Bug 865204 - Change remaining CSP tests that use enablePrivilege to SpecialPowers. r=bholley, f=imelven
authorMartijn Wargers <mwargers@mozilla.com>
Thu, 02 May 2013 01:16:45 +0200
changeset 141556 915a35a8f5161595fa702ad019f78920ed701226
parent 141555 8324f2f4007b6117fc45b64a4bde5fdf71ae268c
child 141557 bf354dfbd6894155ac2835b91aae5992f4111b03
push id2579
push userakeybl@mozilla.com
push dateMon, 24 Jun 2013 18:52:47 +0000
treeherdermozilla-beta@b69b7de8a05a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs865204
milestone23.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 865204 - Change remaining CSP tests that use enablePrivilege to SpecialPowers. r=bholley, f=imelven
content/base/test/test_CSP.html
content/base/test/test_CSP_frameancestors.html
content/base/test/test_CSP_inlinescript.html
content/base/test/test_csp_redirects.html
--- a/content/base/test/test_CSP.html
+++ b/content/base/test/test_CSP.html
@@ -54,64 +54,57 @@ window.tests = {
   object_spec_compliant_good: -1,
   object_spec_compliant_bad: -1,
 };
 
 
 // This is used to watch the blocked data bounce off CSP and allowed data 
 // get sent out to the wire.
 function examiner() {
-  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
-  var obsvc = Components.classes['@mozilla.org/observer-service;1']
-                        .getService(Components.interfaces.nsIObserverService);
-  obsvc.addObserver(this, "csp-on-violate-policy", false);
-  obsvc.addObserver(this, "http-on-modify-request", false);
+  SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
+  SpecialPowers.addObserver(this, "http-on-modify-request", false);
 }
 examiner.prototype  = {
   observe: function(subject, topic, data) {
-    netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
     // subject should be an nsURI, and should be either allowed or blocked.
-    if(!subject.QueryInterface)
+    if (!SpecialPowers.can_QI(subject))
       return;
       
     var testpat = new RegExp("testid=([a-z0-9_]+)");
 
     //_good things better be allowed!
     //_bad things better be stopped!
 
     if (topic === "http-on-modify-request") {
       //these things were allowed by CSP
-      var uri = subject.QueryInterface(Components.interfaces.nsIHttpChannel).URI;
-      if (!testpat.test(uri.asciiSpec)) return;
-      var testid = testpat.exec(uri.asciiSpec)[1];
+      var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
+      if (!testpat.test(asciiSpec)) return;
+      var testid = testpat.exec(asciiSpec)[1];
 
       window.testResult(testid,
                         /_good/.test(testid),
-                        uri.asciiSpec + " allowed by csp");
+                        asciiSpec + " allowed by csp");
     }
 
     if(topic === "csp-on-violate-policy") {
       //these were blocked... record that they were blocked
-      var uri = subject.QueryInterface(Components.interfaces.nsIURI);
-      if (!testpat.test(uri.asciiSpec)) return;
-      var testid = testpat.exec(uri.asciiSpec)[1];
+      var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIURI"), "asciiSpec");
+      if (!testpat.test(asciiSpec)) return;
+      var testid = testpat.exec(asciiSpec)[1];
       window.testResult(testid,
                         /_bad/.test(testid),
-                        uri.asciiSpec + " blocked by \"" + data + "\"");
+                        asciiSpec + " blocked by \"" + data + "\"");
     }
   },
 
   // must eventually call this to remove the listener, 
   // or mochitests might get borked.
   remove: function() {
-    netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
-    var obsvc = Components.classes['@mozilla.org/observer-service;1']
-                          .getService(Components.interfaces.nsIObserverService);
-    obsvc.removeObserver(this, "csp-on-violate-policy");
-    obsvc.removeObserver(this, "http-on-modify-request");
+    SpecialPowers.removeObserver(this, "csp-on-violate-policy");
+    SpecialPowers.removeObserver(this, "http-on-modify-request");
   }
 }
 
 window.examiner = new examiner();
 
 window.testResult = function(testname, result, msg) {
   //test already complete.... forget it... remember the first result.
   if (window.tests[testname] != -1)
--- a/content/base/test/test_CSP_frameancestors.html
+++ b/content/base/test/test_CSP_frameancestors.html
@@ -45,39 +45,35 @@ var framesThatShouldLoad = {
   //abb2_block_spec_compliant: -1,  /* innermost frame denies a */
 };
 
 var expectedViolationsLeft = 14;
 
 // This is used to watch the blocked data bounce off CSP and allowed data 
 // get sent out to the wire.
 function examiner() {
-  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
-  this.obsvc = Components.classes['@mozilla.org/observer-service;1']
-                        .getService(Components.interfaces.nsIObserverService);
-  this.obsvc.addObserver(this, "csp-on-violate-policy", false);
+  SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
 }
 examiner.prototype  = {
   observe: function(subject, topic, data) {
-    netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
     // subject should be an nsURI, and should be either allowed or blocked.
-    if(!subject.QueryInterface) return;
+    if (!SpecialPowers.can_QI(subject))
+      return;
       
     if (topic === "csp-on-violate-policy") {
       //these were blocked... record that they were blocked
-      var uri = subject.QueryInterface(Components.interfaces.nsIURI);
-      window.frameBlocked(uri.asciiSpec, data);
+      var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIURI"), "asciiSpec");
+      window.frameBlocked(asciiSpec, data);
     }
   },
 
   // must eventually call this to remove the listener, 
   // or mochitests might get borked.
   remove: function() {
-    netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
-    this.obsvc.removeObserver(this, "csp-on-violate-policy");
+    SpecialPowers.removeObserver(this, "csp-on-violate-policy");
   }
 }
 
 // called when a frame is loaded
 // -- if it's not enumerated above, it should not load!
 var frameLoaded = function(testname, uri) {
   //test already complete.... forget it... remember the first result.
   if (window.framesThatShouldLoad[testname] != -1)
--- a/content/base/test/test_CSP_inlinescript.html
+++ b/content/base/test/test_CSP_inlinescript.html
@@ -1,13 +1,14 @@
 <!DOCTYPE HTML>
 <html>
 <head>
   <title>Test for Content Security Policy Frame Ancestors directive</title>
   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <script type="application/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
 </head>
 <body>
 <p id="display"></p>
 <div id="content" style="display: none">
 </div>
 
 <iframe style="width:100%;height:300px;" id='cspframe'></iframe>
@@ -19,45 +20,41 @@ var path = "/tests/content/base/test/";
 
 var inlineScriptsThatRan = 0;
 var inlineScriptsBlocked = 0;
 var inlineScriptsTotal = 12;
 
 // This is used to watch the blocked data bounce off CSP and allowed data
 // get sent out to the wire.
 function examiner() {
-  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
-  this.obsvc = Components.classes['@mozilla.org/observer-service;1']
-                        .getService(Components.interfaces.nsIObserverService);
-  this.obsvc.addObserver(this, "csp-on-violate-policy", false);
+  SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
 }
 examiner.prototype  = {
   observe: function(subject, topic, data) {
-    netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
     // subject should be an nsURI, and should be either allowed or blocked.
-    if(!subject.QueryInterface) return;
+    if (!SpecialPowers.can_QI(subject))
+      return;
 
     if (topic === "csp-on-violate-policy") {
       var what = null;
       try {
         //these were blocked... record that they were blocked
-        what = subject.QueryInterface(Components.interfaces.nsIURI).asciiSpec;
+        what = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIURI"), "asciiSpec");
       } catch(e) {
         //if that fails, the subject is probably a string
-        what = subject.QueryInterface(Components.interfaces.nsISupportsCString).data;
+        what = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsISupportsCString"), "data");
       }
       window.scriptBlocked(what, data);
     }
   },
 
   // must eventually call this to remove the listener,
   // or mochitests might get borked.
   remove: function() {
-    netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
-    this.obsvc.removeObserver(this, "csp-on-violate-policy");
+    SpecialPowers.removeObserver(this, "csp-on-violate-policy");
   }
 }
 
 // called by scripts that run
 // the first argument is whether the script expects to be allowed or not.
 var scriptRan = function(result, testname, data) {
   inlineScriptsThatRan++;
   ok(result, 'INLINE SCRIPT RAN: ' + testname + '(' + data + ')');
@@ -70,18 +67,16 @@ var scriptBlocked = function(testname, d
   inlineScriptsBlocked++;
   ok(true, 'INLINE SCRIPT BLOCKED: ' + testname + '(' + data + ')');
   checkTestResults();
 }
 
 
 // Check to see if all the tests have run
 var checkTestResults = function() {
-  dump("**** checkTestResults - ran : " + inlineScriptsThatRan + " blocked : " + inlineScriptsBlocked + " total: " + inlineScriptsTotal + "\n");
-
   // if any test is incomplete, keep waiting
   if (inlineScriptsThatRan + inlineScriptsBlocked < inlineScriptsTotal)
     return;
 
   // The four scripts in the page with 'unsafe-inline' should run.
   is(inlineScriptsThatRan, 4, "there should be 4 inline scripts that ran");
 
   // The other eight scripts in the other two pages should be blocked.
@@ -93,43 +88,31 @@ var checkTestResults = function() {
 }
 
 //////////////////////////////////////////////////////////////////////
 // set up and go
 window.examiner = new examiner();
 SimpleTest.waitForExplicitFinish();
 
 function clickit() {
-  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
   var cspframe = document.getElementById('cspframe');
   var a = cspframe.contentDocument.getElementById('anchortoclick');
-  var evt = cspframe.contentDocument.createEvent("MouseEvents");
-  evt.initMouseEvent("click", true, true, cspframe.contentWindow,
-                      0,0,0,0,0, false, false, false, false, 0, null);
-  a.dispatchEvent(evt);
+  sendMouseEvent({type:'click'}, a, cspframe.contentWindow);
 }
 
 function clickit2() {
-  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
   var cspframe2 = document.getElementById('cspframe2');
   var a = cspframe2.contentDocument.getElementById('anchortoclick');
-  var evt = cspframe2.contentDocument.createEvent("MouseEvents");
-  evt.initMouseEvent("click", true, true, cspframe2.contentWindow,
-                      0,0,0,0,0, false, false, false, false, 0, null);
-  a.dispatchEvent(evt);
+  sendMouseEvent({type:'click'}, a, cspframe2.contentWindow);
 }
 
 function clickit3() {
-  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
   var cspframe3 = document.getElementById('cspframe3');
   var a = cspframe3.contentDocument.getElementById('anchortoclick');
-  var evt = cspframe3.contentDocument.createEvent("MouseEvents");
-  evt.initMouseEvent("click", true, true, cspframe3.contentWindow,
-                      0,0,0,0,0, false, false, false, false, 0, null);
-  a.dispatchEvent(evt);
+  sendMouseEvent({type:'click'}, a, cspframe3.contentWindow);
 }
 
 SpecialPowers.pushPrefEnv(
   {'set':[["security.csp.speccompliant", true]]},
   function() {
     // save this for last so that our listeners are registered.
     // ... this loads the testbed of good and bad requests.
     document.getElementById('cspframe').src = 'file_CSP_inlinescript_main.html';
--- a/content/base/test/test_csp_redirects.html
+++ b/content/base/test/test_csp_redirects.html
@@ -21,63 +21,56 @@ var path = "/tests/content/base/test/";
 function log(s) {
   return;
   var log = document.getElementById("log");
   log.textContent = log.textContent+s+"\n";
 }
 
 // used to watch if requests are blocked by CSP or allowed through
 function examiner() {
-  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
-  var obsvc = Components.classes['@mozilla.org/observer-service;1']
-                        .getService(Components.interfaces.nsIObserverService);
-  obsvc.addObserver(this, "csp-on-violate-policy", false);
-  obsvc.addObserver(this, "http-on-modify-request", false);
+  SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
+  SpecialPowers.addObserver(this, "http-on-modify-request", false);
 }
 examiner.prototype  = {
   observe: function(subject, topic, data) {
-    netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
     // subject should be an nsURI, and should be either allowed or blocked.
-    if(!subject.QueryInterface)
+    if (!SpecialPowers.can_QI(subject))
       return;
 
     var testpat = new RegExp("testid=([a-z0-9-]+)");
-    var uri;
+    var asciiSpec;
     var testid;
 
     if (topic === "http-on-modify-request") {
       // request was sent
-      uri = subject.QueryInterface(Components.interfaces.nsIHttpChannel).URI;
-      if (!testpat.test(uri.asciiSpec)) return;
-      testid = testpat.exec(uri.asciiSpec)[1];
+      asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
+      if (!testpat.test(asciiSpec)) return;
+      testid = testpat.exec(asciiSpec)[1];
       if (testExpectedResults[testid] == "completed") return;
-      log("allowed: "+uri.asciiSpec);
-      window.testResult(testid, uri.asciiSpec, true);
+      log("allowed: "+asciiSpec);
+      window.testResult(testid, asciiSpec, true);
     }
 
     else if (topic === "csp-on-violate-policy") {
       // request was blocked
-      uri = subject.QueryInterface(Components.interfaces.nsIURI);
-      if (!testpat.test(uri.asciiSpec)) return;
-      testid = testpat.exec(uri.asciiSpec)[1];
+      asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIURI"), "asciiSpec");
+      if (!testpat.test(asciiSpec)) return;
+      testid = testpat.exec(asciiSpec)[1];
       // had to add this check because http-on-modify-request can fire after
       // csp-on-violate-policy, apparently, even though the request does
       // not hit the wire.
       if (testExpectedResults[testid] == "completed") return;
-      log("BLOCKED: "+uri.asciiSpec);
-      window.testResult(testid, uri.asciiSpec, false);
+      log("BLOCKED: "+asciiSpec);
+      window.testResult(testid, asciiSpec, false);
     }
   },
 
   remove: function() {
-    netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
-    var obsvc = Components.classes['@mozilla.org/observer-service;1']
-                          .getService(Components.interfaces.nsIObserverService);
-    obsvc.removeObserver(this, "csp-on-violate-policy");
-    obsvc.removeObserver(this, "http-on-modify-request");
+    SpecialPowers.removeObserver(this, "csp-on-violate-policy");
+    SpecialPowers.removeObserver(this, "http-on-modify-request");
   }
 }
 window.examiner = new examiner();
 
 // contains { test_frame_id : expected_result }
 var testExpectedResults = { "font-src": true,
                             "font-src-redir": false,
                             "frame-src": true,
@@ -114,17 +107,16 @@ var testExpectedResults = { "font-src": 
                             "worker-redir-spec-compliant": false,
                             "xhr-src-spec-compliant": true,
                             "xhr-src-redir-spec-compliant": false,
                           };
 
 // takes the name of the test, the URL that was tested, and whether the
 // load occurred
 var testResult = function(testName, url, result) {
-  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
   log("  testName: "+testName+", result: "+result+", expected: "+testExpectedResults[testName]+"\n");
   is(result, testExpectedResults[testName], testName+" test: "+url);
 
  // mark test as completed
   testExpectedResults[testName] = "completed";
 
   // don't finish until we've run all the tests
   for (var t in testExpectedResults) {