test_exposeInDerived.xhtml (1863B)
1 <?xml version="1.0"?> 2 <?xml-stylesheet type="text/css" href="chrome://global/skin"?> 3 <?xml-stylesheet type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?> 4 <!-- 5 https://bugzilla.mozilla.org/show_bug.cgi?id=804630 6 --> 7 <window title="Mozilla Bug 804630" 8 xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> 9 <script src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/> 10 11 <!-- test results are displayed in the html:body --> 12 <body xmlns="http://www.w3.org/1999/xhtml"> 13 <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=804630" 14 target="_blank">Mozilla Bug 804630</a> 15 </body> 16 17 <!-- test code goes here --> 18 <script type="application/javascript"> 19 <![CDATA[ 20 /** Test to make sure that COWed objects can't expose properties from their prototypes. */ 21 // Set up the sandbox. 22 var sb = new Cu.Sandbox("https://www.example.com"); 23 sb.ok = ok; 24 sb.is = is; 25 26 // Make a chrome object that tries to expose objects off its prototype. 27 sb.proto = { read: 42, readWrite: 32 }; 28 sb.obj = {}; 29 sb.obj.__proto__ = sb.proto; 30 31 // Make sure we can't access any of the properties on the prototype directly. 32 Cu.evalInSandbox('is(proto.read, undefined, "proto.read inaccessible");', sb); 33 Cu.evalInSandbox('var wrote = false; ' + 34 'try { proto.readWrite = 12; wrote = true; } catch(e) {} ' + 35 ' ok(!wrote, "Should not write proto property");', sb); 36 37 // Make sure we can't access the exposed properties via the derived object. 38 Cu.evalInSandbox('is(obj.read, undefined, "obj.read inaccessible");', sb); 39 Cu.evalInSandbox('is(obj.readWrite, undefined, "obj.readWrite is not readable");', sb); 40 Cu.evalInSandbox('try { obj.readWrite = 8; ok(false, "obj.readWrite is not writable"); } catch (e) {};', 41 sb); 42 43 ]]> 44 </script> 45 </window>