| Index: LayoutTests/http/tests/security/no-javascript-refresh.php
|
| diff --git a/LayoutTests/http/tests/security/resources/view-source-no-refresh.php b/LayoutTests/http/tests/security/no-javascript-refresh.php
|
| similarity index 53%
|
| copy from LayoutTests/http/tests/security/resources/view-source-no-refresh.php
|
| copy to LayoutTests/http/tests/security/no-javascript-refresh.php
|
| index 6a24d6a2cde9b5175c26684b464d9677ef946893..a109519eb771336185d022b2cdd62001b3d1d278 100644
|
| --- a/LayoutTests/http/tests/security/resources/view-source-no-refresh.php
|
| +++ b/LayoutTests/http/tests/security/no-javascript-refresh.php
|
| @@ -3,10 +3,11 @@
|
| header('Content-type: text/html');
|
| header('Refresh: 0;URL=javascript:window.top.location="about:blank"');
|
| ?>
|
| -
|
| -<head>
|
| -<meta http-equiv='refresh' content='0;URL=javascript:window.top.location="about:blank"'/>
|
| -</head>
|
| +<!DOCTYPE html>
|
| <body>
|
| -This is the viewsource iframe.
|
| +<script>
|
| +if (window.testRunner)
|
| + testRunner.dumpAsText();
|
| +</script>
|
| +This it the content that appears in place of a refresh.
|
| </body>
|
|
|
Chromium Code Reviews
Issue 18865003:
Do not allow HTTP refresh headers to refresh to javascript: URLs. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk