Adding upstream version 124.0.1.upstream/124.0.1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 00:47:55 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 00:47:55 +0000
commit: 26a029d407be480d791972afb5975cf62c9360a6 (patch)
tree: f435a8308119effd964b339f76abb83a57c29483 /toolkit/components/antitracking/test/browser/browser_partitionkey_bloburl.js
parent: Initial commit. (diff)
download: firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz
firefox-26a029d407be480d791972afb5975cf62c9360a6.zip
1 files changed, 193 insertions, 0 deletions
diff --git a/toolkit/components/antitracking/test/browser/browser_partitionkey_bloburl.js b/toolkit/components/antitracking/test/browser/browser_partitionkey_bloburl.js
new file mode 100644
index 0000000000..3dc3f36742
--- /dev/null
+++ b/toolkit/components/antitracking/test/browser/browser_partitionkey_bloburl.js
@@ -0,0 +1,193 @@
+const BASE_URI =
+  "https://example.net/browser/toolkit/components/antitracking/test/browser/blobPartitionPage.html";
+const EMPTY_URI =
+  // eslint-disable-next-line @microsoft/sdl/no-insecure-url
+  "https://example.com/browser/toolkit/components/antitracking/test/browser/empty.html";
+
+add_setup(async function () {
+  await SpecialPowers.pushPrefEnv({
+    set: [["privacy.partition.bloburl_per_partition_key", true]],
+  });
+});
+
+// Ensuring Blob URL cannot be resolved under a different
+// top-level domain other than its original creation top-level domain
+add_task(async function test_different_tld_with_iframe() {
+  let tab1 = await BrowserTestUtils.openNewForegroundTab(gBrowser, BASE_URI);
+  let browser1 = gBrowser.getBrowserForTab(tab1);
+  let blobURL = await SpecialPowers.spawn(browser1, [], function () {
+    return content.URL.createObjectURL(new content.Blob(["hello world!"]));
+  });
+
+  let tab2 = await BrowserTestUtils.openNewForegroundTab(gBrowser, EMPTY_URI);
+  let browser2 = gBrowser.getBrowserForTab(tab2);
+
+  await SpecialPowers.spawn(
+    browser2,
+    [
+      {
+        page: BASE_URI,
+        blob: blobURL,
+      },
+    ],
+    async obj => {
+      let ifr = content.document.createElement("iframe");
+      ifr.setAttribute("id", "ifr");
+      ifr.setAttribute("src", obj.page);
+
+      info("Iframe loading...");
+      await new content.Promise(resolve => {
+        ifr.onload = resolve;
+        content.document.body.appendChild(ifr);
+      });
+
+      let value = await new content.Promise(resolve => {
+        content.addEventListener(
+          "message",
+          e => {
+            resolve(e.data == "error");
+          },
+          { once: true }
+        );
+        ifr.contentWindow.postMessage(obj.blob, "*");
+      });
+
+      ok(value, "Blob URL was unable to be resolved");
+    }
+  );
+
+  BrowserTestUtils.removeTab(tab1);
+  BrowserTestUtils.removeTab(tab2);
+});
+
+// Ensuring if Blob URL can be resolved if a domain1 creates a blob URL
+// and domain1 trys to resolve blob URL within an iframe of itself
+add_task(async function test_same_tld_with_iframe() {
+  let tab1 = await BrowserTestUtils.openNewForegroundTab(gBrowser, BASE_URI);
+  let browser1 = gBrowser.getBrowserForTab(tab1);
+  let blobURL = await SpecialPowers.spawn(browser1, [], function () {
+    return content.URL.createObjectURL(new content.Blob(["hello world!"]));
+  });
+
+  let tab2 = await BrowserTestUtils.openNewForegroundTab(gBrowser, BASE_URI);
+  let browser2 = gBrowser.getBrowserForTab(tab2);
+
+  await SpecialPowers.spawn(
+    browser2,
+    [
+      {
+        page: BASE_URI,
+        blob: blobURL,
+      },
+    ],
+    async obj => {
+      let ifr = content.document.createElement("iframe");
+      ifr.setAttribute("id", "ifr");
+      ifr.setAttribute("src", obj.page);
+
+      info("Iframe loading...");
+      await new content.Promise(resolve => {
+        ifr.onload = resolve;
+        content.document.body.appendChild(ifr);
+      });
+
+      let value = await new content.Promise(resolve => {
+        content.addEventListener(
+          "message",
+          e => {
+            resolve(e.data == "hello world!");
+          },
+          { once: true }
+        );
+        ifr.contentWindow.postMessage(obj.blob, "*");
+      });
+
+      ok(value, "Blob URL was able to be resolved");
+    }
+  );
+
+  BrowserTestUtils.removeTab(tab1);
+  BrowserTestUtils.removeTab(tab2);
+});
+
+// Ensuring Blob URL can be resolved in an iframe
+// under the same top-level domain where it creates.
+add_task(async function test_no_iframes_same_tld() {
+  let tab1 = await BrowserTestUtils.openNewForegroundTab(gBrowser, BASE_URI);
+  let browser1 = gBrowser.getBrowserForTab(tab1);
+
+  let blobURL = await SpecialPowers.spawn(browser1, [], function () {
+    return content.URL.createObjectURL(new content.Blob(["hello world!"]));
+  });
+
+  let tab2 = await BrowserTestUtils.openNewForegroundTab(gBrowser, BASE_URI);
+  let browser2 = gBrowser.getBrowserForTab(tab2);
+
+  let status = await SpecialPowers.spawn(
+    browser2,
+    [blobURL],
+    function (blobURL) {
+      return new content.Promise(resolve => {
+        var xhr = new content.XMLHttpRequest();
+        xhr.open("GET", blobURL);
+        xhr.onloadend = function () {
+          resolve(xhr.response == "hello world!");
+        };
+
+        xhr.send();
+      });
+    }
+  );
+
+  ok(status, "Blob URL was able to be resolved");
+
+  BrowserTestUtils.removeTab(tab1);
+  BrowserTestUtils.removeTab(tab2);
+});
+
+// Ensuring Blob URL can be resolved in a sandboxed
+// iframe under the top-level domain where it creates.
+add_task(async function test_same_tld_with_iframe() {
+  let tab1 = await BrowserTestUtils.openNewForegroundTab(gBrowser, BASE_URI);
+  let browser1 = gBrowser.getBrowserForTab(tab1);
+  let blobURL = await SpecialPowers.spawn(browser1, [], function () {
+    return content.URL.createObjectURL(new content.Blob(["hello world!"]));
+  });
+
+  await SpecialPowers.spawn(
+    browser1,
+    [
+      {
+        page: BASE_URI,
+        blob: blobURL,
+      },
+    ],
+    async obj => {
+      let ifr = content.document.createElement("iframe");
+      ifr.setAttribute("id", "ifr");
+      ifr.setAttribute("sandbox", "allow-scripts allow-same-origin");
+      ifr.setAttribute("src", obj.page);
+
+      info("Iframe loading...");
+      await new content.Promise(resolve => {
+        ifr.onload = resolve;
+        content.document.body.appendChild(ifr);
+      });
+
+      let value = await new content.Promise(resolve => {
+        content.addEventListener(
+          "message",
+          e => {
+            resolve(e.data == "hello world!");
+          },
+          { once: true }
+        );
+        ifr.contentWindow.postMessage(obj.blob, "*");
+      });
+
+      ok(value, "Blob URL was able to be resolved");
+    }
+  );
+
+  BrowserTestUtils.removeTab(tab1);
+});
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 00:47:55 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 00:47:55 +0000
commit	26a029d407be480d791972afb5975cf62c9360a6 (patch)
tree	f435a8308119effd964b339f76abb83a57c29483 /toolkit/components/antitracking/test/browser/browser_partitionkey_bloburl.js
parent	Initial commit. (diff)
download	firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip