Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(739)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: LayoutTests/http/tests/security/cross-frame-access-get.html

Issue 14198015: Deny cross-origin access to 'window.history'. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: rebase Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« LayoutTests/fast/frames/sandboxed-iframe-history-denied-expected.txt ('K') | « LayoutTests/http/tests/security/cross-frame-access-enumeration-expected.txt ('k') | LayoutTests/http/tests/security/cross-frame-access-get-expected.txt » ('j') | LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <html> 1 <html>
2 <head> 2 <head>
3 <script src="resources/cross-frame-access.js"></script> 3 <script src="resources/cross-frame-access.js"></script>
4 <script> 4 <script>
5 var windowConstructorPropertiesNotAllowed = [ 5 var windowConstructorPropertiesNotAllowed = [
6 "Attr", 6 "Attr",
7 "Audio", 7 "Audio",
8 "CDATASection", 8 "CDATASection",
9 "CSSPrimitiveValue", 9 "CSSPrimitiveValue",
10 "CSSRule", 10 "CSSRule",
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after
141 "console", 141 "console",
142 "crypto", 142 "crypto",
143 "defaultStatus", 143 "defaultStatus",
144 "defaultstatus", 144 "defaultstatus",
145 "devicePixelRatio", 145 "devicePixelRatio",
146 "document", 146 "document",
147 "embeds", 147 "embeds",
148 "eval", 148 "eval",
149 "event", 149 "event",
150 "frameElement", 150 "frameElement",
151 "history",
151 "images", 152 "images",
152 "innerHeight", 153 "innerHeight",
153 "innerWidth", 154 "innerWidth",
154 "locationbar", 155 "locationbar",
155 "menubar", 156 "menubar",
156 "name", 157 "name",
157 "navigator", 158 "navigator",
158 "offscreenBuffering", 159 "offscreenBuffering",
159 "onabort", 160 "onabort",
160 "onbeforeunload", 161 "onbeforeunload",
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after
202 203
203 var windowFunctionPropertiesAllowed = [ 204 var windowFunctionPropertiesAllowed = [
204 "blur", 205 "blur",
205 "close", 206 "close",
206 "focus" 207 "focus"
207 ] 208 ]
208 209
209 var windowAttributesPropertiesAllowed = [ 210 var windowAttributesPropertiesAllowed = [
210 "closed", 211 "closed",
211 "frames", 212 "frames",
212 "history",
213 "length", 213 "length",
214 "opener", 214 "opener",
215 "parent", 215 "parent",
216 "self", 216 "self",
217 "top", 217 "top",
218 "window", 218 "window",
219 ]; 219 ];
220 220
221 window.onload = function() 221 window.onload = function()
222 { 222 {
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
287 } 287 }
288 } 288 }
289 </script> 289 </script>
290 </head> 290 </head>
291 <body> 291 <body>
292 <p>This test checks cross-frame access security (rdar://problem/5251309).</p> 292 <p>This test checks cross-frame access security (rdar://problem/5251309).</p>
293 <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for-get -test.html" style=""></iframe> 293 <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for-get -test.html" style=""></iframe>
294 <pre id="console"></pre> 294 <pre id="console"></pre>
295 </body> 295 </body>
296 </html> 296 </html>
OLDNEW
« LayoutTests/fast/frames/sandboxed-iframe-history-denied-expected.txt ('K') | « LayoutTests/http/tests/security/cross-frame-access-enumeration-expected.txt ('k') | LayoutTests/http/tests/security/cross-frame-access-get-expected.txt » ('j') | LayoutTests/http/tests/security/cross-frame-access-getOwnPropertyDescriptor-expected.txt » ('J')

Powered by Google App Engine
This is Rietveld 408576698