LayoutTests/http/tests/security/resources/credentials-iframes-different-domain.html - WebKit - Git at Google

 <script>
 var request = new XMLHttpRequest();
 request.onreadystatechange = function () {
     if (this.readyState === 4)
         window.parent.postMessage(" iframe host: " + window.location.hostname + " credentials:" + this.responseText, "*");
 };
 request.open('GET', 'http://127.0.0.1:8000/security/resources/cors-basic-auth.php', true); // no credentials
 request.send();
 </script>
	<script>
	var request = new XMLHttpRequest();
	request.onreadystatechange = function () {
	if (this.readyState === 4)
	window.parent.postMessage(" iframe host: " + window.location.hostname + " credentials:" + this.responseText, "*");
	};
	request.open('GET', 'http://127.0.0.1:8000/security/resources/cors-basic-auth.php', true); // no credentials
	request.send();
	</script>