| OLD | NEW |
|---|
| 1 CONSOLE MESSAGE: line 7: The XSS Auditor blocked access to 'http://localhost:800
0/security/xssAuditor/resources/echo-intertag.pl?enable-full-block=1&q=%3Cscript
%3Ealert(String.fromCharCode(0x58,0x53,0x53));%3C/script%3E' because the source
code of a script was found within the request. The server sent an 'X-XSS-Protect
ion' header requesting this behavior. | 1 CONSOLE MESSAGE: line 7: The XSS Auditor blocked access to 'http://localhost:800
0/security/xssAuditor/resources/echo-intertag.pl?enable-full-block=1&q=%3Cscript
%3Ealert(String.fromCharCode(0x58,0x53,0x53));%3C/script%3E' because the source
code of a script was found within the request. The server sent an 'X-XSS-Protect
ion' header requesting this behavior. |
| 2 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "null". The frame requesting access has a protocol of "
http", the frame being accessed has a protocol of "data". Protocols must match. | 2 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "null". The frame requesting access has a protocol of "
http", the frame being accessed has a protocol of "data". Protocols must match. |
| 3 | 3 |
| 4 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "null". The frame requesting access has a protocol of "
http", the frame being accessed has a protocol of "data". Protocols must match. | 4 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "null". The frame requesting access has a protocol of "
http", the frame being accessed has a protocol of "data". Protocols must match. |
| 5 | 5 |
| 6 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "http://localhost:8000". Protocols, domains, and ports m
ust match. | 6 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "http://localhost:8000". Protocols, domains, and ports m
ust match. |
| 7 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "null". The frame requesting access has a protocol of "
http", the frame being accessed has a protocol of "data". Protocols must match. | 7 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "null". The frame requesting access has a protocol of "
http", the frame being accessed has a protocol of "data". Protocols must match. |
| 8 | 8 |
| 9 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "null". The frame requesting access has a protocol of "
http", the frame being accessed has a protocol of "data". Protocols must match. | |
| 10 | |
| 11 CONSOLE MESSAGE: Blocked a frame with origin "http://127.0.0.1:8000" from access
ing a frame with origin "http://localhost:8000". Protocols, domains, and ports m
ust match. | |
| 12 PASS xssed.contentDocument is null | 9 PASS xssed.contentDocument is null |
| 13 PASS xssed.contentDocument is crossorigin.contentDocument | 10 PASS xssed.contentDocument is crossorigin.contentDocument |
| 14 PASS xssed.contentWindow.location.href is undefined. | 11 PASS xssed.contentWindow.location.href threw exception SecurityError: An attempt
was made to break through the security policy of the user agent.. |
| 15 PASS xssed.contentWindow.location.href is crossorigin.contentWindow.location.hre
f | |
| 16 PASS successfullyParsed is true | 12 PASS successfullyParsed is true |
| 17 | 13 |
| 18 TEST COMPLETE | 14 TEST COMPLETE |
| 19 | 15 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 19095003:
Throw 'SecurityError' upon cross-origin Location access. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk