nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/dom/base/test/browser_bug593387.js
Nika Layzell 42028efc71 Bug 1671983 - Part 4: Stop awaiting BrowserTestUtils.loadURI, r=annyG,remote-protocol-reviewers,extension-reviewers,preferences-reviewers,whimboo,zombie 
This method only is async in order to allow callers to wait for a process switch
triggered by the call to `loadURI` to be finished before resolving. With
DocumentChannel, we should never trigger a process switch eagerly like this
again, so we don't need any of the async behaviour here anymore.

This part is largely mechanical changes to tests, removing the `await` calls on
`loadURI`, and a follow-up part will remove the actual async logic from
`BrowserTestUtils.loadURI`.

Differential Revision: https://phabricator.services.mozilla.com/D94641
2020-11-12 18:01:03 +00:00

110 lines
3.9 KiB
JavaScript
Raw Blame History

/*
* Test for bug 593387
* Loads a chrome document in a content docshell and then inserts a
* X-Frame-Options: DENY iframe into the document and verifies that the document
* loads. The policy we are enforcing is outlined here:
* https://bugzilla.mozilla.org/show_bug.cgi?id=593387#c17
*/
add_task(async function test() {
// We have to disable CSP for this test otherwise the CSP of about:plugins will
// block the dynamic frame creation.
await SpecialPowers.pushPrefEnv({
set: [
["security.csp.enable", false],
["dom.security.skip_about_page_has_csp_assert", true],
],
});
await BrowserTestUtils.withNewTab(
{ gBrowser, url: "about:plugins" },
async function(newBrowser) {
// ---------------------------------------------------
// Test 1: We load the about: page in the parent process, so this will work.
await SpecialPowers.spawn(newBrowser, [], async function() {
// Insert an iframe that specifies "X-Frame-Options: DENY" and verify
// that it loads, since the top context is chrome
var frame = content.document.createElement("iframe");
frame.src =
"http://mochi.test:8888/browser/dom/base/test/file_x-frame-options_page.sjs?testid=deny&xfo=deny";
content.document.body.appendChild(frame);
// wait till the iframe is load
await new content.Promise(done => {
frame.addEventListener(
"load",
function() {
done();
},
{ capture: true, once: true }
);
});
await SpecialPowers.spawn(frame, [], () => {
var testFrame = content.document.getElementById("test");
Assert.equal(testFrame.tagName, "H1", "wrong element type");
Assert.equal(testFrame.textContent, "deny", "wrong textContent");
});
});
// ---------------------------------------------------
// Test 2: Try the same with a content top-level context)
BrowserTestUtils.loadURI(newBrowser, "http://example.com/");
await BrowserTestUtils.browserLoaded(newBrowser);
let observerData = await SpecialPowers.spawn(
newBrowser,
[],
async function() {
var observerDeferred = {};
observerDeferred.promise = new Promise(resolve => {
observerDeferred.resolve = resolve;
});
// X-Frame-Options checks happen in the parent, hence we have to
// proxy the csp violation notifications.
SpecialPowers.registerObservers("xfo-on-violate-policy");
function examiner() {
SpecialPowers.addObserver(
this,
"specialpowers-xfo-on-violate-policy"
);
}
examiner.prototype = {
observe(subject, topic, data) {
var asciiSpec = SpecialPowers.getPrivilegedProps(
SpecialPowers.do_QueryInterface(subject, "nsIURI"),
"asciiSpec"
);
myExaminer.remove();
observerDeferred.resolve({ asciiSpec, topic, data });
},
remove() {
SpecialPowers.removeObserver(
this,
"specialpowers-xfo-on-violate-policy"
);
},
};
let myExaminer = new examiner();
var frame = content.document.createElement("iframe");
frame.src =
"http://mochi.test:8888/browser/dom/base/test/file_x-frame-options_page.sjs?testid=deny&xfo=deny";
content.document.body.appendChild(frame);
return observerDeferred.promise;
}
);
is(
observerData.asciiSpec,
"http://mochi.test:8888/browser/dom/base/test/file_x-frame-options_page.sjs?testid=deny&xfo=deny",
"correct subject"
);
ok(observerData.topic.endsWith("xfo-on-violate-policy"), "correct topic");
is(observerData.data, "DENY", "correct data");
}
);
});
View git blame Copy permalink