mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-03 02:25:34 +00:00
Bug 729589 - Fix frameElement wrapping test. r=Ms2ger
This commit is contained in:
parent
5bab2dde3a
commit
b2e1f08373
@ -1,26 +1,32 @@
|
||||
<html>
|
||||
<script>
|
||||
function check(elt, expectProxy, message) {
|
||||
netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
|
||||
var utils = window.QueryInterface(Components.interfaces.nsIInterfaceRequestor)
|
||||
.getInterface(Components.interfaces.nsIDOMWindowUtils);
|
||||
var result = ((utils.getClassName(elt) === 'Proxy') === expectProxy)
|
||||
? "PASS"
|
||||
: "FAIL";
|
||||
function check(elt, expectAccess, prop) {
|
||||
var access = false;
|
||||
try {
|
||||
elt[prop];
|
||||
access = true;
|
||||
}
|
||||
catch (e) {}
|
||||
return access === expectAccess;
|
||||
}
|
||||
|
||||
function sendMessage(success, sameOrigin, prop) {
|
||||
var result = success ? 'PASS' : 'FAIL';
|
||||
var message;
|
||||
if (sameOrigin)
|
||||
message = 'Can access |' + prop + '| if same origin';
|
||||
else
|
||||
message = 'Cannot access |' + prop + '| if not same origin';
|
||||
parent.postMessage(result + ',' + message, '*');
|
||||
}
|
||||
|
||||
try {
|
||||
// true if same origin, throws otherwise
|
||||
var sameOrigin = parent.location.href !== '';
|
||||
} catch (e) {
|
||||
sameOrigin = false;
|
||||
var sameOrigin = location.host !== 'example.org';
|
||||
var pass = check(frameElement, sameOrigin, 'src');
|
||||
if (!pass) {
|
||||
sendMessage(false, sameOrigin, 'src');
|
||||
} else {
|
||||
pass = check(parent.location, sameOrigin, 'href');
|
||||
sendMessage(pass, sameOrigin, 'href');
|
||||
}
|
||||
|
||||
check(frameElement, !sameOrigin,
|
||||
sameOrigin
|
||||
? 'no wrapper needed if same origin'
|
||||
: 'wrapper needed if not same origin');
|
||||
</script>
|
||||
</html>
|
||||
|
@ -1,7 +1,7 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<title>Test for location object behaviors</title>
|
||||
<title>Test for same-origin and cross-origin wrapping of frameElement</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
@ -14,6 +14,14 @@
|
||||
<pre id="test">
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
//
|
||||
// This test has sort of morphed over time to become less and less useful.
|
||||
// In the past, we had special security policy for frameElement, but that's
|
||||
// more or less gone away with compartment/proxy wrapping. So we just go
|
||||
// through the motions to make sure that, indeed, frameElement is subject
|
||||
// to the same-origin policy.
|
||||
//
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
var count = 0;
|
||||
|
Loading…
Reference in New Issue
Block a user