The Tor Browser / file comparison

comparison: docshell/test/iframesandbox/test_top_navigation_by_location_exotic.html

docshell/test/iframesandbox/test_top_navigation_by_location_exotic.html

changeset 0
6474c204b198
equal deleted inserted replaced
-1:000000000000 0:79008515e6ae
1 <!DOCTYPE HTML>
2 <html>
3 <!--
4 https://bugzilla.mozilla.org/show_bug.cgi?id=785310
5 html5 sandboxed iframe should not be able to perform top navigation with scripts allowed
6 -->
7 <head>
8 <meta charset="utf-8">
9 <title>Test for Bug 785310 - iframe sandbox top navigation by location via exotic means tests</title>
10 <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
11 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
12 <script>
13 SimpleTest.waitForExplicitFinish();
14
15 var testWin;
16
17 function runScriptNavigationTest(testCase) {
18 window.onmessage = function(event) {
19 if (event.data.name != 'newWindow') {
20 ok(false, "event.data.name: got '" + event.data.name + "', expected 'newWindow'");
21 }
22 var diag = "top navigation was " + (event.data.blocked ? "" : "NOT ") + "blocked";
23 ok((testCase.shouldBeBlocked == event.data.blocked), testCase.desc, diag);
24 runNextTest();
25 };
26 try {
27 testWin[testCase.iframeName].eval(testCase.script);
28 } catch(e) {
29 ok(testCase.shouldBeBlocked, testCase.desc, e.message);
30 runNextTest();
31 }
32 }
33
34 var testCaseIndex = -1;
35 testCases = [
36 {
37 desc: "Test 1: location.replace.call(top.location, ...) should be blocked when sandboxed without allow-top-navigation",
38 script: "location.replace.call(top.location, 'file_top_navigation_by_location_exotic.html')",
39 iframeName: "if1",
40 shouldBeBlocked: true
41 },
42 {
43 desc: "Test 2: location.replace.bind(top.location, ...) should be blocked when sandboxed without allow-top-navigation",
44 script: "location.replace.bind(top.location, 'file_top_navigation_by_location_exotic.html')()",
45 iframeName: "if1",
46 shouldBeBlocked: true
47 },
48 {
49 desc: "Test 3: Function.bind.call(location.replace, top.location, ...) should be blocked when sandboxed without allow-top-navigation",
50 script: "Function.bind.call(location.replace, top.location, 'file_top_navigation_by_location_exotic.html')()",
51 iframeName: "if1",
52 shouldBeBlocked: true
53 },
54 {
55 desc: "Test 4: location.replace.call(top.location, ...) should NOT be blocked when sandboxed with allow-top-navigation",
56 script: "location.replace.call(top.location, 'file_top_navigation_by_location_exotic.html')",
57 iframeName: "if2",
58 shouldBeBlocked: false
59 },
60 {
61 desc: "Test 5: location.replace.bind(top.location, ...) should NOT be blocked when sandboxed with allow-top-navigation",
62 script: "location.replace.bind(top.location, 'file_top_navigation_by_location_exotic.html')()",
63 iframeName: "if2",
64 shouldBeBlocked: false
65 },
66 {
67 desc: "Test 6: Function.bind.call(location.replace, top.location, ...) should NOT be blocked when sandboxed with allow-top-navigation",
68 script: "Function.bind.call(location.replace, top.location, 'file_top_navigation_by_location_exotic.html')()",
69 iframeName: "if2",
70 shouldBeBlocked: false
71 },
72 {
73 desc: "Test 7: top.location.href, via setTimeout, should be blocked when sandboxed without allow-top-navigation",
74 script: "setTimeout(function() { try { top.location.href = 'file_top_navigation_by_location_exotic.html' } catch (e) { top.onBlock() } }, 0)",
75 iframeName: "if1",
76 shouldBeBlocked: true
77 },
78 {
79 desc: "Test 8: top.location.href, via setTimeout, should NOT be blocked when sandboxed with allow-top-navigation",
80 script: "setTimeout(function() { try { top.location.href = 'file_top_navigation_by_location_exotic.html' } catch(e) { top.onBlock() } }, 0)",
81 iframeName: "if2",
82 shouldBeBlocked: false
83 },
84 {
85 desc: "Test 9: top.location.href, via eval, should be blocked when sandboxed without allow-top-navigation",
86 script: "eval('top.location.href = \"file_top_navigation_by_location_exotic.html\"')",
87 iframeName: "if1",
88 shouldBeBlocked: true
89 },
90 {
91 desc: "Test 10: top.location.href, via eval, should NOT be blocked when sandboxed with allow-top-navigation",
92 script: "eval('top.location.href = \"file_top_navigation_by_location_exotic.html\"')",
93 iframeName: "if2",
94 shouldBeBlocked: false
95 },
96 {
97 desc: "Test 11: top.location.href, via anonymous function, should be blocked when sandboxed without allow-top-navigation",
98 script: "(function() { top.location.href = 'file_top_navigation_by_location_exotic.html' })()",
99 iframeName: "if1",
100 shouldBeBlocked: true
101 },
102 {
103 desc: "Test 12: top.location.href, via anonymous function, should NOT be blocked when sandboxed with allow-top-navigation",
104 script: "(function() { top.location.href = 'file_top_navigation_by_location_exotic.html' })()",
105 iframeName: "if2",
106 shouldBeBlocked: false
107 },
108 {
109 desc: "Test 13: top.location.href, via function inserted in top, should be blocked when sandboxed without allow-top-navigation",
110 script: "top.doTest = function() { top.location.href = 'file_top_navigation_by_location_exotic.html' }; top.doTest();",
111 iframeName: "if1",
112 shouldBeBlocked: true
113 },
114 {
115 desc: "Test 14: top.location.href, via function inserted in top, should NOT be blocked when sandboxed with allow-top-navigation",
116 script: "top.doTest = function() { top.location.href = 'file_top_navigation_by_location_exotic.html' }; top.doTest();",
117 iframeName: "if2",
118 shouldBeBlocked: false
119 },
120 {
121 desc: "Test 15: top.location.href, via function inserted in us by top, should NOT be blocked when sandboxed without allow-top-navigation",
122 script: "top.eval('window[\"if1\"].doTest = function() { top.location.href = \"file_top_navigation_by_location_exotic.html\" };'), doTest();",
123 iframeName: "if1",
124 shouldBeBlocked: false
125 },
126 {
127 desc: "Test 16: top.location.href, via function inserted in top, should NOT be blocked when sandboxed with allow-top-navigation",
128 script: "top.eval('window[\"if2\"].doTest = function() { top.location.href = \"file_top_navigation_by_location_exotic.html\" };'), doTest();",
129 iframeName: "if2",
130 shouldBeBlocked: false
131 },
132 {
133 desc: "Test 17: top.location.href, via function in top, should NOT be blocked when sandboxed without allow-top-navigation",
134 script: "top.setOwnHref()",
135 iframeName: "if1",
136 shouldBeBlocked: false
137 },
138 {
139 desc: "Test 18: top.location.href, via function in top, should NOT be blocked when sandboxed with allow-top-navigation",
140 script: "top.setOwnHref()",
141 iframeName: "if2",
142 shouldBeBlocked: false
143 },
144 {
145 desc: "Test 19: top.location.href, via eval in top, should NOT be blocked when sandboxed without allow-top-navigation",
146 script: "top.eval('location.href = \"file_top_navigation_by_location_exotic.html\"')",
147 iframeName: "if1",
148 shouldBeBlocked: false
149 },
150 {
151 desc: "Test 20: top.location.href, via eval in top, should NOT be blocked when sandboxed with allow-top-navigation",
152 script: "top.eval('location.href = \"file_top_navigation_by_location_exotic.html\"')",
153 iframeName: "if2",
154 shouldBeBlocked: false
155 },
156 {
157 desc: "Test 21: top.location.href, via eval in top calling us, should be blocked when sandboxed without allow-top-navigation",
158 script: "function doTest() { top.location.href = 'file_top_navigation_by_location_exotic.html' } top.eval('window[\"if1\"].doTest()');",
159 iframeName: "if1",
160 shouldBeBlocked: true
161 },
162 {
163 desc: "Test 22: top.location.href, via eval in top calling us, should NOT be blocked when sandboxed with allow-top-navigation",
164 script: "function doTest() { top.location.href = 'file_top_navigation_by_location_exotic.html' } top.eval('window[\"if2\"].doTest()');",
165 iframeName: "if2",
166 shouldBeBlocked: false
167 },
168 {
169 desc: "Test 23: top.location.href, via function bound to top, should be blocked when sandboxed without allow-top-navigation",
170 script: "(function() { top.location.href = 'file_top_navigation_by_location_exotic.html' }).bind(top)();",
171 iframeName: "if1",
172 shouldBeBlocked: true
173 },
174 {
175 desc: "Test 24: top.location.href, via function bound to top, should NOT be blocked when sandboxed with allow-top-navigation",
176 script: "(function() { top.location.href = 'file_top_navigation_by_location_exotic.html' }).bind(top)();",
177 iframeName: "if2",
178 shouldBeBlocked: false
179 }
180 ];
181
182 function runNextTest() {
183 ++testCaseIndex;
184 if (testCaseIndex == testCases.length) {
185 testWin.close();
186 SimpleTest.finish();
187 return;
188 }
189
190 runScriptNavigationTest(testCases[testCaseIndex]);
191 }
192
193 window.onmessage = runNextTest;
194 testWin = window.open('file_top_navigation_by_location_exotic.html', "newWindow");
195 </script>
196 </head>
197 <body>
198 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=785310">Mozilla Bug 785310</a>
199 <p id="display"></p>
200 <div id="content">
201 Tests for Bug 785310
202 </div>
203 </body>
204 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial