OLD | NEW |
1 <?php | 1 <?php |
2 header("Suborigin: foobar"); | 2 header("Suborigin: foobar"); |
3 ?> | 3 ?> |
4 <!DOCTYPE html> | 4 <!DOCTYPE html> |
5 <html> | 5 <html> |
6 <head> | 6 <head> |
7 </head> | 7 </head> |
8 <body> | 8 <body> |
9 <iframe src="/"></iframe> | 9 <iframe src="/"></iframe> |
10 <script src="/js-test-resources/js-test.js"></script> | 10 <script src="/js-test-resources/js-test.js"></script> |
11 <script> | 11 <script> |
12 description("Cross-origin access to 'window.open' and 'window.opener' sh
ould throw a SecurityError."); | 12 description("Cross-origin access to 'window.open' and 'window.opener' sh
ould throw a SecurityError."); |
13 | 13 |
14 window.jsTestIsAsync = true; | 14 window.jsTestIsAsync = true; |
15 var frame = document.querySelector('iframe'); | 15 var frame = document.querySelector('iframe'); |
16 window.onload = function () { | 16 window.onload = function () { |
17 shouldThrow("frame.contentWindow.open()", '"SecurityError: Blocked a
frame with origin \\"http://foobar_127.0.0.1:8000\\" from accessing a cross-ori
gin frame."'); | 17 shouldThrow("frame.contentWindow.open()", '"SecurityError: Blocked a
frame with origin \\"http-so://foobar.127.0.0.1:8000\\" from accessing a cross-
origin frame."'); |
18 shouldThrow("frame.contentWindow.opener = 1;", '"SecurityError: Fail
ed to set the \'opener\' property on \'Window\': Blocked a frame with origin \\"
http://foobar_127.0.0.1:8000\\" from accessing a cross-origin frame."'); | 18 shouldThrow("frame.contentWindow.opener = 1;", '"SecurityError: Fail
ed to set the \'opener\' property on \'Window\': Blocked a frame with origin \\"
http-so://foobar.127.0.0.1:8000\\" from accessing a cross-origin frame."'); |
19 finishJSTest(); | 19 finishJSTest(); |
20 }; | 20 }; |
21 </script> | 21 </script> |
22 </body> | 22 </body> |
23 </html> | 23 </html> |
OLD | NEW |