From 5f8de423f190bbb79a62f804151bc24824fa32d8 Mon Sep 17 00:00:00 2001 From: "Matt A. Tobin" Date: Fri, 2 Feb 2018 04:16:08 -0500 Subject: Add m-esr52 at 52.6.0 --- .../browser_webconsole_autocomplete_and_selfxss.js | 130 +++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 devtools/client/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js (limited to 'devtools/client/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js') diff --git a/devtools/client/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js b/devtools/client/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js new file mode 100644 index 000000000..d0c6eb673 --- /dev/null +++ b/devtools/client/webconsole/test/browser_webconsole_autocomplete_and_selfxss.js @@ -0,0 +1,130 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* vim: set ft=javascript ts=2 et sw=2 tw=80: */ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +"use strict"; + +const TEST_URI = "data:text/html;charset=utf-8,

test for bug 642615"; + +XPCOMUtils.defineLazyServiceGetter(this, "clipboardHelper", + "@mozilla.org/widget/clipboardhelper;1", + "nsIClipboardHelper"); +var WebConsoleUtils = require("devtools/client/webconsole/utils").Utils; + +add_task(function* () { + yield loadTab(TEST_URI); + + let hud = yield openConsole(); + + yield consoleOpened(hud); +}); + +function consoleOpened(HUD) { + let deferred = promise.defer(); + + let jsterm = HUD.jsterm; + let stringToCopy = "foobazbarBug642615"; + + jsterm.clearOutput(); + + ok(!jsterm.completeNode.value, "no completeNode.value"); + + jsterm.setInputValue("doc"); + + let completionValue; + + // wait for key "u" + function onCompletionValue() { + completionValue = jsterm.completeNode.value; + + // Arguments: expected, setup, success, failure. + waitForClipboard( + stringToCopy, + function () { + clipboardHelper.copyString(stringToCopy); + }, + onClipboardCopy, + finishTest); + } + + function onClipboardCopy() { + testSelfXss(); + + jsterm.setInputValue("docu"); + info("wait for completion update after clipboard paste"); + updateEditUIVisibility(); + jsterm.once("autocomplete-updated", onClipboardPaste); + goDoCommand("cmd_paste"); + } + + // Self xss prevention tests (bug 994134) + function testSelfXss() { + info("Self-xss paste tests"); + WebConsoleUtils.usageCount = 0; + is(WebConsoleUtils.usageCount, 0, "Test for usage count getter"); + // Input some commands to check if usage counting is working + for (let i = 0; i <= 3; i++) { + jsterm.setInputValue(i); + jsterm.execute(); + } + is(WebConsoleUtils.usageCount, 4, "Usage count incremented"); + WebConsoleUtils.usageCount = 0; + updateEditUIVisibility(); + + let oldVal = jsterm.getInputValue(); + goDoCommand("cmd_paste"); + let notificationbox = jsterm.hud.document.getElementById("webconsole-notificationbox"); + let notification = notificationbox.getNotificationWithValue("selfxss-notification"); + ok(notification, "Self-xss notification shown"); + is(oldVal, jsterm.getInputValue(), "Paste blocked by self-xss prevention"); + + // Allow pasting + jsterm.setInputValue("allow pasting"); + let evt = document.createEvent("KeyboardEvent"); + evt.initKeyEvent("keyup", true, true, window, + 0, 0, 0, 0, + 0, " ".charCodeAt(0)); + jsterm.inputNode.dispatchEvent(evt); + jsterm.setInputValue(""); + goDoCommand("cmd_paste"); + isnot("", jsterm.getInputValue(), "Paste works"); + } + function onClipboardPaste() { + ok(!jsterm.completeNode.value, "no completion value after paste"); + + info("wait for completion update after undo"); + jsterm.once("autocomplete-updated", onCompletionValueAfterUndo); + + // Get out of the webconsole event loop. + executeSoon(() => { + goDoCommand("cmd_undo"); + }); + } + + function onCompletionValueAfterUndo() { + is(jsterm.completeNode.value, completionValue, + "same completeNode.value after undo"); + + info("wait for completion update after clipboard paste (ctrl-v)"); + jsterm.once("autocomplete-updated", () => { + ok(!jsterm.completeNode.value, + "no completion value after paste (ctrl-v)"); + + // using executeSoon() to get out of the webconsole event loop. + executeSoon(deferred.resolve); + }); + + // Get out of the webconsole event loop. + executeSoon(() => { + EventUtils.synthesizeKey("v", {accelKey: true}); + }); + } + + info("wait for completion value after typing 'docu'"); + jsterm.once("autocomplete-updated", onCompletionValue); + + EventUtils.synthesizeKey("u", {}); + + return deferred.promise; +} -- cgit v1.2.3