def test_audio_fingerprinting(self):
db = self.visit('/audio_fingerprinting.html')
# Check that all calls and methods are recorded
rows = db_utils.get_javascript_entries(db)
observed_symbols = set()
for item in rows:
observed_symbols.add(item[1])
assert AUDIO_SYMBOLS == observed_symbols
def test_canvas_fingerprinting(self):
db = self.visit('/canvas_fingerprinting.html')
# Check that all calls and methods are recorded
rows = db_utils.get_javascript_entries(db)
observed_rows = set()
for row in rows:
item = (row['script_url'], row['symbol'], row['operation'],
row['value'], row['arguments'])
observed_rows.add(item)
assert CANVAS_CALLS == observed_rows
def test_instrument_object(self):
""" Ensure instrumentObject logs all property gets, sets, and calls """
db = self.visit('/js_instrument/instrument_object.html')
rows = db_utils.get_javascript_entries(db, all_columns=True)
# Check calls of non-recursive instrumentation
self._check_calls(rows, 'window.test.', TOP_URL, TOP_URL)
self._check_calls(rows, 'window.frame1Test.', FRAME1_URL, TOP_URL)
self._check_calls(rows, 'window.frame2Test.', FRAME2_URL, TOP_URL)
# Check calls of recursive instrumentation
observed_gets_and_sets = set()
observed_calls = set()
for row in rows:
if not row['symbol'].startswith('window.test2.nestedObj'):
continue
assert row['document_url'] == TOP_URL
assert row['top_level_url'] == TOP_URL
if row['operation'] == 'get' or row['operation'] == 'set':
observed_gets_and_sets.add(
(row['symbol'], row['operation'], row['value']))
else:
observed_calls.add(
(row['symbol'], row['operation'], row['arguments']))
assert observed_calls == RECURSIVE_METHOD_CALLS
assert observed_gets_and_sets == RECURSIVE_GETS_AND_SETS
# Check that calls not present after default recursion limit (5)
# We should only see the window.test2.l1.l2.l3.l4.l5.prop access
# and not window.test2.l1.l2.l3.l4.l5.l6.prop access.
prop_access = set()
for row in rows:
if not row['symbol'].startswith('window.test2.l1'):
continue
assert row['document_url'] == TOP_URL
assert row['top_level_url'] == TOP_URL
prop_access.add((row['symbol'], row['operation'], row['value']))
assert prop_access == RECURSIVE_PROP_SET
# Check calls of object with sets prevented
observed_gets_and_sets = set()
observed_calls = set()
for row in rows:
if not row['symbol'].startswith('window.test3'):
continue
assert row['document_url'] == TOP_URL
assert row['top_level_url'] == TOP_URL
if row['operation'] == 'call':
observed_calls.add(
(row['symbol'], row['operation'], row['arguments']))
else:
observed_gets_and_sets.add(
(row['symbol'], row['operation'], row['value']))
assert observed_calls == SET_PREVENT_CALLS
assert observed_gets_and_sets == SET_PREVENT_GETS_AND_SETS
def test_document_cookie_instrumentation(self):
db = self.visit(utilities.BASE_TEST_URL + "/js_cookie.html")
rows = db_utils.get_javascript_entries(db, all_columns=True)
captured_cookie_calls = set()
for row in rows:
item = (row['script_url'], row['script_line'], row['script_col'],
row['func_name'], row['script_loc_eval'],
row['call_stack'], row['symbol'], row['operation'],
row['value'])
captured_cookie_calls.add(item)
assert captured_cookie_calls == DOCUMENT_COOKIE_READ_WRITE
def test_js_call_stack(self):
db = self.visit('/js_call_stack.html')
# Check that all stack info are recorded
rows = db_utils.get_javascript_entries(db, all_columns=True)
observed_rows = set()
for row in rows:
item = (row['script_url'], row['script_line'], row['script_col'],
row['func_name'], row['script_loc_eval'],
row['call_stack'], row['symbol'], row['operation'])
observed_rows.add(item)
assert JS_STACK_CALLS == observed_rows
def test_js_time_stamp(self):
# Check that timestamp is recorded correctly for the javascript table
MAX_TIMEDELTA = 30 # max time diff in seconds
db = self.visit('/js_call_stack.html')
utc_now = datetime.utcnow() # OpenWPM stores timestamp in UTC time
rows = db_utils.get_javascript_entries(db, all_columns=True)
assert len(rows) # make sure we have some JS events captured
for row in rows:
js_time = datetime.strptime(row['time_stamp'],
"%Y-%m-%dT%H:%M:%S.%fZ")
# compare UTC now and the timestamp recorded at the visit
assert (utc_now - js_time).seconds < MAX_TIMEDELTA
assert not db_utils.any_command_failed(db)
def test_webrtc_localip(self):
db = self.visit('/webrtc_localip.html')
# Check that all calls and methods are recorded
rows = db_utils.get_javascript_entries(db)
observed_rows = set()
for row in rows:
if (row['symbol'] == "RTCPeerConnection.setLocalDescription"
and row['operation'] == 'call'):
sdp_offer = row['arguments']
self.check_webrtc_sdp_offer(sdp_offer)
else:
item = (row['script_url'], row['symbol'], row['operation'],
row['value'], row['arguments'])
observed_rows.add(item)
assert WEBRTC_CALLS == observed_rows