1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=802557
-->
<head>
<meta charset="utf-8">
<title>Test for Bug 802557</title>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
<script type="application/javascript">
/** Test for Bug 802557 **/
SimpleTest.waitForExplicitFinish();
function checkThrows(fun, desc) {
try {
fun();
ok(false, "Didn't throw when " + desc);
} catch(e) {
ok(true, "Threw when " + desc + " " + e);
ok(/denied|insecure/.exec(e), "Should be security exception");
}
}
var loadCount = 0;
function go() {
++loadCount;
window.ifr = document.getElementById('ifr');
window.iWin = ifr.contentWindow;
if (loadCount == 1) {
gLoc = iWin.location;
// Note that accessors pulled off Xrays are currently bound. This is bug 658909.
// [getter, description, locationObj, bound]
gGetters = [[ location.toString, 'toString from LW' ],
[ gLoc.toString, 'toString from XLW' ],
[ Object.__lookupGetter__.call(location, 'href'), 'href getter from LW' ],
[ Object.__lookupGetter__.call(gLoc, 'href'), 'href getter from XLW' ],
[ Object.getOwnPropertyDescriptor(location, 'href').get, 'href getter from location' ],
[ Object.getOwnPropertyDescriptor(gLoc, 'href').get, 'href getter from iWin.location' ],
[ function() { return this + ''; }, 'implicit conversion via [[DefaultValue]]', /* doMessageCheck = */ true ]];
gGetters.forEach(function(item) {
try {
is(item[0].call(location), location.toString(), 'Same-origin LW: ' + item[1]);
is(item[0].call(gLoc), gLoc.toString(), 'Same-origin XLW: ' + item[1]);
} catch (e) {
ok(false, "Threw while applying " + item[1] + " to same-origin location object: " + e);
}
});
ifr.src = "http://example.org/tests/js/xpconnect/tests/mochitest/file_empty.html";
}
else if (loadCount == 2) {
gGetters.forEach(function(item) {
checkThrows(function() { item[0].call(gLoc); },
'call()ing ' + item[1] + ' after navigation cross-origin');
});
ifr.src = 'http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_bug802557.html';
}
else if (loadCount == 3) {
gTestFunctions = ifr.contentWindow.getAllTests();
var win = ifr.contentWindow;
for (fun in gTestFunctions)
is(gTestFunctions[fun](), win.location.toString(), "allowed via " + fun);
win.location = 'http://example.org/tests/js/xpconnect/tests/mochitest/file_bug802557.html';
}
else if (loadCount == 4) {
for (fun in gTestFunctions) {
var f = gTestFunctions[fun];
checkThrows(f, "calling " + fun);
}
// Verify that URL.prototype.toString can't be applied to Location
var threw = false;
try {
URL.prototype.toString.call(location);
} catch (e) {
threw = true;
}
ok(threw,
"Should not be able to use URL.prototype.toString on a Location instance");
// Verify that URL.prototype.href getter can't be applied to Location
threw = false;
var reachedTest = false;
try {
var get = Object.getOwnPropertyDescriptor(URL.prototype, "href").get;
is(typeof(get), "function", "Should have an href getter on URL.prototype");
var reachedTest = true;
get.call(location);
} catch (e) {
threw = true;
}
ok(reachedTest,
"Should not be able to find URL.prototype.href getter");
ok(threw,
"Should not be able to use URL.prototype.href getter on a Location instance");
SimpleTest.finish();
}
}
</script>
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=802557">Mozilla Bug 802557</a>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<iframe id="ifr" onload="go();" src="file_empty.html"></iframe>
<pre id="test">
</pre>
</body>
</html>
|