js/xpconnect/tests/chrome/test_evalInWindow.xhtml

   1 <?xml version="1.0"?>
   2 <?xml-stylesheet href="chrome://global/skin" type="text/css"?>
   3 <?xml-stylesheet href="chrome://mochikit/content/tests/SimpleTest/test.css"
   4                  type="text/css"?>
   5 <!--
   6 https://bugzilla.mozilla.org/show_bug.cgi?id=877673
   7 -->
   8 <window title="Mozilla Bug 877673"
   9   xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
  10   <script src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
  11
  12   <!-- test results are displayed in the html:body -->
  13   <body xmlns="http://www.w3.org/1999/xhtml">
  14   </body>
  15
  16   <!-- test code goes here -->
  17   <script type="application/javascript"><![CDATA[
  18       SimpleTest.waitForExplicitFinish();
  19       var sb = new Cu.Sandbox("https://example.org", {wantExportHelpers: true});
  20       sb.ok = ok;
  21
  22       function executeIn(frame, script, exceptionCb) {
  23         sb.frame = frame;
  24         sb.exceptionCb = exceptionCb;
  25         if (exceptionCb) {
  26           return Cu.evalInSandbox("try {frame.eval('" + script + "'); ok(false, 'Exception should have been thrown.')} catch(e) {exceptionCb(e)}", sb);
  27         }
  28
  29         return Cu.evalInSandbox("frame.eval('" + script + "')", sb);
  30       }
  31
  32       function testSameOrigin(frame) {
  33         frame.contentWindow.document.wrappedJSObject.str = "foobar";
  34         is(executeIn(frame.contentWindow, "document.str"), "foobar",
  35            "Same origin string property access.");
  36
  37         executeIn(frame.contentWindow, 'document.obj = {prop: "foobar"}');
  38         is((executeIn(frame.contentWindow, "document.obj")).prop, "foobar",
  39            "Same origin object property access (cloning).");
  40         isnot(executeIn(frame.contentWindow, "document.obj"), frame.contentWindow.document.wrappedJSObject.obj,
  41               "Ensure cloning for js objects.");
  42         is(executeIn(frame.contentWindow, "document"), frame.contentWindow.document,
  43            "Xrayables should just pass without cloning.");
  44         is( executeIn(frame.contentWindow, "({a:{doc: document}})").a.doc, frame.contentWindow.document,
  45            "Deep cloning works.");
  46
  47         executeIn(frame.contentWindow, "throw 42", function(e){is(e, 42,
  48                                                                   "Exception was thrown from script.")});
  49
  50         testDone();
  51       }
  52
  53       function testCrossOrigin(frame) {
  54         executeIn(frame.contentWindow, "var a = 42;", function(e){ok(e.toString().indexOf("Permission denied") > -1,
  55                                                                      "Executing script in a window from cross origin should throw.");});
  56         testDone();
  57       }
  58
  59       var testsRun = 0;
  60       function testDone() {
  61         if (++testsRun == 2)
  62           SimpleTest.finish();
  63       }
  64   ]]></script>
  65   <iframe src="https://example.org/tests/js/xpconnect/tests/mochitest/file_empty.html"
  66           onload="testSameOrigin(this)">
  67   </iframe>
  68   <iframe src="http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_empty.html"
  69           onload="testCrossOrigin(this)">
  70   </iframe>
  71 </window>