michael@0: /* Any copyright is dedicated to the Public Domain. michael@0: http://creativecommons.org/publicdomain/zero/1.0/ */ michael@0: michael@0: // This tests that session restore component does restore the right content michael@0: // security policy with the document. michael@0: // The policy being tested disallows inline scripts michael@0: michael@0: function test() { michael@0: TestRunner.run(); michael@0: } michael@0: michael@0: function runTests() { michael@0: // create a tab that has a CSP michael@0: let testURL = "http://mochi.test:8888/browser/browser/components/sessionstore/test/browser_911547_sample.html"; michael@0: let tab = gBrowser.selectedTab = gBrowser.addTab(testURL); michael@0: gBrowser.selectedTab = tab; michael@0: michael@0: let browser = tab.linkedBrowser; michael@0: yield waitForLoad(browser); michael@0: michael@0: // this is a baseline to ensure CSP is active michael@0: // attempt to inject and run a script via inline (pre-restore, allowed) michael@0: injectInlineScript(browser,'document.getElementById("test_id").value = "fail";'); michael@0: is(browser.contentDocument.getElementById("test_id").value, "ok", michael@0: "CSP should block the inline script that modifies test_id"); michael@0: michael@0: // attempt to click a link to a data: URI (will inherit the CSP of the michael@0: // origin document) and navigate to the data URI in the link. michael@0: browser.contentDocument.getElementById("test_data_link").click(); michael@0: yield waitForLoad(browser); michael@0: michael@0: is(browser.contentDocument.getElementById("test_id2").value, "ok", michael@0: "CSP should block the script loaded by the clicked data URI"); michael@0: michael@0: // close the tab michael@0: gBrowser.removeTab(tab); michael@0: michael@0: // open new tab and recover the state michael@0: tab = ss.undoCloseTab(window, 0); michael@0: yield waitForTabRestored(tab); michael@0: browser = tab.linkedBrowser; michael@0: michael@0: is(browser.contentDocument.getElementById("test_id2").value, "ok", michael@0: "CSP should block the script loaded by the clicked data URI after restore"); michael@0: michael@0: // clean up michael@0: gBrowser.removeTab(tab); michael@0: } michael@0: michael@0: function waitForLoad(aElement) { michael@0: aElement.addEventListener("load", function onLoad() { michael@0: aElement.removeEventListener("load", onLoad, true); michael@0: executeSoon(next); michael@0: }, true); michael@0: } michael@0: michael@0: function waitForTabRestored(aElement) { michael@0: aElement.addEventListener("SSTabRestored", function tabRestored(e) { michael@0: aElement.removeEventListener("SSTabRestored", tabRestored, true); michael@0: executeSoon(next); michael@0: }, true); michael@0: } michael@0: michael@0: // injects an inline script element (with a text body) michael@0: function injectInlineScript(browser, scriptText) { michael@0: let scriptElt = browser.contentDocument.createElement("script"); michael@0: scriptElt.type = 'text/javascript'; michael@0: scriptElt.text = scriptText; michael@0: browser.contentDocument.body.appendChild(scriptElt); michael@0: }