Bug 671389 - Part 2: Export document sandbox flags to chrome JS r=smaug

dom/base/nsContentUtils.cpp

@@ -1315,6 +1315,41 @@ nsContentUtils::IsValidSandboxFlag(const nsAString& aFlag)
   return false;
 }
 
+/**
+ * A helper function that returns a string attribute corresponding to the
+ * sandbox flags.
+ *
+ * @param aFlags  the sandbox flags
+ * @param aString the attribute corresponding to the flags (null if flags is 0)
+ */
+void
+nsContentUtils::SandboxFlagsToString(uint32_t aFlags, nsAString& aString)
+{
+  if (!aFlags) {
+    SetDOMStringToNull(aString);
+    return;
+  }
+
+  aString.Truncate();
+
+// Macro for updating the string according to set flags
+#define IF_FLAG(flag, atom)                                 \
+  if (!(aFlags & flag)) {                                   \
+    if (!aString.IsEmpty()) {                               \
+      aString.Append(NS_LITERAL_STRING(" "));               \
+    }                                                       \
+    aString.Append(nsDependentAtomString(nsGkAtoms::atom)); \
+  }
+
+  IF_FLAG(SANDBOXED_ORIGIN, allowsameorigin)
+  IF_FLAG(SANDBOXED_FORMS, allowforms)
+  IF_FLAG(SANDBOXED_SCRIPTS, allowscripts)
+  IF_FLAG(SANDBOXED_TOPLEVEL_NAVIGATION, allowtopnavigation)
+  IF_FLAG(SANDBOXED_POINTER_LOCK, allowpointerlock)
+  IF_FLAG(SANDBOXED_AUXILIARY_NAVIGATION, allowpopups)
+#undef IF_FLAG
+}
+
 nsIBidiKeyboard*
 nsContentUtils::GetBidiKeyboard()
 {

dom/base/nsContentUtils.h

@@ -846,6 +846,14 @@ public:
    */
   static bool IsValidSandboxFlag(const nsAString& aFlag);
 
+  /**
+   * A helper function that returns a string attribute corresponding to the
+   * sandbox flags.
+   *
+   * @param aFlags  the sandbox flags
+   * @param aString the attribute corresponding to the flags (null if flags is 0)
+   */
+  static void SandboxFlagsToString(uint32_t aFlags, nsAString& aString);
 
   /**
    * Fill (with the parameters given) the localized string named |aKey| in

dom/base/nsDocument.cpp

@@ -3712,6 +3712,12 @@ nsDocument::RemoveCharSetObserver(nsIObserver* aObserver)
   mCharSetObservers.RemoveElement(aObserver);
 }
 
+void
+nsIDocument::GetSandboxFlagsAsString(nsAString& aFlags)
+{
+  nsContentUtils::SandboxFlagsToString(mSandboxFlags, aFlags);
+}
+
 void
 nsDocument::GetHeaderData(nsIAtom* aHeaderField, nsAString& aData) const
 {

dom/base/nsIDocument.h

@@ -598,6 +598,12 @@ public:
     return mSandboxFlags;
   }
 
+   /**
+   * Get string representation of sandbox flags (null if no flags as
+   * set).
+   */
+  void GetSandboxFlagsAsString(nsAString& aFlags);
+
   /**
    * Set the sandbox flags for this document.
    * @see nsSandboxFlags.h for the possible flags

dom/html/test/file_iframe_sandbox_c_if9.html

@@ -0,0 +1,17 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>Test for Bug 671389</title>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+</head>
+<body>
+  I am
+  <ul>
+    <li>sandboxed but with "allow-forms", "allow-pointer-lock", "allow-popups", "allow-same-origin", "allow-scripts", and "allow-top-navigation", </li>
+    <li>sandboxed but with "allow-same-origin", "allow-scripts", </li>
+    <li>sandboxed, or </li>
+    <li>not sandboxed.</li>
+  </ul>
+</body>
+</html>

dom/html/test/mochitest.ini

@@ -92,6 +92,7 @@ support-files =
   file_iframe_sandbox_c_if6.html
   file_iframe_sandbox_c_if7.html
   file_iframe_sandbox_c_if8.html
+  file_iframe_sandbox_c_if9.html
   file_iframe_sandbox_close.html
   file_iframe_sandbox_d_if1.html
   file_iframe_sandbox_d_if10.html

dom/html/test/test_iframe_sandbox_general.html

@@ -41,7 +41,7 @@ function ok_wrapper(result, desc) {
     passedTests++;
   }
 
-  if (completedTests == 27) {
+  if (completedTests == 33) {
     is(passedTests, completedTests, "There are " + completedTests + " general tests that should pass");
     SimpleTest.finish();
   }
@@ -180,6 +180,14 @@ function doTest() {
   // This is done via file_iframe_sandbox_c_if4.html which is sandboxed with "allow-scripts" and "allow-same-origin"
   // the window it attempts to open calls window.opener.ok(false, ...) and file_iframe_c_if4.html has an ok()
   // function that calls window.parent.ok_wrapper.
+
+  // passes twice if good
+  // 29-32) Test that sandboxFlagsAsString returns the set flags.
+  // see if_14 and if_15
+
+  // passes once if good
+  // 33) Test that sandboxFlagsAsString returns null if iframe does not have sandbox flag set.
+  // see if_16
 }
 
 addLoadEvent(doTest);
@@ -212,6 +220,36 @@ function do_if_10() {
   var if_10 = document.getElementById('if_10');
   if_10.src = 'javascript:"<html><script>window.parent.ok_wrapper(true, \'an iframe sandboxed with allow-scripts should execute script in a javascript URL in a newly set src attribute\');<\/script><\/html>"';
 }
+
+function eqFlags(a, b) {
+  // both a and b should be either null or have the array same flags
+  if (a === null && b === null) { return true; }
+  if (a === null || b === null) { return false; }
+  if (a.length !== b.length) { return false; }
+  var a_sorted = a.sort();
+  var b_sorted = b.sort();
+  for (var i in a_sorted) {
+    if (a_sorted[i] !== b_sorted[i]) { return false; }
+  }
+  return true;
+}
+
+function getSandboxFlags(doc) {
+  var flags = doc.sandboxFlagsAsString;
+  if (flags === null) { return null; }
+  return flags? flags.split(" "):[];
+}
+
+function test_sandboxFlagsAsString(name, expected) {
+  var ifr = document.getElementById(name);
+  try {
+    var flags = getSandboxFlags(SpecialPowers.wrap(ifr).contentDocument);
+    ok_wrapper(eqFlags(flags, expected), name + ' expected: "' + expected + '", got: "' + flags + '"');
+  } catch (e) {
+    ok_wrapper(false, name + ' expected "' + expected + ', but failed with ' + e);
+  }
+}
+
 </script>
 <body>
 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=341604">Mozilla Bug 341604</a> - Implement HTML5 sandbox attribute for IFRAMEs
@@ -234,6 +272,10 @@ function do_if_10() {
 <iframe sandbox="allow-same-origin allow-scripts" onload='start_if_10()' id='if_10' src="about:blank" height="10" width="10"></iframe>
 <iframe sandbox="allow-scripts" id='if_11' src="file_iframe_sandbox_c_if7.html" height="10" width="10"></iframe>
 <iframe sandbox="allow-same-origin allow-scripts" id='if_12' src="file_iframe_sandbox_c_if8.html" height="10" width="10"></iframe>
+<iframe sandbox="allow-forms allow-pointer-lock allow-popups allow-same-origin allow-scripts allow-top-navigation " id='if_13' src="file_iframe_sandbox_c_if9.html" height="10" width="10" onload='test_sandboxFlagsAsString("if_13",["allow-forms", "allow-pointer-lock", "allow-popups", "allow-same-origin", "allow-scripts", "allow-top-navigation"])'></iframe>
+<iframe sandbox="&#x09;allow-same-origin&#x09;allow-scripts&#x09;" id="if_14" src="file_iframe_sandbox_c_if6.html" height="10" width="10" onload='test_sandboxFlagsAsString("if_14",["allow-same-origin","allow-scripts"])'></iframe>
+<iframe sandbox="" id="if_15" src="file_iframe_sandbox_c_if9.html" height="10" width="10" onload='test_sandboxFlagsAsString("if_15",[])'></iframe>
+<iframe id="if_16" src="file_iframe_sandbox_c_if9.html" height="10" width="10" onload='test_sandboxFlagsAsString("if_16",null)'></iframe>
 <input type='button' id="a_button" onclick='do_if_9()'>
 <input type='button' id="a_button2" onclick='do_if_10()'>
 </div>

dom/webidl/Document.webidl

@@ -354,6 +354,12 @@ partial interface Document {
 partial interface Document {
   [ChromeOnly] readonly attribute boolean isSrcdocDocument;
 };
+// Extension to give chrome JS the ability to get the underlying
+// sandbox flag attribute
+partial interface Document {
+  [ChromeOnly] readonly attribute DOMString? sandboxFlagsAsString;
+};
+
 
 /**
  * Chrome document anonymous content management.