sandbox-inherited-from-initiator-response.html (1629B)
1 <!DOCTYPE html> 2 <meta charset=utf-8> 3 <title>Inherit sandbox flags from the initiator's response</title> 4 <script src="/resources/testharness.js"></script> 5 <script src="/resources/testharnessreport.js"></script> 6 <body> 7 <script> 8 // Check sandbox flags are properly inherited when a document initiate a 9 // navigation inside another frame that it doesn't own directly. 10 11 // This check the sandbox flags defined by the response (e.g. CSP sandbox). See 12 // also the other test about sandbox flags inherited from the frame. 13 // => sandbox-inherited-from-initiators-frame.html 14 15 // Return a promise, resolving when |element| triggers |event_name| event. 16 let future = (element, event_name) => { 17 return new Promise(resolve => { 18 element.addEventListener(event_name, event => resolve(event)) 19 }); 20 }; 21 22 promise_test(async test => { 23 const iframe_1 = document.createElement("iframe"); 24 const iframe_2 = document.createElement("iframe"); 25 26 iframe_1.id = "iframe_1"; 27 iframe_2.id = "iframe_2"; 28 29 iframe_2.src = 30 "./resources/sandbox-inherited-from-initiator-response-helper.html"; 31 32 // Insert |iframe_1|. It will load the initial empty document, with no sandbox 33 // flags. 34 const iframe_1_load_1 = future(iframe_1, "load"); 35 document.body.appendChild(iframe_1); 36 await iframe_1_load_1; 37 38 // Insert |iframe_2|. It will load with sandbox flags. It will make |iframe_1| 39 // to navigate toward a data-url, which should inherit the sandbox flags. 40 const iframe_1_reply = future(window, "message"); 41 document.body.appendChild(iframe_2); 42 const result = await iframe_1_reply; 43 44 assert_equals("sandboxed", result.data); 45 }) 46 </script>