• file
• revisions
• annotate
• diff
• comparison
• raw

content/base/test/csp/file_CSP_evalscript_main.js@6474c204b198 (annotated)

content/base/test/csp/file_CSP_evalscript_main.js

Wed, 31 Dec 2014 06:09:35 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Wed, 31 Dec 2014 06:09:35 +0100

changeset 0

6474c204b198

permissions

-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0	1	// some javascript for the CSP eval() tests
michael@0	2
michael@0	3	function logResult(str, passed) {
michael@0	4	var elt = document.createElement('div');
michael@0	5	var color = passed ? "#cfc;" : "#fcc";
michael@0	6	elt.setAttribute('style', 'background-color:' + color + '; width:100%; border:1px solid black; padding:3px; margin:4px;');
michael@0	7	elt.innerHTML = str;
michael@0	8	document.body.appendChild(elt);
michael@0	9	}
michael@0	10
michael@0	11	window._testResults = {};
michael@0	12
michael@0	13	// callback for when stuff is allowed by CSP
michael@0	14	var onevalexecuted = (function(window) {
michael@0	15	return function(shouldrun, what, data) {
michael@0	16	window._testResults[what] = "ran";
michael@0	17	window.parent.scriptRan(shouldrun, what, data);
michael@0	18	logResult((shouldrun ? "PASS: " : "FAIL: ") + what + " : " + data, shouldrun);
michael@0	19	};})(window);
michael@0	20
michael@0	21	// callback for when stuff is blocked
michael@0	22	var onevalblocked = (function(window) {
michael@0	23	return function(shouldrun, what, data) {
michael@0	24	window._testResults[what] = "blocked";
michael@0	25	window.parent.scriptBlocked(shouldrun, what, data);
michael@0	26	logResult((shouldrun ? "FAIL: " : "PASS: ") + what + " : " + data, !shouldrun);
michael@0	27	};})(window);
michael@0	28
michael@0	29
michael@0	30	// Defer until document is loaded so that we can write the pretty result boxes
michael@0	31	// out.
michael@0	32	addEventListener('load', function() {
michael@0	33	// setTimeout(String) test -- mutate something in the window._testResults
michael@0	34	// obj, then check it.
michael@0	35	{
michael@0	36	var str_setTimeoutWithStringRan = 'onevalexecuted(false, "setTimeout(String)", "setTimeout with a string was enabled.");';
michael@0	37	function fcn_setTimeoutWithStringCheck() {
michael@0	38	if (this._testResults["setTimeout(String)"] !== "ran") {
michael@0	39	onevalblocked(false, "setTimeout(String)",
michael@0	40	"setTimeout with a string was blocked");
michael@0	41	}
michael@0	42	}
michael@0	43	setTimeout(fcn_setTimeoutWithStringCheck.bind(window), 10);
michael@0	44	setTimeout(str_setTimeoutWithStringRan, 10);
michael@0	45	}
michael@0	46
michael@0	47	// setTimeout(function) test -- mutate something in the window._testResults
michael@0	48	// obj, then check it.
michael@0	49	{
michael@0	50	function fcn_setTimeoutWithFunctionRan() {
michael@0	51	onevalexecuted(true, "setTimeout(function)",
michael@0	52	"setTimeout with a function was enabled.")
michael@0	53	}
michael@0	54	function fcn_setTimeoutWithFunctionCheck() {
michael@0	55	if (this._testResults["setTimeout(function)"] !== "ran") {
michael@0	56	onevalblocked(true, "setTimeout(function)",
michael@0	57	"setTimeout with a function was blocked");
michael@0	58	}
michael@0	59	}
michael@0	60	setTimeout(fcn_setTimeoutWithFunctionRan.bind(window), 10);
michael@0	61	setTimeout(fcn_setTimeoutWithFunctionCheck.bind(window), 10);
michael@0	62	}
michael@0	63
michael@0	64	// eval() test -- should throw exception as per spec
michael@0	65	try {
michael@0	66	eval('onevalexecuted(false, "eval(String)", "eval() was enabled.");');
michael@0	67	} catch (e) {
michael@0	68	onevalblocked(false, "eval(String)",
michael@0	69	"eval() was blocked");
michael@0	70	}
michael@0	71
michael@0	72	// eval(foo,bar) test -- should throw exception as per spec
michael@0	73	try {
michael@0	74	eval('onevalexecuted(false, "eval(String,scope)", "eval() was enabled.");',1);
michael@0	75	} catch (e) {
michael@0	76	onevalblocked(false, "eval(String,object)",
michael@0	77	"eval() with scope was blocked");
michael@0	78	}
michael@0	79
michael@0	80	// [foo,bar].sort(eval) test -- should throw exception as per spec
michael@0	81	try {
michael@0	82	['onevalexecuted(false, "[String, obj].sort(eval)", "eval() was enabled.");',1].sort(eval);
michael@0	83	} catch (e) {
michael@0	84	onevalblocked(false, "[String, obj].sort(eval)",
michael@0	85	"eval() with scope via sort was blocked");
michael@0	86	}
michael@0	87
michael@0	88	// [].sort.call([foo,bar], eval) test -- should throw exception as per spec
michael@0	89	try {
michael@0	90	[].sort.call(['onevalexecuted(false, "[String, obj].sort(eval)", "eval() was enabled.");',1], eval);
michael@0	91	} catch (e) {
michael@0	92	onevalblocked(false, "[].sort.call([String, obj], eval)",
michael@0	93	"eval() with scope via sort/call was blocked");
michael@0	94	}
michael@0	95
michael@0	96	// new Function() test -- should throw exception as per spec
michael@0	97	try {
michael@0	98	var fcn = new Function('onevalexecuted(false, "new Function(String)", "new Function(String) was enabled.");');
michael@0	99	fcn();
michael@0	100	} catch (e) {
michael@0	101	onevalblocked(false, "new Function(String)",
michael@0	102	"new Function(String) was blocked.");
michael@0	103	}
michael@0	104
michael@0	105	// setTimeout(eval, 0, str)
michael@0	106	{
michael@0	107	// error is not catchable here, instead, we're going to side-effect
michael@0	108	// 'worked'.
michael@0	109	var worked = false;
michael@0	110
michael@0	111	setTimeout(eval, 0, 'worked = true');
michael@0	112	setTimeout(function(worked) {
michael@0	113	if (worked) {
michael@0	114	onevalexecuted(false, "setTimeout(eval, 0, str)",
michael@0	115	"setTimeout(eval, 0, string) was enabled.");
michael@0	116	} else {
michael@0	117	onevalblocked(false, "setTimeout(eval, 0, str)",
michael@0	118	"setTimeout(eval, 0, str) was blocked.");
michael@0	119	}
michael@0	120	}, 0, worked);
michael@0	121	}
michael@0	122
michael@0	123	}, false);
michael@0	124
michael@0	125
michael@0	126