Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1053)

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-enumeration.html

Issue 1503453002: LayoutTests: fix cross-frame-access-enumeration (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-enumeration.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-enumeration.html b/third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-enumeration.html
index 331798c06e64f2a4e5a9d6be82ba49ff07502f4b..b387fdc8d6fc276ebb44cd89e0127695480615af 100644
--- a/third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-enumeration.html
+++ b/third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-enumeration.html
@@ -61,16 +61,23 @@
log("PASS: Cross frame access by enumerating the Location object revealed no properties.");
var b_winLocationKeys = Object.keys(b_win_location);
- if (b_winLocationKeys.length != 0) {
- log("FAIL: Cross frame access by getting the keys of the Location object was allowed.");
- return;
+ var keys_failure = false;
+ for (var i = 0; i < b_winLocationKeys.length; i++) {
+ var k = b_winLocationKeys[i];
+ // See also cross-frame-access-location-get.html for the list of accessible keys.
+ if (k !== "assign" && k !== "replace") {
+ log("FAIL: Cross frame access by getting the keys of the Location object returned non-whitelisted key: " + k);
+ keys_failure = true;
+ }
+ }
+ if (!keys_failure) {
+ log("PASS: Cross frame access by getting the keys of the Location object revealed only whitelisted keys.");
}
- log("PASS: Cross frame access by getting the keys of the Location object revealed no keys.");
var b_winLocationPropertyNames = Object.getOwnPropertyNames(b_win_location);
if (b_winLocationPropertyNames.indexOf("customLocationProperty") != -1) {
log("FAIL: Cross frame access by getting the property names of the Location object was allowed.");
- return;
+ return;
}
log("PASS: Cross frame access by getting the property names of the Location object revealed no custom properties.");
}

Powered by Google App Engine
This is Rietveld 408576698