Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-10 20:05:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 886262 - Tests for HTML <object>s do not inherit sandbox flags from their parents. r=bz

Browse Source
This commit is contained in:
Bob Owen 2013-07-28 17:27:32 +01:00
parent 14573f364d
commit 1a9cd29ab9
12 changed files with 242 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
content/html/content/test/Makefile.in
View File

@ -288,6 +288,13 @@ MOCHITEST_FILES = \
file_iframe_sandbox_a_if10.html \
file_iframe_sandbox_a_if11.html \
file_iframe_sandbox_a_if12.html \
file_iframe_sandbox_a_if13.html \
file_iframe_sandbox_a_if14.html \
file_iframe_sandbox_a_if15.html \
file_iframe_sandbox_a_if16.html \
file_iframe_sandbox_a_if17.html \
file_iframe_sandbox_a_if18.html \
file_iframe_sandbox_a_if19.html \
test_iframe_sandbox_same_origin.html \
file_iframe_sandbox_b_if1.html \
file_iframe_sandbox_b_if2.html \

1
content/html/content/test/file_iframe_sandbox_a_if10.html
View File

@ -7,5 +7,6 @@
</head>
<frameset>
<frame src="file_iframe_sandbox_a_if11.html">
<frame src="file_iframe_sandbox_a_if16.html">
</frameset>
</html>

2
content/html/content/test/file_iframe_sandbox_a_if11.html
View File

@ -18,6 +18,6 @@
<frameset>
<frame onload='doStuff()' src="file_iframe_sandbox_a_if12.html">
</frameset>
I'm a &lt;frame&gt; inside an iframe which is sandboxed with 'allow-scripts'
I'm a &lt;frame&gt; inside an iframe which is sandboxed with 'allow-scripts allow-forms'
</html>

2
content/html/content/test/file_iframe_sandbox_a_if12.html
View File

@ -17,7 +17,7 @@ function doStuff() {
}
</script>
<body onload='doStuff()'>
I'm a &lt;frame&gt; inside a &lt;frame&gt; inside an iframe which is sandboxed with 'allow-scripts'
I'm a &lt;frame&gt; inside a &lt;frame&gt; inside an iframe which is sandboxed with 'allow-scripts allow-forms'
</body>
</html>

13
content/html/content/test/file_iframe_sandbox_a_if13.html Normal file
View File

@ -0,0 +1,13 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 886262</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<object data="file_iframe_sandbox_a_if14.html"></object>
</body>
</html>

34
content/html/content/test/file_iframe_sandbox_a_if14.html Normal file
View File

@ -0,0 +1,34 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 886262</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<script>
window.addEventListener("message", receiveMessage, false);
function receiveMessage(event)
{
window.parent.parent.postMessage({ok: event.data.ok, desc: "objects containing " + event.data.desc}, "*");
}
function doStuff() {
try {
window.parent.parent.ok_wrapper(false, "an object inside a sandboxed iframe should NOT be same origin with the iframe's parent");
}
catch (e) {
window.parent.parent.postMessage({ok: true, desc: "an object inside a sandboxed iframe is not same origin with the iframe's parent"}, "*");
}
}
</script>
<body onload='doStuff()'>
I'm a &lt;object&gt; inside an iframe which is sandboxed with 'allow-scripts allow-forms'
<object data="file_iframe_sandbox_a_if15.html"></object>
</body>
</html>

33
content/html/content/test/file_iframe_sandbox_a_if15.html Normal file
View File

@ -0,0 +1,33 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 886262</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<script>
function doStuff() {
try {
window.parent.parent.parent.ok_wrapper(false, "an object inside a frame or object inside a sandboxed iframe should NOT be same origin with the iframe's parent");
}
catch (e) {
window.parent.parent.parent.postMessage({ok: true, desc: "an object inside a frame or object inside a sandboxed iframe is not same origin with the iframe's parent"}, "*");
}
// Check that sandboxed forms browsing context flag NOT set by attempting to submit a form.
document.getElementById('a_form').submit();
}
</script>
<body onload='doStuff()'>
I'm a &lt;object&gt; inside a &lt;frame&gt; or &lt;object&gt; inside an iframe which is sandboxed with 'allow-scripts allow-forms'
<form method="get" action="file_iframe_sandbox_form_pass.html" id="a_form">
First name: <input type="text" name="firstname">
Last name: <input type="text" name="lastname">
<input type="submit" id="a_button">
</form>
</body>
</html>

25
content/html/content/test/file_iframe_sandbox_a_if16.html Normal file
View File

@ -0,0 +1,25 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 886262</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<script>
window.addEventListener("message", receiveMessage, false);
function receiveMessage(event)
{
window.parent.parent.postMessage({ok: event.data.ok, desc: "objects containing " + event.data.desc}, "*");
}
</script>
<body>
I'm a &lt;frame&gt; inside an iframe which is sandboxed with 'allow-scripts allow-forms'
<object data="file_iframe_sandbox_a_if15.html"></object>
</body>
</html>

27
content/html/content/test/file_iframe_sandbox_a_if17.html Normal file
View File

@ -0,0 +1,27 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 886262</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<script>
function doTest() {
var if_18_19 = document.getElementById('if_18_19');
if_18_19.sandbox = "allow-scripts allow-same-origin";
if_18_19.contentWindow.postMessage("go", "*");
}
</script>
<body onload="doTest()">
I am sandboxed but with "allow-scripts". I change the sandbox flags on if_18_19 to
"allow-scripts allow-same-origin" then get it to re-navigate itself to
file_iframe_sandbox_a_if18.html, which attemps to call a function in my parent.
This should fail since my sandbox flags should be copied to it when the sandbox
flags are changed.
<iframe sandbox="allow-scripts" id="if_18_19" src="file_iframe_sandbox_a_if19.html" height="10" width="10"></iframe>
</body>
</html>

26
content/html/content/test/file_iframe_sandbox_a_if18.html Normal file
View File

@ -0,0 +1,26 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 886262</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<script>
function doTest() {
try {
window.parent.parent.ok_wrapper(false, "an iframe in an iframe SHOULD copy its parent's sandbox flags when its sandbox flags are changed");
}
catch (e) {
window.parent.parent.postMessage({ok: true, desc: "an iframe in an iframe copies its parent's sandbox flags when its sandbox flags are changed"}, "*");
}
}
</script>
<body onload="doTest()">
I'm an iframe whose sandbox flags have been changed to include allow-same-origin.
I should not be able to call a function in my parent's parent because my parent's
iframe does not have allow-same-origin set.
</body>
</html>

21
content/html/content/test/file_iframe_sandbox_a_if19.html Normal file
View File

@ -0,0 +1,21 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 886262</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
<script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
</head>
<script>
window.addEventListener("message", function(e){
window.open("file_iframe_sandbox_a_if18.html", "_self");
}, false);
</script>
<body>
I'm just here to navigate to file_iframe_sandbox_a_if18.html after my owning
iframe has had allow-same-origin added.
</body>
</html>

56
content/html/content/test/test_iframe_sandbox_inheritance.html
View File

@ -14,6 +14,9 @@ Implement HTML5 sandbox attribute for IFRAMEs - inheritance tests
/** Test for Bug 341604 - Implement HTML5 sandbox attribute for IFRAMEs **/
/** Inheritance Tests **/
// Assertion failure in docshell/shistory/src/nsSHEntry.cpp (currently line 625).
// Bug 901876 raised.
SimpleTest.expectAssertions(1);
SimpleTest.waitForExplicitFinish();
// A postMessage handler that is used by sandboxed iframes without
@ -39,8 +42,8 @@ function ok_wrapper(result, desc) {
passedTests++;
}
if (completedTests == 6) {
is(passedTests, 6, "there should be 6 passed inheritance tests");
if (completedTests == 13) {
is(passedTests, completedTests, "there should be " + completedTests + " passed inheritance tests");
SimpleTest.finish();
}
}
@ -102,6 +105,48 @@ function doTest() {
// 11) a <frame> inside a <frame> inside an <iframe> sandboxed with 'allow-scripts' should not be same
// origin with its parent frame or this document
// done by file_iframe_sandbox_a_if12.html which is contained with file_iframe_sandbox_a_if11.html
// passes if good, fails if bad
// 12) An <object> inside an <iframe> sandboxed with 'allow-scripts' should not be same
// origin with this document
// Done by file_iframe_sandbox_a_if14.html which is contained within file_iframe_sandbox_a_if13.html
// passes if good, fails if bad
// 13) An <object> inside an <object> inside an <iframe> sandboxed with 'allow-scripts' should not be same
// origin with its parent frame or this document
// Done by file_iframe_sandbox_a_if15.html which is contained within file_iframe_sandbox_a_if14.html
// passes if good, fails if bad
// 14) An <object> inside a <frame> inside an <iframe> sandboxed with 'allow-scripts' should not be same
// origin with its parent frame or this document
// Done by file_iframe_sandbox_a_if15.html which is contained within file_iframe_sandbox_a_if16.html
// which is contained within file_iframe_sandbox_a_if10.html
// passes if good
// 15) An <object> inside an <object> inside an <iframe> sandboxed with 'allow-scripts allow-forms'
// should be able to submit forms.
// Done by file_iframe_sandbox_a_if15.html which is contained within file_iframe_sandbox_a_if14.html
// passes if good
// 16) An <object> inside a <frame> inside an <iframe> sandboxed with 'allow-scripts allow-forms'
// should be able to submit forms.
// Done by file_iframe_sandbox_a_if15.html which is contained within file_iframe_sandbox_a_if16.html
// which is contained within file_iframe_sandbox_a_if10.html
// fails if bad
// 17) An <object> inside an <iframe> sandboxed with 'allow-same-origin'
// should not be able to run scripts.
// Done by iframe "if_no_scripts" using a data: load.
// passes if good
// 18) An <object> inside an <iframe> sandboxed with 'allow-scripts allow-same-origin'
// should be able to run scripts and be same origin with this document.
// Done by iframe "if_scripts" using a data: load.
// passes if good, fails if bad
// 19) Make sure that the parent's document's sandboxing flags are copied when
// changing the sandbox flags on an iframe inside an iframe.
// Done in file_iframe_sandbox_a_if17.html and file_iframe_sandbox_a_if18.html
}
addLoadEvent(doTest);
@ -114,5 +159,10 @@ addLoadEvent(doTest);
<iframe sandbox="allow-scripts" id="if_3" src="file_iframe_sandbox_a_if3.html" height="10" width="10"></iframe>
<iframe sandbox="allow-scripts allow-same-origin" id="if_5" src="file_iframe_sandbox_a_if5.html" height="10" width="10"></iframe>
<iframe sandbox="allow-scripts allow-same-origin" id="if_8" src="file_iframe_sandbox_a_if8.html" height="10" width="10"></iframe>
<iframe sandbox="allow-scripts" id="if_10" src="file_iframe_sandbox_a_if10.html" height="10" width="10"></iframe>
<iframe sandbox="allow-scripts allow-forms" id="if_10" src="file_iframe_sandbox_a_if10.html" height="10" width="10"></iframe>
<iframe sandbox="allow-scripts allow-forms" id="if_13" src="file_iframe_sandbox_a_if13.html" height="10" width="10"></iframe>
<iframe sandbox="allow-same-origin" id="if_no_scripts" src="data:text/html,<object%20data='data:text/html,<script>parent.parent.ok_wrapper(false, &quot;an object inside an iframe sandboxed with only allow-same-origin should not be able to run scripts&quot;)</script>'></object>" height="10" width="10"></iframe>
<iframe sandbox="allow-scripts allow-same-origin" id="if_scripts" src="data:text/html,<object%20data='data:text/html,<script>parent.parent.ok_wrapper(true, &quot;an object inside an iframe sandboxed with allow-scripts allow-same-origin should be able to run scripts and call functions in the parent of the iframe&quot;)</script>'></object>" height="10" width="10"></iframe>
<iframe sandbox="allow-same-origin" id="if_19" src="data:text/html,<iframe%20data='data:text/html,<script>parent.parent.ok_wrapper(true, &quot;an object inside an iframe sandboxed with allow-scripts allow-same-origin should be able to run scripts and call functions in the parent of the iframe&quot;)</script>'></object>" height="10" width="10"></iframe>
<iframe sandbox="allow-scripts" id="if_17" src="file_iframe_sandbox_a_if17.html" height="10" width="10"></iframe>
</div>