tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_bug845057.html (2027B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <!--
      4 https://bugzilla.mozilla.org/show_bug.cgi?id=845057
      5 -->
      6 <head>
      7  <title>Test for Bug 845057</title>
      8  <script src="/tests/SimpleTest/SimpleTest.js"></script>
      9  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
     10 </head>
     11 <body>
     12 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=845057">Mozilla Bug 845057</a>
     13 <p id="display"></p>
     14 <div id="content">
     15  <iframe id="iframe" sandbox="allow-scripts"></iframe>
     16 
     17 </div>
     18 <pre id="test">
     19 <script class="testbody" type="text/javascript">
     20  var iframe = document.getElementById("iframe"),
     21      attr = iframe.sandbox;
     22  // Security enforcement tests for iframe sandbox are in test_iframe_*
     23 
     24  function eq(a, b) {
     25    // check if two attributes are qual modulo permutation
     26    return ((a+'').split(" ").sort()+'') == ((b+'').split(" ").sort()+'');
     27  }
     28 
     29  ok(attr instanceof DOMTokenList,
     30     "Iframe sandbox attribute is instace of DOMTokenList");
     31  ok(eq(attr, "allow-scripts") &&
     32     eq(iframe.getAttribute("sandbox"), "allow-scripts"),
     33     "Stringyfied sandbox attribute is same as that of the DOM element");
     34 
     35  ok(attr.contains("allow-scripts") && !attr.contains("allow-same-origin"),
     36     "Set membership of attribute elements is ok");
     37 
     38  attr.add("allow-same-origin");
     39 
     40  ok(attr.contains("allow-scripts") && attr.contains("allow-same-origin"),
     41     "Attribute contains added atom");
     42  ok(eq(attr, "allow-scripts allow-same-origin") &&
     43     eq(iframe.getAttribute("sandbox"), "allow-scripts allow-same-origin"),
     44     "Stringyfied attribute with new atom is correct");
     45 
     46  attr.add("allow-forms");
     47  attr.remove("allow-scripts");
     48 
     49  ok(!attr.contains("allow-scripts") && attr.contains("allow-forms") &&
     50     attr.contains("allow-same-origin"),
     51     "Attribute does not contain removed atom");
     52  ok(eq(attr, "allow-forms allow-same-origin") &&
     53     eq(iframe.getAttribute("sandbox"), "allow-forms allow-same-origin"),
     54     "Stringyfied attribute with removed atom is correct");
     55 </script>
     56 </pre>
     57 </body>
     58 </html>