LayoutTests/http/tests/security/cross-frame-access-history-put.html - Issue 14198015: Deny cross-origin access to 'window.history'.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: LayoutTests/http/tests/security/cross-frame-access-history-put.html

Issue 14198015: Deny cross-origin access to 'window.history'. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Rebase. Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « LayoutTests/http/tests/security/cross-frame-access-history-prototype-expected.txt ('k') | LayoutTests/http/tests/security/cross-frame-access-history-put-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
	(Empty)
1 <html>

2 <head>

3 <script src="resources/cross-frame-access.js"></script>

4 <script>

5 if (window.testRunner) {

6 testRunner.dumpAsText();

7 testRunner.dumpChildFramesAsText();

8 testRunner.waitUntilDone();

9 }

10

11 onload = function()

12 {

13 // Add manual run buttons if the browser does not support window.pos tMessage

14 if (!window.postMessage) {

15 log("YOUR BROWSER DOES NOT SUPPORT window.postMessage");

16 log("To run this test manually, first click the button titled 'S tep 1 - Set Test' in this frame.");

17 log("Then click the button in the sub frame titled 'Step 2 - Set Check' to finish the test.\n");

18

19 var button = document.createElement("button");

20 button.appendChild(document.createTextNode("Step 1 - Set Test")) ;

21 button.onclick = setTest;

22 document.body.appendChild(button);

23 }

24 }

25

26 receiver = function(e)

27 {

28 if (e.data == "storedOldValuesComplete")

29 setTest();

30 }

31 addEventListener('message', receiver, false);

32

33 setTest = function()

34 {

35 window.targetWindow = frames[0];

36

37 try { targetWindow.history.back = "FAIL!! CUSTOM back"; } catch(e) { log(e); }

38 try { targetWindow.history.forward = "FAIL!! CUSTOM forward"; } cat ch(e) { log(e); }

39 try { targetWindow.history.go = "FAIL!! CUSTOM go"; } catch(e) { lo g(e); }

40 try { targetWindow.history.toString = "FAIL!! CUSTOM toString"; } c atch(e) { log(e); }

41 try { targetWindow.history.length = "FAIL!! CUSTOM length"; } catch (e) { log(e); }

42

43 try { targetWindow.history.customAttribute = "FAIL!! CUSTOM customAt tribute"; } catch(e) { log(e); }

44

45 if (window.postMessage)

46 targetWindow.postMessage("settingValuesComplete", "*");

47 else

48 log("\nSet Test complete! Click button entitled 'Step 2 - Set C heck' to finish the test.");

49 }

50 </script>

51 </head>

52 <body>

53 <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for -history-put-test.html"></iframe>

54 <pre id="console"></pre>

55 </body>

56 </html>

OLD	NEW