diff options
Diffstat (limited to '')
| -rw-r--r-- | dom/base/test/browser_bug593387.js | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/dom/base/test/browser_bug593387.js b/dom/base/test/browser_bug593387.js new file mode 100644 index 0000000000..1ae3bc5dd9 --- /dev/null +++ b/dom/base/test/browser_bug593387.js @@ -0,0 +1,110 @@ +/* + * Test for bug 593387 + * Loads a chrome document in a content docshell and then inserts a + * X-Frame-Options: DENY iframe into the document and verifies that the document + * loads. The policy we are enforcing is outlined here: + * https://bugzilla.mozilla.org/show_bug.cgi?id=593387#c17 + */ + +add_task(async function test() { + // We have to disable CSP for this test otherwise the CSP of about:plugins will + // block the dynamic frame creation. + await SpecialPowers.pushPrefEnv({ + set: [ + ["security.csp.enable", false], + ["dom.security.skip_about_page_has_csp_assert", true], + ], + }); + + await BrowserTestUtils.withNewTab( + { gBrowser, url: "about:plugins" }, + async function(newBrowser) { + // --------------------------------------------------- + // Test 1: We load the about: page in the parent process, so this will work. + await SpecialPowers.spawn(newBrowser, [], async function() { + // Insert an iframe that specifies "X-Frame-Options: DENY" and verify + // that it loads, since the top context is chrome + var frame = content.document.createElement("iframe"); + frame.src = + "http://mochi.test:8888/browser/dom/base/test/file_x-frame-options_page.sjs?testid=deny&xfo=deny"; + content.document.body.appendChild(frame); + + // wait till the iframe is load + await new content.Promise(done => { + frame.addEventListener( + "load", + function() { + done(); + }, + { capture: true, once: true } + ); + }); + + await SpecialPowers.spawn(frame, [], () => { + var testFrame = content.document.getElementById("test"); + Assert.equal(testFrame.tagName, "H1", "wrong element type"); + Assert.equal(testFrame.textContent, "deny", "wrong textContent"); + }); + }); + + // --------------------------------------------------- + // Test 2: Try the same with a content top-level context) + + BrowserTestUtils.loadURI(newBrowser, "http://example.com/"); + await BrowserTestUtils.browserLoaded(newBrowser); + + let observerData = await SpecialPowers.spawn( + newBrowser, + [], + async function() { + var observerDeferred = {}; + observerDeferred.promise = new Promise(resolve => { + observerDeferred.resolve = resolve; + }); + + // X-Frame-Options checks happen in the parent, hence we have to + // proxy the csp violation notifications. + SpecialPowers.registerObservers("xfo-on-violate-policy"); + + function examiner() { + SpecialPowers.addObserver( + this, + "specialpowers-xfo-on-violate-policy" + ); + } + examiner.prototype = { + observe(subject, topic, data) { + var asciiSpec = SpecialPowers.getPrivilegedProps( + SpecialPowers.do_QueryInterface(subject, "nsIURI"), + "asciiSpec" + ); + + myExaminer.remove(); + observerDeferred.resolve({ asciiSpec, topic, data }); + }, + remove() { + SpecialPowers.removeObserver( + this, + "specialpowers-xfo-on-violate-policy" + ); + }, + }; + let myExaminer = new examiner(); + + var frame = content.document.createElement("iframe"); + frame.src = + "http://mochi.test:8888/browser/dom/base/test/file_x-frame-options_page.sjs?testid=deny&xfo=deny"; + content.document.body.appendChild(frame); + return observerDeferred.promise; + } + ); + is( + observerData.asciiSpec, + "http://mochi.test:8888/browser/dom/base/test/file_x-frame-options_page.sjs?testid=deny&xfo=deny", + "correct subject" + ); + ok(observerData.topic.endsWith("xfo-on-violate-policy"), "correct topic"); + is(observerData.data, "DENY", "correct data"); + } + ); +}); |