blob: cdb65701dcec1064d70879ac68045fdeab1acd72 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
<html>
<head>
<script src="../js/resources/js-test-pre.js"></script>
<script>
if (window.layoutTestController)
window.layoutTestController.dumpAsText();
var disallowedExecuted = 0;
var allowedExecuted = 0;
window.onload = function()
{
shouldBe("disallowedExecuted", "0");
shouldBe("allowedExecuted", "3");
isSuccessfullyParsed();
}
</script>
</head>
<body>
<iframe sandbox="allow-same-origin allow-scripts"
src="javascript: ++window.top.allowedExecuted;">
</iframe>
<iframe sandbox="allow-same-origin allow-scripts"
src="data:text/html,<script> alert('PASS: Executed script in data URL'); </script>">
</iframe>
<iframe sandbox="allow-same-origin"
src="javascript: ++window.top.disallowedExecuted;">
</iframe>
<iframe sandbox="allow-same-origin"
src="data:text/html,<script> alert('FAIL: Executed script without allow-scripts in data URL'); </script>">
</iframe>
<iframe id="frame" src="resources/sandboxed-iframe-script-dynamic.html">
</iframe>
<script>
description("Verify that sandboxed frames with sandbox="allow-scripts" can execute scripts, "
+ "but other sandboxed frames cannot. Also verify that removing the "
+ "sandbox="allow-scripts" attribute at runtime prevents new scripts from launching, "
+ "but existing ones keep running.");
</script>
</body>
</html>
|
