From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 21:33:14 +0200 Subject: Adding upstream version 115.7.0esr. Signed-off-by: Daniel Baumann --- dom/base/test/browser_bug902350.js | 56 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 dom/base/test/browser_bug902350.js (limited to 'dom/base/test/browser_bug902350.js') diff --git a/dom/base/test/browser_bug902350.js b/dom/base/test/browser_bug902350.js new file mode 100644 index 0000000000..18b17c5953 --- /dev/null +++ b/dom/base/test/browser_bug902350.js @@ -0,0 +1,56 @@ +/* + * Mixed Content Block frame navigates for target="_top" - Test for Bug 902350 + */ + +add_task(async function mixed_content_block_for_target_top_test() { + const PREF_ACTIVE = "security.mixed_content.block_active_content"; + const httpsTestRoot = getRootDirectory(gTestPath).replace( + "chrome://mochitests/content", + "https://example.com" + ); + + await SpecialPowers.pushPrefEnv({ set: [[PREF_ACTIVE, true]] }); + + let newTab = await BrowserTestUtils.openNewForegroundTab({ + gBrowser, + waitForLoad: true, + }); + let testBrowser = newTab.linkedBrowser; + + var url = httpsTestRoot + "file_bug902350.html"; + var frameUrl = httpsTestRoot + "file_bug902350_frame.html"; + let loadPromise = BrowserTestUtils.browserLoaded(testBrowser, false, url); + let frameLoadPromise = BrowserTestUtils.browserLoaded( + testBrowser, + true, + frameUrl + ); + BrowserTestUtils.loadURIString(testBrowser, url); + await loadPromise; + await frameLoadPromise; + + // Find the iframe and click the link in it. + let insecureUrl = "http://example.com/"; + let insecureLoadPromise = BrowserTestUtils.browserLoaded( + testBrowser, + false, + insecureUrl + ); + SpecialPowers.spawn(testBrowser, [], function () { + var frame = content.document.getElementById("testing_frame"); + var topTarget = frame.contentWindow.document.getElementById("topTarget"); + topTarget.click(); + }); + + // Navigating to insecure domain through target='_top' should succeed. + await insecureLoadPromise; + + // The link click should not invoke the Mixed Content Blocker. + let { gIdentityHandler } = testBrowser.ownerGlobal; + ok( + !gIdentityHandler._identityBox.classList.contains("mixedActiveBlocked"), + "Mixed Content Doorhanger did not appear when trying to navigate top" + ); + + BrowserTestUtils.removeTab(newTab); +}); -- cgit v1.2.3