diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
| commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
| tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /devtools/server/tests/xpcshell/test_safe-getter.js | |
| parent | Initial commit. (diff) | |
| download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip | |
Adding upstream version 115.7.0esr.upstream/115.7.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | devtools/server/tests/xpcshell/test_safe-getter.js | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/devtools/server/tests/xpcshell/test_safe-getter.js b/devtools/server/tests/xpcshell/test_safe-getter.js new file mode 100644 index 0000000000..65bf3414ea --- /dev/null +++ b/devtools/server/tests/xpcshell/test_safe-getter.js @@ -0,0 +1,54 @@ +/* eslint-disable strict */ +function run_test() { + Services.prefs.setBoolPref("security.allow_eval_with_system_principal", true); + registerCleanupFunction(() => { + Services.prefs.clearUserPref("security.allow_eval_with_system_principal"); + }); + const { addDebuggerToGlobal } = ChromeUtils.importESModule( + "resource://gre/modules/jsdebugger.sys.mjs" + ); + addDebuggerToGlobal(globalThis); + const g = createTestGlobal("test", { + wantGlobalProperties: ["ChromeUtils"], + }); + const dbg = new Debugger(); + const gw = dbg.addDebuggee(g); + + g.eval(` + // This is not a CCW. + Object.defineProperty(this, "bar", { + get: function() { return "bar"; }, + configurable: true, + enumerable: true + }); + + const { XPCOMUtils } = ChromeUtils.importESModule( + "resource://gre/modules/XPCOMUtils.sys.mjs" + ); + + // This is a CCW. + XPCOMUtils.defineLazyScriptGetter( + this, "foo", "chrome://global/content/viewZoomOverlay.js"); + `); + + // Neither scripted getter should be considered safe. + assert(!DevToolsUtils.hasSafeGetter(gw.getOwnPropertyDescriptor("bar"))); + assert(!DevToolsUtils.hasSafeGetter(gw.getOwnPropertyDescriptor("foo"))); + + // Create an object in a less privileged sandbox. + const obj = gw.makeDebuggeeValue( + Cu.waiveXrays( + Cu.Sandbox(null).eval(` + Object.defineProperty({}, "bar", { + get: function() { return "bar"; }, + configurable: true, + enumerable: true + }); + `) + ) + ); + + // After waiving Xrays, the object has 2 wrappers. Both must be removed + // in order to detect that the getter is not safe. + assert(!DevToolsUtils.hasSafeGetter(obj.getOwnPropertyDescriptor("bar"))); +} |