Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(19)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: LayoutTests/http/tests/security/cross-frame-access-get.html

Issue 14198015: Deny cross-origin access to 'window.history'. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Rebase. Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « LayoutTests/http/tests/security/cross-frame-access-enumeration-expected.txt ('k') | LayoutTests/http/tests/security/cross-frame-access-get-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <html> 1 <html>
2 <head> 2 <head>
3 <script src="resources/cross-frame-access.js"></script> 3 <script src="resources/cross-frame-access.js"></script>
4 <script> 4 <script>
5 var windowConstructorPropertiesNotAllowed = [ 5 var windowConstructorPropertiesNotAllowed = [
6 "Attr", 6 "Attr",
7 "Audio", 7 "Audio",
8 "CDATASection", 8 "CDATASection",
9 "CSSPrimitiveValue", 9 "CSSPrimitiveValue",
10 "CSSRule", 10 "CSSRule",
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after
138 "console", 138 "console",
139 "crypto", 139 "crypto",
140 "defaultStatus", 140 "defaultStatus",
141 "defaultstatus", 141 "defaultstatus",
142 "devicePixelRatio", 142 "devicePixelRatio",
143 "document", 143 "document",
144 "embeds", 144 "embeds",
145 "eval", 145 "eval",
146 "event", 146 "event",
147 "frameElement", 147 "frameElement",
148 "history",
148 "images", 149 "images",
149 "innerHeight", 150 "innerHeight",
150 "innerWidth", 151 "innerWidth",
151 "locationbar", 152 "locationbar",
152 "menubar", 153 "menubar",
153 "name", 154 "name",
154 "navigator", 155 "navigator",
155 "offscreenBuffering", 156 "offscreenBuffering",
156 "onabort", 157 "onabort",
157 "onbeforeunload", 158 "onbeforeunload",
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after
199 200
200 var windowFunctionPropertiesAllowed = [ 201 var windowFunctionPropertiesAllowed = [
201 "blur", 202 "blur",
202 "close", 203 "close",
203 "focus" 204 "focus"
204 ] 205 ]
205 206
206 var windowAttributesPropertiesAllowed = [ 207 var windowAttributesPropertiesAllowed = [
207 "closed", 208 "closed",
208 "frames", 209 "frames",
209 "history",
210 "length", 210 "length",
211 "opener", 211 "opener",
212 "parent", 212 "parent",
213 "self", 213 "self",
214 "top", 214 "top",
215 "window", 215 "window",
216 ]; 216 ];
217 217
218 window.onload = function() 218 window.onload = function()
219 { 219 {
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
284 } 284 }
285 } 285 }
286 </script> 286 </script>
287 </head> 287 </head>
288 <body> 288 <body>
289 <p>This test checks cross-frame access security (rdar://problem/5251309).</p> 289 <p>This test checks cross-frame access security (rdar://problem/5251309).</p>
290 <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for-get -test.html" style=""></iframe> 290 <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for-get -test.html" style=""></iframe>
291 <pre id="console"></pre> 291 <pre id="console"></pre>
292 </body> 292 </body>
293 </html> 293 </html>
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/cross-frame-access-enumeration-expected.txt ('k') | LayoutTests/http/tests/security/cross-frame-access-get-expected.txt » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698