tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_evalInWindow.xhtml (3019B)

      1 <?xml version="1.0"?>
      2 <?xml-stylesheet href="chrome://global/skin" type="text/css"?>
      3 <?xml-stylesheet href="chrome://mochikit/content/tests/SimpleTest/test.css"
      4                 type="text/css"?>
      5 <!--
      6 https://bugzilla.mozilla.org/show_bug.cgi?id=877673
      7 -->
      8 <window title="Mozilla Bug 877673"
      9  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
     10  <script src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
     11 
     12  <!-- test results are displayed in the html:body -->
     13  <body xmlns="http://www.w3.org/1999/xhtml">
     14  </body>
     15 
     16  <!-- test code goes here -->
     17  <script type="application/javascript"><![CDATA[
     18      SimpleTest.waitForExplicitFinish();
     19      var sb = new Cu.Sandbox("https://example.org", {wantExportHelpers: true});
     20      sb.ok = ok;
     21 
     22      function executeIn(frame, script, exceptionCb) {
     23        sb.frame = frame;
     24        sb.exceptionCb = exceptionCb;
     25        if (exceptionCb) {
     26          return Cu.evalInSandbox("try {frame.eval('" + script + "'); ok(false, 'Exception should have been thrown.')} catch(e) {exceptionCb(e)}", sb);
     27        }
     28 
     29        return Cu.evalInSandbox("frame.eval('" + script + "')", sb);
     30      }
     31 
     32      function testSameOrigin(frame) {
     33        frame.contentWindow.document.wrappedJSObject.str = "foobar";
     34        is(executeIn(frame.contentWindow, "document.str"), "foobar",
     35           "Same origin string property access.");
     36 
     37        executeIn(frame.contentWindow, 'document.obj = {prop: "foobar"}');
     38        is((executeIn(frame.contentWindow, "document.obj")).prop, "foobar",
     39           "Same origin object property access (cloning).");
     40        isnot(executeIn(frame.contentWindow, "document.obj"), frame.contentWindow.document.wrappedJSObject.obj,
     41              "Ensure cloning for js objects.");
     42        is(executeIn(frame.contentWindow, "document"), frame.contentWindow.document,
     43           "Xrayables should just pass without cloning.");
     44        is( executeIn(frame.contentWindow, "({a:{doc: document}})").a.doc, frame.contentWindow.document,
     45           "Deep cloning works.");
     46 
     47        executeIn(frame.contentWindow, "throw 42", function(e){is(e, 42,
     48                                                                  "Exception was thrown from script.")});
     49 
     50        testDone();
     51      }
     52 
     53      function testCrossOrigin(frame) {
     54        executeIn(frame.contentWindow, "var a = 42;", function(e){ok(e.toString().indexOf("Permission denied") > -1,
     55                                                                     "Executing script in a window from cross origin should throw.");});
     56        testDone();
     57      }
     58 
     59      var testsRun = 0;
     60      function testDone() {
     61        if (++testsRun == 2)
     62          SimpleTest.finish();
     63      }
     64  ]]></script>
     65  <iframe src="https://example.org/tests/js/xpconnect/tests/mochitest/file_empty.html"
     66          onload="testSameOrigin(this)">
     67  </iframe>
     68  <iframe src="http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_empty.html"
     69          onload="testCrossOrigin(this)">
     70  </iframe>
     71 </window>