summaryrefslogtreecommitdiffstats
path: root/dom/base/test/test_pdf_print.html
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--dom/base/test/test_pdf_print.html62
1 files changed, 62 insertions, 0 deletions
diff --git a/dom/base/test/test_pdf_print.html b/dom/base/test/test_pdf_print.html
new file mode 100644
index 0000000000..6e73ae2a09
--- /dev/null
+++ b/dom/base/test/test_pdf_print.html
@@ -0,0 +1,62 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+ <meta charset="utf-8">
+ <title><!-- TODO: insert title here --></title>
+ <script src="/tests/SimpleTest/SimpleTest.js"></script>
+ <link rel="stylesheet" href="/tests/SimpleTest/test.css"/>
+</head>
+<body>
+<p id="display"></p>
+<div id="content" style="display: none">
+ <script>
+ SimpleTest.waitForExplicitFinish();
+ const blob = new Blob(["x"], { type: "application/pdf" });
+ const blobURL = URL.createObjectURL(blob);
+ const blobFrame = document.createElement("iframe");
+ blobFrame.src = blobURL;
+ document.getElementById("content").appendChild(blobFrame);
+
+ const dataURL = "data:application/pdf,";
+ const dataFrame = document.createElement("iframe");
+ dataFrame.src = dataURL;
+ document.getElementById("content").appendChild(dataFrame);
+
+ addLoadEvent(function() {
+ // blob:// URLs inherit their origin, so the window inside blobFrame
+ // should be same-orgin with us except for the PDF viewer messing with
+ // origins.
+ const printFunc = blobFrame.contentWindow.print;
+ is(typeof printFunc, "function", "Should have a 'print' function");
+ ok(Object.getOwnPropertyNames(blobFrame.contentWindow).includes("print"),
+ "Should see 'print' property in property names");
+
+ try {
+ // data: URLs get nonce origins, so the window inside dataFrame is not
+ // same-origin with us in any way.
+ dataFrame.contentWindow.print;
+ ok(false, "Should throw on cross-origin .print access");
+ } catch (e) {
+ ok(/Permission denied/.test(e.message), "Should have a security error");
+ }
+ ok(!Object.getOwnPropertyNames(dataFrame.contentWindow).includes("print"),
+ "Should not see 'print' property in property names");
+
+ try {
+ printFunc.call(dataFrame.contentWindow);
+ ok(false, "Should throw on cross-origin call");
+ } catch (e) {
+ ok(/Permission to call/.test(e.message),
+ "Should have a security error for call");
+ }
+
+ // It'd be nice to test that calling the function works right, but if it
+ // does it'll put up the print dialog, which is not helpful in an
+ // automated test.
+ SimpleTest.finish();
+ });
+ </script>
+</div>
+<pre id="test"></pre>
+</body>
+</html>