LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-sub-frame.html - WebKit - Git at Google

 <html>
 <head>
     <script src="../resources/cross-frame-access.js"></script>
 </head>
 <body>
     <p>This tests that the main frame can access the contents of an iframe that contains a javascript: URL loaded page</p>
     <iframe id="aFrame" name="aFrame"></iframe>
     <pre id="console"></pre>
     <script>
         var url = "javascript:\"<html><scr" + "ipt>onload = function() { parent.postMessage(\'LOADED\', \'*\'); } </scr" + "ipt><body><p id=\'accessMe\'></p><p>Inner iframe.</p></body></html>\"";
         var iframeId ="aFrame";
         var passMessage = "PASS: Cross frame access to a javascript: URL was allowed!";
         var failMessage = "FAIL: Cross frame access to a javascript: URL was denied.";
         canAccessFrame(url, iframeId, passMessage, failMessage);
     </script>
 </body>
 </html>
	<html>
	<head>
	<script src="../resources/cross-frame-access.js"></script>
	</head>
	<body>
	<p>This tests that the main frame can access the contents of an iframe that contains a javascript: URL loaded page</p>
	<iframe id="aFrame" name="aFrame"></iframe>
	<pre id="console"></pre>
	<script>
	var url = "javascript:\"<html><scr" + "ipt>onload = function() { parent.postMessage(\'LOADED\', \'*\'); } </scr" + "ipt><body><p id=\'accessMe\'></p><p>Inner iframe.</p></body></html>\"";
	var iframeId ="aFrame";
	var passMessage = "PASS: Cross frame access to a javascript: URL was allowed!";
	var failMessage = "FAIL: Cross frame access to a javascript: URL was denied.";
	canAccessFrame(url, iframeId, passMessage, failMessage);
	</script>
	</body>
	</html>