blob: 7bf062dcf3f1ba610e0ee399d098b71774fec0cb [file] [log] [blame]
<html>
<head>
<script src="../resources/cross-frame-access.js"></script>
<script>
window.onload = function()
{
if (window.testRunner) {
testRunner.dumpAsText();
testRunner.dumpChildFramesAsText();
testRunner.waitUntilDone();
}
if (window.testRunner) {
setTimeout(pollForTest, 1);
} else {
log("To run the test, click the button below when the opened window finishes loading.");
var button = document.createElement("button");
button.appendChild(document.createTextNode("Run Test"));
button.onclick = runTest;
document.body.appendChild(button);
}
}
pollForTest = function()
{
if (!testRunner.globalFlag) {
setTimeout(pollForTest, 1);
return;
}
runTest();
testRunner.notifyDone();
}
runTest = function()
{
var frame = document.getElementById('aFrame');
frame.setAttributeNS(null, "src", 'javascript:"FAIL: this should not have been loaded."');
frame.setAttributeNS(null, "src", ' javascript:"FAIL: this should not have been loaded."');
frame.setAttributeNS(null, "src", 'java\0script:"FAIL: this should not have been loaded."');
frame.setAttributeNS(null, "src", 'javascript\t:"FAIL: this should not have been loaded."');
frame.setAttributeNS(null, "src", 'javascript\1:"FAIL: this should not have been loaded."');
}
</script>
</head>
<body>
<p>This test passes as long as the word 'FAIL' and an accompanying message do not appear in the subframe.</p>
<pre id='console'></pre>
<iframe id='aFrame' name='aFrame' src='http://localhost:8000/security/resources/cross-frame-iframe.html'></iframe>
</body>
</html>