projects / platform / framework / web / crosswalk.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Upstream version 10.39.225.0
[platform/framework/web/crosswalk.git] / src / third_party / WebKit / LayoutTests / http / tests / security / javascriptURL / xss-DENIED-to-javascript-url-in-foreign-domain-window-open.html
1 <html>
2 <head>
3     <script src="../resources/cross-frame-access.js"></script>
4     <script>
5         var openedWindow;
6
7         window.onload = function()
8         {
9             if (window.testRunner) {
10                 testRunner.dumpAsText();
11                 testRunner.setCanOpenWindows();
12                 testRunner.waitUntilDone();
13             }
14
15             openedWindow = window.open("http://localhost:8000/security/javascriptURL/resources/foreign-domain-javascript-url-accessee-opened-frame.html");
16
17             window.addEventListener('message', function ()
18             {
19                 runTest();
20                 closeWindowAndNotifyDone(openedWindow);
21             });
22         }
23
24         runTest = function()
25         {
26             try {
27                 openedWindow[0].document.getElementById('accessMe').innerHTML = "FAIL: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain allowed.";
28                 log("FAIL: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain allowed.");
29                 return;
30             } catch (e) {
31             }
32             log("PASS: Cross frame access to a javascript: URL embed in a frame window.open'ed on foreign domain denied!");
33         }
34     </script>
35 </head>
36 <body>
37     <pre id="console"></pre>
38 </body>
39 </html>
Domain: Web Framework / Uncategorized;