diff options
Diffstat (limited to 'toolkit/components/webextensions/test/mochitest/file_permission_xhr.html')
-rw-r--r-- | toolkit/components/webextensions/test/mochitest/file_permission_xhr.html | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/toolkit/components/webextensions/test/mochitest/file_permission_xhr.html b/toolkit/components/webextensions/test/mochitest/file_permission_xhr.html new file mode 100644 index 000000000..22a55f90d --- /dev/null +++ b/toolkit/components/webextensions/test/mochitest/file_permission_xhr.html @@ -0,0 +1,55 @@ +<!DOCTYPE HTML> + +<html> +<head> +<meta charset="utf-8"> +</head> +<body> + +<script> +"use strict"; + +/* globals privilegedFetch, privilegedXHR */ +/* eslint-disable mozilla/balanced-listeners */ + +addEventListener("message", function rcv(event) { + removeEventListener("message", rcv, false); + + function assertTrue(condition, description) { + postMessage({msg: "assertTrue", condition, description}, "*"); + } + + function passListener() { + assertTrue(true, "Content XHR has no elevated privileges"); + postMessage({"msg": "finish"}, "*"); + } + + function failListener() { + assertTrue(false, "Content XHR has no elevated privileges"); + postMessage({"msg": "finish"}, "*"); + } + + try { + new privilegedXHR(); + assertTrue(false, "Content should not have access to privileged XHR constructor"); + } catch (e) { + assertTrue(/Permission denied to access object/.test(e), "Content should not have access to privileged XHR constructor"); + } + + try { + new privilegedFetch(); + assertTrue(false, "Content should not have access to privileged fetch() constructor"); + } catch (e) { + assertTrue(/Permission denied to access object/.test(e), "Content should not have access to privileged fetch() constructor"); + } + + let req = new XMLHttpRequest(); + req.addEventListener("load", failListener); + req.addEventListener("error", passListener); + req.open("GET", "http://example.org/example.txt"); + req.send(); +}, false); +</script> + +</body> +</html> |