tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_child_navigation_by_location.html (2986B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <!--
      4 https://bugzilla.mozilla.org/show_bug.cgi?id=785310
      5 html5 sandboxed iframe should not be able to perform top navigation with scripts allowed
      6 -->
      7 <head>
      8 <meta charset="utf-8">
      9 <title>Test for Bug 785310 - iframe sandbox child navigation by location tests</title>
     10 <script src="/tests/SimpleTest/SimpleTest.js"></script>
     11 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
     12 
     13 <script>
     14  SimpleTest.waitForExplicitFinish();
     15 
     16  var testDataUri = "file_child_navigation_by_location.html";
     17 
     18  function runScriptNavigationTest(testCase) {
     19    window.onmessage = function(event) {
     20      if (event.data != "childIframe") {
     21        ok(false, "event.data: got '" + event.data + "', expected 'childIframe'");
     22      }
     23      ok(!testCase.shouldBeBlocked, testCase.desc + " - child navigation was NOT blocked");
     24      runNextTest();
     25    };
     26    try {
     27      window.parentIframe.eval(testCase.script);
     28    } catch (e) {
     29      ok(testCase.shouldBeBlocked, testCase.desc + " - " + e.message);
     30      runNextTest();
     31    }
     32  }
     33 
     34  var testCaseIndex = -1;
     35  var testCases = [
     36    {
     37      desc: "Test 1: cross origin child location.replace should NOT be blocked",
     38      script: "window['crossOriginChildIframe'].location.replace(\"" + testDataUri + "\")",
     39      shouldBeBlocked: false,
     40    },
     41    {
     42      desc: "Test 2: cross origin child location.assign should be blocked",
     43      script: "window['crossOriginChildIframe'].location.assign(\"" + testDataUri + "\")",
     44      shouldBeBlocked: true,
     45    },
     46    {
     47      desc: "Test 3: same origin child location.assign should NOT be blocked",
     48      script: "window['sameOriginChildIframe'].location.assign(\"" + testDataUri + "\")",
     49      shouldBeBlocked: false,
     50    },
     51    {
     52      desc: "Test 4: cross origin child location.href should NOT be blocked",
     53      script: "window['crossOriginChildIframe'].location.href = \"" + testDataUri + "\"",
     54      shouldBeBlocked: false,
     55    },
     56    {
     57      desc: "Test 5: cross origin child location.hash should be blocked",
     58      script: "window['crossOriginChildIframe'].location.hash = 'wibble'",
     59      shouldBeBlocked: true,
     60    },
     61    {
     62      desc: "Test 6: same origin child location.hash should NOT be blocked",
     63      script: "window['sameOriginChildIframe'].location.hash = 'wibble'",
     64      shouldBeBlocked: false,
     65    },
     66  ];
     67 
     68  function runNextTest() {
     69    ++testCaseIndex;
     70    if (testCaseIndex == testCases.length) {
     71      SimpleTest.finish();
     72      return;
     73    }
     74 
     75    runScriptNavigationTest(testCases[testCaseIndex]);
     76  }
     77 
     78  addLoadEvent(runNextTest);
     79 </script>
     80 </head>
     81 <body>
     82 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=785310">Mozilla Bug 785310</a>
     83 <p id="display"></p>
     84 <div id="content">
     85 Tests for Bug 785310
     86 </div>
     87 
     88 <iframe name="parentIframe" sandbox="allow-scripts allow-same-origin" srcdoc="<iframe name='sameOriginChildIframe'></iframe><iframe name='crossOriginChildIframe' sandbox='allow-scripts'></iframe>"</iframe>
     89 
     90 </body>
     91 </html>