Commit f202ae67 authored by Emma Zuehlcke's avatar Emma Zuehlcke
Browse files

Bug 1772290 - tests, r=smaug 

Depends on D146914

Differential Revision: https://phabricator.services.mozilla.com/D146915
parent ad69671d

docshell/test/browser/browser.ini

+4 −0
Original line number Diff line number Diff line
@@ -141,6 +141,10 @@ skip-if = verify 
[browser_bug852909.js]

skip-if = (verify && debug && (os == 'win'))

[browser_bug92473.js]

[browser_csp_sandbox_no_script_js_uri.js]

support-files =

  file_csp_sandbox_no_script_js_uri.html

  file_csp_sandbox_no_script_js_uri.html^headers^

[browser_data_load_inherit_csp.js]

[browser_dataURI_unique_opaque_origin.js]

[browser_fission_maxOrigins.js]

docshell/test/browser/browser_csp_sandbox_no_script_js_uri.js

0 → 100644
+55 −0
Original line number Diff line number Diff line 
/* Any copyright is dedicated to the Public Domain.

   http://creativecommons.org/publicdomain/zero/1.0/ */



"use strict";



const TEST_PATH = getRootDirectory(gTestPath).replace(

  "chrome://mochitests/content",

  "https://example.com"

);



/**

 * Test that javascript URIs in CSP-sandboxed contexts can't be used to bypass

 * script restrictions.

 */

add_task(async function test_csp_sandbox_no_script_js_uri() {

  await BrowserTestUtils.withNewTab(

    TEST_PATH + "dummy_page.html",

    async browser => {

      info("Register observer and wait for javascript-uri-blocked message.");

      let observerPromise = SpecialPowers.spawn(browser, [], () => {

        return new Promise(resolve => {

          SpecialPowers.addObserver(function obs(subject) {

            ok(

              subject == content,

              "Should block script spawned via javascript uri"

            );

            SpecialPowers.removeObserver(

              obs,

              "javascript-uri-blocked-by-sandbox"

            );

            resolve();

          }, "javascript-uri-blocked-by-sandbox");

        });

      });



      info("Spawn csp-sandboxed iframe with javascript URI");

      let frameBC = await SpecialPowers.spawn(

        browser,

        [TEST_PATH + "file_csp_sandbox_no_script_js_uri.html"],

        async url => {

          let frame = content.document.createElement("iframe");

          let loadPromise = ContentTaskUtils.waitForEvent(frame, "load", true);

          frame.src = url;

          content.document.body.appendChild(frame);

          await loadPromise;

          return frame.browsingContext;

        }

      );



      info("Click javascript URI link in iframe");

      BrowserTestUtils.synthesizeMouseAtCenter("a", {}, frameBC);

      await observerPromise;

    }

  );

});

docshell/test/browser/file_csp_sandbox_no_script_js_uri.html

0 → 100644
+11 −0
Original line number Diff line number Diff line 
<!DOCTYPE HTML>

<html>

<head>

<meta charset="utf-8">

<title>Test Javascript URI with no script</title>

</head>

<body>

<noscript>no scripts allowed here</noscript>

<a href="javascript:alert(`origin=${origin} location=${location}`)" target="_parent">click me</a>

</body>

</html>

docshell/test/browser/file_csp_sandbox_no_script_js_uri.html^headers^

0 → 100644
+1 −0
Original line number Diff line number Diff line 
Content-Security-Policy: sandbox allow-same-origin allow-top-navigation;