The Tor Browser / annotate

browser/components/sessionstore/test/browser_911547.js@6474c204b198 (annotated)

browser/components/sessionstore/test/browser_911547.js

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0 1 /* Any copyright is dedicated to the Public Domain.
michael@0 2 http://creativecommons.org/publicdomain/zero/1.0/ */
michael@0 3
michael@0 4 // This tests that session restore component does restore the right content
michael@0 5 // security policy with the document.
michael@0 6 // The policy being tested disallows inline scripts
michael@0 7
michael@0 8 function test() {
michael@0 9 TestRunner.run();
michael@0 10 }
michael@0 11
michael@0 12 function runTests() {
michael@0 13 // create a tab that has a CSP
michael@0 14 let testURL = "http://mochi.test:8888/browser/browser/components/sessionstore/test/browser_911547_sample.html";
michael@0 15 let tab = gBrowser.selectedTab = gBrowser.addTab(testURL);
michael@0 16 gBrowser.selectedTab = tab;
michael@0 17
michael@0 18 let browser = tab.linkedBrowser;
michael@0 19 yield waitForLoad(browser);
michael@0 20
michael@0 21 // this is a baseline to ensure CSP is active
michael@0 22 // attempt to inject and run a script via inline (pre-restore, allowed)
michael@0 23 injectInlineScript(browser,'document.getElementById("test_id").value = "fail";');
michael@0 24 is(browser.contentDocument.getElementById("test_id").value, "ok",
michael@0 25 "CSP should block the inline script that modifies test_id");
michael@0 26
michael@0 27 // attempt to click a link to a data: URI (will inherit the CSP of the
michael@0 28 // origin document) and navigate to the data URI in the link.
michael@0 29 browser.contentDocument.getElementById("test_data_link").click();
michael@0 30 yield waitForLoad(browser);
michael@0 31
michael@0 32 is(browser.contentDocument.getElementById("test_id2").value, "ok",
michael@0 33 "CSP should block the script loaded by the clicked data URI");
michael@0 34
michael@0 35 // close the tab
michael@0 36 gBrowser.removeTab(tab);
michael@0 37
michael@0 38 // open new tab and recover the state
michael@0 39 tab = ss.undoCloseTab(window, 0);
michael@0 40 yield waitForTabRestored(tab);
michael@0 41 browser = tab.linkedBrowser;
michael@0 42
michael@0 43 is(browser.contentDocument.getElementById("test_id2").value, "ok",
michael@0 44 "CSP should block the script loaded by the clicked data URI after restore");
michael@0 45
michael@0 46 // clean up
michael@0 47 gBrowser.removeTab(tab);
michael@0 48 }
michael@0 49
michael@0 50 function waitForLoad(aElement) {
michael@0 51 aElement.addEventListener("load", function onLoad() {
michael@0 52 aElement.removeEventListener("load", onLoad, true);
michael@0 53 executeSoon(next);
michael@0 54 }, true);
michael@0 55 }
michael@0 56
michael@0 57 function waitForTabRestored(aElement) {
michael@0 58 aElement.addEventListener("SSTabRestored", function tabRestored(e) {
michael@0 59 aElement.removeEventListener("SSTabRestored", tabRestored, true);
michael@0 60 executeSoon(next);
michael@0 61 }, true);
michael@0 62 }
michael@0 63
michael@0 64 // injects an inline script element (with a text body)
michael@0 65 function injectInlineScript(browser, scriptText) {
michael@0 66 let scriptElt = browser.contentDocument.createElement("script");
michael@0 67 scriptElt.type = 'text/javascript';
michael@0 68 scriptElt.text = scriptText;
michael@0 69 browser.contentDocument.body.appendChild(scriptElt);
michael@0 70 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial