tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_evalInSandbox.xhtml (7143B)

      1 <?xml version="1.0"?>
      2 <?xml-stylesheet href="chrome://global/skin" type="text/css"?>
      3 <?xml-stylesheet href="chrome://mochikit/content/tests/SimpleTest/test.css"
      4                 type="text/css"?>
      5 <!--
      6 https://bugzilla.mozilla.org/show_bug.cgi?id=533596
      7 -->
      8 <window title="Mozilla Bug 533596"
      9  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
     10  <script src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
     11 
     12  <!-- test results are displayed in the html:body -->
     13  <body xmlns="http://www.w3.org/1999/xhtml">
     14 
     15  <iframe src="http://example.org/tests/js/xpconnect/tests/mochitest/file_evalInSandbox.html"
     16          onload="checkCrossOrigin(this)">
     17  </iframe>
     18  <iframe src="chrome://mochitests/content/chrome/js/xpconnect/tests/chrome/file_evalInSandbox.html"
     19          onload="checkSameOrigin(this)">
     20  </iframe>
     21  </body>
     22 
     23  <!-- test code goes here -->
     24  <script type="application/javascript"><![CDATA[
     25      const utils = window.windowUtils;
     26 
     27      function checkCrossOriginSandbox(sandbox)
     28      {
     29          is(utils.getClassName(sandbox),
     30             "Proxy",
     31             "sandbox was wrapped correctly");
     32 
     33          is(utils.getClassName(Cu.evalInSandbox("this.document", sandbox)),
     34             "Proxy",
     35             "return value was rewrapped correctly");
     36      }
     37 
     38      function checkCrossOriginXrayedSandbox(sandbox)
     39      {
     40        ok(Cu.evalInSandbox("!('windowfoo' in window);", sandbox),
     41           "the window itself Xray is an XrayWrapper");
     42        ok(Cu.evalInSandbox("('wrappedJSObject' in this.document);", sandbox),
     43           "wrappers inside eIS are Xrays");
     44        ok(Cu.evalInSandbox("!('foo' in this.document);", sandbox),
     45           "must not see expandos");
     46        ok('wrappedJSObject' in Cu.evalInSandbox("this.document", sandbox),
     47           "wrappers returned from the sandbox are Xrays");
     48        ok(!("foo" in Cu.evalInSandbox("this.document", sandbox)),
     49           "must not see expandos in wrappers returned from the sandbox");
     50 
     51        ok('wrappedJSObject' in sandbox.document,
     52           "values obtained from the sandbox are Xrays");
     53        ok(!("foo" in sandbox.document),
     54           "must not see expandos in wrappers obtained from the sandbox");
     55 
     56      }
     57 
     58      function checkCrossOrigin(ifr) {
     59        var win = ifr.contentWindow;
     60        var sandbox =
     61          new Cu.Sandbox(win, { sandboxPrototype: win, wantXrays: true } );
     62 
     63        checkCrossOriginSandbox(sandbox);
     64        checkCrossOriginXrayedSandbox(sandbox);
     65 
     66        sandbox =
     67          new Cu.Sandbox(win, { sandboxPrototype: win } );
     68 
     69        checkCrossOriginSandbox(sandbox);
     70        checkCrossOriginXrayedSandbox(sandbox);
     71 
     72        sandbox =
     73          new Cu.Sandbox(win, { sandboxPrototype: win, wantXrays: false } );
     74 
     75        checkCrossOriginSandbox(sandbox);
     76 
     77        ok(Cu.evalInSandbox("('foo' in this.document);", sandbox),
     78           "can see expandos");
     79        ok(!("foo" in Cu.evalInSandbox("this.document", sandbox)),
     80           "must not see expandos in wrappers returned from the sandbox");
     81        ok(("foo" in Cu.waiveXrays(Cu.evalInSandbox("this.document", sandbox))),
     82           "must see expandos in waived wrappers returned from the sandbox");
     83 
     84        ok(!("foo" in sandbox.document),
     85           "must not see expandos in wrappers obtained from the sandbox");
     86        ok("foo" in Cu.waiveXrays(sandbox.document),
     87           "must see expandos in wrappers obtained from the sandbox");
     88 
     89        testDone();
     90      }
     91 
     92      function checkSameOrigin(ifr) {
     93        var win = ifr.contentWindow;
     94        var sandbox =
     95          new Cu.Sandbox(win, { sandboxPrototype: win, wantXrays: true } );
     96 
     97        ok(Cu.evalInSandbox("('foo' in this.document);", sandbox),
     98           "must see expandos for a chrome sandbox");
     99 
    100        sandbox =
    101          new Cu.Sandbox(win, { sandboxPrototype: win } );
    102 
    103        ok(Cu.evalInSandbox("('foo' in this.document);", sandbox),
    104           "must see expandos for a chrome sandbox");
    105 
    106        sandbox =
    107          new Cu.Sandbox(win, { sandboxPrototype: win, wantXrays: false } );
    108 
    109        ok(Cu.evalInSandbox("('foo' in this.document);", sandbox),
    110           "can see expandos for a chrome sandbox");
    111 
    112        testDone();
    113      }
    114 
    115      var testsRun = 0;
    116      function testDone() {
    117        if (++testsRun == 2)
    118          SimpleTest.finish();
    119      }
    120 
    121      SimpleTest.waitForExplicitFinish();
    122 
    123      try {
    124        var sandbox1 = new Cu.Sandbox(this, { sandboxPrototype: undefined } );
    125        ok(false, "undefined is not a valid prototype");
    126      }
    127      catch (e) {
    128        ok(true, "undefined is not a valid prototype");
    129      }
    130 
    131      try {
    132        var sandbox2 = new Cu.Sandbox(this, { wantXrays: undefined } );
    133        ok(false, "undefined is not a valid value for wantXrays");
    134      }
    135      catch (e) {
    136        ok(true, "undefined is not a valid value for wantXrays");
    137      }
    138 
    139      // Crash test for bug 601829.
    140      try {
    141        Cu.evalInSandbox('', null);
    142      } catch (e) {
    143        ok(true, "didn't crash on a null sandbox object");
    144      }
    145 
    146      try {
    147        var sandbox3 = new Cu.Sandbox(this, { sameZoneAs: this } );
    148        ok(true, "sameZoneAs works");
    149      }
    150      catch (e) {
    151        ok(false, "sameZoneAs works");
    152      }
    153 
    154      // The 'let' keyword only appears with JS 1.7 and above. We use this fact
    155      // to make sure that sandboxes get explict JS versions and don't inherit
    156      // them from the most recent scripted frame.
    157      function checkExplicitVersions() {
    158        // eslint-disable-next-line no-undef
    159        var sb = new Cu.Sandbox(sop);
    160        Cu.evalInSandbox('let someVariable = 42', sb, '1.7');
    161        ok(true, "Didn't throw with let");
    162        try {
    163          Cu.evalInSandbox('let someVariable = 42', sb);
    164          ok(false, "Should have thrown with let");
    165        } catch (e) {
    166          ok(true, "Threw with let: " + e);
    167        }
    168        try {
    169          Cu.evalInSandbox('let someVariable = 42', sb, '1.5');
    170          ok(false, "Should have thrown with let");
    171        } catch (e) {
    172          ok(true, "Threw with let: " + e);
    173        }
    174      }
    175      var outerSB = new Cu.Sandbox(this);
    176      Cu.evalInSandbox(checkExplicitVersions.toSource(), outerSB, '1.7');
    177      outerSB.ok = ok;
    178      outerSB.sop = this;
    179      Cu.evalInSandbox('checkExplicitVersions();', outerSB);
    180 
    181      const {addDebuggerToGlobal} = ChromeUtils.importESModule("resource://gre/modules/jsdebugger.sys.mjs");
    182      addDebuggerToGlobal(globalThis);
    183 
    184      try {
    185        let dbg = new Debugger();
    186        let sandbox = new Cu.Sandbox(this, {
    187          invisibleToDebugger: false,
    188          freshCompartment: true,
    189        });
    190        dbg.addDebuggee(sandbox);
    191        ok(true, "debugger added visible value");
    192      } catch(e) {
    193        ok(false, "debugger could not add visible value");
    194      }
    195 
    196      try {
    197        let dbg = new Debugger();
    198        let sandbox = new Cu.Sandbox(this, { invisibleToDebugger: true });
    199        dbg.addDebuggee(sandbox);
    200        ok(false, "debugger added invisible value");
    201      } catch(e) {
    202        ok(true, "debugger did not add invisible value");
    203      }
    204  ]]></script>
    205 </window>