def test_disable_3rdp_cookies(self):
third_p_origin = TEST_COOKIE_ORIGIN
results = ffm.visit_page(THIRD_PARTY_COOKIE_TEST_URL, wait_on_site=5, cookie_support=cm.COOKIE_ALLOW_1ST_PARTY)
cookies = results["cookies"]
for cookie in cookies:
origin = cookie[0]
self.assertNotEqual(origin, third_p_origin, "Should not accept 3rd party cookies")
def test_to_data_url_br_test(self):
ft_url = CANVAS_BASE_TEST_URL + "todataurl.html"
results = ffm.visit_page(ft_url, wait_on_site=1)
calls = results["calls"]
self.assertEqual(len(calls), 2, "Unexpected no of calls in logs: %d"
% len(calls))
call = calls[1]
self.assertEqual(call.initiator, 'HTMLCanvasElement.cpp',
"Unexpected FF source file name in the logs")
self.assertEqual(call.event_type, 'ToDataURL',
"Unexpected event name in the logs: %s"
% call.event_type)
self.assertTrue(call.js_file.endswith("todataurl.html"),
"Unexpected JS source file name %s" % call.js_file)
self.assertEqual(call.js_line, '17',
"Unexpected JS line number in the logs %s"
% call.js_line)
self.assertEqual(call.log_text,
'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGQAAA'
'BkCAYAAABw4pVUAAABHElEQVR4nO3RwW3DQAADwSvWhaS7uCvnz2'
'cgYKVkBmAD3HMAAACAB3qf8/mrq7/9lfo0QUZ9miCjPk2QUZ8myK'
'hPE2TUpwky6tMEGfVpgoz6NEFGfZogoz5NkFGfJsioTxNk1KcJMu'
'rTBBn1aYKM+jRBRn2aIKM+TZBx9Qmv87rNzvn+unaCCCKIIIIIIo'
'gggggiiCCCCCKIIIIIIogggggiiCCCCCKIIIIIIogggggiiCCCCH'
'KDEIIIIoggggjyL4Nc7+oT7rRHqk8TZNSnCTLq0wQZ9WmCjPo0QU'
'Z9miCjPk2QUZ8myKhPE2TUpwky6tMEGfVpgoz6NEFGfZogoz5NkF'
'GfJsioTxNk1KcJMurTBAEAAAAAAACAJ/kBNTWUxDGSNrkAAAAASU'
'VORK5CYII=',
"Unexpected canvas data URL %s" % call.log_text)
def test_to_data_url_br_test(self):
ft_url = CANVAS_BASE_TEST_URL + "todataurl.html"
results = ffm.visit_page(ft_url, wait_on_site=1)
calls = results["calls"]
self.assertEqual(len(calls), 2,
"Unexpected no of calls in logs: %d" % len(calls))
call = calls[1]
self.assertEqual(call.initiator, 'HTMLCanvasElement.cpp',
"Unexpected FF source file name in the logs")
self.assertEqual(
call.event_type, 'ToDataURL',
"Unexpected event name in the logs: %s" % call.event_type)
self.assertTrue(call.js_file.endswith("todataurl.html"),
"Unexpected JS source file name %s" % call.js_file)
self.assertEqual(
call.js_line, '17',
"Unexpected JS line number in the logs %s" % call.js_line)
self.assertEqual(
call.log_text,
'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGQAAA'
'BkCAYAAABw4pVUAAABHElEQVR4nO3RwW3DQAADwSvWhaS7uCvnz2'
'cgYKVkBmAD3HMAAACAB3qf8/mrq7/9lfo0QUZ9miCjPk2QUZ8myK'
'hPE2TUpwky6tMEGfVpgoz6NEFGfZogoz5NkFGfJsioTxNk1KcJMu'
'rTBBn1aYKM+jRBRn2aIKM+TZBx9Qmv87rNzvn+unaCCCKIIIIIIo'
'gggggiiCCCCCKIIIIIIogggggiiCCCCCKIIIIIIogggggiiCCCCH'
'KDEIIIIoggggjyL4Nc7+oT7rRHqk8TZNSnCTLq0wQZ9WmCjPo0QU'
'Z9miCjPk2QUZ8myKhPE2TUpwky6tMEGfVpgoz6NEFGfZogoz5NkF'
'GfJsioTxNk1KcJMurTBAEAAAAAAACAJ/kBNTWUxDGSNrkAAAAASU'
'VORK5CYII=', "Unexpected canvas data URL %s" % call.log_text)
def test_disable_flash(self):
lso_value = rand_str()
qry_str = '?lso_test_key=%s&lso_test_value=%s' % ("test_key",
lso_value)
test_url = cm.BASE_TEST_URL + '/evercookie/lso/setlso.html' + qry_str
results = ffm.visit_page(test_url, wait_on_site=3,
flash_support=cm.FLASH_DISABLE)
lso_items = results["flash_cookies"]
self.assertEqual(len(lso_items), 0)
def test_disable_flash(self):
lso_value = rand_str()
qry_str = '?lso_test_key=%s&lso_test_value=%s' % ("test_key",
lso_value)
test_url = cm.BASE_TEST_URL + '/evercookie/lso/setlso.html' + qry_str
results = ffm.visit_page(test_url,
wait_on_site=3,
flash_support=cm.FLASH_DISABLE)
lso_items = results["flash_cookies"]
self.assertEqual(len(lso_items), 0)
def test_js_cookies_by_visit_ff(self):
results = ffm.visit_page(COOKIE_TEST_URL, wait_on_site=3)
cookies = results["cookies"]
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
origin, name, value, host = cookie[0:4]
self.assertEqual(origin, TEST_COOKIE_ORIGIN)
self.assertEqual(name, TEST_COOKIE_NAME)
self.assertEqual(value, TEST_COOKIE_VALUE)
self.assertEqual(host, TEST_COOKIE_HOST)
def test_disable_3rdp_cookies(self):
third_p_origin = TEST_COOKIE_ORIGIN
results = ffm.visit_page(THIRD_PARTY_COOKIE_TEST_URL,
wait_on_site=5,
cookie_support=cm.COOKIE_ALLOW_1ST_PARTY)
cookies = results["cookies"]
for cookie in cookies:
origin = cookie[0]
self.assertNotEqual(origin, third_p_origin,
"Should not accept 3rd party cookies")
def test_js_cookies_by_visit_ff(self):
results = ffm.visit_page(COOKIE_TEST_URL, wait_on_site=3)
cookies = results["cookies"]
self.assertEqual(len(cookies), 1)
cookie = cookies[0]
origin, name, value, host = cookie[0:4]
self.assertEqual(origin, TEST_COOKIE_ORIGIN)
self.assertEqual(name, TEST_COOKIE_NAME)
self.assertEqual(value, TEST_COOKIE_VALUE)
self.assertEqual(host, TEST_COOKIE_HOST)
def test_3rdparty_cookie_set(self):
cookie_names = []
cookie_origins = []
results = ffm.visit_page(THIRD_PARTY_COOKIE_TEST_URL, wait_on_site=5)
cookies = results["cookies"]
# print cookies
for cookie in cookies:
cookie_names.append(cookie[1])
cookie_origins.append(cookie[0])
self.assertIn(TEST_COOKIE_NAME, cookie_names)
self.assertIn(TEST_COOKIE_ORIGIN, cookie_origins)
def test_3rdparty_cookie_set(self):
cookie_names = []
cookie_origins = []
results = ffm.visit_page(THIRD_PARTY_COOKIE_TEST_URL, wait_on_site=5)
cookies = results["cookies"]
# print cookies
for cookie in cookies:
cookie_names.append(cookie[1])
cookie_origins.append(cookie[0])
self.assertIn(TEST_COOKIE_NAME, cookie_names)
self.assertIn(TEST_COOKIE_ORIGIN, cookie_origins)
def test_ls_item_by_visit(self):
results = ffm.visit_page(LS_TEST_URL, wait_on_site=1)
ls_items = results["local_storage"]
self.assertEqual(len(ls_items), 1,
'There should only be one item in localstorage %d' %
len(ls_items))
for ls_row in ls_items:
scope, key, value = ls_row
origin = ls.get_ls_origin_from_scope(scope)
self.assertEqual(key, EXPECTED_LS_KEY)
self.assertEqual(value, EXPECTED_LS_VALUE)
self.assertEqual(origin, EXPECTED_LS_ORIGIN)
self.check_localstorage_db_ops(ls_items)
def test_ssl_mitm_interception(self):
found_https_req = False
req_url = "https://twitter.com/"
results = ffm.visit_page(req_url,
wait_on_site=1,
out_dir=self.vi.out_dir)
http_msgs = results["http_msgs"]
self.assertTrue(len(http_msgs))
for http_msg in http_msgs:
print http_msg["req_url"]
self.assertTrue(len(http_msg["req_url"]))
self.assertTrue(len(http_msg["req_headers"]))
if req_url in http_msg["req_url"]:
found_https_req = True
self.assertTrue(found_https_req, "Cannot intercept HTTPS requests")
def test_ssl_mitm_interception(self):
found_https_req = False
req_url = "https://twitter.com/"
results = ffm.visit_page(req_url,
wait_on_site=1,
out_dir=self.vi.out_dir)
http_msgs = results["http_msgs"]
self.assertTrue(len(http_msgs))
for http_msg in http_msgs:
print http_msg["req_url"]
self.assertTrue(len(http_msg["req_url"]))
self.assertTrue(len(http_msg["req_headers"]))
if req_url in http_msg["req_url"]:
found_https_req = True
self.assertTrue(found_https_req, "Cannot intercept HTTPS requests")
def test_fill_text_calls(self):
"""ffmod should log the text that is written to the canvas."""
ft_url = CANVAS_BASE_TEST_URL + "filltext.html"
results = ffm.visit_page(ft_url, wait_on_site=1)
calls = results["calls"]
self.assertEqual(len(calls), 1,
"Unexpected no of calls in logs: %d" % len(calls))
call = calls[0]
self.assertEqual(call.initiator, 'CanvasRenderingContext2D.cpp',
"Unexpected FF source file name in the logs")
self.assertEqual(call.event_type, 'FillText',
"Unexpected event name in the logs")
self.assertTrue(call.js_file.endswith("filltext.html"),
"Unexpected JS source file name")
self.assertEqual(call.js_line, '10',
"Unexpected JS line number in the logs")
self.assertEqual(call.log_text, 'TEST-1234567890',
"Unexpected canvas fill text")
def test_fill_text_calls(self):
"""ffmod should log the text that is written to the canvas."""
ft_url = CANVAS_BASE_TEST_URL + "filltext.html"
results = ffm.visit_page(ft_url, wait_on_site=1)
calls = results["calls"]
self.assertEqual(len(calls), 1, "Unexpected no of calls in logs: %d"
% len(calls))
call = calls[0]
self.assertEqual(call.initiator, 'CanvasRenderingContext2D.cpp',
"Unexpected FF source file name in the logs")
self.assertEqual(call.event_type, 'FillText',
"Unexpected event name in the logs")
self.assertTrue(call.js_file.endswith("filltext.html"),
"Unexpected JS source file name")
self.assertEqual(call.js_line, '10',
"Unexpected JS line number in the logs")
self.assertEqual(call.log_text, 'TEST-1234567890',
"Unexpected canvas fill text")
def test_get_lso_from_visit(self):
lso_found = False
lso_value = rand_str()
qry_str = '?lso_test_key=%s&lso_test_value=%s' % ("test_key",
lso_value)
test_url = cm.BASE_TEST_URL + '/evercookie/lso/setlso.html' + qry_str
results = ffm.visit_page(test_url, wait_on_site=3)
lso_items = results["flash_cookies"]
self.failUnless(len(lso_items))
for test_lso in lso_items:
self.assertEqual(test_lso.event_type, cm.EVENT_FLASH_LSO)
self.assertIn(cm.ONLINE_TEST_HOST, test_lso.initiator)
if TEST_LSO_KEYNAME == test_lso.key:
self.assertEqual(lso_value, test_lso.log_text)
lso_found = True
self.failUnless(lso_found, "Cannot find LSO with the value %s in %s" %
(lso_value, lso_items))
def test_get_lso_from_visit(self):
lso_found = False
lso_value = rand_str()
qry_str = '?lso_test_key=%s&lso_test_value=%s' % ("test_key",
lso_value)
test_url = cm.BASE_TEST_URL + '/evercookie/lso/setlso.html' + qry_str
results = ffm.visit_page(test_url, wait_on_site=3)
lso_items = results["flash_cookies"]
self.failUnless(len(lso_items))
for test_lso in lso_items:
self.assertEqual(test_lso.event_type, cm.EVENT_FLASH_LSO)
self.assertIn(cm.ONLINE_TEST_HOST, test_lso.initiator)
if TEST_LSO_KEYNAME == test_lso.key:
self.assertEqual(lso_value, test_lso.log_text)
lso_found = True
self.failUnless(
lso_found,
"Cannot find LSO with the value %s in %s" % (lso_value, lso_items))
def test_stroke_text_to_dataurl_detection(self):
ft_url = CANVAS_BASE_TEST_URL + "stroketext_todataurl.html"
results = ffm.visit_page(ft_url, wait_on_site=1)
calls = results["calls"]
if not ex.check_canvas_rw_access(calls):
self.fail("Cannot find read/write access logs to canvas")
def test_disable_cookies(self):
results = ffm.visit_page(COOKIE_TEST_URL, wait_on_site=3, cookie_support=cm.COOKIE_ALLOW_NONE)
cookies = results["cookies"]
self.assertEqual(len(cookies), 0)
def test_check_canvas_rw_access(self):
ft_url = CANVAS_BASE_TEST_URL + "filltext.html"
results = ffm.visit_page(ft_url, wait_on_site=1)
calls = results["calls"]
if ex.check_canvas_rw_access(calls):
self.fail("Should not find read/write access logs to canvas")
def test_disable_cookies(self):
results = ffm.visit_page(COOKIE_TEST_URL,
wait_on_site=3,
cookie_support=cm.COOKIE_ALLOW_NONE)
cookies = results["cookies"]
self.assertEqual(len(cookies), 0)
--max_proc max_parallel_processes --flash flash_support'
sys.exit(1)
if args and args[0] == '--url':
url = args[1]
del args[0:2]
if args and args[0] == '--rank':
rank = int(args[1])
del args[0:2]
if args and args[0] == '--out_dir':
out_dir = args[1]
del args[0:2]
if args and args[0] == '--flash':
flash_support = int(args[1])
del args[0:2]
if args and args[0] == '--cookie':
cookie_support = int(args[1])
del args[0:2]
ffm.visit_page((rank, url),
timeout=None,
pre_crawl_sleep=True,
out_dir=out_dir,
flash_support=flash_support,
cookie_support=cookie_support)
def test_stroke_text_to_dataurl_detection(self):
ft_url = CANVAS_BASE_TEST_URL + "stroketext_todataurl.html"
results = ffm.visit_page(ft_url, wait_on_site=1)
calls = results["calls"]
if not ex.check_canvas_rw_access(calls):
self.fail("Cannot find read/write access logs to canvas")
def test_check_canvas_rw_access(self):
ft_url = CANVAS_BASE_TEST_URL + "filltext.html"
results = ffm.visit_page(ft_url, wait_on_site=1)
calls = results["calls"]
if ex.check_canvas_rw_access(calls):
self.fail("Should not find read/write access logs to canvas")
flash_support = cm.FLASH_ENABLE
cookie_support = cm.COOKIE_ALLOW_ALL
if not args:
print 'usage: --urls urls --stop stop_pos [--start start_pos]\
--max_proc max_parallel_processes --flash flash_support'
sys.exit(1)
if args and args[0] == '--url':
url = args[1]
del args[0:2]
if args and args[0] == '--rank':
rank = int(args[1])
del args[0:2]
if args and args[0] == '--out_dir':
out_dir = args[1]
del args[0:2]
if args and args[0] == '--flash':
flash_support = int(args[1])
del args[0:2]
if args and args[0] == '--cookie':
cookie_support = int(args[1])
del args[0:2]
ffm.visit_page((rank, url), timeout=None, pre_crawl_sleep=True,
out_dir=out_dir, flash_support=flash_support,
cookie_support=cookie_support)