| <html> |
| <head> |
| <script> |
| if (window.testRunner) { |
| testRunner.dumpAsText(); |
| testRunner.dumpChildFramesAsText(); |
| testRunner.waitUntilDone(); |
| } |
| |
| function loaded() { |
| var url = "data:text/html,<html>" |
| + "<head>" |
| + "<scr" + "ipt>" |
| + "function test() {" |
| + "try {" |
| + "parent.document.getElementById('accessMe').innerHTML = 'FAIL: Cross frame access from a data: URL was allowed.';" |
| + "} catch (e) {" |
| + "console.log(e);" |
| + "}" |
| + "if (window.testRunner)" |
| + "testRunner.notifyDone();" |
| + "}" |
| + "</scr" + "ipt>" |
| + "</head>" |
| + "<body onload=\"test()\">" |
| + "<p>Inner iframe.</p>" |
| + "</body>" |
| + "</html>"; |
| |
| var iframe = document.getElementById("aFrame"); |
| iframe.src = url; |
| } |
| </script> |
| </head> |
| <body onload="loaded();"> |
| <p>This tests that a data: URL loaded in an iframe doesn't have access to its parent's frame</p> |
| <iframe id="aFrame" name="aFrame"></iframe> |
| <p id='accessMe'>PASS: Cross frame access from a data: URL was denied.</p> |
| </body> |
| </html> |
