blob: 48ec3b11dc0aef07d860b6ed02b3b20143fb3757 [file] [log] [blame]
<html>
<body>
<script>
if (window.testRunner) {
testRunner.waitUntilDone();
testRunner.dumpAsText();
testRunner.dumpFrameLoadCallbacks();
testRunner.setCanOpenWindows();
testRunner.setCloseRemainingWindowsWhenComplete(true);
}
window.addEventListener("message", function (e) {
if (window.testRunner)
testRunner.notifyDone();
}, false);
</script>
<p>This test opens a window that has a form with an action that is a javascript: url. We should
*not* trigger a mixed content callback because the javascript: URL cannot be corrupted
by active network attackers.</p>
<script>
onload = function() {
window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-javascript-url-form.html");
}
</script>
</body>
</html>