michael@0: const Cu = Components.utils;
michael@0: 
michael@0: function run_test() {
michael@0:   var sb1 = Cu.Sandbox("http://www.blah.com");
michael@0:   var sb2 = Cu.Sandbox("http://www.blah.com");
michael@0:   var sb3 = Cu.Sandbox(this);
michael@0:   var sb4 = Cu.Sandbox("http://www.other.com");
michael@0:   var rv;
michael@0: 
michael@0:   // Components is normally hidden from content on the XBL scope chain, but we
michael@0:   // expose it to content here to make sure that the security wrappers work
michael@0:   // regardless.
michael@0:   [sb1, sb2, sb4].forEach(function(x) { x.Components = Cu.getComponentsForScope(x); });
michael@0: 
michael@0:   // non-chrome accessing chrome Components
michael@0:   sb1.C = Components;
michael@0:   checkThrows("C.utils", sb1);
michael@0:   checkThrows("C.classes", sb1);
michael@0: 
michael@0:   // non-chrome accessing own Components
michael@0:   do_check_eq(Cu.evalInSandbox("typeof Components.interfaces", sb1), 'object');
michael@0:   do_check_eq(Cu.evalInSandbox("typeof Components.utils", sb1), 'undefined');
michael@0:   do_check_eq(Cu.evalInSandbox("typeof Components.classes", sb1), 'undefined');
michael@0: 
michael@0:   // Make sure an unprivileged Components is benign.
michael@0:   var C2 = Cu.evalInSandbox("Components", sb2);
michael@0:   var whitelist = ['interfaces', 'interfacesByID', 'results', 'isSuccessCode', 'QueryInterface'];
michael@0:   for (var prop in Components) {
michael@0:     do_print("Checking " + prop);
michael@0:     do_check_eq((prop in C2), whitelist.indexOf(prop) != -1);
michael@0:   }
michael@0: 
michael@0:   // non-chrome same origin
michael@0:   sb1.C2 = C2;
michael@0:   do_check_eq(Cu.evalInSandbox("typeof C2.interfaces", sb1), 'object');
michael@0:   do_check_eq(Cu.evalInSandbox("typeof C2.utils", sb1), 'undefined');
michael@0:   do_check_eq(Cu.evalInSandbox("typeof C2.classes", sb1), 'undefined');
michael@0: 
michael@0:   // chrome accessing chrome
michael@0:   sb3.C = Components;
michael@0:   rv = Cu.evalInSandbox("C.utils", sb3);
michael@0:   do_check_eq(rv, Cu);
michael@0: 
michael@0:   // non-chrome cross origin
michael@0:   sb4.C2 = C2;
michael@0:   checkThrows("C2.interfaces", sb4);
michael@0:   checkThrows("C2.utils", sb4);
michael@0:   checkThrows("C2.classes", sb4);
michael@0: }
michael@0: 
michael@0: function checkThrows(expression, sb) {
michael@0:   var result = Cu.evalInSandbox('(function() { try { ' + expression + '; return "allowed"; } catch (e) { return e.toString(); }})();', sb);
michael@0:   do_check_true(!!/denied/.exec(result));
michael@0: }