Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Warnings
- This test gets skipped with pattern: os == 'android'
- Manifest: js/xpconnect/tests/chrome/chrome.toml
<?xml version="1.0"?>
<!--
-->
<!-- test results are displayed in the html:body -->
</body>
<!-- test code goes here -->
<script type="application/javascript">
<![CDATA[
/** Test for Cross-Origin Xray Expando Sharing. **/
SimpleTest.waitForExplicitFinish();
// Import our test JSM. We first strip the filename off
// the chrome url, then append the jsm filename.
var base = /.*\//.exec(window.location.href)[0];
const {checkFromJSM} = ChromeUtils.import(base + "file_expandosharing.jsm");
// Wait for all child frames to load.
var gLoadCount = 0;
function frameLoaded() {
if (++gLoadCount == window.frames.length)
go();
}
function go() {
// Empower the content windows with some functions.
var wins = document.getElementsByTagName('iframe');
for (var i = 0; i < wins.length; ++i) {
var win = wins[i].contentWindow.wrappedJSObject;
win.ok = ok;
win.is = is;
}
// Grab references to the content windows. We abbreviate the origins as follows:
// A: test1.example.org
// B: test2.example.org
// C: sub1.test1.example.org
window.gWinA1 = document.getElementById('frameA1').contentWindow;
window.gWinA2 = document.getElementById('frameA2').contentWindow;
window.gWinA3 = document.getElementById('frameA3').contentWindow;
window.gWinB = document.getElementById('frameB').contentWindow;
window.gWinC = document.getElementById('frameC').contentWindow;
/* globals gWinA1, gWinA2, gWinA3, gWinB, gWinC */
// Test expando sharing with a JSM for different types of Xrays.
testJSM(Cu.unwaiveXrays(gWinC.wrappedJSObject.targetWN));
testJSM(Cu.unwaiveXrays(gWinC.wrappedJSObject.targetDOM));
testJSM(Cu.unwaiveXrays(gWinC.wrappedJSObject.targetJS));
// Make sure sandboxes never share expandos with anyone else.
testSandbox(Cu.unwaiveXrays(gWinB.wrappedJSObject.targetWN));
testSandbox(Cu.unwaiveXrays(gWinB.wrappedJSObject.targetDOM));
testSandbox(Cu.unwaiveXrays(gWinB.wrappedJSObject.targetJS));
// Test Content Xrays.
testContentXrays();
SimpleTest.finish();
}
// Make sure that expandos are shared between us and a JSM.
function testJSM(target) {
target.numProp = 42;
target.strProp = "foo";
target.objProp = { bar: "baz" };
checkFromJSM(target, is);
}
function testSandbox(target) {
// This gets both run in this scope and the sandbox scope.
var name = "harness";
function placeExpando() {
target.prop = name;
}
// Set up the sandboxes. Use an expanded principal to get xrays with
// exclusive expandos.
sb1.target = target;
sb2.target = target;
sb1.name = "sandbox1";
sb2.name = "sandbox2";
placeExpando();
Cu.evalInSandbox(placeExpando.toSource() + "placeExpando();", sb1);
Cu.evalInSandbox(placeExpando.toSource() + "placeExpando();", sb2);
// Make sure everyone sees a different value.
is(target.prop, "harness", "Harness sees its own value");
is(Cu.evalInSandbox("target.prop", sb1), "sandbox1", "Sandbox 1 sees its own value");
is(Cu.evalInSandbox("target.prop", sb2), "sandbox2", "Sandbox 2 sees its own value");
}
// Make sure that the origin tagging machinery works correctly and that we don't
// mix up chrome and content expandos.
function testContentXrays() {
// Give A1 and A3 xrays to (same-origin) A2.
Cu.setWantXrays(gWinA1);
Cu.setWantXrays(gWinA3);
gWinA1.wrappedJSObject.placeExpando('A1_expando', 11, gWinA2.document);
gWinA3.wrappedJSObject.placeExpando('A3_expando', 33, gWinA2.document);
gWinA2.document.Chrome_expando = 33;
is(gWinA2.document.Chrome_expando, 33, "Read chrome expando properly");
is(typeof gWinA2.document.A1_expando, 'undefined', "Chrome doesn't see content expandos");
is(typeof gWinA2.document.A3_expando, 'undefined', "Chrome doesn't see content expandos");
gWinA1.wrappedJSObject.checkExpando('A1_expando', 11, gWinA2.document, "Content sees proper expandos");
gWinA3.wrappedJSObject.checkExpando('A1_expando', 11, gWinA2.document, "Content sees proper expandos");
gWinA1.wrappedJSObject.checkExpando('A3_expando', 33, gWinA2.document, "Content sees proper expandos");
gWinA3.wrappedJSObject.checkExpando('A3_expando', 33, gWinA2.document, "Content sees proper expandos");
gWinA1.wrappedJSObject.checkExpando('Chrome_expando', null, gWinA2.document, "Content doesn't see chrome expandos");
gWinA3.wrappedJSObject.checkExpando('Chrome_expando', null, gWinA2.document, "Content doesn't see chrome expandos");
// We very explicitly do not support expando sharing via document.domain.
// A comment in the implementation explains why.
gWinA1.document.domain = 'test1.example.org';
gWinA2.document.domain = 'test1.example.org';
gWinA3.document.domain = 'test1.example.org';
gWinC.document.domain = 'test1.example.org';
gWinC.wrappedJSObject.checkExpando('A1_expando', null, gWinA2.document, "document.domain should have no effect here");
gWinC.wrappedJSObject.checkExpando('A3_expando', null, gWinA2.document, "document.domain should have no effect here");
}
]]>
</script>
<iframe id="frameA1" onload="frameLoaded();" type="content" src="https://test1.example.org/tests/js/xpconnect/tests/mochitest/file_expandosharing.html" />
<iframe id="frameA2" onload="frameLoaded();" type="content" src="https://test1.example.org/tests/js/xpconnect/tests/mochitest/file_expandosharing.html" />
<iframe id="frameA3" onload="frameLoaded();" type="content" src="https://test1.example.org/tests/js/xpconnect/tests/mochitest/file_expandosharing.html" />
<iframe id="frameB" onload="frameLoaded();" type="content" src="https://test2.example.org/tests/js/xpconnect/tests/mochitest/file_expandosharing.html" />
<iframe id="frameC" onload="frameLoaded();" type="content" src="https://sub1.test1.example.org/tests/js/xpconnect/tests/mochitest/file_expandosharing.html" />
</window>