gecko-dev/dom/ipc/tests/browser_domainPolicy.js

240 строки
8.5 KiB
JavaScript

var policy; // To make sure we never leave up an activated domain policy after a failed test, let's make this global.
function activateDomainPolicy() {
const ssm = Services.scriptSecurityManager;
policy = ssm.activateDomainPolicy();
}
function deactivateDomainPolicy() {
if (policy) {
policy.deactivate();
policy = null;
}
}
function* test_domainPolicy() {
XPCOMUtils.defineLazyModuleGetter(this, "Promise", "resource://gre/modules/Promise.jsm");
let deferred = Promise.defer();
let currentTask = deferred.promise;
SpecialPowers.pushPrefEnv(
{set: [["dom.ipc.browser_frames.oop_by_default", false],
["browser.pagethumbnails.capturing_disabled", false],
["dom.mozBrowserFramesEnabled", false]]},
() => { return deferred.resolve()});
yield currentTask;
// Create tab
let tab;
// Init test
function initProcess() {
tab = gBrowser.addTab();
gBrowser.selectedTab = tab;
let initPromise = ContentTask.spawn(tab.linkedBrowser, null, function() {
Cu.import("resource://gre/modules/PromiseUtils.jsm");
function loadBase() {
let deferred = PromiseUtils.defer();
let listener = (event) => {
removeEventListener("DOMDocElementInserted", listener, true);
let listener2 = (event) => {
content.removeEventListener('load', listener2);
deferred.resolve();
}
content.addEventListener('load', listener2);
};
addEventListener("DOMDocElementInserted", listener, true);
return deferred.promise;
}
return loadBase();
});
tab.linkedBrowser.loadURI("http://mochi.test:8888/browser/dom/ipc/tests/file_domainPolicy_base.html");
return initPromise;
}
// We use ContentTask for the tests, but we also want to pass some data and some helper functions too.
// To do that, we serialize an input object via JSON |ipcArgs| and some shared helper functions |initUtils|
// and eval them in the content process.
var ipcArgs = {};
function initUtils(obj) {
obj.checkScriptEnabled = function(win, expectEnabled) {
win.wrappedJSObject.gFiredOnclick = false;
win.document.body.dispatchEvent(new win.Event('click'));
return { passed: win.wrappedJSObject.gFiredOnclick == expectEnabled,
msg: `Checking script-enabled for ${win.name} (${win.location})`};
}
obj.navigateFrame = function(ifr, src) {
let deferred = PromiseUtils.defer();
function onload() {
ifr.removeEventListener('load', onload);
deferred.resolve();
}
ifr.addEventListener('load', onload, false);
ifr.setAttribute('src', src);
return deferred.promise;
}
};
function runTest(test) {
return ContentTask.spawn(tab.linkedBrowser,
'ipcArgs = ' + JSON.stringify(ipcArgs) + '; (' + initUtils.toSource() + ')(utils)', test);
}
function checkAndCleanup(result) {
result = [].concat(result);
for (var i in result)
ok(result[i].passed, result[i].msg);
gBrowser.removeTab(tab);
deactivateDomainPolicy();
ipcArgs = {};
}
function testDomain(domain) {
ipcArgs.domain = domain;
return (aUtils) => {
Cu.import("resource://gre/modules/PromiseUtils.jsm");
var ipcArgs;
var utils = {};
eval(aUtils);
let path = '/browser/dom/ipc/tests/file_disableScript.html';
let deferred = PromiseUtils.defer();
var rootFrame = content.document.getElementById('root');
utils.navigateFrame(rootFrame, ipcArgs.domain + path).then(() => {
deferred.resolve(utils.checkScriptEnabled(rootFrame.contentWindow, false));
});
return deferred.promise;
}
}
info("Testing simple blacklist policy");
info("Creating child process first, activating domainPolicy after");
currentTask = initProcess();
yield currentTask;
activateDomainPolicy();
var bl = policy.blacklist;
bl.add(Services.io.newURI('http://example.com', null, null));
currentTask = runTest(testDomain("http://example.com"));
checkAndCleanup(yield currentTask);
info("Activating domainPolicy first, creating child process after");
activateDomainPolicy();
var bl = policy.blacklist;
bl.add(Services.io.newURI('http://example.com', null, null));
currentTask = initProcess();
yield currentTask;
currentTask = runTest(testDomain("http://example.com"));
checkAndCleanup(yield currentTask);
function testList(expectEnabled, list) {
ipcArgs.expectEnabled = expectEnabled;
ipcArgs.list = list;
return (aUtils) => {
Cu.import("resource://gre/modules/PromiseUtils.jsm");
var ipcArgs;
var utils = {};
eval(aUtils);
var results = [];
var testListInternal = function(expectEnabled, list, idx) {
idx = idx || 0;
let deferred = PromiseUtils.defer();
let path = '/browser/dom/ipc/tests/file_disableScript.html';
let target = list[idx] + path;
var rootFrame = content.document.getElementById('root');
utils.navigateFrame(rootFrame, target).then(function() {
results.push(utils.checkScriptEnabled(rootFrame.contentWindow, expectEnabled));
if (idx == list.length - 1)
deferred.resolve(results);
else
testListInternal(expectEnabled, list, idx + 1).then(function(retArg) { deferred.resolve(retArg); });
});
return deferred.promise;
}
return testListInternal(ipcArgs.expectEnabled, ipcArgs.list);
}
}
let testPolicy = {
exceptions: ['http://test1.example.com', 'http://example.com'],
superExceptions: ['http://test2.example.org', 'https://test1.example.com'],
exempt: ['http://test1.example.com', 'http://example.com',
'http://test2.example.org', 'http://sub1.test2.example.org',
'https://sub1.test1.example.com'],
notExempt: ['http://test2.example.com', 'http://sub1.test1.example.com',
'http://www.example.com', 'https://test2.example.com',
'https://example.com', 'http://test1.example.org'],
};
function activate(isBlack, exceptions, superExceptions) {
activateDomainPolicy();
let set = isBlack ? policy.blacklist : policy.whitelist;
let superSet = isBlack ? policy.superBlacklist : policy.superWhitelist;
for (var e of exceptions)
set.add(makeURI(e));
for (var e of superExceptions)
superSet.add(makeURI(e));
};
info("Testing Blacklist-style Domain Policy");
info("Activating domainPolicy first, creating child process after");
activate(true, testPolicy.exceptions, testPolicy.superExceptions);
currentTask = initProcess();
yield currentTask;
let results = [];
currentTask = runTest(testList(true, testPolicy.notExempt));
results = results.concat(yield currentTask);
currentTask = runTest(testList(false, testPolicy.exempt));
results = results.concat(yield currentTask);
checkAndCleanup(results);
info("Creating child process first, activating domainPolicy after");
currentTask = initProcess();
yield currentTask;
activate(true, testPolicy.exceptions, testPolicy.superExceptions);
results = [];
currentTask = runTest(testList(true, testPolicy.notExempt));
results = results.concat(yield currentTask);
currentTask = runTest(testList(false, testPolicy.exempt));
results = results.concat(yield currentTask);
checkAndCleanup(results);
info("Testing Whitelist-style Domain Policy");
deferred = Promise.defer();
currentTask = deferred.promise;
SpecialPowers.pushPrefEnv({set:[["javascript.enabled", false]]}, () => { return deferred.resolve()});
yield currentTask;
info("Activating domainPolicy first, creating child process after");
activate(false, testPolicy.exceptions, testPolicy.superExceptions);
currentTask = initProcess();
yield currentTask;
results = [];
currentTask = runTest(testList(false, testPolicy.notExempt));
results = results.concat(yield currentTask);
currentTask = runTest(testList(true, testPolicy.exempt));
results = results.concat(yield currentTask);
checkAndCleanup(results);
info("Creating child process first, activating domainPolicy after");
currentTask = initProcess();
yield currentTask;
activate(false, testPolicy.exceptions, testPolicy.superExceptions);
results = [];
currentTask = runTest(testList(false, testPolicy.notExempt));
results = results.concat(yield currentTask);
currentTask = runTest(testList(true, testPolicy.exempt));
results = results.concat(yield currentTask);
checkAndCleanup(results);
finish();
}
add_task(test_domainPolicy);
registerCleanupFunction(()=>{
deactivateDomainPolicy();
})