File: dangling-markup-window-name.html

package info (click to toggle)
firefox 144.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,637,504 kB
  • sloc: cpp: 7,576,692; javascript: 6,430,831; ansic: 3,748,119; python: 1,398,978; xml: 628,810; asm: 438,679; java: 186,194; sh: 63,212; makefile: 19,159; objc: 13,086; perl: 12,986; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; exp: 762; php: 436; lisp: 258; awk: 247; sql: 66; sed: 53; csh: 10
file content (97 lines) | stat: -rw-r--r-- 3,039 bytes parent folder | download | duplicates (14) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
<!doctype html>
<html>
<head>
  <title>Dangling Markup in target</title>
  <meta name="timeout" content="long">
  <script src="/resources/testharness.js"></script>
  <script src="/resources/testharnessreport.js"></script>
  <script src="/common/utils.js"></script>
</head>
<body>
  <script>
    function anchorClick(target, id) {
      const hyperlink = document.body.appendChild(document.createElement('a'));
      if (target) {
        hyperlink.target = target;
      }
      hyperlink.href = `resources/window-name.sub.html?report=${id}|close`;
      hyperlink.click();
    }

    async function pollResultAndCheck(t, id, expected) {
      const stashURL = new URL('resources/window-name-stash.py', location);
      stashURL.searchParams.set('id', id);

      let res = 'NONE';
      while (res == 'NONE') {
        await new Promise(resolve => { t.step_timeout(resolve, 100); });

        const response = await fetch(stashURL);
        res = await response.text();
      }
      if (res !== expected) {
        assert_unreached('Stash result does not equal expected result.')
      }
    }

    promise_test(async t => {
      const id = token();
      const value = '\n<' + id;

      window.open(`resources/window-name.sub.html?report=${id}|close`, value);
      await pollResultAndCheck(t, id, value);
    }, 'Dangling Markup in target is not reset when set by window.open');

    promise_test(async t => {
      const id = token();
      const value = '\n<' + id;

      anchorClick(value, id)
      await pollResultAndCheck(t, id, '');
    }, 'Dangling Markup with "\\n" in target is reset when set by <a> tag');

    promise_test(async t => {
      const id = token();
      const value = '\r<' + id;

      anchorClick(value, id)
      await pollResultAndCheck(t, id, '');
    }, 'Dangling Markup with "\\r" in target is reset when set by <a> tag');

    promise_test(async t => {
      const id = token();
      const value = '\t<' + id;

      anchorClick(value, id)
      await pollResultAndCheck(t, id, '');
    }, 'Dangling Markup with "\\t" in target is reset when set by <a> tag');

    promise_test(async t => {
      const id = token();
      const value = '\n<' + id;

      const form = document.body.appendChild(document.createElement('form'));
      form.target = value;
      form.method = 'GET';
      form.action = 'resources/window-name.sub.html';
      const input = form.appendChild(document.createElement('input'));
      input.type = 'hidden';
      input.name = 'report';
      input.value = `${id}|close`;
      form.submit();

      await pollResultAndCheck(t, id, '');
    }, 'Dangling Markup in target is reset when set by <form> tag');

    promise_test(async t => {
      const id = token();
      const value = '\n<' + id;
      const base = document.head.appendChild(document.createElement('base'));
      base.target = value;

      anchorClick(null, id)
      await pollResultAndCheck(t, id, '');
    }, 'Dangling Markup in target is reset when set by <base> tag');
  </script>
</body>
</html>