| author | Bobby Holley <bobbyholley@gmail.com> |
| Thu, 08 Mar 2012 12:55:57 -0800 | |
| changeset 88574 | 869326012e893b9274f7d4ce429ac830fbd678bd |
| parent 88573 | b53e140ae2969619647b27215a50f93db26618ee |
| child 88575 | 1352b8b4848b1efcba97f14756a45228fd1794d6 |
| push id | 22208 |
| push user | mak77@bonardo.net |
| push date | Fri, 09 Mar 2012 12:34:50 +0000 |
| treeherder | mozilla-central@ead9016b4102 [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | Ms2ger |
| bugs | 729589 |
| milestone | 13.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/dom/tests/mochitest/general/file_frameElementWrapping.html +++ b/dom/tests/mochitest/general/file_frameElementWrapping.html @@ -1,26 +1,32 @@ <html> <script> - function check(elt, expectProxy, message) { - netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect'); - var utils = window.QueryInterface(Components.interfaces.nsIInterfaceRequestor) - .getInterface(Components.interfaces.nsIDOMWindowUtils); - var result = ((utils.getClassName(elt) === 'Proxy') === expectProxy) - ? "PASS" - : "FAIL"; + function check(elt, expectAccess, prop) { + var access = false; + try { + elt[prop]; + access = true; + } + catch (e) {} + return access === expectAccess; + } + function sendMessage(success, sameOrigin, prop) { + var result = success ? 'PASS' : 'FAIL'; + var message; + if (sameOrigin) + message = 'Can access |' + prop + '| if same origin'; + else + message = 'Cannot access |' + prop + '| if not same origin'; parent.postMessage(result + ',' + message, '*'); } - try { - // true if same origin, throws otherwise - var sameOrigin = parent.location.href !== ''; - } catch (e) { - sameOrigin = false; + var sameOrigin = location.host !== 'example.org'; + var pass = check(frameElement, sameOrigin, 'src'); + if (!pass) { + sendMessage(false, sameOrigin, 'src'); + } else { + pass = check(parent.location, sameOrigin, 'href'); + sendMessage(pass, sameOrigin, 'href'); } - - check(frameElement, !sameOrigin, - sameOrigin - ? 'no wrapper needed if same origin' - : 'wrapper needed if not same origin'); </script> </html>
--- a/dom/tests/mochitest/general/test_frameElementWrapping.html +++ b/dom/tests/mochitest/general/test_frameElementWrapping.html @@ -1,24 +1,32 @@ <!DOCTYPE HTML> <html> <head> - <title>Test for location object behaviors</title> + <title>Test for same-origin and cross-origin wrapping of frameElement</title> <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> </head> <body> <p id="display"></p> <div id="content" style="display: none"> </div> <iframe id="ifr" src="file_frameElementWrapping.html"></iframe> <pre id="test"> <script class="testbody" type="text/javascript"> +// +// This test has sort of morphed over time to become less and less useful. +// In the past, we had special security policy for frameElement, but that's +// more or less gone away with compartment/proxy wrapping. So we just go +// through the motions to make sure that, indeed, frameElement is subject +// to the same-origin policy. +// + SimpleTest.waitForExplicitFinish(); var count = 0; function runTest(result, message) { ok(result === 'PASS', message); if (++count === 2)