blob: ae695565cd7e1d0da32247cba0f5e1a2aebf0581 [file] [log] [blame]
<html>
<body>
<iframe name='aFrame' src='http://localhost:8000/security/resources/iframe-invalid-domain-change.html'></iframe>
<div id="console"></div>
</body>
<script>
if (window.testRunner) {
testRunner.dumpAsText();
testRunner.waitUntilDone();
}
try {
// change own domain to an invalid one
document.domain = 'apple.com';
} catch (e) {
console.log(e);
}
window.onload = cross_frame_access;
function cross_frame_access() {
var aframe = window.frames[0];
try {
if (typeof aframe.document == 'undefined') throw 1;
document.getElementById("console").innerHTML = "FAIL: cross-site access allowed";
} catch (e) {
document.getElementById("console").innerHTML = "PASS: cross-site not access allowed";
}
if (window.testRunner)
testRunner.notifyDone();
}
</script>
</html>