summaryrefslogtreecommitdiffstats
path: root/toolkit/mozapps/extensions/test/xpinstall/browser_datauri.js
blob: 08ec7e41cb72cd75b876565d50e9ee2cd3200e97 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

/* Any copyright is dedicated to the Public Domain.
 * http://creativecommons.org/publicdomain/zero/1.0/
 */

"use strict";

const { AddonTestUtils } = ChromeUtils.importESModule(
  "resource://testing-common/AddonTestUtils.sys.mjs"
);

AddonTestUtils.initMochitest(this);

// ----------------------------------------------------------------------------
// Checks that a chained redirect through a data URI and javascript is blocked

function setup_redirect(aSettings) {
  var url = TESTROOT + "redirect.sjs?mode=setup";
  for (var name in aSettings) {
    url += "&" + name + "=" + encodeURIComponent(aSettings[name]);
  }

  var req = new XMLHttpRequest();
  req.open("GET", url, false);
  req.send(null);
}

function test() {
  waitForExplicitFinish();
  SpecialPowers.pushPrefEnv(
    {
      set: [
        ["network.allow_redirect_to_data", true],
        ["security.data_uri.block_toplevel_data_uri_navigations", false],
        // Relax the user input requirements while running this test.
        ["xpinstall.userActivation.required", false],
      ],
    },
    runTest
  );
}

function runTest() {
  Harness.installOriginBlockedCallback = install_blocked;
  Harness.installsCompletedCallback = finish_test;
  Harness.setup();

  setup_redirect({
    Location:
      "data:text/html,<script>window.location.href='" +
      TESTROOT +
      "amosigned.xpi'</script>",
  });

  BrowserTestUtils.openNewForegroundTab(
    gBrowser,
    TESTROOT + "redirect.sjs?mode=redirect"
  );
}

function install_blocked(installInfo) {
  is(
    installInfo.installs.length,
    1,
    "Got one AddonInstall instance as expected"
  );
  AddonTestUtils.checkInstallInfo(installInfo.installs[0], {
    method: "link",
    source: "unknown",
    sourceURL: /moz-nullprincipal:\{.*\}/,
  });
}

function finish_test(count) {
  is(count, 0, "No add-ons should have been installed");
  PermissionTestUtils.remove("http://example.com", "install");

  gBrowser.removeCurrentTab();
  Harness.finish();
  finish();
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-09 11:30:36 +0000