Bug 1738418 - Testcase r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D130958

dom/security/test/csp/file_bug1738418_child.html

@@ -0,0 +1,11 @@
+<!DOCTYPE HTML>
+<html>
+<body>
+<script type="text/javascript">
+  window.parent.parent.postMessage({
+    element: location.hash.substr(1),
+    domain: document.domain,
+  }, '*');
+</script>
+</body>
+</html>

dom/security/test/csp/file_bug1738418_parent.html

@@ -0,0 +1,11 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <base href="file_bug1738418_child.html">
+</head>
+<body>
+  <iframe src="#iframe"></iframe>
+  <embed src="#embed"></embed>
+  <object data="#object"></object>
+</body>
+</html>

dom/security/test/csp/file_bug1738418_parent.html^headers^

@@ -0,0 +1 @@
+Content-Security-Policy: sandbox allow-scripts;

dom/security/test/csp/mochitest.ini

@@ -467,3 +467,8 @@ support-files =
 support-files =
   file_blocked_uri_in_violation_event_after_redirects.html
   file_blocked_uri_in_violation_event_after_redirects.sjs
+[test_bug1738418.html]
+support-files =
+  file_bug1738418_parent.html
+  file_bug1738418_parent.html^headers^
+  file_bug1738418_child.html

dom/security/test/csp/test_bug1738418.html

@@ -0,0 +1,28 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Bug 1738418: CSP sandbox for embed/object frames</title>
+  <script src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<iframe id="testframe"></iframe>
+<script class="testbody" type="text/javascript">
+
+SimpleTest.waitForExplicitFinish();
+
+var elements = new Set(["iframe", "embed", "object"]);
+
+window.addEventListener("message", event => {
+  is(event.data.domain, "", `document in <${event.data.element}> should have sandboxed origin`);
+  elements.delete(event.data.element);
+  if (elements.size == 0) {
+    SimpleTest.finish();
+  }
+});
+
+document.getElementById("testframe").src = "file_bug1738418_parent.html";
+
+</script>
+</body>
+</html>