The Tor Browser / file comparison
comparison: browser/components/sessionstore/test/browser_459906.js
browser/components/sessionstore/test/browser_459906.js
- changeset 0
- 6474c204b198
equal
deleted
inserted
replaced
| -1:000000000000 | 0:98d500895af8 |
|---|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 | |
| 5 function test() { | |
| 6 /** Test for Bug 459906 **/ | |
| 7 | |
| 8 waitForExplicitFinish(); | |
| 9 | |
| 10 let testURL = "http://mochi.test:8888/browser/" + | |
| 11 "browser/components/sessionstore/test/browser_459906_sample.html"; | |
| 12 let uniqueValue = "<b>Unique:</b> " + Date.now(); | |
| 13 | |
| 14 var frameCount = 0; | |
| 15 let tab = gBrowser.addTab(testURL); | |
| 16 tab.linkedBrowser.addEventListener("load", function(aEvent) { | |
| 17 // wait for all frames to load completely | |
| 18 if (frameCount++ < 2) | |
| 19 return; | |
| 20 tab.linkedBrowser.removeEventListener("load", arguments.callee, true); | |
| 21 | |
| 22 let iframes = tab.linkedBrowser.contentWindow.frames; | |
| 23 iframes[1].document.body.innerHTML = uniqueValue; | |
| 24 | |
| 25 frameCount = 0; | |
| 26 let tab2 = gBrowser.duplicateTab(tab); | |
| 27 tab2.linkedBrowser.addEventListener("load", function(aEvent) { | |
| 28 // wait for all frames to load (and reload!) completely | |
| 29 if (frameCount++ < 2) | |
| 30 return; | |
| 31 tab2.linkedBrowser.removeEventListener("load", arguments.callee, true); | |
| 32 | |
| 33 executeSoon(function() { | |
| 34 let iframes = tab2.linkedBrowser.contentWindow.frames; | |
| 35 if (iframes[1].document.body.innerHTML !== uniqueValue) { | |
| 36 // Poll again the value, since we can't ensure to run | |
| 37 // after SessionStore has injected innerHTML value. | |
| 38 // See bug 521802. | |
| 39 info("Polling for innerHTML value"); | |
| 40 setTimeout(arguments.callee, 100); | |
| 41 return; | |
| 42 } | |
| 43 | |
| 44 is(iframes[1].document.body.innerHTML, uniqueValue, | |
| 45 "rich textarea's content correctly duplicated"); | |
| 46 | |
| 47 let innerDomain = null; | |
| 48 try { | |
| 49 innerDomain = iframes[0].document.domain; | |
| 50 } | |
| 51 catch (ex) { /* throws for chrome: documents */ } | |
| 52 is(innerDomain, "mochi.test", "XSS exploit prevented!"); | |
| 53 | |
| 54 // clean up | |
| 55 gBrowser.removeTab(tab2); | |
| 56 gBrowser.removeTab(tab); | |
| 57 | |
| 58 finish(); | |
| 59 }); | |
| 60 }, true); | |
| 61 }, true); | |
| 62 } |
