The Tor Browser / file comparison
comparison: dom/tests/mochitest/bugs/test_bug541530.html
dom/tests/mochitest/bugs/test_bug541530.html
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:bcc3e6c71364 |
|---|---|
| 1 <!DOCTYPE html> | |
| 2 <html> | |
| 3 <!-- | |
| 4 https://bugzilla.mozilla.org/show_bug.cgi?id=541530 | |
| 5 --> | |
| 6 <head> | |
| 7 <title>Test for Bug 411103</title> | |
| 8 <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> | |
| 9 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> | |
| 10 </head> | |
| 11 <body> | |
| 12 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=541530">Mozilla Bug 541530</a> | |
| 13 <p id="display"></p> | |
| 14 <div id="content" style="display: none"></div> | |
| 15 | |
| 16 <pre id="test"> | |
| 17 <script class="testbody" type="text/javascript"> | |
| 18 | |
| 19 var orig = window; | |
| 20 window = {}; | |
| 21 | |
| 22 var origLocation = location; | |
| 23 | |
| 24 ok(window === orig, "can't override window"); | |
| 25 ok(window.location === location, "properties are properly aliased"); | |
| 26 ok(document.location === location, "properties are properly aliased"); | |
| 27 | |
| 28 var canDefine = false; | |
| 29 try { | |
| 30 var foo; | |
| 31 this.__defineGetter__.call(foo, 'bar', function() {}); | |
| 32 this.__defineSetter__.call(foo, 'bar', function() {}); | |
| 33 canDefine = true; | |
| 34 } catch (e) {} | |
| 35 ok(canDefine, "Should have access to __defineGetter__ and __defineSetter__"); | |
| 36 | |
| 37 try { | |
| 38 this.__defineGetter__('window', function() {}); | |
| 39 ok(false, "should not be able to defineGetter(window)"); | |
| 40 } catch (e) { | |
| 41 } | |
| 42 | |
| 43 try { | |
| 44 this.__defineGetter__.call(window, 'location', function(){}); | |
| 45 ok(false, "should not be able to defineGetter(window.location)"); | |
| 46 } catch (e) { | |
| 47 } | |
| 48 | |
| 49 try { | |
| 50 this.__defineGetter__.call(window.location, 'href', function(){}); | |
| 51 ok(false, "shouldn't be able to override location.href"); | |
| 52 } catch (e) { | |
| 53 ok(/shadow/.exec(e.message), "Should be caught by the anti-shadow mechanism."); | |
| 54 } | |
| 55 | |
| 56 // Try deleting the property. | |
| 57 delete window.location.href; | |
| 58 ok(typeof window.location.href !== 'undefined', | |
| 59 "shouldn't be able to delete the inherited property"); | |
| 60 delete Object.getPrototypeOf(window.location).href; | |
| 61 ok(typeof window.location.href !== 'undefined', | |
| 62 "shouldn't be able to delete the property off of the prototype"); | |
| 63 | |
| 64 try { | |
| 65 this.__defineGetter__.call(Object.getPrototypeOf(window.location), 'href', function(){}); | |
| 66 ok(false, "shouldn't be able to use the prototype"); | |
| 67 } catch (e) { | |
| 68 } | |
| 69 | |
| 70 try { | |
| 71 this.__defineSetter__.call(window.location, 'href', function(){}); | |
| 72 ok(false, "overrode a setter for location.href?"); | |
| 73 } catch (e) { | |
| 74 ok(/shadow/.exec(e.message), "Should be caught by the anti-shadow mechanism."); | |
| 75 } | |
| 76 | |
| 77 try { | |
| 78 this.__defineGetter__.call(document, 'location', function(){}); | |
| 79 ok(false, "shouldn't be able to override document.location"); | |
| 80 } catch (e) { | |
| 81 } | |
| 82 | |
| 83 ok(window === orig, "can't override window"); | |
| 84 ok(window.location === origLocation, "properties are properly aliased"); | |
| 85 ok(document.location === origLocation, "properties are properly aliased"); | |
| 86 | |
| 87 location.href = 'javascript:ok(true, "was able to set location.href through a watchpoint")'; | |
| 88 | |
| 89 </script> | |
| 90 </pre> | |
| 91 </body> | |
| 92 </html> |
