The Tor Browser / file revision

js/xpconnect/tests/chrome/test_bug792280.xul@6474c204b198

js/xpconnect/tests/chrome/test_bug792280.xul

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 <?xml version="1.0"?>

     2 <?xml-stylesheet type="text/css" href="chrome://global/skin"?>

     3 <?xml-stylesheet type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>

     4 <!--

     5 https://bugzilla.mozilla.org/show_bug.cgi?id=792280

     6 -->

     7 <window title="Mozilla Bug 792280"

     8         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">

     9   <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/>

    10 

    11   <!-- test results are displayed in the html:body -->

    12   <body xmlns="http://www.w3.org/1999/xhtml">

    13   <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=792280"

    14      target="_blank">Mozilla Bug 792280</a>

    15   </body>

    16 

    17   <!-- test code goes here -->

    18   <script type="application/javascript">

    19   <![CDATA[

    20   /** Test for Bug 792280 **/

    21   const Cu = Components.utils;

    22 

    23   function checkSb(sb, expect) {

    24     var target = new Cu.Sandbox('http://www.example.com');

    25     Cu.evalInSandbox('function fun() { return arguments.callee.caller; };', target);

    26     sb.fun = target.fun;

    27     let allowed = false;

    28     try {

    29       allowed = Cu.evalInSandbox('function doTest() { return fun() == doTest; }; doTest()', sb);

    30       isnot(expect, "throw", "Should have thrown");

    31     } catch (e) {

    32       is(expect, "throw", "Should expect exception");

    33       ok(/denied|insecure/.test(e), "Should be a security exception: " + e);

    34     }

    35     is(allowed, expect == "allow", "should censor appropriately");

    36   }

    37 

    38   // Note that COWs are callable, but XOWs are not.

    39   checkSb(new Cu.Sandbox('http://www.example.com'), "allow");

    40   checkSb(new Cu.Sandbox('http://www.example.org'), "throw");

    41   checkSb(new Cu.Sandbox(window), "censor");

    42 

    43   ]]>

    44   </script>

    45 </window>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial