summaryrefslogtreecommitdiffstats
path: root/docshell
diff options
context:
space:
mode:
authorMoonchild <mcwerewolf@gmail.com>2018-05-06 20:45:22 +0200
committerGitHub <noreply@github.com>2018-05-06 20:45:22 +0200
commit5390888b97ecbd4135049c0b4a2ae0b103052a4a (patch)
treef3ddb622b21bd336384972e5461402d247478f85 /docshell
parent61394bf4ff79650ee4b3f3951331c8a8775de6e3 (diff)
parent26a032c080c91ee9da347893362d5b08bc759c10 (diff)
downloadUXP-5390888b97ecbd4135049c0b4a2ae0b103052a4a.tar
UXP-5390888b97ecbd4135049c0b4a2ae0b103052a4a.tar.gz
UXP-5390888b97ecbd4135049c0b4a2ae0b103052a4a.tar.lz
UXP-5390888b97ecbd4135049c0b4a2ae0b103052a4a.tar.xz
UXP-5390888b97ecbd4135049c0b4a2ae0b103052a4a.zip
Merge pull request #335 from janekptacijarabaci/security_blocking_data_3
moebius#231: Consider blocking top level window data: URIs (tests)
Diffstat (limited to 'docshell')
-rw-r--r--docshell/base/crashtests/914521.html10
-rw-r--r--docshell/test/chrome/test_bug364461.xul10
-rw-r--r--docshell/test/file_bug598895_1.html1
-rw-r--r--docshell/test/file_bug598895_2.html1
-rw-r--r--docshell/test/file_bug637644_1.html1
-rw-r--r--docshell/test/file_bug637644_2.html1
-rw-r--r--docshell/test/mochitest.ini4
-rw-r--r--docshell/test/navigation/NavigationUtils.js20
-rw-r--r--docshell/test/navigation/file_scrollRestoration.html4
-rw-r--r--docshell/test/navigation/mochitest.ini2
-rw-r--r--docshell/test/navigation/navigation_target_popup_url.html1
-rw-r--r--docshell/test/navigation/navigation_target_url.html1
-rw-r--r--docshell/test/navigation/open.html2
-rw-r--r--docshell/test/navigation/test_triggeringprincipal_window_open.html28
-rw-r--r--docshell/test/test_bug598895.html5
-rw-r--r--docshell/test/test_bug637644.html5
16 files changed, 50 insertions, 46 deletions
diff --git a/docshell/base/crashtests/914521.html b/docshell/base/crashtests/914521.html
index 9ae18b860..eb0a43749 100644
--- a/docshell/base/crashtests/914521.html
+++ b/docshell/base/crashtests/914521.html
@@ -20,6 +20,14 @@ function f()
finish();
}
+function init()
+{
+ SpecialPowers.pushPrefEnv({"set": [
+ ["security.data_uri.block_toplevel_data_uri_navigations", false],
+ ]}, start);
+
+}
+
function start()
{
var html = "<script>" + f + "<\/script><body onload=f()>";
@@ -29,5 +37,5 @@ function start()
</script>
</head>
-<body onload="start();"></body>
+<body onload="init();"></body>
</html>
diff --git a/docshell/test/chrome/test_bug364461.xul b/docshell/test/chrome/test_bug364461.xul
index 85154f9d7..9e45ce971 100644
--- a/docshell/test/chrome/test_bug364461.xul
+++ b/docshell/test/chrome/test_bug364461.xul
@@ -29,9 +29,15 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=364461
/** Test for Bug 364461 **/
SimpleTest.waitForExplicitFinish();
-window.open("bug364461_window.xul", "bug364461",
- "chrome,width=600,height=600");
+SpecialPowers.pushPrefEnv({
+ "set":[["security.data_uri.block_toplevel_data_uri_navigations", false]]
+}, runTests);
+
+function runTests() {
+ window.open("bug364461_window.xul", "bug364461",
+ "chrome,width=600,height=600");
+}
]]>
</script>
diff --git a/docshell/test/file_bug598895_1.html b/docshell/test/file_bug598895_1.html
new file mode 100644
index 000000000..6fbb13a02
--- /dev/null
+++ b/docshell/test/file_bug598895_1.html
@@ -0,0 +1 @@
+<script>window.onload = function() { opener.postMessage('loaded', '*'); }</script><body>Should show</body>
diff --git a/docshell/test/file_bug598895_2.html b/docshell/test/file_bug598895_2.html
new file mode 100644
index 000000000..0822c566b
--- /dev/null
+++ b/docshell/test/file_bug598895_2.html
@@ -0,0 +1 @@
+<script>window.onload = function() { opener.postMessage('loaded', '*'); }</script><body></body>
diff --git a/docshell/test/file_bug637644_1.html b/docshell/test/file_bug637644_1.html
new file mode 100644
index 000000000..6fbb13a02
--- /dev/null
+++ b/docshell/test/file_bug637644_1.html
@@ -0,0 +1 @@
+<script>window.onload = function() { opener.postMessage('loaded', '*'); }</script><body>Should show</body>
diff --git a/docshell/test/file_bug637644_2.html b/docshell/test/file_bug637644_2.html
new file mode 100644
index 000000000..0822c566b
--- /dev/null
+++ b/docshell/test/file_bug637644_2.html
@@ -0,0 +1 @@
+<script>window.onload = function() { opener.postMessage('loaded', '*'); }</script><body></body>
diff --git a/docshell/test/mochitest.ini b/docshell/test/mochitest.ini
index 2298bed74..d2e378928 100644
--- a/docshell/test/mochitest.ini
+++ b/docshell/test/mochitest.ini
@@ -21,9 +21,13 @@ support-files =
file_bug540462.html
file_bug580069_1.html
file_bug580069_2.sjs
+ file_bug598895_1.html
+ file_bug598895_2.html
file_bug590573_1.html
file_bug590573_2.html
file_bug634834.html
+ file_bug637644_1.html
+ file_bug637644_2.html
file_bug640387.html
file_bug653741.html
file_bug660404
diff --git a/docshell/test/navigation/NavigationUtils.js b/docshell/test/navigation/NavigationUtils.js
index c90ea74d5..72bea7dde 100644
--- a/docshell/test/navigation/NavigationUtils.js
+++ b/docshell/test/navigation/NavigationUtils.js
@@ -9,10 +9,10 @@
///////////////////////////////////////////////////////////////////////////
var body = "This frame was navigated.";
-var target_url = "data:text/html,<html><body>" + body + "</body></html>";
+var target_url = "navigation_target_url.html"
var popup_body = "This is a popup";
-var target_popup_url = "data:text/html,<html><body>" + popup_body + "</body></html>";
+var target_popup_url = "navigation_target_popup_url.html";
///////////////////////////////////////////////////////////////////////////
// Functions that navigate frames
@@ -58,7 +58,7 @@ function navigateByHyperlink(name) {
function isNavigated(wnd, message) {
var result = null;
try {
- result = SpecialPowers.wrap(wnd).document.body.innerHTML;
+ result = SpecialPowers.wrap(wnd).document.body.innerHTML.trim();
} catch(ex) {
result = ex;
}
@@ -68,7 +68,7 @@ function isNavigated(wnd, message) {
function isBlank(wnd, message) {
var result = null;
try {
- result = wnd.document.body.innerHTML;
+ result = wnd.document.body.innerHTML.trim();
} catch(ex) {
result = ex;
}
@@ -146,7 +146,9 @@ function xpcGetFramesByName(name) {
function xpcCleanupWindows() {
xpcEnumerateContentWindows(function(win) {
- if (win.location && win.location.protocol == "data:")
+ if (win.location &&
+ (win.location.href.endsWith(target_url) ||
+ win.location.href.endsWith(target_popup_url))) {
win.close();
});
}
@@ -177,12 +179,12 @@ function xpcWaitForFinishedFrames(callback, numFrames) {
}
function searchForFinishedFrames(win) {
- if ((escape(unescape(win.location)) == escape(target_url) ||
- escape(unescape(win.location)) == escape(target_popup_url)) &&
+ if ((win.location.href.endsWith(target_url) ||
+ win.location.href.endsWith(target_popup_url)) &&
win.document &&
win.document.body &&
- (win.document.body.textContent == body ||
- win.document.body.textContent == popup_body) &&
+ (win.document.body.textContent.trim() == body ||
+ win.document.body.textContent.trim() == popup_body) &&
win.document.readyState == "complete") {
var util = win.QueryInterface(SpecialPowers.Ci.nsIInterfaceRequestor)
diff --git a/docshell/test/navigation/file_scrollRestoration.html b/docshell/test/navigation/file_scrollRestoration.html
index 92e43d7fb..766949d13 100644
--- a/docshell/test/navigation/file_scrollRestoration.html
+++ b/docshell/test/navigation/file_scrollRestoration.html
@@ -40,7 +40,7 @@
document.getElementById("bottom").scrollIntoView();
window.onunload = null; // Should get bfcache behavior.
opener.setTimeout("testWindow.history.back();", 250);
- window.location.href = 'data:text/html,';
+ window.location.href = 'about:blank';
break;
}
case 4: {
@@ -57,7 +57,7 @@
opener.is(history.scrollRestoration, "manual", "Should have the same scrollRestoration mode as before fragment navigation.");
window.onunload = function() {} // Disable bfcache.
opener.setTimeout("is(testWindow.history.scrollRestoration, 'auto'); testWindow.history.back();", 250);
- window.location.href = 'data:text/html,';
+ window.location.href = 'about:blank';
break;
}
case 6: {
diff --git a/docshell/test/navigation/mochitest.ini b/docshell/test/navigation/mochitest.ini
index 764e400a8..1b5f33c7f 100644
--- a/docshell/test/navigation/mochitest.ini
+++ b/docshell/test/navigation/mochitest.ini
@@ -1,6 +1,8 @@
[DEFAULT]
support-files =
NavigationUtils.js
+ navigation_target_url.html
+ navigation_target_popup_url.html
blank.html
file_bug462076_1.html
file_bug462076_2.html
diff --git a/docshell/test/navigation/navigation_target_popup_url.html b/docshell/test/navigation/navigation_target_popup_url.html
new file mode 100644
index 000000000..cfe6de009
--- /dev/null
+++ b/docshell/test/navigation/navigation_target_popup_url.html
@@ -0,0 +1 @@
+<html><body>This is a popup</body></html>
diff --git a/docshell/test/navigation/navigation_target_url.html b/docshell/test/navigation/navigation_target_url.html
new file mode 100644
index 000000000..a485e8133
--- /dev/null
+++ b/docshell/test/navigation/navigation_target_url.html
@@ -0,0 +1 @@
+<html><body>This frame was navigated.</body></html>
diff --git a/docshell/test/navigation/open.html b/docshell/test/navigation/open.html
index 1bb70f865..97eb9b76e 100644
--- a/docshell/test/navigation/open.html
+++ b/docshell/test/navigation/open.html
@@ -3,7 +3,7 @@
<script>
var target = window.location.hash.substring(1);
document.write("target=" + target);
-window.open("data:text/html,<html><body>This is a popup</body></html>", target, "width=10,height=10");
+window.open("navigation_target_popup_url.html", target, "width=10,height=10");
</script>
</body>
</html>
diff --git a/docshell/test/navigation/test_triggeringprincipal_window_open.html b/docshell/test/navigation/test_triggeringprincipal_window_open.html
index d5d7f210b..dbee21777 100644
--- a/docshell/test/navigation/test_triggeringprincipal_window_open.html
+++ b/docshell/test/navigation/test_triggeringprincipal_window_open.html
@@ -13,8 +13,7 @@
/* We call window.open() using different URIs and make sure the triggeringPrincipal
* loadingPrincipal are correct.
* Test1: window.open(http:)
- * Test2: window.open(data:)
- * Test3: window.open(javascript:)
+ * Test2: window.open(javascript:)
*/
const TRIGGERING_PRINCIPAL_URI =
@@ -22,7 +21,7 @@ const TRIGGERING_PRINCIPAL_URI =
SimpleTest.waitForExplicitFinish();
-const NUM_TESTS = 3;
+const NUM_TESTS = 2;
var test_counter = 0;
function checkFinish() {
@@ -54,28 +53,7 @@ httpWin.onload = function() {
}
// ----------------------------------------------------------------------------
-// Test 2: window.open(data:)
-var dataWin = window.open("data:text/html,<html><body>data</body></html>", "_blank", "width=10,height=10");
-dataWin.onload = function() {
- var dataChannel = SpecialPowers.wrap(dataWin.document).docShell.currentDocumentChannel;
- var dataTriggeringPrincipal = dataChannel.loadInfo.triggeringPrincipal.URI.asciiSpec;
- var dataLoadingPrincipal = dataChannel.loadInfo.loadingPrincipal;
-
- is(dataTriggeringPrincipal, TRIGGERING_PRINCIPAL_URI,
- "TriggeringPrincipal for window.open(data:) should be the principal of the document");
-
- is(dataWin.document.referrer, "",
- "Referrer for window.open(data:) should be empty");
-
- is(dataLoadingPrincipal, null,
- "LoadingPrincipal for window.open(data:) should be null");
-
- dataWin.close();
- checkFinish();
-}
-
-// ----------------------------------------------------------------------------
-// Test 3: window.open(javascript:)
+// Test 2: window.open(javascript:)
var jsWin = window.open("javascript:'<html><body>js</body></html>';", "_blank", "width=10,height=10");
jsWin.onload = function() {
var jsChannel = SpecialPowers.wrap(jsWin.document).docShell.currentDocumentChannel;
diff --git a/docshell/test/test_bug598895.html b/docshell/test/test_bug598895.html
index 52b9537be..5cc74e42c 100644
--- a/docshell/test/test_bug598895.html
+++ b/docshell/test/test_bug598895.html
@@ -43,9 +43,8 @@ window.onmessage = function (ev) {
}
}
-var win2 = window.open("data:text/html,<script>window.onload = function() { opener.postMessage('loaded', '*'); }</" + "script><body>Should show</body>");
-
-var win3 = window.open("data:text/html,<script>window.onload = function() { opener.postMessage('loaded', '*'); }</" + "script><body></body>");
+var win2 = window.open("file_bug598895_1.html");
+var win3 = window.open("file_bug598895_2.html");
});
</script>
</pre>
diff --git a/docshell/test/test_bug637644.html b/docshell/test/test_bug637644.html
index d172ada4a..4192fae22 100644
--- a/docshell/test/test_bug637644.html
+++ b/docshell/test/test_bug637644.html
@@ -43,9 +43,8 @@ window.onmessage = function (ev) {
}
}
-var win2 = window.open("data:text/html,<script>window.onload = function() { opener.postMessage('loaded', '*'); }</" + "script><body>Should show</body>", "", "height=500,width=500");
-
-var win3 = window.open("data:text/html,<script>window.onload = function() { opener.postMessage('loaded', '*'); }</" + "script><body></body>", "", "height=500,width=500");
+var win2 = window.open("file_bug637644_1.html", "", "height=500,width=500");
+var win3 = window.open("file_bug637644_2.html", "", "height=500,width=500");
});
</script>
</pre>