tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_bug380994.js (569B)

      1 /* check resource: protocol for traversal problems */
      2 
      3 "use strict";
      4 
      5 const specs = [
      6  "resource:///chrome/../plugins",
      7  "resource:///chrome%2f../plugins",
      8  "resource:///chrome/..%2fplugins",
      9  "resource:///chrome%2f%2e%2e%2fplugins",
     10  "resource:///../../../..",
     11  "resource:///..%2f..%2f..%2f..",
     12  "resource:///%2e%2e",
     13 ];
     14 
     15 function run_test() {
     16  for (var spec of specs) {
     17    var uri = Services.io.newURI(spec);
     18    if (uri.spec.includes("..")) {
     19      do_throw(
     20        "resource: traversal remains: '" + spec + "' ==> '" + uri.spec + "'"
     21      );
     22    }
     23  }
     24 }