diff options
Diffstat (limited to 'devtools/client/webconsole/test/browser_webconsole_bug_752559_ineffective_iframe_sandbox_warning.js')
| -rw-r--r-- | devtools/client/webconsole/test/browser_webconsole_bug_752559_ineffective_iframe_sandbox_warning.js | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/devtools/client/webconsole/test/browser_webconsole_bug_752559_ineffective_iframe_sandbox_warning.js b/devtools/client/webconsole/test/browser_webconsole_bug_752559_ineffective_iframe_sandbox_warning.js new file mode 100644 index 000000000..85b99a79a --- /dev/null +++ b/devtools/client/webconsole/test/browser_webconsole_bug_752559_ineffective_iframe_sandbox_warning.js @@ -0,0 +1,83 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ft=javascript ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +// Tests that warnings about ineffective iframe sandboxing are logged to the +// web console when necessary (and not otherwise). + +"use strict"; + +requestLongerTimeout(2); + +const TEST_URI_WARNING = "http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning0.html"; +const TEST_URI_NOWARNING = [ + "http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning1.html", + "http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning2.html", + "http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning3.html", + "http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning4.html", + "http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning5.html" +]; + +const INEFFECTIVE_IFRAME_SANDBOXING_MSG = "An iframe which has both " + + "allow-scripts and allow-same-origin for its sandbox attribute can remove " + + "its sandboxing."; +const SENTINEL_MSG = "testing ineffective sandboxing message"; + +add_task(function* () { + yield testYesWarning(); + + for (let id = 0; id < TEST_URI_NOWARNING.length; id++) { + yield testNoWarning(id); + } +}); + +function* testYesWarning() { + yield loadTab(TEST_URI_WARNING); + let hud = yield openConsole(); + + ContentTask.spawn(gBrowser.selectedBrowser, SENTINEL_MSG, function* (msg) { + content.console.log(msg); + }); + + yield waitForMessages({ + webconsole: hud, + messages: [ + { + name: "Ineffective iframe sandboxing warning displayed successfully", + text: INEFFECTIVE_IFRAME_SANDBOXING_MSG, + category: CATEGORY_SECURITY, + severity: SEVERITY_WARNING + }, + { + text: SENTINEL_MSG, + severity: SEVERITY_LOG + } + ] + }); + + let msgs = hud.outputNode.querySelectorAll(".message[category=security]"); + is(msgs.length, 1, "one security message"); +} + +function* testNoWarning(id) { + yield loadTab(TEST_URI_NOWARNING[id]); + let hud = yield openConsole(); + + ContentTask.spawn(gBrowser.selectedBrowser, SENTINEL_MSG, function* (msg) { + content.console.log(msg); + }); + + yield waitForMessages({ + webconsole: hud, + messages: [ + { + text: SENTINEL_MSG, + severity: SEVERITY_LOG + } + ] + }); + + let msgs = hud.outputNode.querySelectorAll(".message[category=security]"); + is(msgs.length, 0, "no security messages (case " + id + ")"); +} |