зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1472606 - Split browser_jsterm_selfxss test; r=Honza.
The test was doing more than asserting the self-xss protection. The other assertions are moved to a new test with a comprehensive name. The self-xss test is now runned with both old and new JsTerm. MozReview-Commit-ID: 3y4PY8Lldpg --HG-- rename : devtools/client/webconsole/test/mochitest/browser_jsterm_selfxss.js => devtools/client/webconsole/test/mochitest/browser_jsterm_autocomplete_paste_undo.js extra : rebase_source : 5d52e5b6dd26e09f1196b3a1bf9f10d83c73398a
This commit is contained in:
Родитель
b3903d9dfe
Коммит
218266a334
|
@ -194,6 +194,7 @@ skip-if = verify
|
|||
[browser_jsterm_autocomplete_inside_text.js]
|
||||
[browser_jsterm_autocomplete_native_getters.js]
|
||||
[browser_jsterm_autocomplete_nav_and_tab_key.js]
|
||||
[browser_jsterm_autocomplete_paste_undo.js]
|
||||
[browser_jsterm_autocomplete_return_key_no_selection.js]
|
||||
[browser_jsterm_autocomplete_return_key.js]
|
||||
[browser_jsterm_autocomplete-properties-with-non-alphanumeric-names.js]
|
||||
|
|
|
@ -0,0 +1,61 @@
|
|||
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
|
||||
/* vim: set ft=javascript ts=2 et sw=2 tw=80: */
|
||||
/* Any copyright is dedicated to the Public Domain.
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/ */
|
||||
|
||||
"use strict";
|
||||
|
||||
const TEST_URI = "data:text/html;charset=utf-8,<p>test for bug 642615</p>";
|
||||
|
||||
XPCOMUtils.defineLazyServiceGetter(
|
||||
this,
|
||||
"clipboardHelper",
|
||||
"@mozilla.org/widget/clipboardhelper;1",
|
||||
"nsIClipboardHelper"
|
||||
);
|
||||
const stringToCopy = "foobazbarBug642615";
|
||||
|
||||
add_task(async function() {
|
||||
const {jsterm, ui} = await openNewTabAndConsole(TEST_URI);
|
||||
ui.clearOutput();
|
||||
ok(!jsterm.completeNode.value, "no completeNode.value");
|
||||
|
||||
jsterm.setInputValue("doc");
|
||||
|
||||
info("wait for completion value after typing 'docu'");
|
||||
let onAutocompleteUpdated = jsterm.once("autocomplete-updated");
|
||||
EventUtils.sendString("u");
|
||||
await onAutocompleteUpdated;
|
||||
|
||||
const completionValue = jsterm.completeNode.value;
|
||||
|
||||
info(`Copy "${stringToCopy}" in clipboard`);
|
||||
await waitForClipboardPromise(() =>
|
||||
clipboardHelper.copyString(stringToCopy), stringToCopy);
|
||||
|
||||
jsterm.setInputValue("docu");
|
||||
info("wait for completion update after clipboard paste");
|
||||
onAutocompleteUpdated = jsterm.once("autocomplete-updated");
|
||||
goDoCommand("cmd_paste");
|
||||
|
||||
await onAutocompleteUpdated;
|
||||
|
||||
ok(!jsterm.completeNode.value, "no completion value after paste");
|
||||
|
||||
info("wait for completion update after undo");
|
||||
onAutocompleteUpdated = jsterm.once("autocomplete-updated");
|
||||
|
||||
goDoCommand("cmd_undo");
|
||||
|
||||
await onAutocompleteUpdated;
|
||||
|
||||
is(jsterm.completeNode.value, completionValue, "same completeNode.value after undo");
|
||||
|
||||
info("wait for completion update after clipboard paste (ctrl-v)");
|
||||
onAutocompleteUpdated = jsterm.once("autocomplete-updated");
|
||||
|
||||
EventUtils.synthesizeKey("v", {accelKey: true});
|
||||
|
||||
await onAutocompleteUpdated;
|
||||
ok(!jsterm.completeNode.value, "no completion value after paste (ctrl-v)");
|
||||
});
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
"use strict";
|
||||
|
||||
const TEST_URI = "data:text/html;charset=utf-8,<p>test for bug 642615 & 994134</p>";
|
||||
const TEST_URI = "data:text/html;charset=utf-8,<p>Test self-XSS protection</p>";
|
||||
|
||||
XPCOMUtils.defineLazyServiceGetter(
|
||||
this,
|
||||
|
@ -14,90 +14,51 @@ XPCOMUtils.defineLazyServiceGetter(
|
|||
"nsIClipboardHelper"
|
||||
);
|
||||
const WebConsoleUtils = require("devtools/client/webconsole/utils").Utils;
|
||||
const stringToCopy = "foobazbarBug642615";
|
||||
const stringToCopy = "EvilCommand";
|
||||
|
||||
add_task(async function() {
|
||||
await pushPref("devtools.selfxss.count", 0);
|
||||
|
||||
const {jsterm, ui} = await openNewTabAndConsole(TEST_URI);
|
||||
ui.clearOutput();
|
||||
ok(!jsterm.completeNode.value, "no completeNode.value");
|
||||
|
||||
jsterm.setInputValue("doc");
|
||||
|
||||
info("wait for completion value after typing 'docu'");
|
||||
let onAutocompleteUpdated = jsterm.once("autocomplete-updated");
|
||||
EventUtils.sendString("u");
|
||||
await onAutocompleteUpdated;
|
||||
|
||||
const completionValue = jsterm.completeNode.value;
|
||||
|
||||
// Arguments: expected, setup.
|
||||
await waitForClipboardPromise(() =>
|
||||
clipboardHelper.copyString(stringToCopy), stringToCopy);
|
||||
|
||||
await testSelfXss(jsterm);
|
||||
|
||||
jsterm.setInputValue("docu");
|
||||
info("wait for completion update after clipboard paste");
|
||||
updateEditUIVisibility();
|
||||
onAutocompleteUpdated = jsterm.once("autocomplete-updated");
|
||||
goDoCommand("cmd_paste");
|
||||
|
||||
await onAutocompleteUpdated;
|
||||
|
||||
ok(!jsterm.completeNode.value, "no completion value after paste");
|
||||
|
||||
info("wait for completion update after undo");
|
||||
onAutocompleteUpdated = jsterm.once("autocomplete-updated");
|
||||
|
||||
goDoCommand("cmd_undo");
|
||||
|
||||
await onAutocompleteUpdated;
|
||||
|
||||
is(jsterm.completeNode.value, completionValue, "same completeNode.value after undo");
|
||||
|
||||
info("wait for completion update after clipboard paste (ctrl-v)");
|
||||
onAutocompleteUpdated = jsterm.once("autocomplete-updated");
|
||||
|
||||
EventUtils.synthesizeKey("v", {accelKey: true});
|
||||
|
||||
await onAutocompleteUpdated;
|
||||
ok(!jsterm.completeNode.value, "no completion value after paste (ctrl-v)");
|
||||
// Run test with legacy JsTerm
|
||||
await performTest();
|
||||
// And then run it with the CodeMirror-powered one.
|
||||
await pushPref("devtools.webconsole.jsterm.codeMirror", true);
|
||||
await performTest();
|
||||
});
|
||||
|
||||
// Self xss prevention tests (bug 994134)
|
||||
async function testSelfXss(jsterm) {
|
||||
async function performTest() {
|
||||
await pushPref("devtools.selfxss.count", 0);
|
||||
const {jsterm} = await openNewTabAndConsole(TEST_URI);
|
||||
const {document} = jsterm.hud;
|
||||
|
||||
info("Self-xss paste tests");
|
||||
WebConsoleUtils.usageCount = 0;
|
||||
is(WebConsoleUtils.usageCount, 0, "Test for usage count getter");
|
||||
|
||||
// Input some commands to check if usage counting is working
|
||||
for (let i = 0; i <= 3; i++) {
|
||||
jsterm.setInputValue(i);
|
||||
jsterm.setInputValue(i.toString());
|
||||
jsterm.execute();
|
||||
}
|
||||
is(WebConsoleUtils.usageCount, 4, "Usage count incremented");
|
||||
WebConsoleUtils.usageCount = 0;
|
||||
updateEditUIVisibility();
|
||||
|
||||
const oldVal = jsterm.getInputValue();
|
||||
info(`Copy "${stringToCopy}" in clipboard`);
|
||||
await waitForClipboardPromise(() =>
|
||||
clipboardHelper.copyString(stringToCopy), stringToCopy);
|
||||
goDoCommand("cmd_paste");
|
||||
|
||||
const notificationbox =
|
||||
jsterm.hud.document.getElementById("webconsole-notificationbox");
|
||||
const notificationbox = document.getElementById("webconsole-notificationbox");
|
||||
const notification = notificationbox.querySelector(".notification");
|
||||
is(notification.getAttribute("data-key"), "selfxss-notification",
|
||||
"Self-xss notification shown");
|
||||
is(oldVal, jsterm.getInputValue(), "Paste blocked by self-xss prevention");
|
||||
is(jsterm.getInputValue(), "", "Paste blocked by self-xss prevention");
|
||||
|
||||
// Allow pasting
|
||||
jsterm.setInputValue("allow pasting");
|
||||
const evt = document.createEvent("KeyboardEvent");
|
||||
evt.initKeyEvent("keyup", true, true, window,
|
||||
0, 0, 0, 0,
|
||||
0, " ".charCodeAt(0));
|
||||
jsterm.inputNode.dispatchEvent(evt);
|
||||
const allowToken = "allow pasting";
|
||||
for (const char of allowToken) {
|
||||
EventUtils.sendString(char);
|
||||
}
|
||||
|
||||
jsterm.setInputValue("");
|
||||
goDoCommand("cmd_paste");
|
||||
is(stringToCopy, jsterm.getInputValue(), "Paste works");
|
||||
is(jsterm.getInputValue(), stringToCopy, "Paste works");
|
||||
}
|
||||
|
|
Загрузка…
Ссылка в новой задаче