1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
"use strict";
const SIMPLE_HTML = "data:text/html,<html><head></head><body></body></html>";
/**
* Returns the directory where the chrome.manifest file for the test can be found.
*
* @return nsIFile of the manifest directory
*/
function getManifestDir() {
let path = getTestFilePath("browser_docshell_type_editor");
let file = Cc["@mozilla.org/file/local;1"].createInstance(Ci.nsIFile);
file.initWithPath(path);
return file;
}
// The following URI is *not* accessible to content, hence loading that URI
// from an unprivileged site should be blocked. If docshell is of appType
// APP_TYPE_EDITOR however the load should be allowed.
// >> chrome://test1/skin/privileged.png
add_task(async function () {
info("docshell of appType APP_TYPE_EDITOR can access privileged images.");
// Load a temporary manifest adding a route to a privileged image
let manifestDir = getManifestDir();
Components.manager.addBootstrappedManifestLocation(manifestDir);
await BrowserTestUtils.withNewTab(
{
gBrowser,
url: SIMPLE_HTML,
},
async function (browser) {
await SpecialPowers.spawn(browser, [], async function () {
let rootDocShell = docShell.sameTypeRootTreeItem.QueryInterface(
Ci.nsIDocShell
);
let defaultAppType = rootDocShell.appType;
rootDocShell.appType = Ci.nsIDocShell.APP_TYPE_EDITOR;
is(
rootDocShell.appType,
Ci.nsIDocShell.APP_TYPE_EDITOR,
"sanity check: appType after update should be type editor"
);
return new Promise(resolve => {
let doc = content.document;
let image = doc.createElement("img");
image.onload = function () {
ok(true, "APP_TYPE_EDITOR is allowed to load privileged image");
// restore appType of rootDocShell before moving on to the next test
rootDocShell.appType = defaultAppType;
resolve();
};
image.onerror = function () {
ok(false, "APP_TYPE_EDITOR is allowed to load privileged image");
// restore appType of rootDocShell before moving on to the next test
rootDocShell.appType = defaultAppType;
resolve();
};
doc.body.appendChild(image);
image.src = "chrome://test1/skin/privileged.png";
});
});
}
);
Components.manager.removeBootstrappedManifestLocation(manifestDir);
});
add_task(async function () {
info(
"docshell of appType APP_TYPE_UNKNOWN can *not* access privileged images."
);
// Load a temporary manifest adding a route to a privileged image
let manifestDir = getManifestDir();
Components.manager.addBootstrappedManifestLocation(manifestDir);
await BrowserTestUtils.withNewTab(
{
gBrowser,
url: SIMPLE_HTML,
},
async function (browser) {
await SpecialPowers.spawn(browser, [], async function () {
let rootDocShell = docShell.sameTypeRootTreeItem.QueryInterface(
Ci.nsIDocShell
);
let defaultAppType = rootDocShell.appType;
rootDocShell.appType = Ci.nsIDocShell.APP_TYPE_UNKNOWN;
is(
rootDocShell.appType,
Ci.nsIDocShell.APP_TYPE_UNKNOWN,
"sanity check: appType of docshell should be unknown"
);
return new Promise(resolve => {
let doc = content.document;
let image = doc.createElement("img");
image.onload = function () {
ok(
false,
"APP_TYPE_UNKNOWN is *not* allowed to access privileged image"
);
// restore appType of rootDocShell before moving on to the next test
rootDocShell.appType = defaultAppType;
resolve();
};
image.onerror = function () {
ok(
true,
"APP_TYPE_UNKNOWN is *not* allowed to access privileged image"
);
// restore appType of rootDocShell before moving on to the next test
rootDocShell.appType = defaultAppType;
resolve();
};
doc.body.appendChild(image);
// Set the src via wrappedJSObject so the load is triggered with
// the content page's principal rather than ours.
image.wrappedJSObject.src = "chrome://test1/skin/privileged.png";
});
});
}
);
Components.manager.removeBootstrappedManifestLocation(manifestDir);
});
|
