author Mozilla Releng Treescript <>
Sun, 28 Feb 2021 23:52:32 +0000
changeset 635405 a7aa120e47fffaa66b8fc171d1c5e20f58e38a1b
parent 627677 65394ac48dd4109dfa728d726646e9adda540fe5
permissions -rw-r--r--
No bug - Tagging c850f93582ef95f2ca5dd2a1f37e3d475fa05cd7 with DEVEDITION_87_0b4_RELEASE a=release CLOSED TREE DONTBUILD

  <title>Test for Bug 423375</title>
  <script src="/tests/SimpleTest/SimpleTest.js"></script>
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
<a target="_blank" href="">Mozilla Bug 423375</a>
<p id="display"></p>
<div id="content" style="display: none">
<iframe id="load-frame"></iframe>
<pre id="test">
<script class="testbody" type="text/javascript">

 ** Test for Bug 423375
 ** (content shouldn't be able to load chrome: or resource:)
function tryLoad(url) {
    try {
        window.frames[0].location = url;
        return "loaded";
    } catch (e) {
        if (/Access.*denied/.test(String(e))) {
          return "denied";
        return "unexpected: " + e;

is(tryLoad("chrome://global/content/mozilla.html"), "denied",
   "content should have been prevented from loading chrome: URL");
is(tryLoad("resource://gre-resources/html.css"), "denied",
   "content should have been prevented from loading resource: URL");