tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

sandbox-ascii-case-insensitive.html (1494B)

      1 <!DOCTYPE html>
      2 <meta charset="utf-8">
      3 <title>iframe 'sandbox' ASCII case insensitive</title>
      4 <link rel="help" href="https://html.spec.whatwg.org/multipage/#attr-iframe-sandbox">
      5 <script src="/resources/testharness.js"></script>
      6 <script src="/resources/testharnessreport.js"></script>
      7 <body>
      8 <script>
      9 async_test(function(t) {
     10  let iframe = document.createElement('iframe');
     11  iframe.setAttribute('sandbox', 'allow-same-or\u0130gin');
     12  iframe.setAttribute('hidden', '');
     13 
     14  assert_true(iframe.sandbox.supports('allow-same-origin'), 'supports the allow-same-origin token');
     15 
     16  iframe.src = 'support/blank.htm';
     17  iframe.onload = t.step_func_done(function() {
     18    try {
     19      assert_equals(iframe.contentDocument, null, 'child document not reachable');
     20    } catch (e) {
     21      // The assert_equals throwing is a pass.
     22    }
     23  });
     24  document.body.appendChild(iframe);
     25 }, document.title + ', allow-same-or\u0130gin');
     26 
     27 async_test(function(t) {
     28  let iframe = document.createElement('iframe');
     29  iframe.setAttribute('sandbox', 'allow-\u017Fcripts');
     30  iframe.setAttribute('hidden', '');
     31 
     32  assert_true(iframe.sandbox.supports('allow-scripts'), 'supports the allow-scripts token');
     33 
     34  window.onmessage = t.unreached_func('no scripts should run in the iframe');
     35  iframe.src = 'support/sandbox_allow_script.html';
     36  iframe.onload = t.step_func(function() {
     37    t.step_timeout(t.step_func_done(), 100);
     38  });
     39  document.body.appendChild(iframe);
     40 }, document.title + ', allow-\u017Fcripts');
     41 </script>