tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

javascript-url-security-check-same-origin-domain.sub.html (854B)


      1 <!DOCTYPE html>
      2 <meta charset="utf-8">
      3 <title>javascript: URL security check for same-origin-domain but not same-origin</title>
      4 <script src="/resources/testharness.js"></script>
      5 <script src="/resources/testharnessreport.js"></script>
      6 
      7 <iframe src="http://{{hosts[][www]}}:{{ports[http][0]}}/html/browsers/browsing-the-web/navigating-across-documents/resources/document-domain-set-to-site.sub.html"></iframe>
      8 <script>
      9 "use strict";
     10 document.domain = "{{host}}";
     11 
     12 setup({ explicit_done: true });
     13 
     14 window.onload = () => {
     15  async_test(t => {
     16    assert_equals(frames[0].document.body.textContent, "", "before");
     17 
     18    window.onmessage = t.step_func_done(() => {
     19      assert_equals(frames[0].document.body.textContent, "new", "after");
     20    });
     21 
     22    frames[0].location.href = "javascript:parent.postMessage('done', '*'); 'new';";
     23  });
     24  done();
     25 };
     26 </script>