mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-30 00:01:50 +00:00
bug 405924 Test that loading place URIs from content prevented, r=dietrich a=mconnor
This commit is contained in:
parent
aeeedf077c
commit
26740d7d98
@ -40,6 +40,7 @@ DEPTH = ../../../..
|
||||
topsrcdir = @top_srcdir@
|
||||
srcdir = @srcdir@
|
||||
VPATH = @srcdir@
|
||||
relativesrcdir = toolkit/components/places/tests
|
||||
|
||||
include $(DEPTH)/config/autoconf.mk
|
||||
|
||||
@ -50,6 +51,13 @@ XPCSHELL_TESTS = unit \
|
||||
queries \
|
||||
$(NULL)
|
||||
|
||||
# Simple MochiTests
|
||||
MOCHI_TESTS = mochitest/test_bug_405924.html \
|
||||
$(NULL)
|
||||
|
||||
MOCHI_CONTENT = mochitest/prompt_common.js \
|
||||
$(NULL)
|
||||
|
||||
ifdef MOZ_MOCHITEST
|
||||
DIRS = \
|
||||
chrome \
|
||||
@ -59,3 +67,6 @@ DIRS = \
|
||||
endif
|
||||
|
||||
include $(topsrcdir)/config/rules.mk
|
||||
|
||||
libs:: $(MOCHI_TESTS) $(MOCHI_CONTENT)
|
||||
$(INSTALL) $(foreach f,$^,"$f") $(DEPTH)/_tests/testing/mochitest/tests/$(relativesrcdir)
|
||||
|
74
toolkit/components/places/tests/mochitest/prompt_common.js
Normal file
74
toolkit/components/places/tests/mochitest/prompt_common.js
Normal file
@ -0,0 +1,74 @@
|
||||
netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
|
||||
|
||||
const Ci = Components.interfaces;
|
||||
ok(Ci != null, "Access Ci");
|
||||
const Cc = Components.classes;
|
||||
ok(Cc != null, "Access Cc");
|
||||
|
||||
var didDialog;
|
||||
|
||||
var timer; // keep in outer scope so it's not GC'd before firing
|
||||
function startCallbackTimer() {
|
||||
didDialog = false;
|
||||
|
||||
// Delay before the callback twiddles the prompt.
|
||||
const dialogDelay = 10;
|
||||
|
||||
// Use a timer to invoke a callback to twiddle the authentication dialog
|
||||
timer = Cc["@mozilla.org/timer;1"].createInstance(Ci.nsITimer);
|
||||
timer.init(observer, dialogDelay, Ci.nsITimer.TYPE_ONE_SHOT);
|
||||
}
|
||||
|
||||
var observer = {
|
||||
QueryInterface : function (iid) {
|
||||
const interfaces = [Ci.nsIObserver,
|
||||
Ci.nsISupports, Ci.nsISupportsWeakReference];
|
||||
|
||||
if (!interfaces.some( function(v) { return iid.equals(v) } ))
|
||||
throw Components.results.NS_ERROR_NO_INTERFACE;
|
||||
return this;
|
||||
},
|
||||
|
||||
observe : function (subject, topic, data) {
|
||||
netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
|
||||
|
||||
var doc = getDialogDoc();
|
||||
if (doc)
|
||||
handleDialog(doc);
|
||||
else
|
||||
startCallbackTimer(); // try again in a bit
|
||||
}
|
||||
};
|
||||
|
||||
function getDialogDoc() {
|
||||
// Find the <browser> which contains notifyWindow, by looking
|
||||
// through all the open windows and all the <browsers> in each.
|
||||
var wm = Cc["@mozilla.org/appshell/window-mediator;1"].
|
||||
getService(Ci.nsIWindowMediator);
|
||||
//var enumerator = wm.getEnumerator("navigator:browser");
|
||||
var enumerator = wm.getXULWindowEnumerator(null);
|
||||
|
||||
while (enumerator.hasMoreElements()) {
|
||||
var win = enumerator.getNext();
|
||||
var windowDocShell = win.QueryInterface(Ci.nsIXULWindow).docShell;
|
||||
|
||||
var containedDocShells = windowDocShell.getDocShellEnumerator(
|
||||
Ci.nsIDocShellTreeItem.typeChrome,
|
||||
Ci.nsIDocShell.ENUMERATE_FORWARDS);
|
||||
while (containedDocShells.hasMoreElements()) {
|
||||
// Get the corresponding document for this docshell
|
||||
var childDocShell = containedDocShells.getNext();
|
||||
// We don't want it if it's not done loading.
|
||||
if (childDocShell.busyFlags != Ci.nsIDocShell.BUSY_FLAGS_NONE)
|
||||
continue;
|
||||
var childDoc = childDocShell.QueryInterface(Ci.nsIDocShell).
|
||||
contentViewer.DOMDocument;
|
||||
|
||||
//ok(true, "Got window: " + childDoc.location.href);
|
||||
if (childDoc.location.href == "chrome://global/content/commonDialog.xul")
|
||||
return childDoc;
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
114
toolkit/components/places/tests/mochitest/test_bug_405924.html
Normal file
114
toolkit/components/places/tests/mochitest/test_bug_405924.html
Normal file
@ -0,0 +1,114 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<!--
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=405924
|
||||
-->
|
||||
<head>
|
||||
<title>Test for Bug 405924</title>
|
||||
<script type="text/javascript" src="/MochiKit/MochiKit.js"></script>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script type="text/javascript" src="prompt_common.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=405924">
|
||||
Mozilla Bug 405924</a>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
<iframe id="iframe"></iframe>
|
||||
</div>
|
||||
<pre id="test">
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
/** Test for Bug 405924 **/
|
||||
netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
|
||||
var isDone = false;
|
||||
|
||||
// This is called from prompt_common when the error dialog shows up
|
||||
function handleDialog(doc) {
|
||||
netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
|
||||
// Verify the error message is correct - the string (places) is not
|
||||
// translated
|
||||
dump("BUG_405924: We caught the alert error dialog!\n");
|
||||
var dialog = doc.getElementById("commonDialog");
|
||||
var desc = doc.getElementById("info.body");
|
||||
var errmsg = desc.childNodes[0].data;
|
||||
ok(errmsg.match(/\(place\)/), "Check for the correct error message");
|
||||
|
||||
// Clear the dialog
|
||||
dialog.acceptDialog();
|
||||
// Declared in prompt_common and used to show that we flashed the error
|
||||
// message
|
||||
didDialog = true;
|
||||
}
|
||||
|
||||
// Called when the iFrame or the Window is reloaded
|
||||
function onloadHandler() {
|
||||
netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
|
||||
ok(didDialog, "Error Dialog was shown");
|
||||
|
||||
if (isDone) {
|
||||
// Finish up
|
||||
SimpleTest.finish();
|
||||
}
|
||||
}
|
||||
|
||||
function useXMLHttpRequest(aType, aUri, aValueToSend) {
|
||||
var req = new XMLHttpRequest();
|
||||
|
||||
req.onreadystatechange=function() {
|
||||
// If this completes, it's an error
|
||||
if (req.readyState == 4)
|
||||
ok(false, "XMLHttpRequest to Places URI succeeded: security breach");
|
||||
}
|
||||
|
||||
try {
|
||||
req.open(aType, aUri, false);
|
||||
req.send(aValueToSend);
|
||||
ok(false, "XMLHttpRequest did not throw error - security breach");
|
||||
} catch (ex) {
|
||||
// Unfortunately it's an unknown error, so no use in trying to see
|
||||
// what it was
|
||||
ok(true, "XMLHttpRequest to Places URI threw error: expected behavior");
|
||||
}
|
||||
}
|
||||
|
||||
// First try requesting a places URI from javascript - fails silently
|
||||
useXMLHttpRequest("GET",
|
||||
"place:folder=BOOKMARKS_MENU&folder=UNFILED_BOOKMARKS&folder=TOOLBAR&sort=12&excludeQueries=1&queryType=1",
|
||||
null);
|
||||
|
||||
// Second, try posting to a places URI just for grins
|
||||
useXMLHttpRequest("POST",
|
||||
"place:folder=UNFILED_BOOKMARKS&sort=12&queryType=1",
|
||||
"SELECT%20*%20FROM%20moz_places");
|
||||
|
||||
// Third test, use the iFrame and try loading directly
|
||||
var iframe = document.getElementById("iframe");
|
||||
iframe.onload = onloadHandler;
|
||||
startCallbackTimer();
|
||||
try {
|
||||
iframe.src = "place:sort=14&type=6&maxResults=10";
|
||||
ok(false, "Iframe set to places URI did not throw - security breach");
|
||||
} catch (ex) {
|
||||
ok(true, "Iframe set to places URI threw exception: expected behavior");
|
||||
}
|
||||
|
||||
// And finally, go for broke
|
||||
window.onload = onloadHandler;
|
||||
isDone = true;
|
||||
startCallbackTimer();
|
||||
try {
|
||||
window.content.document.location.href = "place:sort=8&maxResults=10";
|
||||
ok(false, "Window set to places URI did not throw - security breach");
|
||||
} catch (ex) {
|
||||
ok(true, "Window set to places URI threw exception: expected behavior");
|
||||
}
|
||||
|
||||
// We finish up in the onloadHandler
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
</script>
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
||||
|
Loading…
Reference in New Issue
Block a user