test_permmanager_ipc.js

Enable keyboard shortcuts

/* Any copyright is dedicated to the Public Domain.

   http://creativecommons.org/publicdomain/zero/1.0/ */

const { ExtensionTestUtils } = ChromeUtils.importESModule(

  "resource://testing-common/ExtensionXPCShellUtils.sys.mjs"

);

add_task(async function test_permissions_sent_over_ipc_on_bloburl() {

  const ssm = Services.scriptSecurityManager;

  const pm = Services.perms;

  // setup a profile.

  do_get_profile();

  async function assertExpectedContentPage() {

    const [processType, remoteType, principalSpec] = await page.spawn(

[],

      async () => {

        return [

          Services.appinfo.processType,

          Services.appinfo.remoteType,

          this.content.document.nodePrincipal.spec,

];

);

    equal(

      processType,

      Services.appinfo.PROCESS_TYPE_CONTENT,

      "Got a content process"

);

    equal(remoteType, "file", "Got a file child process");

    equal(principalSpec, principal.spec, "Got the expected document principal");

  function getChildProcessID(contentPage) {

    return contentPage.spawn([], () => Services.appinfo.processID);

  async function assertHasAllowedPermission(contentPage, perm) {

    const isPermissionAllowed = await contentPage.spawn(

      [perm],

      permName =>

        Services.perms.getPermissionObject(

          this.content.document.nodePrincipal,

          permName,

          true

        )?.capability === Services.perms.ALLOW_ACTION

);

    ok(isPermissionAllowed, `Permission "${perm}" allowed as expected`);

  let file = do_get_file(".", true);

  let fileURI = Services.io.newFileURI(file);

  const principal = ssm.createContentPrincipal(fileURI, {});

  info(`Add a test permission to the document principal: ${principal.spec}`);

  pm.addFromPrincipal(principal, "test/perm", pm.ALLOW_ACTION);

  info("Test expected permission is propagated into the child process");

  let page = await ExtensionTestUtils.loadContentPage(fileURI.spec);

  const childID1 = await getChildProcessID(page);

  await assertExpectedContentPage(page);

  await assertHasAllowedPermission(page, "test/perm");

  await page.close();

  // Ensure this blob url does not prevent permissions to be propagated

  // to a new child process.

  info("Create a blob url for a non http/https principal");

  const blob = new Blob();

  const blobURL = URL.createObjectURL(blob);

  ok(blobURL, "Got a blob URL");

  info("Test expected permission is still propagated");

  page = await ExtensionTestUtils.loadContentPage(fileURI.spec);

  const childID2 = await getChildProcessID(page);

  await assertExpectedContentPage(page);

  Assert.notEqual(childID1, childID2, "Got a new child process as expected");

  await assertHasAllowedPermission(page, "test/perm");

  await page.close();

  URL.revokeObjectURL(blobURL);

  page = await ExtensionTestUtils.loadContentPage(fileURI.spec);

  const childID3 = await getChildProcessID(page);

  await assertExpectedContentPage(page);

  Assert.notEqual(childID2, childID3, "Got a new child process as expected");

  await assertHasAllowedPermission(page, "test/perm");

  await page.close();

});