89 lines
3 KiB
JavaScript
89 lines
3 KiB
JavaScript
/* Any copyright is dedicated to the Public Domain.
|
|
http://creativecommons.org/publicdomain/zero/1.0/ */
|
|
|
|
const { ExtensionTestUtils } = ChromeUtils.importESModule(
|
|
"resource://testing-common/ExtensionXPCShellUtils.sys.mjs"
|
|
);
|
|
|
|
add_task(async function test_permissions_sent_over_ipc_on_bloburl() {
|
|
const ssm = Services.scriptSecurityManager;
|
|
const pm = Services.perms;
|
|
|
|
// setup a profile.
|
|
do_get_profile();
|
|
|
|
async function assertExpectedContentPage() {
|
|
const [processType, remoteType, principalSpec] = await page.spawn(
|
|
[],
|
|
async () => {
|
|
return [
|
|
Services.appinfo.processType,
|
|
Services.appinfo.remoteType,
|
|
this.content.document.nodePrincipal.spec,
|
|
];
|
|
}
|
|
);
|
|
|
|
equal(
|
|
processType,
|
|
Services.appinfo.PROCESS_TYPE_CONTENT,
|
|
"Got a content process"
|
|
);
|
|
equal(remoteType, "file", "Got a file child process");
|
|
equal(principalSpec, principal.spec, "Got the expected document principal");
|
|
}
|
|
|
|
function getChildProcessID(contentPage) {
|
|
return contentPage.spawn([], () => Services.appinfo.processID);
|
|
}
|
|
|
|
async function assertHasAllowedPermission(contentPage, perm) {
|
|
const isPermissionAllowed = await contentPage.spawn(
|
|
[perm],
|
|
permName =>
|
|
Services.perms.getPermissionObject(
|
|
this.content.document.nodePrincipal,
|
|
permName,
|
|
true
|
|
)?.capability === Services.perms.ALLOW_ACTION
|
|
);
|
|
ok(isPermissionAllowed, `Permission "${perm}" allowed as expected`);
|
|
}
|
|
|
|
let file = do_get_file(".", true);
|
|
let fileURI = Services.io.newFileURI(file);
|
|
const principal = ssm.createContentPrincipal(fileURI, {});
|
|
info(`Add a test permission to the document principal: ${principal.spec}`);
|
|
pm.addFromPrincipal(principal, "test/perm", pm.ALLOW_ACTION);
|
|
|
|
info("Test expected permission is propagated into the child process");
|
|
let page = await ExtensionTestUtils.loadContentPage(fileURI.spec);
|
|
const childID1 = await getChildProcessID(page);
|
|
await assertExpectedContentPage(page);
|
|
await assertHasAllowedPermission(page, "test/perm");
|
|
await page.close();
|
|
|
|
// Ensure this blob url does not prevent permissions to be propagated
|
|
// to a new child process.
|
|
info("Create a blob url for a non http/https principal");
|
|
const blob = new Blob();
|
|
const blobURL = URL.createObjectURL(blob);
|
|
ok(blobURL, "Got a blob URL");
|
|
|
|
info("Test expected permission is still propagated");
|
|
page = await ExtensionTestUtils.loadContentPage(fileURI.spec);
|
|
const childID2 = await getChildProcessID(page);
|
|
await assertExpectedContentPage(page);
|
|
Assert.notEqual(childID1, childID2, "Got a new child process as expected");
|
|
await assertHasAllowedPermission(page, "test/perm");
|
|
await page.close();
|
|
|
|
URL.revokeObjectURL(blobURL);
|
|
|
|
page = await ExtensionTestUtils.loadContentPage(fileURI.spec);
|
|
const childID3 = await getChildProcessID(page);
|
|
await assertExpectedContentPage(page);
|
|
Assert.notEqual(childID2, childID3, "Got a new child process as expected");
|
|
await assertHasAllowedPermission(page, "test/perm");
|
|
await page.close();
|
|
});
|