browser_bug902350.js (1820B)
1 /* 2 * Mixed Content Block frame navigates for target="_top" - Test for Bug 902350 3 */ 4 5 add_task(async function mixed_content_block_for_target_top_test() { 6 const PREF_ACTIVE = "security.mixed_content.block_active_content"; 7 const httpsTestRoot = getRootDirectory(gTestPath).replace( 8 "chrome://mochitests/content", 9 "https://example.com" 10 ); 11 12 await SpecialPowers.pushPrefEnv({ set: [[PREF_ACTIVE, true]] }); 13 14 let newTab = await BrowserTestUtils.openNewForegroundTab({ 15 gBrowser, 16 waitForLoad: true, 17 }); 18 let testBrowser = newTab.linkedBrowser; 19 20 var url = httpsTestRoot + "file_bug902350.html"; 21 var frameUrl = httpsTestRoot + "file_bug902350_frame.html"; 22 let loadPromise = BrowserTestUtils.browserLoaded(testBrowser, false, url); 23 let frameLoadPromise = BrowserTestUtils.browserLoaded( 24 testBrowser, 25 true, 26 frameUrl 27 ); 28 BrowserTestUtils.startLoadingURIString(testBrowser, url); 29 await loadPromise; 30 await frameLoadPromise; 31 32 // Find the iframe and click the link in it. 33 let insecureUrl = "http://example.com/"; 34 let insecureLoadPromise = BrowserTestUtils.browserLoaded( 35 testBrowser, 36 false, 37 insecureUrl 38 ); 39 SpecialPowers.spawn(testBrowser, [], function () { 40 var frame = content.document.getElementById("testing_frame"); 41 var topTarget = frame.contentWindow.document.getElementById("topTarget"); 42 topTarget.click(); 43 }); 44 45 // Navigating to insecure domain through target='_top' should succeed. 46 await insecureLoadPromise; 47 48 // The link click should not invoke the Mixed Content Blocker. 49 let { gIdentityHandler } = testBrowser.ownerGlobal; 50 ok( 51 !gIdentityHandler._identityBox.classList.contains("mixedActiveBlocked"), 52 "Mixed Content Doorhanger did not appear when trying to navigate top" 53 ); 54 55 BrowserTestUtils.removeTab(newTab); 56 });