| <html> |
| <head> |
| <script src="/js-test-resources/js-test-pre.js"></script> |
| <script src="resources/cross-frame-access.js"></script> |
| <script> |
| jsTestIsAsync = true; |
| |
| // Set up listener for message from iframe |
| addEventListener('message', function(event) { |
| if (event.data == "finishedLoad") |
| doTest(); |
| }, false); |
| |
| |
| doTest = function() |
| { |
| targetWindow = document.getElementById("target").contentWindow; |
| array = []; |
| array.__proto__.__proto__ = targetWindow; |
| array[0] = 11.11; |
| array[2] = 22.22; |
| array[10101010] = { |
| toString() { |
| testFailed("toString is called by 10101010 setter"); |
| } |
| }; |
| cocoaValue = { |
| toString() { |
| testFailed("toString is called by cocoa setter"); |
| } |
| }; |
| shouldThrowErrorName("array.cocoa = cocoaValue", "SecurityError"); |
| |
| Object.setPrototypeOf(String.prototype, targetWindow); |
| shouldThrowErrorName("'str'.cocoa = cocoaValue", "SecurityError"); |
| finishJSTest(); |
| } |
| </script> |
| </head> |
| <body> |
| <div>This tests that you can't get the prototype of the window during [[Put]] operation.</div> |
| <iframe id="target" src="http://localhost:8000/security/resources/cross-frame-iframe-for-object-getPrototypeOf-in-put-test.html"></iframe> |
| <pre id="console"></pre> |
| <script src="/js-test-resources/js-test-post.js"></script> |
| </body> |
| </html> |