зеркало из https://github.com/mozilla/gecko-dev.git
50 строки
1.5 KiB
HTML
50 строки
1.5 KiB
HTML
<!DOCTYPE HTML>
|
|
<html>
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<title>Test for Bug 341604</title>
|
|
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
|
|
</head>
|
|
<script>
|
|
function ok(condition, msg) {
|
|
window.parent.ok_wrapper(condition, msg);
|
|
}
|
|
|
|
function testXHR() {
|
|
var xhr = new XMLHttpRequest();
|
|
|
|
xhr.open("GET", "file_iframe_sandbox_b_if1.html");
|
|
|
|
xhr.onreadystatechange = function (oEvent) {
|
|
var result = false;
|
|
if (xhr.readyState == 4) {
|
|
if (xhr.status == 200) {
|
|
result = true;
|
|
}
|
|
ok(result, "XHR should work normally in an iframe sandboxed with 'allow-same-origin'");
|
|
}
|
|
}
|
|
|
|
xhr.send(null);
|
|
}
|
|
|
|
function doStuff() {
|
|
ok(true, "documents sandboxed with 'allow-same-origin' should be able to access their parent");
|
|
|
|
// should be able to access document.cookie since we have 'allow-same-origin'
|
|
ok(document.cookie == "", "a document sandboxed with allow-same-origin should be able to access document.cookie");
|
|
|
|
// should be able to access localStorage since we have 'allow-same-origin'
|
|
ok(window.localStorage, "a document sandboxed with allow-same-origin should be able to access localStorage");
|
|
|
|
// should be able to access sessionStorage since we have 'allow-same-origin'
|
|
ok(window.sessionStorage, "a document sandboxed with allow-same-origin should be able to access sessionStorage");
|
|
|
|
testXHR();
|
|
}
|
|
</script>
|
|
<body onLoad="doStuff()">
|
|
I am sandboxed but with "allow-same-origin" and "allow-scripts"
|
|
</body>
|
|
</html>
|