postMessage_origin_mismatch_xorigin.sub.htm (1658B)
1 <!DOCTYPE html> 2 <html> 3 <head> 4 <title> Cross-origin: Origin of the target window doesn't match the given origin </title> 5 <script src="/resources/testharness.js"></script> 6 <script src="/resources/testharnessreport.js"></script> 7 </head> 8 <body> 9 <div id=log></div> 10 11 <div style="display:none"> 12 <iframe width="70%" onload="PostMessageTest()" src="{{location[scheme]}}://{{domains[www1]}}:{{location[port]}}/webmessaging/support/ChildWindowPostMessage.htm"></iframe> 13 </div> 14 15 <script> 16 17 18 var description = "Test Description: " + 19 "Cross-origin: If the origin of the target window doesn't match the given origin, " + 20 "the message is discarded."; 21 22 var t = async_test(description); 23 24 var PORT = location.port !== "" ? ":" + location.port : ""; 25 var TARGET = document.querySelector("iframe"); 26 var XORIGIN = "{{location[scheme]}}://{{domains[www1]}}" + PORT; 27 var SORIGIN = "{{location[scheme]}}://{{host}}" + PORT; 28 var ExpectedResult = ["#0", XORIGIN, "#3", XORIGIN]; 29 var ActualResult = []; 30 31 function PostMessageTest() 32 { 33 TARGET.contentWindow.postMessage("#0", XORIGIN); 34 TARGET.contentWindow.postMessage("#1", "http://www.invalid-domain.com"); 35 TARGET.contentWindow.postMessage("#2", SORIGIN); 36 TARGET.contentWindow.postMessage("#3", "*"); 37 } 38 39 window.onmessage = t.step_func(function(e) 40 { 41 ActualResult.push(e.data, e.origin); 42 43 if (ActualResult.length >= ExpectedResult.length) 44 { 45 assert_array_equals(ActualResult, ExpectedResult, "ActualResult"); 46 t.done(); 47 } 48 }); 49 </script> 50 </body> 51 </html>