nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/browser/components/sessionstore/test/browser_459906.js
Dan Banner f1eb5aaa84 Bug 1392119 - Enable the ESLint no-caller rule across mozilla-central r=standard8 
MozReview-Commit-ID: JOC1330iFnh

--HG--
extra : rebase_source : 2afcb219d4a0d78f996bdc2c841456d2dccff605
2017-08-23 13:38:24 +01:00

63 lines
2.2 KiB
JavaScript
Raw Blame History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* eslint-disable mozilla/no-arbitrary-setTimeout */
function test() {
/** Test for Bug 459906 **/
waitForExplicitFinish();
let testURL = "http://mochi.test:8888/browser/" +
"browser/components/sessionstore/test/browser_459906_sample.html";
let uniqueValue = "<b>Unique:</b> " + Date.now();
var frameCount = 0;
let tab = BrowserTestUtils.addTab(gBrowser, testURL);
tab.linkedBrowser.addEventListener("load", function listener(aEvent) {
// wait for all frames to load completely
if (frameCount++ < 2)
return;
tab.linkedBrowser.removeEventListener("load", listener, true);
let iframes = tab.linkedBrowser.contentWindow.frames;
// eslint-disable-next-line no-unsanitized/property
iframes[1].document.body.innerHTML = uniqueValue;
frameCount = 0;
let tab2 = gBrowser.duplicateTab(tab);
tab2.linkedBrowser.addEventListener("load", function loadListener(eventTab2) {
// wait for all frames to load (and reload!) completely
if (frameCount++ < 2)
return;
tab2.linkedBrowser.removeEventListener("load", loadListener, true);
executeSoon(function innerHTMLPoller() {
let iframesTab2 = tab2.linkedBrowser.contentWindow.frames;
if (iframesTab2[1].document.body.innerHTML !== uniqueValue) {
// Poll again the value, since we can't ensure to run
// after SessionStore has injected innerHTML value.
// See bug 521802.
info("Polling for innerHTML value");
setTimeout(innerHTMLPoller, 100);
return;
}
is(iframesTab2[1].document.body.innerHTML, uniqueValue,
"rich textarea's content correctly duplicated");
let innerDomain = null;
try {
innerDomain = iframesTab2[0].document.domain;
} catch (ex) { /* throws for chrome: documents */ }
is(innerDomain, "mochi.test", "XSS exploit prevented!");
// clean up
gBrowser.removeTab(tab2);
gBrowser.removeTab(tab);
finish();
});
}, true);
}, true);
}
View git blame Copy permalink