LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html - Issue 187103002: id of iframe incorrectly sets window name

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html

Issue 187103002: id of iframe incorrectly sets window name (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Add back no-referrer-subframe.html Created 6 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html ('k') | LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 <html>	1 <html>

2 <body>	2 <body>

3 <p>This tests that a javascript: URL loaded in an iframe inside another java script: URL loaded iframe has access to it's parent, the	3 <p>This tests that a javascript: URL loaded in an iframe inside another java script: URL loaded iframe has access to it's parent, the

4 first javascript: URL loaded iframe.</p>	4 first javascript: URL loaded iframe.</p>

5 <iframe id="aFrame" style="width: 500px; height: 300px;"></iframe>	5 <iframe id="aFrame" name="aFrame" style="width: 500px; height: 300px;"></ifr ame>

6 <script>	6 <script>

7 if (window.testRunner) {	7 if (window.testRunner) {

8 testRunner.dumpAsText();	8 testRunner.dumpAsText();

9 testRunner.dumpChildFramesAsText();	9 testRunner.dumpChildFramesAsText();

10 }	10 }

11	11

12 var innerURL = 'javascript:\\\"<html>'	12 var innerURL = 'javascript:\\\"<html>'

13 + "<head>"	13 + "<head>"

14 + "<scr" + "ipt>"	14 + "<scr" + "ipt>"

15 + 'parent.document.getElementById(\\\\\\\"accessMe\\\\\\\"). innerHTML = \\\\\\\"PASS: Cross frame access from a javascript: URL was allowed! \\\\\\\";'	15 + 'parent.document.getElementById(\\\\\\\"accessMe\\\\\\\"). innerHTML = \\\\\\\"PASS: Cross frame access from a javascript: URL was allowed! \\\\\\\";'

(...skipping 10 matching lines...) Expand all Loading...
26 + "<iframe src='" + innerURL + "'></iframe>"	26 + "<iframe src='" + innerURL + "'></iframe>"

27 + "<p>Inner iframe.</p>"	27 + "<p>Inner iframe.</p>"

28 + "</body>"	28 + "</body>"

29 + "</html>\"";	29 + "</html>\"";

30	30

31 var iframe = document.getElementById("aFrame");	31 var iframe = document.getElementById("aFrame");

32 iframe.src = url;	32 iframe.src = url;

33 </script>	33 </script>

34 </body>	34 </body>

35 </html>	35 </html>

OLD	NEW