File: sandbox-disallow-same-origin.html

package info (click to toggle)

thunderbird 1%3A115.16.0esr-1~deb12u1

links: PTS, VCS
area: main
in suites: bookworm
size: 3,476,252 kB
sloc: cpp: 6,972,150; javascript: 5,209,211; ansic: 3,507,222; python: 1,137,609; asm: 432,531; xml: 205,149; java: 175,761; sh: 116,485; makefile: 22,152; perl: 13,971; objc: 12,561; yacc: 4,583; pascal: 2,840; lex: 1,720; ruby: 1,075; exp: 762; sql: 666; awk: 580; php: 436; lisp: 430; sed: 70; csh: 10

file content (35 lines) | stat: -rw-r--r-- 1,200 bytes

parent folder | download | duplicates (26)

<!DOCTYPE html>
<html>
  <head>
    <title>Access to sandbox iframe</title>
    <link rel="author" title="Kinuko Yasuda" href="mailto:kinuko@chromium.org">
    <link rel="help" href="https://html.spec.whatwg.org/multipage/#sandboxed-origin-browsing-context-flag">
    <link rel="help" href="https://html.spec.whatwg.org/multipage/#integration-with-idl">
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
  </head>

  <body>
    <h1>Access to sandbox iframe</h1>
    <script type="text/javascript">
      var t = async_test("Access to sandbox iframe is disallowed")
      var called = 0;
      function calledFromIframe() {
        called++;
      }
      function loaded() {
        t.step(() => {
          assert_throws_dom("SecurityError", () => {
            document.getElementById('sandboxedframe').contentWindow.document;
          });
          assert_equals(called, 0);
          t.done();
        });
      }
    </script>

    <iframe src="/html/browsers/sandboxing/inner-iframe.html" style="visibility:hidden;display:none" sandbox id="sandboxedframe" onload="loaded();"></iframe>
  </body>

    <div id="log"></div>
</html>