Bug 1962092 - Add test for anti-fraud annotation. r=timhuang

Differential Revision: https://phabricator.services.mozilla.com/D247537

build/pgo/server-locations.txt

@@ -204,6 +204,7 @@ http://itisatracker.org:80
 http://trackertest.org:80
 http://email-tracking.example.org:80
 http://consent-manager.example.org:80
+http://anti-fraud.example.org:80
 
 #
 # Used while testing TLS session ticket resumption for third-party trackers (bug 1500533)
@@ -223,6 +224,7 @@ https://social-tracking.example.org:443
 https://itisatracker.org:443
 https://email-tracking.example.org:443
 https://consent-manager.example.org:443
+https://anti-fraud.example.org:443
 
 #
 # Used while testing flash blocking (Bug 1307604)

modules/libpref/init/StaticPrefList.yaml

@@ -15778,20 +15778,20 @@
   value: true
   mirror: always
 
-# Annotate channels based on the anti fraud list
-# Note: consent manager annotations will be disabled if tracking protection is disabled
+# Annotate channels based on the anti-fraud list
+# Note: anti-fraud annotations will be disabled if tracking protection is disabled
 - name: privacy.trackingprotection.antifraud.annotate_channels
   type: bool
   value: true
   mirror: always
 
-# Skip blocking for consentmanager resources in all modes.
+# Skip blocking for anti-fraud resources in all modes.
 - name: privacy.trackingprotection.antifraud.skip.enabled
   type: RelaxedAtomicBool
   value: false
   mirror: always
 
-# Skip blocking for consentmanager resources in Private Browsing mode.
+# Skip blocking for anti-fraud resources in Private Browsing mode.
 - name: privacy.trackingprotection.antifraud.skip.pbmode.enabled
   type: RelaxedAtomicBool
   value: true

netwerk/url-classifier/UrlClassifierFeatureAntiFraudAnnotation.cpp

@@ -96,7 +96,8 @@ UrlClassifierFeatureAntiFraudAnnotation::MaybeCreate(nsIChannel* aChannel) {
     return nullptr;
   }
 
-  // We also don't need to annotate the channel if we are not blocking trackers
+  // We also don't need to annotate the channel if we are not blocking
+  // fingerprinters
   if (!StaticPrefs::privacy_trackingprotection_fingerprinting_enabled()) {
     return nullptr;
   }

toolkit/components/url-classifier/tests/UrlClassifierTestUtils.sys.mjs

@@ -21,6 +21,9 @@ const EMAIL_TRACKING_TABLE_PREF =
 const CONSENTMANAGER_ANNOTATION_TABLE_NAME = "mochitest6-track-simple";
 const CONSENTMANAGER_ANNOTATION_TABLE_PREF =
   "urlclassifier.features.consentmanager.annotate.blocklistTables";
+const ANTIFRAUD_ANNOTATION_TABLE_NAME = "mochitest7-track-simple";
+const ANTIFRAUD_ANNOTATION_TABLE_PREF =
+  "urlclassifier.features.antifraud.annotate.blocklistTables";
 
 let timer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer);
 
@@ -40,6 +43,7 @@ export var UrlClassifierTestUtils = {
     let socialTrackingURL = "social-tracking.example.org/";
     let emailTrackingURL = "email-tracking.example.org/";
     let consentmanagerAnnotationURL = "consent-manager.example.org/";
+    let antifraudAnnotationURL = "anti-fraud.example.org/";
 
     let annotationUpdate =
       "n:1000\ni:" +
@@ -74,6 +78,11 @@ export var UrlClassifierTestUtils = {
       consentmanagerAnnotationURL.length +
       "\n" +
       consentmanagerAnnotationURL +
+      "\n" +
+      "a:7:32:" +
+      antifraudAnnotationURL.length +
+      "\n" +
+      antifraudAnnotationURL +
       "\n";
     let socialAnnotationUpdate =
       "n:1000\ni:" +
@@ -93,6 +102,15 @@ export var UrlClassifierTestUtils = {
       "\n" +
       consentmanagerAnnotationURL +
       "\n";
+    let antifraudAnnotationUpdate =
+      "n:1000\ni:" +
+      ANTIFRAUD_ANNOTATION_TABLE_NAME +
+      "\nad:1\n" +
+      "a:1:32:" +
+      antifraudAnnotationURL.length +
+      "\n" +
+      antifraudAnnotationURL +
+      "\n";
     let annotationEntitylistUpdate =
       "n:1000\ni:" +
       ANNOTATION_ENTITYLIST_TABLE_NAME +
@@ -125,6 +143,11 @@ export var UrlClassifierTestUtils = {
       consentmanagerAnnotationURL.length +
       "\n" +
       consentmanagerAnnotationURL +
+      "\n" +
+      "a:5:32:" +
+      antifraudAnnotationURL.length +
+      "\n" +
+      antifraudAnnotationURL +
       "\n";
     let socialTrackingUpdate =
       "n:1000\ni:" +
@@ -170,6 +193,11 @@ export var UrlClassifierTestUtils = {
         name: CONSENTMANAGER_ANNOTATION_TABLE_PREF,
         update: consentmanagerAnnotationUpdate,
       },
+      {
+        pref: ANTIFRAUD_ANNOTATION_TABLE_NAME,
+        name: ANTIFRAUD_ANNOTATION_TABLE_PREF,
+        update: antifraudAnnotationUpdate,
+      },
       {
         pref: ANNOTATION_ENTITYLIST_TABLE_PREF,
         name: ANNOTATION_ENTITYLIST_TABLE_NAME,
@@ -223,6 +251,7 @@ export var UrlClassifierTestUtils = {
     Services.prefs.clearUserPref(ANNOTATION_TABLE_PREF);
     Services.prefs.clearUserPref(SOCIAL_ANNOTATION_TABLE_PREF);
     Services.prefs.clearUserPref(CONSENTMANAGER_ANNOTATION_TABLE_PREF);
+    Services.prefs.clearUserPref(ANTIFRAUD_ANNOTATION_TABLE_PREF);
     Services.prefs.clearUserPref(ANNOTATION_ENTITYLIST_TABLE_PREF);
     Services.prefs.clearUserPref(TRACKING_TABLE_PREF);
     Services.prefs.clearUserPref(SOCIAL_TRACKING_TABLE_PREF);

toolkit/components/url-classifier/tests/browser/browser.toml

@@ -1,9 +1,12 @@
 [DEFAULT]
 support-files = [
+  "head.js",
   "page.html",
   "raptor.jpg",
 ]
 
+["browser_antifraud_annotation.js"]
+
 ["browser_consentmanager_annotation.js"]
 
 ["browser_emailtracking_telemetry.js"]

toolkit/components/url-classifier/tests/browser/browser_antifraud_annotation.js

@@ -0,0 +1,89 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+"use strict";
+
+let { UrlClassifierTestUtils } = ChromeUtils.importESModule(
+  "resource://testing-common/UrlClassifierTestUtils.sys.mjs"
+);
+
+const ANTIFRAUD_DOMAIN = "https://anti-fraud.example.org/";
+const ANTIFRAUD_IMAGE = ANTIFRAUD_DOMAIN + TEST_PATH + "raptor.jpg";
+
+async function tryLoadingImageAndCheckAntiFraudFlags(tab, shouldLoad) {
+  let channelCheckPromise = checkChannelClassificationsFlags(
+    ANTIFRAUD_DOMAIN,
+    Ci.nsIClassifiedChannel.CLASSIFIED_ANTIFRAUD
+  );
+
+  let isImageLoaded = await loadImage(tab.linkedBrowser, ANTIFRAUD_IMAGE);
+
+  if (shouldLoad) {
+    ok(isImageLoaded, "Image should be loaded");
+  } else {
+    ok(!isImageLoaded, "Image should not be loaded");
+  }
+
+  return channelCheckPromise;
+}
+
+add_setup(async function () {
+  await UrlClassifierTestUtils.addTestTrackers();
+
+  registerCleanupFunction(function () {
+    UrlClassifierTestUtils.cleanupTestTrackers();
+  });
+
+  await SpecialPowers.pushPrefEnv({
+    set: [
+      [
+        "urlclassifier.features.antifraud.annotate.blocklistTables",
+        "mochitest7-track-simple",
+      ],
+
+      ["privacy.trackingprotection.enabled", true],
+      ["privacy.trackingprotection.annotate_channels", true],
+      ["privacy.trackingprotection.cryptomining.enabled", false],
+      ["privacy.trackingprotection.emailtracking.enabled", false],
+      ["privacy.trackingprotection.fingerprinting.enabled", false],
+      ["privacy.trackingprotection.socialtracking.enabled", false],
+      ["privacy.trackingprotection.consentmanager.annotate_channels", false],
+      ["privacy.trackingprotection.antifraud.annotate_channels", true],
+
+      ["privacy.trackingprotection.antifraud.skip.enabled", false],
+      ["privacy.trackingprotection.antifraud.skip.pbmode.enabled", false],
+    ],
+  });
+});
+
+add_task(async function test_antifraud_annotation_unblocking_off() {
+  // check antifraud still blocked when skip is disabled
+  await SpecialPowers.pushPrefEnv({
+    set: [["privacy.trackingprotection.fingerprinting.enabled", true]],
+  });
+
+  const tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_PAGE);
+
+  await tryLoadingImageAndCheckAntiFraudFlags(tab, false);
+
+  await BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async function test_antifraud_annotation_unblocking_on() {
+  // check that antifraud not blocked when skip is enabled
+  await SpecialPowers.pushPrefEnv({
+    set: [
+      ["privacy.trackingprotection.fingerprinting.enabled", true],
+
+      ["privacy.trackingprotection.antifraud.skip.enabled", true],
+      ["privacy.trackingprotection.antifraud.skip.pbmode.enabled", true],
+    ],
+  });
+
+  const tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_PAGE);
+
+  await tryLoadingImageAndCheckAntiFraudFlags(tab, true);
+
+  await BrowserTestUtils.removeTab(tab);
+  await SpecialPowers.popPrefEnv();
+});

toolkit/components/url-classifier/tests/browser/browser_consentmanager_annotation.js

@@ -7,46 +7,9 @@ let { UrlClassifierTestUtils } = ChromeUtils.importESModule(
   "resource://testing-common/UrlClassifierTestUtils.sys.mjs"
 );
 
-const TEST_DOMAIN = "https://example.com/";
-const TEST_PATH = "browser/toolkit/components/url-classifier/tests/browser/";
-
-const TEST_PAGE = TEST_DOMAIN + TEST_PATH + "page.html";
-
 const CONSENTMANAGER_DOMAIN = "https://consent-manager.example.org/";
 const CONSENTMANAGER_IMAGE = CONSENTMANAGER_DOMAIN + TEST_PATH + "raptor.jpg";
 
-function loadImage(browser, url) {
-  return SpecialPowers.spawn(browser, [url], page => {
-    return new Promise(resolve => {
-      let image = new content.Image();
-      image.src = page + "?" + Math.random();
-      image.onload = _ => resolve(true);
-      image.onerror = _ => resolve(false);
-    });
-  });
-}
-
-function checkChannelClassificationsFlags(expectedURLPrePath, flags) {
-  return TestUtils.topicObserved("http-on-modify-request", subject => {
-    let httpChannel = subject.QueryInterface(Ci.nsIHttpChannel);
-
-    if (!httpChannel.URI.spec.startsWith(expectedURLPrePath)) {
-      // this is not the request we are looking for
-      // we use the prepath and not the spec because the query is randomly generated in the
-      // loaded image
-      return false;
-    }
-
-    ok(
-      subject.QueryInterface(Ci.nsIClassifiedChannel).classificationFlags &
-        flags,
-      "Classification flags should match expected"
-    );
-
-    return true;
-  });
-}
-
 async function tryLoadingImageAndCheckConsentManagerFlags(tab, shouldLoad) {
   let channelCheckPromise = checkChannelClassificationsFlags(
     CONSENTMANAGER_DOMAIN,
@@ -84,6 +47,7 @@ add_setup(async function () {
       ["privacy.trackingprotection.emailtracking.enabled", false],
       ["privacy.trackingprotection.fingerprinting.enabled", false],
       ["privacy.trackingprotection.socialtracking.enabled", false],
+      ["privacy.trackingprotection.antifraud.annotate_channels", false],
       ["privacy.trackingprotection.consentmanager.annotate_channels", true],
 
       ["privacy.trackingprotection.consentmanager.skip.enabled", false],

toolkit/components/url-classifier/tests/browser/browser_emailtracking_telemetry.js

@@ -14,7 +14,6 @@ const TEST_EMAIL_WEBAPP_DOMAIN = "https://test1.example.com/";
 const EMAIL_TRACKER_DOMAIN = "https://email-tracking.example.org/";
 const TEST_PATH = "browser/toolkit/components/url-classifier/tests/browser/";
 
-const TEST_PAGE = TEST_DOMAIN + TEST_PATH + "page.html";
 const TEST_EMAIL_WEBAPP_PAGE =
   TEST_EMAIL_WEBAPP_DOMAIN + TEST_PATH + "page.html";
 
@@ -45,17 +44,6 @@ async function clearTelemetry() {
     .clear();
 }
 
-async function loadImage(browser, url) {
-  return SpecialPowers.spawn(browser, [url], page => {
-    return new Promise(resolve => {
-      let image = new content.Image();
-      image.src = page + "?" + Math.random();
-      image.onload = _ => resolve(true);
-      image.onerror = _ => resolve(false);
-    });
-  });
-}
-
 async function getTelemetryProbe(key, label, checkCntFn) {
   let histogram;
 

toolkit/components/url-classifier/tests/browser/head.js

@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+const TEST_DOMAIN = "https://example.com/";
+const TEST_PATH = "browser/toolkit/components/url-classifier/tests/browser/";
+const TEST_PAGE = TEST_DOMAIN + TEST_PATH + "page.html";
+
+async function loadImage(browser, url) {
+  return SpecialPowers.spawn(browser, [url], page => {
+    return new Promise(resolve => {
+      let image = new content.Image();
+      image.src = page + "?" + Math.random();
+      image.onload = _ => resolve(true);
+      image.onerror = _ => resolve(false);
+    });
+  });
+}
+
+function checkChannelClassificationsFlags(expectedURLPrePath, flags) {
+  return TestUtils.topicObserved("http-on-modify-request", subject => {
+    let httpChannel = subject.QueryInterface(Ci.nsIHttpChannel);
+
+    if (!httpChannel.URI.spec.startsWith(expectedURLPrePath)) {
+      // this is not the request we are looking for
+      // we use the prepath and not the spec because the query is randomly generated in the
+      // loaded image
+      return false;
+    }
+
+    ok(
+      subject.QueryInterface(Ci.nsIClassifiedChannel).classificationFlags &
+        flags,
+      "Classification flags should match expected"
+    );
+
+    return true;
+  });
+}