Source code

Revision control

Copy as Markdown

Other Tools

Test Info:

// This code is evaluated in a sandbox courtesy of toSource();
var sandboxCode =
function () {
let req = new XMLHttpRequest();
req.onreadystatechange = function () {
if (req.readyState === 4) {
// If we get past the problem above, we end up with a req.status of zero
// (ie, blocked due to CORS) even though we are fetching from the same
// origin as the window itself.
let result;
if (req.status != 200) {
result = "ERROR: got request status of " + req.status;
} else if (!req.responseText.length) {
result = "ERROR: got zero byte response text";
} else {
result = "ok";
}
postMessage({ result }, "*");
}
};
req.send(null);
}.toSource() + "();";
add_task(async function test() {
await SpecialPowers.pushPrefEnv({
set: [["security.allow_unsafe_parent_loads", true]],
});
let newWin = await BrowserTestUtils.openNewBrowserWindow();
let frame = newWin.document.createXULElement("iframe");
frame.setAttribute("type", "content");
frame.setAttribute(
"src",
);
newWin.document.documentElement.appendChild(frame);
await BrowserTestUtils.waitForEvent(frame, "load", true);
let contentWindow = frame.contentWindow;
let sandbox = new Cu.Sandbox(contentWindow);
// inject some functions from the window into the sandbox.
// postMessage so the async code in the sandbox can report a result.
sandbox.importFunction(
contentWindow.postMessage.bind(contentWindow),
"postMessage"
);
sandbox.importFunction(contentWindow.XMLHttpRequest, "XMLHttpRequest");
Cu.evalInSandbox(sandboxCode, sandbox, "1.8");
let sandboxReply = await BrowserTestUtils.waitForEvent(
contentWindow,
"message",
true
);
is(sandboxReply.data.result, "ok", "check the sandbox code was felipe");
await BrowserTestUtils.closeWindow(newWin);
});