Source code

Revision control

Copy as Markdown

Other Tools

Test Info: Warnings

/* -*- Mode: indent-tabs-mode: nil; js-indent-level: 2 -*- */
/* vim: set sts=2 sw=2 et tw=80: */
"use strict";
Services.prefs.setBoolPref("extensions.manifestV3.enabled", true);
// Common code snippet of background script in this test.
function background() {
globalThis.onsecuritypolicyviolation = event => {
browser.test.assertEq("wasm-eval", event.blockedURI, "blockedURI");
if (browser.runtime.getManifest().version === 2) {
// In MV2, wasm eval violations are advisory only, as a transition tool.
browser.test.assertEq(event.disposition, "report", "MV2 disposition");
} else {
browser.test.assertEq(event.disposition, "enforce", "MV3 disposition");
}
browser.test.sendMessage("violated_csp", event.originalPolicy);
};
try {
let wasm = new WebAssembly.Module(
new Uint8Array([0, 0x61, 0x73, 0x6d, 0x1, 0, 0, 0])
);
browser.test.assertEq(wasm.toString(), "[object WebAssembly.Module]");
browser.test.sendMessage("result", "allowed");
} catch (e) {
browser.test.assertEq(
"call to WebAssembly.Module() blocked by CSP",
e.message,
"Expected error when blocked"
);
browser.test.sendMessage("result", "blocked");
}
}
add_task(async function test_wasm_v2() {
let extension = ExtensionTestUtils.loadExtension({
background,
manifest: {
manifest_version: 2,
},
});
await extension.startup();
equal(await extension.awaitMessage("result"), "allowed");
await extension.unload();
});
add_task(async function test_wasm_v2_explicit() {
let extension = ExtensionTestUtils.loadExtension({
background,
manifest: {
manifest_version: 2,
content_security_policy: `object-src; script-src 'self' 'wasm-unsafe-eval'`,
},
});
await extension.startup();
equal(await extension.awaitMessage("result"), "allowed");
await extension.unload();
});
// MV3 counterpart is test_wasm_v3_blocked_by_custom_csp.
add_task(async function test_wasm_v2_blocked_in_report_only_mode() {
let extension = ExtensionTestUtils.loadExtension({
background,
manifest: {
manifest_version: 2,
content_security_policy: `object-src; script-src 'self'`,
},
});
await extension.startup();
// "allowed" because wasm-unsafe-eval in MV2 is in report-only mode.
equal(await extension.awaitMessage("result"), "allowed");
equal(
await extension.awaitMessage("violated_csp"),
"object-src 'none'; script-src 'self'"
);
await extension.unload();
});
add_task(async function test_wasm_v3_blocked_by_default() {
let extension = ExtensionTestUtils.loadExtension({
background,
manifest: {
manifest_version: 3,
},
});
await extension.startup();
equal(await extension.awaitMessage("result"), "blocked");
equal(
await extension.awaitMessage("violated_csp"),
"script-src 'self'; upgrade-insecure-requests",
"WASM usage violates default CSP in MV3"
);
await extension.unload();
});
// MV2 counterpart is test_wasm_v2_blocked_in_report_only_mode.
add_task(async function test_wasm_v3_blocked_by_custom_csp() {
let extension = ExtensionTestUtils.loadExtension({
background,
manifest: {
manifest_version: 3,
content_security_policy: {
extension_pages: "object-src; script-src 'self'",
},
},
});
await extension.startup();
equal(await extension.awaitMessage("result"), "blocked");
equal(
await extension.awaitMessage("violated_csp"),
"object-src 'none'; script-src 'self'"
);
await extension.unload();
});
add_task(async function test_wasm_v3_allowed() {
let extension = ExtensionTestUtils.loadExtension({
background,
manifest: {
manifest_version: 3,
content_security_policy: {
extension_pages: `script-src 'self' 'wasm-unsafe-eval'; object-src 'self'`,
},
},
});
await extension.startup();
equal(await extension.awaitMessage("result"), "allowed");
await extension.unload();
});