Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(41)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame.html

Issue 494343003: Eliminate globalFlag usage from http security layout tests. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: consistify Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-window-open.html ('k') | LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <html> 1 <html>
2 <head> 2 <head>
3 <script src="../resources/cross-frame-access.js"></script> 3 <script src="../resources/cross-frame-access.js"></script>
4 <script> 4 <script>
5 var subFramesLoaded = 0;
5 if (window.testRunner) { 6 if (window.testRunner) {
6 testRunner.dumpAsText(); 7 testRunner.dumpAsText();
7 testRunner.dumpChildFramesAsText(); 8 testRunner.dumpChildFramesAsText();
8 testRunner.waitUntilDone(); 9 testRunner.waitUntilDone();
9 } 10 }
10 11
12 function startTestWhenReady() {
13 if (++subFramesLoaded == 2)
14 document.getElementById('secondSubFrame').contentWindow.postMess age('perform test', '*');
15 }
16
11 function loaded() { 17 function loaded() {
12 var firstURL = "data:text/html,<html>" 18 var firstURL = "data:text/html,<html>"
13 + "<head>" 19 + "<body>"
14 + "<scr" + "ipt>"
15 + "function fireSentinel() {"
16 + "if (window.testRunner)"
17 + "testRunner.globalFlag = true;"
18 + "}"
19 + "</scr" + "ipt>"
20 + "</head>"
21 + "<body onload=\"fireSentinel();\">"
22 + "<p>Inner iframe.</p>" 20 + "<p>Inner iframe.</p>"
23 + "<p id='accessMe'>Pass: Cross frame access from a sibling data: URL was denied.</p>" 21 + "<p id='accessMe'>Pass: Cross frame access from a sibling data: URL was denied.</p>"
24 + "</body>" 22 + "</body>"
25 + "</html>"; 23 + "</html>";
26 24
27 var iframe = document.getElementById("firstSubFrame"); 25 var iframe = document.getElementById("firstSubFrame");
26 iframe.onload = startTestWhenReady;
28 iframe.src = firstURL; 27 iframe.src = firstURL;
29 28
30 var secondURL = "data:text/html,<html>" 29 var secondURL = "data:text/html,<html>"
31 + "<head>" 30 + "<head>"
32 + "<scr" + "ipt>" 31 + "<scr" + "ipt>"
33 + "function loaded() {" 32 + "function loaded() {"
34 + "if (window.testRunner) {" 33 + "window.addEventListener('message', performTest);"
35 + "setTimeout(waitForFlag, 1);"
36 + "function waitForFlag() {"
37 + "if (!testRunner.globalFlag) {"
38 + "setTimeout(waitForFlag, 1);"
39 + "return;"
40 + "}"
41 + "performTest();"
42 + "}"
43 + "} else {"
44 + "document.getElementById('console').innerHTML = 'Click the button when all the subframes have finished loading.';"
45 + "}"
46 + "}" 34 + "}"
47 + "function performTest() {" 35 + "function performTest() {"
48 + "try {" 36 + "try {"
49 + "parent.frames['firstSubFrame'].document.getEl ementById('accessMe').innerHTML = 'FAIL: Cross frame access from a sibling data: URL was allowed.';" 37 + "parent.frames['firstSubFrame'].document.getEl ementById('accessMe').innerHTML = 'FAIL: Cross frame access from a sibling data: URL was allowed.';"
50 + "} catch (e) {" 38 + "} catch (e) {"
51 + "}" 39 + "}"
52 + "if (window.testRunner)" 40 + "if (window.testRunner)"
53 + "testRunner.notifyDone();" 41 + "testRunner.notifyDone();"
54 + "}" 42 + "}"
55 + "</scr" + "ipt>" 43 + "</scr" + "ipt>"
56 + "</head>" 44 + "</head>"
57 + "<body onload=\"loaded();\">" 45 + "<body onload=\"loaded();\">"
58 + "<p>Inner iframe.</p>" 46 + "<p>Inner iframe.</p>"
59 + "<button onclick='performTest();'>Test</button>"
60 + "<pre id='console'></pre>" 47 + "<pre id='console'></pre>"
61 + "</body>" 48 + "</body>"
62 + "</html>"; 49 + "</html>";
63 50
64 iframe = document.getElementById("secondSubFrame"); 51 iframe = document.getElementById("secondSubFrame");
52 iframe.onload = startTestWhenReady;
65 iframe.src = secondURL; 53 iframe.src = secondURL;
66 } 54 }
67 </script> 55 </script>
68 </head> 56 </head>
69 <body onload="loaded();"> 57 <body onload="loaded();">
70 <p>This tests that a data: URL subframe can't access a sibling data: URL sub frame.</p> 58 <p>This tests that a data: URL subframe can't access a sibling data: URL sub frame.</p>
71 <iframe id="firstSubFrame" name="firstSubFrame"></iframe> 59 <iframe id="firstSubFrame" name="firstSubFrame"></iframe>
72 <iframe id="secondSubFrame" name="secondSubFrame"></iframe> 60 <iframe id="secondSubFrame" name="secondSubFrame"></iframe>
73 </body> 61 </body>
74 </html> 62 </html>
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-in-foreign-domain-window-open.html ('k') | LayoutTests/http/tests/security/dataURL/xss-DENIED-from-data-url-sub-frame-to-data-url-sub-frame-expected.txt » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698