summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-30 23:56:11 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-30 23:56:11 +0200
commit8dcc716efdf415611f09e30f213342a484c70150 (patch)
tree1e6c0545d21d8d4caeaf47647404fe5b979a9b38
parentd735c1c1ad9b0ebaf24a0d468dda0b69bdaae060 (diff)
downloadUXP-8dcc716efdf415611f09e30f213342a484c70150.tar
UXP-8dcc716efdf415611f09e30f213342a484c70150.tar.gz
UXP-8dcc716efdf415611f09e30f213342a484c70150.tar.lz
UXP-8dcc716efdf415611f09e30f213342a484c70150.tar.xz
UXP-8dcc716efdf415611f09e30f213342a484c70150.zip
Bug 1359204 - Test view-source can open link is not blocked by security policies
-rw-r--r--docshell/test/browser/browser.ini2
-rw-r--r--docshell/test/browser/browser_click_link_within_view_source.js60
-rw-r--r--docshell/test/browser/file_click_link_within_view_source.html6
3 files changed, 68 insertions, 0 deletions
diff --git a/docshell/test/browser/browser.ini b/docshell/test/browser/browser.ini
index 28d5010ed..300caff1a 100644
--- a/docshell/test/browser/browser.ini
+++ b/docshell/test/browser/browser.ini
@@ -46,6 +46,7 @@ support-files =
browser_timelineMarkers-frame-05.js
head.js
frame-head.js
+ file_click_link_within_view_source.html
[browser_bug1206879.js]
[browser_bug1309900_crossProcessHistoryNavigation.js]
@@ -92,3 +93,4 @@ skip-if = true # Bug 1220415
[browser_timelineMarkers-04.js]
[browser_timelineMarkers-05.js]
[browser_ua_emulation.js]
+[browser_click_link_within_view_source.js]
diff --git a/docshell/test/browser/browser_click_link_within_view_source.js b/docshell/test/browser/browser_click_link_within_view_source.js
new file mode 100644
index 000000000..84cfc1f0f
--- /dev/null
+++ b/docshell/test/browser/browser_click_link_within_view_source.js
@@ -0,0 +1,60 @@
+"use strict";
+
+/**
+ * Test for Bug 1359204
+ *
+ * Loading a local file, then view-source on that file. Make sure that
+ * clicking a link within that view-source page is not blocked by security checks.
+ */
+
+add_task(function* test_click_link_within_view_source() {
+ let TEST_FILE = "file_click_link_within_view_source.html";
+ let TEST_FILE_URI = getChromeDir(getResolvedURI(gTestPath));
+ TEST_FILE_URI.append(TEST_FILE);
+ TEST_FILE_URI = Services.io.newFileURI(TEST_FILE_URI).spec;
+
+ let DUMMY_FILE = "dummy_page.html";
+ let DUMMY_FILE_URI = getChromeDir(getResolvedURI(gTestPath));
+ DUMMY_FILE_URI.append(DUMMY_FILE);
+ DUMMY_FILE_URI = Services.io.newFileURI(DUMMY_FILE_URI).spec;
+
+ yield BrowserTestUtils.withNewTab(TEST_FILE_URI, function*(aBrowser) {
+ let tabSpec = gBrowser.selectedBrowser.currentURI.spec;
+ info("loading: " + tabSpec);
+ ok(tabSpec.startsWith("file://") && tabSpec.endsWith(TEST_FILE),
+ "sanity check to make sure html loaded");
+
+ info("click view-source of html");
+ let tabPromise = BrowserTestUtils.waitForNewTab(gBrowser);
+ document.getElementById("View:PageSource").doCommand();
+
+ let tab = yield tabPromise;
+ tabSpec = gBrowser.selectedBrowser.currentURI.spec;
+ info("loading: " + tabSpec);
+ ok(tabSpec.startsWith("view-source:file://") && tabSpec.endsWith(TEST_FILE),
+ "loading view-source of html succeeded");
+
+ info("click testlink within view-source page");
+ let loadPromise = BrowserTestUtils.browserLoaded(tab.linkedBrowser, false, url => url.endsWith("dummy_page.html"));
+ yield ContentTask.spawn(gBrowser.selectedBrowser, {}, function*() {
+ if (content.document.readyState != "complete") {
+ yield ContentTaskUtils.waitForEvent(content.document, "readystatechange", false, () =>
+ content.document.readyState == "complete");
+ }
+ // document.getElementById() does not work on a view-source page, hence we use document.links
+ let linksOnPage = content.document.links;
+ is (linksOnPage.length, 1, "sanity check: make sure only one link is present on page");
+ let myLink = content.document.links[0];
+ myLink.click();
+ });
+
+ yield loadPromise;
+
+ tabSpec = gBrowser.selectedBrowser.currentURI.spec;
+ info("loading: " + tabSpec);
+ ok(tabSpec.startsWith("view-source:file://") && tabSpec.endsWith(DUMMY_FILE),
+ "loading view-source of html succeeded");
+
+ yield BrowserTestUtils.removeTab(tab);
+ });
+});
diff --git a/docshell/test/browser/file_click_link_within_view_source.html b/docshell/test/browser/file_click_link_within_view_source.html
new file mode 100644
index 000000000..d78e4ba0f
--- /dev/null
+++ b/docshell/test/browser/file_click_link_within_view_source.html
@@ -0,0 +1,6 @@
+<html>
+<head> <meta charset="utf-8"> </head>
+ <body>
+ <a id="testlink" href="dummy_page.html">clickme</a>
+ </body>
+</html>