test_cross_origin_iframe.html (10839B)
1 <!-- 2 Any copyright is dedicated to the Public Domain. 3 http://creativecommons.org/publicdomain/zero/1.0/ 4 --> 5 <!DOCTYPE HTML> 6 <html> 7 8 <head> 9 <meta charset="utf-8"> 10 <title>Test for Permissions API</title> 11 <script src="/tests/SimpleTest/SimpleTest.js"></script> 12 <link rel="stylesheet" href="/tests/SimpleTest/test.css"> 13 </head> 14 15 <body> 16 <pre id="test"></pre> 17 <script type="application/javascript"> 18 /*globals SpecialPowers, SimpleTest, is, ok, */ 19 'use strict'; 20 21 function setPermission(type, allow) { 22 return new Promise(resolve => { 23 SpecialPowers.popPermissions(() => { 24 SpecialPowers.pushPermissions( 25 [{ type, allow, context: document }], 26 resolve 27 ); 28 }); 29 }); 30 } 31 32 function checkPermission(aIFrame, aExpectedState, aName) { 33 return SpecialPowers.spawn( 34 aIFrame, 35 [{name: aName, expectedState: aExpectedState}], 36 async aInput => { 37 try { 38 let result = await content.navigator 39 .permissions 40 .query({ name: aInput.name }); 41 is( 42 SpecialPowers.wrap(result).state, 43 aInput.expectedState, 44 `correct state for '${aInput.name}'` 45 ); 46 } catch (e) { 47 ok(false, `query should not have rejected for '${aInput.name}'`) 48 } 49 } 50 ); 51 } 52 53 function createIframe(aId, aAllow) { 54 return new Promise((resolve) => { 55 const iframe = document.createElement('iframe'); 56 iframe.id = aId; 57 iframe.src = 'https://example.org/tests/dom/permission/tests/file_empty.html'; 58 if (aAllow) { 59 iframe.allow = aAllow; 60 } 61 iframe.onload = () => resolve(iframe); 62 document.body.appendChild(iframe); 63 }); 64 } 65 66 function removeIframe(aId) { 67 return new Promise((resolve) => { 68 document.body.removeChild(document.getElementById(aId)); 69 resolve(); 70 }); 71 } 72 73 const { 74 UNKNOWN_ACTION, 75 PROMPT_ACTION, 76 ALLOW_ACTION, 77 DENY_ACTION 78 } = SpecialPowers.Ci.nsIPermissionManager; 79 80 const tests = [ 81 { 82 id: 'query navigation top unknown', 83 top: UNKNOWN_ACTION, 84 name: 'geolocation', 85 type: 'geo', 86 expected: 'denied', 87 }, 88 { 89 id: 'query notifications top unknown', 90 top: UNKNOWN_ACTION, 91 name: 'notifications', 92 type: 'desktop-notification', 93 expected: 'denied', 94 }, 95 { 96 id: 'query push top unknown', 97 top: UNKNOWN_ACTION, 98 name: 'push', 99 type: 'desktop-notification', 100 expected: 'denied', 101 }, 102 { 103 id: 'query persistent-storage unknown', 104 top: UNKNOWN_ACTION, 105 name: 'persistent-storage', 106 type: 'persistent-storage', 107 expected: 'denied', 108 }, 109 { 110 id: 'query storage-access unknown', 111 top: UNKNOWN_ACTION, 112 name: 'storage-access', 113 type: '3rdPartyFrameStorage^https://example.org', 114 expected: 'prompt', 115 }, 116 { 117 id: 'query camera top unknown', 118 top: UNKNOWN_ACTION, 119 name: 'camera', 120 type: 'camera', 121 expected: 'denied', 122 }, 123 { 124 id: 'query microphone top unknown', 125 top: UNKNOWN_ACTION, 126 name: 'microphone', 127 type: 'microphone', 128 expected: 'denied', 129 }, 130 { 131 id: 'query navigation top prompt', 132 top: PROMPT_ACTION, 133 name: 'geolocation', 134 type: 'geo', 135 expected: 'denied', 136 }, 137 { 138 id: 'query notifications top prompt', 139 top: PROMPT_ACTION, 140 name: 'notifications', 141 type: 'desktop-notification', 142 expected: 'denied', 143 }, 144 { 145 id: 'query push top prompt', 146 top: PROMPT_ACTION, 147 name: 'push', 148 type: 'desktop-notification', 149 expected: 'denied', 150 }, 151 { 152 id: 'query persistent-storage top prompt', 153 top: PROMPT_ACTION, 154 name: 'persistent-storage', 155 type: 'persistent-storage', 156 expected: 'denied', 157 }, 158 { 159 id: 'query storage-access top prompt', 160 top: PROMPT_ACTION, 161 name: 'storage-access', 162 type: '3rdPartyFrameStorage^https://example.org', 163 expected: 'prompt', 164 }, 165 { 166 id: 'query camera top prompt', 167 top: PROMPT_ACTION, 168 name: 'camera', 169 type: 'camera', 170 expected: 'denied', 171 }, 172 { 173 id: 'query microphone top prompt', 174 top: PROMPT_ACTION, 175 name: 'microphone', 176 type: 'microphone', 177 expected: 'denied', 178 }, 179 { 180 id: 'query navigation top denied', 181 top: DENY_ACTION, 182 name: 'geolocation', 183 type: 'geo', 184 expected: 'denied', 185 }, 186 { 187 id: 'query notifications top denied', 188 top: DENY_ACTION, 189 name: 'notifications', 190 type: 'desktop-notification', 191 expected: 'denied', 192 }, 193 { 194 id: 'query push top denied', 195 top: DENY_ACTION, 196 name: 'push', 197 type: 'desktop-notification', 198 expected: 'denied', 199 }, 200 { 201 id: 'query persistent-storage top denied', 202 top: DENY_ACTION, 203 name: 'persistent-storage', 204 type: 'persistent-storage', 205 expected: 'denied', 206 }, 207 { 208 id: 'query storage-access top denied', 209 top: DENY_ACTION, 210 name: 'storage-access', 211 type: '3rdPartyFrameStorage^https://example.org', 212 expected: 'prompt', 213 }, 214 { 215 id: 'query camera top denied', 216 top: DENY_ACTION, 217 name: 'camera', 218 type: 'camera', 219 expected: 'denied', 220 }, 221 { 222 id: 'query micrphone top denied', 223 top: DENY_ACTION, 224 name: 'microphone', 225 type: 'microphone', 226 expected: 'denied', 227 }, 228 { 229 id: 'query navigation top granted', 230 top: ALLOW_ACTION, 231 name: 'geolocation', 232 type: 'geo', 233 expected: 'denied', 234 }, 235 { 236 id: 'query notifications top granted', 237 top: ALLOW_ACTION, 238 name: 'notifications', 239 type: 'desktop-notification', 240 expected: 'denied', 241 }, 242 { 243 id: 'query push top granted', 244 top: ALLOW_ACTION, 245 name: 'push', 246 type: 'desktop-notification', 247 expected: 'denied', 248 }, 249 { 250 id: 'query persistent-storage top granted', 251 top: ALLOW_ACTION, 252 name: 'persistent-storage', 253 type: 'persistent-storage', 254 expected: 'denied', 255 }, 256 { 257 id: 'query storage-access top granted', 258 top: ALLOW_ACTION, 259 name: 'storage-access', 260 type: '3rdPartyFrameStorage^https://example.org', 261 expected: 'granted', 262 }, 263 { 264 id: 'query camera top granted', 265 top: ALLOW_ACTION, 266 name: 'camera', 267 type: 'camera', 268 expected: 'denied', 269 }, 270 { 271 id: 'query microphone top granted', 272 top: ALLOW_ACTION, 273 name: 'microphone', 274 type: 'microphone', 275 expected: 'denied', 276 }, 277 { 278 id: 'query navigation top denied, iframe has allow attribute', 279 top: DENY_ACTION, 280 allow: 'geolocation', 281 name: 'geolocation', 282 type: 'geo', 283 expected: 'denied', 284 }, 285 { 286 id: 'query navigation top granted, iframe has allow attribute', 287 top: ALLOW_ACTION, 288 allow: 'geolocation', 289 name: 'geolocation', 290 type: 'geo', 291 expected: 'granted', 292 }, 293 { 294 id: 'query navigation top prompt, iframe has allow attribute', 295 top: PROMPT_ACTION, 296 allow: 'geolocation', 297 name: 'geolocation', 298 type: 'geo', 299 expected: 'prompt', 300 }, 301 { 302 id: 'query navigation top unknown, iframe has allow attribute', 303 top: UNKNOWN_ACTION, 304 allow: 'geolocation', 305 name: 'geolocation', 306 type: 'geo', 307 expected: 'prompt', 308 }, 309 { 310 id: 'query storage-access top denied, iframe has allow none attribute', 311 top: DENY_ACTION, 312 allow: "storage-access 'none'", 313 name: 'storage-access', 314 type: '3rdPartyFrameStorage^https://example.org', 315 expected: 'prompt', 316 }, 317 { 318 id: 'query storage-access top granted, iframe has allow none attribute', 319 top: ALLOW_ACTION, 320 allow: "storage-access 'none'", 321 name: 'storage-access', 322 type: '3rdPartyFrameStorage^https://example.org', 323 expected: 'prompt', 324 }, 325 { 326 id: 'query storage-access top prompt, iframe has allow none attribute', 327 top: PROMPT_ACTION, 328 allow: "storage-access 'none'", 329 name: 'storage-access', 330 type: '3rdPartyFrameStorage^https://example.org', 331 expected: 'prompt', 332 }, 333 { 334 id: 'query storage-access top unknown, iframe has allow none attribute', 335 top: UNKNOWN_ACTION, 336 allow: "storage-access 'none'", 337 name: 'storage-access', 338 type: '3rdPartyFrameStorage^https://example.org', 339 expected: 'prompt', 340 }, 341 { 342 id: 'query camera top denied, iframe has allow attribute', 343 top: DENY_ACTION, 344 allow: 'camera', 345 name: 'camera', 346 type: 'camera', 347 expected: 'denied', 348 }, 349 { 350 id: 'query camera top granted, iframe has allow attribute', 351 top: ALLOW_ACTION, 352 allow: 'camera', 353 name: 'camera', 354 type: 'camera', 355 expected: 'granted', 356 }, 357 { 358 id: 'query camera top prompt, iframe has allow attribute', 359 top: PROMPT_ACTION, 360 allow: 'camera', 361 name: 'camera', 362 type: 'camera', 363 expected: 'granted', // "Always Ask" mitigation (bug 1609427) 364 }, 365 { 366 id: 'query camera top unknown, iframe has allow attribute', 367 top: UNKNOWN_ACTION, 368 allow: 'camera', 369 name: 'camera', 370 type: 'camera', 371 expected: 'prompt', 372 }, 373 { 374 id: 'query microphone top denied, iframe has allow attribute', 375 top: DENY_ACTION, 376 allow: 'microphone', 377 name: 'microphone', 378 type: 'microphone', 379 expected: 'denied', 380 }, 381 { 382 id: 'query microphone top granted, iframe has allow attribute', 383 top: ALLOW_ACTION, 384 allow: 'microphone', 385 name: 'microphone', 386 type: 'microphone', 387 expected: 'granted', 388 }, 389 { 390 id: 'query microphone top prompt, iframe has allow attribute', 391 top: PROMPT_ACTION, 392 allow: 'microphone', 393 name: 'microphone', 394 type: 'microphone', 395 expected: 'granted', // "Always Ask" mitigation (bug 1609427) 396 }, 397 { 398 id: 'query microphone top unknown, iframe has allow attribute', 399 top: UNKNOWN_ACTION, 400 allow: 'microphone', 401 name: 'microphone', 402 type: 'microphone', 403 expected: 'prompt', 404 }, 405 ]; 406 407 SimpleTest.waitForExplicitFinish(); 408 409 async function nextTest() { 410 if (!tests.length) { 411 SimpleTest.finish(); 412 return; 413 } 414 415 let test = tests.shift(); 416 await setPermission(test.type, test.top) 417 .then(() => createIframe(test.id, test.allow)) 418 .then(iframe => checkPermission(iframe, test.expected, test.name)) 419 .then(() => removeIframe(test.id)); 420 421 SimpleTest.executeSoon(nextTest); 422 } 423 424 nextTest() 425 </script> 426 </body> 427 428 </html>