1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
"use strict";
const TEST_PATH = getRootDirectory(gTestPath).replace(
"chrome://mochitests/content",
// eslint-disable-next-line @microsoft/sdl/no-insecure-url
"http://example.com"
);
const TEST_URI = TEST_PATH + "file_csp_uir.html"; // important to be http: to test upgrade-insecure-requests
const RESULT_URI =
// eslint-disable-next-line @microsoft/sdl/no-insecure-url
TEST_PATH.replace("http://", "https://") + "file_csp_uir_dummy.html";
function verifyCSP(aTestName, aBrowser, aResultURI) {
return SpecialPowers.spawn(
aBrowser,
[{ aTestName, aResultURI }],
async function ({ aTestName, aResultURI }) {
let channel = content.docShell.currentDocumentChannel;
is(channel.URI.asciiSpec, aResultURI, "testing CSP for " + aTestName);
}
);
}
add_task(async function test_csp_inheritance_regular_click() {
await BrowserTestUtils.withNewTab(TEST_URI, async function (browser) {
let loadPromise = BrowserTestUtils.browserLoaded(
browser,
false,
RESULT_URI
);
// set the data href + simulate click
BrowserTestUtils.synthesizeMouseAtCenter(
"#testlink",
{},
gBrowser.selectedBrowser
);
await loadPromise;
await verifyCSP("click()", gBrowser.selectedBrowser, RESULT_URI);
});
});
add_task(async function test_csp_inheritance_ctrl_click() {
await BrowserTestUtils.withNewTab(TEST_URI, async function () {
let loadPromise = BrowserTestUtils.waitForNewTab(
gBrowser,
RESULT_URI,
true
);
// set the data href + simulate ctrl+click
BrowserTestUtils.synthesizeMouseAtCenter(
"#testlink",
{ ctrlKey: true, metaKey: true },
gBrowser.selectedBrowser
);
let tab = await loadPromise;
gBrowser.selectTabAtIndex(2);
await verifyCSP("ctrl-click()", gBrowser.selectedBrowser, RESULT_URI);
await BrowserTestUtils.removeTab(tab);
});
});
add_task(
async function test_csp_inheritance_right_click_open_link_in_new_tab() {
await BrowserTestUtils.withNewTab(TEST_URI, async function () {
let loadPromise = BrowserTestUtils.waitForNewTab(gBrowser, RESULT_URI);
// set the data href + simulate right-click open link in tab
BrowserTestUtils.waitForEvent(document, "popupshown", false, event => {
// These are operations that must be executed synchronously with the event.
document.getElementById("context-openlinkintab").doCommand();
event.target.hidePopup();
return true;
});
BrowserTestUtils.synthesizeMouseAtCenter(
"#testlink",
{ type: "contextmenu", button: 2 },
gBrowser.selectedBrowser
);
let tab = await loadPromise;
gBrowser.selectTabAtIndex(2);
await verifyCSP(
"right-click-open-in-new-tab()",
gBrowser.selectedBrowser,
RESULT_URI
);
await BrowserTestUtils.removeTab(tab);
});
}
);
|