3 <p>Frame on a foreign domain (opened using window.open).</p>
4 <iframe name='aFrame' id="aFrame"></iframe>
6 var url = "javascript:\"<html>"
9 + "window.onload = function()"
12 + "parent.opener.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a javascript: URL on a different domain was allowed';"
15 + "parent.opener.postMessage('done', '*');"
20 + "<p>Inner-inner iframe. This iframe (which is javascript: URL and whose parent is on a foreign domain) is the frame attempting to access"
21 + " the main frame. It should not have access to it.</p>"
25 var frame = document.getElementById('aFrame');