Home Explore Help
Sign In
khronosschoty
/
palemoon-dev
Watch 2
Star 1
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
palemoon-dev
/
platform
/
caps
/
tests
/
mochitest
/
test_bug423375.html

test_bug423375.html 1.2 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445 
  1. <!DOCTYPE HTML>
    2. 

  2. <html>
    3. 

  3. <!--
    4. 

  4. https://bugzilla.mozilla.org/show_bug.cgi?id=423375
    5. 

  5. -->
    6. 

  6. <head>
    7. 

  7.   <title>Test for Bug 423375</title>
    8. 

  8.   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        
    9. 

  9.   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
    10. 

  10. </head>
    11. 

  11. <body>
    12. 

  12. <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=423375">Mozilla Bug 423375</a>
    13. 

  13. <p id="display"></p>
    14. 

  14. <div id="content" style="display: none">
    15. 

  15. <iframe id="load-frame"></iframe>  
    16. 

  16. </div>
    17. 

  17. <pre id="test">
    18. 

  18. <script class="testbody" type="text/javascript">
    19. 

  19. 

  20. /**
    21. 

  21.  ** Test for Bug 423375
    22. 

  22.  ** (content shouldn't be able to load chrome: or resource:)
    23. 

  23.  **/
    24. 

  24. function tryLoad(url)
    25. 

  25. {
    26. 

  26.     try {
    27. 

  27.         window.frames[0].location = url;
    28. 

  28.         return "loaded";
    29. 

  29.     } catch (e if /Access.*denied/.test(String(e))) {
    30. 

  30.         return "denied";
    31. 

  31.     } catch (e) {
    32. 

  32.         return "unexpected: " + e;
    33. 

  33.     }
    34. 

  34. }
    35. 

  35. 

  36. is(tryLoad("chrome://global/content/mozilla.xhtml"), "denied",
    37. 

  37.    "content should have been prevented from loading chrome: URL");
    38. 

  38. is(tryLoad("resource://gre-resources/html.css"), "denied",
    39. 

  39.    "content should have been prevented from loading resource: URL");
    40. 

  40. </script>
    41. 

  41. </pre>
    42. 

  42. </body>
    43. 

  43. </html>
    44. 

  44. 

  45.