File: sandbox-disallow-same-origin.html

package info (click to toggle)

thunderbird 1%3A143.0.1-1

links: PTS, VCS
area: main
in suites: experimental
size: 4,703,968 kB
sloc: cpp: 7,770,492; javascript: 5,943,842; ansic: 3,918,754; python: 1,418,263; xml: 653,354; asm: 474,045; java: 183,079; sh: 111,238; makefile: 20,410; perl: 14,359; objc: 13,059; yacc: 4,583; pascal: 3,405; lex: 1,720; ruby: 999; exp: 762; sql: 715; awk: 580; php: 436; lisp: 430; sed: 69; csh: 10

file content (35 lines) | stat: -rw-r--r-- 1,200 bytes

parent folder | download | duplicates (26)

<!DOCTYPE html>
<html>
  <head>
    <title>Access to sandbox iframe</title>
    <link rel="author" title="Kinuko Yasuda" href="mailto:kinuko@chromium.org">
    <link rel="help" href="https://html.spec.whatwg.org/multipage/#sandboxed-origin-browsing-context-flag">
    <link rel="help" href="https://html.spec.whatwg.org/multipage/#integration-with-idl">
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
  </head>

  <body>
    <h1>Access to sandbox iframe</h1>
    <script type="text/javascript">
      var t = async_test("Access to sandbox iframe is disallowed")
      var called = 0;
      function calledFromIframe() {
        called++;
      }
      function loaded() {
        t.step(() => {
          assert_throws_dom("SecurityError", () => {
            document.getElementById('sandboxedframe').contentWindow.document;
          });
          assert_equals(called, 0);
          t.done();
        });
      }
    </script>

    <iframe src="/html/browsers/sandboxing/inner-iframe.html" style="visibility:hidden;display:none" sandbox id="sandboxedframe" onload="loaded();"></iframe>
  </body>

    <div id="log"></div>
</html>