15c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)var truealert = window.alert; // we overwrite window.alert sometimes 25c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 35c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)// Walk up the caller chain and try to find a reference to the Inspector's window 45c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)function doAttack() { 55c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) var obj = doAttack.caller; 65c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) for (var i = 0; 75c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) i < 1000 && (obj.arguments.length == 0 || !obj.arguments[0].target); 85c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) i++) { 95c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) obj = obj.caller; 105c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 115c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (i == 1000) return; 125c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) var win = obj.arguments[0].target.ownerDocument.defaultView; 135c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) xhr(win); 145c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)} 155c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 165c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)function xhr(win) { 175c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) var xhr = new win.XMLHttpRequest(); 185c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) var url = prompt("Test failed. To prove it, I'm going " + 195c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "to make a cross-domain XMLHttpRequest. Where " + 205c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "would you like me to send it?\n\nHint: You can " + 215c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "also try a file:// URL.", "http://www.example.com/"); 225c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) xhr.open("GET", url, false); 235c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) xhr.send(); 245c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) truealert("Result:\n\n" + xhr.responseText); 255c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)} 265c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) 275c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)function instructions(params) { 285c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) var str = "<p>This test tries to make a cross-domain XMLHttpRequest to " + 295c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "check whether JavaScript object wrappers are working (bug 16837, bug 16011).</p>" + 305c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "<p>View this page from an http:// URL to ensure that it's in a different " + 315c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "origin from the Inspector.</p>" + 325c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "<p>Instructions:</p>" + 335c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "<ol>" + 345c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "<li>Right click the box" + 355c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "<img id=logo src='../resources/webkit-background.png'" + 365c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "style='border: 1px solid black; display: block; margin: 1em;'>" + 375c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) "<li>Choose \"Inspect Element\" from the context menu"; 385c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) if (params.console) { 395c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) str += "<li>Select the Console"; 405c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) str += "<li>Type " + params.trigger + " into the console and hit Enter"; 415c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } else { 425c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) str += "<li>" + params.trigger; 435c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) } 445c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) str += "<li>If the test failed, a prompt will appear.</ol>"; 455c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles) document.write(str); 465c87bf8b86a7c82ef50fb7a89697d8e02e2553beTorne (Richard Coles)} 47
