diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /testing/web-platform/tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-security-check-failure.sub.html | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-security-check-failure.sub.html')
-rw-r--r-- | testing/web-platform/tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-security-check-failure.sub.html | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/testing/web-platform/tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-security-check-failure.sub.html b/testing/web-platform/tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-security-check-failure.sub.html new file mode 100644 index 0000000000..a153ad3e48 --- /dev/null +++ b/testing/web-platform/tests/html/browsers/browsing-the-web/navigating-across-documents/javascript-url-security-check-failure.sub.html @@ -0,0 +1,56 @@ +<!DOCTYPE html> +<meta charset="utf-8"> +<title>javascript: URL security check</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> + +<body> +<script> +"use strict"; + +const cases = [ + ["cross-origin", "http://{{hosts[][www]}}:{{ports[http][0]}}/common/blank.html"], + ["cross-origin-domain but same-origin", "/html/browsers/windows/resources/document-domain-setter.html"] +]; + +for (const [description, url] of cases) { + promise_test(async t => { + const iframe = await insertIframe(t, url); + + const unreached = t.unreached_func("message event fired"); + t.add_cleanup(() => window.removeEventListener("message", unreached)); + window.addEventListener("message", unreached); + + iframe.src = `javascript:parent.postMessage("boo", "*")`; + + // If no message was received after this time, the test passes. + await new Promise(r => t.step_timeout(r, 50)); + }, `${description}, setting src`); + + promise_test(async t => { + const iframe = await insertIframe(t, url); + + const unreached = t.unreached_func("message event fired"); + t.add_cleanup(() => window.removeEventListener("message", unreached)); + window.addEventListener("message", unreached); + + iframe.contentWindow.location.href = `javascript:parent.postMessage("boo", "*")`; + + // If no message was received after this time, the test passes. + await new Promise(r => t.step_timeout(r, 50)); + }, `${description}, setting location.href`); +} + +function insertIframe(t, url) { + return new Promise((resolve, reject) => { + const iframe = document.createElement("iframe"); + iframe.src = url; + iframe.onload = () => resolve(iframe); + iframe.onerror = () => reject(new Error("Failed to load the outer iframe")); + + t.add_cleanup(() => iframe.remove()); + + document.body.append(iframe); + }); +} +</script> |