summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/content-security-policy/frame-src/frame-src-sandboxed-allowed.html
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/content-security-policy/frame-src/frame-src-sandboxed-allowed.html')
-rw-r--r--testing/web-platform/tests/content-security-policy/frame-src/frame-src-sandboxed-allowed.html29
1 files changed, 29 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/frame-src/frame-src-sandboxed-allowed.html b/testing/web-platform/tests/content-security-policy/frame-src/frame-src-sandboxed-allowed.html
new file mode 100644
index 0000000000..419a14458b
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-src/frame-src-sandboxed-allowed.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <title>Frame-src: 'self' matches even if the parent's origin is unique.</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ </head>
+ <body>
+ <script>
+ var t = async_test('SubframeLoaded');
+
+ window.addEventListener('securitypolicyviolation', t.step_func(function(e) {
+ if (e.violatedDirective === "frame-src") {
+ assert_unreached('unexpected securitypolicyviolation');
+ t.done();
+ }
+ }));
+
+ window.addEventListener("message", t.step_func(function(event) {
+ assert_equals(event.data, "PASS", 'unexpected message: ' + event.data);
+ t.done();
+ }));
+
+ f = document.createElement("iframe");
+ f.src = "/content-security-policy/support/postmessage-pass.html";
+ document.body.appendChild(f);
+ </script>
+ </body>
+</html>