tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_notification_crossorigin_iframe_nested_glean.html (2868B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <!--
      4 Tests that Notification permissions are denied in cross-origin iframes.
      5 https://bugzilla.mozilla.org/show_bug.cgi?id=1560741
      6 -->
      7 <head>
      8  <title>Notification permission in cross-origin iframes</title>
      9  <script src="/tests/SimpleTest/SimpleTest.js"></script>
     10  <script src="/tests/SimpleTest/GleanTest.js"></script>
     11  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
     12 </head>
     13 <body>
     14  <p id="display"></p>
     15  <div id="content" style="display: none">
     16  </div>
     17  <pre id="test">
     18  <script class="testbody" type="text/javascript">
     19  SimpleTest.waitForExplicitFinish();
     20 
     21  const kBlankPath = "/tests/dom/notification/test/mochitest/blank.html"
     22  const kParentURL = "https://example.org" + kBlankPath;
     23  const kChildURL = "https://example.com" + kBlankPath;
     24 
     25  (async function runTest() {
     26    let iframe = document.createElement("iframe");
     27    iframe.src = kParentURL;
     28    document.body.appendChild(iframe);
     29    await new Promise(resolve => {
     30      iframe.onload = resolve;
     31    });
     32 
     33    await SpecialPowers.spawn(iframe, [kChildURL], async (childURL) => {
     34      const nested = this.content.document.createElement("iframe");
     35      nested.src = childURL;
     36      this.content.document.body.appendChild(nested);
     37      await new Promise(resolve => {
     38        nested.onload = resolve;
     39      });
     40    });
     41 
     42    await GleanTest.testResetFOG();
     43 
     44    await SpecialPowers.spawn(iframe, [], async () => {
     45      const nested = this.content.document.querySelector("iframe");
     46      await SpecialPowers.spawn(nested, [], async () => {
     47        await this.content.Notification.requestPermission();
     48      });
     49    });
     50 
     51    const requestCount = await GleanTest.webNotification.requestPermissionOrigin.nested_first_party.testGetValue();
     52    is(requestCount, 1, "Notification nested first party request permission counter should increment once.");
     53 
     54    await SpecialPowers.spawn(iframe, [], async () => {
     55      const nested = this.content.document.querySelector("iframe");
     56      await SpecialPowers.spawn(nested, [], async () => {
     57        this.content.Notification.permission;
     58      });
     59    });
     60 
     61    const permissionCount = await GleanTest.webNotification.permissionOrigin.nested_first_party.testGetValue();
     62    is(permissionCount, 1, "Notification nested first party permission read counter should increment once.");
     63 
     64    await SpecialPowers.spawn(iframe, [], async () => {
     65      const nested = this.content.document.querySelector("iframe");
     66      await SpecialPowers.spawn(nested, [], async () => {
     67        new this.content.Notification("cross origin");
     68      });
     69    });
     70 
     71    const showCount = await GleanTest.webNotification.showOrigin.nested_first_party.testGetValue();
     72    is(showCount, 1, "Notification nested first party show attempt counter should increment once.");
     73 
     74    SimpleTest.finish();
     75  })();
     76  </script>
     77  </pre>
     78 </body>
     79 </html>