowser, null, function* () { + let doc = content.document; + let iframe = doc.getElementById("test-iframe"); + let contentUsername = iframe.contentWindow.document.getElementById("form-basic-username").value; + let contentPassword = iframe.contentWindow.document.getElementById("form-basic-password").value; + return [contentUsername, contentPassword]; + }); + + is(username, scheme == "http" ? "" : "username", "Username filled correctly"); + is(password, scheme == "http" ? "" : "password", "Password filled correctly"); + + gBrowser.removeTab(tab); + } +}); + +add_task(function* test_http_action_autofill() { + for (let type of ["insecure", "secure"]) { + let tab = yield BrowserTestUtils + .openNewForegroundTab(gBrowser, `https${TEST_URL_PATH}form_cross_origin_${type}_action.html`); + + let [username, password] = yield ContentTask.spawn(gBrowser.selectedBrowser, null, function* () { + let doc = content.document; + let contentUsername = doc.getElementById("form-basic-username").value; + let contentPassword = doc.getElementById("form-basic-password").value; + return [contentUsername, contentPassword]; + }); + + is(username, type == "insecure" ? "" : "username", "Username filled correctly"); + is(password, type == "insecure" ? "" : "password", "Password filled correctly"); + + gBrowser.removeTab(tab); + } +}); + diff --git a/toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js b/toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js new file mode 100644 index 000000000..f16ae1b98 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_insecurePasswordConsoleWarning.js @@ -0,0 +1,94 @@ +"use strict"; + +const WARNING_PATTERN = [{ + key: "INSECURE_FORM_ACTION", + msg: 'JavaScript Warning: "Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen."' +}, { + key: "INSECURE_PAGE", + msg: 'JavaScript Warning: "Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen."' +}]; + +add_task(function* testInsecurePasswordWarning() { + let warningPatternHandler; + + function messageHandler(msgObj) { + function findWarningPattern(msg) { + return WARNING_PATTERN.find(patternPair => { + return msg.indexOf(patternPair.msg) !== -1; + }); + } + + let warning = findWarningPattern(msgObj.message); + + // Only handle the insecure password related warning messages. + if (warning) { + // Prevent any unexpected or redundant matched warning message coming after + // the test case is ended. + ok(warningPatternHandler, "Invoke a valid warning message handler"); + warningPatternHandler(warning, msgObj.message); + } + } + Services.console.registerListener(messageHandler); + registerCleanupFunction(function() { + Services.console.unregisterListener(messageHandler); + }); + + for (let [origin, testFile, expectWarnings] of [ + ["http://127.0.0.1", "form_basic.html", []], + ["http://127.0.0.1", "formless_basic.html", []], + ["http://example.com", "form_basic.html", ["INSECURE_PAGE"]], + ["http://example.com", "formless_basic.html", ["INSECURE_PAGE"]], + ["https://example.com", "form_basic.html", []], + ["https://example.com", "formless_basic.html", []], + + // For a form with customized action link in the same origin. + ["http://127.0.0.1", "form_same_origin_action.html", []], + ["http://example.com", "form_same_origin_action.html", ["INSECURE_PAGE"]], + ["https://example.com", "form_same_origin_action.html", []], + + // For a form with an insecure (http) customized action link. + ["http://127.0.0.1", "form_cross_origin_insecure_action.html", ["INSECURE_FORM_ACTION"]], + ["http://example.com", "form_cross_origin_insecure_action.html", ["INSECURE_PAGE"]], + ["https://example.com", "form_cross_origin_insecure_action.html", ["INSECURE_FORM_ACTION"]], + + // For a form with a secure (https) customized action link. + ["http://127.0.0.1", "form_cross_origin_secure_action.html", []], + ["http://example.com", "form_cross_origin_secure_action.html", ["INSECURE_PAGE"]], + ["https://example.com", "form_cross_origin_secure_action.html", []], + ]) { + let testURL = origin + DIRECTORY_PATH + testFile; + let promiseConsoleMessages = new Promise(resolve => { + warningPatternHandler = function (warning, originMessage) { + ok(warning, "Handling a warning pattern"); + let fullMessage = `[${warning.msg} {file: "${testURL}" line: 0 column: 0 source: "0"}]`; + is(originMessage, fullMessage, "Message full matched:" + originMessage); + + let index = expectWarnings.indexOf(warning.key); + isnot(index, -1, "Found warning: " + warning.key + " for URL:" + testURL); + if (index !== -1) { + // Remove the shown message. + expectWarnings.splice(index, 1); + } + if (expectWarnings.length === 0) { + info("All warnings are shown for URL:" + testURL); + resolve(); + } + }; + }); + + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: testURL + }, function*() { + if (expectWarnings.length === 0) { + info("All warnings are shown for URL:" + testURL); + return Promise.resolve(); + } + return promiseConsoleMessages; + }); + + // Remove warningPatternHandler to stop handling the matched warning pattern + // and the task should not get any warning anymore. + warningPatternHandler = null; + } +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_master_password_autocomplete.js b/toolkit/components/passwordmgr/test/browser/browser_master_password_autocomplete.js new file mode 100644 index 000000000..f3bc62b0a --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_master_password_autocomplete.js @@ -0,0 +1,59 @@ +const HOST = "https://example.com"; +const URL = HOST + "/browser/toolkit/components/passwordmgr/test/browser/form_basic.html"; +const TIMEOUT_PREF = "signon.masterPasswordReprompt.timeout_ms"; + +// Waits for the master password prompt and cancels it. +function waitForDialog() { + let dialogShown = TestUtils.topicObserved("common-dialog-loaded"); + return dialogShown.then(function([subject]) { + let dialog = subject.Dialog; + is(dialog.args.title, "Password Required"); + dialog.ui.button1.click(); + }); +} + +// Test that autocomplete does not trigger a master password prompt +// for a certain time after it was cancelled. +add_task(function* test_mpAutocompleteTimeout() { + let login = LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: "username", + password: "password", + }); + Services.logins.addLogin(login); + LoginTestUtils.masterPassword.enable(); + + registerCleanupFunction(function() { + LoginTestUtils.masterPassword.disable(); + Services.logins.removeAllLogins(); + }); + + // Set master password prompt timeout to 3s. + // If this test goes intermittent, you likely have to increase this value. + yield SpecialPowers.pushPrefEnv({set: [[TIMEOUT_PREF, 3000]]}); + + // Wait for initial master password dialog after opening the tab. + let dialogShown = waitForDialog(); + + yield BrowserTestUtils.withNewTab(URL, function*(browser) { + yield dialogShown; + + yield ContentTask.spawn(browser, null, function*() { + // Focus the password field to trigger autocompletion. + content.document.getElementById("form-basic-password").focus(); + }); + + // Wait 4s, dialog should not have been shown + // (otherwise the code below will not work). + yield new Promise((c) => setTimeout(c, 4000)); + + dialogShown = waitForDialog(); + yield ContentTask.spawn(browser, null, function*() { + // Re-focus the password field to trigger autocompletion. + content.document.getElementById("form-basic-username").focus(); + content.document.getElementById("form-basic-password").focus(); + }); + yield dialogShown; + }); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_notifications.js b/toolkit/components/passwordmgr/test/browser/browser_notifications.js new file mode 100644 index 000000000..4fb012f14 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_notifications.js @@ -0,0 +1,81 @@ +/** + * Test that the doorhanger notification for password saving is populated with + * the correct values in various password capture cases. + */ +add_task(function* test_save_change() { + let testCases = [{ + username: "username", + password: "password", + }, { + username: "", + password: "password", + }, { + username: "username", + oldPassword: "password", + password: "newPassword", + }, { + username: "", + oldPassword: "password", + password: "newPassword", + }]; + + for (let { username, oldPassword, password } of testCases) { + // Add a login for the origin of the form if testing a change notification. + if (oldPassword) { + Services.logins.addLogin(LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username, + password: oldPassword, + })); + } + + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: "https://example.com/browser/toolkit/components/" + + "passwordmgr/test/browser/form_basic.html", + }, function* (browser) { + // Submit the form in the content page with the credentials from the test + // case. This will cause the doorhanger notification to be displayed. + let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel, + "popupshown", + (event) => event.target == PopupNotifications.panel); + yield ContentTask.spawn(browser, [username, password], + function* ([contentUsername, contentPassword]) { + let doc = content.document; + doc.getElementById("form-basic-username").value = contentUsername; + doc.getElementById("form-basic-password").value = contentPassword; + doc.getElementById("form-basic").submit(); + }); + yield promiseShown; + let notificationElement = PopupNotifications.panel.childNodes[0]; + // Style flush to make sure binding is attached + notificationElement.querySelector("#password-notification-password").clientTop; + + // Check the actual content of the popup notification. + Assert.equal(notificationElement.querySelector("#password-notification-username") + .value, username); + Assert.equal(notificationElement.querySelector("#password-notification-password") + .value, password); + + // Simulate the action on the notification to request the login to be + // saved, and wait for the data to be updated or saved based on the type + // of operation we expect. + let expectedNotification = oldPassword ? "modifyLogin" : "addLogin"; + let promiseLogin = TestUtils.topicObserved("passwordmgr-storage-changed", + (_, data) => data == expectedNotification); + notificationElement.button.doCommand(); + let [result] = yield promiseLogin; + + // Check that the values in the database match the expected values. + let login = oldPassword ? result.QueryInterface(Ci.nsIArray) + .queryElementAt(1, Ci.nsILoginInfo) + : result.QueryInterface(Ci.nsILoginInfo); + Assert.equal(login.username, username); + Assert.equal(login.password, password); + }); + + // Clean up the database before the next test case is executed. + Services.logins.removeAllLogins(); + } +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_notifications_2.js b/toolkit/components/passwordmgr/test/browser/browser_notifications_2.js new file mode 100644 index 000000000..48c73b0e6 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_notifications_2.js @@ -0,0 +1,125 @@ +add_task(function* setup() { + yield SpecialPowers.pushPrefEnv({"set": [ + ["signon.rememberSignons.visibilityToggle", true] + ]}); +}); + +/** + * Test that the doorhanger main action button is disabled + * when the password field is empty. + * + * Also checks that submiting an empty password throws an error. + */ +add_task(function* test_empty_password() { + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: "https://example.com/browser/toolkit/components/" + + "passwordmgr/test/browser/form_basic.html", + }, function* (browser) { + // Submit the form in the content page with the credentials from the test + // case. This will cause the doorhanger notification to be displayed. + let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel, + "popupshown", + (event) => event.target == PopupNotifications.panel); + yield ContentTask.spawn(browser, null, + function* () { + let doc = content.document; + doc.getElementById("form-basic-username").value = "username"; + doc.getElementById("form-basic-password").value = "p"; + doc.getElementById("form-basic").submit(); + }); + yield promiseShown; + + let notificationElement = PopupNotifications.panel.childNodes[0]; + let passwordTextbox = notificationElement.querySelector("#password-notification-password"); + let toggleCheckbox = notificationElement.querySelector("#password-notification-visibilityToggle"); + + // Synthesize input to empty the field + passwordTextbox.focus(); + yield EventUtils.synthesizeKey("VK_RIGHT", {}); + yield EventUtils.synthesizeKey("VK_BACK_SPACE", {}); + + let mainActionButton = document.getAnonymousElementByAttribute(notificationElement.button, "anonid", "button"); + Assert.ok(mainActionButton.disabled, "Main action button is disabled"); + + // Makes sure submiting an empty password throws an error + Assert.throws(notificationElement.button.doCommand(), + "Can't add a login with a null or empty password.", + "Should fail for an empty password"); + }); +}); + +/** + * Test that the doorhanger password field shows plain or * text + * when the checkbox is checked. + */ +add_task(function* test_toggle_password() { + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: "https://example.com/browser/toolkit/components/" + + "passwordmgr/test/browser/form_basic.html", + }, function* (browser) { + // Submit the form in the content page with the credentials from the test + // case. This will cause the doorhanger notification to be displayed. + let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel, + "popupshown", + (event) => event.target == PopupNotifications.panel); + yield ContentTask.spawn(browser, null, + function* () { + let doc = content.document; + doc.getElementById("form-basic-username").value = "username"; + doc.getElementById("form-basic-password").value = "p"; + doc.getElementById("form-basic").submit(); + }); + yield promiseShown; + + let notificationElement = PopupNotifications.panel.childNodes[0]; + let passwordTextbox = notificationElement.querySelector("#password-notification-password"); + let toggleCheckbox = notificationElement.querySelector("#password-notification-visibilityToggle"); + + yield EventUtils.synthesizeMouseAtCenter(toggleCheckbox, {}); + Assert.ok(toggleCheckbox.checked); + Assert.equal(passwordTextbox.type, "", "Password textbox changed to plain text"); + + yield EventUtils.synthesizeMouseAtCenter(toggleCheckbox, {}); + Assert.ok(!toggleCheckbox.checked); + Assert.equal(passwordTextbox.type, "password", "Password textbox changed to * text"); + }); +}); + +/** + * Test that the doorhanger password toggle checkbox is disabled + * when the master password is set. + */ +add_task(function* test_checkbox_disabled_if_has_master_password() { + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: "https://example.com/browser/toolkit/components/" + + "passwordmgr/test/browser/form_basic.html", + }, function* (browser) { + // Submit the form in the content page with the credentials from the test + // case. This will cause the doorhanger notification to be displayed. + let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel, + "popupshown", + (event) => event.target == PopupNotifications.panel); + + LoginTestUtils.masterPassword.enable(); + + yield ContentTask.spawn(browser, null, function* () { + let doc = content.document; + doc.getElementById("form-basic-username").value = "username"; + doc.getElementById("form-basic-password").value = "p"; + doc.getElementById("form-basic").submit(); + }); + yield promiseShown; + + let notificationElement = PopupNotifications.panel.childNodes[0]; + let passwordTextbox = notificationElement.querySelector("#password-notification-password"); + let toggleCheckbox = notificationElement.querySelector("#password-notification-visibilityToggle"); + + Assert.equal(passwordTextbox.type, "password", "Password textbox should show * text"); + Assert.ok(toggleCheckbox.getAttribute("hidden"), "checkbox is hidden when master password is set"); + }); + + LoginTestUtils.masterPassword.disable(); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_notifications_password.js b/toolkit/components/passwordmgr/test/browser/browser_notifications_password.js new file mode 100644 index 000000000..8ac49dac5 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_notifications_password.js @@ -0,0 +1,145 @@ +/** + * Test changing the password inside the doorhanger notification for passwords. + * + * We check the following cases: + * - Editing the password of a new login. + * - Editing the password of an existing login. + * - Changing both username and password to an existing login. + * - Changing the username to an existing login. + * - Editing username to an empty one and a new password. + * + * If both the username and password matches an already existing login, we should not + * update it's password, but only it's usage timestamp and count. + */ +add_task(function* test_edit_password() { + let testCases = [{ + usernameInPage: "username", + passwordInPage: "password", + passwordChangedTo: "newPassword", + timesUsed: 1, + }, { + usernameInPage: "username", + usernameInPageExists: true, + passwordInPage: "password", + passwordInStorage: "oldPassword", + passwordChangedTo: "newPassword", + timesUsed: 2, + }, { + usernameInPage: "username", + usernameChangedTo: "newUsername", + usernameChangedToExists: true, + passwordInPage: "password", + passwordChangedTo: "newPassword", + timesUsed: 2, + }, { + usernameInPage: "username", + usernameChangedTo: "newUsername", + usernameChangedToExists: true, + passwordInPage: "password", + passwordChangedTo: "password", + timesUsed: 2, + checkPasswordNotUpdated: true, + }, { + usernameInPage: "newUsername", + usernameChangedTo: "", + usernameChangedToExists: true, + passwordInPage: "password", + passwordChangedTo: "newPassword", + timesUsed: 2, + }]; + + for (let testCase of testCases) { + info("Test case: " + JSON.stringify(testCase)); + + // Create the pre-existing logins when needed. + if (testCase.usernameInPageExists) { + Services.logins.addLogin(LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: testCase.usernameInPage, + password: testCase.passwordInStorage, + })); + } + + if (testCase.usernameChangedToExists) { + Services.logins.addLogin(LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: testCase.usernameChangedTo, + password: testCase.passwordChangedTo, + })); + } + + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: "https://example.com/browser/toolkit/components/" + + "passwordmgr/test/browser/form_basic.html", + }, function* (browser) { + // Submit the form in the content page with the credentials from the test + // case. This will cause the doorhanger notification to be displayed. + let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel, + "popupshown", + (event) => event.target == PopupNotifications.panel); + yield ContentTask.spawn(browser, testCase, + function* (contentTestCase) { + let doc = content.document; + doc.getElementById("form-basic-username").value = contentTestCase.usernameInPage; + doc.getElementById("form-basic-password").value = contentTestCase.passwordInPage; + doc.getElementById("form-basic").submit(); + }); + yield promiseShown; + let notificationElement = PopupNotifications.panel.childNodes[0]; + // Style flush to make sure binding is attached + notificationElement.querySelector("#password-notification-password").clientTop; + + // Modify the username in the dialog if requested. + if (testCase.usernameChangedTo) { + notificationElement.querySelector("#password-notification-username") + .value = testCase.usernameChangedTo; + } + + // Modify the password in the dialog if requested. + if (testCase.passwordChangedTo) { + notificationElement.querySelector("#password-notification-password") + .value = testCase.passwordChangedTo; + } + + // We expect a modifyLogin notification if the final username used by the + // dialog exists in the logins database, otherwise an addLogin one. + let expectModifyLogin = typeof testCase.usernameChangedTo !== "undefined" + ? testCase.usernameChangedToExists + : testCase.usernameInPageExists; + + // Simulate the action on the notification to request the login to be + // saved, and wait for the data to be updated or saved based on the type + // of operation we expect. + let expectedNotification = expectModifyLogin ? "modifyLogin" : "addLogin"; + let promiseLogin = TestUtils.topicObserved("passwordmgr-storage-changed", + (_, data) => data == expectedNotification); + notificationElement.button.doCommand(); + let [result] = yield promiseLogin; + + // Check that the values in the database match the expected values. + let login = expectModifyLogin ? result.QueryInterface(Ci.nsIArray) + .queryElementAt(1, Ci.nsILoginInfo) + : result.QueryInterface(Ci.nsILoginInfo); + + Assert.equal(login.username, testCase.usernameChangedTo || + testCase.usernameInPage); + Assert.equal(login.password, testCase.passwordChangedTo || + testCase.passwordInPage); + + let meta = login.QueryInterface(Ci.nsILoginMetaInfo); + Assert.equal(meta.timesUsed, testCase.timesUsed); + + // Check that the password was not updated if the user is empty + if (testCase.checkPasswordNotUpdated) { + Assert.ok(meta.timeLastUsed > meta.timeCreated); + Assert.ok(meta.timeCreated == meta.timePasswordChanged); + } + }); + + // Clean up the database before the next test case is executed. + Services.logins.removeAllLogins(); + } +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_notifications_username.js b/toolkit/components/passwordmgr/test/browser/browser_notifications_username.js new file mode 100644 index 000000000..2c9ea2607 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_notifications_username.js @@ -0,0 +1,119 @@ +/** + * Test changing the username inside the doorhanger notification for passwords. + * + * We have to test combination of existing and non-existing logins both for + * the original one from the webpage and the final one used by the dialog. + * + * We also check switching to and from empty usernames. + */ +add_task(function* test_edit_username() { + let testCases = [{ + usernameInPage: "username", + usernameChangedTo: "newUsername", + }, { + usernameInPage: "username", + usernameInPageExists: true, + usernameChangedTo: "newUsername", + }, { + usernameInPage: "username", + usernameChangedTo: "newUsername", + usernameChangedToExists: true, + }, { + usernameInPage: "username", + usernameInPageExists: true, + usernameChangedTo: "newUsername", + usernameChangedToExists: true, + }, { + usernameInPage: "", + usernameChangedTo: "newUsername", + }, { + usernameInPage: "newUsername", + usernameChangedTo: "", + }, { + usernameInPage: "", + usernameChangedTo: "newUsername", + usernameChangedToExists: true, + }, { + usernameInPage: "newUsername", + usernameChangedTo: "", + usernameChangedToExists: true, + }]; + + for (let testCase of testCases) { + info("Test case: " + JSON.stringify(testCase)); + + // Create the pre-existing logins when needed. + if (testCase.usernameInPageExists) { + Services.logins.addLogin(LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: testCase.usernameInPage, + password: "old password", + })); + } + + if (testCase.usernameChangedToExists) { + Services.logins.addLogin(LoginTestUtils.testData.formLogin({ + hostname: "https://example.com", + formSubmitURL: "https://example.com", + username: testCase.usernameChangedTo, + password: "old password", + })); + } + + yield BrowserTestUtils.withNewTab({ + gBrowser, + url: "https://example.com/browser/toolkit/components/" + + "passwordmgr/test/browser/form_basic.html", + }, function* (browser) { + // Submit the form in the content page with the credentials from the test + // case. This will cause the doorhanger notification to be displayed. + let promiseShown = BrowserTestUtils.waitForEvent(PopupNotifications.panel, + "popupshown", + (event) => event.target == PopupNotifications.panel); + yield ContentTask.spawn(browser, testCase.usernameInPage, + function* (usernameInPage) { + let doc = content.document; + doc.getElementById("form-basic-username").value = usernameInPage; + doc.getElementById("form-basic-password").value = "password"; + doc.getElementById("form-basic").submit(); + }); + yield promiseShown; + let notificationElement = PopupNotifications.panel.childNodes[0]; + // Style flush to make sure binding is attached + notificationElement.querySelector("#password-notification-password").clientTop; + + // Modify the username in the dialog if requested. + if (testCase.usernameChangedTo) { + notificationElement.querySelector("#password-notification-username") + .value = testCase.usernameChangedTo; + } + + // We expect a modifyLogin notification if the final username used by the + // dialog exists in the logins database, otherwise an addLogin one. + let expectModifyLogin = testCase.usernameChangedTo + ? testCase.usernameChangedToExists + : testCase.usernameInPageExists; + + // Simulate the action on the notification to request the login to be + // saved, and wait for the data to be updated or saved based on the type + // of operation we expect. + let expectedNotification = expectModifyLogin ? "modifyLogin" : "addLogin"; + let promiseLogin = TestUtils.topicObserved("passwordmgr-storage-changed", + (_, data) => data == expectedNotification); + notificationElement.button.doCommand(); + let [result] = yield promiseLogin; + + // Check that the values in the database match the expected values. + let login = expectModifyLogin ? result.QueryInterface(Ci.nsIArray) + .queryElementAt(1, Ci.nsILoginInfo) + : result.QueryInterface(Ci.nsILoginInfo); + Assert.equal(login.username, testCase.usernameChangedTo || + testCase.usernameInPage); + Assert.equal(login.password, "password"); + }); + + // Clean up the database before the next test case is executed. + Services.logins.removeAllLogins(); + } +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_contextmenu.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_contextmenu.js new file mode 100644 index 000000000..ece2b731f --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_contextmenu.js @@ -0,0 +1,100 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +function test() { + waitForExplicitFinish(); + + Services.logins.removeAllLogins(); + + // Add some initial logins + let urls = [ + "http://example.com/", + "http://mozilla.org/", + "http://spreadfirefox.com/", + "https://support.mozilla.org/", + "http://hg.mozilla.org/" + ]; + let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + let logins = [ + new nsLoginInfo(urls[0], urls[0], null, "", "o hai", "u1", "p1"), + new nsLoginInfo(urls[1], urls[1], null, "ehsan", "coded", "u2", "p2"), + new nsLoginInfo(urls[2], urls[2], null, "this", "awesome", "u3", "p3"), + new nsLoginInfo(urls[3], urls[3], null, "array of", "logins", "u4", "p4"), + new nsLoginInfo(urls[4], urls[4], null, "then", "i wrote the test", "u5", "p5") + ]; + logins.forEach(login => Services.logins.addLogin(login)); + + // Open the password manager dialog + const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul"; + let pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", ""); + SimpleTest.waitForFocus(doTest, pwmgrdlg); + + // Test if "Copy Username" and "Copy Password" works + function doTest() { + let doc = pwmgrdlg.document; + let selection = doc.getElementById("signonsTree").view.selection; + let menuitem = doc.getElementById("context-copyusername"); + + function copyField() { + info("Select all"); + selection.selectAll(); + assertMenuitemEnabled("copyusername", false); + assertMenuitemEnabled("editusername", false); + assertMenuitemEnabled("copypassword", false); + assertMenuitemEnabled("editpassword", false); + + info("Select the first row (with an empty username)"); + selection.select(0); + assertMenuitemEnabled("copyusername", false, "empty username"); + assertMenuitemEnabled("editusername", true); + assertMenuitemEnabled("copypassword", true); + assertMenuitemEnabled("editpassword", false, "password column hidden"); + + info("Clear the selection"); + selection.clearSelection(); + assertMenuitemEnabled("copyusername", false); + assertMenuitemEnabled("editusername", false); + assertMenuitemEnabled("copypassword", false); + assertMenuitemEnabled("editpassword", false); + + info("Select the third row and making the password column visible"); + selection.select(2); + doc.getElementById("passwordCol").hidden = false; + assertMenuitemEnabled("copyusername", true); + assertMenuitemEnabled("editusername", true); + assertMenuitemEnabled("copypassword", true); + assertMenuitemEnabled("editpassword", true, "password column visible"); + menuitem.doCommand(); + } + + function assertMenuitemEnabled(idSuffix, expected, reason = "") { + doc.defaultView.UpdateContextMenu(); + let actual = !doc.getElementById("context-" + idSuffix).getAttribute("disabled"); + is(actual, expected, idSuffix + " should be " + (expected ? "enabled" : "disabled") + + (reason ? ": " + reason : "")); + } + + function cleanUp() { + Services.ww.registerNotification(function (aSubject, aTopic, aData) { + Services.ww.unregisterNotification(arguments.callee); + Services.logins.removeAllLogins(); + doc.getElementById("passwordCol").hidden = true; + finish(); + }); + pwmgrdlg.close(); + } + + function testPassword() { + info("Testing Copy Password"); + waitForClipboard("coded", function copyPassword() { + menuitem = doc.getElementById("context-copypassword"); + menuitem.doCommand(); + }, cleanUp, cleanUp); + } + + info("Testing Copy Username"); + waitForClipboard("ehsan", copyField, testPassword, testPassword); + } +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_editing.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_editing.js new file mode 100644 index 000000000..2b2e42273 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_editing.js @@ -0,0 +1,126 @@ +const { ContentTaskUtils } = Cu.import("resource://testing-common/ContentTaskUtils.jsm", {}); +const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul"; + +var doc; +var pwmgr; +var pwmgrdlg; +var signonsTree; + +function addLogin(site, username, password) { + let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + let login = new nsLoginInfo(site, site, null, username, password, "u", "p"); + Services.logins.addLogin(login); +} + +function getUsername(row) { + return signonsTree.view.getCellText(row, signonsTree.columns.getNamedColumn("userCol")); +} + +function getPassword(row) { + return signonsTree.view.getCellText(row, signonsTree.columns.getNamedColumn("passwordCol")); +} + +function synthesizeDblClickOnCell(aTree, column, row) { + let tbo = aTree.treeBoxObject; + let rect = tbo.getCoordsForCellItem(row, aTree.columns[column], "text"); + let x = rect.x + rect.width / 2; + let y = rect.y + rect.height / 2; + // Simulate the double click. + EventUtils.synthesizeMouse(aTree.body, x, y, { clickCount: 2 }, + aTree.ownerDocument.defaultView); +} + +function* togglePasswords() { + pwmgrdlg.document.querySelector("#togglePasswords").doCommand(); + yield new Promise(resolve => waitForFocus(resolve, pwmgrdlg)); +} + +function* editUsernamePromises(site, oldUsername, newUsername) { + is(Services.logins.findLogins({}, site, "", "").length, 1, "Correct login found"); + let login = Services.logins.findLogins({}, site, "", "")[0]; + is(login.username, oldUsername, "Correct username saved"); + is(getUsername(0), oldUsername, "Correct username shown"); + synthesizeDblClickOnCell(signonsTree, 1, 0); + yield ContentTaskUtils.waitForCondition(() => signonsTree.getAttribute("editing"), + "Waiting for editing"); + + EventUtils.sendString(newUsername, pwmgrdlg); + let signonsIntro = doc.querySelector("#signonsIntro"); + EventUtils.sendMouseEvent({type: "click"}, signonsIntro, pwmgrdlg); + yield ContentTaskUtils.waitForCondition(() => !signonsTree.getAttribute("editing"), + "Waiting for editing to stop"); + + is(Services.logins.findLogins({}, site, "", "").length, 1, "Correct login replaced"); + login = Services.logins.findLogins({}, site, "", "")[0]; + is(login.username, newUsername, "Correct username updated"); + is(getUsername(0), newUsername, "Correct username shown after the update"); +} + +function* editPasswordPromises(site, oldPassword, newPassword) { + is(Services.logins.findLogins({}, site, "", "").length, 1, "Correct login found"); + let login = Services.logins.findLogins({}, site, "", "")[0]; + is(login.password, oldPassword, "Correct password saved"); + is(getPassword(0), oldPassword, "Correct password shown"); + + synthesizeDblClickOnCell(signonsTree, 2, 0); + yield ContentTaskUtils.waitForCondition(() => signonsTree.getAttribute("editing"), + "Waiting for editing"); + + EventUtils.sendString(newPassword, pwmgrdlg); + let signonsIntro = doc.querySelector("#signonsIntro"); + EventUtils.sendMouseEvent({type: "click"}, signonsIntro, pwmgrdlg); + yield ContentTaskUtils.waitForCondition(() => !signonsTree.getAttribute("editing"), + "Waiting for editing to stop"); + + is(Services.logins.findLogins({}, site, "", "").length, 1, "Correct login replaced"); + login = Services.logins.findLogins({}, site, "", "")[0]; + is(login.password, newPassword, "Correct password updated"); + is(getPassword(0), newPassword, "Correct password shown after the update"); +} + +add_task(function* test_setup() { + registerCleanupFunction(function() { + Services.logins.removeAllLogins(); + }); + + Services.logins.removeAllLogins(); + // Open the password manager dialog. + pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", ""); + + Services.ww.registerNotification(function (aSubject, aTopic, aData) { + if (aTopic == "domwindowopened") { + let win = aSubject.QueryInterface(Ci.nsIDOMEventTarget); + SimpleTest.waitForFocus(function() { + EventUtils.sendKey("RETURN", win); + }, win); + } else if (aSubject.location == pwmgrdlg.location && aTopic == "domwindowclosed") { + // Unregister ourself. + Services.ww.unregisterNotification(arguments.callee); + } + }); + + yield new Promise((resolve) => { + SimpleTest.waitForFocus(() => { + doc = pwmgrdlg.document; + signonsTree = doc.querySelector("#signonsTree"); + resolve(); + }, pwmgrdlg); + }); +}); + +add_task(function* test_edit_multiple_logins() { + function* testLoginChange(site, oldUsername, oldPassword, newUsername, newPassword) { + addLogin(site, oldUsername, oldPassword); + yield* editUsernamePromises(site, oldUsername, newUsername); + yield* togglePasswords(); + yield* editPasswordPromises(site, oldPassword, newPassword); + yield* togglePasswords(); + } + + yield* testLoginChange("http://c.tn/", "userC", "passC", "usernameC", "passwordC"); + yield* testLoginChange("http://b.tn/", "userB", "passB", "usernameB", "passwordB"); + yield* testLoginChange("http://a.tn/", "userA", "passA", "usernameA", "passwordA"); + + pwmgrdlg.close(); +}); diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_fields.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_fields.js new file mode 100644 index 000000000..95bcee9ed --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_fields.js @@ -0,0 +1,65 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +function test() { + waitForExplicitFinish(); + + let pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + pwmgr.removeAllLogins(); + + // add login data + let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + let login = new nsLoginInfo("http://example.com/", "http://example.com/", null, + "user", "password", "u1", "p1"); + pwmgr.addLogin(login); + + // Open the password manager dialog + const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul"; + let pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", ""); + SimpleTest.waitForFocus(doTest, pwmgrdlg); + + function doTest() { + let doc = pwmgrdlg.document; + + let signonsTree = doc.querySelector("#signonsTree"); + is(signonsTree.view.rowCount, 1, "One entry in the passwords list"); + + is(signonsTree.view.getCellText(0, signonsTree.columns.getNamedColumn("siteCol")), + "http://example.com/", + "Correct website saved"); + + is(signonsTree.view.getCellText(0, signonsTree.columns.getNamedColumn("userCol")), + "user", + "Correct user saved"); + + let timeCreatedCol = doc.getElementById("timeCreatedCol"); + is(timeCreatedCol.getAttribute("hidden"), "true", + "Time created column is not displayed"); + + + let timeLastUsedCol = doc.getElementById("timeLastUsedCol"); + is(timeLastUsedCol.getAttribute("hidden"), "true", + "Last Used column is not displayed"); + + let timePasswordChangedCol = doc.getElementById("timePasswordChangedCol"); + is(timePasswordChangedCol.getAttribute("hidden"), "", + "Last Changed column is displayed"); + + // cleanup + Services.ww.registerNotification(function (aSubject, aTopic, aData) { + if (aSubject.location == pwmgrdlg.location && aTopic == "domwindowclosed") { + // unregister ourself + Services.ww.unregisterNotification(arguments.callee); + + pwmgr.removeAllLogins(); + + finish(); + } + }); + + pwmgrdlg.close(); + } +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_observers.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_observers.js new file mode 100644 index 000000000..1dc7076aa --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_observers.js @@ -0,0 +1,129 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +function test() { + waitForExplicitFinish(); + + const LOGIN_HOST = "http://example.com"; + const LOGIN_COUNT = 5; + + let nsLoginInfo = new Components.Constructor( + "@mozilla.org/login-manager/loginInfo;1", Ci.nsILoginInfo, "init"); + let pmDialog = window.openDialog( + "chrome://passwordmgr/content/passwordManager.xul", + "Toolkit:PasswordManager", ""); + + let logins = []; + let loginCounter = 0; + let loginOrder = null; + let modifiedLogin; + let testNumber = 0; + let testObserver = { + observe: function (subject, topic, data) { + if (topic == "passwordmgr-dialog-updated") { + switch (testNumber) { + case 1: + case 2: + case 3: + case 4: + case 5: + is(countLogins(), loginCounter, "Verify login added"); + ok(getLoginOrder().startsWith(loginOrder), "Verify login order"); + runNextTest(); + break; + case 6: + is(countLogins(), loginCounter, "Verify login count"); + is(getLoginOrder(), loginOrder, "Verify login order"); + is(getLoginPassword(), "newpassword0", "Verify login modified"); + runNextTest(); + break; + case 7: + is(countLogins(), loginCounter, "Verify login removed"); + ok(loginOrder.endsWith(getLoginOrder()), "Verify login order"); + runNextTest(); + break; + case 8: + is(countLogins(), 0, "Verify all logins removed"); + runNextTest(); + break; + } + } + } + }; + + SimpleTest.waitForFocus(startTest, pmDialog); + + function createLogins() { + let login; + for (let i = 0; i < LOGIN_COUNT; i++) { + login = new nsLoginInfo(LOGIN_HOST + "?n=" + i, LOGIN_HOST + "?n=" + i, + null, "user" + i, "password" + i, "u" + i, "p" + i); + logins.push(login); + } + modifiedLogin = new nsLoginInfo(LOGIN_HOST + "?n=0", LOGIN_HOST + "?n=0", + null, "user0", "newpassword0", "u0", "p0"); + is(logins.length, LOGIN_COUNT, "Verify logins created"); + } + + function countLogins() { + let doc = pmDialog.document; + let signonsTree = doc.getElementById("signonsTree"); + return signonsTree.view.rowCount; + } + + function getLoginOrder() { + let doc = pmDialog.document; + let signonsTree = doc.getElementById("signonsTree"); + let column = signonsTree.columns[0]; // host column + let order = []; + for (let i = 0; i < signonsTree.view.rowCount; i++) { + order.push(signonsTree.view.getCellText(i, column)); + } + return order.join(','); + } + + function getLoginPassword() { + let doc = pmDialog.document; + let loginsTree = doc.getElementById("signonsTree"); + let column = loginsTree.columns[2]; // password column + return loginsTree.view.getCellText(0, column); + } + + function startTest() { + Services.obs.addObserver( + testObserver, "passwordmgr-dialog-updated", false); + is(countLogins(), 0, "Verify starts with 0 logins"); + createLogins(); + runNextTest(); + } + + function runNextTest() { + switch (++testNumber) { + case 1: // add the logins + for (let i = 0; i < logins.length; i++) { + loginCounter++; + loginOrder = getLoginOrder(); + Services.logins.addLogin(logins[i]); + } + break; + case 6: // modify a login + loginOrder = getLoginOrder(); + Services.logins.modifyLogin(logins[0], modifiedLogin); + break; + case 7: // remove a login + loginCounter--; + loginOrder = getLoginOrder(); + Services.logins.removeLogin(modifiedLogin); + break; + case 8: // remove all logins + Services.logins.removeAllLogins(); + break; + case 9: // finish + Services.obs.removeObserver( + testObserver, "passwordmgr-dialog-updated", false); + pmDialog.close(); + finish(); + break; + } + } +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_sort.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_sort.js new file mode 100644 index 000000000..83272a9c4 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_sort.js @@ -0,0 +1,208 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +function test() { + waitForExplicitFinish(); + + let pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + pwmgr.removeAllLogins(); + + // Add some initial logins + let urls = [ + "http://example.com/", + "http://example.org/", + "http://mozilla.com/", + "http://mozilla.org/", + "http://spreadfirefox.com/", + "http://planet.mozilla.org/", + "https://developer.mozilla.org/", + "http://hg.mozilla.org/", + "http://dxr.mozilla.org/", + "http://feeds.mozilla.org/", + ]; + let users = [ + "user", + "username", + "ehsan", + "ehsan", + "john", + "what?", + "really?", + "you sure?", + "my user name", + "my username", + ]; + let pwds = [ + "password", + "password", + "mypass", + "mypass", + "smith", + "very secret", + "super secret", + "absolutely", + "mozilla", + "mozilla.com", + ]; + let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + for (let i = 0; i < 10; i++) + pwmgr.addLogin(new nsLoginInfo(urls[i], urls[i], null, users[i], pwds[i], + "u" + (i + 1), "p" + (i + 1))); + + // Open the password manager dialog + const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul"; + let pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", ""); + SimpleTest.waitForFocus(doTest, pwmgrdlg); + + // the meat of the test + function doTest() { + let doc = pwmgrdlg.document; + let win = doc.defaultView; + let sTree = doc.getElementById("signonsTree"); + let filter = doc.getElementById("filter"); + let siteCol = doc.getElementById("siteCol"); + let userCol = doc.getElementById("userCol"); + let passwordCol = doc.getElementById("passwordCol"); + + let toggleCalls = 0; + function toggleShowPasswords(func) { + let toggleButton = doc.getElementById("togglePasswords"); + let showMode = (toggleCalls++ % 2) == 0; + + // only watch for a confirmation dialog every other time being called + if (showMode) { + Services.ww.registerNotification(function (aSubject, aTopic, aData) { + if (aTopic == "domwindowclosed") + Services.ww.unregisterNotification(arguments.callee); + else if (aTopic == "domwindowopened") { + let targetWin = aSubject.QueryInterface(Ci.nsIDOMEventTarget); + SimpleTest.waitForFocus(function() { + EventUtils.sendKey("RETURN", targetWin); + }, targetWin); + } + }); + } + + Services.obs.addObserver(function (aSubject, aTopic, aData) { + if (aTopic == "passwordmgr-password-toggle-complete") { + Services.obs.removeObserver(arguments.callee, aTopic); + func(); + } + }, "passwordmgr-password-toggle-complete", false); + + EventUtils.synthesizeMouse(toggleButton, 1, 1, {}, win); + } + + function clickCol(col) { + EventUtils.synthesizeMouse(col, 20, 1, {}, win); + setTimeout(runNextTest, 0); + } + + function setFilter(string) { + filter.value = string; + filter.doCommand(); + setTimeout(runNextTest, 0); + } + + function checkSortMarkers(activeCol) { + let isOk = true; + let col = null; + let hasAttr = false; + let treecols = activeCol.parentNode; + for (let i = 0; i < treecols.childNodes.length; i++) { + col = treecols.childNodes[i]; + if (col.nodeName != "treecol") + continue; + hasAttr = col.hasAttribute("sortDirection"); + isOk &= col == activeCol ? hasAttr : !hasAttr; + } + ok(isOk, "Only " + activeCol.id + " has a sort marker"); + } + + function checkSortDirection(col, ascending) { + checkSortMarkers(col); + let direction = ascending ? "ascending" : "descending"; + is(col.getAttribute("sortDirection"), direction, + col.id + ": sort direction is " + direction); + } + + function checkColumnEntries(aCol, expectedValues) { + let actualValues = getColumnEntries(aCol); + is(actualValues.length, expectedValues.length, "Checking length of expected column"); + for (let i = 0; i < expectedValues.length; i++) + is(actualValues[i], expectedValues[i], "Checking column entry #" + i); + } + + function getColumnEntries(aCol) { + let entries = []; + let column = sTree.columns[aCol]; + let numRows = sTree.view.rowCount; + for (let i = 0; i < numRows; i++) + entries.push(sTree.view.getCellText(i, column)); + return entries; + } + + let testCounter = 0; + let expectedValues; + function runNextTest() { + switch (testCounter++) { + case 0: + expectedValues = urls.slice().sort(); + checkColumnEntries(0, expectedValues); + checkSortDirection(siteCol, true); + // Toggle sort direction on Host column + clickCol(siteCol); + break; + case 1: + expectedValues.reverse(); + checkColumnEntries(0, expectedValues); + checkSortDirection(siteCol, false); + // Sort by Username + clickCol(userCol); + break; + case 2: + expectedValues = users.slice().sort(); + checkColumnEntries(1, expectedValues); + checkSortDirection(userCol, true); + // Sort by Password + clickCol(passwordCol); + break; + case 3: + expectedValues = pwds.slice().sort(); + checkColumnEntries(2, expectedValues); + checkSortDirection(passwordCol, true); + // Set filter + setFilter("moz"); + break; + case 4: + expectedValues = [ "absolutely", "mozilla", "mozilla.com", + "mypass", "mypass", "super secret", + "very secret" ]; + checkColumnEntries(2, expectedValues); + checkSortDirection(passwordCol, true); + // Reset filter + setFilter(""); + break; + case 5: + expectedValues = pwds.slice().sort(); + checkColumnEntries(2, expectedValues); + checkSortDirection(passwordCol, true); + // cleanup + Services.ww.registerNotification(function (aSubject, aTopic, aData) { + // unregister ourself + Services.ww.unregisterNotification(arguments.callee); + + pwmgr.removeAllLogins(); + finish(); + }); + pwmgrdlg.close(); + } + } + + // Toggle Show Passwords to display Password column, then start tests + toggleShowPasswords(runNextTest); + } +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_switchtab.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_switchtab.js new file mode 100644 index 000000000..bd4f265b5 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgr_switchtab.js @@ -0,0 +1,42 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +const PROMPT_URL = "chrome://global/content/commonDialog.xul"; +var { interfaces: Ci } = Components; + +function test() { + waitForExplicitFinish(); + + let tab = gBrowser.addTab(); + isnot(tab, gBrowser.selectedTab, "New tab shouldn't be selected"); + + let listener = { + onOpenWindow: function(window) { + var domwindow = window.QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIDOMWindow); + waitForFocus(() => { + is(domwindow.document.location.href, PROMPT_URL, "Should have seen a prompt window"); + is(domwindow.args.promptType, "promptUserAndPass", "Should be an authenticate prompt"); + + is(gBrowser.selectedTab, tab, "Should have selected the new tab"); + + domwindow.document.documentElement.cancelDialog(); + }, domwindow); + }, + + onCloseWindow: function() { + } + }; + + Services.wm.addListener(listener); + registerCleanupFunction(() => { + Services.wm.removeListener(listener); + gBrowser.removeTab(tab); + }); + + tab.linkedBrowser.addEventListener("load", () => { + finish(); + }, true); + tab.linkedBrowser.loadURI("http://example.com/browser/toolkit/components/passwordmgr/test/browser/authenticate.sjs"); +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_passwordmgrdlg.js b/toolkit/components/passwordmgr/test/browser/browser_passwordmgrdlg.js new file mode 100644 index 000000000..57cfa9f83 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_passwordmgrdlg.js @@ -0,0 +1,192 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +function test() { + waitForExplicitFinish(); + + let pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + pwmgr.removeAllLogins(); + + // Add some initial logins + let urls = [ + "http://example.com/", + "http://example.org/", + "http://mozilla.com/", + "http://mozilla.org/", + "http://spreadfirefox.com/", + "http://planet.mozilla.org/", + "https://developer.mozilla.org/", + "http://hg.mozilla.org/", + "http://dxr.mozilla.org/", + "http://feeds.mozilla.org/", + ]; + let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + let logins = [ + new nsLoginInfo(urls[0], urls[0], null, "user", "password", "u1", "p1"), + new nsLoginInfo(urls[1], urls[1], null, "username", "password", "u2", "p2"), + new nsLoginInfo(urls[2], urls[2], null, "ehsan", "mypass", "u3", "p3"), + new nsLoginInfo(urls[3], urls[3], null, "ehsan", "mypass", "u4", "p4"), + new nsLoginInfo(urls[4], urls[4], null, "john", "smith", "u5", "p5"), + new nsLoginInfo(urls[5], urls[5], null, "what?", "very secret", "u6", "p6"), + new nsLoginInfo(urls[6], urls[6], null, "really?", "super secret", "u7", "p7"), + new nsLoginInfo(urls[7], urls[7], null, "you sure?", "absolutely", "u8", "p8"), + new nsLoginInfo(urls[8], urls[8], null, "my user name", "mozilla", "u9", "p9"), + new nsLoginInfo(urls[9], urls[9], null, "my username", "mozilla.com", "u10", "p10"), + ]; + logins.forEach(login => pwmgr.addLogin(login)); + + // Open the password manager dialog + const PWMGR_DLG = "chrome://passwordmgr/content/passwordManager.xul"; + let pwmgrdlg = window.openDialog(PWMGR_DLG, "Toolkit:PasswordManager", ""); + SimpleTest.waitForFocus(doTest, pwmgrdlg); + + // the meat of the test + function doTest() { + let doc = pwmgrdlg.document; + let win = doc.defaultView; + let filter = doc.getElementById("filter"); + let tree = doc.getElementById("signonsTree"); + let view = tree.view; + + is(filter.value, "", "Filter box should initially be empty"); + is(view.rowCount, 10, "There should be 10 passwords initially"); + + // Prepare a set of tests + // filter: the text entered in the filter search box + // count: the number of logins which should match the respective filter + // count2: the number of logins which should match the respective filter + // if the passwords are being shown as well + // Note: if a test doesn't have count2 set, count is used instead. + let tests = [ + {filter: "pass", count: 0, count2: 4}, + {filter: "", count: 10}, // test clearing the filter + {filter: "moz", count: 7}, + {filter: "mozi", count: 7}, + {filter: "mozil", count: 7}, + {filter: "mozill", count: 7}, + {filter: "mozilla", count: 7}, + {filter: "mozilla.com", count: 1, count2: 2}, + {filter: "user", count: 4}, + {filter: "user ", count: 1}, + {filter: " user", count: 2}, + {filter: "http", count: 10}, + {filter: "https", count: 1}, + {filter: "secret", count: 0, count2: 2}, + {filter: "secret!", count: 0}, + ]; + + let toggleCalls = 0; + function toggleShowPasswords(func) { + let toggleButton = doc.getElementById("togglePasswords"); + let showMode = (toggleCalls++ % 2) == 0; + + // only watch for a confirmation dialog every other time being called + if (showMode) { + Services.ww.registerNotification(function (aSubject, aTopic, aData) { + if (aTopic == "domwindowclosed") + Services.ww.unregisterNotification(arguments.callee); + else if (aTopic == "domwindowopened") { + let targetWin = aSubject.QueryInterface(Ci.nsIDOMEventTarget); + SimpleTest.waitForFocus(function() { + EventUtils.sendKey("RETURN", targetWin); + }, targetWin); + } + }); + } + + Services.obs.addObserver(function (aSubject, aTopic, aData) { + if (aTopic == "passwordmgr-password-toggle-complete") { + Services.obs.removeObserver(arguments.callee, aTopic); + func(); + } + }, "passwordmgr-password-toggle-complete", false); + + EventUtils.synthesizeMouse(toggleButton, 1, 1, {}, win); + } + + function runTests(mode, endFunction) { + let testCounter = 0; + + function setFilter(string) { + filter.value = string; + filter.doCommand(); + } + + function runOneTest(testCase) { + function tester() { + is(view.rowCount, expected, expected + " logins should match '" + testCase.filter + "'"); + } + + let expected; + switch (mode) { + case 1: // without showing passwords + expected = testCase.count; + break; + case 2: // showing passwords + expected = ("count2" in testCase) ? testCase.count2 : testCase.count; + break; + case 3: // toggle + expected = testCase.count; + tester(); + toggleShowPasswords(function () { + expected = ("count2" in testCase) ? testCase.count2 : testCase.count; + tester(); + toggleShowPasswords(proceed); + }); + return; + } + tester(); + proceed(); + } + + function proceed() { + // run the next test if necessary or proceed with the tests + if (testCounter != tests.length) + runNextTest(); + else + endFunction(); + } + + function runNextTest() { + let testCase = tests[testCounter++]; + setFilter(testCase.filter); + setTimeout(runOneTest, 0, testCase); + } + + runNextTest(); + } + + function step1() { + runTests(1, step2); + } + + function step2() { + toggleShowPasswords(function() { + runTests(2, step3); + }); + } + + function step3() { + toggleShowPasswords(function() { + runTests(3, lastStep); + }); + } + + function lastStep() { + // cleanup + Services.ww.registerNotification(function (aSubject, aTopic, aData) { + // unregister ourself + Services.ww.unregisterNotification(arguments.callee); + + pwmgr.removeAllLogins(); + finish(); + }); + pwmgrdlg.close(); + } + + step1(); + } +} diff --git a/toolkit/components/passwordmgr/test/browser/browser_username_select_dialog.js b/toolkit/components/passwordmgr/test/browser/browser_username_select_dialog.js new file mode 100644 index 000000000..8df89b510 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/browser_username_select_dialog.js @@ -0,0 +1,144 @@ +/* + * Test username selection dialog, on password update from a p-only form, + * when there are multiple saved logins on the domain. + */ + +// Copied from prompt_common.js. TODO: share the code. +function getSelectDialogDoc() { + // Trudge through all the open windows, until we find the one + // that has selectDialog.xul loaded. + var wm = Cc["@mozilla.org/appshell/window-mediator;1"]. + getService(Ci.nsIWindowMediator); + // var enumerator = wm.getEnumerator("navigator:browser"); + var enumerator = wm.getXULWindowEnumerator(null); + + while (enumerator.hasMoreElements()) { + var win = enumerator.getNext(); + var windowDocShell = win.QueryInterface(Ci.nsIXULWindow).docShell; + + var containedDocShells = windowDocShell.getDocShellEnumerator( + Ci.nsIDocShellTreeItem.typeChrome, + Ci.nsIDocShell.ENUMERATE_FORWARDS); + while (containedDocShells.hasMoreElements()) { + // Get the corresponding document for this docshell + var childDocShell = containedDocShells.getNext(); + // We don't want it if it's not done loading. + if (childDocShell.busyFlags != Ci.nsIDocShell.BUSY_FLAGS_NONE) + continue; + var childDoc = childDocShell.QueryInterface(Ci.nsIDocShell) + .contentViewer + .DOMDocument; + + if (childDoc.location.href == "chrome://global/content/selectDialog.xul") + return childDoc; + } + } + + return null; +} + +let nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); +let login1 = new nsLoginInfo("http://example.com", "http://example.com", null, + "notifyu1", "notifyp1", "user", "pass"); +let login1B = new nsLoginInfo("http://example.com", "http://example.com", null, + "notifyu1B", "notifyp1B", "user", "pass"); + +add_task(function* test_changeUPLoginOnPUpdateForm_accept() { + info("Select an u+p login from multiple logins, on password update form, and accept."); + Services.logins.addLogin(login1); + Services.logins.addLogin(login1B); + + yield testSubmittingLoginForm("subtst_notifications_change_p.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "pass2", "Checking submitted password"); + + yield ContentTaskUtils.waitForCondition(() => { + return getSelectDialogDoc(); + }, "Wait for selection dialog to be accessible."); + + let doc = getSelectDialogDoc(); + let dialog = doc.getElementsByTagName("dialog")[0]; + let listbox = doc.getElementById("list"); + + is(listbox.selectedIndex, 0, "Checking selected index"); + is(listbox.itemCount, 2, "Checking selected length"); + ['notifyu1', 'notifyu1B'].forEach((username, i) => { + is(listbox.getItemAtIndex(i).label, username, "Check username selection on dialog"); + }); + + dialog.acceptDialog(); + + yield ContentTaskUtils.waitForCondition(() => { + return !getSelectDialogDoc(); + }, "Wait for selection dialog to disappear."); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 2, "Should have 2 logins"); + + let login = SpecialPowers.wrap(logins[0]).QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username unchanged"); + is(login.password, "pass2", "Check the password changed"); + is(login.timesUsed, 2, "Check times used"); + + login = SpecialPowers.wrap(logins[1]).QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1B", "Check the username unchanged"); + is(login.password, "notifyp1B", "Check the password unchanged"); + is(login.timesUsed, 1, "Check times used"); + + // cleanup + login1.password = "pass2"; + Services.logins.removeLogin(login1); + login1.password = "notifyp1"; + + Services.logins.removeLogin(login1B); +}); + +add_task(function* test_changeUPLoginOnPUpdateForm_cancel() { + info("Select an u+p login from multiple logins, on password update form, and cancel."); + Services.logins.addLogin(login1); + Services.logins.addLogin(login1B); + + yield testSubmittingLoginForm("subtst_notifications_change_p.html", function*(fieldValues) { + is(fieldValues.username, "null", "Checking submitted username"); + is(fieldValues.password, "pass2", "Checking submitted password"); + + yield ContentTaskUtils.waitForCondition(() => { + return getSelectDialogDoc(); + }, "Wait for selection dialog to be accessible."); + + let doc = getSelectDialogDoc(); + let dialog = doc.getElementsByTagName("dialog")[0]; + let listbox = doc.getElementById("list"); + + is(listbox.selectedIndex, 0, "Checking selected index"); + is(listbox.itemCount, 2, "Checking selected length"); + ['notifyu1', 'notifyu1B'].forEach((username, i) => { + is(listbox.getItemAtIndex(i).label, username, "Check username selection on dialog"); + }); + + dialog.cancelDialog(); + + yield ContentTaskUtils.waitForCondition(() => { + return !getSelectDialogDoc(); + }, "Wait for selection dialog to disappear."); + }); + + let logins = Services.logins.getAllLogins(); + is(logins.length, 2, "Should have 2 logins"); + + let login = SpecialPowers.wrap(logins[0]).QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1", "Check the username unchanged"); + is(login.password, "notifyp1", "Check the password unchanged"); + is(login.timesUsed, 1, "Check times used"); + + login = SpecialPowers.wrap(logins[1]).QueryInterface(Ci.nsILoginMetaInfo); + is(login.username, "notifyu1B", "Check the username unchanged"); + is(login.password, "notifyp1B", "Check the password unchanged"); + is(login.timesUsed, 1, "Check times used"); + + // cleanup + Services.logins.removeLogin(login1); + Services.logins.removeLogin(login1B); +}); diff --git a/toolkit/components/passwordmgr/test/browser/form_autofocus_js.html b/toolkit/components/passwordmgr/test/browser/form_autofocus_js.html new file mode 100644 index 000000000..76056e375 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/form_autofocus_js.html @@ -0,0 +1,10 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head> +<body onload="document.getElementById('form-basic-username').focus();"> +<!-- Username field is focused by js onload --> +<form id="form-basic"> + <input id="form-basic-username" name="username"> + <input id="form-basic-password" name="password" type="password"> + <input id="form-basic-submit" type="submit"> +</form> + +</body></html> diff --git a/toolkit/components/passwordmgr/test/browser/form_basic.html b/toolkit/components/passwordmgr/test/browser/form_basic.html new file mode 100644 index 000000000..df2083a93 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/form_basic.html @@ -0,0 +1,12 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head><body> +<!-- Any copyright is dedicated to the Public Domain. + - http://creativecommons.org/publicdomain/zero/1.0/ --> + +<!-- Simplest form with username and password fields. --> +<form id="form-basic"> + <input id="form-basic-username" name="username"> + <input id="form-basic-password" name="password" type="password"> + <input id="form-basic-submit" type="submit"> +</form> + +</body></html> diff --git a/toolkit/components/passwordmgr/test/browser/form_basic_iframe.html b/toolkit/components/passwordmgr/test/browser/form_basic_iframe.html new file mode 100644 index 000000000..616f56947 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/form_basic_iframe.html @@ -0,0 +1,13 @@ +<!DOCTYPE html> +<html> + +<head> + <meta charset="utf-8"> +</head> + +<body> + <!-- Form in an iframe --> + <iframe src="https://example.org/browser/toolkit/components/passwordmgr/test/browser/form_basic.html" id="test-iframe"></iframe> +</body> + +</html> diff --git a/toolkit/components/passwordmgr/test/browser/form_cross_origin_insecure_action.html b/toolkit/components/passwordmgr/test/browser/form_cross_origin_insecure_action.html new file mode 100644 index 000000000..e8aa8b215 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/form_cross_origin_insecure_action.html @@ -0,0 +1,12 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head><body> +<!-- Any copyright is dedicated to the Public Domain. + - http://creativecommons.org/publicdomain/zero/1.0/ --> + +<!-- Simplest form with username and password fields. --> +<form id="form-basic" action="http://another.domain/custom_action.html"> + <input id="form-basic-username" name="username"> + <input id="form-basic-password" name="password" type="password"> + <input id="form-basic-submit" type="submit"> +</form> + +</body></html> diff --git a/toolkit/components/passwordmgr/test/browser/form_cross_origin_secure_action.html b/toolkit/components/passwordmgr/test/browser/form_cross_origin_secure_action.html new file mode 100644 index 000000000..892a9f6f6 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/form_cross_origin_secure_action.html @@ -0,0 +1,12 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head><body> +<!-- Any copyright is dedicated to the Public Domain. + - http://creativecommons.org/publicdomain/zero/1.0/ --> + +<!-- Simplest form with username and password fields. --> +<form id="form-basic" action="https://another.domain/custom_action.html"> + <input id="form-basic-username" name="username"> + <input id="form-basic-password" name="password" type="password"> + <input id="form-basic-submit" type="submit"> +</form> + +</body></html> diff --git a/toolkit/components/passwordmgr/test/browser/form_same_origin_action.html b/toolkit/components/passwordmgr/test/browser/form_same_origin_action.html new file mode 100644 index 000000000..8f0c9a14e --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/form_same_origin_action.html @@ -0,0 +1,12 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head><body> +<!-- Any copyright is dedicated to the Public Domain. + - http://creativecommons.org/publicdomain/zero/1.0/ --> + +<!-- Simplest form with username and password fields. --> +<form id="form-basic" action="./custom_action.html"> + <input id="form-basic-username" name="username"> + <input id="form-basic-password" name="password" type="password"> + <input id="form-basic-submit" type="submit"> +</form> + +</body></html> diff --git a/toolkit/components/passwordmgr/test/browser/formless_basic.html b/toolkit/components/passwordmgr/test/browser/formless_basic.html new file mode 100644 index 000000000..2f4c5de52 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/formless_basic.html @@ -0,0 +1,18 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head><body> + +<!-- Simplest form with username and password fields. --> + <input id="form-basic-username" name="username"> + <input id="form-basic-password" name="password" type="password"> + <input id="form-basic-submit" type="submit"> + + <button id="add">Add input[type=password]</button> + + <script> + document.getElementById("add").addEventListener("click", function () { + var node = document.createElement("input"); + node.setAttribute("type", "password"); + document.querySelector("body").appendChild(node); + }); + </script> + +</body></html> diff --git a/toolkit/components/passwordmgr/test/browser/head.js b/toolkit/components/passwordmgr/test/browser/head.js new file mode 100644 index 000000000..926cb6616 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/head.js @@ -0,0 +1,137 @@ +const DIRECTORY_PATH = "/browser/toolkit/components/passwordmgr/test/browser/"; + +Cu.import("resource://testing-common/LoginTestUtils.jsm", this); +Cu.import("resource://testing-common/ContentTaskUtils.jsm", this); + +registerCleanupFunction(function* cleanup_removeAllLoginsAndResetRecipes() { + Services.logins.removeAllLogins(); + + let recipeParent = LoginTestUtils.recipes.getRecipeParent(); + if (!recipeParent) { + // No need to reset the recipes if the recipe module wasn't even loaded. + return; + } + yield recipeParent.then(recipeParentResult => recipeParentResult.reset()); +}); + +/** + * Loads a test page in `DIRECTORY_URL` which automatically submits to formsubmit.sjs and returns a + * promise resolving with the field values when the optional `aTaskFn` is done. + * + * @param {String} aPageFile - test page file name which auto-submits to formsubmit.sjs + * @param {Function} aTaskFn - task which can be run before the tab closes. + * @param {String} [aOrigin="http://example.com"] - origin of the server to use + * to load `aPageFile`. + */ +function testSubmittingLoginForm(aPageFile, aTaskFn, aOrigin = "http://example.com") { + return BrowserTestUtils.withNewTab({ + gBrowser, + url: aOrigin + DIRECTORY_PATH + aPageFile, + }, function*(browser) { + ok(true, "loaded " + aPageFile); + let fieldValues = yield ContentTask.spawn(browser, undefined, function*() { + yield ContentTaskUtils.waitForCondition(() => { + return content.location.pathname.endsWith("/formsubmit.sjs") && + content.document.readyState == "complete"; + }, "Wait for form submission load (formsubmit.sjs)"); + let username = content.document.getElementById("user").textContent; + let password = content.document.getElementById("pass").textContent; + return { + username, + password, + }; + }); + ok(true, "form submission loaded"); + if (aTaskFn) { + yield* aTaskFn(fieldValues); + } + return fieldValues; + }); +} + +function checkOnlyLoginWasUsedTwice({ justChanged }) { + // Check to make sure we updated the timestamps and use count on the + // existing login that was submitted for the test. + let logins = Services.logins.getAllLogins(); + is(logins.length, 1, "Should only have 1 login"); + ok(logins[0] instanceof Ci.nsILoginMetaInfo, "metainfo QI"); + is(logins[0].timesUsed, 2, "check .timesUsed for existing login submission"); + ok(logins[0].timeCreated < logins[0].timeLastUsed, "timeLastUsed bumped"); + if (justChanged) { + is(logins[0].timeLastUsed, logins[0].timePasswordChanged, "timeLastUsed == timePasswordChanged"); + } else { + is(logins[0].timeCreated, logins[0].timePasswordChanged, "timeChanged not updated"); + } +} + +// Begin popup notification (doorhanger) functions // + +const REMEMBER_BUTTON = 0; +const NEVER_BUTTON = 1; + +const CHANGE_BUTTON = 0; +const DONT_CHANGE_BUTTON = 1; + +/** + * Checks if we have a password capture popup notification + * of the right type and with the right label. + * + * @param {String} aKind The desired `passwordNotificationType` + * @param {Object} [popupNotifications = PopupNotifications] + * @return the found password popup notification. + */ +function getCaptureDoorhanger(aKind, popupNotifications = PopupNotifications) { + ok(true, "Looking for " + aKind + " popup notification"); + let notification = popupNotifications.getNotification("password"); + if (notification) { + is(notification.options.passwordNotificationType, aKind, "Notification type matches."); + if (aKind == "password-change") { + is(notification.mainAction.label, "Update", "Main action label matches update doorhanger."); + } else if (aKind == "password-save") { + is(notification.mainAction.label, "Remember", "Main action label matches save doorhanger."); + } + } + return notification; +} + +/** + * Clicks the specified popup notification button. + * + * @param {Element} aPopup Popup Notification element + * @param {Number} aButtonIndex Number indicating which button to click. + * See the constants in this file. + */ +function clickDoorhangerButton(aPopup, aButtonIndex) { + ok(true, "Looking for action at index " + aButtonIndex); + + let notifications = aPopup.owner.panel.childNodes; + ok(notifications.length > 0, "at least one notification displayed"); + ok(true, notifications.length + " notification(s)"); + let notification = notifications[0]; + + if (aButtonIndex == 0) { + ok(true, "Triggering main action"); + notification.button.doCommand(); + } else if (aButtonIndex <= aPopup.secondaryActions.length) { + ok(true, "Triggering secondary action " + aButtonIndex); + notification.childNodes[aButtonIndex].doCommand(); + } +} + +/** + * Checks the doorhanger's username and password. + * + * @param {String} username The username. + * @param {String} password The password. + */ +function* checkDoorhangerUsernamePassword(username, password) { + yield BrowserTestUtils.waitForCondition(() => { + return document.getElementById("password-notification-username").value == username; + }, "Wait for nsLoginManagerPrompter writeDataToUI()"); + is(document.getElementById("password-notification-username").value, username, + "Check doorhanger username"); + is(document.getElementById("password-notification-password").value, password, + "Check doorhanger password"); +} + +// End popup notification (doorhanger) functions // diff --git a/toolkit/components/passwordmgr/test/browser/insecure_test.html b/toolkit/components/passwordmgr/test/browser/insecure_test.html new file mode 100644 index 000000000..fedea1428 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/insecure_test.html @@ -0,0 +1,9 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head><body> +<!-- Any copyright is dedicated to the Public Domain. + - http://creativecommons.org/publicdomain/zero/1.0/ --> + +<!-- This frame is initially loaded over HTTP. --> +<iframe id="test-iframe" + src="http://example.org/browser/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html"/> + +</body></html> diff --git a/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html b/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html new file mode 100644 index 000000000..3f01e36a6 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html @@ -0,0 +1,13 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head><body> +<!-- Any copyright is dedicated to the Public Domain. + - http://creativecommons.org/publicdomain/zero/1.0/ --> + +<form> + <input name="password" type="password"> +</form> + +<!-- Link to reload this page over HTTPS. --> +<a id="test-link" + href="https://example.org/browser/toolkit/components/passwordmgr/test/browser/insecure_test_subframe.html">HTTPS</a> + +</body></html> diff --git a/toolkit/components/passwordmgr/test/browser/multiple_forms.html b/toolkit/components/passwordmgr/test/browser/multiple_forms.html new file mode 100644 index 000000000..3f64f8993 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/multiple_forms.html @@ -0,0 +1,129 @@ +<!DOCTYPE html><html><head><meta charset="utf-8"></head><body> +<!-- Any copyright is dedicated to the Public Domain. + - http://creativecommons.org/publicdomain/zero/1.0/ --> + + +<form class="test-form" + description="Password only form"> + <input id='test-password-1' type='password' name='pname' value=''> + <input type='submit'>Submit</input> +</form> + + +<form class="test-form" + description="Username only form"> + <input id='test-username-1' type='text' name='uname' value=''> + <input type='submit'>Submit</input> +</form> + + +<form class="test-form" + description="Simple username and password blank form"> + <input id='test-username-2' type='text' name='uname' value=''> + <input id='test-password-2' type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="Simple username and password form, prefilled username"> + <input id='test-username-3' type='text' name='uname' value='testuser'> + <input id='test-password-3' type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="Simple username and password form, prefilled username and password"> + <input id='test-username-4' type='text' name='uname' value='testuser'> + <input id='test-password-4' type='password' name='pname' value='testpass'> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="One username and two passwords empty form"> + <input id='test-username-5' type='text' name='uname'> + <input id='test-password-5' type='password' name='pname'> + <input id='test-password2-5' type='password' name='pname2'> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="One username and two passwords form, fields prefiled"> + <input id='test-username-6' type='text' name='uname' value="testuser"> + <input id='test-password-6' type='password' name='pname' value="testpass"> + <input id='test-password2-6' type='password' name='pname2' value="testpass"> + <button type='submit'>Submit</button> +</form> + + +<div class="test-form" + description="Username and password fields with no form"> + <input id='test-username-7' type='text' name='uname' value="testuser"> + <input id='test-password-7' type='password' name='pname' value="testpass"> +</div> + + +<form class="test-form" + description="Simple username and password blank form, with disabled password"> + <input id='test-username-8' type='text' name='uname' value=''> + <input id='test-password-8' type='password' name='pname' value='' disabled> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="Simple username and password blank form, with disabled username"> + <input id='test-username-9' type='text' name='uname' value='' disabled> + <input id='test-password-9' type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="Simple username and password blank form, with readonly password"> + <input id='test-username-10' type='text' name='uname' value=''> + <input id='test-password-10' type='password' name='pname' value='' readonly> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="Simple username and password blank form, with readonly username"> + <input id='test-username-11' type='text' name='uname' value='' readonly> + <input id='test-password-11' type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="Two username and one passwords form, fields prefiled"> + <input id='test-username-12' type='text' name='uname' value="testuser"> + <input id='test-username2-12' type='text' name='uname2' value="testuser"> + <input id='test-password-12' type='password' name='pname' value="testpass"> + <button type='submit'>Submit</button> +</form> + + +<form class="test-form" + description="Two username and one passwords form, one disabled username field"> + <input id='test-username-13' type='text' name='uname'> + <input id='test-username2-13' type='text' name='uname2' disabled> + <input id='test-password-13' type='password' name='pname'> + <button type='submit'>Submit</button> +</form> + + +<div class="test-form" + description="Second username and password fields with no form"> + <input id='test-username-14' type='text' name='uname'> + <input id='test-password-14' type='password' name='pname' expectedFail> +</div> + +<!-- Form in an iframe --> +<iframe src="https://example.org/browser/toolkit/components/passwordmgr/test/browser/form_basic.html" id="test-iframe"></iframe> + +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/streamConverter_content.sjs b/toolkit/components/passwordmgr/test/browser/streamConverter_content.sjs new file mode 100644 index 000000000..84c75437e --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/streamConverter_content.sjs @@ -0,0 +1,6 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +function handleRequest(request, response) { + response.setHeader("Content-Type", "test/content", false); +} diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_1.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_1.html new file mode 100644 index 000000000..b96faf2ee --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_1.html @@ -0,0 +1,29 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications - Basic 1un 1pw</title> +</head> +<body> +<h2>Subtest 1</h2> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + userField.value = "notifyu1"; + passField.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_10.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_10.html new file mode 100644 index 000000000..2dc96b4fd --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_10.html @@ -0,0 +1,27 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications</title> +</head> +<body> +<h2>Subtest 10</h2> +<form id="form" action="formsubmit.sjs"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + passField.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_11.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_11.html new file mode 100644 index 000000000..cf3df5275 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_11.html @@ -0,0 +1,25 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications - Popup Windows</title> +</head> +<body> +<h2>Subtest 11 (popup windows)</h2> +<script> + +// Ignore the '?' and split on | +[username, password, features, autoClose] = window.location.search.substring(1).split('|'); + +var url = "subtst_notifications_11_popup.html?" + username + "|" + password; +var popupWin = window.open(url, "subtst_11", features); + +// Popup window will call this function on form submission. +function formSubmitted() { + if (autoClose) + popupWin.close(); +} + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_11_popup.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_11_popup.html new file mode 100644 index 000000000..2e8e4135c --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_11_popup.html @@ -0,0 +1,32 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications</title> +</head> +<body> +<h2>Subtest 11</h2> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + // Get the password from the query string (exclude '?'). + [username, password] = window.location.search.substring(1).split('|'); + userField.value = username; + passField.value = password; + form.submit(); + window.opener.formSubmitted(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_2.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2.html new file mode 100644 index 000000000..72651d6c1 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2.html @@ -0,0 +1,30 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications - autocomplete=off on the username field</title> +</head> +<body> +<h2>Subtest 2</h2> +(username autocomplete=off) +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user" autocomplete="off"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + userField.value = "notifyu1"; + passField.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_0un.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_0un.html new file mode 100644 index 000000000..7ddbf0851 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_0un.html @@ -0,0 +1,27 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications with 2 password fields and no username</title> +</head> +<body> +<h2>Subtest 24</h2> +<form id="form" action="formsubmit.sjs"> + <input id="pass1" name="pass1" type="password" value="staticpw"> + <input id="pass" name="pass" type="password"> + <button type="submit">Submit</button> +</form> + +<script> +function submitForm() { + pass.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var pass = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_1un_1text.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_1un_1text.html new file mode 100644 index 000000000..893f18724 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_2pw_1un_1text.html @@ -0,0 +1,31 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications with 2 password fields and 1 username field and one other text field before the first password field</title> +</head> +<body> +<h2>1 username field followed by a text field followed by 2 username fields</h2> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user" value="staticpw"> + <input id="city" name="city" value="city"> + <input id="pass" name="pass" type="password"> + <input id="pin" name="pin" type="password" value="static-pin"> + <button type="submit">Submit</button> +</form> + +<script> +function submitForm() { + userField.value = "notifyu1"; + passField.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_3.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_3.html new file mode 100644 index 000000000..291e735d0 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_3.html @@ -0,0 +1,30 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications - autocomplete=off on the password field</title> +</head> +<body> +<h2>Subtest 3</h2> +(password autocomplete=off) +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user"> + <input id="pass" name="pass" type="password" autocomplete="off"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + userField.value = "notifyu1"; + passField.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_4.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_4.html new file mode 100644 index 000000000..63df3a42d --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_4.html @@ -0,0 +1,30 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8" > + <title>Subtest for Login Manager notifications</title> +</head> +<body> +<h2>Subtest 4</h2> +(form autocomplete=off) +<form id="form" action="formsubmit.sjs" autocomplete="off"> + <input id="user" name="user"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + userField.value = "notifyu1"; + passField.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_5.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_5.html new file mode 100644 index 000000000..72a3df95f --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_5.html @@ -0,0 +1,26 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications - Form with only a username field</title> +</head> +<body> +<h2>Subtest 5</h2> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + userField.value = "notifyu1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_6.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_6.html new file mode 100644 index 000000000..47e23e972 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_6.html @@ -0,0 +1,27 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications</title> +</head> +<body> +<h2>Subtest 6</h2> +(password-only form) +<form id="form" action="formsubmit.sjs"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + passField.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_8.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_8.html new file mode 100644 index 000000000..abeea4262 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_8.html @@ -0,0 +1,29 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications</title> +</head> +<body> +<h2>Subtest 8</h2> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + userField.value = "notifyu1"; + passField.value = "pass2"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_9.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_9.html new file mode 100644 index 000000000..c6f741068 --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_9.html @@ -0,0 +1,29 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications</title> +</head> +<body> +<h2>Subtest 9</h2> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + userField.value = ""; + passField.value = "pass2"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/browser/subtst_notifications_change_p.html b/toolkit/components/passwordmgr/test/browser/subtst_notifications_change_p.html new file mode 100644 index 000000000..d74f3bcdf --- /dev/null +++ b/toolkit/components/passwordmgr/test/browser/subtst_notifications_change_p.html @@ -0,0 +1,32 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications</title> +</head> +<body> +<h2>Change password</h2> +<form id="form" action="formsubmit.sjs"> + <input id="pass_current" name="pass_current" type="password" value="notifyp1"> + <input id="pass" name="pass" type="password"> + <input id="pass_confirm" name="pass_confirm" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + passField.value = "pass2"; + passConfirmField.value = "pass2"; + + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); +var passConfirmField = document.getElementById("pass_confirm"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/chrome/chrome.ini b/toolkit/components/passwordmgr/test/chrome/chrome.ini new file mode 100644 index 000000000..093b87b7d --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome/chrome.ini @@ -0,0 +1,13 @@ +[DEFAULT] +skip-if = os == 'android' + +[test_privbrowsing_perwindowpb.html] +skip-if = true # Bug 1173337 +support-files = + ../formsubmit.sjs + notification_common.js + privbrowsing_perwindowpb_iframe.html + subtst_privbrowsing_1.html + subtst_privbrowsing_2.html + subtst_privbrowsing_3.html + subtst_privbrowsing_4.html diff --git a/toolkit/components/passwordmgr/test/chrome/notification_common.js b/toolkit/components/passwordmgr/test/chrome/notification_common.js new file mode 100644 index 000000000..e8a52929d --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome/notification_common.js @@ -0,0 +1,111 @@ +/* + * Initialization: for each test, remove any prior notifications. + */ +function cleanUpPopupNotifications() { + var container = getPopupNotifications(window.top); + var notes = container._currentNotifications; + info(true, "Removing " + notes.length + " popup notifications."); + for (var i = notes.length - 1; i >= 0; i--) { + notes[i].remove(); + } +} +cleanUpPopupNotifications(); + +/* + * getPopupNotifications + * + * Fetches the popup notification for the specified window. + */ +function getPopupNotifications(aWindow) { + var Ci = SpecialPowers.Ci; + var Cc = SpecialPowers.Cc; + ok(Ci != null, "Access Ci"); + ok(Cc != null, "Access Cc"); + + var chromeWin = SpecialPowers.wrap(aWindow) + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIWebNavigation) + .QueryInterface(Ci.nsIDocShell) + .chromeEventHandler.ownerDocument.defaultView; + + var popupNotifications = chromeWin.PopupNotifications; + return popupNotifications; +} + + +/** + * Checks if we have a password popup notification + * of the right type and with the right label. + * + * @deprecated Write a browser-chrome test instead and use the fork of this method there. + * @returns the found password popup notification. + */ +function getPopup(aPopupNote, aKind) { + ok(true, "Looking for " + aKind + " popup notification"); + var notification = aPopupNote.getNotification("password"); + if (notification) { + is(notification.options.passwordNotificationType, aKind, "Notification type matches."); + if (aKind == "password-change") { + is(notification.mainAction.label, "Update", "Main action label matches update doorhanger."); + } else if (aKind == "password-save") { + is(notification.mainAction.label, "Remember", "Main action label matches save doorhanger."); + } + } + return notification; +} + + +/** + * @deprecated - Use a browser chrome test instead. + * + * Clicks the specified popup notification button. + */ +function clickPopupButton(aPopup, aButtonIndex) { + ok(true, "Looking for action at index " + aButtonIndex); + + var notifications = SpecialPowers.wrap(aPopup.owner).panel.childNodes; + ok(notifications.length > 0, "at least one notification displayed"); + ok(true, notifications.length + " notifications"); + var notification = notifications[0]; + + if (aButtonIndex == 0) { + ok(true, "Triggering main action"); + notification.button.doCommand(); + } else if (aButtonIndex <= aPopup.secondaryActions.length) { + var index = aButtonIndex; + ok(true, "Triggering secondary action " + index); + notification.childNodes[index].doCommand(); + } +} + +const kRememberButton = 0; +const kNeverButton = 1; + +const kChangeButton = 0; +const kDontChangeButton = 1; + +function dumpNotifications() { + try { + // PopupNotifications + var container = getPopupNotifications(window.top); + ok(true, "is popup panel open? " + container.isPanelOpen); + var notes = container._currentNotifications; + ok(true, "Found " + notes.length + " popup notifications."); + for (let i = 0; i < notes.length; i++) { + ok(true, "#" + i + ": " + notes[i].id); + } + + // Notification bars + var chromeWin = SpecialPowers.wrap(window.top) + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIWebNavigation) + .QueryInterface(Ci.nsIDocShell) + .chromeEventHandler.ownerDocument.defaultView; + var nb = chromeWin.getNotificationBox(window.top); + notes = nb.allNotifications; + ok(true, "Found " + notes.length + " notification bars."); + for (let i = 0; i < notes.length; i++) { + ok(true, "#" + i + ": " + notes[i].getAttribute("value")); + } + } catch (e) { todo(false, "WOAH! " + e); } +} diff --git a/toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html b/toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html new file mode 100644 index 000000000..2efdab265 --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html @@ -0,0 +1,9 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> +</head> +<body> +<iframe id="iframe"></iframe> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_1.html b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_1.html new file mode 100644 index 000000000..8c7202dd0 --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_1.html @@ -0,0 +1,33 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications (private browsing)</title> +</head> +<body> +<h2>Subtest 1</h2> +<!-- + Make sure that the password-save notification appears outside of + the private mode, but not inside it. +--> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user" type="text"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + userField.value = "notifyu1"; + passField.value = "notifyp1"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var userField = document.getElementById("user"); +var passField = document.getElementById("pass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_2.html b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_2.html new file mode 100644 index 000000000..bf3b85159 --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_2.html @@ -0,0 +1,33 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications (private browsing)</title> +</head> +<body> +<h2>Subtest 2</h2> +<!-- + Make sure that the password-change notification appears outside of + the private mode, but not inside it. +--> +<form id="form" action="formsubmit.sjs"> + <input id="pass" name="pass" type="password"> + <input id="newpass" name="newpass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + passField.value = "notifyp1"; + passField2.value = "notifyp2"; + form.submit(); +} + +window.onload = submitForm; +var form = document.getElementById("form"); +var passField = document.getElementById("pass"); +var passField2 = document.getElementById("newpass"); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_3.html b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_3.html new file mode 100644 index 000000000..e88a302e0 --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_3.html @@ -0,0 +1,29 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications (private browsing)</title> +</head> +<body> +<h2>Subtest 3</h2> +<!-- + Make sure that the user/pass fields are auto-filled outside of + the private mode, but not inside it. +--> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user" type="text"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function submitForm() { + form.submit(); +} + +var form = document.getElementById("form"); +window.addEventListener('message', () => { submitForm(); }); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_4.html b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_4.html new file mode 100644 index 000000000..184142743 --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome/subtst_privbrowsing_4.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Subtest for Login Manager notifications (private browsing)</title> + <script type="text/javascript" src="pwmgr_common.js"></script> +</head> +<body> +<h2>Subtest 4</h2> +<!-- + Make sure that the user/pass fields have manual filling enabled + in private mode. +--> +<form id="form" action="formsubmit.sjs"> + <input id="user" name="user" type="text"> + <input id="pass" name="pass" type="password"> + <button type='submit'>Submit</button> +</form> + +<script> +function startAutocomplete() { + userField.focus(); + doKey("down"); + setTimeout(submitForm, 100); +} + +function submitForm() { + doKey("down"); + doKey("return"); + setTimeout(function() { form.submit(); }, 100); +} + +var form = document.getElementById("form"); +var userField = document.getElementById("user"); + +window.addEventListener('message', () => { startAutocomplete(); }); + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/chrome/test_privbrowsing_perwindowpb.html b/toolkit/components/passwordmgr/test/chrome/test_privbrowsing_perwindowpb.html new file mode 100644 index 000000000..6b7d4abb3 --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome/test_privbrowsing_perwindowpb.html @@ -0,0 +1,322 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugzilla.mozilla.org/show_bug.cgi?id=248970 +--> +<head> + <meta charset="utf-8"> + <title>Test for Private Browsing</title> + <script type="application/javascript" + src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="notification_common.js"></script> + <link rel="stylesheet" type="text/css" + href="chrome://mochikit/content/tests/SimpleTest/test.css"> +</head> +<body> +<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=248970">Mozilla Bug 248970</a> +<p id="display"></p> +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Bug 248970 **/ +// based on test_notifications.html + +const Ci = SpecialPowers.Ci; +const Cc = SpecialPowers.Cc; +const Cr = SpecialPowers.Cr; + +Components.utils.import("resource://gre/modules/Services.jsm"); + +var testpath = "/chrome/toolkit/components/passwordmgr/test/chrome/"; +var prefix = "http://test2.example.com" + testpath; +var subtests = [ + "subtst_privbrowsing_1.html", // 1 + "subtst_privbrowsing_1.html", // 2 + "subtst_privbrowsing_1.html", // 3 + "subtst_privbrowsing_2.html", // 4 + "subtst_privbrowsing_2.html", // 5 + "subtst_privbrowsing_2.html", // 6 + "subtst_privbrowsing_3.html", // 7 + "subtst_privbrowsing_3.html", // 8 + "subtst_privbrowsing_4.html", // 9 + "subtst_privbrowsing_3.html" // 10 + ]; +var observer; + +var testNum = 0; +function loadNextTest() { + // run the initialization code for each test + switch (++ testNum) { + case 1: + popupNotifications = normalWindowPopupNotifications; + iframe = normalWindowIframe; + break; + + case 2: + popupNotifications = privateWindowPopupNotifications; + iframe = privateWindowIframe; + break; + + case 3: + popupNotifications = normalWindowPopupNotifications; + iframe = normalWindowIframe; + break; + + case 4: + pwmgr.addLogin(login); + break; + + case 5: + popupNotifications = privateWindowPopupNotifications; + iframe = privateWindowIframe; + break; + + case 6: + popupNotifications = normalWindowPopupNotifications; + iframe = normalWindowIframe; + break; + + case 7: + pwmgr.addLogin(login); + break; + + case 8: + popupNotifications = privateWindowPopupNotifications; + iframe = privateWindowIframe; + break; + + case 9: + break; + + case 10: + popupNotifications = normalWindowPopupNotifications; + iframe = normalWindowIframe; + break; + + default: + ok(false, "Unexpected call to loadNextTest for test #" + testNum); + } + + if (testNum === 7) { + observer = SpecialPowers.wrapCallback(function(subject, topic, data) { + SimpleTest.executeSoon(() => { iframe.contentWindow.postMessage("go", "*"); }); + }); + SpecialPowers.addObserver(observer, "passwordmgr-processed-form", false); + } + + ok(true, "Starting test #" + testNum); + iframe.src = prefix + subtests[testNum - 1]; +} + +function checkTest() { + var popup; + var gotUser; + var gotPass; + + switch (testNum) { + case 1: + // run outside of private mode, popup notification should appear + popup = getPopup(popupNotifications, "password-save"); + ok(popup, "got popup notification"); + popup.remove(); + break; + + case 2: + // run inside of private mode, popup notification should not appear + popup = getPopup(popupNotifications, "password-save"); + ok(!popup, "checking for no popup notification"); + break; + + case 3: + // run outside of private mode, popup notification should appear + popup = getPopup(popupNotifications, "password-save"); + ok(popup, "got popup notification"); + popup.remove(); + break; + + case 4: + // run outside of private mode, popup notification should appear + popup = getPopup(popupNotifications, "password-change"); + ok(popup, "got popup notification"); + popup.remove(); + break; + + case 5: + // run inside of private mode, popup notification should not appear + popup = getPopup(popupNotifications, "password-change"); + ok(!popup, "checking for no popup notification"); + break; + + case 6: + // run outside of private mode, popup notification should appear + popup = getPopup(popupNotifications, "password-change"); + ok(popup, "got popup notification"); + popup.remove(); + pwmgr.removeLogin(login); + break; + + case 7: + // verify that the user/pass pair was autofilled + gotUser = iframe.contentDocument.getElementById("user").textContent; + gotPass = iframe.contentDocument.getElementById("pass").textContent; + is(gotUser, "notifyu1", "Checking submitted username"); + is(gotPass, "notifyp1", "Checking submitted password"); + break; + + case 8: + // verify that the user/pass pair was not autofilled + gotUser = iframe.contentDocument.getElementById("user").textContent; + gotPass = iframe.contentDocument.getElementById("pass").textContent; + is(gotUser, "", "Checking submitted username"); + is(gotPass, "", "Checking submitted password"); + break; + + case 9: + // verify that the user/pass pair was available for autocomplete + gotUser = iframe.contentDocument.getElementById("user").textContent; + gotPass = iframe.contentDocument.getElementById("pass").textContent; + is(gotUser, "notifyu1", "Checking submitted username"); + is(gotPass, "notifyp1", "Checking submitted password"); + break; + + case 10: + // verify that the user/pass pair was autofilled + gotUser = iframe.contentDocument.getElementById("user").textContent; + gotPass = iframe.contentDocument.getElementById("pass").textContent; + is(gotUser, "notifyu1", "Checking submitted username"); + is(gotPass, "notifyp1", "Checking submitted password"); + pwmgr.removeLogin(login); + break; + + default: + ok(false, "Unexpected call to checkTest for test #" + testNum); + + } +} + +var mainWindow = window.QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIWebNavigation) + .QueryInterface(Ci.nsIDocShellTreeItem) + .rootTreeItem + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIDOMWindow); +var contentPage = "http://mochi.test:8888/chrome/toolkit/components/passwordmgr/test/chrome/privbrowsing_perwindowpb_iframe.html"; +var testWindows = []; + +function whenDelayedStartupFinished(aWindow, aCallback) { + Services.obs.addObserver(function obs(aSubject, aTopic) { + if (aWindow == aSubject) { + Services.obs.removeObserver(obs, aTopic); + setTimeout(aCallback, 0); + } + }, "browser-delayed-startup-finished", false); +} + +function testOnWindow(aIsPrivate, aCallback) { + var win = mainWindow.OpenBrowserWindow({private: aIsPrivate}); + win.addEventListener("load", function onLoad() { + win.removeEventListener("load", onLoad, false); + whenDelayedStartupFinished(win, function() { + win.addEventListener("DOMContentLoaded", function onInnerLoad() { + if (win.content.location.href != contentPage) { + win.gBrowser.loadURI(contentPage); + return; + } + win.removeEventListener("DOMContentLoaded", onInnerLoad, true); + + win.content.addEventListener('load', function innerLoad2() { + win.content.removeEventListener('load', innerLoad2, false); + testWindows.push(win); + SimpleTest.executeSoon(function() { aCallback(win); }); + }, false, true); + }, true); + SimpleTest.executeSoon(function() { win.gBrowser.loadURI(contentPage); }); + }); + }, true); +} + +var ignoreLoad = false; +function handleLoad(aEvent) { + // ignore every other load event ... We get one for loading the subtest (which + // we want to ignore), and another when the subtest's form submits itself + // (which we want to handle, to start the next test). + ignoreLoad = !ignoreLoad; + if (ignoreLoad) { + ok(true, "Ignoring load of subtest #" + testNum); + return; + } + ok(true, "Processing submission of subtest #" + testNum); + + checkTest(); + + if (testNum < subtests.length) { + loadNextTest(); + } else { + ok(true, "private browsing notification tests finished."); + + testWindows.forEach(function(aWin) { + aWin.close(); + }); + + SpecialPowers.removeObserver(observer, "passwordmgr-processed-form"); + SimpleTest.finish(); + } +} + +var pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); +ok(pwmgr != null, "Access pwmgr"); + +// We need to make sure no logins have been stored by previous tests +// for forms in |url|, otherwise the change password notification +// would turn into a prompt, and the test will fail. +var url = "http://test2.example.com"; +is(pwmgr.countLogins(url, "", null), 0, "No logins should be stored for " + url); + +var nsLoginInfo = new SpecialPowers.wrap(SpecialPowers.Components).Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); +var login = new nsLoginInfo(url, url, null, "notifyu1", "notifyp1", "user", "pass"); + +var normalWindow; +var privateWindow; + +var iframe; +var normalWindowIframe; +var privateWindowIframe; + +var popupNotifications; +var normalWindowPopupNotifications; +var privateWindowPopupNotifications; + +testOnWindow(false, function(aWin) { + var selectedBrowser = aWin.gBrowser.selectedBrowser; + normalWindowIframe = selectedBrowser.contentDocument.getElementById("iframe"); + normalWindowIframe.onload = handleLoad; + selectedBrowser.focus(); + + normalWindowPopupNotifications = getPopupNotifications(selectedBrowser.contentWindow.top); + ok(normalWindowPopupNotifications, "Got popupNotifications in normal window"); + // ignore the first load for this window; + ignoreLoad = false; + + testOnWindow(true, function(aPrivateWin) { + selectedBrowser = aPrivateWin.gBrowser.selectedBrowser; + privateWindowIframe = selectedBrowser.contentDocument.getElementById("iframe"); + privateWindowIframe.onload = handleLoad; + selectedBrowser.focus(); + + privateWindowPopupNotifications = getPopupNotifications(selectedBrowser.contentWindow.top); + ok(privateWindowPopupNotifications, "Got popupNotifications in private window"); + // ignore the first load for this window; + ignoreLoad = false; + + SimpleTest.executeSoon(loadNextTest); + }); +}); + +SimpleTest.waitForExplicitFinish(); +</script> +</pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/chrome_timeout.js b/toolkit/components/passwordmgr/test/chrome_timeout.js new file mode 100644 index 000000000..9049d0bea --- /dev/null +++ b/toolkit/components/passwordmgr/test/chrome_timeout.js @@ -0,0 +1,11 @@ +const Cc = Components.classes; +const Ci = Components.interfaces; + +addMessageListener('setTimeout', msg => { + let timer = Cc['@mozilla.org/timer;1'].createInstance(Ci.nsITimer); + timer.init(_ => { + sendAsyncMessage('timeout'); + }, msg.delay, Ci.nsITimer.TYPE_ONE_SHOT); +}); + +sendAsyncMessage('ready'); diff --git a/toolkit/components/passwordmgr/test/formsubmit.sjs b/toolkit/components/passwordmgr/test/formsubmit.sjs new file mode 100644 index 000000000..4b4a387f7 --- /dev/null +++ b/toolkit/components/passwordmgr/test/formsubmit.sjs @@ -0,0 +1,37 @@ +function handleRequest(request, response) +{ + try { + reallyHandleRequest(request, response); + } catch (e) { + response.setStatusLine("1.0", 200, "AlmostOK"); + response.write("Error handling request: " + e); + } +} + + +function reallyHandleRequest(request, response) { + var match; + var requestAuth = true; + + // XXX I bet this doesn't work for POST requests. + var query = request.queryString; + + var user = null, pass = null; + // user=xxx + match = /user=([^&]*)/.exec(query); + if (match) + user = match[1]; + + // pass=xxx + match = /pass=([^&]*)/.exec(query); + if (match) + pass = match[1]; + + response.setStatusLine("1.0", 200, "OK"); + + response.setHeader("Content-Type", "application/xhtml+xml", false); + response.write("<html xmlns='http://www.w3.org/1999/xhtml'>"); + response.write("<p>User: <span id='user'>" + user + "</span></p>\n"); + response.write("<p>Pass: <span id='pass'>" + pass + "</span></p>\n"); + response.write("</html>"); +} diff --git a/toolkit/components/passwordmgr/test/mochitest.ini b/toolkit/components/passwordmgr/test/mochitest.ini new file mode 100644 index 000000000..640f5c256 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest.ini @@ -0,0 +1,20 @@ +[DEFAULT] +skip-if = e10s +support-files = + authenticate.sjs + blank.html + formsubmit.sjs + prompt_common.js + pwmgr_common.js + subtst_master_pass.html + subtst_prompt_async.html + chrome_timeout.js + +[test_master_password.html] +skip-if = toolkit == 'android' # Tests desktop prompts +[test_prompt_async.html] +skip-if = toolkit == 'android' # Tests desktop prompts +[test_xhr.html] +skip-if = toolkit == 'android' # Tests desktop prompts +[test_xml_load.html] +skip-if = toolkit == 'android' # Tests desktop prompts diff --git a/toolkit/components/passwordmgr/test/mochitest/auth2/authenticate.sjs b/toolkit/components/passwordmgr/test/mochitest/auth2/authenticate.sjs new file mode 100644 index 000000000..d2f650013 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/auth2/authenticate.sjs @@ -0,0 +1,220 @@ +function handleRequest(request, response) +{ + try { + reallyHandleRequest(request, response); + } catch (e) { + response.setStatusLine("1.0", 200, "AlmostOK"); + response.write("Error handling request: " + e); + } +} + + +function reallyHandleRequest(request, response) { + var match; + var requestAuth = true, requestProxyAuth = true; + + // Allow the caller to drive how authentication is processed via the query. + // Eg, http://localhost:8888/authenticate.sjs?user=foo&realm=bar + // The extra ? allows the user/pass/realm checks to succeed if the name is + // at the beginning of the query string. + var query = "?" + request.queryString; + + var expected_user = "", expected_pass = "", realm = "mochitest"; + var proxy_expected_user = "", proxy_expected_pass = "", proxy_realm = "mochi-proxy"; + var huge = false, plugin = false, anonymous = false; + var authHeaderCount = 1; + // user=xxx + match = /[^_]user=([^&]*)/.exec(query); + if (match) + expected_user = match[1]; + + // pass=xxx + match = /[^_]pass=([^&]*)/.exec(query); + if (match) + expected_pass = match[1]; + + // realm=xxx + match = /[^_]realm=([^&]*)/.exec(query); + if (match) + realm = match[1]; + + // proxy_user=xxx + match = /proxy_user=([^&]*)/.exec(query); + if (match) + proxy_expected_user = match[1]; + + // proxy_pass=xxx + match = /proxy_pass=([^&]*)/.exec(query); + if (match) + proxy_expected_pass = match[1]; + + // proxy_realm=xxx + match = /proxy_realm=([^&]*)/.exec(query); + if (match) + proxy_realm = match[1]; + + // huge=1 + match = /huge=1/.exec(query); + if (match) + huge = true; + + // plugin=1 + match = /plugin=1/.exec(query); + if (match) + plugin = true; + + // multiple=1 + match = /multiple=([^&]*)/.exec(query); + if (match) + authHeaderCount = match[1]+0; + + // anonymous=1 + match = /anonymous=1/.exec(query); + if (match) + anonymous = true; + + // Look for an authentication header, if any, in the request. + // + // EG: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== + // + // This test only supports Basic auth. The value sent by the client is + // "username:password", obscured with base64 encoding. + + var actual_user = "", actual_pass = "", authHeader, authPresent = false; + if (request.hasHeader("Authorization")) { + authPresent = true; + authHeader = request.getHeader("Authorization"); + match = /Basic (.+)/.exec(authHeader); + if (match.length != 2) + throw new Error("Couldn't parse auth header: " + authHeader); + + var userpass = base64ToString(match[1]); // no atob() :-( + match = /(.*):(.*)/.exec(userpass); + if (match.length != 3) + throw new Error("Couldn't decode auth header: " + userpass); + actual_user = match[1]; + actual_pass = match[2]; + } + + var proxy_actual_user = "", proxy_actual_pass = ""; + if (request.hasHeader("Proxy-Authorization")) { + authHeader = request.getHeader("Proxy-Authorization"); + match = /Basic (.+)/.exec(authHeader); + if (match.length != 2) + throw new Error("Couldn't parse auth header: " + authHeader); + + var userpass = base64ToString(match[1]); // no atob() :-( + match = /(.*):(.*)/.exec(userpass); + if (match.length != 3) + throw new Error("Couldn't decode auth header: " + userpass); + proxy_actual_user = match[1]; + proxy_actual_pass = match[2]; + } + + // Don't request authentication if the credentials we got were what we + // expected. + if (expected_user == actual_user && + expected_pass == actual_pass) { + requestAuth = false; + } + if (proxy_expected_user == proxy_actual_user && + proxy_expected_pass == proxy_actual_pass) { + requestProxyAuth = false; + } + + if (anonymous) { + if (authPresent) { + response.setStatusLine("1.0", 400, "Unexpected authorization header found"); + } else { + response.setStatusLine("1.0", 200, "Authorization header not found"); + } + } else { + if (requestProxyAuth) { + response.setStatusLine("1.0", 407, "Proxy authentication required"); + for (i = 0; i < authHeaderCount; ++i) + response.setHeader("Proxy-Authenticate", "basic realm=\"" + proxy_realm + "\"", true); + } else if (requestAuth) { + response.setStatusLine("1.0", 401, "Authentication required"); + for (i = 0; i < authHeaderCount; ++i) + response.setHeader("WWW-Authenticate", "basic realm=\"" + realm + "\"", true); + } else { + response.setStatusLine("1.0", 200, "OK"); + } + } + + response.setHeader("Content-Type", "application/xhtml+xml", false); + response.write("<html xmlns='http://www.w3.org/1999/xhtml'>"); + response.write("<p>Login: <span id='ok'>" + (requestAuth ? "FAIL" : "PASS") + "</span></p>\n"); + response.write("<p>Proxy: <span id='proxy'>" + (requestProxyAuth ? "FAIL" : "PASS") + "</span></p>\n"); + response.write("<p>Auth: <span id='auth'>" + authHeader + "</span></p>\n"); + response.write("<p>User: <span id='user'>" + actual_user + "</span></p>\n"); + response.write("<p>Pass: <span id='pass'>" + actual_pass + "</span></p>\n"); + + if (huge) { + response.write("<div style='display: none'>"); + for (i = 0; i < 100000; i++) { + response.write("123456789\n"); + } + response.write("</div>"); + response.write("<span id='footnote'>This is a footnote after the huge content fill</span>"); + } + + if (plugin) { + response.write("<embed id='embedtest' style='width: 400px; height: 100px;' " + + "type='application/x-test'></embed>\n"); + } + + response.write("</html>"); +} + + +// base64 decoder +// +// Yoinked from extensions/xml-rpc/src/nsXmlRpcClient.js because btoa() +// doesn't seem to exist. :-( +/* Convert Base64 data to a string */ +const toBinaryTable = [ + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, + -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63, + 52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1, 0,-1,-1, + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10, 11,12,13,14, + 15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1, + -1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40, + 41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1 +]; +const base64Pad = '='; + +function base64ToString(data) { + + var result = ''; + var leftbits = 0; // number of bits decoded, but yet to be appended + var leftdata = 0; // bits decoded, but yet to be appended + + // Convert one by one. + for (var i = 0; i < data.length; i++) { + var c = toBinaryTable[data.charCodeAt(i) & 0x7f]; + var padding = (data[i] == base64Pad); + // Skip illegal characters and whitespace + if (c == -1) continue; + + // Collect data into leftdata, update bitcount + leftdata = (leftdata << 6) | c; + leftbits += 6; + + // If we have 8 or more bits, append 8 bits to the result + if (leftbits >= 8) { + leftbits -= 8; + // Append if not padding. + if (!padding) + result += String.fromCharCode((leftdata >> leftbits) & 0xff); + leftdata &= (1 << leftbits) - 1; + } + } + + // If there are any bits left, the base64 string was corrupted + if (leftbits) + throw Components.Exception('Corrupted base64 string'); + + return result; +} diff --git a/toolkit/components/passwordmgr/test/mochitest/mochitest.ini b/toolkit/components/passwordmgr/test/mochitest/mochitest.ini new file mode 100644 index 000000000..a4170d7e0 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/mochitest.ini @@ -0,0 +1,69 @@ +[DEFAULT] +support-files = + ../../../prompts/test/chromeScript.js + ../../../prompts/test/prompt_common.js + ../../../satchel/test/parent_utils.js + ../../../satchel/test/satchel_common.js + ../authenticate.sjs + ../blank.html + ../browser/form_autofocus_js.html + ../browser/form_basic.html + ../browser/form_cross_origin_secure_action.html + ../pwmgr_common.js + auth2/authenticate.sjs + +[test_autocomplete_https_upgrade.html] +skip-if = toolkit == 'android' # autocomplete +[test_autofill_https_upgrade.html] +skip-if = toolkit == 'android' # Bug 1259768 +[test_autofill_password-only.html] +[test_autofocus_js.html] +skip-if = toolkit == 'android' # autocomplete +[test_basic_form.html] +[test_basic_form_0pw.html] +[test_basic_form_1pw.html] +[test_basic_form_1pw_2.html] +[test_basic_form_2pw_1.html] +[test_basic_form_2pw_2.html] +[test_basic_form_3pw_1.html] +[test_basic_form_autocomplete.html] +skip-if = toolkit == 'android' # android:autocomplete. +[test_insecure_form_field_autocomplete.html] +skip-if = toolkit == 'android' # android:autocomplete. +[test_password_field_autocomplete.html] +skip-if = toolkit == 'android' # android:autocomplete. +[test_insecure_form_field_no_saved_login.html] +skip-if = toolkit == 'android' || os == 'linux' # android:autocomplete., linux: bug 1325778 +[test_basic_form_html5.html] +[test_basic_form_pwevent.html] +[test_basic_form_pwonly.html] +[test_bug_627616.html] +skip-if = toolkit == 'android' # Tests desktop prompts +[test_bug_776171.html] +[test_case_differences.html] +skip-if = toolkit == 'android' # autocomplete +[test_form_action_1.html] +[test_form_action_2.html] +[test_form_action_javascript.html] +[test_formless_autofill.html] +[test_formless_submit.html] +[test_formless_submit_navigation.html] +[test_formless_submit_navigation_negative.html] +[test_input_events.html] +[test_input_events_for_identical_values.html] +[test_maxlength.html] +[test_passwords_in_type_password.html] +[test_prompt.html] +skip-if = os == "linux" || toolkit == 'android' # Tests desktop prompts +[test_prompt_http.html] +skip-if = os == "linux" || toolkit == 'android' # Tests desktop prompts +[test_prompt_noWindow.html] +skip-if = e10s || toolkit == 'android' # Tests desktop prompts. e10s: bug 1217876 +[test_prompt_promptAuth.html] +skip-if = os == "linux" || toolkit == 'android' # Tests desktop prompts +[test_prompt_promptAuth_proxy.html] +skip-if = e10s || os == "linux" || toolkit == 'android' # Tests desktop prompts +[test_recipe_login_fields.html] +[test_username_focus.html] +skip-if = toolkit == 'android' # android:autocomplete. +[test_xhr_2.html] diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_upgrade.html b/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_upgrade.html new file mode 100644 index 000000000..7d5725322 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_autocomplete_https_upgrade.html @@ -0,0 +1,218 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test autocomplete on an HTTPS page using upgraded HTTP logins</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script> +const chromeScript = runChecksAfterCommonInit(false); + +runInParent(function addLogins() { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + // Create some logins just for this form, since we'll be deleting them. + let nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + + // We have two actual HTTPS to avoid autofill before the schemeUpgrades pref flips to true. + let login0 = new nsLoginInfo("https://example.org", "https://example.org", null, + "name", "pass", "uname", "pword"); + + let login1 = new nsLoginInfo("https://example.org", "https://example.org", null, + "name1", "pass1", "uname", "pword"); + + // Same as above but HTTP instead of HTTPS (to test de-duping) + let login2 = new nsLoginInfo("http://example.org", "http://example.org", null, + "name1", "passHTTP", "uname", "pword"); + + // Different HTTP login to upgrade with secure formSubmitURL + let login3 = new nsLoginInfo("http://example.org", "https://example.org", null, + "name2", "passHTTPtoHTTPS", "uname", "pword"); + + try { + Services.logins.addLogin(login0); + Services.logins.addLogin(login1); + Services.logins.addLogin(login2); + Services.logins.addLogin(login3); + } catch (e) { + assert.ok(false, "addLogin threw: " + e); + } +}); +</script> +<p id="display"></p> + +<!-- we presumably can't hide the content for this test. --> +<div id="content"> + <iframe src="https://example.org/tests/toolkit/components/passwordmgr/test/mochitest/form_basic.html"></iframe> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> +const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK; + +let iframe = SpecialPowers.wrap(document.getElementsByTagName("iframe")[0]); +let iframeDoc; +let uname; +let pword; + +// Restore the form to the default state. +function restoreForm() { + pword.focus(); + uname.value = ""; + pword.value = ""; + uname.focus(); +} + +// Check for expected username/password in form. +function checkACForm(expectedUsername, expectedPassword) { + let formID = uname.parentNode.id; + is(uname.value, expectedUsername, "Checking " + formID + " username"); + is(pword.value, expectedPassword, "Checking " + formID + " password"); +} + +add_task(function* setup() { + yield SpecialPowers.pushPrefEnv({"set": [["signon.schemeUpgrades", true]]}); + + yield new Promise(resolve => { + iframe.addEventListener("load", function onLoad() { + iframe.removeEventListener("load", onLoad); + resolve(); + }); + }); + + iframeDoc = iframe.contentDocument; + uname = iframeDoc.getElementById("form-basic-username"); + pword = iframeDoc.getElementById("form-basic-password"); +}); + +add_task(function* test_empty_first_entry() { + // Make sure initial form is empty. + checkACForm("", ""); + // Trigger autocomplete popup + restoreForm(); + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is initially closed"); + let shownPromise = promiseACShown(); + doKey("down"); + let results = yield shownPromise; + popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected"); + checkArrayValues(results, ["name", "name1", "name2"], "initial"); + + // Check first entry + let index0Promise = notifySelectedIndex(0); + doKey("down"); + yield index0Promise; + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("name", "pass"); +}); + +add_task(function* test_empty_second_entry() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + doKey("down"); // first + doKey("down"); // second + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("name1", "pass1"); +}); + +add_task(function* test_search() { + restoreForm(); + let shownPromise = promiseACShown(); + // We need to blur for the autocomplete controller to notice the forced value below. + uname.blur(); + uname.value = "name"; + uname.focus(); + sendChar("1"); + doKey("down"); // open + let results = yield shownPromise; + checkArrayValues(results, ["name1"], "check result deduping for 'name1'"); + doKey("down"); // first + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("name1", "pass1"); + + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is now closed"); +}); + +add_task(function* test_delete_first_entry() { + restoreForm(); + uname.focus(); + let shownPromise = promiseACShown(); + doKey("down"); + yield shownPromise; + + let index0Promise = notifySelectedIndex(0); + doKey("down"); + yield index0Promise; + + let deletionPromise = promiseStorageChanged(["removeLogin"]); + // On OS X, shift-backspace and shift-delete work, just delete does not. + // On Win/Linux, shift-backspace does not work, delete and shift-delete do. + doKey("delete", shiftModifier); + yield deletionPromise; + checkACForm("", ""); + + let results = yield notifyMenuChanged(2, "name1"); + + checkArrayValues(results, ["name1", "name2"], "two should remain after deleting the first"); + let popupState = yield getPopupState(); + is(popupState.open, true, "Check popup stays open after deleting"); + doKey("escape"); + popupState = yield getPopupState(); + is(popupState.open, false, "Check popup closed upon ESC"); +}); + +add_task(function* test_delete_duplicate_entry() { + restoreForm(); + uname.focus(); + let shownPromise = promiseACShown(); + doKey("down"); + yield shownPromise; + + let index0Promise = notifySelectedIndex(0); + doKey("down"); + yield index0Promise; + + let deletionPromise = promiseStorageChanged(["removeLogin"]); + // On OS X, shift-backspace and shift-delete work, just delete does not. + // On Win/Linux, shift-backspace does not work, delete and shift-delete do. + doKey("delete", shiftModifier); + yield deletionPromise; + checkACForm("", ""); + + is(LoginManager.countLogins("http://example.org", "http://example.org", null), 1, + "Check that the HTTP login remains"); + is(LoginManager.countLogins("https://example.org", "https://example.org", null), 0, + "Check that the HTTPS login was deleted"); + + // Two menu items should remain as the HTTPS login should have been deleted but + // the HTTP would remain. + let results = yield notifyMenuChanged(1, "name2"); + + checkArrayValues(results, ["name2"], "one should remain after deleting the HTTPS name1"); + let popupState = yield getPopupState(); + is(popupState.open, true, "Check popup stays open after deleting"); + doKey("escape"); + popupState = yield getPopupState(); + is(popupState.open, false, "Check popup closed upon ESC"); +}); + +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autofill_https_upgrade.html b/toolkit/components/passwordmgr/test/mochitest/test_autofill_https_upgrade.html new file mode 100644 index 000000000..ee1424002 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_autofill_https_upgrade.html @@ -0,0 +1,117 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test autocomplete on an HTTPS page using upgraded HTTP logins</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script> +const MISSING_ACTION_PATH = TESTS_DIR + "mochitest/form_basic.html"; +const CROSS_ORIGIN_SECURE_PATH = TESTS_DIR + "mochitest/form_cross_origin_secure_action.html"; + +const chromeScript = runChecksAfterCommonInit(false); + +let nsLoginInfo = SpecialPowers.wrap(SpecialPowers.Components).Constructor("@mozilla.org/login-manager/loginInfo;1", +SpecialPowers.Ci.nsILoginInfo, +"init"); +</script> +<p id="display"></p> + +<!-- we presumably can't hide the content for this test. --> +<div id="content"> + <iframe></iframe> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> +let iframe = SpecialPowers.wrap(document.getElementsByTagName("iframe")[0]); + +// Check for expected username/password in form. +function checkACForm(expectedUsername, expectedPassword) { + let iframeDoc = iframe.contentDocument; + let uname = iframeDoc.getElementById("form-basic-username"); + let pword = iframeDoc.getElementById("form-basic-password"); + let formID = uname.parentNode.id; + is(uname.value, expectedUsername, "Checking " + formID + " username"); + is(pword.value, expectedPassword, "Checking " + formID + " password"); +} +function* prepareLoginsAndProcessForm(url, logins = []) { + LoginManager.removeAllLogins(); + + let dates = Date.now(); + for (let login of logins) { + SpecialPowers.do_QueryInterface(login, SpecialPowers.Ci.nsILoginMetaInfo); + // Force all dates to be the same so they don't affect things like deduping. + login.timeCreated = login.timePasswordChanged = login.timeLastUsed = dates; + LoginManager.addLogin(login); + } + + iframe.src = url; + yield promiseFormsProcessed(); +} + +add_task(function* setup() { + yield SpecialPowers.pushPrefEnv({"set": [["signon.schemeUpgrades", true]]}); +}); + +add_task(function* test_simpleNoDupesNoAction() { + yield prepareLoginsAndProcessForm("https://example.com" + MISSING_ACTION_PATH, [ + new nsLoginInfo("http://example.com", "http://example.com", null, + "name2", "pass2", "uname", "pword"), + ]); + + checkACForm("name2", "pass2"); +}); + +add_task(function* test_simpleNoDupesUpgradeOriginAndAction() { + yield prepareLoginsAndProcessForm("https://example.com" + CROSS_ORIGIN_SECURE_PATH, [ + new nsLoginInfo("http://example.com", "http://another.domain", null, + "name2", "pass2", "uname", "pword"), + ]); + + checkACForm("name2", "pass2"); +}); + +add_task(function* test_simpleNoDupesUpgradeOriginOnly() { + yield prepareLoginsAndProcessForm("https://example.com" + CROSS_ORIGIN_SECURE_PATH, [ + new nsLoginInfo("http://example.com", "https://another.domain", null, + "name2", "pass2", "uname", "pword"), + ]); + + checkACForm("name2", "pass2"); +}); + +add_task(function* test_simpleNoDupesUpgradeActionOnly() { + yield prepareLoginsAndProcessForm("https://example.com" + CROSS_ORIGIN_SECURE_PATH, [ + new nsLoginInfo("https://example.com", "http://another.domain", null, + "name2", "pass2", "uname", "pword"), + ]); + + checkACForm("name2", "pass2"); +}); + +add_task(function* test_dedupe() { + yield prepareLoginsAndProcessForm("https://example.com" + MISSING_ACTION_PATH, [ + new nsLoginInfo("https://example.com", "https://example.com", null, + "name1", "passHTTPStoHTTPS", "uname", "pword"), + new nsLoginInfo("http://example.com", "http://example.com", null, + "name1", "passHTTPtoHTTP", "uname", "pword"), + new nsLoginInfo("http://example.com", "https://example.com", null, + "name1", "passHTTPtoHTTPS", "uname", "pword"), + new nsLoginInfo("https://example.com", "http://example.com", null, + "name1", "passHTTPStoHTTP", "uname", "pword"), + ]); + + checkACForm("name1", "passHTTPStoHTTPS"); +}); + +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autofill_password-only.html b/toolkit/components/passwordmgr/test/mochitest/test_autofill_password-only.html new file mode 100644 index 000000000..983356371 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_autofill_password-only.html @@ -0,0 +1,143 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test password-only forms should prefer a password-only login when present</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: Bug 444968 +<script> +let pwmgrCommonScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); +pwmgrCommonScript.sendSyncMessage("setupParent", { selfFilling: true }); + +SimpleTest.waitForExplicitFinish(); + +let chromeScript = runInParent(function chromeSetup() { + const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + let pwmgr = Cc["@mozilla.org/login-manager;1"].getService(Ci.nsILoginManager); + + let login1A = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let login1B = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let login2A = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let login2B = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let login2C = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + + login1A.init("http://mochi.test:8888", "http://bug444968-1", null, + "testuser1A", "testpass1A", "", ""); + login1B.init("http://mochi.test:8888", "http://bug444968-1", null, + "", "testpass1B", "", ""); + + login2A.init("http://mochi.test:8888", "http://bug444968-2", null, + "testuser2A", "testpass2A", "", ""); + login2B.init("http://mochi.test:8888", "http://bug444968-2", null, + "", "testpass2B", "", ""); + login2C.init("http://mochi.test:8888", "http://bug444968-2", null, + "testuser2C", "testpass2C", "", ""); + + pwmgr.addLogin(login1A); + pwmgr.addLogin(login1B); + pwmgr.addLogin(login2A); + pwmgr.addLogin(login2B); + pwmgr.addLogin(login2C); + + addMessageListener("removeLogins", function removeLogins() { + pwmgr.removeLogin(login1A); + pwmgr.removeLogin(login1B); + pwmgr.removeLogin(login2A); + pwmgr.removeLogin(login2B); + pwmgr.removeLogin(login2C); + }); +}); + +SimpleTest.registerCleanupFunction(() => chromeScript.sendSyncMessage("removeLogins")); + +registerRunTests(); +</script> + +<p id="display"></p> +<div id="content" style="display: none"> + <!-- first 3 forms have matching user+pass and pass-only logins --> + + <!-- user+pass form. --> + <form id="form1" action="http://bug444968-1"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- password-only form. --> + <form id="form2" action="http://bug444968-1"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- user+pass form, username prefilled --> + <form id="form3" action="http://bug444968-1"> + <input type="text" name="uname" value="testuser1A"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + + <!-- next 4 forms have matching user+pass (2x) and pass-only (1x) logins --> + + <!-- user+pass form. --> + <form id="form4" action="http://bug444968-2"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- password-only form. --> + <form id="form5" action="http://bug444968-2"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- user+pass form, username prefilled --> + <form id="form6" action="http://bug444968-2"> + <input type="text" name="uname" value="testuser2A"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- user+pass form, username prefilled --> + <form id="form7" action="http://bug444968-2"> + <input type="text" name="uname" value="testuser2C"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + +</div> +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/* Test for Login Manager: 444968 (password-only forms should prefer a + * password-only login when present ) + */ +function startTest() { + checkForm(1, "testuser1A", "testpass1A"); + checkForm(2, "testpass1B"); + checkForm(3, "testuser1A", "testpass1A"); + + checkUnmodifiedForm(4); // 2 logins match + checkForm(5, "testpass2B"); + checkForm(6, "testuser2A", "testpass2A"); + checkForm(7, "testuser2C", "testpass2C"); + + SimpleTest.finish(); +} + +window.addEventListener("runTests", startTest); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_autofocus_js.html b/toolkit/components/passwordmgr/test/mochitest/test_autofocus_js.html new file mode 100644 index 000000000..2ce3293dd --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_autofocus_js.html @@ -0,0 +1,115 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test login autocomplete is activated when focused by js on load</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script> +const chromeScript = runChecksAfterCommonInit(false); + +runInParent(function addLogins() { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + // Create some logins just for this form, since we'll be deleting them. + let nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + + let login0 = new nsLoginInfo("https://example.org", "https://example.org", null, + "name", "pass", "uname", "pword"); + + let login1 = new nsLoginInfo("https://example.org", "https://example.org", null, + "name1", "pass1", "uname", "pword"); + + try { + Services.logins.addLogin(login0); + Services.logins.addLogin(login1); + } catch (e) { + assert.ok(false, "addLogin threw: " + e); + } +}); +</script> +<p id="display"></p> + +<div id="content"> + <iframe src="https://example.org/tests/toolkit/components/passwordmgr/test/mochitest/form_autofocus_js.html"></iframe> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +let iframe = SpecialPowers.wrap(document.getElementsByTagName("iframe")[0]); +let iframeDoc; + +add_task(function* setup() { + yield new Promise(resolve => { + iframe.addEventListener("load", function onLoad() { + iframe.removeEventListener("load", onLoad); + resolve(); + }); + }); + + iframeDoc = iframe.contentDocument; + + SimpleTest.requestFlakyTimeout("Giving a chance for the unexpected popupshown to occur"); +}); + +add_task(function* test_initial_focus() { + let results = yield notifyMenuChanged(2, "name"); + checkArrayValues(results, ["name", "name1"], "Two results"); + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + is(iframeDoc.getElementById("form-basic-password").value, "pass", "Check first password filled"); + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is now closed"); +}); + +// This depends on the filling from the previous test. +add_task(function* test_not_reopened_if_filled() { + listenForUnexpectedPopupShown(); + let usernameField = iframeDoc.getElementById("form-basic-username"); + usernameField.focus(); + info("Waiting to see if a popupshown occurs"); + yield new Promise(resolve => setTimeout(resolve, 1000)); + + // cleanup + gPopupShownExpected = true; + iframeDoc.getElementById("form-basic-submit").focus(); +}); + +add_task(function* test_reopened_after_edit_not_matching_saved() { + let usernameField = iframeDoc.getElementById("form-basic-username"); + usernameField.value = "nam"; + let shownPromise = promiseACShown(); + usernameField.focus(); + yield shownPromise; + iframeDoc.getElementById("form-basic-submit").focus(); +}); + +add_task(function* test_not_reopened_after_selecting() { + let formFillController = SpecialPowers.Cc["@mozilla.org/satchel/form-fill-controller;1"]. + getService(SpecialPowers.Ci.nsIFormFillController); + let usernameField = iframeDoc.getElementById("form-basic-username"); + usernameField.value = ""; + iframeDoc.getElementById("form-basic-password").value = ""; + listenForUnexpectedPopupShown(); + formFillController.markAsLoginManagerField(usernameField); + info("Waiting to see if a popupshown occurs"); + yield new Promise(resolve => setTimeout(resolve, 1000)); + + // Cleanup + gPopupShownExpected = true; +}); + +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form.html new file mode 100644 index 000000000..3c38343a5 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form.html @@ -0,0 +1,44 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test basic autofill</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: simple form fill + +<script> +runChecksAfterCommonInit(startTest); + +/** Test for Login Manager: form fill, multiple forms. **/ + +function startTest() { + is($_(1, "uname").value, "testuser", "Checking for filled username"); + is($_(1, "pword").value, "testpass", "Checking for filled password"); + + SimpleTest.finish(); +} +</script> + +<p id="display"></p> + +<div id="content" style="display: none"> + + <form id="form1" action="formtest.js"> + <p>This is form 1.</p> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + +</div> + +<pre id="test"></pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_0pw.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_0pw.html new file mode 100644 index 000000000..0b416673b --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_0pw.html @@ -0,0 +1,72 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test forms with no password fields</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: forms with no password fields +<p id="display"></p> + +<div id="content" style="display: none"> + + <!-- Form with no user field or password field --> + <form id="form1" action="formtest.js"> + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Form with no user field or password field, but one other field --> + <form id="form2" action="formtest.js"> + <input type="checkbox"> + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Form with no user field or password field, but one other field --> + <form id="form3" action="formtest.js"> + <input type="checkbox" name="uname" value=""> + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Form with a text field, but no password field --> + <form id="form4" action="formtest.js"> + <input type="text" name="yyyyy"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Form with a user field, but no password field --> + <form id="form5" action="formtest.js"> + <input type="text" name="uname"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: form fill, no password fields. **/ + +function startTest() { + is($_(3, "uname").value, "", "Checking for unfilled checkbox (form 3)"); + is($_(4, "yyyyy").value, "", "Checking for unfilled text field (form 4)"); + is($_(5, "uname").value, "", "Checking for unfilled text field (form 5)"); + + SimpleTest.finish(); +} + +runChecksAfterCommonInit(startTest); +</script> +</pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw.html new file mode 100644 index 000000000..3937fad4b --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw.html @@ -0,0 +1,167 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test autofill for forms with 1 password field</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: forms with 1 password field +<script> +runChecksAfterCommonInit(() => startTest()); +</script> +<p id="display"></p> + +<div id="content" style="display: none"> + +<!-- no username fields --> + +<form id='form1' action='formtest.js'> 1 + <!-- Blank, so fill in the password --> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form2' action='formtest.js'> 2 + <!-- Already contains the password, so nothing to do. --> + <input type='password' name='pname' value='testpass'> + <button type='submit'>Submit</button> +</form> + +<form id='form3' action='formtest.js'> 3 + <!-- Contains unknown password, so don't change it --> + <input type='password' name='pname' value='xxxxxxxx'> + <button type='submit'>Submit</button> +</form> + + +<!-- username fields --> + +<form id='form4' action='formtest.js'> 4 + <!-- Blanks, so fill in login --> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form5' action='formtest.js'> 5 + <!-- Username already set, so fill in password --> + <input type='text' name='uname' value='testuser'> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form6' action='formtest.js'> 6 + <!-- Unknown username, so don't fill in password --> + <input type='text' name='uname' value='xxxxxxxx'> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form7' action='formtest.js'> 7 + <!-- Password already set, could fill in username but that's weird so we don't --> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value='testpass'> + <button type='submit'>Submit</button> +</form> + +<form id='form8' action='formtest.js'> 8 + <!-- Unknown password, so don't fill in a username --> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value='xxxxxxxx'> + <button type='submit'>Submit</button> +</form> + + + +<!-- extra text fields --> + +<form id='form9' action='formtest.js'> 9 + <!-- text field _after_ password should never be treated as a username field --> + <input type='password' name='pname' value=''> + <input type='text' name='uname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form10' action='formtest.js'> 10 + <!-- only the first text field before the password should be for username --> + <input type='text' name='other' value=''> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form11' action='formtest.js'> 11 + <!-- variation just to make sure extra text field is still ignored --> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value=''> + <input type='text' name='other' value=''> + <button type='submit'>Submit</button> +</form> + + + +<!-- same as last bunch, but with xxxx in the extra field. --> + +<form id='form12' action='formtest.js'> 12 + <!-- text field _after_ password should never be treated as a username field --> + <input type='password' name='pname' value=''> + <input type='text' name='uname' value='xxxxxxxx'> + <button type='submit'>Submit</button> +</form> + +<form id='form13' action='formtest.js'> 13 + <!-- only the first text field before the password should be for username --> + <input type='text' name='other' value='xxxxxxxx'> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form14' action='formtest.js'> 14 + <!-- variation just to make sure extra text field is still ignored --> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value=''> + <input type='text' name='other' value='xxxxxxxx'> + <button type='submit'>Submit</button> +</form> + + +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: simple form fill **/ + +function startTest() { + var f = 1; + + // 1-3 + checkForm(f++, "testpass"); + checkForm(f++, "testpass"); + checkForm(f++, "xxxxxxxx"); + + // 4-8 + checkForm(f++, "testuser", "testpass"); + checkForm(f++, "testuser", "testpass"); + checkForm(f++, "xxxxxxxx", ""); + checkForm(f++, "", "testpass"); + checkForm(f++, "", "xxxxxxxx"); + + // 9-14 + checkForm(f++, "testpass", ""); + checkForm(f++, "", "testuser", "testpass"); + checkForm(f++, "testuser", "testpass", ""); + checkForm(f++, "testpass", "xxxxxxxx"); + checkForm(f++, "xxxxxxxx", "testuser", "testpass"); + checkForm(f++, "testuser", "testpass", "xxxxxxxx"); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw_2.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw_2.html new file mode 100644 index 000000000..0f6566b9c --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_1pw_2.html @@ -0,0 +1,109 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test forms with 1 password field, part 2</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: forms with 1 password field, part 2 +<script> +runChecksAfterCommonInit(() => startTest()); +</script> +<p id="display"></p> + +<div id="content" style="display: none"> + +<form id='form1' action='formtest.js'> 1 + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form2' action='formtest.js'> 2 + <input type='password' name='pname' value='' disabled> + <button type='submit'>Submit</button> +</form> + +<form id='form3' action='formtest.js'> 3 + <input type='password' name='pname' value='' readonly> + <button type='submit'>Submit</button> +</form> + +<form id='form4' action='formtest.js'> 4 + <input type='text' name='uname' value=''> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form5' action='formtest.js'> 5 + <input type='text' name='uname' value='' disabled> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form6' action='formtest.js'> 6 + <input type='text' name='uname' value='' readonly> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form7' action='formtest.js'> 7 + <input type='text' name='uname' value=''> + <input type='password' name='pname' value='' disabled> + <button type='submit'>Submit</button> +</form> + +<form id='form8' action='formtest.js'> 8 + <input type='text' name='uname' value=''> + <input type='password' name='pname' value='' readonly> + <button type='submit'>Submit</button> +</form> + +<form id='form9' action='formtest.js'> 9 + <input type='text' name='uname' value='TESTUSER'> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form10' action='formtest.js'> 10 + <input type='text' name='uname' value='TESTUSER' readonly> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form11' action='formtest.js'> 11 + <input type='text' name='uname' value='TESTUSER' disabled> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: simple form fill, part 2 **/ + +function startTest() { + var f; + + // Test various combinations of disabled/readonly inputs + checkForm(1, "testpass"); // control + checkUnmodifiedForm(2); + checkUnmodifiedForm(3); + checkForm(4, "testuser", "testpass"); // control + for (f = 5; f <= 8; f++) { checkUnmodifiedForm(f); } + // Test case-insensitive comparison of username field + checkForm(9, "testuser", "testpass"); + checkForm(10, "TESTUSER", "testpass"); + checkForm(11, "TESTUSER", "testpass"); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_1.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_1.html new file mode 100644 index 000000000..128ffca7c --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_1.html @@ -0,0 +1,187 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test autofill for forms with 2 password fields</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: forms with 2 password fields +<script> +runChecksAfterCommonInit(() => startTest()); +</script> +<p id="display"></p> + +<div id="content" style="display: none"> + + +<!-- no username fields --> + +<form id='form1' action='formtest.js'> 1 + <!-- simple form, fill in first pw --> + <input type='password' name='pname' value=''> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form2' action='formtest.js'> 2 + <!-- same but reverse pname and qname, field names are ignored. --> + <input type='password' name='qname' value=''> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form3' action='formtest.js'> 3 + <!-- text field after password fields should be ignored, no username. --> + <input type='password' name='pname' value=''> + <input type='password' name='qname' value=''> + <input type='text' name='uname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form4' action='formtest.js'> 4 + <!-- nothing to do, password already present --> + <input type='password' name='pname' value='testpass'> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form5' action='formtest.js'> 5 + <!-- don't clobber an existing unrecognized password --> + <input type='password' name='pname' value='xxxxxxxx'> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form6' action='formtest.js'> 6 + <!-- fill in first field, 2nd field shouldn't be touched anyway. --> + <input type='password' name='pname' value=''> + <input type='password' name='qname' value='xxxxxxxx'> + <button type='submit'>Submit</button> +</form> + + + +<!-- with username fields --> + + + +<form id='form7' action='formtest.js'> 7 + <!-- simple form, should fill in username and first pw --> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value=''> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form8' action='formtest.js'> 8 + <!-- reverse pname and qname, field names are ignored. --> + <input type='text' name='uname' value=''> + <input type='password' name='qname' value=''> + <input type='password' name='pname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form9' action='formtest.js'> 9 + <!-- username already filled, so just fill first password --> + <input type='text' name='uname' value='testuser'> + <input type='password' name='pname' value=''> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form10' action='formtest.js'> 10 + <!-- unknown username, don't fill in a password --> + <input type='text' name='uname' value='xxxxxxxx'> + <input type='password' name='pname' value=''> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form11' action='formtest.js'> 11 + <!-- don't clobber unknown password --> + <input type='text' name='uname' value='testuser'> + <input type='password' name='pname' value='xxxxxxxx'> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form12' action='formtest.js'> 12 + <!-- fill in 1st pass, don't clobber 2nd pass --> + <input type='text' name='uname' value='testuser'> + <input type='password' name='pname' value=''> + <input type='password' name='qname' value='xxxxxxxx'> + <button type='submit'>Submit</button> +</form> + +<form id='form13' action='formtest.js'> 13 + <!-- nothing to do, user and pass prefilled. life is easy. --> + <input type='text' name='uname' value='testuser'> + <input type='password' name='pname' value='testpass'> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form14' action='formtest.js'> 14 + <!-- shouldn't fill in username because 1st pw field is unknown. --> + <input type='text' name='uname' value=''> + <input type='password' name='pname' value='xxxxxxxx'> + <input type='password' name='qname' value='testpass'> + <button type='submit'>Submit</button> +</form> + +<form id='form15' action='formtest.js'> 15 + <!-- textfield in the middle of pw fields should be ignored --> + <input type='password' name='pname' value=''> + <input type='text' name='uname' value=''> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + +<form id='form16' action='formtest.js'> 16 + <!-- same, and don't clobber existing unknown password --> + <input type='password' name='pname' value='xxxxxxxx'> + <input type='text' name='uname' value=''> + <input type='password' name='qname' value=''> + <button type='submit'>Submit</button> +</form> + + +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: simple form fill **/ + +function startTest() { + var f = 1; + + // 1-6 no username + checkForm(f++, "testpass", ""); + checkForm(f++, "testpass", ""); + checkForm(f++, "testpass", "", ""); + checkForm(f++, "testpass", ""); + checkForm(f++, "xxxxxxxx", ""); + checkForm(f++, "testpass", "xxxxxxxx"); + + // 7-15 with username + checkForm(f++, "testuser", "testpass", ""); + checkForm(f++, "testuser", "testpass", ""); + checkForm(f++, "testuser", "testpass", ""); + checkForm(f++, "xxxxxxxx", "", ""); + checkForm(f++, "testuser", "xxxxxxxx", ""); + checkForm(f++, "testuser", "testpass", "xxxxxxxx"); + checkForm(f++, "testuser", "testpass", ""); + checkForm(f++, "", "xxxxxxxx", "testpass"); + checkForm(f++, "testpass", "", ""); + checkForm(f++, "xxxxxxxx", "", ""); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_2.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_2.html new file mode 100644 index 000000000..eba811cf9 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_2pw_2.html @@ -0,0 +1,105 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for form fill with 2 password fields</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: form fill, 2 password fields +<p id="display"></p> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: form fill, 2 password fields **/ + +/* + * If a form has two password fields, other things may be going on.... + * + * 1 - The user might be creating a new login (2nd field for typo checking) + * 2 - The user is changing a password (old and new password each have field) + * + * This test is for case #1. + */ + +var numSubmittedForms = 0; +var numStartingLogins = 0; + +function startTest() { + // Check for unfilled forms + is($_(1, "uname").value, "", "Checking username 1"); + is($_(1, "pword").value, "", "Checking password 1A"); + is($_(1, "qword").value, "", "Checking password 1B"); + + // Fill in the username and password fields, for account creation. + // Form 1 + $_(1, "uname").value = "newuser1"; + $_(1, "pword").value = "newpass1"; + $_(1, "qword").value = "newpass1"; + + var button = getFormSubmitButton(1); + + todo(false, "form submission disabled, can't auto-accept dialog yet"); + SimpleTest.finish(); +} + + +// Called by each form's onsubmit handler. +function checkSubmit(formNum) { + numSubmittedForms++; + + // End the test at the last form. + if (formNum == 999) { + is(numSubmittedForms, 999, "Ensuring all forms submitted for testing."); + + var numEndingLogins = LoginManager.countLogins("", "", ""); + + ok(numEndingLogins > 0, "counting logins at end"); + is(numStartingLogins, numEndingLogins + 222, "counting logins at end"); + + SimpleTest.finish(); + return false; // return false to cancel current form submission + } + + // submit the next form. + var button = getFormSubmitButton(formNum + 1); + button.click(); + + return false; // return false to cancel current form submission +} + + +function getFormSubmitButton(formNum) { + var form = $("form" + formNum); // by id, not name + ok(form != null, "getting form " + formNum); + + // we can't just call form.submit(), because that doesn't seem to + // invoke the form onsubmit handler. + var button = form.firstChild; + while (button && button.type != "submit") { button = button.nextSibling; } + ok(button != null, "getting form submit button"); + + return button; +} + +runChecksAfterCommonInit(startTest); + +</script> +</pre> +<div id="content" style="display: none"> + <form id="form1" onsubmit="return checkSubmit(1)" action="http://newuser.com"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <input type="password" name="qword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + +</div> + +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_3pw_1.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_3pw_1.html new file mode 100644 index 000000000..30b5a319f --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_3pw_1.html @@ -0,0 +1,177 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test autofill for forms with 3 password fields</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: forms with 3 password fields (form filling) +<script> +runChecksAfterCommonInit(() => startTest()); +</script> +<p id="display"></p> + +<div id="content" style="display: none"> + <p>The next three forms are <b>user/pass/passB/passC</b>, as all-empty, preuser(only), and preuser/pass</p> + <form id="form1" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <input type="password" name="qword"> + <input type="password" name="rword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <form id="form2" action="formtest.js"> + <input type="text" name="uname" value="testuser"> + <input type="password" name="pword"> + <input type="password" name="qword"> + <input type="password" name="rword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <form id="form3" action="formtest.js"> + <input type="text" name="uname" value="testuser"> + <input type="password" name="pword" value="testpass"> + <input type="password" name="qword"> + <input type="password" name="rword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + + <p>The next three forms are <b>user/passB/pass/passC</b>, as all-empty, preuser(only), and preuser/pass</p> + <form id="form4" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="qword"> + <input type="password" name="pword"> + <input type="password" name="rword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <form id="form5" action="formtest.js"> + <input type="text" name="uname" value="testuser"> + <input type="password" name="qword"> + <input type="password" name="pword"> + <input type="password" name="rword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <form id="form6" action="formtest.js"> + <input type="text" name="uname" value="testuser"> + <input type="password" name="qword"> + <input type="password" name="pword" value="testpass"> + <input type="password" name="rword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <p>The next three forms are <b>user/passB/passC/pass</b>, as all-empty, preuser(only), and preuser/pass</p> + <form id="form7" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="qword"> + <input type="password" name="rword"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <form id="form8" action="formtest.js"> + <input type="text" name="uname" value="testuser"> + <input type="password" name="qword"> + <input type="password" name="rword"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <form id="form9" action="formtest.js"> + <input type="text" name="uname" value="testuser"> + <input type="password" name="qword"> + <input type="password" name="rword"> + <input type="password" name="pword" value="testpass"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: form fill, 3 password fields **/ + +// Test to make sure 3-password forms are filled properly. + +function startTest() { + // Check form 1 + is($_(1, "uname").value, "testuser", "Checking username 1"); + is($_(1, "pword").value, "testpass", "Checking password 1"); + is($_(1, "qword").value, "", "Checking password 1 (q)"); + is($_(1, "rword").value, "", "Checking password 1 (r)"); + // Check form 2 + is($_(2, "uname").value, "testuser", "Checking username 2"); + is($_(2, "pword").value, "testpass", "Checking password 2"); + is($_(2, "qword").value, "", "Checking password 2 (q)"); + is($_(2, "rword").value, "", "Checking password 2 (r)"); + // Check form 3 + is($_(3, "uname").value, "testuser", "Checking username 3"); + is($_(3, "pword").value, "testpass", "Checking password 3"); + is($_(3, "qword").value, "", "Checking password 3 (q)"); + is($_(3, "rword").value, "", "Checking password 3 (r)"); + + // Check form 4 + is($_(4, "uname").value, "testuser", "Checking username 4"); + todo_is($_(4, "qword").value, "", "Checking password 4 (q)"); + todo_is($_(4, "pword").value, "testpass", "Checking password 4"); + is($_(4, "rword").value, "", "Checking password 4 (r)"); + // Check form 5 + is($_(5, "uname").value, "testuser", "Checking username 5"); + todo_is($_(5, "qword").value, "", "Checking password 5 (q)"); + todo_is($_(5, "pword").value, "testpass", "Checking password 5"); + is($_(5, "rword").value, "", "Checking password 5 (r)"); + // Check form 6 + is($_(6, "uname").value, "testuser", "Checking username 6"); + todo_is($_(6, "qword").value, "", "Checking password 6 (q)"); + is($_(6, "pword").value, "testpass", "Checking password 6"); + is($_(6, "rword").value, "", "Checking password 6 (r)"); + + // Check form 7 + is($_(7, "uname").value, "testuser", "Checking username 7"); + todo_is($_(7, "qword").value, "", "Checking password 7 (q)"); + is($_(7, "rword").value, "", "Checking password 7 (r)"); + todo_is($_(7, "pword").value, "testpass", "Checking password 7"); + // Check form 8 + is($_(8, "uname").value, "testuser", "Checking username 8"); + todo_is($_(8, "qword").value, "", "Checking password 8 (q)"); + is($_(8, "rword").value, "", "Checking password 8 (r)"); + todo_is($_(8, "pword").value, "testpass", "Checking password 8"); + // Check form 9 + is($_(9, "uname").value, "testuser", "Checking username 9"); + todo_is($_(9, "qword").value, "", "Checking password 9 (q)"); + is($_(9, "rword").value, "", "Checking password 9 (r)"); + is($_(9, "pword").value, "testpass", "Checking password 9"); + + // TODO: as with the 2-password cases, add tests to check for creating new + // logins and changing passwords. + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_autocomplete.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_autocomplete.html new file mode 100644 index 000000000..0eee8e696 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_autocomplete.html @@ -0,0 +1,859 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test basic login autocomplete</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: multiple login autocomplete + +<script> +var chromeScript = runChecksAfterCommonInit(); + +var setupScript = runInParent(function setup() { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + // Create some logins just for this form, since we'll be deleting them. + var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + assert.ok(nsLoginInfo != null, "nsLoginInfo constructor"); + + // login0 has no username, so should be filtered out from the autocomplete list. + var login0 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "", "user0pass", "", "pword"); + + var login1 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "tempuser1", "temppass1", "uname", "pword"); + + var login2 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "testuser2", "testpass2", "uname", "pword"); + + var login3 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "testuser3", "testpass3", "uname", "pword"); + + var login4 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "zzzuser4", "zzzpass4", "uname", "pword"); + + // login 5 only used in the single-user forms + var login5 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete2", null, + "singleuser5", "singlepass5", "uname", "pword"); + + var login6A = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete3", null, + "form7user1", "form7pass1", "uname", "pword"); + var login6B = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete3", null, + "form7user2", "form7pass2", "uname", "pword"); + + var login7 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete4", null, + "form8user", "form8pass", "uname", "pword"); + + var login8A = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null, + "form9userAB", "form9pass", "uname", "pword"); + var login8B = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null, + "form9userAAB", "form9pass", "uname", "pword"); + var login8C = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null, + "form9userAABzz", "form9pass", "uname", "pword"); + + var login10 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete7", null, + "testuser10", "testpass10", "uname", "pword"); + + + // try/catch in case someone runs the tests manually, twice. + try { + Services.logins.addLogin(login0); + Services.logins.addLogin(login1); + Services.logins.addLogin(login2); + Services.logins.addLogin(login3); + Services.logins.addLogin(login4); + Services.logins.addLogin(login5); + Services.logins.addLogin(login6A); + Services.logins.addLogin(login6B); + Services.logins.addLogin(login7); + Services.logins.addLogin(login8A); + Services.logins.addLogin(login8B); + // login8C is added later + Services.logins.addLogin(login10); + } catch (e) { + assert.ok(false, "addLogin threw: " + e); + } + + addMessageListener("addLogin", loginVariableName => { + let login = eval(loginVariableName); + assert.ok(!!login, "Login to add is defined: " + loginVariableName); + Services.logins.addLogin(login); + }); + addMessageListener("removeLogin", loginVariableName => { + let login = eval(loginVariableName); + assert.ok(!!login, "Login to delete is defined: " + loginVariableName); + Services.logins.removeLogin(login); + }); +}); +</script> +<p id="display"></p> + +<!-- we presumably can't hide the content for this test. --> +<div id="content"> + + <!-- form1 tests multiple matching logins --> + <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- other forms test single logins, with autocomplete=off set --> + <form id="form2" action="http://autocomplete2" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword" autocomplete="off"> + <button type="submit">Submit</button> + </form> + + <form id="form3" action="http://autocomplete2" onsubmit="return false;"> + <input type="text" name="uname" autocomplete="off"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form4" action="http://autocomplete2" onsubmit="return false;" autocomplete="off"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form5" action="http://autocomplete2" onsubmit="return false;"> + <input type="text" name="uname" autocomplete="off"> + <input type="password" name="pword" autocomplete="off"> + <button type="submit">Submit</button> + </form> + + <!-- control --> + <form id="form6" action="http://autocomplete2" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- This form will be manipulated to insert a different username field. --> + <form id="form7" action="http://autocomplete3" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- test for no autofill after onblur with blank username --> + <form id="form8" action="http://autocomplete4" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- test autocomplete dropdown --> + <form id="form9" action="http://autocomplete5" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- test for onUsernameInput recipe testing --> + <form id="form11" action="http://autocomplete7" onsubmit="return false;"> + <input type="text" name="1"> + <input type="text" name="2"> + <button type="submit">Submit</button> + </form> + + <!-- tests <form>-less autocomplete --> + <div id="form12"> + <input type="text" name="uname" id="uname"> + <input type="password" name="pword" id="pword"> + <button type="submit">Submit</button> + </div> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: multiple login autocomplete. **/ + +var uname = $_(1, "uname"); +var pword = $_(1, "pword"); +const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK; + +// Restore the form to the default state. +function restoreForm() { + uname.value = ""; + pword.value = ""; + uname.focus(); +} + +// Check for expected username/password in form. +function checkACForm(expectedUsername, expectedPassword) { + var formID = uname.parentNode.id; + is(uname.value, expectedUsername, "Checking " + formID + " username is: " + expectedUsername); + is(pword.value, expectedPassword, "Checking " + formID + " password is: " + expectedPassword); +} + +function sendFakeAutocompleteEvent(element) { + var acEvent = document.createEvent("HTMLEvents"); + acEvent.initEvent("DOMAutoComplete", true, false); + element.dispatchEvent(acEvent); +} + +function spinEventLoop() { + return Promise.resolve(); +} + +add_task(function* setup() { + yield SpecialPowers.pushPrefEnv({"set": [["security.insecure_field_warning.contextual.enabled", false], + ["signon.autofillForms.http", true]]}); + listenForUnexpectedPopupShown(); +}); + +add_task(function* test_form1_initial_empty() { + yield SimpleTest.promiseFocus(window); + + // Make sure initial form is empty. + checkACForm("", ""); + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is initially closed"); +}); + +add_task(function* test_form1_menuitems() { + yield SimpleTest.promiseFocus(window); + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + let results = yield shownPromise; + + let popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected upon opening"); + + let expectedMenuItems = ["tempuser1", + "testuser2", + "testuser3", + "zzzuser4"]; + checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly."); + + checkACForm("", ""); // value shouldn't update just by selecting + doKey("return"); // not "enter"! + yield spinEventLoop(); // let focus happen + checkACForm("", ""); +}); + +add_task(function* test_form1_first_entry() { + yield SimpleTest.promiseFocus(window); + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + let popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected upon opening"); + + doKey("down"); // first + checkACForm("", ""); // value shouldn't update just by selecting + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("tempuser1", "temppass1"); +}); + +add_task(function* test_form1_second_entry() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // first + doKey("down"); // second + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_third_entry() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // first + doKey("down"); // second + doKey("down"); // third + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser3", "testpass3"); +}); + +add_task(function* test_form1_fourth_entry() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // first + doKey("down"); // second + doKey("down"); // third + doKey("down"); // fourth + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_wraparound_first_entry() { + // Trigger autocomplete popup + restoreForm(); + yield spinEventLoop(); // let focus happen + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // first + doKey("down"); // second + doKey("down"); // third + doKey("down"); // fourth + doKey("down"); // deselects + doKey("down"); // first + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("tempuser1", "temppass1"); +}); + +add_task(function* test_form1_wraparound_up_last_entry() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("up"); // last (fourth) + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_wraparound_down_up_up() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // select first entry + doKey("up"); // selects nothing! + doKey("up"); // select last entry + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_wraparound_up_last() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); + doKey("up"); // deselects + doKey("up"); // last entry + doKey("up"); + doKey("up"); + doKey("up"); // first entry + doKey("up"); // deselects + doKey("up"); // last entry + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_fill_username_without_autofill_right() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Set first entry w/o triggering autocomplete + doKey("down"); // first + doKey("right"); + yield spinEventLoop(); + checkACForm("tempuser1", ""); // empty password +}); + +add_task(function* test_form1_fill_username_without_autofill_left() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Set first entry w/o triggering autocomplete + doKey("down"); // first + doKey("left"); + checkACForm("tempuser1", ""); // empty password +}); + +add_task(function* test_form1_pageup_first() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check first entry (page up) + doKey("down"); // first + doKey("down"); // second + doKey("page_up"); // first + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("tempuser1", "temppass1"); +}); + +add_task(function* test_form1_pagedown_last() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + /* test 13 */ + // Check last entry (page down) + doKey("down"); // first + doKey("page_down"); // last + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_untrusted_event() { + restoreForm(); + yield spinEventLoop(); + + // Send a fake (untrusted) event. + checkACForm("", ""); + uname.value = "zzzuser4"; + sendFakeAutocompleteEvent(uname); + yield spinEventLoop(); + checkACForm("zzzuser4", ""); +}); + +add_task(function* test_form1_delete() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // XXX tried sending character "t" before/during dropdown to test + // filtering, but had no luck. Seemed like the character was getting lost. + // Setting uname.value didn't seem to work either. This works with a human + // driver, so I'm not sure what's up. + + // Delete the first entry (of 4), "tempuser1" + doKey("down"); + var numLogins; + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 5, "Correct number of logins before deleting one"); + + let countChangedPromise = notifyMenuChanged(3); + var deletionPromise = promiseStorageChanged(["removeLogin"]); + // On OS X, shift-backspace and shift-delete work, just delete does not. + // On Win/Linux, shift-backspace does not work, delete and shift-delete do. + doKey("delete", shiftModifier); + yield deletionPromise; + + checkACForm("", ""); + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 4, "Correct number of logins after deleting one"); + yield countChangedPromise; + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_first_after_deletion() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check the new first entry (of 3) + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_delete_second() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Delete the second entry (of 3), "testuser3" + doKey("down"); + doKey("down"); + doKey("delete", shiftModifier); + checkACForm("", ""); + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 3, "Correct number of logins after deleting one"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_first_after_deletion2() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check the new first entry (of 2) + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_delete_last() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + /* test 54 */ + // Delete the last entry (of 2), "zzzuser4" + doKey("down"); + doKey("down"); + doKey("delete", shiftModifier); + checkACForm("", ""); + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 2, "Correct number of logins after deleting one"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_first_after_3_deletions() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check the only remaining entry + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_check_only_entry_remaining() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + /* test 56 */ + // Delete the only remaining entry, "testuser2" + doKey("down"); + doKey("delete", shiftModifier); + checkACForm("", ""); + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 1, "Correct number of logins after deleting one"); + + // remove the login that's not shown in the list. + setupScript.sendSyncMessage("removeLogin", "login0"); +}); + +/* Tests for single-user forms for ignoring autocomplete=off */ +add_task(function* test_form2() { + // Turn our attention to form2 + uname = $_(2, "uname"); + pword = $_(2, "pword"); + checkACForm("singleuser5", "singlepass5"); + + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form3() { + uname = $_(3, "uname"); + pword = $_(3, "pword"); + checkACForm("singleuser5", "singlepass5"); + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form4() { + uname = $_(4, "uname"); + pword = $_(4, "pword"); + checkACForm("singleuser5", "singlepass5"); + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form5() { + uname = $_(5, "uname"); + pword = $_(5, "pword"); + checkACForm("singleuser5", "singlepass5"); + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form6() { + // (this is a control, w/o autocomplete=off, to ensure the login + // that was being suppressed would have been filled in otherwise) + uname = $_(6, "uname"); + pword = $_(6, "pword"); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form6_changeUsername() { + // Test that the password field remains filled in after changing + // the username. + uname.focus(); + doKey("right"); + sendChar("X"); + // Trigger the 'blur' event on uname + pword.focus(); + yield spinEventLoop(); + checkACForm("singleuser5X", "singlepass5"); + + setupScript.sendSyncMessage("removeLogin", "login5"); +}); + +add_task(function* test_form7() { + uname = $_(7, "uname"); + pword = $_(7, "pword"); + checkACForm("", ""); + + // Insert a new username field into the form. We'll then make sure + // that invoking the autocomplete doesn't try to fill the form. + var newField = document.createElement("input"); + newField.setAttribute("type", "text"); + newField.setAttribute("name", "uname2"); + pword.parentNode.insertBefore(newField, pword); + is($_(7, "uname2").value, "", "Verifying empty uname2"); + + // Delete login6B. It was created just to prevent filling in a login + // automatically, removing it makes it more likely that we'll catch a + // future regression with form filling here. + setupScript.sendSyncMessage("removeLogin", "login6B"); +}); + +add_task(function* test_form7_2() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + // The form changes, so we expect the old username field to get the + // selected autocomplete value, but neither the new username field nor + // the password field should have any values filled in. + yield spinEventLoop(); + checkACForm("form7user1", ""); + is($_(7, "uname2").value, "", "Verifying empty uname2"); + restoreForm(); // clear field, so reloading test doesn't fail + + setupScript.sendSyncMessage("removeLogin", "login6A"); +}); + +add_task(function* test_form8() { + uname = $_(8, "uname"); + pword = $_(8, "pword"); + checkACForm("form8user", "form8pass"); + restoreForm(); +}); + +add_task(function* test_form8_blur() { + checkACForm("", ""); + // Focus the previous form to trigger a blur. + $_(7, "uname").focus(); +}); + +add_task(function* test_form8_2() { + checkACForm("", ""); + restoreForm(); +}); + +add_task(function* test_form8_3() { + checkACForm("", ""); + setupScript.sendSyncMessage("removeLogin", "login7"); +}); + +add_task(function* test_form9_filtering() { + // Turn our attention to form9 to test the dropdown - bug 497541 + uname = $_(9, "uname"); + pword = $_(9, "pword"); + uname.focus(); + let shownPromise = promiseACShown(); + sendString("form9userAB"); + yield shownPromise; + + checkACForm("form9userAB", ""); + uname.focus(); + doKey("left"); + shownPromise = promiseACShown(); + sendChar("A"); + let results = yield shownPromise; + + checkACForm("form9userAAB", ""); + checkArrayValues(results, ["form9userAAB"], "Check dropdown is updated after inserting 'A'"); + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("form9userAAB", "form9pass"); +}); + +add_task(function* test_form9_autocomplete_cache() { + // Note that this addLogin call will only be seen by the autocomplete + // attempt for the sendChar if we do not successfully cache the + // autocomplete results. + setupScript.sendSyncMessage("addLogin", "login8C"); + uname.focus(); + let promise0 = notifyMenuChanged(0); + sendChar("z"); + yield promise0; + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup shouldn't open"); + + // check that empty results are cached - bug 496466 + promise0 = notifyMenuChanged(0); + sendChar("z"); + yield promise0; + popupState = yield getPopupState(); + is(popupState.open, false, "Check popup stays closed due to cached empty result"); +}); + +add_task(function* test_form11_recipes() { + yield loadRecipes({ + siteRecipes: [{ + "hosts": ["mochi.test:8888"], + "usernameSelector": "input[name='1']", + "passwordSelector": "input[name='2']" + }], + }); + uname = $_(11, "1"); + pword = $_(11, "2"); + + // First test DOMAutocomplete + // Switch the password field to type=password so _fillForm marks the username + // field for autocomplete. + pword.type = "password"; + yield promiseFormsProcessed(); + restoreForm(); + checkACForm("", ""); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("testuser10", "testpass10"); + + // Now test recipes with blur on the username field. + restoreForm(); + checkACForm("", ""); + uname.value = "testuser10"; + checkACForm("testuser10", ""); + doKey("tab"); + yield promiseFormsProcessed(); + checkACForm("testuser10", "testpass10"); + yield resetRecipes(); +}); + +add_task(function* test_form12_formless() { + // Test form-less autocomplete + uname = $_(12, "uname"); + pword = $_(12, "pword"); + restoreForm(); + checkACForm("", ""); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Trigger autocomplete + doKey("down"); + checkACForm("", ""); // value shouldn't update + let processedPromise = promiseFormsProcessed(); + doKey("return"); // not "enter"! + yield processedPromise; + checkACForm("testuser", "testpass"); +}); + +add_task(function* test_form12_open_on_trusted_focus() { + uname = $_(12, "uname"); + pword = $_(12, "pword"); + uname.value = ""; + pword.value = ""; + + // Move focus to the password field so we can test the first click on the + // username field. + pword.focus(); + checkACForm("", ""); + const firePrivEventPromise = new Promise((resolve) => { + uname.addEventListener("click", (e) => { + ok(e.isTrusted, "Ensure event is trusted"); + resolve(); + }); + }); + const shownPromise = promiseACShown(); + synthesizeMouseAtCenter(uname, {}); + yield firePrivEventPromise; + yield shownPromise; + doKey("down"); + const processedPromise = promiseFormsProcessed(); + doKey("return"); // not "enter"! + yield processedPromise; + checkACForm("testuser", "testpass"); +}); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_html5.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_html5.html new file mode 100644 index 000000000..40e322afd --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_html5.html @@ -0,0 +1,164 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for html5 input types (email, tel, url, etc.)</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: html5 input types (email, tel, url, etc.) +<script> +runChecksAfterCommonInit(() => startTest()); + +runInParent(function setup() { + const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + let pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + + login1 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login3 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login4 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + + login1.init("http://mochi.test:8888", "http://bug600551-1", null, + "testuser@example.com", "testpass1", "", ""); + login2.init("http://mochi.test:8888", "http://bug600551-2", null, + "555-555-5555", "testpass2", "", ""); + login3.init("http://mochi.test:8888", "http://bug600551-3", null, + "http://mozilla.org", "testpass3", "", ""); + login4.init("http://mochi.test:8888", "http://bug600551-4", null, + "123456789", "testpass4", "", ""); + + pwmgr.addLogin(login1); + pwmgr.addLogin(login2); + pwmgr.addLogin(login3); + pwmgr.addLogin(login4); +}); +</script> + +<p id="display"></p> +<div id="content" style="display: none"> + + <form id="form1" action="http://bug600551-1"> + <input type="email" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form2" action="http://bug600551-2"> + <input type="tel" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form3" action="http://bug600551-3"> + <input type="url" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form4" action="http://bug600551-4"> + <input type="number" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- The following forms should not be filled with usernames --> + <form id="form5" action="formtest.js"> + <input type="search" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form6" action="formtest.js"> + <input type="datetime" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form7" action="formtest.js"> + <input type="date" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form8" action="formtest.js"> + <input type="month" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form9" action="formtest.js"> + <input type="week" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form10" action="formtest.js"> + <input type="time" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form11" action="formtest.js"> + <input type="datetime-local" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form12" action="formtest.js"> + <input type="range" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form13" action="formtest.js"> + <input type="color" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + +</div> +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/* Test for Login Manager: 600551 + (Password manager not working with input type=email) + */ +function startTest() { + checkForm(1, "testuser@example.com", "testpass1"); + checkForm(2, "555-555-5555", "testpass2"); + checkForm(3, "http://mozilla.org", "testpass3"); + checkForm(4, "123456789", "testpass4"); + + is($_(5, "uname").value, "", "type=search should not be considered a username"); + + is($_(6, "uname").value, "", "type=datetime should not be considered a username"); + + is($_(7, "uname").value, "", "type=date should not be considered a username"); + + is($_(8, "uname").value, "", "type=month should not be considered a username"); + + is($_(9, "uname").value, "", "type=week should not be considered a username"); + + is($_(10, "uname").value, "", "type=time should not be considered a username"); + + is($_(11, "uname").value, "", "type=datetime-local should not be considered a username"); + + is($_(12, "uname").value, "50", "type=range should not be considered a username"); + + is($_(13, "uname").value, "#000000", "type=color should not be considered a username"); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwevent.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwevent.html new file mode 100644 index 000000000..e0a2883c8 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwevent.html @@ -0,0 +1,55 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugzilla.mozilla.org/show_bug.cgi?id=355063 +--> +<head> + <meta charset="utf-8"/> + <title>Test for Bug 355063</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="application/javascript"> + /** Test for Bug 355063 **/ + + runChecksAfterCommonInit(function startTest() { + info("startTest"); + // Password Manager's own listener should always have been added first, so + // the test's listener should be called after the pwmgr's listener fills in + // a login. + // + SpecialPowers.addChromeEventListener("DOMFormHasPassword", function eventFired() { + SpecialPowers.removeChromeEventListener("DOMFormHasPassword", eventFired); + var passField = $("p1"); + passField.addEventListener("input", checkForm); + }); + addForm(); + }); + + function addForm() { + info("addForm"); + var c = document.getElementById("content"); + c.innerHTML = "<form id=form1>form1: <input id=u1><input type=password id=p1></form><br>"; + } + + function checkForm() { + info("checkForm"); + var userField = document.getElementById("u1"); + var passField = document.getElementById("p1"); + is(userField.value, "testuser", "checking filled username"); + is(passField.value, "testpass", "checking filled password"); + + SimpleTest.finish(); + } +</script> +</head> +<body> +<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=355063">Mozilla Bug 355063</a> +<p id="display"></p> +<div id="content"> +forms go here! +</div> +<pre id="test"> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwonly.html b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwonly.html new file mode 100644 index 000000000..40fec8c46 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_basic_form_pwonly.html @@ -0,0 +1,213 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test forms and logins without a username</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: forms and logins without a username. +<script> +runChecksAfterCommonInit(() => startTest()); +runInParent(() => { + const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + var pwmgr = Cc["@mozilla.org/login-manager;1"] + .getService(Ci.nsILoginManager); + + var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", Ci.nsILoginInfo); + + // pwlogin1 uses a unique formSubmitURL, to check forms where no other logins + // will apply. pwlogin2 uses the normal formSubmitURL, so that we can test + // forms with a mix of username and non-username logins that might apply. + // + // Note: pwlogin2 is deleted at the end of the test. + + pwlogin1 = new nsLoginInfo(); + pwlogin2 = new nsLoginInfo(); + + pwlogin1.init("http://mochi.test:8888", "http://mochi.test:1111", null, + "", "1234", "uname", "pword"); + + pwlogin2.init("http://mochi.test:8888", "http://mochi.test:8888", null, + "", "1234", "uname", "pword"); + + + pwmgr.addLogin(pwlogin1); + pwmgr.addLogin(pwlogin2); +}); +</script> +<p id="display"></p> + +<div id="content" style="display: none"> + + +<!-- simple form: no username field, 1 password field --> +<form id='form1' action='http://mochi.test:1111/formtest.js'> 1 + <input type='password' name='pname' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +<!-- simple form: no username field, 2 password fields --> +<form id='form2' action='http://mochi.test:1111/formtest.js'> 2 + <input type='password' name='pname1' value=''> + <input type='password' name='pname2' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +<!-- simple form: no username field, 3 password fields --> +<form id='form3' action='http://mochi.test:1111/formtest.js'> 3 + <input type='password' name='pname1' value=''> + <input type='password' name='pname2' value=''> + <input type='password' name='pname3' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +<!-- 4 password fields, should be ignored. --> +<form id='form4' action='http://mochi.test:1111/formtest.js'> 4 + <input type='password' name='pname1' value=''> + <input type='password' name='pname2' value=''> + <input type='password' name='pname3' value=''> + <input type='password' name='pname4' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + + + +<!-- 1 username field --> +<form id='form5' action='http://mochi.test:1111/formtest.js'> 5 + <input type='text' name='uname' value=''> + <input type='password' name='pname' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + + +<!-- 1 username field, with a value set --> +<form id='form6' action='http://mochi.test:1111/formtest.js'> 6 + <input type='text' name='uname' value='someuser'> + <input type='password' name='pname' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + + + +<!-- +(The following forms have 2 potentially-matching logins, on is +password-only, the other is username+password) +--> + + + +<!-- 1 username field, with value set. Fill in the matching U+P login --> +<form id='form7' action='formtest.js'> 7 + <input type='text' name='uname' value='testuser'> + <input type='password' name='pname' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +<!-- 1 username field, with value set. Don't fill in U+P login--> +<form id='form8' action='formtest.js'> 8 + <input type='text' name='uname' value='someuser'> + <input type='password' name='pname' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + + + +<!-- 1 username field, too small for U+P login --> +<form id='form9' action='formtest.js'> 9 + <input type='text' name='uname' value='' maxlength="4"> + <input type='password' name='pname' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +<!-- 1 username field, too small for U+P login --> +<form id='form10' action='formtest.js'> 10 + <input type='text' name='uname' value='' maxlength="0"> + <input type='password' name='pname' value=''> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +<!-- 1 username field, too small for U+P login --> +<form id='form11' action='formtest.js'> 11 + <input type='text' name='uname' value=''> + <input type='password' name='pname' value='' maxlength="4"> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +<!-- 1 username field, too small for either login --> +<form id='form12' action='formtest.js'> 12 + <input type='text' name='uname' value=''> + <input type='password' name='pname' value='' maxlength="1"> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +<!-- 1 username field, too small for either login --> +<form id='form13' action='formtest.js'> 13 + <input type='text' name='uname' value=''> + <input type='password' name='pname' value='' maxlength="0"> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + + + +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: password-only logins **/ +function startTest() { + + checkForm(1, "1234"); + checkForm(2, "1234", ""); + checkForm(3, "1234", "", ""); + checkUnmodifiedForm(4); + + checkForm(5, "", "1234"); + checkForm(6, "someuser", ""); + + checkForm(7, "testuser", "testpass"); + checkForm(8, "someuser", ""); + + checkForm(9, "", "1234"); + checkForm(10, "", "1234"); + checkForm(11, "", "1234"); + + checkUnmodifiedForm(12); + checkUnmodifiedForm(13); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/mochitest/test_bug_627616.html b/toolkit/components/passwordmgr/test/mochitest/test_bug_627616.html new file mode 100644 index 000000000..ad4a41cdb --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_bug_627616.html @@ -0,0 +1,145 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test bug 627616 related to proxy authentication</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script class="testbody" type="text/javascript"> + SimpleTest.waitForExplicitFinish(); + + var Ci = SpecialPowers.Ci; + + function makeXHR(expectedStatus, expectedText, extra) { + var xhr = new XMLHttpRequest(); + xhr.open("GET", "authenticate.sjs?" + + "proxy_user=proxy_user&" + + "proxy_pass=proxy_pass&" + + "proxy_realm=proxy_realm&" + + "user=user1name&" + + "pass=user1pass&" + + "realm=mochirealm&" + + extra || ""); + xhr.onloadend = function() { + is(xhr.status, expectedStatus, "xhr.status"); + is(xhr.statusText, expectedText, "xhr.statusText"); + runNextTest(); + }; + return xhr; + } + + function testNonAnonymousCredentials() { + var xhr = makeXHR(200, "OK"); + xhr.send(); + } + + function testAnonymousCredentials() { + // Test that an anonymous request correctly performs proxy authentication + var xhr = makeXHR(401, "Authentication required"); + SpecialPowers.wrap(xhr).channel.loadFlags |= Ci.nsIChannel.LOAD_ANONYMOUS; + xhr.send(); + } + + function testAnonymousNoAuth() { + // Next, test that an anonymous request still does not include any non-proxy + // authentication headers. + var xhr = makeXHR(200, "Authorization header not found", "anonymous=1"); + SpecialPowers.wrap(xhr).channel.loadFlags |= Ci.nsIChannel.LOAD_ANONYMOUS; + xhr.send(); + } + + var gExpectedDialogs = 0; + var gCurrentTest; + function runNextTest() { + is(gExpectedDialogs, 0, "received expected number of auth dialogs"); + mm.sendAsyncMessage("prepareForNextTest"); + mm.addMessageListener("prepareForNextTestDone", function prepared(msg) { + mm.removeMessageListener("prepareForNextTestDone", prepared); + if (pendingTests.length > 0) { + ({expectedDialogs: gExpectedDialogs, + test: gCurrentTest} = pendingTests.shift()); + gCurrentTest.call(this); + } else { + mm.sendAsyncMessage("cleanup"); + mm.addMessageListener("cleanupDone", () => { + // mm.destroy() is called as a cleanup function by runInParent(), no + // need to do it here. + SimpleTest.finish(); + }); + } + }); + } + + var pendingTests = [{expectedDialogs: 2, test: testNonAnonymousCredentials}, + {expectedDialogs: 1, test: testAnonymousCredentials}, + {expectedDialogs: 0, test: testAnonymousNoAuth}]; + + let mm = runInParent(() => { + const { classes: parentCc, interfaces: parentCi, utils: parentCu } = Components; + + parentCu.import("resource://gre/modules/Services.jsm"); + parentCu.import("resource://gre/modules/NetUtil.jsm"); + parentCu.import("resource://gre/modules/Timer.jsm"); + parentCu.import("resource://gre/modules/XPCOMUtils.jsm"); + + let channel = NetUtil.newChannel({ + uri: "http://example.com", + loadUsingSystemPrincipal: true + }); + + let pps = parentCc["@mozilla.org/network/protocol-proxy-service;1"]. + getService(parentCi.nsIProtocolProxyService); + pps.asyncResolve(channel, 0, { + onProxyAvailable(req, uri, pi, status) { + let mozproxy = "moz-proxy://" + pi.host + ":" + pi.port; + let login = parentCc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(parentCi.nsILoginInfo); + login.init(mozproxy, null, "proxy_realm", "proxy_user", "proxy_pass", + "", ""); + Services.logins.addLogin(login); + + let login2 = parentCc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(parentCi.nsILoginInfo); + login2.init("http://mochi.test:8888", null, "mochirealm", "user1name", + "user1pass", "", ""); + Services.logins.addLogin(login2); + + sendAsyncMessage("setupDone"); + }, + QueryInterface: XPCOMUtils.generateQI([parentCi.nsIProtocolProxyCallback]), + }); + + addMessageListener("prepareForNextTest", message => { + parentCc["@mozilla.org/network/http-auth-manager;1"]. + getService(parentCi.nsIHttpAuthManager). + clearAll(); + sendAsyncMessage("prepareForNextTestDone"); + }); + + let dialogObserverTopic = "common-dialog-loaded"; + + function dialogObserver(subj, topic, data) { + subj.Dialog.ui.prompt.document.documentElement.acceptDialog(); + sendAsyncMessage("promptAccepted"); + } + + Services.obs.addObserver(dialogObserver, dialogObserverTopic, false); + + addMessageListener("cleanup", message => { + Services.obs.removeObserver(dialogObserver, dialogObserverTopic); + sendAsyncMessage("cleanupDone"); + }); + }); + + mm.addMessageListener("promptAccepted", msg => { + gExpectedDialogs--; + }); + mm.addMessageListener("setupDone", msg => { + runNextTest(); + }); +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_bug_776171.html b/toolkit/components/passwordmgr/test/mochitest/test_bug_776171.html new file mode 100644 index 000000000..4ad08bee2 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_bug_776171.html @@ -0,0 +1,56 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugzilla.mozilla.org/show_bug.cgi?id=776171 +--> +<head> + <meta charset="utf-8"> + <title>Test for Bug 776171 related to HTTP auth</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body onload="startTest()"> +<script class="testbody" type="text/javascript"> + +/** + * This test checks we correctly ignore authentication entry + * for a subpath and use creds from the URL when provided when XHR + * is used with filled user name and password. + * + * 1. connect auth2/authenticate.sjs that expects user1:pass1 password + * 2. connect a dummy URL at the same path + * 3. connect authenticate.sjs that again expects user1:pass1 password + * in this case, however, we have an entry without an identity + * for this path (that is a parent for auth2 path in the first step) + */ + +SimpleTest.waitForExplicitFinish(); + +function doxhr(URL, user, pass, next) { + var xhr = new XMLHttpRequest(); + if (user && pass) + xhr.open("POST", URL, true, user, pass); + else + xhr.open("POST", URL, true); + xhr.onload = function() { + is(xhr.status, 200, "Got status 200"); + next(); + }; + xhr.onerror = function() { + ok(false, "request passed"); + finishTest(); + }; + xhr.send(); +} + +function startTest() { + doxhr("auth2/authenticate.sjs?user=user1&pass=pass1&realm=realm1", "user1", "pass1", function() { + doxhr("auth2", null, null, function() { + doxhr("authenticate.sjs?user=user1&pass=pass1&realm=realm1", "user1", "pass1", SimpleTest.finish); + }); + }); +} +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_case_differences.html b/toolkit/components/passwordmgr/test/mochitest/test_case_differences.html new file mode 100644 index 000000000..316f59da7 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_case_differences.html @@ -0,0 +1,147 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test autocomplete due to multiple matching logins</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: autocomplete due to multiple matching logins + +<script> +runChecksAfterCommonInit(false); + +SpecialPowers.loadChromeScript(function addLogins() { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + // Create some logins just for this form, since we'll be deleting them. + var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + + var login0 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "name", "pass", "uname", "pword"); + + var login1 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "Name", "Pass", "uname", "pword"); + + var login2 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "USER", "PASS", "uname", "pword"); + + try { + Services.logins.addLogin(login0); + Services.logins.addLogin(login1); + Services.logins.addLogin(login2); + } catch (e) { + assert.ok(false, "addLogin threw: " + e); + } +}); +</script> +<p id="display"></p> + +<!-- we presumably can't hide the content for this test. --> +<div id="content"> + + <!-- form1 tests multiple matching logins --> + <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: autocomplete due to multiple matching logins **/ + +var uname = $_(1, "uname"); +var pword = $_(1, "pword"); + +// Restore the form to the default state. +function restoreForm() { + uname.value = ""; + pword.value = ""; + uname.focus(); +} + +// Check for expected username/password in form. +function checkACForm(expectedUsername, expectedPassword) { + var formID = uname.parentNode.id; + is(uname.value, expectedUsername, "Checking " + formID + " username"); + is(pword.value, expectedPassword, "Checking " + formID + " password"); +} + +add_task(function* test_empty_first_entry() { + /* test 1 */ + // Make sure initial form is empty. + checkACForm("", ""); + // Trigger autocomplete popup + restoreForm(); + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is initially closed"); + let shownPromise = promiseACShown(); + doKey("down"); + let results = yield shownPromise; + popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected"); + checkArrayValues(results, ["name", "Name", "USER"], "initial"); + + // Check first entry + let index0Promise = notifySelectedIndex(0); + doKey("down"); + yield index0Promise; + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("name", "pass"); +}); + +add_task(function* test_empty_second_entry() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + doKey("down"); // first + doKey("down"); // second + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("Name", "Pass"); +}); + +add_task(function* test_empty_third_entry() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + doKey("down"); // first + doKey("down"); // second + doKey("down"); // third + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("USER", "PASS"); +}); + +add_task(function* test_preserve_matching_username_case() { + restoreForm(); + uname.value = "user"; + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check that we don't clobber user-entered text when tabbing away + // (even with no autocomplete entry selected) + doKey("tab"); + yield promiseFormsProcessed(); + checkACForm("user", "PASS"); +}); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_form_action_1.html b/toolkit/components/passwordmgr/test/mochitest/test_form_action_1.html new file mode 100644 index 000000000..430081b3a --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_form_action_1.html @@ -0,0 +1,137 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for considering form action</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: Bug 360493 +<script> +runChecksAfterCommonInit(() => startTest()); +</script> +<p id="display"></p> +<div id="content" style="display: none"> + + <!-- normal form with normal relative action. --> + <form id="form1" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- fully specify the action URL --> + <form id="form2" action="http://mochi.test:8888/tests/toolkit/components/passwordmgr/test/formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- fully specify the action URL, and change the path --> + <form id="form3" action="http://mochi.test:8888/zomg/wtf/bbq/passwordmgr/test/formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- fully specify the action URL, and change the path and filename --> + <form id="form4" action="http://mochi.test:8888/zomg/wtf/bbq/passwordmgr/test/not_a_test.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- specify the action URL relative to the current document--> + <form id="form5" action="./formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- specify the action URL relative to the current server --> + <form id="form6" action="/tests/toolkit/components/passwordmgr/test/formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Change the method from get to post --> + <form id="form7" action="formtest.js" method="POST"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Blank action URL specified --> + <form id="form8" action=""> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- |action| attribute entirely missing --> + <form id="form9" > + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- action url as javascript --> + <form id="form10" action="javascript:alert('this form is not submitted so this alert should not be invoked');"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- TODO: action=IP.ADDRESS instead of HOSTNAME? --> + <!-- TODO: test with |base href="http://othersite//"| ? --> +</div> +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: 360493 (Cross-Site Forms + Password + Manager = Security Failure) **/ + +// This test is designed to make sure variations on the form's |action| +// and |method| continue to work with the fix for 360493. + +function startTest() { + for (var i = 1; i <= 9; i++) { + // Check form i + is($_(i, "uname").value, "testuser", "Checking for filled username " + i); + is($_(i, "pword").value, "testpass", "Checking for filled password " + i); + } + + // The login's formSubmitURL isn't "javascript:", so don't fill it in. + isnot($_(10, "uname"), "testuser", "Checking username w/ JS action URL"); + isnot($_(10, "pword"), "testpass", "Checking password w/ JS action URL"); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/mochitest/test_form_action_2.html b/toolkit/components/passwordmgr/test/mochitest/test_form_action_2.html new file mode 100644 index 000000000..0f0056de0 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_form_action_2.html @@ -0,0 +1,170 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for considering form action</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: Bug 360493 +<script> +runChecksAfterCommonInit(() => startTest()); +</script> +<p id="display"></p> +<div id="content" style="display: none"> + + <!-- The tests in this page exercise things that shouldn't work. --> + + <!-- Change port # of action URL from 8888 to 7777 --> + <form id="form1" action="http://localhost:7777/tests/toolkit/components/passwordmgr/test/formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- No port # in action URL --> + <form id="form2" action="http://localhost/tests/toolkit/components/passwordmgr/test/formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Change protocol from http:// to ftp://, include the expected 8888 port # --> + <form id="form3" action="ftp://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Change protocol from http:// to ftp://, no port # specified --> + <form id="form4" action="ftp://localhost/tests/toolkit/components/passwordmgr/test/formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Try a weird URL. --> + <form id="form5" action="about:blank"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Try a weird URL. (If the normal embedded action URL doesn't work, that should mean other URLs won't either) --> + <form id="form6" action="view-source:http://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Try a weird URL. --> + <form id="form7" action="view-source:formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Action URL points to a different host (this is the archetypical exploit) --> + <form id="form8" action="http://www.cnn.com/"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Action URL points to a different host, user field prefilled --> + <form id="form9" action="http://www.cnn.com/"> + <input type="text" name="uname" value="testuser"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- Try wrapping a evil form around a good form, to see if we can confuse the parser. --> + <form id="form10-A" action="http://www.cnn.com/"> + <form id="form10-B" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit (inner)</button> + <button type="reset"> Reset (inner)</button> + </form> + <button type="submit" id="neutered_submit10">Submit (outer)</button> + <button type="reset">Reset (outer)</button> + </form> + + <!-- Try wrapping a good form around an evil form, to see if we can confuse the parser. --> + <form id="form11-A" action="formtest.js"> + <form id="form11-B" action="http://www.cnn.com/"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit (inner)</button> + <button type="reset"> Reset (inner)</button> + </form> + <button type="submit" id="neutered_submit11">Submit (outer)</button> + <button type="reset">Reset (outer)</button> + </form> + +<!-- TODO: probably should have some accounts which have no port # in the action url. JS too. And different host/proto. --> +<!-- TODO: www.site.com vs. site.com? --> +<!-- TODO: foo.site.com vs. bar.site.com? --> + +</div> +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: 360493 (Cross-Site Forms + Password Manager = Security Failure) **/ + +function startTest() { + for (var i = 1; i <= 8; i++) { + // Check form i + is($_(i, "uname").value, "", "Checking for unfilled username " + i); + is($_(i, "pword").value, "", "Checking for unfilled password " + i); + } + + is($_(9, "uname").value, "testuser", "Checking for unmodified username 9"); + is($_(9, "pword").value, "", "Checking for unfilled password 9"); + + is($_("10-A", "uname").value, "", "Checking for unfilled username 10A"); + is($_("10-A", "pword").value, "", "Checking for unfilled password 10A"); + + // The DOM indicates this form could be filled, as the evil inner form + // is discarded. And yet pwmgr seems not to fill it. Not sure why. + todo(false, "Mangled form combo not being filled when maybe it could be?"); + is($_("11-A", "uname").value, "testuser", "Checking filled username 11A"); + is($_("11-A", "pword").value, "testpass", "Checking filled password 11A"); + + // Verify this by making sure there are no extra forms in the document, and + // that the submit button for the neutered forms don't do anything. + // If the test finds extra forms the submit() causes the test to timeout, then + // there may be a security issue. + is(document.forms.length, 11, "Checking for unexpected forms"); + $("neutered_submit10").click(); + $("neutered_submit11").click(); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/mochitest/test_form_action_javascript.html b/toolkit/components/passwordmgr/test/mochitest/test_form_action_javascript.html new file mode 100644 index 000000000..d37e92c40 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_form_action_javascript.html @@ -0,0 +1,52 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test forms with a JS submit action</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: form with JS submit action +<script> +runChecksAfterCommonInit(() => startTest()); + +runInParent(function setup() { + const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + let jslogin = Cc["@mozilla.org/login-manager/loginInfo;1"].createInstance(Ci.nsILoginInfo); + jslogin.init("http://mochi.test:8888", "javascript:", null, + "jsuser", "jspass123", "uname", "pword"); + Services.logins.addLogin(jslogin); +}); + +/** Test for Login Manager: JS action URL **/ + +function startTest() { + checkForm(1, "jsuser", "jspass123"); + + SimpleTest.finish(); +} +</script> + +<p id="display"></p> + +<div id="content" style="display: none"> + + +<form id='form1' action='javascript:alert("never shows")'> 1 + <input name="uname"> + <input name="pword" type="password"> + + <button type='submit'>Submit</button> + <button type='reset'> Reset </button> +</form> + +</div> + +<pre id="test"></pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/mochitest/test_formless_autofill.html b/toolkit/components/passwordmgr/test/mochitest/test_formless_autofill.html new file mode 100644 index 000000000..6263c818d --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_formless_autofill.html @@ -0,0 +1,147 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Test autofilling of fields outside of a form</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script type="application/javascript;version=1.8"> +let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + +document.addEventListener("DOMContentLoaded", () => { + document.getElementById("loginFrame").addEventListener("load", (evt) => { + // Tell the parent to setup test logins. + chromeScript.sendAsyncMessage("setupParent", { selfFilling: true }); + }); +}); + +let doneSetupPromise = new Promise(resolve => { + // When the setup is done, load a recipe for this test. + chromeScript.addMessageListener("doneSetup", function doneSetup() { + resolve(); + }); +}); + +add_task(function* setup() { + info("Waiting for loads and setup"); + yield doneSetupPromise; + + yield loadRecipes({ + siteRecipes: [{ + hosts: ["mochi.test:8888"], + usernameSelector: "input[name='recipeuname']", + passwordSelector: "input[name='recipepword']", + }], + }); +}); + + +const DEFAULT_ORIGIN = "http://mochi.test:8888"; +const TESTCASES = [ + { + // Inputs + document: `<input type=password>`, + + // Expected outputs + expectedInputValues: ["testpass"], + }, + { + document: `<input> + <input type=password>`, + expectedInputValues: ["testuser", "testpass"], + }, + { + document: `<input> + <input type=password> + <input type=password>`, + expectedInputValues: ["testuser", "testpass", ""], + }, + { + document: `<input> + <input type=password> + <input type=password> + <input type=password>`, + expectedInputValues: ["testuser", "testpass", "", ""], + }, + { + document: `<input> + <input type=password form="form1"> + <input type=password> + <form id="form1"> + <input> + <input type=password> + </form>`, + expectedFormCount: 2, + expectedInputValues: ["testuser", "testpass", "testpass", "", ""], + }, + { + document: `<!-- formless password field selector recipe test --> + <input> + <input type=password> + <input> + <input type=password name="recipepword">`, + expectedInputValues: ["", "", "testuser", "testpass"], + }, + { + document: `<!-- formless username and password field selector recipe test --> + <input name="recipeuname"> + <input> + <input type=password> + <input type=password name="recipepword">`, + expectedInputValues: ["testuser", "", "", "testpass"], + }, + { + document: `<!-- form and formless recipe field selector test --> + <input name="recipeuname"> + <input> + <input type=password form="form1"> <!-- not filled since recipe affects both FormLikes --> + <input type=password> + <input type=password name="recipepword"> + <form id="form1"> + <input> + <input type=password> + </form>`, + expectedFormCount: 2, + expectedInputValues: ["testuser", "", "", "", "testpass", "", ""], + }, +]; + +add_task(function* test() { + let loginFrame = document.getElementById("loginFrame"); + let frameDoc = loginFrame.contentWindow.document; + + for (let tc of TESTCASES) { + info("Starting testcase: " + JSON.stringify(tc)); + + let numFormLikesExpected = tc.expectedFormCount || 1; + + let processedFormPromise = promiseFormsProcessed(numFormLikesExpected); + + frameDoc.documentElement.innerHTML = tc.document; + info("waiting for " + numFormLikesExpected + " processed form(s)"); + yield processedFormPromise; + + let testInputs = frameDoc.documentElement.querySelectorAll("input"); + is(testInputs.length, tc.expectedInputValues.length, "Check number of inputs"); + for (let i = 0; i < tc.expectedInputValues.length; i++) { + let expectedValue = tc.expectedInputValues[i]; + is(testInputs[i].value, expectedValue, + "Check expected input value " + i + ": " + expectedValue); + } + } +}); + +</script> + +<p id="display"></p> + +<div id="content"> + <iframe id="loginFrame" src="http://mochi.test:8888/tests/toolkit/components/passwordmgr/test/blank.html"></iframe> +</div> +<pre id="test"></pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_formless_submit.html b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit.html new file mode 100644 index 000000000..468da1e7f --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit.html @@ -0,0 +1,183 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Test capturing of fields outside of a form</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <script src="/tests/SimpleTest/SpawnTask.js"></script> + <script src="pwmgr_common.js"></script> + <link rel="stylesheet" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script type="application/javascript;version=1.8"> +const LMCBackstagePass = SpecialPowers.Cu.import("resource://gre/modules/LoginManagerContent.jsm"); +const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass; + +let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + +let loadPromise = new Promise(resolve => { + document.addEventListener("DOMContentLoaded", () => { + document.getElementById("loginFrame").addEventListener("load", (evt) => { + resolve(); + }); + }); +}); + +add_task(function* setup() { + info("Waiting for page and frame loads"); + yield loadPromise; + + yield loadRecipes({ + siteRecipes: [{ + hosts: ["mochi.test:8888"], + usernameSelector: "input[name='recipeuname']", + passwordSelector: "input[name='recipepword']", + }], + }); +}); + +const DEFAULT_ORIGIN = "http://mochi.test:8888"; +const TESTCASES = [ + { + // Inputs + document: `<input type=password value="pass1">`, + inputIndexForFormLike: 0, + + // Expected outputs similar to RemoteLogins:onFormSubmit + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: null, + newPasswordFieldValue: "pass1", + oldPasswordFieldValue: null, + }, + { + document: `<input value="user1"> + <input type=password value="pass1">`, + inputIndexForFormLike: 0, + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass1", + oldPasswordFieldValue: null, + }, + { + document: `<input value="user1"> + <input type=password value="pass1">`, + inputIndexForFormLike: 1, + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass1", + oldPasswordFieldValue: null, + }, + { + document: `<input value="user1"> + <input type=password value="pass1"> + <input type=password value="pass2">`, + inputIndexForFormLike: 2, + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass2", + oldPasswordFieldValue: "pass1", + }, + { + document: `<input value="user1"> + <input type=password value="pass1"> + <input type=password value="pass2"> + <input type=password value="pass2">`, + inputIndexForFormLike: 3, + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass2", + oldPasswordFieldValue: "pass1", + }, + { + document: `<input value="user1"> + <input type=password value="user2" form="form1"> + <input type=password value="pass1"> + <form id="form1"> + <input value="user3"> + <input type=password value="pass2"> + </form>`, + inputIndexForFormLike: 2, + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass1", + oldPasswordFieldValue: null, + }, + { + document: `<!-- recipe field override --> + <input name="recipeuname" value="username from recipe"> + <input value="default field username"> + <input type=password value="pass1"> + <input name="recipepword" type=password value="pass2">`, + inputIndexForFormLike: 2, + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "username from recipe", + newPasswordFieldValue: "pass2", + oldPasswordFieldValue: null, + }, +]; + +function getSubmitMessage() { + info("getSubmitMessage"); + return new Promise((resolve, reject) => { + chromeScript.addMessageListener("formSubmissionProcessed", function processed(...args) { + info("got formSubmissionProcessed"); + chromeScript.removeMessageListener("formSubmissionProcessed", processed); + resolve(...args); + }); + }); +} + +add_task(function* test() { + let loginFrame = document.getElementById("loginFrame"); + let frameDoc = loginFrame.contentWindow.document; + + for (let tc of TESTCASES) { + info("Starting testcase: " + JSON.stringify(tc)); + frameDoc.documentElement.innerHTML = tc.document; + let inputForFormLike = frameDoc.querySelectorAll("input")[tc.inputIndexForFormLike]; + + let formLike = LoginFormFactory.createFromField(inputForFormLike); + + info("Calling _onFormSubmit with FormLike"); + let processedPromise = getSubmitMessage(); + LoginManagerContent._onFormSubmit(formLike); + + let submittedResult = yield processedPromise; + + // Check data sent via RemoteLogins:onFormSubmit + is(submittedResult.hostname, tc.hostname, "Check hostname"); + is(submittedResult.formSubmitURL, tc.formSubmitURL, "Check formSubmitURL"); + + if (tc.usernameFieldValue === null) { + is(submittedResult.usernameField, tc.usernameFieldValue, "Check usernameField"); + } else { + is(submittedResult.usernameField.value, tc.usernameFieldValue, "Check usernameField"); + } + + is(submittedResult.newPasswordField.value, tc.newPasswordFieldValue, "Check newPasswordFieldValue"); + + if (tc.oldPasswordFieldValue === null) { + is(submittedResult.oldPasswordField, tc.oldPasswordFieldValue, "Check oldPasswordFieldValue"); + } else { + is(submittedResult.oldPasswordField.value, tc.oldPasswordFieldValue, "Check oldPasswordFieldValue"); + } + } +}); + +</script> + +<p id="display"></p> + +<div id="content"> + <iframe id="loginFrame" src="http://mochi.test:8888/tests/toolkit/components/passwordmgr/test/blank.html"></iframe> +</div> +<pre id="test"></pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation.html b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation.html new file mode 100644 index 000000000..b07d0886c --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation.html @@ -0,0 +1,191 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Test capturing of fields outside of a form due to navigation</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <script src="/tests/SimpleTest/SpawnTask.js"></script> + <script src="pwmgr_common.js"></script> + <link rel="stylesheet" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script type="application/javascript;version=1.8"> +const LMCBackstagePass = SpecialPowers.Cu.import("resource://gre/modules/LoginManagerContent.jsm"); +const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass; + +let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + +let loadPromise = new Promise(resolve => { + document.addEventListener("DOMContentLoaded", () => { + document.getElementById("loginFrame").addEventListener("load", (evt) => { + resolve(); + }); + }); +}); + +add_task(function* setup() { + yield SpecialPowers.pushPrefEnv({ + set: [ + ["signon.formlessCapture.enabled", true], + ], + }); + + info("Waiting for page and frame loads"); + yield loadPromise; + + yield loadRecipes({ + siteRecipes: [{ + hosts: ["test1.mochi.test:8888"], + usernameSelector: "input[name='recipeuname']", + passwordSelector: "input[name='recipepword']", + }], + }); +}); + +const DEFAULT_ORIGIN = "http://test1.mochi.test:8888"; +const SCRIPTS = { + PUSHSTATE: `history.pushState({}, "Pushed state", "?pushed");`, + WINDOW_LOCATION: `window.location = "data:text/html;charset=utf-8,window.location";`, +}; +const TESTCASES = [ + { + // Inputs + document: `<input type=password value="pass1">`, + + // Expected outputs similar to RemoteLogins:onFormSubmit + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: null, + newPasswordFieldValue: "pass1", + oldPasswordFieldValue: null, + }, + { + document: `<input value="user1"> + <input type=password value="pass1">`, + + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass1", + oldPasswordFieldValue: null, + }, + { + document: `<input value="user1"> + <input type=password value="pass1"> + <input type=password value="pass2">`, + + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass2", + oldPasswordFieldValue: "pass1", + }, + { + document: `<input value="user1"> + <input type=password value="pass1"> + <input type=password value="pass2"> + <input type=password value="pass2">`, + + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass2", + oldPasswordFieldValue: "pass1", + }, + { + document: `<input value="user1"> + <input type=password value="user2" form="form1"> + <input type=password value="pass1"> + <form id="form1"> + <input value="user3"> + <input type=password value="pass2"> + </form>`, + + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "user1", + newPasswordFieldValue: "pass1", + oldPasswordFieldValue: null, + }, + { + document: `<!-- recipe field override --> + <input name="recipeuname" value="username from recipe"> + <input value="default field username"> + <input type=password value="pass1"> + <input name="recipepword" type=password value="pass2">`, + + hostname: DEFAULT_ORIGIN, + formSubmitURL: DEFAULT_ORIGIN, + usernameFieldValue: "username from recipe", + newPasswordFieldValue: "pass2", + oldPasswordFieldValue: null, + }, +]; + +function getSubmitMessage() { + info("getSubmitMessage"); + return new Promise((resolve, reject) => { + chromeScript.addMessageListener("formSubmissionProcessed", function processed(...args) { + info("got formSubmissionProcessed"); + chromeScript.removeMessageListener("formSubmissionProcessed", processed); + resolve(...args); + }); + }); +} + +add_task(function* test() { + let loginFrame = document.getElementById("loginFrame"); + + for (let tc of TESTCASES) { + for (let scriptName of Object.keys(SCRIPTS)) { + info("Starting testcase with script " + scriptName + ": " + JSON.stringify(tc)); + let loadedPromise = new Promise((resolve) => { + loginFrame.addEventListener("load", function frameLoaded() { + loginFrame.removeEventListener("load", frameLoaded); + resolve(); + }); + }); + loginFrame.src = DEFAULT_ORIGIN + "/tests/toolkit/components/passwordmgr/test/mochitest/blank.html"; + yield loadedPromise; + + let frameDoc = SpecialPowers.wrap(loginFrame.contentWindow).document; + frameDoc.documentElement.innerHTML = tc.document; + // Wait for the form to be processed before trying to submit. + yield promiseFormsProcessed(); + let processedPromise = getSubmitMessage(); + info("Running " + scriptName + " script to cause a submission"); + frameDoc.defaultView.eval(SCRIPTS[scriptName]); + + let submittedResult = yield processedPromise; + + // Check data sent via RemoteLogins:onFormSubmit + is(submittedResult.hostname, tc.hostname, "Check hostname"); + is(submittedResult.formSubmitURL, tc.formSubmitURL, "Check formSubmitURL"); + + if (tc.usernameFieldValue === null) { + is(submittedResult.usernameField, tc.usernameFieldValue, "Check usernameField"); + } else { + is(submittedResult.usernameField.value, tc.usernameFieldValue, "Check usernameField"); + } + + is(submittedResult.newPasswordField.value, tc.newPasswordFieldValue, "Check newPasswordFieldValue"); + + if (tc.oldPasswordFieldValue === null) { + is(submittedResult.oldPasswordField, tc.oldPasswordFieldValue, "Check oldPasswordFieldValue"); + } else { + is(submittedResult.oldPasswordField.value, tc.oldPasswordFieldValue, "Check oldPasswordFieldValue"); + } + } + } +}); + +</script> + +<p id="display"></p> + +<div id="content"> + <iframe id="loginFrame" src="http://test1.mochi.test:8888/tests/toolkit/components/passwordmgr/test/mochitest/blank.html"></iframe> +</div> +<pre id="test"></pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation_negative.html b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation_negative.html new file mode 100644 index 000000000..4283f128c --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation_negative.html @@ -0,0 +1,121 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Test no capturing of fields outside of a form due to navigation</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <script src="/tests/SimpleTest/SpawnTask.js"></script> + <script src="pwmgr_common.js"></script> + <link rel="stylesheet" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script type="application/javascript;version=1.8"> +const LMCBackstagePass = SpecialPowers.Cu.import("resource://gre/modules/LoginManagerContent.jsm"); +const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass; + +SimpleTest.requestFlakyTimeout("Testing that a message doesn't arrive"); + +let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + +let loadPromise = new Promise(resolve => { + document.addEventListener("DOMContentLoaded", () => { + document.getElementById("loginFrame").addEventListener("load", (evt) => { + resolve(); + }); + }); +}); + +function submissionProcessed(...args) { + ok(false, "No formSubmissionProcessed should occur in this test"); + info("got: " + JSON.stringify(args)); +} + +add_task(function* setup() { + yield SpecialPowers.pushPrefEnv({ + set: [ + ["signon.formlessCapture.enabled", true], + ], + }); + + info("Waiting for page and frame loads"); + yield loadPromise; + + chromeScript.addMessageListener("formSubmissionProcessed", submissionProcessed); + + SimpleTest.registerCleanupFunction(() => { + chromeScript.removeMessageListener("formSubmissionProcessed", submissionProcessed); + }); +}); + +const DEFAULT_ORIGIN = "http://test1.mochi.test:8888"; +const SCRIPTS = { + PUSHSTATE: `history.pushState({}, "Pushed state", "?pushed");`, + WINDOW_LOCATION: `window.location = "data:text/html;charset=utf-8,window.location";`, + WINDOW_LOCATION_RELOAD: `window.location.reload();`, + HISTORY_BACK: `history.back();`, + HISTORY_GO_MINUS1: `history.go(-1);`, +}; +const TESTCASES = [ + // Begin test cases that shouldn't trigger capture. + { + // For now we don't trigger upon navigation if <form> is used. + document: `<form><input type=password value="pass1"></form>`, + }, + { + // Empty password field + document: `<input type=password value="">`, + }, + { + // Test with an input that would normally be captured but with SCRIPTS that + // shouldn't trigger capture. + document: `<input type=password value="pass2">`, + wouldCapture: true, + }, +]; + +add_task(function* test() { + let loginFrame = document.getElementById("loginFrame"); + + for (let tc of TESTCASES) { + for (let scriptName of Object.keys(SCRIPTS)) { + if (tc.wouldCapture && ["PUSHSTATE", "WINDOW_LOCATION"].includes(scriptName)) { + // Don't run scripts that should actually capture for this testcase. + continue; + } + + info("Starting testcase with script " + scriptName + ": " + JSON.stringify(tc)); + let loadedPromise = new Promise((resolve) => { + loginFrame.addEventListener("load", function frameLoaded() { + loginFrame.removeEventListener("load", frameLoaded); + resolve(); + }); + }); + loginFrame.src = DEFAULT_ORIGIN + "/tests/toolkit/components/passwordmgr/test/mochitest/blank.html"; + yield loadedPromise; + + let frameDoc = SpecialPowers.wrap(loginFrame.contentWindow).document; + frameDoc.documentElement.innerHTML = tc.document; + + // Wait for the form to be processed before trying to submit. + yield promiseFormsProcessed(); + + info("Running " + scriptName + " script to check for a submission"); + frameDoc.defaultView.eval(SCRIPTS[scriptName]); + + // Wait for 5000ms to see if the promise above resolves. + yield new Promise(resolve => setTimeout(resolve, 5000)); + ok(true, "Done waiting for captures"); + } + } +}); + +</script> + +<p id="display"></p> + +<div id="content"> + <iframe id="loginFrame" src="http://test1.mochi.test:8888/tests/toolkit/components/passwordmgr/test/mochitest/blank.html"></iframe> +</div> +<pre id="test"></pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_input_events.html b/toolkit/components/passwordmgr/test/mochitest/test_input_events.html new file mode 100644 index 000000000..0e77956d8 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_input_events.html @@ -0,0 +1,96 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for input events in Login Manager</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body onload="onNewEvent(event)"> +Login Manager test: input events should fire. + +<script> +runChecksAfterCommonInit(); + +SimpleTest.requestFlakyTimeout("untriaged"); + +/** Test for Login Manager: form fill, should get input events. **/ + +var usernameInputFired = false; +var passwordInputFired = false; +var usernameChangeFired = false; +var passwordChangeFired = false; +var onloadFired = false; + +function onNewEvent(e) { + info("Got " + e.type + " event."); + if (e.type == "load") { + onloadFired = true; + } else if (e.type == "input") { + if (e.target.name == "uname") { + is(e.target.value, "testuser", "Should get 'testuser' as username"); + ok(!usernameInputFired, "Should not have gotten an input event for the username field yet."); + usernameInputFired = true; + } else if (e.target.name == "pword") { + is(e.target.value, "testpass", "Should get 'testpass' as password"); + ok(!passwordInputFired, "Should not have gotten an input event for the password field yet."); + passwordInputFired = true; + } + } else if (e.type == "change") { + if (e.target.name == "uname") { + is(e.target.value, "testuser", "Should get 'testuser' as username"); + ok(usernameInputFired, "Should get input event before change event for username field."); + ok(!usernameChangeFired, "Should not have gotten a change event for the username field yet."); + usernameChangeFired = true; + } else if (e.target.name == "pword") { + is(e.target.value, "testpass", "Should get 'testpass' as password"); + ok(passwordInputFired, "Should get input event before change event for password field."); + ok(!passwordChangeFired, "Should not have gotten a change event for the password field yet."); + passwordChangeFired = true; + } + } + if (onloadFired && usernameInputFired && passwordInputFired && usernameChangeFired && passwordChangeFired) { + ok(true, "All events fired as expected, we're done."); + SimpleTest.finish(); + } +} + +SimpleTest.registerCleanupFunction(function cleanup() { + clearTimeout(timeout); + $_(1, "uname").removeAttribute("oninput"); + $_(1, "pword").removeAttribute("oninput"); + $_(1, "uname").removeAttribute("onchange"); + $_(1, "pword").removeAttribute("onchange"); + document.body.removeAttribute("onload"); +}); + +var timeout = setTimeout(function() { + ok(usernameInputFired, "Username input event should have fired by now."); + ok(passwordInputFired, "Password input event should have fired by now."); + ok(usernameChangeFired, "Username change event should have fired by now."); + ok(passwordChangeFired, "Password change event should have fired by now."); + ok(onloadFired, "Window load event should have fired by now."); + ok(false, "Not all events fired yet."); + SimpleTest.finish(); +}, 10000); + +</script> + +<p id="display"></p> + +<div id="content" style="display: none"> + + <form id="form1" action="formtest.js"> + <p>This is form 1.</p> + <input type="text" name="uname" oninput="onNewEvent(event)" onchange="onNewEvent(event)"> + <input type="password" name="pword" oninput="onNewEvent(event)" onchange="onNewEvent(event)"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + +</div> +<pre id="test"></pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_input_events_for_identical_values.html b/toolkit/components/passwordmgr/test/mochitest/test_input_events_for_identical_values.html new file mode 100644 index 000000000..d058a87f9 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_input_events_for_identical_values.html @@ -0,0 +1,51 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for input events in Login Manager when username/password are filled in already</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body onload="onNewEvent(event)"> +Login Manager test: input events should fire. + +<script> +runChecksAfterCommonInit(); + +SimpleTest.requestFlakyTimeout("untriaged"); + +/** Test for Login Manager: form fill when form is already filled, should not get input events. **/ + +var onloadFired = false; + +function onNewEvent(e) { + console.error("Got " + e.type + " event."); + if (e.type == "load") { + onloadFired = true; + $_(1, "uname").focus(); + sendKey("Tab"); + } else { + ok(false, "Got an input event for " + e.target.name + " field, which shouldn't happen."); + } +} +</script> + +<p id="display"></p> + +<div id="content"> + + <form id="form1" action="formtest.js"> + <p>This is form 1.</p> + <input type="text" name="uname" oninput="onNewEvent(event)" value="testuser"> + <input type="password" name="pword" oninput="onNewEvent(event)" onfocus="setTimeout(function() { SimpleTest.finish() }, 1000);" value="testpass"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + +</div> +<pre id="test"></pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_autocomplete.html b/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_autocomplete.html new file mode 100644 index 000000000..c5d0a44fa --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_autocomplete.html @@ -0,0 +1,861 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test insecure form field autocomplete</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> + +<script> +var chromeScript = runChecksAfterCommonInit(); + +var setupScript = runInParent(function setup() { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + // Create some logins just for this form, since we'll be deleting them. + var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + assert.ok(nsLoginInfo != null, "nsLoginInfo constructor"); + + // login0 has no username, so should be filtered out from the autocomplete list. + var login0 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "", "user0pass", "", "pword"); + + var login1 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "tempuser1", "temppass1", "uname", "pword"); + + var login2 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "testuser2", "testpass2", "uname", "pword"); + + var login3 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "testuser3", "testpass3", "uname", "pword"); + + var login4 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "zzzuser4", "zzzpass4", "uname", "pword"); + + // login 5 only used in the single-user forms + var login5 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete2", null, + "singleuser5", "singlepass5", "uname", "pword"); + + var login6A = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete3", null, + "form7user1", "form7pass1", "uname", "pword"); + var login6B = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete3", null, + "form7user2", "form7pass2", "uname", "pword"); + + var login7 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete4", null, + "form8user", "form8pass", "uname", "pword"); + + var login8A = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null, + "form9userAB", "form9pass", "uname", "pword"); + var login8B = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null, + "form9userAAB", "form9pass", "uname", "pword"); + var login8C = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete5", null, + "form9userAABzz", "form9pass", "uname", "pword"); + + var login10 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete7", null, + "testuser10", "testpass10", "uname", "pword"); + + + // try/catch in case someone runs the tests manually, twice. + try { + Services.logins.addLogin(login0); + Services.logins.addLogin(login1); + Services.logins.addLogin(login2); + Services.logins.addLogin(login3); + Services.logins.addLogin(login4); + Services.logins.addLogin(login5); + Services.logins.addLogin(login6A); + Services.logins.addLogin(login6B); + Services.logins.addLogin(login7); + Services.logins.addLogin(login8A); + Services.logins.addLogin(login8B); + // login8C is added later + Services.logins.addLogin(login10); + } catch (e) { + assert.ok(false, "addLogin threw: " + e); + } + + addMessageListener("addLogin", loginVariableName => { + let login = eval(loginVariableName); + assert.ok(!!login, "Login to add is defined: " + loginVariableName); + Services.logins.addLogin(login); + }); + addMessageListener("removeLogin", loginVariableName => { + let login = eval(loginVariableName); + assert.ok(!!login, "Login to delete is defined: " + loginVariableName); + Services.logins.removeLogin(login); + }); +}); +</script> +<p id="display"></p> + +<!-- we presumably can't hide the content for this test. --> +<div id="content"> + + <!-- form1 tests multiple matching logins --> + <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- other forms test single logins, with autocomplete=off set --> + <form id="form2" action="http://autocomplete2" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword" autocomplete="off"> + <button type="submit">Submit</button> + </form> + + <form id="form3" action="http://autocomplete2" onsubmit="return false;"> + <input type="text" name="uname" autocomplete="off"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form4" action="http://autocomplete2" onsubmit="return false;" autocomplete="off"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form5" action="http://autocomplete2" onsubmit="return false;"> + <input type="text" name="uname" autocomplete="off"> + <input type="password" name="pword" autocomplete="off"> + <button type="submit">Submit</button> + </form> + + <!-- control --> + <form id="form6" action="http://autocomplete2" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- This form will be manipulated to insert a different username field. --> + <form id="form7" action="http://autocomplete3" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- test for no autofill after onblur with blank username --> + <form id="form8" action="http://autocomplete4" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- test autocomplete dropdown --> + <form id="form9" action="http://autocomplete5" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- test for onUsernameInput recipe testing --> + <form id="form11" action="http://autocomplete7" onsubmit="return false;"> + <input type="text" name="1"> + <input type="text" name="2"> + <button type="submit">Submit</button> + </form> + + <!-- tests <form>-less autocomplete --> + <div id="form12"> + <input type="text" name="uname" id="uname"> + <input type="password" name="pword" id="pword"> + <button type="submit">Submit</button> + </div> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: multiple login autocomplete. **/ + +var uname = $_(1, "uname"); +var pword = $_(1, "pword"); +const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK; + +// Restore the form to the default state. +function restoreForm() { + uname.value = ""; + pword.value = ""; + uname.focus(); +} + +// Check for expected username/password in form. +function checkACForm(expectedUsername, expectedPassword) { + var formID = uname.parentNode.id; + is(uname.value, expectedUsername, "Checking " + formID + " username is: " + expectedUsername); + is(pword.value, expectedPassword, "Checking " + formID + " password is: " + expectedPassword); +} + +function sendFakeAutocompleteEvent(element) { + var acEvent = document.createEvent("HTMLEvents"); + acEvent.initEvent("DOMAutoComplete", true, false); + element.dispatchEvent(acEvent); +} + +function spinEventLoop() { + return Promise.resolve(); +} + +add_task(function* setup() { + yield SpecialPowers.pushPrefEnv({"set": [["security.insecure_field_warning.contextual.enabled", true], + ["signon.autofillForms.http", true]]}); + listenForUnexpectedPopupShown(); +}); + +add_task(function* test_form1_initial_empty() { + yield SimpleTest.promiseFocus(window); + + // Make sure initial form is empty. + checkACForm("", ""); + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is initially closed"); +}); + +add_task(function* test_form1_warning_entry() { + yield SimpleTest.promiseFocus(window); + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + let results = yield shownPromise; + + let popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected upon opening"); + + let expectedMenuItems = ["This connection is not secure. Logins entered here could be compromised. Learn More", + "tempuser1", + "testuser2", + "testuser3", + "zzzuser4"]; + checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly."); + + doKey("down"); // select insecure warning + checkACForm("", ""); // value shouldn't update just by selecting + doKey("return"); // not "enter"! + yield spinEventLoop(); // let focus happen + checkACForm("", ""); +}); + +add_task(function* test_form1_first_entry() { + yield SimpleTest.promiseFocus(window); + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + let popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected upon opening"); + + doKey("down"); // skip insecure warning + doKey("down"); // first + checkACForm("", ""); // value shouldn't update just by selecting + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("tempuser1", "temppass1"); +}); + +add_task(function* test_form1_second_entry() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + doKey("down"); // first + doKey("down"); // second + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_third_entry() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + doKey("down"); // first + doKey("down"); // second + doKey("down"); // third + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser3", "testpass3"); +}); + +add_task(function* test_form1_fourth_entry() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + doKey("down"); // first + doKey("down"); // second + doKey("down"); // third + doKey("down"); // fourth + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_wraparound_first_entry() { + // Trigger autocomplete popup + restoreForm(); + yield spinEventLoop(); // let focus happen + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + doKey("down"); // first + doKey("down"); // second + doKey("down"); // third + doKey("down"); // fourth + doKey("down"); // deselects + doKey("down"); // skip insecure warning + doKey("down"); // first + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("tempuser1", "temppass1"); +}); + +add_task(function* test_form1_wraparound_up_last_entry() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("up"); // last (fourth) + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_wraparound_down_up_up() { + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // select first entry + doKey("up"); // selects nothing! + doKey("up"); // select last entry + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_wraparound_up_last() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); + doKey("up"); // deselects + doKey("up"); // last entry + doKey("up"); + doKey("up"); + doKey("up"); // skip insecure warning + doKey("up"); // first entry + doKey("up"); // deselects + doKey("up"); // last entry + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_fill_username_without_autofill_right() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Set first entry w/o triggering autocomplete + doKey("down"); // skip insecure warning + doKey("down"); // first + doKey("right"); + yield spinEventLoop(); + checkACForm("tempuser1", ""); // empty password +}); + +add_task(function* test_form1_fill_username_without_autofill_left() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Set first entry w/o triggering autocomplete + doKey("down"); // skip insecure warning + doKey("down"); // first + doKey("left"); + checkACForm("tempuser1", ""); // empty password +}); + +add_task(function* test_form1_pageup_first() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // Check first entry (page up) + doKey("down"); // first + doKey("down"); // second + doKey("page_up"); // first + doKey("down"); // skip insecure warning + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("tempuser1", "temppass1"); +}); + +add_task(function* test_form1_pagedown_last() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // test 13 + // Check last entry (page down) + doKey("down"); // first + doKey("page_down"); // last + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_untrusted_event() { + restoreForm(); + yield spinEventLoop(); + + // Send a fake (untrusted) event. + checkACForm("", ""); + uname.value = "zzzuser4"; + sendFakeAutocompleteEvent(uname); + yield spinEventLoop(); + checkACForm("zzzuser4", ""); +}); + +add_task(function* test_form1_delete() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + // XXX tried sending character "t" before/during dropdown to test + // filtering, but had no luck. Seemed like the character was getting lost. + // Setting uname.value didn't seem to work either. This works with a human + // driver, so I'm not sure what's up. + + doKey("down"); // skip insecure warning + // Delete the first entry (of 4), "tempuser1" + doKey("down"); + var numLogins; + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 5, "Correct number of logins before deleting one"); + + let countChangedPromise = notifyMenuChanged(4); + var deletionPromise = promiseStorageChanged(["removeLogin"]); + // On OS X, shift-backspace and shift-delete work, just delete does not. + // On Win/Linux, shift-backspace does not work, delete and shift-delete do. + doKey("delete", shiftModifier); + yield deletionPromise; + + checkACForm("", ""); + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 4, "Correct number of logins after deleting one"); + yield countChangedPromise; + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_first_after_deletion() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Check the new first entry (of 3) + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_delete_second() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Delete the second entry (of 3), "testuser3" + doKey("down"); + doKey("down"); + doKey("delete", shiftModifier); + checkACForm("", ""); + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 3, "Correct number of logins after deleting one"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("zzzuser4", "zzzpass4"); +}); + +add_task(function* test_form1_first_after_deletion2() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Check the new first entry (of 2) + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_delete_last() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // test 54 + // Delete the last entry (of 2), "zzzuser4" + doKey("down"); + doKey("down"); + doKey("delete", shiftModifier); + checkACForm("", ""); + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 2, "Correct number of logins after deleting one"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_first_after_3_deletions() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Check the only remaining entry + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("testuser2", "testpass2"); +}); + +add_task(function* test_form1_check_only_entry_remaining() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // test 56 + // Delete the only remaining entry, "testuser2" + doKey("down"); + doKey("delete", shiftModifier); + checkACForm("", ""); + numLogins = LoginManager.countLogins("http://mochi.test:8888", "http://autocomplete:8888", null); + is(numLogins, 1, "Correct number of logins after deleting one"); + + // remove the login that's not shown in the list. + setupScript.sendSyncMessage("removeLogin", "login0"); +}); + +// Tests for single-user forms for ignoring autocomplete=off +add_task(function* test_form2() { + // Turn our attention to form2 + uname = $_(2, "uname"); + pword = $_(2, "pword"); + checkACForm("singleuser5", "singlepass5"); + + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form3() { + uname = $_(3, "uname"); + pword = $_(3, "pword"); + checkACForm("singleuser5", "singlepass5"); + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form4() { + uname = $_(4, "uname"); + pword = $_(4, "pword"); + checkACForm("singleuser5", "singlepass5"); + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form5() { + uname = $_(5, "uname"); + pword = $_(5, "pword"); + checkACForm("singleuser5", "singlepass5"); + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form6() { + // (this is a control, w/o autocomplete=off, to ensure the login + // that was being suppressed would have been filled in otherwise) + uname = $_(6, "uname"); + pword = $_(6, "pword"); + checkACForm("singleuser5", "singlepass5"); +}); + +add_task(function* test_form6_changeUsername() { + // Test that the password field remains filled in after changing + // the username. + uname.focus(); + doKey("right"); + sendChar("X"); + // Trigger the 'blur' event on uname + pword.focus(); + yield spinEventLoop(); + checkACForm("singleuser5X", "singlepass5"); + + setupScript.sendSyncMessage("removeLogin", "login5"); +}); + +add_task(function* test_form7() { + uname = $_(7, "uname"); + pword = $_(7, "pword"); + checkACForm("", ""); + + // Insert a new username field into the form. We'll then make sure + // that invoking the autocomplete doesn't try to fill the form. + var newField = document.createElement("input"); + newField.setAttribute("type", "text"); + newField.setAttribute("name", "uname2"); + pword.parentNode.insertBefore(newField, pword); + is($_(7, "uname2").value, "", "Verifying empty uname2"); + + // Delete login6B. It was created just to prevent filling in a login + // automatically, removing it makes it more likely that we'll catch a + // future regression with form filling here. + setupScript.sendSyncMessage("removeLogin", "login6B"); +}); + +add_task(function* test_form7_2() { + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Check first entry + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + // The form changes, so we expect the old username field to get the + // selected autocomplete value, but neither the new username field nor + // the password field should have any values filled in. + yield spinEventLoop(); + checkACForm("form7user1", ""); + is($_(7, "uname2").value, "", "Verifying empty uname2"); + restoreForm(); // clear field, so reloading test doesn't fail + + setupScript.sendSyncMessage("removeLogin", "login6A"); +}); + +add_task(function* test_form8() { + uname = $_(8, "uname"); + pword = $_(8, "pword"); + checkACForm("form8user", "form8pass"); + restoreForm(); +}); + +add_task(function* test_form8_blur() { + checkACForm("", ""); + // Focus the previous form to trigger a blur. + $_(7, "uname").focus(); +}); + +add_task(function* test_form8_2() { + checkACForm("", ""); + restoreForm(); +}); + +add_task(function* test_form8_3() { + checkACForm("", ""); + setupScript.sendSyncMessage("removeLogin", "login7"); +}); + +add_task(function* test_form9_filtering() { + // Turn our attention to form9 to test the dropdown - bug 497541 + uname = $_(9, "uname"); + pword = $_(9, "pword"); + uname.focus(); + let shownPromise = promiseACShown(); + sendString("form9userAB"); + yield shownPromise; + + checkACForm("form9userAB", ""); + uname.focus(); + doKey("left"); + shownPromise = promiseACShown(); + sendChar("A"); + let results = yield shownPromise; + + checkACForm("form9userAAB", ""); + checkArrayValues(results, ["This connection is not secure. Logins entered here could be compromised. Learn More", "form9userAAB"], + "Check dropdown is updated after inserting 'A'"); + doKey("down"); // skip insecure warning + doKey("down"); + doKey("return"); + yield promiseFormsProcessed(); + checkACForm("form9userAAB", "form9pass"); +}); + +add_task(function* test_form9_autocomplete_cache() { + // Note that this addLogin call will only be seen by the autocomplete + // attempt for the sendChar if we do not successfully cache the + // autocomplete results. + setupScript.sendSyncMessage("addLogin", "login8C"); + uname.focus(); + let promise0 = notifyMenuChanged(1); + let shownPromise = promiseACShown(); + sendChar("z"); + yield promise0; + yield shownPromise; + let popupState = yield getPopupState(); + is(popupState.open, true, "Check popup should open"); + + // check that empty results are cached - bug 496466 + promise0 = notifyMenuChanged(1); + sendChar("z"); + yield promise0; + popupState = yield getPopupState(); + is(popupState.open, true, "Check popup stays opened due to cached empty result"); +}); + +add_task(function* test_form11_recipes() { + yield loadRecipes({ + siteRecipes: [{ + "hosts": ["mochi.test:8888"], + "usernameSelector": "input[name='1']", + "passwordSelector": "input[name='2']" + }], + }); + uname = $_(11, "1"); + pword = $_(11, "2"); + + // First test DOMAutocomplete + // Switch the password field to type=password so _fillForm marks the username + // field for autocomplete. + pword.type = "password"; + yield promiseFormsProcessed(); + restoreForm(); + checkACForm("", ""); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + doKey("down"); + checkACForm("", ""); // value shouldn't update + doKey("return"); // not "enter"! + yield promiseFormsProcessed(); + checkACForm("testuser10", "testpass10"); + + // Now test recipes with blur on the username field. + restoreForm(); + checkACForm("", ""); + uname.value = "testuser10"; + checkACForm("testuser10", ""); + doKey("tab"); + yield promiseFormsProcessed(); + checkACForm("testuser10", "testpass10"); + yield resetRecipes(); +}); + +add_task(function* test_form12_formless() { + // Test form-less autocomplete + uname = $_(12, "uname"); + pword = $_(12, "pword"); + restoreForm(); + checkACForm("", ""); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + doKey("down"); // skip insecure warning + // Trigger autocomplete + doKey("down"); + checkACForm("", ""); // value shouldn't update + let processedPromise = promiseFormsProcessed(); + doKey("return"); // not "enter"! + yield processedPromise; + checkACForm("testuser", "testpass"); +}); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_no_saved_login.html b/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_no_saved_login.html new file mode 100644 index 000000000..c3a894958 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_insecure_form_field_no_saved_login.html @@ -0,0 +1,103 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test basic login, contextual inscure password warning without saved logins</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: contextual inscure password warning without saved logins + +<script> +let chromeScript = runChecksAfterCommonInit(); +</script> +<p id="display"></p> + +<!-- we presumably can't hide the content for this test. --> +<div id="content"> + + <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: contextual inscure password warning without saved logins. **/ + +// Set to pref before the document loads. +SpecialPowers.setBoolPref( + "security.insecure_field_warning.contextual.enabled", true); + +SimpleTest.registerCleanupFunction(() => { + SpecialPowers.clearUserPref( + "security.insecure_field_warning.contextual.enabled"); +}); + +let uname = $_(1, "uname"); +let pword = $_(1, "pword"); +const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK; + +// Restore the form to the default state. +function restoreForm() { + uname.value = ""; + pword.value = ""; + uname.focus(); +} + +// Check for expected username/password in form. +function checkACForm(expectedUsername, expectedPassword) { + let formID = uname.parentNode.id; + is(uname.value, expectedUsername, "Checking " + formID + " username is: " + expectedUsername); + is(pword.value, expectedPassword, "Checking " + formID + " password is: " + expectedPassword); +} + +function spinEventLoop() { + return Promise.resolve(); +} + +add_task(function* setup() { + listenForUnexpectedPopupShown(); +}); + +add_task(function* test_form1_initial_empty() { + yield SimpleTest.promiseFocus(window); + + // Make sure initial form is empty. + checkACForm("", ""); + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is initially closed"); +}); + +add_task(function* test_form1_warning_entry() { + yield SimpleTest.promiseFocus(window); + // Trigger autocomplete popup + restoreForm(); + let shownPromise = promiseACShown(); + doKey("down"); // open + yield shownPromise; + + let popupState = yield getPopupState(); + is(popupState.open, true, "Check popup is opened"); + is(popupState.selectedIndex, -1, "Check no entries are selected upon opening"); + + doKey("down"); // select insecure warning + checkACForm("", ""); // value shouldn't update just by selecting + doKey("return"); // not "enter"! + yield spinEventLoop(); // let focus happen + checkACForm("", ""); +}); + +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_maxlength.html b/toolkit/components/passwordmgr/test/mochitest/test_maxlength.html new file mode 100644 index 000000000..2b6da33ec --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_maxlength.html @@ -0,0 +1,137 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for maxlength attributes</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: Bug 391514 +<script> +runChecksAfterCommonInit(() => startTest()); +</script> +<p id="display"></p> +<div id="content" style="display: none"> + <!-- normal form. --> + <form id="form1" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- limited username --> + <form id="form2" action="formtest.js"> + <input type="text" name="uname" maxlength="4"> + <input type="password" name="pword"> + </form> + + <!-- limited password --> + <form id="form3" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword" maxlength="4"> + </form> + + <!-- limited username and password --> + <form id="form4" action="formtest.js"> + <input type="text" name="uname" maxlength="4"> + <input type="password" name="pword" maxlength="4"> + </form> + + + <!-- limited username --> + <form id="form5" action="formtest.js"> + <input type="text" name="uname" maxlength="0"> + <input type="password" name="pword"> + </form> + + <!-- limited password --> + <form id="form6" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword" maxlength="0"> + </form> + + <!-- limited username and password --> + <form id="form7" action="formtest.js"> + <input type="text" name="uname" maxlength="0"> + <input type="password" name="pword" maxlength="0"> + </form> + + + <!-- limited, but ok, username --> + <form id="form8" action="formtest.js"> + <input type="text" name="uname" maxlength="999"> + <input type="password" name="pword"> + </form> + + <!-- limited, but ok, password --> + <form id="form9" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword" maxlength="999"> + </form> + + <!-- limited, but ok, username and password --> + <form id="form10" action="formtest.js"> + <input type="text" name="uname" maxlength="999"> + <input type="password" name="pword" maxlength="999"> + </form> + + + <!-- limited, but ok, username --> + <!-- (note that filled values are exactly 8 characters) --> + <form id="form11" action="formtest.js"> + <input type="text" name="uname" maxlength="8"> + <input type="password" name="pword"> + </form> + + <!-- limited, but ok, password --> + <!-- (note that filled values are exactly 8 characters) --> + <form id="form12" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword" maxlength="8"> + </form> + + <!-- limited, but ok, username and password --> + <!-- (note that filled values are exactly 8 characters) --> + <form id="form13" action="formtest.js"> + <input type="text" name="uname" maxlength="8"> + <input type="password" name="pword" maxlength="8"> + </form> + +</div> +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/* Test for Login Manager: 391514 (Login Manager gets confused with + * password/PIN on usaa.com) + */ + +function startTest() { + var i; + + is($_(1, "uname").value, "testuser", "Checking for filled username 1"); + is($_(1, "pword").value, "testpass", "Checking for filled password 1"); + + for (i = 2; i < 8; i++) { + is($_(i, "uname").value, "", "Checking for unfilled username " + i); + is($_(i, "pword").value, "", "Checking for unfilled password " + i); + } + + for (i = 8; i < 14; i++) { + is($_(i, "uname").value, "testuser", "Checking for filled username " + i); + is($_(i, "pword").value, "testpass", "Checking for filled password " + i); + } + + // Note that tests 11-13 are limited to exactly the expected value. + // Assert this lest someone change the login we're testing with. + is($_(11, "uname").value.length, 8, "asserting test assumption is valid."); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_password_field_autocomplete.html b/toolkit/components/passwordmgr/test/mochitest/test_password_field_autocomplete.html new file mode 100644 index 000000000..443c8a5e9 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_password_field_autocomplete.html @@ -0,0 +1,291 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test basic login autocomplete</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: multiple login autocomplete + +<script> +var chromeScript = runChecksAfterCommonInit(); + +var setupScript = runInParent(function setup() { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + // Create some logins just for this form, since we'll be deleting them. + var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + assert.ok(nsLoginInfo != null, "nsLoginInfo constructor"); + + // login0 has no username, so should be filtered out from the autocomplete list. + var login0 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "", "user0pass", "", "pword"); + + var login1 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "tempuser1", "temppass1", "uname", "pword"); + + var login2 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "testuser2", "testpass2", "uname", "pword"); + + var login3 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "testuser3", "testpass3", "uname", "pword"); + + var login4 = new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "zzzuser4", "zzzpass4", "uname", "pword"); + + + // try/catch in case someone runs the tests manually, twice. + try { + Services.logins.addLogin(login0); + Services.logins.addLogin(login1); + Services.logins.addLogin(login2); + Services.logins.addLogin(login3); + Services.logins.addLogin(login4); + } catch (e) { + assert.ok(false, "addLogin threw: " + e); + } + + addMessageListener("addLogin", loginVariableName => { + let login = eval(loginVariableName); + assert.ok(!!login, "Login to add is defined: " + loginVariableName); + Services.logins.addLogin(login); + }); + addMessageListener("removeLogin", loginVariableName => { + let login = eval(loginVariableName); + assert.ok(!!login, "Login to delete is defined: " + loginVariableName); + Services.logins.removeLogin(login); + }); +}); +</script> +<p id="display"></p> + +<!-- we presumably can't hide the content for this test. --> +<div id="content"> + + <!-- form1 tests multiple matching logins --> + <form id="form1" action="http://autocomplete:8888/formtest.js" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <form id="form2" action="http://autocomplete:8888/formtest.js" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword" readonly="true"> + <button type="submit">Submit</button> + </form> + + <form id="form3" action="http://autocomplete:8888/formtest.js" onsubmit="return false;"> + <input type="text" name="uname"> + <input type="password" name="pword" disabled="true"> + <button type="submit">Submit</button> + </form> + +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: multiple login autocomplete. **/ + +var uname = $_(1, "uname"); +var pword = $_(1, "pword"); +const shiftModifier = SpecialPowers.Ci.nsIDOMEvent.SHIFT_MASK; + +// Restore the form to the default state. +function* reinitializeForm(index) { + // Using innerHTML is for creating the autocomplete popup again, so the + // preference value will be applied to the constructor of + // UserAutoCompleteResult. + let form = document.getElementById("form" + index); + let temp = form.innerHTML; + form.innerHTML = ""; + form.innerHTML = temp; + + yield new Promise(resolve => { + let observer = SpecialPowers.wrapCallback(() => { + SpecialPowers.removeObserver(observer, "passwordmgr-processed-form"); + resolve(); + }); + SpecialPowers.addObserver(observer, "passwordmgr-processed-form", false); + }); + + yield SimpleTest.promiseFocus(window); + + uname = $_(index, "uname"); + pword = $_(index, "pword"); + uname.value = ""; + pword.value = ""; + pword.focus(); +} + +function generateDateString(date) { + let dateAndTimeFormatter = new Intl.DateTimeFormat(undefined, + { day: "numeric", month: "short", year: "numeric" }); + return dateAndTimeFormatter.format(date); +} + +const DATE_NOW_STRING = generateDateString(new Date()); + +// Check for expected username/password in form. +function checkACFormPasswordField(expectedPassword) { + var formID = uname.parentNode.id; + is(pword.value, expectedPassword, "Checking " + formID + " password is: " + expectedPassword); +} + +function spinEventLoop() { + return Promise.resolve(); +} + +add_task(function* setup() { + listenForUnexpectedPopupShown(); +}); + +add_task(function* test_form1_initial_empty() { + yield SimpleTest.promiseFocus(window); + + // Make sure initial form is empty. + checkACFormPasswordField(""); + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is initially closed"); +}); + +add_task(function* test_form2_password_readonly() { + yield SpecialPowers.pushPrefEnv({"set": [ + ["security.insecure_field_warning.contextual.enabled", true], + ["signon.autofillForms.http", true] + ]}); + yield reinitializeForm(2); + + // Trigger autocomplete popup + doKey("down"); // open + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is closed for a readonly field."); +}); + +add_task(function* test_form3_password_disabled() { + yield SpecialPowers.pushPrefEnv({"set": [ + ["security.insecure_field_warning.contextual.enabled", true], + ["signon.autofillForms.http", true] + ]}); + yield reinitializeForm(3); + + // Trigger autocomplete popup + doKey("down"); // open + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is closed for a disabled field."); +}); + +add_task(function* test_form1_enabledInsecureFieldWarning_enabledInsecureAutoFillForm() { + yield SpecialPowers.pushPrefEnv({"set": [ + ["security.insecure_field_warning.contextual.enabled", true], + ["signon.autofillForms.http", true] + ]}); + yield reinitializeForm(1); + // Trigger autocomplete popup + let shownPromise = promiseACShown(); + doKey("down"); // open + let results = yield shownPromise; + + let popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected upon opening"); + + let expectedMenuItems = ["This connection is not secure. Logins entered here could be compromised. Learn More", + "No username (" + DATE_NOW_STRING + ")", + "tempuser1", + "testuser2", + "testuser3", + "zzzuser4"]; + checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly."); + + doKey("down"); // select insecure warning + checkACFormPasswordField(""); // value shouldn't update just by selecting + doKey("return"); // not "enter"! + yield spinEventLoop(); // let focus happen + checkACFormPasswordField(""); +}); + +add_task(function* test_form1_disabledInsecureFieldWarning_enabledInsecureAutoFillForm() { + yield SpecialPowers.pushPrefEnv({"set": [ + ["security.insecure_field_warning.contextual.enabled", false], + ["signon.autofillForms.http", true] + ]}); + yield reinitializeForm(1); + + // Trigger autocomplete popup + let shownPromise = promiseACShown(); + doKey("down"); // open + let results = yield shownPromise; + + let popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected upon opening"); + + let expectedMenuItems = ["No username (" + DATE_NOW_STRING + ")", + "tempuser1", + "testuser2", + "testuser3", + "zzzuser4"]; + checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly."); + + doKey("down"); // select first item + checkACFormPasswordField(""); // value shouldn't update just by selecting + doKey("return"); // not "enter"! + yield spinEventLoop(); // let focus happen + checkACFormPasswordField("user0pass"); +}); + +add_task(function* test_form1_enabledInsecureFieldWarning_disabledInsecureAutoFillForm() { + yield SpecialPowers.pushPrefEnv({"set": [ + ["security.insecure_field_warning.contextual.enabled", true], + ["signon.autofillForms.http", false] + ]}); + yield reinitializeForm(1); + + // Trigger autocomplete popup + let shownPromise = promiseACShown(); + doKey("down"); // open + let results = yield shownPromise; + + let popupState = yield getPopupState(); + is(popupState.selectedIndex, -1, "Check no entries are selected upon opening"); + + let expectedMenuItems = ["This connection is not secure. Logins entered here could be compromised. Learn More", + "No username (" + DATE_NOW_STRING + ")", + "tempuser1", + "testuser2", + "testuser3", + "zzzuser4"]; + checkArrayValues(results, expectedMenuItems, "Check all menuitems are displayed correctly."); + + doKey("down"); // select insecure warning + checkACFormPasswordField(""); // value shouldn't update just by selecting + doKey("return"); // not "enter"! + yield spinEventLoop(); // let focus happen + checkACFormPasswordField(""); +}); + +add_task(function* test_form1_disabledInsecureFieldWarning_disabledInsecureAutoFillForm() { + yield SpecialPowers.pushPrefEnv({"set": [ + ["security.insecure_field_warning.contextual.enabled", false], + ["signon.autofillForms.http", false] + ]}); + yield reinitializeForm(1); + + // Trigger autocomplete popup + doKey("down"); // open + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is closed with no AutoFillForms."); +}); + +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_passwords_in_type_password.html b/toolkit/components/passwordmgr/test/mochitest/test_passwords_in_type_password.html new file mode 100644 index 000000000..e107cebe6 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_passwords_in_type_password.html @@ -0,0 +1,122 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test that passwords only get filled in type=password</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: Bug 242956 +<script> +runChecksAfterCommonInit(() => startTest()); +</script> +<p id="display"></p> +<div id="content" style="display: none"> + <!-- pword is not a type=password input --> + <form id="form1" action="formtest.js"> + <input type="text" name="uname"> + <input type="text" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- uname is not a type=text input --> + <form id="form2" action="formtest.js"> + <input type="password" name="uname"> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- two "pword" inputs, (text + password) --> + <form id="form3" action="formtest.js"> + <input type="text" name="uname"> + <input type="text" name="pword"> + <input type="password" name="qword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- same thing, different order --> + <form id="form4" action="formtest.js"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <input type="text" name="qword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- uname is not a type=text input (try a checkbox just for variety) --> + <form id="form5" action="formtest.js"> + <input type="checkbox" name="uname" value=""> + <input type="password" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- pword is not a type=password input (try a checkbox just for variety) --> + <form id="form6" action="formtest.js"> + <input type="text" name="uname"> + <input type="checkbox" name="pword" value=""> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + <!-- pword is not a type=password input --> + <form id="form7" action="formtest.js"> + <input type="text" name="uname" value="testuser"> + <input type="text" name="pword"> + + <button type="submit">Submit</button> + <button type="reset"> Reset </button> + </form> + + +</div> +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: 242956 (Stored password is inserted into a + readable text input on a second page) **/ + +// Make sure that pwmgr only puts passwords into type=password <input>s. +// Might as well test the converse, too (username in password field). + +function startTest() { + is($_(1, "uname").value, "", "Checking for unfilled username 1"); + is($_(1, "pword").value, "", "Checking for unfilled password 1"); + + is($_(2, "uname").value, "testpass", "Checking for password not username 2"); + is($_(2, "pword").value, "", "Checking for unfilled password 2"); + + is($_(3, "uname").value, "", "Checking for unfilled username 3"); + is($_(3, "pword").value, "testuser", "Checking for unfilled password 3"); + is($_(3, "qword").value, "testpass", "Checking for unfilled qassword 3"); + + is($_(4, "uname").value, "testuser", "Checking for password not username 4"); + is($_(4, "pword").value, "testpass", "Checking for unfilled password 4"); + is($_(4, "qword").value, "", "Checking for unfilled qassword 4"); + + is($_(5, "uname").value, "", "Checking for unfilled username 5"); + is($_(5, "pword").value, "testpass", "Checking for filled password 5"); + + is($_(6, "uname").value, "", "Checking for unfilled username 6"); + is($_(6, "pword").value, "", "Checking for unfilled password 6"); + + is($_(7, "uname").value, "testuser", "Checking for unmodified username 7"); + is($_(7, "pword").value, "", "Checking for unfilled password 7"); + + SimpleTest.finish(); +} +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt.html new file mode 100644 index 000000000..1050ab66b --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt.html @@ -0,0 +1,705 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test prompter.{prompt,promptPassword,promptUsernameAndPassword}</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<p id="display"></p> + +<div id="content" style="display: none"> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> +var state, action; +var uname = { value: null }; +var pword = { value: null }; +var result = { value: null }; +var isOk; + +// Force parent to not look for tab-modal prompts, as they're not used for auth prompts. +isTabModal = false; + +let prompterParent = runInParent(() => { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + const promptFac = Cc["@mozilla.org/passwordmanager/authpromptfactory;1"]. + getService(Ci.nsIPromptFactory); + + Cu.import("resource://gre/modules/Services.jsm"); + let chromeWin = Services.wm.getMostRecentWindow("navigator:browser"); + let prompter1 = promptFac.getPrompt(chromeWin, Ci.nsIAuthPrompt); + + addMessageListener("proxyPrompter", function onMessage(msg) { + let rv = prompter1[msg.methodName](...msg.args); + return { + rv, + // Send the args back to content so out/inout args can be checked. + args: msg.args, + }; + }); +}); + +let prompter1 = new PrompterProxy(prompterParent); + +const defaultTitle = "the title"; +const defaultMsg = "the message"; + +function initLogins() { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + var login1, login2A, login2B, login2C, login2D, login2E; + var pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + + login1 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2A = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2B = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2C = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2D = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2E = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + + login1.init("http://example.com", null, "http://example.com", + "", "examplepass", "", ""); + login2A.init("http://example2.com", null, "http://example2.com", + "user1name", "user1pass", "", ""); + login2B.init("http://example2.com", null, "http://example2.com", + "user2name", "user2pass", "", ""); + login2C.init("http://example2.com", null, "http://example2.com", + "user3.name@host", "user3pass", "", ""); + login2D.init("http://example2.com", null, "http://example2.com", + "100@beef", "user3pass", "", ""); + login2E.init("http://example2.com", null, "http://example2.com", + "100%beef", "user3pass", "", ""); + + pwmgr.addLogin(login1); + pwmgr.addLogin(login2A); + pwmgr.addLogin(login2B); + pwmgr.addLogin(login2C); + pwmgr.addLogin(login2D); + pwmgr.addLogin(login2E); +} + +add_task(function* setup() { + runInParent(initLogins); +}); + +add_task(function* test_prompt_accept() { + state = { + msg : "the message", + title : "the title", + textValue : "abc", + passValue : "", + iconClass : "question-icon", + titleHidden : true, + textHidden : false, + passHidden : true, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + textField : "xyz", + }; + promptDone = handlePrompt(state, action); + isOk = prompter1.prompt(defaultTitle, defaultMsg, "http://example.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, "abc", result); + yield promptDone; + + ok(isOk, "Checking dialog return value (accept)"); + is(result.value, "xyz", "Checking prompt() returned value"); +}); + +add_task(function* test_prompt_cancel() { + state = { + msg : "the message", + title : "the title", + textValue : "abc", + passValue : "", + iconClass : "question-icon", + titleHidden : true, + textHidden : false, + passHidden : true, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "cancel", + }; + promptDone = handlePrompt(state, action); + isOk = prompter1.prompt(defaultTitle, defaultMsg, "http://example.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, "abc", result); + yield promptDone; + ok(!isOk, "Checking dialog return value (cancel)"); +}); + +add_task(function* test_promptPassword_defaultAccept() { + // Default password provided, existing logins are ignored. + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "inputpw", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : true, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "passField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "secret", + }; + pword.value = "inputpw"; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://example.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "secret", "Checking returned password"); +}); + +add_task(function* test_promptPassword_defaultCancel() { + // Default password provided, existing logins are ignored. + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "inputpw", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : true, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "passField", + defButton : "button0", + }; + action = { + buttonClick : "cancel", + }; + pword.value = "inputpw"; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://example.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + yield promptDone; + ok(!isOk, "Checking dialog return value (cancel)"); +}); + +add_task(function* test_promptPassword_emptyAccept() { + // No default password provided, realm does not match existing login. + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : true, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "passField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "secret", + }; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://nonexample.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "secret", "Checking returned password"); +}); + +add_task(function* test_promptPassword_saved() { + // No default password provided, matching login is returned w/o prompting. + pword.value = null; + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://example.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "examplepass", "Checking returned password"); +}); + +add_task(function* test_promptPassword_noMatchingPasswordForEmptyUN() { + // No default password provided, none of the logins from this host are + // password-only so the user is prompted. + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : true, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "passField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "secret", + }; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "secret", "Checking returned password"); +}); + +add_task(function* test_promptPassword_matchingPWForUN() { + // No default password provided, matching login is returned w/o prompting. + pword.value = null; + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://user1name@example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "user1pass", "Checking returned password"); +}); + +add_task(function* test_promptPassword_matchingPWForUN2() { + // No default password provided, matching login is returned w/o prompting. + pword.value = null; + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://user2name@example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "user2pass", "Checking returned password"); +}); + +add_task(function* test_promptPassword_matchingPWForUN3() { + // No default password provided, matching login is returned w/o prompting. + pword.value = null; + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://user3%2Ename%40host@example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "user3pass", "Checking returned password"); +}); + +add_task(function* test_promptPassword_extraAt() { + // No default password provided, matching login is returned w/o prompting. + pword.value = null; + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://100@beef@example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "user3pass", "Checking returned password"); +}); + +add_task(function* test_promptPassword_usernameEncoding() { + // No default password provided, matching login is returned w/o prompting. + pword.value = null; + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "http://100%25beef@example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "user3pass", "Checking returned password"); + + // XXX test saving a password with Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY +}); + +add_task(function* test_promptPassword_realm() { + // We don't pre-fill or save for NS_GetAuthKey-generated realms, but we should still prompt + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : true, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "passField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "fill2pass", + }; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "example2.com:80 (somerealm)", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "fill2pass", "Checking returned password"); +}); + +add_task(function* test_promptPassword_realm2() { + // We don't pre-fill or save for NS_GetAuthKey-generated realms, but we should still prompt + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : true, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "passField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "fill2pass", + }; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptPassword(defaultTitle, defaultMsg, "example2.com:80 (somerealm)", + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(pword.value, "fill2pass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_accept() { + state = { + msg : "the message", + title : "the title", + textValue : "inuser", + passValue : "inpass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + textField : "outuser", + passField : "outpass", + }; + uname.value = "inuser"; + pword.value = "inpass"; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://nonexample.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(uname.value, "outuser", "Checking returned username"); + is(pword.value, "outpass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_cancel() { + state = { + msg : "the message", + title : "the title", + textValue : "inuser", + passValue : "inpass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "cancel", + }; + uname.value = "inuser"; + pword.value = "inpass"; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://nonexample.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, uname, pword); + yield promptDone; + ok(!isOk, "Checking dialog return value (cancel)"); +}); + +add_task(function* test_promptUsernameAndPassword_autofill() { + // test filling in existing password-only login + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "examplepass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : false, + checkMsg : "Use Password Manager to remember this password.", + checked : true, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + uname.value = null; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(uname.value, "", "Checking returned username"); + is(pword.value, "examplepass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_multipleExisting() { + // test filling in existing login (undetermined from multiple selection) + // user2name/user2pass would also be valid to fill here. + state = { + msg : "the message", + title : "the title", + textValue : "user1name", + passValue : "user1pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : false, + checkMsg : "Use Password Manager to remember this password.", + checked : true, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + uname.value = null; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + ok(uname.value == "user1name" || uname.value == "user2name", "Checking returned username"); + ok(pword.value == "user1pass" || uname.value == "user2pass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_multipleExisting1() { + // test filling in existing login (user1 from multiple selection) + state = { + msg : "the message", + title : "the title", + textValue : "user1name", + passValue : "user1pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : false, + checkMsg : "Use Password Manager to remember this password.", + checked : true, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + uname.value = "user1name"; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(uname.value, "user1name", "Checking returned username"); + is(pword.value, "user1pass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_multipleExisting2() { + // test filling in existing login (user2 from multiple selection) + state = { + msg : "the message", + title : "the title", + textValue : "user2name", + passValue : "user2pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : false, + checkMsg : "Use Password Manager to remember this password.", + checked : true, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + uname.value = "user2name"; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(uname.value, "user2name", "Checking returned username"); + is(pword.value, "user2pass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_passwordChange() { + // test changing password + state = { + msg : "the message", + title : "the title", + textValue : "user2name", + passValue : "user2pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : false, + checkMsg : "Use Password Manager to remember this password.", + checked : true, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "NEWuser2pass", + }; + uname.value = "user2name"; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(uname.value, "user2name", "Checking returned username"); + is(pword.value, "NEWuser2pass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_changePasswordBack() { + // test changing password (back to original value) + state = { + msg : "the message", + title : "the title", + textValue : "user2name", + passValue : "NEWuser2pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : false, + checkMsg : "Use Password Manager to remember this password.", + checked : true, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "user2pass", + }; + uname.value = "user2name"; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "http://example2.com", + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(uname.value, "user2name", "Checking returned username"); + is(pword.value, "user2pass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_realm() { + // We don't pre-fill or save for NS_GetAuthKey-generated realms, but we should still prompt + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + textField : "fill2user", + passField : "fill2pass", + }; + uname.value = null; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "example2.com:80 (somerealm)", + Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(uname.value, "fill2user", "Checking returned username"); + is(pword.value, "fill2pass", "Checking returned password"); +}); + +add_task(function* test_promptUsernameAndPassword_realm2() { + // We don't pre-fill or save for NS_GetAuthKey-generated realms, but we should still prompt + state = { + msg : "the message", + title : "the title", + textValue : "", + passValue : "", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + textField : "fill2user", + passField : "fill2pass", + }; + uname.value = null; + pword.value = null; + promptDone = handlePrompt(state, action); + isOk = prompter1.promptUsernameAndPassword(defaultTitle, defaultMsg, "example2.com:80 (somerealm)", + Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY, uname, pword); + yield promptDone; + ok(isOk, "Checking dialog return value (accept)"); + is(uname.value, "fill2user", "Checking returned username"); + is(pword.value, "fill2pass", "Checking returned password"); +}); + +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt_http.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt_http.html new file mode 100644 index 000000000..0dc8fdf9c --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt_http.html @@ -0,0 +1,362 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test HTTP auth prompts by loading authenticate.sjs</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<p id="display"></p> + +<div id="content" style="display: none"> + <iframe id="iframe"></iframe> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> +var iframe = document.getElementById("iframe"); + +// Force parent to not look for tab-modal prompts, as they're not used for auth prompts. +isTabModal = false; + +const AUTHENTICATE_PATH = new URL("authenticate.sjs", window.location.href).pathname; + +let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + +runInParent(() => { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + let pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + + let login3A, login3B, login4; + login3A = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login3B = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login4 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let httpUpgradeLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let httpsDowngradeLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let dedupeHttpUpgradeLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let dedupeHttpsUpgradeLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + + + login3A.init("http://mochi.test:8888", null, "mochitest", + "mochiuser1", "mochipass1", "", ""); + login3B.init("http://mochi.test:8888", null, "mochitest2", + "mochiuser2", "mochipass2", "", ""); + login4.init("http://mochi.test:8888", null, "mochitest3", + "mochiuser3", "mochipass3-old", "", ""); + // Logins to test scheme upgrades (allowed) and downgrades (disallowed) + httpUpgradeLogin.init("http://example.com", null, "schemeUpgrade", + "httpUser", "httpPass", "", ""); + httpsDowngradeLogin.init("https://example.com", null, "schemeDowngrade", + "httpsUser", "httpsPass", "", ""); + // HTTP and HTTPS version of the same domain and realm but with different passwords. + dedupeHttpUpgradeLogin.init("http://example.org", null, "schemeUpgradeDedupe", + "dedupeUser", "httpPass", "", ""); + dedupeHttpsUpgradeLogin.init("https://example.org", null, "schemeUpgradeDedupe", + "dedupeUser", "httpsPass", "", ""); + + + pwmgr.addLogin(login3A); + pwmgr.addLogin(login3B); + pwmgr.addLogin(login4); + pwmgr.addLogin(httpUpgradeLogin); + pwmgr.addLogin(httpsDowngradeLogin); + pwmgr.addLogin(dedupeHttpUpgradeLogin); + pwmgr.addLogin(dedupeHttpsUpgradeLogin); +}); + +add_task(function* test_iframe() { + let state = { + msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest”", + title : "Authentication Required", + textValue : "mochiuser1", + passValue : "mochipass1", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + let action = { + buttonClick : "ok", + }; + promptDone = handlePrompt(state, action); + + // The following tests are driven by iframe loads + + var iframeLoaded = onloadPromiseFor("iframe"); + iframe.src = "authenticate.sjs?user=mochiuser1&pass=mochipass1"; + yield promptDone; + yield iframeLoaded; + checkEchoedAuthInfo({user: "mochiuser1", pass: "mochipass1"}, + iframe.contentDocument); + + state = { + msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest2”", + title : "Authentication Required", + textValue : "mochiuser2", + passValue : "mochipass2", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + promptDone = handlePrompt(state, action); + // We've already authenticated to this host:port. For this next + // request, the existing auth should be sent, we'll get a 401 reply, + // and we should prompt for new auth. + iframeLoaded = onloadPromiseFor("iframe"); + iframe.src = "authenticate.sjs?user=mochiuser2&pass=mochipass2&realm=mochitest2"; + yield promptDone; + yield iframeLoaded; + checkEchoedAuthInfo({user: "mochiuser2", pass: "mochipass2"}, + iframe.contentDocument); + + // Now make a load that requests the realm from test 1000. It was + // already provided there, so auth will *not* be prompted for -- the + // networking layer already knows it! + iframeLoaded = onloadPromiseFor("iframe"); + iframe.src = "authenticate.sjs?user=mochiuser1&pass=mochipass1"; + yield iframeLoaded; + checkEchoedAuthInfo({user: "mochiuser1", pass: "mochipass1"}, + iframe.contentDocument); + + // Same realm we've already authenticated to, but with a different + // expected password (to trigger an auth prompt, and change-password + // popup notification). + state = { + msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest”", + title : "Authentication Required", + textValue : "mochiuser1", + passValue : "mochipass1", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "mochipass1-new", + }; + promptDone = handlePrompt(state, action); + iframeLoaded = onloadPromiseFor("iframe"); + let promptShownPromise = promisePromptShown("passwordmgr-prompt-change"); + iframe.src = "authenticate.sjs?user=mochiuser1&pass=mochipass1-new"; + yield promptDone; + yield iframeLoaded; + checkEchoedAuthInfo({user: "mochiuser1", pass: "mochipass1-new"}, + iframe.contentDocument); + yield promptShownPromise; + + // Same as last test, but for a realm we haven't already authenticated + // to (but have an existing saved login for, so that we'll trigger + // a change-password popup notification. + state = { + msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest3”", + title : "Authentication Required", + textValue : "mochiuser3", + passValue : "mochipass3-old", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + passField : "mochipass3-new", + }; + promptDone = handlePrompt(state, action); + iframeLoaded = onloadPromiseFor("iframe"); + promptShownPromise = promisePromptShown("passwordmgr-prompt-change"); + iframe.src = "authenticate.sjs?user=mochiuser3&pass=mochipass3-new&realm=mochitest3"; + yield promptDone; + yield iframeLoaded; + checkEchoedAuthInfo({user: "mochiuser3", pass: "mochipass3-new"}, + iframe.contentDocument); + yield promptShownPromise; + + // Housekeeping: Delete login4 to test the save prompt in the next test. + runInParent(() => { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + var tmpLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + tmpLogin.init("http://mochi.test:8888", null, "mochitest3", + "mochiuser3", "mochipass3-old", "", ""); + Services.logins.removeLogin(tmpLogin); + + // Clear cached auth from this subtest, and avoid leaking due to bug 459620. + var authMgr = Cc['@mozilla.org/network/http-auth-manager;1']. + getService(Ci.nsIHttpAuthManager); + authMgr.clearAll(); + }); + + state = { + msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest3”", + title : "Authentication Required", + textValue : "", + passValue : "", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + textField : "mochiuser3", + passField : "mochipass3-old", + }; + // Trigger a new prompt, so we can test adding a new login. + promptDone = handlePrompt(state, action); + + iframeLoaded = onloadPromiseFor("iframe"); + promptShownPromise = promisePromptShown("passwordmgr-prompt-save"); + iframe.src = "authenticate.sjs?user=mochiuser3&pass=mochipass3-old&realm=mochitest3"; + yield promptDone; + yield iframeLoaded; + checkEchoedAuthInfo({user: "mochiuser3", pass: "mochipass3-old"}, + iframe.contentDocument); + yield promptShownPromise; +}); + +add_task(function* test_schemeUpgrade() { + let state = { + msg : "https://example.com is requesting your username and password. " + + "WARNING: Your password will not be sent to the website you are currently visiting!", + title : "Authentication Required", + textValue : "httpUser", + passValue : "httpPass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + let action = { + buttonClick : "ok", + }; + let promptDone = handlePrompt(state, action); + + // The following tests are driven by iframe loads + + let iframeLoaded = onloadPromiseFor("iframe"); + iframe.src = "https://example.com" + AUTHENTICATE_PATH + + "?user=httpUser&pass=httpPass&realm=schemeUpgrade"; + yield promptDone; + yield iframeLoaded; + checkEchoedAuthInfo({user: "httpUser", pass: "httpPass"}, + SpecialPowers.wrap(iframe).contentDocument); +}); + +add_task(function* test_schemeDowngrade() { + let state = { + msg : "http://example.com is requesting your username and password. " + + "WARNING: Your password will not be sent to the website you are currently visiting!", + title : "Authentication Required", + textValue : "", // empty because we shouldn't downgrade + passValue : "", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + let action = { + buttonClick : "cancel", + }; + let promptDone = handlePrompt(state, action); + + // The following tests are driven by iframe loads + + let iframeLoaded = onloadPromiseFor("iframe"); + iframe.src = "http://example.com" + AUTHENTICATE_PATH + + "?user=unused&pass=unused&realm=schemeDowngrade"; + yield promptDone; + yield iframeLoaded; +}); + +add_task(function* test_schemeUpgrade_dedupe() { + let state = { + msg : "https://example.org is requesting your username and password. " + + "WARNING: Your password will not be sent to the website you are currently visiting!", + title : "Authentication Required", + textValue : "dedupeUser", + passValue : "httpsPass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + let action = { + buttonClick : "ok", + }; + let promptDone = handlePrompt(state, action); + + // The following tests are driven by iframe loads + + let iframeLoaded = onloadPromiseFor("iframe"); + iframe.src = "https://example.org" + AUTHENTICATE_PATH + + "?user=dedupeUser&pass=httpsPass&realm=schemeUpgradeDedupe"; + yield promptDone; + yield iframeLoaded; + checkEchoedAuthInfo({user: "dedupeUser", pass: "httpsPass"}, + SpecialPowers.wrap(iframe).contentDocument); +}); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt_noWindow.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt_noWindow.html new file mode 100644 index 000000000..92af172ca --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt_noWindow.html @@ -0,0 +1,81 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test HTTP auth prompts by loading authenticate.sjs with no window</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<p id="display"></p> + +<div id="content" style="display: none"> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +// Force parent to not look for tab-modal prompts, as they're not used for auth prompts. +isTabModal = false; + +let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + +runInParent(() => { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + + let login = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login.init("http://mochi.test:8888", null, "mochitest", + "mochiuser1", "mochipass1", "", ""); + Services.logins.addLogin(login); +}); + +add_task(function* test_sandbox_xhr() { + let state = { + msg : "http://mochi.test:8888 is requesting your username and password. The site says: “mochitest”", + title : "Authentication Required", + textValue : "mochiuser1", + passValue : "mochipass1", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + let action = { + buttonClick : "ok", + }; + let promptDone = handlePrompt(state, action); + + let url = new URL("authenticate.sjs?user=mochiuser1&pass=mochipass1", window.location.href); + let sandboxConstructor = SpecialPowers.Cu.Sandbox; + let sandbox = new sandboxConstructor(this, {wantXrays: true}); + function sandboxedRequest(sandboxedUrl) { + let req = SpecialPowers.Cc["@mozilla.org/xmlextras/xmlhttprequest;1"] + .createInstance(SpecialPowers.Ci.nsIXMLHttpRequest); + req.open("GET", sandboxedUrl, true); + req.send(null); + } + + let loginModifiedPromise = promiseStorageChanged(["modifyLogin"]); + sandbox.sandboxedRequest = sandboxedRequest(url); + info("send the XHR request in the sandbox"); + SpecialPowers.Cu.evalInSandbox("sandboxedRequest;", sandbox); + + yield promptDone; + info("prompt shown, waiting for metadata updates"); + // Ensure the timeLastUsed and timesUsed metadata are updated. + yield loginModifiedPromise; +}); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth.html new file mode 100644 index 000000000..36f53a54a --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth.html @@ -0,0 +1,406 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test promptAuth prompts</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<p id="display"></p> + +<div id="content" style="display: none"> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> +var state, action; +var isOk; + +var level = Ci.nsIAuthPrompt2.LEVEL_NONE; +var authinfo = { + username : "", + password : "", + domain : "", + + flags : Ci.nsIAuthInformation.AUTH_HOST, + authenticationScheme : "basic", + realm : "" +}; + +// Force parent to not look for tab-modal prompts, as they're not used for auth prompts. +isTabModal = false; + +let chromeScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + +let prompterParent = runInParent(() => { + const { classes: Cc, interfaces: Ci, utils: Cu } = Components; + const promptFac = Cc["@mozilla.org/passwordmanager/authpromptfactory;1"]. + getService(Ci.nsIPromptFactory); + + Cu.import("resource://gre/modules/Services.jsm"); + let chromeWin = Services.wm.getMostRecentWindow("navigator:browser"); + let prompter2 = promptFac.getPrompt(chromeWin, Ci.nsIAuthPrompt2); + + let ioService = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService); + let channels = {}; + channels.channel1 = ioService.newChannel2("http://example.com", + null, + null, + null, // aLoadingNode + Services. + scriptSecurityManager.getSystemPrincipal(), + null, // aTriggeringPrincipal + Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, + Ci.nsIContentPolicy.TYPE_OTHER); + + channels.channel2 = ioService.newChannel2("http://example2.com", + null, + null, + null, // aLoadingNode + Services. + scriptSecurityManager.getSystemPrincipal(), + null, // aTriggeringPrincipal + Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, + Ci.nsIContentPolicy.TYPE_OTHER); + + addMessageListener("proxyPrompter", function onMessage(msg) { + let args = [...msg.args]; + let channelName = args.shift(); + // Replace the channel name string (arg. 0) with the channel by that name. + args.unshift(channels[channelName]); + + let rv = prompter2[msg.methodName](...args); + return { + rv, + // Send the args back to content so out/inout args can be checked. + args: msg.args, + }; + }); + + Cu.import("resource://gre/modules/Services.jsm"); + + let pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + + let login1, login2A, login2B, login2C, login2D, login2E; + login1 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2A = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2B = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2C = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2D = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2E = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + + login1.init("http://example.com", null, "http://example.com", + "", "examplepass", "", ""); + login2A.init("http://example2.com", null, "http://example2.com", + "user1name", "user1pass", "", ""); + login2B.init("http://example2.com", null, "http://example2.com", + "user2name", "user2pass", "", ""); + login2C.init("http://example2.com", null, "http://example2.com", + "user3.name@host", "user3pass", "", ""); + login2D.init("http://example2.com", null, "http://example2.com", + "100@beef", "user3pass", "", ""); + login2E.init("http://example2.com", null, "http://example2.com", + "100%beef", "user3pass", "", ""); + + pwmgr.addLogin(login1); + pwmgr.addLogin(login2A); + pwmgr.addLogin(login2B); + pwmgr.addLogin(login2C); + pwmgr.addLogin(login2D); + pwmgr.addLogin(login2E); +}); + +let prompter2 = new PrompterProxy(prompterParent); + +add_task(function* test_accept() { + state = { + msg : "http://example.com is requesting your username and password. The site says: “some realm”", + title : "Authentication Required", + textValue : "inuser", + passValue : "inpass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + textField : "outuser", + passField : "outpass", + }; + authinfo.username = "inuser"; + authinfo.password = "inpass"; + authinfo.realm = "some realm"; + + promptDone = handlePrompt(state, action); + // Since prompter2 is actually a proxy to send a message to a chrome script and + // we can't send a channel in a message, we instead send the channel name that + // already exists in the chromeScript. + isOk = prompter2.promptAuth("channel1", level, authinfo); + yield promptDone; + + ok(isOk, "Checking dialog return value (accept)"); + is(authinfo.username, "outuser", "Checking returned username"); + is(authinfo.password, "outpass", "Checking returned password"); +}); + +add_task(function* test_cancel() { + state = { + msg : "http://example.com is requesting your username and password. The site says: “some realm”", + title : "Authentication Required", + textValue : "outuser", + passValue : "outpass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "cancel", + }; + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth("channel1", level, authinfo); + yield promptDone; + + ok(!isOk, "Checking dialog return value (cancel)"); +}); + +add_task(function* test_pwonly() { + // test filling in password-only login + state = { + msg : "http://example.com is requesting your username and password. The site says: “http://example.com”", + title : "Authentication Required", + textValue : "", + passValue : "examplepass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + authinfo.username = ""; + authinfo.password = ""; + authinfo.realm = "http://example.com"; + + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth("channel1", level, authinfo); + yield promptDone; + + ok(isOk, "Checking dialog return value (accept)"); + is(authinfo.username, "", "Checking returned username"); + is(authinfo.password, "examplepass", "Checking returned password"); +}); + +add_task(function* test_multipleExisting() { + // test filling in existing login (undetermined from multiple selection) + // user2name/user2pass would also be valid to fill here. + state = { + msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”", + title : "Authentication Required", + textValue : "user1name", + passValue : "user1pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + authinfo.username = ""; + authinfo.password = ""; + authinfo.realm = "http://example2.com"; + + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth("channel2", level, authinfo); + yield promptDone; + + ok(isOk, "Checking dialog return value (accept)"); + ok(authinfo.username == "user1name" || authinfo.username == "user2name", "Checking returned username"); + ok(authinfo.password == "user1pass" || authinfo.password == "user2pass", "Checking returned password"); +}); + +add_task(function* test_multipleExisting2() { + // test filling in existing login (undetermined --> user1) + // user2name/user2pass would also be valid to fill here. + state = { + msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”", + title : "Authentication Required", + textValue : "user1name", + passValue : "user1pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + // enter one of the known logins, test 504+505 exercise the two possible states. + action = { + buttonClick : "ok", + textField : "user1name", + passField : "user1pass", + }; + authinfo.username = ""; + authinfo.password = ""; + authinfo.realm = "http://example2.com"; + + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth("channel2", level, authinfo); + yield promptDone; + + ok(isOk, "Checking dialog return value (accept)"); + is(authinfo.username, "user1name", "Checking returned username"); + is(authinfo.password, "user1pass", "Checking returned password"); +}); + +add_task(function* test_multipleExisting3() { + // test filling in existing login (undetermined --> user2) + // user2name/user2pass would also be valid to fill here. + state = { + msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”", + title : "Authentication Required", + textValue : "user1name", + passValue : "user1pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + // enter one of the known logins, test 504+505 exercise the two possible states. + action = { + buttonClick : "ok", + textField : "user2name", + passField : "user2pass", + }; + authinfo.username = ""; + authinfo.password = ""; + authinfo.realm = "http://example2.com"; + + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth("channel2", level, authinfo); + yield promptDone; + + ok(isOk, "Checking dialog return value (accept)"); + is(authinfo.username, "user2name", "Checking returned username"); + is(authinfo.password, "user2pass", "Checking returned password"); +}); + +add_task(function* test_changingMultiple() { + // test changing a password (undetermined --> user2 w/ newpass) + // user2name/user2pass would also be valid to fill here. + state = { + msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”", + title : "Authentication Required", + textValue : "user1name", + passValue : "user1pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + // force to user2, and change the password + action = { + buttonClick : "ok", + textField : "user2name", + passField : "NEWuser2pass", + }; + authinfo.username = ""; + authinfo.password = ""; + authinfo.realm = "http://example2.com"; + + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth("channel2", level, authinfo); + yield promptDone; + + ok(isOk, "Checking dialog return value (accept)"); + is(authinfo.username, "user2name", "Checking returned username"); + is(authinfo.password, "NEWuser2pass", "Checking returned password"); +}); + +add_task(function* test_changingMultiple2() { + // test changing a password (undetermined --> user2 w/ origpass) + // user2name/user2pass would also be valid to fill here. + state = { + msg : "http://example2.com is requesting your username and password. The site says: “http://example2.com”", + title : "Authentication Required", + textValue : "user1name", + passValue : "user1pass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + // force to user2, and change the password back + action = { + buttonClick : "ok", + textField : "user2name", + passField : "user2pass", + }; + authinfo.username = ""; + authinfo.password = ""; + authinfo.realm = "http://example2.com"; + + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth("channel2", level, authinfo); + yield promptDone; + + ok(isOk, "Checking dialog return value (accept)"); + is(authinfo.username, "user2name", "Checking returned username"); + is(authinfo.password, "user2pass", "Checking returned password"); +}); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth_proxy.html b/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth_proxy.html new file mode 100644 index 000000000..95dd4c7bc --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_prompt_promptAuth_proxy.html @@ -0,0 +1,264 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test promptAuth proxy prompts</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<p id="display"></p> + +<div id="content" style="display: none"> + <iframe id="iframe"></iframe> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> +var state, action; +var pwmgr; +var proxyLogin; +var isOk; +var mozproxy, proxiedHost = "http://mochi.test:8888"; +var proxyChannel; +var systemPrincipal = SpecialPowers.Services.scriptSecurityManager.getSystemPrincipal(); +var ioService = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService); + +var prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch); + +var level = Ci.nsIAuthPrompt2.LEVEL_NONE; + +var proxyAuthinfo = { + username : "", + password : "", + domain : "", + + flags : Ci.nsIAuthInformation.AUTH_PROXY, + authenticationScheme : "basic", + realm : "" +}; + +// Force parent to not look for tab-modal prompts, as they're not used for auth prompts. +isTabModal = false; + +const Cc_promptFac = Cc["@mozilla.org/passwordmanager/authpromptfactory;1"]; +ok(Cc_promptFac != null, "Access Cc[@mozilla.org/passwordmanager/authpromptfactory;1]"); + +const Ci_promptFac = Ci.nsIPromptFactory; +ok(Ci_promptFac != null, "Access Ci.nsIPromptFactory"); + +const promptFac = Cc_promptFac.getService(Ci_promptFac); +ok(promptFac != null, "promptFac getService()"); + +var prompter2 = promptFac.getPrompt(window, Ci.nsIAuthPrompt2); + +function initLogins(pi) { + pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + + mozproxy = "moz-proxy://" + SpecialPowers.wrap(pi).host + ":" + + SpecialPowers.wrap(pi).port; + + proxyLogin = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + + proxyLogin.init(mozproxy, null, "Proxy Realm", + "proxuser", "proxpass", "", ""); + + pwmgr.addLogin(proxyLogin); +} + +var startupCompleteResolver; +var startupComplete = new Promise(resolve => startupCompleteResolver = resolve); + +function proxyChannelListener() { } +proxyChannelListener.prototype = { + onStartRequest: function(request, context) { + startupCompleteResolver(); + }, + onStopRequest: function(request, context, status) { } +}; + +var resolveCallback = SpecialPowers.wrapCallbackObject({ + QueryInterface : function (iid) { + const interfaces = [Ci.nsIProtocolProxyCallback, Ci.nsISupports]; + + if (!interfaces.some( function(v) { return iid.equals(v); } )) + throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE; + return this; + }, + + onProxyAvailable : function (req, uri, pi, status) { + initLogins(pi); + + // I'm cheating a bit here... We should probably do some magic foo to get + // something implementing nsIProxiedProtocolHandler and then call + // NewProxiedChannel(), so we have something that's definately a proxied + // channel. But Mochitests use a proxy for a number of hosts, so just + // requesting a normal channel will give us a channel that's proxied. + // The proxyChannel needs to move to at least on-modify-request to + // have valid ProxyInfo, but we use OnStartRequest during startup() + // for simplicity. + proxyChannel = ioService.newChannel2(proxiedHost, + null, + null, + null, // aLoadingNode + systemPrincipal, + null, // aTriggeringPrincipal + Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, + Ci.nsIContentPolicy.TYPE_OTHER); + proxyChannel.asyncOpen2(SpecialPowers.wrapCallbackObject(new proxyChannelListener())); + } +}); + +function startup() { + // Need to allow for arbitrary network servers defined in PAC instead of a hardcoded moz-proxy. + var ios = SpecialPowers.Cc["@mozilla.org/network/io-service;1"]. + getService(SpecialPowers.Ci.nsIIOService); + + var pps = SpecialPowers.Cc["@mozilla.org/network/protocol-proxy-service;1"].getService(); + + var channel = ios.newChannel2("http://example.com", + null, + null, + null, // aLoadingNode + systemPrincipal, + null, // aTriggeringPrincipal + Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, + Ci.nsIContentPolicy.TYPE_OTHER); + pps.asyncResolve(channel, 0, resolveCallback); +} + +startup(); + +add_task(function* setup() { + info("Waiting for startup to complete..."); + yield startupComplete; +}); + +add_task(function* test_noAutologin() { + // test proxy login (default = no autologin), make sure it prompts. + state = { + msg : "The proxy moz-proxy://127.0.0.1:8888 is requesting a username and password. The site says: “Proxy Realm”", + title : "Authentication Required", + textValue : "proxuser", + passValue : "proxpass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + proxyAuthinfo.username = ""; + proxyAuthinfo.password = ""; + proxyAuthinfo.realm = "Proxy Realm"; + proxyAuthinfo.flags = Ci.nsIAuthInformation.AUTH_PROXY; + + var time1 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed; + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth(proxyChannel, level, proxyAuthinfo); + yield promptDone; + var time2 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed; + + ok(isOk, "Checking dialog return value (accept)"); + isnot(time1, time2, "Checking that timeLastUsed was updated"); + is(proxyAuthinfo.username, "proxuser", "Checking returned username"); + is(proxyAuthinfo.password, "proxpass", "Checking returned password"); +}); + +add_task(function* test_autologin() { + // test proxy login (with autologin) + + // Enable the autologin pref. + prefs.setBoolPref("signon.autologin.proxy", true); + + proxyAuthinfo.username = ""; + proxyAuthinfo.password = ""; + proxyAuthinfo.realm = "Proxy Realm"; + proxyAuthinfo.flags = Ci.nsIAuthInformation.AUTH_PROXY; + + time1 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed; + isOk = prompter2.promptAuth(proxyChannel, level, proxyAuthinfo); + time2 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed; + + ok(isOk, "Checking dialog return value (accept)"); + isnot(time1, time2, "Checking that timeLastUsed was updated"); + is(proxyAuthinfo.username, "proxuser", "Checking returned username"); + is(proxyAuthinfo.password, "proxpass", "Checking returned password"); +}); + +add_task(function* test_autologin_incorrect() { + // test proxy login (with autologin), ensure it prompts after a failed auth. + state = { + msg : "The proxy moz-proxy://127.0.0.1:8888 is requesting a username and password. The site says: “Proxy Realm”", + title : "Authentication Required", + textValue : "proxuser", + passValue : "proxpass", + iconClass : "authentication-icon question-icon", + titleHidden : true, + textHidden : false, + passHidden : false, + checkHidden : true, + checkMsg : "", + checked : false, + focused : "textField", + defButton : "button0", + }; + action = { + buttonClick : "ok", + }; + + proxyAuthinfo.username = ""; + proxyAuthinfo.password = ""; + proxyAuthinfo.realm = "Proxy Realm"; + proxyAuthinfo.flags = (Ci.nsIAuthInformation.AUTH_PROXY | Ci.nsIAuthInformation.PREVIOUS_FAILED); + + time1 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed; + promptDone = handlePrompt(state, action); + isOk = prompter2.promptAuth(proxyChannel, level, proxyAuthinfo); + yield promptDone; + time2 = pwmgr.findLogins({}, mozproxy, null, "Proxy Realm")[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed; + + ok(isOk, "Checking dialog return value (accept)"); + isnot(time1, time2, "Checking that timeLastUsed was updated"); + is(proxyAuthinfo.username, "proxuser", "Checking returned username"); + is(proxyAuthinfo.password, "proxpass", "Checking returned password"); +}); + +add_task(function* test_autologin_private() { + // test proxy login (with autologin), ensure it prompts in Private Browsing mode. + state = { + msg : "the message", + title : "the title", + textValue : "proxuser", + passValue : "proxpass", + }; + action = { + buttonClick : "ok", + }; + + proxyAuthinfo.username = ""; + proxyAuthinfo.password = ""; + proxyAuthinfo.realm = "Proxy Realm"; + proxyAuthinfo.flags = Ci.nsIAuthInformation.AUTH_PROXY; + + prefs.clearUserPref("signon.autologin.proxy"); + + // XXX check for and kill popup notification?? + // XXX check for checkbox / checkstate on old prompts? + // XXX check NTLM domain stuff +}); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_recipe_login_fields.html b/toolkit/components/passwordmgr/test/mochitest/test_recipe_login_fields.html new file mode 100644 index 000000000..943bffc52 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_recipe_login_fields.html @@ -0,0 +1,145 @@ +<!DOCTYPE html> +<html> +<head> + <meta charset="utf-8"> + <title>Test for recipes overriding login fields</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <script src="/tests/SimpleTest/SpawnTask.js"></script> + <script src="pwmgr_common.js"></script> + <link rel="stylesheet" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script> +var chromeScript = runChecksAfterCommonInit(); + +let fillPromiseResolvers = []; + +function waitForFills(fillCount) { + let promises = []; + while (fillCount--) { + let promise = new Promise(resolve => fillPromiseResolvers.push(resolve)); + promises.push(promise); + } + + return Promise.all(promises); +} + +add_task(function* setup() { + if (document.readyState !== "complete") { + yield new Promise((resolve) => { + document.onreadystatechange = () => { + if (document.readyState !== "complete") { + return; + } + document.onreadystatechange = null; + resolve(); + }; + }); + } + + document.getElementById("content") + .addEventListener("input", function handleInputEvent(evt) { + let resolve = fillPromiseResolvers.shift(); + if (!resolve) { + ok(false, "Too many fills"); + return; + } + + resolve(evt.target); + }); +}); + +add_task(function* loadUsernamePasswordSelectorRecipes() { + yield loadRecipes({ + siteRecipes: [{ + hosts: ["mochi.test:8888"], + usernameSelector: "input[name='uname1']", + passwordSelector: "input[name='pword2']", + }], + }); +}); + +add_task(function* testOverriddingFields() { + // Insert the form dynamically so autofill is triggered after setup above. + document.getElementById("content").innerHTML = ` + <!-- form with recipe for the username and password --> + <form id="form1"> + <input type="text" name="uname1" data-expected="true"> + <input type="text" name="uname2" data-expected="false"> + <input type="password" name="pword1" data-expected="false"> + <input type="password" name="pword2" data-expected="true"> + </form>`; + + let elements = yield waitForFills(2); + for (let element of elements) { + is(element.dataset.expected, "true", `${element.name} was filled`); + } +}); + +add_task(function* testDefaultHeuristics() { + // Insert the form dynamically so autofill is triggered after setup above. + document.getElementById("content").innerHTML = ` + <!-- Fallback to the default heuristics since the selectors don't match --> + <form id="form2"> + <input type="text" name="uname3" data-expected="false"> + <input type="text" name="uname4" data-expected="true"> + <input type="password" name="pword3" data-expected="true"> + <input type="password" name="pword4" data-expected="false"> + </form>`; + + let elements = yield waitForFills(2); + for (let element of elements) { + is(element.dataset.expected, "true", `${element.name} was filled`); + } +}); + +add_task(function* loadNotUsernameSelectorRecipes() { + yield resetRecipes(); + yield loadRecipes({ + siteRecipes: [{ + hosts: ["mochi.test:8888"], + notUsernameSelector: "input[name='not_uname1']" + }], + }); +}); + +add_task(function* testNotUsernameField() { + document.getElementById("content").innerHTML = ` + <!-- The field matching notUsernameSelector should be skipped --> + <form id="form3"> + <input type="text" name="uname5" data-expected="true"> + <input type="text" name="not_uname1" data-expected="false"> + <input type="password" name="pword5" data-expected="true"> + </form>`; + + let elements = yield waitForFills(2); + for (let element of elements) { + is(element.dataset.expected, "true", `${element.name} was filled`); + } +}); + +add_task(function* testNotUsernameFieldNoUsername() { + document.getElementById("content").innerHTML = ` + <!-- The field matching notUsernameSelector should be skipped. + No username field should be found and filled in this case --> + <form id="form4"> + <input type="text" name="not_uname1" data-expected="false"> + <input type="password" name="pword6" data-expected="true"> + </form>`; + + let elements = yield waitForFills(1); + for (let element of elements) { + is(element.dataset.expected, "true", `${element.name} was filled`); + } +}); + +</script> + +<p id="display"></p> + +<div id="content"> + // Forms are inserted dynamically +</div> +<pre id="test"></pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_username_focus.html b/toolkit/components/passwordmgr/test/mochitest/test_username_focus.html new file mode 100644 index 000000000..c93c1e9c9 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_username_focus.html @@ -0,0 +1,263 @@ + +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test interaction between autocomplete and focus on username fields</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript" src="satchel_common.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<script> +let pwmgrCommonScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + +let readyPromise = registerRunTests(); +let chromeScript = runInParent(function chromeSetup() { + const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + let pwmgr = Cc["@mozilla.org/login-manager;1"].getService(Ci.nsILoginManager); + + let login1A = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let login1B = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let login2A = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let login2B = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + let login2C = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + + login1A.init("http://mochi.test:8888", "http://username-focus-1", null, + "testuser1A", "testpass1A", "", ""); + + login2A.init("http://mochi.test:8888", "http://username-focus-2", null, + "testuser2A", "testpass2A", "", ""); + login2B.init("http://mochi.test:8888", "http://username-focus-2", null, + "testuser2B", "testpass2B", "", ""); + + pwmgr.addLogin(login1A); + pwmgr.addLogin(login2A); + pwmgr.addLogin(login2B); +}); +</script> + +<p id="display"></p> +<div id="content"> + <!-- first 3 forms have a matching user+pass login --> + + <!-- user+pass form. --> + <form id="form-autofilled" action="http://username-focus-1"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit" name="submit">Submit</button> + </form> + + <!-- user+pass form, username prefilled --> + <form id="form-autofilled-prefilled-un" action="http://username-focus-1"> + <input type="text" name="uname" value="testuser1A"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- user+pass form. --> + <form id="form-autofilled-focused-dynamic" action="http://username-focus-1"> + <input type="text" name="uname"> + <input type="not-yet-password" name="pword"> + <button type="submit">Submit</button> + </form> + + + <!-- next 5 forms have matching user+pass (2x) logins --> + + <!-- user+pass form. --> + <form id="form-multiple" action="http://username-focus-2"> + <input type="text" name="uname"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- user+pass form dynamic with existing focus --> + <form id="form-multiple-dynamic" action="http://username-focus-2"> + <input type="text" name="uname"> + <input type="not-yet-password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- user+pass form, username prefilled --> + <form id="form-multiple-prefilled-un1" action="http://username-focus-2"> + <input type="text" name="uname" value="testuser2A"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- user+pass form, different username prefilled --> + <form id="form-multiple-prefilled-un2" action="http://username-focus-2"> + <input type="text" name="uname" value="testuser2B"> + <input type="password" name="pword"> + <button type="submit">Submit</button> + </form> + + <!-- user+pass form, username prefilled with existing focus --> + <form id="form-multiple-prefilled-focused-dynamic" action="http://username-focus-2"> + <input type="text" name="uname" value="testuser2B"> + <input type="not-yet-password" name="pword"> + <button type="submit">Submit</button> + </form> + +</div> +<pre id="test"> +<script class="testbody" type="text/javascript"> +function removeFocus() { + $_("-autofilled", "submit").focus(); +} + +add_task(function* setup() { + yield SpecialPowers.pushPrefEnv({"set": [ + ["security.insecure_field_warning.contextual.enabled", false], + ]}); + + ok(readyPromise, "check promise is available"); + yield readyPromise; +}); + +add_task(function* test_autofilled() { + let usernameField = $_("-autofilled", "uname"); + info("Username and password already filled so don't show autocomplete"); + let noPopupPromise = promiseNoUnexpectedPopupShown(); + usernameField.focus(); + yield noPopupPromise; + + removeFocus(); + usernameField.value = "testuser"; + info("Focus when we don't have an exact match"); + shownPromise = promiseACShown(); + usernameField.focus(); + yield shownPromise; +}); + +add_task(function* test_autofilled_prefilled_un() { + let usernameField = $_("-autofilled-prefilled-un", "uname"); + info("Username and password already filled so don't show autocomplete"); + let noPopupPromise = promiseNoUnexpectedPopupShown(); + usernameField.focus(); + yield noPopupPromise; + + removeFocus(); + usernameField.value = "testuser"; + info("Focus when we don't have an exact match"); + shownPromise = promiseACShown(); + usernameField.focus(); + yield shownPromise; +}); + +add_task(function* test_autofilled_focused_dynamic() { + let usernameField = $_("-autofilled-focused-dynamic", "uname"); + let passwordField = $_("-autofilled-focused-dynamic", "pword"); + info("Username and password will be filled while username focused"); + let noPopupPromise = promiseNoUnexpectedPopupShown(); + usernameField.focus(); + yield noPopupPromise; + info("triggering autofill"); + noPopupPromise = promiseNoUnexpectedPopupShown(); + passwordField.type = "password"; + yield noPopupPromise; + + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is closed"); + + removeFocus(); + passwordField.value = "test"; + info("Focus when we don't have an exact match"); + shownPromise = promiseACShown(); + usernameField.focus(); + yield shownPromise; +}); + +// Begin testing forms that have multiple saved logins + +add_task(function* test_multiple() { + let usernameField = $_("-multiple", "uname"); + info("Fields not filled due to multiple so autocomplete upon focus"); + shownPromise = promiseACShown(); + usernameField.focus(); + yield shownPromise; +}); + +add_task(function* test_multiple_dynamic() { + let usernameField = $_("-multiple-dynamic", "uname"); + let passwordField = $_("-multiple-dynamic", "pword"); + info("Fields not filled but username is focused upon marking so open"); + let noPopupPromise = promiseNoUnexpectedPopupShown(); + usernameField.focus(); + yield noPopupPromise; + + info("triggering _fillForm code"); + let shownPromise = promiseACShown(); + passwordField.type = "password"; + yield shownPromise; +}); + +add_task(function* test_multiple_prefilled_un1() { + let usernameField = $_("-multiple-prefilled-un1", "uname"); + info("Username and password already filled so don't show autocomplete"); + let noPopupPromise = promiseNoUnexpectedPopupShown(); + usernameField.focus(); + yield noPopupPromise; + + removeFocus(); + usernameField.value = "testuser"; + info("Focus when we don't have an exact match"); + shownPromise = promiseACShown(); + usernameField.focus(); + yield shownPromise; +}); + +add_task(function* test_multiple_prefilled_un2() { + let usernameField = $_("-multiple-prefilled-un2", "uname"); + info("Username and password already filled so don't show autocomplete"); + let noPopupPromise = promiseNoUnexpectedPopupShown(); + usernameField.focus(); + yield noPopupPromise; + + removeFocus(); + usernameField.value = "testuser"; + info("Focus when we don't have an exact match"); + shownPromise = promiseACShown(); + usernameField.focus(); + yield shownPromise; +}); + +add_task(function* test_multiple_prefilled_focused_dynamic() { + let usernameField = $_("-multiple-prefilled-focused-dynamic", "uname"); + let passwordField = $_("-multiple-prefilled-focused-dynamic", "pword"); + info("Username and password will be filled while username focused"); + let noPopupPromise = promiseNoUnexpectedPopupShown(); + usernameField.focus(); + yield noPopupPromise; + info("triggering autofill"); + noPopupPromise = promiseNoUnexpectedPopupShown(); + passwordField.type = "password"; + yield noPopupPromise; + + let popupState = yield getPopupState(); + is(popupState.open, false, "Check popup is closed"); + + removeFocus(); + passwordField.value = "test"; + info("Focus when we don't have an exact match"); + shownPromise = promiseACShown(); + usernameField.focus(); + yield shownPromise; +}); + +add_task(function* cleanup() { + removeFocus(); +}); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/mochitest/test_xhr_2.html b/toolkit/components/passwordmgr/test/mochitest/test_xhr_2.html new file mode 100644 index 000000000..fa8357792 --- /dev/null +++ b/toolkit/components/passwordmgr/test/mochitest/test_xhr_2.html @@ -0,0 +1,55 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugzilla.mozilla.org/show_bug.cgi?id=654348 +--> +<head> + <meta charset="utf-8"> + <title>Test XHR auth with user and pass arguments</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body onload="startTest()"> +<script class="testbody" type="text/javascript"> + +/** + * This test checks we correctly ignore authentication entry + * for a subpath and use creds from the URL when provided when XHR + * is used with filled user name and password. + * + * 1. connect authenticate.sjs that excepts user1:pass1 password + * 2. connect authenticate.sjs that this time expects differentuser2:pass2 password + * we must use the creds that are provided to the xhr witch are different and expected + */ + +function doxhr(URL, user, pass, code, next) { + var xhr = new XMLHttpRequest(); + if (user && pass) + xhr.open("POST", URL, true, user, pass); + else + xhr.open("POST", URL, true); + xhr.onload = function() { + is(xhr.status, code, "expected response code " + code); + next(); + }; + xhr.onerror = function() { + ok(false, "request passed"); + finishTest(); + }; + xhr.send(); +} + +function startTest() { + doxhr("authenticate.sjs?user=dummy&pass=pass1&realm=realm1&formauth=1", "dummy", "dummy", 403, function() { + doxhr("authenticate.sjs?user=dummy&pass=pass1&realm=realm1&formauth=1", "dummy", "pass1", 200, finishTest); + }); +} + +function finishTest() { + SimpleTest.finish(); +} + +</script> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/prompt_common.js b/toolkit/components/passwordmgr/test/prompt_common.js new file mode 100644 index 000000000..267e697ae --- /dev/null +++ b/toolkit/components/passwordmgr/test/prompt_common.js @@ -0,0 +1,79 @@ +/** + * NOTE: + * This file is currently only being used for tests which haven't been + * fixed to work with e10s. Favor using the `prompt_common.js` file that + * is in `toolkit/components/prompts/test/` instead. + */ + +var Ci = SpecialPowers.Ci; +ok(Ci != null, "Access Ci"); +var Cc = SpecialPowers.Cc; +ok(Cc != null, "Access Cc"); + +var didDialog; + +var timer; // keep in outer scope so it's not GC'd before firing +function startCallbackTimer() { + didDialog = false; + + // Delay before the callback twiddles the prompt. + const dialogDelay = 10; + + // Use a timer to invoke a callback to twiddle the authentication dialog + timer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer); + timer.init(observer, dialogDelay, Ci.nsITimer.TYPE_ONE_SHOT); +} + + +var observer = SpecialPowers.wrapCallbackObject({ + QueryInterface : function (iid) { + const interfaces = [Ci.nsIObserver, + Ci.nsISupports, Ci.nsISupportsWeakReference]; + + if (!interfaces.some( function(v) { return iid.equals(v); } )) + throw SpecialPowers.Components.results.NS_ERROR_NO_INTERFACE; + return this; + }, + + observe : function (subject, topic, data) { + var doc = getDialogDoc(); + if (doc) + handleDialog(doc, testNum); + else + startCallbackTimer(); // try again in a bit + } +}); + +function getDialogDoc() { + // Find the <browser> which contains notifyWindow, by looking + // through all the open windows and all the <browsers> in each. + var wm = Cc["@mozilla.org/appshell/window-mediator;1"]. + getService(Ci.nsIWindowMediator); + // var enumerator = wm.getEnumerator("navigator:browser"); + var enumerator = wm.getXULWindowEnumerator(null); + + while (enumerator.hasMoreElements()) { + var win = enumerator.getNext(); + var windowDocShell = win.QueryInterface(Ci.nsIXULWindow).docShell; + + var containedDocShells = windowDocShell.getDocShellEnumerator( + Ci.nsIDocShellTreeItem.typeChrome, + Ci.nsIDocShell.ENUMERATE_FORWARDS); + while (containedDocShells.hasMoreElements()) { + // Get the corresponding document for this docshell + var childDocShell = containedDocShells.getNext(); + // We don't want it if it's not done loading. + if (childDocShell.busyFlags != Ci.nsIDocShell.BUSY_FLAGS_NONE) + continue; + var childDoc = childDocShell.QueryInterface(Ci.nsIDocShell) + .contentViewer + .DOMDocument; + + // ok(true, "Got window: " + childDoc.location.href); + if (childDoc.location.href == "chrome://global/content/commonDialog.xul") + return childDoc; + } + } + + return null; +} diff --git a/toolkit/components/passwordmgr/test/pwmgr_common.js b/toolkit/components/passwordmgr/test/pwmgr_common.js new file mode 100644 index 000000000..fa7c4fd85 --- /dev/null +++ b/toolkit/components/passwordmgr/test/pwmgr_common.js @@ -0,0 +1,509 @@ +const TESTS_DIR = "/tests/toolkit/components/passwordmgr/test/"; + +/** + * Returns the element with the specified |name| attribute. + */ +function $_(formNum, name) { + var form = document.getElementById("form" + formNum); + if (!form) { + logWarning("$_ couldn't find requested form " + formNum); + return null; + } + + var element = form.children.namedItem(name); + if (!element) { + logWarning("$_ couldn't find requested element " + name); + return null; + } + + // Note that namedItem is a bit stupid, and will prefer an + // |id| attribute over a |name| attribute when looking for + // the element. Login Mananger happens to use .namedItem + // anyway, but let's rigorously check it here anyway so + // that we don't end up with tests that mistakenly pass. + + if (element.getAttribute("name") != name) { + logWarning("$_ got confused."); + return null; + } + + return element; +} + +/** + * Check a form for expected values. If an argument is null, a field's + * expected value will be the default value. + * + * <form id="form#"> + * checkForm(#, "foo"); + */ +function checkForm(formNum, val1, val2, val3) { + var e, form = document.getElementById("form" + formNum); + ok(form, "Locating form " + formNum); + + var numToCheck = arguments.length - 1; + + if (!numToCheck--) + return; + e = form.elements[0]; + if (val1 == null) + is(e.value, e.defaultValue, "Test default value of field " + e.name + + " in form " + formNum); + else + is(e.value, val1, "Test value of field " + e.name + + " in form " + formNum); + + + if (!numToCheck--) + return; + e = form.elements[1]; + if (val2 == null) + is(e.value, e.defaultValue, "Test default value of field " + e.name + + " in form " + formNum); + else + is(e.value, val2, "Test value of field " + e.name + + " in form " + formNum); + + + if (!numToCheck--) + return; + e = form.elements[2]; + if (val3 == null) + is(e.value, e.defaultValue, "Test default value of field " + e.name + + " in form " + formNum); + else + is(e.value, val3, "Test value of field " + e.name + + " in form " + formNum); +} + +/** + * Check a form for unmodified values from when page was loaded. + * + * <form id="form#"> + * checkUnmodifiedForm(#); + */ +function checkUnmodifiedForm(formNum) { + var form = document.getElementById("form" + formNum); + ok(form, "Locating form " + formNum); + + for (var i = 0; i < form.elements.length; i++) { + var ele = form.elements[i]; + + // No point in checking form submit/reset buttons. + if (ele.type == "submit" || ele.type == "reset") + continue; + + is(ele.value, ele.defaultValue, "Test to default value of field " + + ele.name + " in form " + formNum); + } +} + +/** + * Mochitest gives us a sendKey(), but it's targeted to a specific element. + * This basically sends an untargeted key event, to whatever's focused. + */ +function doKey(aKey, modifier) { + var keyName = "DOM_VK_" + aKey.toUpperCase(); + var key = KeyEvent[keyName]; + + // undefined --> null + if (!modifier) + modifier = null; + + // Window utils for sending fake sey events. + var wutils = SpecialPowers.wrap(window). + QueryInterface(SpecialPowers.Ci.nsIInterfaceRequestor). + getInterface(SpecialPowers.Ci.nsIDOMWindowUtils); + + if (wutils.sendKeyEvent("keydown", key, 0, modifier)) { + wutils.sendKeyEvent("keypress", key, 0, modifier); + } + wutils.sendKeyEvent("keyup", key, 0, modifier); +} + +/** + * Init with a common login + * If selfFilling is true or non-undefined, fires an event at the page so that + * the test can start checking filled-in values. Tests that check observer + * notifications might be confused by this. + */ +function commonInit(selfFilling) { + var pwmgr = SpecialPowers.Cc["@mozilla.org/login-manager;1"]. + getService(SpecialPowers.Ci.nsILoginManager); + ok(pwmgr != null, "Access LoginManager"); + + // Check that initial state has no logins + var logins = pwmgr.getAllLogins(); + is(logins.length, 0, "Not expecting logins to be present"); + var disabledHosts = pwmgr.getAllDisabledHosts(); + if (disabledHosts.length) { + ok(false, "Warning: wasn't expecting disabled hosts to be present."); + for (var host of disabledHosts) + pwmgr.setLoginSavingEnabled(host, true); + } + + // Add a login that's used in multiple tests + var login = SpecialPowers.Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(SpecialPowers.Ci.nsILoginInfo); + login.init("http://mochi.test:8888", "http://mochi.test:8888", null, + "testuser", "testpass", "uname", "pword"); + pwmgr.addLogin(login); + + // Last sanity check + logins = pwmgr.getAllLogins(); + is(logins.length, 1, "Checking for successful init login"); + disabledHosts = pwmgr.getAllDisabledHosts(); + is(disabledHosts.length, 0, "Checking for no disabled hosts"); + + if (selfFilling) + return; + + if (this.sendAsyncMessage) { + sendAsyncMessage("registerRunTests"); + } else { + registerRunTests(); + } +} + +function registerRunTests() { + return new Promise(resolve => { + // We provide a general mechanism for our tests to know when they can + // safely run: we add a final form that we know will be filled in, wait + // for the login manager to tell us that it's filled in and then continue + // with the rest of the tests. + window.addEventListener("DOMContentLoaded", (event) => { + var form = document.createElement('form'); + form.id = 'observerforcer'; + var username = document.createElement('input'); + username.name = 'testuser'; + form.appendChild(username); + var password = document.createElement('input'); + password.name = 'testpass'; + password.type = 'password'; + form.appendChild(password); + + var observer = SpecialPowers.wrapCallback(function(subject, topic, data) { + var formLikeRoot = subject.QueryInterface(SpecialPowers.Ci.nsIDOMNode); + if (formLikeRoot.id !== 'observerforcer') + return; + SpecialPowers.removeObserver(observer, "passwordmgr-processed-form"); + formLikeRoot.remove(); + SimpleTest.executeSoon(() => { + var runTestEvent = new Event("runTests"); + window.dispatchEvent(runTestEvent); + resolve(); + }); + }); + SpecialPowers.addObserver(observer, "passwordmgr-processed-form", false); + + document.body.appendChild(form); + }); + }); +} + +const masterPassword = "omgsecret!"; + +function enableMasterPassword() { + setMasterPassword(true); +} + +function disableMasterPassword() { + setMasterPassword(false); +} + +function setMasterPassword(enable) { + var oldPW, newPW; + if (enable) { + oldPW = ""; + newPW = masterPassword; + } else { + oldPW = masterPassword; + newPW = ""; + } + // Set master password. Note that this does not log you in, so the next + // invocation of pwmgr can trigger a MP prompt. + + var pk11db = Cc["@mozilla.org/security/pk11tokendb;1"].getService(Ci.nsIPK11TokenDB); + var token = pk11db.findTokenByName(""); + info("MP change from " + oldPW + " to " + newPW); + token.changePassword(oldPW, newPW); +} + +function logoutMasterPassword() { + var sdr = Cc["@mozilla.org/security/sdr;1"].getService(Ci.nsISecretDecoderRing); + sdr.logoutAndTeardown(); +} + +function dumpLogins(pwmgr) { + var logins = pwmgr.getAllLogins(); + ok(true, "----- dumpLogins: have " + logins.length + " logins. -----"); + for (var i = 0; i < logins.length; i++) + dumpLogin("login #" + i + " --- ", logins[i]); +} + +function dumpLogin(label, login) { + var loginText = ""; + loginText += "host: "; + loginText += login.hostname; + loginText += " / formURL: "; + loginText += login.formSubmitURL; + loginText += " / realm: "; + loginText += login.httpRealm; + loginText += " / user: "; + loginText += login.username; + loginText += " / pass: "; + loginText += login.password; + loginText += " / ufield: "; + loginText += login.usernameField; + loginText += " / pfield: "; + loginText += login.passwordField; + ok(true, label + loginText); +} + +function getRecipeParent() { + var { LoginManagerParent } = SpecialPowers.Cu.import("resource://gre/modules/LoginManagerParent.jsm", {}); + if (!LoginManagerParent.recipeParentPromise) { + return null; + } + return LoginManagerParent.recipeParentPromise.then((recipeParent) => { + return SpecialPowers.wrap(recipeParent); + }); +} + +/** + * Resolves when a specified number of forms have been processed. + */ +function promiseFormsProcessed(expectedCount = 1) { + var processedCount = 0; + return new Promise((resolve, reject) => { + function onProcessedForm(subject, topic, data) { + processedCount++; + if (processedCount == expectedCount) { + SpecialPowers.removeObserver(onProcessedForm, "passwordmgr-processed-form"); + resolve(SpecialPowers.Cu.waiveXrays(subject), data); + } + } + SpecialPowers.addObserver(onProcessedForm, "passwordmgr-processed-form", false); + }); +} + +function loadRecipes(recipes) { + info("Loading recipes"); + return new Promise(resolve => { + chromeScript.addMessageListener("loadedRecipes", function loaded() { + chromeScript.removeMessageListener("loadedRecipes", loaded); + resolve(recipes); + }); + chromeScript.sendAsyncMessage("loadRecipes", recipes); + }); +} + +function resetRecipes() { + info("Resetting recipes"); + return new Promise(resolve => { + chromeScript.addMessageListener("recipesReset", function reset() { + chromeScript.removeMessageListener("recipesReset", reset); + resolve(); + }); + chromeScript.sendAsyncMessage("resetRecipes"); + }); +} + +function promiseStorageChanged(expectedChangeTypes) { + return new Promise((resolve, reject) => { + function onStorageChanged({ topic, data }) { + let changeType = expectedChangeTypes.shift(); + is(data, changeType, "Check expected passwordmgr-storage-changed type"); + if (expectedChangeTypes.length === 0) { + chromeScript.removeMessageListener("storageChanged", onStorageChanged); + resolve(); + } + } + chromeScript.addMessageListener("storageChanged", onStorageChanged); + }); +} + +function promisePromptShown(expectedTopic) { + return new Promise((resolve, reject) => { + function onPromptShown({ topic, data }) { + is(topic, expectedTopic, "Check expected prompt topic"); + chromeScript.removeMessageListener("promptShown", onPromptShown); + resolve(); + } + chromeScript.addMessageListener("promptShown", onPromptShown); + }); +} + +/** + * Run a function synchronously in the parent process and destroy it in the test cleanup function. + * @param {Function|String} aFunctionOrURL - either a function that will be stringified and run + * or the URL to a JS file. + * @return {Object} - the return value of loadChromeScript providing message-related methods. + * @see loadChromeScript in specialpowersAPI.js + */ +function runInParent(aFunctionOrURL) { + let chromeScript = SpecialPowers.loadChromeScript(aFunctionOrURL); + SimpleTest.registerCleanupFunction(() => { + chromeScript.destroy(); + }); + return chromeScript; +} + +/** + * Run commonInit synchronously in the parent then run the test function after the runTests event. + * + * @param {Function} aFunction The test function to run + */ +function runChecksAfterCommonInit(aFunction = null) { + SimpleTest.waitForExplicitFinish(); + let pwmgrCommonScript = runInParent(SimpleTest.getTestFileURL("pwmgr_common.js")); + if (aFunction) { + window.addEventListener("runTests", aFunction); + pwmgrCommonScript.addMessageListener("registerRunTests", () => registerRunTests()); + } + pwmgrCommonScript.sendSyncMessage("setupParent"); + return pwmgrCommonScript; +} + +// Code to run when loaded as a chrome script in tests via loadChromeScript +if (this.addMessageListener) { + const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + var SpecialPowers = { Cc, Ci, Cr, Cu, }; + var ok, is; + // Ignore ok/is in commonInit since they aren't defined in a chrome script. + ok = is = () => {}; // eslint-disable-line no-native-reassign + + Cu.import("resource://gre/modules/LoginHelper.jsm"); + Cu.import("resource://gre/modules/LoginManagerParent.jsm"); + Cu.import("resource://gre/modules/Services.jsm"); + Cu.import("resource://gre/modules/Task.jsm"); + + function onStorageChanged(subject, topic, data) { + sendAsyncMessage("storageChanged", { + topic, + data, + }); + } + Services.obs.addObserver(onStorageChanged, "passwordmgr-storage-changed", false); + + function onPrompt(subject, topic, data) { + sendAsyncMessage("promptShown", { + topic, + data, + }); + } + Services.obs.addObserver(onPrompt, "passwordmgr-prompt-change", false); + Services.obs.addObserver(onPrompt, "passwordmgr-prompt-save", false); + + addMessageListener("setupParent", ({selfFilling = false} = {selfFilling: false}) => { + // Force LoginManagerParent to init for the tests since it's normally delayed + // by apps such as on Android. + LoginManagerParent.init(); + + commonInit(selfFilling); + sendAsyncMessage("doneSetup"); + }); + + addMessageListener("loadRecipes", Task.async(function*(recipes) { + var recipeParent = yield LoginManagerParent.recipeParentPromise; + yield recipeParent.load(recipes); + sendAsyncMessage("loadedRecipes", recipes); + })); + + addMessageListener("resetRecipes", Task.async(function*() { + let recipeParent = yield LoginManagerParent.recipeParentPromise; + yield recipeParent.reset(); + sendAsyncMessage("recipesReset"); + })); + + addMessageListener("proxyLoginManager", msg => { + // Recreate nsILoginInfo objects from vanilla JS objects. + let recreatedArgs = msg.args.map((arg, index) => { + if (msg.loginInfoIndices.includes(index)) { + return LoginHelper.vanillaObjectToLogin(arg); + } + + return arg; + }); + + let rv = Services.logins[msg.methodName](...recreatedArgs); + if (rv instanceof Ci.nsILoginInfo) { + rv = LoginHelper.loginToVanillaObject(rv); + } + return rv; + }); + + var globalMM = Cc["@mozilla.org/globalmessagemanager;1"].getService(Ci.nsIMessageListenerManager); + globalMM.addMessageListener("RemoteLogins:onFormSubmit", function onFormSubmit(message) { + sendAsyncMessage("formSubmissionProcessed", message.data, message.objects); + }); +} else { + // Code to only run in the mochitest pages (not in the chrome script). + SpecialPowers.pushPrefEnv({"set": [["signon.autofillForms.http", true], + ["security.insecure_field_warning.contextual.enabled", false]] + }); + + SimpleTest.registerCleanupFunction(() => { + SpecialPowers.popPrefEnv(); + runInParent(function cleanupParent() { + const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; + Cu.import("resource://gre/modules/Services.jsm"); + Cu.import("resource://gre/modules/LoginManagerParent.jsm"); + + // Remove all logins and disabled hosts + Services.logins.removeAllLogins(); + + let disabledHosts = Services.logins.getAllDisabledHosts(); + disabledHosts.forEach(host => Services.logins.setLoginSavingEnabled(host, true)); + + let authMgr = Cc["@mozilla.org/network/http-auth-manager;1"]. + getService(Ci.nsIHttpAuthManager); + authMgr.clearAll(); + + if (LoginManagerParent._recipeManager) { + LoginManagerParent._recipeManager.reset(); + } + + // Cleanup PopupNotifications (if on a relevant platform) + let chromeWin = Services.wm.getMostRecentWindow("navigator:browser"); + if (chromeWin && chromeWin.PopupNotifications) { + let notes = chromeWin.PopupNotifications._currentNotifications; + if (notes.length > 0) { + dump("Removing " + notes.length + " popup notifications.\n"); + } + for (let note of notes) { + note.remove(); + } + } + }); + }); + + + let { LoginHelper } = SpecialPowers.Cu.import("resource://gre/modules/LoginHelper.jsm", {}); + /** + * Proxy for Services.logins (nsILoginManager). + * Only supports arguments which support structured clone plus {nsILoginInfo} + * Assumes properties are methods. + */ + this.LoginManager = new Proxy({}, { + get(target, prop, receiver) { + return (...args) => { + let loginInfoIndices = []; + let cloneableArgs = args.map((val, index) => { + if (SpecialPowers.call_Instanceof(val, SpecialPowers.Ci.nsILoginInfo)) { + loginInfoIndices.push(index); + return LoginHelper.loginToVanillaObject(val); + } + + return val; + }); + + return chromeScript.sendSyncMessage("proxyLoginManager", { + args: cloneableArgs, + loginInfoIndices, + methodName: prop, + })[0][0]; + }; + }, + }); +} diff --git a/toolkit/components/passwordmgr/test/subtst_master_pass.html b/toolkit/components/passwordmgr/test/subtst_master_pass.html new file mode 100644 index 000000000..20211866a --- /dev/null +++ b/toolkit/components/passwordmgr/test/subtst_master_pass.html @@ -0,0 +1,12 @@ +<h2>MP subtest</h2> +This form triggers a MP and gets filled in.<br> +<form> +Username: <input type="text" id="userfield" name="u"><br> +Password: <input type="password" id="passfield" name="p"><br> +<script> + // Only notify when we fill in the password field. + document.getElementById("passfield").addEventListener("input", function() { + parent.postMessage("filled", "*"); + }); +</script> +</form> diff --git a/toolkit/components/passwordmgr/test/subtst_prompt_async.html b/toolkit/components/passwordmgr/test/subtst_prompt_async.html new file mode 100644 index 000000000..f60f63814 --- /dev/null +++ b/toolkit/components/passwordmgr/test/subtst_prompt_async.html @@ -0,0 +1,12 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Multiple auth request</title> +</head> +<body> + <iframe id="iframe1" src="http://example.com/tests/toolkit/components/passwordmgr/test/authenticate.sjs?r=1&user=user3name&pass=user3pass&realm=mochirealm3&proxy_user=proxy_user2&proxy_pass=proxy_pass2&proxy_realm=proxy_realm2"></iframe> + <iframe id="iframe2" src="http://example.com/tests/toolkit/components/passwordmgr/test/authenticate.sjs?r=2&user=user3name&pass=user3pass&realm=mochirealm3&proxy_user=proxy_user2&proxy_pass=proxy_pass2&proxy_realm=proxy_realm2"></iframe> + <iframe id="iframe3" src="http://example.com/tests/toolkit/components/passwordmgr/test/authenticate.sjs?r=3&user=user3name&pass=user3pass&realm=mochirealm3&proxy_user=proxy_user2&proxy_pass=proxy_pass2&proxy_realm=proxy_realm2"></iframe> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/test_master_password.html b/toolkit/components/passwordmgr/test/test_master_password.html new file mode 100644 index 000000000..c8884811f --- /dev/null +++ b/toolkit/components/passwordmgr/test/test_master_password.html @@ -0,0 +1,308 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for master password</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: master password. +<script> +"use strict"; + +commonInit(); +SimpleTest.waitForExplicitFinish(); +SimpleTest.requestFlakyTimeout("untriaged"); + +var pwmgr = SpecialPowers.Cc["@mozilla.org/login-manager;1"] + .getService(SpecialPowers.Ci.nsILoginManager); +var pwcrypt = SpecialPowers.Cc["@mozilla.org/login-manager/crypto/SDR;1"] + .getService(Ci.nsILoginManagerCrypto); + +var nsLoginInfo = new SpecialPowers.wrap(SpecialPowers.Components).Constructor("@mozilla.org/login-manager/loginInfo;1", Ci.nsILoginInfo); + +var exampleCom = "http://example.com/tests/toolkit/components/passwordmgr/test/"; +var exampleOrg = "http://example.org/tests/toolkit/components/passwordmgr/test/"; + +var login1 = new nsLoginInfo(); +var login2 = new nsLoginInfo(); + +login1.init("http://example.com", "http://example.com", null, + "user1", "pass1", "uname", "pword"); +login2.init("http://example.org", "http://example.org", null, + "user2", "pass2", "uname", "pword"); + +pwmgr.addLogin(login1); +pwmgr.addLogin(login2); +</script> + +<p id="display"></p> + +<div id="content" style="display: none"> +<iframe id="iframe1"></iframe> +<iframe id="iframe2"></iframe> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> +var testNum = 1; +var iframe1 = document.getElementById("iframe1"); +var iframe2 = document.getElementById("iframe2"); + +// A couple of tests have to wait until the password manager gets around to +// filling in the password in the subtest (after we dismiss the master +// password dialog). In order to accomplish this, the test waits for an event +// and then posts a message back up to us telling us to continue. +var continuation = null; +addEventListener("message", () => { + if (continuation) { + var c = continuation; + continuation = null; + c(); + } +}); + +/* + * handleDialog + * + * Invoked a short period of time after calling startCallbackTimer(), and + * allows testing the actual auth dialog while it's being displayed. Tests + * should call startCallbackTimer() each time the auth dialog is expected (the + * timer is a one-shot). + */ +function handleDialog(doc, testNumber) { + ok(true, "handleDialog running for test " + testNumber); + + var clickOK = true; + var doNothing = false; + var passfield = doc.getElementById("password1Textbox"); + var dialog = doc.getElementById("commonDialog"); + + switch (testNumber) { + case 1: + is(passfield.getAttribute("value"), "", "Checking empty prompt"); + passfield.setAttribute("value", masterPassword); + is(passfield.getAttribute("value"), masterPassword, "Checking filled prompt"); + break; + + case 2: + clickOK = false; + break; + + case 3: + is(passfield.getAttribute("value"), "", "Checking empty prompt"); + passfield.setAttribute("value", masterPassword); + break; + + case 4: + doNothing = true; + break; + + case 5: + is(passfield.getAttribute("value"), "", "Checking empty prompt"); + passfield.setAttribute("value", masterPassword); + break; + + default: + ok(false, "Uhh, unhandled switch for testNum #" + testNumber); + break; + } + + didDialog = true; + + if (!doNothing) { + SpecialPowers.addObserver(outerWindowObserver, "outer-window-destroyed", false); + if (clickOK) + dialog.acceptDialog(); + else + dialog.cancelDialog(); + } + + ok(true, "handleDialog done for test " + testNumber); + + if (testNumber == 4) + checkTest4A(); +} + +var outerWindowObserver = { + observe: function(id) { + SpecialPowers.removeObserver(outerWindowObserver, "outer-window-destroyed"); + var func; + if (testNum == 1) + func = startTest2; + else if (testNum == 2) + func = startTest3; + + // For tests 3 and 4C, we use the 'continuation' mechanism, described + // above. + if (func) + setTimeout(func, 300); + } +}; + + +function startTest1() { + ok(pwcrypt.isLoggedIn, "should be initially logged in (no MP)"); + enableMasterPassword(); + ok(!pwcrypt.isLoggedIn, "should be logged out after setting MP"); + + // --- Test 1 --- + // Trigger a MP prompt via the API + startCallbackTimer(); + var logins = pwmgr.getAllLogins(); + ok(didDialog, "handleDialog was invoked"); + is(logins.length, 3, "expected number of logins"); + + ok(pwcrypt.isLoggedIn, "should be logged in after MP prompt"); + logoutMasterPassword(); + ok(!pwcrypt.isLoggedIn, "should be logged out"); +} + +function startTest2() { + // Try again but click cancel. + testNum++; + startCallbackTimer(); + var failedAsExpected = false; + logins = null; + try { + logins = pwmgr.getAllLogins(); + } catch (e) { failedAsExpected = true; } + ok(didDialog, "handleDialog was invoked"); + ok(failedAsExpected, "getAllLogins should have thrown"); + is(logins, null, "shouldn't have gotten logins"); + ok(!pwcrypt.isLoggedIn, "should still be logged out"); +} + +function startTest3() { + // Load a single iframe to trigger a MP + testNum++; + iframe1.src = exampleCom + "subtst_master_pass.html"; + continuation = checkTest3; + startCallbackTimer(); +} + +function checkTest3() { + ok(true, "checkTest3 starting"); + ok(didDialog, "handleDialog was invoked"); + + // check contents of iframe1 fields + var u = SpecialPowers.wrap(iframe1).contentDocument.getElementById("userfield"); + var p = SpecialPowers.wrap(iframe1).contentDocument.getElementById("passfield"); + is(u.value, "user1", "checking expected user to have been filled in"); + is(p.value, "pass1", "checking expected pass to have been filled in"); + + ok(pwcrypt.isLoggedIn, "should be logged in"); + logoutMasterPassword(); + ok(!pwcrypt.isLoggedIn, "should be logged out"); + + + // --- Test 4 --- + // first part of loading 2 MP-triggering iframes + testNum++; + iframe1.src = exampleOrg + "subtst_master_pass.html"; + // start the callback, but we'll not enter the MP, just call checkTest4A + startCallbackTimer(); +} + +function checkTest4A() { + ok(true, "checkTest4A starting"); + ok(didDialog, "handleDialog was invoked"); + + // check contents of iframe1 fields + var u = SpecialPowers.wrap(iframe1).contentDocument.getElementById("userfield"); + var p = SpecialPowers.wrap(iframe1).contentDocument.getElementById("passfield"); + is(u.value, "", "checking expected empty user"); + is(p.value, "", "checking expected empty pass"); + + + ok(!pwcrypt.isLoggedIn, "should be logged out"); + + // XXX check that there's 1 MP window open + + // Load another iframe with a login form + // This should detect that there's already a pending MP prompt, and not + // put up a second one. The load event will fire (note that when pwmgr is + // driven from DOMContentLoaded, if that blocks due to prompting for a MP, + // the load even will also be blocked until the prompt is dismissed). + iframe2.onload = checkTest4B_delay; + iframe2.src = exampleCom + "subtst_master_pass.html"; +} + +function checkTest4B_delay() { + // Testing a negative, wait a little to give the login manager a chance to + // (incorrectly) fill in the form. Note, we cannot use setTimeout() + // here because the modal window suspends all window timers. Instead we + // must use a chrome script to use nsITimer directly. + let chromeURL = SimpleTest.getTestFileURL("chrome_timeout.js"); + let script = SpecialPowers.loadChromeScript(chromeURL); + script.addMessageListener('ready', _ => { + script.sendAsyncMessage('setTimeout', { delay: 500 }); + }); + script.addMessageListener('timeout', checkTest4B); +} + +function checkTest4B() { + ok(true, "checkTest4B starting"); + // iframe2 should load without having triggered a MP prompt (because one + // is already waiting) + + // check contents of iframe2 fields + var u = SpecialPowers.wrap(iframe2).contentDocument.getElementById("userfield"); + var p = SpecialPowers.wrap(iframe2).contentDocument.getElementById("passfield"); + is(u.value, "", "checking expected empty user"); + is(p.value, "", "checking expected empty pass"); + + // XXX check that there's 1 MP window open + ok(!pwcrypt.isLoggedIn, "should be logged out"); + + continuation = checkTest4C; + + // Ok, now enter the MP. The MP prompt is already up, but we'll just reuse startCallBackTimer. + // --- Test 5 --- + testNum++; + startCallbackTimer(); +} + +function checkTest4C() { + ok(true, "checkTest4C starting"); + ok(didDialog, "handleDialog was invoked"); + + // We shouldn't have to worry about iframe1's load event racing with + // filling of iframe2's data. We notify observers synchronously, so + // iframe2's observer will process iframe2 before iframe1 even finishes + // processing the form (which is blocking its load event). + ok(pwcrypt.isLoggedIn, "should be logged in"); + + // check contents of iframe1 fields + var u = SpecialPowers.wrap(iframe1).contentDocument.getElementById("userfield"); + var p = SpecialPowers.wrap(iframe1).contentDocument.getElementById("passfield"); + is(u.value, "user2", "checking expected user to have been filled in"); + is(p.value, "pass2", "checking expected pass to have been filled in"); + + // check contents of iframe2 fields + u = SpecialPowers.wrap(iframe2).contentDocument.getElementById("userfield"); + p = SpecialPowers.wrap(iframe2).contentDocument.getElementById("passfield"); + is(u.value, "user1", "checking expected user to have been filled in"); + is(p.value, "pass1", "checking expected pass to have been filled in"); + + SimpleTest.finish(); +} + +// XXX do a test5ABC with clicking cancel? + +SimpleTest.registerCleanupFunction(function finishTest() { + disableMasterPassword(); + + pwmgr.removeLogin(login1); + pwmgr.removeLogin(login2); +}); + +window.addEventListener("runTests", startTest1); +</script> +</pre> +</body> +</html> + diff --git a/toolkit/components/passwordmgr/test/test_prompt_async.html b/toolkit/components/passwordmgr/test/test_prompt_async.html new file mode 100644 index 000000000..38b34679a --- /dev/null +++ b/toolkit/components/passwordmgr/test/test_prompt_async.html @@ -0,0 +1,540 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for Async Auth Prompt</title> + <script type="text/javascript" src="/MochiKit/MochiKit.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> + + <script class="testbody" type="text/javascript"> + SimpleTest.waitForExplicitFinish(); + SimpleTest.requestFlakyTimeout("untriaged"); + + const { NetUtil } = SpecialPowers.Cu.import('resource://gre/modules/NetUtil.jsm'); + + var prefs = Cc["@mozilla.org/preferences-service;1"]. + getService(Ci.nsIPrefBranch); + prefs.setIntPref("network.auth.subresource-http-auth-allow", 2); + // Class monitoring number of open dialog windows + // It checks there is always open just a single dialog per application + function dialogMonitor() { + var observerService = SpecialPowers.Cc["@mozilla.org/observer-service;1"] + .getService(Ci.nsIObserverService); + observerService.addObserver(this, "domwindowopened", false); + observerService.addObserver(this, "domwindowclosed", false); + } + + /* + * As documented in Bug 718543, checking equality of objects pulled + * from SpecialPowers-wrapped objects is unreliable. Because of that, + * `dialogMonitor` now tracks the number of open windows rather than + * specific window objects. + * + * NB: Because the constructor (above) adds |this| directly as an observer, + * we need to do SpecialPowers.wrapCallbackObject directly on the prototype. + */ + dialogMonitor.prototype = SpecialPowers.wrapCallbackObject({ + windowsOpen : 0, + windowsRegistered : 0, + + QueryInterface : function (iid) { + const interfaces = [Ci.nsIObserver, Ci.nsISupports]; + + if (!interfaces.some( function(v) { return iid.equals(v); } )) + throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE; + return this; + }, + + observe: function(subject, topic, data) { + if (topic === "domwindowopened") { + this.windowsOpen++; + this.windowsRegistered++; + return; + } + if (topic === "domwindowclosed") { + this.windowsOpen--; + return; + } + }, + + shutdown: function() { + var observerService = SpecialPowers.Cc["@mozilla.org/observer-service;1"] + .getService(Ci.nsIObserverService); + observerService.removeObserver(this, "domwindowopened"); + observerService.removeObserver(this, "domwindowclosed"); + }, + + reset: function() { + this.windowsOpen = 0; + this.windowsRegistered = 0; + } + }); + + var monitor = new dialogMonitor(); + + var pwmgr, logins = []; + + function initLogins(pi) { + pwmgr = SpecialPowers.Cc["@mozilla.org/login-manager;1"] + .getService(Ci.nsILoginManager); + + function addLogin(host, realm, user, pass) { + var login = SpecialPowers.Cc["@mozilla.org/login-manager/loginInfo;1"] + .createInstance(Ci.nsILoginInfo); + login.init(host, null, realm, user, pass, "", ""); + pwmgr.addLogin(login); + logins.push(login); + } + + var mozproxy = "moz-proxy://" + + SpecialPowers.wrap(pi).host + ":" + + SpecialPowers.wrap(pi).port; + + addLogin(mozproxy, "proxy_realm", + "proxy_user", "proxy_pass"); + addLogin(mozproxy, "proxy_realm2", + "proxy_user2", "proxy_pass2"); + addLogin(mozproxy, "proxy_realm3", + "proxy_user3", "proxy_pass3"); + addLogin(mozproxy, "proxy_realm4", + "proxy_user4", "proxy_pass4"); + addLogin(mozproxy, "proxy_realm5", + "proxy_user5", "proxy_pass5"); + addLogin("http://example.com", "mochirealm", + "user1name", "user1pass"); + addLogin("http://example.org", "mochirealm2", + "user2name", "user2pass"); + addLogin("http://example.com", "mochirealm3", + "user3name", "user3pass"); + addLogin("http://example.com", "mochirealm4", + "user4name", "user4pass"); + addLogin("http://example.com", "mochirealm5", + "user5name", "user5pass"); + addLogin("http://example.com", "mochirealm6", + "user6name", "user6pass"); + } + + function finishTest() { + ok(true, "finishTest removing testing logins..."); + for (i in logins) + pwmgr.removeLogin(logins[i]); + + var authMgr = SpecialPowers.Cc['@mozilla.org/network/http-auth-manager;1'] + .getService(Ci.nsIHttpAuthManager); + authMgr.clearAll(); + + monitor.shutdown(); + SimpleTest.finish(); + } + + var resolveCallback = SpecialPowers.wrapCallbackObject({ + QueryInterface : function (iid) { + const interfaces = [Ci.nsIProtocolProxyCallback, Ci.nsISupports]; + + if (!interfaces.some( function(v) { return iid.equals(v); } )) + throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE; + return this; + }, + + onProxyAvailable : function (req, uri, pi, status) { + initLogins(pi); + doTest(testNum); + } + }); + + function startup() { + // Need to allow for arbitrary network servers defined in PAC instead of a hardcoded moz-proxy. + var channel = NetUtil.newChannel({ + uri: "http://example.com", + loadUsingSystemPrincipal: true + }); + + var pps = SpecialPowers.Cc["@mozilla.org/network/protocol-proxy-service;1"] + .getService(); + + pps.asyncResolve(channel, 0, resolveCallback); + } + + // --------------- Test loop spin ---------------- + var testNum = 1; + var iframe1; + var iframe2a; + var iframe2b; + window.onload = function () { + iframe1 = document.getElementById("iframe1"); + iframe2a = document.getElementById("iframe2a"); + iframe2b = document.getElementById("iframe2b"); + iframe1.onload = onFrameLoad; + iframe2a.onload = onFrameLoad; + iframe2b.onload = onFrameLoad; + + startup(); + }; + + var expectedLoads; + var expectedDialogs; + function onFrameLoad() + { + if (--expectedLoads == 0) { + // All pages expected to load has loaded, continue with the next test + ok(true, "Expected frames loaded"); + + doCheck(testNum); + monitor.reset(); + + testNum++; + doTest(testNum); + } + } + + function doTest(testNumber) + { + /* + * These contentDocument variables are located here, + * rather than in the global scope, because SpecialPowers threw + * errors (complaining that the objects were deleted) + * when these were in the global scope. + */ + var iframe1Doc = SpecialPowers.wrap(iframe1).contentDocument; + var iframe2aDoc = SpecialPowers.wrap(iframe2a).contentDocument; + var iframe2bDoc = SpecialPowers.wrap(iframe2b).contentDocument; + var exampleCom = "http://example.com/tests/toolkit/components/passwordmgr/test/"; + var exampleOrg = "http://example.org/tests/toolkit/components/passwordmgr/test/"; + + switch (testNumber) + { + case 1: + // Load through a single proxy with authentication required 3 different + // pages, first with one login, other two with their own different login. + // We expect to show just a single dialog for proxy authentication and + // then two dialogs to authenticate to login 1 and then login 2. + ok(true, "doTest testNum 1"); + expectedLoads = 3; + expectedDialogs = 3; + iframe1.src = exampleCom + "authenticate.sjs?" + + "r=1&" + + "user=user1name&" + + "pass=user1pass&" + + "realm=mochirealm&" + + "proxy_user=proxy_user&" + + "proxy_pass=proxy_pass&" + + "proxy_realm=proxy_realm"; + iframe2a.src = exampleOrg + "authenticate.sjs?" + + "r=2&" + + "user=user2name&" + + "pass=user2pass&" + + "realm=mochirealm2&" + + "proxy_user=proxy_user&" + + "proxy_pass=proxy_pass&" + + "proxy_realm=proxy_realm"; + iframe2b.src = exampleOrg + "authenticate.sjs?" + + "r=3&" + + "user=user2name&" + + "pass=user2pass&" + + "realm=mochirealm2&" + + "proxy_user=proxy_user&" + + "proxy_pass=proxy_pass&" + + "proxy_realm=proxy_realm"; + break; + + case 2: + // Load an iframe with 3 subpages all requiring the same login through + // anuthenticated proxy. We expect 2 dialogs, proxy authentication + // and web authentication. + ok(true, "doTest testNum 2"); + expectedLoads = 3; + expectedDialogs = 2; + iframe1.src = exampleCom + "subtst_prompt_async.html"; + iframe2a.src = "about:blank"; + iframe2b.src = "about:blank"; + break; + + case 3: + // Load in the iframe page through unauthenticated proxy + // and discard the proxy authentication. We expect to see + // unauthenticated page content and just a single dialog. + ok(true, "doTest testNum 3"); + expectedLoads = 1; + expectedDialogs = 1; + iframe1.src = exampleCom + "authenticate.sjs?" + + "user=user4name&" + + "pass=user4pass&" + + "realm=mochirealm4&" + + "proxy_user=proxy_user3&" + + "proxy_pass=proxy_pass3&" + + "proxy_realm=proxy_realm3"; + break; + + case 4: + // Reload the frame from previous step and pass the proxy authentication + // but cancel the WWW authentication. We should get the proxy=ok and WWW=fail + // content as a result. + ok(true, "doTest testNum 4"); + expectedLoads = 1; + expectedDialogs = 2; + iframe1.src = exampleCom + "authenticate.sjs?" + + "user=user4name&" + + "pass=user4pass&" + + "realm=mochirealm4&" + + "proxy_user=proxy_user3&" + + "proxy_pass=proxy_pass3&" + + "proxy_realm=proxy_realm3"; + + + break; + + case 5: + // Same as the previous two steps but let the server generate + // huge content load to check http channel is capable to handle + // case when auth dialog is canceled or accepted before unauthenticated + // content data is load from the server. (This would be better to + // implement using delay of server response). + ok(true, "doTest testNum 5"); + expectedLoads = 1; + expectedDialogs = 1; + iframe1.src = exampleCom + "authenticate.sjs?" + + "user=user5name&" + + "pass=user5pass&" + + "realm=mochirealm5&" + + "proxy_user=proxy_user4&" + + "proxy_pass=proxy_pass4&" + + "proxy_realm=proxy_realm4&" + + "huge=1"; + break; + + case 6: + // Reload the frame from the previous step and let the proxy + // authentication pass but WWW fail. We expect two dialogs + // and an unathenticated page content load. + ok(true, "doTest testNum 6"); + expectedLoads = 1; + expectedDialogs = 2; + iframe1.src = exampleCom + "authenticate.sjs?" + + "user=user5name&" + + "pass=user5pass&" + + "realm=mochirealm5&" + + "proxy_user=proxy_user4&" + + "proxy_pass=proxy_pass4&" + + "proxy_realm=proxy_realm4&" + + "huge=1"; + break; + + case 7: + // Reload again and let pass all authentication dialogs. + // Check we get the authenticated content not broken by + // the unauthenticated content. + ok(true, "doTest testNum 7"); + expectedLoads = 1; + expectedDialogs = 1; + iframe1Doc.location.reload(); + break; + + case 8: + // Check we proccess all challenges sent by server when + // user cancels prompts + ok(true, "doTest testNum 8"); + expectedLoads = 1; + expectedDialogs = 5; + iframe1.src = exampleCom + "authenticate.sjs?" + + "user=user6name&" + + "pass=user6pass&" + + "realm=mochirealm6&" + + "proxy_user=proxy_user5&" + + "proxy_pass=proxy_pass5&" + + "proxy_realm=proxy_realm5&" + + "huge=1&" + + "multiple=3"; + break; + + case 9: + finishTest(); + return; + } + + startCallbackTimer(); + } + + function handleDialog(doc, testNumber) + { + var dialog = doc.getElementById("commonDialog"); + + switch (testNumber) + { + case 1: + case 2: + dialog.acceptDialog(); + break; + + case 3: + dialog.cancelDialog(); + setTimeout(onFrameLoad, 10); // there are no successful frames for test 3 + break; + + case 4: + if (expectedDialogs == 2) + dialog.acceptDialog(); + else + dialog.cancelDialog(); + break; + + case 5: + dialog.cancelDialog(); + setTimeout(onFrameLoad, 10); // there are no successful frames for test 5 + break; + + case 6: + if (expectedDialogs == 2) + dialog.acceptDialog(); + else + dialog.cancelDialog(); + break; + + case 7: + dialog.acceptDialog(); + break; + + case 8: + if (expectedDialogs == 3 || expectedDialogs == 1) + dialog.acceptDialog(); + else + dialog.cancelDialog(); + break; + + default: + ok(false, "Unhandled testNum " + testNumber + " in handleDialog"); + } + + if (--expectedDialogs > 0) + startCallbackTimer(); + } + + function doCheck(testNumber) + { + var iframe1Doc = SpecialPowers.wrap(iframe1).contentDocument; + var iframe2aDoc = SpecialPowers.wrap(iframe2a).contentDocument; + var iframe2bDoc = SpecialPowers.wrap(iframe2b).contentDocument; + var authok1; + var proxyok1; + var footnote; + switch (testNumber) + { + case 1: + ok(true, "doCheck testNum 1"); + is(monitor.windowsRegistered, 3, "Registered 3 open dialogs"); + + authok1 = iframe1Doc.getElementById("ok").textContent; + proxyok1 = iframe1Doc.getElementById("proxy").textContent; + + var authok2a = iframe2aDoc.getElementById("ok").textContent; + var proxyok2a = iframe2aDoc.getElementById("proxy").textContent; + + var authok2b = iframe2bDoc.getElementById("ok").textContent; + var proxyok2b = iframe2bDoc.getElementById("proxy").textContent; + + is(authok1, "PASS", "WWW Authorization OK, frame1"); + is(authok2a, "PASS", "WWW Authorization OK, frame2a"); + is(authok2b, "PASS", "WWW Authorization OK, frame2b"); + is(proxyok1, "PASS", "Proxy Authorization OK, frame1"); + is(proxyok2a, "PASS", "Proxy Authorization OK, frame2a"); + is(proxyok2b, "PASS", "Proxy Authorization OK, frame2b"); + break; + + case 2: + is(monitor.windowsRegistered, 2, "Registered 2 open dialogs"); + ok(true, "doCheck testNum 2"); + + function checkIframe(frame) { + var doc = SpecialPowers.wrap(frame).contentDocument; + + var authok = doc.getElementById("ok").textContent; + var proxyok = doc.getElementById("proxy").textContent; + + is(authok, "PASS", "WWW Authorization OK, " + frame.id); + is(proxyok, "PASS", "Proxy Authorization OK, " + frame.id); + } + + checkIframe(iframe1Doc.getElementById("iframe1")); + checkIframe(iframe1Doc.getElementById("iframe2")); + checkIframe(iframe1Doc.getElementById("iframe3")); + break; + + case 3: + ok(true, "doCheck testNum 3"); + is(monitor.windowsRegistered, 1, "Registered 1 open dialog"); + + // ensure that the page content is not displayed on failed proxy auth + is(iframe1Doc.getElementById("ok"), null, "frame did not load"); + break; + + case 4: + ok(true, "doCheck testNum 4"); + is(monitor.windowsRegistered, 2, "Registered 2 open dialogs"); + authok1 = iframe1Doc.getElementById("ok").textContent; + proxyok1 = iframe1Doc.getElementById("proxy").textContent; + + is(authok1, "FAIL", "WWW Authorization FAILED, frame1"); + is(proxyok1, "PASS", "Proxy Authorization OK, frame1"); + break; + + case 5: + ok(true, "doCheck testNum 5"); + is(monitor.windowsRegistered, 1, "Registered 1 open dialog"); + + // ensure that the page content is not displayed on failed proxy auth + is(iframe1Doc.getElementById("footnote"), null, "frame did not load"); + break; + + case 6: + ok(true, "doCheck testNum 6"); + is(monitor.windowsRegistered, 2, "Registered 2 open dialogs"); + authok1 = iframe1Doc.getElementById("ok").textContent; + proxyok1 = iframe1Doc.getElementById("proxy").textContent; + footnote = iframe1Doc.getElementById("footnote").textContent; + + is(authok1, "FAIL", "WWW Authorization FAILED, frame1"); + is(proxyok1, "PASS", "Proxy Authorization OK, frame1"); + is(footnote, "This is a footnote after the huge content fill", + "Footnote present and loaded completely"); + break; + + case 7: + ok(true, "doCheck testNum 7"); + is(monitor.windowsRegistered, 1, "Registered 1 open dialogs"); + authok1 = iframe1Doc.getElementById("ok").textContent; + proxyok1 = iframe1Doc.getElementById("proxy").textContent; + footnote = iframe1Doc.getElementById("footnote").textContent; + + is(authok1, "PASS", "WWW Authorization OK, frame1"); + is(proxyok1, "PASS", "Proxy Authorization OK, frame1"); + is(footnote, "This is a footnote after the huge content fill", + "Footnote present and loaded completely"); + break; + + case 8: + ok(true, "doCheck testNum 8"); + is(monitor.windowsRegistered, 5, "Registered 5 open dialogs"); + authok1 = iframe1Doc.getElementById("ok").textContent; + proxyok1 = iframe1Doc.getElementById("proxy").textContent; + footnote = iframe1Doc.getElementById("footnote").textContent; + + is(authok1, "PASS", "WWW Authorization OK, frame1"); + is(proxyok1, "PASS", "Proxy Authorization OK, frame1"); + is(footnote, "This is a footnote after the huge content fill", + "Footnote present and loaded completely"); + break; + + default: + ok(false, "Unhandled testNum " + testNumber + " in doCheck"); + } + } + + </script> +</head> +<body> + <iframe id="iframe1"></iframe> + <iframe id="iframe2a"></iframe> + <iframe id="iframe2b"></iframe> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/test_xhr.html b/toolkit/components/passwordmgr/test/test_xhr.html new file mode 100644 index 000000000..296371685 --- /dev/null +++ b/toolkit/components/passwordmgr/test/test_xhr.html @@ -0,0 +1,201 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test for XHR prompts</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: XHR prompt +<p id="display"></p> + +<div id="content" style="display: none"> + <iframe id="iframe"></iframe> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: XHR prompts. **/ +var pwmgr, login1, login2; + +function initLogins() { + pwmgr = Cc["@mozilla.org/login-manager;1"]. + getService(Ci.nsILoginManager); + + login1 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + login2 = Cc["@mozilla.org/login-manager/loginInfo;1"]. + createInstance(Ci.nsILoginInfo); + + login1.init("http://mochi.test:8888", null, "xhr", + "xhruser1", "xhrpass1", "", ""); + login2.init("http://mochi.test:8888", null, "xhr2", + "xhruser2", "xhrpass2", "", ""); + + pwmgr.addLogin(login1); + pwmgr.addLogin(login2); +} + +function finishTest() { + ok(true, "finishTest removing testing logins..."); + pwmgr.removeLogin(login1); + pwmgr.removeLogin(login2); + + SimpleTest.finish(); +} + +function handleDialog(doc, testNum) { + ok(true, "handleDialog running for test " + testNum); + + var clickOK = true; + var userfield = doc.getElementById("loginTextbox"); + var passfield = doc.getElementById("password1Textbox"); + var username = userfield.getAttribute("value"); + var password = passfield.getAttribute("value"); + var dialog = doc.getElementById("commonDialog"); + + switch (testNum) { + case 1: + is(username, "xhruser1", "Checking provided username"); + is(password, "xhrpass1", "Checking provided password"); + break; + + case 2: + is(username, "xhruser2", "Checking provided username"); + is(password, "xhrpass2", "Checking provided password"); + + // Check that the dialog is modal, chrome and dependent; + // We can't just check window.opener because that'll be + // a content window, which therefore isn't exposed (it'll lie and + // be null). + var win = doc.defaultView; + var Ci = SpecialPowers.Ci; + var treeOwner = win.QueryInterface(Ci.nsIInterfaceRequestor).getInterface(Ci.nsIWebNavigation). + QueryInterface(Ci.nsIDocShellTreeItem).treeOwner; + treeOwner.QueryInterface(Ci.nsIInterfaceRequestor); + var flags = treeOwner.getInterface(Ci.nsIXULWindow).chromeFlags; + var wbc = treeOwner.getInterface(Ci.nsIWebBrowserChrome); + info("Flags: " + flags); + ok((flags & Ci.nsIWebBrowserChrome.CHROME_OPENAS_CHROME) != 0, + "Dialog should be opened as chrome"); + ok((flags & Ci.nsIWebBrowserChrome.CHROME_OPENAS_DIALOG) != 0, + "Dialog should be opened as a dialog"); + ok((flags & Ci.nsIWebBrowserChrome.CHROME_DEPENDENT) != 0, + "Dialog should be opened as dependent."); + ok(wbc.isWindowModal(), "Dialog should be modal"); + + // Check that the right tab is focused: + var browserWin = SpecialPowers.Services.wm.getMostRecentWindow("navigator:browser"); + var spec = browserWin.gBrowser.selectedBrowser.currentURI.spec; + ok(spec.startsWith("http://mochi.test:8888"), + "Tab with remote URI (rather than about:blank) should be focused (" + spec + ")"); + + + break; + + default: + ok(false, "Uhh, unhandled switch for testNum #" + testNum); + break; + } + + // Explicitly cancel the dialog and report a fail in this failure + // case, rather than letting the dialog get stuck due to an auth + // failure and having the test timeout. + if (!username && !password) { + ok(false, "No values prefilled"); + clickOK = false; + } + + if (clickOK) + dialog.acceptDialog(); + else + dialog.cancelDialog(); + + ok(true, "handleDialog done"); + didDialog = true; +} + +var newWin; +function xhrLoad(xmlDoc) { + ok(true, "xhrLoad running for test " + testNum); + + // The server echos back the user/pass it received. + var username = xmlDoc.getElementById("user").textContent; + var password = xmlDoc.getElementById("pass").textContent; + var authok = xmlDoc.getElementById("ok").textContent; + + + switch (testNum) { + case 1: + is(username, "xhruser1", "Checking provided username"); + is(password, "xhrpass1", "Checking provided password"); + break; + + case 2: + is(username, "xhruser2", "Checking provided username"); + is(password, "xhrpass2", "Checking provided password"); + + newWin.close(); + break; + + default: + ok(false, "Uhh, unhandled switch for testNum #" + testNum); + break; + } + + doTest(); +} + +function doTest() { + switch (++testNum) { + case 1: + startCallbackTimer(); + makeRequest("authenticate.sjs?user=xhruser1&pass=xhrpass1&realm=xhr"); + break; + + case 2: + // Test correct parenting, by opening another tab in the foreground, + // and making sure the prompt re-focuses the original tab when shown: + newWin = window.open(); + newWin.focus(); + startCallbackTimer(); + makeRequest("authenticate.sjs?user=xhruser2&pass=xhrpass2&realm=xhr2"); + break; + + default: + finishTest(); + } +} + +function makeRequest(uri) { + var request = new XMLHttpRequest(); + request.open("GET", uri, true); + request.onreadystatechange = function () { + if (request.readyState == 4) + xhrLoad(request.responseXML); + }; + request.send(null); +} + + +initLogins(); + +// clear plain HTTP auth sessions before the test, to allow +// running them more than once. +var authMgr = SpecialPowers.Cc['@mozilla.org/network/http-auth-manager;1'] + .getService(SpecialPowers.Ci.nsIHttpAuthManager); +authMgr.clearAll(); + +// start the tests +testNum = 0; +doTest(); + +SimpleTest.waitForExplicitFinish(); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/test_xml_load.html b/toolkit/components/passwordmgr/test/test_xml_load.html new file mode 100644 index 000000000..5672c7117 --- /dev/null +++ b/toolkit/components/passwordmgr/test/test_xml_load.html @@ -0,0 +1,191 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test XML document prompts</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="pwmgr_common.js"></script> + <script type="text/javascript" src="prompt_common.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +Login Manager test: XML prompt +<p id="display"></p> + +<div id="content" style="display: none"> + <iframe id="iframe"></iframe> +</div> + +<pre id="test"> +<script class="testbody" type="text/javascript"> + +/** Test for Login Manager: XML prompts. **/ +var pwmgr, login1, login2; + +function initLogins() { + pwmgr = SpecialPowers.Cc["@mozilla.org/login-manager;1"] + .getService(Ci.nsILoginManager); + + login1 = SpecialPowers.Cc["@mozilla.org/login-manager/loginInfo;1"] + .createInstance(Ci.nsILoginInfo); + login2 = SpecialPowers.Cc["@mozilla.org/login-manager/loginInfo;1"] + .createInstance(Ci.nsILoginInfo); + + login1.init("http://mochi.test:8888", null, "xml", + "xmluser1", "xmlpass1", "", ""); + login2.init("http://mochi.test:8888", null, "xml2", + "xmluser2", "xmlpass2", "", ""); + + pwmgr.addLogin(login1); + pwmgr.addLogin(login2); +} + +function handleDialog(doc, testNum) { + ok(true, "handleDialog running for test " + testNum); + + var clickOK = true; + var userfield = doc.getElementById("loginTextbox"); + var passfield = doc.getElementById("password1Textbox"); + var username = userfield.getAttribute("value"); + var password = passfield.getAttribute("value"); + var dialog = doc.getElementById("commonDialog"); + + switch (testNum) { + case 1: + is(username, "xmluser1", "Checking provided username"); + is(password, "xmlpass1", "Checking provided password"); + break; + + case 2: + is(username, "xmluser2", "Checking provided username"); + is(password, "xmlpass2", "Checking provided password"); + + // Check that the dialog is modal, chrome and dependent; + // We can't just check window.opener because that'll be + // a content window, which therefore isn't exposed (it'll lie and + // be null). + var win = doc.defaultView; + var Ci = SpecialPowers.Ci; + var treeOwner = win.QueryInterface(Ci.nsIInterfaceRequestor).getInterface(Ci.nsIWebNavigation). + QueryInterface(Ci.nsIDocShellTreeItem).treeOwner; + treeOwner.QueryInterface(Ci.nsIInterfaceRequestor); + var flags = treeOwner.getInterface(Ci.nsIXULWindow).chromeFlags; + var wbc = treeOwner.getInterface(Ci.nsIWebBrowserChrome); + info("Flags: " + flags); + ok((flags & Ci.nsIWebBrowserChrome.CHROME_OPENAS_CHROME) != 0, + "Dialog should be opened as chrome"); + ok((flags & Ci.nsIWebBrowserChrome.CHROME_OPENAS_DIALOG) != 0, + "Dialog should be opened as a dialog"); + ok((flags & Ci.nsIWebBrowserChrome.CHROME_DEPENDENT) != 0, + "Dialog should be opened as dependent."); + ok(wbc.isWindowModal(), "Dialog should be modal"); + + // Check that the right tab is focused: + var browserWin = SpecialPowers.Services.wm.getMostRecentWindow("navigator:browser"); + var spec = browserWin.gBrowser.selectedBrowser.currentURI.spec; + ok(spec.startsWith("http://mochi.test:8888"), + "Tab with remote URI (rather than about:blank) should be focused (" + spec + ")"); + + break; + + default: + ok(false, "Uhh, unhandled switch for testNum #" + testNum); + break; + } + + // Explicitly cancel the dialog and report a fail in this failure + // case, rather than letting the dialog get stuck due to an auth + // failure and having the test timeout. + if (!username && !password) { + ok(false, "No values prefilled"); + clickOK = false; + } + + if (clickOK) + dialog.acceptDialog(); + else + dialog.cancelDialog(); + + ok(true, "handleDialog done"); + didDialog = true; +} + +var newWin; +function xmlLoad(responseDoc) { + ok(true, "xmlLoad running for test " + testNum); + + // The server echos back the user/pass it received. + var username = responseDoc.getElementById("user").textContent; + var password = responseDoc.getElementById("pass").textContent; + var authok = responseDoc.getElementById("ok").textContent; + + switch (testNum) { + case 1: + is(username, "xmluser1", "Checking provided username"); + is(password, "xmlpass1", "Checking provided password"); + break; + + case 2: + is(username, "xmluser2", "Checking provided username"); + is(password, "xmlpass2", "Checking provided password"); + + newWin.close(); + break; + + default: + ok(false, "Uhh, unhandled switch for testNum #" + testNum); + break; + } + + doTest(); +} + +function doTest() { + switch (++testNum) { + case 1: + startCallbackTimer(); + makeRequest("authenticate.sjs?user=xmluser1&pass=xmlpass1&realm=xml"); + break; + + case 2: + // Test correct parenting, by opening another tab in the foreground, + // and making sure the prompt re-focuses the original tab when shown: + newWin = window.open(); + newWin.focus(); + startCallbackTimer(); + makeRequest("authenticate.sjs?user=xmluser2&pass=xmlpass2&realm=xml2"); + break; + + default: + SimpleTest.finish(); + } +} + +function makeRequest(uri) { + var xmlDoc = document.implementation.createDocument("", "test", null); + + function documentLoaded(e) { + xmlLoad(xmlDoc); + } + xmlDoc.addEventListener("load", documentLoaded, false); + xmlDoc.load(uri); +} + + +initLogins(); + +// clear plain HTTP auth sessions before the test, to allow +// running them more than once. +var authMgr = SpecialPowers.Cc['@mozilla.org/network/http-auth-manager;1'] + .getService(SpecialPowers.Ci.nsIHttpAuthManager); +authMgr.clearAll(); + +// start the tests +testNum = 0; +doTest(); + +SimpleTest.waitForExplicitFinish(); +</script> +</pre> +</body> +</html> diff --git a/toolkit/components/passwordmgr/test/unit/.eslintrc.js b/toolkit/components/passwordmgr/test/unit/.eslintrc.js new file mode 100644 index 000000000..d35787cd2 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/.eslintrc.js @@ -0,0 +1,7 @@ +"use strict"; + +module.exports = { + "extends": [ + "../../../../../testing/xpcshell/xpcshell.eslintrc.js" + ] +}; diff --git a/toolkit/components/passwordmgr/test/unit/data/corruptDB.sqlite b/toolkit/components/passwordmgr/test/unit/data/corruptDB.sqlite Binary files differnew file mode 100644 index 000000000..b234246ca --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/corruptDB.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/key3.db b/toolkit/components/passwordmgr/test/unit/data/key3.db Binary files differnew file mode 100644 index 000000000..a83a0a577 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/key3.db diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v1.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v1.sqlite Binary files differnew file mode 100644 index 000000000..fe030b61f --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v1.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v1v2.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v1v2.sqlite Binary files differnew file mode 100644 index 000000000..729512a12 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v1v2.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v2.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v2.sqlite Binary files differnew file mode 100644 index 000000000..a6c72b31e --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v2.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v2v3.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v2v3.sqlite Binary files differnew file mode 100644 index 000000000..359df5d31 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v2v3.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v3.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v3.sqlite Binary files differnew file mode 100644 index 000000000..918f4142f --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v3.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v3v4.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v3v4.sqlite Binary files differnew file mode 100644 index 000000000..e06c33aae --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v3v4.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v4.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v4.sqlite Binary files differnew file mode 100644 index 000000000..227c09c81 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v4.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v4v5.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v4v5.sqlite Binary files differnew file mode 100644 index 000000000..4534cf255 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v4v5.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v5v6.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v5v6.sqlite Binary files differnew file mode 100644 index 000000000..eb4ee6d01 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v5v6.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v999-2.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v999-2.sqlite Binary files differnew file mode 100644 index 000000000..e09c4f710 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v999-2.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/data/signons-v999.sqlite b/toolkit/components/passwordmgr/test/unit/data/signons-v999.sqlite Binary files differnew file mode 100644 index 000000000..0328a1a02 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/data/signons-v999.sqlite diff --git a/toolkit/components/passwordmgr/test/unit/head.js b/toolkit/components/passwordmgr/test/unit/head.js new file mode 100644 index 000000000..baf958ab4 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/head.js @@ -0,0 +1,135 @@ +/** + * Provides infrastructure for automated login components tests. + */ + +"use strict"; + +// Globals + +let { classes: Cc, interfaces: Ci, utils: Cu, results: Cr } = Components; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/LoginRecipes.jsm"); +Cu.import("resource://gre/modules/LoginHelper.jsm"); +Cu.import("resource://testing-common/MockDocument.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "DownloadPaths", + "resource://gre/modules/DownloadPaths.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "FileUtils", + "resource://gre/modules/FileUtils.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "OS", + "resource://gre/modules/osfile.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "Promise", + "resource://gre/modules/Promise.jsm"); + +const LoginInfo = + Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + "nsILoginInfo", "init"); + +// Import LoginTestUtils.jsm as LoginTestUtils. +XPCOMUtils.defineLazyModuleGetter(this, "LoginTestUtils", + "resource://testing-common/LoginTestUtils.jsm"); +LoginTestUtils.Assert = Assert; +const TestData = LoginTestUtils.testData; +const newPropertyBag = LoginHelper.newPropertyBag; + +/** + * All the tests are implemented with add_task, this starts them automatically. + */ +function run_test() +{ + do_get_profile(); + run_next_test(); +} + +// Global helpers + +// Some of these functions are already implemented in other parts of the source +// tree, see bug 946708 about sharing more code. + +// While the previous test file should have deleted all the temporary files it +// used, on Windows these might still be pending deletion on the physical file +// system. Thus, start from a new base number every time, to make a collision +// with a file that is still pending deletion highly unlikely. +let gFileCounter = Math.floor(Math.random() * 1000000); + +/** + * Returns a reference to a temporary file, that is guaranteed not to exist, and + * to have never been created before. + * + * @param aLeafName + * Suggested leaf name for the file to be created. + * + * @return nsIFile pointing to a non-existent file in a temporary directory. + * + * @note It is not enough to delete the file if it exists, or to delete the file + * after calling nsIFile.createUnique, because on Windows the delete + * operation in the file system may still be pending, preventing a new + * file with the same name to be created. + */ +function getTempFile(aLeafName) +{ + // Prepend a serial number to the extension in the suggested leaf name. + let [base, ext] = DownloadPaths.splitBaseNameAndExtension(aLeafName); + let leafName = base + "-" + gFileCounter + ext; + gFileCounter++; + + // Get a file reference under the temporary directory for this test file. + let file = FileUtils.getFile("TmpD", [leafName]); + do_check_false(file.exists()); + + do_register_cleanup(function () { + if (file.exists()) { + file.remove(false); + } + }); + + return file; +} + +const RecipeHelpers = { + initNewParent() { + return (new LoginRecipesParent({ defaults: null })).initializationPromise; + }, +}; + +// Initialization functions common to all tests + +add_task(function* test_common_initialize() +{ + // Before initializing the service for the first time, we should copy the key + // file required to decrypt the logins contained in the SQLite databases used + // by migration tests. This file is not required for the other tests. + yield OS.File.copy(do_get_file("data/key3.db").path, + OS.Path.join(OS.Constants.Path.profileDir, "key3.db")); + + // Ensure that the service and the storage module are initialized. + yield Services.logins.initializationPromise; + + // Ensure that every test file starts with an empty database. + LoginTestUtils.clearData(); + + // Clean up after every test. + do_register_cleanup(() => LoginTestUtils.clearData()); +}); + +/** + * Compare two FormLike to see if they represent the same information. Elements + * are compared using their @id attribute. + */ +function formLikeEqual(a, b) { + Assert.strictEqual(Object.keys(a).length, Object.keys(b).length, + "Check the formLikes have the same number of properties"); + + for (let propName of Object.keys(a)) { + if (propName == "elements") { + Assert.strictEqual(a.elements.length, b.elements.length, "Check element count"); + for (let i = 0; i < a.elements.length; i++) { + Assert.strictEqual(a.elements[i].id, b.elements[i].id, "Check element " + i + " id"); + } + continue; + } + Assert.strictEqual(a[propName], b[propName], "Compare formLike " + propName + " property"); + } +} diff --git a/toolkit/components/passwordmgr/test/unit/test_OSCrypto_win.js b/toolkit/components/passwordmgr/test/unit/test_OSCrypto_win.js new file mode 100644 index 000000000..94d2e50c0 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_OSCrypto_win.js @@ -0,0 +1,75 @@ +/** + * Tests the OSCrypto object. + */ + +"use strict"; + +// Globals + +XPCOMUtils.defineLazyModuleGetter(this, "OSCrypto", + "resource://gre/modules/OSCrypto.jsm"); + +var crypto = new OSCrypto(); + +// Tests + +add_task(function test_getIELoginHash() +{ + do_check_eq(crypto.getIELoginHash("https://bugzilla.mozilla.org/page.cgi"), + "4A66FE96607885790F8E67B56EEE52AB539BAFB47D"); + + do_check_eq(crypto.getIELoginHash("https://github.com/login"), + "0112F7DCE67B8579EA01367678AA44AB9868B5A143"); + + do_check_eq(crypto.getIELoginHash("https://login.live.com/login.srf"), + "FBF92E5D804C82717A57856533B779676D92903688"); + + do_check_eq(crypto.getIELoginHash("https://preview.c9.io/riadh/w1/pass.1.html"), + "6935CF27628830605927F86AB53831016FC8973D1A"); + + + do_check_eq(crypto.getIELoginHash("https://reviewboard.mozilla.org/account/login/"), + "09141FD287E2E59A8B1D3BB5671537FD3D6B61337A"); + + do_check_eq(crypto.getIELoginHash("https://www.facebook.com/"), + "EF44D3E034009CB0FD1B1D81A1FF3F3335213BD796"); + +}); + +add_task(function test_decryptData_encryptData() +{ + function decryptEncryptTest(key) { + do_check_eq(crypto.decryptData(crypto.encryptData("", key), key), + ""); + + do_check_eq(crypto.decryptData(crypto.encryptData("secret", key), key), + "secret"); + + do_check_eq(crypto.decryptData(crypto.encryptData("https://www.mozilla.org", key), + key), + "https://www.mozilla.org"); + + do_check_eq(crypto.decryptData(crypto.encryptData("https://reviewboard.mozilla.org", key), + key), + "https://reviewboard.mozilla.org"); + + do_check_eq(crypto.decryptData(crypto.encryptData("https://bugzilla.mozilla.org/page.cgi", + key), + key), + "https://bugzilla.mozilla.org/page.cgi"); + } + + let keys = [null, "a", "keys", "abcdedf", "pass", "https://bugzilla.mozilla.org/page.cgi", + "https://login.live.com/login.srf"]; + for (let key of keys) { + decryptEncryptTest(key); + } + let url = "https://twitter.com/"; + let value = [1, 0, 0, 0, 208, 140, 157, 223, 1, 21, 209, 17, 140, 122, 0, 192, 79, 194, 151, 235, 1, 0, 0, 0, 254, 58, 230, 75, 132, 228, 181, 79, 184, 160, 37, 106, 201, 29, 42, 152, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 16, 102, 0, 0, 0, 1, 0, 0, 32, 0, 0, 0, 90, 136, 17, 124, 122, 57, 178, 24, 34, 86, 209, 198, 184, 107, 58, 58, 32, 98, 61, 239, 129, 101, 56, 239, 114, 159, 139, 165, 183, 40, 183, 85, 0, 0, 0, 0, 14, 128, 0, 0, 0, 2, 0, 0, 32, 0, 0, 0, 147, 170, 34, 21, 53, 227, 191, 6, 201, 84, 106, 31, 57, 227, 46, 127, 219, 199, 80, 142, 37, 104, 112, 223, 26, 165, 223, 55, 176, 89, 55, 37, 112, 0, 0, 0, 98, 70, 221, 109, 5, 152, 46, 11, 190, 213, 226, 58, 244, 20, 180, 217, 63, 155, 227, 132, 7, 151, 235, 6, 37, 232, 176, 182, 141, 191, 251, 50, 20, 123, 53, 11, 247, 233, 112, 121, 130, 27, 168, 68, 92, 144, 192, 7, 12, 239, 53, 217, 253, 155, 54, 109, 236, 216, 225, 245, 79, 234, 165, 225, 104, 36, 77, 13, 195, 237, 143, 165, 100, 107, 230, 70, 54, 19, 179, 35, 8, 101, 93, 202, 121, 210, 222, 28, 93, 122, 36, 84, 185, 249, 238, 3, 102, 149, 248, 94, 137, 16, 192, 22, 251, 220, 22, 223, 16, 58, 104, 187, 64, 0, 0, 0, 70, 72, 15, 119, 144, 66, 117, 203, 190, 82, 131, 46, 111, 130, 238, 191, 170, 63, 186, 117, 46, 88, 171, 3, 94, 146, 75, 86, 243, 159, 63, 195, 149, 25, 105, 141, 42, 217, 108, 18, 63, 62, 98, 182, 241, 195, 12, 216, 152, 230, 176, 253, 202, 129, 41, 185, 135, 111, 226, 92, 27, 78, 27, 198]; + + let arr1 = crypto.arrayToString(value); + let arr2 = crypto.stringToArray(crypto.decryptData(crypto.encryptData(arr1, url), url)); + for (let i = 0; i < arr1.length; i++) { + do_check_eq(arr2[i], value[i]); + } +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_context_menu.js b/toolkit/components/passwordmgr/test/unit/test_context_menu.js new file mode 100644 index 000000000..722c13e15 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_context_menu.js @@ -0,0 +1,165 @@ +/* + * Test the password manager context menu. + */ + +"use strict"; + +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/LoginManagerContextMenu.jsm"); + +XPCOMUtils.defineLazyGetter(this, "_stringBundle", function() { + return Services.strings. + createBundle("chrome://passwordmgr/locale/passwordmgr.properties"); +}); + +/** + * Prepare data for the following tests. + */ +add_task(function* test_initialize() { + for (let login of loginList()) { + Services.logins.addLogin(login); + } +}); + +/** + * Tests if the LoginManagerContextMenu returns the correct login items. + */ +add_task(function* test_contextMenuAddAndRemoveLogins() { + const DOCUMENT_CONTENT = "<form><input id='pw' type=password></form>"; + const INPUT_QUERY = "input[type='password']"; + + let testHostnames = [ + "http://www.example.com", + "http://www2.example.com", + "http://www3.example.com", + "http://empty.example.com", + ]; + + for (let hostname of testHostnames) { + do_print("test for hostname: " + hostname); + // Get expected logins for this test. + let logins = getExpectedLogins(hostname); + + // Create the logins menuitems fragment. + let {fragment, document} = createLoginsFragment(hostname, DOCUMENT_CONTENT, INPUT_QUERY); + + if (!logins.length) { + Assert.ok(fragment === null, "Null returned. No logins where found."); + continue; + } + let items = [...fragment.querySelectorAll("menuitem")]; + + // Check if the items are those expected to be listed. + Assert.ok(checkLoginItems(logins, items), "All expected logins found."); + document.body.appendChild(fragment); + + // Try to clear the fragment. + LoginManagerContextMenu.clearLoginsFromMenu(document); + Assert.equal(fragment.querySelectorAll("menuitem").length, 0, "All items correctly cleared."); + } + + Services.logins.removeAllLogins(); +}); + +/** + * Create a fragment with a menuitem for each login. + */ +function createLoginsFragment(url, content, elementQuery) { + const CHROME_URL = "chrome://mock-chrome"; + + // Create a mock document. + let document = MockDocument.createTestDocument(CHROME_URL, content); + let inputElement = document.querySelector(elementQuery); + MockDocument.mockOwnerDocumentProperty(inputElement, document, url); + + // We also need a simple mock Browser object for this test. + let browser = { + ownerDocument: document + }; + + let URI = Services.io.newURI(url, null, null); + return { + document, + fragment: LoginManagerContextMenu.addLoginsToMenu(inputElement, browser, URI), + }; +} + +/** + * Check if every login have it's corresponding menuitem. + * Duplicates and empty usernames have a date appended. + */ +function checkLoginItems(logins, items) { + function findDuplicates(unfilteredLoginList) { + var seen = new Set(); + var duplicates = new Set(); + for (let login of unfilteredLoginList) { + if (seen.has(login.username)) { + duplicates.add(login.username); + } + seen.add(login.username); + } + return duplicates; + } + let duplicates = findDuplicates(logins); + + let dateAndTimeFormatter = new Intl.DateTimeFormat(undefined, + { day: "numeric", month: "short", year: "numeric" }); + for (let login of logins) { + if (login.username && !duplicates.has(login.username)) { + // If login is not duplicate and we can't find an item for it, fail. + if (!items.find(item => item.label == login.username)) { + return false; + } + continue; + } + + let meta = login.QueryInterface(Ci.nsILoginMetaInfo); + let time = dateAndTimeFormatter.format(new Date(meta.timePasswordChanged)); + // If login is duplicate, check if we have a login item with appended date. + if (login.username && !items.find(item => item.label == login.username + " (" + time + ")")) { + return false; + } + // If login is empty, check if we have a login item with appended date. + if (!login.username && + !items.find(item => item.label == _stringBundle.GetStringFromName("noUsername") + " (" + time + ")")) { + return false; + } + } + return true; +} + +/** + * Gets the list of expected logins for a hostname. + */ +function getExpectedLogins(hostname) { + return Services.logins.getAllLogins().filter(entry => entry["hostname"] === hostname); +} + +function loginList() { + return [ + new LoginInfo("http://www.example.com", "http://www.example.com", null, + "username1", "password", + "form_field_username", "form_field_password"), + + new LoginInfo("http://www.example.com", "http://www.example.com", null, + "username2", "password", + "form_field_username", "form_field_password"), + + new LoginInfo("http://www2.example.com", "http://www.example.com", null, + "username", "password", + "form_field_username", "form_field_password"), + new LoginInfo("http://www2.example.com", "http://www2.example.com", null, + "username", "password2", + "form_field_username", "form_field_password"), + new LoginInfo("http://www2.example.com", "http://www2.example.com", null, + "username2", "password2", + "form_field_username", "form_field_password"), + + new LoginInfo("http://www3.example.com", "http://www.example.com", null, + "", "password", + "form_field_username", "form_field_password"), + new LoginInfo("http://www3.example.com", "http://www3.example.com", null, + "", "password2", + "form_field_username", "form_field_password"), + ]; +} diff --git a/toolkit/components/passwordmgr/test/unit/test_dedupeLogins.js b/toolkit/components/passwordmgr/test/unit/test_dedupeLogins.js new file mode 100644 index 000000000..d688a6dbf --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_dedupeLogins.js @@ -0,0 +1,284 @@ +/* + * Test LoginHelper.dedupeLogins + */ + +"use strict"; + +Cu.import("resource://gre/modules/LoginHelper.jsm"); + +const DOMAIN1_HTTP_TO_HTTP_U1_P1 = TestData.formLogin({ + timePasswordChanged: 3000, + timeLastUsed: 2000, +}); +const DOMAIN1_HTTP_TO_HTTP_U1_P2 = TestData.formLogin({ + password: "password two", +}); +const DOMAIN1_HTTP_TO_HTTP_U2_P2 = TestData.formLogin({ + password: "password two", + username: "username two", +}); +const DOMAIN1_HTTPS_TO_HTTPS_U1_P1 = TestData.formLogin({ + formSubmitURL: "http://www.example.com", + hostname: "https://www3.example.com", + timePasswordChanged: 4000, + timeLastUsed: 1000, +}); +const DOMAIN1_HTTPS_TO_EMPTY_U1_P1 = TestData.formLogin({ + formSubmitURL: "", + hostname: "https://www3.example.com", +}); +const DOMAIN1_HTTPS_TO_EMPTYU_P1 = TestData.formLogin({ + hostname: "https://www3.example.com", + username: "", +}); +const DOMAIN1_HTTP_AUTH = TestData.authLogin({ + hostname: "http://www3.example.com", +}); +const DOMAIN1_HTTPS_AUTH = TestData.authLogin({ + hostname: "https://www3.example.com", +}); + + +add_task(function test_dedupeLogins() { + // [description, expectedOutput, dedupe arg. 0, dedupe arg 1, ...] + let testcases = [ + [ + "exact dupes", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + [], // force no resolveBy logic to test behavior of preferring the first.. + ], + [ + "default uniqueKeys is un + pw", + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P2], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P2], + undefined, + [], + ], + [ + "same usernames, different passwords, dedupe username only", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P2], + ["username"], + [], + ], + [ + "same un+pw, different scheme", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + undefined, + [], + ], + [ + "same un+pw, different scheme, reverse order", + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + [], + ], + [ + "same un+pw, different scheme, include hostname", + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + ["hostname", "username", "password"], + [], + ], + [ + "empty username is not deduped with non-empty", + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_EMPTYU_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_EMPTYU_P1], + undefined, + [], + ], + [ + "empty username is deduped with same passwords", + [DOMAIN1_HTTPS_TO_EMPTYU_P1], + [DOMAIN1_HTTPS_TO_EMPTYU_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + ["password"], + [], + ], + [ + "mix of form and HTTP auth", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTP_AUTH], + undefined, + [], + ], + ]; + + for (let tc of testcases) { + let description = tc.shift(); + let expected = tc.shift(); + let actual = LoginHelper.dedupeLogins(...tc); + Assert.strictEqual(actual.length, expected.length, `Check: ${description}`); + for (let [i, login] of expected.entries()) { + Assert.strictEqual(actual[i], login, `Check index ${i}`); + } + } +}); + + +add_task(function* test_dedupeLogins_resolveBy() { + Assert.ok(DOMAIN1_HTTP_TO_HTTP_U1_P1.timeLastUsed > DOMAIN1_HTTPS_TO_HTTPS_U1_P1.timeLastUsed, + "Sanity check timeLastUsed difference"); + Assert.ok(DOMAIN1_HTTP_TO_HTTP_U1_P1.timePasswordChanged < DOMAIN1_HTTPS_TO_HTTPS_U1_P1.timePasswordChanged, + "Sanity check timePasswordChanged difference"); + + let testcases = [ + [ + "default resolveBy is timeLastUsed", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + ], + [ + "default resolveBy is timeLastUsed, reversed input", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + ], + [ + "resolveBy timeLastUsed + timePasswordChanged", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + ["timeLastUsed", "timePasswordChanged"], + ], + [ + "resolveBy timeLastUsed + timePasswordChanged, reversed input", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + undefined, + ["timeLastUsed", "timePasswordChanged"], + ], + [ + "resolveBy timePasswordChanged", + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + ["timePasswordChanged"], + ], + [ + "resolveBy timePasswordChanged, reversed", + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + undefined, + ["timePasswordChanged"], + ], + [ + "resolveBy timePasswordChanged + timeLastUsed", + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + ["timePasswordChanged", "timeLastUsed"], + ], + [ + "resolveBy timePasswordChanged + timeLastUsed, reversed", + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + undefined, + ["timePasswordChanged", "timeLastUsed"], + ], + [ + "resolveBy scheme + timePasswordChanged, prefer HTTP", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + ["scheme", "timePasswordChanged"], + DOMAIN1_HTTP_TO_HTTP_U1_P1.hostname, + ], + [ + "resolveBy scheme + timePasswordChanged, prefer HTTP, reversed input", + [DOMAIN1_HTTP_TO_HTTP_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + undefined, + ["scheme", "timePasswordChanged"], + DOMAIN1_HTTP_TO_HTTP_U1_P1.hostname, + ], + [ + "resolveBy scheme + timePasswordChanged, prefer HTTPS", + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + ["scheme", "timePasswordChanged"], + DOMAIN1_HTTPS_TO_HTTPS_U1_P1.hostname, + ], + [ + "resolveBy scheme + timePasswordChanged, prefer HTTPS, reversed input", + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTP_TO_HTTP_U1_P1, DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + undefined, + ["scheme", "timePasswordChanged"], + DOMAIN1_HTTPS_TO_HTTPS_U1_P1.hostname, + ], + [ + "resolveBy scheme HTTP auth", + [DOMAIN1_HTTPS_AUTH], + [DOMAIN1_HTTP_AUTH, DOMAIN1_HTTPS_AUTH], + undefined, + ["scheme"], + DOMAIN1_HTTPS_AUTH.hostname, + ], + [ + "resolveBy scheme HTTP auth, reversed input", + [DOMAIN1_HTTPS_AUTH], + [DOMAIN1_HTTPS_AUTH, DOMAIN1_HTTP_AUTH], + undefined, + ["scheme"], + DOMAIN1_HTTPS_AUTH.hostname, + ], + [ + "resolveBy scheme, empty form submit URL", + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1], + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTPS_TO_EMPTY_U1_P1], + undefined, + ["scheme"], + DOMAIN1_HTTPS_TO_HTTPS_U1_P1.hostname, + ], + ]; + + for (let tc of testcases) { + let description = tc.shift(); + let expected = tc.shift(); + let actual = LoginHelper.dedupeLogins(...tc); + Assert.strictEqual(actual.length, expected.length, `Check: ${description}`); + for (let [i, login] of expected.entries()) { + Assert.strictEqual(actual[i], login, `Check index ${i}`); + } + } + +}); + +add_task(function* test_dedupeLogins_preferredOriginMissing() { + let testcases = [ + [ + "resolveBy scheme + timePasswordChanged, missing preferredOrigin", + /preferredOrigin/, + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + ["scheme", "timePasswordChanged"], + ], + [ + "resolveBy timePasswordChanged + scheme, missing preferredOrigin", + /preferredOrigin/, + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + ["timePasswordChanged", "scheme"], + ], + [ + "resolveBy scheme + timePasswordChanged, empty preferredOrigin", + /preferredOrigin/, + [DOMAIN1_HTTPS_TO_HTTPS_U1_P1, DOMAIN1_HTTP_TO_HTTP_U1_P1], + undefined, + ["scheme", "timePasswordChanged"], + "", + ], + ]; + + for (let tc of testcases) { + let description = tc.shift(); + let expectedException = tc.shift(); + Assert.throws(() => { + LoginHelper.dedupeLogins(...tc); + }, expectedException, `Check: ${description}`); + } +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_disabled_hosts.js b/toolkit/components/passwordmgr/test/unit/test_disabled_hosts.js new file mode 100644 index 000000000..ff3b7e868 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_disabled_hosts.js @@ -0,0 +1,196 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests getLoginSavingEnabled, setLoginSavingEnabled, and getAllDisabledHosts. + */ + +"use strict"; + +// Tests + +/** + * Tests setLoginSavingEnabled and getAllDisabledHosts. + */ +add_task(function test_setLoginSavingEnabled_getAllDisabledHosts() +{ + // Add some disabled hosts, and verify that different schemes for the same + // domain are considered different hosts. + let hostname1 = "http://disabled1.example.com"; + let hostname2 = "http://disabled2.example.com"; + let hostname3 = "https://disabled2.example.com"; + Services.logins.setLoginSavingEnabled(hostname1, false); + Services.logins.setLoginSavingEnabled(hostname2, false); + Services.logins.setLoginSavingEnabled(hostname3, false); + + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + [hostname1, hostname2, hostname3]); + + // Adding the same host twice should not result in an error. + Services.logins.setLoginSavingEnabled(hostname2, false); + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + [hostname1, hostname2, hostname3]); + + // Removing a disabled host should work. + Services.logins.setLoginSavingEnabled(hostname2, true); + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + [hostname1, hostname3]); + + // Removing the last disabled host should work. + Services.logins.setLoginSavingEnabled(hostname1, true); + Services.logins.setLoginSavingEnabled(hostname3, true); + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + []); +}); + +/** + * Tests setLoginSavingEnabled and getLoginSavingEnabled. + */ +add_task(function test_setLoginSavingEnabled_getLoginSavingEnabled() +{ + let hostname1 = "http://disabled.example.com"; + let hostname2 = "https://disabled.example.com"; + + // Hosts should not be disabled by default. + do_check_true(Services.logins.getLoginSavingEnabled(hostname1)); + do_check_true(Services.logins.getLoginSavingEnabled(hostname2)); + + // Test setting initial values. + Services.logins.setLoginSavingEnabled(hostname1, false); + Services.logins.setLoginSavingEnabled(hostname2, true); + do_check_false(Services.logins.getLoginSavingEnabled(hostname1)); + do_check_true(Services.logins.getLoginSavingEnabled(hostname2)); + + // Test changing values. + Services.logins.setLoginSavingEnabled(hostname1, true); + Services.logins.setLoginSavingEnabled(hostname2, false); + do_check_true(Services.logins.getLoginSavingEnabled(hostname1)); + do_check_false(Services.logins.getLoginSavingEnabled(hostname2)); + + // Clean up. + Services.logins.setLoginSavingEnabled(hostname2, true); +}); + +/** + * Tests setLoginSavingEnabled with invalid NUL characters in the hostname. + */ +add_task(function test_setLoginSavingEnabled_invalid_characters() +{ + let hostname = "http://null\0X.example.com"; + Assert.throws(() => Services.logins.setLoginSavingEnabled(hostname, false), + /Invalid hostname/); + + // Verify that no data was stored by the previous call. + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + []); +}); + +/** + * Tests different values of the "signon.rememberSignons" property. + */ +add_task(function test_rememberSignons() +{ + let hostname1 = "http://example.com"; + let hostname2 = "http://localhost"; + + // The default value for the preference should be true. + do_check_true(Services.prefs.getBoolPref("signon.rememberSignons")); + + // Hosts should not be disabled by default. + Services.logins.setLoginSavingEnabled(hostname1, false); + do_check_false(Services.logins.getLoginSavingEnabled(hostname1)); + do_check_true(Services.logins.getLoginSavingEnabled(hostname2)); + + // Disable storage of saved passwords globally. + Services.prefs.setBoolPref("signon.rememberSignons", false); + do_register_cleanup( + () => Services.prefs.clearUserPref("signon.rememberSignons")); + + // All hosts should now appear disabled. + do_check_false(Services.logins.getLoginSavingEnabled(hostname1)); + do_check_false(Services.logins.getLoginSavingEnabled(hostname2)); + + // The list of disabled hosts should be unaltered. + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + [hostname1]); + + // Changing values with the preference set should work. + Services.logins.setLoginSavingEnabled(hostname1, true); + Services.logins.setLoginSavingEnabled(hostname2, false); + + // All hosts should still appear disabled. + do_check_false(Services.logins.getLoginSavingEnabled(hostname1)); + do_check_false(Services.logins.getLoginSavingEnabled(hostname2)); + + // The list of disabled hosts should have been changed. + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + [hostname2]); + + // Enable storage of saved passwords again. + Services.prefs.setBoolPref("signon.rememberSignons", true); + + // Hosts should now appear enabled as requested. + do_check_true(Services.logins.getLoginSavingEnabled(hostname1)); + do_check_false(Services.logins.getLoginSavingEnabled(hostname2)); + + // Clean up. + Services.logins.setLoginSavingEnabled(hostname2, true); + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + []); +}); + +/** + * Tests storing disabled hosts with non-ASCII characters where IDN is supported. + */ +add_task(function* test_storage_setLoginSavingEnabled_nonascii_IDN_is_supported() +{ + let hostname = "http://大.net"; + let encoding = "http://xn--pss.net"; + + // Test adding disabled host with nonascii URL (http://大.net). + Services.logins.setLoginSavingEnabled(hostname, false); + yield* LoginTestUtils.reloadData(); + Assert.equal(Services.logins.getLoginSavingEnabled(hostname), false); + Assert.equal(Services.logins.getLoginSavingEnabled(encoding), false); + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), [hostname]); + + LoginTestUtils.clearData(); + + // Test adding disabled host with IDN ("http://xn--pss.net"). + Services.logins.setLoginSavingEnabled(encoding, false); + yield* LoginTestUtils.reloadData(); + Assert.equal(Services.logins.getLoginSavingEnabled(hostname), false); + Assert.equal(Services.logins.getLoginSavingEnabled(encoding), false); + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), [hostname]); + + LoginTestUtils.clearData(); +}); + +/** + * Tests storing disabled hosts with non-ASCII characters where IDN is not supported. + */ +add_task(function* test_storage_setLoginSavingEnabled_nonascii_IDN_not_supported() +{ + let hostname = "http://√.com"; + let encoding = "http://xn--19g.com"; + + // Test adding disabled host with nonascii URL (http://√.com). + Services.logins.setLoginSavingEnabled(hostname, false); + yield* LoginTestUtils.reloadData(); + Assert.equal(Services.logins.getLoginSavingEnabled(hostname), false); + Assert.equal(Services.logins.getLoginSavingEnabled(encoding), false); + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), [encoding]); + + LoginTestUtils.clearData(); + + // Test adding disabled host with IDN ("http://xn--19g.com"). + Services.logins.setLoginSavingEnabled(encoding, false); + yield* LoginTestUtils.reloadData(); + Assert.equal(Services.logins.getLoginSavingEnabled(hostname), false); + Assert.equal(Services.logins.getLoginSavingEnabled(encoding), false); + LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), [encoding]); + + LoginTestUtils.clearData(); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_getFormFields.js b/toolkit/components/passwordmgr/test/unit/test_getFormFields.js new file mode 100644 index 000000000..46912ab8f --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_getFormFields.js @@ -0,0 +1,147 @@ +/* + * Test for LoginManagerContent._getFormFields. + */ + +"use strict"; + +// Services.prefs.setBoolPref("signon.debug", true); + +Cu.importGlobalProperties(["URL"]); + +const LMCBackstagePass = Cu.import("resource://gre/modules/LoginManagerContent.jsm"); +const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass; +const TESTCASES = [ + { + description: "1 password field outside of a <form>", + document: `<input id="pw1" type=password>`, + returnedFieldIDs: [null, "pw1", null], + skipEmptyFields: undefined, + }, + { + description: "1 text field outside of a <form> without a password field", + document: `<input id="un1">`, + returnedFieldIDs: [null, null, null], + skipEmptyFields: undefined, + }, + { + description: "1 username & password field outside of a <form>", + document: `<input id="un1"> + <input id="pw1" type=password>`, + returnedFieldIDs: ["un1", "pw1", null], + skipEmptyFields: undefined, + }, + { + description: "1 username & password field in a <form>", + document: `<form> + <input id="un1"> + <input id="pw1" type=password> + </form>`, + returnedFieldIDs: ["un1", "pw1", null], + skipEmptyFields: undefined, + }, + { + description: "4 empty password fields outside of a <form>", + document: `<input id="pw1" type=password> + <input id="pw2" type=password> + <input id="pw3" type=password> + <input id="pw4" type=password>`, + returnedFieldIDs: [null, null, null], + skipEmptyFields: undefined, + }, + { + description: "4 password fields outside of a <form> (1 empty, 3 full) with skipEmpty", + document: `<input id="pw1" type=password> + <input id="pw2" type=password value="pass2"> + <input id="pw3" type=password value="pass3"> + <input id="pw4" type=password value="pass4">`, + returnedFieldIDs: [null, null, null], + skipEmptyFields: true, + }, + { + description: "Form with 1 password field", + document: `<form><input id="pw1" type=password></form>`, + returnedFieldIDs: [null, "pw1", null], + skipEmptyFields: undefined, + }, + { + description: "Form with 2 password fields", + document: `<form><input id="pw1" type=password><input id='pw2' type=password></form>`, + returnedFieldIDs: [null, "pw1", null], + skipEmptyFields: undefined, + }, + { + description: "1 password field in a form, 1 outside (not processed)", + document: `<form><input id="pw1" type=password></form><input id="pw2" type=password>`, + returnedFieldIDs: [null, "pw1", null], + skipEmptyFields: undefined, + }, + { + description: "1 password field in a form, 1 text field outside (not processed)", + document: `<form><input id="pw1" type=password></form><input>`, + returnedFieldIDs: [null, "pw1", null], + skipEmptyFields: undefined, + }, + { + description: "1 text field in a form, 1 password field outside (not processed)", + document: `<form><input></form><input id="pw1" type=password>`, + returnedFieldIDs: [null, null, null], + skipEmptyFields: undefined, + }, + { + description: "2 password fields outside of a <form> with 1 linked via @form", + document: `<input id="pw1" type=password><input id="pw2" type=password form='form1'> + <form id="form1"></form>`, + returnedFieldIDs: [null, "pw1", null], + skipEmptyFields: undefined, + }, + { + description: "2 password fields outside of a <form> with 1 linked via @form + skipEmpty", + document: `<input id="pw1" type=password><input id="pw2" type=password form="form1"> + <form id="form1"></form>`, + returnedFieldIDs: [null, null, null], + skipEmptyFields: true, + }, + { + description: "2 password fields outside of a <form> with 1 linked via @form + skipEmpty with 1 empty", + document: `<input id="pw1" type=password value="pass1"><input id="pw2" type=password form="form1"> + <form id="form1"></form>`, + returnedFieldIDs: [null, "pw1", null], + skipEmptyFields: true, + }, +]; + +for (let tc of TESTCASES) { + do_print("Sanity checking the testcase: " + tc.description); + + (function() { + let testcase = tc; + add_task(function*() { + do_print("Starting testcase: " + testcase.description); + let document = MockDocument.createTestDocument("http://localhost:8080/test/", + testcase.document); + + let input = document.querySelector("input"); + MockDocument.mockOwnerDocumentProperty(input, document, "http://localhost:8080/test/"); + + let formLike = LoginFormFactory.createFromField(input); + + let actual = LoginManagerContent._getFormFields(formLike, + testcase.skipEmptyFields, + new Set()); + + Assert.strictEqual(testcase.returnedFieldIDs.length, 3, + "_getFormFields returns 3 elements"); + + for (let i = 0; i < testcase.returnedFieldIDs.length; i++) { + let expectedID = testcase.returnedFieldIDs[i]; + if (expectedID === null) { + Assert.strictEqual(actual[i], expectedID, + "Check returned field " + i + " is null"); + } else { + Assert.strictEqual(actual[i].id, expectedID, + "Check returned field " + i + " ID"); + } + } + }); + })(); +} diff --git a/toolkit/components/passwordmgr/test/unit/test_getPasswordFields.js b/toolkit/components/passwordmgr/test/unit/test_getPasswordFields.js new file mode 100644 index 000000000..08fa422ab --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_getPasswordFields.js @@ -0,0 +1,156 @@ +/* + * Test for LoginManagerContent._getPasswordFields using LoginFormFactory. + */ + +"use strict"; + +const LMCBackstagePass = Cu.import("resource://gre/modules/LoginManagerContent.jsm"); +const { LoginManagerContent, LoginFormFactory } = LMCBackstagePass; +const TESTCASES = [ + { + description: "Empty document", + document: ``, + returnedFieldIDsByFormLike: [], + skipEmptyFields: undefined, + }, + { + description: "Non-password input with no <form> present", + document: `<input>`, + // Only the IDs of password fields should be in this array + returnedFieldIDsByFormLike: [[]], + skipEmptyFields: undefined, + }, + { + description: "1 password field outside of a <form>", + document: `<input id="pw1" type=password>`, + returnedFieldIDsByFormLike: [["pw1"]], + skipEmptyFields: undefined, + }, + { + description: "4 empty password fields outside of a <form>", + document: `<input id="pw1" type=password> + <input id="pw2" type=password> + <input id="pw3" type=password> + <input id="pw4" type=password>`, + returnedFieldIDsByFormLike: [[]], + skipEmptyFields: undefined, + }, + { + description: "4 password fields outside of a <form> (1 empty, 3 full) with skipEmpty", + document: `<input id="pw1" type=password> + <input id="pw2" type=password value="pass2"> + <input id="pw3" type=password value="pass3"> + <input id="pw4" type=password value="pass4">`, + returnedFieldIDsByFormLike: [["pw2", "pw3", "pw4"]], + skipEmptyFields: true, + }, + { + description: "Form with 1 password field", + document: `<form><input id="pw1" type=password></form>`, + returnedFieldIDsByFormLike: [["pw1"]], + skipEmptyFields: undefined, + }, + { + description: "Form with 2 password fields", + document: `<form><input id="pw1" type=password><input id='pw2' type=password></form>`, + returnedFieldIDsByFormLike: [["pw1", "pw2"]], + skipEmptyFields: undefined, + }, + { + description: "1 password field in a form, 1 outside", + document: `<form><input id="pw1" type=password></form><input id="pw2" type=password>`, + returnedFieldIDsByFormLike: [["pw1"], ["pw2"]], + skipEmptyFields: undefined, + }, + { + description: "2 password fields outside of a <form> with 1 linked via @form", + document: `<input id="pw1" type=password><input id="pw2" type=password form='form1'> + <form id="form1"></form>`, + returnedFieldIDsByFormLike: [["pw1"], ["pw2"]], + skipEmptyFields: undefined, + }, + { + description: "2 password fields outside of a <form> with 1 linked via @form + skipEmpty", + document: `<input id="pw1" type=password><input id="pw2" type=password form="form1"> + <form id="form1"></form>`, + returnedFieldIDsByFormLike: [[], []], + skipEmptyFields: true, + }, + { + description: "skipEmptyFields should also skip white-space only fields", + document: `<input id="pw-space" type=password value=" "> + <input id="pw-tab" type=password value=" "> + <input id="pw-newline" type=password form="form1" value=" +"> + <form id="form1"></form>`, + returnedFieldIDsByFormLike: [[], []], + skipEmptyFields: true, + }, + { + description: "2 password fields outside of a <form> with 1 linked via @form + skipEmpty with 1 empty", + document: `<input id="pw1" type=password value=" pass1 "><input id="pw2" type=password form="form1"> + <form id="form1"></form>`, + returnedFieldIDsByFormLike: [["pw1"], []], + skipEmptyFields: true, + }, +]; + +for (let tc of TESTCASES) { + do_print("Sanity checking the testcase: " + tc.description); + + (function() { + let testcase = tc; + add_task(function*() { + do_print("Starting testcase: " + testcase.description); + let document = MockDocument.createTestDocument("http://localhost:8080/test/", + testcase.document); + + let mapRootElementToFormLike = new Map(); + for (let input of document.querySelectorAll("input")) { + let formLike = LoginFormFactory.createFromField(input); + let existingFormLike = mapRootElementToFormLike.get(formLike.rootElement); + if (!existingFormLike) { + mapRootElementToFormLike.set(formLike.rootElement, formLike); + continue; + } + + // If the formLike is already present, ensure that the properties are the same. + do_print("Checking if the new FormLike for the same root has the same properties"); + formLikeEqual(formLike, existingFormLike); + } + + Assert.strictEqual(mapRootElementToFormLike.size, testcase.returnedFieldIDsByFormLike.length, + "Check the correct number of different formLikes were returned"); + + let formLikeIndex = -1; + for (let formLikeFromInput of mapRootElementToFormLike.values()) { + formLikeIndex++; + let pwFields = LoginManagerContent._getPasswordFields(formLikeFromInput, + testcase.skipEmptyFields); + + if (formLikeFromInput.rootElement instanceof Ci.nsIDOMHTMLFormElement) { + let formLikeFromForm = LoginFormFactory.createFromForm(formLikeFromInput.rootElement); + do_print("Checking that the FormLike created for the <form> matches" + + " the one from a password field"); + formLikeEqual(formLikeFromInput, formLikeFromForm); + } + + + if (testcase.returnedFieldIDsByFormLike[formLikeIndex].length === 0) { + Assert.strictEqual(pwFields, null, + "If no password fields were found null should be returned"); + } else { + Assert.strictEqual(pwFields.length, + testcase.returnedFieldIDsByFormLike[formLikeIndex].length, + "Check the # of password fields for formLike #" + formLikeIndex); + } + + for (let i = 0; i < testcase.returnedFieldIDsByFormLike[formLikeIndex].length; i++) { + let expectedID = testcase.returnedFieldIDsByFormLike[formLikeIndex][i]; + Assert.strictEqual(pwFields[i].element.id, expectedID, + "Check password field " + i + " ID"); + } + } + }); + })(); +} diff --git a/toolkit/components/passwordmgr/test/unit/test_getPasswordOrigin.js b/toolkit/components/passwordmgr/test/unit/test_getPasswordOrigin.js new file mode 100644 index 000000000..f2773ec62 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_getPasswordOrigin.js @@ -0,0 +1,28 @@ +/* + * Test for LoginUtils._getPasswordOrigin + */ + +"use strict"; + +const LMCBackstagePass = Cu.import("resource://gre/modules/LoginManagerContent.jsm"); +const TESTCASES = [ + ["javascript:void(0);", null], + ["javascript:void(0);", "javascript:", true], + ["chrome://MyAccount", null], + ["data:text/html,example", null], + ["http://username:password@example.com:80/foo?bar=baz#fragment", "http://example.com", true], + ["http://127.0.0.1:80/foo", "http://127.0.0.1"], + ["http://[::1]:80/foo", "http://[::1]"], + ["http://example.com:8080/foo", "http://example.com:8080"], + ["http://127.0.0.1:8080/foo", "http://127.0.0.1:8080", true], + ["http://[::1]:8080/foo", "http://[::1]:8080"], + ["https://example.com:443/foo", "https://example.com"], + ["https://[::1]:443/foo", "https://[::1]"], + ["https://[::1]:8443/foo", "https://[::1]:8443"], + ["ftp://username:password@[::1]:2121/foo", "ftp://[::1]:2121"], +]; + +for (let [input, expected, allowJS] of TESTCASES) { + let actual = LMCBackstagePass.LoginUtils._getPasswordOrigin(input, allowJS); + Assert.strictEqual(actual, expected, "Checking: " + input); +} diff --git a/toolkit/components/passwordmgr/test/unit/test_isOriginMatching.js b/toolkit/components/passwordmgr/test/unit/test_isOriginMatching.js new file mode 100644 index 000000000..660910dff --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_isOriginMatching.js @@ -0,0 +1,40 @@ +/* + * Test LoginHelper.isOriginMatching + */ + +"use strict"; + +Cu.import("resource://gre/modules/LoginHelper.jsm"); + +add_task(function test_isOriginMatching() { + let testcases = [ + // Index 0 holds the expected return value followed by arguments to isOriginMatching. + [true, "http://example.com", "http://example.com"], + [true, "http://example.com:8080", "http://example.com:8080"], + [true, "https://example.com", "https://example.com"], + [true, "https://example.com:8443", "https://example.com:8443"], + [false, "http://example.com", "http://mozilla.org"], + [false, "http://example.com", "http://example.com:8080"], + [false, "https://example.com", "http://example.com"], + [false, "https://example.com", "https://mozilla.org"], + [false, "http://example.com", "http://sub.example.com"], + [false, "https://example.com", "https://sub.example.com"], + [false, "http://example.com", "https://example.com:8443"], + [false, "http://example.com:8080", "http://example.com:8081"], + [false, "http://example.com", ""], + [false, "", "http://example.com"], + [true, "http://example.com", "https://example.com", { schemeUpgrades: true }], + [true, "https://example.com", "https://example.com", { schemeUpgrades: true }], + [true, "http://example.com:8080", "http://example.com:8080", { schemeUpgrades: true }], + [true, "https://example.com:8443", "https://example.com:8443", { schemeUpgrades: true }], + [false, "https://example.com", "http://example.com", { schemeUpgrades: true }], // downgrade + [false, "http://example.com:8080", "https://example.com", { schemeUpgrades: true }], // port mismatch + [false, "http://example.com", "https://example.com:8443", { schemeUpgrades: true }], // port mismatch + [false, "http://sub.example.com", "http://example.com", { schemeUpgrades: true }], + ]; + for (let tc of testcases) { + let expected = tc.shift(); + Assert.strictEqual(LoginHelper.isOriginMatching(...tc), expected, + "Check " + JSON.stringify(tc)); + } +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_legacy_empty_formSubmitURL.js b/toolkit/components/passwordmgr/test/unit/test_legacy_empty_formSubmitURL.js new file mode 100644 index 000000000..4e16aa267 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_legacy_empty_formSubmitURL.js @@ -0,0 +1,107 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests the legacy case of a login store containing entries that have an empty + * string in the formSubmitURL field. + * + * In normal conditions, for the purpose of login autocomplete, HTML forms are + * identified using both the prePath of the URI on which they are located, and + * the prePath of the URI where the data will be submitted. This is represented + * by the hostname and formSubmitURL properties of the stored nsILoginInfo. + * + * When a new login for use in forms is saved (after the user replies to the + * password prompt), it is always stored with both the hostname and the + * formSubmitURL (that will be equal to the hostname when the form has no + * "action" attribute). + * + * When the same form is displayed again, the password is autocompleted. If + * there is another form on the same site that submits to a different site, it + * is considered a different form, so the password is not autocompleted, but a + * new password can be stored for the other form. + * + * However, the login database might contain data for an nsILoginInfo that has a + * valid hostname, but an empty formSubmitURL. This means that the login + * applies to all forms on the site, regardless of where they submit data to. + * + * A site can have at most one such login, and in case it is present, then it is + * not possible to store separate logins for forms on the same site that submit + * data to different sites. + * + * The only way to have such condition is to be using logins that were initially + * saved by a very old version of the browser, or because of data manually added + * by an extension in an old version. + */ + +"use strict"; + +// Tests + +/** + * Adds a login with an empty formSubmitURL, then it verifies that no other + * form logins can be added for the same host. + */ +add_task(function test_addLogin_wildcard() +{ + let loginInfo = TestData.formLogin({ hostname: "http://any.example.com", + formSubmitURL: "" }); + Services.logins.addLogin(loginInfo); + + // Normal form logins cannot be added anymore. + loginInfo = TestData.formLogin({ hostname: "http://any.example.com" }); + Assert.throws(() => Services.logins.addLogin(loginInfo), /already exists/); + + // Authentication logins can still be added. + loginInfo = TestData.authLogin({ hostname: "http://any.example.com" }); + Services.logins.addLogin(loginInfo); + + // Form logins can be added for other hosts. + loginInfo = TestData.formLogin({ hostname: "http://other.example.com" }); + Services.logins.addLogin(loginInfo); +}); + +/** + * Verifies that findLogins, searchLogins, and countLogins include all logins + * that have an empty formSubmitURL in the store, even when a formSubmitURL is + * specified. + */ +add_task(function test_search_all_wildcard() +{ + // Search a given formSubmitURL on any host. + let matchData = newPropertyBag({ formSubmitURL: "http://www.example.com" }); + do_check_eq(Services.logins.searchLogins({}, matchData).length, 2); + + do_check_eq(Services.logins.findLogins({}, "", "http://www.example.com", + null).length, 2); + + do_check_eq(Services.logins.countLogins("", "http://www.example.com", + null), 2); + + // Restrict the search to one host. + matchData.setProperty("hostname", "http://any.example.com"); + do_check_eq(Services.logins.searchLogins({}, matchData).length, 1); + + do_check_eq(Services.logins.findLogins({}, "http://any.example.com", + "http://www.example.com", + null).length, 1); + + do_check_eq(Services.logins.countLogins("http://any.example.com", + "http://www.example.com", + null), 1); +}); + +/** + * Verifies that specifying an empty string for formSubmitURL in searchLogins + * includes only logins that have an empty formSubmitURL in the store. + */ +add_task(function test_searchLogins_wildcard() +{ + let logins = Services.logins.searchLogins({}, + newPropertyBag({ formSubmitURL: "" })); + + let loginInfo = TestData.formLogin({ hostname: "http://any.example.com", + formSubmitURL: "" }); + LoginTestUtils.assertLoginListsEqual(logins, [loginInfo]); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_legacy_validation.js b/toolkit/components/passwordmgr/test/unit/test_legacy_validation.js new file mode 100644 index 000000000..709bc9818 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_legacy_validation.js @@ -0,0 +1,76 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests the legacy validation made when storing nsILoginInfo or disabled hosts. + * + * These rules exist because of limitations of the "signons.txt" storage file, + * that is not used anymore. They are still enforced by the Login Manager + * service, despite these values can now be safely stored in the back-end. + */ + +"use strict"; + +// Tests + +/** + * Tests legacy validation with addLogin. + */ +add_task(function test_addLogin_invalid_characters_legacy() +{ + // Test newlines and carriage returns in properties that contain URLs. + for (let testValue of ["http://newline\n.example.com", + "http://carriagereturn.example.com\r"]) { + let loginInfo = TestData.formLogin({ hostname: testValue }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /login values can't contain newlines/); + + loginInfo = TestData.formLogin({ formSubmitURL: testValue }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /login values can't contain newlines/); + + loginInfo = TestData.authLogin({ httpRealm: testValue }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /login values can't contain newlines/); + } + + // Test newlines and carriage returns in form field names. + for (let testValue of ["newline_field\n", "carriagereturn\r_field"]) { + let loginInfo = TestData.formLogin({ usernameField: testValue }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /login values can't contain newlines/); + + loginInfo = TestData.formLogin({ passwordField: testValue }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /login values can't contain newlines/); + } + + // Test a single dot as the value of usernameField and formSubmitURL. + let loginInfo = TestData.formLogin({ usernameField: "." }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /login values can't be periods/); + + loginInfo = TestData.formLogin({ formSubmitURL: "." }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /login values can't be periods/); + + // Test the sequence " (" inside the value of the "hostname" property. + loginInfo = TestData.formLogin({ hostname: "http://parens (.example.com" }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /bad parens in hostname/); +}); + +/** + * Tests legacy validation with setLoginSavingEnabled. + */ +add_task(function test_setLoginSavingEnabled_invalid_characters_legacy() +{ + for (let hostname of ["http://newline\n.example.com", + "http://carriagereturn.example.com\r", + "."]) { + Assert.throws(() => Services.logins.setLoginSavingEnabled(hostname, false), + /Invalid hostname/); + } +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_change.js b/toolkit/components/passwordmgr/test/unit/test_logins_change.js new file mode 100644 index 000000000..79c6d2f54 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_logins_change.js @@ -0,0 +1,384 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests methods that add, remove, and modify logins. + */ + +"use strict"; + +// Globals + +/** + * Verifies that the specified login is considered invalid by addLogin and by + * modifyLogin with both nsILoginInfo and nsIPropertyBag arguments. + * + * This test requires that the login store is empty. + * + * @param aLoginInfo + * nsILoginInfo corresponding to an invalid login. + * @param aExpectedError + * This argument is passed to the "Assert.throws" test to determine which + * error is expected from the modification functions. + */ +function checkLoginInvalid(aLoginInfo, aExpectedError) +{ + // Try to add the new login, and verify that no data is stored. + Assert.throws(() => Services.logins.addLogin(aLoginInfo), aExpectedError); + LoginTestUtils.checkLogins([]); + + // Add a login for the modification tests. + let testLogin = TestData.formLogin({ hostname: "http://modify.example.com" }); + Services.logins.addLogin(testLogin); + + // Try to modify the existing login using nsILoginInfo and nsIPropertyBag. + Assert.throws(() => Services.logins.modifyLogin(testLogin, aLoginInfo), + aExpectedError); + Assert.throws(() => Services.logins.modifyLogin(testLogin, newPropertyBag({ + hostname: aLoginInfo.hostname, + formSubmitURL: aLoginInfo.formSubmitURL, + httpRealm: aLoginInfo.httpRealm, + username: aLoginInfo.username, + password: aLoginInfo.password, + usernameField: aLoginInfo.usernameField, + passwordField: aLoginInfo.passwordField, + })), aExpectedError); + + // Verify that no data was stored by the previous calls. + LoginTestUtils.checkLogins([testLogin]); + Services.logins.removeLogin(testLogin); +} + +/** + * Verifies that two objects are not the same instance + * but have equal attributes. + * + * @param {Object} objectA + * An object to compare. + * + * @param {Object} objectB + * Another object to compare. + * + * @param {string[]} attributes + * Attributes to compare. + * + * @return true if all passed attributes are equal for both objects, false otherwise. + */ +function compareAttributes(objectA, objectB, attributes) { + // If it's the same object, we want to return false. + if (objectA == objectB) { + return false; + } + return attributes.every(attr => objectA[attr] == objectB[attr]); +} + +// Tests + +/** + * Tests that adding logins to the database works. + */ +add_task(function test_addLogin_removeLogin() +{ + // Each login from the test data should be valid and added to the list. + for (let loginInfo of TestData.loginList()) { + Services.logins.addLogin(loginInfo); + } + LoginTestUtils.checkLogins(TestData.loginList()); + + // Trying to add each login again should result in an error. + for (let loginInfo of TestData.loginList()) { + Assert.throws(() => Services.logins.addLogin(loginInfo), /already exists/); + } + + // Removing each login should succeed. + for (let loginInfo of TestData.loginList()) { + Services.logins.removeLogin(loginInfo); + } + + LoginTestUtils.checkLogins([]); +}); + +/** + * Tests invalid combinations of httpRealm and formSubmitURL. + * + * For an nsILoginInfo to be valid for storage, one of the two properties should + * be strictly equal to null, and the other must not be null or an empty string. + * + * The legacy case of an empty string in formSubmitURL and a null value in + * httpRealm is also supported for storage at the moment. + */ +add_task(function test_invalid_httpRealm_formSubmitURL() +{ + // httpRealm === null, formSubmitURL === null + checkLoginInvalid(TestData.formLogin({ formSubmitURL: null }), + /without a httpRealm or formSubmitURL/); + + // httpRealm === "", formSubmitURL === null + checkLoginInvalid(TestData.authLogin({ httpRealm: "" }), + /without a httpRealm or formSubmitURL/); + + // httpRealm === null, formSubmitURL === "" + // This is not enforced for now. + // checkLoginInvalid(TestData.formLogin({ formSubmitURL: "" }), + // /without a httpRealm or formSubmitURL/); + + // httpRealm === "", formSubmitURL === "" + checkLoginInvalid(TestData.formLogin({ formSubmitURL: "", httpRealm: "" }), + /both a httpRealm and formSubmitURL/); + + // !!httpRealm, !!formSubmitURL + checkLoginInvalid(TestData.formLogin({ httpRealm: "The HTTP Realm" }), + /both a httpRealm and formSubmitURL/); + + // httpRealm === "", !!formSubmitURL + checkLoginInvalid(TestData.formLogin({ httpRealm: "" }), + /both a httpRealm and formSubmitURL/); + + // !!httpRealm, formSubmitURL === "" + checkLoginInvalid(TestData.authLogin({ formSubmitURL: "" }), + /both a httpRealm and formSubmitURL/); +}); + +/** + * Tests null or empty values in required login properties. + */ +add_task(function test_missing_properties() +{ + checkLoginInvalid(TestData.formLogin({ hostname: null }), + /null or empty hostname/); + + checkLoginInvalid(TestData.formLogin({ hostname: "" }), + /null or empty hostname/); + + checkLoginInvalid(TestData.formLogin({ username: null }), + /null username/); + + checkLoginInvalid(TestData.formLogin({ password: null }), + /null or empty password/); + + checkLoginInvalid(TestData.formLogin({ password: "" }), + /null or empty password/); +}); + +/** + * Tests invalid NUL characters in nsILoginInfo properties. + */ +add_task(function test_invalid_characters() +{ + let loginList = [ + TestData.authLogin({ hostname: "http://null\0X.example.com" }), + TestData.authLogin({ httpRealm: "realm\0" }), + TestData.formLogin({ formSubmitURL: "http://null\0X.example.com" }), + TestData.formLogin({ usernameField: "field\0_null" }), + TestData.formLogin({ usernameField: ".\0" }), // Special single dot case + TestData.formLogin({ passwordField: "field\0_null" }), + TestData.formLogin({ username: "user\0name" }), + TestData.formLogin({ password: "pass\0word" }), + ]; + for (let loginInfo of loginList) { + checkLoginInvalid(loginInfo, /login values can't contain nulls/); + } +}); + +/** + * Tests removing a login that does not exists. + */ +add_task(function test_removeLogin_nonexisting() +{ + Assert.throws(() => Services.logins.removeLogin(TestData.formLogin()), + /No matching logins/); +}); + +/** + * Tests removing all logins at once. + */ +add_task(function test_removeAllLogins() +{ + for (let loginInfo of TestData.loginList()) { + Services.logins.addLogin(loginInfo); + } + Services.logins.removeAllLogins(); + LoginTestUtils.checkLogins([]); + + // The function should also work when there are no logins to delete. + Services.logins.removeAllLogins(); +}); + +/** + * Tests the modifyLogin function with an nsILoginInfo argument. + */ +add_task(function test_modifyLogin_nsILoginInfo() +{ + let loginInfo = TestData.formLogin(); + let updatedLoginInfo = TestData.formLogin({ + username: "new username", + password: "new password", + usernameField: "new_form_field_username", + passwordField: "new_form_field_password", + }); + let differentLoginInfo = TestData.authLogin(); + + // Trying to modify a login that does not exist should throw. + Assert.throws(() => Services.logins.modifyLogin(loginInfo, updatedLoginInfo), + /No matching logins/); + + // Add the first form login, then modify it to match the second. + Services.logins.addLogin(loginInfo); + Services.logins.modifyLogin(loginInfo, updatedLoginInfo); + + // The data should now match the second login. + LoginTestUtils.checkLogins([updatedLoginInfo]); + Assert.throws(() => Services.logins.modifyLogin(loginInfo, updatedLoginInfo), + /No matching logins/); + + // The login can be changed to have a different type and hostname. + Services.logins.modifyLogin(updatedLoginInfo, differentLoginInfo); + LoginTestUtils.checkLogins([differentLoginInfo]); + + // It is now possible to add a login with the old type and hostname. + Services.logins.addLogin(loginInfo); + LoginTestUtils.checkLogins([loginInfo, differentLoginInfo]); + + // Modifying a login to match an existing one should not be possible. + Assert.throws( + () => Services.logins.modifyLogin(loginInfo, differentLoginInfo), + /already exists/); + LoginTestUtils.checkLogins([loginInfo, differentLoginInfo]); + + LoginTestUtils.clearData(); +}); + +/** + * Tests the modifyLogin function with an nsIPropertyBag argument. + */ +add_task(function test_modifyLogin_nsIProperyBag() +{ + let loginInfo = TestData.formLogin(); + let updatedLoginInfo = TestData.formLogin({ + username: "new username", + password: "new password", + usernameField: "", + passwordField: "new_form_field_password", + }); + let differentLoginInfo = TestData.authLogin(); + let differentLoginProperties = newPropertyBag({ + hostname: differentLoginInfo.hostname, + formSubmitURL: differentLoginInfo.formSubmitURL, + httpRealm: differentLoginInfo.httpRealm, + username: differentLoginInfo.username, + password: differentLoginInfo.password, + usernameField: differentLoginInfo.usernameField, + passwordField: differentLoginInfo.passwordField, + }); + + // Trying to modify a login that does not exist should throw. + Assert.throws(() => Services.logins.modifyLogin(loginInfo, newPropertyBag()), + /No matching logins/); + + // Add the first form login, then modify it to match the second, changing + // only some of its properties and checking the behavior with an empty string. + Services.logins.addLogin(loginInfo); + Services.logins.modifyLogin(loginInfo, newPropertyBag({ + username: "new username", + password: "new password", + usernameField: "", + passwordField: "new_form_field_password", + })); + + // The data should now match the second login. + LoginTestUtils.checkLogins([updatedLoginInfo]); + Assert.throws(() => Services.logins.modifyLogin(loginInfo, newPropertyBag()), + /No matching logins/); + + // It is also possible to provide no properties to be modified. + Services.logins.modifyLogin(updatedLoginInfo, newPropertyBag()); + + // Specifying a null property for a required value should throw. + Assert.throws(() => Services.logins.modifyLogin(loginInfo, newPropertyBag({ + usernameField: null, + }))); + + // The login can be changed to have a different type and hostname. + Services.logins.modifyLogin(updatedLoginInfo, differentLoginProperties); + LoginTestUtils.checkLogins([differentLoginInfo]); + + // It is now possible to add a login with the old type and hostname. + Services.logins.addLogin(loginInfo); + LoginTestUtils.checkLogins([loginInfo, differentLoginInfo]); + + // Modifying a login to match an existing one should not be possible. + Assert.throws( + () => Services.logins.modifyLogin(loginInfo, differentLoginProperties), + /already exists/); + LoginTestUtils.checkLogins([loginInfo, differentLoginInfo]); + + LoginTestUtils.clearData(); +}); + +/** + * Tests the login deduplication function. + */ +add_task(function test_deduplicate_logins() { + // Different key attributes combinations and the amount of unique + // results expected for the TestData login list. + let keyCombinations = [ + { + keyset: ["username", "password"], + results: 13, + }, + { + keyset: ["hostname", "username"], + results: 17, + }, + { + keyset: ["hostname", "username", "password"], + results: 18, + }, + { + keyset: ["hostname", "username", "password", "formSubmitURL"], + results: 23, + }, + ]; + + let logins = TestData.loginList(); + + for (let testCase of keyCombinations) { + // Deduplicate the logins using the current testcase keyset. + let deduped = LoginHelper.dedupeLogins(logins, testCase.keyset); + Assert.equal(deduped.length, testCase.results, "Correct amount of results."); + + // Checks that every login after deduping is unique. + Assert.ok(deduped.every(loginA => + deduped.every(loginB => !compareAttributes(loginA, loginB, testCase.keyset)) + ), "Every login is unique."); + } +}); + +/** + * Ensure that the login deduplication function keeps the most recent login. + */ +add_task(function test_deduplicate_keeps_most_recent() { + // Logins to deduplicate. + let logins = [ + TestData.formLogin({timeLastUsed: Date.UTC(2004, 11, 4, 0, 0, 0)}), + TestData.formLogin({formSubmitURL: "http://example.com", timeLastUsed: Date.UTC(2015, 11, 4, 0, 0, 0)}), + ]; + + // Deduplicate the logins. + let deduped = LoginHelper.dedupeLogins(logins); + Assert.equal(deduped.length, 1, "Deduplicated the logins array."); + + // Verify that the remaining login have the most recent date. + let loginTimeLastUsed = deduped[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed; + Assert.equal(loginTimeLastUsed, Date.UTC(2015, 11, 4, 0, 0, 0), "Most recent login was kept."); + + // Deduplicate the reverse logins array. + deduped = LoginHelper.dedupeLogins(logins.reverse()); + Assert.equal(deduped.length, 1, "Deduplicated the reversed logins array."); + + // Verify that the remaining login have the most recent date. + loginTimeLastUsed = deduped[0].QueryInterface(Ci.nsILoginMetaInfo).timeLastUsed; + Assert.equal(loginTimeLastUsed, Date.UTC(2015, 11, 4, 0, 0, 0), "Most recent login was kept."); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js b/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js new file mode 100644 index 000000000..ffbedb4de --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_logins_decrypt_failure.js @@ -0,0 +1,77 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests the case where there are logins that cannot be decrypted. + */ + +"use strict"; + +// Globals + +/** + * Resets the token used to decrypt logins. This is equivalent to resetting the + * master password when it is not known. + */ +function resetMasterPassword() +{ + let token = Cc["@mozilla.org/security/pk11tokendb;1"] + .getService(Ci.nsIPK11TokenDB).getInternalKeyToken(); + token.reset(); + token.changePassword("", ""); +} + +// Tests + +/** + * Resets the master password after some logins were added to the database. + */ +add_task(function test_logins_decrypt_failure() +{ + let logins = TestData.loginList(); + for (let loginInfo of logins) { + Services.logins.addLogin(loginInfo); + } + + // This makes the existing logins non-decryptable. + resetMasterPassword(); + + // These functions don't see the non-decryptable entries anymore. + do_check_eq(Services.logins.getAllLogins().length, 0); + do_check_eq(Services.logins.findLogins({}, "", "", "").length, 0); + do_check_eq(Services.logins.searchLogins({}, newPropertyBag()).length, 0); + Assert.throws(() => Services.logins.modifyLogin(logins[0], newPropertyBag()), + /No matching logins/); + Assert.throws(() => Services.logins.removeLogin(logins[0]), + /No matching logins/); + + // The function that counts logins sees the non-decryptable entries also. + do_check_eq(Services.logins.countLogins("", "", ""), logins.length); + + // Equivalent logins can be added. + for (let loginInfo of logins) { + Services.logins.addLogin(loginInfo); + } + LoginTestUtils.checkLogins(logins); + do_check_eq(Services.logins.countLogins("", "", ""), logins.length * 2); + + // Finding logins doesn't return the non-decryptable duplicates. + do_check_eq(Services.logins.findLogins({}, "http://www.example.com", + "", "").length, 1); + let matchData = newPropertyBag({ hostname: "http://www.example.com" }); + do_check_eq(Services.logins.searchLogins({}, matchData).length, 1); + + // Removing single logins does not remove non-decryptable logins. + for (let loginInfo of TestData.loginList()) { + Services.logins.removeLogin(loginInfo); + } + do_check_eq(Services.logins.getAllLogins().length, 0); + do_check_eq(Services.logins.countLogins("", "", ""), logins.length); + + // Removing all logins removes the non-decryptable entries also. + Services.logins.removeAllLogins(); + do_check_eq(Services.logins.getAllLogins().length, 0); + do_check_eq(Services.logins.countLogins("", "", ""), 0); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_metainfo.js b/toolkit/components/passwordmgr/test/unit/test_logins_metainfo.js new file mode 100644 index 000000000..38344aa7d --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_logins_metainfo.js @@ -0,0 +1,284 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests the handling of nsILoginMetaInfo by methods that add, remove, modify, + * and find logins. + */ + +"use strict"; + +// Globals + +XPCOMUtils.defineLazyServiceGetter(this, "gUUIDGenerator", + "@mozilla.org/uuid-generator;1", + "nsIUUIDGenerator"); + +var gLooksLikeUUIDRegex = /^\{\w{8}-\w{4}-\w{4}-\w{4}-\w{12}\}$/; + +/** + * Retrieves the only login among the current data that matches the hostname of + * the given nsILoginInfo. In case there is more than one login for the + * hostname, the test fails. + */ +function retrieveLoginMatching(aLoginInfo) +{ + let logins = Services.logins.findLogins({}, aLoginInfo.hostname, "", ""); + do_check_eq(logins.length, 1); + return logins[0].QueryInterface(Ci.nsILoginMetaInfo); +} + +/** + * Checks that the nsILoginInfo and nsILoginMetaInfo properties of two different + * login instances are equal. + */ +function assertMetaInfoEqual(aActual, aExpected) +{ + do_check_neq(aActual, aExpected); + + // Check the nsILoginInfo properties. + do_check_true(aActual.equals(aExpected)); + + // Check the nsILoginMetaInfo properties. + do_check_eq(aActual.guid, aExpected.guid); + do_check_eq(aActual.timeCreated, aExpected.timeCreated); + do_check_eq(aActual.timeLastUsed, aExpected.timeLastUsed); + do_check_eq(aActual.timePasswordChanged, aExpected.timePasswordChanged); + do_check_eq(aActual.timesUsed, aExpected.timesUsed); +} + +/** + * nsILoginInfo instances with or without nsILoginMetaInfo properties. + */ +var gLoginInfo1; +var gLoginInfo2; +var gLoginInfo3; + +/** + * nsILoginInfo instances reloaded with all the nsILoginMetaInfo properties. + * These are often used to provide the reference values to test against. + */ +var gLoginMetaInfo1; +var gLoginMetaInfo2; +var gLoginMetaInfo3; + +// Tests + +/** + * Prepare the test objects that will be used by the following tests. + */ +add_task(function test_initialize() +{ + // Use a reference time from ten minutes ago to initialize one instance of + // nsILoginMetaInfo, to test that reference times are updated when needed. + let baseTimeMs = Date.now() - 600000; + + gLoginInfo1 = TestData.formLogin(); + gLoginInfo2 = TestData.formLogin({ + hostname: "http://other.example.com", + guid: gUUIDGenerator.generateUUID().toString(), + timeCreated: baseTimeMs, + timeLastUsed: baseTimeMs + 2, + timePasswordChanged: baseTimeMs + 1, + timesUsed: 2, + }); + gLoginInfo3 = TestData.authLogin(); +}); + +/** + * Tests the behavior of addLogin with regard to metadata. The logins added + * here are also used by the following tests. + */ +add_task(function test_addLogin_metainfo() +{ + // Add a login without metadata to the database. + Services.logins.addLogin(gLoginInfo1); + + // The object provided to addLogin should not have been modified. + do_check_eq(gLoginInfo1.guid, null); + do_check_eq(gLoginInfo1.timeCreated, 0); + do_check_eq(gLoginInfo1.timeLastUsed, 0); + do_check_eq(gLoginInfo1.timePasswordChanged, 0); + do_check_eq(gLoginInfo1.timesUsed, 0); + + // A login with valid metadata should have been stored. + gLoginMetaInfo1 = retrieveLoginMatching(gLoginInfo1); + do_check_true(gLooksLikeUUIDRegex.test(gLoginMetaInfo1.guid)); + let creationTime = gLoginMetaInfo1.timeCreated; + LoginTestUtils.assertTimeIsAboutNow(creationTime); + do_check_eq(gLoginMetaInfo1.timeLastUsed, creationTime); + do_check_eq(gLoginMetaInfo1.timePasswordChanged, creationTime); + do_check_eq(gLoginMetaInfo1.timesUsed, 1); + + // Add a login without metadata to the database. + let originalLogin = gLoginInfo2.clone().QueryInterface(Ci.nsILoginMetaInfo); + Services.logins.addLogin(gLoginInfo2); + + // The object provided to addLogin should not have been modified. + assertMetaInfoEqual(gLoginInfo2, originalLogin); + + // A login with the provided metadata should have been stored. + gLoginMetaInfo2 = retrieveLoginMatching(gLoginInfo2); + assertMetaInfoEqual(gLoginMetaInfo2, gLoginInfo2); + + // Add an authentication login to the database before continuing. + Services.logins.addLogin(gLoginInfo3); + gLoginMetaInfo3 = retrieveLoginMatching(gLoginInfo3); + LoginTestUtils.checkLogins([gLoginInfo1, gLoginInfo2, gLoginInfo3]); +}); + +/** + * Tests that adding a login with a duplicate GUID throws an exception. + */ +add_task(function test_addLogin_metainfo_duplicate() +{ + let loginInfo = TestData.formLogin({ + hostname: "http://duplicate.example.com", + guid: gLoginMetaInfo2.guid, + }); + Assert.throws(() => Services.logins.addLogin(loginInfo), + /specified GUID already exists/); + + // Verify that no data was stored by the previous call. + LoginTestUtils.checkLogins([gLoginInfo1, gLoginInfo2, gLoginInfo3]); +}); + +/** + * Tests that the existing metadata is not changed when modifyLogin is called + * with an nsILoginInfo argument. + */ +add_task(function test_modifyLogin_nsILoginInfo_metainfo_ignored() +{ + let newLoginInfo = gLoginInfo1.clone().QueryInterface(Ci.nsILoginMetaInfo); + newLoginInfo.guid = gUUIDGenerator.generateUUID().toString(); + newLoginInfo.timeCreated = Date.now(); + newLoginInfo.timeLastUsed = Date.now(); + newLoginInfo.timePasswordChanged = Date.now(); + newLoginInfo.timesUsed = 12; + Services.logins.modifyLogin(gLoginInfo1, newLoginInfo); + + newLoginInfo = retrieveLoginMatching(gLoginInfo1); + assertMetaInfoEqual(newLoginInfo, gLoginMetaInfo1); +}); + +/** + * Tests the modifyLogin function with an nsIProperyBag argument. + */ +add_task(function test_modifyLogin_nsIProperyBag_metainfo() +{ + // Use a new reference time that is two minutes from now. + let newTimeMs = Date.now() + 120000; + let newUUIDValue = gUUIDGenerator.generateUUID().toString(); + + // Check that properties are changed as requested. + Services.logins.modifyLogin(gLoginInfo1, newPropertyBag({ + guid: newUUIDValue, + timeCreated: newTimeMs, + timeLastUsed: newTimeMs + 2, + timePasswordChanged: newTimeMs + 1, + timesUsed: 2, + })); + + gLoginMetaInfo1 = retrieveLoginMatching(gLoginInfo1); + do_check_eq(gLoginMetaInfo1.guid, newUUIDValue); + do_check_eq(gLoginMetaInfo1.timeCreated, newTimeMs); + do_check_eq(gLoginMetaInfo1.timeLastUsed, newTimeMs + 2); + do_check_eq(gLoginMetaInfo1.timePasswordChanged, newTimeMs + 1); + do_check_eq(gLoginMetaInfo1.timesUsed, 2); + + // Check that timePasswordChanged is updated when changing the password. + let originalLogin = gLoginInfo2.clone().QueryInterface(Ci.nsILoginMetaInfo); + Services.logins.modifyLogin(gLoginInfo2, newPropertyBag({ + password: "new password", + })); + gLoginInfo2.password = "new password"; + + gLoginMetaInfo2 = retrieveLoginMatching(gLoginInfo2); + do_check_eq(gLoginMetaInfo2.password, gLoginInfo2.password); + do_check_eq(gLoginMetaInfo2.timeCreated, originalLogin.timeCreated); + do_check_eq(gLoginMetaInfo2.timeLastUsed, originalLogin.timeLastUsed); + LoginTestUtils.assertTimeIsAboutNow(gLoginMetaInfo2.timePasswordChanged); + + // Check that timePasswordChanged is not set to the current time when changing + // the password and specifying a new value for the property at the same time. + Services.logins.modifyLogin(gLoginInfo2, newPropertyBag({ + password: "other password", + timePasswordChanged: newTimeMs, + })); + gLoginInfo2.password = "other password"; + + gLoginMetaInfo2 = retrieveLoginMatching(gLoginInfo2); + do_check_eq(gLoginMetaInfo2.password, gLoginInfo2.password); + do_check_eq(gLoginMetaInfo2.timeCreated, originalLogin.timeCreated); + do_check_eq(gLoginMetaInfo2.timeLastUsed, originalLogin.timeLastUsed); + do_check_eq(gLoginMetaInfo2.timePasswordChanged, newTimeMs); + + // Check the special timesUsedIncrement property. + Services.logins.modifyLogin(gLoginInfo2, newPropertyBag({ + timesUsedIncrement: 2, + })); + + gLoginMetaInfo2 = retrieveLoginMatching(gLoginInfo2); + do_check_eq(gLoginMetaInfo2.timeCreated, originalLogin.timeCreated); + do_check_eq(gLoginMetaInfo2.timeLastUsed, originalLogin.timeLastUsed); + do_check_eq(gLoginMetaInfo2.timePasswordChanged, newTimeMs); + do_check_eq(gLoginMetaInfo2.timesUsed, 4); +}); + +/** + * Tests that modifying a login to a duplicate GUID throws an exception. + */ +add_task(function test_modifyLogin_nsIProperyBag_metainfo_duplicate() +{ + Assert.throws(() => Services.logins.modifyLogin(gLoginInfo1, newPropertyBag({ + guid: gLoginInfo2.guid, + })), /specified GUID already exists/); + LoginTestUtils.checkLogins([gLoginInfo1, gLoginInfo2, gLoginInfo3]); +}); + +/** + * Tests searching logins using nsILoginMetaInfo properties. + */ +add_task(function test_searchLogins_metainfo() +{ + // Find by GUID. + let logins = Services.logins.searchLogins({}, newPropertyBag({ + guid: gLoginMetaInfo1.guid, + })); + do_check_eq(logins.length, 1); + let foundLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + assertMetaInfoEqual(foundLogin, gLoginMetaInfo1); + + // Find by timestamp. + logins = Services.logins.searchLogins({}, newPropertyBag({ + timePasswordChanged: gLoginMetaInfo2.timePasswordChanged, + })); + do_check_eq(logins.length, 1); + foundLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + assertMetaInfoEqual(foundLogin, gLoginMetaInfo2); + + // Find using two properties at the same time. + logins = Services.logins.searchLogins({}, newPropertyBag({ + guid: gLoginMetaInfo3.guid, + timePasswordChanged: gLoginMetaInfo3.timePasswordChanged, + })); + do_check_eq(logins.length, 1); + foundLogin = logins[0].QueryInterface(Ci.nsILoginMetaInfo); + assertMetaInfoEqual(foundLogin, gLoginMetaInfo3); +}); + +/** + * Tests that the default nsILoginManagerStorage module attached to the Login + * Manager service is able to save and reload nsILoginMetaInfo properties. + */ +add_task(function* test_storage_metainfo() +{ + yield* LoginTestUtils.reloadData(); + LoginTestUtils.checkLogins([gLoginInfo1, gLoginInfo2, gLoginInfo3]); + + assertMetaInfoEqual(retrieveLoginMatching(gLoginInfo1), gLoginMetaInfo1); + assertMetaInfoEqual(retrieveLoginMatching(gLoginInfo2), gLoginMetaInfo2); + assertMetaInfoEqual(retrieveLoginMatching(gLoginInfo3), gLoginMetaInfo3); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_logins_search.js b/toolkit/components/passwordmgr/test/unit/test_logins_search.js new file mode 100644 index 000000000..188c75039 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_logins_search.js @@ -0,0 +1,221 @@ +/* + * Tests methods that find specific logins in the store (findLogins, + * searchLogins, and countLogins). + * + * The getAllLogins method is not tested explicitly here, because it is used by + * all tests to verify additions, removals and modifications to the login store. + */ + +"use strict"; + +// Globals + +/** + * Returns a list of new nsILoginInfo objects that are a subset of the test + * data, built to match the specified query. + * + * @param aQuery + * Each property and value of this object restricts the search to those + * entries from the test data that match the property exactly. + */ +function buildExpectedLogins(aQuery) +{ + return TestData.loginList().filter( + entry => Object.keys(aQuery).every(name => entry[name] === aQuery[name])); +} + +/** + * Tests the searchLogins function. + * + * @param aQuery + * Each property and value of this object is translated to an entry in + * the nsIPropertyBag parameter of searchLogins. + * @param aExpectedCount + * Number of logins from the test data that should be found. The actual + * list of logins is obtained using the buildExpectedLogins helper, and + * this value is just used to verify that modifications to the test data + * don't make the current test meaningless. + */ +function checkSearchLogins(aQuery, aExpectedCount) +{ + do_print("Testing searchLogins for " + JSON.stringify(aQuery)); + + let expectedLogins = buildExpectedLogins(aQuery); + do_check_eq(expectedLogins.length, aExpectedCount); + + let outCount = {}; + let logins = Services.logins.searchLogins(outCount, newPropertyBag(aQuery)); + do_check_eq(outCount.value, expectedLogins.length); + LoginTestUtils.assertLoginListsEqual(logins, expectedLogins); +} + +/** + * Tests findLogins, searchLogins, and countLogins with the same query. + * + * @param aQuery + * The "hostname", "formSubmitURL", and "httpRealm" properties of this + * object are passed as parameters to findLogins and countLogins. The + * same object is then passed to the checkSearchLogins function. + * @param aExpectedCount + * Number of logins from the test data that should be found. The actual + * list of logins is obtained using the buildExpectedLogins helper, and + * this value is just used to verify that modifications to the test data + * don't make the current test meaningless. + */ +function checkAllSearches(aQuery, aExpectedCount) +{ + do_print("Testing all search functions for " + JSON.stringify(aQuery)); + + let expectedLogins = buildExpectedLogins(aQuery); + do_check_eq(expectedLogins.length, aExpectedCount); + + // The findLogins and countLogins functions support wildcard matches by + // specifying empty strings as parameters, while searchLogins requires + // omitting the property entirely. + let hostname = ("hostname" in aQuery) ? aQuery.hostname : ""; + let formSubmitURL = ("formSubmitURL" in aQuery) ? aQuery.formSubmitURL : ""; + let httpRealm = ("httpRealm" in aQuery) ? aQuery.httpRealm : ""; + + // Test findLogins. + let outCount = {}; + let logins = Services.logins.findLogins(outCount, hostname, formSubmitURL, + httpRealm); + do_check_eq(outCount.value, expectedLogins.length); + LoginTestUtils.assertLoginListsEqual(logins, expectedLogins); + + // Test countLogins. + let count = Services.logins.countLogins(hostname, formSubmitURL, httpRealm); + do_check_eq(count, expectedLogins.length); + + // Test searchLogins. + checkSearchLogins(aQuery, aExpectedCount); +} + +// Tests + +/** + * Prepare data for the following tests. + */ +add_task(function test_initialize() +{ + for (let login of TestData.loginList()) { + Services.logins.addLogin(login); + } +}); + +/** + * Tests findLogins, searchLogins, and countLogins with basic queries. + */ +add_task(function test_search_all_basic() +{ + // Find all logins, using no filters in the search functions. + checkAllSearches({}, 23); + + // Find all form logins, then all authentication logins. + checkAllSearches({ httpRealm: null }, 14); + checkAllSearches({ formSubmitURL: null }, 9); + + // Find all form logins on one host, then all authentication logins. + checkAllSearches({ hostname: "http://www4.example.com", + httpRealm: null }, 3); + checkAllSearches({ hostname: "http://www2.example.org", + formSubmitURL: null }, 2); + + // Verify that scheme and subdomain are distinct in the hostname. + checkAllSearches({ hostname: "http://www.example.com" }, 1); + checkAllSearches({ hostname: "https://www.example.com" }, 1); + checkAllSearches({ hostname: "https://example.com" }, 1); + checkAllSearches({ hostname: "http://www3.example.com" }, 3); + + // Verify that scheme and subdomain are distinct in formSubmitURL. + checkAllSearches({ formSubmitURL: "http://www.example.com" }, 2); + checkAllSearches({ formSubmitURL: "https://www.example.com" }, 2); + checkAllSearches({ formSubmitURL: "http://example.com" }, 1); + + // Find by formSubmitURL on a single host. + checkAllSearches({ hostname: "http://www3.example.com", + formSubmitURL: "http://www.example.com" }, 1); + checkAllSearches({ hostname: "http://www3.example.com", + formSubmitURL: "https://www.example.com" }, 1); + checkAllSearches({ hostname: "http://www3.example.com", + formSubmitURL: "http://example.com" }, 1); + + // Find by httpRealm on all hosts. + checkAllSearches({ httpRealm: "The HTTP Realm" }, 3); + checkAllSearches({ httpRealm: "ftp://ftp.example.org" }, 1); + checkAllSearches({ httpRealm: "The HTTP Realm Other" }, 2); + + // Find by httpRealm on a single host. + checkAllSearches({ hostname: "http://example.net", + httpRealm: "The HTTP Realm" }, 1); + checkAllSearches({ hostname: "http://example.net", + httpRealm: "The HTTP Realm Other" }, 1); + checkAllSearches({ hostname: "ftp://example.net", + httpRealm: "ftp://example.net" }, 1); +}); + +/** + * Tests searchLogins with advanced queries. + */ +add_task(function test_searchLogins() +{ + checkSearchLogins({ usernameField: "form_field_username" }, 12); + checkSearchLogins({ passwordField: "form_field_password" }, 13); + + // Find all logins with an empty usernameField, including for authentication. + checkSearchLogins({ usernameField: "" }, 11); + + // Find form logins with an empty usernameField. + checkSearchLogins({ httpRealm: null, + usernameField: "" }, 2); + + // Find logins with an empty usernameField on one host. + checkSearchLogins({ hostname: "http://www6.example.com", + usernameField: "" }, 1); +}); + +/** + * Tests searchLogins with invalid arguments. + */ +add_task(function test_searchLogins_invalid() +{ + Assert.throws(() => Services.logins.searchLogins({}, + newPropertyBag({ username: "value" })), + /Unexpected field/); +}); + +/** + * Tests that matches are case-sensitive, compare the full field value, and are + * strict when interpreting the prePath of URIs. + */ +add_task(function test_search_all_full_case_sensitive() +{ + checkAllSearches({ hostname: "http://www.example.com" }, 1); + checkAllSearches({ hostname: "http://www.example.com/" }, 0); + checkAllSearches({ hostname: "http://" }, 0); + checkAllSearches({ hostname: "example.com" }, 0); + + checkAllSearches({ formSubmitURL: "http://www.example.com" }, 2); + checkAllSearches({ formSubmitURL: "http://www.example.com/" }, 0); + checkAllSearches({ formSubmitURL: "http://" }, 0); + checkAllSearches({ formSubmitURL: "example.com" }, 0); + + checkAllSearches({ httpRealm: "The HTTP Realm" }, 3); + checkAllSearches({ httpRealm: "The http Realm" }, 0); + checkAllSearches({ httpRealm: "The HTTP" }, 0); + checkAllSearches({ httpRealm: "Realm" }, 0); +}); + +/** + * Tests findLogins, searchLogins, and countLogins with queries that should + * return no values. + */ +add_task(function test_search_all_empty() +{ + checkAllSearches({ hostname: "http://nonexistent.example.com" }, 0); + checkAllSearches({ formSubmitURL: "http://www.example.com", + httpRealm: "The HTTP Realm" }, 0); + + checkSearchLogins({ hostname: "" }, 0); + checkSearchLogins({ id: "1000" }, 0); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_maybeImportLogin.js b/toolkit/components/passwordmgr/test/unit/test_maybeImportLogin.js new file mode 100644 index 000000000..19175df59 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_maybeImportLogin.js @@ -0,0 +1,169 @@ +"use strict"; + +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/LoginHelper.jsm"); + +const HOST1 = "https://www.example.com/"; +const HOST2 = "https://www.mozilla.org/"; + +const USER1 = "myuser"; +const USER2 = "anotheruser"; + +const PASS1 = "mypass"; +const PASS2 = "anotherpass"; +const PASS3 = "yetanotherpass"; + +add_task(function test_new_logins() { + let importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST1, + formSubmitURL: HOST1, + }); + Assert.ok(importedLogin, "Return value should indicate imported login."); + let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`); + + importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST2, + formSubmitURL: HOST2, + }); + + Assert.ok(importedLogin, "Return value should indicate another imported login."); + matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`); + + matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST2}); + Assert.equal(matchingLogins.length, 1, `There should also be 1 login for ${HOST2}`); + Assert.equal(Services.logins.getAllLogins().length, 2, "There should be 2 logins in total"); + Services.logins.removeAllLogins(); +}); + +add_task(function test_duplicate_logins() { + let importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST1, + formSubmitURL: HOST1, + }); + Assert.ok(importedLogin, "Return value should indicate imported login."); + let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`); + + importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST1, + formSubmitURL: HOST1, + }); + Assert.ok(!importedLogin, "Return value should indicate no new login was imported."); + matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`); + Services.logins.removeAllLogins(); +}); + +add_task(function test_different_passwords() { + let importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST1, + formSubmitURL: HOST1, + timeCreated: new Date(Date.now() - 1000), + }); + Assert.ok(importedLogin, "Return value should indicate imported login."); + let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`); + + // This item will be newer, so its password should take precedence. + importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS2, + hostname: HOST1, + formSubmitURL: HOST1, + timeCreated: new Date(), + }); + Assert.ok(!importedLogin, "Return value should not indicate imported login (as we updated an existing one)."); + matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`); + Assert.equal(matchingLogins[0].password, PASS2, "We should have updated the password for this login."); + + // Now try to update with an older password: + importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS3, + hostname: HOST1, + formSubmitURL: HOST1, + timeCreated: new Date(Date.now() - 1000000), + }); + Assert.ok(!importedLogin, "Return value should not indicate imported login (as we didn't update anything)."); + matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`); + Assert.equal(matchingLogins[0].password, PASS2, "We should NOT have updated the password for this login."); + + Services.logins.removeAllLogins(); +}); + +add_task(function test_different_usernames() { + let importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST1, + formSubmitURL: HOST1, + }); + Assert.ok(importedLogin, "Return value should indicate imported login."); + let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`); + + importedLogin = LoginHelper.maybeImportLogin({ + username: USER2, + password: PASS1, + hostname: HOST1, + formSubmitURL: HOST1, + }); + Assert.ok(importedLogin, "Return value should indicate another imported login."); + matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 2, `There should now be 2 logins for ${HOST1}`); + + Services.logins.removeAllLogins(); +}); + +add_task(function test_different_targets() { + let importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST1, + formSubmitURL: HOST1, + }); + Assert.ok(importedLogin, "Return value should indicate imported login."); + let matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should be 1 login for ${HOST1}`); + + // Not passing either a formSubmitURL or a httpRealm should be treated as + // the same as the previous login + importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST1, + }); + Assert.ok(!importedLogin, "Return value should NOT indicate imported login " + + "(because a missing formSubmitURL and httpRealm should be duped to the existing login)."); + matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 1, `There should still be 1 login for ${HOST1}`); + Assert.equal(matchingLogins[0].formSubmitURL, HOST1, "The form submission URL should have been kept."); + + importedLogin = LoginHelper.maybeImportLogin({ + username: USER1, + password: PASS1, + hostname: HOST1, + httpRealm: HOST1, + }); + Assert.ok(importedLogin, "Return value should indicate another imported login " + + "as an httpRealm login shouldn't be duped."); + matchingLogins = LoginHelper.searchLoginsWithObject({hostname: HOST1}); + Assert.equal(matchingLogins.length, 2, `There should now be 2 logins for ${HOST1}`); + + Services.logins.removeAllLogins(); +}); + diff --git a/toolkit/components/passwordmgr/test/unit/test_module_LoginImport.js b/toolkit/components/passwordmgr/test/unit/test_module_LoginImport.js new file mode 100644 index 000000000..b8793e1bd --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_module_LoginImport.js @@ -0,0 +1,243 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests the LoginImport object. + */ + +"use strict"; + +// Globals + +Cu.import("resource://gre/modules/Task.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginImport", + "resource://gre/modules/LoginImport.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginStore", + "resource://gre/modules/LoginStore.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "Sqlite", + "resource://gre/modules/Sqlite.jsm"); + +XPCOMUtils.defineLazyServiceGetter(this, "gLoginManagerCrypto", + "@mozilla.org/login-manager/crypto/SDR;1", + "nsILoginManagerCrypto"); +XPCOMUtils.defineLazyServiceGetter(this, "gUUIDGenerator", + "@mozilla.org/uuid-generator;1", + "nsIUUIDGenerator"); + +/** + * Creates empty login data tables in the given SQLite connection, resembling + * the most recent schema version (excluding indices). + */ +function promiseCreateDatabaseSchema(aConnection) +{ + return Task.spawn(function* () { + yield aConnection.setSchemaVersion(5); + yield aConnection.execute("CREATE TABLE moz_logins (" + + "id INTEGER PRIMARY KEY," + + "hostname TEXT NOT NULL," + + "httpRealm TEXT," + + "formSubmitURL TEXT," + + "usernameField TEXT NOT NULL," + + "passwordField TEXT NOT NULL," + + "encryptedUsername TEXT NOT NULL," + + "encryptedPassword TEXT NOT NULL," + + "guid TEXT," + + "encType INTEGER," + + "timeCreated INTEGER," + + "timeLastUsed INTEGER," + + "timePasswordChanged INTEGER," + + "timesUsed INTEGER)"); + yield aConnection.execute("CREATE TABLE moz_disabledHosts (" + + "id INTEGER PRIMARY KEY," + + "hostname TEXT UNIQUE)"); + yield aConnection.execute("CREATE TABLE moz_deleted_logins (" + + "id INTEGER PRIMARY KEY," + + "guid TEXT," + + "timeDeleted INTEGER)"); + }); +} + +/** + * Inserts a new entry in the database resembling the given nsILoginInfo object. + */ +function promiseInsertLoginInfo(aConnection, aLoginInfo) +{ + aLoginInfo.QueryInterface(Ci.nsILoginMetaInfo); + + // We can't use the aLoginInfo object directly in the execute statement + // because the bind code in Sqlite.jsm doesn't allow objects with extra + // properties beyond those being binded. So we might as well use an array as + // it is simpler. + let values = [ + aLoginInfo.hostname, + aLoginInfo.httpRealm, + aLoginInfo.formSubmitURL, + aLoginInfo.usernameField, + aLoginInfo.passwordField, + gLoginManagerCrypto.encrypt(aLoginInfo.username), + gLoginManagerCrypto.encrypt(aLoginInfo.password), + aLoginInfo.guid, + aLoginInfo.encType, + aLoginInfo.timeCreated, + aLoginInfo.timeLastUsed, + aLoginInfo.timePasswordChanged, + aLoginInfo.timesUsed, + ]; + + return aConnection.execute("INSERT INTO moz_logins (hostname, " + + "httpRealm, formSubmitURL, usernameField, " + + "passwordField, encryptedUsername, " + + "encryptedPassword, guid, encType, timeCreated, " + + "timeLastUsed, timePasswordChanged, timesUsed) " + + "VALUES (?" + ",?".repeat(12) + ")", values); +} + +/** + * Inserts a new disabled host entry in the database. + */ +function promiseInsertDisabledHost(aConnection, aHostname) +{ + return aConnection.execute("INSERT INTO moz_disabledHosts (hostname) " + + "VALUES (?)", [aHostname]); +} + +// Tests + +/** + * Imports login data from a SQLite file constructed using the test data. + */ +add_task(function* test_import() +{ + let store = new LoginStore(getTempFile("test-import.json").path); + let loginsSqlite = getTempFile("test-logins.sqlite").path; + + // Prepare the logins to be imported, including the nsILoginMetaInfo data. + let loginList = TestData.loginList(); + for (let loginInfo of loginList) { + loginInfo.QueryInterface(Ci.nsILoginMetaInfo); + loginInfo.guid = gUUIDGenerator.generateUUID().toString(); + loginInfo.timeCreated = Date.now(); + loginInfo.timeLastUsed = Date.now(); + loginInfo.timePasswordChanged = Date.now(); + loginInfo.timesUsed = 1; + } + + // Create and populate the SQLite database first. + let connection = yield Sqlite.openConnection({ path: loginsSqlite }); + try { + yield promiseCreateDatabaseSchema(connection); + for (let loginInfo of loginList) { + yield promiseInsertLoginInfo(connection, loginInfo); + } + yield promiseInsertDisabledHost(connection, "http://www.example.com"); + yield promiseInsertDisabledHost(connection, "https://www.example.org"); + } finally { + yield connection.close(); + } + + // The "load" method must be called before importing data. + yield store.load(); + yield new LoginImport(store, loginsSqlite).import(); + + // Verify that every login in the test data has a matching imported row. + do_check_eq(loginList.length, store.data.logins.length); + do_check_true(loginList.every(function (loginInfo) { + return store.data.logins.some(function (loginDataItem) { + let username = gLoginManagerCrypto.decrypt(loginDataItem.encryptedUsername); + let password = gLoginManagerCrypto.decrypt(loginDataItem.encryptedPassword); + return loginDataItem.hostname == loginInfo.hostname && + loginDataItem.httpRealm == loginInfo.httpRealm && + loginDataItem.formSubmitURL == loginInfo.formSubmitURL && + loginDataItem.usernameField == loginInfo.usernameField && + loginDataItem.passwordField == loginInfo.passwordField && + username == loginInfo.username && + password == loginInfo.password && + loginDataItem.guid == loginInfo.guid && + loginDataItem.encType == loginInfo.encType && + loginDataItem.timeCreated == loginInfo.timeCreated && + loginDataItem.timeLastUsed == loginInfo.timeLastUsed && + loginDataItem.timePasswordChanged == loginInfo.timePasswordChanged && + loginDataItem.timesUsed == loginInfo.timesUsed; + }); + })); + + // Verify that disabled hosts have been imported. + do_check_eq(store.data.disabledHosts.length, 2); + do_check_true(store.data.disabledHosts.indexOf("http://www.example.com") != -1); + do_check_true(store.data.disabledHosts.indexOf("https://www.example.org") != -1); +}); + +/** + * Tests imports of NULL values due to a downgraded database. + */ +add_task(function* test_import_downgraded() +{ + let store = new LoginStore(getTempFile("test-import-downgraded.json").path); + let loginsSqlite = getTempFile("test-logins-downgraded.sqlite").path; + + // Create and populate the SQLite database first. + let connection = yield Sqlite.openConnection({ path: loginsSqlite }); + try { + yield promiseCreateDatabaseSchema(connection); + yield connection.setSchemaVersion(3); + yield promiseInsertLoginInfo(connection, TestData.formLogin({ + guid: gUUIDGenerator.generateUUID().toString(), + timeCreated: null, + timeLastUsed: null, + timePasswordChanged: null, + timesUsed: 0, + })); + } finally { + yield connection.close(); + } + + // The "load" method must be called before importing data. + yield store.load(); + yield new LoginImport(store, loginsSqlite).import(); + + // Verify that the missing metadata was generated correctly. + let loginItem = store.data.logins[0]; + let creationTime = loginItem.timeCreated; + LoginTestUtils.assertTimeIsAboutNow(creationTime); + do_check_eq(loginItem.timeLastUsed, creationTime); + do_check_eq(loginItem.timePasswordChanged, creationTime); + do_check_eq(loginItem.timesUsed, 1); +}); + +/** + * Verifies that importing from a SQLite file with database version 2 fails. + */ +add_task(function* test_import_v2() +{ + let store = new LoginStore(getTempFile("test-import-v2.json").path); + let loginsSqlite = do_get_file("data/signons-v2.sqlite").path; + + // The "load" method must be called before importing data. + yield store.load(); + try { + yield new LoginImport(store, loginsSqlite).import(); + do_throw("The operation should have failed."); + } catch (ex) { } +}); + +/** + * Imports login data from a SQLite file, with database version 3. + */ +add_task(function* test_import_v3() +{ + let store = new LoginStore(getTempFile("test-import-v3.json").path); + let loginsSqlite = do_get_file("data/signons-v3.sqlite").path; + + // The "load" method must be called before importing data. + yield store.load(); + yield new LoginImport(store, loginsSqlite).import(); + + // We only execute basic integrity checks. + do_check_eq(store.data.logins[0].usernameField, "u1"); + do_check_eq(store.data.disabledHosts.length, 0); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_module_LoginStore.js b/toolkit/components/passwordmgr/test/unit/test_module_LoginStore.js new file mode 100644 index 000000000..335eb601b --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_module_LoginStore.js @@ -0,0 +1,206 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests the LoginStore object. + */ + +"use strict"; + +// Globals + +XPCOMUtils.defineLazyModuleGetter(this, "LoginStore", + "resource://gre/modules/LoginStore.jsm"); + +const TEST_STORE_FILE_NAME = "test-logins.json"; + +// Tests + +/** + * Saves login data to a file, then reloads it. + */ +add_task(function* test_save_reload() +{ + let storeForSave = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path); + + // The "load" method must be called before preparing the data to be saved. + yield storeForSave.load(); + + let rawLoginData = { + id: storeForSave.data.nextId++, + hostname: "http://www.example.com", + httpRealm: null, + formSubmitURL: "http://www.example.com/submit-url", + usernameField: "field_" + String.fromCharCode(533, 537, 7570, 345), + passwordField: "field_" + String.fromCharCode(421, 259, 349, 537), + encryptedUsername: "(test)", + encryptedPassword: "(test)", + guid: "(test)", + encType: Ci.nsILoginManagerCrypto.ENCTYPE_SDR, + timeCreated: Date.now(), + timeLastUsed: Date.now(), + timePasswordChanged: Date.now(), + timesUsed: 1, + }; + storeForSave.data.logins.push(rawLoginData); + + storeForSave.data.disabledHosts.push("http://www.example.org"); + + yield storeForSave._save(); + + // Test the asynchronous initialization path. + let storeForLoad = new LoginStore(storeForSave.path); + yield storeForLoad.load(); + + do_check_eq(storeForLoad.data.logins.length, 1); + do_check_matches(storeForLoad.data.logins[0], rawLoginData); + do_check_eq(storeForLoad.data.disabledHosts.length, 1); + do_check_eq(storeForLoad.data.disabledHosts[0], "http://www.example.org"); + + // Test the synchronous initialization path. + storeForLoad = new LoginStore(storeForSave.path); + storeForLoad.ensureDataReady(); + + do_check_eq(storeForLoad.data.logins.length, 1); + do_check_matches(storeForLoad.data.logins[0], rawLoginData); + do_check_eq(storeForLoad.data.disabledHosts.length, 1); + do_check_eq(storeForLoad.data.disabledHosts[0], "http://www.example.org"); +}); + +/** + * Checks that loading from a missing file results in empty arrays. + */ +add_task(function* test_load_empty() +{ + let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path); + + do_check_false(yield OS.File.exists(store.path)); + + yield store.load(); + + do_check_false(yield OS.File.exists(store.path)); + + do_check_eq(store.data.logins.length, 0); + do_check_eq(store.data.disabledHosts.length, 0); +}); + +/** + * Checks that saving empty data still overwrites any existing file. + */ +add_task(function* test_save_empty() +{ + let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path); + + yield store.load(); + + let createdFile = yield OS.File.open(store.path, { create: true }); + yield createdFile.close(); + + yield store._save(); + + do_check_true(yield OS.File.exists(store.path)); +}); + +/** + * Loads data from a string in a predefined format. The purpose of this test is + * to verify that the JSON format used in previous versions can be loaded. + */ +add_task(function* test_load_string_predefined() +{ + let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path); + + let string = "{\"logins\":[{" + + "\"id\":1," + + "\"hostname\":\"http://www.example.com\"," + + "\"httpRealm\":null," + + "\"formSubmitURL\":\"http://www.example.com/submit-url\"," + + "\"usernameField\":\"usernameField\"," + + "\"passwordField\":\"passwordField\"," + + "\"encryptedUsername\":\"(test)\"," + + "\"encryptedPassword\":\"(test)\"," + + "\"guid\":\"(test)\"," + + "\"encType\":1," + + "\"timeCreated\":1262304000000," + + "\"timeLastUsed\":1262390400000," + + "\"timePasswordChanged\":1262476800000," + + "\"timesUsed\":1}],\"disabledHosts\":[" + + "\"http://www.example.org\"]}"; + + yield OS.File.writeAtomic(store.path, + new TextEncoder().encode(string), + { tmpPath: store.path + ".tmp" }); + + yield store.load(); + + do_check_eq(store.data.logins.length, 1); + do_check_matches(store.data.logins[0], { + id: 1, + hostname: "http://www.example.com", + httpRealm: null, + formSubmitURL: "http://www.example.com/submit-url", + usernameField: "usernameField", + passwordField: "passwordField", + encryptedUsername: "(test)", + encryptedPassword: "(test)", + guid: "(test)", + encType: Ci.nsILoginManagerCrypto.ENCTYPE_SDR, + timeCreated: 1262304000000, + timeLastUsed: 1262390400000, + timePasswordChanged: 1262476800000, + timesUsed: 1, + }); + + do_check_eq(store.data.disabledHosts.length, 1); + do_check_eq(store.data.disabledHosts[0], "http://www.example.org"); +}); + +/** + * Loads login data from a malformed JSON string. + */ +add_task(function* test_load_string_malformed() +{ + let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path); + + let string = "{\"logins\":[{\"hostname\":\"http://www.example.com\"," + + "\"id\":1,"; + + yield OS.File.writeAtomic(store.path, new TextEncoder().encode(string), + { tmpPath: store.path + ".tmp" }); + + yield store.load(); + + // A backup file should have been created. + do_check_true(yield OS.File.exists(store.path + ".corrupt")); + yield OS.File.remove(store.path + ".corrupt"); + + // The store should be ready to accept new data. + do_check_eq(store.data.logins.length, 0); + do_check_eq(store.data.disabledHosts.length, 0); +}); + +/** + * Loads login data from a malformed JSON string, using the synchronous + * initialization path. + */ +add_task(function* test_load_string_malformed_sync() +{ + let store = new LoginStore(getTempFile(TEST_STORE_FILE_NAME).path); + + let string = "{\"logins\":[{\"hostname\":\"http://www.example.com\"," + + "\"id\":1,"; + + yield OS.File.writeAtomic(store.path, new TextEncoder().encode(string), + { tmpPath: store.path + ".tmp" }); + + store.ensureDataReady(); + + // A backup file should have been created. + do_check_true(yield OS.File.exists(store.path + ".corrupt")); + yield OS.File.remove(store.path + ".corrupt"); + + // The store should be ready to accept new data. + do_check_eq(store.data.logins.length, 0); + do_check_eq(store.data.disabledHosts.length, 0); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_notifications.js b/toolkit/components/passwordmgr/test/unit/test_notifications.js new file mode 100644 index 000000000..41caa2c1b --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_notifications.js @@ -0,0 +1,172 @@ +/* + * Tests notifications dispatched when modifying stored logins. + */ + +var expectedNotification; +var expectedData; + +var TestObserver = { + QueryInterface : XPCOMUtils.generateQI([Ci.nsIObserver, Ci.nsISupportsWeakReference]), + + observe : function (subject, topic, data) { + do_check_eq(topic, "passwordmgr-storage-changed"); + do_check_eq(data, expectedNotification); + + switch (data) { + case "addLogin": + do_check_true(subject instanceof Ci.nsILoginInfo); + do_check_true(subject instanceof Ci.nsILoginMetaInfo); + do_check_true(expectedData.equals(subject)); // nsILoginInfo.equals() + break; + case "modifyLogin": + do_check_true(subject instanceof Ci.nsIArray); + do_check_eq(subject.length, 2); + var oldLogin = subject.queryElementAt(0, Ci.nsILoginInfo); + var newLogin = subject.queryElementAt(1, Ci.nsILoginInfo); + do_check_true(expectedData[0].equals(oldLogin)); // nsILoginInfo.equals() + do_check_true(expectedData[1].equals(newLogin)); + break; + case "removeLogin": + do_check_true(subject instanceof Ci.nsILoginInfo); + do_check_true(subject instanceof Ci.nsILoginMetaInfo); + do_check_true(expectedData.equals(subject)); // nsILoginInfo.equals() + break; + case "removeAllLogins": + do_check_eq(subject, null); + break; + case "hostSavingEnabled": + case "hostSavingDisabled": + do_check_true(subject instanceof Ci.nsISupportsString); + do_check_eq(subject.data, expectedData); + break; + default: + do_throw("Unhandled notification: " + data + " / " + topic); + } + + expectedNotification = null; // ensure a duplicate is flagged as unexpected. + expectedData = null; + } +}; + +add_task(function test_notifications() +{ + +try { + +var testnum = 0; +var testdesc = "Setup of nsLoginInfo test-users"; + +var testuser1 = new LoginInfo("http://testhost1", "", null, + "dummydude", "itsasecret", "put_user_here", "put_pw_here"); + +var testuser2 = new LoginInfo("http://testhost2", "", null, + "dummydude2", "itsasecret2", "put_user2_here", "put_pw2_here"); + +Services.obs.addObserver(TestObserver, "passwordmgr-storage-changed", false); + + +/* ========== 1 ========== */ +testnum = 1; +testdesc = "Initial connection to storage module"; + +/* ========== 2 ========== */ +testnum++; +testdesc = "addLogin"; + +expectedNotification = "addLogin"; +expectedData = testuser1; +Services.logins.addLogin(testuser1); +LoginTestUtils.checkLogins([testuser1]); +do_check_eq(expectedNotification, null); // check that observer got a notification + +/* ========== 3 ========== */ +testnum++; +testdesc = "modifyLogin"; + +expectedNotification = "modifyLogin"; +expectedData = [testuser1, testuser2]; +Services.logins.modifyLogin(testuser1, testuser2); +do_check_eq(expectedNotification, null); +LoginTestUtils.checkLogins([testuser2]); + +/* ========== 4 ========== */ +testnum++; +testdesc = "removeLogin"; + +expectedNotification = "removeLogin"; +expectedData = testuser2; +Services.logins.removeLogin(testuser2); +do_check_eq(expectedNotification, null); +LoginTestUtils.checkLogins([]); + +/* ========== 5 ========== */ +testnum++; +testdesc = "removeAllLogins"; + +expectedNotification = "removeAllLogins"; +expectedData = null; +Services.logins.removeAllLogins(); +do_check_eq(expectedNotification, null); +LoginTestUtils.checkLogins([]); + +/* ========== 6 ========== */ +testnum++; +testdesc = "removeAllLogins (again)"; + +expectedNotification = "removeAllLogins"; +expectedData = null; +Services.logins.removeAllLogins(); +do_check_eq(expectedNotification, null); +LoginTestUtils.checkLogins([]); + +/* ========== 7 ========== */ +testnum++; +testdesc = "setLoginSavingEnabled / false"; + +expectedNotification = "hostSavingDisabled"; +expectedData = "http://site.com"; +Services.logins.setLoginSavingEnabled("http://site.com", false); +do_check_eq(expectedNotification, null); +LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + ["http://site.com"]); + +/* ========== 8 ========== */ +testnum++; +testdesc = "setLoginSavingEnabled / false (again)"; + +expectedNotification = "hostSavingDisabled"; +expectedData = "http://site.com"; +Services.logins.setLoginSavingEnabled("http://site.com", false); +do_check_eq(expectedNotification, null); +LoginTestUtils.assertDisabledHostsEqual(Services.logins.getAllDisabledHosts(), + ["http://site.com"]); + +/* ========== 9 ========== */ +testnum++; +testdesc = "setLoginSavingEnabled / true"; + +expectedNotification = "hostSavingEnabled"; +expectedData = "http://site.com"; +Services.logins.setLoginSavingEnabled("http://site.com", true); +do_check_eq(expectedNotification, null); +LoginTestUtils.checkLogins([]); + +/* ========== 10 ========== */ +testnum++; +testdesc = "setLoginSavingEnabled / true (again)"; + +expectedNotification = "hostSavingEnabled"; +expectedData = "http://site.com"; +Services.logins.setLoginSavingEnabled("http://site.com", true); +do_check_eq(expectedNotification, null); +LoginTestUtils.checkLogins([]); + +Services.obs.removeObserver(TestObserver, "passwordmgr-storage-changed"); + +LoginTestUtils.clearData(); + +} catch (e) { + throw new Error("FAILED in test #" + testnum + " -- " + testdesc + ": " + e); +} + +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_recipes_add.js b/toolkit/components/passwordmgr/test/unit/test_recipes_add.js new file mode 100644 index 000000000..ef5086c3b --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_recipes_add.js @@ -0,0 +1,177 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests adding and retrieving LoginRecipes in the parent process. + */ + +"use strict"; + +add_task(function* test_init() { + let parent = new LoginRecipesParent({ defaults: null }); + let initPromise1 = parent.initializationPromise; + let initPromise2 = parent.initializationPromise; + Assert.strictEqual(initPromise1, initPromise2, "Check that the same promise is returned"); + + let recipesParent = yield initPromise1; + Assert.ok(recipesParent instanceof LoginRecipesParent, "Check init return value"); + Assert.strictEqual(recipesParent._recipesByHost.size, 0, "Initially 0 recipes"); +}); + +add_task(function* test_get_missing_host() { + let recipesParent = yield RecipeHelpers.initNewParent(); + let exampleRecipes = recipesParent.getRecipesForHost("example.invalid"); + Assert.strictEqual(exampleRecipes.size, 0, "Check recipe count for example.invalid"); + +}); + +add_task(function* test_add_get_simple_host() { + let recipesParent = yield RecipeHelpers.initNewParent(); + Assert.strictEqual(recipesParent._recipesByHost.size, 0, "Initially 0 recipes"); + recipesParent.add({ + hosts: ["example.com"], + }); + Assert.strictEqual(recipesParent._recipesByHost.size, 1, + "Check number of hosts after the addition"); + + let exampleRecipes = recipesParent.getRecipesForHost("example.com"); + Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com"); + let recipe = [...exampleRecipes][0]; + Assert.strictEqual(typeof(recipe), "object", "Check recipe type"); + Assert.strictEqual(recipe.hosts.length, 1, "Check that one host is present"); + Assert.strictEqual(recipe.hosts[0], "example.com", "Check the one host"); +}); + +add_task(function* test_add_get_non_standard_port_host() { + let recipesParent = yield RecipeHelpers.initNewParent(); + recipesParent.add({ + hosts: ["example.com:8080"], + }); + Assert.strictEqual(recipesParent._recipesByHost.size, 1, + "Check number of hosts after the addition"); + + let exampleRecipes = recipesParent.getRecipesForHost("example.com:8080"); + Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com:8080"); + let recipe = [...exampleRecipes][0]; + Assert.strictEqual(typeof(recipe), "object", "Check recipe type"); + Assert.strictEqual(recipe.hosts.length, 1, "Check that one host is present"); + Assert.strictEqual(recipe.hosts[0], "example.com:8080", "Check the one host"); +}); + +add_task(function* test_add_multiple_hosts() { + let recipesParent = yield RecipeHelpers.initNewParent(); + recipesParent.add({ + hosts: ["example.com", "foo.invalid"], + }); + Assert.strictEqual(recipesParent._recipesByHost.size, 2, + "Check number of hosts after the addition"); + + let exampleRecipes = recipesParent.getRecipesForHost("example.com"); + Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com"); + let recipe = [...exampleRecipes][0]; + Assert.strictEqual(typeof(recipe), "object", "Check recipe type"); + Assert.strictEqual(recipe.hosts.length, 2, "Check that two hosts are present"); + Assert.strictEqual(recipe.hosts[0], "example.com", "Check the first host"); + Assert.strictEqual(recipe.hosts[1], "foo.invalid", "Check the second host"); + + let fooRecipes = recipesParent.getRecipesForHost("foo.invalid"); + Assert.strictEqual(fooRecipes.size, 1, "Check recipe count for foo.invalid"); + let fooRecipe = [...fooRecipes][0]; + Assert.strictEqual(fooRecipe, recipe, "Check that the recipe is shared"); + Assert.strictEqual(typeof(fooRecipe), "object", "Check recipe type"); + Assert.strictEqual(fooRecipe.hosts.length, 2, "Check that two hosts are present"); + Assert.strictEqual(fooRecipe.hosts[0], "example.com", "Check the first host"); + Assert.strictEqual(fooRecipe.hosts[1], "foo.invalid", "Check the second host"); +}); + +add_task(function* test_add_pathRegex() { + let recipesParent = yield RecipeHelpers.initNewParent(); + recipesParent.add({ + hosts: ["example.com"], + pathRegex: /^\/mypath\//, + }); + Assert.strictEqual(recipesParent._recipesByHost.size, 1, + "Check number of hosts after the addition"); + + let exampleRecipes = recipesParent.getRecipesForHost("example.com"); + Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com"); + let recipe = [...exampleRecipes][0]; + Assert.strictEqual(typeof(recipe), "object", "Check recipe type"); + Assert.strictEqual(recipe.hosts.length, 1, "Check that one host is present"); + Assert.strictEqual(recipe.hosts[0], "example.com", "Check the one host"); + Assert.strictEqual(recipe.pathRegex.toString(), "/^\\/mypath\\//", "Check the pathRegex"); +}); + +add_task(function* test_add_selectors() { + let recipesParent = yield RecipeHelpers.initNewParent(); + recipesParent.add({ + hosts: ["example.com"], + usernameSelector: "#my-username", + passwordSelector: "#my-form > input.password", + }); + Assert.strictEqual(recipesParent._recipesByHost.size, 1, + "Check number of hosts after the addition"); + + let exampleRecipes = recipesParent.getRecipesForHost("example.com"); + Assert.strictEqual(exampleRecipes.size, 1, "Check recipe count for example.com"); + let recipe = [...exampleRecipes][0]; + Assert.strictEqual(typeof(recipe), "object", "Check recipe type"); + Assert.strictEqual(recipe.hosts.length, 1, "Check that one host is present"); + Assert.strictEqual(recipe.hosts[0], "example.com", "Check the one host"); + Assert.strictEqual(recipe.usernameSelector, "#my-username", "Check the usernameSelector"); + Assert.strictEqual(recipe.passwordSelector, "#my-form > input.password", "Check the passwordSelector"); +}); + +/* Begin checking errors with add */ + +add_task(function* test_add_missing_prop() { + let recipesParent = yield RecipeHelpers.initNewParent(); + Assert.throws(() => recipesParent.add({}), /required/, "Some properties are required"); +}); + +add_task(function* test_add_unknown_prop() { + let recipesParent = yield RecipeHelpers.initNewParent(); + Assert.throws(() => recipesParent.add({ + unknownProp: true, + }), /supported/, "Unknown properties should cause an error to help with typos"); +}); + +add_task(function* test_add_invalid_hosts() { + let recipesParent = yield RecipeHelpers.initNewParent(); + Assert.throws(() => recipesParent.add({ + hosts: 404, + }), /array/, "hosts should be an array"); +}); + +add_task(function* test_add_empty_host_array() { + let recipesParent = yield RecipeHelpers.initNewParent(); + Assert.throws(() => recipesParent.add({ + hosts: [], + }), /array/, "hosts should be a non-empty array"); +}); + +add_task(function* test_add_pathRegex_non_regexp() { + let recipesParent = yield RecipeHelpers.initNewParent(); + Assert.throws(() => recipesParent.add({ + hosts: ["example.com"], + pathRegex: "foo", + }), /regular expression/, "pathRegex should be a RegExp"); +}); + +add_task(function* test_add_usernameSelector_non_string() { + let recipesParent = yield RecipeHelpers.initNewParent(); + Assert.throws(() => recipesParent.add({ + hosts: ["example.com"], + usernameSelector: 404, + }), /string/, "usernameSelector should be a string"); +}); + +add_task(function* test_add_passwordSelector_non_string() { + let recipesParent = yield RecipeHelpers.initNewParent(); + Assert.throws(() => recipesParent.add({ + hosts: ["example.com"], + passwordSelector: 404, + }), /string/, "passwordSelector should be a string"); +}); + +/* End checking errors with add */ diff --git a/toolkit/components/passwordmgr/test/unit/test_recipes_content.js b/toolkit/components/passwordmgr/test/unit/test_recipes_content.js new file mode 100644 index 000000000..3d3751452 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_recipes_content.js @@ -0,0 +1,39 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Test filtering recipes in LoginRecipesContent. + */ + +"use strict"; + +Cu.importGlobalProperties(["URL"]); + +add_task(function* test_getFieldOverrides() { + let recipes = new Set([ + { // path doesn't match but otherwise good + hosts: ["example.com:8080"], + passwordSelector: "#password", + pathRegex: /^\/$/, + usernameSelector: ".username", + }, + { // match with no field overrides + hosts: ["example.com:8080"], + }, + { // best match (field selectors + path match) + description: "best match", + hosts: ["a.invalid", "example.com:8080", "other.invalid"], + passwordSelector: "#password", + pathRegex: /^\/first\/second\/$/, + usernameSelector: ".username", + }, + ]); + + let form = MockDocument.createTestDocument("http://localhost:8080/first/second/", "<form>"). + forms[0]; + let override = LoginRecipesContent.getFieldOverrides(recipes, form); + Assert.strictEqual(override.description, "best match", + "Check the best field override recipe was returned"); + Assert.strictEqual(override.usernameSelector, ".username", "Check usernameSelector"); + Assert.strictEqual(override.passwordSelector, "#password", "Check passwordSelector"); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_removeLegacySignonFiles.js b/toolkit/components/passwordmgr/test/unit/test_removeLegacySignonFiles.js new file mode 100644 index 000000000..51a107170 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_removeLegacySignonFiles.js @@ -0,0 +1,69 @@ +/** + * Tests the LoginHelper object. + */ + +"use strict"; + + +Cu.import("resource://gre/modules/Task.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); + + +function* createSignonFile(singon) { + let {file, pref} = singon; + + if (pref) { + Services.prefs.setCharPref(pref, file); + } + + yield OS.File.writeAtomic( + OS.Path.join(OS.Constants.Path.profileDir, file), new Uint8Array(1)); +} + +function* isSignonClear(singon) { + const {file, pref} = singon; + const fileExists = yield OS.File.exists( + OS.Path.join(OS.Constants.Path.profileDir, file)); + + if (pref) { + try { + Services.prefs.getCharPref(pref); + return false; + } catch (e) {} + } + + return !fileExists; +} + +add_task(function* test_remove_lagecy_signonfile() { + // In the last test case, signons3.txt being deleted even when + // it doesn't exist. + const signonsSettings = [[ + { file: "signons.txt" }, + { file: "signons2.txt" }, + { file: "signons3.txt" } + ], [ + { file: "signons.txt", pref: "signon.SignonFileName" }, + { file: "signons2.txt", pref: "signon.SignonFileName2" }, + { file: "signons3.txt", pref: "signon.SignonFileName3" } + ], [ + { file: "signons2.txt" }, + { file: "singons.txt", pref: "signon.SignonFileName" }, + { file: "customized2.txt", pref: "signon.SignonFileName2" }, + { file: "customized3.txt", pref: "signon.SignonFileName3" } + ]]; + + for (let setting of signonsSettings) { + for (let singon of setting) { + yield createSignonFile(singon); + } + + LoginHelper.removeLegacySignonFiles(); + + for (let singon of setting) { + equal(yield isSignonClear(singon), true); + } + } +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_search_schemeUpgrades.js b/toolkit/components/passwordmgr/test/unit/test_search_schemeUpgrades.js new file mode 100644 index 000000000..3406becff --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_search_schemeUpgrades.js @@ -0,0 +1,184 @@ +/* + * Test Services.logins.searchLogins with the `schemeUpgrades` property. + */ + +const HTTP3_ORIGIN = "http://www3.example.com"; +const HTTPS_ORIGIN = "https://www.example.com"; +const HTTP_ORIGIN = "http://www.example.com"; + +/** + * Returns a list of new nsILoginInfo objects that are a subset of the test + * data, built to match the specified query. + * + * @param {Object} aQuery + * Each property and value of this object restricts the search to those + * entries from the test data that match the property exactly. + */ +function buildExpectedLogins(aQuery) { + return TestData.loginList().filter( + entry => Object.keys(aQuery).every(name => { + if (name == "schemeUpgrades") { + return true; + } + if (["hostname", "formSubmitURL"].includes(name)) { + return LoginHelper.isOriginMatching(entry[name], aQuery[name], { + schemeUpgrades: aQuery.schemeUpgrades, + }); + } + return entry[name] === aQuery[name]; + })); +} + +/** + * Tests the searchLogins function. + * + * @param {Object} aQuery + * Each property and value of this object is translated to an entry in + * the nsIPropertyBag parameter of searchLogins. + * @param {Number} aExpectedCount + * Number of logins from the test data that should be found. The actual + * list of logins is obtained using the buildExpectedLogins helper, and + * this value is just used to verify that modifications to the test data + * don't make the current test meaningless. + */ +function checkSearch(aQuery, aExpectedCount) { + do_print("Testing searchLogins for " + JSON.stringify(aQuery)); + + let expectedLogins = buildExpectedLogins(aQuery); + do_check_eq(expectedLogins.length, aExpectedCount); + + let outCount = {}; + let logins = Services.logins.searchLogins(outCount, newPropertyBag(aQuery)); + do_check_eq(outCount.value, expectedLogins.length); + LoginTestUtils.assertLoginListsEqual(logins, expectedLogins); +} + +/** + * Prepare data for the following tests. + */ +add_task(function test_initialize() { + for (let login of TestData.loginList()) { + Services.logins.addLogin(login); + } +}); + +/** + * Tests searchLogins with the `schemeUpgrades` property + */ +add_task(function test_search_schemeUpgrades_hostname() { + // Hostname-only + checkSearch({ + hostname: HTTPS_ORIGIN, + }, 1); + checkSearch({ + hostname: HTTPS_ORIGIN, + schemeUpgrades: false, + }, 1); + checkSearch({ + hostname: HTTPS_ORIGIN, + schemeUpgrades: undefined, + }, 1); + checkSearch({ + hostname: HTTPS_ORIGIN, + schemeUpgrades: true, + }, 2); +}); + +/** + * Same as above but replacing hostname with formSubmitURL. + */ +add_task(function test_search_schemeUpgrades_formSubmitURL() { + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + }, 2); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + schemeUpgrades: false, + }, 2); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + schemeUpgrades: undefined, + }, 2); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + schemeUpgrades: true, + }, 4); +}); + + +add_task(function test_search_schemeUpgrades_hostname_formSubmitURL() { + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTPS_ORIGIN, + }, 1); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTPS_ORIGIN, + schemeUpgrades: false, + }, 1); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTPS_ORIGIN, + schemeUpgrades: undefined, + }, 1); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTPS_ORIGIN, + schemeUpgrades: true, + }, 2); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTPS_ORIGIN, + schemeUpgrades: true, + usernameField: "form_field_username", + }, 2); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTPS_ORIGIN, + passwordField: "form_field_password", + schemeUpgrades: true, + usernameField: "form_field_username", + }, 2); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTPS_ORIGIN, + httpRealm: null, + passwordField: "form_field_password", + schemeUpgrades: true, + usernameField: "form_field_username", + }, 2); +}); + +/** + * HTTP submitting to HTTPS + */ +add_task(function test_http_to_https() { + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTP3_ORIGIN, + httpRealm: null, + schemeUpgrades: false, + }, 1); + checkSearch({ + formSubmitURL: HTTPS_ORIGIN, + hostname: HTTP3_ORIGIN, + httpRealm: null, + schemeUpgrades: true, + }, 2); +}); + +/** + * schemeUpgrades shouldn't cause downgrades + */ +add_task(function test_search_schemeUpgrades_downgrade() { + checkSearch({ + formSubmitURL: HTTP_ORIGIN, + hostname: HTTP_ORIGIN, + }, 1); + do_print("The same number should be found with schemeUpgrades since we're searching for HTTP"); + checkSearch({ + formSubmitURL: HTTP_ORIGIN, + hostname: HTTP_ORIGIN, + schemeUpgrades: true, + }, 1); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_storage.js b/toolkit/components/passwordmgr/test/unit/test_storage.js new file mode 100644 index 000000000..d65516d9b --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_storage.js @@ -0,0 +1,102 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests that the default nsILoginManagerStorage module attached to the Login + * Manager service is able to save and reload nsILoginInfo properties correctly, + * even when they include special characters. + */ + +"use strict"; + +// Globals + +function* reloadAndCheckLoginsGen(aExpectedLogins) +{ + yield LoginTestUtils.reloadData(); + LoginTestUtils.checkLogins(aExpectedLogins); + LoginTestUtils.clearData(); +} + +// Tests + +/** + * Tests addLogin with valid non-ASCII characters. + */ +add_task(function* test_storage_addLogin_nonascii() +{ + let hostname = "http://" + String.fromCharCode(355) + ".example.com"; + + // Store the strings "user" and "pass" using similarly looking glyphs. + let loginInfo = TestData.formLogin({ + hostname: hostname, + formSubmitURL: hostname, + username: String.fromCharCode(533, 537, 7570, 345), + password: String.fromCharCode(421, 259, 349, 537), + usernameField: "field_" + String.fromCharCode(533, 537, 7570, 345), + passwordField: "field_" + String.fromCharCode(421, 259, 349, 537), + }); + Services.logins.addLogin(loginInfo); + yield* reloadAndCheckLoginsGen([loginInfo]); + + // Store the string "test" using similarly looking glyphs. + loginInfo = TestData.authLogin({ + httpRealm: String.fromCharCode(355, 277, 349, 357), + }); + Services.logins.addLogin(loginInfo); + yield* reloadAndCheckLoginsGen([loginInfo]); +}); + +/** + * Tests addLogin with newline characters in the username and password. + */ +add_task(function* test_storage_addLogin_newlines() +{ + let loginInfo = TestData.formLogin({ + username: "user\r\nname", + password: "password\r\n", + }); + Services.logins.addLogin(loginInfo); + yield* reloadAndCheckLoginsGen([loginInfo]); +}); + +/** + * Tests addLogin with a single dot in fields where it is allowed. + * + * These tests exist to verify the legacy "signons.txt" storage format. + */ +add_task(function* test_storage_addLogin_dot() +{ + let loginInfo = TestData.formLogin({ hostname: ".", passwordField: "." }); + Services.logins.addLogin(loginInfo); + yield* reloadAndCheckLoginsGen([loginInfo]); + + loginInfo = TestData.authLogin({ httpRealm: "." }); + Services.logins.addLogin(loginInfo); + yield* reloadAndCheckLoginsGen([loginInfo]); +}); + +/** + * Tests addLogin with parentheses in hostnames. + * + * These tests exist to verify the legacy "signons.txt" storage format. + */ +add_task(function* test_storage_addLogin_parentheses() +{ + let loginList = [ + TestData.authLogin({ httpRealm: "(realm" }), + TestData.authLogin({ httpRealm: "realm)" }), + TestData.authLogin({ httpRealm: "(realm)" }), + TestData.authLogin({ httpRealm: ")realm(" }), + TestData.authLogin({ hostname: "http://parens(.example.com" }), + TestData.authLogin({ hostname: "http://parens).example.com" }), + TestData.authLogin({ hostname: "http://parens(example).example.com" }), + TestData.authLogin({ hostname: "http://parens)example(.example.com" }), + ]; + for (let loginInfo of loginList) { + Services.logins.addLogin(loginInfo); + } + yield* reloadAndCheckLoginsGen(loginList); +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_storage_mozStorage.js b/toolkit/components/passwordmgr/test/unit/test_storage_mozStorage.js new file mode 100644 index 000000000..8eab6efe5 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_storage_mozStorage.js @@ -0,0 +1,507 @@ +/* + * This test interfaces directly with the mozStorage password storage module, + * bypassing the normal password manager usage. + */ + + +const ENCTYPE_BASE64 = 0; +const ENCTYPE_SDR = 1; +const PERMISSION_SAVE_LOGINS = "login-saving"; + +// Current schema version used by storage-mozStorage.js. This will need to be +// kept in sync with the version there (or else the tests fail). +const CURRENT_SCHEMA = 6; + +function* copyFile(aLeafName) +{ + yield OS.File.copy(OS.Path.join(do_get_file("data").path, aLeafName), + OS.Path.join(OS.Constants.Path.profileDir, aLeafName)); +} + +function openDB(aLeafName) +{ + var dbFile = new FileUtils.File(OS.Constants.Path.profileDir); + dbFile.append(aLeafName); + + return Services.storage.openDatabase(dbFile); +} + +function deleteFile(pathname, filename) +{ + var file = new FileUtils.File(pathname); + file.append(filename); + + // Suppress failures, this happens in the mozstorage tests on Windows + // because the module may still be holding onto the DB. (We don't + // have a way to explicitly shutdown/GC the module). + try { + if (file.exists()) + file.remove(false); + } catch (e) {} +} + +function reloadStorage(aInputPathName, aInputFileName) +{ + var inputFile = null; + if (aInputFileName) { + inputFile = Cc["@mozilla.org/file/local;1"]. + createInstance(Ci.nsILocalFile); + inputFile.initWithPath(aInputPathName); + inputFile.append(aInputFileName); + } + + let storage = Cc["@mozilla.org/login-manager/storage/mozStorage;1"] + .createInstance(Ci.nsILoginManagerStorage); + storage.QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIVariant) + .initWithFile(inputFile); + + return storage; +} + +function checkStorageData(storage, ref_disabledHosts, ref_logins) +{ + LoginTestUtils.assertLoginListsEqual(storage.getAllLogins(), ref_logins); + LoginTestUtils.assertDisabledHostsEqual(getAllDisabledHostsFromPermissionManager(), + ref_disabledHosts); +} + +function getAllDisabledHostsFromPermissionManager() { + let disabledHosts = []; + let enumerator = Services.perms.enumerator; + + while (enumerator.hasMoreElements()) { + let perm = enumerator.getNext(); + if (perm.type == PERMISSION_SAVE_LOGINS && perm.capability == Services.perms.DENY_ACTION) { + disabledHosts.push(perm.principal.URI.prePath); + } + } + + return disabledHosts; +} + +function setLoginSavingEnabled(origin, enabled) { + let uri = Services.io.newURI(origin, null, null); + + if (enabled) { + Services.perms.remove(uri, PERMISSION_SAVE_LOGINS); + } else { + Services.perms.add(uri, PERMISSION_SAVE_LOGINS, Services.perms.DENY_ACTION); + } +} + +add_task(function* test_execute() +{ + +const OUTDIR = OS.Constants.Path.profileDir; + +try { + +var isGUID = /^\{[0-9a-f\d]{8}-[0-9a-f\d]{4}-[0-9a-f\d]{4}-[0-9a-f\d]{4}-[0-9a-f\d]{12}\}$/; +function getGUIDforID(conn, id) { + var stmt = conn.createStatement("SELECT guid from moz_logins WHERE id = " + id); + stmt.executeStep(); + var guid = stmt.getString(0); + stmt.finalize(); + return guid; +} + +function getEncTypeForID(conn, id) { + var stmt = conn.createStatement("SELECT encType from moz_logins WHERE id = " + id); + stmt.executeStep(); + var encType = stmt.row.encType; + stmt.finalize(); + return encType; +} + +function getAllDisabledHostsFromMozStorage(conn) { + let disabledHosts = []; + let stmt = conn.createStatement("SELECT hostname from moz_disabledHosts"); + + while (stmt.executeStep()) { + disabledHosts.push(stmt.row.hostname); + } + + return disabledHosts; +} + +var storage; +var dbConnection; +var testnum = 0; +var testdesc = "Setup of nsLoginInfo test-users"; +var nsLoginInfo = new Components.Constructor( + "@mozilla.org/login-manager/loginInfo;1", + Components.interfaces.nsILoginInfo); +do_check_true(nsLoginInfo != null); + +var testuser1 = new nsLoginInfo; +testuser1.init("http://test.com", "http://test.com", null, + "testuser1", "testpass1", "u1", "p1"); +var testuser1B = new nsLoginInfo; +testuser1B.init("http://test.com", "http://test.com", null, + "testuser1B", "testpass1B", "u1", "p1"); +var testuser2 = new nsLoginInfo; +testuser2.init("http://test.org", "http://test.org", null, + "testuser2", "testpass2", "u2", "p2"); +var testuser3 = new nsLoginInfo; +testuser3.init("http://test.gov", "http://test.gov", null, + "testuser3", "testpass3", "u3", "p3"); +var testuser4 = new nsLoginInfo; +testuser4.init("http://test.gov", "http://test.gov", null, + "testuser1", "testpass2", "u4", "p4"); +var testuser5 = new nsLoginInfo; +testuser5.init("http://test.gov", "http://test.gov", null, + "testuser2", "testpass1", "u5", "p5"); + + +/* ========== 1 ========== */ +testnum++; +testdesc = "Test downgrade from v999 storage"; + +yield* copyFile("signons-v999.sqlite"); +// Verify the schema version in the test file. +dbConnection = openDB("signons-v999.sqlite"); +do_check_eq(999, dbConnection.schemaVersion); +dbConnection.close(); + +storage = reloadStorage(OUTDIR, "signons-v999.sqlite"); +setLoginSavingEnabled("https://disabled.net", false); +checkStorageData(storage, ["https://disabled.net"], [testuser1]); + +// Check to make sure we downgraded the schema version. +dbConnection = openDB("signons-v999.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); +dbConnection.close(); + +deleteFile(OUTDIR, "signons-v999.sqlite"); + +/* ========== 2 ========== */ +testnum++; +testdesc = "Test downgrade from incompat v999 storage"; +// This file has a testuser999/testpass999, but is missing an expected column + +var origFile = OS.Path.join(OUTDIR, "signons-v999-2.sqlite"); +var failFile = OS.Path.join(OUTDIR, "signons-v999-2.sqlite.corrupt"); + +// Make sure we always start clean in a clean state. +yield* copyFile("signons-v999-2.sqlite"); +yield OS.File.remove(failFile); + +Assert.throws(() => reloadStorage(OUTDIR, "signons-v999-2.sqlite"), + /Initialization failed/); + +// Check to ensure the DB file was renamed to .corrupt. +do_check_false(yield OS.File.exists(origFile)); +do_check_true(yield OS.File.exists(failFile)); + +yield OS.File.remove(failFile); + +/* ========== 3 ========== */ +testnum++; +testdesc = "Test upgrade from v1->v2 storage"; + +yield* copyFile("signons-v1.sqlite"); +// Sanity check the test file. +dbConnection = openDB("signons-v1.sqlite"); +do_check_eq(1, dbConnection.schemaVersion); +dbConnection.close(); + +storage = reloadStorage(OUTDIR, "signons-v1.sqlite"); +checkStorageData(storage, ["https://disabled.net"], [testuser1, testuser2]); + +// Check to see that we added a GUIDs to the logins. +dbConnection = openDB("signons-v1.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); +var guid = getGUIDforID(dbConnection, 1); +do_check_true(isGUID.test(guid)); +guid = getGUIDforID(dbConnection, 2); +do_check_true(isGUID.test(guid)); +dbConnection.close(); + +deleteFile(OUTDIR, "signons-v1.sqlite"); + +/* ========== 4 ========== */ +testnum++; +testdesc = "Test upgrade v2->v1 storage"; +// This is the case where a v2 DB has been accessed with v1 code, and now we +// are upgrading it again. Any logins added by the v1 code must be properly +// upgraded. + +yield* copyFile("signons-v1v2.sqlite"); +// Sanity check the test file. +dbConnection = openDB("signons-v1v2.sqlite"); +do_check_eq(1, dbConnection.schemaVersion); +dbConnection.close(); + +storage = reloadStorage(OUTDIR, "signons-v1v2.sqlite"); +checkStorageData(storage, ["https://disabled.net"], [testuser1, testuser2, testuser3]); + +// While we're here, try modifying a login, to ensure that doing so doesn't +// change the existing GUID. +storage.modifyLogin(testuser1, testuser1B); +checkStorageData(storage, ["https://disabled.net"], [testuser1B, testuser2, testuser3]); + +// Check the GUIDs. Logins 1 and 2 should retain their original GUID, login 3 +// should have one created (because it didn't have one previously). +dbConnection = openDB("signons-v1v2.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); +guid = getGUIDforID(dbConnection, 1); +do_check_eq("{655c7358-f1d6-6446-adab-53f98ac5d80f}", guid); +guid = getGUIDforID(dbConnection, 2); +do_check_eq("{13d9bfdc-572a-4d4e-9436-68e9803e84c1}", guid); +guid = getGUIDforID(dbConnection, 3); +do_check_true(isGUID.test(guid)); +dbConnection.close(); + +deleteFile(OUTDIR, "signons-v1v2.sqlite"); + +/* ========== 5 ========== */ +testnum++; +testdesc = "Test upgrade from v2->v3 storage"; + +yield* copyFile("signons-v2.sqlite"); +// Sanity check the test file. +dbConnection = openDB("signons-v2.sqlite"); +do_check_eq(2, dbConnection.schemaVersion); + +storage = reloadStorage(OUTDIR, "signons-v2.sqlite"); + +// Check to see that we added the correct encType to the logins. +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); +var encTypes = [ENCTYPE_BASE64, ENCTYPE_SDR, ENCTYPE_BASE64, ENCTYPE_BASE64]; +for (let i = 0; i < encTypes.length; i++) + do_check_eq(encTypes[i], getEncTypeForID(dbConnection, i + 1)); +dbConnection.close(); + +// There are 4 logins, but 3 will be invalid because we can no longer decrypt +// base64-encoded items. (testuser1/4/5) +checkStorageData(storage, ["https://disabled.net"], + [testuser2]); + +deleteFile(OUTDIR, "signons-v2.sqlite"); + +/* ========== 6 ========== */ +testnum++; +testdesc = "Test upgrade v3->v2 storage"; +// This is the case where a v3 DB has been accessed with v2 code, and now we +// are upgrading it again. Any logins added by the v2 code must be properly +// upgraded. + +yield* copyFile("signons-v2v3.sqlite"); +// Sanity check the test file. +dbConnection = openDB("signons-v2v3.sqlite"); +do_check_eq(2, dbConnection.schemaVersion); +encTypes = [ENCTYPE_BASE64, ENCTYPE_SDR, ENCTYPE_BASE64, ENCTYPE_BASE64, null]; +for (let i = 0; i < encTypes.length; i++) + do_check_eq(encTypes[i], getEncTypeForID(dbConnection, i + 1)); + +// Reload storage, check that the new login now has encType=1, others untouched +storage = reloadStorage(OUTDIR, "signons-v2v3.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); + +encTypes = [ENCTYPE_BASE64, ENCTYPE_SDR, ENCTYPE_BASE64, ENCTYPE_BASE64, ENCTYPE_SDR]; +for (let i = 0; i < encTypes.length; i++) + do_check_eq(encTypes[i], getEncTypeForID(dbConnection, i + 1)); + +// Sanity check that the data gets migrated +// There are 5 logins, but 3 will be invalid because we can no longer decrypt +// base64-encoded items. (testuser1/4/5). We no longer reencrypt with SDR. +checkStorageData(storage, ["https://disabled.net"], [testuser2, testuser3]); +encTypes = [ENCTYPE_BASE64, ENCTYPE_SDR, ENCTYPE_BASE64, ENCTYPE_BASE64, ENCTYPE_SDR]; +for (let i = 0; i < encTypes.length; i++) + do_check_eq(encTypes[i], getEncTypeForID(dbConnection, i + 1)); +dbConnection.close(); + +deleteFile(OUTDIR, "signons-v2v3.sqlite"); + + +/* ========== 7 ========== */ +testnum++; +testdesc = "Test upgrade from v3->v4 storage"; + +yield* copyFile("signons-v3.sqlite"); +// Sanity check the test file. +dbConnection = openDB("signons-v3.sqlite"); +do_check_eq(3, dbConnection.schemaVersion); + +storage = reloadStorage(OUTDIR, "signons-v3.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); + +// Remove old entry from permission manager. +setLoginSavingEnabled("https://disabled.net", true); + +// Check that timestamps and counts were initialized correctly +checkStorageData(storage, [], [testuser1, testuser2]); + +var logins = storage.getAllLogins(); +for (var i = 0; i < 2; i++) { + do_check_true(logins[i] instanceof Ci.nsILoginMetaInfo); + do_check_eq(1, logins[i].timesUsed); + LoginTestUtils.assertTimeIsAboutNow(logins[i].timeCreated); + LoginTestUtils.assertTimeIsAboutNow(logins[i].timeLastUsed); + LoginTestUtils.assertTimeIsAboutNow(logins[i].timePasswordChanged); +} + +/* ========== 8 ========== */ +testnum++; +testdesc = "Test upgrade from v3->v4->v3 storage"; + +yield* copyFile("signons-v3v4.sqlite"); +// Sanity check the test file. +dbConnection = openDB("signons-v3v4.sqlite"); +do_check_eq(3, dbConnection.schemaVersion); + +storage = reloadStorage(OUTDIR, "signons-v3v4.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); + +// testuser1 already has timestamps, testuser2 does not. +checkStorageData(storage, [], [testuser1, testuser2]); + +logins = storage.getAllLogins(); + +var t1, t2; +if (logins[0].username == "testuser1") { + t1 = logins[0]; + t2 = logins[1]; +} else { + t1 = logins[1]; + t2 = logins[0]; +} + +do_check_true(t1 instanceof Ci.nsILoginMetaInfo); +do_check_true(t2 instanceof Ci.nsILoginMetaInfo); + +do_check_eq(9, t1.timesUsed); +do_check_eq(1262049951275, t1.timeCreated); +do_check_eq(1262049951275, t1.timeLastUsed); +do_check_eq(1262049951275, t1.timePasswordChanged); + +do_check_eq(1, t2.timesUsed); +LoginTestUtils.assertTimeIsAboutNow(t2.timeCreated); +LoginTestUtils.assertTimeIsAboutNow(t2.timeLastUsed); +LoginTestUtils.assertTimeIsAboutNow(t2.timePasswordChanged); + + +/* ========== 9 ========== */ +testnum++; +testdesc = "Test upgrade from v4 storage"; + +yield* copyFile("signons-v4.sqlite"); +// Sanity check the test file. +dbConnection = openDB("signons-v4.sqlite"); +do_check_eq(4, dbConnection.schemaVersion); +do_check_false(dbConnection.tableExists("moz_deleted_logins")); + +storage = reloadStorage(OUTDIR, "signons-v4.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); +do_check_true(dbConnection.tableExists("moz_deleted_logins")); + + +/* ========== 10 ========== */ +testnum++; +testdesc = "Test upgrade from v4->v5->v4 storage"; + +yield copyFile("signons-v4v5.sqlite"); +// Sanity check the test file. +dbConnection = openDB("signons-v4v5.sqlite"); +do_check_eq(4, dbConnection.schemaVersion); +do_check_true(dbConnection.tableExists("moz_deleted_logins")); + +storage = reloadStorage(OUTDIR, "signons-v4v5.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); +do_check_true(dbConnection.tableExists("moz_deleted_logins")); + +/* ========== 11 ========== */ +testnum++; +testdesc = "Test upgrade from v5->v6 storage"; + +yield* copyFile("signons-v5v6.sqlite"); + +// Sanity check the test file. +dbConnection = openDB("signons-v5v6.sqlite"); +do_check_eq(5, dbConnection.schemaVersion); +do_check_true(dbConnection.tableExists("moz_disabledHosts")); + +// Initial disabled hosts inside signons-v5v6.sqlite +var disabledHosts = [ + "http://disabled1.example.com", + "http://大.net", + "http://xn--19g.com" +]; + +LoginTestUtils.assertDisabledHostsEqual(disabledHosts, getAllDisabledHostsFromMozStorage(dbConnection)); + +// Reload storage +storage = reloadStorage(OUTDIR, "signons-v5v6.sqlite"); +do_check_eq(CURRENT_SCHEMA, dbConnection.schemaVersion); + +// moz_disabledHosts should now be empty after migration. +LoginTestUtils.assertDisabledHostsEqual([], getAllDisabledHostsFromMozStorage(dbConnection)); + +// Get all the other hosts currently saved in the permission manager. +let hostsInPermissionManager = getAllDisabledHostsFromPermissionManager(); + +// All disabledHosts should have migrated to the permission manager +LoginTestUtils.assertDisabledHostsEqual(disabledHosts, hostsInPermissionManager); + +// Remove all disabled hosts from the permission manager before test ends +for (let host of disabledHosts) { + setLoginSavingEnabled(host, true); +} + +/* ========== 12 ========== */ +testnum++; +testdesc = "Create nsILoginInfo instances for testing with"; + +testuser1 = new nsLoginInfo; +testuser1.init("http://dummyhost.mozilla.org", "", null, + "dummydude", "itsasecret", "put_user_here", "put_pw_here"); + + +/* + * ---------------------- DB Corruption ---------------------- + * Try to initialize with a corrupt database file. This should create a backup + * file, then upon next use create a new database file. + */ + +/* ========== 13 ========== */ +testnum++; +testdesc = "Corrupt database and backup"; + +const filename = "signons-c.sqlite"; +const filepath = OS.Path.join(OS.Constants.Path.profileDir, filename); + +yield OS.File.copy(do_get_file("data/corruptDB.sqlite").path, filepath); + +// will init mozStorage module with corrupt database, init should fail +Assert.throws( + () => reloadStorage(OS.Constants.Path.profileDir, filename), + /Initialization failed/); + +// check that the backup file exists +do_check_true(yield OS.File.exists(filepath + ".corrupt")); + +// check that the original corrupt file has been deleted +do_check_false(yield OS.File.exists(filepath)); + +// initialize the storage module again +storage = reloadStorage(OS.Constants.Path.profileDir, filename); + +// use the storage module again, should work now +storage.addLogin(testuser1); +checkStorageData(storage, [], [testuser1]); + +// check the file exists +var file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsILocalFile); +file.initWithPath(OS.Constants.Path.profileDir); +file.append(filename); +do_check_true(file.exists()); + +deleteFile(OS.Constants.Path.profileDir, filename + ".corrupt"); +deleteFile(OS.Constants.Path.profileDir, filename); + +} catch (e) { + throw new Error("FAILED in test #" + testnum + " -- " + testdesc + ": " + e); +} + +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_telemetry.js b/toolkit/components/passwordmgr/test/unit/test_telemetry.js new file mode 100644 index 000000000..1d8f80226 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_telemetry.js @@ -0,0 +1,187 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Tests the statistics and other counters reported through telemetry. + */ + +"use strict"; + +// Globals + +const MS_PER_DAY = 24 * 60 * 60 * 1000; + +// To prevent intermittent failures when the test is executed at a time that is +// very close to a day boundary, we make it deterministic by using a static +// reference date for all the time-based statistics. +const gReferenceTimeMs = new Date("2000-01-01T00:00:00").getTime(); + +// Returns a milliseconds value to use with nsILoginMetaInfo properties, falling +// approximately in the middle of the specified number of days before the +// reference time, where zero days indicates a time within the past 24 hours. +var daysBeforeMs = days => gReferenceTimeMs - (days + 0.5) * MS_PER_DAY; + +/** + * Contains metadata that will be attached to test logins in order to verify + * that the statistics collection is working properly. Most properties of the + * logins are initialized to the default test values already. + * + * If you update this data or any of the telemetry histograms it checks, you'll + * probably need to update the expected statistics in the test below. + */ +const StatisticsTestData = [ + { + timeLastUsed: daysBeforeMs(0), + }, + { + timeLastUsed: daysBeforeMs(1), + }, + { + timeLastUsed: daysBeforeMs(7), + formSubmitURL: null, + httpRealm: "The HTTP Realm", + }, + { + username: "", + timeLastUsed: daysBeforeMs(7), + }, + { + username: "", + timeLastUsed: daysBeforeMs(30), + }, + { + username: "", + timeLastUsed: daysBeforeMs(31), + }, + { + timeLastUsed: daysBeforeMs(365), + }, + { + username: "", + timeLastUsed: daysBeforeMs(366), + }, + { + // If the login was saved in the future, it is ignored for statistiscs. + timeLastUsed: daysBeforeMs(-1), + }, + { + timeLastUsed: daysBeforeMs(1000), + }, +]; + +/** + * Triggers the collection of those statistics that are not accumulated each + * time an action is taken, but are a static snapshot of the current state. + */ +function triggerStatisticsCollection() { + Services.obs.notifyObservers(null, "gather-telemetry", "" + gReferenceTimeMs); +} + +/** + * Tests the telemetry histogram with the given ID contains only the specified + * non-zero ranges, expressed in the format { range1: value1, range2: value2 }. + */ +function testHistogram(histogramId, expectedNonZeroRanges) { + let snapshot = Services.telemetry.getHistogramById(histogramId).snapshot(); + + // Compute the actual ranges in the format { range1: value1, range2: value2 }. + let actualNonZeroRanges = {}; + for (let [index, range] of snapshot.ranges.entries()) { + let value = snapshot.counts[index]; + if (value > 0) { + actualNonZeroRanges[range] = value; + } + } + + // These are stringified to visualize the differences between the values. + do_print("Testing histogram: " + histogramId); + do_check_eq(JSON.stringify(actualNonZeroRanges), + JSON.stringify(expectedNonZeroRanges)); +} + +// Tests + +/** + * Enable local telemetry recording for the duration of the tests, and prepare + * the test data that will be used by the following tests. + */ +add_task(function test_initialize() { + let oldCanRecord = Services.telemetry.canRecordExtended; + Services.telemetry.canRecordExtended = true; + do_register_cleanup(function () { + Services.telemetry.canRecordExtended = oldCanRecord; + }); + + let uniqueNumber = 1; + for (let loginModifications of StatisticsTestData) { + loginModifications.hostname = `http://${uniqueNumber++}.example.com`; + Services.logins.addLogin(TestData.formLogin(loginModifications)); + } +}); + +/** + * Tests the collection of statistics related to login metadata. + */ +add_task(function test_logins_statistics() { + // Repeat the operation twice to test that histograms are not accumulated. + for (let repeating of [false, true]) { + triggerStatisticsCollection(); + + // Should record 1 in the bucket corresponding to the number of passwords. + testHistogram("PWMGR_NUM_SAVED_PASSWORDS", + { 10: 1 }); + + // Should record 1 in the bucket corresponding to the number of passwords. + testHistogram("PWMGR_NUM_HTTPAUTH_PASSWORDS", + { 1: 1 }); + + // For each saved login, should record 1 in the bucket corresponding to the + // age in days since the login was last used. + testHistogram("PWMGR_LOGIN_LAST_USED_DAYS", + { 0: 1, 1: 1, 7: 2, 29: 2, 356: 2, 750: 1 }); + + // Should record the number of logins without a username in bucket 0, and + // the number of logins with a username in bucket 1. + testHistogram("PWMGR_USERNAME_PRESENT", + { 0: 4, 1: 6 }); + } +}); + +/** + * Tests the collection of statistics related to hosts for which passowrd saving + * has been explicitly disabled. + */ +add_task(function test_disabledHosts_statistics() { + // Should record 1 in the bucket corresponding to the number of sites for + // which password saving is disabled. + Services.logins.setLoginSavingEnabled("http://www.example.com", false); + triggerStatisticsCollection(); + testHistogram("PWMGR_BLOCKLIST_NUM_SITES", { 1: 1 }); + + Services.logins.setLoginSavingEnabled("http://www.example.com", true); + triggerStatisticsCollection(); + testHistogram("PWMGR_BLOCKLIST_NUM_SITES", { 0: 1 }); +}); + +/** + * Tests the collection of statistics related to general settings. + */ +add_task(function test_settings_statistics() { + let oldRememberSignons = Services.prefs.getBoolPref("signon.rememberSignons"); + do_register_cleanup(function () { + Services.prefs.setBoolPref("signon.rememberSignons", oldRememberSignons); + }); + + // Repeat the operation twice per value to test that histograms are reset. + for (let remember of [false, true, false, true]) { + // This change should be observed immediately by the login service. + Services.prefs.setBoolPref("signon.rememberSignons", remember); + + triggerStatisticsCollection(); + + // Should record 1 in either bucket 0 or bucket 1 based on the preference. + testHistogram("PWMGR_SAVING_ENABLED", remember ? { 1: 1 } : { 0: 1 }); + } +}); diff --git a/toolkit/components/passwordmgr/test/unit/test_user_autocomplete_result.js b/toolkit/components/passwordmgr/test/unit/test_user_autocomplete_result.js new file mode 100644 index 000000000..e1d250a76 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/test_user_autocomplete_result.js @@ -0,0 +1,488 @@ +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); +Cu.import("resource://gre/modules/LoginManagerContent.jsm"); +var nsLoginInfo = Components.Constructor("@mozilla.org/login-manager/loginInfo;1", + Ci.nsILoginInfo, "init"); + +const PREF_INSECURE_FIELD_WARNING_ENABLED = "security.insecure_field_warning.contextual.enabled"; +const PREF_INSECURE_AUTOFILLFORMS_ENABLED = "signon.autofillForms.http"; + +let matchingLogins = []; +matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "", "emptypass1", "uname", "pword")); + +matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "tempuser1", "temppass1", "uname", "pword")); + +matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "testuser2", "testpass2", "uname", "pword")); + +matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "testuser3", "testpass3", "uname", "pword")); + +matchingLogins.push(new nsLoginInfo("http://mochi.test:8888", "http://autocomplete:8888", null, + "zzzuser4", "zzzpass4", "uname", "pword")); + +let meta = matchingLogins[0].QueryInterface(Ci.nsILoginMetaInfo); +let dateAndTimeFormatter = new Intl.DateTimeFormat(undefined, + { day: "numeric", month: "short", year: "numeric" }); +let time = dateAndTimeFormatter.format(new Date(meta.timePasswordChanged)); +const LABEL_NO_USERNAME = "No username (" + time + ")"; + +let expectedResults = [ + { + insecureFieldWarningEnabled: true, + insecureAutoFillFormsEnabled: true, + isSecure: true, + isPasswordField: false, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "tempuser1", + label: "tempuser1", + style: "login", + }, { + value: "testuser2", + label: "testuser2", + style: "login", + }, { + value: "testuser3", + label: "testuser3", + style: "login", + }, { + value: "zzzuser4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: true, + insecureAutoFillFormsEnabled: true, + isSecure: false, + isPasswordField: false, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: "This connection is not secure. Logins entered here could be compromised. Learn More", + style: "insecureWarning" + }, { + value: "", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "tempuser1", + label: "tempuser1", + style: "login", + }, { + value: "testuser2", + label: "testuser2", + style: "login", + }, { + value: "testuser3", + label: "testuser3", + style: "login", + }, { + value: "zzzuser4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: true, + insecureAutoFillFormsEnabled: true, + isSecure: true, + isPasswordField: true, + matchingLogins: matchingLogins, + items: [{ + value: "emptypass1", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "temppass1", + label: "tempuser1", + style: "login", + }, { + value: "testpass2", + label: "testuser2", + style: "login", + }, { + value: "testpass3", + label: "testuser3", + style: "login", + }, { + value: "zzzpass4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: true, + insecureAutoFillFormsEnabled: true, + isSecure: false, + isPasswordField: true, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: "This connection is not secure. Logins entered here could be compromised. Learn More", + style: "insecureWarning" + }, { + value: "emptypass1", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "temppass1", + label: "tempuser1", + style: "login", + }, { + value: "testpass2", + label: "testuser2", + style: "login", + }, { + value: "testpass3", + label: "testuser3", + style: "login", + }, { + value: "zzzpass4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: false, + insecureAutoFillFormsEnabled: true, + isSecure: true, + isPasswordField: false, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "tempuser1", + label: "tempuser1", + style: "login", + }, { + value: "testuser2", + label: "testuser2", + style: "login", + }, { + value: "testuser3", + label: "testuser3", + style: "login", + }, { + value: "zzzuser4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: false, + insecureAutoFillFormsEnabled: true, + isSecure: false, + isPasswordField: false, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "tempuser1", + label: "tempuser1", + style: "login", + }, { + value: "testuser2", + label: "testuser2", + style: "login", + }, { + value: "testuser3", + label: "testuser3", + style: "login", + }, { + value: "zzzuser4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: false, + insecureAutoFillFormsEnabled: true, + isSecure: true, + isPasswordField: true, + matchingLogins: matchingLogins, + items: [{ + value: "emptypass1", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "temppass1", + label: "tempuser1", + style: "login", + }, { + value: "testpass2", + label: "testuser2", + style: "login", + }, { + value: "testpass3", + label: "testuser3", + style: "login", + }, { + value: "zzzpass4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: false, + insecureAutoFillFormsEnabled: true, + isSecure: false, + isPasswordField: true, + matchingLogins: matchingLogins, + items: [{ + value: "emptypass1", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "temppass1", + label: "tempuser1", + style: "login", + }, { + value: "testpass2", + label: "testuser2", + style: "login", + }, { + value: "testpass3", + label: "testuser3", + style: "login", + }, { + value: "zzzpass4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: true, + insecureAutoFillFormsEnabled: false, + isSecure: true, + isPasswordField: false, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "tempuser1", + label: "tempuser1", + style: "login", + }, { + value: "testuser2", + label: "testuser2", + style: "login", + }, { + value: "testuser3", + label: "testuser3", + style: "login", + }, { + value: "zzzuser4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: true, + insecureAutoFillFormsEnabled: false, + isSecure: false, + isPasswordField: false, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: "This connection is not secure. Logins entered here could be compromised. Learn More", + style: "insecureWarning" + }, { + value: "", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "tempuser1", + label: "tempuser1", + style: "login", + }, { + value: "testuser2", + label: "testuser2", + style: "login", + }, { + value: "testuser3", + label: "testuser3", + style: "login", + }, { + value: "zzzuser4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: true, + insecureAutoFillFormsEnabled: false, + isSecure: true, + isPasswordField: true, + matchingLogins: matchingLogins, + items: [{ + value: "emptypass1", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "temppass1", + label: "tempuser1", + style: "login", + }, { + value: "testpass2", + label: "testuser2", + style: "login", + }, { + value: "testpass3", + label: "testuser3", + style: "login", + }, { + value: "zzzpass4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: true, + insecureAutoFillFormsEnabled: false, + isSecure: false, + isPasswordField: true, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: "This connection is not secure. Logins entered here could be compromised. Learn More", + style: "insecureWarning" + }, { + value: "emptypass1", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "temppass1", + label: "tempuser1", + style: "login", + }, { + value: "testpass2", + label: "testuser2", + style: "login", + }, { + value: "testpass3", + label: "testuser3", + style: "login", + }, { + value: "zzzpass4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: false, + insecureAutoFillFormsEnabled: false, + isSecure: true, + isPasswordField: false, + matchingLogins: matchingLogins, + items: [{ + value: "", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "tempuser1", + label: "tempuser1", + style: "login", + }, { + value: "testuser2", + label: "testuser2", + style: "login", + }, { + value: "testuser3", + label: "testuser3", + style: "login", + }, { + value: "zzzuser4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: false, + insecureAutoFillFormsEnabled: false, + isSecure: false, + isPasswordField: false, + matchingLogins: matchingLogins, + items: [] + }, + { + insecureFieldWarningEnabled: false, + insecureAutoFillFormsEnabled: false, + isSecure: true, + isPasswordField: true, + matchingLogins: matchingLogins, + items: [{ + value: "emptypass1", + label: LABEL_NO_USERNAME, + style: "login", + }, { + value: "temppass1", + label: "tempuser1", + style: "login", + }, { + value: "testpass2", + label: "testuser2", + style: "login", + }, { + value: "testpass3", + label: "testuser3", + style: "login", + }, { + value: "zzzpass4", + label: "zzzuser4", + style: "login", + }] + }, + { + insecureFieldWarningEnabled: false, + insecureAutoFillFormsEnabled: false, + isSecure: false, + isPasswordField: true, + matchingLogins: matchingLogins, + items: [] + }, +]; + +add_task(function* test_all_patterns() { + LoginHelper.createLogger("UserAutoCompleteResult"); + expectedResults.forEach(pattern => { + Services.prefs.setBoolPref(PREF_INSECURE_FIELD_WARNING_ENABLED, + pattern.insecureFieldWarningEnabled); + Services.prefs.setBoolPref(PREF_INSECURE_AUTOFILLFORMS_ENABLED, + pattern.insecureAutoFillFormsEnabled); + let actual = new UserAutoCompleteResult("", pattern.matchingLogins, + { + isSecure: pattern.isSecure, + isPasswordField: pattern.isPasswordField + }); + pattern.items.forEach((item, index) => { + equal(actual.getValueAt(index), item.value); + equal(actual.getLabelAt(index), item.label); + equal(actual.getStyleAt(index), item.style); + }); + + if (pattern.items.length != 0) { + Assert.throws(() => actual.getValueAt(pattern.items.length), + /Index out of range\./); + + Assert.throws(() => actual.getLabelAt(pattern.items.length), + /Index out of range\./); + + Assert.throws(() => actual.removeValueAt(pattern.items.length, true), + /Index out of range\./); + } + }); +}); diff --git a/toolkit/components/passwordmgr/test/unit/xpcshell.ini b/toolkit/components/passwordmgr/test/unit/xpcshell.ini new file mode 100644 index 000000000..8f8c92a28 --- /dev/null +++ b/toolkit/components/passwordmgr/test/unit/xpcshell.ini @@ -0,0 +1,46 @@ +[DEFAULT] +head = head.js +tail = +support-files = data/** + +# Test JSON file access and import from SQLite, not applicable to Android. +[test_module_LoginImport.js] +skip-if = os == "android" +[test_module_LoginStore.js] +skip-if = os == "android" +[test_removeLegacySignonFiles.js] +skip-if = os == "android" + +# Test SQLite database backup and migration, applicable to Android only. +[test_storage_mozStorage.js] +skip-if = true || os != "android" # Bug 1171687: Needs fixing on Android + +# The following tests apply to any storage back-end. +[test_context_menu.js] +skip-if = os == "android" # The context menu isn't used on Android. +# LoginManagerContextMenu is only included for MOZ_BUILD_APP == 'browser'. +run-if = buildapp == "browser" +[test_dedupeLogins.js] +[test_disabled_hosts.js] +[test_getFormFields.js] +[test_getPasswordFields.js] +[test_getPasswordOrigin.js] +[test_isOriginMatching.js] +[test_legacy_empty_formSubmitURL.js] +[test_legacy_validation.js] +[test_logins_change.js] +[test_logins_decrypt_failure.js] +skip-if = os == "android" # Bug 1171687: Needs fixing on Android +[test_user_autocomplete_result.js] +skip-if = os == "android" +[test_logins_metainfo.js] +[test_logins_search.js] +[test_maybeImportLogin.js] +[test_notifications.js] +[test_OSCrypto_win.js] +skip-if = os != "win" +[test_recipes_add.js] +[test_recipes_content.js] +[test_search_schemeUpgrades.js] +[test_storage.js] +[test_telemetry.js] |