diff options
Diffstat (limited to 'testing/web-platform/tests/html/browsers/history/the-location-interface/location-prototype-setting-cross-origin-domain.sub.html')
| -rw-r--r-- | testing/web-platform/tests/html/browsers/history/the-location-interface/location-prototype-setting-cross-origin-domain.sub.html | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/testing/web-platform/tests/html/browsers/history/the-location-interface/location-prototype-setting-cross-origin-domain.sub.html b/testing/web-platform/tests/html/browsers/history/the-location-interface/location-prototype-setting-cross-origin-domain.sub.html new file mode 100644 index 0000000000..1e677b0365 --- /dev/null +++ b/testing/web-platform/tests/html/browsers/history/the-location-interface/location-prototype-setting-cross-origin-domain.sub.html @@ -0,0 +1,31 @@ +<!DOCTYPE html> +<meta charset="utf-8"> +<title>[[SetPrototypeOf]] on a Location object should not allow changing its value: cross-origin via document.domain</title> +<link rel="help" href="http://html.spec.whatwg.org/multipage/#location-setprototypeof"> +<link rel="author" title="Domenic Denicola" href="mailto:d@domenic.me"> + +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/test-setting-immutable-prototype.js"></script> + +<iframe src="/common/domain-setter.sub.html"></iframe> + +<script> +"use strict"; +// This page does *not* set document.domain, so it's cross-origin with the iframe +setup({ explicit_done: true }); + +window.onload = () => { + const targetLocation = frames[0].location; + const origProto = Object.getPrototypeOf(targetLocation); + + test(() => { + assert_equals(Object.getPrototypeOf(targetLocation), null); + }, "Cross-origin via document.domain: the prototype is null"); + + testSettingImmutablePrototype("Cross-origin via document.domain", targetLocation, origProto, + { isSameOriginDomain: false }); + + done(); +}; +</script> |