LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html - Issue 187103002: id of iframe incorrectly sets window name

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-iframe.html

Issue 187103002: id of iframe incorrectly sets window name (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Add back no-referrer-subframe.html Created 6 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessee-iframe.html ('k') | LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 <html>	1 <html>

2 <body>	2 <body>

3 <p>Inner iframe on a foreign domain.</p>	3 <p>Inner iframe on a foreign domain.</p>

4 <iframe id="aFrame"></iframe>	4 <iframe id="aFrame" name="aFrame"></iframe>

5 <script>	5 <script>

6 var url = "javascript:\"<html>"	6 var url = "javascript:\"<html>"

7 + "<head>"	7 + "<head>"

8 + "<scr" + "ipt>"	8 + "<scr" + "ipt>"

9 + "window.onload = function()"	9 + "window.onload = function()"

10 + "{"	10 + "{"

11 + "try {"	11 + "try {"

12 + "top.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a javascript: URL on a different domain was al lowed';"	12 + "top.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a javascript: URL on a different domain was al lowed';"

13 + "} catch (e) {"	13 + "} catch (e) {"

14 + "}"	14 + "}"

15 + "if (window.testRunner)"	15 + "if (window.testRunner)"

16 + "testRunner.notifyDone();"	16 + "testRunner.notifyDone();"

17 + "}"	17 + "}"

18 + "</scr" + "ipt>"	18 + "</scr" + "ipt>"

19 + "</head>"	19 + "</head>"

20 + "<body>"	20 + "<body>"

21 + "<p>Inner-inner iframe. This iframe (which is javascript: URL and whose parent is on a foreign domain) is the frame attempting to access"	21 + "<p>Inner-inner iframe. This iframe (which is javascript: URL and whose parent is on a foreign domain) is the frame attempting to access"

22 + " the main frame. It should not have access to it.</p>"	22 + " the main frame. It should not have access to it.</p>"

23 + "</body>"	23 + "</body>"

24 + "</html>\"";	24 + "</html>\"";

25	25

26 var frame = document.getElementById('aFrame');	26 var frame = document.getElementById('aFrame');

27 frame.src = url;	27 frame.src = url;

28 </script>	28 </script>

29 </body>	29 </body>

30 </html>	30 </html>

OLD	NEW