Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-12-01 17:23:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 664688 - JavaScript evaluation "permission denied" after navigation to a different domain; r=past

Browse Source
This commit is contained in:
Mihai Sucan 2012-06-03 13:17:16 +03:00
parent 595d5abc7b
commit de1b29a211
3 changed files with 135 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
browser/devtools/webconsole/HUDService-content.js
View File

@ -39,7 +39,6 @@ let _alive = true; // Track if this content script should still be alive.
*/
let Manager = {
get window() content,
sandbox: null,
hudId: null,
_sequence: 0,
_messageListeners: ["WebConsole:Init", "WebConsole:EnableFeature",
@ -738,6 +737,7 @@ let JSTerm = {
*/
sandbox: null,
_sandboxLocation: null,
_messageHandlers: {},
/**
@ -774,8 +774,6 @@ let JSTerm = {
Manager.addMessageHandler(name, handler);
}
this._createSandbox();
if (aMessage && aMessage.notifyNonNativeConsoleAPI) {
let consoleObject = WebConsoleUtils.unwrap(this.window).console;
if (!("__mozillaConsole__" in consoleObject)) {
@ -986,6 +984,7 @@ let JSTerm = {
*/
_createSandbox: function JST__createSandbox()
{
this._sandboxLocation = this.window.location;
this.sandbox = new Cu.Sandbox(this.window, {
sandboxPrototype: this.window,
wantXrays: false,
@ -1001,11 +1000,17 @@ let JSTerm = {
*
* @param string aString
* String to evaluate in the sandbox.
* @returns something
* The result of the evaluation.
* @return mixed
* The result of the evaluation.
*/
evalInSandbox: function JST_evalInSandbox(aString)
{
// If the user changed to a different location, we need to update the
// sandbox.
if (this._sandboxLocation !== this.window.location) {
this._createSandbox();
}
// The help function needs to be easy to guess, so we make the () optional
if (aString.trim() == "help" || aString.trim() == "?") {
aString = "help()";
@ -1048,6 +1053,7 @@ let JSTerm = {
}
delete this.sandbox;
delete this._sandboxLocation;
delete this._messageHandlers;
delete this._objectCache;
},

1
browser/devtools/webconsole/test/Makefile.in
View File

@ -108,6 +108,7 @@ _BROWSER_TEST_FILES = \
browser_webconsole_bug_622303_persistent_filters.js \
browser_webconsole_window_zombie.js \
browser_cached_messages.js \
browser_bug664688_sandbox_update_after_navigation.js \
head.js \
$(NULL)

123
browser/devtools/webconsole/test/browser_bug664688_sandbox_update_after_navigation.js Normal file
View File

@ -0,0 +1,123 @@
/* vim:set ts=2 sw=2 sts=2 et: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
// Tests if the JSTerm sandbox is updated when the user navigates from one
// domain to another, in order to avoid permission denied errors with a sandbox
// created for a different origin.
function test()
{
const TEST_URI1 = "http://example.com/browser/browser/devtools/webconsole/test/test-console.html";
const TEST_URI2 = "http://example.org/browser/browser/devtools/webconsole/test/test-console.html";
let hud;
waitForExplicitFinish();
gBrowser.selectedTab = gBrowser.addTab(TEST_URI1);
gBrowser.selectedBrowser.addEventListener("load", function onLoad() {
gBrowser.selectedBrowser.removeEventListener("load", onLoad, true);
openConsole(gBrowser.selectedTab, pageLoad1);
}, true);
function pageLoad1(aHud)
{
hud = aHud;
hud.jsterm.clearOutput();
hud.jsterm.execute("window.location.href");
waitForSuccess(waitForLocation1);
}
let waitForLocation1 = {
name: "window.location.href result is displayed",
validatorFn: function()
{
let node = hud.outputNode.getElementsByClassName("webconsole-msg-output")[0];
return node && node.textContent.indexOf(TEST_URI1) > -1;
},
successFn: function()
{
let node = hud.outputNode.getElementsByClassName("webconsole-msg-input")[0];
isnot(node.textContent.indexOf("window.location.href"), -1,
"jsterm input is also displayed");
is(hud.outputNode.textContent.indexOf("Permission denied"), -1,
"no permission denied errors");
gBrowser.selectedBrowser.addEventListener("load", onPageLoad2, true);
content.location = TEST_URI2;
},
failureFn: finishTest,
};
function onPageLoad2() {
gBrowser.selectedBrowser.removeEventListener("load", onPageLoad2, true);
hud.jsterm.clearOutput();
hud.jsterm.execute("window.location.href");
waitForSuccess(waitForLocation2);
}
let waitForLocation2 = {
name: "window.location.href result is displayed after page navigation",
validatorFn: function()
{
let node = hud.outputNode.getElementsByClassName("webconsole-msg-output")[0];
return node && node.textContent.indexOf(TEST_URI2) > -1;
},
successFn: function()
{
let node = hud.outputNode.getElementsByClassName("webconsole-msg-input")[0];
isnot(node.textContent.indexOf("window.location.href"), -1,
"jsterm input is also displayed");
is(hud.outputNode.textContent.indexOf("Permission denied"), -1,
"no permission denied errors");
gBrowser.goBack();
waitForSuccess(waitForBack);
},
failureFn: finishTest,
};
let waitForBack = {
name: "go back",
validatorFn: function()
{
return content.location.href == TEST_URI1;
},
successFn: function()
{
hud.jsterm.clearOutput();
hud.jsterm.execute("window.location.href");
waitForSuccess(waitForLocation3);
},
failureFn: finishTest,
};
let waitForLocation3 = {
name: "window.location.href result is displayed after goBack()",
validatorFn: function()
{
let node = hud.outputNode.getElementsByClassName("webconsole-msg-output")[0];
return node && node.textContent.indexOf(TEST_URI1) > -1;
},
successFn: function()
{
let node = hud.outputNode.getElementsByClassName("webconsole-msg-input")[0];
isnot(node.textContent.indexOf("window.location.href"), -1,
"jsterm input is also displayed");
is(hud.outputNode.textContent.indexOf("Permission denied"), -1,
"no permission denied errors");
executeSoon(finishTest);
},
failureFn: finishTest,
};
}