summaryrefslogtreecommitdiffstats
path: root/browser/components/sessionstore/test/browser_911547.js
blob: 14b97966068647dfd89b7e999982f2cc326dec05 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
/* Any copyright is dedicated to the Public Domain.
   http://creativecommons.org/publicdomain/zero/1.0/ */

// This test tests that session restore component does restore the right
// content security policy with the document. (The policy being tested
// disallows inline scripts).

add_task(async function test() {
  // allow top level data: URI navigations, otherwise clicking a data: link fails
  await SpecialPowers.pushPrefEnv({
    set: [["security.data_uri.block_toplevel_data_uri_navigations", false]],
  });
  // create a tab that has a CSP
  let testURL =
    "http://mochi.test:8888/browser/browser/components/sessionstore/test/browser_911547_sample.html";
  let tab = (gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser, testURL));
  gBrowser.selectedTab = tab;

  let browser = tab.linkedBrowser;
  await promiseBrowserLoaded(browser);

  // this is a baseline to ensure CSP is active
  // attempt to inject and run a script via inline (pre-restore, allowed)
  await injectInlineScript(
    browser,
    `document.getElementById("test_id1").value = "id1_modified";`
  );

  let loadedPromise = promiseBrowserLoaded(browser);
  await SpecialPowers.spawn(browser, [], function() {
    is(
      content.document.getElementById("test_id1").value,
      "id1_initial",
      "CSP should block the inline script that modifies test_id"
    );
    content.document.getElementById("test_data_link").click();
  });

  await loadedPromise;

  await SpecialPowers.spawn(browser, [], function() {
    // eslint-disable-line
    // the data: URI inherits the CSP and the inline script needs to be blocked
    is(
      content.document.getElementById("test_id2").value,
      "id2_initial",
      "CSP should block the script loaded by the clicked data URI"
    );
  });

  // close the tab
  await promiseRemoveTabAndSessionState(tab);

  // open new tab and recover the state
  tab = ss.undoCloseTab(window, 0);
  await promiseTabRestored(tab);
  browser = tab.linkedBrowser;

  await SpecialPowers.spawn(browser, [], function() {
    // eslint-disable-line
    // the data: URI should be restored including the inherited CSP and the
    // inline script should be blocked.
    is(
      content.document.getElementById("test_id2").value,
      "id2_initial",
      "CSP should block the script loaded by the clicked data URI after restore"
    );
  });

  // clean up
  gBrowser.removeTab(tab);
});

// injects an inline script element (with a text body)
function injectInlineScript(browser, scriptText) {
  return SpecialPowers.spawn(browser, [scriptText], function(text) {
    let scriptElt = content.document.createElement("script");
    scriptElt.type = "text/javascript";
    scriptElt.text = text;
    content.document.body.appendChild(scriptElt);
  });
}