Add an 'allow-top-navigation-with-user-interaction' sandbox flag.

third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/sandbox-ALLOWED-top-navigation-with-user-gesture.html

Index: third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/sandbox-ALLOWED-top-navigation-with-user-gesture.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/sandbox-ALLOWED-top-navigation-with-user-gesture.html b/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/sandbox-ALLOWED-top-navigation-with-user-gesture.html
new file mode 100644
index 0000000000000000000000000000000000000000..375c979e37dcce9a6fbf2ff5de3b57963f427790
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/sandbox-ALLOWED-top-navigation-with-user-gesture.html
@@ -0,0 +1,28 @@
+<html>
+<head>
+    <style>
+        iframe { width: 400px; height: 200px;}
+    </style>
+    <script>
+        if (window.testRunner) {
+            testRunner.dumpAsText();
+            testRunner.waitUntilDone();
+        }
+
+        function loaded()
+        {
+            document.getElementsByTagName('h4')[0].innerHTML = document.domain;
+            var iframe = document.getElementById("i");
+            // The iframe uses eventSender to emulate a user navigatation, which requires absolute coordinates.
+            // Because the iframe is cross-origin, it can't get the offsets itself, so leak them.
+            frames[0].postMessage({x: iframe.offsetLeft, y: iframe.offsetTop}, "*");
+        }
+    </script>
+</head>
+<body onload="loaded();">
+    <p>This tests that an iframe in sandbox with 'allow-top-navigation-with-user-activation'
+    can navigate the top level page, if it is trigged by a user gesture.</p>
+    <h4>DOMAIN</h4>
+    <iframe id="i" sandbox="allow-scripts allow-top-navigation-with-user-activation" src="http://localhost:8000/security/frameNavigation/resources/iframe-that-performs-parent-navigation.html"></iframe>
+</body>
+</html>