| // Copyright 2021 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| // `session` doesn't have storage access by default. All other storage areas are |
| // accessible. |
| const accessibleStorageAreas = ['sync', 'local']; |
| const invalidAccessMessage = |
| 'Access to storage is not allowed from this context.'; |
| |
| async function testAccessibleStorageAreas(func, param) { |
| // `sync` and `local` storage areas have untrusted access level by default, |
| // thus content scripts can access the storage. |
| for (const area of accessibleStorageAreas) { |
| // If the param exists and to avoid mutating it, insert a copy of the param |
| // to each area params. |
| let areaParams = param ? [param] : []; |
| await new Promise((resolve) => { |
| areaParams.push(() => { |
| chrome.test.assertNoLastError(); |
| resolve(); |
| }) |
| chrome.storage[area][func](...areaParams); |
| }) |
| }; |
| }; |
| |
| async function testInaccessibleStorageAreas(func, param) { |
| // `session` storage area has only trusted access level by default, thus |
| // content scripts cannot access the storage. |
| // If the param exists, insert a copy of the param to the area params. |
| let areaParams = param ? [param] : []; |
| await new Promise((resolve) => { |
| areaParams.push(() => { |
| chrome.test.assertLastError(invalidAccessMessage); |
| resolve(); |
| }) |
| chrome.storage.session[func](...areaParams); |
| }) |
| }; |
| |
| async function testGetValueSetByBackgroundPage() { |
| // Content scripts can access values set by the background page when the |
| // storage area has untrusted access. |
| for (const area of accessibleStorageAreas) { |
| await new Promise((resolve) => { |
| chrome.storage[area].get('background', (value) => { |
| chrome.test.assertEq({background: area}, value); |
| resolve(); |
| }); |
| }) |
| }; |
| }; |
| |
| chrome.test.runTests([ |
| // This test must run before any other test clears the storage. |
| async function getValueSetByBackgroundPageFromContentScript() { |
| // `sync` and `local` storage areas can access background page values by |
| // default. |
| await testGetValueSetByBackgroundPage(); |
| // `session` storage area cannot access background page values by |
| // default. |
| await testInaccessibleStorageAreas('get', 'background'); |
| chrome.test.succeed(); |
| }, |
| |
| async function setValueFromContentScript() { |
| await testAccessibleStorageAreas('set', {foo: 'bar'}); |
| await testInaccessibleStorageAreas('set', {foo: 'bar'}); |
| chrome.test.succeed(); |
| }, |
| |
| async function getValueFromContentScript() { |
| await testAccessibleStorageAreas('get', 'foo'); |
| await testInaccessibleStorageAreas('get', 'foo'); |
| chrome.test.succeed(); |
| }, |
| |
| async function getBytesInUseFromContentScript() { |
| await testAccessibleStorageAreas('getBytesInUse', null); |
| await testInaccessibleStorageAreas('getBytesInUse', null); |
| chrome.test.succeed(); |
| }, |
| |
| async function removeValueFromContentScript() { |
| await testAccessibleStorageAreas('remove', 'foo'); |
| await testInaccessibleStorageAreas('remove', 'foo'); |
| chrome.test.succeed(); |
| }, |
| |
| async function clearValuesFromContentScript() { |
| await testAccessibleStorageAreas('clear'); |
| await testInaccessibleStorageAreas('clear'); |
| chrome.test.succeed(); |
| }, |
| |
| function setAccessLevelFromContentScript() { |
| // `setAccessLevel` is not exposed to `sync` or `local`. |
| chrome.test.assertFalse(!!chrome.storage.sync.setAccessLevel); |
| chrome.test.assertFalse(!!chrome.storage.local.setAccessLevel); |
| // TODO(crbug.com/1227410): `setAccessLevel` is exposed to `session` but |
| // cannot be accessed from a content script. This will change once we only |
| // expose `setAccessLevel` in unblessed contexts. |
| chrome.test.assertTrue(!!chrome.storage.session.setAccessLevel); |
| chrome.storage.session.setAccessLevel( |
| {accessLevel: 'TRUSTED_CONTEXTS'}, () => { |
| chrome.test.assertLastError(invalidAccessMessage); |
| chrome.test.succeed(); |
| }); |
| } |
| ]); |