diff options
Diffstat (limited to 'toolkit/components/viewsource/test/test_bug428653.html')
-rw-r--r-- | toolkit/components/viewsource/test/test_bug428653.html | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/toolkit/components/viewsource/test/test_bug428653.html b/toolkit/components/viewsource/test/test_bug428653.html new file mode 100644 index 0000000000..f800cb8f5f --- /dev/null +++ b/toolkit/components/viewsource/test/test_bug428653.html @@ -0,0 +1,45 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugzilla.mozilla.org/show_bug.cgi?id=428653 +--> +<head> + <title>View Source Test (bug 428653)</title> + <script src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/> +</head> +<body> + + <iframe id="content" src="http://example.org/tests/toolkit/components/viewsource/test/file_empty.html"></iframe> + + <script type="application/javascript"> + /* + Test that we can't call the content browser's document.open() over Xrays. + See the security checks in nsHTMLDocument::Open, which make sure that the + entry global's principal matches that of the document. + */ + SimpleTest.waitForExplicitFinish(); + + addLoadEvent(function testDocumentOpen() { + var browser = document.getElementById("content"); + ok(browser, "got browser"); + var doc = browser.contentDocument; + ok(doc, "got content document"); + + var opened = false; + try { + doc.open("text/html", "replace"); + opened = true; + } catch (e) { + is(e.name, "SecurityError", "Unexpected exception"); + } + is(opened, false, "Shouldn't have opened document"); + + doc.wrappedJSObject.open("text/html", "replace"); + ok(true, "Should be able to open document via Xray Waiver"); + + SimpleTest.finish(); + }); + </script> +</body> +</html> |