The Tor Browser / file comparison
comparison: docshell/test/iframesandbox/test_our_auxiliary_navigation_by_location.html
docshell/test/iframesandbox/test_our_auxiliary_navigation_by_location.html
- changeset 0
- 6474c204b198
equal
deleted
inserted
replaced
| -1:000000000000 | 0:be013df495b2 |
|---|---|
| 1 <!DOCTYPE HTML> | |
| 2 <html> | |
| 3 <!-- | |
| 4 https://bugzilla.mozilla.org/show_bug.cgi?id=785310 | |
| 5 html5 sandboxed iframe should not be able to perform top navigation with scripts allowed | |
| 6 --> | |
| 7 <head> | |
| 8 <meta charset="utf-8"> | |
| 9 <title>Test for Bug 785310 - iframe sandbox our auxiliary navigation by location tests</title> | |
| 10 <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> | |
| 11 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> | |
| 12 | |
| 13 <script> | |
| 14 SimpleTest.waitForExplicitFinish(); | |
| 15 | |
| 16 function runScriptNavigationTest(testCase) { | |
| 17 window.onmessage = function(event) { | |
| 18 if (event.data != "ourWindow") { | |
| 19 ok(false, "event.data: got '" + event.data + "', expected 'ourWindow'"); | |
| 20 } | |
| 21 ok(!testCase.shouldBeBlocked, testCase.desc, "auxiliary navigation was NOT blocked"); | |
| 22 runNextTest(); | |
| 23 }; | |
| 24 try { | |
| 25 SpecialPowers.wrap(window["testIframe"]).eval(testCase.script); | |
| 26 } catch(e) { | |
| 27 ok(testCase.shouldBeBlocked, testCase.desc, SpecialPowers.wrap(e).message); | |
| 28 runNextTest(); | |
| 29 } | |
| 30 } | |
| 31 | |
| 32 var testCaseIndex = -1; | |
| 33 testCases = [ | |
| 34 { | |
| 35 desc: "Test 1: location.replace on auxiliary opened by us should NOT be blocked", | |
| 36 script: "openedWindow.location.replace('file_our_auxiliary_navigation_by_location.html')", | |
| 37 shouldBeBlocked: false | |
| 38 }, | |
| 39 { | |
| 40 desc: "Test 2: location.assign on auxiliary opened by us should be blocked without allow-same-origin", | |
| 41 script: "openedWindow.location.assign('file_our_auxiliary_navigation_by_location.html')", | |
| 42 shouldBeBlocked: true | |
| 43 }, | |
| 44 { | |
| 45 desc: "Test 3: location.href on auxiliary opened by us should NOT be blocked", | |
| 46 script: "openedWindow.location.href = 'file_our_auxiliary_navigation_by_location.html'", | |
| 47 shouldBeBlocked: false | |
| 48 }, | |
| 49 { | |
| 50 desc: "Test 4: location.hash on auxiliary opened by us should be blocked without allow-same-origin", | |
| 51 script: "openedWindow.location.hash = 'wibble'", | |
| 52 shouldBeBlocked: true | |
| 53 } | |
| 54 ]; | |
| 55 | |
| 56 function runNextTest() { | |
| 57 ++testCaseIndex; | |
| 58 if (testCaseIndex == testCases.length) { | |
| 59 SpecialPowers.wrap(window["testIframe"]).eval("openedWindow.close()"); | |
| 60 SimpleTest.finish(); | |
| 61 return; | |
| 62 } | |
| 63 | |
| 64 runScriptNavigationTest(testCases[testCaseIndex]); | |
| 65 } | |
| 66 | |
| 67 window.onmessage = runNextTest; | |
| 68 | |
| 69 window.onload = function() { | |
| 70 SpecialPowers.wrap(window["testIframe"]).eval("var openedWindow = window.open('file_our_auxiliary_navigation_by_location.html', 'ourWindow')"); | |
| 71 } | |
| 72 </script> | |
| 73 | |
| 74 </head> | |
| 75 <body> | |
| 76 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=785310">Mozilla Bug 785310</a> | |
| 77 <p id="display"></p> | |
| 78 <div id="content"> | |
| 79 Tests for Bug 785310 | |
| 80 </div> | |
| 81 | |
| 82 <iframe name="testIframe" sandbox="allow-scripts allow-popups"></iframe> | |
| 83 </body> | |
| 84 </html> |
