mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1182546 - Test block loading DTD from random page (r=bz,gijs)

This commit is contained in:
Christoph Kerschbaumer 2015-11-20 10:56:28 -08:00
Родитель 5975a9caee
Коммит bdc36b4b58
3 изменённых файлов: 42 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

5
browser/base/content/test/general/bug_1182546.xml Normal file
Просмотреть файл

@ -0,0 +1,5 @@
<!DOCTYPE html [
<!ENTITY % passwordManagerDTD SYSTEM "chrome://passwordmgr/locale/passwordManager.dtd">
%passwordManagerDTD;
]>
<window>&savedLogins.title;</window>

2
browser/base/content/test/general/mochitest.ini
Просмотреть файл

@ -25,6 +25,7 @@ support-files =
offlineEvent.html offlineEvent.html
subtst_contextmenu.html subtst_contextmenu.html
video.ogg video.ogg
bug_1182546.xml
[test_bug364677.html] [test_bug364677.html]
[test_bug395533.html] [test_bug395533.html]
@ -38,3 +39,4 @@ skip-if = e10s
skip-if = buildapp == 'mulet' || e10s # Bug 1066070 - I don't think either popup notifications nor addon install stuff works? skip-if = buildapp == 'mulet' || e10s # Bug 1066070 - I don't think either popup notifications nor addon install stuff works?
[test_offline_gzip.html] [test_offline_gzip.html]
skip-if = buildapp == 'mulet' || e10s # Bug 1066070 - I don't think either popup notifications nor addon install stuff works? skip-if = buildapp == 'mulet' || e10s # Bug 1066070 - I don't think either popup notifications nor addon install stuff works?
[test_bug1182546.html]

35
browser/base/content/test/general/test_bug1182546.html Normal file
Просмотреть файл

@ -0,0 +1,35 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=1182546
-->
<head>
<title>Bug 1182546 - Test block loading DTD from random page</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<iframe id="testframe" src="bug_1182546.xml"></iframe>
<script class="testbody" type="text/javascript">
SimpleTest.waitForExplicitFinish();
addLoadEvent(function() {
// make sure the DTD loader (nsExpatDriver) prevents accessing chrome: from random pages
var childNodes = testframe.contentDocument.documentElement.childNodes;
// make sure '&savedLogins.title;' from bug_1182546.xml does not translate into 'Saved Logins'
// the URL 'chrome://passwordmgr/locale/passwordManager.dtd' should not be accessible from content
var nodeValue = childNodes[0].nodeValue;
isnot(nodeValue, "Saved Logins",
"expatDriver should prevent accessing &savedLogins.title;");
ok(nodeValue.startsWith("XML Parsing Error: undefined entity"),
"expatDriver should not allow accessing chrome:");
});
addLoadEvent(SimpleTest.finish);
</script>
</body>
</html>