blob: d26c26c47a144f8284ec7ae4a439f592c77181e0 [file] [log] [blame]
<script>
if (window.testRunner) {
testRunner.dumpAsText();
testRunner.waitUntilDone();
}
function finish()
{
if (location.hash.length == 0)
document.getElementById("console").innerHTML = "PASS: cross-site assignment of location.hash not allowed";
else
document.getElementById("console").innerHTML = "FAIL: cross-site assignment of location.hash was allowed!";
if (window.testRunner)
testRunner.notifyDone();
}
</script>
<body onload="finish()">
<iframe src="http://localhost:8000/security/resources/xss-DENIED-assign-location-hash-attacker.html"></iframe>
<div id="console"></div>
</body>
</html>