| <!DOCTYPE html> |
| <body> |
| <script src=/resources/testharness.js></script> |
| <script src=/resources/testharnessreport.js></script> |
| <script src=/feature-policy/resources/featurepolicy.js></script> |
| <script> |
| run_all_fp_tests_allow_all( |
| 'http://{{domains[www]}}:{{ports[http][0]}}', |
| 'document-access', |
| 'SecurityError', |
| () => { |
| return new Promise((resolve, reject) => { |
| try { |
| var iframe = document.createElement('iframe'); |
| iframe.srcdoc ="<p>same origin iframe</p>"; |
| document.documentElement.append(iframe); |
| |
| // attempt to access something in a same origin iframe that would |
| // should be prevented by the feature policy. |
| iframe.contentWindow.location.href; |
| resolve(); |
| } catch(e) { |
| reject(e); |
| } |
| }); |
| }); |
| </script> |
| </body> |