Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(130)

Side by Side Diff: LayoutTests/http/tests/security/xssAuditor/full-block-iframe-no-inherit.php

Issue 187103002: id of iframe incorrectly sets window name (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Add back no-referrer-subframe.html Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 <?php 1 <?php
2 header("X-XSS-Protection: 1; mode=block"); 2 header("X-XSS-Protection: 1; mode=block");
3 ?> 3 ?>
4 <!DOCTYPE html> 4 <!DOCTYPE html>
5 <html> 5 <html>
6 <head> 6 <head>
7 <script src="http://127.0.0.1:8000/security/xssAuditor/resources/utilities.js">< /script> 7 <script src="http://127.0.0.1:8000/security/xssAuditor/resources/utilities.js">< /script>
8 <script> 8 <script>
9 if (window.testRunner) { 9 if (window.testRunner) {
10 testRunner.dumpAsText(); 10 testRunner.dumpAsText();
11 testRunner.dumpChildFramesAsText(); 11 testRunner.dumpChildFramesAsText();
12 testRunner.waitUntilDone(); 12 testRunner.waitUntilDone();
13 testRunner.setXSSAuditorEnabled(true); 13 testRunner.setXSSAuditorEnabled(true);
14 } 14 }
15 </script> 15 </script>
16 </head> 16 </head>
17 <body> 17 <body>
18 <p>This tests that the header X-XSS-Protection is not inherited by the iframe be low:</p> 18 <p>This tests that the header X-XSS-Protection is not inherited by the iframe be low:</p>
19 <iframe id="frame" onload="checkIfFrameLocationMatchesSrcAndCallDone('frame')" s rc="http://127.0.0.1:8000/security/xssAuditor/resources/echo-intertag.pl?q=<scri pt>alert(/XSS/)</script><p>If you see this message and no JavaScript alert() the n the test PASSED.</p>"> 19 <iframe id="frame" name="frame" onload="checkIfFrameLocationMatchesSrcAndCallDon e('frame')" src="http://127.0.0.1:8000/security/xssAuditor/resources/echo-intert ag.pl?q=<script>alert(/XSS/)</script><p>If you see this message and no JavaScrip t alert() then the test PASSED.</p>">
20 </iframe> 20 </iframe>
21 </body> 21 </body>
22 </html> 22 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698