Bug 1397652 - Update tests within browser/ to comply with new toplevel data: URI navigation policy. r=gijs
authorChristoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
Wed, 13 Sep 2017 06:56:42 +0200
changeset 430137 0657b94b692499a4707d832f9f0d1378c94a0326
parent 430136 a7877592dff7303ae4bff285b9d51e0ed9c784d1
child 430138 e6f1fbbfdd1ffe1c16449a90e918568d3b14c0c6
push id7761
push userjlund@mozilla.com
push dateFri, 15 Sep 2017 00:19:52 +0000
treeherdermozilla-beta@c38455951db4 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgijs
bugs1397652
milestone57.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1397652 - Update tests within browser/ to comply with new toplevel data: URI navigation policy. r=gijs
browser/base/content/test/general/browser.ini
browser/base/content/test/general/browser_bug575561.js
browser/base/content/test/general/browser_bug734076.js
browser/base/content/test/general/browser_fullscreen-window-open.js
browser/base/content/test/general/download_page.html
browser/base/content/test/general/download_page_1.txt
browser/base/content/test/general/download_page_2.txt
browser/base/content/test/popups/browser.ini
browser/base/content/test/popups/browser_popup_blocker.js
browser/base/content/test/popups/popup_blocker.html
browser/base/content/test/popups/popup_blocker_a.html
browser/base/content/test/popups/popup_blocker_b.html
browser/base/content/test/urlbar/browser.ini
browser/base/content/test/urlbar/browser_bug562649.js
browser/base/content/test/urlbar/file_bug562649.html
browser/components/extensions/test/browser/browser_ext_tabs_executeScript_bad.js
browser/components/originattributes/test/browser/browser_firstPartyIsolation_aboutPages.js
browser/components/privatebrowsing/test/browser/browser_privatebrowsing_newtab_from_popup.js
browser/components/sessionstore/test/browser.ini
browser/components/sessionstore/test/browser_911547.js
browser/components/sessionstore/test/browser_async_duplicate_tab.js
browser/components/sessionstore/test/browser_async_flushes.js
browser/components/sessionstore/test/browser_dynamic_frames.js
browser/components/sessionstore/test/browser_sessionHistory.js
browser/components/sessionstore/test/file_async_duplicate_tab.html
browser/components/sessionstore/test/file_async_flushes.html
browser/components/sessionstore/test/file_sessionHistory_hashchange.html
--- a/browser/base/content/test/general/browser.ini
+++ b/browser/base/content/test/general/browser.ini
@@ -27,16 +27,18 @@ support-files =
   bug792517.html
   bug792517.sjs
   bug839103.css
   clipboard_pastefile.html
   contextmenu_common.js
   ctxmenu-image.png
   discovery.html
   download_page.html
+  download_page_1.txt
+  download_page_2.txt
   dummy_page.html
   feed_tab.html
   file_generic_favicon.ico
   file_with_favicon.html
   file_mediaPlayback.html
   file_bug970276_popup1.html
   file_bug970276_popup2.html
   file_bug970276_favicon1.ico
--- a/browser/base/content/test/general/browser_bug575561.js
+++ b/browser/base/content/test/general/browser_bug575561.js
@@ -1,15 +1,20 @@
 requestLongerTimeout(2);
 
 const TEST_URL = "http://example.com/browser/browser/base/content/test/general/app_bug575561.html";
 
 add_task(async function() {
   SimpleTest.requestCompleteLog();
 
+  // allow top level data: URI navigations, otherwise clicking data: link fails
+  await SpecialPowers.pushPrefEnv({
+    "set": [["security.data_uri.block_toplevel_data_uri_navigations", false]]
+  });
+
   // Pinned: Link to the same domain should not open a new tab
   // Tests link to http://example.com/browser/browser/base/content/test/general/dummy_page.html
   await testLink(0, true, false);
   // Pinned: Link to a different subdomain should open a new tab
   // Tests link to http://test1.example.com/browser/browser/base/content/test/general/dummy_page.html
   await testLink(1, true, true);
 
   // Pinned: Link to a different domain should open a new tab
--- a/browser/base/content/test/general/browser_bug734076.js
+++ b/browser/base/content/test/general/browser_bug734076.js
@@ -1,12 +1,19 @@
 /* Any copyright is dedicated to the Public Domain.
  * http://creativecommons.org/publicdomain/zero/1.0/ */
 
 add_task(async function() {
+
+  // allow top level data: URI navigations, otherwise loading data: URIs
+  // in toplevel windows fail.
+  await SpecialPowers.pushPrefEnv({
+    "set": [["security.data_uri.block_toplevel_data_uri_navigations", false]]
+  });
+
   let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, null, false);
 
   let browser = tab.linkedBrowser;
   browser.stop(); // stop the about:blank load
 
   let writeDomainURL = encodeURI("data:text/html,<script>document.write(document.domain);</script>");
 
   let tests = [
--- a/browser/base/content/test/general/browser_fullscreen-window-open.js
+++ b/browser/base/content/test/general/browser_fullscreen-window-open.js
@@ -1,29 +1,31 @@
 /* eslint-disable mozilla/no-arbitrary-setTimeout */
 Components.utils.import("resource://gre/modules/XPCOMUtils.jsm");
 Components.utils.import("resource://gre/modules/Services.jsm");
 
 var Cc = Components.classes;
 var Ci = Components.interfaces;
 
 const PREF_DISABLE_OPEN_NEW_WINDOW = "browser.link.open_newwindow.disabled_in_fullscreen";
+const PREF_BLOCK_TOPLEVEL_DATA = "security.data_uri.block_toplevel_data_uri_navigations";
 const isOSX = (Services.appinfo.OS === "Darwin");
 
 const TEST_FILE = "file_fullscreen-window-open.html";
 const gHttpTestRoot = getRootDirectory(gTestPath).replace("chrome://mochitests/content/",
                                                           "http://127.0.0.1:8888/");
 
 var newWin;
 var newBrowser;
 
 async function test() {
   waitForExplicitFinish();
 
   Services.prefs.setBoolPref(PREF_DISABLE_OPEN_NEW_WINDOW, true);
+  Services.prefs.setBoolPref(PREF_BLOCK_TOPLEVEL_DATA, false);
 
   newWin = await BrowserTestUtils.openNewBrowserWindow();
   newBrowser = newWin.gBrowser;
   await promiseTabLoadEvent(newBrowser.selectedTab, gHttpTestRoot + TEST_FILE);
 
   // Enter browser fullscreen mode.
   newWin.BrowserFullScreen();
 
@@ -32,16 +34,17 @@ async function test() {
 
 registerCleanupFunction(async function() {
   // Exit browser fullscreen mode.
   newWin.BrowserFullScreen();
 
   await BrowserTestUtils.closeWindow(newWin);
 
   Services.prefs.clearUserPref(PREF_DISABLE_OPEN_NEW_WINDOW);
+  Services.prefs.clearUserPref(PREF_BLOCK_TOPLEVEL_DATA);
 });
 
 var gTests = [
   test_open,
   test_open_with_size,
   test_open_with_pos,
   test_open_with_outerSize,
   test_open_with_innerSize,
--- a/browser/base/content/test/general/download_page.html
+++ b/browser/base/content/test/general/download_page.html
@@ -6,23 +6,23 @@ https://bugzilla.mozilla.org/show_bug.cg
   <head>
     <title>Test for the download attribute</title>
 
   </head>
   <body>
     <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=676619">Bug 676619</a>
     <br/>
     <ul>
-        <li><a href="data:text/plain,Hey What are you looking for?"
+        <li><a href="download_page_1.txt"
                 download="test.txt" id="link1">Download "test.txt"</a></li>
         <li><a href="video.ogg"
                 download id="link2">Download "video.ogg"</a></li>
         <li><a href="video.ogg"
                 download="just some video" id="link3">Download "just some video"</a></li>
-        <li><a href="data:text/plain,test"
+        <li><a href="download_page_2.txt"
                 download="with-target.txt" id="link4">Download "with-target.txt"</a></li>
         <li><a href="javascript:(1+2)+''"
             download="javascript.txt" id="link5">Download "javascript.txt"</a></li>
     </ul>
     <script>
         var li = document.createElement("li");
         var a = document.createElement("a");
 
new file mode 100644
--- /dev/null
+++ b/browser/base/content/test/general/download_page_1.txt
@@ -0,0 +1,1 @@
+Hey What are you looking for?
new file mode 100644
--- /dev/null
+++ b/browser/base/content/test/general/download_page_2.txt
@@ -0,0 +1,1 @@
+test
--- a/browser/base/content/test/popups/browser.ini
+++ b/browser/base/content/test/popups/browser.ini
@@ -1,6 +1,12 @@
 [browser_popupUI.js]
 [browser_popup_blocker.js]
-support-files = popup_blocker.html
+support-files =
+  popup_blocker.html
+  popup_blocker_a.html
+  popup_blocker_b.html
 skip-if = (os == 'linux') || (e10s && debug) # Frequent bug 1081925 and bug 1125520 failures
 [browser_popup_frames.js]
-support-files = popup_blocker.html
+support-files =
+  popup_blocker.html
+  popup_blocker_a.html
+  popup_blocker_b.html
--- a/browser/base/content/test/popups/browser_popup_blocker.js
+++ b/browser/base/content/test/popups/browser_popup_blocker.js
@@ -59,18 +59,18 @@ add_task(async function test_opening_blo
   let allow = menu.querySelector("[observes='blockedPopupAllowSite']");
   allow.doCommand();
   await BrowserTestUtils.waitForCondition(() =>
     popupTabs.length == 2 &&
     popupTabs.every(aTab => aTab.linkedBrowser.currentURI.spec != "about:blank"));
 
   gBrowser.tabContainer.removeEventListener("TabOpen", onTabOpen);
 
-  is(popupTabs[0].linkedBrowser.currentURI.spec, "data:text/plain;charset=utf-8,a", "Popup a");
-  is(popupTabs[1].linkedBrowser.currentURI.spec, "data:text/plain;charset=utf-8,b", "Popup b");
+  ok(popupTabs[0].linkedBrowser.currentURI.spec.endsWith("popup_blocker_a.html"), "Popup a");
+  ok(popupTabs[1].linkedBrowser.currentURI.spec.endsWith("popup_blocker_b.html"), "Popup b");
 
   // Clean up.
   gBrowser.removeTab(tab);
   for (let popup of popupTabs) {
     gBrowser.removeTab(popup);
   }
   clearAllPermissionsByPrefix("popup");
   // Ensure the menu closes.
--- a/browser/base/content/test/popups/popup_blocker.html
+++ b/browser/base/content/test/popups/popup_blocker.html
@@ -1,13 +1,13 @@
 <!doctype html>
 <html>
   <head>
     <meta charset="UTF-8">
     <title>Page creating two popups</title>
   </head>
   <body>
     <script type="text/javascript">
-      window.open("data:text/plain;charset=utf-8,a", "a");
-      window.open("data:text/plain;charset=utf-8,b", "b");
+      window.open("popup_blocker_a.html", "a");
+      window.open("popup_blocker_b.html", "b");
     </script>
   </body>
 </html>
new file mode 100644
--- /dev/null
+++ b/browser/base/content/test/popups/popup_blocker_a.html
@@ -0,0 +1,1 @@
+<html><body>a</body></html>
new file mode 100644
--- /dev/null
+++ b/browser/base/content/test/popups/popup_blocker_b.html
@@ -0,0 +1,1 @@
+<html><body>b</body></html>
--- a/browser/base/content/test/urlbar/browser.ini
+++ b/browser/base/content/test/urlbar/browser.ini
@@ -24,16 +24,17 @@ support-files =
 [browser_bug1024133-switchtab-override-keynav.js]
 [browser_bug1025195_switchToTabHavingURI_aOpenParams.js]
 [browser_bug1070778.js]
 [browser_bug1225194-remotetab.js]
 [browser_bug304198.js]
 [browser_bug556061.js]
 subsuite = clipboard
 [browser_bug562649.js]
+support-files = file_bug562649.html
 [browser_bug623155.js]
 support-files =
   redirect_bug623155.sjs
 [browser_bug783614.js]
 [browser_canonizeURL.js]
 [browser_dragdropURL.js]
 [browser_locationBarCommand.js]
 [browser_locationBarExternalLoad.js]
--- a/browser/base/content/test/urlbar/browser_bug562649.js
+++ b/browser/base/content/test/urlbar/browser_bug562649.js
@@ -1,10 +1,11 @@
 function test() {
-  const URI = "data:text/plain,bug562649";
+  const TEST_PATH = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "https://example.com");
+  const URI = TEST_PATH + "file_bug562649.html";
   window.browserDOMWindow.openURI(makeURI(URI),
                                   null,
                                   Ci.nsIBrowserDOMWindow.OPEN_NEWTAB,
                                   Ci.nsIBrowserDOMWindow.OPEN_EXTERNAL,
                                   Services.scriptSecurityManager.getSystemPrincipal());
 
   is(gBrowser.userTypedValue, URI, "userTypedValue matches test URI");
   is(gURLBar.value, URI, "location bar value matches test URI");
new file mode 100644
--- /dev/null
+++ b/browser/base/content/test/urlbar/file_bug562649.html
@@ -0,0 +1,1 @@
+<html><body>bug562649</body></html>
--- a/browser/components/extensions/test/browser/browser_ext_tabs_executeScript_bad.js
+++ b/browser/components/extensions/test/browser/browser_ext_tabs_executeScript_bad.js
@@ -198,16 +198,22 @@ add_task(async function testBadPermissio
     },
   });
 
   await BrowserTestUtils.removeTab(tab2);
   await BrowserTestUtils.removeTab(tab1);
 });
 
 add_task(async function testMatchDataURI() {
+  // allow top level data: URI navigations, otherwise
+  // window.location.href = data: would be blocked
+  await SpecialPowers.pushPrefEnv({
+    "set": [["security.data_uri.block_toplevel_data_uri_navigations", false]],
+  });
+
   const target = ExtensionTestUtils.loadExtension({
     files: {
       "page.html": `<!DOCTYPE html>
         <meta charset="utf-8">
         <script src="page.js"></script>
         <iframe id="inherited" src="data:text/html;charset=utf-8,inherited"></iframe>
       `,
       "page.js": function() {
--- a/browser/components/originattributes/test/browser/browser_firstPartyIsolation_aboutPages.js
+++ b/browser/components/originattributes/test/browser/browser_firstPartyIsolation_aboutPages.js
@@ -63,16 +63,21 @@ function frame_script() {
   let element = content.document.getElementById("test");
   element.click();
 }
 
 /**
  * Check if data: URI inherits firstPartyDomain from about:blank correctly.
  */
 add_task(async function test_remote_window_open_data_uri() {
+  // allow top level data: URI navigations, otherwise
+  // <a href="data:" would fail.
+  await SpecialPowers.pushPrefEnv({
+    "set": [["security.data_uri.block_toplevel_data_uri_navigations", false]]
+  });
   let win = await BrowserTestUtils.openNewBrowserWindow({ remote: true });
   let browser = win.gBrowser.selectedBrowser;
   let mm = browser.messageManager;
   mm.loadFrameScript("data:,(" + frame_script.toString() + ")();", true);
 
   await BrowserTestUtils.browserLoaded(browser, false, function(url) {
     return url == "data:text/plain,hello";
   });
--- a/browser/components/privatebrowsing/test/browser/browser_privatebrowsing_newtab_from_popup.js
+++ b/browser/components/privatebrowsing/test/browser/browser_privatebrowsing_newtab_from_popup.js
@@ -17,16 +17,20 @@ const POPUP_LINK = `data:text/html;chars
 const WINDOW_BODY = `data:text/html,
                      <a href="%23" id="first"
                         onclick="window.open('${POPUP_LINK}', '_blank',
                                              'width=630,height=500')">
                        First click this.
                      </a>`;
 
 add_task(async function test_private_popup_window_opens_private_tabs() {
+  // allow top level data: URI navigations, otherwise clicking a data: link fails
+  await SpecialPowers.pushPrefEnv({
+    "set": [["security.data_uri.block_toplevel_data_uri_navigations", false]]
+  });
   let privWin = await BrowserTestUtils.openNewBrowserWindow({ private: true });
 
   // Sanity check - this browser better be private.
   ok(PrivateBrowsingUtils.isWindowPrivate(privWin),
      "Opened a private browsing window.");
 
   // First, open a private browsing window, and load our
   // testing page.
--- a/browser/components/sessionstore/test/browser.ini
+++ b/browser/components/sessionstore/test/browser.ini
@@ -65,17 +65,19 @@ support-files =
 
 #disabled-for-intermittent-failures--bug-766044, browser_459906_empty.html
 #disabled-for-intermittent-failures--bug-766044, browser_459906_sample.html
 #disabled-for-intermittent-failures--bug-765389, browser_461743_sample.html
 
 [browser_aboutPrivateBrowsing.js]
 [browser_aboutSessionRestore.js]
 [browser_async_duplicate_tab.js]
+support-files = file_async_duplicate_tab.html
 [browser_async_flushes.js]
+support-files = file_async_flushes.html
 run-if = e10s && crashreporter
 skip-if = debug # bug 1167933
 [browser_async_remove_tab.js]
 run-if = e10s
 skip-if = debug # bug 1211084
 [browser_attributes.js]
 [browser_backup_recovery.js]
 [browser_broadcast.js]
@@ -106,16 +108,18 @@ skip-if = (os == 'win') # bug 1331853
 [browser_purge_shistory.js]
 skip-if = e10s # Bug 1271024
 [browser_replace_load.js]
 [browser_restore_redirect.js]
 [browser_restore_cookies_noOriginAttributes.js]
 [browser_scrollPositions.js]
 [browser_scrollPositionsReaderMode.js]
 [browser_sessionHistory.js]
+support-files =
+  file_sessionHistory_hashchange.html
 [browser_sessionStorage.js]
 [browser_sessionStorage_size.js]
 [browser_tab_label_during_restore.js]
 [browser_swapDocShells.js]
 [browser_switch_remoteness.js]
 run-if = e10s
 [browser_upgrade_backup.js]
 [browser_windowRestore_perwindowpb.js]
--- a/browser/components/sessionstore/test/browser_911547.js
+++ b/browser/components/sessionstore/test/browser_911547.js
@@ -6,16 +6,20 @@
 //    this tests that session restore component does restore the right
 //    content security policy with the document. (The policy being
 //    tested disallows inline scripts).
 // b) if security.data_uri.unique_opaque_origin == true, then
 //    this tests that data: URIs do not inherit the CSP from
 //    it's enclosing context.
 
 add_task(async function test() {
+  // allow top level data: URI navigations, otherwise clicking a data: link fails
+  await SpecialPowers.pushPrefEnv({
+    "set": [["security.data_uri.block_toplevel_data_uri_navigations", false]]
+  });
   let dataURIPref = Services.prefs.getBoolPref("security.data_uri.unique_opaque_origin");
   // create a tab that has a CSP
   let testURL = "http://mochi.test:8888/browser/browser/components/sessionstore/test/browser_911547_sample.html";
   let tab = gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser, testURL);
   gBrowser.selectedTab = tab;
 
   let browser = tab.linkedBrowser;
   await promiseBrowserLoaded(browser);
--- a/browser/components/sessionstore/test/browser_async_duplicate_tab.js
+++ b/browser/components/sessionstore/test/browser_async_duplicate_tab.js
@@ -1,11 +1,13 @@
 "use strict";
 
-const URL = "data:text/html;charset=utf-8,<a href=%23>clickme</a>";
+const PATH = getRootDirectory(gTestPath)
+             .replace("chrome://mochitests/content/", "http://example.com/");
+const URL = PATH + "file_async_duplicate_tab.html";
 
 add_task(async function test_duplicate() {
   // Create new tab.
   let tab = BrowserTestUtils.addTab(gBrowser, URL);
   let browser = tab.linkedBrowser;
   await promiseBrowserLoaded(browser);
 
   // Flush to empty any queued update messages.
--- a/browser/components/sessionstore/test/browser_async_flushes.js
+++ b/browser/components/sessionstore/test/browser_async_flushes.js
@@ -1,11 +1,13 @@
 "use strict";
 
-const URL = "data:text/html;charset=utf-8,<a href=%23>clickme</a>";
+const PATH = getRootDirectory(gTestPath)
+             .replace("chrome://mochitests/content/", "http://example.com/");
+const URL = PATH + "file_async_flushes.html";
 
 add_task(async function test_flush() {
   // Create new tab.
   let tab = BrowserTestUtils.addTab(gBrowser, URL);
   let browser = tab.linkedBrowser;
   await promiseBrowserLoaded(browser);
 
   // Flush to empty any queued update messages.
--- a/browser/components/sessionstore/test/browser_dynamic_frames.js
+++ b/browser/components/sessionstore/test/browser_dynamic_frames.js
@@ -3,16 +3,20 @@
 
 "use strict";
 
 /**
  * Ensure that static frames of framesets are serialized but dynamically
  * inserted iframes are ignored.
  */
 add_task(async function() {
+  // allow top level data: URI navigations, otherwise clicking a data: link fails
+  await SpecialPowers.pushPrefEnv({
+    "set": [["security.data_uri.block_toplevel_data_uri_navigations", false]]
+  });
   // This URL has the following frames:
   //  + data:text/html,A (static)
   //  + data:text/html,B (static)
   //  + data:text/html,C (dynamic iframe)
   const URL = "data:text/html;charset=utf-8," +
               "<frameset cols=50%25,50%25><frame src='data:text/html,A'>" +
               "<frame src='data:text/html,B'></frameset>" +
               "<script>var i=document.createElement('iframe');" +
@@ -41,16 +45,20 @@ add_task(async function() {
 });
 
 /**
  * Ensure that iframes created by the network parser are serialized but
  * dynamically inserted iframes are ignored. Navigating a subframe should
  * create a second root entry that doesn't contain any dynamic children either.
  */
 add_task(async function() {
+  // allow top level data: URI navigations, otherwise clicking a data: link fails
+  await SpecialPowers.pushPrefEnv({
+    "set": [["security.data_uri.block_toplevel_data_uri_navigations", false]]
+  });
   // This URL has the following frames:
   //  + data:text/html,A (static)
   //  + data:text/html,C (dynamic iframe)
   const URL = "data:text/html;charset=utf-8," +
               "<iframe name=t src='data:text/html,A'></iframe>" +
               "<a id=lnk href='data:text/html,B' target=t>clickme</a>" +
               "<script>var i=document.createElement('iframe');" +
               "i.setAttribute('src', 'data:text/html,C');" +
--- a/browser/components/sessionstore/test/browser_sessionHistory.js
+++ b/browser/components/sessionstore/test/browser_sessionHistory.js
@@ -32,18 +32,19 @@ add_task(async function test_load_start(
   // Cleanup.
   gBrowser.removeTab(tab);
 });
 
 /**
  * Ensure that anchor navigation invalidates shistory.
  */
 add_task(async function test_hashchange() {
-  const URL = "data:text/html;charset=utf-8,<a id=a href=%23>clickme</a>";
-
+  const PATH = getRootDirectory(gTestPath)
+              .replace("chrome://mochitests/content/", "http://example.com/");
+  const URL = PATH + "file_sessionHistory_hashchange.html";
   // Create a new tab.
   let tab = BrowserTestUtils.addTab(gBrowser, URL);
   let browser = tab.linkedBrowser;
   await promiseBrowserLoaded(browser);
 
   // Check that we start with a single shistory entry.
   await TabStateFlusher.flush(browser);
   let {entries} = JSON.parse(ss.getTabState(tab));
new file mode 100644
--- /dev/null
+++ b/browser/components/sessionstore/test/file_async_duplicate_tab.html
@@ -0,0 +1,1 @@
+<a href=#>clickme</a>
new file mode 100644
--- /dev/null
+++ b/browser/components/sessionstore/test/file_async_flushes.html
@@ -0,0 +1,1 @@
+<a href=#>clickme</a>
new file mode 100644
--- /dev/null
+++ b/browser/components/sessionstore/test/file_sessionHistory_hashchange.html
@@ -0,0 +1,1 @@
+<a id=a href=#>clickme</a>