Blocked access to external URL http://www1.localhost:8801/content-security-policy/frame-ancestors/support/frame-in-frame.sub.html?policy=http://localhost:8800%20http://www1.localhost:8801&parent=cross&child=cross&expectation=blocked | |
Harness Error (TIMEOUT), message = null | |
NOTRUN A 'frame-ancestors' CSP directive with a URL value should compare against each frame's origin rather than URL, so a nested frame with a sandboxed parent frame should be blocked due to the parent having a unique origin. | |