1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/browser/components/sessionstore/test/browser_466937.js Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,42 @@
1.4 +/* Any copyright is dedicated to the Public Domain.
1.5 + * http://creativecommons.org/publicdomain/zero/1.0/ */
1.6 +
1.7 +"use strict";
1.8 +
1.9 +const URL = ROOT + "browser_466937_sample.html";
1.10 +
1.11 +/**
1.12 + * Bug 466937 - Prevent file stealing with sessionstore.
1.13 + */
1.14 +add_task(function test_prevent_file_stealing() {
1.15 + // Add a tab with some file input fields.
1.16 + let tab = gBrowser.addTab(URL);
1.17 + let browser = tab.linkedBrowser;
1.18 + yield promiseBrowserLoaded(browser);
1.19 +
1.20 + // Generate a path to a 'secret' file.
1.21 + let file = Services.dirsvc.get("TmpD", Ci.nsIFile);
1.22 + file.append("466937_test.file");
1.23 + file.createUnique(Ci.nsIFile.NORMAL_FILE_TYPE, parseInt("666", 8));
1.24 + let testPath = file.path;
1.25 +
1.26 + // Fill in form values.
1.27 + yield setInputValue(browser, {id: "reverse_thief", value: "/home/user/secret2"});
1.28 + yield setInputValue(browser, {id: "bystander", value: testPath});
1.29 +
1.30 + // Duplicate and check form values.
1.31 + let tab2 = gBrowser.duplicateTab(tab);
1.32 + let browser2 = tab2.linkedBrowser;
1.33 + yield promiseTabRestored(tab2);
1.34 +
1.35 + let thief = yield getInputValue(browser2, {id: "thief"});
1.36 + is(thief, "", "file path wasn't set to text field value");
1.37 + let reverse_thief = yield getInputValue(browser2, {id: "reverse_thief"});
1.38 + is(reverse_thief, "", "text field value wasn't set to full file path");
1.39 + let bystander = yield getInputValue(browser2, {id: "bystander"});
1.40 + is(bystander, testPath, "normal case: file path was correctly preserved");
1.41 +
1.42 + // Cleanup.
1.43 + gBrowser.removeTab(tab);
1.44 + gBrowser.removeTab(tab2);
1.45 +});
