The Tor Browser / file comparison
comparison: caps/tests/mochitest/test_disallowInheritPrincipal.html
caps/tests/mochitest/test_disallowInheritPrincipal.html
- branch
- TOR_BUG_3246
- changeset 7
- 129ffea94266
equal
deleted
inserted
replaced
| -1:000000000000 | 0:42582231ee7f |
|---|---|
| 1 <!DOCTYPE HTML> | |
| 2 <html> | |
| 3 <!-- | |
| 4 https://bugzilla.mozilla.org/show_bug.cgi?id=732413 | |
| 5 --> | |
| 6 <head> | |
| 7 <title>Test for Bug 732413</title> | |
| 8 <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> | |
| 9 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> | |
| 10 </head> | |
| 11 <body> | |
| 12 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=732413">Mozilla Bug 732413</a> | |
| 13 <p id="display"></p> | |
| 14 <div id="content" style="display: none"> | |
| 15 | |
| 16 </div> | |
| 17 <pre id="test"> | |
| 18 <script type="application/javascript"> | |
| 19 | |
| 20 /** Test for Bug 732413 | |
| 21 Passing DISALLOW_INHERIT_PRINCIPAL flag should be effective even if | |
| 22 aPrincipal is the system principal. | |
| 23 **/ | |
| 24 | |
| 25 const nsIScriptSecurityManager = SpecialPowers.Ci.nsIScriptSecurityManager; | |
| 26 var secMan = SpecialPowers.Cc["@mozilla.org/scriptsecuritymanager;1"] | |
| 27 .getService(nsIScriptSecurityManager); | |
| 28 var sysPrincipal = secMan.getSystemPrincipal(); | |
| 29 isnot(sysPrincipal, undefined, "Should have a principal"); | |
| 30 isnot(sysPrincipal, null, "Should have a non-null principal"); | |
| 31 is(secMan.isSystemPrincipal(sysPrincipal), true, | |
| 32 "Should have system principal here"); | |
| 33 | |
| 34 | |
| 35 var ioService = SpecialPowers.Cc["@mozilla.org/network/io-service;1"]. | |
| 36 getService(SpecialPowers.Ci.nsIIOService); | |
| 37 var inheritingURI = ioService.newURI("javascript:1+1", null, null); | |
| 38 | |
| 39 // First try a normal call to checkLoadURIWithPrincipal | |
| 40 try { | |
| 41 secMan.checkLoadURIWithPrincipal(sysPrincipal, inheritingURI, | |
| 42 nsIScriptSecurityManager.STANDARD); | |
| 43 ok(true, "checkLoadURI allowed the load"); | |
| 44 } catch (e) { | |
| 45 ok(false, "checkLoadURI failed unexpectedly: " + e); | |
| 46 } | |
| 47 | |
| 48 // Now call checkLoadURIWithPrincipal with DISALLOW_INHERIT_PRINCIPAL | |
| 49 try { | |
| 50 secMan.checkLoadURIWithPrincipal(sysPrincipal, inheritingURI, | |
| 51 nsIScriptSecurityManager.DISALLOW_INHERIT_PRINCIPAL); | |
| 52 ok(false, "checkLoadURI allowed the load unexpectedly"); | |
| 53 } catch (e) { | |
| 54 ok(true, "checkLoadURI prevented load of principal-inheriting URI"); | |
| 55 } | |
| 56 | |
| 57 </script> | |
| 58 </pre> | |
| 59 </body> | |
| 60 </html> |
