commit 2ae052be0e0cdcba4df89607002233ad3d1e6f11 Author: Arthur Edelstein arthuredelstein@gmail.com Date: Thu Jul 2 16:28:36 2015 -0700
Bug #15703: Regression tests for isolation of mediasource URI --- dom/base/test/bug15703_page_create.html | 28 +++++++++ dom/base/test/bug15703_page_retrieve.html | 50 ++++++++++++++++ dom/base/test/mochitest.ini | 3 + dom/base/test/test_tor_bug15703.html | 92 +++++++++++++++++++++++++++++ 4 files changed, 173 insertions(+)
diff --git a/dom/base/test/bug15703_page_create.html b/dom/base/test/bug15703_page_create.html new file mode 100644 index 0000000..2325e6f --- /dev/null +++ b/dom/base/test/bug15703_page_create.html @@ -0,0 +1,28 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugs.torproject.org/15703 +--> +<head> + <meta http-equiv="content-type" content="text/html; charset=utf-8"> + <title>Page mediasource URI creator for Tor Browser Bug 15703</title> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript;version=1.7" src="bug15502_utils.js"></script> +</head> +<body> +<div id="display" style="white-space:pre; font-family:monospace; display:inline;"></div> + +<script type="text/javascript;version=1.7"> + +spawnTask(function* () { + sendMessage(window.parent, "ready"); + let message = yield receiveMessage(window.parent), + mediaSource = new MediaSource(), + mediaSourceURL = URL.createObjectURL(mediaSource); + sendMessage(window.parent, mediaSourceURL); + appendLine("display", message + " -> " + mediaSourceURL); +}); + +</script> +</body> +</html> diff --git a/dom/base/test/bug15703_page_retrieve.html b/dom/base/test/bug15703_page_retrieve.html new file mode 100644 index 0000000..de3e14f --- /dev/null +++ b/dom/base/test/bug15703_page_retrieve.html @@ -0,0 +1,50 @@ + +<!DOCTYPE HTML> +<html> +<!-- +https://bugs.torproject.org/15502 +--> +<head> + <meta http-equiv="content-type" content="text/html; charset=utf-8"> + <title>Page mediaSource retriever for Tor Browser Bug 15703</title> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript;version=1.7" src="bug15502_utils.js"></script> +</head> +<body> +<div id="display" style="white-space:pre; font-family:monospace; display:inline;"></div> +<video id="testvideo"></video> +<script type="text/javascript;version=1.7"> + +let reportResult = function(mediaSourceURL, message) { + sendMessage(window.parent, message); + appendLine("display", mediaSourceURL + " -> " + message); +}; + +spawnTask(function* () { + // Tell the parent tab we are ready to start. + sendMessage(window.parent, "ready"); + // Receive a mediaSourceURL. In a moment, we will + // use a video element to attempt to implicitly load + // the MediaSource object at this URL. + let mediaSourceURL = yield receiveMessage(window.parent); + // First create the video element. + let videoElement = document.getElementById("testvideo"); + // If we are not able to load a MediaSource object + // at mediaSourceURL, then an error event will occur. + videoElement.addEventListener("error", function (e) { + reportResult(mediaSourceURL, "setting videoElement.src failed"); + }); + // If we do find a MediaSource object at mediaSourceURL, + // then a "stalled" event will occur, because the object + // has been found, but contains no content. + videoElement.addEventListener("stalled", function (e) { + reportResult(mediaSourceURL, "retrieved"); + }); + // Now attempt to load a MediaSource object by setting + // the video element's src to mediaSourceURL. + videoElement.src = mediaSourceURL; +}); + +</script> +</body> +</html> diff --git a/dom/base/test/mochitest.ini b/dom/base/test/mochitest.ini index dc5dfef..133348e 100644 --- a/dom/base/test/mochitest.ini +++ b/dom/base/test/mochitest.ini @@ -31,6 +31,8 @@ support-files = bug15502_worker_blobify.html bug15502_worker_deblobify.js bug15502_worker_deblobify.html + bug15703_page_create.html + bug15703_page_retrieve.html bug282547.sjs bug298064-subframe.html bug313646.txt @@ -736,6 +738,7 @@ skip-if = toolkit == 'android' || e10s #RANDOM [test_textnode_split_in_selection.html] [test_title.html] [test_tor_bug15502.html] +[test_tor_bug15703.html] [test_treewalker_nextsibling.xml] [test_viewport_scroll.html] [test_viewsource_forbidden_in_object.html] diff --git a/dom/base/test/test_tor_bug15703.html b/dom/base/test/test_tor_bug15703.html new file mode 100644 index 0000000..a0d3ae1 --- /dev/null +++ b/dom/base/test/test_tor_bug15703.html @@ -0,0 +1,92 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugs.torproject.org/15703 +--> +<head> + <meta http-equiv="content-type" content="text/html; charset=utf-8"> + <title>Test for Tor Browser Bug 15703</title> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="text/javascript" src="/tests/SimpleTest/SpawnTask.js"></script> + <script type="text/javascript;version=1.7" src="bug15502_utils.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<p id="display"></p> +<div id="content"></div> + +<script class="testbody" type="application/javascript;version=1.7"> +SimpleTest.waitForExplicitFinish(); + +// __setPref(key, value)__. +// Set a pref value asynchronously, returning a prmoise that resolves +// when it succeeds. +let setPref = function* (key, value) { + return new Promise(function(resolve, reject) { + SpecialPowers.pushPrefEnv({"set": [[key, value]]}, resolve); + }); +}; + +// ## Testing constants +let domain1 = "http://example.com", + domain2 = "http://example.net", + path = "/tests/dom/base/test/", + page_create = "bug15703_page_create.html", + page_retrieve = "bug15703_page_retrieve.html" + worker_create = "bug15703_worker_create.html", + worker_retrieve = "bug15703_worker_retrieve.html"; + +// __tabIO(domain, child, input)__. +// Open a tab at the given `domain` and `child` page. Post an +// `input` message to the tab. +let tabIO = function* (domain, child, input) { + tab = window.open(domain + path + "bug15502_tab.html", "_blank"); + yield receiveMessage(tab); // ready message + sendMessage(tab, "http://example.org" + path + child); + yield receiveMessage(tab); // ready message + sendMessage(tab, input); + return yield receiveMessage(tab); +}; + +// __mediaSourceTest(isolationOn, domainA, domainB, createPage, retrievePage)__. +// Run a test where we set the pref "privacy.thirdparty.isolate" to on or off, +// and then create a media source in `domainA`, using the page `createPage`, +// and then attempt to retrive a media source in `domainB`, using +// the page `retrievePage`. +let mediaSourceTest = function* (isolationOn, domainA, domainB, createPage, retrievePage) { + yield setPref("privacy.thirdparty.isolate", isolationOn ? 2 : 0); + let input = "create", + mediaSourceURL = yield tabIO(domainA, createPage, input), + result = yield tabIO(domainB, retrievePage, mediaSourceURL), + description = domainA + ":" + createPage + "->" + domainB + ":" + retrievePage + ", isolation " + (isolationOn ? "on." : "off."); + if (isolationOn && domainA !== domainB) { + ok(result !== "retrieved", description + " Deny retrieval"); + } else { + ok(result === "retrieved", description + " Allow retrieval"); + } +}; + + +// ## The main test +// Run a Task.jsm coroutine that tests various combinations of domains +// methods, and isolation states for reading and writing mediasource URLs. +spawnTask(function* () { + yield setPref("media.mediasource.whitelist", false); + for (let isolate of [false, true]) { + for (let domainB of [domain1, domain2]) { + // There doesn't appear to be a way to create a MediaSource object in a worker. + for (let create of [page_create, /* worker_create */]) { + // No way I could find to retrieve a MediaSource object in a worker. + for (let retrieve of [page_retrieve, /* worker_retrieve */]) { + yield mediaSourceTest(isolate, domain1, domainB, create, retrieve); + } + } + } + } + SimpleTest.finish(); +}); + +</script> + +</body> +</html>