browser_pdfjs_not_subject_to_csp.js (1632B)
1 "use strict"; 2 3 const TEST_PATH = getRootDirectory(gTestPath).replace( 4 "chrome://mochitests/content", 5 "https://example.com" 6 ); 7 8 add_task(async function () { 9 await BrowserTestUtils.withNewTab( 10 TEST_PATH + "file_pdfjs_not_subject_to_csp.html", 11 async function (browser) { 12 let pdfPromise = BrowserTestUtils.waitForContentEvent( 13 browser, 14 "documentloaded", 15 false, 16 null, 17 true 18 ); 19 20 await ContentTask.spawn(browser, {}, async function () { 21 let pdfButton = content.document.getElementById("pdfButton"); 22 pdfButton.click(); 23 }); 24 25 await pdfPromise; 26 27 await ContentTask.spawn(browser, {}, async function () { 28 let pdfFrame = content.document.getElementById("pdfFrame"); 29 // 1) Sanity that we have loaded the PDF using a blob 30 ok(pdfFrame.src.startsWith("blob:"), "it's a blob URL"); 31 32 // 2) Ensure that the PDF has actually loaded 33 ok( 34 pdfFrame.contentDocument.querySelector("div#viewer"), 35 "document content has viewer UI" 36 ); 37 38 // 3) Ensure we have the correct CSP attached 39 let cspJSON = pdfFrame.contentDocument.cspJSON; 40 ok(cspJSON.includes("script-src"), "found script-src directive"); 41 ok(cspJSON.includes("allowPDF"), "found script-src nonce value"); 42 }); 43 44 await SpecialPowers.spawn(browser, [], async () => { 45 const pdfFrame = content.document.getElementById("pdfFrame"); 46 const viewer = 47 pdfFrame.contentWindow.wrappedJSObject.PDFViewerApplication; 48 await viewer.testingClose(); 49 }); 50 } 51 ); 52 });