Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(547)

Side by Side Diff: LayoutTests/http/tests/security/XFrameOptions/x-frame-options-multiple-headers-sameorigin-deny.html

Issue 19095003: Throw 'SecurityError' upon cross-origin Location access. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: rebaseline. Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <script> 4 <script>
5 if (window.testRunner) { 5 if (window.testRunner) {
6 testRunner.dumpAsText(); 6 testRunner.dumpAsText();
7 testRunner.dumpChildFramesAsText(); 7 testRunner.dumpChildFramesAsText();
8 testRunner.dumpResourceLoadCallbacks(); 8 testRunner.dumpResourceLoadCallbacks();
9 testRunner.waitUntilDone(); 9 testRunner.waitUntilDone();
10 } 10 }
11 11
12 function checkIfDone() { 12 function checkIfDone() {
13 var url = document.querySelector('iframe').contentWindow.location.hr ef; 13 try {
14 var url = document.querySelector('iframe').contentWindow.locatio n.href;
15 console.log("FAIL: Could read contentWindow.location.href");
16 } catch (e) {
17 console.log("PASS: Access to contentWindow.location.href threw a n exception.");
18 }
14 19
15 if (!url)
16 console.log("PASS: Could not read contentWindow.location.href");
17 else
18 console.log("FAIL: Could read contentWindow.location.href");
19 testRunner.notifyDone(); 20 testRunner.notifyDone();
20 } 21 }
21 </script> 22 </script>
22 </head> 23 </head>
23 <body> 24 <body>
24 <p>The frame below should not load, proving that 'sameorigin, sameorigin' == = 'sameorigin'.</p> 25 <p>The frame below should not load, proving that 'sameorigin, sameorigin' == = 'sameorigin'.</p>
25 <iframe style="width:500px; height:500px" src="http://localhost:8000/securit y/XFrameOptions/resources/x-frame-options-multiple-headers-sameorigin.cgi" onloa d="checkIfDone()"></iframe> 26 <iframe style="width:500px; height:500px" src="http://localhost:8000/securit y/XFrameOptions/resources/x-frame-options-multiple-headers-sameorigin.cgi" onloa d="checkIfDone()"></iframe>
26 </body> 27 </body>
27 </html> 28 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698