js/xpconnect/tests/chrome/test_bug792280.xul@129ffea94266 (annotated)
js/xpconnect/tests/chrome/test_bug792280.xul
Sat, 03 Jan 2015 20:18:00 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 03 Jan 2015 20:18:00 +0100
- branch
- TOR_BUG_3246
- changeset 7
- 129ffea94266
- permissions
- -rw-r--r--
Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.
| michael@0 | 1 | <?xml version="1.0"?> |
| michael@0 | 2 | <?xml-stylesheet type="text/css" href="chrome://global/skin"?> |
| michael@0 | 3 | <?xml-stylesheet type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?> |
| michael@0 | 4 | <!-- |
| michael@0 | 5 | https://bugzilla.mozilla.org/show_bug.cgi?id=792280 |
| michael@0 | 6 | --> |
| michael@0 | 7 | <window title="Mozilla Bug 792280" |
| michael@0 | 8 | xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> |
| michael@0 | 9 | <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/> |
| michael@0 | 10 | |
| michael@0 | 11 | <!-- test results are displayed in the html:body --> |
| michael@0 | 12 | <body xmlns="http://www.w3.org/1999/xhtml"> |
| michael@0 | 13 | <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=792280" |
| michael@0 | 14 | target="_blank">Mozilla Bug 792280</a> |
| michael@0 | 15 | </body> |
| michael@0 | 16 | |
| michael@0 | 17 | <!-- test code goes here --> |
| michael@0 | 18 | <script type="application/javascript"> |
| michael@0 | 19 | <![CDATA[ |
| michael@0 | 20 | /** Test for Bug 792280 **/ |
| michael@0 | 21 | const Cu = Components.utils; |
| michael@0 | 22 | |
| michael@0 | 23 | function checkSb(sb, expect) { |
| michael@0 | 24 | var target = new Cu.Sandbox('http://www.example.com'); |
| michael@0 | 25 | Cu.evalInSandbox('function fun() { return arguments.callee.caller; };', target); |
| michael@0 | 26 | sb.fun = target.fun; |
| michael@0 | 27 | let allowed = false; |
| michael@0 | 28 | try { |
| michael@0 | 29 | allowed = Cu.evalInSandbox('function doTest() { return fun() == doTest; }; doTest()', sb); |
| michael@0 | 30 | isnot(expect, "throw", "Should have thrown"); |
| michael@0 | 31 | } catch (e) { |
| michael@0 | 32 | is(expect, "throw", "Should expect exception"); |
| michael@0 | 33 | ok(/denied|insecure/.test(e), "Should be a security exception: " + e); |
| michael@0 | 34 | } |
| michael@0 | 35 | is(allowed, expect == "allow", "should censor appropriately"); |
| michael@0 | 36 | } |
| michael@0 | 37 | |
| michael@0 | 38 | // Note that COWs are callable, but XOWs are not. |
| michael@0 | 39 | checkSb(new Cu.Sandbox('http://www.example.com'), "allow"); |
| michael@0 | 40 | checkSb(new Cu.Sandbox('http://www.example.org'), "throw"); |
| michael@0 | 41 | checkSb(new Cu.Sandbox(window), "censor"); |
| michael@0 | 42 | |
| michael@0 | 43 | ]]> |
| michael@0 | 44 | </script> |
| michael@0 | 45 | </window> |
