1 files changed, 33 insertions, 0 deletions

diff --git a/browser/components/originattributes/test/browser/file_windowOpenerRestrictionTarget.html b/browser/components/originattributes/test/browser/file_windowOpenerRestrictionTarget.html
new file mode 100644
index 0000000000..5a14834897
--- /dev/null
+++ b/browser/components/originattributes/test/browser/file_windowOpenerRestrictionTarget.html
@@ -0,0 +1,33 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta http-equiv="content-type" content="text/html; charset=utf-8">
+  <title>title not set</title>
+  <script>
+    // If the query string is given, we are expecting the window.opener can be accessed
+    // across different first party domains, so we will match the cookie value.
+    // Otherwise, the access of window.opener should be treated as cross-origin.
+    // Therefore, it should fail at this setting.
+    let openerRestriction = true;
+    let cookieValue;
+    if (window.location.search.length) {
+      cookieValue = window.location.search.substr(1);
+      openerRestriction = false;
+    }
+
+    try {
+      let openerFrame = window.opener.frames.child;
+      let result = openerFrame.document.cookie === cookieValue;
+      if (result && !openerRestriction) {
+        document.title = "pass";
+      }
+    } catch (e) {
+      if (openerRestriction) {
+        document.title = "pass";
+      }
+    }
+  </script>
+</head>
+<body>
+</body>
+</html>