Source code

Revision control

Copy as Markdown

Other Tools

Test Info: Warnings

<?xml version="1.0"?>
<?xml-stylesheet type="text/css" href="chrome://global/skin"?>
<?xml-stylesheet type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
<window title="Mozilla Bug 758415"
<!-- test results are displayed in the html:body -->
target="_blank">Mozilla Bug 758415</a>
<!-- test code goes here -->
<script type="application/javascript">
/** Test for Cross-Origin Xray Expando Sharing. **/
// Import our test JSM. We first strip the filename off
// the chrome url, then append the jsm filename.
var base = /.*\//.exec(window.location.href)[0];
const {checkFromJSM} = ChromeUtils.import(base + "file_expandosharing.jsm");
// Wait for all child frames to load.
var gLoadCount = 0;
function frameLoaded() {
if (++gLoadCount == window.frames.length)
function go() {
// Empower the content windows with some functions.
var wins = document.getElementsByTagName('iframe');
for (var i = 0; i < wins.length; ++i) {
var win = wins[i].contentWindow.wrappedJSObject;
win.ok = ok; = is;
// Grab references to the content windows. We abbreviate the origins as follows:
// A:
// B:
// C:
window.gWinA1 = document.getElementById('frameA1').contentWindow;
window.gWinA2 = document.getElementById('frameA2').contentWindow;
window.gWinA3 = document.getElementById('frameA3').contentWindow;
window.gWinB = document.getElementById('frameB').contentWindow;
window.gWinC = document.getElementById('frameC').contentWindow;
/* globals gWinA1, gWinA2, gWinA3, gWinB, gWinC */
// Test expando sharing with a JSM for different types of Xrays.
// Make sure sandboxes never share expandos with anyone else.
// Test Content Xrays.
// Make sure that expandos are shared between us and a JSM.
function testJSM(target) {
target.numProp = 42;
target.strProp = "foo";
target.objProp = { bar: "baz" };
checkFromJSM(target, is);
function testSandbox(target) {
// This gets both run in this scope and the sandbox scope.
var name = "harness";
function placeExpando() {
target.prop = name;
// Set up the sandboxes. Use an expanded principal to get xrays with
// exclusive expandos. = target; = target; = "sandbox1"; = "sandbox2";
Cu.evalInSandbox(placeExpando.toSource() + "placeExpando();", sb1);
Cu.evalInSandbox(placeExpando.toSource() + "placeExpando();", sb2);
// Make sure everyone sees a different value.
is(target.prop, "harness", "Harness sees its own value");
is(Cu.evalInSandbox("target.prop", sb1), "sandbox1", "Sandbox 1 sees its own value");
is(Cu.evalInSandbox("target.prop", sb2), "sandbox2", "Sandbox 2 sees its own value");
// Make sure that the origin tagging machinery works correctly and that we don't
// mix up chrome and content expandos.
function testContentXrays() {
// Give A1 and A3 xrays to (same-origin) A2.
gWinA1.wrappedJSObject.placeExpando('A1_expando', 11, gWinA2.document);
gWinA3.wrappedJSObject.placeExpando('A3_expando', 33, gWinA2.document);
gWinA2.document.Chrome_expando = 33;
is(gWinA2.document.Chrome_expando, 33, "Read chrome expando properly");
is(typeof gWinA2.document.A1_expando, 'undefined', "Chrome doesn't see content expandos");
is(typeof gWinA2.document.A3_expando, 'undefined', "Chrome doesn't see content expandos");
gWinA1.wrappedJSObject.checkExpando('A1_expando', 11, gWinA2.document, "Content sees proper expandos");
gWinA3.wrappedJSObject.checkExpando('A1_expando', 11, gWinA2.document, "Content sees proper expandos");
gWinA1.wrappedJSObject.checkExpando('A3_expando', 33, gWinA2.document, "Content sees proper expandos");
gWinA3.wrappedJSObject.checkExpando('A3_expando', 33, gWinA2.document, "Content sees proper expandos");
gWinA1.wrappedJSObject.checkExpando('Chrome_expando', null, gWinA2.document, "Content doesn't see chrome expandos");
gWinA3.wrappedJSObject.checkExpando('Chrome_expando', null, gWinA2.document, "Content doesn't see chrome expandos");
// We very explicitly do not support expando sharing via document.domain.
// A comment in the implementation explains why.
gWinA1.document.domain = '';
gWinA2.document.domain = '';
gWinA3.document.domain = '';
gWinC.document.domain = '';
gWinC.wrappedJSObject.checkExpando('A1_expando', null, gWinA2.document, "document.domain should have no effect here");
gWinC.wrappedJSObject.checkExpando('A3_expando', null, gWinA2.document, "document.domain should have no effect here");
<iframe id="frameA1" onload="frameLoaded();" type="content" src="" />
<iframe id="frameA2" onload="frameLoaded();" type="content" src="" />
<iframe id="frameA3" onload="frameLoaded();" type="content" src="" />
<iframe id="frameB" onload="frameLoaded();" type="content" src="" />
<iframe id="frameC" onload="frameLoaded();" type="content" src="" />