The Tor Browser: browser/components/sessionstore/test/browser

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     5 function test() {

     6   /** Test for Bug 459906 **/

     8   waitForExplicitFinish();

    10   let testURL = "http://mochi.test:8888/browser/" +

    11     "browser/components/sessionstore/test/browser_459906_sample.html";

    12   let uniqueValue = "<b>Unique:</b> " + Date.now();

    14   var frameCount = 0;

    15   let tab = gBrowser.addTab(testURL);

    16   tab.linkedBrowser.addEventListener("load", function(aEvent) {

    17     // wait for all frames to load completely

    18     if (frameCount++ < 2)

    19       return;

    20     tab.linkedBrowser.removeEventListener("load", arguments.callee, true);

    22     let iframes = tab.linkedBrowser.contentWindow.frames;

    23     iframes[1].document.body.innerHTML = uniqueValue;

    25     frameCount = 0;

    26     let tab2 = gBrowser.duplicateTab(tab);

    27     tab2.linkedBrowser.addEventListener("load", function(aEvent) {

    28       // wait for all frames to load (and reload!) completely

    29       if (frameCount++ < 2)

    30         return;

    31       tab2.linkedBrowser.removeEventListener("load", arguments.callee, true);

    33       executeSoon(function() {

    34         let iframes = tab2.linkedBrowser.contentWindow.frames;

    35         if (iframes[1].document.body.innerHTML !== uniqueValue) {

    36           // Poll again the value, since we can't ensure to run

    37           // after SessionStore has injected innerHTML value.

    38           // See bug 521802.

    39           info("Polling for innerHTML value");

    40           setTimeout(arguments.callee, 100);

    41           return;

    42         }

    44         is(iframes[1].document.body.innerHTML, uniqueValue,

    45            "rich textarea's content correctly duplicated");

    47         let innerDomain = null;

    48         try {

    49           innerDomain = iframes[0].document.domain;

    50         }

    51         catch (ex) { /* throws for chrome: documents */ }

    52         is(innerDomain, "mochi.test", "XSS exploit prevented!");

    54         // clean up

    55         gBrowser.removeTab(tab2);

    56         gBrowser.removeTab(tab);

    58         finish();

    59       });

    60     }, true);

    61   }, true);

    62 }

The Tor Browser / file revision