blob: 6eb706656ce4ab4e260ce751a1f1b79296c9695a [file] [log] [blame]
<html>
<body>
<script>
if (window.testRunner) {
testRunner.waitUntilDone();
testRunner.dumpAsText();
testRunner.dumpFrameLoadCallbacks();
}
window.addEventListener("message", function (e) {
if (window.testRunner)
testRunner.notifyDone();
}, false);
</script>
<p>This test opens a window that has a form with an action that is a javascript: url. We should
*not* trigger a mixed content callback because the javascript: URL cannot be corrupted
by active network attackers.</p>
<script>
onload = function() {
window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-javascript-url-form.html");
}
</script>
</body>
</html>