Bug 1582520: Part 5 - Test that named subframe properties are accessible in cross-origin-objects.html. r=bzbarsky
authorKris Maglione <maglione.k@gmail.com>
Wed, 25 Sep 2019 17:50:06 +0000
changeset 494946 1dd5a2e26f9d6ff97001d414656f237c03e6845b
parent 494945 2c2c0d216a2f218c726cb112cbd40c8b11a916e2
child 494947 22fe5053450804fb4c09ef372e4bf2d176c1a2b0
push id114131
push userdluca@mozilla.com
push dateThu, 26 Sep 2019 09:47:34 +0000
treeherdermozilla-inbound@1dc1a755079a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbzbarsky
bugs1582520
milestone71.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1582520: Part 5 - Test that named subframe properties are accessible in cross-origin-objects.html. r=bzbarsky Differential Revision: https://phabricator.services.mozilla.com/D46867
testing/web-platform/tests/html/browsers/origin/cross-origin-objects/cross-origin-objects.html
--- a/testing/web-platform/tests/html/browsers/origin/cross-origin-objects/cross-origin-objects.html
+++ b/testing/web-platform/tests/html/browsers/origin/cross-origin-objects/cross-origin-objects.html
@@ -154,16 +154,17 @@ addTest(function(win) {
  * Whitelist behavior.
  *
  * Also tests for [[GetOwnProperty]] and [[HasOwnProperty]] behavior.
  */
 
 var whitelistedSymbols = [Symbol.toStringTag, Symbol.hasInstance,
                           Symbol.isConcatSpreadable];
 var windowWhitelists = {
+  namedFrames: ['donotleakme'],
   indices: ['0', '1'],
   getters: ['location', 'window', 'frames', 'self', 'top', 'parent',
             'opener', 'closed', 'length'],
   setters: ['location'],
   methods: ['postMessage', 'close', 'blur', 'focus'],
   // These are methods which return promises and, therefore, when called with a
   // cross-origin `this` object, do not throw immediately, but instead return a
   // Promise which rejects with the same SecurityError that they would
@@ -221,16 +222,21 @@ addTest(function(win) {
       assert_throws("SecurityError", function() { Object.getOwnPropertyDescriptor(win, prop); },
                     "Should throw when accessing property descriptor for " + prop + " on Window");
       assert_throws("SecurityError", function() { Object.prototype.hasOwnProperty.call(win, prop); },
                     "Should throw when invoking hasOwnProperty for " + prop + " on Window");
     }
     if (prop != 'location')
       assert_throws("SecurityError", function() { win[prop] = undefined; }, "Should throw when writing to " + prop + " on Window");
   }
+  for (var prop of windowWhitelists.namedFrames) {
+    win[prop]; // Shouldn't throw.
+    Object.getOwnPropertyDescriptor(win, prop); // Shouldn't throw.
+    assert_true(Object.prototype.hasOwnProperty.call(win, prop), "hasOwnProperty for " + String(prop));
+  }
   for (var prop in location) {
     if (prop == 'replace') {
       win.location[prop]; // Shouldn't throw.
       Object.getOwnPropertyDescriptor(win.location, prop); // Shouldn't throw.
       assert_true(Object.prototype.hasOwnProperty.call(win.location, prop), "hasOwnProperty for " + prop);
       assert_throws("SecurityError", function() { win.location[prop] = undefined; }, "Should throw when writing to " + prop + " on Location");
     }
     else if (prop == 'href') {