browser_bug2004165.js (3659B)
1 /* Any copyright is dedicated to the Public Domain. 2 https://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 "use strict"; 5 6 const { TabStateFlusher } = ChromeUtils.importESModule( 7 "resource:///modules/sessionstore/TabStateFlusher.sys.mjs" 8 ); 9 10 // Go to example.com, do window.open() to obtain an initial about:blank with content principal 11 const ABOUT_BLANK_FROM_CONTENT_STATE = { 12 entries: [ 13 { 14 url: "about:blank", 15 principalToInherit_base64: '{"1":{"0":"https://example.com/"}}', 16 triggeringPrincipal_base64: '{"1":{"0":"https://example.com/"}}', 17 }, 18 ], 19 index: 1, 20 }; 21 22 // Ensure ABOUT_BLANK_FROM_CONTENT_STATE matches a tab opened from a content document 23 add_task(async function test_about_blank_tab_state_matches_fixture() { 24 const openerTab = await BrowserTestUtils.openNewForegroundTab( 25 gBrowser, 26 "https://example.com/" 27 ); 28 29 const newTabPromise = BrowserTestUtils.waitForNewTab( 30 gBrowser, 31 "about:blank", 32 true 33 ); 34 await SpecialPowers.spawn(openerTab.linkedBrowser, [], () => { 35 content.open("about:blank"); 36 }); 37 const aboutBlankTab = await newTabPromise; 38 39 await TabStateFlusher.flush(aboutBlankTab.linkedBrowser); 40 const state = JSON.parse(SessionStore.getTabState(aboutBlankTab)); 41 42 is(state.entries.length, 1, "Got one SH entry"); 43 const actualEntryFixture = { 44 url: state.entries[0].url, 45 principalToInherit_base64: state.entries[0].principalToInherit_base64, 46 triggeringPrincipal_base64: state.entries[0].triggeringPrincipal_base64, 47 }; 48 Assert.deepEqual( 49 actualEntryFixture, 50 ABOUT_BLANK_FROM_CONTENT_STATE.entries[0] 51 ); 52 53 BrowserTestUtils.removeTab(aboutBlankTab); 54 BrowserTestUtils.removeTab(openerTab); 55 }); 56 57 // Crashtest for bug 2004165 and bug 2005202 58 add_task( 59 async function test_restore_initial_about_blank_with_content_principal() { 60 // Need to restore a whole window such that that restoring the about:blank 61 // counts as the initial load and hits the synchronous path. 62 const win = await BrowserTestUtils.openNewBrowserWindow(); 63 64 // browserLoaded doesn't work reliably for a synchronous load in a different process 65 let restored = BrowserTestUtils.waitForEvent( 66 win.gBrowser.tabContainer, 67 "SSTabRestored" 68 ); 69 70 const windowState = { 71 windows: [ 72 { 73 tabs: [ABOUT_BLANK_FROM_CONTENT_STATE], 74 selected: 1, 75 }, 76 ], 77 selectedWindow: 1, 78 }; 79 SessionStore.setWindowState(win, JSON.stringify(windowState), true); 80 await restored; 81 82 ok(true, "Did not crash"); 83 84 const tab = win.gBrowser.selectedTab; 85 86 // Sanity check the restored tab 87 await SpecialPowers.spawn(tab.linkedBrowser, [], function () { 88 let principal = content.document.nodePrincipal; 89 // The crash occured in the synchronous load path, so verify it was taken. 90 // That should be equivalent to the document being initial and committed. 91 const isInitialCommitted = 92 content.document.isInitialDocument && 93 !content.document.isUncommittedInitialDocument; 94 // XXX The initial fix for bug 2004165 is to skip the sync path. So 95 // assert the opposite till a better fix is implemented. (bug 2005205) 96 Assert.ok( 97 !isInitialCommitted, 98 "about:blank was not restored as initial document" 99 ); 100 Assert.ok( 101 principal.isContentPrincipal, 102 "Restored about:blank document has a content principal" 103 ); 104 Assert.equal( 105 principal.origin, 106 "https://example.com", 107 "Restored about:blank inherits the origin from https://example.com/" 108 ); 109 }); 110 111 BrowserTestUtils.removeTab(tab); 112 } 113 );