summaryrefslogtreecommitdiffstats
path: root/dom/security/test/general/browser_test_xfo_embed_object.js
blob: 23ccf609e763ffb4692b341ef2029cc61946ee13 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
"use strict";

const kTestPath = getRootDirectory(gTestPath).replace(
  "chrome://mochitests/content",
  "http://example.com"
);
const kTestXFOEmbedURI = kTestPath + "file_framing_xfo_embed.html";
const kTestXFOObjectURI = kTestPath + "file_framing_xfo_object.html";

const errorMessage = `The loading of “http://example.com/browser/dom/security/test/general/file_framing_xfo_embed_object.sjs” in a frame is denied by “X-Frame-Options“ directive set to “deny“`;

let xfoBlocked = false;

function onXFOMessage(msgObj) {
  const message = msgObj.message;
  const logLevel = msgObj.logLevel;

  if (message.includes(errorMessage)) {
    ok(true, "XFO error message logged");
    xfoBlocked = true;
  }
}

add_task(async function open_test_xfo_embed_blocked() {
  xfoBlocked = false;
  await BrowserTestUtils.withNewTab("about:blank", async function(browser) {
    Services.console.registerListener(onXFOMessage);
    BrowserTestUtils.loadURI(browser, kTestXFOEmbedURI);
    await BrowserTestUtils.waitForCondition(() => xfoBlocked == true);
    Services.console.unregisterListener(onXFOMessage);
  });
});

add_task(async function open_test_xfo_object_blocked() {
  xfoBlocked = false;
  await BrowserTestUtils.withNewTab("about:blank", async function(browser) {
    Services.console.registerListener(onXFOMessage);
    BrowserTestUtils.loadURI(browser, kTestXFOObjectURI);
    await BrowserTestUtils.waitForCondition(() => xfoBlocked == true);
    Services.console.unregisterListener(onXFOMessage);
  });
});