browser_466937.js (1588B)
1 /* Any copyright is dedicated to the Public Domain. 2 * http://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 "use strict"; 5 6 const URL = ROOT + "browser_466937_sample.html"; 7 8 /** 9 * Bug 466937 - Prevent file stealing with sessionstore. 10 */ 11 add_task(async function test_prevent_file_stealing() { 12 // Add a tab with some file input fields. 13 let tab = BrowserTestUtils.addTab(gBrowser, URL); 14 let browser = tab.linkedBrowser; 15 await promiseBrowserLoaded(browser); 16 17 // Generate a path to a 'secret' file. 18 let file = Services.dirsvc.get("TmpD", Ci.nsIFile); 19 file.append("466937_test.file"); 20 file.createUnique(Ci.nsIFile.NORMAL_FILE_TYPE, 0o666); 21 let testPath = file.path; 22 23 // Fill in form values. 24 await setPropertyOfFormField( 25 browser, 26 "#reverse_thief", 27 "value", 28 "/home/user/secret2" 29 ); 30 await setPropertyOfFormField(browser, "#bystander", "value", testPath); 31 32 // Duplicate and check form values. 33 let tab2 = gBrowser.duplicateTab(tab); 34 let browser2 = tab2.linkedBrowser; 35 await promiseTabRestored(tab2); 36 37 let thief = await getPropertyOfFormField(browser2, "#thief", "value"); 38 is(thief, "", "file path wasn't set to text field value"); 39 let reverse_thief = await getPropertyOfFormField( 40 browser2, 41 "#reverse_thief", 42 "value" 43 ); 44 is(reverse_thief, "", "text field value wasn't set to full file path"); 45 let bystander = await getPropertyOfFormField(browser2, "#bystander", "value"); 46 is(bystander, testPath, "normal case: file path was correctly preserved"); 47 48 // Cleanup. 49 gBrowser.removeTab(tab); 50 gBrowser.removeTab(tab2); 51 });