mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-17 23:35:34 +00:00
Bug 1182546 - Test block loading DTD from random page (r=bz,gijs)
This commit is contained in:
parent
ab10273998
commit
8b80b45c0b
5
browser/base/content/test/general/bug_1182546.xml
Normal file
5
browser/base/content/test/general/bug_1182546.xml
Normal file
@ -0,0 +1,5 @@
|
||||
<!DOCTYPE html [
|
||||
<!ENTITY % passwordManagerDTD SYSTEM "chrome://passwordmgr/locale/passwordManager.dtd">
|
||||
%passwordManagerDTD;
|
||||
]>
|
||||
<window>&savedLogins.title;</window>
|
@ -25,6 +25,7 @@ support-files =
|
||||
offlineEvent.html
|
||||
subtst_contextmenu.html
|
||||
video.ogg
|
||||
bug_1182546.xml
|
||||
|
||||
[test_bug364677.html]
|
||||
[test_bug395533.html]
|
||||
@ -38,3 +39,4 @@ skip-if = e10s
|
||||
skip-if = buildapp == 'mulet' || e10s # Bug 1066070 - I don't think either popup notifications nor addon install stuff works?
|
||||
[test_offline_gzip.html]
|
||||
skip-if = buildapp == 'mulet' || e10s # Bug 1066070 - I don't think either popup notifications nor addon install stuff works?
|
||||
[test_bug1182546.html]
|
||||
|
35
browser/base/content/test/general/test_bug1182546.html
Normal file
35
browser/base/content/test/general/test_bug1182546.html
Normal file
@ -0,0 +1,35 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<!--
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=1182546
|
||||
-->
|
||||
<head>
|
||||
<title>Bug 1182546 - Test block loading DTD from random page</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<iframe id="testframe" src="bug_1182546.xml"></iframe>
|
||||
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
addLoadEvent(function() {
|
||||
// make sure the DTD loader (nsExpatDriver) prevents accessing chrome: from random pages
|
||||
var childNodes = testframe.contentDocument.documentElement.childNodes;
|
||||
|
||||
// make sure '&savedLogins.title;' from bug_1182546.xml does not translate into 'Saved Logins'
|
||||
// the URL 'chrome://passwordmgr/locale/passwordManager.dtd' should not be accessible from content
|
||||
var nodeValue = childNodes[0].nodeValue;
|
||||
isnot(nodeValue, "Saved Logins",
|
||||
"expatDriver should prevent accessing &savedLogins.title;");
|
||||
ok(nodeValue.startsWith("XML Parsing Error: undefined entity"),
|
||||
"expatDriver should not allow accessing chrome:");
|
||||
});
|
||||
|
||||
addLoadEvent(SimpleTest.finish);
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
Loading…
Reference in New Issue
Block a user