3 files changed, 170 insertions, 0 deletions

diff --git a/browser/base/content/test/siteIdentity/browser.toml b/browser/base/content/test/siteIdentity/browser.toml
index f0b6191302..c075052fa5 100644
--- a/browser/base/content/test/siteIdentity/browser.toml
+++ b/browser/base/content/test/siteIdentity/browser.toml
@@ -106,6 +106,12 @@ skip-if = [
 ["browser_identity_UI.js"]
 https_first_disabled = true
 
+["browser_identity_web_controlled_blank.js"]
+support-files = [
+  "test_web_controlled_blank.html",
+  "dummy_page.html",
+]
+
 ["browser_iframe_navigation.js"]
 https_first_disabled = true
 support-files = ["iframe_navigation.html"]
diff --git a/browser/base/content/test/siteIdentity/browser_identity_web_controlled_blank.js b/browser/base/content/test/siteIdentity/browser_identity_web_controlled_blank.js
new file mode 100644
index 0000000000..01eca12178
--- /dev/null
+++ b/browser/base/content/test/siteIdentity/browser_identity_web_controlled_blank.js
@@ -0,0 +1,128 @@
+/*
+ * This work is marked with CC0 1.0. To view a copy of this license,
+ * visit http://creativecommons.org/publicdomain/zero/1.0
+ *
+ *
+ * Tests for correct behaviour of web-controlled about:blank pages in identity panel.
+ * Getting into a testable state is different enough that we test all the behaviors here
+ * separately, rather than with the usual (secure, insecure, etc.) cases
+ */
+
+const TEST_HOST = "example.com";
+const TEST_ORIGIN = "https://" + TEST_HOST;
+const TEST_PATH = getRootDirectory(gTestPath).replace(
+  "chrome://mochitests/content",
+  TEST_ORIGIN
+);
+const LOCALHOST_PATH = getRootDirectory(gTestPath).replace(
+  "chrome://mochitests/content",
+  "http://127.0.0.1:8888"
+);
+const TEST_URI = TEST_PATH + "test_web_controlled_blank.html";
+const DUMMY_URI = LOCALHOST_PATH + "dummy_page.html";
+
+// Open a new tab of `test_web_controlled_blank.html` and click
+// an element with a particular ID to open an about:blank popup
+// that is controlled by that first tab.
+//
+// Then test that the UI elements are all correct. And make sure
+// we don't have anything odd going on after navigating away in the
+// popup.
+async function web_controlled_about_blank_helper(id_to_click) {
+  // Open a new tab that will control about:blank pages
+  await BrowserTestUtils.withNewTab(TEST_URI, async browser => {
+    // Open a new popup by clicking the provided id_to_click from the content
+    let popupWindowPromise = BrowserTestUtils.waitForNewWindow();
+    await SpecialPowers.spawn(browser, [id_to_click], async function (id) {
+      content.document.getElementById(id).click();
+    });
+    let popupWindow = await popupWindowPromise;
+
+    // Validate the icon in the urlbar
+    let identityIcon = popupWindow.document.querySelector("#identity-icon");
+    let identityIconImageURL = popupWindow
+      .getComputedStyle(identityIcon)
+      .getPropertyValue("list-style-image");
+    is(
+      identityIconImageURL,
+      `url("chrome://global/skin/icons/info.svg")`,
+      "The identity icon has a correct image url."
+    );
+
+    // Open the identity panel
+    let popupShown = BrowserTestUtils.waitForEvent(
+      popupWindow,
+      "popupshown",
+      true,
+      event => event.target == popupWindow.gIdentityHandler._identityPopup
+    );
+    popupWindow.gIdentityHandler._identityIconBox.click();
+    info("Waiting for the Control Center to be shown");
+    await popupShown;
+    ok(
+      !popupWindow.gIdentityHandler._identityPopup.hidden,
+      "Control Center is visible"
+    );
+
+    // Validate that the predecessor is shown in the identity panel
+    ok(
+      popupWindow.gIdentityHandler._identityPopupMainViewHeaderLabel.textContent.includes(
+        TEST_HOST
+      ),
+      "Identity UI header shows the host of the predecessor"
+    );
+
+    // Validate that the correct message is displayed
+    is(
+      popupWindow.gIdentityHandler._identityPopup.getAttribute("connection"),
+      "associated",
+      "Identity UI shows associated message."
+    );
+
+    // Validate that there is no additional security info
+    let securityButton = popupWindow.gBrowser.ownerDocument.querySelector(
+      "#identity-popup-security-button"
+    );
+    is(
+      securityButton.disabled,
+      true,
+      "Security button has correct disabled state"
+    );
+
+    // Navigate away to a localhost page and make sure the identity icon changes
+    let loaded = BrowserTestUtils.browserLoaded(
+      popupWindow.gBrowser.selectedBrowser,
+      false,
+      DUMMY_URI
+    );
+    await SpecialPowers.spawn(
+      popupWindow.gBrowser.selectedBrowser,
+      [DUMMY_URI],
+      async function (uri) {
+        content.location = uri;
+      }
+    );
+    info("Waiting for the navigation to a dummy page to complete.");
+    await loaded;
+
+    identityIconImageURL = popupWindow.gBrowser.ownerGlobal
+      .getComputedStyle(identityIcon)
+      .getPropertyValue("list-style-image");
+    is(
+      identityIconImageURL,
+      `url("chrome://global/skin/icons/page-portrait.svg")`,
+      "The identity icon has a correct image url after navigating away."
+    );
+
+    // Exit this test, cleaning up as we go.
+    await BrowserTestUtils.closeWindow(popupWindow);
+  });
+}
+
+add_task(async function test_document_write() {
+  await web_controlled_about_blank_helper("document_write");
+});
+
+add_task(async function test_innerHTML() {
+  await web_controlled_about_blank_helper("innerhtml");
+});
diff --git a/browser/base/content/test/siteIdentity/test_web_controlled_blank.html b/browser/base/content/test/siteIdentity/test_web_controlled_blank.html
new file mode 100644
index 0000000000..35c1fd4ca2
--- /dev/null
+++ b/browser/base/content/test/siteIdentity/test_web_controlled_blank.html
@@ -0,0 +1,36 @@
+<!doctype html>
+<html>
+    <head>
+        <title>Bug 1813463: Web controlled about:blank</title>
+    </head>
+    <!--
+      This work is marked with CC0 1.0. To view a copy of this license,
+      visit http://creativecommons.org/publicdomain/zero/1.0
+    -->
+    <body>
+        <p><a href="#" id="document_write">document.write example</a></p>
+        <p><a href="#" id="innerhtml">innerHTML example</a></p>
+
+        <script>
+            document.getElementById("document_write").addEventListener("click", function (aEvent) {
+                aEvent.preventDefault();
+                let popup = window.open("about:blank", "_blank", "width=800,height=600,popup");
+                popup.document.write(`
+                    <h1>check security info</h1>
+                    <p>initial window.location = ${popup.location}</p>
+                    <script>
+                        document.write("<p>new window.location = " + window.location + "</p>")
+                    <${"/"}script>
+                    `);
+            });
+            document.getElementById("innerhtml").addEventListener("click", function (aEvent) {
+                aEvent.preventDefault();
+                let popup = window.open("about:blank", "_blank", "width=800,height=600,popup");
+                popup.stop();
+                popup.document.body.innerHTML = `
+                    <h1>check security info</h1>
+                    <p>window.location = ${popup.location}</p>`;
+            });
+        </script>
+    </body>
+</html>