1,457
edits
QA/Firefox3.5/XHR TestPlan: Difference between revisions
m
QA/Firefox3.1/XHR TestPlan moved to QA/Firefox3.5/XHR TestPlan
Samuelsidler (talk | contribs) m (QA/Firefox3.1/XHR TestPlan moved to QA/Firefox3.5/XHR TestPlan) |
|||
| (32 intermediate revisions by 2 users not shown) | |||
| Line 25: | Line 25: | ||
** Ensure the access control check is properly followed (tests that error out at each stage) Section 5.2 | ** Ensure the access control check is properly followed (tests that error out at each stage) Section 5.2 | ||
== Test | |||
* | == Test Cases == | ||
* | * {{done|Test various values of origin}} | ||
* | * {{done|Ensure preflight req gets fired when try a REQ that is not GET or POST}} | ||
* | * {{done|Ensure prelight req gets fired when REQ with header not in whitelist}} | ||
* | * {{done|Ensure that in a situation where preflight is forced to be true (due to update progress listeners) we still do that even though everything else about our REQ is simple XSS}} | ||
* is | * {{done|test error handling when we get a XSS REQ and get a header not in RESP header whitelist - ensure both looking for specific header and looking for all headers doesn't display the header}} | ||
* Test redirects: | * {{done|attempt to fake the origin on the REQ}} | ||
** force new URL scheme to some unsupported scheme --> network error | * {{done|redirects (see redirect cases below)}} | ||
** force infinite loop to occur --> network error | * {{done|Ensure no trusted data ever exposed of the resource}} | ||
** force disconnect or invalid response --> network error | * {{done|test expiration of a access-control-max-age header from a result cache}} | ||
** if REQ URL contains the userinfo production (user name and password in URL) -> network error | * {{done|test with access-control-allow-credentials as both true and false}} | ||
** REQ URL | * {{done|use access-control-allow-methods to ensure only specified methods work}} | ||
* {{done|do the same with *-headers.}} | |||
* {{done|test correct request with an origin from evil.com and see if the specification blocks the request (isn't that part of the server code and outside our control?)}} | |||
*{{done|test access-control-request-method/-header to ensure that non-allowed method/headers are blocked from the actual request as part of the pre-flight}} | |||
* {{todo|XMLHttpRequest::getResponseHeader() does not have access to the Cookie2 header and other headers not on Response Header whitelist}} | |||
* {{done|Attempt to set a cookie on the REQ}} | |||
* {{done|Ensure we have a test for a proper access-control-allow-origin header}} | |||
* {{done|Can we simply create a testcase where we attempt a REQ without an origin?}} | |||
=== Simple XSS XHR === | |||
* {{done|preflight false, REQ method GET && headers in whitelist --> work}} | |||
* preflight false, REQ method HEAD && headers in whitelist --> work | |||
** {{done|ensure we get the "success" status flag}} | |||
* {{done|preflight false, REQ method GET && headers ! in whitelist --> preflight}} | |||
* {{done|preflight false, REQ method HEAD && headers ! in whitelist --> preflight}} | |||
* {{done|preflight false, REQ method POST && headers ! in whitelist -- preflight}} | |||
* {{done|preflight}} false, REQ method POST && headers in whitelist && Header contains content-type but value of content-type != (application/x-www-form-urlencoded, multipart/form-dat, or text/plain) --> preflight | |||
** {{done|the above with content-type}} == to each of those three things --> work | |||
*** {{done|content-type}} == text/plain | |||
*** {{done|content-type}} == application/x-www-form-urlencoded. I disagree with spec here. Should raise with spec editor. | |||
*** {{done|content-type}} == multipart/form-data. I disagree with spec here. Should raise with spec editor. | |||
* {{todo|getResponseHeader() does not get access to cookie2 header and othe headers not in RESP whitelist}} | |||
* {{todo|cause a user cancel and ensure abort steps followed}} | |||
* {{todo|cause a network error (by failing access control check) and ensure network error steps are followed}} | |||
* {{done|ensure access control check works status flag set to success, ensure REQ not terminated}} | |||
=== Preflight XSS XHR === | |||
* {{done|test using a cached entry after the time has expired --> should get a notification of failure that you need to preflight again}} | |||
* {{done|test that a method name matches case insensitively}} | |||
* test that headers match case insensitively | |||
* {{done|test that every header name matches header in the cache}} | |||
* {{done|test when both a header and a method are specified that we match the proper one}} | |||
* {{done|test that if no expiration time given, no cache entry made}} | |||
* {{done|test that when we do not have all the headers in our request that are in the cache --> cache fail}} | |||
* {{done|test that we do not have a method that matches --> cache fail}} | |||
* {{done|test that multiple methods can be cached and retrieved}} | |||
* {{done|test that both header and method are empty when they are not empty in the cache --> cache fail}} | |||
* can we make a preflight with credentials? Should fail, should not be allowed. (JS: You can check if the preflight has cookies) | |||
* can we make a preflight with an entity body? should fail, should not be allowed. (JS: You can check if the preflight has body) | |||
* {{skip|test redirect}} | |||
* {{done|test alternate ways of specifying the expiration time (white space, invalid values etc)}} | |||
* test abort | |||
* test network error | |||
* test access control fail --> ensure cache and network steps followed | |||
* {{done|test failure to parse methods (value with a space for instance) when parsing the access-control-allow-methods values --> cache and network steps}} | |||
* {{done|test}} failure to parse headers when parsing access-control-headers --> cache and network steps | |||
* {{done|test that every REQ header does not match headers --> cache & network steps}} | |||
* {{done|test that REQ header not in simple header whitelist --> cache & network steps}} | |||
* {{skip|Ensure}} that preflight requests that succeed update cache entries (spec no longer requires updating, but tests do ensure that cache entries are created and removed - ct) | |||
* {{done|if}} actual request gets redirect --> cache and network steps (handled by redirect tests) | |||
* if actual req canceled -> abort | |||
* if actual req network error -> network eror | |||
* if actual req access check fails -> cache & network steps | |||
* test that an actual req can pass | |||
=== cache matches === | |||
* ensure that when testing for cache matches we fail when any of these conditions are met: | |||
** {{done|URL}} != REQ URL | |||
** origin != source origin | |||
** credentials != credentials flag | |||
=== cache & network steps === | |||
* {{skip|remove cache entries for source origin and URL - can we test that the entries get removed? (JS: not done, and not yet implemented)}} | |||
* {{skip|return network error}} | |||
=== cache updates === | |||
* {{done|ensure that for each method in methods of the preflight REQ an entry is made in the cache}} | |||
* {{skip|ensure that for each method in methods of the preflight REQ where there is already an entry in the cache, update the expiry time (no longer in spec - ct) }} | |||
* {{done|ensure that for each header in header of the preflight REQ an entry is made in the cache}} | |||
* {{skip|ensure that for each header in header of the preflight REQ where there is already an entry in the cache, update the expiry time (no longer in spec - ct) }} | |||
=== abort steps === | |||
* test that user cancel results in "abort" state being returned and the request stops | |||
* {{todo|ensure no data passed back from an abort (necessary?) (JS: yes, necessary)}} | |||
=== network error === | |||
* {{todo|ensure network error status and no data comes back to XHR (necessary?) (JS: yes, necessary)}} | |||
=== cache steps === | |||
* check that an entry fro a network error is not used for the next request (network and cache error should clear cache) | |||
* check that an preflight response that is a network error, but otherwise well formed, does not populate the cache or allow the REQ. | |||
=== Access Control Check === | |||
* {{done|test with 0 access-control-allow-origin headers --> fail (JS: I think done)}} | |||
* {{done|test with > 1 access-control-allow-origin-headers --> fail}} | |||
* {{done|test}} with access-control-allow-origin == * && credentials flag == false ---> return pass | |||
* {{done|test}} with access-control-allow-origin != source origin --> return fail | |||
* {{done|test}} with credentials flag == true && 0 access-control-allow-origin hdr --> fail (JS: I think done) | |||
* {{done|test}} with credentials flag == true && access-control-allow-credentials is not true --> fail | |||
* {{done|test}} with credentials flag == true && access-control-allow-credentials == true && 0 access-control-allow-origin --> fail | |||
* {{done|test}} with credentials flag == true && access-control-allow-credentials == true && >1 access-control-allow-origin --> fail | |||
* {{done|test}} with credentials flag == true && access-control-allow-credentials == true && 1 access-control-allow-origin --> pass | |||
* {{done|test}} with credentials flag == false && access-control-allow-credentials==true && 1 access-control-allow-origin --> pass (as per the spec, unspecified case) (JS: I think done) | |||
* {{done|test}} with access-control-allow-origin == * && credentials flag == false && access-allow-credentials == true --> pass | |||
* {{done|test}} with access-control-allow-origin == * && credentials flag == false && access-allow-credentials == false --> pass | |||
* {{done|test}} with access-control-allow-origin == * && credentials flag == true && access-allow-credentials == true --> pass | |||
=== Redirect Steps === | |||
* {{done|Test redirects:}} | |||
** {{done|force new URL scheme to some unsupported scheme --> network error}} | |||
** {{todo|force infinite loop to occur --> network error}} | |||
** {{todo|force disconnect or invalid response --> network error}} | |||
** {{done|if REQ URL contains the userinfo production (user name and password in URL) -> network error}} | |||
** {{done|REQ URL and source origin are same origin --> should get "same-origin" status (spec should be changed to still require access control headers)}} | |||
** access control check returns fail --> network error | ** access control check returns fail --> network error | ||
** if nothing goes wrong, ensure redirect followed and XSS XHR request rules followed | ** {{done|if nothing goes wrong, ensure redirect followed and XSS XHR request rules followed}} | ||
** | == References == | ||
** | REQ hdr whitelist (case insensitive matching): | ||
* | * Accept | ||
** | * Accept-Language | ||
* | * Content-Language | ||
** | * Content-Type | ||
RESP HDR whitelist (case insisitive) | |||
* Cache-Control | |||
* Content-Language | |||
* Content-Type | |||
* Expires | |||
* Last-Modified | |||
* Pragma | |||
== Things we probably won't get to testing == | |||
* disk full - should stop caching and stop updating cache entries | |||
== Things we'd like to get to testing == | == Things we'd like to get to testing == | ||
'' Can we get the security team to help with some of this part? '' | '' Can we get the security team to help with some of this part? '' | ||
* All the items in the "Requirements" section are nice to haves that really sound pretty crucial to release this as a secure feature of the product. | * All the items in the "Requirements" section are nice to haves that really sound pretty crucial to release this as a secure feature of the product. | ||
* private browsing mode - should not cache entries | |||
* what happens if user makes a request, goes offline, and comes back online | |||
* what happens if these requests are done through Worker threads | |||
* | |||
* | |||
* | |||
= Schedule Scoping = | = Schedule Scoping = | ||