third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-parent-navigation-change.html - Issue 2092293002: Block framebusts without a user gesture

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-parent-navigation-change.html

Issue 2092293002: Block framebusts without a user gesture (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: better flag description Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/resources/iframe-that-performs-top-navigation-without-user-gesture.html ('k') | third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-parent-navigation-change.html

diff --git a/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-parent-navigation-change.html b/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-parent-navigation-change.html

index 3cd0b9e804b307c488b72cc17b1ce4f4e78351cf..7d9de1fc51cf9307ba2d500ed5d2e3405f61bee5 100644

--- a/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-parent-navigation-change.html

+++ b/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-ALLOWED-parent-navigation-change.html

@@ -12,12 +12,17 @@

function loaded()

{

document.getElementsByTagName('h4')[0].innerHTML = document.domain;

+ var iframe = document.getElementById("i");

+ // The iframe uses eventSender to emulate a user navigatation, which requires absolute coordinates.

+ // Because the iframe is cross-origin, it can't get the offsets itself, so leak them.

+ frames[0].postMessage({x: iframe.offsetLeft, y: iframe.offsetTop}, "*");

}

</script>

</head>

- <p>This tests that documents can navigate the location of any of it's parent-frames regardless of domain.</p>

+ <p>This tests that documents can navigate the location of any of it's parent-frames regardless of domain, if a

+ user gesture is present.</p>

<h4>DOMAIN</h4>

- <iframe src="http://localhost:8000/security/frameNavigation/resources/iframe-that-performs-parent-navigation.html"></iframe>

+ <iframe id="i" src="http://localhost:8000/security/frameNavigation/resources/iframe-that-performs-parent-navigation.html"></iframe>

</body>

</html>