mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
98 lines
2.9 KiB
HTML
98 lines
2.9 KiB
HTML
<!DOCTYPE HTML>
|
|
<html>
|
|
<!--
|
|
https://bugzilla.mozilla.org/show_bug.cgi?id=801576
|
|
-->
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<title>Test for Bug 801576</title>
|
|
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
|
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
|
|
</head>
|
|
<body>
|
|
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=801576">Mozilla Bug 801576</a>
|
|
<p id="display"></p>
|
|
<div id="content" style="display: none">
|
|
</div>
|
|
<pre id="test">
|
|
<script type="application/javascript">
|
|
|
|
/** Test for the same-origin policy. **/
|
|
SimpleTest.waitForExplicitFinish();
|
|
|
|
function check(obj, prop, allowed, write) {
|
|
var accessed = false;
|
|
try {
|
|
if (write) {
|
|
try {
|
|
obj[prop] = 2;
|
|
accessed = true;
|
|
} catch (e) {}
|
|
Object.defineProperty(obj, 'prop', {getter: function() {}, setter: null});
|
|
}
|
|
else
|
|
obj[prop];
|
|
accessed = true;
|
|
} catch (e) {}
|
|
is(accessed, allowed, prop + " is correctly (in)accessible for " + (write ? 'write' : 'read'));
|
|
}
|
|
|
|
var crossOriginReadableWindowProps = ['blur', 'close', 'closed', 'focus',
|
|
'frames', 'location', 'length',
|
|
'opener', 'parent', 'postMessage',
|
|
'self', 'top', 'window'];
|
|
|
|
function isCrossOriginReadable(obj, prop) {
|
|
if (obj == "Window")
|
|
return crossOriginReadableWindowProps.indexOf(prop) != -1;
|
|
if (obj == "Location")
|
|
return prop == 'replace';
|
|
return false;
|
|
}
|
|
|
|
function isCrossOriginWritable(obj, prop) {
|
|
if (obj == "Window")
|
|
return prop == 'location';
|
|
if (obj == "Location")
|
|
return prop == 'hash' || prop == 'href';
|
|
}
|
|
|
|
// NB: we don't want to succeed with writes, so we only check them when it should be denied.
|
|
function testAll(sameOrigin) {
|
|
var win = document.getElementById('ifr').contentWindow;
|
|
for (var prop in window) {
|
|
// On android, this appears to be on the window but not on the iframe. It's
|
|
// not really relevant to this test, so just skip it.
|
|
if (prop === 'crypto')
|
|
continue;
|
|
check(win, prop, sameOrigin || isCrossOriginReadable('Window', prop), /* write = */ false);
|
|
if (!sameOrigin && !isCrossOriginWritable('Window', prop))
|
|
check(win, prop, false, /* write = */ true);
|
|
}
|
|
for (var prop in window.location) {
|
|
check(win.location, prop, sameOrigin || isCrossOriginReadable('Location', prop));
|
|
if (!sameOrigin && !isCrossOriginWritable('Location', prop))
|
|
check(win, prop, false, /* write = */ true);
|
|
}
|
|
}
|
|
|
|
var loadCount = 0;
|
|
function go() {
|
|
++loadCount;
|
|
if (loadCount == 1) {
|
|
testAll(true);
|
|
document.getElementById('ifr').contentWindow.location = 'http://example.org/tests/js/xpconnect/tests/mochitest/file_empty.html';
|
|
}
|
|
else {
|
|
is(loadCount, 2);
|
|
testAll(false);
|
|
SimpleTest.finish();
|
|
}
|
|
}
|
|
|
|
</script>
|
|
</pre>
|
|
<iframe id="ifr" onload="go();" src="file_empty.html"></iframe>
|
|
</body>
|
|
</html>
|