<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script>
function logFailure(message) {
window.top.postMessage(message, "*");
}
function done() {
window.top.postMessage("DONE", "*");
}
function testXHRDenied()
{
var f = document.getElementById("f");
// Check that access to an empty iframe allowed.
f.contentDocument.body.innerHTML = "Successful write into iframe";
xhr = new XMLHttpRequest();
xhr.open("GET", "../xmlhttprequest-no-file-access-expected.txt");
xhr.onload = () => {
logFailure("Bad: XHR didn't throw exception");
done();
};
xhr.onerror = (e) => {
try {
window.top.document.body;
logFailure("Bad: DOM access didn't throw exception");
} finally {
done();
}
};
xhr.send("");
}
</script>
</head>
<body onload="testXHRDenied()">
<iframe id="f"></iframe>
</body>
</html>