Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(206)

Side by Side Diff: LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-03.html

Issue 187103002: id of iframe incorrectly sets window name (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Add back no-referrer-subframe.html Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <script src="http://localhost:8000/security/xssAuditor/resources/utilities.js">< /script> 4 <script src="http://localhost:8000/security/xssAuditor/resources/utilities.js">< /script>
5 <script> 5 <script>
6 if (window.testRunner) { 6 if (window.testRunner) {
7 testRunner.dumpAsText(); 7 testRunner.dumpAsText();
8 testRunner.dumpChildFramesAsText(); 8 testRunner.dumpChildFramesAsText();
9 testRunner.waitUntilDone(); 9 testRunner.waitUntilDone();
10 testRunner.setXSSAuditorEnabled(true); 10 testRunner.setXSSAuditorEnabled(true);
11 } 11 }
12 </script> 12 </script>
13 </head> 13 </head>
14 <body> 14 <body>
15 <p>This tests that the X-XSS-Protection header is not ignored when there is a tr ailing semicolon following mode=blank. 15 <p>This tests that the X-XSS-Protection header is not ignored when there is a tr ailing semicolon following mode=blank.
16 Although theoretically malformed, we tolerate this case without issuing an error . </p> 16 Although theoretically malformed, we tolerate this case without issuing an error . </p>
17 <iframe id="frame" onload="checkIfFrameLocationMatchesSrcAndCallDone('frame')" s rc="http://127.0.0.1:8000/security/xssAuditor/resources/echo-intertag.pl?notifyD one=1&valid-header=3&q=<script>alert(String.fromCharCode(0x58,0x53,0x53))</scrip t><p>If you see this message and no JavaScript alert() then the test PASSED.</p> "> 17 <iframe id="frame" name="frame" onload="checkIfFrameLocationMatchesSrcAndCallDon e('frame')" src="http://127.0.0.1:8000/security/xssAuditor/resources/echo-intert ag.pl?notifyDone=1&valid-header=3&q=<script>alert(String.fromCharCode(0x58,0x53, 0x53))</script><p>If you see this message and no JavaScript alert() then the tes t PASSED.</p>">
18 </iframe> 18 </iframe>
19 </body> 19 </body>
20 </html> 20 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698