The Tor Browser / file comparison

comparison: browser/components/sessionstore/test/browser_464620_b.js

browser/components/sessionstore/test/browser_464620_b.js

changeset 0
6474c204b198
equal deleted inserted replaced
-1:000000000000 0:bd368af7a594
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5 function test() {
6 /** Test for Bug 464620 (injection on DOM node insertion) **/
7
8 waitForExplicitFinish();
9
10 let testURL = "http://mochi.test:8888/browser/" +
11 "browser/components/sessionstore/test/browser_464620_b.html";
12
13 var frameCount = 0;
14 let tab = gBrowser.addTab(testURL);
15 tab.linkedBrowser.addEventListener("load", function(aEvent) {
16 // wait for all frames to load completely
17 if (frameCount++ < 6)
18 return;
19 this.removeEventListener("load", arguments.callee, true);
20
21 executeSoon(function() {
22 frameCount = 0;
23 let tab2 = gBrowser.duplicateTab(tab);
24 tab2.linkedBrowser.addEventListener("464620_b", function(aEvent) {
25 tab2.linkedBrowser.removeEventListener("464620_b", arguments.callee, true);
26 is(aEvent.data, "done", "XSS injection was attempted");
27
28 // let form restoration complete and take into account the
29 // setTimeout(..., 0) in sss_restoreDocument_proxy
30 executeSoon(function() {
31 setTimeout(function() {
32 let win = tab2.linkedBrowser.contentWindow;
33 isnot(win.frames[1].document.location, testURL,
34 "cross domain document was loaded");
35 ok(!/XXX/.test(win.frames[1].document.body.innerHTML),
36 "no content was injected");
37
38 // clean up
39 gBrowser.removeTab(tab2);
40 gBrowser.removeTab(tab);
41
42 finish();
43 }, 0);
44 });
45 }, true, true);
46 });
47 }, true);
48 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial