blob: 58b73494e11655bdea6e81493e0db453ff52a1b4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
// META: title=Navigation to about:srcdoc, not via srcdoc="", must be blocked
// META: script=../resources/helpers.js
promise_test(async t => {
const iframe = await addSrcdocIframe();
iframe.contentWindow.location = "/common/blank.html";
await waitForIframeLoad(iframe);
iframe.contentWindow.location = "about:srcdoc";
// Fetching "about:srcdoc" should result in a network error, and navigating
// to a network error should produce an opaque-origin page. In particular,
// since the error page should end up being cross-origin to the parent
// frame, `contentDocument` should return `null`.
//
// If instead this results in a message because we re-loaded a srcdoc document
// from the contents of the srcdoc="" attribute, immediately fail.
await Promise.race([
t.step_wait(() => iframe.contentDocument === null),
failOnMessage(iframe.contentWindow)
]);
}, "Navigations to about:srcdoc via window.location must be blocked");
promise_test(async t => {
const iframe = await addSrcdocIframe();
iframe.contentWindow.location = "about:srcdoc?query";
// See the documentation in the above test.
await Promise.race([
t.step_wait(() => iframe.contentDocument === null),
failOnMessage(iframe.contentWindow)
]);
}, "Navigations to about:srcdoc?query via window.location within an " +
"about:srcdoc document must be blocked");
promise_test(async t => {
const iframe = await addSrcdocIframe();
iframe.contentWindow.name = "test_frame";
iframe.contentWindow.location = "/common/blank.html";
await waitForIframeLoad(iframe);
window.open("about:srcdoc", "test_frame");
// See the documentation in the above test.
await Promise.race([
t.step_wait(() => iframe.contentDocument === null),
failOnMessage(iframe.contentWindow)
]);
}, "Navigations to about:srcdoc via window.open() must be blocked");
|