Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(385)

Side by Side Diff: LayoutTests/http/tests/security/sandboxed-iframe-blocks-access-from-parent.html

Issue 19095003: Throw 'SecurityError' upon cross-origin Location access. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: rebaseline. Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 <!doctype html> 1 <!doctype html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <script> 4 <script>
5 if (window.testRunner) { 5 if (window.testRunner) {
6 testRunner.dumpAsText(); 6 testRunner.dumpAsText();
7 testRunner.dumpChildFramesAsText(); 7 testRunner.dumpChildFramesAsText();
8 } 8 }
9 9
10 function test() { 10 function test() {
11 var test = document.getElementById('testframe'); 11 var test = document.getElementById('testframe');
12 var location = test.contentWindow.location.href; 12 try {
13 var location = test.contentWindow.location.href;
14 } catch (e) {
15 alert("PASS: Cross-origin access to the Location object threw an exception.");
16 }
13 } 17 }
14 </script> 18 </script>
15 </head> 19 </head>
16 20
17 <body> 21 <body>
18 <p>Sandboxing a frame puts it into a unique origin by default, which the 22 <p>Sandboxing a frame puts it into a unique origin by default, which the
19 containing document shouldn't have script access to. This test passes if a 23 containing document shouldn't have script access to. This test passes if an
20 console warning is generated, noting the access violation.</p> 24 exception is thrown upon the access violation.</p>
21 25
22 <iframe src="resources/blank.html" id="testframe" sandbox onload="test();">< /iframe> 26 <iframe src="resources/blank.html" id="testframe" sandbox onload="test();">< /iframe>
23 </body> 27 </body>
24 </html> 28 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698