Index: third_party/WebKit/LayoutTests/external/wpt/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/origin-check-in-document-open-same-origin-domain.sub.html |
diff --git a/third_party/WebKit/LayoutTests/external/wpt/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/origin-check-in-document-open-same-origin-domain.sub.html b/third_party/WebKit/LayoutTests/external/wpt/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/origin-check-in-document-open-same-origin-domain.sub.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..d2f4e4023a36ab5b2c3770d17c12d9ce3396c99d |
--- /dev/null |
+++ b/third_party/WebKit/LayoutTests/external/wpt/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/origin-check-in-document-open-same-origin-domain.sub.html |
@@ -0,0 +1,16 @@ |
+<!doctype html> |
+<title>Origin check in document.open() - same origin-domain (but not same origin) documents</title> |
+<link rel="author" title="Jochen Eisinger" href="mailto:jochen@chromium.org"> |
+<link rel="help" href="https://html.spec.whatwg.org/multipage/#opening-the-input-stream"> |
+<script src="/resources/testharness.js"></script> |
+<script src="/resources/testharnessreport.js"></script> |
+<script src="/html/resources/common.js"></script> |
+<body> |
+<script> |
+testInIFrame("http://{{host}}:{{ports[http][1]}}/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/resources/set-document-domain.html", (ctx) => { |
+ document.domain = document.domain; |
+ var doc = ctx.iframes[0].contentDocument; |
+ assert_throws("SecurityError", doc.open.bind(doc), "Opening a same origin-domain (but not same origin) document doesn't throw."); |
+}, "It should not be possible to open same origin-domain (but not same origin) documents."); |
+</script> |
+</body> |