gecko-dev/content/base/test/file_mixed_content_frameNavigation_secure.html

<!DOCTYPE HTML>
<html>
<!--
Tests for Mixed Content Blocker related to navigating children, grandchildren, etc
https://bugzilla.mozilla.org/show_bug.cgi?id=840388
-->
<head>
  <meta charset="utf-8">
  <title>Tests for Mixed Content Frame Navigation</title>
</head>
<body>
<div id="testContent"></div>

<script>
  var baseUrl = "https://example.com/tests/content/base/test/file_mixed_content_frameNavigation_innermost.html";

  // For tests that require setTimeout, set the maximum polling time to 50 x 100ms = 5 seconds.
  var MAX_COUNT = 50;
  var TIMEOUT_INTERVAL = 100;

  var testContent = document.getElementById("testContent");

  // Test 1: Navigate secure iframe to insecure iframe on a secure page
  var iframe_test1 = document.createElement("iframe");
  var counter_test1 = 0;
  iframe_test1.setAttribute("id", "test1");
  iframe_test1.src = baseUrl + "?securePage_navigate_child";
  iframe_test1.onerror = function() {
    parent.postMessage({"test": "securePage_navigate_child", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");
  };
  testContent.appendChild(iframe_test1);

  function navigationStatus(iframe_test1)
  {
    // When the page is navigating, it goes through about:blank and we will get a permission denied for loc.
    // Catch that specific exception and return
    try {
      var loc = document.getElementById("test1").contentDocument.location;
    } catch(e) {
      if (e.name === "SecurityError") {
        // We received an exception we didn't expect.
        throw e;
      }
      counter_test1++;
      return;
    }
    if (loc == "http://example.com/tests/content/base/test/file_mixed_content_frameNavigation_innermost.html?insecurePage_navigate_child_response") {
      return;
    } else {
      if(counter_test1 < MAX_COUNT) {
        counter_test1++;
        setTimeout(navigationStatus, TIMEOUT_INTERVAL, iframe_test1);
      }
      else {
        // After we have called setTimeout the maximum number of times, assume navigating the iframe is blocked
        parent.postMessage({"test": "securePage_navigate_child", "msg": "navigating to insecure iframe blocked on secure page"}, "http://mochi.test:8888");
      }
    }
  }

  setTimeout(navigationStatus, TIMEOUT_INTERVAL, iframe_test1);

  // Test 2: Navigate secure grandchild iframe to insecure grandchild iframe on a page that has at least one secure parent (in this example, both the parent and grandparent are https)

  var iframe_test2 = document.createElement("iframe");
  iframe_test2.src = "https://example.com/tests/content/base/test/file_mixed_content_frameNavigation_secure_grandchild.html";
  iframe_test2.onerror = function() {
    parent.postMessage({"test": "securePage_navigate_grandchild", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");
  };
  testContent.appendChild(iframe_test2);

  // Test 3: Open an http page in a new tab from a link click with target=_blank.
  var iframe_test3 = document.createElement("iframe");
  iframe_test3.src = "https://example.com/tests/content/base/test/file_mixed_content_frameNavigation_blankTarget.html";
  iframe_test3.onerror = function() {
    parent.postMessage({"test": "blankTarget", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");
  };
  testContent.appendChild(iframe_test3);

</script>
</body>
</html>
Bug 840388 - Mochitests that navigate https frames to http frames, both when a secure parent exists and when no secure parents exist. Tested with the mixed active content pref enabled and disabled. r=smaug 2013-03-28 05:11:59 +00:00			`<!DOCTYPE HTML>`
			`<html>`
			`<!--`
			`Tests for Mixed Content Blocker related to navigating children, grandchildren, etc`
			`https://bugzilla.mozilla.org/show_bug.cgi?id=840388`
			`-->`
			`<head>`
			`<meta charset="utf-8">`
			`<title>Tests for Mixed Content Frame Navigation</title>`
			`</head>`
			`<body>`
			`<div id="testContent"></div>`

			`<script>`
			`var baseUrl = "https://example.com/tests/content/base/test/file_mixed_content_frameNavigation_innermost.html";`

			`// For tests that require setTimeout, set the maximum polling time to 50 x 100ms = 5 seconds.`
			`var MAX_COUNT = 50;`
			`var TIMEOUT_INTERVAL = 100;`

			`var testContent = document.getElementById("testContent");`

			`// Test 1: Navigate secure iframe to insecure iframe on a secure page`
			`var iframe_test1 = document.createElement("iframe");`
			`var counter_test1 = 0;`
			`iframe_test1.setAttribute("id", "test1");`
			`iframe_test1.src = baseUrl + "?securePage_navigate_child";`
			`iframe_test1.onerror = function() {`
			`parent.postMessage({"test": "securePage_navigate_child", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");`
			`};`
			`testContent.appendChild(iframe_test1);`

			`function navigationStatus(iframe_test1)`
			`{`
			`// When the page is navigating, it goes through about:blank and we will get a permission denied for loc.`
			`// Catch that specific exception and return`
			`try {`
			`var loc = document.getElementById("test1").contentDocument.location;`
			`} catch(e) {`
			`if (e.name === "SecurityError") {`
			`// We received an exception we didn't expect.`
			`throw e;`
			`}`
			`counter_test1++;`
			`return;`
			`}`
			`if (loc == "http://example.com/tests/content/base/test/file_mixed_content_frameNavigation_innermost.html?insecurePage_navigate_child_response") {`
			`return;`
			`} else {`
			`if(counter_test1 < MAX_COUNT) {`
			`counter_test1++;`
			`setTimeout(navigationStatus, TIMEOUT_INTERVAL, iframe_test1);`
			`}`
			`else {`
			`// After we have called setTimeout the maximum number of times, assume navigating the iframe is blocked`
			`parent.postMessage({"test": "securePage_navigate_child", "msg": "navigating to insecure iframe blocked on secure page"}, "http://mochi.test:8888");`
			`}`
			`}`
			`}`

			`setTimeout(navigationStatus, TIMEOUT_INTERVAL, iframe_test1);`

			`// Test 2: Navigate secure grandchild iframe to insecure grandchild iframe on a page that has at least one secure parent (in this example, both the parent and grandparent are https)`

			`var iframe_test2 = document.createElement("iframe");`
			`iframe_test2.src = "https://example.com/tests/content/base/test/file_mixed_content_frameNavigation_secure_grandchild.html";`
			`iframe_test2.onerror = function() {`
			`parent.postMessage({"test": "securePage_navigate_grandchild", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");`
			`};`
			`testContent.appendChild(iframe_test2);`

Bug 841850 - Mochitests. r=smaug 2013-03-28 05:24:04 +00:00			`// Test 3: Open an http page in a new tab from a link click with target=_blank.`
			`var iframe_test3 = document.createElement("iframe");`
			`iframe_test3.src = "https://example.com/tests/content/base/test/file_mixed_content_frameNavigation_blankTarget.html";`
			`iframe_test3.onerror = function() {`
			`parent.postMessage({"test": "blankTarget", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");`
			`};`
			`testContent.appendChild(iframe_test3);`
Bug 840388 - Mochitests that navigate https frames to http frames, both when a secure parent exists and when no secure parents exist. Tested with the mixed active content pref enabled and disabled. r=smaug 2013-03-28 05:11:59 +00:00
			`</script>`
			`</body>`
			`</html>`