about-blank-iframe.html (1067B)
1 <!doctype html> 2 <html> 3 <head> 4 <title>about:blank in child browsing context aliases security origin</title> 5 <script src="/resources/testharness.js"></script> 6 <script src="/resources/testharnessreport.js"></script> 7 </head> 8 <body> 9 <script> 10 test(() => { 11 let iframe = document.createElement('iframe'); 12 document.body.appendChild(iframe); 13 // Should not throw: srcdoc should always be same-origin. 14 iframe.contentWindow.document.body.innerHTML = '<p>Hello world!</p>'; 15 16 // Explicitly set `domain` component of origin: any other same-origin 17 // browsing contexts are now cross-origin unless they also explicitly 18 // set document.domain to the same value. 19 document.domain = document.domain; 20 // Should not throw: the origin should be aliased, so setting 21 // document.domain in one Document should affect both Documents. 22 assert_equals( 23 iframe.contentWindow.document.body.textContent, 24 'Hello world!'); 25 }); 26 </script> 27 </body> 28 </html>