Source code

Revision control

Copy as Markdown

Other Tools

Test Info: Warnings

/* Any copyright is dedicated to the Public Domain.
*/
"use strict";
createHttpServer({ hosts: ["example.com"] });
AddonTestUtils.createAppInfo(
"xpcshell@tests.mozilla.org",
"XPCShell",
"1",
"1.9.2"
);
async function assertInstallTriggetRejected(page, xpi_url, expectedError) {
await Assert.rejects(
page.spawn([xpi_url], async url => {
this.content.eval(`InstallTrigger.install({extension: '${url}'});`);
}),
expectedError,
`InstallTrigger.install expected to throw on xpi url "${xpi_url}"`
);
}
add_task(
{
// Once InstallTrigger is removed, this test should be removed as well.
pref_set: [
["extensions.InstallTrigger.enabled", true],
["extensions.InstallTriggerImpl.enabled", true],
// Relax the user input requirements while running this test.
["xpinstall.userActivation.required", false],
],
},
async function test_InstallTriggerThrows_on_unsupported_xpi_schemes_blob() {
const page = await ExtensionTestUtils.loadContentPage("http://example.com");
const blob_url = await page.spawn([], () => {
return this.content.eval(`(function () {
const blob = new Blob(['fakexpicontent']);
return URL.createObjectURL(blob);
})()`);
});
await assertInstallTriggetRejected(page, blob_url, /Unsupported scheme/);
await page.close();
}
);
add_task(
{
// Once InstallTrigger is removed, this test should be removed as well.
pref_set: [
["extensions.InstallTrigger.enabled", true],
["extensions.InstallTriggerImpl.enabled", true],
// Relax the user input requirements while running this test.
["xpinstall.userActivation.required", false],
],
},
async function test_InstallTriggerThrows_on_unsupported_xpi_schemes_data() {
const page = await ExtensionTestUtils.loadContentPage("http://example.com");
const data_url = "data:;,fakexpicontent";
// This is actually rejected by the checkLoadURIWithPrincipal, which fails with
// NS_ERROR_DOM_BAD_URI triggered by CheckLoadURIWithPrincipal's call to
//
// DenyAccessIfURIHasFlags(aTargetURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT)
//
// and so it is not a site permission that the user can actually grant, unlike the error
// raised may suggest.
await assertInstallTriggetRejected(
page,
data_url,
/Insufficient permissions to install/
);
await page.close();
}
);