Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(162)

Unified Diff: LayoutTests/http/tests/security/XFrameOptions/x-frame-options-multiple-headers-sameorigin-deny-expected.txt

Issue 19095003: Throw 'SecurityError' upon cross-origin Location access. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: rebaseline. Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: LayoutTests/http/tests/security/XFrameOptions/x-frame-options-multiple-headers-sameorigin-deny-expected.txt
diff --git a/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-multiple-headers-sameorigin-deny-expected.txt b/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-multiple-headers-sameorigin-deny-expected.txt
index 812ec62e88e777362302d0ccc3b5029f4a449a41..83c9ff8f64b57fcaf5e6e0a7c01992642373273a 100644
--- a/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-multiple-headers-sameorigin-deny-expected.txt
+++ b/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-multiple-headers-sameorigin-deny-expected.txt
@@ -1,7 +1,7 @@
http://localhost:8000/security/XFrameOptions/resources/x-frame-options-multiple-headers-sameorigin.cgi - willSendRequest <NSURLRequest URL http://localhost:8000/security/XFrameOptions/resources/x-frame-options-multiple-headers-sameorigin.cgi, main document URL http://127.0.0.1:8000/security/XFrameOptions/x-frame-options-multiple-headers-sameorigin-deny.html, http method GET> redirectResponse (null)
CONSOLE MESSAGE: Refused to display 'http://localhost:8000/security/XFrameOptions/resources/x-frame-options-multiple-headers-sameorigin.cgi' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN, SAMEORIGIN'.
CONSOLE MESSAGE: Sandbox access violation: Blocked a frame at "http://127.0.0.1:8000" from accessing a frame at "null". The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.
-CONSOLE MESSAGE: line 16: PASS: Could not read contentWindow.location.href
+CONSOLE MESSAGE: line 17: PASS: Access to contentWindow.location.href threw an exception.
http://localhost:8000/security/XFrameOptions/resources/x-frame-options-multiple-headers-sameorigin.cgi - didFailLoadingWithError: <NSError domain NSURLErrorDomain, code -999, failing URL "http://localhost:8000/security/XFrameOptions/resources/x-frame-options-multiple-headers-sameorigin.cgi">
The frame below should not load, proving that 'sameorigin, sameorigin' === 'sameorigin'.

Powered by Google App Engine
This is Rietveld 408576698