test_sandbox_allow_scripts.html (953B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <title>Bug 1396320: Fix CSP sandbox regression for allow-scripts</title> 5 <script src="/tests/SimpleTest/SimpleTest.js"></script> 6 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> 7 </head> 8 <body> 9 <iframe style="width:100%;" id="testframe"></iframe> 10 <script class="testbody" type="text/javascript"> 11 12 /* Description of the test: 13 * Load an iframe using a CSP of 'sandbox allow-scripts' and make sure 14 * the security context of the iframe is sandboxed (cross origin) 15 */ 16 SimpleTest.waitForExplicitFinish(); 17 18 window.addEventListener("message", receiveMessage); 19 function receiveMessage(event) { 20 is(event.data.result, "", 21 "document.domain of sandboxed iframe should be opaque"); 22 window.removeEventListener("message", receiveMessage); 23 SimpleTest.finish(); 24 } 25 26 let testframe = document.getElementById("testframe"); 27 testframe.src = "file_sandbox_allow_scripts.html"; 28 29 </script> 30 </body> 31 </html>