caps/tests/mochitest/test_bug995943.xul
author Bobby Holley <bobbyholley@gmail.com>
Mon, 12 May 2014 15:31:22 -0700
changeset 192254 5b3bfd0a529a220c97db60f9040b58e866049541
child 199617 9ca011c5d4fbf9a0ecf86513eb9d1649a3ccd197
child 204007 23910ae9a3a78c0718c0a1d7e632503b20c066fe
permissions -rw-r--r--
Bug 995943 - Allow access to file:// URIs from pref-whitelisted sites. r=bz a=lsblakk

<?xml version="1.0"?>
<?xml-stylesheet type="text/css" href="chrome://global/skin"?>
<?xml-stylesheet type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=995943
-->
<window title="Mozilla Bug 995943"
        xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
  <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/>

  <!-- test results are displayed in the html:body -->
  <body xmlns="http://www.w3.org/1999/xhtml">
  <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=995943"
     target="_blank">Mozilla Bug 995943</a>
  </body>

  <!-- test code goes here -->
  <script type="application/javascript">
  <![CDATA[
  const Cu = Components.utils;
  const Cc = Components.classes;
  const Ci = Components.interfaces;
  Cu.import("resource://gre/modules/Services.jsm");
  function debug(msg) { info(msg); }

  /** Test for CAPS file:// URI prefs. **/
  SimpleTest.waitForExplicitFinish();

  var profileDir = "file://" + Cc["@mozilla.org/file/directory_service;1"]
                               .getService(Ci.nsIProperties)
                               .get("ProfD", Ci.nsILocalFile).path;

  function checkLoadFileURI(domain, shouldLoad) {
    debug("Invoking checkLoadFileURI with domain: " + domain + ", shouldLoad: " + shouldLoad);
    return new Promise(function(resolve, reject) {
      $('ifr').addEventListener('load', function l1() {
        $('ifr').removeEventListener('load', l1);
        function l2() {
          $('ifr').removeEventListener('load', l2);
          ok(shouldLoad, "Successfully loaded file:// URI for domain: " + domain);
          resolve();
        }
        $('ifr').addEventListener('load', l2);
        try {
          window[0].wrappedJSObject.location = profileDir;
        } catch (e) {
          ok(!shouldLoad && /denied|insecure/.test(e),
             "Prevented loading of file:// URI for domain: " + domain + " - " + e);
          $('ifr').removeEventListener('load', l2);
          resolve();
        }
      });
      let targetURI = domain + '/tests/js/xpconnect/tests/mochitest/file_empty.html';
      debug("Navigating iframe to " + targetURI);
      $('ifr').contentWindow.location = targetURI;
    });
  }

  function pushPrefs(prefs) {
    return new Promise(function(resolve) { SpecialPowers.pushPrefEnv({ set: prefs }, resolve); });
  }

  function popPrefs() {
    return new Promise(function(resolve) { SpecialPowers.popPrefEnv(resolve); });
  }

  function go() {
    checkLoadFileURI('http://example.com', false).then(
      pushPrefs.bind(null, [['capability.policy.policynames', ' somepolicy '],
                            ['capability.policy.somepolicy.checkloaduri.enabled', 'AlLAcCeSs'],
                            ['capability.policy.somepolicy.sites', 'http://example.com']]))
    .then(checkLoadFileURI.bind(null, 'http://example.com', true))
    .then(popPrefs)
    .then(checkLoadFileURI.bind(null, 'http://example.com', false))
    .then(
      pushPrefs.bind(null, [['capability.policy.policynames', ',somepolicy, someotherpolicy, '],
                            ['capability.policy.somepolicy.checkloaduri.enabled', 'allaccess'],
                            ['capability.policy.someotherpolicy.checkloaduri.enabled', 'nope'],
                            ['capability.policy.somepolicy.sites', ' http://example.org   https://example.com'],
                            ['capability.policy.someotherpolicy.sites', 'http://example.net ']]))
    .then(checkLoadFileURI.bind(null, 'http://example.org', true))
    .then(checkLoadFileURI.bind(null, 'http://example.com', false))
    .then(checkLoadFileURI.bind(null, 'https://example.com', true))
    .then(checkLoadFileURI.bind(null, 'http://example.net', false))
    .then(pushPrefs.bind(null, [['capability.policy.someotherpolicy.checkloaduri.enabled', 'allAccess']]))
    .then(checkLoadFileURI.bind(null, 'http://example.net', true))
    .then(popPrefs)
    .then(popPrefs)
    .then(checkLoadFileURI.bind(null, 'http://example.net', false))
    .then(SimpleTest.finish.bind(SimpleTest));

  }
  addLoadEvent(go);

  ]]>
  </script>
  <iframe id="ifr" type="content" />
</window>