Bug 684115 - Test what happens when chrome takes an XHR from one origin and sticks it in another origin. r=sicking
authorBlake Kaplan <mrbkap@gmail.com>
Fri, 02 Sep 2011 16:48:49 -0700
changeset 77805 9d79f12f8d33f96936d647be083e9c292ea3d90a
parent 77804 fc2a18413a7e095cba32522a1874b75fc2d049d2
child 77806 d06e88a99f39a02d5b0d3594df879fea846de2b1
push id78
push userclegnitto@mozilla.com
push dateFri, 16 Dec 2011 17:32:24 +0000
treeherdermozilla-release@79d24e644fdd [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssicking
bugs684115
milestone9.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 684115 - Test what happens when chrome takes an XHR from one origin and sticks it in another origin. r=sicking
dom/tests/mochitest/chrome/Makefile.in
dom/tests/mochitest/chrome/test_moving_xhr.xul
dom/tests/mochitest/general/Makefile.in
dom/tests/mochitest/general/file_moving_xhr.html
--- a/dom/tests/mochitest/chrome/Makefile.in
+++ b/dom/tests/mochitest/chrome/Makefile.in
@@ -64,16 +64,17 @@ include $(topsrcdir)/config/rules.mk
 		window_activation.xul \
 		test_DOMWindowCreated.xul \
 		DOMWindowCreated_chrome.xul \
 		DOMWindowCreated_content.html \
 		test_sandbox_image.xul \
 		test_cyclecollector.xul \
 		test_resize_move_windows.xul \
 		test_popup_blocker_chrome.xul \
+		test_moving_xhr.xul \
 		$(NULL)
 
 ifeq (WINNT,$(OS_ARCH))
 _TEST_FILES += \
 		test_sizemode_attribute.xul \
 		sizemode_attribute.xul \
 		$(NULL)
 endif
new file mode 100644
--- /dev/null
+++ b/dom/tests/mochitest/chrome/test_moving_xhr.xul
@@ -0,0 +1,41 @@
+<?xml version="1.0"?>
+<?xml-stylesheet href="chrome://global/skin" type="text/css"?>
+<?xml-stylesheet href="chrome://mochikit/content/tests/SimpleTest/test.css"
+                 type="text/css"?>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=654370
+-->
+<window title="Mozilla Bug 654370"
+  xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+  <script type="application/javascript"
+          src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
+
+  <!-- test results are displayed in the html:body -->
+  <body xmlns="http://www.w3.org/1999/xhtml">
+  <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=654370"
+     target="_blank">Mozilla Bug 654370</a>
+  </body>
+
+  <!-- test code goes here -->
+  <script type="application/javascript"><![CDATA[
+      SimpleTest.waitForExplicitFinish();
+
+      var firstWindow, secondWindow;
+      function iframe_loaded() {
+        if (!firstWindow || !secondWindow)
+          return;
+        var xhr = firstWindow.wrappedJSObject.createXHR();
+        ok(!("expando" in xhr), "shouldn't be able to see expandos on the XHR");
+        is(xhr.readyState, XMLHttpRequest.UNSENT, "can access readyState in chrome");
+        secondWindow.wrappedJSObject.tryToUseXHR(xhr, ok);
+        secondWindow.wrappedJSObject.tryToUseXHR(new XMLHttpRequest(), ok);
+        SimpleTest.finish();
+      }
+
+  ]]></script>
+
+  <iframe id="one" src="http://mochi.test:8888/tests/dom/tests/mochitest/general/file_moving_xhr.html"
+          onload="firstWindow = this.contentWindow; iframe_loaded()" />
+  <iframe id="two" src="http://example.org/tests/dom/tests/mochitest/general/file_moving_xhr.html"
+          onload="secondWindow = this.contentWindow; iframe_loaded()" />
+</window>
--- a/dom/tests/mochitest/general/Makefile.in
+++ b/dom/tests/mochitest/general/Makefile.in
@@ -63,16 +63,17 @@ include $(topsrcdir)/config/rules.mk
 		test_windowProperties.html \
 		test_clipboard_events.html \
 		test_nodesFromRect.html \
 		test_frameElementWrapping.html \
 		file_frameElementWrapping.html \
 		test_framedhistoryframes.html \
 		test_windowedhistoryframes.html \
 		test_focusrings.xul \
+		file_moving_xhr.html \
 		$(NULL)
 
 _CHROME_FILES = \
 		test_innerScreen.xul \
 		test_offsets.xul \
 		test_offsets.js \
 		$(NULL)
 
new file mode 100644
--- /dev/null
+++ b/dom/tests/mochitest/general/file_moving_xhr.html
@@ -0,0 +1,26 @@
+<html>
+    <head>
+        <script>
+            function createXHR() {
+                return new XMLHttpRequest();
+            }
+
+            function tryToUseXHR(xhr, ok) {
+                function expectException(op, reason) {
+                    try {
+                        var result = op();
+                        ok(false, "should have thrown an exception, got: " + result);
+                    } catch (e) {
+                        ok(/Permission denied/.test(e.toString()), reason);
+                    }
+                }
+
+                expectException(function() { xhr.open(); }, "should not have access to any functions");
+                expectException(function() { xhr.foo = "foo"; }, "should not be able to add expandos");
+                expectException(function() { xhr.withCredentials = true; }, "should not be able to set attributes");
+            }
+        </script>
+    </head>
+    <body>
+    </body>
+</html>