| <html> |
| <body> |
| <p>Frame on a foreign domain (opened using window.open).</p> |
| <iframe id="aFrame"></iframe> |
| <script> |
| var url = "data:text/html,<html>" |
| + "<head>" |
| + "<scr" + "ipt>" |
| + "function loaded() {" |
| + "if (window.testRunner)" |
| + "testRunner.globalFlag = true;" |
| + "}" |
| + "</scri" + "pt>" |
| + "</head>" |
| + "<body onload='loaded();'>" |
| + "<p id='accessMe'>PASS: Access from the main frame was denied!</p>" |
| + "<p>Inner-inner iframe. This iframe (which is data: URL and whose parent is on a foreign domain) is the frame that the" |
| + " main frame is trying to access. It should not have access to it.</p>" |
| + "</body>" |
| + "</html>"; |
| |
| var frame = document.getElementById('aFrame'); |
| frame.src = url; |
| </script> |
| </body> |
| </html> |