blob: 08e7453574bb395de70a1155036f714d63636260 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 341604</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<script>
function ok(condition, msg) {
window.parent.ok_wrapper(condition, msg);
}
function testXHR() {
var xhr = new XMLHttpRequest();
xhr.open("GET", "file_iframe_sandbox_b_if1.html");
xhr.onreadystatechange = function (oEvent) {
var result = false;
if (xhr.readyState == 4) {
if (xhr.status == 200) {
result = true;
}
ok(result, "XHR should work normally in an iframe sandboxed with 'allow-same-origin'");
}
}
xhr.send(null);
}
function doStuff() {
ok(true, "documents sandboxed with 'allow-same-origin' should be able to access their parent");
// should be able to access document.cookie since we have 'allow-same-origin'
ok(document.cookie == "", "a document sandboxed with allow-same-origin should be able to access document.cookie");
// should be able to access localStorage since we have 'allow-same-origin'
ok(window.localStorage, "a document sandboxed with allow-same-origin should be able to access localStorage");
// should be able to access sessionStorage since we have 'allow-same-origin'
ok(window.sessionStorage, "a document sandboxed with allow-same-origin should be able to access sessionStorage");
testXHR();
}
</script>
<body onLoad="doStuff()">
I am sandboxed but with "allow-same-origin" and "allow-scripts"
</body>
</html>
|
