fune/toolkit/components/extensions/test/xpcshell/test_ext_contentscript_restrictSchemes.js

"use strict";

function makeExtension(id, isPrivileged) {
  return ExtensionTestUtils.loadExtension({
    isPrivileged,

    manifest: {
      applications: {gecko: {id}},

      permissions: isPrivileged ? ["mozillaAddons"] : [],

      content_scripts: [
        {
          "matches": ["resource://foo/file_sample.html"],
          "js": ["content_script.js"],
          "run_at": "document_start",
        },
      ],
    },

    files: {
      "content_script.js"() {
        browser.test.assertEq("resource://foo/file_sample.html", document.documentURI,
                              `Loaded content script into the correct document (extension: ${browser.runtime.id})`);
        browser.test.sendMessage(`content-script-${browser.runtime.id}`);
      },
    },
  });
}

add_task(async function test_contentscript_restrictSchemes() {
  let resProto = Services.io.getProtocolHandler("resource").QueryInterface(Ci.nsIResProtocolHandler);
  resProto.setSubstitutionWithFlags("foo", Services.io.newFileURI(do_get_file("data")),
                                    resProto.ALLOW_CONTENT_ACCESS);

  let unprivileged = makeExtension("unprivileged@tests.mozilla.org", false);
  let privileged = makeExtension("privileged@tests.mozilla.org", true);

  await unprivileged.startup();
  await privileged.startup();

  unprivileged.onMessage("content-script-unprivileged@tests.mozilla.org", () => {
    ok(false, "Unprivileged extension executed content script on resource URL");
  });

  let contentPage = await ExtensionTestUtils.loadContentPage(`resource://foo/file_sample.html`);

  await privileged.awaitMessage("content-script-privileged@tests.mozilla.org");

  await contentPage.close();

  await privileged.unload();
  await unprivileged.unload();
});