summaryrefslogtreecommitdiffstats
path: root/security/sandbox/test/browser_content_sandbox_fs.js
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 19:33:14 +0000
commit36d22d82aa202bb199967e9512281e9a53db42c9 (patch)
tree105e8c98ddea1c1e4784a60a5a6410fa416be2de /security/sandbox/test/browser_content_sandbox_fs.js
parentInitial commit. (diff)
downloadfirefox-esr-upstream.tar.xz
firefox-esr-upstream.zip
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/sandbox/test/browser_content_sandbox_fs.js')
-rw-r--r--security/sandbox/test/browser_content_sandbox_fs.js56
1 files changed, 56 insertions, 0 deletions
diff --git a/security/sandbox/test/browser_content_sandbox_fs.js b/security/sandbox/test/browser_content_sandbox_fs.js
new file mode 100644
index 0000000000..cff7a872fe
--- /dev/null
+++ b/security/sandbox/test/browser_content_sandbox_fs.js
@@ -0,0 +1,56 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+/* import-globals-from browser_content_sandbox_utils.js */
+"use strict";
+
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/" +
+ "security/sandbox/test/browser_content_sandbox_utils.js",
+ this
+);
+
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/" +
+ "security/sandbox/test/browser_content_sandbox_fs_tests.js",
+ this
+);
+
+/*
+ * This test exercises file I/O from web and file content processes using
+ * nsIFile etc. methods to validate that calls that are meant to be blocked by
+ * content sandboxing are blocked.
+ */
+
+//
+// Checks that sandboxing is enabled and at the appropriate level
+// setting before triggering tests that do the file I/O.
+//
+// Tests attempting to write to a file in the home directory from the
+// content process--expected to fail.
+//
+// Tests attempting to write to a file in the content temp directory
+// from the content process--expected to succeed. Uses "ContentTmpD".
+//
+// Tests reading various files and directories from file and web
+// content processes.
+//
+add_task(async function () {
+ sanityChecks();
+
+ // Test creating a file in the home directory from a web content process
+ add_task(createFileInHome); // eslint-disable-line no-undef
+
+ // Test creating a file content temp from a web content process
+ add_task(createTempFile); // eslint-disable-line no-undef
+
+ // Test reading files/dirs from web and file content processes
+ add_task(testFileAccessAllPlatforms); // eslint-disable-line no-undef
+
+ add_task(testFileAccessMacOnly); // eslint-disable-line no-undef
+
+ add_task(testFileAccessLinuxOnly); // eslint-disable-line no-undef
+
+ add_task(testFileAccessWindowsOnly); // eslint-disable-line no-undef
+
+ add_task(cleanupBrowserTabs); // eslint-disable-line no-undef
+});