| <html> |
| <head> |
| <script src="resources/cross-frame-access.js"></script> |
| </head> |
| <body> |
| <p>This test currently fails because we check the port and protocol even if document.domain is explicitly set (rdar://problem/5366437).</p> |
| <iframe id="aFrame" name="aFrame"></iframe> |
| <pre id="console"></pre> |
| <script> |
| // Explicitly set the domain. |
| document.domain = "127.0.0.1"; |
| |
| var url = "https://127.0.0.1:8443/security/resources/cross-frame-iframe-with-explicit-domain-set.html"; |
| var iframeId ="aFrame"; |
| var passMessage = "PASS: Cross frame access to https from http, after explicitly setting document.domain, was denied."; |
| var failMessage = "Fail: Cross frame access to https from http, after explicitly setting document.domain, was allowed."; |
| cannotAccessFrame(url, iframeId, passMessage, failMessage); |
| </script> |
| </body> |
| </html> |