Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(45)

Side by Side Diff: LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-1.html

Issue 187103002: id of iframe incorrectly sets window name (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Add back no-referrer-subframe.html Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <script src="http://localhost:8000/security/xssAuditor/resources/utilities.js">< /script> 4 <script src="http://localhost:8000/security/xssAuditor/resources/utilities.js">< /script>
5 <script> 5 <script>
6 if (window.testRunner) { 6 if (window.testRunner) {
7 testRunner.dumpAsText(); 7 testRunner.dumpAsText();
8 testRunner.dumpChildFramesAsText(); 8 testRunner.dumpChildFramesAsText();
9 testRunner.waitUntilDone(); 9 testRunner.waitUntilDone();
10 testRunner.setXSSAuditorEnabled(true); 10 testRunner.setXSSAuditorEnabled(true);
11 } 11 }
12 </script> 12 </script>
13 </head> 13 </head>
14 <body> 14 <body>
15 <p>This tests that a malformed X-XSS-Protection header is not ignored when the l ength of its value exceeds <a href="https://bugs.webkit.org/show_bug.cgi?id=2731 2#c13">16 characters, and that an error is reported.</a></p> 15 <p>This tests that a malformed X-XSS-Protection header is not ignored when the l ength of its value exceeds <a href="https://bugs.webkit.org/show_bug.cgi?id=2731 2#c13">16 characters, and that an error is reported.</a></p>
16 <iframe id="frame" onload="checkIfFrameLocationMatchesSrcAndCallDone('frame')" s rc="http://127.0.0.1:8000/security/xssAuditor/resources/echo-intertag.pl?notifyD one=1&malformed-header=1&q=<script>alert(String.fromCharCode(0x58,0x53,0x53))</s cript><p>If you see this message and no JavaScript alert() then the test PASSED. </p>"> 16 <iframe id="frame" name="frame" onload="checkIfFrameLocationMatchesSrcAndCallDon e('frame')" src="http://127.0.0.1:8000/security/xssAuditor/resources/echo-intert ag.pl?notifyDone=1&malformed-header=1&q=<script>alert(String.fromCharCode(0x58,0 x53,0x53))</script><p>If you see this message and no JavaScript alert() then the test PASSED.</p>">
17 </iframe> 17 </iframe>
18 </body> 18 </body>
19 </html> 19 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698