The Tor Browser / file comparison
comparison: browser/components/sessionstore/test/browser_911547.js
browser/components/sessionstore/test/browser_911547.js
- changeset 0
- 6474c204b198
equal
deleted
inserted
replaced
| -1:000000000000 | 0:8cb4c4f6af62 |
|---|---|
| 1 /* Any copyright is dedicated to the Public Domain. | |
| 2 http://creativecommons.org/publicdomain/zero/1.0/ */ | |
| 3 | |
| 4 // This tests that session restore component does restore the right content | |
| 5 // security policy with the document. | |
| 6 // The policy being tested disallows inline scripts | |
| 7 | |
| 8 function test() { | |
| 9 TestRunner.run(); | |
| 10 } | |
| 11 | |
| 12 function runTests() { | |
| 13 // create a tab that has a CSP | |
| 14 let testURL = "http://mochi.test:8888/browser/browser/components/sessionstore/test/browser_911547_sample.html"; | |
| 15 let tab = gBrowser.selectedTab = gBrowser.addTab(testURL); | |
| 16 gBrowser.selectedTab = tab; | |
| 17 | |
| 18 let browser = tab.linkedBrowser; | |
| 19 yield waitForLoad(browser); | |
| 20 | |
| 21 // this is a baseline to ensure CSP is active | |
| 22 // attempt to inject and run a script via inline (pre-restore, allowed) | |
| 23 injectInlineScript(browser,'document.getElementById("test_id").value = "fail";'); | |
| 24 is(browser.contentDocument.getElementById("test_id").value, "ok", | |
| 25 "CSP should block the inline script that modifies test_id"); | |
| 26 | |
| 27 // attempt to click a link to a data: URI (will inherit the CSP of the | |
| 28 // origin document) and navigate to the data URI in the link. | |
| 29 browser.contentDocument.getElementById("test_data_link").click(); | |
| 30 yield waitForLoad(browser); | |
| 31 | |
| 32 is(browser.contentDocument.getElementById("test_id2").value, "ok", | |
| 33 "CSP should block the script loaded by the clicked data URI"); | |
| 34 | |
| 35 // close the tab | |
| 36 gBrowser.removeTab(tab); | |
| 37 | |
| 38 // open new tab and recover the state | |
| 39 tab = ss.undoCloseTab(window, 0); | |
| 40 yield waitForTabRestored(tab); | |
| 41 browser = tab.linkedBrowser; | |
| 42 | |
| 43 is(browser.contentDocument.getElementById("test_id2").value, "ok", | |
| 44 "CSP should block the script loaded by the clicked data URI after restore"); | |
| 45 | |
| 46 // clean up | |
| 47 gBrowser.removeTab(tab); | |
| 48 } | |
| 49 | |
| 50 function waitForLoad(aElement) { | |
| 51 aElement.addEventListener("load", function onLoad() { | |
| 52 aElement.removeEventListener("load", onLoad, true); | |
| 53 executeSoon(next); | |
| 54 }, true); | |
| 55 } | |
| 56 | |
| 57 function waitForTabRestored(aElement) { | |
| 58 aElement.addEventListener("SSTabRestored", function tabRestored(e) { | |
| 59 aElement.removeEventListener("SSTabRestored", tabRestored, true); | |
| 60 executeSoon(next); | |
| 61 }, true); | |
| 62 } | |
| 63 | |
| 64 // injects an inline script element (with a text body) | |
| 65 function injectInlineScript(browser, scriptText) { | |
| 66 let scriptElt = browser.contentDocument.createElement("script"); | |
| 67 scriptElt.type = 'text/javascript'; | |
| 68 scriptElt.text = scriptText; | |
| 69 browser.contentDocument.body.appendChild(scriptElt); | |
| 70 } |
