tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

file_frameNavigation_secure_grandchild.html (2192B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <!--
      4 Tests for Mixed Content Blocker - Navigating Grandchild Frames when a secure parent exists
      5 https://bugzilla.mozilla.org/show_bug.cgi?id=840388
      6 -->
      7 <head>
      8  <meta charset="utf-8">
      9  <title>Tests for Mixed Content Frame Navigation</title>
     10 </head>
     11 <body>
     12 
     13 <iframe src="https://example.com/tests/dom/security/test/mixedcontentblocker/file_frameNavigation_innermost.html?securePage_navigate_grandchild" id="child"></iframe>
     14 <script>
     15  // For tests that require setTimeout, set the maximum polling time to 50 x 100ms = 5 seconds.
     16  var MAX_COUNT = 50;
     17  var TIMEOUT_INTERVAL = 100;
     18  var counter = 0;
     19 
     20  var child = document.getElementById("child");
     21  function navigationStatus(child)
     22  {
     23    var loc;
     24    // When the page is navigating, it goes through about:blank and we will get a permission denied for loc.
     25    // Catch that specific exception and return
     26    try {
     27      loc = document.getElementById("child").contentDocument.location;
     28    } catch(e) {
     29      if (e.message && !e.message.includes("Permission denied to access property")) {
     30        // We received an exception we didn't expect.
     31        throw e;
     32      }
     33      counter++;
     34      return;
     35    }
     36    if (loc == "http://example.com/tests/dom/security/test/mixedcontentblocker/file_frameNavigation_innermost.html?securePage_navigate_grandchild_response") {
     37      return;
     38    }
     39    if (counter < MAX_COUNT) {
     40      counter++;
     41      setTimeout(navigationStatus, TIMEOUT_INTERVAL, child);
     42    }
     43    else {
     44      // After we have called setTimeout the maximum number of times, assume navigating the iframe is blocked
     45      dump("\nThe current location of the grandchild iframe is: "+loc+".\n");
     46      dump("\nWe have past the maximum timeout.  Navigating a grandchild iframe from an https location to an http location on a secure page failed.  We are about to post message to the top level page\n");
     47      parent.parent.postMessage({"test": "securePage_navigate_grandchild", "msg": "navigating to insecure grandchild iframe blocked on secure page"}, "http://mochi.test:8888");
     48      dump("\nAttempted postMessage\n");
     49    }
     50  }
     51 
     52  setTimeout(navigationStatus, TIMEOUT_INTERVAL, child);
     53 
     54 </script>
     55 </body>
     56 </html>