1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
<!DOCTYPE html>
<title>Fenced frame disallowed navigations with potentially-dangling markup</title>
<meta name="timeout" content="long">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="/common/utils.js"></script>
<script src="resources/utils.js"></script>
<script src="/fetch/local-network-access/resources/support.sub.js"></script>
<script src="resources/dangling-markup-helper.js"></script>
<body>
<script>
// These tests assert that fenced frames cannot be navigated to HTTPs URLs
// with dangling markup.
for (const substring of kDanglingMarkupSubstrings) {
promise_test(async t => {
const key = token();
let url_string = generateURL("resources/embeddee.html?blocked", [key]).toString();
url_string = url_string.replace("blocked", substring);
const fencedframe = attachFencedFrame(url_string);
const loaded_promise = nextValueFromServer(key);
const result = await Promise.any([loaded_promise, getTimeoutPromise(t)]);
assert_equals(result, "NOT LOADED");
}, `fenced frame dangling-markup URL with '${substring}'`);
}
</script>
</body>
|
