mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-22 17:55:50 +00:00
Bug 1444758: Part 5 - Migrate test_ext_contentscript_api_injection to xpcshell. r=aswan
MozReview-Commit-ID: Htot0aRcFXK --HG-- rename : toolkit/components/extensions/test/mochitest/test_ext_contentscript_api_injection.html => toolkit/components/extensions/test/xpcshell/test_ext_contentscript_api_injection.js extra : rebase_source : c32d5d338b62d847db365fa699fade05500a2482
This commit is contained in:
parent
7da5dc09fb
commit
fb0010650f
@ -315,12 +315,12 @@ var ExtensionTestCommon = class ExtensionTestCommon {
|
||||
*/
|
||||
static serializeFunction(script) {
|
||||
// Serialization of object methods doesn't include `function` anymore.
|
||||
const method = /^(async )?(\w+)\(/;
|
||||
const method = /^(async )?(?:(\w+)|"(\w+)\.js")\(/;
|
||||
|
||||
let code = script.toString();
|
||||
let match = code.match(method);
|
||||
if (match && match[2] !== "function") {
|
||||
code = code.replace(method, "$1function $2(");
|
||||
code = code.replace(method, "$1function $2$3(");
|
||||
}
|
||||
return code;
|
||||
}
|
||||
|
@ -1,12 +0,0 @@
|
||||
"use strict";
|
||||
|
||||
/* eslint-env mozilla/frame-script */
|
||||
|
||||
ChromeUtils.import("resource://gre/modules/Services.jsm");
|
||||
|
||||
Services.console.registerListener(function listener(message) {
|
||||
if (/WebExt Privilege Escalation/.test(message.message)) {
|
||||
Services.console.unregisterListener(listener);
|
||||
sendAsyncMessage("console-message", {message: message.message});
|
||||
}
|
||||
});
|
@ -1,13 +0,0 @@
|
||||
<!DOCTYPE HTML>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
</head>
|
||||
<body>
|
||||
<script type="text/javascript">
|
||||
"use strict";
|
||||
throw new Error(`WebExt Privilege Escalation: typeof(browser) = ${typeof(browser)}`);
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
@ -7,7 +7,6 @@ support-files =
|
||||
file_WebRequest_page3.html
|
||||
file_csp.html
|
||||
file_csp.html^headers^
|
||||
file_ext_test_api_injection.js
|
||||
file_image_bad.png
|
||||
file_image_good.png
|
||||
file_image_great.png
|
||||
@ -15,7 +14,6 @@ support-files =
|
||||
file_mixed.html
|
||||
file_page_xhr.html
|
||||
file_permission_xhr.html
|
||||
file_privilege_escalation.html
|
||||
file_remote_frame.html
|
||||
file_sample.html
|
||||
file_script_bad.js
|
||||
@ -70,7 +68,6 @@ skip-if = headless # disabled test case with_permission_allow_copy, see inline c
|
||||
[test_ext_content_security_policy.html]
|
||||
[test_ext_contentscript_about_blank.html]
|
||||
skip-if = os == 'android' # bug 1369440
|
||||
[test_ext_contentscript_api_injection.html]
|
||||
[test_ext_contentscript_async_loading.html]
|
||||
skip-if = os == 'android' && debug # The generated script takes too long to load on Android debug
|
||||
[test_ext_contentscript_cache.html]
|
||||
|
@ -1,88 +0,0 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<title>Test for privilege escalation into iframe with content script APIs</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/ExtensionTestUtils.js"></script>
|
||||
<script type="text/javascript" src="head.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<!-- WORKAROUND: this textarea hack is used to contain the html page source without escaping it -->
|
||||
<textarea id="test-asset">
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<script type="text/javascript" src="./content_script_iframe.js">
|
||||
</script>
|
||||
</head>
|
||||
</html>
|
||||
</textarea>
|
||||
|
||||
<script type="text/javascript">
|
||||
"use strict";
|
||||
|
||||
add_task(async function test_contentscript_api_injection() {
|
||||
function contentScript() {
|
||||
let iframe = document.createElement("iframe");
|
||||
iframe.setAttribute("src", browser.runtime.getURL("content_script_iframe.html"));
|
||||
document.body.appendChild(iframe);
|
||||
}
|
||||
|
||||
function contentScriptIframe() {
|
||||
const BASE = "http://mochi.test:8888/tests/toolkit/components/extensions/test/mochitest";
|
||||
window.location = `${BASE}/file_privilege_escalation.html`;
|
||||
}
|
||||
|
||||
let extensionData = {
|
||||
manifest: {
|
||||
content_scripts: [
|
||||
{
|
||||
"matches": ["http://mochi.test/*/file_sample.html"],
|
||||
"js": ["content_script.js"],
|
||||
"run_at": "document_idle",
|
||||
},
|
||||
],
|
||||
"web_accessible_resources": [
|
||||
"content_script_iframe.html",
|
||||
],
|
||||
},
|
||||
|
||||
files: {
|
||||
"content_script.js": contentScript,
|
||||
"content_script_iframe.js": contentScriptIframe,
|
||||
"content_script_iframe.html": document.querySelector("#test-asset").textContent,
|
||||
},
|
||||
};
|
||||
|
||||
let extension = ExtensionTestUtils.loadExtension(extensionData);
|
||||
|
||||
let awaitConsole = new Promise(resolve => {
|
||||
let chromeScript = SpecialPowers.loadChromeScript(
|
||||
SimpleTest.getTestFileURL("file_ext_test_api_injection.js"));
|
||||
|
||||
chromeScript.addMessageListener("console-message", resolve);
|
||||
});
|
||||
|
||||
await extension.startup();
|
||||
info("extension loaded");
|
||||
|
||||
let win = window.open("file_sample.html");
|
||||
|
||||
let message = await awaitConsole;
|
||||
|
||||
ok(message.message.includes("WebExt Privilege Escalation: typeof(browser) = undefined"),
|
||||
"Document does not have `browser` APIs.");
|
||||
|
||||
win.close();
|
||||
|
||||
await extension.unload();
|
||||
info("extension unloaded");
|
||||
});
|
||||
</script>
|
||||
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,62 @@
|
||||
"use strict";
|
||||
|
||||
const server = createHttpServer({hosts: ["example.com"]});
|
||||
server.registerDirectory("/data/", do_get_file("data"));
|
||||
|
||||
|
||||
add_task(async function test_contentscript_api_injection() {
|
||||
let extensionData = {
|
||||
manifest: {
|
||||
content_scripts: [
|
||||
{
|
||||
"matches": ["http://example.com/data/file_sample.html"],
|
||||
"js": ["content_script.js"],
|
||||
},
|
||||
],
|
||||
"web_accessible_resources": [
|
||||
"content_script_iframe.html",
|
||||
],
|
||||
},
|
||||
|
||||
files: {
|
||||
"content_script.js"() {
|
||||
let iframe = document.createElement("iframe");
|
||||
iframe.src = browser.runtime.getURL("content_script_iframe.html");
|
||||
document.body.appendChild(iframe);
|
||||
},
|
||||
"content_script_iframe.js"() {
|
||||
window.location = `http://example.com/data/file_privilege_escalation.html`;
|
||||
},
|
||||
"content_script_iframe.html": `<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<script type="text/javascript" src="content_script_iframe.js"></script>
|
||||
</head>
|
||||
</html>`,
|
||||
},
|
||||
};
|
||||
|
||||
let extension = ExtensionTestUtils.loadExtension(extensionData);
|
||||
|
||||
let awaitConsole = new Promise(resolve => {
|
||||
Services.console.registerListener(function listener(message) {
|
||||
if (/WebExt Privilege Escalation/.test(message.message)) {
|
||||
Services.console.unregisterListener(listener);
|
||||
resolve(message);
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
await extension.startup();
|
||||
|
||||
let contentPage = await ExtensionTestUtils.loadContentPage("http://example.com/data/file_sample.html");
|
||||
|
||||
let message = await awaitConsole;
|
||||
ok(message.message.includes("WebExt Privilege Escalation: typeof(browser) = undefined"),
|
||||
"Document does not have `browser` APIs.");
|
||||
|
||||
await contentPage.close();
|
||||
|
||||
await extension.unload();
|
||||
});
|
@ -18,6 +18,7 @@ skip-if = os == "android"
|
||||
[test_ext_browserSettings_homepage.js]
|
||||
skip-if = os == "android"
|
||||
[test_ext_cookieBehaviors.js]
|
||||
[test_ext_contentscript_api_injection.js]
|
||||
[test_ext_contextual_identities.js]
|
||||
skip-if = os == "android" # Containers are not exposed to android.
|
||||
[test_ext_debugging_utils.js]
|
||||
|
Loading…
Reference in New Issue
Block a user