1 files changed, 113 insertions, 0 deletions
diff --git a/browser/components/originattributes/test/browser/browser_windowOpenerRestriction.js b/browser/components/originattributes/test/browser/browser_windowOpenerRestriction.js
new file mode 100644
index 0000000000..0822ba24c9
--- /dev/null
+++ b/browser/components/originattributes/test/browser/browser_windowOpenerRestriction.js
@@ -0,0 +1,113 @@
+/**
+ * Bug 1339336 - A test case for testing pref 'privacy.firstparty.isolate.restrict_opener_access'
+ */
+
+const CC = Components.Constructor;
+
+const FIRST_PARTY_OPENER = "example.com";
+const FIRST_PARTY_TARGET = "example.org";
+const OPENER_PAGE =
+  "https://" +
+  FIRST_PARTY_OPENER +
+  "/browser/browser/components/" +
+  "originattributes/test/browser/file_windowOpenerRestriction.html";
+const TARGET_PAGE =
+  "https://" +
+  FIRST_PARTY_TARGET +
+  "/browser/browser/components/" +
+  "originattributes/test/browser/file_windowOpenerRestrictionTarget.html";
+
+async function testPref(aIsPrefEnabled) {
+  // Use a random key so we don't access it in later tests.
+  let cookieStr =
+    "key" + Math.random().toString() + "=" + Math.random().toString();
+
+  // Open the tab for the opener page.
+  let tab = BrowserTestUtils.addTab(gBrowser, OPENER_PAGE);
+
+  // Select this tab and make sure its browser is loaded and focused.
+  gBrowser.selectedTab = tab;
+  tab.ownerGlobal.focus();
+
+  let browser = gBrowser.getBrowserForTab(tab);
+  await BrowserTestUtils.browserLoaded(browser);
+
+  await SpecialPowers.spawn(
+    browser,
+    [{ cookieStr, page: TARGET_PAGE, isPrefEnabled: aIsPrefEnabled }],
+    async function (obj) {
+      // Acquire the iframe element.
+      let childFrame = content.document.getElementById("child");
+
+      // Insert a cookie into this iframe.
+      await SpecialPowers.spawn(childFrame, [obj.cookieStr], aCookieStr => {
+        content.document.cookie = aCookieStr + "; SameSite=None; Secure;";
+      });
+
+      // Open the tab here and focus on it.
+      let openedPath = obj.page;
+      if (!obj.isPrefEnabled) {
+        // If the pref is not enabled, we pass the cookie value through the query string
+        // to tell the target page that it should check the cookie value.
+        openedPath += "?" + obj.cookieStr;
+      }
+
+      // Issue the opener page to open the target page and focus on it.
+      content.openedWindow = content.open(openedPath);
+      content.openedWindow.focus();
+    }
+  );
+
+  // Wait until the target page is loaded.
+  let targetBrowser = gBrowser.getBrowserForTab(gBrowser.selectedTab);
+  await BrowserTestUtils.browserLoaded(targetBrowser);
+
+  // The target page will do the check and show the result through its title.
+  is(
+    targetBrowser.contentTitle,
+    "pass",
+    "The behavior of window.opener is correct."
+  );
+
+  // Close Tabs.
+  await SpecialPowers.spawn(browser, [], async function () {
+    content.openedWindow.close();
+  });
+  BrowserTestUtils.removeTab(tab);
+
+  // Reset cookies
+  Services.cookies.removeAll();
+}
+
+add_task(async function runTests() {
+  let tests = [true, false];
+
+  // First, we test the scenario that the first party isolation is enabled.
+  await SpecialPowers.pushPrefEnv({
+    set: [["privacy.firstparty.isolate", true]],
+  });
+
+  for (let enabled of tests) {
+    await SpecialPowers.pushPrefEnv({
+      set: [["privacy.firstparty.isolate.restrict_opener_access", enabled]],
+    });
+
+    await testPref(enabled);
+  }
+
+  // Second, we test the scenario that the first party isolation is disabled.
+  await SpecialPowers.pushPrefEnv({
+    set: [["privacy.firstparty.isolate", false]],
+  });
+
+  for (let enabled of tests) {
+    await SpecialPowers.pushPrefEnv({
+      set: [["privacy.firstparty.isolate.restrict_opener_access", enabled]],
+    });
+
+    // When first party isolation is disabled, this pref will not affect the behavior of
+    // window.opener. And the correct behavior here is to allow access since the iframe in
+    // the opener page has the same origin with the target page.
+    await testPref(false);
+  }
+});