Bug 601277 - Better tests for document.domain. r=mrbkap
authorBobby Holley <bobbyholley@gmail.com>
Thu, 12 Jul 2012 10:10:15 +0200
changeset 101773 c9b038fa695625540348a5620013cdb137fddec7
parent 101772 8f3340e10d5fd1c2588fbeb9051b90e35a3bd0bf
child 101775 71fe850374d4d2ec1d68958e18d38a1ca03d8a27
push id1729
push userlsblakk@mozilla.com
push dateMon, 16 Jul 2012 20:02:43 +0000
treeherdermozilla-aurora@f4e75e148951 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmrbkap
bugs601277
milestone16.0a1
Bug 601277 - Better tests for document.domain. r=mrbkap
js/xpconnect/tests/chrome/Makefile.in
js/xpconnect/tests/chrome/test_documentdomain.xul
js/xpconnect/tests/mochitest/Makefile.in
js/xpconnect/tests/mochitest/file_documentdomain.html
--- a/js/xpconnect/tests/chrome/Makefile.in
+++ b/js/xpconnect/tests/chrome/Makefile.in
@@ -45,16 +45,17 @@ MOCHITEST_CHROME_FILES = \
 		test_weakmaps.xul \
 		test_exnstack.xul \
 		test_weakref.xul \
 		test_bug726949.xul \
 		test_expandosharing.xul \
 		file_expandosharing.jsm \
 		test_bug758563.xul \
 		test_bug760076.xul \
+		test_documentdomain.xul \
 		$(NULL)
 
 # Disabled until this test gets updated to test the new proxy based
 # wrappers.
 #		test_wrappers-2.xul \
 
 # Disabled due to apparent conservative stack scanner false positives on Linux64 debug.
 #		test_watchpoints.xul \
new file mode 100644
--- /dev/null
+++ b/js/xpconnect/tests/chrome/test_documentdomain.xul
@@ -0,0 +1,94 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/css" href="chrome://global/skin"?>
+<?xml-stylesheet type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=601277
+-->
+<window title="Mozilla Bug 601277"
+        xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+  <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/>
+
+  <!-- test results are displayed in the html:body -->
+  <body xmlns="http://www.w3.org/1999/xhtml">
+  <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=601277"
+     target="_blank">Mozilla Bug 601277</a>
+  </body>
+
+  <!-- test code goes here -->
+  <script type="application/javascript">
+  <![CDATA[
+  /** Tests for document.domain. **/
+
+  SimpleTest.waitForExplicitFinish();
+
+  // Wait for the frames to load.
+  var gFramesLoaded = 0;
+  function frameLoaded() {
+    gFramesLoaded++;
+    if (gFramesLoaded == document.getElementsByTagName('iframe').length)
+      startTest();
+  }
+
+  function startTest() {
+
+    // Grab all the content windows and waive Xray. Xray waivers only apply to
+    // chrome, so we can pass these references directly to content.
+    var win1A = document.getElementById('test1A').contentWindow.wrappedJSObject;
+    var win1B = document.getElementById('test1B').contentWindow.wrappedJSObject;
+    var win2 = document.getElementById('test2').contentWindow.wrappedJSObject;
+    var winBase = document.getElementById('base').contentWindow.wrappedJSObject;
+
+    // Check the basics.
+    ok(win1A.tryToAccess(win1B),
+       "Same-origin windows should grant access");
+    ok(!win1A.tryToAccess(win2),
+       "Cross-origin windows should not grant access");
+    ok(!win1A.tryToAccess(winBase),
+       "Subdomain windows should not receive access");
+
+    // Store references now, while test1A and test1B are same-origin.
+    win1A.storeReference(win1B);
+    win1B.storeReference(win1A);
+    ok(win1A.tryToAccessStored(), "Stored references work when same-origin");
+
+    // Set document.domain on test1A. This should grant no access, since nobody
+    // else set it.
+    win1A.setDomain('example.org');
+    ok(!win1A.tryToAccess(winBase), "base must collaborate too");
+    ok(!winBase.tryToAccess(win1A), "base must collaborate too");
+    ok(!win1A.tryToAccess(win1B), "No longer same-origin");
+    ok(!win1A.tryToAccessStored(), "No longer same-origin");
+    ok(!win1B.tryToAccess(win1A), "No longer same-origin");
+    ok(!win1B.tryToAccessStored(), "No longer same-origin");
+
+    // Set document.domain on test1B. Now we're cooking with gas.
+    win1B.setDomain('example.org');
+    ok(!win1B.tryToAccess(winBase), "base must collaborate too");
+    ok(!winBase.tryToAccess(win1B), "base must collaborate too");
+    ok(win1A.tryToAccess(win1B), "same-origin");
+    ok(win1A.tryToAccessStored(), "same-origin");
+    ok(win1B.tryToAccess(win1A), "same-origin");
+    ok(win1B.tryToAccessStored(), "same-origin");
+
+    // Explicitly collaborate with base.
+    winBase.setDomain('example.org');
+    ok(winBase.tryToAccess(win1A), "base collaborates");
+    ok(win1A.tryToAccess(winBase), "base collaborates");
+
+    // All done.
+    SimpleTest.finish();
+  }
+
+
+  ]]>
+  </script>
+
+  <iframe id="test1A" onload="frameLoaded();" type="content"
+          src="http://test1.example.org/tests/js/xpconnect/tests/mochitest/file_documentdomain.html" />
+  <iframe id="test1B" onload="frameLoaded();" type="content"
+          src="http://test1.example.org/tests/js/xpconnect/tests/mochitest/file_documentdomain.html" />
+  <iframe id="test2" onload="frameLoaded();" type="content"
+          src="http://test2.example.org/tests/js/xpconnect/tests/mochitest/file_documentdomain.html" />
+  <iframe id="base" onload="frameLoaded();" type="content"
+          src="http://example.org/tests/js/xpconnect/tests/mochitest/file_documentdomain.html" />
+</window>
--- a/js/xpconnect/tests/mochitest/Makefile.in
+++ b/js/xpconnect/tests/mochitest/Makefile.in
@@ -65,16 +65,17 @@ MOCHITEST_FILES =	bug500931_helper.html 
 		file_bug758563.html \
 		test_bug764389.html \
 		file_nodelists.html \
 		file_bug706301.html \
 		file_exnstack.html \
 		file_expandosharing.html \
 		file_bug760131.html \
 		file_empty.html \
+		file_documentdomain.html \
 		$(NULL)
 
 MOCHITEST_CHROME_FILES	= \
 		test_bug361111.xul \
 		test_bug760131.html \
 		$(NULL)
 
 ifneq ($(OS_TARGET),Android)
new file mode 100644
--- /dev/null
+++ b/js/xpconnect/tests/mochitest/file_documentdomain.html
@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script type="application/javascript">
+
+  function setDomain(domain) {
+    document.domain = domain;
+  }
+
+  function tryToAccess(otherWin) {
+    try {
+      var text = otherWin.document.getElementById('foo').innerHTML;
+      return /Better Late/.exec(text);
+    } catch (e) { return false; }
+  }
+
+  var gRef = null;
+  function storeReference(otherWin) {
+    gRef = otherWin.document.getElementById('foo');
+  }
+
+  function tryToAccessStored() {
+    try {
+      return /Better Late/.exec(gRef.innerHTML);
+    } catch (e) { return false; }
+  }
+
+
+</script>
+</head>
+<body>
+<span id="foo">Better Late than Never</span>
+</body>
+</html>