tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_credman_iframes.html (2700B)

      1 <!DOCTYPE html>
      2 <head>
      3  <title>Credential Management: Prohibit use in cross-origin iframes</title>
      4  <script src="/tests/SimpleTest/SimpleTest.js"></script>
      5  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
      6  <meta charset=utf-8>
      7 </head>
      8 <body>
      9 <h1>Credential Management: Prohibit use in cross-origin iframes</h1>
     10 <ul>
     11  <li><a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1407789">Mozilla Bug 1407789</a></li>
     12 </ul>
     13 
     14 <div id="framediv">
     15  <h2>Same Origin Test</h2>
     16  <iframe id="frame_top"></iframe>
     17 
     18  <h2>Cross-Origin Test</h2>
     19  <iframe id="frame_bottom"></iframe>
     20 </div>
     21 
     22 <script class="testbody" type="text/javascript">
     23 "use strict";
     24 
     25 var _countCompletes = 0;
     26 var _expectedCompletes = 2; // 2 iframes
     27 
     28 var _done = new Promise((resolve) => {
     29  function handleEventMessage(event) {
     30    if ("test" in event.data) {
     31      let summary = event.data.test + ": " + event.data.msg;
     32      ok(event.data.status, summary);
     33    } else if ("done" in event.data) {
     34      _countCompletes += 1;
     35      if (_countCompletes == _expectedCompletes) {
     36        console.log("Test compeleted. Finished.");
     37        resolve();
     38      }
     39    } else {
     40      ok(false, "Unexpected message in the test harness: " + event.data);
     41    }
     42  }
     43 
     44  window.addEventListener("message", handleEventMessage);
     45 });
     46 
     47 async function addVirtualAuthenticator() {
     48  let id = await SpecialPowers.spawnChrome([], () => {
     49    let webauthnService = Cc["@mozilla.org/webauthn/service;1"].getService(
     50      Ci.nsIWebAuthnService
     51    );
     52    return webauthnService.addVirtualAuthenticator(
     53      "ctap2",
     54      "internal",
     55      true,
     56      true,
     57      true,
     58      true
     59    );
     60  });
     61 
     62  SimpleTest.registerCleanupFunction(async () => {
     63    await SpecialPowers.spawnChrome([id], (authenticatorId) => {
     64      let webauthnService = Cc["@mozilla.org/webauthn/service;1"].getService(
     65        Ci.nsIWebAuthnService
     66      );
     67      webauthnService.removeVirtualAuthenticator(authenticatorId);
     68    });
     69  });
     70 }
     71 
     72 add_task(async () => {
     73  await SpecialPowers.pushPrefEnv({"set": [["security.webauth.webauthn", true],
     74                                           ["security.webauth.webauthn_enable_softtoken", true],
     75                                           ["security.webauth.webauthn_enable_usbtoken", false]]});
     76  await addVirtualAuthenticator();
     77 });
     78 
     79 add_task(async () => {
     80  document.getElementById("frame_top").src = "https://example.com/tests/dom/credentialmanagement/tests/mochitest/frame_credman_iframes.html";
     81 
     82  document.getElementById("frame_bottom").src = "https://test1.example.com/tests/dom/credentialmanagement/tests/mochitest/frame_credman_iframes.html";
     83 
     84  await _done;
     85 });
     86 </script>
     87 </body>
     88 </html>