Open Bug 1353696 Opened 7 years ago Updated 1 year ago

Protect __webDriverComplete global from web content introspection

Categories

(Remote Protocol :: Marionette, enhancement, P2)

Version 3
enhancement

Tracking

(Not tracked)

People

(Reporter: ato, Unassigned)

References

(Blocks 1 open bug)

Details

This is a follow-up to bug https://bugzilla.mozilla.org/show_bug.cgi?id=1353074, which makes the unloadHandler safe for web content introspection by cloning it into the sandbox.

Making the same change for the __webDriverComplete callback is harder because it is being used by the simpletest harness.  If we clone it into the content sandbox, we cannot reuse it again as we do in sandbox.createSimpleTest:

> sandbox.createSimpleTest = function (window, harness) {
>   let sb = sandbox.create(window);
>   sb = sandbox.augment(sb, harness);
>   sb[FINISH] = () => sb[COMPLETE](harness.generate_results());
>   return sb;
> };

A relevant test to run is testing/marionette/harness/marionette_harness/tests/unit/test_simpletest_sanity.py.
Priority: -- → P3
Blocks: webdriver
Priority: P3 → P2
Severity: normal → S3
Product: Testing → Remote Protocol
You need to log in before you can comment on or make changes to this bug.