summaryrefslogtreecommitdiffstats
path: root/dom/security/test/mixedcontentblocker/file_frameNavigation_secure.html
blob: ea8462c391a44e2b6d2e7e18505dba414693120c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<!DOCTYPE HTML>
<html>
<!--
Tests for Mixed Content Blocker related to navigating children, grandchildren, etc
https://bugzilla.mozilla.org/show_bug.cgi?id=840388
-->
<head>
  <meta charset="utf-8">
  <title>Tests for Mixed Content Frame Navigation</title>
</head>
<body>
<div id="testContent"></div>

<script>
  var baseUrl = "https://example.com/tests/dom/security/test/mixedcontentblocker/file_frameNavigation_innermost.html";

  // For tests that require setTimeout, set the maximum polling time to 50 x 100ms = 5 seconds.
  var MAX_COUNT = 50;
  var TIMEOUT_INTERVAL = 100;

  var testContent = document.getElementById("testContent");

  // Test 1: Navigate secure iframe to insecure iframe on a secure page
  var iframe_test1 = document.createElement("iframe");
  var counter_test1 = 0;
  iframe_test1.setAttribute("id", "test1");
  iframe_test1.src = baseUrl + "?securePage_navigate_child";
  iframe_test1.onerror = function() {
    parent.postMessage({"test": "securePage_navigate_child", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");
  };
  testContent.appendChild(iframe_test1);

  function navigationStatus(iframe_test1)
  {
    // When the page is navigating, it goes through about:blank and we will get a permission denied for loc.
    // Catch that specific exception and return
    try {
      var loc = document.getElementById("test1").contentDocument.location;
    } catch(e) {
      if (e.name === "SecurityError") {
        // We received an exception we didn't expect.
        throw e;
      }
      counter_test1++;
      return;
    }
    if (loc == "http://example.com/tests/dom/security/test/mixedcontentblocker/file_frameNavigation_innermost.html?insecurePage_navigate_child_response") {
      return;
    } else {
      if(counter_test1 < MAX_COUNT) {
        counter_test1++;
        setTimeout(navigationStatus, TIMEOUT_INTERVAL, iframe_test1);
      }
      else {
        // After we have called setTimeout the maximum number of times, assume navigating the iframe is blocked
        parent.postMessage({"test": "securePage_navigate_child", "msg": "navigating to insecure iframe blocked on secure page"}, "http://mochi.test:8888");
      }
    }
  }

  setTimeout(navigationStatus, TIMEOUT_INTERVAL, iframe_test1);

  // Test 2: Open an http page in a new tab from a link click with target=_blank.
  var iframe_test3 = document.createElement("iframe");
  iframe_test3.src = "https://example.com/tests/dom/security/test/mixedcontentblocker/file_frameNavigation_blankTarget.html";
  iframe_test3.onerror = function() {
    parent.postMessage({"test": "blankTarget", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");
  };
  testContent.appendChild(iframe_test3);

</script>
</body>
</html>