зеркало из https://github.com/mozilla/gecko-dev.git
43 строки
1.5 KiB
HTML
43 строки
1.5 KiB
HTML
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<title>Storage Permission Restrictions</title>
|
|
|
|
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
|
<script type="text/javascript" src="storagePermissionsUtils.js"></script>
|
|
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
|
</head>
|
|
<body>
|
|
<iframe></iframe>
|
|
|
|
<script type="text/javascript">
|
|
|
|
task(function* () {
|
|
yield setCookieBehavior(BEHAVIOR_REJECT);
|
|
|
|
// We should be unable to access storage
|
|
yield storagePrevented();
|
|
|
|
// Same origin iframes should be blocked.
|
|
yield runIFrame("frameStoragePrevented.html");
|
|
yield runIFrame("frameStorageNullprincipal.sjs");
|
|
yield runIFrame("frameStorageChrome.html?allowed=no&blockSessionStorage=yes");
|
|
|
|
// Sandboxed iframes should have the null principal, and thus can't access storage
|
|
document.querySelector('iframe').setAttribute('sandbox', 'allow-scripts');
|
|
yield runIFrame("frameStoragePrevented.html#nullprincipal");
|
|
yield runIFrame("frameStorageNullprincipal.sjs");
|
|
document.querySelector('iframe').removeAttribute('sandbox');
|
|
|
|
// thirdparty iframes should be blocked.
|
|
yield runIFrame(thirdparty + "frameStoragePrevented.html");
|
|
yield runIFrame(thirdparty + "frameStorageNullprincipal.sjs");
|
|
yield runIFrame(thirdparty + "frameStorageChrome.html?allowed=no&blockSessionStorage=yes");
|
|
|
|
// Workers should be unable to access storage
|
|
yield runWorker("workerStoragePrevented.js");
|
|
});
|
|
|
|
</script>
|
|
</body>
|
|
</html>
|