summaryrefslogtreecommitdiffstats
path: root/devtools/server/tests/xpcshell/test_safe-getter.js
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--devtools/server/tests/xpcshell/test_safe-getter.js54
1 files changed, 54 insertions, 0 deletions
diff --git a/devtools/server/tests/xpcshell/test_safe-getter.js b/devtools/server/tests/xpcshell/test_safe-getter.js
new file mode 100644
index 0000000000..65bf3414ea
--- /dev/null
+++ b/devtools/server/tests/xpcshell/test_safe-getter.js
@@ -0,0 +1,54 @@
+/* eslint-disable strict */
+function run_test() {
+ Services.prefs.setBoolPref("security.allow_eval_with_system_principal", true);
+ registerCleanupFunction(() => {
+ Services.prefs.clearUserPref("security.allow_eval_with_system_principal");
+ });
+ const { addDebuggerToGlobal } = ChromeUtils.importESModule(
+ "resource://gre/modules/jsdebugger.sys.mjs"
+ );
+ addDebuggerToGlobal(globalThis);
+ const g = createTestGlobal("test", {
+ wantGlobalProperties: ["ChromeUtils"],
+ });
+ const dbg = new Debugger();
+ const gw = dbg.addDebuggee(g);
+
+ g.eval(`
+ // This is not a CCW.
+ Object.defineProperty(this, "bar", {
+ get: function() { return "bar"; },
+ configurable: true,
+ enumerable: true
+ });
+
+ const { XPCOMUtils } = ChromeUtils.importESModule(
+ "resource://gre/modules/XPCOMUtils.sys.mjs"
+ );
+
+ // This is a CCW.
+ XPCOMUtils.defineLazyScriptGetter(
+ this, "foo", "chrome://global/content/viewZoomOverlay.js");
+ `);
+
+ // Neither scripted getter should be considered safe.
+ assert(!DevToolsUtils.hasSafeGetter(gw.getOwnPropertyDescriptor("bar")));
+ assert(!DevToolsUtils.hasSafeGetter(gw.getOwnPropertyDescriptor("foo")));
+
+ // Create an object in a less privileged sandbox.
+ const obj = gw.makeDebuggeeValue(
+ Cu.waiveXrays(
+ Cu.Sandbox(null).eval(`
+ Object.defineProperty({}, "bar", {
+ get: function() { return "bar"; },
+ configurable: true,
+ enumerable: true
+ });
+ `)
+ )
+ );
+
+ // After waiving Xrays, the object has 2 wrappers. Both must be removed
+ // in order to detect that the getter is not safe.
+ assert(!DevToolsUtils.hasSafeGetter(obj.getOwnPropertyDescriptor("bar")));
+}