1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
/* vim: set ft=javascript ts=2 et sw=2 tw=80: */
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
// Tests that warnings about ineffective iframe sandboxing are logged to the
// web console when necessary (and not otherwise).
"use strict";
requestLongerTimeout(2);
const TEST_URI_WARNING = "http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning0.html";
const TEST_URI_NOWARNING = [
"http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning1.html",
"http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning2.html",
"http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning3.html",
"http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning4.html",
"http://example.com/browser/devtools/client/webconsole/test/test-bug-752559-ineffective-iframe-sandbox-warning5.html"
];
const INEFFECTIVE_IFRAME_SANDBOXING_MSG = "An iframe which has both " +
"allow-scripts and allow-same-origin for its sandbox attribute can remove " +
"its sandboxing.";
const SENTINEL_MSG = "testing ineffective sandboxing message";
add_task(function* () {
yield testYesWarning();
for (let id = 0; id < TEST_URI_NOWARNING.length; id++) {
yield testNoWarning(id);
}
});
function* testYesWarning() {
yield loadTab(TEST_URI_WARNING);
let hud = yield openConsole();
ContentTask.spawn(gBrowser.selectedBrowser, SENTINEL_MSG, function* (msg) {
content.console.log(msg);
});
yield waitForMessages({
webconsole: hud,
messages: [
{
name: "Ineffective iframe sandboxing warning displayed successfully",
text: INEFFECTIVE_IFRAME_SANDBOXING_MSG,
category: CATEGORY_SECURITY,
severity: SEVERITY_WARNING
},
{
text: SENTINEL_MSG,
severity: SEVERITY_LOG
}
]
});
let msgs = hud.outputNode.querySelectorAll(".message[category=security]");
is(msgs.length, 1, "one security message");
}
function* testNoWarning(id) {
yield loadTab(TEST_URI_NOWARNING[id]);
let hud = yield openConsole();
ContentTask.spawn(gBrowser.selectedBrowser, SENTINEL_MSG, function* (msg) {
content.console.log(msg);
});
yield waitForMessages({
webconsole: hud,
messages: [
{
text: SENTINEL_MSG,
severity: SEVERITY_LOG
}
]
});
let msgs = hud.outputNode.querySelectorAll(".message[category=security]");
is(msgs.length, 0, "no security messages (case " + id + ")");
}
|
