Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(13)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame-2-level.html

Issue 494343003: Eliminate globalFlag usage from http security layout tests. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: consistify Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html ('k') | LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-window-open.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <html> 1 <html>
2 <head> 2 <head>
3 <script src="../resources/cross-frame-access.js"></script> 3 <script src="../resources/cross-frame-access.js"></script>
4 <script> 4 <script>
5 window.onload = function() 5 window.onload = function()
6 { 6 {
7 if (window.testRunner) { 7 if (window.testRunner) {
8 testRunner.dumpAsText(); 8 testRunner.dumpAsText();
9 testRunner.dumpChildFramesAsText(); 9 testRunner.dumpChildFramesAsText();
10 testRunner.waitUntilDone(); 10 testRunner.waitUntilDone();
11 } 11 }
12 12
13 var innerURL = 'javascript:\\\"<html>' 13 var innerURL = 'javascript:\\\"<html>'
14 + "<head>" 14 + "<head>"
15 + "<scr" + "ipt>" 15 + "<scr" + "ipt>"
16 + "window.onload = function()" 16 + "window.onload = function()"
17 + "{" 17 + "{"
18 + "if (window.testRunner)" 18 + 'window.top.postMessage(\\\\\\"run test\\\\\\", \\ \\\\"*\\\\\\");'
19 + "testRunner.globalFlag = true;"
20 + "}" 19 + "}"
21 + "</scr" + "ipt>" 20 + "</scr" + "ipt>"
22 + "</head>" 21 + "</head>"
23 + "<body>" 22 + "<body>"
24 + '<p id=\\\\\\"accessMe\\\\\\">FAIL: Cross frame access to a javascript: URL 2 levels deep was denied.</p>' 23 + '<p id=\\\\\\"accessMe\\\\\\">FAIL: Cross frame access to a javascript: URL 2 levels deep was denied.</p>'
25 + "<p>Inner-inner iframe.</p>" 24 + "<p>Inner-inner iframe.</p>"
26 + "</body>" 25 + "</body>"
27 + '</html>\\\"'; 26 + '</html>\\\"';
28 27
29 var url = "javascript:\"<html>" 28 var url = "javascript:\"<html>"
30 + "<body>" 29 + "<body>"
31 + "<iframe src='" + innerURL + "'></iframe>" 30 + "<iframe src='" + innerURL + "'></iframe>"
32 + "<p>Inner iframe.</p>" 31 + "<p>Inner iframe.</p>"
33 + "</body>" 32 + "</body>"
34 + "</html>\""; 33 + "</html>\"";
35 34
36 var iframe = document.getElementById("aFrame"); 35 var iframe = document.getElementById("aFrame");
37 iframe.src = url; 36 iframe.src = url;
38 37
39 if (window.testRunner) { 38 window.addEventListener('message', function ()
40 setTimeout(pollForTest, 1); 39 {
41 } else { 40 runTest();
42 log("To run the test, click the button below when the opened win dow finishes loading."); 41 if (window.testRunner)
43 var button = document.createElement("button"); 42 testRunner.notifyDone();
44 button.appendChild(document.createTextNode("Run Test")); 43 });
45 button.onclick = runTest;
46 document.body.appendChild(button);
47 }
48 }
49
50 pollForTest = function()
51 {
52 if (!testRunner.globalFlag) {
53 setTimeout(pollForTest, 1);
54 return;
55 }
56 runTest();
57 testRunner.notifyDone();
58 } 44 }
59 45
60 runTest = function() 46 runTest = function()
61 { 47 {
62 try { 48 try {
63 window[0][0].document.getElementById('accessMe').innerHTML = 'PA SS: Cross frame access to a javascript: URL 2 levels deep was allowed!'; 49 window[0][0].document.getElementById('accessMe').innerHTML = 'PA SS: Cross frame access to a javascript: URL 2 levels deep was allowed!';
64 log('PASS: Cross frame access to a javascript: URL 2 levels deep was allowed!'); 50 log('PASS: Cross frame access to a javascript: URL 2 levels deep was allowed!');
65 } catch (e) { 51 } catch (e) {
66 log('FAIL: Cross frame access to a javascript: URL 2 levels deep was denied.'); 52 log('FAIL: Cross frame access to a javascript: URL 2 levels deep was denied.');
67 } 53 }
68 } 54 }
69 </script> 55 </script>
70 </head> 56 </head>
71 <body> 57 <body>
72 <p>This tests that the main frame has access to a javascript: URL loaded in an iframe inside another javascript: URL loaded iframe.</p> 58 <p>This tests that the main frame has access to a javascript: URL loaded in an iframe inside another javascript: URL loaded iframe.</p>
73 <iframe id="aFrame" name="aFrame" style="width: 500px; height: 300px;"></ifr ame> 59 <iframe id="aFrame" name="aFrame" style="width: 500px; height: 300px;"></ifr ame>
74 <pre id='console'></pre> 60 <pre id='console'></pre>
75 </body> 61 </body>
76 </html> 62 </html>
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/javascriptURL/resources/foreign-domain-javascript-url-accessor-opened-frame.html ('k') | LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-window-open.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698