search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
no bug - Bumping Firefox l10n changesets r=release a=l10n-bump DONTBUILD CLOSED TREE
[gecko.git] / caps / tests / mochitest / test_bug292789.html
blobcd177dfd5be0d14ca1bcb47a783982439758dd6a
1 <!DOCTYPE HTML>
2 <html>
3 <!--
4 https://bugzilla.mozilla.org/show_bug.cgi?id=292789
5 -->
6 <head>
7 <title>Test for Bug 292789</title>
8 <script src="/tests/SimpleTest/SimpleTest.js"></script>
9 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
10 </head>
11 <body>
12 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=292789">Mozilla Bug 292789</a>
13 <p id="display"></p>
14 <div id="content" style="display: none">
15 <script src="chrome://global/content/treeUtils.js"></script>
16 <script type="application/javascript" src="chrome://mozapps/content/update/history.js"></script>
17 <script id="resjs" type="application/javascript"></script>
18 </div>
19 <pre id="test">
20 <script class="testbody" type="text/javascript">
21
22 /** Test for Bug 292789
23 *
24 * Selectively allow access to allowlisted chrome packages
25 * even for ALLOW_CHROME mechanisms (<script>, <img> etc)
26 */
27
28 /* import-globals-from ../../../toolkit/content/treeUtils.js */
29 /* import-globals-from ../../../toolkit/mozapps/update/content/history.js */
30
31 SimpleTest.waitForExplicitFinish();
32
33 let ChromeUtils = {
34 import() { return {}; },
35 };
36
37 /** <script src=""> test */
38 function testScriptSrc(aCallback) {
39 is(typeof gTreeUtils.sort, "function",
40 "content can still load <script> from chrome://global");
41
42 /** Try to find an export from history.js. We will find it if it is
43 * improperly not blocked, otherwise it will be "undefined".
44 */
45 is(typeof gUpdateHistory, "undefined",
46 "content should not be able to load <script> from chrome://mozapps");
47
48 /** make sure the last one didn't pass because someone
49 * moved history.js
50 */
51 var resjs = document.getElementById("resjs");
52 resjs.onload = scriptOnload;
53 resjs.src = "resource://gre/chrome/toolkit/content/mozapps/update/history.js";
54 document.getElementById("content").appendChild(resjs);
55
56 function scriptOnload() {
57 is(typeof gUpdateHistory.onLoad, "function",
58 "history.js has not moved unexpectedly");
59
60 // trigger the callback
61 if (aCallback)
62 aCallback();
63 }
64 }
65
66 /** <img src=""> tests */
67 var img_global = "chrome://global/skin/media/error.png";
68 var img_mozapps = "chrome://mozapps/skin/extensions/extensionGeneric.svg";
69 var res_mozapps = "resource://gre/chrome/toolkit/skin/classic/mozapps/extensions/extensionGeneric.svg";
70
71 var imgTests = [[img_global, "success"],
72 [img_mozapps, "fail"],
73 [res_mozapps, "success"]];
74
75 var curImgTest = 0;
76
77 function runImgTest() {
78 var test = imgTests[curImgTest++];
79 var callback = curImgTest == imgTests.length ? finishTest : runImgTest;
80 loadImage(test[0], test[1], callback);
81 }
82
83 function finishTest() {
84 SimpleTest.finish();
85 }
86
87 function fail(event) {
88 is("fail", event.target.expected,
89 "content should not be allowed to load " + event.target.src);
90 if (event.target.callback)
91 event.target.callback();
92 }
93
94 function success(event) {
95 is("success", event.target.expected,
96 "content should be able to load " + event.target.src);
97 if (event.target.callback)
98 event.target.callback();
99 }
100
101 function loadImage(uri, expect, callback) {
102 var img = document.createElement("img");
103 img.onerror = fail;
104 img.onload = success;
105 img.expected = expect;
106 img.callback = callback;
107 img.src = uri;
108 // document.getElementById("content").appendChild(img);
109 }
110
111 // Start off the script src test, and have it start the img tests when complete.
112 // Temporarily allow content to access all resource:// URIs.
113 SpecialPowers.pushPrefEnv({
114 set: [
115 ["security.all_resource_uri_content_accessible", true],
116 ],
117 }, () => testScriptSrc(runImgTest));
118 </script>
119 </pre>
120 </body>
121 </html>