third_party/WebKit/LayoutTests/http/tests/security/cross-frame-access-location-get.html

   1 <html>
   2 <head>
   3     <script src="resources/cross-frame-access.js"></script>
   4     <script>
   5         window.onload = function()
   6         {
   7             if (window.testRunner) {
   8                 testRunner.dumpAsText();
   9                 testRunner.waitUntilDone();
  10             }
  11
  12             window.addEventListener('message', function ()
  13             {
  14                 runTest();
  15                 if (window.testRunner)
  16                     testRunner.notifyDone();
  17             });
  18         }
  19
  20         runTest = function()
  21         {
  22             window.targetWindow = frames[0];
  23
  24             log("\n----- tests for getting window.location's properties -----\n");
  25
  26             shouldBeTrue("canGet('targetWindow.location')");
  27             shouldBe("toString('targetWindow.location', '')", "''");
  28
  29             log("Firefox allows access to 'location.toString' but throws an exception when you call it.");
  30             shouldBeFalse("canGet('targetWindow.location.toString')");
  31             shouldBeTrue("accessThrowsException('targetWindow.location.toString')");
  32
  33             shouldBeFalse("canGet('targetWindow.location.href')");
  34             shouldBeFalse("canGet('targetWindow.location.hash')");
  35             shouldBeFalse("canGet('targetWindow.location.host')");
  36             shouldBeFalse("canGet('targetWindow.location.hostname')");
  37             shouldBeFalse("canGet('targetWindow.location.pathname')");
  38             shouldBeFalse("canGet('targetWindow.location.port')");
  39             shouldBeFalse("canGet('targetWindow.location.protocol')");
  40             shouldBeFalse("canGet('targetWindow.location.reload')");
  41             shouldBeFalse("canGet('targetWindow.location.search')");
  42             shouldBeFalse("canGet('targetWindow.location.existingCustomProperty')");
  43             shouldBeFalse("canGet('targetWindow.location[1]')");
  44
  45             shouldBeTrue("accessThrowsException('targetWindow.location.href')");
  46             shouldBeTrue("accessThrowsException('targetWindow.location.hash')");
  47             shouldBeTrue("accessThrowsException('targetWindow.location.host')");
  48             shouldBeTrue("accessThrowsException('targetWindow.location.hostname')");
  49             shouldBeTrue("accessThrowsException('targetWindow.location.pathname')");
  50             shouldBeTrue("accessThrowsException('targetWindow.location.port')");
  51             shouldBeTrue("accessThrowsException('targetWindow.location.protocol')");
  52             shouldBeTrue("accessThrowsException('targetWindow.location.search')");
  53             shouldBeTrue("accessThrowsException('targetWindow.location.existingCustomProperty')");
  54             shouldBeTrue("accessThrowsException('targetWindow.location[1]')");
  55
  56             shouldBeTrue("canGet('targetWindow.location.assign')");
  57             shouldBeTrue("canGet('targetWindow.location.replace')");
  58
  59         }
  60     </script>
  61 </head>
  62 <body>
  63     <iframe src="http://localhost:8000/security/resources/cross-frame-iframe-for-location-get-test.html"></iframe>
  64     <pre id="console"></pre>
  65 </body>
  66 </html>