LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf.html - Issue 14198015: Deny cross-origin access to 'window.history'.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf.html

Issue 14198015: Deny cross-origin access to 'window.history'. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Rebase. Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « LayoutTests/http/tests/security/cross-frame-access-history-put-expected.txt ('k') | LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 <html>	1 <html>

2 <head>	2 <head>

3 <script src="resources/cross-frame-access.js"></script>	3 <script src="resources/cross-frame-access.js"></script>

4 <script>	4 <script>

5 if (window.testRunner) {	5 if (window.testRunner) {

6 testRunner.dumpAsText();	6 testRunner.dumpAsText();

7 testRunner.waitUntilDone();	7 testRunner.waitUntilDone();

8 }	8 }

9	9

10 // Set up listener for message from iframe	10 // Set up listener for message from iframe

11 addEventListener('message', function(event) {	11 addEventListener('message', function(event) {

12 if (event.data == "finishedLoad")	12 if (event.data == "finishedLoad")

13 doTest();	13 doTest();

14 }, false);	14 }, false);

15	15

16	16

17 doTest = function()	17 doTest = function()

18 {	18 {

19 targetWindow = document.getElementById("target").contentWindow;	19 targetWindow = document.getElementById("target").contentWindow;

20	20

21 shouldBeUndefined("Object.getPrototypeOf(targetWindow)");	21 shouldBeUndefined("Object.getPrototypeOf(targetWindow)");

22 shouldBeUndefined("Object.getPrototypeOf(targetWindow.history)");

23	22

24 if (window.testRunner)	23 if (window.testRunner)

25 testRunner.notifyDone();	24 testRunner.notifyDone();

26 }	25 }

27 </script>	26 </script>

28 </head>	27 </head>

29 <body>	28 <body>

30 <div>This tests that you can't get the prototype of the window or history ob jects cross-origin using Object.getPrototypeOf().</div>	29 <div>This tests that you can't get the prototype of the window object cross- origin using Object.getPrototypeOf().</div>

31 <iframe id="target" src="http://localhost:8000/security/resources/cross-fram e-iframe-for-object-getPrototypeOf-test.html"></iframe>	30 <iframe id="target" src="http://localhost:8000/security/resources/cross-fram e-iframe-for-object-getPrototypeOf-test.html"></iframe>

32 <pre id="console"></pre>	31 <pre id="console"></pre>

33 </body>	32 </body>

34 </html>	33 </html>

OLD	NEW